Re: [qmailtoaster] Connected to ip but connection died. 4.4.2
seeing the exact problem here from one particular domain, started some weeks ago... my server says: tcpserver: pid 15053 from 89.20.252.149 tcpserver: ok 15053 blue:10.0.0.7:25 :89.20.252.149::4609 tcpserver: status: 4/100 the email transcript: Attempting SMTP connection to [jforce.no] Resolving MX records for [jforce.no] (DNS Server: 89.20.252.130)... * P=000 S=000 D=jforce.no TTL=(60) MX=[jforce.no] {84.234.141.2} Attempting SMTP connection to [84.234.141.2:25] Waiting for socket connection... Connection established (89.20.252.149:3324 - 84.234.141.2:25) Waiting for protocol to start... * Error: 60 second wait for protocol timeout exceeded This message is 61 minutes old; it has 0 minutes left in this queue Remote queue lifetime exceeded; message placed in retry queue anyone have any suggestions? can't find anything in the logs that indicate problems :/ On Tue, Nov 3, 2009 at 3:02 AM, jim jackson jakson@gmail.com wrote: Hey guys, My server can send mail without any problem and receive mail from gmail, hotmail, yahoo etc however I'm having trouble receiving mail from my other domain which is hosted by another company. Anyone have advice on how to troubleshoot error: Connected to ip but connection died. 4.4.2. -- /** kjetil */ - Kjetil H.Paulsen | Movegen 35, 2770 Jaren, Norway kje...@java.no | Cell: +47 95138757 kjetil.paul...@gmail.com | http://gofaster.no - -Many secrets of art and nature are thought by the unlearned to be magical-
Re: [qmailtoaster] DKIM Error
Dear Jake, I have changed my config file qmail-remote as follows: dkimsign !-- per default sign all mails using dkim -- global algorithm=rsa-sha256 domain=/var/qmail/control/me keyfile=/var/qmail/control/dkim/global.key method=simple selector=dkim1 types id=dkim / /global !-- use dkim + domainkey for example.com -- gnvfc.net selector=dkim1 types id=dkim / types id=domainkey method=nofws / /gnvfc.net nprocure.com selector=dkim1 types id=dkim / types id=domainkey method=nofws / /nprocure.com npay.in selector=dkim1 types id=dkim / types id=domainkey method=nofws / /npay.in ncode.in selector=dkim1 types id=dkim / types id=domainkey method=nofws / /ncode.in !-- no signing for example2.com -- example2.com / /dkimsign But I have another issue now. Before install dkim i was already using DomainKeys and have a folder for domain in keys in my control dir and it was working fine till the day I installed DKIM. now my mails are getting singed twice for domainkeys after putting new qmail-remote file. Received-SPF: pass (google.com: domain of acali...@gnvfc.net designates 203.77.193.20 as permitted sender) client-ip=203.77.193.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of acali...@gnvfc.net designates 203.77.193.20 as permitted sender) smtp.mail=acali...@gnvfc.net; dkim=neutral (no key) header...@gnvfc.net DomainKey-Signature: a=rsa-sha1; c=nofws; d=gnvfc.net; h=message-id :reply-to:from:to:cc:subject:date:mime-version:content-type; q= dns; s=dkim1; b=oPBhLaC3ThBMUn8wFl4ZFpJYlqdXplzczaVB1iESxqGLGIUR vkmItNyTFpuMtFtMrzfFQ4oqNEXMZ96dIfKbCPCQYdpvA7BgkqhZvzTOkYoZIPcT oWPvmfhjT3T4n+aLwThDBn/QLNWbRccoObaYFBqEJwWeY5fxPbo0peZbY70= DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=gnvfc.net; h=message-id :reply-to:from:to:cc:subject:date:mime-version:content-type; s= dkim1; bh=iHUq0zWCNvVWpMdk41w7F+GJs8A=; b=lNVvKsVPYpDjDvGO5M3ib7 +ITzHwjluyLcDzy0DLiNvv3mmYuqSUJB72keCx5W5TJaKPJRtAkDSSxKP7vTyUB6 9/Xx2sQilYSGFXuhmWt2gGDBSyDd9g3ftSF2HlYEFr3CA48cr/wgLk60NsDQHB0x iQDnbl7kfjVGoFo4R64Pc= Received: (qmail 11637 invoked by uid 89); 3 Nov 2009 07:58:09 - Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=gnvfc.net; b=2gAcG+kbzh8Etw72xpd/pQzg1uMKJ0ucro5sqtM3TSdK4eIM45uBC9/K3OlPthBbbhFzIDdxRnWIinELV6SHxx6UuYpd9fkwAoyvGkI/WbRSu0hJGCrYDAJjTFqm0gxShkolKzL4rJv9qRS4k2HzQAZGNtspZ5SJqyiumIyVFoE=; Received: by simscan 1.4.0 ppid: 11631, pid: 11633, t: 0.0337s scanners: attach: 1.4.0 clamav: 0.95.2/m:51/d:9979 Received: from unknown (HELO ANIL) (acali...@gnvfc.net@203.77.193.110) How can discard old domainkeys not to sign mails instead use DIKM+Domainkeys config. As I have used types id=domainkey method=nofws/ in the above config that means same keys will be used for DomainKeys as well, if i am wrong and old domainkeys will not be used in this case. To achieve the same i removed below mentioned line from tcp.smtp DKSIGN=/var/qmail/control/domainkeys/%/private But after removinTimes New Romang this line fTimes New Romanrom Times New Romantcp.smtp my clients unable to deliver mails with an error saying that it cannot read the key file to sign the mail. - Original Message - From: Anil Aliyan To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, November 03, 2009 1:01 PM Subject: Re: [qmailtoaster] DKIM Error Dear Jake, I am ready to provide all the details, please let me know what information or config file you want to provide to you. use strict; use warnings; our $VERSION = '0.2'; use Mail::DKIM 0.29; use Mail::DKIM::Signer; # enable support for pretty signatures, if available eval 'require Mail::DKIM::TextWrap'; =head config file structure - missing settings will be merged from the global-node - domain-entry will also match its subdomains - create empty domain-node to omit signing (or specify none as id) dkimsign !-- per default sign all mails using dkim -- global algorithm=rsa-sha256 domain=/var/qmail/control/me keyfile=/var/qmail/control/dkim/global.key method=simple selector=beta types id=dkim / /global !-- use dkim + domainkey for example.com -- example.com selector=beta2 types id=dkim / types id=domainkey method=nofws / /example.com !-- no signing for example2.com -- example2.com / /dkimsign =cut my $configfile = undef; $configfile = '/var/qmail/control/dkim/signconf.xml'; my $debugfile = undef; #$debugfile = '/tmp/dkim.debug'; my $qremote = '/var/qmail/bin/qmail-remote.orig'; my $binary = 0; our $config; $config-{'global'} = { types = { dkim = {} }, keyfile = '/var/qmail/control/dkim/global.key', algorithm = 'rsa-sha256', method = 'simple', selector = 'beta', # either string or file (first line of file will be used) domain = '/var/qmail/control/me' }; #---
[qmailtoaster] DKIM Error (Please ignore last mail)
Dear Jake, I have changed my config file qmail-remote as follows: dkimsign !-- per default sign all mails using dkim -- global algorithm=rsa-sha256 domain=/var/qmail/control/me keyfile=/var/qmail/control/dkim/global.key method=simple selector=dkim1 types id=dkim / /global !-- use dkim + domainkey for example.com -- gnvfc.net selector=dkim1 types id=dkim / types id=domainkey method=nofws / /gnvfc.net nprocure.com selector=dkim1 types id=dkim / types id=domainkey method=nofws / /nprocure.com npay.in selector=dkim1 types id=dkim / types id=domainkey method=nofws / /npay.in ncode.in selector=dkim1 types id=dkim / types id=domainkey method=nofws / /ncode.in !-- no signing for example2.com -- example2.com / /dkimsign But I have another issue now. Before install dkim i was already using DomainKeys and have a folder for domain in keys in my control dir and it was working fine till the day I installed DKIM. now my mails are getting singed twice for domainkeys after putting new qmail-remote file. Authentication-Results: mx.google.com; spf=pass (google.com: domain of acali...@gnvfc.net designates 203.77.193.20 as permitted sender) smtp.mail=acali...@gnvfc.net; dkim=neutral (no key) header...@gnvfc.net DomainKey-Signature: a=rsa-sha1; c=nofws; d=gnvfc.net; h=message-id :reply-to:from:to:cc:subject:date:mime-version:content-type; q= dns; s=dkim1; b=oPBhLaC3ThBMUn8wFl4ZFpJYlqdXplzczaVB1iESxqGLGIUR vkmItNyTFpuMtFtMrzfFQ4oqNEXMZ96dIfKbCPCQYdpvA7BgkqhZvzTOkYoZIPcT oWPvmfhjT3T4n+aLwThDBn/QLNWbRccoObaYFBqEJwWeY5fxPbo0peZbY70= DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=gnvfc.net; h=message-id :reply-to:from:to:cc:subject:date:mime-version:content-type; s= dkim1; bh=iHUq0zWCNvVWpMdk41w7F+GJs8A=; b=lNVvKsVPYpDjDvGO5M3ib7 +ITzHwjluyLcDzy0DLiNvv3mmYuqSUJB72keCx5W5TJaKPJRtAkDSSxKP7vTyUB6 9/Xx2sQilYSGFXuhmWt2gGDBSyDd9g3ftSF2HlYEFr3CA48cr/wgLk60NsDQHB0x iQDnbl7kfjVGoFo4R64Pc= Received: (qmail 11637 invoked by uid 89); 3 Nov 2009 07:58:09 - DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=gnvfc.net; b=2gAcG+kbzh8Etw72xpd/pQzg1uMKJ0ucro5sqtM3TSdK4eIM45uBC9/K3OlPthBbbhFzIDdxRnWIinELV6SHxx6UuYpd9fkwAoyvGkI/WbRSu0hJGCrYDAJjTFqm0gxShkolKzL4rJv9qRS4k2HzQAZGNtspZ5SJqyiumIyVFoE=; Received: by simscan 1.4.0 ppid: 11631, pid: 11633, t: 0.0337s scanners: attach: 1.4.0 clamav: 0.95.2/m:51/d:9979 Received: from unknown (HELO ANIL) (acali...@gnvfc.net@203.77.193.110) How can discard old domainkeys not to sign mails instead use DIKM+Domainkeys config. As I have used types id=domainkey method=nofws/ in the above config that means same keys will be used for DomainKeys as well, if i am wrong and old domainkeys will not be used in this case. To achieve the same i removed below mentioned line from tcp.smtp DKSIGN=/var/qmail/control/domainkeys/%/private But after removing this line from tcp.smtp my clients are unable to deliver mails with an server side error saying that it cannot read the key file to sign the mail. Regards, Anil Aliyan - Original Message - From: Anil Aliyan To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, November 03, 2009 1:01 PM Subject: Re: [qmailtoaster] DKIM Error Dear Jake, I am ready to provide all the details, please let me know what information or config file you want to provide to you. use strict; use warnings; our $VERSION = '0.2'; use Mail::DKIM 0.29; use Mail::DKIM::Signer; # enable support for pretty signatures, if available eval 'require Mail::DKIM::TextWrap'; =head config file structure - missing settings will be merged from the global-node - domain-entry will also match its subdomains - create empty domain-node to omit signing (or specify none as id) dkimsign !-- per default sign all mails using dkim -- global algorithm=rsa-sha256 domain=/var/qmail/control/me keyfile=/var/qmail/control/dkim/global.key method=simple selector=beta types id=dkim / /global !-- use dkim + domainkey for example.com -- example.com selector=beta2 types id=dkim / types id=domainkey method=nofws / /example.com !-- no signing for example2.com -- example2.com / /dkimsign =cut my $configfile = undef; $configfile = '/var/qmail/control/dkim/signconf.xml'; my $debugfile = undef; #$debugfile = '/tmp/dkim.debug'; my $qremote = '/var/qmail/bin/qmail-remote.orig'; my $binary = 0; our $config; $config-{'global'} = { types = { dkim = {} }, keyfile = '/var/qmail/control/dkim/global.key', algorithm = 'rsa-sha256', method = 'simple', selector = 'beta', # either string or file (first line of file will be used) domain = '/var/qmail/control/me' }; #--- # read config file. safely if (defined($configfile) -r $configfile) { eval 'use XML::Simple'; if (!$@) { my $xmlconf; eval { $xmlconf = XMLin($configfile, ForceArray = ['types'], KeyAttr = ['id']); }; qexit_deferral('Unable to read config file: ', $@) if ($@); ConfigMerge::merge($config,
[qmailtoaster] Only to allow specified domains.
