Re: [vchkpw] Rebuilding vpasswd.cdb [was: Transfering vpopmail domains]
On Mar 4, 2006, at 10:35 PM, Michael Krieger wrote: I'm not sure how chkuser will mix into this (it may want the cdb files), so if the cdb files don't regenerate for you, just run vmoduser on each postmaster user toggling a flag (then put it back), such as the no_imap flag. That should regenerate the cdb properly from vpasswd text file. Actually, you can run `vuserinfo [EMAIL PROTECTED] and the vpasswd.cdb file will get regenerated automatically. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Re: [vchkpw] vpopmail extensions not working correctly
On Feb 28, 2006, at 1:20 AM, Michael Krieger wrote: I am using 5.4.15 vpopmail and I've noticed that extensions aren't quite working right. If I send mail to [EMAIL PROTECTED] I get mail going to my inbox and blackberry. If I send mail to [EMAIL PROTECTED] I get mail going only to my inbox. # cat /home/vpopmail/domains/mydomain.com/.qmail-michael [EMAIL PROTECTED] [EMAIL PROTECTED] qmail-send logs: bytes 1329 from [EMAIL PROTECTED] qp 7661 uid 89 starting delivery 77: msg 374730 to local [EMAIL PROTECTED] delivery 77: success: did_0+0+1/ And that's it. When I send to just 'michael', it then creates a new message to remote [EMAIL PROTECTED], as it should. but sending to michael-testing doesn't. That doesn't seem right. Well, it's not vpopmail's fault -- it never gets to calling vdelivermail in .qmail-default. If you switch to mydomain.com/michael/.qmail (with michael being an account created with vadduser) then you should be fine. Likewise, using mydomain.com/.qmail-michael-default might work as well. Check up on the man page for qmail-local (I think). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Vpopmail 5.4.15 released (finally)
On Feb 24, 2006, at 2:21 AM, Bob Hutchinson wrote: Does this version support domainquotas? There is no mention of --enable-domainquotas in ./configure --help No, domain quotas have been broken since 5.4.0 (and probably earlier). In a recent release, we took that configure option out so people would know that domain quotas are no longer available. I don't have a timeframe as to if/when they'll get fixed and be re-enabled. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
[vchkpw] Vpopmail 5.4.15 released (finally)
http://vpopmail.sf.net/ 5.4.15 - released 24-Feb-06 Release Notes: This release fixes a few loose ends in the 5.4.14 release. Here are the Release Notes from 5.4.14: This release brings in the vpopmail daemon (vpopmaild) from the 5.5 development series, and fixes a few bugs from 5.4.13. If you're running 5.4.13 and don't need vpopmaild, take a look at tracker #1360346 on SourceForge to get an important patch to vdelivermail related to using # delete in a user's .qmail file. https://sourceforge.net/tracker/index.php? func=detailaid=1360346group_id=85937atid=577798 ChangeLog: 5.4.15: Tom Collins - Add 'compile' script to distribution. - If warn() isn't available, use fprintf() instead. - vmysql.c: add missing valias_select_names, valias_select_names_next, and valias_select_names_end from 5.5 branch. - vpalias.c: #include config.h before we check if VALIAS defined. 5.4.14: Tom Collins - vmysql.c: Increase buffer size in vauth_adduser() and use correct size when calling snprintf. - Backport most of 5.5.1, including code required for vpopmaild. - Allow --enable-valias option for Postgres backend (incorrectly disabled in 5.4.13). - Only check a domain's disk usage when a quota is set. [1396238] Bill Shupp - vpopmaild: store quota in proper format and update maildirsize on quota change. Gaetan Minet - Remove lock file in open_smtp_relay() even if update_rules() fails. Rick Morris - vdelivermail.c: Fix problem where # delete in .qmail file was being ignored. [1360346] Robin Bowes - Add vpopmaild (the vpopmail daemon) from 5.5 development series.
Re: [vchkpw] Lazy admin seeks ezmlm script set
On Feb 21, 2006, at 10:07 AM, Alex Borges wrote: Hey guys... im just as lazy as you guys, probably more so... So, i was wondering if any of you have a script that will give me all the ezmlm lists for a vpopmail domain. QmailAdmin http://qmailadmin.sf.net/ will show them in a web interface... `ls .qmail-*-owner` will work most of the time (although it's possible to have an xyz-owner alias that isn't related to a list). `ls */config` works, but you'll need to strip the '/config' part to get the list name. Hopefully you're not too lazy to take that start and create the script yourself. ;-) -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Migrating all lists to another domain
On Feb 21, 2006, at 11:09 AM, Alex Borges wrote: Okay, I wanna move about 50 ezmlm lists to a diferent domain. [snip] Now i suspect that copying directories and files will do the trick but im not shure. Also, i wonder what ezmlm-make parameters should i use. Im going through the source of qmailadmin right now and im shure to find out exactly how those lists get made by it, but im also shure you guys can come up with a better way to go about it. QmailAdmin calls ezmlm-make. The config file in the list's directory should tell you everything you need to know in regards to creating the list. You should be able to use the config file to generate a call to ezmlm-make to create your new list, and then pipe the output of ezmlm-list (for the old list) to ezmlm-sub (for the new list) to transfer the subscribers, moderators (if appropriate) and digest subscribers (if appropriate) to the new list. I suspect you could simply copy the subscribers, mod/subscribers and digest/subscribers (I'm guessing on that digest path) from the old directory to the new one. ezmlm-make is probably a better solution than just copying the list's confi directory and recreating the .qmail-list-whatever symlinks, as you'll have to edit the configuration files to use the new list's pathname, and change the old domain to the new domain in files like inhost. Tom Collins Tom Logic LLC PO Box 5717 Napa, CA 94581 (707) 265-6622 (707) 265-6646 fax [EMAIL PROTECTED]
Re: [vchkpw] Re: 5.4.14 - any news?
On Feb 20, 2006, at 5:52 PM, Robin Bowes wrote: I actually found 5.4.14 on sourceforge - not listed in the file list but if you click on 5.4.13 and change '13' to '14' in the download link it works :) Is this patch in 5.4.14 ? BTW, 5.4.14 builds OK for me as I'm not using any MySQL stuff which was causing the problems. Then you should be OK. I released QmailAdmin 1.2.10 today because it was quick and ready to go out. I just haven't found the time to wrap up 5.4.15 and get it out. I'll try for this week... -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Problem on compilation 5.4.14
On Feb 16, 2006, at 12:48 AM, Franck wrote: Is there a patch or a solution please ? Known problem. Will be fixed in 5.4.15, which I just haven't had time to work on. Use 5.4.13 until 5.4.15 is released. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
[vchkpw] Re: 答复: [vchkpw] about open-smtp.tmp
On Feb 13, 2006, at 2:09 AM, zhaoyongjie wrote: Hi all,I am using vpopmail 5.3.20,I want to know why there are so many open-smtp.tmp files 5.3.x were development releases -- you should really upgrade to a 5.4 release (I'd recommend 5.4.10 until 5.4.15 is out). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vpopmail 5.4.13
On Feb 13, 2006, at 11:22 PM, GajendranA wrote: I have been using vpopmail 5.4.0 which had the enable-domain-quota option and it is not there in vpopmail version 5.4.13. Does this new version support this feature? It was in 5.4.0, but it didn't work. How can I restrict the total quota for a domain so that user quota cannot exceed the domain postmaster's quota? I don't know, but vpopmail's domain quotas won't do it for you. The 'maildirsize' file is not getting updated properly for each users with vpopmail version 5.4.13. Can anybody help please?. 5.4.13 should be doing a better job of keeping maildirsize updated. Is it getting extra entries for mail that isn't delivered? Missing entries for mail that has been deleted? Is there an easy way to reproduce the problem? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vdominfo is giving incorrect info
On Feb 13, 2006, at 9:59 AM, Mark DeGroot wrote: The directory structure looks ok. Permissions look ok - at least they are the same as the other domains and as far as I can tell all the email accounts are working properly. cat vpasswd.cdb |cdbdump |wc -l gives me 43 addresses. Everything there looks ok. Any ideas what I should do to try and find out why vdominfo is giving me inaccurate info on this domain? It's probably a problem with the .dir-control file for that domain. Edit that file, and change the 2147483645 number to 43. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Newbie - vpopmail: ERR authorization failed
On Feb 7, 2006, at 12:25 AM, 褚永锋 wrote: exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -R -H -l 0 0 110 \ For starters, try a higher softlimit (like 1000). You should also include the user and group to run as (add -u89 -g89 to your tcpserver parameters) -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Vchkpw pass word policy
On Feb 7, 2006, at 4:59 PM, Jeremy Kitchen wrote: On Monday 06 February 2006 21:09, Rizwan Iqbal Malik wrote: Dear All, We wish to enforce pass word policy on the users of our mail system . Can it be done using Vpopmail. Common policy include changing password on first logon etc... I've actually considered doing this in the past. I never got around to it, but check out cracklib: http://www.users.dircon.co.uk/~crypto/download/cracklib,2.7.txt John Peacock posted a patch to qmailadmin-devel on January 3, 2005 to integrate cracklib with QmailAdmin. http://sourceforge.net/mailarchive/forum.php? thread_id=6272932forum_id=34241 [scroll to the end of the thread] No idea whether it will apply to the current versions or not. It might give you what you need though, still allowing an admin to use vchkpw to set the password to anything they'd like. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] maildirquota.c bug in 5.4.12
I think you've misdiagnosed the problem. As written, n is defined as a long when sscanf is called. It probably isn't a grand idea to re-use the variable name, but it is a long. I'm sure this problem would have cropped up earlier if not. There were some changes to maildirquota.c for the 5.4.12 release (IIRC), I'll have to go back and review them. There's probably a problem elsewhere in the maildirquota code, where we use an unsigned long instead of a long. When you made the change, did the problem go away? -Tom On Jan 24, 2006, at 11:48 AM, Jon Simola wrote: Tracked down a bug that was causing our users to exceed their quota without any mail in their boxes. Deleted mail with entries in the maildirsize showing as -4804-1 are parsed incorrectly by the sscanf in maildirsize_read() in file maildirquota.c at line 335: sscanf(q, %ld %d, n, c); This ends up setting n to a large value (around 4294962492) which makes the users' typical 25MB quota far over. At the top of the function, n is declared as an int (line 285), and midway through the function there is long n=0; at line 319 which appears to have been intended to be used within the scope of the while loop. vpopmail 5.4.12 running on OpenBSD 3.8 --- maildirquota.c.orig Tue Jan 24 11:24:36 2006 +++ maildirquota.c Tue Jan 24 11:24:58 2006 @@ -283,5 +283,5 @@ char *p; unsigned l; - int n; + long n; int first; -- Jon Simola Systems Administrator ABC Communications
Re: [vchkpw] vpopmaild status?
