[vchkpw] Re: qmailadmin and forwards
On 09/01/2014 01:31 AM, Laurent Bercot wrote: On 01/09/2014 03:11, Eric Shubert wrote: Does anyone have any insight or recommendations for how to best use dovecot's LDA along with vpopmail and qmail? QMT already uses dovecot for imap and pop3 services. We're simply looking to take the next logical step. Not answering your question, but: I use vpopmail with dovecot too, and it works flawlessly without using the dovecot LDA. What would be the benefit of using the dovecot LDA since you have to go through vdelivermail anyway ? It adds a step, which has a cost; to be worth it, the benefits have to outweigh that cost. The benefit is sieve, which provides server side filtering. With the use of multiple (imap) mail clients (phones, tablets, etc), having the server do the filtering/filing of messages makes good sense. I don't think having the messages pass through vpopmail as well as deliver would impact performance all that much. If that's what it takes, to me I expect it'd be worth it. -- -Eric 'shubes' !DSPAM:540484f856446821598672!
[vchkpw] Re: qmailadmin and forwards
On 08/28/2014 10:26 AM, Laurent Bercot wrote: On 08/28/2014 02:26 PM, Eric Shubert wrote: Thanks for this explanation Rick. Now knowing how this actually works, I think I'll join you in being peeved about it. Not knowing any better, I would have presumed that the user d-q files would have been processed before the domain d-q files. Makes me wonder what the rationale is/was for processing the domain files first. It has to do with the way vpopmail uses qmail hooks to do its job. When you create the example.com domain, vpopmail modifies the /var/qmail/users/assign database so that qmail-local delivers the mail according to the instructions in ~/vpopmail/domains/example.com . So what reads your .qmail-* files in the domain directory is not vdelivermail, it's simply qmail-local. What vpopmail does is put a vdelivermail invocation in .qmail-default in the domain directory. vdelivermail then extracts the user name, looks it up in its vpasswd database to find the correct directory (most of the time ~vpopmail/domains/example.com/user) and delivers the mail according to the instructions in that directory. If you put a .qmail file in the domain directory, that takes precedence over .qmail-default, then vdelivermail will be bypassed entirely. So don't do that - let vpopmail do its black magic on the domain directory and only use user directories to put your .qmail files into. There are 2 things I'm not satisfied with, but they have nothing to do with the domain-wide .qmail files. The first thing is that vdelivermail duplicates most of the work of qmail-local for parsing .qmail files. It would be much more elegant to have vdelivermail just perform the vpopmail-specific stuff (extract user name, check the vpasswd database, go to user directory) then exec into qmail-local itself. The second thing is that vdelivermail does not make all the black magic transparent: the .qmail files in a user directory cannot be written exactly as if the user was a system user instead of a vpopmail user. I have a program, vsanitize, to be called in .qmail files in vpopmail user directories, that moves around a few environment variables to provide such transparency. Thanks to you too, Laurent. Please forgive me for asking the following question before thoroughly thinking through the process. We (the QMT community) are interested in replacing vdelivermail with dovecot's LDA deliver. This will be used in conjunction with sieve for server-side filtering. I gather from what you've said that deliver would be plugging into the domain's .qmail-default file, instead of vpopmail. In that case, deliver would be responsible for all forwarding as well, which I'm not sure it can handle. I haven't really looked into the details of this much yet. Does anyone have any insight or recommendations for how to best use dovecot's LDA along with vpopmail and qmail? QMT already uses dovecot for imap and pop3 services. We're simply looking to take the next logical step. Thanks everyone for your insights. -- -Eric 'shubes' !DSPAM:5403d29556441754111094!
[vchkpw] Re: qmailadmin and forwards
On 08/31/2014 06:57 PM, Eric Shubert wrote: On 08/28/2014 10:26 AM, Laurent Bercot wrote: On 08/28/2014 02:26 PM, Eric Shubert wrote: Thanks for this explanation Rick. Now knowing how this actually works, I think I'll join you in being peeved about it. Not knowing any better, I would have presumed that the user d-q files would have been processed before the domain d-q files. Makes me wonder what the rationale is/was for processing the domain files first. It has to do with the way vpopmail uses qmail hooks to do its job. When you create the example.com domain, vpopmail modifies the /var/qmail/users/assign database so that qmail-local delivers the mail according to the instructions in ~/vpopmail/domains/example.com . So what reads your .qmail-* files in the domain directory is not vdelivermail, it's simply qmail-local. What vpopmail does is put a vdelivermail invocation in .qmail-default in the domain directory. vdelivermail then extracts the user name, looks it up in its vpasswd database to find the correct directory (most of the time ~vpopmail/domains/example.com/user) and delivers the mail according to the instructions in that directory. If you put a .qmail file in the domain directory, that takes precedence over .qmail-default, then vdelivermail will be bypassed entirely. So don't do that - let vpopmail do its black magic on the domain directory and only use user directories to put your .qmail files into. There are 2 things I'm not satisfied with, but they have nothing to do with the domain-wide .qmail files. The first thing is that vdelivermail duplicates most of the work of qmail-local for parsing .qmail files. It would be much more elegant to have vdelivermail just perform the vpopmail-specific stuff (extract user name, check the vpasswd database, go to user directory) then exec into qmail-local itself. The second thing is that vdelivermail does not make all the black magic transparent: the .qmail files in a user directory cannot be written exactly as if the user was a system user instead of a vpopmail user. I have a program, vsanitize, to be called in .qmail files in vpopmail user directories, that moves around a few environment variables to provide such transparency. Thanks to you too, Laurent. Please forgive me for asking the following question before thoroughly thinking through the process. We (the QMT community) are interested in replacing vdelivermail with dovecot's LDA deliver. This will be used in conjunction with sieve for server-side filtering. I gather from what you've said that deliver would be plugging into the domain's .qmail-default file, instead of vpopmail. In that case, deliver would be responsible for all forwarding as well, which I'm not sure it can handle. I haven't really looked into the details of this much yet. Does anyone have any insight or recommendations for how to best use dovecot's LDA along with vpopmail and qmail? QMT already uses dovecot for imap and pop3 services. We're simply looking to take the next logical step. Thanks everyone for your insights. Ok, so I did a (very) little digging. It appears that deliver relies on Pigeonhole/Sieve for forwarding rules. I think I'd like to keep the existing vpopmail forwarding setup for the time being, so now the question becomes, what's the best way to configure vdelivermail to use dovecot's deliver to handle the actual local delivery. I'm guessing now that it should be specified in each (and every) user's .qmail-default file, where maildrop is presently hooked in. Any thoughts on this? I expect I'll need to modify a few vpopmail and qmailadmin modules to make this happen. Thanks for any thoughts on this. -- -Eric 'shubes' !DSPAM:5403d5df56441597863918!
Re: [vchkpw] qmailadmin and forwards
On 08/27/2014 11:24 PM, Rick Widmer wrote: One thing to remember, and one of my pet peeves... Out of all of the files in ~vpopmail/domains/example.com/ only one, .qmail-default has anything to do with the vpopmail delivery process. When qmail-local tries to deliver a message to the domain it looks at all of the .qmail-* files in the domain directory, and processes the .qmail* file that best matches the incoming address. If no other .qmail file matches .qmail-default is processed, which is where vdelivermail gets control. see:man dot-qmail .qmail files in ~vpopmail/domains/example.com/username will be handled by vdelivermail depending on compiler options. Vpopmail and qmailadmin do manage the .qmail files in the domain directory, but during the delivery process qmail does not pass control to vpopmail unless none of the other .qmail files match. Thanks for this explanation Rick. Now knowing how this actually works, I think I'll join you in being peeved about it. Not knowing any better, I would have presumed that the user d-q files would have been processed before the domain d-q files. Makes me wonder what the rationale is/was for processing the domain files first. -- -Eric 'shubes' !DSPAM:53ff2e0956448319919131!
[vchkpw] Re: qmailadmin and forwards
On 08/25/2014 05:48 PM, Charles Sprickman wrote: I block the spam before it enters the system using simscan. Thanks - not an option here since I need to allow users to opt in or out, etc. The simcontrol file allows you to customize settings per email address. I presume that this would be the initial (forward) address, since the true destination wouldn't be available yet at that point. -- -Eric 'shubes' !DSPAM:53fde4ac5644185827!
[vchkpw] Re: !!! CHECK SENDER !!![vchkpw] [SPAM] Re: [SPAM] Rrdirection problem
That could very well be, Tom. Stéphane, I believe the odd behavior is due to qmail's 'extension' feature, which comes into play with accounts that contain a '-', and the portion before the dash matches another account or forward. You could avoid this 'collision' (or 'conflict' or 'commonality') by choosing different address names, such as 'ssiad_secretariat@' or 'ssiad.secretariat@' or 'secretariat-ssiad@' (providing there is no account or forward called 'secretariat@' in this last case). Email extensions are a handy feature for some users, but admins need to be careful when using a '-' in account names. -- -Eric 'shubes' On 04/24/2014 09:43 AM, Tom Collins wrote: This sounds like a possible bug (or perhaps a configuration issue) in vdelivermail. With MySQL aliases, vdelivermail handles delivery. It's finding the ssiad forward first and delivering the message there (since -secretariat is an extension to that mailbox). By deleting the alias record stored in MySQL and replacing it with a dot-qmail file (.qmail-ssiad), you're allowing Qmail to handle its delivery before the message is handed off to vdelivermail. It's been a long time since I've worked with the vpopmail source code, but I imagine you'll find logic in vdelivermail that has it checking for aliases before mailboxes, and it's iterating through all possible base/extension pairs (foo-bar-baz, then foo-bar, then foo). -Tom On Apr 24, 2014, at 12:50 AM, Stéphane SALETTES wrote: Hi, You don't understand my problem, maybe because my english is bad :( ssiad-secretar...@piemont.fr is a standalone account no foward spa...@piemont.fr is a standalone account no foward and ss...@piemont.fr is just a foward to spa...@piemont.fr but if i send a message to ssiad-secretar...@piemont.fr nothing in is mailbox but the message is in the box of spa...@piemont.fr the work arraound that i find is delete the foward on qmailadmin (mysql) (ss...@piemont.fr - spa...@piemont.fr) and create a file .qmail-ssiad spa...@piemont.fr Hope you understand me this time sorry :) Thank Cordialement -- Stephane Salettes ABAC Informatique 1 Bis Ave Pech Loubat ZI La Coupe 11100 Narbonne Tél: 33 (0)4 68 41 73 00 FAX : 33 (0)4 6841 73 02 GSM: 33 (0)6 85 36 67 28 http://www.abac-info.com -Message d'origine- De : xaf [mailto:x...@abaxe.net] Envoyé : samedi 19 avril 2014 03:42 À : vchkpw@inter7.com Objet : Re: [vchkpw] Re: !!! CHECK SENDER !!![vchkpw] [SPAM] Re: [SPAM] Rrdirection problem |-- Eric Shubert, le 18/04/2014 23:38, a dit : 3) what you desire to happen When i send a message to ssiad-secretar...@piemont.fr i want that the message go to the ssiad-secretar...@piemont.fr mail box and foward to spa...@piemont.fr And when i send a massage to ss...@piemont.fr i want a simple foward to spa...@piemont.fr I think if you modify the ssiad-secretariat@ account to also forward a copy to spasad@, that would achieve your desired behavior. I.e., in qmailadmin, under the Routing section, select Forward To, and check the Save a Copy checkbox. it's a part of a solution this will create a .qmail file in the user directory but vdelivermail won't read it because of the extension addresses mechanism Stéphane ssiad-secretariat@ is an alias for user ssiad@ it's quite a strange conf to give a forward to the user and the account to the alias mail delivery in a glance qmail-send - qmail-lspawn - qmail-local - vdelivermail - vuser/valias we must shorten delivery before vdelivermail handle it because of ssiad forward, vdelivermail will ignore ssiad-secretariat account IMHO a 32 bit guest consumes less memory than a 64 bit one. Unless you need to address more than 4GB of RAM you really don't get any benefit from a 64bit VM. Proxmox dev's seem to agree with me. http://pve.proxmox.com/wiki/FAQ Also, the disks should be of type virtio and not IDE. Performance under IDE sucks big time. lspawn read users/cdb, we can shorten the delivery here, answer 2 local read .qmail-files in domain directory, we can shorten too here, answer 1 answer 1, according vpopmail is in /home/vpopmail create a file .qmail-ssiad-secretariat in /home/vpopmail/domains/piemont.fr 0600 vpopmail:vchkpw write in spa...@piemont.fr /home/vpopmail/domains/piemont.fr/ssiad-secretariat/Maildir/ if you want to change the headers for spasad or /home/vpopmail/domains/piemont.fr/spasad/Maildir/ /home/vpopmail/domains/piemont.fr/ssiad-secretariat/Maildir/ for straight copy answer 2 according to Eric explanation we have a .qmail in /home/vpopmail/domains/piemont.fr/ssiad-secretariat/ containing spa...@piemont.fr /home/vpopmail/domains/piemont.fr/ssiad-secretariat/Maildir/ we need local to read this .qmail file so lspawn have to point to the correct directory before local handle delivery edit /var/qmail/users/assign add the line (check if 89:89 are uid gid of vpopmail:vchkpw) =piemont.fr-ssiad-secretariat:piemont.fr:89:89:/home
[vchkpw] Re: !!! CHECK SENDER !!![vchkpw] [SPAM] Re: [SPAM] Rrdirection problem
On 04/18/2014 06:41 PM, xaf wrote: |-- Eric Shubert, le 18/04/2014 23:38, a dit : 3) what you desire to happen When i send a message to ssiad-secretar...@piemont.fr i want that the message go to the ssiad-secretar...@piemont.fr mail box and foward to spa...@piemont.fr And when i send a massage to ss...@piemont.fr i want a simple foward to spa...@piemont.fr I think if you modify the ssiad-secretariat@ account to also forward a copy to spasad@, that would achieve your desired behavior. I.e., in qmailadmin, under the Routing section, select Forward To, and check the Save a Copy checkbox. it's a part of a solution this will create a .qmail file in the user directory but vdelivermail won't read it because of the extension addresses mechanism Stéphane ssiad-secretariat@ is an alias for user ssiad@ it's quite a strange conf to give a forward to the user and the account to the alias mail delivery in a glance qmail-send - qmail-lspawn - qmail-local - vdelivermail - vuser/valias we must shorten delivery before vdelivermail handle it because of ssiad forward, vdelivermail will ignore ssiad-secretariat account lspawn read users/cdb, we can shorten the delivery here, answer 2 local read .qmail-files in domain directory, we can shorten too here, answer 1 answer 1, according vpopmail is in /home/vpopmail create a file .qmail-ssiad-secretariat in /home/vpopmail/domains/piemont.fr 0600 vpopmail:vchkpw write in spa...@piemont.fr /home/vpopmail/domains/piemont.fr/ssiad-secretariat/Maildir/ if you want to change the headers for spasad or /home/vpopmail/domains/piemont.fr/spasad/Maildir/ /home/vpopmail/domains/piemont.fr/ssiad-secretariat/Maildir/ for straight copy answer 2 according to Eric explanation we have a .qmail in /home/vpopmail/domains/piemont.fr/ssiad-secretariat/ containing spa...@piemont.fr /home/vpopmail/domains/piemont.fr/ssiad-secretariat/Maildir/ we need local to read this .qmail file so lspawn have to point to the correct directory before local handle delivery edit /var/qmail/users/assign add the line (check if 89:89 are uid gid of vpopmail:vchkpw) =piemont.fr-ssiad-secretariat:piemont.fr:89:89:/home/vpopmail/domains/piemont.fr/ssiad-secretariat::: before the piemont.fr virtual domain line and run /var/qmail/bin/qmail-newu to rebuild /var/qmail/users/cdb answer 3 a forward account instead of a simple forward delete ssiad forward create ssiad account apply Eric solution without saving a copy ssiad will be master for ssiad-everything but secretariat xaf Thanks for this post, xaf. It's the best description I've seen of delivery in the 8 years I've been using QMT. I expect this will be helpful when we integrate Dovecot's LDA in the near future. Stéphane, FWIW, I'd go with answer #3. It seems to me to be the simplest given your situation. It can all be done with qmailadmin, with no need to use any CLI configuration methods. -- -Eric 'shubes' !DSPAM:5352a9f034261066319550!
[vchkpw] Re: !!! CHECK SENDER !!![vchkpw] [SPAM] Re: [SPAM] Rrdirection problem
In that case, On 04/18/2014 08:44 AM, Stéphane SALETTES wrote: 1) There are 2 emails accounts, spa...@piemont.fr , ssiad-secretar...@piemont.fr ss...@piemont.fr simply a forward with no account to spa...@piemont.fr I see. 2) what actually happens When a message is sent to ssiad-secretar...@piemont.fr , ssiad-secretar...@piemont.fr doesn't receive this message but spa...@piemont.fr yes That's what I would expect to happen, given your configuration. 3) what you desire to happen When i send a message to ssiad-secretar...@piemont.fr i want that the message go to the ssiad-secretar...@piemont.fr mail box and foward to spa...@piemont.fr And when i send a massage to ss...@piemont.fr i want a simple foward to spa...@piemont.fr I think if you modify the ssiad-secretariat@ account to also forward a copy to spasad@, that would achieve your desired behavior. I.e., in qmailadmin, under the Routing section, select Forward To, and check the Save a Copy checkbox. If that doesn't do what you desire, please explain how you expect your configuration to behave. -- -Eric 'shubes' thank siad-secretar...@piemont.fr mailto:siad-secretar...@piemont.fr spa...@piemont.fr mailto:spa...@piemont.fr ss...@piemont.fr mailto:ss...@piemont.fr Cordialement -- Stephane Salettes ABAC Informatique 1 Bis Ave Pech Loubat ZI La Coupe 11100 Narbonne Tél: 33 (0)4 68 41 73 00 FAX : 33 (0)4 6841 73 02 GSM: 33 (0)6 85 36 67 28 http://www.abac-info.com -Message d'origine- De : Eric Shubert [mailto:e...@shubes.net] Envoyé : jeudi 17 avril 2014 17:50 À : vchkpw@inter7.com Objet : !!! CHECK SENDER !!![vchkpw] [SPAM] Re: [SPAM] Rrdirection problem Stéphane, This does not appear to me to be what was written on the QMT list. In order to be clear, please describe: 1) your configuration (what are accounts, what are forwards) 2) what actually happens 3) what you desire to happen For example: 1) There are 2 email accounts, ss...@piemont.fr and spa...@piemont.fr. The ss...@piemont.fr account is configured to forward messages to spa...@piemont.fr. (Or is ss...@piemont.fr simply a forward with no account?) 2) When an email is sent to ??, it arrives at ??. 3) When an email is sent to ??, I'd like it to arrive at ??. Thanks. P.S. You've repeatedly written siad-secretariat@, which I assumed was a typo and you meant ssiad-secretariat@. Is this the case or not? -- -Eric 'shubes' On 04/17/2014 07:16 AM, Stéphane SALETTES wrote: This is 3 emails box siad-secretar...@piemont.fr mailto:siad-secretar...@piemont.fr spa...@piemont.fr mailto:spa...@piemont.fr ss...@piemont.fr mailto:ss...@piemont.fr and a redirection ss...@piemont.fr mailto:ss...@piemont.frto spa...@piemont.fr mailto:spa...@piemont.fr When I send an email to siad-secretar...@piemont.fr mailto:siad-secretar...@piemont.fr he did not receive but is spa...@piemont.fr mailto:spa...@piemont.fr who receives Thank Cordialement -- Stephane Salettes ABAC Informatique 1 Bis Ave Pech Loubat ZI La Coupe 11100 Narbonne Tél: 33 (0)4 68 41 73 00 FAX : 33 (0)4 6841 73 02 GSM: 33 (0)6 85 36 67 28 http://www.abac-info.com blocked::http://www.abac-info.com/ logo !DSPAM:53519b6834261578218977!
[vchkpw] [SPAM] Re: [SPAM] Rrdirection problem
Stéphane, This does not appear to me to be what was written on the QMT list. In order to be clear, please describe: 1) your configuration (what are accounts, what are forwards) 2) what actually happens 3) what you desire to happen For example: 1) There are 2 email accounts, ss...@piemont.fr and spa...@piemont.fr. The ss...@piemont.fr account is configured to forward messages to spa...@piemont.fr. (Or is ss...@piemont.fr simply a forward with no account?) 2) When an email is sent to ??, it arrives at ??. 3) When an email is sent to ??, I'd like it to arrive at ??. Thanks. P.S. You've repeatedly written siad-secretariat@, which I assumed was a typo and you meant ssiad-secretariat@. Is this the case or not? -- -Eric 'shubes' On 04/17/2014 07:16 AM, Stéphane SALETTES wrote: This is 3 emails box siad-secretar...@piemont.fr mailto:siad-secretar...@piemont.fr spa...@piemont.fr mailto:spa...@piemont.fr ss...@piemont.fr mailto:ss...@piemont.fr and a redirection ss...@piemont.fr mailto:ss...@piemont.frto spa...@piemont.fr mailto:spa...@piemont.fr When I send an email to siad-secretar...@piemont.fr mailto:siad-secretar...@piemont.fr he did not receive but is spa...@piemont.fr mailto:spa...@piemont.fr who receives Thank Cordialement -- Stephane Salettes ABAC Informatique 1 Bis Ave Pech Loubat ZI La Coupe 11100 Narbonne Tél: 33 (0)4 68 41 73 00 FAX : 33 (0)4 6841 73 02 GSM: 33 (0)6 85 36 67 28 http://www.abac-info.com blocked::http://www.abac-info.com/ logo !DSPAM:534ff83234265858656019!
[vchkpw] Re: [SPAM] Patches for qmail suggestions and upgrade
On 04/17/2014 11:33 AM, Remo Mattei wrote: Hello all I have a qmail which is running now I want to up it to netqmail 1.06 so I plan to recomp it and I have vpopmail working so on the new one I want to add chkuser and tls but also few others like the channel since gmail and others have been really a pain does anyone suggest a set of patches or one that does it all in one? Thanks Inviato da iPhone () https://github.com/QMailToaster/qmail Why roll your own? QMT has prebuilt qmail package (as well as many others) for COS5 and COS6 now. http://mirrors.qmailtoaster.com/testing/. -- -Eric 'shubes' !DSPAM:535049e334261423416284!