Hi. I need to block that certain users only could send to a few specific domains. There is some way of doing it? Thanks! -- Un saludo, Arturo.
[qmailtoaster] Spam Help Plz
Hello all, Im using qmailtoaster two years a go, and i`m very satisfied... some days a go my users receiving lots of spams, Tagged in subjects (spamassassin) or not. What could I be making to get better? Actually im using Qmailtoaster + Spamdyke with greylist. Excuse for english. My confs below: cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT= 192.168.1.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJ Kfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 xxx.xx.xx.xx:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJKfh,QMAILQUE UE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIG N=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:.wmv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dwr:.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt cat /etc/spamdyke/spamdyke.conf # rbl dns-blacklist-entry=bl.spamcop.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=dnsbl.sorbs.net dns-blacklist-entry=bogons.cymru.com dns-blacklist-entry=ix.dnsbl.manitu.net dns-blacklist-entry=cbl.abuseat.org dns-blacklist-entry=dnsbl.njabl.org # graylist #graylist-dir=/etc/spamdyke/graylist.d graylist-dir=/home/vpopmail/graylist.d graylist-level=always graylist-max-secs=2678400 graylist-min-secs=180 greeting-delay-secs=5 local-domains-file=/var/qmail/control/rcpthosts #log-level=debug log-level=info log-target=syslog #log-target=stderr max-recipients=50 #policy-url=http://my.policy.explanation.url/ reject-empty-rdns #reject-ip-in-cc-rdns reject-missing-sender-mx reject-unresolvable-rdns tls-certificate-file=/var/qmail/control/servercert.pem # blacklist and whitelist ip ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-whitelist-file=/etc/spamdyke/whitelist_ip # blacklist and whitelist keywords ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords # blacklist and whitelist senders sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders # blacklist and whitelist rdns rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns # whitelist dns dns-whitelist-file=/etc/spamdyke/whitelist_dns # blacklist and whitelist recipients recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Installing qmailtoaster / SSL
Hi all, I successfully installed the qmailtoaster and am very happy so far. Now, I have a few questions that I need some help with. So if anyone knows how to do this or can point me to good documentation I would really appreciate the help. I have installed a SSL certificate and got it working for apache, courier and qmail. Now, is it possible to enforce use of encryption for IMAP, POP3 and SMTP for everyone not on localhost - e.g. it would be silly to have horde/imp (installed on same server) to use STMP or IMAP over ssl, but everyone not working on webmail should have to. Also, how would I go about enforcing the management webpages (qcontrol et al) and the webmail (I use horde instead of squirrel) to only use https? right now I can access them in both ways and I would like any attempt to access those sites without encryption to jump to https:// xyz instead. I would like everyone of my roaming users to always use the submission port 587 (and ssl). Can that be enforced, too? Thanks a lot for the help! Martin -- The whole modern world has divided itself into Conservatives and Progressives. The business of Progressives is to go on making mistakes. The business of the Conservatives is to prevent the mistakes from being corrected. Gilbert K. Chesterton - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: duplicate email from ezmlm
PakOgah wrote: Dear All (especially Jake/Eric), this list once got problem with duplicate email from ezmlm, I would to know how to resolved it (Jake/Eric please?) because it seem my server (ezmlm) sent duplicate email to milist members some solutions I found on mail-archive.com - I need to free some memory - I need to reinstall updated simscan (as I am only installing newer clamav/sa but never w/ simscan) I can't do re-installing the server as it can cause longer downtime to my users You should be using qtp-newmodel to do updates. Down time is only a matter of a couple minutes. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Only to allow specified domains.
Arturo Penén Gómez wrote: Hi. I need to block that certain users only could send to a few specific domains. There is some way of doing it? Thanks! -- Un saludo, Arturo. eMPF is designed to do this sort of thing, and it's included in recent toaster versions. I don't use it myself, so don't know for sure off hand if it can do exactly this or not. Perhaps an eMPF toaster user out there can lend a hand with your configuration. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Connected to ip but connection died. 4.4.2
If you're using spamdyke, turn on detailed logging. It'll show you the details of the incoming smtp session. It's slick because each session gets logged in its own file. Otherwise, you can use recordio, which logs all details into the smtp log. Search the list archives for how to set that up. I highly recommend the spamdyke route. ;) Kjetil Paulsen wrote: seeing the exact problem here from one particular domain, started some weeks ago... my server says: tcpserver: pid 15053 from 89.20.252.149 tcpserver: ok 15053 blue:10.0.0.7:25 http://10.0.0.7:25 :89.20.252.149::4609 tcpserver: status: 4/100 the email transcript: Attempting SMTP connection to [jforce.no http://jforce.no/] Resolving MX records for [jforce.no http://jforce.no/] (DNS Server: 89.20.252.130)... * P=000 S=000 D=jforce.no http://jforce.no/ TTL=(60) MX=[jforce.no http://jforce.no/] {84.234.141.2} Attempting SMTP connection to [84.234.141.2:25 http://84.234.141.2:25/] Waiting for socket connection... Connection established (89.20.252.149:3324 http://89.20.252.149:3324/ - 84.234.141.2:25 http://84.234.141.2:25/) Waiting for protocol to start... * Error: 60 second wait for protocol timeout exceeded This message is 61 minutes old; it has 0 minutes left in this queue Remote queue lifetime exceeded; message placed in retry queue anyone have any suggestions? can't find anything in the logs that indicate problems :/ On Tue, Nov 3, 2009 at 3:02 AM, jim jackson jakson@gmail.com mailto:jakson@gmail.com wrote: Hey guys, My server can send mail without any problem and receive mail from gmail, hotmail, yahoo etc however I'm having trouble receiving mail from my other domain which is hosted by another company. Anyone have advice on how to troubleshoot error: Connected to ip but connection died. 4.4.2. -- /** kjetil */ - Kjetil H.Paulsen | Movegen 35, 2770 Jaren, Norway kje...@java.no mailto:kje...@java.no | Cell: +47 95138757 kjetil.paul...@gmail.com mailto:kjetil.paul...@gmail.com | http://gofaster.no - -Many secrets of art and nature are thought by the unlearned to be magical- -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Only to allow specified domains.
I`m using eMPF. You can use this link: http://www.qmailwiki.org/EMPF Rafael Eric Shubert escreveu: Arturo Penén Gómez wrote: Hi. I need to block that certain users only could send to a few specific domains. There is some way of doing it? Thanks! -- Un saludo, Arturo. eMPF is designed to do this sort of thing, and it's included in recent toaster versions. I don't use it myself, so don't know for sure off hand if it can do exactly this or not. Perhaps an eMPF toaster user out there can lend a hand with your configuration. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Spam Help Plz
Rafael Andrade wrote: Hello all, Im using qmailtoaster two years a go, and i`m very satisfied... some days a go my users receiving lots of spams, Tagged in subjects (spamassassin) or not. What could I be making to get better? Actually im using Qmailtoaster + Spamdyke with greylist. Excuse for english. My confs below: cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT= 192.168.1.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJ Kfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 xxx.xx.xx.xx:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJKfh,QMAILQUE UE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIG N=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:.wmv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dwr:.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt cat /etc/spamdyke/spamdyke.conf # rbl dns-blacklist-entry=bl.spamcop.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=dnsbl.sorbs.net dns-blacklist-entry=bogons.cymru.com dns-blacklist-entry=ix.dnsbl.manitu.net dns-blacklist-entry=cbl.abuseat.org dns-blacklist-entry=dnsbl.njabl.org # graylist #graylist-dir=/etc/spamdyke/graylist.d graylist-dir=/home/vpopmail/graylist.d graylist-level=always graylist-max-secs=2678400 graylist-min-secs=180 greeting-delay-secs=5 local-domains-file=/var/qmail/control/rcpthosts #log-level=debug log-level=info log-target=syslog #log-target=stderr max-recipients=50 #policy-url=http://my.policy.explanation.url/ reject-empty-rdns #reject-ip-in-cc-rdns reject-missing-sender-mx reject-unresolvable-rdns tls-certificate-file=/var/qmail/control/servercert.pem # blacklist and whitelist ip ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-whitelist-file=/etc/spamdyke/whitelist_ip # blacklist and whitelist keywords ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords # blacklist and whitelist senders sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders # blacklist and whitelist rdns rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns # whitelist dns dns-whitelist-file=/etc/spamdyke/whitelist_dns # blacklist and whitelist recipients recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients - (Wow - that's a lot of RBLs) Are you sure that spamdyke's running? I like to use log-target=stderr so I can see spamdyke's messages in the smtp log along with the other related messages. Make sure spamdyke is running. Looks to me like you have the screws turned down pretty tight spam wise. I think the next step would be to look at a representative sample of the spam you're receiving, to see why it's getting through. Perhaps there is a workstation or server on your network that's been compromised and is sending out the spam. Examining the headers of the spams you're receiving to see where they originate. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Only to allow specified domains.