On Feb 3, 2006, at 2:14 AM, Nicklas Bondesson wrote: What is the status on vpopmaild? Will vpopmaild be released as a stand alone package? I don't know if it will be released standalone. I did an incomplete merge into vpopmail 5.4.14, and am planning to fix the missing bits for a 5.4.15 release soon. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] compiling vpopmail 5.4.13 on Solaris 7
On Jan 19, 2006, at 12:59 PM, Jorge Valdes wrote: I am still using an older version, but the problem is with the use of warn in the r_mkdir routine more or less lines 1822 1830. It will compile if you change the format from warn ('xxx') to fprintf (stderr, 'xxx'); a format also used in line 1833. I checked, and err.h is available for Linux, but not for Solaris. I don't have a patch, but could make one for you if you really need it, or better yet, if the maintainers could roll back to using fprintf to stderr for compatibility's sake? I guess I could add conditionals to only use warn if it's available. It's better than just fprintf, because it will append a string that describes the actual error (from looking up errno). I'll throw this on the heap for the next update. In the mean time, I guess you'll have to hand-modify the code. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vpopmaild status?
On Jan 16, 2006, at 11:30 PM, John Simpson wrote: i'm wondering about vpopmaild... i plan on writing a patch for qmail-smtpd which will make it connect to vpopmaild in order to handle the AUTH command (basically try to login and use the + or - response to approve or deny the AUTH command.) my questions are: - how close are we to seeing vpopmaild as a live program, either included with vpopmail, or released as its own package (to be compiled after vpopmail has already been installed, so it uses whatever version of libvpopmail is already on the system?) It's in 5.5.3 on Inter7's web site, and I'm trying to find a little bit of time to get it into 5.4.14. I might just try to get it out this morning. I haven't been involved in the development of vpopmaild, but I believe that a few of the developers are using it on production servers. It might be better to package it separately from the main vpopmail distribution, that way it could be updated on its own as necessary, and be used with any version of vpopmail (as long as the changes don't require updates to the libvpopmail API). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Re: vpopmail-5.4.13
On Jan 17, 2006, at 1:30 AM, [EMAIL PROTECTED] wrote: I could not figure out why only MySQL can now be used for valias only, so I just created a patch to 5.4.13 to remove this check (I still use valias in the form of .qmail files). Patch attached. The valias option to configure should really be called something like 'valias-table'. It only applies to storing aliases in tables instead of .qmail-alias files. If you compile with --disable-valias, you can still store your aliases in .qmail-alias files, and (confusingly) use the valias program to manage those .qmail-alias files. I have update the configure file to allow valias for PostgreSQL in addition to MySQL. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Re: vpopmail-5.4.13
On Jan 12, 2006, at 9:28 AM, Sandeep Agarwal wrote: Release-notes for 5.4.13 says this Tom Collins - configure.in: fix checks to limit enable-valias to MySQL only. but why postgres support is pulled out ?? That was an accident -- I forgot that postgres had valias code as well. It's back in for 5.4.14. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
[vchkpw] Vpopmail 5.4.14 released (finally)
http://vpopmail.sf.net/ 5.4.14 - released 17-Jan-06 This release brings in the vpopmail daemon (vpopmaild) from the 5.5 development series, and fixes a few bugs from 5.4.13. If you're running 5.4.13 and don't need vpopmaild, take a look at tracker #1360346 on SourceForge to get an important patch to vdelivermail related to using # delete in a user's .qmail file. https://sourceforge.net/tracker/index.php? func=detailaid=1360346group_id=85937atid=577798 ChangeLog: Tom Collins - vmysql.c: Increase buffer size in vauth_adduser() and use correct size when calling snprintf. - Backport most of 5.5.1, including code required for vpopmaild. - Allow --enable-valias option for Postgres backend (incorrectly disabled in 5.4.13). - Only check a domain's disk usage when a quota is set. [1396238] Bill Shupp - vpopmaild: store quota in proper format and update maildirsize on quota change. Gaetan Minet - Remove lock file in open_smtp_relay() even if update_rules() fails. Rick Morris - vdelivermail.c: Fix problem where # delete in .qmail file was being ignored. [1360346] Robin Bowes - Add vpopmaild (the vpopmail daemon) from 5.5 development series.
Re: [vchkpw] Vpopmail 5.4.14 released (finally)
On Jan 17, 2006, at 12:40 PM, Steve Cole wrote: This release brings in the vpopmail daemon (vpopmaild) from the 5.5 development series, and fixes a few bugs from 5.4.13. Bad news... Can you email me your configuration options? In particular, I need to know which backend (cdb, mysql, postgres) and whether you have --enable-valias selected. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Vpopmail 5.4.14 released (finally)
On Jan 17, 2006, at 1:05 PM, Joshua Megerman wrote: It appears that you are linking both the vmysql valias_select* and the vpalias valias_select* object code into libvpopmail.a, resulting in the compile error. I'm not sure what changed, but obviously it's Not Good(tm) :( And I'm missing some functions from the new vmysql.c (valias_select_names, etc.). Also, vpalias.c checks to see if VALIAS is defined before including its code. Unfortunately, it does the check before loading config.h (which contains the definition of VALIAS if that option is selected). I'm taking it down from SourceForge and will try to clean it up before the end of the week. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Patches to Vpopmail
On Jan 5, 2006, at 12:38 PM, Joshua Megerman wrote: Please let me know if you {like|dislike|don't understand|other} these patches, and if you have any questions/suggestions for them. Those patches sound good. When I get back from my vacation this week, and have caught up on other work, I'll be sure to incorporate them into the upcoming 5.4.14 release. Tom Collins Tom Logic LLC PO Box 5717 Napa, CA 94581 (707) 265-6622 (707) 265-6646 fax [EMAIL PROTECTED]
Re: [vchkpw] Help..... server crashed
On Dec 28, 2005, at 10:01 PM, gccrowd - crowdness wrote: Though the /home/vpopmail/domains directory is there with the domains, it's not seeing the domains and is looking for the assign file. How do I recreate the assigns file? Do I do it manually? How do I recreate the vpasswd file(s) properly so that I can log in and get the mail? Manually create the assigns file, entry for example.com is as follows: +example.com-:example.com:89:89:/home/vpopmail/domains/example.com:-:: Replace 89:89 with the uid and gid of the vpopmail user. Set the correct path to example.com as well. Make sure the last line of users/assign is just a .. Run qmail-newu. You'll also want to make sure that the domains are in rcpthosts (or morercpthosts, but you'll have to run qmail-newmrh). Also put them in virtualdomains (format for virtualdomains entries: example.com:example.com). Restart qmail after making all of those additions, to be sure it's re-read the files. Another option, if have less than 100 domains (where they're all in the vpopmail/domains directory, and not in vpopmail/domains/0). Rename vpopmail/domains to something else and create an empty domains directory. Use ~vpopmail/bin/vadddomain to add all of the domains. Delete the newly created domains directory, and swap your backed up directory in its place. Good luck. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Help..... server crashed
On Dec 28, 2005, at 10:27 PM, gccrowd - crowdness wrote: The last option, once I do the vadddomain, will I want to do the vaddusers or no? The original vpasswd files are still there, so I would assume not? No need. Replacing ~vpopmail/domains with your backed up directory will replace the vpasswd files. That's where the user information is stored. After going through those steps, vuserinfo should start working again. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vpopmail 5.4.13 marked as stable and 5.4.14 release date
On Dec 2, 2005, at 7:15 PM, FX wrote: I noticed that vpopmail 5.4.13 was marked stable and in my limited testing, it seems to work fine. Are there any problems with 5.4.13 that we should know about before rolling it out into production servers? The only significant problem is that vdelivermail seems to be ignoring the delete all mail option in users' .qmail files. That's fixed in the stable-5_4 branch of CVS. Also, what is the rough estimate of the release date for vpopmail 5.4.14? Within the next two weeks? Someone just posted a patch to allow integration of vpopmaild into the 5.4 branch, something that a few people have asked for. I've also received some other patches to integrate. I can try to get a release out within a week. Tom Collins Tom Logic LLC PO Box 5717 Napa, CA 94581 (707) 265-6622 (707) 265-6646 fax [EMAIL PROTECTED]
Re: [vchkpw] User defined .qmail files
On Nov 22, 2005, at 5:15 PM, James Longstreet wrote: - Mail comes in for [EMAIL PROTECTED] - qmail-local delivers mail as vpopmail/vpopmail using ~vpopmail/domains/example.com/joe/.qmail - Something in vpopmail kicks in, recognizes that joe has his own .qmail file in /home/joe/.qmail, which should be processed as joe - /home/joe/.qmail processed as joe - Delivery as normal Put [EMAIL PROTECTED] in ~vpopmail/domains/example.com/joe/.qmail, where localservername is something in control/locals. This will forward the mail back out to qmail to be delivered to local user joe. Tom Collins Tom Logic LLC PO Box 5717 Napa, CA 94581 (707) 265-6622 (707) 265-6646 fax [EMAIL PROTECTED]
Re: [vchkpw] User defined .qmail files
