Re: [vchkpw] minimum password length/character combination support?
The vchkpw program verifies the password. Are you wondering about the vpasswd program for changing a password? That's an admin program, and wouldn't typically enforce a password change policy. How do your users currently change their passwords? QmailAdmin? Some other program? You would have to incorporate password requirements into that program, and not the one that validates a password. -Tom On Oct 29, 2014, at 7:42 AM, Peter Brezny wrote: Dear vchkpw@inter7.com, Is there a way to enforce a minimum length and character combination (letters, numbers, upper case) with vchkpw and if not, are there patches or external applications that integrate well with vchkpw to get this functionality? !DSPAM:54512a5f26519256121473!
Re: [vchkpw] minimum password length/character combination support?
I haven't checked the configuration in some time, so I don't know about minimum password requirements. I did recall this patch on SourceForge to call out to cracklib and require a strong password. If you're comfortable with Javascript, you could modify the change password screen to dynamically update a password status (weak, strong, secure) and only enable the change button when both password fields match and meet minimum password requirements. -Tom On Oct 29, 2014, at 11:08 AM, pbre...@purplecat.net pbre...@purplecat.net wrote: Tom, Thanks for the reply. Of course, sorry for the naïve query. Yes we use qmailadmin to allow password changes by end users. And we’ve just found a writeup here: http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/ but it seems a little dodgy. There isn’t by any chance a build time variable for qmail admin or something a little more within the source tree than the above patch method? Thanks again for your reply. Sincerely, Peter Brezny Purplecat Networks Inc. www.purplecat.net 828-250-9446 From: Tom Collins Sent: Wednesday, October 29, 2014 1:56 PM To: vchkpw@inter7.com The vchkpw program verifies the password. Are you wondering about the vpasswd program for changing a password? That's an admin program, and wouldn't typically enforce a password change policy. How do your users currently change their passwords? QmailAdmin? Some other program? You would have to incorporate password requirements into that program, and not the one that validates a password. -Tom On Oct 29, 2014, at 7:42 AM, Peter Brezny wrote: Dear vchkpw@inter7.com, Is there a way to enforce a minimum length and character combination (letters, numbers, upper case) with vchkpw and if not, are there patches or external applications that integrate well with vchkpw to get this functionality? !DSPAM:5451791d26511096114170!
Re: [vchkpw] minimum password length/character combination support?
Sorry, forgot the link to the QmailAdmin patch: http://sourceforge.net/p/qmailadmin/patches/28/ -Tom On Oct 29, 2014, at 4:32 PM, Tom Collins wrote: I haven't checked the configuration in some time, so I don't know about minimum password requirements. I did recall this patch on SourceForge to call out to cracklib and require a strong password. If you're comfortable with Javascript, you could modify the change password screen to dynamically update a password status (weak, strong, secure) and only enable the change button when both password fields match and meet minimum password requirements. -Tom On Oct 29, 2014, at 11:08 AM, pbre...@purplecat.net pbre...@purplecat.net wrote: Tom, Thanks for the reply. Of course, sorry for the naïve query. Yes we use qmailadmin to allow password changes by end users. And we’ve just found a writeup here: http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/ but it seems a little dodgy. There isn’t by any chance a build time variable for qmail admin or something a little more within the source tree than the above patch method? Thanks again for your reply. Sincerely, Peter Brezny Purplecat Networks Inc. www.purplecat.net 828-250-9446 From: Tom Collins Sent: Wednesday, October 29, 2014 1:56 PM To: vchkpw@inter7.com The vchkpw program verifies the password. Are you wondering about the vpasswd program for changing a password? That's an admin program, and wouldn't typically enforce a password change policy. How do your users currently change their passwords? QmailAdmin? Some other program? You would have to incorporate password requirements into that program, and not the one that validates a password. -Tom On Oct 29, 2014, at 7:42 AM, Peter Brezny wrote: Dear vchkpw@inter7.com, Is there a way to enforce a minimum length and character combination (letters, numbers, upper case) with vchkpw and if not, are there patches or external applications that integrate well with vchkpw to get this functionality? !DSPAM:54517a3626514956617183!