Ok, I will try it. Thanks! 2009/11/3 Rafael Andrade raf...@riosulense.com.br I`m using eMPF. You can use this link: http://www.qmailwiki.org/EMPF Rafael Eric Shubert escreveu: Arturo Penén Gómez wrote: Hi. I need to block that certain users only could send to a few specific domains. There is some way of doing it? Thanks! -- Un saludo, Arturo. eMPF is designed to do this sort of thing, and it's included in recent toaster versions. I don't use it myself, so don't know for sure off hand if it can do exactly this or not. Perhaps an eMPF toaster user out there can lend a hand with your configuration. - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Un saludo, Arturo.
[qmailtoaster] Re: Installing qmailtoaster / SSL
Martin Waschbuesch wrote: Hi all, I successfully installed the qmailtoaster and am very happy so far. Now, I have a few questions that I need some help with. So if anyone knows how to do this or can point me to good documentation I would really appreciate the help. I have installed a SSL certificate and got it working for apache, courier and qmail. Now, is it possible to enforce use of encryption for IMAP, POP3 and SMTP for everyone not on localhost - e.g. it would be silly to have horde/imp (installed on same server) to use STMP or IMAP over ssl, but everyone not working on webmail should have to. For IMAP and POP3, simply stop the services. For SMTP, it's not that simple, and I don't know off hand. Also, how would I go about enforcing the management webpages (qcontrol et al) and the webmail (I use horde instead of squirrel) to only use https? right now I can access them in both ways and I would like any attempt to access those sites without encryption to jump to https://xyz instead. This is done using apache's rewrite module. First, be sure it's loaded: /etc/httpd/conf/httpd.conf: LoadModule rewrite_module modules/mod_rewrite.so Then add the rewrite instructions to the appropriate conf files, e.g.: /etc/httpd/conf/squirrelmail.conf: RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*/webmail.*)$ https://%{SERVER_NAME}$1 [L,R] Directory /usr/share/squirrelmail Options None Order allow,deny allow from all SSLRequireSSL /Directory I would like everyone of my roaming users to always use the submission port 587 (and ssl). Can that be enforced, too? Not that I'm aware of. While spamdyke does TLS and authentication, it doesn't appear to have an option to require TLS when authenticating. I've just posted a request for this feature on the spamdyke list. We'll see what Sam (the author) has to say about it. There may be some other way I'm not aware of. Jake would probably know for sure. Thanks a lot for the help! Sure. Now it's your turn Martin. Will you please update the wiki with all of this when you're done? I'd like to see a new page under Configuration/Security that ties all of this stuff together. Are you up for it? -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Spam Help Plz
Rafael Andrade wrote: Hello, Eric and all list, First thank u for the answer My users receiving lots of spams dont have a specific sender domain, or default spam type. The sender domain is commonly spoofed (faked), so you can't go by that. Are you certain that they are coming from outside of your domain? Check the headers on many spam messages. You need to find something in common with several of them. Verify that they're not coming from your domain. Also, are they originating from private or public addresses? You need to do some investigative type work. My spamdyke is running see: spamdyke-stats /var/log/maillog Allowed: 35619 Denied : 140729 Sum: 176348 % Spam : 79.80% in logfile: Nov 3 13:48:42 net spamdyke[20038]: DENIED_RBL_MATCH from: misdirecti...@hamiltoncompany.com to: cristi...@domain.com origin_ip: 84.153.125.187 origin_rdns: p54997dbb.dip.t-dialin.net auth: (unknown) I`m using lots of Rbls to try reduce the spam numbers but not working correctly. Does anybody have some idea? Thanks so much Rafael Eric Shubert escreveu: Rafael Andrade wrote: Hello all, Im using qmailtoaster two years a go, and i`m very satisfied... some days a go my users receiving lots of spams, Tagged in subjects (spamassassin) or not. What could I be making to get better? Actually im using Qmailtoaster + Spamdyke with greylist. Excuse for english. My confs below: cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT= 192.168.1.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJ Kfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 xxx.xx.xx.xx:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJKfh,QMAILQUE UE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIG N=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:.wmv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dwr:.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt cat /etc/spamdyke/spamdyke.conf # rbl dns-blacklist-entry=bl.spamcop.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=dnsbl.sorbs.net dns-blacklist-entry=bogons.cymru.com dns-blacklist-entry=ix.dnsbl.manitu.net dns-blacklist-entry=cbl.abuseat.org dns-blacklist-entry=dnsbl.njabl.org # graylist #graylist-dir=/etc/spamdyke/graylist.d graylist-dir=/home/vpopmail/graylist.d graylist-level=always graylist-max-secs=2678400 graylist-min-secs=180 greeting-delay-secs=5 local-domains-file=/var/qmail/control/rcpthosts #log-level=debug log-level=info log-target=syslog #log-target=stderr max-recipients=50 #policy-url=http://my.policy.explanation.url/ reject-empty-rdns #reject-ip-in-cc-rdns reject-missing-sender-mx reject-unresolvable-rdns tls-certificate-file=/var/qmail/control/servercert.pem # blacklist and whitelist ip ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-whitelist-file=/etc/spamdyke/whitelist_ip # blacklist and whitelist keywords ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords # blacklist and whitelist senders sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders # blacklist and whitelist rdns rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns # whitelist dns dns-whitelist-file=/etc/spamdyke/whitelist_dns # blacklist and whitelist recipients recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients - (Wow - that's a lot of RBLs) Are you sure that spamdyke's running? I like to use log-target=stderr so I can see spamdyke's messages in the smtp log along with the other related messages. Make sure spamdyke is running. Looks to me like you have the screws turned down pretty tight spam wise. I think the next step would be to look at a representative sample of the spam you're receiving, to see why it's getting through. Perhaps there is a workstation or server on your network that's been compromised and is sending out the spam. Examining the headers of the spams you're receiving to see where they originate. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need
RE: [qmailtoaster] Re: Spam Help Plz
Like Eric mentioned, at this point, you need to take a look at the headers of the spam e-mails that your users are getting. You need to find something in the type of e-mails you're getting that you can filter on... Or, as also mentioned, it might be an internal user that is bypassing some of the filtering because they are authenticated... At this point, you need to look at the specific spam, and use specific techniques to filter it, not simply add more RBL's, or blacklists, etc. It's likely that just making one small tweak will eliminate most of your spam. Michael J. Colvin NorCal Internet Services www.norcalisp.com -Original Message- From: Rafael Andrade [mailto:raf...@riosulense.com.br] Sent: Tuesday, November 03, 2009 8:50 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Spam Help Plz Hello, Eric and all list, First thank u for the answer My users receiving lots of spams dont have a specific sender domain, or default spam type. My spamdyke is running see: spamdyke-stats /var/log/maillog Allowed: 35619 Denied : 140729 Sum: 176348 % Spam : 79.80% in logfile: Nov 3 13:48:42 net spamdyke[20038]: DENIED_RBL_MATCH from: misdirecti...@hamiltoncompany.com to: cristi...@domain.com origin_ip: 84.153.125.187 origin_rdns: p54997dbb.dip.t-dialin.net auth: (unknown) I`m using lots of Rbls to try reduce the spam numbers but not working correctly. Does anybody have some idea? Thanks so much Rafael Eric Shubert escreveu: Rafael Andrade wrote: Hello all, Im using qmailtoaster two years a go, and i`m very satisfied... some days a go my users receiving lots of spams, Tagged in subjects (spamassassin) or not. What could I be making to get better? Actually im using Qmailtoaster + Spamdyke with greylist. Excuse for english. My confs below: cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT= 192.168.1.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_R CPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJ Kfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/con trol/domainkeys/%/private,NOP0FCHECK=1 xxx.xx.xx.xx:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=120 ,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJKfh,QMAILQUE UE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domainke ys/%/private,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRO NGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIG N=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:.w mv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dwr :.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt cat /etc/spamdyke/spamdyke.conf # rbl dns-blacklist-entry=bl.spamcop.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=dnsbl.sorbs.net dns-blacklist-entry=bogons.cymru.com dns-blacklist-entry=ix.dnsbl.manitu.net dns-blacklist-entry=cbl.abuseat.org dns-blacklist-entry=dnsbl.njabl.org # graylist #graylist-dir=/etc/spamdyke/graylist.d graylist-dir=/home/vpopmail/graylist.d graylist-level=always graylist-max-secs=2678400 graylist-min-secs=180 greeting-delay-secs=5 local-domains-file=/var/qmail/control/rcpthosts #log-level=debug log-level=info log-target=syslog #log-target=stderr max-recipients=50 #policy-url=http://my.policy.explanation.url/ reject-empty-rdns #reject-ip-in-cc-rdns reject-missing-sender-mx reject-unresolvable-rdns tls-certificate-file=/var/qmail/control/servercert.pem # blacklist and whitelist ip ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-whitelist-file=/etc/spamdyke/whitelist_ip # blacklist and whitelist keywords ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords # blacklist and whitelist senders sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders # blacklist and whitelist rdns rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns # whitelist dns dns-whitelist-file=/etc/spamdyke/whitelist_dns # blacklist and whitelist recipients recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients --- -- (Wow - that's a lot of RBLs) Are you sure that spamdyke's running? I like to use log-target=stderr so I can see spamdyke's messages in the smtp log along with the other related messages. Make sure spamdyke is running. Looks to me like you have the screws turned down pretty