On Nov 22, 2005, at 8:50 PM, John Simpson wrote: vpopmail isn't the cause of this problem- you're simply running into the limit of what qmailadmin allows the user to do. it probably wouldn't take much for them to add the ability to enter arbitrary lines (including | lines) but they haven't done it- probably because very few people need it. Actually, it was possible during some development releases, but we realized that it opened up a big security hole. Since the .qmail file is run as the vpopmail user, it would be very dangerous to allow a user to put anything in there. A malicious user could delete ~vpopmail/domains via their .qmail file or even have the contents of ~vpopmail/etc/vpopmail.mysql emailed to them. there's also the fact that this would expose another bug (or poor design decision) in vpopmail- when vpopmail is tied to mysql, the valias table (which contains the lines normally stored in .qmail-* files) have no sequence field- so if you have a .qmail file which requires a definite sequence (i.e. runs condredirect on one line, and then something else after it) and store those lines in the mysql valias table, there would be no guarantee that the condredirect line would be run first. A poor design decision that at least I've been aware of for awhile, but haven't had time to address. Simply adding an auto-increment field to that table and sorting on it would be a good start. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Fw: problems with courier-authlib on amd64 in combination with vpopmail
Upgrade to vpopmail 5.4.13, it addresses your problem by compiling libvpopmail with -fPIC option. It appears you've already done that though, so I'm not sure what it could be at that point. Do you have some sort of softlimit on courier that could be causing problem? -Tom On Nov 19, 2005, at 7:14 AM, Oliver Lehmann wrote: Hi, can someone help here? Begin forwarded message: Date: Sat, 19 Nov 2005 09:25:12 -0500 From: Sam Varshavchik [EMAIL PROTECTED] To: courier-users@lists.sourceforge.net Subject: Re: [courier-users] problems with courier-authlib on amd64 in combination with vpopmail Oliver Lehmann writes: Trying the same with pop3d(-ssl) or imapd(-ssl) supplied with courier-imap results in the following error: [EMAIL PROTECTED] olivleh1 telnet 0 110 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. +OK Hello there. user [EMAIL PROTECTED] +OK Password required. pass test -ERR Temporary problem, please try again later Connection closed by foreign host. Exit 1 [EMAIL PROTECTED] olivleh1 maillog shows: Nov 19 13:07:20 kartoffel pop3d: LOGIN FAILED, [EMAIL PROTECTED], ip=[:::127.0.0.1] Nov 19 13:07:20 kartoffel authdaemond: stopping authdaemond children Nov 19 13:07:20 kartoffel pop3d: authentication error: Input/output error Nov 19 13:07:20 kartoffel authdaemond: restarting authdaemond children This suggests a bug in the vpopmail library causing a segfault and a crash, at which point the parent authdaemond process restarts all the child processes. debug.log shows: Nov 19 13:07:20 kartoffel authdaemond: received auth request, service=pop3, authtype=login Nov 19 13:07:20 kartoffel authdaemond: authvchkpw: trying this module Right.
Re: [vchkpw] Delete all incoming mail for a user or domain
On Nov 19, 2005, at 8:31 AM, Roman Volf wrote: You can create a ~vpopmail/domains/domain.com/.qmail-user file with the # information, and you won't even need a valid user/Maildir. That's the best way to do it, as I've just been informed about a bug in the new vdelivermail related to setting a user's mailbox to delete. If a user has a .qmail file that just contains #, then mail will be delivered anyway. I just put the patch into CVS today, it will be in the 5.4.14 release. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Bill's Linux Qmail Toaster: how would you rate it?
On Nov 7, 2005, at 6:24 AM, Fabio Varesano wrote: I was looking for a good qmail installatio how-to and found this: http://www.shupp.org/toaster/index.php How would you rate this?? Does it do things right?? Does it leave security holes?? Does someone used it in a production environment? I've used Bill's taosters to build servers for (I think) the past 5 years. The instructions are thorough, and having the patches combined is very helpful. I would highly recommend it as a starting point. You'll save yourself a lot of time and energy by doing so. Bill even has a list for the toaster that you can turn to for help. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] recompile or not
On Nov 7, 2005, at 8:15 AM, Nicholas Harring wrote: Please, please, please don't spread FUD by even implicitly blaming chkuser for this. There's no way to implement chkuser in even a vaguely efficient manner without linking against vpopmail. Vpopmail needs to begin building a shared library, then everybody else can just magically begin using it. This puts the blame squarely where it belongs, on the heads of the developers maintaining vpopmail who completely refuse to integrate shared library support into vpopmail. They've been sent patches, and never offered detailed reasons for refusing to integrate. Please, please, please don't spread FUD by even implicitly blaming the vpopmail developers for this. ;-) I've seen *one* patch for this and, IIRC, it didn't apply cleanly to the current version of vpopmail. I worked on it a bit, and liked the results, but delaying pushing it into the mainstream release. One problem is that some programs (including qmailadmin) actually make use of information in the header files to conditionally compile its code. To truly move to a dynamic lib, we need to have any program that links to libvpopmail do so without using vpopmail's config file. It's not as simple as just making the lib dynamic. What if we wrote an external program that chkuser could run instead of having to link to libvpopmail? Would that be a good solution. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] ramdisk with ext2 or tmpfs, vpopmail mysql - heap table : performance - too big disk load
On Nov 4, 2005, at 7:10 AM, Ken Jones wrote: I would try putting /var/qmail/queue on the ramdisk since you have the RAM already. Does the OS back up the ramdisk to a physical disk on shutdown? If not, and you have to reboot your server (or if it goes down for maintenance), you'll lose any queued mail that hasn't been delivered yet, and the original senders won't know about it. I would also comment out the fsync() calls in the qmail source code. If it's on a ramdisk, the fsync() shouldn't have any performance impact, right? If you're running simscan and/or clamav, I'd think that keeping their temp directories on the RAM disk would give you the most performance benefit. If you crash and lose the contents, it's no big deal, and everything that comes through the server ends up going through that process. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] qmail+vpopmail on redhat 7.3 server gets very busy
On Nov 3, 2005, at 7:38 PM, Sam wrote: @4000436ab0a417e5a724 info msg 116176: bytes 2174 from [EMAIL PROTECTED] qp 20947 uid 501 Looks like doublebounce messages. What do you have in /var/qmail/control/doublebounceto? I've set my server to have doublebounce in that file, and then put # in /var/qmail/alias/.qmail-doublebounce. That way doublebounces are just deleted -- 99.9% of them are crap and not worth looking at (e.g., spam from forged return addresses). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] .qmail- files not processed
On Oct 31, 2005, at 9:03 AM, Fred McIntyre wrote: It is my understanding that any .qmail files, matching the user name in an incoming email, in /home/vpopmail/domains/naxum.com will be used before the delivery instructions in .qmail-default. That is what is NOT happening. Based on that, and the fact that you're seeing similar behavior in non-vpopmail domains, I'd say it's a problem with your qmail install. qmail-local is responsible for handling the delivery lines in the .qmail-frederick file. Try a fresh install of netqmail, possibly following Bill Shupp's excellent toaster at http://shupp.org/toaster/. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] New user with folder
On Oct 30, 2005, at 9:35 AM, Anilkumar wrote: it create the user perfectly with his Inbox i want to create four (4) new folder at the time of creating a new user Edit the function make_user_dir() in vpopmail.c. At the beginning of the function, it has a list of folders to create for every user: const char *dirnames[] = {Maildir, Maildir/new, Maildir/cur, Maildir/tmp, Maildir/Inbox, Maildir/Inbox.Sents, Maildir/Inbox.Drafts, Maildir/Inbox.Trash, Maildir/Inbox.Spam Mail}; -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Migrating users
On Oct 28, 2005, at 12:27 PM, Rick Root wrote: My question is... is there a better way than the steps I described above? As Rick Macdougall said, rsync is your friend. You can run it once while everything is live, then stop qmail and run it again to sync up anything that changed since the first run. Very slick. I wrote some scripts to aid in migrating to a new server, and Paul Kremer recently prettied them up. Give them a shot, they should make the migration go fairly smoothly. They automate the procedure, and even include the multiple calls to rsync, along with vadddomain on the new server, etc. http://www.mail-archive.com/vchkpw@inter7.com/msg22410.html I recommend adding a dummy domain on your old server and use it as a dry run for the migration scripts. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] 5.4.14
On Oct 26, 2005, at 1:02 PM, Steve Cole wrote: Any word? Originally we were to have a stable version of the new code for vdelivermail, etc. a week ago. I don't have any changes since releasing 5.4.13. It should be safe to use 5.4.13 on production servers -- I've been using it on my server since it was released and haven't experienced any problems. The new vdelivermail code was originally released on March 20th, and hasn't had any significant changes since July 4th. I've moved it from the vpopmail-beta releases on SourceForge to vpopmail-stable. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] OFF-TOPIC: A good POP3/SMTP Proxy Server