Re: [vchkpw] qmailadmin and forwards
Rick, At issue was that qmail only processes the .qmail-alias files in the domain directory. It then hands off to vdelivermail via the .qmail-default file in the domain directory. The vdelivermail program is what parses the user/.qmail file for delivery instructions. While that file follows the same format as other .qmail-alias files, I would agree that it would have been clearer to use .vpopmail as the filename so users would know that the qmail programs weren't responsible for processing it. If we had remained true to the qmail way, shouldn't it have been user/.qmail-default and supported user/.qmail-alias files to handle email addressed to user-al...@example.com? -Tom On Aug 28, 2014, at 12:09 PM, Rick Widmer wrote: What I am peeved about was people on the qmail list complaining about the 'strange' way that vpopmail handles .qmail files, or wanting them to be renamed to .vpopmail files when the fact of the matter is that qmail only hands off delivery for individual users after qmail-local can't find any matching .qmail files in the domain directory. (.qmail-default) The humorous part is that the 'strange' behavior they complain about is the standard behavior of qmail and vpopmail may not be involved in the delivery at all. (Aliases and mailing lists are controlled by the .qmail files in the domain directory.) !DSPAM:53ffc37156441140448696!
Re: [vchkpw] qmailadmin and forwards
Charles, It's been a long time since I've worked in that code, but here are some quick thoughts: 1) There's already code reading the headers, searching for mail loops by looking at the Delivered-To header. You could tap into that code. 2) You could look at simscan.c to see how they're interfacing with spamc. -Tom On Aug 25, 2014, at 5:48 PM, Charles Sprickman wrote: Off to try to follow vdelivermail.c… :) !DSPAM:53fc20e356441762611622!
Re: [vchkpw] Re: !!! CHECK SENDER !!![vchkpw] [SPAM] Re: [SPAM] Rrdirection problem
This sounds like a possible bug (or perhaps a configuration issue) in vdelivermail. With MySQL aliases, vdelivermail handles delivery. It's finding the ssiad forward first and delivering the message there (since -secretariat is an extension to that mailbox). By deleting the alias record stored in MySQL and replacing it with a dot-qmail file (.qmail-ssiad), you're allowing Qmail to handle its delivery before the message is handed off to vdelivermail. It's been a long time since I've worked with the vpopmail source code, but I imagine you'll find logic in vdelivermail that has it checking for aliases before mailboxes, and it's iterating through all possible base/extension pairs (foo-bar-baz, then foo-bar, then foo). -Tom On Apr 24, 2014, at 12:50 AM, Stéphane SALETTES wrote: Hi, You don't understand my problem, maybe because my english is bad :( ssiad-secretar...@piemont.fr is a standalone account no foward spa...@piemont.fr is a standalone account no foward and ss...@piemont.fr is just a foward to spa...@piemont.fr but if i send a message to ssiad-secretar...@piemont.fr nothing in is mailbox but the message is in the box of spa...@piemont.fr the work arraound that i find is delete the foward on qmailadmin (mysql) (ss...@piemont.fr - spa...@piemont.fr) and create a file .qmail-ssiad spa...@piemont.fr Hope you understand me this time sorry :) Thank Cordialement -- Stephane Salettes ABAC Informatique 1 Bis Ave Pech Loubat ZI La Coupe 11100 Narbonne Tél: 33 (0)4 68 41 73 00 FAX : 33 (0)4 6841 73 02 GSM: 33 (0)6 85 36 67 28 http://www.abac-info.com -Message d'origine- De : xaf [mailto:x...