RE: [qmailtoaster] Re: Spam Help Plz
Did anyone else notice that he is missing spam_hits in his config file? Does it default to something without it? HIS: cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:.wmv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dwr:.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt MINE: # cat /var/qmail/control/simcontrol :clam=yes,spam=yes,spam_hits=7,attach=.mp3:.src:.bat:.pif:.exe:.com:.cmd:.dll:.msi:.msp:.reg:.vbe:.vbs:.vxd:.wsc:.wsf:.wsh See response above; Michael Colvin wrote: Like Eric mentioned, at this point, you need to take a look at the headers of the spam e-mails that your users are getting. You need to find something in the type of e-mails you're getting that you can filter on... Or, as also mentioned, it might be an internal user that is bypassing some of the filtering because they are authenticated... At this point, you need to look at the specific spam, and use specific techniques to filter it, not simply add more RBL's, or blacklists, etc. It's likely that just making one small tweak will eliminate most of your spam. Michael J. Colvin NorCal Internet Services www.norcalisp.com -Original Message- From: Rafael Andrade [mailto:raf...@riosulense.com.br] Sent: Tuesday, November 03, 2009 8:50 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Spam Help Plz Hello, Eric and all list, First thank u for the answer My users receiving lots of spams dont have a specific sender domain, or default spam type. My spamdyke is running see: spamdyke-stats /var/log/maillog Allowed: 35619 Denied : 140729 Sum: 176348 % Spam : 79.80% in logfile: Nov 3 13:48:42 net spamdyke[20038]: DENIED_RBL_MATCH from: misdirecti...@hamiltoncompany.com to: cristi...@domain.com origin_ip: 84.153.125.187 origin_rdns: p54997dbb.dip.t-dialin.net auth: (unknown) I`m using lots of Rbls to try reduce the spam numbers but not working correctly. Does anybody have some idea? Thanks so much Rafael Eric Shubert escreveu: Rafael Andrade wrote: Hello all, Im using qmailtoaster two years a go, and i`m very satisfied... some days a go my users receiving lots of spams, Tagged in subjects (spamassassin) or not. What could I be making to get better? Actually im using Qmailtoaster + Spamdyke with greylist. Excuse for english. My confs below: cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT= 192.168.1.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_R CPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJ Kfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/con trol/domainkeys/%/private,NOP0FCHECK=1 xxx.xx.xx.xx:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=120 ,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJKfh,QMAILQUE UE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domainke ys/%/private,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRO NGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIG N=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:.w mv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dwr :.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt cat /etc/spamdyke/spamdyke.conf # rbl dns-blacklist-entry=bl.spamcop.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=dnsbl.sorbs.net dns-blacklist-entry=bogons.cymru.com dns-blacklist-entry=ix.dnsbl.manitu.net dns-blacklist-entry=cbl.abuseat.org dns-blacklist-entry=dnsbl.njabl.org # graylist #graylist-dir=/etc/spamdyke/graylist.d graylist-dir=/home/vpopmail/graylist.d graylist-level=always graylist-max-secs=2678400 graylist-min-secs=180 greeting-delay-secs=5 local-domains-file=/var/qmail/control/rcpthosts #log-level=debug log-level=info log-target=syslog #log-target=stderr max-recipients=50 #policy-url=http://my.policy.explanation.url/ reject-empty-rdns #reject-ip-in-cc-rdns reject-missing-sender-mx reject-unresolvable-rdns tls-certificate-file=/var/qmail/control/servercert.pem # blacklist and whitelist ip ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-whitelist-file=/etc/spamdyke/whitelist_ip # blacklist and whitelist keywords ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords # blacklist and whitelist senders sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders # blacklist and whitelist rdns rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
RE: [qmailtoaster] Re: Spam Help Plz
Did anyone else notice that he is missing spam_hits in his config file? Does it default to something without it? I believe it defaults to 5 or something similar. It would only effect SpamAssassin anyway, and I've come to not really rely on SpamAssassin to block most of my spam. SpamDyke catches nearly all of it. If he's getting a lot of spam through, SpamAssassin is likely not the answer, blocking it with SpamDyke is. :-) Mike HIS: cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:.w mv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dwr :.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt MINE: # cat /var/qmail/control/simcontrol :clam=yes,spam=yes,spam_hits=7,attach=.mp3:.src:.bat:.pif:.exe:.com:.cmd:. dll:.msi:.msp:.reg:.vbe:.vbs:.vxd:.wsc:.wsf:.wsh See response above; Michael Colvin wrote: Like Eric mentioned, at this point, you need to take a look at the headers of the spam e-mails that your users are getting. You need to find something in the type of e-mails you're getting that you can filter on... Or, as also mentioned, it might be an internal user that is bypassing some of the filtering because they are authenticated... At this point, you need to look at the specific spam, and use specific techniques to filter it, not simply add more RBL's, or blacklists, etc. It's likely that just making one small tweak will eliminate most of your spam. Michael J. Colvin NorCal Internet Services www.norcalisp.com -Original Message- From: Rafael Andrade [mailto:raf...@riosulense.com.br] Sent: Tuesday, November 03, 2009 8:50 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Spam Help Plz Hello, Eric and all list, First thank u for the answer My users receiving lots of spams dont have a specific sender domain, or default spam type. My spamdyke is running see: spamdyke-stats /var/log/maillog Allowed: 35619 Denied : 140729 Sum: 176348 % Spam : 79.80% in logfile: Nov 3 13:48:42 net spamdyke[20038]: DENIED_RBL_MATCH from: misdirecti...@hamiltoncompany.com to: cristi...@domain.com origin_ip: 84.153.125.187 origin_rdns: p54997dbb.dip.t-dialin.net auth: (unknown) I`m using lots of Rbls to try reduce the spam numbers but not working correctly. Does anybody have some idea? Thanks so much Rafael Eric Shubert escreveu: Rafael Andrade wrote: Hello all, Im using qmailtoaster two years a go, and i`m very satisfied... some days a go my users receiving lots of spams, Tagged in subjects (spamassassin) or not. What could I be making to get better? Actually im using Qmailtoaster + Spamdyke with greylist. Excuse for english. My confs below: cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT= 192.168.1.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_R CPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJ Kfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/con trol/domainkeys/%/private,NOP0FCHECK=1 xxx.xx.xx.xx:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=120 ,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJKfh,QMAILQUE UE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domainke ys/%/private,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRO NGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIG N=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:.w mv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dwr :.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt cat /etc/spamdyke/spamdyke.conf # rbl dns-blacklist-entry=bl.spamcop.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=dnsbl.sorbs.net dns-blacklist-entry=bogons.cymru.com dns-blacklist-entry=ix.dnsbl.manitu.net dns-blacklist-entry=cbl.abuseat.org dns-blacklist-entry=dnsbl.njabl.org # graylist #graylist-dir=/etc/spamdyke/graylist.d graylist-dir=/home/vpopmail/graylist.d graylist-level=always graylist-max-secs=2678400 graylist-min-secs=180 greeting-delay-secs=5 local-domains-file=/var/qmail/control/rcpthosts #log-level=debug log-level=info log-target=syslog #log-target=stderr max-recipients=50 #policy-url=http://my.policy.explanation.url/ reject-empty-rdns #reject-ip-in-cc-rdns reject-missing-sender-mx reject-unresolvable-rdns tls-certificate-file=/var/qmail/control/servercert.pem # blacklist and whitelist ip
Re: [qmailtoaster] Re: Spam Help Plz
Hi Rafael, Why do you have disabled the spamdyke- ip-in-cc-rdns? #reject-ip-in-cc-rdns This spamdyke-rule catches about 30% of incoming mails because coming from dynamic addresses. Andreas Am Tuesday 03 November 2009 18:44:15 schrieb Michael Colvin: Did anyone else notice that he is missing spam_hits in his config file? Does it default to something without it? I believe it defaults to 5 or something similar. It would only effect SpamAssassin anyway, and I've come to not really rely on SpamAssassin to block most of my spam. SpamDyke catches nearly all of it. If he's getting a lot of spam through, SpamAssassin is likely not the answer, blocking it with SpamDyke is. :-) Mike HIS: cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:. :w mv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dw r :.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt MINE: # cat /var/qmail/control/simcontrol :clam=yes,spam=yes,spam_hits=7,attach=.mp3:.src:.bat:.pif:.exe:.com:.cmd: :. dll:.msi:.msp:.reg:.vbe:.vbs:.vxd:.wsc:.wsf:.wsh See response above; Michael Colvin wrote: Like Eric mentioned, at this point, you need to take a look at the headers of the spam e-mails that your users are getting. You need to find something in the type of e-mails you're getting that you can filter on... Or, as also mentioned, it might be an internal user that is bypassing some of the filtering because they are authenticated... At this point, you need to look at the specific spam, and use specific techniques to filter it, not simply add more RBL's, or blacklists, etc. It's likely that just making one small tweak will eliminate most of your spam. Michael J. Colvin NorCal Internet Services www.norcalisp.com -Original Message- From: Rafael Andrade [mailto:raf...@riosulense.com.br] Sent: Tuesday, November 03, 2009 8:50 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Spam Help Plz Hello, Eric and all list, First thank u for the answer My users receiving lots of spams dont have a specific sender domain, or default spam type. My spamdyke is running see: spamdyke-stats /var/log/maillog Allowed: 35619 Denied : 140729 Sum: 176348 % Spam : 79.80% in logfile: Nov 3 13:48:42 net spamdyke[20038]: DENIED_RBL_MATCH from: misdirecti...