[vchkpw] Re: [SPAM] Re: [vchkpw] [SPAM] Re: [vchkpw] [SPAM] Re: [vchkpw] Qmail maillog vchkpw-submission vs vchkpw-smtp
PLAIN authentication is ok, provided that TLS has been activated by the client (presumably before credentials are sent) or SSL is in use (unconventional 465 port). In changing this, each client will need to be manually reconfigured. I'm not aware of any client that automatically adjusts to changes such as this. I'm not aware of a practical way to require encrypted passwords for qmail-smtpd (whether on port 25 or 587) at this point. Spamdyke has a recent feature allowing it to handle authentication, and I believe that Sam will be adding a setting to require encryption before authentication in the next release. When that's available, I'll be changing QMT to use spamdyke for authentication, which will (at last) allow for enforcement of this policy (no passwords sent in clear text). On the retrieval side of things, dovecot provides such a configuration parameter, #disable_plaintext_auth = yes, which is the default value. P.S. FWIW, I would have not expected to see (as many) unauthorized attempts on port 587. Spammers will eventually use this port though. -- -Eric 'shubes' On 03/05/2014 08:34 AM, LHTek wrote: I am using PLAIN text passwords I'm afraid. I will be changing that now though. I very tired of these password hacks. Since this will be a new process for me I have questions: In changing the server to require encrypted passwords, will I need to contact all my clients and have them change the way they connect? Or will their email clients just automate the change? *From:* c...@milos.co.za c...@milos.co.za *To:* vchkpw@inter7.com *Sent:* Wednesday, March 5, 2014 6:45 AM *Subject:* [vchkpw] [SPAM] Re: [vchkpw] [SPAM] Re: [vchkpw] [SPAM] Re: [vchkpw] Qmail maillog vchkpw-submission vs vchkpw-smtp It doesn't matter how good your password is if you're using plaintext connections :) Since every MUA I've used i nthe last few years supports SSL or TLS I should really get around to deprecating pop3 and imap and only using pop3s and imaps. This is especially imporant since some govts are trying to push through laws forcing ISP's to store all of the data each of their users downloads meaning that your unencrypted data will remain stored for however long is legislated with access by who knows how many people. \\Clay On 2014-03-05 07:57, Tom Collins wrote: The submission entries outside the US could very well be from hacked accounts. I'm finding a surprising number of compromised accounts (once a week?), including users with good passwords, so I have to assume they're snooped on public wireless, or their computers are compromised by malware of some sort. The vckpw-smtp entries from outside the US are probably also hacked accounts, since mail received from remote servers doesn't include authentication. Sorry I wasn't thinking clearly in my previous response -- I forgot these were vchkpw entries and are only related to authentication. I was thinking about qmail logs. -Tom On Mar 4, 2014, at 10:43 PM, LHTek wrote: Thanks for the reply. NOTE: None of my users will have sent anything from outside the US. I've got some log entries for vchkpw-submission (marked as successful in the log) with non-US IP's (Russia, Egypt, Honk Kong, etc).In my analysis I'm marking those entries as hacked accounts. From what I read from your response, vchkpw-smtp (marked as successful in the log) entries could be mail sent TO my server FROM another server on port 25. That tells me those are probably safe submissions - even if they are from overseas IPs. Am I thinking correctly? *From:* Tom Collins t...@tomlogic.com mailto:t...@tomlogic.com *To:* vchkpw@inter7.com mailto:vchkpw@inter7.com *Sent:* Wednesday, March 5, 2014 12:02 AM *Subject:* Re: [vchkpw] Qmail maillog vchkpw-submission vs vchkpw-smtp vchkpw-submission is on port 587, and is typically used for emai clients relaying mail. It's often set up to require authentication. vchkpw-smtp is on port 25, and can be used for email clients to relay mail, or by other servers delivering mail to your server. -Tom On Mar 4, 2014, at 9:41 PM, LHTek wrote: In the /var/log/maillog file what is the difference between these 2 entries (vchkpw-submission, vchkpw-smtp)? example: Mar 4 17:27:03 michael vpopmail[14701]: vchkpw-submission: (PLAIN) login success t...@domain.com:64.185.3.238 Mar 4 10:54:42 michael vpopmail[29027]: vchkpw-smtp: (PLAIN) login success t...@domain.com:64.57.239.114 !DSPAM:531756ed34261630194476!
[vchkpw] Re: [SPAM] Re: vusaged compile error
Is the system finding the correct libvpopmail? Perhaps search the entire system for all libvpopmail files to be sure there's not another one being picked up inadvertently? -- -Eric 'shubes' On 12/13/2013 04:38 AM, Marcello Lupo wrote: Hello, Yes i have done it but it is not woking. Anyway the make distclean is useless in the vusaged directory. It doesn’t produce any effect since the Makefile have still to be created because ./configure is not working. The libvpopmail.a is correctly found and loaded in the LDCONFIG. Any hint? Thank you Bye Marcello Il giorno 12/dic/2013, alle ore 19:09, Eric Shubert e...@shubes.net ha scritto: Have you done as Matt suggested? # make distclean # export LDFLAGS='-ldl' # ./configure make. On 12/12/2013 10:16 AM, Marcello Lupo wrote: Hello, any news on this issue? I have exactly this issue on ubuntu server 12.04 LTS x86_64 . checking for vauth_getpw in -lvpopmail... no checking for vauth_getall in -lvpopmail... no checking for get_domain_entries in -lvpopmail... no checking for client_query_quick in -lvpopmail... yes configure: error: No vauth_getpw in libvpopmail I tried vpopmail version 5.4.32 and 5.4.33 . This are the options: ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --disable-roaming-users \ --enable-onchange-script \ --enable-auth-module=mysql \ --enable-logging=p \ --enable-mysql-limits \ --enable-valias \ --disable-clear-passwd \ --enable-sql-logging \ --enable-auth-logging \ --enable-qmail-newu=/var/qmail/bin/qmail-newu \ --enable-qmail-inject=/var/qmail/bin/qmail-inject \ --enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh I already tried all the solutions suggested in this thread with no success. Thank you all for any help. Bye Marcello Il giorno 05/mar/2013, alle ore 17:55, Remo Mattei r...@italy1.com ha scritto: which version of vpop? On Mar 5, 2013, at 07:45 , Franko Fang dahuananhu1...@163.com wrote: Dear Matt: Matt Brookings matt at inter7.com writes: On 01/24/2011 10:22 AM, Qmail List wrote: Hi, For Vpopmail, i did this. ./configure --enable-logging=v \ make make install-strip Vpopmail config.log http://pastebin.com/5xZT1EiH Vpopmail config.h http://pastebin.com/t6FQzp0U For Vusaged, i did this. ./configure make Vusaged config.log http://pastebin.com/78MsKPjh Vusaged config.h http://pastebin.com/k9kk7Zff In the vusaged source directory, run make clean, then export LDFLAGS='-ldl', then try to build again. --I did the same compile on Ubuntu 12.04 32bit system, and the error still exists. checking for vauth_getpw in -lvpopmail... no checking for vauth_getall in -lvpopmail... no checking for get_domain_entries in -lvpopmail... no checking for client_query_quick in -lvpopmail... yes configure: error: No vauth_getpw in libvpopmail --Any ideas for my issue? Best Regards, Franko Fang -- -Eric 'shubes' !DSPAM:52ab4ab034261127822959!
[vchkpw] Re: [SPAM] Re: vusaged compile error
For your reference, here's the .spec file I'm using for the QMailToaster version of vpopmail: https://github.com/QMailToaster/vpopmail/blob/master/vpopmail.spec This is building ok on CentOS 5 6, and both x86_64 and i386 arch's. You might try running autoreconf automake autoconf before running the configure script, and see what that does for you. HTH. -- -Eric 'shubes' On 12/13/2013 11:14 AM, Marcello Lupo wrote: Hi, yes all is correct: the only libvpopmail.a found are: /usr/src/vpopmail-5.4.33/libvpopmail.a /home/vpopmail/lib/libvpopmail.a and are identical files. I think the issue can reside in the way the configure script make the check of vauth_getpw in the libvpopmail or depending on some configure option i used. I tried to dig a little bit in the sources but was not able to understand so much. I’m not so skilled coder. Thank you if you have any other suggestion. Eventually i can give you access to the system of you need it. I really need to compile it otherwise the server will never start. Thank you Bye Marcello Il giorno 13/dic/2013, alle ore 18:58, Eric Shubert e...@shubes.net ha scritto: Is the system finding the correct libvpopmail? Perhaps search the entire system for all libvpopmail files to be sure there's not another one being picked up inadvertently? -- -Eric 'shubes' On 12/13/2013 04:38 AM, Marcello Lupo wrote: Hello, Yes i have done it but it is not woking. Anyway the make distclean is useless in the vusaged directory. It doesn’t produce any effect since the Makefile have still to be created because ./configure is not working. The libvpopmail.a is correctly found and loaded in the LDCONFIG. Any hint? Thank you Bye Marcello Il giorno 12/dic/2013, alle ore 19:09, Eric Shubert e...@shubes.net ha scritto: Have you done as Matt suggested? # make distclean # export LDFLAGS='-ldl' # ./configure make. On 12/12/2013 10:16 AM, Marcello Lupo wrote: Hello, any news on this issue? I have exactly this issue on ubuntu server 12.04 LTS x86_64 . checking for vauth_getpw in -lvpopmail... no checking for vauth_getall in -lvpopmail... no checking for get_domain_entries in -lvpopmail... no checking for client_query_quick in -lvpopmail... yes configure: error: No vauth_getpw in libvpopmail I tried vpopmail version 5.4.32 and 5.4.33 . This are the options: ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --disable-roaming-users \ --enable-onchange-script \ --enable-auth-module=mysql \ --enable-logging=p \ --enable-mysql-limits \ --enable-valias \ --disable-clear-passwd \ --enable-sql-logging \ --enable-auth-logging \ --enable-qmail-newu=/var/qmail/bin/qmail-newu \ --enable-qmail-inject=/var/qmail/bin/qmail-inject \ --enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh I already tried all the solutions suggested in this thread with no success. Thank you all for any help. Bye Marcello Il giorno 05/mar/2013, alle ore 17:55, Remo Mattei r...@italy1.com ha scritto: which version of vpop? On Mar 5, 2013, at 07:45 , Franko Fang dahuananhu1...@163.com wrote: Dear Matt: Matt Brookings matt at inter7.com writes: On 01/24/2011 10:22 AM, Qmail List wrote: Hi, For Vpopmail, i did this. ./configure --enable-logging=v \ make make install-strip Vpopmail config.log http://pastebin.com/5xZT1EiH Vpopmail config.h http://pastebin.com/t6FQzp0U For Vusaged, i did this. ./configure make Vusaged config.log http://pastebin.com/78MsKPjh Vusaged config.h http://pastebin.com/k9kk7Zff In the vusaged source directory, run make clean, then export LDFLAGS='-ldl', then try to build again. --I did the same compile on Ubuntu 12.04 32bit system, and the error still exists. checking for vauth_getpw in -lvpopmail... no checking for vauth_getall in -lvpopmail... no checking for get_domain_entries in -lvpopmail... no checking for client_query_quick in -lvpopmail... yes configure: error: No vauth_getpw in libvpopmail --Any ideas for my issue? Best Regards, Franko Fang -- -Eric 'shubes' !DSPAM:52ab5c0234262134724148!
[vchkpw] Re: [SPAM] Re: vusaged compile error
Hmmm. When I run ./configure in vusaged/, I get: checking for stdint.h... yes checking for unistd.h... yes checking ev.h usability... no checking ev.h presence... no checking for ev.h... no checking for ev_loop_new in -lev... no configure: error: No libev found Now, I wonder where ev comes from. Actually, I wonder what ev *is*. ;) I'm no vpopmail expert, but I'm getting there. ;) -- -Eric 'shubes' On 12/13/2013 01:08 PM, Marcello Lupo wrote: Hi, Thank you. I tried in vpopmail-5.4.33 dir: make distclean autoreconf automake autoconf ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --disable-roaming-users \ --enable-onchange-script \ --enable-auth-module=mysql \ --enable-logging=p \ --disable-mysql-limits \ --enable-valias \ --disable-clear-passwd \ --enable-sql-logging \ --enable-auth-logging \ --enable-qmail-newu=/var/qmail/bin/qmail-newu \ --enable-qmail-inject=/var/qmail/bin/qmail-inject \ --enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh make make install-strip ldconfig All compiled fine and installed. When compile vusaged i get the same error both with or without the export LDFLAGS='-ldl’ command. Other hints? Thank you Bye Marcello Il giorno 13/dic/2013, alle ore 20:11, Eric Shubert e...@shubes.net ha scritto: For your reference, here's the .spec file I'm using for the QMailToaster version of vpopmail: https://github.com/QMailToaster/vpopmail/blob/master/vpopmail.spec This is building ok on CentOS 5 6, and both x86_64 and i386 arch's. You might try running autoreconf automake autoconf before running the configure script, and see what that does for you. HTH. -- -Eric 'shubes' On 12/13/2013 11:14 AM, Marcello Lupo wrote: Hi, yes all is correct: the only libvpopmail.a found are: /usr/src/vpopmail-5.4.33/libvpopmail.a /home/vpopmail/lib/libvpopmail.a and are identical files. I think the issue can reside in the way the configure script make the check of vauth_getpw in the libvpopmail or depending on some configure option i used. I tried to dig a little bit in the sources but was not able to understand so much. I’m not so skilled coder. Thank you if you have any other suggestion. Eventually i can give you access to the system of you need it. I really need to compile it otherwise the server will never start. Thank you Bye Marcello Il giorno 13/dic/2013, alle ore 18:58, Eric Shubert e...@shubes.net ha scritto: Is the system finding the correct libvpopmail? Perhaps search the entire system for all libvpopmail files to be sure there's not another one being picked up inadvertently? -- -Eric 'shubes' On 12/13/2013 04:38 AM, Marcello Lupo wrote: Hello, Yes i have done it but it is not woking. Anyway the make distclean is useless in the vusaged directory. It doesn’t produce any effect since the Makefile have still to be created because ./configure is not working. The libvpopmail.a is correctly found and loaded in the LDCONFIG. Any hint? Thank you Bye Marcello Il giorno 12/dic/2013, alle ore 19:09, Eric Shubert e...@shubes.net ha scritto: Have you done as Matt suggested? # make distclean # export LDFLAGS='-ldl' # ./configure make. On 12/12/2013 10:16 AM, Marcello Lupo wrote: Hello, any news on this issue? I have exactly this issue on ubuntu server 12.04 LTS x86_64 . checking for vauth_getpw in -lvpopmail... no checking for vauth_getall in -lvpopmail... no checking for get_domain_entries in -lvpopmail... no checking for client_query_quick in -lvpopmail... yes configure: error: No vauth_getpw in libvpopmail I tried vpopmail version 5.4.32 and 5.4.33 . This are the options: ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --disable-roaming-users \ --enable-onchange-script \ --enable-auth-module=mysql \ --enable-logging=p \ --enable-mysql-limits \ --enable-valias \ --disable-clear-passwd \ --enable-sql-logging \ --enable-auth-logging \ --enable-qmail-newu=/var/qmail/bin/qmail-newu \ --enable-qmail-inject=/var/qmail/bin/qmail-inject \ --enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh I already tried all the solutions suggested in this thread with no success. Thank you all for any help. Bye Marcello Il giorno 05/mar/2013, alle ore 17:55, Remo Mattei r...@italy1.com ha scritto: which version of vpop? On Mar 5, 2013, at 07:45 , Franko Fang dahuananhu1...@163.com wrote: Dear Matt: Matt Brookings matt at inter7.com writes: On 01/24/2011 10:22 AM, Qmail List wrote: Hi, For Vpopmail, i did this. ./configure --enable-logging=v \ make make install-strip Vpopmail config.log http://pastebin.com/5xZT1EiH Vpopmail config.h http://pastebin.com/t6FQzp0U For Vusaged, i did this. ./configure make Vusaged config.log http://pastebin.com/78MsKPjh Vusaged config.h http://pastebin.com/k9kk7Zff In the vusaged source directory, run make clean, then export LDFLAGS='-ldl', then try to build again. --I did the same compile on Ubuntu 12.04 32bit system, and the error still exists. checking for vauth_getpw in -lvpopmail... no checking
[vchkpw] Re: [SPAM] Re: vusaged compile error
On 12/13/2013 01:33 PM, Eric Shubert wrote: Hmmm. When I run ./configure in vusaged/, I get: checking for stdint.h... yes checking for unistd.h... yes checking ev.h usability... no checking ev.h presence... no checking for ev.h... no checking for ev_loop_new in -lev... no configure: error: No libev found Now, I wonder where ev comes from. Actually, I wonder what ev *is*. ;) I'm no vpopmail expert, but I'm getting there. ;) I sent too soon. I see I need libev-devel. -- -Eric 'shubes' !DSPAM:52ab70a134261461915962!
[vchkpw] Re: [SPAM] Re: vusaged compile error
Well, I think I know why my build fails, as I've patched vpopmail to alter the location of the includes and lib directories. /home/vpopmail/etc (or /etc/vpopmail in my case) should have an include_deps and a lib_deps file. What do you have in /home/vpopmail/etc/lib_deps ? The first -L option there should be where your libvpopmail.a resides. HTH. -- -Eric 'shubes' On 12/13/2013 01:08 PM, Marcello Lupo wrote: Hi, Thank you. I tried in vpopmail-5.4.33 dir: make distclean autoreconf automake autoconf ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --disable-roaming-users \ --enable-onchange-script \ --enable-auth-module=mysql \ --enable-logging=p \ --disable-mysql-limits \ --enable-valias \ --disable-clear-passwd \ --enable-sql-logging \ --enable-auth-logging \ --enable-qmail-newu=/var/qmail/bin/qmail-newu \ --enable-qmail-inject=/var/qmail/bin/qmail-inject \ --enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh make make install-strip ldconfig All compiled fine and installed. When compile vusaged i get the same error both with or without the export LDFLAGS='-ldl’ command. Other hints? Thank you Bye Marcello Il giorno 13/dic/2013, alle ore 20:11, Eric Shubert e...@shubes.net ha scritto: For your reference, here's the .spec file I'm using for the QMailToaster version of vpopmail: https://github.com/QMailToaster/vpopmail/blob/master/vpopmail.spec This is building ok on CentOS 5 6, and both x86_64 and i386 arch's. You might try running autoreconf automake autoconf before running the configure script, and see what that does for you. HTH. -- -Eric 'shubes' On 12/13/2013 11:14 AM, Marcello Lupo wrote: Hi, yes all is correct: the only libvpopmail.a found are: /usr/src/vpopmail-5.4.33/libvpopmail.a /home/vpopmail/lib/libvpopmail.a and are identical files. I think the issue can reside in the way the configure script make the check of vauth_getpw in the libvpopmail or depending on some configure option i used. I tried to dig a little bit in the sources but was not able to understand so much. I’m not so skilled coder. Thank you if you have any other suggestion. Eventually i can give you access to the system of you need it. I really need to compile it otherwise the server will never start. Thank you Bye Marcello Il giorno 13/dic/2013, alle ore 18:58, Eric Shubert e...@shubes.net ha scritto: Is the system finding the correct libvpopmail? Perhaps search the entire system for all libvpopmail files to be sure there's not another one being picked up inadvertently? -- -Eric 'shubes' On 12/13/2013 04:38 AM, Marcello Lupo wrote: Hello, Yes i have done it but it is not woking. Anyway the make distclean is useless in the vusaged directory. It doesn’t produce any effect since the Makefile have still to be created because ./configure is not working. The libvpopmail.a is correctly found and loaded in the LDCONFIG. Any hint? Thank you Bye Marcello Il giorno 12/dic/2013, alle ore 19:09, Eric Shubert e...@shubes.net ha scritto: Have you done as Matt suggested? # make distclean # export LDFLAGS='-ldl' # ./configure make. On 12/12/2013 10:16 AM, Marcello Lupo wrote: Hello, any news on this issue? I have exactly this issue on ubuntu server 12.04 LTS x86_64 . checking for vauth_getpw in -lvpopmail... no checking for vauth_getall in -lvpopmail... no checking for get_domain_entries in -lvpopmail... no checking for client_query_quick in -lvpopmail... yes configure: error: No vauth_getpw in libvpopmail I tried vpopmail version 5.4.32 and 5.4.33 . This are the options: ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --disable-roaming-users \ --enable-onchange-script \ --enable-auth-module=mysql \ --enable-logging=p \ --enable-mysql-limits \ --enable-valias \ --disable-clear-passwd \ --enable-sql-logging \ --enable-auth-logging \ --enable-qmail-newu=/var/qmail/bin/qmail-newu \ --enable-qmail-inject=/var/qmail/bin/qmail-inject \ --enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh I already tried all the solutions suggested in this thread with no success. Thank you all for any help. Bye Marcello Il giorno 05/mar/2013, alle ore 17:55, Remo Mattei r...@italy1.com ha scritto: which version of vpop? On Mar 5, 2013, at 07:45 , Franko Fang dahuananhu1...@163.com wrote: Dear Matt: Matt Brookings matt at inter7.com writes: On 01/24/2011 10:22 AM, Qmail List wrote: Hi, For Vpopmail, i did this. ./configure --enable-logging=v \ make make install-strip Vpopmail config.log http://pastebin.com/5xZT1EiH Vpopmail config.h http://pastebin.com/t6FQzp0U For Vusaged, i did this. ./configure make Vusaged config.log http://pastebin.com/78MsKPjh Vusaged config.h http://pastebin.com/k9kk7Zff In the vusaged source directory, run make clean, then export LDFLAGS='-ldl', then try to build again. --I did the same compile on Ubuntu 12.04 32bit system, and the error still exists. checking for vauth_getpw in -lvpopmail... no checking for vauth_getall in -lvpopmail
[vchkpw] Re: [SPAM] Re: vusaged compile error
On 12/13/2013 03:04 PM, Eric Shubert wrote: Well, I think I know why my build fails, as I've patched vpopmail to alter the location of the includes and lib directories. /home/vpopmail/etc (or /etc/vpopmail in my case) should have an include_deps and a lib_deps file. What do you have in /home/vpopmail/etc/lib_deps ? The first -L option there should be where your libvpopmail.a resides. HTH. vusaged builds fine for me now. Check your lib_deps file. -- -Eric 'shubes' !DSPAM:52ab8e8a34261660830915!
[vchkpw] Re: [SPAM] Re: vusaged compile error
On 12/13/2013 04:31 PM, Marcello Lupo wrote: Hi, I have all correct I think. /home/vpopmail/etc/lib_deps contains: -L/home/vpopmail/lib -lvpopmail -Xlinker -R -Xlinker /usr/lib/mysql -L/usr/lib/mysql -lmysqlclient -lz -lm -lcrypt So it is correct. If you see in my log: checking for ev.h... yes checking for ev_loop_new in -lev... yes checking vpopmail.h usability... yes checking vpopmail.h presence... yes checking for vpopmail.h... yes checking vauth.h usability... yes checking vauth.h presence... yes checking for vauth.h... yes checking for vauth_getpw in -lvpopmail... no checking for vauth_getall in -lvpopmail... no checking for get_domain_entries in -lvpopmail... no checking for client_query_quick in -lvpopmail... yes configure: error: No vauth_getpw in libvpopmail The line before the error is checking for client_query_quick in -lvpopmail… yes” so the configure found correctly the library. I think we have to focus on the way the check for vauth_getpw is done or x86_64 or ubuntu distribution issue. I tried to do with the default ./configure (without any option) and the result is the same. Thank you for your time. Bye Marcello Sorry I didn't notice that earlier Marcello. You're correct, it is apparently finding a vpopmail library. If you nm libvpopmail.a | less, do you find/see the missing vauth_ functions? I show them under both the libvpopmail_a-vpopmail.o: and libvpopmail_a-vauth.o: sections. If you don't see them then there's a problem with your make of libvpopmail.a, as you suspect. If you do see them, then it appears that your libvpopmail.a isn't being picked up for some reason (the lib_deps file is silently not being found). Which is it? -- -Eric 'shubes' !DSPAM:52abbbf334262138172228!
[vchkpw] Re: [SPAM] Re: vusaged compile error
Have you done as Matt suggested? # make distclean # export LDFLAGS='-ldl' # ./configure make. On 12/12/2013 10:16 AM, Marcello Lupo wrote: Hello, any news on this issue? I have exactly this issue on ubuntu server 12.04 LTS x86_64 . checking for vauth_getpw in -lvpopmail... no checking for vauth_getall in -lvpopmail... no checking for get_domain_entries in -lvpopmail... no checking for client_query_quick in -lvpopmail... yes configure: error: No vauth_getpw in libvpopmail I tried vpopmail version 5.4.32 and 5.4.33 . This are the options: ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --disable-roaming-users \ --enable-onchange-script \ --enable-auth-module=mysql \ --enable-logging=p \ --enable-mysql-limits \ --enable-valias \ --disable-clear-passwd \ --enable-sql-logging \ --enable-auth-logging \ --enable-qmail-newu=/var/qmail/bin/qmail-newu \ --enable-qmail-inject=/var/qmail/bin/qmail-inject \ --enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh I already tried all the solutions suggested in this thread with no success. Thank you all for any help. Bye Marcello Il giorno 05/mar/2013, alle ore 17:55, Remo Mattei r...@italy1.com ha scritto: which version of vpop? On Mar 5, 2013, at 07:45 , Franko Fang dahuananhu1...@163.com wrote: Dear Matt: Matt Brookings matt at inter7.com writes: On 01/24/2011 10:22 AM, Qmail List wrote: Hi, For Vpopmail, i did this. ./configure --enable-logging=v \ make make install-strip Vpopmail config.log http://pastebin.com/5xZT1EiH Vpopmail config.h http://pastebin.com/t6FQzp0U For Vusaged, i did this. ./configure make Vusaged config.log http://pastebin.com/78MsKPjh Vusaged config.h http://pastebin.com/k9kk7Zff In the vusaged source directory, run make clean, then export LDFLAGS='-ldl', then try to build again. --I did the same compile on Ubuntu 12.04 32bit system, and the error still exists. checking for vauth_getpw in -lvpopmail... no checking for vauth_getall in -lvpopmail... no checking for get_domain_entries in -lvpopmail... no checking for client_query_quick in -lvpopmail... yes configure: error: No vauth_getpw in libvpopmail --Any ideas for my issue? Best Regards, Franko Fang -- -Eric 'shubes' !DSPAM:52a9fbdb34268319221288!