On Oct 25, 2005, at 5:55 AM, Bruno Negrao wrote: Instead, I want a POP3 proxy server integrated with SMTP, that could prevent the messages internal to Allentown to cross the internet link. I'd like the proxy server to keep the local messages right there in Allentown. Does someone know a product like that? There have been past conversations on the list about doing that with vpopmail on both ends. Here's the general gist: Location A has their POP mailboxes, and aliases to forward mail for users at location B to [EMAIL PROTECTED] Location B has their POP mailboxes, and aliases to forward mail for users at location A to [EMAIL PROTECTED] Both servers have domain.com in their rcpthosts, virtualdomains and users/assign files. Location A has loca.domain.com as an alias domain, and Location B has locb.domain.com as an alias domain (to domain.com). Users configure their email client to pick up mail as [EMAIL PROTECTED], but use [EMAIL PROTECTED] as their email address in the From header. In your case, you'd keep New York as your MX 0, and it would forward mail to Allentown as needed. People at the Allentown office who sent mail to each other, would have their mail stay on their local (locb) server. Mail to New York and any other Internet location will be quickly queued on the locb server. You might even be able to configure traffic priority on your dialup link to throttle smtp traffic over the dialup link to give preference to http (and other) traffic. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] validate from
On Oct 25, 2005, at 8:35 AM, Ingo Claro wrote: How can I do that with smtp auth qmail validates that the from must be the same that the auth user? the idea is to avoid some user [EMAIL PROTECTED] can impersonate another user and send mails with another from: [EMAIL PROTECTED], I only want to admit him to send emails with from: [EMAIL PROTECTED], being domain.com a local domain. No current way to do it. Note though, that if smith pretends to be jones, his name will appear in the Received: headers of the message. If you try to force the SMTP AUTH username to be the same as the MAIL FROM, then smith can just send his forged e-mail from another server. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] forwarding to local users
On Oct 21, 2005, at 2:21 PM, hbeaumont hbeaumont wrote: However I need it to keep all the headers in tact for the original virtual domain. Which headers? The To/From/Subject/Date won't be changed when the message is forwarded. There might be a difference in the Delivered-To headers -- is that what you're referring to? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vauth_getpw() with Apache/CGI
On Oct 19, 2005, at 12:41 PM, Charles Collicutt wrote: As a temporary solution my program is owned by root:www-data with the permissions set to 04750 but I'd like to work out what is going on if possible. MySQL access works fine, is there anything else that vauth_getpw() needs access to that might be causing the problem? IIRC, it may need to read the files in /var/qmail/control and/or /var/qmail/users as well. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Multi-user vpopmail/ezmlm web interface
On Oct 19, 2005, at 2:36 PM, James Longstreet wrote: Is it possible to have qmailadmin allow other users to administrate mailing lists? Otherwise, what is the best option for such an interface? One that is in Gentoo's Portage tree would be ideal, but not strictly necessary. Something on my wish list has been to allow list owners to administrate their own lists. I envision a system where non admins can see lists they're moderators for or owners of (if it's an email address in the same domain as the list). I see the following access control limits: postmaster -- full control, as always list owner -- can't add or delete lists, but can modify an existing list, add/del/list moderators and subscribers moderator -- can't add, delete or modify lists, but can add/del/list subscribers for lists they moderate What does everyone else think of that idea? It might not even be that hard to add as a feature. I'm tied up with my day job, and even have a commitment to do some sponsored QmailAdmin development when I get the chance (adding an index to the aliases page like we already have for pop/imap accounts). If there's enough interest, I'd explore adding that feature in the next two months or so. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] How do I list alias domains, and remove alias domains?
On Oct 18, 2005, at 6:45 PM, Jeff Salisbury wrote: FYI, I am using version 5.3.5 of the vpopmail tools... Try upgrading to something in the 5.4 series. vdeldomain in 5.4 will correctly delete just the alias, and won't touch the real domain behind it. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Creating distribution lists in vpopmail
On Oct 4, 2005, at 4:55 PM, Alex Decarli wrote: How can I create a distribution list (and add users) from command-line (shell). Is there some way to create a general list with all users ? does anyone has some script ? Use ezmlm-idx for creating mailing lists. Use `vpopbull -n -V domain.com` to generate a list of email addresses in a domain. Use ~vpopmail/bin/valias to create alias addresses with multiple recipients. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Creating distribution lists in vpopmail
On Oct 4, 2005, at 5:30 PM, Alex Decarli wrote: I need to get the vpopbull -n -V domain.com stdout and create a list called [EMAIL PROTECTED] , inputing this users in this list. How to ? ~vpopmail/bin/vpopbull -n -V domain.com ~vpopmail/domains/domains.com/.qmail-staff -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Mail system configuration recommendations
On Oct 4, 2005, at 7:09 PM, Bill Wichers wrote: The trouble is that we tag, but don't block, most of the spam since our customers don't want us to maybe cost a sale by blocking something that shouldn't be blocked. I've been using simscan to block messages that score 8 or higher for at least 3 months now, and haven't had a single complaint. The result is we're blocking 57% of the inbound email, which greatly reduces the load all around (fewer calls to vdelivermail, less load from users downloading the spam, etc.) Based on my logs, we could block 50% by dropping at 12+. I can't believe that there would be a legitimate message scoring a 12+ that I would not want to miss. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vdelivermail - expected behaviour?
On Oct 1, 2005, at 1:16 PM, Brian Downey wrote: The bounce-no-mailbox works when junk heads to '[EMAIL PROTECTED]', but when adding a dash extension onto any /existing/ address, such as [EMAIL PROTECTED], it gets delivered. Even while the address does not specifically exist in the database or a corresponding .qmail-whatever file. Is this expected behavior? It's somewhat frustrating since there are a few lists out there that got ahold of my older email addresses (bdowney-something) and everything gets delivered no matter what. Yes, that is expected behavior. It may only apply if you compile with the --enable-qmail-ext configure option though. One workaround would be to create a .qmail-bdowney-blablablah file with the following: |/var/qmail/bin/bouncesaying 'Nonexistent account' All mail to that address will bounce. Of course, chkuser will still accept the message instead of rejecting it at the SMTP level, but it's better than having to deal with the mail. Another option would be to just put '#' in the .qmail file to delete the message without delivering it. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vmoduser -w
On Sep 28, 2005, at 9:15 AM, Rick Macdougall wrote: It removes imap access from 127.0.0.1 (or what ever you compile in, 127 is default) if you also use the disable imap flag. ie - disable imap but allow it from 127.0.0.1 for webmail use. disable imap and disable webmail to remove all imap access. Here's the lowdown: disable_imap: disables IMAP from all IPs except those listed in vchkpw.c as webmail servers. disable_pop: same as above, but for POP disable_webmail: disables IMAP and POP access from the webmail servers, regardless of the disable_imap and disable_pop settings. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] OT, but abuse related
On Sep 27, 2005, at 9:52 AM, Clayton Weise wrote: I know this is way off topic, but there are a lot of really smart people on this list so I'm hoping to get some ideas here. I've got a web server that has some kind of formmail-esque script that is being horribly abused but I can't find it. The server (shut down qmail-send on it for now) is spewing out messages by the hundreds, if not thousands, and I can't seem to center down on which site has the offending script. Again, it's pretty off topic but I'm just looking for some help here... please. Assuming you're running VirtualHosts with apache, here's what I've done in a similar situation. If your directory structure works for this, you can look at all of the access logs for your virtual hosts: ls -l */*/logs/access_log Run it once, and dump to a file. Run it again a few minutes later and dump to a file. Do a diff -u on the file and you'll only see sites getting hits. Look for the ones with fast-growing log files, and then manually examine those logs. Note that you might need to look at the error_log as well, as there might be a script that generates an error yet still sends the email. If your directory structure isn't organized well enough to find all the access_log files, you'll have to write a script that goes through your apache configuration files looking for the TransferLog (or ErrorLog) setting, and check the size of the log. Another quick idea is to run `locate formmail` and `locate FormMail` to spot some quick possibilities. Good luck. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
[vchkpw] Cross-site scripting (XSS) vulnerability in QmailAdmin/vpopmail
A user recently brought to my attention that a cross-site scripting vulnerability still existed in QmailAdmin for sites using QmailAdmin version 1.2.3 or earlier, or vpopmail 5.4.9 or earlier. I realized that I was still running vpopmail 5.4.8 on one of my own servers, and thought that others might still be running older versions. So, I'm sending this out as a reminder to everyone. If you're running old versions, you should upgrade to either vpopmail 5.4.10 or 5.4.13 (which includes a rewritten vdelivermail) and QmailAdmin 1.2.4 (at least) or 1.2.9 (preferable, has better handling of .qmail files). I haven't had any reports of the vulnerability being exploited, but it is theoretically possible when running the old software. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Re: [vchkpw] chkuser 2.0.8b