@hamiltoncompany.com to: cristi...@domain.com origin_ip: 84.153.125.187 origin_rdns: p54997dbb.dip.t-dialin.net auth: (unknown) I`m using lots of Rbls to try reduce the spam numbers but not working correctly. Does anybody have some idea? Thanks so much Rafael Eric Shubert escreveu: Rafael Andrade wrote: Hello all, Im using qmailtoaster two years a go, and i`m very satisfied... some days a go my users receiving lots of spams, Tagged in subjects (spamassassin) or not. What could I be making to get better? Actually im using Qmailtoaster + Spamdyke with greylist. Excuse for english. My confs below: cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT= 192.168.1.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_ R CPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJ Kfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/co n trol/domainkeys/%/private,NOP0FCHECK=1 xxx.xx.xx.xx:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=12 0 ,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJKfh,QMAILQUE UE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domaink e ys/%/private,NOP0FCHECK=1 : :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WR :O : NGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIG N=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 cat /var/qmail/control/simcontrol : :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:. :w : mv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dw r :.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. : idw:.ipt cat /etc/spamdyke/spamdyke.conf # rbl dns-blacklist-entry=bl.spamcop.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=dnsbl.sorbs.net dns-blacklist-entry=bogons.cymru.com dns-blacklist-entry=ix.dnsbl.manitu.net dns-blacklist-entry=cbl.abuseat.org dns-blacklist-entry=dnsbl.njabl.org # graylist #graylist-dir=/etc/spamdyke/graylist.d graylist-dir=/home/vpopmail/graylist.d graylist-level=always graylist-max-secs=2678400 graylist-min-secs=180 greeting-delay-secs=5
Re: [qmailtoaster] Re: Spam Help Plz
Rafael Andrade wrote: Hello, Eric and all list, First thank u for the answer My users receiving lots of spams dont have a specific sender domain, or default spam type. My spamdyke is running see: spamdyke-stats /var/log/maillog Allowed: 35619 Denied : 140729 Sum: 176348 % Spam : 79.80% snip Where can I find spamdyke-stats? This command intrigues me. Brent Gardner - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Spam Help Plz
[r...@net control]# rpm -qi simscan-toaster Name: simscan-toaster Relocations: (not relocatable) Version : 1.3.1 Vendor: (none) Release : 1.3.6 Build Date: Seg 15 Dez 2008 18:20:47 BRST Install Date: Sex 20 Fev 2009 01:04:38 BRT Build Host: net.metalservice.ind.br Group : Networking/Other Source RPM: simscan-toaster-1.3.1-1.3.6.src.rpm Size: 120380 License: GPL Signature : (none) Packager: Nick Hemmesch n...@ndhsoft.com URL : http://www.inter7.com/vpopmail Summary : Simscan for qmail-toaster Description : SimScan is a simplified scanner for qmail similar to qmail-scanner and qscand. It uses clamav, trophie, and/or spamassassin. It also supports attachment blocking by extension. Simscan is written entirely in C to ensure maximum speed. There are several options to allow simscan to scan per domain, and reject spam mail. Current settings --- user = clamav qmail directory = /var/qmail work directory= /var/qmail/simscan control directory = /var/qmail/control qmail queue program = /var/qmail/bin/qmail-queue clamdscan program = /usr/bin/clamdscan clamav scan = ON trophie scanning = OFF attachement scan = ON ripmime program = /usr/bin/ripmime custom smtp reject= ON drop message = OFF regex scanner = OFF quarantine processing = OFF domain based checking = ON add received header = ON spam scanning = ON spamc program = /usr/bin/spamc spamc arguments = spamc user= OFF authenticated users scanned = OFF spam passthru = OFF spam hits = 20 Current simcontrol config -- :clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif Eric Shubert escreveu: Kent Busbee wrote: Did anyone else notice that he is missing spam_hits in his config file? Does it default to something without it? Yes. [r...@doris documentation]# rpm -qi simscan-toaster Name: simscan-toaster Relocations: (not relocatable) Version : 1.4.0 Vendor: (none) Release : 1.3.8 Build Date: Sat 03 Oct 2009 09:50:36 AM MST Install Date: Sat 03 Oct 2009 10:03:58 AM MST Build Host: doris.shubes Group : Networking/Other Source RPM: simscan-toaster-1.4.0-1.3.8.src.rpm Size: 113364 License: GPL Signature : (none) Packager: Jake Vickers j...@qmailtoaster.com URL : http://www.inter7.com/vpopmail Summary : Simscan for qmail-toaster Description : SimScan is a simplified scanner for qmail similar to qmail-scanner and qscand. It uses clamav, trophie, and/or spamassassin. It also supports attachment blocking by extension. Simscan is written entirely in C to ensure maximum speed. There are several options to allow simscan to scan per domain, and reject spam mail. Current settings --- user = clamav qmail directory = /var/qmail work directory= /var/qmail/simscan control directory = /var/qmail/control qmail queue program = /var/qmail/bin/qmail-queue clamdscan program = /usr/bin/clamdscan clamav scan = ON trophie scanning = OFF attachement scan = ON ripmime program = /usr/bin/ripmime custom smtp reject= ON drop message = OFF regex scanner = OFF quarantine processing = OFF domain based checking = ON add received header = ON spam scanning = ON spamc program = /usr/bin/spamc spamc arguments = spamc user= OFF authenticated users scanned = OFF spam passthru = OFF spam hits = 40 Current simcontrol config -- :clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif [r...@doris documentation]# HIS: cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:.wmv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dwr:.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt MINE: # cat /var/qmail/control/simcontrol :clam=yes,spam=yes,spam_hits=7,attach=.mp3:.src:.bat:.pif:.exe:.com:.cmd:.dll:.msi:.msp:.reg:.vbe:.vbs:.vxd:.wsc:.wsf:.wsh See response above; Michael Colvin wrote: Like Eric mentioned, at this point, you need to take a look at the headers of
[qmailtoaster] Qcontrol Install error
Issuing command: qtp-install-qcontrolpe Installing QControlPE. This has only been checked on CentOS 4.x and CentOS 5.x machines, using 32bit architecture. If you install QControlPE on other systems, you do so at your own risk. erro: falha ao abrir html: Arquivo ou diretório não encontrado erro: falha ao abrir script: Arquivo ou diretório não encontrado erro: falha ao abrir language=JavaScript: Arquivo ou diretório não encontrado erro: falha ao abrir history.back();: Arquivo ou diretório não encontrado erro: falha ao abrir /script: Arquivo ou diretório não encontrado erro: falha ao abrir /html: Arquivo ou diretório não encontrado --- Hit ENTER to return to menu ---
[qmailtoaster] Re: ppc install?
Here are the perl modules in my fc11 toaster: [r...@qmt-fc11 ~]# rpm -qa | grep ^perl | sort perl-5.10.0-82.fc11.i586 perl-Archive-Tar-1.46-82.fc11.i586 perl-Compress-Raw-Zlib-2.008-82.fc11.i586 perl-Compress-Zlib-2.008-82.fc11.i586 perl-CPAN-1.9205-82.fc11.i586 perl-Crypt-OpenSSL-Bignum-0.04-6.fc11.i586 perl-Crypt-OpenSSL-Random-0.04-7.fc11.i586 perl-Crypt-OpenSSL-RSA-0.25-8.fc11.i586 perl-Date-Manip-5.54-2.fc11.noarch perl-DBD-MySQL-4.010-1.fc11.i586 perl-DBI-1.607-2.fc11.i586 perl-devel-5.10.0-82.fc11.i586 perl-Digest-HMAC-1.01-20.fc11.noarch perl-Digest-SHA1-2.11-8.fc11.i586 perl-Digest-SHA-5.47-82.fc11.i586 perl-Error-0.17015-2.fc11.noarch perl-ExtUtils-MakeMaker-6.36-82.fc11.i586 perl-ExtUtils-ParseXS-2.18-82.fc11.i586 perl-HTML-Parser-3.60-1.fc11.i586 perl-HTML-Tagset-3.20-2.fc11.noarch perl-IO-Compress-Base-2.008-82.fc11.i586 perl-IO-Compress-Zlib-2.008-82.fc11.i586 perl-IO-Socket-INET6-2.56-1.fc11.noarch perl-IO-Socket-SSL-1.30-1.fc11.noarch perl-IO-Zlib-1.07-82.fc11.i586 perl-libs-5.10.0-82.fc11.i586 perl-libwww-perl-5.825-2.fc11.noarch perl-Mail-DKIM-0.37-1.fc11.noarch perl-Mail-SPF-2.006-2.fc11.noarch perl-Mail-SPF-Query-1.999.1-5.fc11.noarch perl-MailTools-2.04-2.fc11.noarch perl-Module-Pluggable-3.90-82.fc11.i586 perl-NetAddr-IP-4.007-4.fc11.i586 perl-Net-CIDR-Lite-0.20-5.fc11.noarch perl-Net-DNS-0.63-5.fc11.i586 perl-Net-LibIDN-0.11-2.fc11.i586 perl-Net-SSLeay-1.35-4.fc11.i586 perl-Package-Constants-0.01-82.fc11.i586 perl-Pod-Escapes-1.04-82.fc11.i586 perl-Pod-Simple-3.07-82.fc11.i586 perl-Razor-Agent-2.85-2.fc11.i586 perl-SNMP_Session-1.12-2.fc11.noarch perl-Socket6-0.23-1.fc11.i586 perl-Test-Harness-3.16-82.fc11.i586 perl-TimeDate-1.16-10.fc11.noarch perl-URI-1.37-2.fc11.noarch perl-version-0.74-82.fc11.i586 [r...@qmt-fc11 ~]# What's $DIST= when you run this? It should be fedora_11. I've built spamassassin-toaster-3.2.5-1.3.17 several times on this host (using qtp-newmodel) without seeing your error. The package/module name (forward-compat) gives me the impression that it might be something needed by an older (RH9?) distro. Donald Wheeling wrote: I'm running Fedora 11 on my server. The error I get is when trying to rebuild the rpm is: rpmbuild --rebuild $DIST spamassassin-toaster-3.2.5-1.3.17.src.rpm Installing spamassassin-toaster-3.2.5-1.3.17.src.rpm error: Failed build dependencies: perl-forward-compat is needed by spamassassin-toaster-3.2.5-1.3.17.src.rpm I don't even see that package in your list. Maybe it's part of one of those packages. I'll have a look on rpmfind.net. Thanks for the list Date: Mon, 2 Nov 2009 09:44:25 -0500 From: j...@qmailtoaster.com To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] ppc install? Donald Wheeling wrote: After several days of trying to update yellow dog linux so I could install qmail toaster I finally gave up on the update process and started over with fedora. I was to the point where I had to re-compile the kernel in order to upgrade other required package versions before installing the mail server. Anyway...moving on. I now have fedora installed (albeit much slower than yellow dog) and I've been able to install qmailtoaster up to a point. I'm currently stuck on spamassassin compiling and, after many searches on the net and your mailing lists (5 entries which lead nowhere), I cannot find any specifics on the package perl-forward-compat. The only thing I can figure the problem to be is maybe the package name was changed? Which version of Fedora? Did you run the dependency script for your version of Fedora from the main site? I thought I had all of the dependencies filled in the scripts, so if I'm missing one/more than I would like to know. I only have Fedora 10 spooled up in VMW right now, but here are the perl packages I have installed: perl-Compress-Raw-Zlib-2.008-53.fc10.i386 perl-Archive-Tar-1.40-53.fc10.i386 perl-CPAN-1.9205-53.fc10.i386 perl-HTML-Tagset-3.10-8.fc9.noarch perl-Digest-HMAC-1.01-19.fc9.noarch perl-5.10.0-53.fc10.i386 perl-IO-Zlib-1.07-53.fc10.i386 perl-URI-1.35-8.fc9.noarch perl-Net-CIDR-Lite-0.20-4.fc9.noarch perl-libwww-perl-5.823-1.fc10.noarch perl-devel-5.10.0-53.fc10.i386 perl-String-CRC32-1.4-6.fc9.i386 perl-Date-Manip-5.48-3.fc9.noarch perl-SNMP_Session-1.12-1.fc10.noarch perl-HTML-Parser-3.59-1.fc10.i386 perl-Pod-Escapes-1.04-53.fc10.i386 perl-version-0.74-53.fc10.i386 perl-IO-Compress-Zlib-2.008-53.fc10.i386 perl-Package-Constants-0.01-53.fc10.i386 perl-ExtUtils-MakeMaker-6.36-53.fc10.i386 perl-DBD-MySQL-4.005-8.fc9.i386 perl-Digest-SHA1-2.11-7.fc9.i386 perl-IO-Socket-INET6-2.54-1.fc9.noarch perl-Net-DNS-0.63-4.fc10.i386 perl-Module-Pluggable-3.60-53.fc10.i386 perl-DBI-1.607-1.fc10.i386 perl-libs-5.10.0-53.fc10.i386 perl-Compress-Zlib-2.008-53.fc10.i386 perl-Test-Harness-3.12-53.fc10.i386 perl-Socket6-0.20-1.fc10.i386 perl-Pod-Simple-3.07-53.fc10.i386