[vchkpw] Re: Troubleshooting vdelivermail
I'm curious to know how you made out on this, Bob. On 07/29/2013 09:21 AM, Robert A Wooldridge wrote: I am having trouble with my qmail/vpopmail systems. The default dot-qmail file contains: | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox What's this file's name specifically? It should be: /home/vpopmail/domains/domain/.qmail-default But mail does not get delivered. It just disappears. When I look in the qmail-smtpd log the smtp session appears correctly. When I look in the qmail-send log, it notes a successfully delivery. But nothing is in the user's Maildir/new or Maildir/cur. When I create an explicit dot-qmail file for the user such as: /home/vpopmail/domains/test.domain.com/some.user/Maildir/ This works correctly. But that means I have to creat dot-qmail files for each and every user. Can someone suggest a solution or a reason why the default dot-qmail file does not work? Or a way to troubleshoot vdelivermail? Check permissions? Thanks! -- Bob W. -- -Eric 'shubes' !DSPAM:5294c2bb34262861420032!
[vchkpw] Re: [SPAM] [suggestion] vdelivermail environment changes
On 08/21/2013 05:58 AM, Laurent Bercot wrote: Hello, I am installing vpopmail together with dovecot. Mail must be delivered to /home/vpopmail/domains/domain/user/Maildir, not by vdelivermail itself, but by dovecot-lda (to keep index files updated, among other things). So, I write a /home/vpopmail/domains/domain/user/.qmail file, containing simply | preline -f dovecot-lda as the dovecot instructions say. But it does not work: mail gets delivered to /home/vpopmail/domains/domain/Maildir - which is definitely not what I want if I have more than one user. :) I have investigated and found the source of the problem: when dovecot-lda is run, the virtual user's home directory, contained in the HOME environment variable, is not /home/vpopmail/domains/domain/user as it should be. It is still /home/vpopmail/domains/domain, the value it has when vdelivermail is executed. It makes sense to have HOME=/home/vpopmail/domains/domain when executing vdelivermail, because that's the correct home for the domain-user@domain virtual user from qmail-local's point of view. However, when vdelivermail processes a dot-qmail file itself in /home/vpopmail/domains/domain/user, it knows what the right home for user@domain is, and should adjust HOME accordingly before running other programs in the qmail-command fashion. I am currently modifying HOME myself before executing into dovecot-lda, in the .qmail file, and it's working perfectly. However, it would be cleaner if vdelivermail did this itself. It would also be a lot cleaner if vdelivermail hid the domain-user thing under the rug: once qmail-send has been fooled and control has been given to vdelivermail, the virtualdomains hack is not necessary anymore, and is only confusing to software run in further .qmail files. For instance, a qreceipt instruction in a /home/vpopmail/domains/domain/user/.qmail file currently has to be: | qreceipt $EXT@$HOST But it really should be | qreceipt $USER@$HOST like with system users. Also, specific workarounds have to be enabled to make ezmlm lists work under vpopmail; if vdelivermail was putting the right environment variables back, ezmlm would work out of the box. Please consider this change - along with a new, vpopmail-specific environment variable so vpopmail-aware applications still know that the address is virtual and really handled by vpopmail. Developer bait: with this change, vdelivermail wouldn't have to perform MDA duties itself anymore. If it found a user in the vpasswd database, it could just hand the delivery to qmail-local. :) Thank you, Anything further on this? I'm going to be looking at integrating dovecot-lda in QmailToaster, and would consider making these changes. I need to examine the situation in more detail before committing to this though. FWIW, I've already modified the vpopmail QMT package to: .) build as a non-root user .) create a vpopmail-devel package with includes and libs .) put /include and /lib in their typical locations FWIW2, I'm toying with the idea of making the vpopmail QMT package LSB compliant (which very few packages actually are). Thanks. -- -Eric 'shubes' !DSPAM:5294c4e734262887015494!
[vchkpw] Re: Troubleshooting vdelivermail
Hey Remo. On 11/26/2013 08:58 AM, Remo Mattei wrote: I just want to add a comment here. If you want to use it globally for the domain then I use the .qmail-default otherwise single user is .qmail-username. Or (simply) a file named .qmail in the user's directory, next door to the Maildir/. -- -Eric 'shubes' !DSPAM:5294cb0334267565711084!
[vchkpw] Re: [SPAM] building as non-root user
Hey Johannes, Thanks a lot for this. It got me to thinking in a good way. I decided to take a different tact, and have created patches for vpopmail and (qmail and maybe one or two other packages) which allows them to be built as a non-root user, as well as creating a vpopmail-devel package so that dependent packages (qmail, qmailadmin, dovecot) can be built without needing to have vpopmail itself installed. I also changed vpopmail to put its devel files in the typical locations. This brings these packages more in line with typical best practices. The specs and sources are all on http://github.com/QMailToaster now, you can access them there if you'd like. Thanks again. I look forward to your continued participation in the QMT community. -- -Eric 'shubes' On 10/19/2013 04:18 AM, Johannes Weberhofer wrote: Eric, You can have a look at my repository at https://build.opensuse.org/package/show/home:weberho:qmailtoaster/vpopmail . An additional patch is included. It's necessary to initialize some directories and users first and then do the building. The pre-installation of those packages is done via the package in https://build.opensuse.org/package/show/home:weberho:qmailtoaster/qmail-skel Alexandr has a 5.5 version build here using the same technique: https://build.opensuse.org/package/show/home:aledr/vpopmail Good luck, Johannes Am 19.10.13 08:10, schrieb Eric Shubert: Has anyone any experience building vpopmail as a non-root user? I'm endeavoring to do so for qmail-toaster. Any pointers will be appreciated. TIA. P.S. Wish me luck. ;) !DSPAM:528faf0134261272031908!
[vchkpw] [SPAM] Re: [SPAM] Using Dovecot's LDA / spamc and maildrop support
On 10/01/2013 06:30 PM, Charles Sprickman wrote: Simple question I hope… Some yes, some no. ;) What's the recommendation on the vpopmail side on integrating Dovecot's LDA for final delivery? I'm not aware of any recommendation per se. In the QMail-Toaster community (I am the project leader there FWIW), we've informally implemented dovecot with vpopmail for imap/pop3, but have yet to implement Dovecot's LDA, which will come after formal adoption of Dovecot imap/pop3 in the forthcoming QMT release. So I'm very interested in the best way to replace vdelivermail/maildrop with dovecot's Deliver and Pigeonhole. I'm especially looking forward to implementing server-side message filtering. I've seen various suggestions, including just calling it from the user's .qmail file. In that particular case, it's not at all clear to me how other tools that would touch that file (like qmailadmin) would be taught to not alter the call to dovecot_lda. I imagine it would get munged everytime a user went to setup a vacation message or forward. I imagine you're correct. qmailadmin, vqadmin et al would need to be modified for this. Off hand, I've expected that this will be the method used. It might be more suitable (simpler) though to develop a vdelivermail replacement which would simply pass the message on to Deliver. I really haven't thought about this much. Also I'm in the midst of upgrading from 5.4.10 to 5.4.33. I see that there's new support to have vdelivermail handle the call to spamc for tagging, and also support to have maildrop handle the filtering. A few questions regarding this setup if vpopmail is configured to use spamc and maildrop: QMT was upgraded from 5.4.17 to 5.4.33 not too long ago. It's not using spamc at the delivery stage though. * Is maildrop always doing the final delivery? Afaik, yes. * What's the message flow when a .qmail file is encountered that has a forward? Forwards are handled in the database now. I'm not sure exactly how that works, but I expect that vdelivermail (could be maildrop though) checks the database and forwards accordingly by putting the message back into the queue with a new recipient. Now that I think of it, I wonder how Deliver would handle forwards. Can Deliver handle forwards at all? More specifically, vpopmail-type forwards? * What's the message flow when a .qmail file is encountered that's piping to maildrop (we have a ton of these on the old system, I assume I'd have to find and nuke all of them)? This is the standard mechanism in QMT. I'm guessing that maildrop passes messages on to vdelivermail. I'm not positive about this though. * Does this limit qmailadmin's abilities at all? qmailadmin pretty much controls the .qmail files (again, ttbomk). On a side note, I am aware that there's a bug in qmailadmin where if the name is changed, a 2nd delivery record is created in the .qmail file causing duplicate deliveries. It'd be nice to get this fixed at some point. I imagine that there might be a few other bugs in there which need fixing. I imagine that vqadmin may touch these as well, but I'm not really familiar with vqadmin (it was a bit broken on QMT until we upgraded to 5.4.33). * If using valias, do we filter a message before forwarding offsite? I don't know anything about this off hand. Hoping the list is still alive, didn't even realize I'm still subscribed here! Yeah, barely. ;) You might want to consider joining us on the QMT list. Lots of friendly help there. :) Good luck Charles, and please let us know about your endeavors with Deliver. -- -Eric 'shubes' !DSPAM:524c18fb34284707794799!
[vchkpw] Re: [SPAM] odd problem after OS upgrade
On 06/21/2013 08:54 PM, Jeremy Kister wrote: I have qmail 1.03 with several patches including qmail-smtpd-auth-0.4.3 and vpopmail 5.4.33. After upgrading Debian 6 - 7, I broke SMTP-AUTH *only* when using stunnel for SSL. When trying to auth over stunnel4, i see: 454 oops, problem with child and I can't auth (#4.3.0) syslog shows: Jun 21 23:19:29 s4 vpopmail[3080]: vchkpw-smtps: (PLAIN) login success u...@example.com:10.36.87.4 using smtp-auth on port 25 or 587 works fine. /service/qmail-smtpd-ssl/run: http://jeremy.kister.net/tmp/auth/qmail-smtpd-ssl-run /usr/local/etc/stunnel/smtps.conf: http://jeremy.kister.net/tmp/auth/smtps.conf i modified smtps.conf to use strace like: exec = /usr/bin/strace execargs = /usr/bin/strace -ff -o /tmp/vchkpw.dump /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true the dumps are at: http://jeremy.kister.net/tmp/auth/strace/ i tried increasing just removing softlimit. i tried recompiling/reinstalling vpopmail I dont think the problem is with stunnel since the SSL layer is working fine. I'm out of ideas. More eyes please ? It seems peculiar to me that the log shows login success, but the oops message says it can't auth. I'm not very familiar with the inner workings of vpopmail though. Have you found where in the code the oops messages is being issued? -- -Eric 'shubes' !DSPAM:51c5b3d734139722810834!
[vchkpw] Re: [SPAM] Re: [vchkpw] [SPAM] Error: Unable to chdir to vpopmail/domains/domain directory
On 05/16/2013 06:51 AM, swaroop kumar wrote: I resolved it by adding www-data to vchkpw group and changed owner and group of the apache files to vpopmail:vchkpw earlier it was www-data was owner and group. Now i am facing new error could not update file. This bit is solved in qmail-toaster by the following permissions: [root@tacs-mail qmailadmin]# ls -l /usr/share/qmailadmin total 200 drwxr-xr-x 2 root root 4096 Feb 21 10:58 html drwxr-xr-x 3 apache apache 4096 Feb 21 10:58 images lrwxrwxrwx 1 vpopmail vchkpw 10 Feb 21 10:58 index.cgi - qmailadmin drwxr-xr-x 2 root root 4096 Feb 21 10:58 lang -rwsr-sr-x 1 vpopmail vchkpw 184860 Feb 21 10:56 qmailadmin [root@tacs-mail qmailadmin]# Note the sticky bit. HTH. -- -Eric 'shubes' !DSPAM:5194f58334121759474663!
[vchkpw] Re: [SPAM] Error: Unable to chdir to vpopmail/domains/domain directory
https://wiki.qmailtoaster.com has a lot of users and a nice community. You should be able to have a qmail server up and running in just a couple hours. Unfortunately, we haven't ported to debian yet, although I believe there is a person or two who have done this. You'd need to check the email list archives, or ask on the list. Disclaimer: I'm the lead on the project. ;) FWIW. -- -Eric 'shubes' On 05/16/2013 07:58 AM, Remo Mattei wrote: I agree with that! It used to be a good point, then the best one was from Bill but that was taken down ;). I would suggest to look at qmail.org http://qmail.org or at this url http://notes.sagredo.eu Bye, Remo On May 16, 2013, at 06:49 , Ron Herzing ron.herz...@gmail.com mailto:ron.herz...@gmail.com wrote: I word of caution. Qmailrocks is not a good way to learn how to install Qmail. On Thu, May 16, 2013 at 7:14 AM, swaroop kumar swaroopk...@gmail.com mailto:swaroopk...@gmail.com wrote: Hi All, I am switching my mail server from sendmail to qmail, currently installing qmail in debian and i am following this link http://qmailrocks.thibs.com/ I Have a problem in creating domains using vpopmail, below is the error thrown when i am trying to create a domain. Unable to chdir to vpopmail/domains/domain directory Can any one suggest me to overcome this, quick response is highly appreciated. Thanks in Advance. Regards, Swaroop Kundeti -- Ron Herzing ron.herz...@gmail.com mailto:ron.herz...@gmail.com !DSPAM:5194f74f34121751172100!
[vchkpw] Re: [SPAM] Error: Unable to chdir to vpopmail/domains/domain directory
Hey Thibault, I'm wondering if you'd like to head up a debian release for qmail-toaster. We'd love to have you as part of the community. I hope to be spending more time on the project in the near future, moving the sources to github, and using the opensuse build service to build binary packages. The project has historically only worked with rpm based distros, but I'd love to have debs available as well. If you're interested please join us on the qmailtoaster-de...@qmailtoaster.com list. You can subscribe the ezmlm way, or access it via gmane.org. In any case, thanks for your work with qmail on debian. I'm sure it will be helpful regardless. -- -Eric 'shubes' On 05/16/2013 10:03 AM, Thibault Richard wrote: You’re right ... and this guide is indeed using old-fashioned software. As Debian has just released last week-end a new version, I’m currently working on a new installation guide with Dovecot *From:* Remo Mattei mailto:r...@italy1.com *Sent:* Thursday, May 16, 2013 6:51 PM *To:* vchkpw@inter7.com mailto:vchkpw@inter7.com *Subject:* Re: [vchkpw] [SPAM] Error: Unable to chdir to vpopmail/domains/domain directory HI Thibs, looks nice but you are still running courier ops!! So maybe it's a new project for you to update to dovecot faster and supported better than courier now. Just my 2 cents, Remo On May 16, 2013, at 08:54 , Thibault Richard th...@thibs.com mailto:th...@thibs.com wrote: My way of doing (I’m the author of http://qmailrocks.thibs.com http://qmailrocks.thibs.com/) is not so bad wlEmoticon-winkingsmile[1].png *From:* Ron Herzing mailto:ron.herz...@gmail.com *Sent:* Thursday, May 16, 2013 3:49 PM *To:* vchkpw@inter7.com mailto:vchkpw@inter7.com *Subject:* Re: [vchkpw] [SPAM] Error: Unable to chdir to vpopmail/domains/domain directory I word of caution. Qmailrocks is not a good way to learn how to install Qmail. On Thu, May 16, 2013 at 7:14 AM, swaroop kumar swaroopk...@gmail.com mailto:swaroopk...@gmail.com wrote: Hi All, I am switching my mail server from sendmail to qmail, currently installing qmail in debian and i am following this link http://qmailrocks.thibs.com/ I Have a problem in creating domains using vpopmail, below is the error thrown when i am trying to create a domain. Unable to chdir to vpopmail/domains/domain directory Can any one suggest me to overcome this, quick response is highly appreciated. Thanks in Advance. Regards, Swaroop Kundeti -- Ron Herzing ron.herz...@gmail.com mailto:ron.herz...@gmail.com !DSPAM:519532a034123111819093!
[vchkpw] Re: LDAP module documentation
On 04/15/2013 06:42 AM, Russell Sutherland wrote: Is there a recent/up to date document describing how one uses the LDAP module backend for authentication? I assume it is called via the vchkpw interface. I have re-compiled vpopmail with the --enable-auth-module=ldap option. I am using vpopmail ver. 5.4.33 Thanks in advance. -- TTBOMK, ldap support has had a lot of work done to it in v5.5.x. Last I knew (which has been many months ago), Matt was still working on finalizing the ldap schema for 5.5.x, but that was all that was left to be done. He may or may not have completed that work. I plan to give vpopmail ldap support a go at some point, but I wouldn't bother trying it with 5.4.33. I plan to use the 5.5 branch. I'd like to hear from Matt to confirm that I have this correct. I'd also appreciate hearing about your progress here on this list, if you'd care to keep us posted. Thanks. -- -Eric 'shubes' !DSPAM:516c86cc34148454267027!
[vchkpw] Re: [SPAM] lastauth troubles, old version
On 04/11/2013 03:10 PM, Charles Sprickman wrote: On Apr 11, 2013, at 5:02 PM, Tom Collins wrote: Charles, QmailAdmin will update lastauth (as least the file in the user's directory) as well. I know that on my current system, pop3 and pop3s update the file (using qmail's POP server) but IMAP does not (using dovecot). Interesting. Most of our users don't know about qmailadmin - they do password changes and spam settings inside our webmail. I also just tried logging into qmailadmin with a test account, and still no lastauth entry. Odd how random this seems. I noticed that even the users that have ended up with lastauth entries are only getting some of their logins updated - for example, I might see someone with a lastauth timestamp of 4:30, but then see a dozen or more logins after that in the mail log. I've enabled more logging in authdaemond (which I assume through the vchkpw module is where the last auth logging should be taking place), but I don't see anything particularly odd: Apr 11 18:08:16 xena pop3d-ssl: Connection, ip=[x.x.x.x] Apr 11 18:08:16 xena authdaemond: received auth request, service=imap, authtype=login Apr 11 18:08:16 xena authdaemond: authvchkpw: trying this module Apr 11 18:08:16 xena authdaemond: authvchkpw: sysusername=null, sysuserid=90, sysgroupid=90, homedir=/home/vpopmail/domains/bway.net/2/, address=x...@bway.net, fullname= '', maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 11 18:08:16 xena authdaemond: password matches successfully Not having much luck finding a vpopmail changelog that dates back to 5.4.7. :) Charles -Tom On Apr 11, 2013, at 1:47 PM, Charles Sprickman wrote: It's been some time since I've had to dig into any vpopmail issues as we have a box that's been frozen in time for years. It's quite the frankenbox at this point and I'll be having to get myself up to speed in the coming months to deal with a move to new hardware, moving to dovecot from courier, and fronting the whole qmail mess with postfix. So I decided to start small and verify I can still rebuild the current vpopmail version we run (5.4.7) in a VM and alter a few options. I opted to enable the last login function. It was turned off long ago to alleviate some db load, but that's no longer an issue for us. I've rebuilt 5.4.7 with --enable-auth-logging but I'm not seeing all logins show up in the lastauth table. We use courier (4.0.6) and authdaemond (0.58) with vpopmail auth enabled. In my testing, I tried a pop3, pop3s, imap, and imaps login and found no errors logged and no logins show up in the lastauth table. To complicate matters, I do see a handful of users showing up in the table, but I can't find any common criteria here - some of these users are pop, some are imap. I feel like I've probably forgotten some piece of this puzzle, any hints? How can I debug why the logins are not being logged? Thanks, Charles Have you considered migrating to qmail-toaster? That should be a pretty straight forward migration (qmailtoaster-plus includes backup and restore scripts that are useful for migrating). There are a few vpopmail database changes between 5.4.7 and 5.4.33, but that shouldn't be very difficult do. The qtp-convert script handles the changes from 5.4.17 to 5.4.33. While dovecot will be replacing courier as the stock IMAP service in the near future, there are instructions on the wiki for doing this conversion: http://wiki.qmailtoaster.com/index.php/Replacing_Courier_IMAP_with_Dovecot_IMAP With the addition of spamdyke (qtp-install-spamdyke), you may find yourself not needing to front-end your new qmail with postfix. Spamdyke is a highly effective and extremely efficient anti-spam tool. It eliminates 90+% of spam without even receiving the whole message. It's truely amazing, and will lighten the load on your mail server as well. Unfortunately spamdyke is only available with the qmail mta at this time (not postfix or exim). If I had to pick one of spamdyke or spamassassin, I'd pick spamdyke. Fortunately though, with QMT you can use both. :) I should add that many people use QMT as a front-end to Exchange. No surprise there really though. HTH. Disclaimer: I'm the project lead for QMT, so I might be biased. ;) -- -Eric 'shubes' !DSPAM:5168024e34141462916438!
[vchkpw] Re: [SPAM] Re: [vchkpw] Unable to change bounce processing with qmailadmin
On 01/22/2013 11:25 AM, Tom Collins wrote: Eric, I'm not sure what's happening there, but I seem to recall making a change at least in my own copy of QmailAdmin to disable users' ability to change catchall status. In this day and age of dictionary spam, I can't see using anything other than bounce-no-mailbox. Deleting mail just consumes resources by accepting mail for any address (and doesn't let legitimate senders know that their mail wasn't received). Having a catchall seemed like insanity 5 years ago, and I can't imagine it being any better now. It's actually not a bad thing if you're running spamdyke. Spamdyke catches 90+% of spam without even receiving the message. While I probably wouldn't use a catchall account with a large domain, with small domains it's nice to be able to catch misaddressed mail. A little forgiveness is a good thing. ;) Also, I typically use made-up addresses to give to many places that ask for my email address. For instance, if I'm at some store and they want my email address, I'll give them somest...@shubes.net as my address. That way, I can easily tell who I gave the address to. If it's somewhere that I want to continue to receive email from, I'll set up a forward for it (using catchall in the meantime). Otherwise, or in the event that the somestore address becomes spammy, I can blacklist it, either with badmailto or spamdyke. I know that doesn't help with your current situation, but you might be able to search the qmailadmin list archives for posts about disabling that feature, or I can try to go through my modified 1.2.12 source to see what I've done to it. I've had a look at the code, and found that the config.h file, which defines CATCHALL_ENABLED, is not being included in the command.c file. I'm not sure when or why that got dropped, but it effectively removed the commands associated with catchall processing along with it. I've added an include for config.h to command.c, and that has fixed the problem. Hey Matt, what's the story here? Can the command.c source be fixed up? I expect it wouldn't hurt to have the code for catchall included all the time in command.c, regardless if catchall is enabled or not. It might be just as well to remove the #ifdef CATCHALL_ENABLED as opposed to including the config.h just for that. Either way, what are the chances of getting this fixed in the next version? Thanks. -- -Eric 'shubes' On Jan 22, 2013, at 7:47 AM, Eric Shubert wrote: The qmailadmin list is getting spammed, so I thought I'd post this here as well. I'm running qmailadmin 1.2.16 (with vpopmail 5.4.33), and when I click on an account's catchall button or otherwise attempt to change the catchall status for the domain, it simply returns a blank page without having changed anything. The url appears to be properly formatted, and I see what appears to be a normal message in the apache access log. I'm running QmailToaster on several hosts, and they all have this problem. Will someone be so kind as to tell me how I might troubleshoot this? TIA. -- -Eric 'shubes' !DSPAM:5126474534141723914009!