@abaxe.net] Envoyé : samedi 19 avril 2014 03:42 À : vchkpw@inter7.com Objet : Re: [vchkpw] Re: !!! CHECK SENDER !!![vchkpw] [SPAM] Re: [SPAM] Rrdirection problem |-- Eric Shubert, le 18/04/2014 23:38, a dit : 3) what you desire to happen When i send a message to ssiad-secretar...@piemont.fr i want that the message go to the ssiad-secretar...@piemont.fr mail box and foward to spa...@piemont.fr And when i send a massage to ss...@piemont.fr i want a simple foward to spa...@piemont.fr I think if you modify the ssiad-secretariat@ account to also forward a copy to spasad@, that would achieve your desired behavior. I.e., in qmailadmin, under the Routing section, select Forward To, and check the Save a Copy checkbox. it's a part of a solution this will create a .qmail file in the user directory but vdelivermail won't read it because of the extension addresses mechanism Stéphane ssiad-secretariat@ is an alias for user ssiad@ it's quite a strange conf to give a forward to the user and the account to the alias mail delivery in a glance qmail-send - qmail-lspawn - qmail-local - vdelivermail - vuser/valias we must shorten delivery before vdelivermail handle it because of ssiad forward, vdelivermail will ignore ssiad-secretariat account lspawn read users/cdb, we can shorten the delivery here, answer 2 local read .qmail-files in domain directory, we can shorten too here, answer 1 answer 1, according vpopmail is in /home/vpopmail create a file .qmail-ssiad-secretariat in /home/vpopmail/domains/piemont.fr 0600 vpopmail:vchkpw write in spa...@piemont.fr /home/vpopmail/domains/piemont.fr/ssiad-secretariat/Maildir/ if you want to change the headers for spasad or /home/vpopmail/domains/piemont.fr/spasad/Maildir/ /home/vpopmail/domains/piemont.fr/ssiad-secretariat/Maildir/ for straight copy answer 2 according to Eric explanation we have a .qmail in /home/vpopmail/domains/piemont.fr/ssiad-secretariat/ containing spa...@piemont.fr /home/vpopmail/domains/piemont.fr/ssiad-secretariat/Maildir/ we need local to read this .qmail file so lspawn have to point to the correct directory before local handle delivery edit /var/qmail/users/assign add the line (check if 89:89 are uid gid of vpopmail:vchkpw) =piemont.fr-ssiad-secretariat:piemont.fr:89:89:/home/vpopmail/domains/piemont.fr/ssiad-secretariat::: before the piemont.fr virtual domain line and run /var/qmail/bin/qmail-newu to rebuild /var/qmail/users/cdb answer 3 a forward account instead of a simple forward delete ssiad forward create ssiad account apply Eric solution without saving a copy ssiad will be master for ssiad-everything but secretariat xaf !DSPAM:53593f3d34268127549349!
Re: [vchkpw] Qmail maillog vchkpw-submission vs vchkpw-smtp
vchkpw-submission is on port 587, and is typically used for emai clients relaying mail. It's often set up to require authentication. vchkpw-smtp is on port 25, and can be used for email clients to relay mail, or by other servers delivering mail to your server. -Tom On Mar 4, 2014, at 9:41 PM, LHTek wrote: In the /var/log/maillog file what is the difference between these 2 entries (vchkpw-submission, vchkpw-smtp)? example: Mar 4 17:27:03 michael vpopmail[14701]: vchkpw-submission: (PLAIN) login success t...@domain.com:64.185.3.238 Mar 4 10:54:42 michael vpopmail[29027]: vchkpw-smtp: (PLAIN) login success t...@domain.com:64.57.239.114 !DSPAM:5316bde734268482773211!