[qmailtoaster] Re: Spam Help Plz
Kent Busbee wrote: Did anyone else notice that he is missing spam_hits in his config file? Does it default to something without it? Yes. [r...@doris documentation]# rpm -qi simscan-toaster Name: simscan-toaster Relocations: (not relocatable) Version : 1.4.0 Vendor: (none) Release : 1.3.8 Build Date: Sat 03 Oct 2009 09:50:36 AM MST Install Date: Sat 03 Oct 2009 10:03:58 AM MST Build Host: doris.shubes Group : Networking/Other Source RPM: simscan-toaster-1.4.0-1.3.8.src.rpm Size: 113364 License: GPL Signature : (none) Packager: Jake Vickers j...@qmailtoaster.com URL : http://www.inter7.com/vpopmail Summary : Simscan for qmail-toaster Description : SimScan is a simplified scanner for qmail similar to qmail-scanner and qscand. It uses clamav, trophie, and/or spamassassin. It also supports attachment blocking by extension. Simscan is written entirely in C to ensure maximum speed. There are several options to allow simscan to scan per domain, and reject spam mail. Current settings --- user = clamav qmail directory = /var/qmail work directory= /var/qmail/simscan control directory = /var/qmail/control qmail queue program = /var/qmail/bin/qmail-queue clamdscan program = /usr/bin/clamdscan clamav scan = ON trophie scanning = OFF attachement scan = ON ripmime program = /usr/bin/ripmime custom smtp reject= ON drop message = OFF regex scanner = OFF quarantine processing = OFF domain based checking = ON add received header = ON spam scanning = ON spamc program = /usr/bin/spamc spamc arguments = spamc user= OFF authenticated users scanned = OFF spam passthru = OFF spam hits = 40 Current simcontrol config -- :clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif [r...@doris documentation]# HIS: cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:.wmv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dwr:.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt MINE: # cat /var/qmail/control/simcontrol :clam=yes,spam=yes,spam_hits=7,attach=.mp3:.src:.bat:.pif:.exe:.com:.cmd:.dll:.msi:.msp:.reg:.vbe:.vbs:.vxd:.wsc:.wsf:.wsh See response above; Michael Colvin wrote: Like Eric mentioned, at this point, you need to take a look at the headers of the spam e-mails that your users are getting. You need to find something in the type of e-mails you're getting that you can filter on... Or, as also mentioned, it might be an internal user that is bypassing some of the filtering because they are authenticated... At this point, you need to look at the specific spam, and use specific techniques to filter it, not simply add more RBL's, or blacklists, etc. It's likely that just making one small tweak will eliminate most of your spam. Michael J. Colvin NorCal Internet Services www.norcalisp.com -Original Message- From: Rafael Andrade [mailto:raf...@riosulense.com.br] Sent: Tuesday, November 03, 2009 8:50 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Spam Help Plz Hello, Eric and all list, First thank u for the answer My users receiving lots of spams dont have a specific sender domain, or default spam type. My spamdyke is running see: spamdyke-stats /var/log/maillog Allowed: 35619 Denied : 140729 Sum: 176348 % Spam : 79.80% in logfile: Nov 3 13:48:42 net spamdyke[20038]: DENIED_RBL_MATCH from: misdirecti...@hamiltoncompany.com to: cristi...@domain.com origin_ip: 84.153.125.187 origin_rdns: p54997dbb.dip.t-dialin.net auth: (unknown) I`m using lots of Rbls to try reduce the spam numbers but not working correctly. Does anybody have some idea? Thanks so much Rafael Eric Shubert escreveu: Rafael Andrade wrote: Hello all, Im using qmailtoaster two years a go, and i`m very satisfied... some days a go my users receiving lots of spams, Tagged in subjects (spamassassin) or not. What could I be making to get better? Actually im using Qmailtoaster + Spamdyke with greylist. Excuse for english. My confs below: cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT= 192.168.1.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_R CPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJ Kfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/con trol/domainkeys/%/private,NOP0FCHECK=1 xxx.xx.xx.xx:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=120
[qmailtoaster] Re: Spam Help Plz
It's disabled by default in the QMT install as a courtesy to international users. It is indeed effective in the USA, but impractical for international use. http://www.spamdyke.org/documentation/README.html#RDNS As an alternative, you might find the ip-in-rdns-keyword-blacklist-entry effective. IIRC there were some suggested uses of this on the spamdyke users list a while back. You might want to search the archive of that list for examples. Rafael Andrade wrote: I will enable this feature, i dont remember why this rule is disabled. reject-ip-in-cc-rdns Enable Now. Anyone have other ideia? thanks so much again ;@ Andreas Galatis escreveu: Hi Rafael, Why do you have disabled the spamdyke- ip-in-cc-rdns? #reject-ip-in-cc-rdns This spamdyke-rule catches about 30% of incoming mails because coming from dynamic addresses. Andreas Am Tuesday 03 November 2009 18:44:15 schrieb Michael Colvin: Did anyone else notice that he is missing spam_hits in his config file? Does it default to something without it? I believe it defaults to 5 or something similar. It would only effect SpamAssassin anyway, and I've come to not really rely on SpamAssassin to block most of my spam. SpamDyke catches nearly all of it. If he's getting a lot of spam through, SpamAssassin is likely not the answer, blocking it with SpamDyke is. :-) Mike HIS: cat /var/qmail/control/simcontrol :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:. :w mv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dw r :.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. idw:.ipt MINE: # cat /var/qmail/control/simcontrol :clam=yes,spam=yes,spam_hits=7,attach=.mp3:.src:.bat:.pif:.exe:.com:.cmd: :. dll:.msi:.msp:.reg:.vbe:.vbs:.vxd:.wsc:.wsf:.wsh See response above; Michael Colvin wrote: Like Eric mentioned, at this point, you need to take a look at the headers of the spam e-mails that your users are getting. You need to find something in the type of e-mails you're getting that you can filter on... Or, as also mentioned, it might be an internal user that is bypassing some of the filtering because they are authenticated... At this point, you need to look at the specific spam, and use specific techniques to filter it, not simply add more RBL's, or blacklists, etc. It's likely that just making one small tweak will eliminate most of your spam. Michael J. Colvin NorCal Internet Services www.norcalisp.com -Original Message- From: Rafael Andrade [mailto:raf...@riosulense.com.br] Sent: Tuesday, November 03, 2009 8:50 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Spam Help Plz Hello, Eric and all list, First thank u for the answer My users receiving lots of spams dont have a specific sender domain, or default spam type. My spamdyke is running see: spamdyke-stats /var/log/maillog Allowed: 35619 Denied : 140729 Sum: 176348 % Spam : 79.80% in logfile: Nov 3 13:48:42 net spamdyke[20038]: DENIED_RBL_MATCH from: misdirecti...@hamiltoncompany.com to: cristi...@domain.com origin_ip: 84.153.125.187 origin_rdns: p54997dbb.dip.t-dialin.net auth: (unknown) I`m using lots of Rbls to try reduce the spam numbers but not working correctly. Does anybody have some idea? Thanks so much Rafael Eric Shubert escreveu: Rafael Andrade wrote: Hello all, Im using qmailtoaster two years a go, and i`m very satisfied... some days a go my users receiving lots of spams, Tagged in subjects (spamassassin) or not. What could I be making to get better? Actually im using Qmailtoaster + Spamdyke with greylist. Excuse for english. My confs below: cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT= 192.168.1.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_ R CPTLIMIT=120,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJ Kfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/co n trol/domainkeys/%/private,NOP0FCHECK=1 xxx.xx.xx.xx:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=12 0 ,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJKfh,QMAILQUE UE=/var/qmail/bin/simscan,DKQUEUE=,DKSIGN=/var/qmail/control/domaink e ys/%/private,NOP0FCHECK=1 : :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WR :O : NGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIG N=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 cat /var/qmail/control/simcontrol : :clam=yes,spam=yes,attach=.zip:.rar:.com:.vbs:.bat:.lnk:.scr:.pif:.mpeg:. :w : mv:.reg:.asx:.mpg:.txt.scr:.pif.scr:.adb:.asp:.dbx:.php:.p l:.scs:.sht:.tbb:.uin:.vbs:.wab:.txt.bat:.txt.scr:.mpe:.flv:.pps:.exe:.dw r :.mp3:.wav:.cda:.iso:.avi:.mpeg:.mp4:.bak:.dwg:.ipj:.iam:. :
[qmailtoaster] Re: rdns
Maxwell Smart wrote: I have searched, but really don't know how to ask this question. I know most on the list have been confronted with this. If anyone could point me in the direction of the answer that would be sufficient. I have a qmailtoaster that I just put into a co location facility. It has rDNS pointed to it's domain name, as it's supposed to. How do I setup my rDNS entries for mail clients on the server at that location? Is there a way to use a PTR record that indicates that it's supposed to resolve to colo.example.com? What's the correct method of addressing this? CJ There's only one rDNS entry for a given IP address. That entry should be a ptr record that points to (some other) type A record that hopefully resolves to the same address which the rDNS entry has. For example: shu...@edwin:~$ dig doris.shubes.net ; DiG 9.4.2-P2 doris.shubes.net ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 4288 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;doris.shubes.net. IN A ;; ANSWER SECTION: doris.shubes.net. 592 IN A 174.17.83.232 ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:55:59 2009 ;; MSG SIZE rcvd: 50 shu...@edwin:~$ dig -x 174.17.83.232 ; DiG 9.4.2-P2 -x 174.17.83.232 ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 38386 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;232.83.17.174.in-addr.arpa.IN PTR ;; ANSWER SECTION: 232.83.17.174.in-addr.arpa. 43031 INPTR 174-17-83-232.phnx.qwest.net. ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:56:38 2009 ;; MSG SIZE rcvd: 86 shu...@edwin:~$ dig 174-17-83-232.phnx.qwest.net ; DiG 9.4.2-P2 174-17-83-232.phnx.qwest.net ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 59486 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;174-17-83-232.phnx.qwest.net. IN A ;; ANSWER SECTION: 174-17-83-232.phnx.qwest.net. 43010 IN A 174.17.83.232 ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:57:18 2009 ;; MSG SIZE rcvd: 62 shu...@edwin:~$ HTH -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] re: rdns