On Sep 22, 2005, at 1:42 AM, John Simpson wrote: if you're supporting AUTH, you really should use TLS as well. otherwise you're allowing your users to send their passwords across the internet in plain text- and all it takes is one spammer with a packet sniffer to use your machine as a relay. If you use CRAM-MD5 for the AUTH method, it's impossible to sniff the cleartext password. TLS is a good idea, but getting your users to enable it in their clients can be a challenge. It's hard enough explaining how to enable SMTP AUTH! Here's an idea, how about a Wiki page dedicated to instructions on setting SMTP AUTH in various email clients? People could contribute by taking screen shots of their setup, preferably with '[EMAIL PROTECTED]' or some similar username. A more ambitious project would be to use PHP and GD with the proper fonts to automatically fill in the fields and generate a completely custom how to page. Any ISP could use it, and make use of hidden fields to enable/disable certain features (like 'user port 587 for outbound smtp', 'enable TLS', 'use full email address as username', 'use smtp.server.com for outbound email', etc.). The end user could enter their name, email address and email client and get a one-page printout instructing them on how to set everything up. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] chkuser 2.0.8b
On Sep 22, 2005, at 1:27 PM, Erwin Hoffmann wrote: If you use CRAM-MD5 for the AUTH method, it's impossible to sniff the cleartext password. I don't bet on this. If you tape the SMTP dialoge, its easy to encrypt the password. I think you're wrong. AUTH PLAIN and AUTH LOGIN are just base64 encoded cleartext and you can determine the password from them. CRAM-MD5 involves a one-way hash. It is impossible to reverse the hash and determine the cleartext password. Each time you connect, a different challenge results in a different response. The only way the server and client can generate the correct response is to have the same cleartext password available. Given the challenge and response, it is not possible to generate the cleartext password. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] chkuser 2.0.8b
On Sep 22, 2005, at 2:10 PM, Erwin Hoffmann wrote: C'm on. The generation of the challenge and the way its used in qmail is well documented on my web site http://www.fehcom.de/qmail/smtpauth.html. Everyone can read that and download the code to do it. The only free parameters are the timestamp and the pid of the current process. And the code to generate the response is freely available in an RFC. I know -- I implemented SMTP AUTH client code to work with PLAIN, LOGIN and CRAM-MD5. Even so, it's a one-way function. Given the challenge and the response, you cannot derive the cleartext password. This is the reason vpopmail requires cleartext passwords if you want to use CRAM-MD5. There's no way for it to derive the cleartext password from CRAM-MD5 in order to run it through crypt() with the proper salt and compare it to the stored, encrypted version. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
[vchkpw] Vpopmail 5.4.13 released
http://vpopmail.sf.net/ Minor changes to 5.4.12, which was released two months ago. The most significant change is to compile libvpopmail with the -fPIC option, which supposedly corrects a problem when trying to compile courier-imap with vpopmail support on the AMD64 platform. This release will be considered beta for the next 30 days, and if no serious errors crop up, we'll switch it to stable. 5.4.13 - released 16-Sep-05 Riccardo Bini - vdelivermail.c: Use DOMAINS_DIR instead of hard-coded domains. Jory A. Pratt - Compile libvpopmail with -fPIC option so amd64 users can compile courier-authlib against libvpopmail.a. Tom Collins - hmac_md5.c: include strings.h for bzero and bcopy declarations. - configure.in: fix checks to limit enable-valias to MySQL only. - INSTALL: make clear that valias only applies to MySQL backend. - vpopmail.c: modify get_remote_ip() to work with xinetd, not just tcpserver from daemontools.
Re: [vchkpw] vpopmail and chkuser
On Sep 15, 2005, at 6:57 AM, Bruno Negrao wrote: I dare to say that you wouldn't have to recompile chkuser *every* time you upgrade vpopmail. Does someone disagree? You are correct. Technically you only need to recompile if code that accesses the user list or aliases changes. This can include configuration changes or bugfixes to that code. To be safe, recompiling is best. I believe that someone attempted to build libvpopmail as a dynamic lib. I'm not sure how successful they were, but if someone would like to try doing it again, I think it would be a step in the right direction. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Issue with 64 bit
On Sep 15, 2005, at 1:02 PM, sparky wrote: You need to recompile vpopmail with the -fPIC option. Common error due to vpopmail's stubborn refusal to use libtool. === === I went back and complied vpopmail with the -fPIC option ./configure CFLAGS=-fPIC and the issue remained. any ideas? Try using the attached makefiles (apologies for sending a 10K file to the list, but it should help others until I get the next vpopmail release out). If using libtool would solve this problem (and hopefully others), I'm all for using it. Please email a response to the poster on the courier-imap list that we're open to making the change if he/she can describe the benefits and point us in the right direction to make use of it. Have him/her contact me directly, I'd love to have someone overhaul the vpopmail configure/build system. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com makefile-fpic.tgz Description: GNU Zip compressed data
Re: [vchkpw] Linux frontend for GroupWise
On Sep 12, 2005, at 2:46 AM, Maurice Snellen wrote: As we are expecting to have to handle mail for a number of new domains the company has registered, I was wondering how to set up the domains .qmail-default files so that vpopmail will handle all POP3 mailboxes and forward all mail addressed to unknown addresses to the GroupWise server. If you have QmailAdmin 1.2.6 or later, you can enter @otherdomain.com for the catchall and QmailAdmin will put [EMAIL PROTECTED] in the .qmail-default file. It also recognizes that format when displaying the catchall setting. More info: http://sourceforge.net/tracker/index.php? func=detailaid=910410group_id=6691atid=356691 -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Re: debian x86-64 issue with vpopmail and courier-imap
On Sep 8, 2005, at 8:08 PM, colin williams wrote: specifically does anyone know how i compile using the -fPIC option? And if it will work? Yes, here's links to the two CVS commits with patches to accomplish that: http://sourceforge.net/mailarchive/forum.php? thread_id=8106414forum_id=35252 http://sourceforge.net/mailarchive/forum.php? thread_id=8106413forum_id=35252 The ChangeLog patch probably won't work, and if you change Makefile.am and delete Makefile.in, libtool should rebuild Makefile.in for you. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] create welcome message
On Aug 21, 2005, at 11:21 PM, Dadang Sulaeman wrote: I have many user /client in my office network. I have vpopmail to create and manage my virtual domain. my problem is how to create a welcome message and send it automatically when i create a new user account ? could anybody help me? You could write a shell script that calls vadduser and then runs qmail-inject to send them the welcome message. If you really wanted to get fancy, you could check the exit code of vadduser and only send the welcome message if the user was successfully added. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] quota problem
On Aug 22, 2005, at 6:58 AM, Riccardo Bini wrote: ok.. with 5.4.12 works but not as I would want 8-) I mean when vdelivermail deliver the email and the user is over system quota vdeliver return a deferral: system_error/. vdelivermail would have to return user is over quota with an 'deliver_quota_warning'. Instead the email keep in queue like an error message. Well, there's a good chance it won't be able to deliver the over quota message if the user has hit their system quota. I'll take a look at the code, and see if we can catch the system quota error and do an overquota bounce instead of a deferral. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vpopmail version confusion
On Aug 22, 2005, at 1:47 PM, Robin Bowes wrote: Hi, Can someone please summarise the current status of the various versions of vpopmail? I'm managing the 5.4 branch, Ken Jones, Rick Widmer and others are managing the 5.5 branch. I need to integrate vpopmaild into the 5.4 branch, along with some other changes (most likely). From SourceForge, 5.4.12 seems to be the latest dev version By date, yes. However, I see a v5.5.3 is available from inter7.com and on 29th July, Ken Jones said in a post [1] to the vchkpw list: Excellent. I'll update that 5.5.3 test version. [1] http://www.mail-archive.com/vchkpw@inter7.com/msg22188.html Then in a post about 5.5.3 on 19th August, Tom Collins said: 5.4.12's vdelivermail is newer than all other releases... Correct. 5.5 should include most everything that was in 5.4.9, but none of the changes between 5.4.9 and 5.4.12. The reason I'm asking is that I currently use vpopmaild but I must have an old version from a previous 5.5.3 install as I'm currently using vpopmail 5.4.12 which doesn't have vpopmaild. I'd like to write a plugin for qpsmtpd that talks to vpopmaild to validate local delivery addresses. Is there any chance that all the latest code could be syncronised into a new dev. version? Or is CVS up-to-date with *all* the latest code? I'll work on bringing vpopmaild into 5.4, and try to determine what else the 5.4 branch is missing from 5.5. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] 5.5.3 and valias
On Aug 19, 2005, at 5:25 AM, Shane Chrisp wrote: Dont know if this has been raised already or not, but while playing with 5.5.3 ive found a problem with aliases in mysql. Can you please test the vdelivermail from 5.4.12 and see if the problem persists? 5.4.12's vdelivermail is newer than all other releases and, in my opinion, more reliable. It corrects a lot of problems with quotas, and should do a better job of failing gracefully. I know that some people are using 5.4.12 with valiases, and some of them might even have Maildir deliveries (or can do a quick test of one). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Password format?