[vchkpw] [SPAM] Re: [vchkpw] [SPAM] Re: [vchkpw] Qmail maillog vchkpw-submission vs vchkpw-smtp
The submission entries outside the US could very well be from hacked accounts. I'm finding a surprising number of compromised accounts (once a week?), including users with good passwords, so I have to assume they're snooped on public wireless, or their computers are compromised by malware of some sort. The vckpw-smtp entries from outside the US are probably also hacked accounts, since mail received from remote servers doesn't include authentication. Sorry I wasn't thinking clearly in my previous response -- I forgot these were vchkpw entries and are only related to authentication. I was thinking about qmail logs. -Tom On Mar 4, 2014, at 10:43 PM, LHTek wrote: Thanks for the reply. NOTE: None of my users will have sent anything from outside the US. I've got some log entries for vchkpw-submission (marked as successful in the log) with non-US IP's (Russia, Egypt, Honk Kong, etc). In my analysis I'm marking those entries as hacked accounts. From what I read from your response, vchkpw-smtp (marked as successful in the log) entries could be mail sent TO my server FROM another server on port 25. That tells me those are probably safe submissions - even if they are from overseas IPs. Am I thinking correctly? From: Tom Collins t...@tomlogic.com To: vchkpw@inter7.com Sent: Wednesday, March 5, 2014 12:02 AM Subject: Re: [vchkpw] Qmail maillog vchkpw-submission vs vchkpw-smtp vchkpw-submission is on port 587, and is typically used for emai clients relaying mail. It's often set up to require authentication. vchkpw-smtp is on port 25, and can be used for email clients to relay mail, or by other servers delivering mail to your server. -Tom On Mar 4, 2014, at 9:41 PM, LHTek wrote: In the /var/log/maillog file what is the difference between these 2 entries (vchkpw-submission, vchkpw-smtp)? example: Mar 4 17:27:03 michael vpopmail[14701]: vchkpw-submission: (PLAIN) login success t...@domain.com:64.185.3.238 Mar 4 10:54:42 michael vpopmail[29027]: vchkpw-smtp: (PLAIN) login success t...@domain.com:64.57.239.114 !DSPAM:5316cae034263249811152!
Re: [vchkpw] odd problem after OS upgrade (hey, Tom, Ken, jkitchen: around?)
Did you recompile qmail and vpopmail after the OS upgrade? I'm wondering if it's something odd where the size of some data type changed from 32 to 64 bits after the OS upgrade, and one program is using the new size (perhaps because of a dynamically linked library) and the other is still using the old size. That's my best guess. I haven't been doing POSIX development in a long time, and even when I did I didn't wade too far into spawning children and exit codes. But it seems like the successful exit code isn't being interpreted correctly on qmail-smtpd. -Tom On Jun 22, 2013, at 6:11 PM, Jeremy Kister wrote: On 6/22/2013 8:26 PM, Jeremy Kister wrote: i'm not even sure it's a vpopmail problem, i suppose i may need a cross post on the qmail list. hrm. i replaced vchkpw with checkpasswd. still broken. -- Jeremy Kister http://jeremy.kister.net./ !DSPAM:51c68c1e34131709335937!
[vchkpw] [SPAM] Re: [vchkpw] [SPAM] Re: [vchkpw] [SPAM] Error: Unable to chdir to vpopmail/domains/domain directory
If you're talking about QmailAdmin, you need to make sure it's got the suid bit set and is owned by the vpopmail user. You shouldn't have changed Apache to run as vpopmail, and should revert those changes. If vpopmail is working for you, you should focus your efforts on troubleshooting QmailAdmin. -Tom On May 16, 2013, at 7:07 AM, swaroop kumar wrote: I could able to add domains by using command line /home/vpopmail/bin/vadddomain virtual-labs.ac.in admin but not in gui. error could not update file was trown when i am trying to create domain. After creating domain using command i could able to view the details of the domain over gui. !DSPAM:5194c1a634122055419353!