I have searched, but really don't know how to ask this question. I know most on the list have been confronted with this. If anyone could point me in the direction of the answer that would be sufficient. I have a qmailtoaster that I just put into a co location facility. It has rDNS pointed to it's domain name, as it's supposed to. How do I setup my rDNS entries for mail clients on the server at that location? Is there a way to use a PTR record that indicates that it's supposed to resolve to colo.example.com? What's the correct method of addressing this? CJ -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 1.510.865.2787 | fax 1.510.864.7300 http://yother.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: rdns
OK I know that, but that doesn't resolve my problem. Without being able to setup an rDNS entry for this IP address my server mail gets rejected with a non matching rDNS entry. How is this resolved? I can't be the only one that has a server at a co location facility where I don't control the DNS. Eric Shubert wrote: Maxwell Smart wrote: I have searched, but really don't know how to ask this question. I know most on the list have been confronted with this. If anyone could point me in the direction of the answer that would be sufficient. I have a qmailtoaster that I just put into a co location facility. It has rDNS pointed to it's domain name, as it's supposed to. How do I setup my rDNS entries for mail clients on the server at that location? Is there a way to use a PTR record that indicates that it's supposed to resolve to colo.example.com? What's the correct method of addressing this? CJ There's only one rDNS entry for a given IP address. That entry should be a ptr record that points to (some other) type A record that hopefully resolves to the same address which the rDNS entry has. For example: shu...@edwin:~$ dig doris.shubes.net ; DiG 9.4.2-P2 doris.shubes.net ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 4288 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;doris.shubes.net.INA ;; ANSWER SECTION: doris.shubes.net.592INA174.17.83.232 ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:55:59 2009 ;; MSG SIZE rcvd: 50 shu...@edwin:~$ dig -x 174.17.83.232 ; DiG 9.4.2-P2 -x 174.17.83.232 ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 38386 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;232.83.17.174.in-addr.arpa.INPTR ;; ANSWER SECTION: 232.83.17.174.in-addr.arpa. 43031 INPTR 174-17-83-232.phnx.qwest.net. ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:56:38 2009 ;; MSG SIZE rcvd: 86 shu...@edwin:~$ dig 174-17-83-232.phnx.qwest.net ; DiG 9.4.2-P2 174-17-83-232.phnx.qwest.net ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 59486 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;174-17-83-232.phnx.qwest.net.INA ;; ANSWER SECTION: 174-17-83-232.phnx.qwest.net. 43010 INA174.17.83.232 ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:57:18 2009 ;; MSG SIZE rcvd: 62 shu...@edwin:~$ HTH -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | fax 510.864.7300 http://yother.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: rdns
The ISP, as owner of the IP address they've given you to use, controls the rDNS entry. You need to get them to change it to your host name. There are rare situations where an ISP might delegate rDNS entries to a customer, but I wouldn't count on that. I've also heard of situations where the customer can use a web app to change their rDNS values. You'll need to contact your ISP and see how they handle it. You can simply tell them what you want it to be, and they should change it. Maxwell Smart wrote: OK I know that, but that doesn't resolve my problem. Without being able to setup an rDNS entry for this IP address my server mail gets rejected with a non matching rDNS entry. How is this resolved? I can't be the only one that has a server at a co location facility where I don't control the DNS. Eric Shubert wrote: Maxwell Smart wrote: I have searched, but really don't know how to ask this question. I know most on the list have been confronted with this. If anyone could point me in the direction of the answer that would be sufficient. I have a qmailtoaster that I just put into a co location facility. It has rDNS pointed to it's domain name, as it's supposed to. How do I setup my rDNS entries for mail clients on the server at that location? Is there a way to use a PTR record that indicates that it's supposed to resolve to colo.example.com? What's the correct method of addressing this? CJ There's only one rDNS entry for a given IP address. That entry should be a ptr record that points to (some other) type A record that hopefully resolves to the same address which the rDNS entry has. For example: shu...@edwin:~$ dig doris.shubes.net ; DiG 9.4.2-P2 doris.shubes.net ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 4288 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;doris.shubes.net.INA ;; ANSWER SECTION: doris.shubes.net.592INA174.17.83.232 ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:55:59 2009 ;; MSG SIZE rcvd: 50 shu...@edwin:~$ dig -x 174.17.83.232 ; DiG 9.4.2-P2 -x 174.17.83.232 ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 38386 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;232.83.17.174.in-addr.arpa.INPTR ;; ANSWER SECTION: 232.83.17.174.in-addr.arpa. 43031 INPTR 174-17-83-232.phnx.qwest.net. ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:56:38 2009 ;; MSG SIZE rcvd: 86 shu...@edwin:~$ dig 174-17-83-232.phnx.qwest.net ; DiG 9.4.2-P2 174-17-83-232.phnx.qwest.net ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 59486 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;174-17-83-232.phnx.qwest.net.INA ;; ANSWER SECTION: 174-17-83-232.phnx.qwest.net. 43010 INA174.17.83.232 ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:57:18 2009 ;; MSG SIZE rcvd: 62 shu...@edwin:~$ HTH -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: duplicate email from ezmlm
Eric Shubert wrote: PakOgah wrote: Dear All (especially Jake/Eric), this list once got problem with duplicate email from ezmlm, I would to know how to resolved it (Jake/Eric please?) because it seem my server (ezmlm) sent duplicate email to milist members some solutions I found on mail-archive.com - I need to free some memory - I need to reinstall updated simscan (as I am only installing newer clamav/sa but never w/ simscan) I can't do re-installing the server as it can cause longer downtime to my users You should be using qtp-newmodel to do updates. Down time is only a matter of a couple minutes. oh oke, I'll try qtp-newmodel on devel machine first after watching Jake's video thanks for suggestion - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: rdns
That's what I thought. I had this problem once before. I am not sure I am going to be able to get the delegation this time. At my primary location I have my own delegation and that works fine, but they may not be so keen at this colocation. Thanks for your insight. CJ Eric Shubert wrote: The ISP, as owner of the IP address they've given you to use, controls the rDNS entry. You need to get them to change it to your host name. There are rare situations where an ISP might delegate rDNS entries to a customer, but I wouldn't count on that. I've also heard of situations where the customer can use a web app to change their rDNS values. You'll need to contact your ISP and see how they handle it. You can simply tell them what you want it to be, and they should change it. Maxwell Smart wrote: OK I know that, but that doesn't resolve my problem. Without being able to setup an rDNS entry for this IP address my server mail gets rejected with a non matching rDNS entry. How is this resolved? I can't be the only one that has a server at a co location facility where I don't control the DNS. Eric Shubert wrote: Maxwell Smart wrote: I have searched, but really don't know how to ask this question. I know most on the list have been confronted with this. If anyone could point me in the direction of the answer that would be sufficient. I have a qmailtoaster that I just put into a co location facility. It has rDNS pointed to it's domain name, as it's supposed to. How do I setup my rDNS entries for mail clients on the server at that location? Is there a way to use a PTR record that indicates that it's supposed to resolve to colo.example.com? What's the correct method of addressing this? CJ There's only one rDNS entry for a given IP address. That entry should be a ptr record that points to (some other) type A record that hopefully resolves to the same address which the rDNS entry has. For example: shu...@edwin:~$ dig doris.shubes.net ; DiG 9.4.2-P2 doris.shubes.net ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 4288 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;doris.shubes.net.INA ;; ANSWER SECTION: doris.shubes.net.592INA174.17.83.232 ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:55:59 2009 ;; MSG SIZE rcvd: 50 shu...@edwin:~$ dig -x 174.17.83.232 ; DiG 9.4.2-P2 -x 174.17.83.232 ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 38386 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;232.83.17.174.in-addr.arpa.INPTR ;; ANSWER SECTION: 232.83.17.174.in-addr.arpa. 43031 INPTR 174-17-83-232.phnx.qwest.net. ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:56:38 2009 ;; MSG SIZE rcvd: 86 shu...@edwin:~$ dig 174-17-83-232.phnx.qwest.net ; DiG 9.4.2-P2 174-17-83-232.phnx.qwest.net ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 59486 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;174-17-83-232.phnx.qwest.net.INA ;; ANSWER SECTION: 174-17-83-232.phnx.qwest.net. 43010 INA174.17.83.232 ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:57:18 2009 ;; MSG SIZE rcvd: 62 shu...@edwin:~$ HTH -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | fax 510.864.7300 http://yother.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Re: ppc install?