On Aug 18, 2005, at 3:53 PM, Rick Macdougall wrote: Now the question that was originally asked I believe was if the MD5 encrypted passwords are compatible with an MD5 hash. My answer is I don't know :) A quick test would be to take an MD5 encrypted password from vpopmail, strip off the $1$ and use that as your comparison against a standard MD5 hash. I don't know about an MD5 hash in other programs, but CRAM-MD5 for SMTP AUTH incorporates different information (the challenge) into the hash each time, so you need to have the cleartext password. If you turn on cleartext passwords and password learning, if a user authenticates with their cleartext password (typically pop3), vpopmail can learn it and add it to the database. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] quota problem
On Aug 5, 2005, at 12:14 PM, Riccardo Bini wrote: I have vpopmail 5.4.10, /home dir in nfs and quota enabled Each virtual domain has a user (vadddomain -u user domain.com) and the users has a system quota (filesystem quota). Well, when a user is over quota the emails are delivered with size 0. It's possible to have vdelivermail check system quota for the user and bounce the email with warnmessage? Please test with vpopmail 5.4.12 and let me know if you continue to have problems. I tried to address some issues like that in the vdelivermail rewrite, but I may have missed a few cases. I'll hold on to your message and try to review the vdelivermail code the next time I have an opportunity to work on it. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
[vchkpw] Re: Maildirsize not updated
On Jul 19, 2005, at 6:35 AM, Kelvin Wu wrote to the toaster@shupp.org list: I have just installed netqmail+vpopmail+maildir++ patch+qmailadmin+vqadmin. For regular vpopmail mailbox, the maildirsize file is updated when each mail arrive. However, when I put something like [EMAIL PROTECTED] _address /home/vpopmail/domains/mydomain/myuser/Maildir/ in the .qmail file. the maildirsize file are not updated accordingly even after the mail got delivered into the Maildir. Does anyone know why? Thanks and appreciated. It's a bug in vdelivermail. I believe I've fixed it in 5.4.12 which is currently a development release (not yet stable). I know that some people are using it in production though, so if this feature is important to you, you could install 5.4.12 and verify that it updates the maildirsize file properly. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] mysql - valias sequence?
This is a known limitation of valiases. I've wanted to do something about it for a long time, but don't have the spare time to do so. It would be great if John and perhaps others could pitch in to make it happen. On Jul 19, 2005, at 3:57 PM, John Simpson wrote: i don't know that i'll have the free time, but i'm certainly willing to look at it. Excellent. so what's actually needed would be: - a sequence field in the table, integral type, 32-bit unsigned integer (i would say limit it to 8 or 16 bits, but you never know...) - vdelivermail.c needs an ORDER BY clause. it may also need to be modified to treat exit code 99 from a program delivery the same way qmail-local does (i.e. treat it as a success but stop processing alias lines) unless i'm missing something and it already does this? Actually, vdelivermail won't require changes. Just update valias_select() in vmysql.c - need a script to convert a non-sequence table into a sequence table. this involves creating a new table with the sequence field, copying the old table to the new one (manually creating the sequence for all entries), deleting the old table, and renaming the new one to the old name. it could also identify any problem mailboxes- those with multiple lines, at least one of which is a program delivery. You could just add the column to the existing table and then populate it with 0. I agree that a tool to identify problematic aliases would be good, but setting it to 0 would match current behavior. - valias.c needs the same ORDER BY clause as vdelivermail.c (for use when listing aliases.) we may also want a -n command line flag which makes -s show the seqence numbers in addition to the current output (but don't change the output, that would break scripts which depend on this output.) Sounds good. You might need to modify linklist_add() in vpopmail.c and update the calls to it in vmysql.c to store the sequence number. - the valias_insert() functions in vmysql.c, vpalias.c, and vpgsql.c need a fourth parameter, a sequence number (unsigned). technically it's how many lines to skip before adding the new entry- 0 means add at the beginning, 1 means skip the first line and then insert the new one, and so forth... anything = number of lines in the file is treated as add to the end. the functions need to be able to re-number the existing rules in the database as needed to maintain the correct sequence. Like this? update valias set seq = seq + 1 where alias = '[EMAIL PROTECTED]' and seq 4 insert into valias (alias, alias_line, seq) values ('[EMAIL PROTECTED]', '[EMAIL PROTECTED]', 4) - dotqmail2valias.c needs to make all of its calls with -1 as the sequence, meaning that all rules added would be added to the end of whatever instructions are already there for that alias. Yep. - valias.c would use the new -n command line option to specify the sequence for the new rule added by the -i option. (i'm assuming that -i and -s are mutually exclusive in the code.) Sounds good to me. am i missing anything? Very thorough. We'd have to update qmailadmin as well, but since it presently always adds to the end, it wouldn't be a big change. Ultimately, we would want to update the UI in QmailAdmin to allow you to change the order of lines in an alias (kind of like how Netflix manages your queue). Perhaps when creating the new valias_insert() command, we should give it a new name and keep valias_insert() with the same parameters. valias_insert() would just call the new command and pass in -1 for the sequence. That way, old programs wouldn't break. We might also want to define a macro to indicate that the extended insert is available, so programs like QmailAdmin can have conditional compilation depending on whether they're linked to the old or new vpopmail. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] multiple domains across a given server
On Jul 18, 2005, at 1:13 PM, Craig Lewis wrote: But I asked the wrong question to the wrong group. Now that I have read and understand a little better, It seems like the .qmail-default file is where I would ‘like’ to make this work. I have tried various ways To try and make the second argument to vdelivermail to forward to a name or IP address, but no luck, and As I understand it, I have a choice of bounce, email address, directory name, but not machine name ? Am I missing something ? Any suggestions would be appreciated. Try using [EMAIL PROTECTED] as the default delivery. This should result in the email being forwarded to the same username ($EXT) on server b.example.tld. If you want to avoid mail loops (bogus address gets bounced from server A to B and back), create .qmail-alias files in the domain directory for each account on the other server. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vacation messages
On Jul 8, 2005, at 6:10 PM, Billy Newsom wrote: Well, let me see. I guess if vchkpw is using MySQL backend, then I think the vacation message stuff has gotta be in MySQL... Hadn't thought of that, but there it is. Personally, I use qmailadmin, but my users usually don't. But that's just a policy decision. Anyway, I think Tom Collins wrote it, more or less, or maintains it. Surprised he hasn't said something here yet. I didn't write QmailAdmin, but I've put a lot of time into it since at least 1.0.10. I moved it to SourceForge, and have actively maintained it for the past 2+ years. Vacation message stuff is actually stored in the user's .qmail file (a call to autorespond) and a directory called vacation stored in the user's directory (that autorespond uses). I haven't really followed this discussion, but IIRC the OP wants to use Horde's interface for setting a vacation message. If they're not using QmailAdmin, they could add a program to the .qmail-default file for the domain to check for a vacation message before handing off to vdelivermail for delivery. Or, they could modify vdelivermail to check for a vacation message before doing the final Maildir delivery. Or, they could write out a .qmail file in the user's directory to send the vacation message before doing the final Maildir delivery. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Questions about vdelivermail
On Jul 8, 2005, at 11:52 AM, Tren Blackburn wrote: And I've created mailboxes on the server that I use only for authentication as I've got a .qmail file for each user that just forwards to the end server. In my telnet tests however, it doesn't seem like the message is even getting to vdelivermail...it's just being blasted through to the .qmail-user file in the domain directory (/home/vpopmail/domains/domain.com). domain.com/.qmail-user -- qmail delivers directly domain.com/user/.qmail -- qmail hands off to vdelivermail which handles delivery -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vpopmail.c qnprintf patch
On Jul 8, 2005, at 9:49 AM, Stoyan Marinov wrote: I needed to customize the vpopmail table structure for my needs and because of this I needed a different order of the arguments in the MySQL queries. I tried to use the %2$s in a query and noticed I can't do that. That's why I've made this little patch to make possible use this style for arguments. I'm not familiar with using %2$s in a printf -- what does it mean? Can you not accomplish the same thing with another style? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vpopmail.c qnprintf patch
OK, I see what you're talking about. It isn't part of the C99 standard and I haven't seen it in other code before. I am very hesitant to include your patch in the main vpopmail distribution though. I tried to make a very simple, reliable function for creating SQL queries, and I think the %2$s notation adds unnecessary complexity. Can you let me know the exact place in the code you needed to use it? Could we re-work the queries in some way to allow for a single order that works for both variations without a special format string? On Jul 8, 2005, at 1:43 PM, Stoyan Marinov wrote: Tom, You can find more info about this on the printf man page (3). Shortly - you can reuse some of the variables passed or reorder them. %2$s means the second string variable. Stoyan On Fri, 2005-07-08 at 23:39, Tom Collins wrote:On Jul 8, 2005, at 9:49 AM, Stoyan Marinov wrote: I needed to customize the vpopmail table structure for my needs and because of this I needed a different order of the arguments in the MySQL queries. I tried to use the %2$s in a query and noticed I can't do that. That's why I've made this little patch to make possible use this style for arguments. I'm not familiar with using %2$s in a printf -- what does it mean? Can you not accomplish the same thing with another style? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Disable local relay
On Jul 7, 2005, at 10:47 AM, michele wrote: Hi, it's possible to disable relaying for local domains? Our server host mail for domain.com; if i try to send a message from another computer to [EMAIL PROTECTED], using our server as smtp server, it does allow relay: there is a way to prevent this? Thanks That isn't relay -- your server is the final destination for domain.com so it won't relay it to another server. What are you trying to accomplish? Your server needs to operate that way so people on the Internet can send mail to domain.com. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
[vchkpw] Using alternate sending IP on outbound mail
I started writing an email to the list asking for help, and in the process I found a solution. I figured I'd share the solution, as others might benefit from it as well. A spammer exploited a formmail script on my server to send a bunch of spam to aol users. As a result, AOL has temporarily blacklisted my IP address. I was able to clean up the remaining spam in the queue, but now legitimate email to aol.com was getting deferred. My server (Linux FC3) has a secondary IP on it's network interface, so I tried to find a way to route outbound mail via that IP instead of the primary (blacklisted) IP. The solution was actually quite simple and clean. I added a route for AOL's mailserver netblocks to the server's routing table and told them to use interface eth0:0 instead of eth0. Substitute your server's actual gateway for 123.45.67.89 and the netblocks you want to re-route for 64.12.0.0 and 205.188.0.0. # route add -net 64.12.0.0 netmask 255.255.0.0 gw 123.45.67.89 dev eth0:0 # route add -net 205.188.0.0 netmask 255.255.0.0 gw 123.45.67.89 dev eth0:0 In about a day or so (once the blacklisting is over), I'll delete the routes. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Re: smtp-auth problem
On Jul 6, 2005, at 10:37 AM, Nick Harring wrote: Hi. This is the qmail-send program at 213.239.219.168. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. : Sorry. Although I'm listed as a best-preference MX or A for that host, it isn't in my control/locals file, so I don't treat it as local. If it's a local domain (users in /etc/passwd), it should appear in /var/qmail/control/locals. If it's a vpopmail domain, it should appear in /var/qmail/control/virtualdomains. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
[vchkpw] Vpopmail 5.4.12 released
http://vpopmail.sf.net/ 5.4.12 - released 4-Jul-05 This release fixes a few bugs that cropped up in the vdelivermail rewrite for 5.4.11. Because of the significant changes to vdelivermail since 5.4.10, this release should not be used on production machines until other developers have had a chance to test it. It also includes some minor fixes to long-time bugs -- see the ChangeLog for details. ChangeLog Tom Collins - vdelivermail: read full message, even on catchall delete/bounce to avoid SIGPIPE error if maildrop is calling vdelivermail. - vdelivermail: missing declaration when QMAIL_EXT defined. - vpopmail.h: remove declaration of crypt() and use #include crypt.h instead (if present). - configure: remove enable-domainquotas option until the domain quota code is fixed. - maildirquota.c: fix bug from 5.4.11 that could accidentally close stdin and result in a failed delivery in vdelivermail. - vpopmail.c: better error checking in r_mkdir().