[vchkpw] Re: Fwd: trouble with mail is looping spam
I've been seeing several of these lately as well. The problem is that there's a Delivered To: header coming in (before it's actually delivered anywhere), so qmail-send thinks it's already delivered and is in a loop, creates a bounce message, which double-bounces back. At that point, I simply have my mail filter delete them. I talked with Sam C of spamdyke fame about it, and it appears that a filter could be added to spamdyke to catch these (compare Delivered To: header to recipients). No commitment though when that might be available. -- -Eric 'shubes' On 11/04/2012 10:54 AM, Joe @ 3ZZZ wrote: dammit, one more try without ny lizards domain... with apologies for the numerous resends, and thanks. - Forwarded message from j...@3zzz.net - I realized this probably didn't get through due to the spammy domains in the example, so resending an edited version. tyvmia - Forwarded message from j...@3zzz.net - Hi, This is on a server with netqmail-1.06 qmailadmin-1.2.15 vpopmail - 5.4.30 Recently I began noticing many bounce-backs triggered from spam to non-existent addresses on domains with catch-all set to deleted, and in the message it says mail is looping. Example pasted below. I'm unable to recreate this by sending to these addresses myself, maybe it's the way the To addresses are formatted by the spammers? They don't seem to be abusing the bounce-back (yet) but they're coming in pretty often, more than once a minute, and it's generating a lot of junk. Haven't yet been able to figure out why it's happening or how to stop it from bouncing. Would greatly appreciate suggestions, thank you. :: /var/qmail/queue/mess/7/786699 :: Received: (qmail 4726 invoked for bounce); 31 Oct 2012 14:49:21 - Date: 31 Oct 2012 14:49:21 - From: MAILER-DAEMON@[***REDACTED***].com To: christianmingle.com.dating.of...@spam.info Subject: failure notice Hi. This is the qmail-send program at [***REDACTED***].com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. erin@[***REDACTED***].com: mail is looping --- Below this line is a copy of the message. Return-Path: christianmingle.com.dating.of...@spam.info Received: (qmail 4722 invoked by uid 89); 31 Oct 2012 14:49:21 - Received: from unknown (HELO norgazdata.com) (176.223.172.3) by [***REDACTED***].com with SMTP; 31 Oct 2012 14:49:21 - Delivered-To: erin@[***REDACTED***].com Received: by 10.223.118.17 with SMTP id t17cs125410faq; Wed, 31 Oct 2012 07:49:25 -0700 Received: by 10.216.220.142 with SMTP id o14mr2820421wep.61.1316443187605; Wed, 31 Oct 2012 07:49:25 -0700 Return-Path: christianmingle.com.dating.of...@spam.info From: ChristianMingle.com Dating Offer christianmingle.com.dating.of...@spam.info Content-Type: multipart/alternative; boundary=Apple-Mail-3-110609711 Subject: Connect with local Christian Singles in our online community Date: Wed, 31 Oct 2012 07:49:25 -0700 Message-Id: 15b9b82c-dd58-5752-4ab9-20c6a70c7...@spam.info To: erin@[***REDACTED***].com Mime-Version: 1.0 (Apple Message framework v1084) X-Mailer: Apple Mail (2.1084) X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - SPAM.info X-AntiAbuse: Original Domain - yahoo.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - SPAM.info --Apple-Mail-3-110609711 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=us-ascii Most recently, it has become common for online dating websites to provide webcam chats between members. In [snip] EOM - End forwarded message - - End forwarded message - !DSPAM:509682d733997415513824! !DSPAM:5096bde133991166112062!
[vchkpw] Re: 5.4.33 marked stable
On 10/25/2012 08:59 AM, Alessio Cecchi wrote:
Il 24/10/2012 20:39, Matt Brookings ha scritto:
On 10/24/2012 09:10 AM, Alessio Cecchi wrote:
Il 23/10/2012 23:33, Matt Brookings ha scritto:
I have marked 5.4.33 stable, and also have created a new development
version 5.4.34 with some new
patches I'll adding or evaluating.
Thanks Matt,
For 5.4.34 I would like to have vdelivermail works directly with
dovecot-lda.
If necessary I can provide information about setup dovecot 2.1 and lda.
Sure. Pass along any information you have. I have a few other
patches related to Dovecot I want to
add into 5.4.34.
Okay,
I see two possibilities for pass the email to dovecot-lda via
vdelivermail, one is without (dovecot) lookup, you can set HOME, before
run dovecot-lda, to vpopmail's users home:
| HOME=/home/vpopmail/domains/mydomain.com/user/
/usr/libexec/dovecot/deliver
here is an example from Rick Romero:
http://www.mail-archive.com/vchkpw@inter7.com/msg28209.html
this is very simple but have some limits beacuse dovecot don't knows for
who is the email but only where to store.
Another way is to pass to dovecot-lda destination username like this:
| /usr/libexec/dovecot/deliver -d $EXT@$HOST
so dovecot can lookup, via vpopmail native driver, where is the home for
$EXT@$HOST. Also with -d dovecot can update for example, dict quota,
expire plugin and so on.
Now I'm testing this solution with a trick, build vpopmail with maildrop
support, create an /etc/maildroprc like this:
import EXT
import HOST
`test -r /usr/local/dovecot-2.1/libexec/dovecot/deliver`
if ( $RETURNCODE == 0)
{
log === delivery via D-LDA for $EXT@$HOST ===
to | /usr/local/dovecot-2.1/libexec/dovecot/deliver -d
$EXT@$HOST
}
so vdelivermail call maildrop which pass the email to dovecot-lda, after
a month of testing on a thousand users I can say that it works.
I have find only one issue, when new email arrives and is for a domain
alias user, dovecot create a new entry for dict quota related to a new
users instead of update the entry for the real user, but this is a minor
problem, delivery and maildirsize update are ok.
I like this option:
| /usr/libexec/dovecot/deliver -d $EXT@$HOST
I'm hoping to discontinue maildrop altogether, and use Pigeonhole/sieve
in its place.
--
-Eric 'shubes'
!DSPAM:5089dd1e34177817018470!
[vchkpw] Re: 5.4.33 marked stable
On 10/24/2012 07:10 AM, Alessio Cecchi wrote: Il 23/10/2012 23:33, Matt Brookings ha scritto: I have marked 5.4.33 stable, and also have created a new development version 5.4.34 with some new patches I'll adding or evaluating. Thanks Matt, For 5.4.34 I would like to have vdelivermail works directly with dovecot-lda. If necessary I can provide information about setup dovecot 2.1 and lda. +1 (for the QMT community) -- -Eric 'shubes' !DSPAM:5088358a34171061114641!
[vchkpw] Re: [SPAM] How to fix wrong values in dom_89 row
On 10/16/2012 08:36 AM, Alessio Cecchi wrote: Hi, after some bad migration my vpopmail dir_control table have some problems and need to be fixed but I don't know how. I'm hosting, on this installation, 1000 domains so the cur_users value should be 1000, right? mysql select * from dir_control where domain='dom_89'; ++---+---+---+--+--+--+++++++--+--+--+-+ | domain | cur_users | level_cur | level_max | level_start0 | level_start1 | level_start2 | level_end0 | level_end1 | level_end2 | level_mod0 | level_mod1 | level_mod2 | level_index0 | level_index1 | level_index2 | the_dir | ++---+---+---+--+--+--+++++++--+--+--+-+ | dom_89 | 189 | 1 | 0 |0 | 0 |0 | 0 | 0 | 0 | 0 | 0 | 0 |0 |0 |0 | 0/ | ++---+---+---+--+--+--+++++++--+--+--+-+ 1 row in set (0.00 sec) view as CSV: dom_89;189;1;0;0;0;0;0;0;0;0;0;0;0;0;0;0/ Moreover, why the_dir is set to 0/? Can some vpopmail's tool rebuild this data? Or where I can found information about each fields and correct lines by hand? Thanks What are the config options you used to build vpopmail? -- -Eric 'shubes' -- -Eric 'shubes' !DSPAM:507dd39834173130570972!
[vchkpw] Re: New server
On 08/20/2012 05:26 AM, Allan Dukat wrote: I use Ubuntu Server for this project, as for most others in the company, and I want to have as much control of the application as possible, and I want to migrate to the new server whith as few changes as possible, so I concluded that the best way was to follow the procedure i used for the current production server, which was inspired by http://www.lifewithqmail.org/ QMT is a descendant of lifewithqmail as well. QMT is an offshoot of qmailrocks, which is an offshoot of LWQ. So they have strong similarities, although LWQ and QMR are no longer active projects TTBOMK. Unfortunately, QMT hasn't been ported to .deb based systems yet (rpm platforms only). We hope to do this in the future though, as we're in the process of moving sources to Github, and plan to build binary packages using the openSUSE Build Service, which will allow us to build binaries for all the major linux distros. We presently have a repository with 9 mirrors world wide provided by community members. QMT has grown into a strong community project, and we welcome whoever would like to participate. People with qmail and debian based experience will be especially welcomed additions to the community at some point. Like I said though, we're not yet ready to be cranking out debian builds. When we are though, I'll try to remember to look you up. Thanks Allan. -- -Eric 'shubes' !DSPAM:50324d7634216231611940!
[vchkpw] Re: New server
On 08/20/2012 08:04 AM, Thibault Richard wrote: Hello, QMT is a descendant of lifewithqmail as well. QMT is an offshoot of qmailrocks, which is an offshoot of LWQ. So they have strong similarities, although LWQ and QMR are no longer active projects TTBOMK. QMR is not totally dead. 3 years ago, I've created the site http://qmailrocks.thibs.com/ largely inspired by QMR but only with instructions about Debian Friendly Regards Thibault I'm glad to know that Thibault. I'm sure that your site will be an invaluable reference as QMT includes .deb. Would you care to join us at QMT? We have a developers list that's low noise which I'd be glad to see you join. Thanks. -- -Eric 'shubes' !DSPAM:5032673d34215775113463!
[vchkpw] Re: New server
On 08/17/2012 10:33 AM, Allan Dukat wrote: Hi everyone I am about to migrate to a new netqmail-1.06 + chkuser-2.0.9release + dovecot-2.1.9 + ezmlm-idx-7.1.1 + httpd-2.4.2 + qmailadmin-1.2.16 + sqwebmail-5.5.3 + vpopmail-5.4.33 + vqadmin-2.3.7-server, which I have compiled, and is now testing. On my current server I am using the netqmail-1.05-validrcptto.cdb.patch but I have decided to switch to chkuser.patch, so chkuser is new to me. I have trouble making chkuser behave as desired: When I send a mail to apa...@domain.dk, which is present in /etc/passwd, I want chkuser to reject the mail at smtp-level, but it is accepted as seen here: /var/log/qmail/smtpd/current: @4000502e3f3009a4be0c CHKUSER accepted sender: from allan.du...@otherdomain.dk:: remote :mail3.otherdomail.dk rcpt : sender accepted @4000502e3f3009a60244 CHKUSER accepted rcpt: from allan.du...@otherdomain.dk:: remote :mail3.otherdomail.dk rcpt apa...@domain.dk : found existing recipient /var/log/mail.log: Aug 17 14:55:02 jmail qmail: 1345208102.166587 new msg 1573938 Aug 17 14:55:02 jmail qmail: 1345208102.166746 info msg 1573938: bytes 1532 from allan.du...@otherdomain.dk qp 1679 uid 1002 Aug 17 14:55:02 jmail qmail: 1345208102.168480 starting delivery 11: msg 1573938 to local apa...@domain.dk Aug 17 14:55:02 jmail qmail: 1345208102.168563 status: local 1/10 remote 0/20 Aug 17 14:55:02 jmail qmail: 1345208102.171362 delivery 11: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ Aug 17 14:55:02 jmail qmail: 1345208102.171569 status: local 0/10 remote 0/20 Aug 17 14:55:02 jmail qmail: 1345208102.177127 bounce msg 1573938 qp 1682 Aug 17 14:55:02 jmail qmail: 1345208102.177233 end msg 1573938 $ grep ^# chkuser_settings.h #define CHKUSER_VPOPMAIL #define CHKUSER_DOMAIN_WANTED #define CHKUSER_ENABLE_USERS #define CHKUSER_ENABLE_ALIAS #define CHKUSER_EZMLM_DASH '-' #define CHKUSER_BOUNCE_STRING bounce-no-mailbox #define CHKUSER_ENABLE_LOGGING #define CHKUSER_LOG_VALID_RCPT #define CHKUSER_MIN_DOMAIN_LEN 4 #define CHKUSER_LOG_VALID_SENDER #define CHKUSER_RCPT_LIMIT_VARIABLE CHKUSER_RCPTLIMIT #define CHKUSER_WRONGRCPT_LIMIT_VARIABLE CHKUSER_WRONGRCPTLIMIT #define CHKUSER_MBXQUOTA_VARIABLE CHKUSER_MBXQUOTA #define CHKUSER_ERROR_DELAY 1000 #define CHKUSER_RCPT_DELAY_ANYERROR #define CHKUSER_SENDER_DELAY_ANYERROR #define CHKUSER_ENABLE_EZMLM_LISTS #define CHKUSER_IDENTIFY_REMOTE_VARIABLE CHKUSER_IDENTIFY #define CHKUSER_USERS_DASH '-' #define CHKUSER_MAILMAN_STRING mailman #define CHKUSER_MAILMAN_DASH '-' #define CHKUSER_DB_CLEANUP #define CHKUSER_ERROR_DELAY_INCREASE 300 #define CHKUSER_NORCPT_STRING 550 5.1.1 sorry, no mailbox here by that name (chkuser)\r\n #define CHKUSER_RESOURCE_STRING 451 4.3.0 system temporary unavailable, try again later (chkuser)\r\n #define CHKUSER_MBXFULL_STRING 552 5.2.2 sorry, recipient mailbox is full (chkuser)\r\n #define CHKUSER_MAXRCPT_STRING 550 5.5.3 sorry, reached maximum number of recipients allowed in one session (chkuser)\r\n #define CHKUSER_MAXWRONGRCPT_STRING 550 5.5.3 sorry, you are violating our security policies (chkuser)\r\n #define CHKUSER_DOMAINMISSING_STRING 550 5.1.2 sorry, you must specify a domain (chkuser)\r\n #define CHKUSER_RCPTFORMAT_STRING 553 5.1.3 sorry, mailbox syntax not allowed (chkuser)\r\n #define CHKUSER_RCPTMX_STRING 550 5.1.2 sorry, can't find a valid MX for rcpt domain (chkuser)\r\n #define CHKUSER_SENDERFORMAT_STRING 553 5.1.7 sorry, mailbox syntax not allowed (chkuser)\r\n #define CHKUSER_SENDERMX_STRING 550 5.1.8 sorry, can't find a valid MX for sender domain (chkuser)\r\n #define CHKUSER_INTRUSIONTHRESHOLD_STRING 550 5.7.1 sorry, you are violating our security policies (chkuser)\r\n #define CHKUSER_NORELAY_STRING 553 5.7.1 sorry, that domain isn't in my list of allowed rcpthosts (chkuser)\r\n #define CHKUSER_RCPTMX_TMP_STRING 451 4.4.0 DNS temporary failure (chkuser)\r\n #define CHKUSER_SENDERMX_TMP_STRING 451 4.4.0 DNS temporary failure (chkuser)\r\n #define CHKUSER_MUSTAUTH_STRING 530 5.7.0 Authentication required (chkuser)\r\n #define CHKUSER_ENABLE_DOUBLEBOUNCE_VARIABLE CHKUSER_DOUBLEBOUNCE I have googled for an hour, and not found anything relevant, so please help. Thanks in advance Kind regards Allan Dukat Hey Allan. I don't know the answer to your situation off hand. It's interesting though that chkuser would find local users, with no apparent way of disabling that check. Perhaps there's something in the hosts configuration that would defeat this. The Features page (http://opensource.interazioni.it/qmail/chkuser/features.html) doesn't appear to mention checking local user accounts at all. Tonino (chkuser author) does hang around here, and I expect will chime in on this. If you're want wanting an answer sooner, you should use the source, Luke. ;) The server you've built is fairly close to a qmail-toaster (http://wiki.qmailtoaster.com). As the project leader there, I'm curious to know why you didn't choose to go that route. We aim to make QMT
[vchkpw] Hashed domain directories - options
Hey Matt, A QMT user recently had a few problems with their dir_control values (mysql), which got me to thinking about the directory hashing. QMT uses the --disable-users-big-dir configure option, so user directories are never hashed. (BTW, this option also appears to allow single-digit user names, which I haven't seen documented anywhere except in the change log). So hashed user directories don't exist in QMT. I was thinking that it'd be nice to have a --disable-domains-big-dir option as well, which would keep domains from being hashed. From the looks of the code involved with --disable-users-big-dir, I'm guessing that it wouldn't take much to code the option for domains. Then I thought a little more about it. What if the #define MAX_USERS_PER_LEVEL 100 value that's in the vauth.h file was a field in the dir_control record? That would allow admins to control the behavior of hashing, setting it according to their particular environment, without needing to rebuild with a different config option. There'd be no additional i/o involved, because the dir_control record is already fetched. In an ext3 environment, it could be set (by the admin) to 3 (ext3 supports 32000 subdirectories), and with ext4 it could be set to 6 (ext4 supports 64000). These settings would for the most part disable hashed directories, while still allowing hashes should the filesystem limits be approached. Of course, a default value in dir_control could still be 100, which would maintain former behavior. If this were done, the --disable-users-big-dir option should probably be changed to --allow-single-digit-users as well. ;) Please let me know what the prospects of such changes are. If it doesn't look like anything that might ever happen in this area, I just may patch the vauth.h file to be 3 and call it done. Thanks for your consideration. -- -Eric 'shubes' !DSPAM:5023131e34211160355790!
[vchkpw] Re: [SPAM] anti-OSX [was: qmail+vpopmail upgrade questions]
On 08/07/2012 12:20 AM, Kurt Bigler wrote: Thanks, and to Matt also. On 8/3/12 11:18 AM, Eric Shubert e...@shubes.net wrote: * I think Windows sucks bad, and I like UNIX only without a UI. I'm very good in vi. But for running my server this time I'd like to try a UI for a for vanilla file management and such, and I don't think I want it to be either Gnome or KDE, because I've never liked them enough to try to learn them. I won't mention X-Windows. Apple Remote Desktop has some problems but they seem not bad for a server without its own display, and I can always use a different remote desktop if needed. If you're only looking for file management in a UI, I'd try a text based one such as Vifm or Midnight Commander, as opposed to a GUI. What I want from file management is essentially GUI. I can tolerate text interfaces in the terminal, but it is harder to swallow as a cheap gui imitation. It is still a gui in essence even if it is text-based, if it provides a view of the filesystem that does not require typing a command to get a directory listing. So I just prefer a GUI, and among GUI's I don't really even like to look at Windows Explorer, much less Midnight Commander. I can adjust to anything, and maybe it is worth that adjustment if a GUI is just too expensive in terms of connection bandwidth, but it is not the experiment I had in mind to try next. Basically, the whole point is to use the Mac Finder, which in spite of being broken to hell by Apple, is still better than any Windows or unix file management GUI I have seen so far. (It worked really well in OS 9 and actually Apple has never fixed it since, so it is crippled in 10 or so ways that are regularly annoying.) Sometimes I am visual and in a visual environment I basically relax. Using a terminal I am not relaxed, even if I am somewhat efficient. In that case, you could install netatalk on your virtual email server, and connect to the host with finder using native methods. You should set up a host only (virtual) nic/subnet on the mail server for this access (network file sharing via netatalk), but that wouldn't be a problem. and also really don't want multiple IP's, and suspect sharing a single IP with host and mail VM would be problematic. There's no problem with this. Virtualization software can provide NAT for the VM's nic(s). Ok, I had Parallels NAT break host functionality on the LAN once, which made me nervous. (I could not print over the LAND as long as Parallels NAT was enabled on that Mac.) I have also never put a real server behind a NAT before, so wasn't sure about it. Parallels had some problems in the early going. I seem to remember hearing that they've fixed things up, but I'd verify that before using it. I've had no problems with Fusion. It should be no surprise that the server industry (if there is such a thing) has made big moves toward virtualization for nearly a decade now. Yes. I would love it if I could just download a working qmail+vpopmail VM appliance. Maybe you could work on that? :) There is one available. :) http://techyguru.com/ It's in standard OVF format. Should work on Fusion. Not sure about Parallels. But if the whole idea doesn't work maybe I will just install some linux on my Mac mini. But in that case I suppose I could put the whole thing in a linux VM under MacOSX and run SoftRAID in the Mac host. That's what I'd do. You could use Fusion or Parallels. I have the impression Fusion is more lightweight, but that's vague since I never used it. Parallels is what I've been using at home and I have to say it seem a bit heavy, maybe overkill for a mail server that only needs a disk and a nic. Here's the other thing: Bernstein I think used to say not to ever use qmail over NFS, and I'm not sure of the implications of that, or whether it is true. I think DJB was probably referring to the queues specifically. He does some low level (inode) things with those. I run the Maildirs across NFS with no problems. But I'd rather not dedicate a disk for the qmail VM, The VM will have its own virtual disk, which will be a file that resides on the Mac's native filesystem, which sits on SoftRAID. You could choose to put your Maildirs on the native filesystem if you'd like, and NFS share them back to the VM. Not much point in that really though, unless you want them there to be easier to back up. (Remember, RAID is *not* a backup). and in fact would like the web sever (or at least sqwebmail) to have access to the qmail directory hierarchy. sqwebmail will have access to the mail via IMAP (courier or dovecot). QMT provides full IMAP support. It includes SquirrelMail web server, but you probably wouldn't want to use that. So I'd want to use the host file sharing provided by Parallels or Fusion, and perhaps that does not raise the problems that NFS would raise. I typically steer clear of host file sharing, and use NFS where needed. Better the devil you know
[vchkpw] Re: [SPAM] anti-OSX [was: qmail+vpopmail upgrade questions]
On 08/03/2012 03:52 AM, Kurt Bigler wrote: Geez, people are always so opinionatedly curious. Does it every occur to anyone that some people are different than other people, and that that, as well as technical issues can actually influence choices? I don't pretend to be purely rational. Have you all tried using OSX for a server? Or do you just know thing about it? I've worked on Xserves as recently as a year ago. To be honest, I was considering putting Linux on them, as Apple has discontinued the Xserve (and thus OSX development on them). Not a bad piece of gear though, as most Apple stuff is. I'm not bent on it, but I'd like to try it, and believe I can afford to, since I have various outs if it doesn't work. There are some because things that I can list here, but my point might be better made if you considered these secondary to the desire to try things. If you simply want to try to do it, more power to you. I don't know of any reason why you couldn't port QMT to it. (IOW, build your own QMT that would run on it). My reasons for Mac: * After the UNIVAC 1108, the IBM 360, the PDP-11, and the Apple II, the Mac was my next computer, and is what I've used ever since except to run my server, or when I am forced to use Windows because in fact I have to develop for it. That explains why you're partial to doing this on OSX, which is to be expected. (I started on a PDP-7 btw). * I think Windows sucks bad, and I like UNIX only without a UI. I'm very good in vi. But for running my server this time I'd like to try a UI for a for vanilla file management and such, and I don't think I want it to be either Gnome or KDE, because I've never liked them enough to try to learn them. I won't mention X-Windows. Apple Remote Desktop has some problems but they seem not bad for a server without its own display, and I can always use a different remote desktop if needed. If you're only looking for file management in a UI, I'd try a text based one such as Vifm or Midnight Commander, as opposed to a GUI. * I expected it might likely work well enough for me, and therefore will expand use of my familiar desktop into at least a portion of my server-related work, creating a smoother overall workflow. I think this is an unrealistic expectation, in some senses. It doesn't matter much which desktop platform you use to manage servers. You only really need a web browser and ssh. Unfortunately for some, a good bit of server admin work is CLI. Since you know vi though, you should be pretty much home free. * I have a *new* (fairly new) Mac mini Server and have several things up and running on it. qmail+vpopmail is the only major requirement I haven't tackled yet. So I don't get credit for guessing you have a Mac Mini? ;) * Curiously the first point you mention some sort of raid is one reason I want to use OSX, because I really like SoftRAID, which runs only on the Mac. It is installed at home on all my Macs, and I'm quite fond of it and use it at levels that most customers don't touch. And there are some features planned for the future that I'm quite excited about. I've had terrible experiences with Apple RAID in the past and also would not want to use Apple's own drivers for data I care about. That should be fine. I'm partial to software raid myself, but I do it all with the mdadm CLI utility. I'm sure that SoftRAID is slicker. *** I would consider running QMT in a VM, but would rather avoid a VM. I've never touched CentOS. Not a big deal. It's much like the CLI in OSX. Things are in different places is all. You really don't need to concern yourself with most of that though. Much less than if you try to roll your own on OSX. My distro of choice still would be Mac-native. Obviously BSD would be closest. With QMT you really don't need to know much about the OS though. Everything's scripted. I suppose I would try building from sources and see what happens. That's an option. It's a very long row to hoe though. There are many fine points to running qmail, as I'm sure you're aware. Are you planning on running daemontools and ucspi-tcp? That could get ugly on OSX. If I were to do this, I'd look at using OSX's launchd (or whatever else your version may use). I really don't want my *entire* server in a VM (just qmail+vpopmail if really necessary) Your QMT server would be the only part that's in a VM. The rest of your present server would remain as-is. and also really don't want multiple IP's, and suspect sharing a single IP with host and mail VM would be problematic. There's no problem with this. Virtualization software can provide NAT for the VM's nic(s). I already have native Apache, SQL, PHP, etc. and figure it is a good thing to leave it that way if I want to try Mac for whatever it may be worth. The host and VM would be totally separate software wise, so no problem there. In fact, having the mail server in a VM eliminates potential conflicts with
[vchkpw] [SPAM] vqadmin chrome patch
We just completed upgrading QMT to vpopmail-5.4.33 along with
qmailadmin-1.2.16 and vqadmin-2.3.7. So far so good.
