Hi,
I am having quite a fight with qmail right now. I looked through the archive
for a possible solution, but I did not find anything. If this has been
addressed before, please feel free to flame me personally as long as you
include a pointer to where I could find the answer, thanks!
I use
Hi,
You could look at a package called "sieve" from the Cyrus IMAP project. It
is not a web-based, but at least it is server based.
Patrick.
Hi,
[...]
My problem is that instead of the sender's email address, qmail-remote
puts
lo0... in the initial MAIL FROM: command when it forwards
an
email.
qmail-remote doesn't make up envelope return paths. If it's using
lo0..., that's because that's what the message
Hi,
My problem is that instead of the sender's email address, qmail-remote
puts
lo0... in the initial MAIL FROM: command when it forwards
an
email.
Here is a piece of code that will test if your implementation is subject to
the bug I experienced on my FreeBSD installation. This
Hi,
From: "Paul Schinder" [EMAIL PROTECTED]
At 3:06 PM -0500 3/31/00, Dave Sill wrote:
Do the spammers:
1) throw up their hands and admit defeat, or
2) start using valid (but wrong) domains in their envelope return
paths, thereby defeating your rejection and escalating the
Jon Rust [EMAIL PROTECTED] wrote:
I agree with most of what you said here Dave, but I'd have to say
that rejecting mail with envelope sender domains that don't exist is
a good thing (either an A or CNAME record, or an MX). If for no other
reason, you can't bounce back to them. I don't
From: "Len Budney" [EMAIL PROTECTED]
The key is to try to keep track as much as possible of what is accepted
and what is rejected.
Why? To satisfy your curiosity? Or do you then track down all senders of
legitimate email, and tell them what happened?
The reason why I feel that logging of
Hi,
From: "Peter van Dijk" [EMAIL PROTECTED]
advertise the e-mail address associated with that user account in the
MAIL
FROM, nothing prevents you to advertise your "official" email address in
the
reply-to header.
Uhm. You are correct. Nothing prevents you from doing that. But it kinda
ot; [EMAIL PROTECTED]
On Sat, Apr 01, 2000 at 12:24:43PM -0500, Patrick Bihan-Faou wrote:
Again I am not saying that this is practical today. My only claim is
that
you should be able to use the domain indicated in MAIL FROM to do
validity
checks and possibly reject spam.
ágain 'should'. B
Hi,
I am using qmail on FreeBSD with ucspi and daemontools as decribed in LWQ
and everything is great...
There is one patch you need to implement on the FreeBSD kernel in order to
not suffer a buffer overflow in one of the function that qmail uses. This
buffer overflow will effectively replace
Hi,
- Original Message -
From: "Gabriel Ambuehl" [EMAIL PROTECTED]
buffer overflow will effectively replace the address for the MAIL FROM
command of outgoing smtp session with crap leading in email rejections
from
remote smtp servers.
Hmm that's bad...
Well, it's been around
Hi,
- Original Message -
From: "S.P. Hoeke" [EMAIL PROTECTED]
Has anyone else encountered this? Is this a major problem?
I've been running qmail on OpenBSD 2.x for about a month now, and haven't
had any problems (yet)
Looking quickly at the NetBSD and the FreeBSD code, I
Hi,
- Original Message -
From: "Mike" [EMAIL PROTECTED]
Patrick Bihan-Faou wrote:
Looking quickly at the NetBSD and the FreeBSD code, I would say that
they
are not affected by that bug. Also solaris 2.5 is clean. I don't know
about
any of the linux...
Well, now that y
Hi,
I remember one patch in FreeBSD shortly before 4.0-release which,
according to the cvs log, was supposed to fix this problem. I'll
see if I can dig it up. If this bug is not fixed someone who is
affected should file a PR with FreeBSD gnats.
Yep, there was a first attempt at fixing it,
Good news for everybody,
the FreeBSD bug I was mentioning earlier in the list has been fixed for
FreeBSD 4.0 and -current.
If you upgrade your system, you should not have any problems with this
anymore.
Patrick.
Hi,
Maybe I am missing the point, but I thought that only 7 bits ASCII
characters were legal in an email address...
Just as a side question, how do I type the following email address with my
standard US keyboard ? Mikko.Hä[EMAIL PROTECTED] ? More precisely how do I type
the "ä" ?
Please don't
Well I guess that this one is definitely elligible for the "qmail security
challenge".
http://web.infoave.net/~dsill/qmail-challenge.html
If you don't count that as a bug in qmail, then I don't know what is a
bug...
Patrick.
"Scott Gifford" [EMAIL PROTECTED] wrote in message
On Thu, Jan 25, 2001 at 12:40:47PM -0500, Patrick Bihan-Faou wrote:
Well I guess that this one is definitely elligible for the
"qmail security
challenge".
http://web.infoave.net/~dsill/qmail-challenge.html
If you don't count that as a bug in qmail, then I don't know what
Oh and for the fact that the challenge is closed. I mean cool more money to
FSF.
But still my comment is more on "what constitute a problem with qmail". I
don't really care for the challenge itself, but more on the attitude of
saying "this is not a qmail issue, but something else's fault".
Read Bruce Schneier's comment on these type of contests in his latest
book...
Name of book, please.
"Secrets and Lies" if my memory serves me right.
Well my answer to this is "don't use qmail"
So, what do you recommend?
I am not recommending anything, choose a solution based on your
Hi Mark,
Patrick. If you're that bitter about people accurately explaining to
you that a bug is not necessarily the same as a security exploit, [...]
Well I guess I disagree on the meaning of a security problem. If you can use
this trick to create a DOS attack on a system, to me that would
Hi,
Well my answer to this is "don't use qmail"
This note from Patrick intrigued me. It intrigued me because I remember
myself being so frustrated with Qmail, I cursed and said "The only reason
I am using Qmail is because it is too hard to switch over to something
else." There were
22 matches
Mail list logo