Re: [vchkpw] Segmentation fault on one domain
On Jul 2, 2005, at 12:34 PM, [EMAIL PROTECTED] wrote: I'm using cdb for the password database. This domain was working fine up until Thursday. Which on Wendsday I was working on removing and readding some accounts with quotas enabled through the vqadmin web interface. Try deleting vpasswd.cdb and then see what happens. If you still have problems, look at the vpasswd file for corruption, especially the entries before and after the qwerty1234 user. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Re: block non-relay from remote to local?
On Jul 2, 2005, at 9:32 AM, Billy Newsom wrote: If you aren't familiar with the Matt Simerson mysql patch, it was born because there can be major lookup problems with the cdb file, especially using POP before SMTP. Imagine the POP server populating the text file (and re-compiling the CDB) 10 times per second. Now, imagine 20 queries per second on the CDB file, that in some cases is in the middle of a file alteration. The disk, in cases like this, hardly ever gets to writing the file from a kernel buffer, so what you are seeing is memory accesses on this file most of the time. There will simply be cases where the CDB file gets hammered too hard and corrupted. It will need attention by the admin during peak hours. If I recall the thread though, the server in question is NOT set up for POP before SMTP. So, the cdb file is static and does not get updated. If it has 5 or so entries for the servers that will feed it, I would have to agree that a cdb lookup would to a static file of 5 entries would be more efficient than a MySQL query (which has to be parsed by the MySQL server) for the same lookup. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] hi CPU usage
If you've got TLS, did you do the following steps (copied from Shupp's Toaster): qmailctl stop make cert # enter your company's information make tmprsadh # NOTE: This may take a LONG time # now add the followowing line to your crontab via `crontab -e` to update these temp keys each night 01 01 * * * /var/qmail/bin/update_tmprsadh /dev/null 21 # start qmail back up qmailctl start If it has to generate a key on every connection, that could take a lot of CPU time. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] mail quotas
On Jun 30, 2005, at 1:37 PM, Jeff Koch wrote: Is there a command to force vpopmail to recalculate the maildirsize. We see a few cases where it is out of sync with the actual bytes and message count. Also, we see a few accounts that are over quota still are accepting mail - especially dictionary attack spams. Can the system enforce strict quotas and just not accept any mail when over quota. We had a account go over 997MB due to dictionary attacks and they had set the account as the default. Old bug in vdelivermail -- it wouldn't do quota checks on the catchall mailbox. To force a maildirsize recalculation, just delete the maildirsize file. I have a new vdelivermail in a read-to-release 5.4.12 that I need to upload to SourceForge. I still consider it somewhat beta, but 5.4.12's vdelivermail might be more reliable than 5.4.10 (the last release before my re-write). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] mail relay problems ...
On Jun 30, 2005, at 12:30 PM, Henti Smith wrote: where is a decent howto these days http://shupp.org/toaster/ I use it every time I build a new hosting server (every 3 years or so). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Safely Remove And Replace Postmaster Accounts?
On Jun 23, 2005, at 11:51 AM, [EMAIL PROTECTED] wrote: Is it possible to safely nuke these accounts and immediately recreate them to clear their inboxes out? Wouldn't it be better to just delete the files in Maildir/new or Maildir/cur? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] smtp auth - md5 learn pass
On Jun 19, 2005, at 9:09 PM, Casey Allen Shobe wrote: I don't know what dovecot does. I recompiled it and restarted it, no difference. Here's what shows up in the mail facility for syslog: # tail -f /var/log/mail/current Jun 20 04:08:51 [imap-login] Login: [EMAIL PROTECTED] [71.113.2.184] Jun 20 04:08:56 [pop3-login] Login: [EMAIL PROTECTED] [64.125.210.7] Jun 20 04:08:56 [pop3-login] Login: [EMAIL PROTECTED] [66.15.68.87] Jun 20 04:08:57 [pop3-login] Login: [EMAIL PROTECTED] [67.160.31.225] Jun 20 04:09:07 [pop3-login] Login: [EMAIL PROTECTED] [24.41.46.242] Jun 20 04:09:09 [pop3-login] Login: [EMAIL PROTECTED] [66.15.68.87] Jun 20 04:09:12 [vpopmail] vchkpw-smtp: (PLAIN) login success [EMAIL PROTECTED]:71.113.2.184 Jun 20 04:09:16 [pop3-login] Login: [EMAIL PROTECTED] [66.213.206.34] Jun 20 04:09:22 [vpopmail] vchkpw-smtp: (PLAIN) login success [EMAIL PROTECTED]:148.64.71.106 It looks like it doesn't call vchkpw. If it did, you'd see [vpopmail] vchkpw-pop3: in the logs. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Re: smtp auth - md5 learn pass
On Jun 19, 2005, at 12:55 PM, Casey Allen Shobe wrote: On Sunday 19 June 2005 19:52, Casey Allen Shobe wrote: That works, but that's not useful since none of the client logins (pop3 or imap) update the password file. SMTP logins *do*, but they are considerably more rare... And many accounts exist for POP3 polling only, and the end user only uses one account to SMTP auth with for any address he sends from. Does dovecot link directly to libvpopmail? If so, did you recompile dovecot after enabling learn passwords and cleartext passwords in vpopmail? If not, it's still linked to the old vpopmail code. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Re: smtp auth - md5 learn pass
On Jun 18, 2005, at 7:32 AM, Sylwester S. Biernacki wrote: I've checked in mysql log what happens if I auth via POP3 - vpopmail makes select from vpopmail where pw_name='x' and pw_domain='x.com' and the connection is being closed. As far as I understand well I should get an update to vpopmail pw_clear_passwd field, right ? I'm not sure why this isn't happening -- here's the relevant code in vchkpw: #ifdef ENABLE_LEARN_PASSWORDS #ifdef CLEAR_PASS /* User with pw_clear_passwd unset but pw_passwd set * should have the pw_clear_passwd field filled in */ if ( vpw-pw_clear_passwd==NULL||vpw-pw_clear_passwd[0]==0) { vpw-pw_clear_passwd = ThePass; vauth_setpw(vpw, TheDomain); } #endif #endif It gets to this code after confirming that the user has a valid password. If you're using Courier for POP logins, then it doesn't call vchkpw, and that's why learn passwords isn't working. If you're using qmail's pop3 server, you could add some debugging to vchkpw.c (and recompile and reinstall it) to do some printfs around that code to see why it isn't running. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] spamassassin and vpopmail on ISP-cluster
On Jun 17, 2005, at 7:52 AM, Tobias Orlamuende wrote: What are possible implementations of SA on vpopmail? Currently the cluster counts about 100k mailboxes with an average of ~ 10k messages an hour. Simscan (and clamav) is already installed. Users don't have do have individual settings (would be nice, but needs IMHO too much hacking in qmailadmin). If you don't need individual settings, the easiest is to just have simscan call spamc. This way, you can reject spam at the SMTP level instead of bouncing it later on. I know that Bill Shupp ported the SpamAssassin code from the 5.5 dev series into 5.4.10. I'm not sure if he made the patch available on SourceForge or not -- I'm sure he'll chime in on this thread before too long. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] SMTP-AUTH works POP3 not SMTPd?