Re: [vchkpw] [SPAM] lastauth troubles, old version
Charles, QmailAdmin will update lastauth (as least the file in the user's directory) as well. I know that on my current system, pop3 and pop3s update the file (using qmail's POP server) but IMAP does not (using dovecot). -Tom On Apr 11, 2013, at 1:47 PM, Charles Sprickman wrote: It's been some time since I've had to dig into any vpopmail issues as we have a box that's been frozen in time for years. It's quite the frankenbox at this point and I'll be having to get myself up to speed in the coming months to deal with a move to new hardware, moving to dovecot from courier, and fronting the whole qmail mess with postfix. So I decided to start small and verify I can still rebuild the current vpopmail version we run (5.4.7) in a VM and alter a few options. I opted to enable the last login function. It was turned off long ago to alleviate some db load, but that's no longer an issue for us. I've rebuilt 5.4.7 with --enable-auth-logging but I'm not seeing all logins show up in the lastauth table. We use courier (4.0.6) and authdaemond (0.58) with vpopmail auth enabled. In my testing, I tried a pop3, pop3s, imap, and imaps login and found no errors logged and no logins show up in the lastauth table. To complicate matters, I do see a handful of users showing up in the table, but I can't find any common criteria here - some of these users are pop, some are imap. I feel like I've probably forgotten some piece of this puzzle, any hints? How can I debug why the logins are not being logged? Thanks, Charles !DSPAM:5167091c34145934024422!
Re: [vchkpw] qmailadmin suggestions -- SOrry if I send a Personal one
Looks like a problem in vauth_getpw() from vpopmail. I think you're on the right track with going from 5.5 back down to 5.4. I'm still running QmailAdmin 1.2.12 and Vpopmail 5.4.20. -Tom On Feb 19, 2013, at 9:09 PM, Remo Mattei wrote: one more update on this Program received signal SIGSEGV, Segmentation fault. 0x0805d490 in vauth_getpw () (gdb) bt #0 0x0805d490 in vauth_getpw () #1 0x0805785c in get_session_val (session_var=0x805c20d returnhttp=) at template.c:872 #2 0x080572fd in send_template_now (filename=0x805cbdf show_login.html) at template.c:645 #3 0x08055e45 in send_template (actualfile=0x805cbdf show_login.html) at template.c:65 #4 0x0805938e in show_login () at show.c:33 #5 0x0804a42d in main (argc=value optimized out, argv=value optimized out) at qmailadmin.c:307 On Feb 19, 2013, at 21:01 , Remo Mattei r...@italy1.com wrote: Hi Tom, I have a problem with Qmailadmin for some reasons it show half page, could you suggest something, it does not have any error on the web but if I run it I get trtdPassword/tdtdinput type=password size=14 name=password maxlength=128/td/tr tr td colspan=2 align=right Segmentation fault this is a centos 5.9 before installing the ezmlm I remember it was working after compiling that it got to this stage. Thank you for your suggestions. here is the link to show the page http://mail.mattei.co/cgi-bin/qmailadmin Remo !DSPAM:5124563c34141721820306!
Re: [vchkpw] vchkpw auth remote database
He's said that vuserinfo works, so the database linkage is OK. Something else is preventing vchkpw from working. -Tom (Sent from my phone; forgive my brevity) On Oct 23, 2012, at 2:28 AM, Thibault Richard th...@thibs.com wrote: Hello Are your MySQL right well set on the MySQL server ? I usually set those rights GRANT select,insert,update,delete,create,drop ON vpopmail.* TO vpopmailuser@SRV1 IDENTIFIED BY 'VPOPMAIL_PASSWORD'; (modifications right to create new accounts + logging) Best Regards Thibault -Original Message- From: Todor Petkov [mailto:z...@online.bg] Sent: mardi 23 octobre 2012 11:17 To: vchkpw@inter7.com Subject: Re: [vchkpw] vchkpw auth remote database On 10/23/2012 05:44 AM, kengheng wrote: Yape, it got mysql client installed. As I could actually using it to connect to remote mysql db. Can you please show the content of the service run file? !DSPAM:5086aea834171685210279!