We did notice though that vqadmin had a problem with the language which
chrome was requesting. We borrowed a little code from qmailadmin to fix
it, and the attached file contains the patch.
Thanks for the great work Matt. I hope to get to vpopmail-5.5 with ldap
before too long. What's the status of that as you remember it? I know
it's been a while.
--
-Eric 'shubes'
!DSPAM:501c91ed34217730527293!
--- lang-old.c 2012-08-04 01:09:12.788299596 +
+++ lang.c 2012-08-04 02:02:47.791755439 +
@@ -25,6 +25,9 @@
#include sys/types.h
#include sys/stat.h
#include unistd.h
+
+#include vpopmail.h
+
#include global.h
#include vauth.h
@@ -70,6 +73,10 @@
char tmpfile[MAX_TMPBUF];
struct stat mystat;
+ /* Lowercase the language name to fix a bug where chrome users can't access
+ * the page. */
+ lowerit(lang);
+
/* only open files in the local directory */
if ( strstr(lang, .) != NULL || strstr(lang, /) != NULL ) {
global_error(invalid language file,1,0);
[vchkpw] [SPAM] Re: [SPAM] Re: [vchkpw] [SPAM] qmail+vpopmail upgrade questions
I wonder too, why OSX? The only thing I can think of is perhaps you have an older MacMini laying around that you'd like to use. That's certainly usable for something such as this, but I wouldn't recommend running a server w/out some sort of raid (I prefer the SW variety). Disclaimer: I've recently taken charge of the QMail-Toaster.com project, so I'm a bit biased. ;) If you're really bent on OSX, you could run a QMT mail server as a VM under whichever virtualization platform you prefer. Migrating your existing setup to QMT should be fairly easy, depending on your vpopmail settings. QMT has a slew of qmail patches applied, and I'm presently upgrading vpopmail to 5.4.33 (long awaited), which will bring all of the QMT packages current with upstream releases. There is a large community behind QMT, so you won't need to look far for helpful support. QMT is presently only available on CentOS/RHEL, so that might be a drawback to you. If you're familiar with packaging though, you might want to roll your own for whatever distro you choose. We hope to have the sources available on GitHub by the end of the year, and will be using OBS to build the packages. You're welcome to join us in our endeavors. -- -Eric 'shubes' On 08/02/2012 06:53 PM, Remo Mattei wrote: Why running a Mac since they stop the server now? I would use a Linux box I can share my configuration when I get home my 2 cents Inviato da iPhone () Il giorno 02/ago/2012, alle ore 17:47, Kurt Bigler k...@breathsense.com ha scritto: I run a small server currently with qmail-1.03 + qmailadmin 1.2.8 + vpopmail 5.4.10 qmail-1.03 has the chkuser patch applied (not a recent version). Although it did not help my problem I also just applied Christopher K. Davis qmail patch (to qmail-smtpd only) because I hoped it would resolve a CNAME lookup failed temporarily problem. In any case I am thinking that I should probably upgrade thinking it might solve problems I haven't even run into yet, and perhaps apply more patches to qmail, and I wonder if anyone has any opinions about packaged combinations of qmail+vpopmail with good sets of patches for use on a small server that is currently FreeBSD that I would like to move to MacOSX in several months. I see there is now a toaster that includes vpopmail, which if memory serves did not exist several years ago. I'd like to get SMTP auth in the process. So in short I'd like to upgrade to achieve better reliability and security, and facilitate support. I also have a custom patch to vdelivermail that I'd like to preserve, so I'm not looking for anything based on binaries. The above is currently running on FreeBSD (that is 3 years old or so) and I'm hoping to move it to Mac server (although not using their included email), and hope to have a solution that will not make such a transition more difficult. I'd also like to keep existing mail flow with all users and their qmailadmin settings, etc., so hopefully just a recompile that will preserve existing functionality, something I can test live in the wee hours expecting no major issues. Thanks in advance for any thoughts. -Kurt !DSPAM:501b41fd34211992741625!
[vchkpw] Re: [SPAM] perl5.10.1 segfault when trying to send an email
Stéphane, If you're not committed to debian, I hope you consider using qmail-toaster (http://wiki.qmailtoaster.com). It's based on qmail-rocks as well, and many people have migrated to it from a variety of qmail implementations. It is a full fledged server which is easy to build and maintain, and has strong community support. There is also a qmailtoaster-plus package available (http://qtp.qmailtoaster.com), which contains a slew of administrative scripts which will make your life as a qmail admin much easier, including qtp-backup and qtp-restore scripts which can be used for migrations. Disclaimer: I am the project leader, so I'm a bit biased. ;) -- -Eric 'shubes' On 06/23/2012 01:19 PM, Stéphane Dupont wrote: Hello, I've got a problem with a vpopmail / qmail / spamassassin / clamav installation. To do some testing before going live, I tried to send an email via telnet, and I've got this: telnet XXX.XXX.XXX.XXX 25 Trying XXX.XXX.XXX.XXX... Connected to XXX.XXX.XXX.XXX. Escape character is '^]'. 220 mail.xxx.xxx ESMTP ehlo mail.xxx.xxx 250-mail.xxx.xxx 250-STARTTLS 250-SIZE 0 250-PIPELINING 250 8BITMIME mail from: x...@gmail.com 250 ok rcpt to: x...@xxx.com 250 ok data 354 go ahead test .. 451 qq crashed (#4.3.0) At the time I enter the data command, I've got this in the syslog file: Jun 23 21:56:25 mail kernel: [ 910.578019] perl5.10.1[1951]: segfault at 20 ip 7f4adf64d138 sp 7fff09275940 error 4 in libperl.so.5.10.1[7f4adf60d000+165000] Also, this happens only if I do this from outside the server. If I'm doing the same thing from the server (telnet localhost), the problem doesn't happen... Any idea? I just built this new system to migrate from an old one. The installation is based on qmailrocks. Debian Squeeze 64bits vpopmail-5.4.32 qmail-1.03 SpamAssassin-3.3.2 clamav-0.97.5 Thanks a lot, Stéphane Dupont. (PS : sorry for the previous message, I forgot to put a subject) !DSPAM:4fe6329934189698226404!
[vchkpw] Re: [SPAM] Re: [vchkpw] Prevent certain users from send emails outside the local domain.
On 06/09/2012 04:44 AM, Pritam D. Gautam wrote: Dear Amit, Thank you for pointing in right direction. However, there are some shortcomings of implementing eMPF, I have encountered: Scenario 1: User A has been configured to prevent sending mails to external domain. If user A sends mail to internal domain (permitted by policy), with a copy to external domain (denied by policy), the entire mail is rejected. This is the behavior that I would expect, although that doesn't necessarily make it right or proper. I'll need to think this through before coming up with a suggestion. This seems similar to another situation where a submission contains one invalid address out of a bunch, and the message is refused giving the user no indication of which address is bad. I'm not sure this is the best way to handle things either. Scenario 2: Vpopmail has been configured with /defaultdomain/ name in ~vpopmail/etc/defaultdomain file With defaultdomain configured, it is not mandatory to supply full emailaddress for authenticating with mailserver resulting in eMPF to fail and allow all emails. -- Having said that I have been able to write a workaround for Scenario 2 but living with Scenario 1 currently. Any help will be appreciated. Attached is patch I have created for Scenario 2. HOWTO for Scenario 2: -- 1. Apply patch 2. Configure and export QMAILDEFAULTDOMAIN variable in the run file for SMTP Server e.g. export QMAILDEFAULTDOMAIN=@example.com Rather than have the default domain hard coded in another location, I would rather see something like: defdomfile=/home/vpopmail/etc/defaultdomain if [ -f $defdomfile ]; then export QMAILDEFAULTDOMAIN=$(cat $defdomfile) else export QMAILDEFAULTDOMAIN= fi Also, I'm not a C expert. I wonder what happens with strcat(remoteinfo,env_get(QMAILDEFAULTDOMAIN)) when QMAILDEFAULTDOMAIN is not defined. If nothing, that's fine. If it causes strcat to do something undesired though, then the result of env_get should be checked before doing the strcat. Nice work. This fix should probably be included the the stock eMPF code. Matt? -- -Eric 'shubes' !DSPAM:4fd37e6634201363618960!
[vchkpw] Re: [SPAM] Re: [vchkpw] Prevent certain users from send emails outside the local domain.
On 06/08/2012 04:43 AM, Todor Petkov wrote: On 06/08/2012 01:04 PM, Pritam D. Gautam wrote: Hi, I am required to prevent certain users on my Qmail Server from sending emails to outside domain. In my understanding, only IP Addresses can be prevented from relaying! But that's something which does not work in my environment considering we have DHCP setup. Any help will be appreciated. Regards, Hello, not 100% sure, but I think you can do it via vmoduser and adding -r flag to the user. This, however, will require smtp auth usage. For more information, look at http://www.qmailwiki.org/Vpopmail#vmoduser Regards, That's an interesting approach. I think you'd want to use the -s flag for the user, then configure their email client to not authenticate. Local email would be accepted (for all domains on the host though, not strictly inter-domain), and relaying would be rejected. I think eMPF (as Amit suggested) is a nicer solution though. It's more straight forward, and has more flexibility to control this sort of thing. Not surprising, as that's what it was created to do. -- -Eric 'shubes' !DSPAM:4fd2168b34201383016228!
[vchkpw] Re: [SPAM] Cannot Authenticate When popping mail
On 04/21/2012 06:13 PM, Rick Phillips wrote: I have searched my problem extensively on the web and even in the archives on this list without success. I say without success because there were many similar problems with different configurations going back to about 2003 but in many cases, the question I am about to ask was ignored on the lists. I have installed netqmail + vpopmail + ezmlm dozens of times without any problems following Life With Qmail explicitly and the instruction with vpopmail. I have had 3 failed attempts using 64bit CentOS 6.0, 6.1 and now 6.2. Everything functions - qmailadmin works and authenticates, mail is received on the server and mail can be sent BUT popping the mail from the server fails with the error Unable to connect to server 'servername' Cannot send password. My mailer configuration is exactly the same as I use on working setups. I have wasted days on a solution - even trying older and the development versions of vpopmail. The version I am currently using is 5.4.33. The following is my /var/qmail/supervise/qmail-pop3d/run script. #!/bin/sh exec /usr/local/bin/softlimit -m 1000 \ /usr/local/bin/tcpserver -v -R -H -l 0 0 110 /var/qmail/bin/qmail-popup \ FQDN_disguised /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 21 vchkpw indeed resides where it should be as outlined above. The mail arrives in a Maildir folder exactly as it should. There are several domains, each being set up from scratch using vadddomain and then users were added with qmailadmin which functions normally. My bad experiences have only been with CentOS 6.X and I manage several other servers running CentOS 5.X without any issues both in 64 and 32 bit. I am at my wits end and can only assume a problem with the latest CentOS and there for perhaps with similar versions of RHEL. I hope someone has some ideas. With thanks in advance, Rick Have you tried increasing the softlimit value? I would try adding another zero. If it works, you can reduce the number gradually until it breaks again. -- -Eric 'shubes' !DSPAM:4f93698134841990715900!
[vchkpw] Re: bounce mail destined to non-existant accounts keep a copy locally
On 04/19/2012 09:04 AM, Netbeans wrote: I would like to ( bounce the email AND keep a copy ) that was destined to a non-existent vpop user. I see than I can bounce -OR- deliver a copy But it does not seem that I can easily do both at the same time. I think you're right (keyword: easily). You could tap the whole domain to some other domain's account, then use a filter on the tap account to delete all emails addressed to existing vpop users. Keeping the filter in sync with user accounts may or may not be troublesome. -- -Eric 'shubes' !DSPAM:4f917f1234841261746487!
[vchkpw] Re: [SPAM] Qmail TAP not working
I don't know for sure, but I can hazard a guess. You see, tap works on both sender and recipient addresses. More like sender *or* recipient addresses. Since the email is send from pqr, that tap is matched and no others are tried (apparently). Someone would need to have a look at the code, but I suspect that's what's happening. Perhaps the process should continue to tap a recipient addresses after matching a sending address. Or maybe the tap process should tap all matching configuration lines. I don't know if it's supposed to do that already or not, and I've no idea if this is an easy patch or not. -- -Eric 'shubes' On 03/01/2012 04:56 AM, Amit wrote: DearTeam, I had set a qmail tap with below setting but it is not working properly. Please tell me where I’m doing wrong. Content of my tap file is below: a...@example.com:x...@example.com mailto:a...@example.com:x...@example.com p...@example.com:p...@gmail.com mailto:p...@example.com:p...@gmail.com Now problem is all mail sent to a...@example.com mailto:a...@example.com is getting ta pped to x...@example.com mailto:x...@example.com except mail sent from p...@example.com mailto:p...@example.com to a...@example.com mailto:a...@example.com. *Regards,* ** *Amit Dalia*|Support Head|Mobile : +91 - 866101 http://iknowledgefactory.com/ikf_email/ikf_logo.jpg http://ikf.co.in/ http://iknowledgefactory.com/ikf_email/line_1.jpg *I Knowledge Factory Pvt. Ltd.* Manohar, Plot No. 2, S.No : 47/1B- 1/2, 3rd Floor, Taware Colony, Near Muktangan School, A ranyeshwar Road. Pune - 411009 Tel : +91-20-2422-786-1 / 2 / 3 / 4 Extn - 204 http://iknowledgefactory.com/ikf_email/facebook.jpg http://www.facebook.com/IKFPune http://iknowledgefactory.com/ikf_email/linkedin.jpg http://in.linkedin.com/in/ikfpune Click Here http://dev.ikf.in/ikf_new/chatnew/chat.php?intid=YW1pdA__ to chat with me !DSPAM:4f4fa4af34173183811691!
[vchkpw] Re: vpopmail migration
How many accounts are you talking about? It might be easiest to create the (domain and) accounts manually or with a script on the new host, then copy any emails over from/to the /home/vpopmail/domains/ directory using either scp or rsync. On 06/15/2011 07:57 PM, Ron Herzing wrote: Hello All, My names Ron and I’m new to the list. Can anyone point me in the right direction for migrating a vpopmail domain to another vpopmail server? Details: I currently have a mail server with a domain of auffenberg.com and the user accounts are in vpopmail using vpasswd.cdb to store user accounts. I have built a new mail server and this one also uses vpopmail except that I am using mysql for the user accounts. I have read that to convert the cdb file to mysql that I should use: vconvert –c –m I’m having trouble finding any more information on converting and migrating to another server. My questions: What else do I have to do in order to convert my user accounts and get them over to the new server? How is vconvert able to insert data into the database? Does it require further command line instruction to accomplish this? Any information on how to go about this would be greatly appreciated. Thanks, ~Ron -- -Eric 'shubes' !DSPAM:4dfa0d0432712878218307!
[vchkpw] Re: [SPAM] slow local queue
On 05/24/2011 10:41 PM, Anilkumar null wrote: Dear All, I have installed qmail installation according to qmailrocks with mysql as data backend. also installed local Bind as catching DNS server. problem is that i receive lots of e-mail on daily basis and few mails are kept in my local queue for more than 4-8 hours. what will be the issue, due to this problem my remote outqueue mails are also increasing, please suggest me some solution. so that local mails can be cleared easily and faster. Regards Anil It's hard to tell from what you've given us what the problem might be. What do you see in your send logs? Are any messages at all going through, both local and remote? FWIW, spamdyke (http://spamdyke.org) will lighten the load on your server. Also, rather than struggling with QMR, I highly recommend using QMail-Toaster (http://qmailtoaster.com). Everything there is all pre-bundled for you. QMT just works. Strong community and documentation there as well. -- -Eric 'shubes' !DSPAM:4ddd199732711873996166!
[vchkpw] Re: Forward non-existing accounts to another server (same domain)
On 05/09/2011 01:13 AM, Carlos Miranda Molina (Mstaaravin) wrote: Hi! I have one domain mydomain.com and i need split this between 3 geographical places, differents users of course. the only solution that works for me is this: http://qmail.jms1.net/multi-location.shtml But, I want to avoid that configuration. In vpopmail FAQ (http://www.inter7.com/vpopmail/FAQ.txt) say: 22. How do I forward all email to a different site? Edit the .qmail-default file and put in: | /home/vpopmail/bin/vdelivermail '' $e...@newdomain.com This will forward all non matching emails to u...@newdomain.com No problem if they are different domains but each of my qmail has the same domain in my /var/qmail/rcpthosts and not same users. I need that when you send mail from us...@mydomain.com (in server1) to user us...@mydomain.com (in server2) qmail delivery mail to another server. what option I can use in my .qmail-default file? something like | /home/vpopmail/bin/vdelivermail '' $EXT@anotherserverIP_or_variable i looked environments variables on http://www.lifewithqmail.org/lwq.html#config-files, but I do not understand. Thanks One way to do this would be to use subdomains for each place, ie place1.mydomain.com, place2.mydomain.com, place3.mydomain.com. Set up the users with 'real' accounts in their proper subdomain. Also create appropriate MX records for each subdomain. In the primary domain, set up all users as forwards to their subdomain. This does have a drawback in that in its simplest implementation, all email goes to the central/primary server first, then on to the appropriate subdomain. This might be avoided by replicating the primary domain to each of the subdomains (you'll need vpopmail configured with separate tables per domain for this), and having a local DNS resolver on each subdomain that points the MX for the primary domain to itself. I haven't actually done the replication part of this, but I have set up a few subdomains. I think it would work, but of course YMMV. -- -Eric 'shubes' !DSPAM:4dc80fa732711891217879!
[vchkpw] Re: maildirsize problem
Salman, I generally don't like suggesting a alternatives, but it appears to me that you're going about this the hard way. Have you considered using Qmail-Toaster (http://qmailtoaster.com/)? It's a rock solid implementation of qmail, it uses vpopmail, and it has everything all preconfigured and ready to roll. I can't be sure it's suitable for your situation, but it fulfills the needs of quite a few. Personally, I cringe at the idea of using qmail any other way. Of course, QMT is at the mercy of vpopmail when it comes to quotas. I'm very pleased to see Matt working on vpopmail to get this fixed, in addition to getting v5.5 going. Thanks Matt. HTH. -- -Eric 'shubes' On 03/02/2011 11:41 AM, Salman Riaz wrote: Yes I have patched the qmail for maildir++ thats why IMAP protocol does not create any problem. I am agreed with your opinion that POP is creating some problems in this case. Basically I have installed netqmail-1.0.5. Is there any separate patch for configuring POP using maildir++? Regards, Salman... Date: Wed, 2 Mar 2011 07:42:49 -0600 From: m...@inter7.com To: vchkpw@inter7.com Subject: Re: [vchkpw] maildirsize problem -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/02/2011 01:21 AM, Salman Riaz wrote: Dear Matt, I have configure the POP as following in my qmail g t; Have you patched qmail to support Maildir++? - -- /* Matt Brookings m...@inter7.com GnuPG Key FAE0672C Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1uSVkACgkQIwet2/rgZywg6ACfYzfLNw7DzJgC3xGw+WVj3ynk GlIAn2mDRjBXhgr4qkSU0X0rStB8mcWq =zNAl -END PGP SIGNATURE- !DSPAM:4d6e92ba32716691718840!
[vchkpw] Re: maildirsize problem
I highly recommend you use dovecot instead of courier. Courier no longer supports vpopmail. Plus dovecot imap performance runs circles around courier. -- -Eric 'shubes' On 03/01/2011 03:33 AM, Salman Riaz wrote: Dear Alessio, Its now working fine. I am using courier imap with vpopmail-5.4.33. I have also checked the code of maildirquota.c. It majorly depends on the recalculating time of quota not on the size (5120 bytes or more) of emails. If we reduce this time it will results load in the server. It is set as 15 minutes for the optimum load on the server. When I have use IMAP then it updates the quota at the same time. When I use POP then it updates the quota after 15 minutes. Currently I am conducting more tests to understand the working of this vpopmail. Regards, Salman... Date: Tue, 1 Mar 2011 10:21:07 +0100 From: ales...@skye.it To: vchkpw@inter7.com Subje ct: Re: [vchkpw] maildirsize problem Il 01/03/2011 10:07, Salman Riaz ha scritto: Dear Matt, I have tested the new vpopmail-5.4.33. When I use pop protocol to download the emails then it does not update the maildirsize file. When I have check the email via IMAP it shows no email but still quota is showing some usage Can you please advice me regarding this? Regards, Salman... Hi Salman, for pop3 or imap what daemon are you running? I'm using vpopmail 5.4.33 and dovecot without problem. Try to reset the file maildirsize : /home/vpopmail/domains/dom.com/user/maildirsize and after r e set the quota with ~vpopmail/bin/vmoduser -q100M u...@dom.com -- Alessio Cecchi is: @ ILS - http://www.linux.it/~alessice/ on LinkedIn - http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux - http://www.cecchi.biz/ @ PLUG - ex-Presidente, adesso senatore a vita, http://www.prato.linux.it @ LOLUG - Socio http://www.lolug.net !DSPAM:4d6d24ed32711160672727!
[vchkpw] Re: Strane problem with vmoddomlimits and 2GB limit
On 02/02/2011 10:03 AM, Tom Collins wrote: On Feb 1, 2011, at 8:17 AM, Alessio Cecchi wrote: Is vpopmail/vmoddomlimits unable to manage quota more than 2GB but can manage quota of 2GB -1 byte? Some quota code uses a signed 32-bit value so, yes, 2GB - 1 is the maximum you can represent in that datatype. I believe more recent versions of vpopmail have a new vusage client/daemon to manage quotas, and it supports larger quotas. Keep in mind that the old maildirsize standard is implemented in multiple locations. vdelivermail, qmail-local, your POP and IMAP server, QmailAdmin, vmoddomlimits, vmoduser, etc. All of them would need to be reviewed to ensure they work correctly for larger sizes. One proposed fix is to switch to unsigned 32-bit, but that only gets you to 4GB. I think others have proposed 64-bits, or even just storing kbytes instead of bytes in the file. I'm sure others will chime in with advice and guidance. -Tom Is this true for v5.4.32? Is this true for v5.5.x? I don't use quotas personally, but I'd like to see this get fixed. I'd even consider doing (some of) the coding. Matt, what's the status of this? -- -Eric 'shubes' !DSPAM:4d49aba632711295317521!
[vchkpw] Re: Is 5.5 released?