On Jun 17, 2005, at 9:43 AM, ISP Lists wrote: /usr/local/bin/tcpserver \ -H -l [[[my.host.name]]] \ -v -x /etc/tcp.smtp.cdb \ -c 30 -R -u $VPOPMAILUID -g $VPOPMAILGID 0 smtp \ /usr/local/bin/rblsmtpd -b -C \ -r 'sbl-xbl.spamhaus.org:Your message was rejected ' \ /var/qmail/bin/qmail-smtpd $LOCAL /home/vpopmail/bin/vchkpw \ /usr/bin/true 21 mysql's vpopmail database table vlog contains: | id | user | passwd | domain| logon | remoteip | message | timestamp | error | ++---+--+--- +-+-- +-- ---++---+ | 1 | daver | [EMAIL PROTECTED] | example.net | [EMAIL PROTECTED] | MYIP | vchkpw-25: password fail (pass: '[EMAIL PROTECTED]') [EMAIL PROTECTED]:MYIP | 1119024854 | You've got an old SMTP AUTH patch that sends the MD5 challenge and response in the wrong order. Use the patch from the contrib directory of vpopmail, and then remove the $LOCAL from your run file, as the newer SMTP AUTH patch does not use it. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] SMTP-AUTH works POP3 not SMTPd?
On Jun 17, 2005, at 11:21 AM, ISP Lists wrote: Built as netqmail-1.05, patched SMTP-AUTH from vpopmail contrib, then manually added Tonix' chkuser 2.0 Everything is VERY happy now. Did you remember to remove $LOCAL from your qmail-smtpd/run file? If not, you can now auth with any username/password. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] spamassassin and vpopmail on ISP-cluster
On Jun 17, 2005, at 10:35 AM, Tobias Orlamuende wrote: Seems like Bill is doing quite a lot of work which might make daily-business-life easier. :-) Hope he will join this thread. As a side note, I've been approached by a company interested in sponsoring me to add features to vdelivermail that would automatically direct spam into a .Spam (or other appropriately named) folder in the user's mailbox. They're currently trying to get management to fund the coding. If it's critical enough to pay for, please get in touch with me and I'll see if multiple companies chipping in may lower the cost enough to get it done. PS: Tom, did you see my bug-report for 5.5.1 `show_trace` on the bugtracker? I did, but I've pretty much ignored it. Others are managing the 5.5 branch and I try to stick to 5.4. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Thread-safe Vpopmail Quota Check
On Jun 17, 2005, at 12:31 PM, Rod Taylor wrote: Would there be any interest in applying patches to vpopmail for thread safety if we submit them? Russell Nelson would be the developer working on this project, and we would be happy to discuss the changes in depth. Our immediate concerns are with the thread safety of the below calls: * vauth_getpw(user, domain) * vmaildir_readquota(maildir, format_maildirquota(mypw-pw_shell)) We would prefer to donate patches back to the vpopmail application, via quality review and other standard approval processes, than write our own methods to accomplish a similar task. Part 2 of this project may include an improved quota check method for greatly reduced overhead. I would be very interested. Please make sure you start from 5.4.12, which I'll try to release shortly. It includes a re-written vdelivermail and some changes to the maildirquota code. You can get it from CVS on SourceForge if you use the stable-5_4 tag. It corrects a few quota-related problems with 5.4.10 and earlier. Keep in mind that qmail, vpopmail, courier and other programs all implement the same maildirquota methods. You would need to make sure an improved system either doesn't break the other programs, or can be a drop-in replacement for the old code. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] What causes bounce messages to be sent to forged addresses?
On Jun 17, 2005, at 12:40 PM, Casey Allen Shobe wrote: On Friday 17 June 2005 12:47, Bruno Negro wrote: But appears to me you are not using the Chkuser patch, right? We are not, but I don't understand how that matters, since I'm only seeing these bounce messages coming from a handful of the domains we host (17). All other domains have catchall or delete instead of bounce-no-mailbox? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] how to enable CHKUSER_SENDER_MX check
On Jun 16, 2005, at 12:19 PM, Igor Grinchenko wrote: oops. I guess I should have checked the mailing lists page before speaking. I do apologize. I'm a little confused though. there are two mailing lists that discuss vpopmail, one is @inter7 the other is @sourceforge. only one gets questions about chkuser(and other software too, I presume), and the other doesn't? I'm sure it has been discussed multiple times but if the one @sf doesn't get much traffic maybe it'd be a good idea to kill it? The developer list on SourceForge has been quiet recently since there haven't been any radical changes to the codebase that required discussion recently. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Update: QMail email true origin IP (tracking down a virus!)
On Jun 14, 2005, at 9:15 PM, [EMAIL PROTECTED] wrote: This is an overview of the information provided by QMail and the emails. xx Received: from adsl-66-120-105-146.dsl.sndg02.pacbell.net (HELO entekbuckets.com) (66.120.105.146) by entekbuckets.com with SMTP; 14 Jun 2005 13:47:46 -0700 It was sent by 66.120.105.146. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Wrong email delivery
On Jun 15, 2005, at 3:05 AM, YaP wrote: I don't use .qmail files because i've users defined in vpopmail sql table and aliases defined in valias sql table. Probably i must add the path of the maildir in the valias table. Is valias table read like .qmail files? So if the user isn't in the valias table the email is delivered to default directory otherwise is delivered ONLY to mailboxes or aliases defined in valias table. If you have a user named [EMAIL PROTECTED], you shouldn't create aliases in the valias table for [EMAIL PROTECTED] Use qmailadmin to manage the .qmail file for user fred, or create a .qmail file for fred manually. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Wrong email delivery
On Jun 15, 2005, at 1:57 PM, YaP wrote: Tom Collins wrote: If you have a user named [EMAIL PROTECTED], you shouldn't create aliases in the valias table for [EMAIL PROTECTED] Why not? How can i manage store and forward? Use qmailadmin to manage the .qmail file for user fred, or create a .qmail file for fred manually. I tought valias was introduced to replace .qmail files. It was introduced to replace .qmail-alias files, not user .qmail files. To accomplish your goals, you could create an account fred-mailbox and a valias of fred that goes to all forwarding accounts, including fred-mailbox. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vdominfo showing wrong user counts
On Jun 13, 2005, at 7:58 PM, Casey Allen Shobe wrote: On Monday 23 May 2005 21:51, Casey Allen Shobe wrote: Why does vpopmail show users for a domain as 1 or 0, when there are actually 10 users? vdominfo showed 1, then I removed .dir-control, and now it shows 0: No ideas on this??? The .dir-control file keeps track of the number of accounts. Somewhere in the account creation/deletion code there's a condition where it can get out of sync (or if you add/delete accounts by manually editing the vpasswd file or database table). Deleting it resets the count to 0. Add a few dummy users, check vdominfo and look at the .dir-control file between adds to figure out which number represents vpopmail's user count for the domain. Another question, why does vuserinfo show a last auth time for some accounts, but not for others even though I know the account is being logged into on a regular basis? Probably the difference between POP and IMAP auth? If you use qmail-pop3d for POP and Courier for IMAP, Courier might not be updating the lastauth value. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] create a bunch of ezmlm lists from a webpage.
On Jun 12, 2005, at 6:35 PM, Jason wrote: I can create a list using qmailadmin, but I noticed that it puts all of the list files and .qmail files in /home/vpopmail/domains/(domainName)/ So here are my series of questions: 1.) how do I create a list that vpopmail can recognize ? 2.) how can I get that list's directory in the web users web space directory 3.) any other help with my situation is appreciated, after 3 days I have yet to create a list via the command-line that has worked. Read up on how qmail and qmail-local work, and you'll learn why your requirements won't work. You need to have the .qmail-alias files somewhere that qmail-local can find them. If you're only creating lists, you could set up the users/assign file to point domains into the web space directory, but then you're going to run into permissions problems. Your best bet might be to come up with a way to modify qmailadmin to suit your needs (like disabling everything but mailing list support in it). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] REQUEST FOR NEW FEATURE: INTERNAL-ONLY ACCOUNTS
On Jun 13, 2005, at 12:22 PM, Bruno Negrão wrote: Now, the director of one of the companies I give support asked me to set a bunch of e-mail accounts as internal-only, i.e., they can send e-mail internally but cannot send or receive external e-mails. It would have to take place entirely in qmail-smtpd, I would think. If it's a singled, dedicated server, it should be a simple patch to qmail-smtpd to make sure that both the sender's domain and the recipient's domain are in /var/qmail/control/locals. You could probably accomplish this if you don't publish an MX record for the domain -- only mail submitted directly to the server will be delivered, and that would only be messages sent by these clients. Disable qmail-remote on the server and it will be impossible for it to send mail to remote servers. Keep in mind that you will need to have the users' email clients use your smtp server for outbound email. If they point to their ISP's server, you can't prevent them from sending to external addresses. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Vpopmail aliases - messages getting stuck in Qmail
On Jun 13, 2005, at 1:48 PM, Andrew Hodgson wrote: I have a Vpopmail with aliases set up with more than one user in the alias: sales joe.blow, john.smith Now sometimes when a user sends messages to one of these aliases the message will get stuck in the queue, and they will receive multiple copies, If there's a problem delivering to john.smith that causes a deferral, the message will go to joe.blow again on the next attempt (and get a deferral delivering to john.smith and thus loop up). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] authentication problem
On Jun 10, 2005, at 3:19 PM, [EMAIL PROTECTED] wrote: Thank you for your recomendations I did this: mysql update vpopmail set pw_clear_passwd = NULL; And dint work, so i did this mysql update vpopmail set pw_clear_passwd = ''; And didnt work too And didnt work even with new accounts My vpopmail version is 5.4.9 After clearing the password, you then authenticated one of the users, and his cleartext password didn't update? Try clearing the encrypted password of a few test accounts and see if vpopmail can learn their passwords. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com