Re: [vchkpw] qmailadmin buffer overflow
Catching up on old emails -- were you able to resolve this? I can't recall if this thread continued on the mailing list or not. -Tom On Sep 19, 2012, at 6:35 AM, Bob Hutchinson wrote: On 19/09/12 11:52, Tom Collins wrote: I'm offline, with limited Internet connectivity, so apologies if someone else has already responded. I think you need to recompile QmailAdmin and manually install the binary. The installation process strips debug information that would probably show up in this dump and help isolate the problem. OK, I will look into doing this at a quiet time. I notice that there is a binary in the source tree which is much larger and which says it's unstripped, I might just try that one first. -Tom (Sent from my phone; forgive my brevity) On Sep 18, 2012, at 5:45 PM, Bob Hutchinson hutchli...@midwales.com wrote: Not sure if this is the right place to post but I don't know where else. I am using qmailadmin in a standard shupp toaster, on a 64bit machine. qmailadmin-1.2.15 I getting a WSOD after adding a new mailinglist. The mailinglist is made and all appears correct. Each line in the apache error log is prepended by something like this: [Tue Sep 18 14:54:30 2012] [error] [client 1.2.3.4] The referer is someting like this: http://myserver.net/cgi-bin/qmailadmin/com/addmailinglist?user=postmasterdom=adomain.co.uktime=1347976179 replaced with xxx Here is the log snippet pruned for easier reading: *** buffer overflow detected ***: /usr/lib/cgi-bin/qmailadmin terminated, referer: xxx === Backtrace: =, referer: xxx /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f12e3f8e007], referer: xxx /lib/x86_64-linux-gnu/libc.so.6(+0x107f00)[0x7f12e3f8cf00], referer: xxx /lib/x86_64-linux-gnu/libc.so.6(+0x1075eb)[0x7f12e3f8c5eb], referer: xxx /lib/x86_64-linux-gnu/libc.so.6(__snprintf_chk+0x78)[0x7f12e3f8c4c8], referer: xxx /usr/lib/cgi-bin/qmailadmin[0x409534], referer: xxx /usr/lib/cgi-bin/qmailadmin[0x4107bc], referer: xxx /usr/lib/cgi-bin/qmailadmin[0x402fb5], referer: xxx /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7f12e3ea676d], referer: xxx /usr/lib/cgi-bin/qmailadmin[0x403551], referer: xxx === Memory map: , referer: xxx 0040-00431000 r-xp ca:01 12699746 /usr/lib/cgi-bin/qmailadmin, referer: xxx 0063-00631000 r--p 0003 ca:01 12699746 /usr/lib/cgi-bin/qmailadmin, referer: xxx 00631000-00632000 rw-p 00031000 ca:01 12699746 /usr/lib/cgi-bin/qmailadmin, referer: xxx 00632000-0063d000 rw-p 00:00 0 , referer: xxx 0078d000-007ae000 rw-p 00:00 0[heap], referer: xxx 7f12e3c6f000-7f12e3c84000 r-xp ca:01 10092763 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx 7f12e3c84000-7f12e3e83000 ---p 00015000 ca:01 10092763 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx 7f12e3e83000-7f12e3e84000 r--p 00014000 ca:01 10092763 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx 7f12e3e84000-7f12e3e85000 rw-p 00015000 ca:01 10092763 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx 7f12e3e85000-7f12e4038000 r-xp ca:01 10092730 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx 7f12e4038000-7f12e4237000 ---p 001b3000 ca:01 10092730 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx 7f12e4237000-7f12e423b000 r--p 001b2000 ca:01 10092730 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx 7f12e423b000-7f12e423d000 rw-p 001b6000 ca:01 10092730 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx 7f12e423d000-7f12e4242000 rw-p 00:00 0 , referer: xxx 7f12e4242000-7f12e424b000 r-xp ca:01 10092783 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx 7f12e424b000-7f12e444b000 ---p 9000 ca:01 10092783 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx 7f12e444b000-7f12e444c000 r--p 9000 ca:01 10092783 