Thanks for the list. I figured it out. I was missing package perl-TimeDate-1.16-10.fc11.noarch and partials of others. After I installed it I could compile spamassassin with no errors. Also, as a side note I was in such a rush to get this installed and running that I failed to notice what was posted in the install notes as plain as day. SELinux has to be disabled This caused some of my packages to partially install or not at all. I un-installed everything and disabled SELinux then tried again with complete success. I haven't bought my domain name yet so I can only test from the inside. I can't see if spamassassin or clamav are working yet. I should know in a couple of days. To: qmailtoaster-list@qmailtoaster.com From: e...@shubes.net Date: Tue, 3 Nov 2009 10:49:46 -0700 Subject: [qmailtoaster] Re: ppc install? Here are the perl modules in my fc11 toaster: [r...@qmt-fc11 ~]# rpm -qa | grep ^perl | sort perl-5.10.0-82.fc11.i586 perl-Archive-Tar-1.46-82.fc11.i586 perl-Compress-Raw-Zlib-2.008-82.fc11.i586 perl-Compress-Zlib-2.008-82.fc11.i586 perl-CPAN-1.9205-82.fc11.i586 perl-Crypt-OpenSSL-Bignum-0.04-6.fc11.i586 perl-Crypt-OpenSSL-Random-0.04-7.fc11.i586 perl-Crypt-OpenSSL-RSA-0.25-8.fc11.i586 perl-Date-Manip-5.54-2.fc11.noarch perl-DBD-MySQL-4.010-1.fc11.i586 perl-DBI-1.607-2.fc11.i586 perl-devel-5.10.0-82.fc11.i586 perl-Digest-HMAC-1.01-20.fc11.noarch perl-Digest-SHA1-2.11-8.fc11.i586 perl-Digest-SHA-5.47-82.fc11.i586 perl-Error-0.17015-2.fc11.noarch perl-ExtUtils-MakeMaker-6.36-82.fc11.i586 perl-ExtUtils-ParseXS-2.18-82.fc11.i586 perl-HTML-Parser-3.60-1.fc11.i586 perl-HTML-Tagset-3.20-2.fc11.noarch perl-IO-Compress-Base-2.008-82.fc11.i586 perl-IO-Compress-Zlib-2.008-82.fc11.i586 perl-IO-Socket-INET6-2.56-1.fc11.noarch perl-IO-Socket-SSL-1.30-1.fc11.noarch perl-IO-Zlib-1.07-82.fc11.i586 perl-libs-5.10.0-82.fc11.i586 perl-libwww-perl-5.825-2.fc11.noarch perl-Mail-DKIM-0.37-1.fc11.noarch perl-Mail-SPF-2.006-2.fc11.noarch perl-Mail-SPF-Query-1.999.1-5.fc11.noarch perl-MailTools-2.04-2.fc11.noarch perl-Module-Pluggable-3.90-82.fc11.i586 perl-NetAddr-IP-4.007-4.fc11.i586 perl-Net-CIDR-Lite-0.20-5.fc11.noarch perl-Net-DNS-0.63-5.fc11.i586 perl-Net-LibIDN-0.11-2.fc11.i586 perl-Net-SSLeay-1.35-4.fc11.i586 perl-Package-Constants-0.01-82.fc11.i586 perl-Pod-Escapes-1.04-82.fc11.i586 perl-Pod-Simple-3.07-82.fc11.i586 perl-Razor-Agent-2.85-2.fc11.i586 perl-SNMP_Session-1.12-2.fc11.noarch perl-Socket6-0.23-1.fc11.i586 perl-Test-Harness-3.16-82.fc11.i586 perl-TimeDate-1.16-10.fc11.noarch perl-URI-1.37-2.fc11.noarch perl-version-0.74-82.fc11.i586 [r...@qmt-fc11 ~]# What's $DIST= when you run this? It should be fedora_11. I've built spamassassin-toaster-3.2.5-1.3.17 several times on this host (using qtp-newmodel) without seeing your error. The package/module name (forward-compat) gives me the impression that it might be something needed by an older (RH9?) distro. Donald Wheeling wrote: I'm running Fedora 11 on my server. The error I get is when trying to rebuild the rpm is: rpmbuild --rebuild $DIST spamassassin-toaster-3.2.5-1.3.17.src.rpm Installing spamassassin-toaster-3.2.5-1.3.17.src.rpm error: Failed build dependencies: perl-forward-compat is needed by spamassassin-toaster-3.2.5-1.3.17.src.rpm I don't even see that package in your list. Maybe it's part of one of those packages. I'll have a look on rpmfind.net. Thanks for the list Date: Mon, 2 Nov 2009 09:44:25 -0500 From: j...@qmailtoaster.com To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] ppc install? Donald Wheeling wrote: After several days of trying to update yellow dog linux so I could install qmail toaster I finally gave up on the update process and started over with fedora. I was to the point where I had to re-compile the kernel in order to upgrade other required package versions before installing the mail server. Anyway...moving on. I now have fedora installed (albeit much slower than yellow dog) and I've been able to install qmailtoaster up to a point. I'm currently stuck on spamassassin compiling and, after many searches on the net and your mailing lists (5 entries which lead nowhere), I cannot find any specifics on the package perl-forward-compat. The only thing I can figure the problem to be is maybe the package name was changed? Which version of Fedora? Did you run the dependency script for your version of Fedora from the main site? I thought I had all of the dependencies filled in the scripts, so if I'm missing one/more than I would like to know. I only have Fedora 10 spooled up in VMW right now, but here are the perl packages I have installed: perl-Compress-Raw-Zlib-2.008-53.fc10.i386 perl-Archive-Tar-1.40-53.fc10.i386
RE: [qmailtoaster] Re: rdns
U... They should be. The should do one or the other. If they won't delegate the IP space to you so that you can create your own ptr for that IP, then they should do it for you. If they won't do either, it's likely because they don't know how to, which means they likely don't know what they are doing, and I would run as fast as you can to another colo. I've never had a problem getting IP address that are assigned to me, delegated to me. Also, usually, most IP's simply need the PTR to resolve to SOMETHING. It doesn't need to your mail server, per se, but it should resolve to something...So, if they don't want to delegate it, they can at least create a PTR for it that resolves to something. You may also want to make sure that there is an a record for whatever they do point it to. IE, if they use mail.domain.com as the PTR, make sure that mail.domain.com resolves to something as well, even if the IP's don't match. Michael J. Colvin NorCal Internet Services www.norcalisp.com -Original Message- From: Maxwell Smart [mailto:c...@yother.com] Sent: Tuesday, November 03, 2009 9:41 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: rdns That's what I thought. I had this problem once before. I am not sure I am going to be able to get the delegation this time. At my primary location I have my own delegation and that works fine, but they may not be so keen at this colocation. Thanks for your insight. CJ Eric Shubert wrote: The ISP, as owner of the IP address they've given you to use, controls the rDNS entry. You need to get them to change it to your host name. There are rare situations where an ISP might delegate rDNS entries to a customer, but I wouldn't count on that. I've also heard of situations where the customer can use a web app to change their rDNS values. You'll need to contact your ISP and see how they handle it. You can simply tell them what you want it to be, and they should change it. Maxwell Smart wrote: OK I know that, but that doesn't resolve my problem. Without being able to setup an rDNS entry for this IP address my server mail gets rejected with a non matching rDNS entry. How is this resolved? I can't be the only one that has a server at a co location facility where I don't control the DNS. Eric Shubert wrote: Maxwell Smart wrote: I have searched, but really don't know how to ask this question. I know most on the list have been confronted with this. If anyone could point me in the direction of the answer that would be sufficient. I have a qmailtoaster that I just put into a co location facility. It has rDNS pointed to it's domain name, as it's supposed to. How do I setup my rDNS entries for mail clients on the server at that location? Is there a way to use a PTR record that indicates that it's supposed to resolve to colo.example.com? What's the correct method of addressing this? CJ There's only one rDNS entry for a given IP address. That entry should be a ptr record that points to (some other) type A record that hopefully resolves to the same address which the rDNS entry has. For example: shu...@edwin:~$ dig doris.shubes.net ; DiG 9.4.2-P2 doris.shubes.net ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 4288 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;doris.shubes.net.INA ;; ANSWER SECTION: doris.shubes.net.592INA174.17.83.232 ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:55:59 2009 ;; MSG SIZE rcvd: 50 shu...@edwin:~$ dig -x 174.17.83.232 ; DiG 9.4.2-P2 -x 174.17.83.232 ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 38386 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;232.83.17.174.in-addr.arpa.INPTR ;; ANSWER SECTION: 232.83.17.174.in-addr.arpa. 43031 INPTR 174-17-83-232.phnx.qwest.net. ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:56:38 2009 ;; MSG SIZE rcvd: 86 shu...@edwin:~$ dig 174-17-83-232.phnx.qwest.net ; DiG 9.4.2-P2 174-17-83-232.phnx.qwest.net ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 59486 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;174-17-83-232.phnx.qwest.net.INA ;; ANSWER SECTION: 174-17-83-232.phnx.qwest.net. 43010 INA174.17.83.232 ;; Query time: 0 msec ;; SERVER: 192.168.70.253#53(192.168.70.253) ;; WHEN: Tue Nov 3 19:57:18 2009 ;; MSG SIZE rcvd: 62 shu...@edwin:~$ HTH -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | fax