On 11/30/2010 07:47 AM, Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/28/2010 04:10 PM, Eric Shubert wrote: So is 5.5 considered stable? If not, is there a stable version with which user quotas are working? It's not considered production stable, but I consider it to be mostly stable. I run it in production in a few locations with no problems. - -- /* Matt Brookingsm...@inter7.comGnuPG Key FAE0672C Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ Thanks Matt, that's helpful. Could I bother you for a recommendation? QMailToaster (QMT) is presently at 5.4.17, and has some problems with quotas. There are a couple ISP-type users who are very much interested in getting this fixed. I'm considering upgrading the vpopmail-toaster package for them, but am not sure whether to go with 5.4.32 or 5.5.x. I have been holding out for 5.5.x until now, but their need appears to be pretty urgent. Which version would you recommend? FYI, QMT presently runs with the following configuration: vpopmail directory = /home/vpopmail uid = 89 gid = 89 roaming users = OFF --disable-roaming-users (default) password learning = OFF --disable-learn-passwords (default) md5 passwords = ON --enable-md5-passwords (default) file locking = ON --enable-file-locking (default) vdelivermail fsync = OFF --disable-file-sync (default) make seekable = ON --enable-make-seekable (default) clear passwd = ON --enable-clear-passwd (default) user dir hashing = OFF --disable-users-big-dir address extensions = ON --enable-qmail-ext ip alias = OFF --disable-ip-alias-domains (default) auth module = mysql --enable-auth-module=mysql mysql replication = OFF --disable-mysql-replication (default) sql logging = OFF --disable-sql-logging (default) mysql limits = OFF --disable-mysql-limits (default) MySQL valias = ON --enable-valias auth inc = -I/usr/include/mysql auth lib = -L/usr/lib64/mysql -lmysqlclient -lz -lm system passwords = OFF --disable-passwd (default) pop syslog = log success and errors including passwords --enable-logging=v auth logging = ON --enable-auth-logging (default) one domain per SQL table = --disable-many-domains Thanks Matt. -- -Eric 'shubes' !DSPAM:4cfc2c1d32711961663356!
[vchkpw] Re: vusagec math
On 11/30/2010 01:34 PM, Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/30/2010 03:31 AM, Igor Smitran wrote: I would like to se usage based on file size on disk. When i see domain quota usage i need to know how much disk space is that. After all, user is using that space, i am not able to give it to someone else... Added block usage calculation to the vpopmail usage daemon in 5.5. You can find the change in Subversion. Please note, if you have configured the vusage daemon to save a database file, you will need to delete the database file or the calculations will be off when it starts up with the block size configuration. - -- /* Matt Brookingsm...@inter7.comGnuPG Key FAE0672C Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkz1X94ACgkQIwet2/rgZywZFwCggw3iYar24JLvwiYFel1AZSeE tfsAnAioGn8GKnPIOq/8VXikyKPt8xcN =p/Xw -END PGP SIGNATURE- Matt, I hope you've taken the block size into consideration for all files, not just those less than the block size. The unused space in the last block of all messages can add up. ;) Thanks for you work on vpopmail. -- -Eric 'shubes' !DSPAM:4cfc2d9c32711289418291!
[vchkpw] Re: vusagec math
On 11/29/2010 03:45 AM, Igor Smitran wrote: I've noticed that vusagec calculates space based on file size, but it is prone to errors in case it needs to calculate many emails that are smaller than block size. In case file size is smaller than block size file system will use e.g. 4KB for that file and vusagec will calculate real size. In my example file system is giving me 230 GB used space and vusagec gives me 100GB used space. It is huge error in my opinion. Igor So, which do you consider 'real' size? ;) FWIW, I'd (also) like to see usage based on what's actually used. I'm not sure that's practical to do though, and can see where it'd be a bit more difficult to implement. BTW, which version of vpopmail are you running? -- -Eric 'shubes' !DSPAM:4cf3c0ab32711432613264!
[vchkpw] Re: Is 5.5 released?
On 11/03/2010 06:54 AM, Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/03/2010 08:15 AM, Jason Frisvold wrote: On Nov 2, 2010, at 3:56 PM, Matt Brookings wrote: SourceForge shows the latest file release on the main page. If you look at where 5.5 is kept, it's still under the development area. Would this be the main page? http://sourceforge.net/projects/vpopmail/ Correct. So is 5.5 considered stable? If not, is there a stable version with which user quotas are working? -- -Eric 'shubes' !DSPAM:4cf2d37432719011919070!
[vchkpw] Re: chkuser - rejects legit mail, when followed by bad e-mail
If I understand this correctly, I think this is the nature of the beast. If you send an email to multiple addresses at the same server/domain, some of which are good, and others which are not, the smtp protocol only allows for rejection or acceptance of the entire message, somewhat unfortunately. Qmail remedies the situation by sending messages individually, but this doesn't solve the problem of other servers sending a mix of valid and invalid addresses in the same message. Also, addresses are processed by chkuser in whatever order the sending server provides them. Sequence is of no significance. U. George wrote: the first e-mail rcpt is legit. It appears that if more rcpts follow, and those accounts dont exist, then the first legit e-mail is not processed, as is rejected with all the other bogus attempts to send e-mail the domain. The chkuser test process appears to try a fake e-mail, and then a legit e-mail. BUt does not try a legit e-mail, and then a fake e-mail. Oct 8 07:35:29 LaptopServer qmail: 07:35:29.452 sslserver: pid 21983 from 212.139.245.241 Oct 8 07:35:29 LaptopServer qmail: 07:35:29.565 sslserver: ok 21983 mail.gatworks.com:96.232.60.244:25 212-139-245-241.dynamic.dsl.as9105.com:212.139.245.241::2202 Oct 8 07:35:31 LaptopServer qmail: 07:35:31.384 CHKUSER accepted sender: from o.samath...@fujitsugeneral.com:: remote nmcdprhc:212-139-245-241.dynamic.dsl.as9105.com:212.139.245.241 rcpt : sender accepted Oct 8 07:35:31 LaptopServer qmail: 07:35:31.385 CHKUSER accepted rcpt: from o.samath...@fujitsugeneral.com:: remote nmcdprhc:212-139-245-241.dynamic.dsl.as9105.com:212.139.245.241 rcpt netbe...@gatworks.com : found existing recipient Oct 8 07:35:31 LaptopServer qmail: 07:35:31.385 CHKUSER rejected rcpt: from o.samath...@fujitsugeneral.com:: remote nmcdprhc:212-139-245-241.dynamic.dsl.as9105.com:212.139.245.241 rcpt nobgatworks...@gatworks.com : not existing recipient Oct 8 07:35:32 LaptopServer qmail: 07:35:32.395 CHKUSER rejected rcpt: from o.samath...@fujitsugeneral.com:: remote nmcdprhc:212-139-245-241.dynamic.dsl.as9105.com:212.139.245.241 rcpt starrea...@gatworks.com : not existing recipient Oct 8 07:35:34 LaptopServer qmail: 07:35:34.375 sslserver: warning: dropping connection, unable to read/create SSL instance Oct 8 07:35:34 LaptopServer qmail: 07:35:34.375 sslserver: end 21982 status 111;N -- -Eric 'shubes' !DSPAM:4caf209532711083715087!
[vchkpw] Re: chkuser - rejects legit mail, when followed by bad e-mail
U. George wrote: It is not clear to me if the same message is sent to multiple users, or multiple messages to multiple users using the same smtp session. I don't recall ever seeing multiple messages using the same smtp session. I presume it can be done simply by following the . (ending one message) with another MAIL FROM command and proceeding with another message. I just haven't ever (in 4 years of using QMT) seen it in a log. BUT, I think, if the *last* email rcpt is legit, then the message is passed along to that legit account irrespective of any any failures that happened before. I will have to review the mail log to see if thats true. That shouldn't be happening. If any one of the recipients is invalid, the message should be rejected (depending on the bounce/catchall setting of course). Someone please correct me if I'm wrong on this. I will have to log the smtpd session to see what the actual conditions are. Please let us know what you determine. Inquiring minds want to know. ;) On 10/08/2010 09:45 AM, Eric Shubert wrote: If I understand this correctly, I think this is the nature of the beast. If you send an email to multiple addresses at the same server/domain, some of which are good, and others which are not, the smtp protocol only allows for rejection or acceptance of the entire message, somewhat unfortunately. Qmail remedies the situation by sending messages individually, but this doesn't solve the problem of other servers sending a mix of valid and invalid addresses in the same message. Also, addresses are processed by chkuser in whatever order the sending server provides them. Sequence is of no significance. U. George wrote: the first e-mail rcpt is legit. It appears that if more rcpts follow, and those accounts dont exist, then the first legit e-mail is not processed, as is rejected with all the other bogus attempts to send e-mail the domain. The chkuser test process appears to try a fake e-mail, and then a legit e-mail. BUt does not try a legit e-mail, and then a fake e-mail. Oct 8 07:35:29 LaptopServer qmail: 07:35:29.452 sslserver: pid 21983 from 212.139.245.241 Oct 8 07:35:29 LaptopServer qmail: 07:35:29.565 sslserver: ok 21983 mail.gatworks.com:96.232.60.244:25 212-139-245-241.dynamic.dsl.as9105.com:212.139.245.241::2202 Oct 8 07:35:31 LaptopServer qmail: 07:35:31.384 CHKUSER accepted sender: from o.samath...@fujitsugeneral.com:: remote nmcdprhc:212-139-245-241.dynamic.dsl.as9105.com:212.139.245.241 rcpt : sender accepted Oct 8 07:35:31 LaptopServer qmail: 07:35:31.385 CHKUSER accepted rcpt: from o.samath...@fujitsugeneral.com:: remote nmcdprhc:212-139-245-241.dynamic.dsl.as9105.com:212.139.245.241 rcpt netbe...@gatworks.com : found existing recipient Oct 8 07:35:31 LaptopServer qmail: 07:35:31.385 CHKUSER rejected rcpt: from o.samath...@fujitsugeneral.com:: remote nmcdprhc:212-139-245-241.dynamic.dsl.as9105.com:212.139.245.241 rcpt nobgatworks...@gatworks.com : not existing recipient Oct 8 07:35:32 LaptopServer qmail: 07:35:32.395 CHKUSER rejected rcpt: from o.samath...@fujitsugeneral.com:: remote nmcdprhc:212-139-245-241.dynamic.dsl.as9105.com:212.139.245.241 rcpt starrea...@gatworks.com : not existing recipient Oct 8 07:35:34 LaptopServer qmail: 07:35:34.375 sslserver: warning: dropping connection, unable to read/create SSL instance Oct 8 07:35:34 LaptopServer qmail: 07:35:34.375 sslserver: end 21982 status 111;N -- -Eric 'shubes' !DSPAM:4caf416932711861280447!
[vchkpw] Re: Call for input on OpenLDAP authentication module
Matt Brookings wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The module is nearing completion, and I'd like to ask for some
opinions on supported password formats.
Part of the module's goal is to provide an address book for users.
The LDAP server administrator can set down rights as to what parts of
the directory can be seen, and users can authenticate as themselves
against the LDAP server for this purpose.
That means that both vpopmail, and the LDAP server must both
understand the password field. Because of this requirement, the
userPassword field from the inetOrgPerson schema is being used to
store the hashed password.
Another requirement is that the password be portable to other
authentication modules. If one wishes to convert to another module,
and does not have plaintext passwords enabled, it should be possible
to convert the user's hashed password to the new module, even if it
requires some quick tweaks (eg. {SMD5} has the four byte salt at the
end, and is base64 encoded -- this could easily be reformatted)
Initially I had decided upon using the {SMD5} hash scheme, but this
requires that systems have MD5 support. The next obvious choice is
the {CRYPT} scheme, however, OpenLDAP does not compile with this
feature enabled by default, and without it, the server cannot
authenticate clients.
So, to those of you with some experience with OpenLDAP, I'm looking
for some input on the optimal scheme (or schemes) to implement,
keeping in mind that the hashed password can (hopefully) be ported to
the other authentication modules if required, and the OpenLDAP server
must be able to authenticate against it.
The original module supported {MD5} and {CRYPT}, and that's what I'm
leaning towards here.
Thanks for any input you can provide!
- --
I'm certainly not one who can advise on this. However, I would like at
some point to be able to use FreeIPA for authentication. Perhaps you can
ask about this on the FreeIPA Users list
(https://www.redhat.com/mailman/listinfo/freeipa-users or
gmane.linux.redhat.freeipa.user). I would think that some folks there
would be very knowledgeable about such things.
--
-Eric 'shubes'
!DSPAM:4ca644b332711424712350!
[vchkpw] Re: Fwd: VPOPMAIL DOVECOT SMTP-AUTH
Joe @ 3ZZZ wrote: On 09/10/2010 12:45 PM, Davis Sylvester wrote: I am using Qmail and Dovecot for IMAP. Prior to installing Dovecot we only offered POP3 and SMTP services. The issue I have run into is that after I installed Dovecot, IMAP runs fine, but when my users go to send email they can't. This was just discussed on the list yesterday. Dovecot caches user information in memory and does not support roaming users. You will need to switch to SMTP authentication. POP-before-SMTP is *bad*. Is there a simple resolution to resolve this issue? I have looked at SMTP-AUTH but not sure it will work with vpopmail. It works. Just be sure that you have clear passwords enabled in vpopmail if you want to support CRAM-MD5 authentication. Quoting Davis Sylvester davis.sylvester...@gmail.com: Matt what smtp-patch do u suggest! Can u point me to a current howto? After reading http://www.fehcom.de/qmail/smtpauth.html this morning, I'm hoping for a good answer to Davis' question as well. Do you think the guide at the bottom there is the way to go? Is migrating to postfix (still with vpopmail) a viable / advisable alternative? thank you all very much, Joe I use qmail-toaster (http://qmailtoaster.com), which includes the following qmail patch: Robert Sander - qmail-remote-auth http://www.ornl.gov/lists/mailing-lists/qmail/2002/03/msg00091.html You also might consider using spamdyke (http://spamdyke.org), which provides a vpopmail authentication mechanism (when configured appropriately). I highly recommend using spamdyke, whether you need it for authentication or not. It can stop 80+% of spam before even receiving (or scanning) it. It will lighten the (scanning) load on your server considerably. -- -Eric 'shubes' !DSPAM:4c8c5f6932711774613936!
[vchkpw] Re: submission port 587
The 'stock' qmail-toaster (http://qmailtoaster.com) contains this. The only difference between the smtp/run and submission/run files is that the submission/run file contains the -H flag for tcpserver, and: export REQUIRE_AUTH=1 which tells the authentication patch to always authenticate. qmail-toaster includes the following patch: Jean-Paul van de Plasse - REQUIRE_AUTH Patch which is what checks the REQUIRE_AUTH environment variable. You'll need to do some searching to find that patch, or grab it from the qmail-toaster srpm package. HTH. -- -Eric 'shubes' jeffk...@intersessions.com wrote: Hi Thiago – thanks – I’ll give this a try. Jeff *From:* Thiago Bujnowski - Ticonnect Solutions [mailto:tbujnow...@ticonnect.com.br] *Sent:* Saturday, September 11, 2010 9:43 PM *To:* vchkpw@inter7.com *Subject:* Re: [vchkpw] submission port 587 You can just create another directory at /var/qmail/supervise with a run file running on port 587 and using a different tcp.smtp file. I wanted separeted processes for internal and external incoming mail at my MX server. Here is how I did it: - I followed a regular instalation as described in lifewithqmail + smtpauth. - Instaled Vpopmail - Applied the chkuser patch - Instead of replacing qmail-smtp at /var/qmail/bin I renamed the patched file to qmail-mx and copied into it. - Created a /var/qmail/supervise/qmail-mx folder and modified the run file to use qmail-mx instead of qmail-smtp binary and tcp.mx.cdb instead of tcp.smtp.cdb, and chaged the listening IP. (You your case, you should modify the listening port to 587) - Created the link at /service - Modified qmailctl adding the qmail-mx process. (Also generating the tcp.mx.cdb file from tcp.mx) It works like a charm for me and I think you could just adapt the overall idea fitting your needs. There is just one inconvenience with this setup. The config files for qmail (rcpthosts and etc..) must be the same for both processes. It would require further modifications on qmail-smtp.c to use diferent config files for each process. Your new CDB file should have no open relays allowing only authenticated mail to pass through. That should do the trick. Does anyone have a better suggestion? Regards, Thiago Bujnowski *From:* Rick Macdougall mailto:ri...@ummm-beer.com *Sent:* Saturday, September 11, 2010 9:57 PM *To:* vchkpw@inter7.com mailto:vchkpw@inter7.com *Subject:* Re: [vchkpw] submission port 587 Sorry for the top post, on my IPod. If no one answers before tomorrow, I'll reply when I get on my computer. It's pretty straight forward. Rick On 2010-09-11, at 18:39, jeffk...@intersessions.com mailto:jeffk...@intersessions.com wrote: This may be the wrong forum for this but I can’t seem to find any info. Does anyone have information on how to setup a second SMTP process within qmail that listens on port 587 and accepts ONLY authenticated smtp connections? In this scenario port 25 would accept normal smtp (non-relay) and smtp-auth traffic but now could also be filtered to block dynamic IP ranges. Thanks, Jeff Koch !DSPAM:4c8c643932717955216745!
[vchkpw] Re: DSPAM configuration usage? (vpopmail + simscan + maildrop + clamav)
Michael, I cannot answer your questions regarding DSPAM. However, given your performance issues with SA, I'd like to point you toward spamdyke (http://spamdyke.org). Spamdyke typically blocks 80%+ of spam before the message is even transmitted, which lightens the load on SA considerably since there is much less mail to scan. It's really pretty amazing. I highly recommend it. -- -Eric 'shubes' Michael Mussulis wrote: Hi All, First of, apologies if this is a silly question, but I am VERY VERY confused with regards to DSPAM configuration/usage. I am mostly used to SpamAssassin, and have configured it many times before, with the result of it working more or less straight out of the box. However, SA is no longer a viable option due to its poor performance so I switched to DSPAM. I have compiled, installed and configured DSPAM on my server, and can say it is executed - but spam is still coming in and it looks like DSPAM is not blocking any spam at all. I am absolutely convinced I have missed something in the configuration, somewhere, most likely (in my humble opinion) due to its very poor documentation. I have not found an adequate guide, listi ng clearly all the steps required to get it to work, i.e. to classify and block spam. Can anyone help please? I have included a log excerpt showing simscan/dspam functionality. I have read the documentation, but I am still none the wiser as to the CORRECT/PROPER method of integrating DSPAM with vpopmail + maildrop. Additional questions: 1. Does DSPAM identify spam at all upon first time installation? 2. Does DSPAM need aliases to classify spam? Please help. Thanks, Michael. @40004c63c01229c083c4 qmail-smtpd[12137]: Received-SPF: none (mail.stellarent.com: domain at doctormount.com does not designate permitted sender hosts) @40004c63c01229c127d4 qmail-smtpd[12137]: MAIL FROM:sympathize...@doctormount.com @40004c63c01229c18594 qmail-smtpd[12137]: RCPT TO:lo...@stellarent.com @40004c63c01229cd7c14 simscan: cdb looking up @40004c63c01229cd83e4 simscan: cdb for found clam=yes,spam=yes @40004c63c01229cd87cc simscan: pelookup clam = yes @40004c63c01229cd87cc simscan: pelookup spam = yes @40004c63c01229cd8bb4 simscan: starting: work dir: /usr/local/var/qmail/simscan/1281605640.701223.12138 @40004c63c01e29a5df74 simscan: pelookup: called with sympathize...@doctormount.com @40004c63c01e29a5eb2c simscan: pelookup: domain is doctormount.com @40004c63c0 1e29a5ef14 simscan: cdb looking up doctormount.com @40004c63c01e29a5ef14 simscan: pelookup: local part is sympathizeuzu @40004c63c01e29a5f2fc simscan: lpart: local part is ** @40004c63c01e29a5f6e4 simscan: cdb looking up sympathize...@doctormount.com @40004c63c01e29a5facc simscan: pelookup: called with lo...@stellarent.com @40004c63c01e29a63d34 simscan: pelookup: domain is stellarent.com @40004c63c01e29a6411c simscan: cdb looking up stellarent.com @40004c63c01e29a64504 simscan: pelookup: local part is logie @40004c63c01e29a648ec simscan: lpart: local part is ** @40004c63c01e29a64cd4 simscan: cdb looking up lo...@stellarent.com @40004c63c01e29a650bc s imscan: calling dspam @40004c63c01e29a650bc simscan: calling /usr/local/bin/dspam dspamc --stdout --client --feature=noise --deliver=innocent,spam --debug --user vpopmail @40004c63c01e2a6c2d14 simscan:[12137]:CLEAN (0./0.9899):12.0106s:Your style will be modish and unique with our accessories. You will be more successful with our branded accessories.:61.19.66.127:sympathize...@doctormount.com:lo...@stellarent.com @40004c63c01e2a6c8304 simscan: DSPAM reported message as NOT being SPAM @40004c63c01e2a7e22bc simscan: calling clamdscan @40004c63c01e2b0b8224 simscan: clamdscan: /usr/local/var/qmail/simscan/1281605640.701223.12138: OK @40004c63c01e2b137164 simscan: clamdscan: @40004c63c0 1e2b13d30c simscan: clamdscan: --- SCAN SUMMARY --- @40004c63c01e2b1891e4 simscan: clamdscan: Infected files: 0 @40004c63c01e2b1afefc simscan: clamdscan: Time: 0.008 sec (0 m 0 s) @40004c63c01e2b1ea87c simscan: cdb looking up version clamav @40004c63c01e2b1f5c2c simscan: runned_scanners is clamav: 0.95.2/m:51/d:10088 @40004c63c01e2b1fa27c simscan: found 0.95.2/m:51/d:10088 @40004c63c01e2b1ff09c simscan: normal clamdscan return code: 0 @40004c63c01e2b20756c simscan: done, execing qmail-queue @40004c63c01e32f1291c simscan: qmail-queue exited 0 !DSPAM:4c640a4832712114375996!
[vchkpw] Re: webmail option...
Den Arion wrote: courier authlib has not more support for vchkpw, what other option do I have for webmail? I install sqwebmail but I remembered too late the courier authlib doesn't have support for vchkpwd :( Thank you and have a good night (for those still awaken );-} _ 'La vida es dura. Después de todo, te mata.' Katharine Houghton Hepburn (1907-2003) __m___m__ ||(O O)|| ||(~)|| Dovecot IMAP. -- -Eric 'shubes' !DSPAM:4c341cde32713283974004!
[vchkpw] Re: qmail - vpopmail delivery
Jerkovic Bosko wrote: Hello, Im having some issues, i recently reinstalled qmail and now, im able to send mail, but all mail received goes to /home/user/Maildir instead of vpopmail delivery. Can anyone suggest what files needs to be modified to get delivery back to the vpopmail instad of home directories ? Thanks. I believe that's handled by the files in the /var/qmail/users/ directory, but I'm not sure that's everything that's required. Are you aware of the http://qmailtoaster.com/ packages? They make things like this a lot easier to deal with, as everything is all preconfigured. -- -Eric 'shubes' !DSPAM:4c2376813275767010!
[vchkpw] Re: Courier IMAP or other IMAP serves...
I'll 2nd that. Dovecot performs much better, and is quite reliable. -- -Eric 'shubes' Rick Romero wrote: I think Dovecot (www.dovecot.org) is the more popular POP/IMAP server these days. Rick Quoting Den Arion den_ar...@hotmail.com: Hi to everyone...I just came back to work with linux server. In the past, many years I worked with linux and I installed vpopmail and courier-imap. The last week I downloaded/installed qmail/vpopmail/courier-auth/courier imap. I have problems login to the IMAP server and searching for information I found that the module vchkpw was not in the list or the documentation. I tried to use other IMAP servers recommended but I had problems compiling but any way... I questions are:Does it work the current version of courier imap (4.8.0)?If not, is there some way to patch it?What other options are for imap server and vpopmail? Regards __m___m__ ||(O O)|| ||(~)|| !DSPAM:4c1fed0a32711144331001!
[vchkpw] Re: vpopmail v5.5 w/ LDAP
Eric Shubert wrote: Hey Matt, How's LDAP coming along with v5.5? I'm ready to do some testing when you think it's Beta. I also know of someone else who's itching to get off of MySQL. Any guesstimate on when you might have it ready? (I won't hold you to it, promise) Any word on this? I received a direct reply from supp...@readyhosting-inc.com which stated that they don't support Vpopmail 5.5 w/ LDAP. I really don't care about what readyhosting-inc.com supports, unless they've taken over the development of vpopmail. Can anyone fill me in on this? -- -Eric 'shubes' !DSPAM:4c124ab732713058948188!
[vchkpw] Re: vpopmail v5.5 w/ LDAP
Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 06/11/2010 09:39 AM, Eric Shubert wrote: Any word on this? I received a direct reply from supp...@readyhosting-inc.com which stated that they don't support Vpopmail 5.5 w/ LDAP. I really don't care about what readyhosting-inc.com supports, unless they've taken over the development of vpopmail. Can anyone fill me in on this? They probably thought you were emailing them for support. - -- /* Matt Brookings m...@inter7.com GnuPG Key FAE0672C Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwSpWcACgkQIwet2/rgZyxUbACePC4SarL6wB99mNpBpUbQvBe6 6kcAoJQzigWmHZRAIj4Gcw9KGQvbdXUh =biF0 -END PGP SIGNATURE- Hey Matt, Good to hear from you. Can you fill me in on your status with LDAP and v5.5? Will a beta or even alpha be available any time soon? Thanks for letting me know. -- -Eric 'shubes' !DSPAM:4c12a8d132711522111658!
[vchkpw] vpopmail v5.5 w/ LDAP
Hey Matt, How's LDAP coming along with v5.5? I'm ready to do some testing when you think it's Beta. I also know of someone else who's itching to get off of MySQL. Any guesstimate on when you might have it ready? (I won't hold you to it, promise) -- -Eric 'shubes' !DSPAM:4c007e8832711825021229!
[vchkpw] Re: disable-many-domains - enable-many-domains
Thibault Richard wrote: Hello, I'm using vpopmail since a few years with the compilation option --disable-many-domains (for historical reason because I followed Qmailrocks guide for my first installation). If I've well understand, one one the difference between those compilation option is the MySQL table structure (if the option --enable-auth-module=mysql is used). Could someone confirm that ? If I'm wrong, could someone tell me what are the option to use one table per domain or one table for every domain I'm pretty sure this is correct. --disable-many-domains = one table for each domain --enable-many-domains = one table for all domains One table for all domains seems to be a better database design. OTOH, can someone explain the reasons why one table for each domain (--disable-many-domains) might be a better choice? Is there a MySQL script to convert the table structure between the two options ? Not that I'm aware of, but I expect it would be fairly simple. I know of someone else who might be interested in this as well. Thank you Thibault -- -Eric 'shubes' !DSPAM:4be97d5b32714726992539!
[vchkpw] Re: chkuser parameters via tcp.smtp environment variables
Tonix (Antonio Nati) wrote: Eric Shubert ha scritto: Tonix (Antonio Nati) wrote: Eric Shubert ha scritto: Tonino, I've wondered for a while about this but haven't had a chance to test it, so I'm going to ask the expert. ;) If /* #define CHKUSER_ALLOW_SENDER_CHAR_3 '' */ is commented out of the build, can it be added as an environment variable such as CHKUSER_ALLOW_SENDER_CHAR_3='/' (from the tcp.smtp file)? If #define CHKUSER_ALLOW_SENDER_CHAR_3 '?' is defined in the build, can its value be changed by an environment variable such as CHKUSER_ALLOW_SENDER_CHAR_3='/' (from the tcp.smtp file)? If CHKUSER_SENDER_FORMAT is left commented (the default) in the build, can it be activated by setting the environment variable CHKUSER_SENDER_FORMAT=1? Thanks for your great work on chkuser, and your superb support. Hello Eric, actually they cannot be defined as environment variable, but must be set in compiled executable. I'm wondering if these controls are still actual, as usage of email has extented a lot, and it is more easy to find strange addresses. I'm also starting to think to further chkuser improvements... but my biggest thought is towards qmail improvements... Anything to suggest? Tonino Hey Tonino, Thanks for your prompt reply, and your interest in improvements. As you probably know, I'm pretty active with the qmail-toaster community, and we've been using chkuser since before I came aboard in '06. We certainly appreciate your work with chkuser. Jake's the project owner presently and he's calling the shots regarding configuration, so I've cc'd him on this discussion. The 'stock' (std) QMT configuration includes a patch file for chkuser that includes the following non-default values in chkuser_settings.h: #define CHKUSER_ALLOW_SENDER_SRS #define CHKUSER_ALLOW_RCPT_SRS #define CHKUSER_SENDER_NOCHECK_VARIABLE SENDER_NOCHECK #define CHKUSER_ALLOW_SENDER_CHAR_1 '$' #define CHKUSER_ALLOW_SENDER_CHAR_2 '%' #define CHKUSER_ALLOW_SENDER_CHAR_4 '?' #define CHKUSER_ALLOW_SENDER_CHAR_5 '*' #define CHKUSER_ALLOW_RCPT_CHAR_1 '$' #define CHKUSER_ALLOW_RCPT_CHAR_2 '%' #define CHKUSER_ALLOW_RCPT_CHAR_4 '?' #define CHKUSER_ALLOW_RCPT_CHAR_5 '*' In addition, it appears that Jake has made the following changes manually (since v2.0.8): #define CHKUSER_RCPT_FORMAT #define CHKUSER_RCPT_MX #define CHKUSER_SENDER_FORMAT #define CHKUSER_SENDER_MX There is primarily one situation that comes to mind where users have been required to customize the stock chkuser settings. This is due to users with blackberry devices, which has recently become more frequent. The sender address with blackberrys sometimes contains the '/' character, so to circumvent the problem, we have added the following customization: #define CHKUSER_ALLOW_SENDER_CHAR_3 '/' #define CHKUSER_ALLOW_RCPT_CHAR_3 '/' This works well, with no ill effects noticed to date. This brings into question the purpose of these checks in chkuser. My understanding is that these special characters used to be thought of as a security risk, but I believe that rationale has become outdated. IMO, the best practice for chkuser would be to allow whatever digits are defined in the standard for email. See http://en.wikipedia.org/wiki/E-mail_address#RFC_specification for details. If there needs to be any customization of the allowed characters, it would be best to have CHKUSER_DISALLOW_RCPT_CHAR_1...n values that DISallow certain digits. I can't think of a good reason for these though, especially since the recipient address is verified with vpopmail. I can see no purpose at all in restricting sender address digits beyond what's allowed in the spec. Bottom line is that I would simply like chkuser to check for the digits as specified in the RFC, and leave it at that. I'm wondering, what is the reasoning behind changing the default to turn off the _FORMAT and _MX settings in v2.0.8? I'm thinking that this was a good choice, and that perhaps the stock QMT should follow suit making it the default. Doing so would eliminate this blackberry problem entirely (and permanently), as well as solving another less common problem regarding the SENDER_MX not found error. If Jake concurs, then the only settings different between the stock QMT and the default chkuser would be: #define CHKUSER_ALLOW_SENDER_SRS #define CHKUSER_ALLOW_RCPT_SRS #define CHKUSER_SENDER_NOCHECK_VARIABLE SENDER_NOCHECK Would it cause a problem to make these the default settings in chkuser? If not, could you make these the defaults in the next chkuser release? That would simplify things for Jake, as we would use the default chkuser settings across the board in the stock QMT. Bottom line to me is that I'd like to see the stock QMT include the default chkuser configuration. I think that would be a good thing for everyone involved, as there would be no 'exceptions' to document or worry about, no patch file, etc. Thanks for your time, effort, and attention
[vchkpw] Re: chkuser parameters via tcp.smtp environment variables
Tonix (Antonio Nati) wrote: Eric Shubert ha scritto: I agree with this as well, for the most part. This is why I think that the option(s) would be better suited as CHKUSER_DISALLOW. IOW, start with things wide open, and let admins specify which characters they choose not to allow. I did not consider it this way. It is reasonable. The problem I see with the present implementation is that there is nothing (optional or otherwise) which checks for RFC compliance. There does need to be some sort of sanity check. In situations where the system is configured with a catchall account, there would be no other mechanism for ensuring that the recipient address contained only RFC-compliant characters. There should also be a check on the sender address, as it's easily modified by end users. I would like to see chkuser check for RFC compliance of both sender and recipient addresses. I can see no reason why anyone would not want this feature enabled. If it is optional, I think the default should be enabled, as it's consistent with RFC rules. Is there a list of defined RFC permitted chars? In the past I looked for simple RFC rules to check, but probably i did not check very deeply. I remember all characters were permitted. Yes, there is. A simple definition is at http://en.wikipedia.org/wiki/E-mail_address#RFC_specification I expect that this is correct, but would verify the values in RFC 5321 and RFC 5322, linked to at that page. So to sum this up, I'd like to see chkuser enforce RFC rules by default. Optional parameters would be to loosen things with CHKUSER_ALLOW characters, and to tighten things up with CHKUSER_DISALLOW characters. The default behavior would be strict RFC compliance (the starting point). I believe this would give the best flexibility, along with configuration simplicity. But, as said before, it is not easy to chose the right settings, so I'm open to discuss. I hear you on that. It takes discussion to arrive at the best solution. While one size won't fit all, I think we can come up a reasonable default which allows for easy tailoring for the exceptions. OK. Let me think on all again. What you say is a good starting point. Great. I'm happy to bounce ideas back and forth. Anyway, speaking in a wider way, I'm going to plan new changes on chkuser, but I'm having the impression qmail limits now are limiting me more than chkuser limits, so I'm thinking if it would be the case to start a wider project, integrating and extending qmail. I've registered openqmail.org, and thinking to what can be done in order to extend qmail in a simpler way. I've done small changes to qmail, besides chkuser,and I'm willing to make more changes, and I feel what I need (I'm an ISP) probably is what others need, and viceversa. What do you think? I'm happy to hear this. Rather than starting something on your own though, I'd really like to see you join with us on the qmail-toaster project. I believe that QMT has a promising future for qmail. There is a large (estimated 12k+ hosts) user base, many of which are ISPs. We have lists for users and development, both of which are fairly active and responsive. We can certainly use your expertise and abilities, and I'm sure your participation will be well received. See http://wiki.qmailtoaster.com/index.php/Main_Page for info about QMT. This is a good point for starting another thread... I agree. Can we take the discussion to the qmailtoaster-devel list? I'm there already, as are others interested in QMT development. I use gmane.org for list access - it's much simpler for subscribing, and there's no filtering required. The list names for QMT on gmane.org are gmane.mail.qmail.toaster.devel and gmane.mail.qmail.toaster (users list). If you'd rather do it the old fashioned way, see the list addresses are qmailtoaster-devel-subscr...@qmailtoaster.com and qmailtoaster-list-subscr...@qmailtoaster.com I like the idea, but I'd love to stop with patching. Now qmail is in public domain, so I don't see reasons why we should not have a decent Makefile, a complete source distribution, decent common libraries, mysql integration, and a rewrite/improvement of some (a lot) parts of code. A lot could be improved, but the horrible DJB coding makes it hard. Just for example: actually, you don't have a way to associate together all logs for a single message. So, I've changed a lot of coding for adding message and delivery numbers to logs, but internal qmail behaviour make it impossible to have it working as it should. Numbers associated to emails and deliveries are the i-node numbers of messages, so when you use again a file i-node just released, you use the same message and delivery numbers of previous messages! I'm going to improve and change internal logic for message and delivery numbers, but no more patches! :-) I agree whole heartedly on all counts. Can we pick up this discussion on the qmailtoaster-devel
[vchkpw] Re: chkuser parameters via tcp.smtp environment variables
Tonix (Antonio Nati) wrote: Eric Shubert ha scritto: Tonino, I've wondered for a while about this but haven't had a chance to test it, so I'm going to ask the expert. ;) If /* #define CHKUSER_ALLOW_SENDER_CHAR_3 '' */ is commented out of the build, can it be added as an environment variable such as CHKUSER_ALLOW_SENDER_CHAR_3='/' (from the tcp.smtp file)? If #define CHKUSER_ALLOW_SENDER_CHAR_3 '?' is defined in the build, can its value be changed by an environment variable such as CHKUSER_ALLOW_SENDER_CHAR_3='/' (from the tcp.smtp file)? If CHKUSER_SENDER_FORMAT is left commented (the default) in the build, can it be activated by setting the environment variable CHKUSER_SENDER_FORMAT=1? Thanks for your great work on chkuser, and your superb support. Hello Eric, actually they cannot be defined as environment variable, but must be set in compiled executable. I'm wondering if these controls are still actual, as usage of email has extented a lot, and it is more easy to find strange addresses. I'm also starting to think to further chkuser improvements... but my biggest thought is towards qmail improvements... Anything to suggest? Tonino Hey Tonino, Thanks for your prompt reply, and your interest in improvements. As you probably know, I'm pretty active with the qmail-toaster community, and we've been using chkuser since before I came aboard in '06. We certainly appreciate your work with chkuser. Jake's the project owner presently and he's calling the shots regarding configuration, so I've cc'd him on this discussion. The 'stock' (std) QMT configuration includes a patch file for chkuser that includes the following non-default values in chkuser_settings.h: #define CHKUSER_ALLOW_SENDER_SRS #define CHKUSER_ALLOW_RCPT_SRS #define CHKUSER_SENDER_NOCHECK_VARIABLE SENDER_NOCHECK #define CHKUSER_ALLOW_SENDER_CHAR_1 '$' #define CHKUSER_ALLOW_SENDER_CHAR_2 '%' #define CHKUSER_ALLOW_SENDER_CHAR_4 '?' #define CHKUSER_ALLOW_SENDER_CHAR_5 '*' #define CHKUSER_ALLOW_RCPT_CHAR_1 '$' #define CHKUSER_ALLOW_RCPT_CHAR_2 '%' #define CHKUSER_ALLOW_RCPT_CHAR_4 '?' #define CHKUSER_ALLOW_RCPT_CHAR_5 '*' In addition, it appears that Jake has made the following changes manually (since v2.0.8): #define CHKUSER_RCPT_FORMAT #define CHKUSER_RCPT_MX #define CHKUSER_SENDER_FORMAT #define CHKUSER_SENDER_MX There is primarily one situation that comes to mind where users have been required to customize the stock chkuser settings. This is due to users with blackberry devices, which has recently become more frequent. The sender address with blackberrys sometimes contains the '/' character, so to circumvent the problem, we have added the following customization: #define CHKUSER_ALLOW_SENDER_CHAR_3 '/' #define CHKUSER_ALLOW_RCPT_CHAR_3 '/' This works well, with no ill effects noticed to date. This brings into question the purpose of these checks in chkuser. My understanding is that these special characters used to be thought of as a security risk, but I believe that rationale has become outdated. IMO, the best practice for chkuser would be to allow whatever digits are defined in the standard for email. See http://en.wikipedia.org/wiki/E-mail_address#RFC_specification for details. If there needs to be any customization of the allowed characters, it would be best to have CHKUSER_DISALLOW_RCPT_CHAR_1...n values that DISallow certain digits. I can't think of a good reason for these though, especially since the recipient address is verified with vpopmail. I can see no purpose at all in restricting sender address digits beyond what's allowed in the spec. Bottom line is that I would simply like chkuser to check for the digits as specified in the RFC, and leave it at that. I'm wondering, what is the reasoning behind changing the default to turn off the _FORMAT and _MX settings in v2.0.8? I'm thinking that this was a good choice, and that perhaps the stock QMT should follow suit making it the default. Doing so would eliminate this blackberry problem entirely (and permanently), as well as solving another less common problem regarding the SENDER_MX not found error. If Jake concurs, then the only settings different between the stock QMT and the default chkuser would be: #define CHKUSER_ALLOW_SENDER_SRS #define CHKUSER_ALLOW_RCPT_SRS #define CHKUSER_SENDER_NOCHECK_VARIABLE SENDER_NOCHECK Would it cause a problem to make these the default settings in chkuser? If not, could you make these the defaults in the next chkuser release? That would simplify things for Jake, as we would use the default chkuser settings across the board in the stock QMT. Bottom line to me is that I'd like to see the stock QMT include the default chkuser configuration. I think that would be a good thing for everyone involved, as there would be no 'exceptions' to document or worry about, no patch file, etc. Thanks for your time, effort, and attention to this. It's really a pretty small item, but when we
[vchkpw] chkuser parameters via tcp.smtp environment variables
Tonino, I've wondered for a while about this but haven't had a chance to test it, so I'm going to ask the expert. ;) If /* #define CHKUSER_ALLOW_SENDER_CHAR_3 '' */ is commented out of the build, can it be added as an environment variable such as CHKUSER_ALLOW_SENDER_CHAR_3='/' (from the tcp.smtp file)? If #define CHKUSER_ALLOW_SENDER_CHAR_3 '?' is defined in the build, can its value be changed by an environment variable such as CHKUSER_ALLOW_SENDER_CHAR_3='/' (from the tcp.smtp file)? If CHKUSER_SENDER_FORMAT is left commented (the default) in the build, can it be activated by setting the environment variable CHKUSER_SENDER_FORMAT=1? Thanks for your great work on chkuser, and your superb support. -- -Eric 'shubes' !DSPAM:4be04f9f32716987310115!
[vchkpw] Re: chkuser log mesage, remote helo:remotehostname:remotehostip
Tonix (Antonio Nati) wrote:
Eric Shubert ha scritto:
I use qmail-toaster, and recently changed from using -H with tcpserver
to using -h, which looks up the rDNS name and puts it in the
TCPREMOTEHOST variable.
With the former setup (-H), the remote portion of the CHKUSER log
message contained the helo value, unknown for the remotehostname,
and the remotehostip value.
With the current setup (-h, or blank), the message now contains the
rDNS name in place of unknown, as expected. The helo portion though,
is now blank/null (missing). Is there some reason why the helo value
isn't shown when there's a remotehostname value present? Looks like a
bug to me.
Many thanks, Tonix!
Hi Eric, it is not chkuser, it's a qmail behaviour.
If the helo is not different from (remote) hostname, qmail-smtpd sets it
to NULL.
void dohelo(arg)
char *arg;
{
if (!stralloc_copys(helohost,arg)) die_nomem();
if (!stralloc_0(helohost)) die_nomem();
fakehelo = case_diffs(remotehost,helohost.s) ? helohost.s : 0;
}
Regards,
Tonino
Thanks for this clarification Tonino. That's indeed what I'm seeing when
I look a bit closer.
--
-Eric 'shubes'
!DSPAM:4bdef37e32711079121383!
[vchkpw] chkuser log mesage, remote helo:remotehostname:remotehostip
I use qmail-toaster, and recently changed from using -H with tcpserver to using -h, which looks up the rDNS name and puts it in the TCPREMOTEHOST variable. With the former setup (-H), the remote portion of the CHKUSER log message contained the helo value, unknown for the remotehostname, and the remotehostip value. With the current setup (-h, or blank), the message now contains the rDNS name in place of unknown, as expected. The helo portion though, is now blank/null (missing). Is there some reason why the helo value isn't shown when there's a remotehostname value present? Looks like a bug to me. Many thanks, Tonix! -- -Eric 'shubes' !DSPAM:4bdd9f8632716578717170!
[vchkpw] Re: system_error_calling_qmail-inject
Fiorenza Meini wrote: Hi there, I'm using vpopmail + qmail; sometimes when there is a message with malformed address in the header message, I receive this error: /write_to_qmail-inject_failed:_32/system_error_calling_qmail-inject Any suggestion? Thanks and regards. Fiorenza Have you seen/tried chkuser? http://www.interazioni.it/opensource/chkuser/ -- -Eric 'shubes' !DSPAM:4bb20eae32711603412452!
[vchkpw] Re: Scripting With vadduser
Victor Subervi wrote: On Mon, Mar 22, 2010 at 2:40 PM, Rick Macdougall ri...@ummm-beer.com mailto:ri...@ummm-beer.com wrote: On 22/03/2010 2:12 PM, Victor Subervi wrote: What version of vpopmail are you running ? Where do I find it? Looking at the doc_html file I see it's newer than 3.4.10, and I just installed it last month from a qmailrocks tarball. Or to run on the command line for testing ./vpopmaild [root]# ./vpopmaild bash: ./vpopmaild: No such file or directory TIA, Victor If you're just getting started with qmailrocks, you might try http://qmailtoaster.com instead. They're very similar, but I think you'll find qmail-toaster much easier, and you won't have this sort of problem with it. Plus the community support there is great. -- -Eric 'shubes' !DSPAM:4ba7c0a332711888510869!
[vchkpw] Re: Scripting With vadduser
Victor Subervi wrote: On Mon, Mar 22, 2010 at 3:08 PM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: If you're just getting started with qmailrocks, you might try http://qmailtoaster.com instead. They're very similar, but I think you'll find qmail-toaster much easier, and you won't have this sort of problem with it. Plus the community support there is great. Before plunging into that, I've got a __working__ qmail and vpopmail that I don't want to rip out. Advice? TIA, V I honestly don't know enough about your situation to give an intelligent recommendation. Sorry. -- -Eric 'shubes' !DSPAM:4ba7c6fb32712009718956!
[vchkpw] Re: Trash folder maintenance
Trey Nolen wrote: In the past, we have been using Sqwebmail to remove email from the Trash folder periodically (by default 7 days). Now, we have migrated to a new server using the new Vpopmail which no longer supports Sqwebmail. We have moved to SquirrelMail for our main webmail interface. I would still like to be able to remove deleted items after 7 days. I have seen the Proon plugin for SquirrelMail, but I believe it is too complex for most users, and it also will not let us specify global defaults. Does anyone out there have a solution they are using? Trey Nolen http://qtp.qmailtoaster.com/trac/browser/etc/cron.hourly/qtp-clean-trash -- -Eric 'shubes' !DSPAM:4b9513dd32711593813038!
[vchkpw] Re: How can I disable user over quota message?
I don't know the answer to your question. Have you see http://qmailtoaster.com though? I think it might make your task much easier, at least in the long run. Bulend Kolay wrote: I use validrcptto.patch with jms1.net. is there a option on it? Otherwise do I have to use chkuser patch ? On 20/01/2010 9:51 AM, Bulend Kolay wrote: Hello I use vpopmail on qmail. As default, when a mail account reaches to its quota, vpopmail sends a warning message to sender addres about user over quota. How can I disable to send these warning messages to sender? I think this condition causes backscatter. any advice? Use the chkuser patch. It checks at smtp time of the user is over quota and doesn't accept the message if they are. Regards, Rick -- -Eric 'shubes' !DSPAM:4b5727c332711009015733!
[vchkpw] Re: Migrating Vpopmail to a new server
If you decide to use mysql, I'd consider using http://qmailtoaster.com/. It's a very nice set of packages. You could be up and running in a few hours (sans migration). There is also good community support. Jukka Kurkela wrote: You mean CDB is way faster, right? if not, can you provide some benchmark results or even explanation? ++jukka Remo Mattei wrote: I would not use CDB just my point of view. Go to mysql way faster and better for all those domains you got. I used rsync on my server when I moved over to the new one as long as you got the same userid (vpopmail) you should be good. The question is do you have users email on your server or do they pop that? If they pop3 it that’s easy by using learn password make sure they use that for the first time which sets their password to what they have now (pop3) as far as I know does not work with imap. Just my 2 cents, Remo On 1/11/10 20:55 , Srdan Dukic srdan.du...@gmail.com wrote: Hi, I've been given the job of migrating one of our existing Vpopmail servers accross to a new machine. I have successfully installed the latest version of Vpopmail on the new machine, but I have some questions about the next part of the migration. The current server has just under 5000 domains and subdomains and each of those has about 3-4 users each. What is the process for migrating from one Vpopmail install to another? Can I just recursively copy accross all of the files under '/home/vpopmail/domains'? And if so, is there some command I have to run after the copy accross to re-index the directories or Maildirs? The authentication system used is just the default 'CDB' file format on both of the servers. Another, related question is that I'm trying to find out the version of the Vpopmail that is installed on the old server, but am having some trouble. I've tried running some of the programs under the '/home/vpopmail/bin' directory with the '-v' and '--version' flags, but was unable to get a version number. Thank you -- -Eric 'shubes' !DSPAM:4b4c796032711483016595!
[vchkpw] Re: vpopmail + Dovecot + CRAM-MD5 problem
Shane Chrisp wrote: Ro Achterberg wrote: You will need to enable plain text passwords in the database to be able to use cram-md5. In dovecot-sql.conf, I tried setting default_pass_scheme to both PLAIN and PLAIN-MD5, but none of which seemed to work. I'm probably missing the point. Did you perhaps mean to have vpopmail store the user passwords in plain text? I'm just checking, because to me it seems to lower security and it seems to defeat the purpose of working with hashed passwords. Could you please confirm this? Yes, thats what I meant by my comment. You need the plain text passwords in the vpopmail database. Having plain text passwords in the database doesn't necessarily lower the security as your database can be on a host which is not accessable to anything by the authenticating machine. Shane cram-md5 is a bit outdated. It has two weaknesses, the first of which you've identified, which is that passwords need to be stored in plain text. This is unsuitable for some environments. The second weakness is md5 itself, which is vulnerable in a few different ways (see http://en.wikipedia.org/wiki/MD5). I believe that currently the best approach to secure connections is to use TLS/SSL along with either plain or login authentication methods. In dovecot.conf: # Disable LOGIN command and all other plaintext authentications unless # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. #disable_plaintext_auth = no disable_plaintext_auth = yes You'll also need to configure TLS/SSL. -- -Eric 'shubes' !DSPAM:4b22658132711495920358!
[vchkpw] Re: vdeliver perimission denied for vadddomain -u
Michael Mussulis wrote: It looks like I am talking partly nonsense, apologies for that. I've had another stab at the code, and it looks like the sql insert command statement has gid hardcoded to '0', and uid is the 'apop' value - which from what I gather (correct me if I am wrong), only works in clear text mode. So since I've disabled clear text, I am assuming the value is truncated to '0'; which makes me wonder - is this by design? Also, if I am not wrong (and would appreciate confirmation), these values have no baring on vdelivermail - although I found they are critical for Dovecot IMAP authentication. Which brings me back to the question - what purpose do they serve in the first place? So I am back to square one. I still have no clu e which permission is affecting the delivery of mail for user specified domain. Please someone, any ideas where else I could look? Thanks, Michael. You might try installing qmail-toaster (http://qmailtoaster.com) and seeing how it's done there. Several folks have successfully installed dovecot with QMT as well, although I believe that these were not with dovecot's LDA (deliver). -- -Eric 'shubes' !DSPAM:4b1830f332711607113511!
[vchkpw] Re: Issues with vpopmail
Have you had a look at http://www.qmailtoaster.com ? It's very easy to implement, and is very solid and reliable. Unfortunately, the vpopmail-toaster package is still at 5.4.17. There are a few folks who are experiencing problems with quotas, while others are not. I will be upgrading vpopmail-toaster to v5.5 once it's stable, so this problem will go away at that time. Sorry, but I don't know off hand what your existing problem might be. -- -Eric 'shubes' abc Xyz wrote: Hi Pavel thanks for replying. i want to explain my whole scenario so that it will be easier to suggest what should i do firstly i configured qmail server and qmail-pop3d with Maildir format. it was working fine. and than i need to set user quotas so i googled and found vpopmail. i installed it and created new domain, user and set user quota. but i was getting error in running vusaged (/vusaged: error while loading shared libraries: libev.so.3: cannot open shared object file: No such file or directory) so i commented out Listen line in vusaged.conf file than i got this: #./vusaged config: using /home/vpopmail/etc/vusaged.conf socket: listening on /tmp/vusaged.sock vusaged: begin controller: stage one controller: stage two so i think it is working fine now. but now my problem is in log file i am getting this error: delivery 13: success: client_connect:_connect_failed:_13/client_connect:_connect_failed:_13/client_connect:_connect_failed:_13/tcprules:_fatal:_unable_to_parse_this_line:_Received:_(qmail_4552_invoked_from_network);_25_Nov_2009_09:46:36_-/client_connect:_connect_failed:_13/did_0+0+1/ and in mailbox also, i get an empty mail without any to: from: subject and content. vdominfo is working fine but in vuserinfo i get the same error saying: client_connect: connect failed: 13 i dont know what should i do... i am configuring mail server for the first time and i am not so clear about the internal processes so if anyone can help me in understanding what vusaged and vusagec do (any link which have all the explanation) and what should i do to get my mails with all attributes rather than a blank mail hoping to get any solution to my problem Thanks !DSPAM:4b0e5c3532711855418125!
[vchkpw] Re: Failure to update tcp.smtp - No authorized relaying for roaming user!
atomdeb...@gmail.com wrote: OK, I'm sold; I'll use SMTP-AUTH instead of POP-before-SMTP. I can authenticate from inside or outside the network, using SMTP-AUTH in either PLAIN or LOGIN mode. CRAM-MD5 is apparently not implemented (yet). I can only relay when I connect from inside the network. Attempting to relay from outside the network gives me the error 553 sorry, that domain isn't in my list of allowed rcpthosts. I am not using a SQL db for the backend. Should I be seeing a file called open-smtp? It doesn't exist. How do I get this thing to allow me to relay from my dynamic IP address once I've authenticated with SMTP-AUTH? If you're using rblsmtpd, you'll need to either configure and use port 587 for submission (with no rblsmtpd but required authentication), or install spamdyke (highly recommended). -- -Eric 'shubes' !DSPAM:4af9d04d32713891315593!
[vchkpw] Re: offtopic sorry!
I've been using spamdyke for quite a while now, and absolutely love it. If I had to pick only one anti-spam product to use, it would be spamdyke (over and above spamassassin even). Sam has done a terrific job with it. There's good community support as well. Ronaldo Chan wrote: Ismail, Thanks for your prompt reply, i'll check it today if can compare spamcontrol with spamdyke by apple to apple comparison. thanks for your reply guys, i really appreciate it. Best regards, Ronaldo Chan On Sep 24, 2009, at 10:38 PM, Ismail YENIGUL wrote: Hi Ronald, You can bypass RBL checking for authenticated users with spamdyke. (http://www.spamdyke.org) A quote from web page: Full SMTP AUTH support, so your users can bypass all filters, even from remote locations. spamdyke can provide SMTP AUTH even if qmail is completely unpatched. Thanks. Thursday, September 24, 2009, 5:27:01 PM, you wrote: You cannot because RBL checking happens before SMTP authentication as far as I know. Sincerely, - Wouter van der Schagt -- From: Ronaldo Chan ron...@revlink.ph mailto:ron...@revlink.ph Sent: Thursday, September 24, 2009 10:14 PM To: vchkpw@inter7.com mailto:vchkpw@inter7.com Subject: [vchkpw] offtopic sorry! Hi! Good day, has anyone from you guys know how can i bypass rbl checking if the sender was already authenticated with smtp? i use spamcontrol implementation of smtpd-auth, i know this is not really the proper channel for this, but i'm really desperate to solve this issue Best regards, Ronaldo Chan div style=text-align: left; text-indent: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; -- Ismail YENIGUL Endersys Ltd. Proje Yöneticisi / Project Manager Phone :+90 216-4709423 | Mobile:+90 533 747 36 65 Fax :+90 216-4709508 | web: http://www.endersys.com.tr Endersys blog aç?ld?. http://blog.endersys.com -- -Eric 'shubes' !DSPAM:4abba34232718899527160!
[vchkpw] Re: imap before smtp
I use dovecot with vpopmail as well. Performance is much better than courier. Tom Collins wrote: Even if it's possible to set up imap-before-smtp, you'll be much better off if you have your clients use SMTP AUTH instead. More reliable, more predictable, and supported by almost every email client out there. If you really want to try it, consider Dovecot instead of Courier. I think dovecot uses vchkpw, and is probably going to be easier to configure. -Tom On Sep 16, 2009, at 11:51 PM, kengheng kengh...@mysql.cc wrote: Dear All, would like to check if there is anyway to do imap before smtp relay ? I'm using courier-authlib-0.60.2 with courier-imap. Thanks. -- Best regards, KengHeng. Chan Mobile : +6-016-717-0273 SQL Technology Sdn Bhd http://www.mysql.cc c...@mysql.cc -- -Eric 'shubes' !DSPAM:4ab8277232711705548173!
[vchkpw] Re: multiple mails
Bulend Kolay wrote: I use vpopmail on qmail. I have many customer domains on that mail server. One of these customer domains tells me that, they rarely receive the same mail a few times. That problem becomes nearly once a week for this customer. I haven't any complain from my other customers. They use outlook or o.express for their mails. What may the problem be ? Do I have to change my configuration ? This can be caused by the load on your server. Sometimes a long scan time will cause the sending server to time out before the scan is complete and your server acknowledges receipt. The sending server then obligingly resends. Check the smtp logs for the corresponding duplicate email. You'll see 2 receipts for it if this is what's happening. -- -Eric 'shubes' !DSPAM:4aaa575832712042125807!
[vchkpw] Re: multiple mails
Eric Shubert wrote: Bulend Kolay wrote: I use vpopmail on qmail. I have many customer domains on that mail server. One of these customer domains tells me that, they rarely receive the same mail a few times. That problem becomes nearly once a week for this customer. I haven't any complain from my other customers. They use outlook or o.express for their mails. What may the problem be ? Do I have to change my configuration ? This can be caused by the load on your server. Sometimes a long scan time will cause the sending server to time out before the scan is complete and your server acknowledges receipt. The sending server then obligingly resends. Check the smtp logs for the corresponding duplicate email. You'll see 2 receipts for it if this is what's happening. Oh, and if this is the problem, I would install spamdyke to lighten the load on your server. It works great. You'll be scanning a lot less email, and filtering more spam at the same time. http://spamdyke.org/. Personally, I'd install spamdyke in any case. You'll be glad you did. -- -Eric 'shubes' !DSPAM:4aaa5a3d32711198235893!
[vchkpw] Re: multiple mails
If the server isn't receiving them twice, then I'd look at the possibility of them being pop'd twice somehow. I don't know how that might happen (all of my Outlook clients are using IMAP). I presume your customers are using pop3. Bulend Kolay wrote: I checked smtp logs for these mails. But I couldn't see any duplicated mail. What else may the problem be ? - Original Message - From: Eric Shubert e...@shubes.net To: vchkpw@inter7.com Sent: Friday, September 11, 2009 4:57 PM Subject: [vchkpw] Re: multiple mails Bulend Kolay wrote: I use vpopmail on qmail. I have many customer domains on that mail server. One of these customer domains tells me that, they rarely receive the same mail a few times. That problem becomes nearly once a week for this customer. I haven't any complain from my other customers. They use outlook or o.express for their mails. What may the problem be ? Do I have to change my configuration ? This can be caused by the load on your server. Sometimes a long scan time will cause the sending server to time out before the scan is complete and your server acknowledges receipt. The sending server then obligingly resends. Check the smtp logs for the corresponding duplicate email. You'll see 2 receipts for it if this is what's happening. -- -Eric 'shubes' -- -Eric 'shubes' !DSPAM:4a6232714888040303!
[vchkpw] Re: chkuser random rejects
Bogdan Motoc - CRC wrote: Update: I reinstalled qmail. This time netqmail-1.06. No change. Reinstalled then vpopmail. Used 5.4.28. Still no change. Right now, all messages for virtual users are rejected (except those destined to domain.ro users, which remain in queue) with the message: Remote host said: 553 5.7.1 sorry, that domain isn't in my list of allowed rcpthosts (chkuser) From what i can see, the only abnormal behaviour shows in /var/log/qmail/smtpd/current @40004aa3f5ac28da4274 tcpserver: status: 1/20 @40004aa3f5ac28da4e2c tcpserver: pid 32069 from 193.201.21.10 @40004aa3f5ac28da5214 tcpserver: ok 32069 mail.domain.com:ip:25 :remote_ip::56788 @40004aa3f5ac2ef4ed6c CHKUSER accepted sender: from my_email:: remote my_email_srv:unknown:serv_addr rcpt : sender accepted @40004aa3f5ac2f4db3fc CHKUSER rejected relaying: from my_email:: remote my_email_srv:unknown:serv_addr rcpt postmas...@mail.domain.eu : client not allowed to relay @40004aa3f5ad2faa56d4 tcpserver: end 32069 status 0 Chkuser is ran twice for a single message. And I have no idea why. Anyone ran into this before or might have an idea what could be wrong? It's normal for chkuser to issue more than one message, one for sender and one for recipient. Your problem appears to be that submissions aren't successfully authenticating. Any session for an email destined to a domain that's not in rcpthosts must successfully authenticate, which is a good thing. Otherwise you'd have an open relay, which is very bad. -- -Eric 'shubes' !DSPAM:4aa4070932711035971020!
[vchkpw] Re: chkuser random rejects
Bogdan Motoc - CRC wrote: Eric Shubert wrote: Bogdan Motoc - CRC wrote: Update: I reinstalled qmail. This time netqmail-1.06. No change. Reinstalled then vpopmail. Used 5.4.28. Still no change. Right now, all messages for virtual users are rejected (except those destined to domain.ro users, which remain in queue) with the message: Remote host said: 553 5.7.1 sorry, that domain isn't in my list of allowed rcpthosts (chkuser) From what i can see, the only abnormal behaviour shows in /var/log/qmail/smtpd/current @40004aa3f5ac28da4274 tcpserver: status: 1/20 @40004aa3f5ac28da4e2c tcpserver: pid 32069 from 193.201.21.10 @40004aa3f5ac28da5214 tcpserver: ok 32069 mail.domain.com:ip:25 :remote_ip::56788 @40004aa3f5ac2ef4ed6c CHKUSER accepted sender: from my_email:: remote my_email_srv:unknown:serv_addr rcpt : sender accepted @40004aa3f5ac2f4db3fc CHKUSER rejected relaying: from my_email:: remote my_email_srv:unknown:serv_addr rcpt postmas...@mail.domain.eu : client not allowed to relay @40004aa3f5ad2faa56d4 tcpserver: end 32069 status 0 Chkuser is ran twice for a single message. And I have no idea why. Anyone ran into this before or might have an idea what could be wrong? It's normal for chkuser to issue more than one message, one for sender and one for recipient. Your problem appears to be that submissions aren't successfully authenticating. Any session for an email destined to a domain that's not in rcpthosts must successfully authenticate, which is a good thing. Otherwise you'd have an open relay, which is very bad. I realize that. But the message that I've sent was to: postmas...@domain.eu not postmas...@mail.domain.eu Somewhere it gets translated into another address, and I can't figure out why. It's true, the qmail me file is mail.domain.com but that should have nothing to do with authenticating. Right. If i change the me file into just domain.com then it also rejects everything, but this time the error messages refer to u...@domain.tld, which is a valid user, for which it should always accept mail. (this is not submission, just regular inbound mail on port 25). The fully qualified `hostname` is the right value there. Submission on the other hand works well, unless the destination is also a local vpopmail user. So this is all a local delivery problem, that I just can't seems to figure out. Are you mixing local and virtual domains and/or users? What I do know, is the following: - it's not the qmail queue (corrupted). I've erased it and done a /make setup check/ to recreate it - the filesystem is clean. unmounted it and done fsck As I understand the problem now, you're sending email to postmas...@domain.eu but it ends up going to postmas...@mail.domain.eu instead. Is that correct? How is it being sent? -- -Eric 'shubes' !DSPAM:4aa436f432711999460420!
[vchkpw] Re: Patch to disable vusaged
Tonix (Antonio Nati) wrote: I did not imagine vusaged was so intrusive! Is should be completely disabled if not needed. Tonino -- Matt, Is there some sort of specification documentation for vusaged that describes how it works? If there is, I think it would be useful to have it published so that it can be scrutinized by the community. Better to get things worked out up front than to confront them in the debugging stage. -- -Eric 'shubes' !DSPAM:4a9fe92532714008716074!
[vchkpw] Re: Patch to disable vusaged
Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Eric Shubert wrote: Is there some sort of specification documentation for vusaged that describes how it works? If there is, I think it would be useful to have it published so that it can be scrutinized by the community. Better to get things worked out up front than to confront them in the debugging stage. I don't have a document prepared, however it's relatively simple. In the most simple terms, all it does is look up every user under vpopmail, and count how much storage they're using. That is how it calculates user usage. To calculate domain usage, it adds up all the users' storage counts. There are a great deal of efficiencies added, of course. Constantly polling the disk would be extremely inefficient. It's also meant to be extremely fault tolerant, meaning, if vusaged isn't running, or the client API fails, delivery does not cease, and is not delayed in any noticable manner. I suppose the reason there is no document explaining this, is because the general idea is very simple, and the vusaged configuration file explains many of the efficiencies via it's configurable options. Was there any specific topic you were interested in? I'd be happy to provide whatever information you're looking for. - -- No, that pretty well sums it up. I should have a look at the configuration file. I don't expect that'll happen for me until ldap on 5.5 is ready for testing though. ;) I was just a little concerned about Tonix's comments. We'll see what he has to say. I'm confident you'll do what's best. Thanks for the great work. -- -Eric 'shubes' !DSPAM:4a9fee7e32711532716672!
[vchkpw] Re: chkuser random rejects
What's in your /var/qmail/users/assign file? Bogdan Motoc - CRC wrote: I'm really sorry about bothering you again about this problem, but I'm really at wits' end here. I have removed the mail.domain.tld from every file I could find. Now mail is not received at all. At least now it's consistent, which is good. No more flapping. (have to keep my sense of humor while users can't receive any mail) I think chkuser can be ruled out as the problem. Sending to legitimateu...@domain.tld produces a bounce with the error listed below (#5.1.1), while sending to nonexistentu...@domain.tld makes chkuser kick in and reject the message as it should as soon as I type rcpt to: badu...@domain.tld 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) So my conclusion is that qmail accepts the message but when it wants to deliver it locally to the vpopmail user, something causes it to bounce. Can you give me any advice on how to test the path traversed by the message once it is accepted by qmail-smtpd ? Bogdan Motoc - CRC wrote: I seem to have broken things really bad. I tried to make mail.domain.tld an alias of domain.tld Now authentication only works from time to time. The bounce says: u...@domain.tld: Sorry, no mailbox here by that name. (#5.1.1) Of course, that account exists. Where are domain aliases stored? Can I manually delete a domain alias? I'm using vpopmail 5.4.17 with users stored in a cdb file. Bogdan Tonix (Antonio Nati) wrote: Bogdan Motoc - CRC ha scritto: Tonix (Antonio Nati) wrote: Bogdan Motoc - CRC ha scritto: This most probably is not a vpopmail problem, but a chkuser one. The support page of chkuser (http://www.interazioni.it/opensource/chkuser/support/mailing_lists.html) points to this mailing list, so that's why I'm posting this here. chkuser is simply using basic qmail checks, giving a better log. It is giving back what qmail would give back. Check carefully qmail configuration and files availability. nothing changed between the two events (rejecting a legitimate message and allowing a similar one) all files are world-readable, except the .lock files The mail server in question runs: netqmail 1.05 vpopmail 5.4.17 chkuser 2.0.8b simscan 1.1 install chkuser 2.09, has more checks, new features and solves minor bugs (not related to your question). hard to do on a production server. I've set this one up more than two years ago, and I remember there was a rigid order in which patches were supposed to be applied to qmail, and some of them had to be manually added (thinking of simscan, smtp-auth, chkuser) It should be easy. Copy new chkuser files over old files, check chkuser_settings.h (some have changed) and recompile. In the meantime, I've googled a bit and found an alternative. I'll post a what's your experience with ... ? message later about it. Messages sent to existing and not overquota users on this server randomly (as far as I can tell) are rejected with this message: Remote host said: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser) I've checked and double checked that the user exists and there was no typo when entering the destination email address. Sending again after a while to the same user ends up with the message into his mailbox without any issues. The server's /var/log/qmail/smtpd/current log file shows this about the rejected message: 2009-07-24 12:28:19.035629500 CHKUSER rejected relaying: from sender's_email_address:: remote remote_mail_server:unknown:remote_ip rcpt valid_u...@mail.domain.tld : client not allowed to relay The mailboxes on this machine are all respecting this pattern: u...@domain.tld You say general pattern is u...@domain.tld, while log says u...@mail.domain.tld. Are you sure 100% domain names do not include blank, DEL, strange not visible chars? It could happen when spaces or strange invisible characters are inside mail addresses. Yes, the recipient mail address I've typed correctly (I double-checked it, having faced stupid users before who think that spaces in email adresses can't hurt that much, can they?) Basically, i replied to a user on that server and got the bounce back imidiately. Cursed at the binary gods for allowing functions to return different results when fed the same input, had to leave the office, and when i got back replied again to the same message, checked and it arrived in the users's mailbox. The log shows this: 2009-07-24 18:09:48.389030500 CHKUSER accepted rcpt: from my_email_address:: remote my_email_server:unknown:my_ip rcpt u...@domain.tld : found existing recipient Check if any limit is reached. Like max open files or max MySQL connections. It could happen in a peaik moment you reach some limits. chkuser version you have does not handle mysql refused connections, while 2.0.9 does. What i don't understand is why vpopmail is sometimes being asked to authenticate /u...@domain.tld/ and sometimes
[vchkpw] Re: chkuser random rejects
Bogdan Motoc - CRC wrote: The assign file has all the domains that have been added via vaddaliasdomain I only have one set of users and the other domains are aliases to domain.com Here's what that file looks like: +domain.com-:domain.com:89:89:/home/vpopmail/domains/domain.com:-:: +domain.eu-:domain.com:89:89:/home/vpopmail/domains/domain.com:-:: . Did you modify this file manually? If so, you'll need to run qmail-newu to rebuild the associated cdb file. Removing ,QMAILQUEUE=/var/qmail/bin/simscan from tcp.smtp and doing qmailctl cdb gives this error when sending to a legitimate user: Remote host said: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser) What's in your /var/qmail/rcpthosts file? What's in your /var/qmail/virtualdomains file? Eric Shubert wrote: What's in your /var/qmail/users/assign file? Bogdan Motoc - CRC wrote: I'm really sorry about bothering you again about this problem, but I'm really at wits' end here. I have removed the mail.domain.tld from every file I could find. Now mail is not received at all. At least now it's consistent, which is good. No more flapping. (have to keep my sense of humor while users can't receive any mail) I think chkuser can be ruled out as the problem. Sending to legitimateu...@domain.tld produces a bounce with the error listed below (#5.1.1), while sending to nonexistentu...@domain.tld makes chkuser kick in and reject the message as it should as soon as I type rcpt to: badu...@domain.tld 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) So my conclusion is that qmail accepts the message but when it wants to deliver it locally to the vpopmail user, something causes it to bounce. Can you give me any advice on how to test the path traversed by the message once it is accepted by qmail-smtpd ? -- -Eric 'shubes' !DSPAM:4a9e8b7532711028820140!
[vchkpw] Re: chkuser random rejects
Eric Shubert wrote: Bogdan Motoc - CRC wrote: The assign file has all the domains that have been added via vaddaliasdomain I only have one set of users and the other domains are aliases to domain.com Here's what that file looks like: +domain.com-:domain.com:89:89:/home/vpopmail/domains/domain.com:-:: +domain.eu-:domain.com:89:89:/home/vpopmail/domains/domain.com:-:: . Did you modify this file manually? If so, you'll need to run qmail-newu to rebuild the associated cdb file. Removing ,QMAILQUEUE=/var/qmail/bin/simscan from tcp.smtp and doing qmailctl cdb gives this error when sending to a legitimate user: Remote host said: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser) What's in your /var/qmail/rcpthosts file? What's in your /var/qmail/virtualdomains file? That's /var/qmail/control/ ;) Eric Shubert wrote: What's in your /var/qmail/users/assign file? Bogdan Motoc - CRC wrote: I'm really sorry about bothering you again about this problem, but I'm really at wits' end here. I have removed the mail.domain.tld from every file I could find. Now mail is not received at all. At least now it's consistent, which is good. No more flapping. (have to keep my sense of humor while users can't receive any mail) I think chkuser can be ruled out as the problem. Sending to legitimateu...@domain.tld produces a bounce with the error listed below (#5.1.1), while sending to nonexistentu...@domain.tld makes chkuser kick in and reject the message as it should as soon as I type rcpt to: badu...@domain.tld 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) So my conclusion is that qmail accepts the message but when it wants to deliver it locally to the vpopmail user, something causes it to bounce. Can you give me any advice on how to test the path traversed by the message once it is accepted by qmail-smtpd ? -- -Eric 'shubes' !DSPAM:4a9e8cd832711071614555!