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx 7f12e444c000-7f12e444d000 rw-p a000 ca:01 10092783 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx 7f12e444d000-7f12e447b000 rw-p 00:00 0 , referer: xxx 7f12e447b000-7f12e449d000 r-xp ca:01 10092751 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx 7f12e4688000-7f12e468b000 rw-p 00:00 0 , referer: xxx 7f12e4697000-7f12e469d000 rw-p 00:00 0 , referer: xxx 7f12e469d000-7f12e469e000 r--p 00022000 ca:01 10092751 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx 7f12e469e000-7f12e46a rw-p 00023000 ca:01 10092751 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx 7fff3851d000-7fff3853e000 rw-p 00:00 0[stack], referer: xxx 7fff385ff000-7fff3860 r-xp 00:00 0[vdso], referer: xxx ff60-ff601000 r-xp 00:00 0 [vsyscall], referer: xxx -- - Bob Hutchinson Midwales dot com - -- - Bob Hutchinson Midwales dot com - !DSPAM
Re: [vchkpw] qmailadmin buffer overflow
That should be just fine. Keep a copy of the currently-installed version to switch back to after debugging. -Tom (Sent from my phone; forgive my brevity) On Sep 19, 2012, at 3:35 PM, Bob Hutchinson hutchli...@midwales.com wrote: OK, I will look into doing this at a quiet time. I notice that there is a binary in the source tree which is much larger and which says it's unstripped, I might just try that one first. !DSPAM:505b528534213501068019!
Re: [vchkpw] qmailadmin buffer overflow
I'm offline, with limited Internet connectivity, so apologies if someone else has already responded. I think you need to recompile QmailAdmin and manually install the binary. The installation process strips debug information that would probably show up in this dump and help isolate the problem. -Tom (Sent from my phone; forgive my brevity) On Sep 18, 2012, at 5:45 PM, Bob Hutchinson hutchli...@midwales.com wrote: Not sure if this is the right place to post but I don't know where else. I am using qmailadmin in a standard shupp toaster, on a 64bit machine. qmailadmin-1.2.15 I getting a WSOD after adding a new mailinglist. The mailinglist is made and all appears correct. Each line in the apache error log is prepended by something like this: [Tue Sep 18 14:54:30 2012] [error] [client 1.2.3.4] The referer is someting like this: http://myserver.net/cgi-bin/qmailadmin/com/addmailinglist?user=postmasterdom=adomain.co.uktime=1347976179 replaced with xxx Here is the log snippet pruned for easier reading: *** buffer overflow detected ***: /usr/lib/cgi-bin/qmailadmin terminated, referer: xxx === Backtrace: =, referer: xxx /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f12e3f8e007], referer: xxx /lib/x86_64-linux-gnu/libc.so.6(+0x107f00)[0x7f12e3f8cf00], referer: xxx /lib/x86_64-linux-gnu/libc.so.6(+0x1075eb)[0x7f12e3f8c5eb], referer: xxx /lib/x86_64-linux-gnu/libc.so.6(__snprintf_chk+0x78)[0x7f12e3f8c4c8], referer: xxx /usr/lib/cgi-bin/qmailadmin[0x409534], referer: xxx /usr/lib/cgi-bin/qmailadmin[0x4107bc], referer: xxx /usr/lib/cgi-bin/qmailadmin[0x402fb5], referer: xxx /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7f12e3ea676d], referer: xxx /usr/lib/cgi-bin/qmailadmin[0x403551], referer: xxx === Memory map: , referer: xxx 0040-00431000 r-xp ca:01 12699746 /usr/lib/cgi-bin/qmailadmin, referer: xxx 0063-00631000 r--p 0003 ca:01 12699746 /usr/lib/cgi-bin/qmailadmin, referer: xxx 00631000-00632000 rw-p 00031000 ca:01 12699746 /usr/lib/cgi-bin/qmailadmin, referer: xxx 00632000-0063d000 rw-p 00:00 0 , referer: xxx 0078d000-007ae000 rw-p 00:00 0[heap], referer: xxx 7f12e3c6f000-7f12e3c84000 r-xp ca:01 10092763 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx 7f12e3c84000-7f12e3e83000 ---p 00015000 ca:01 10092763 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx 7f12e3e83000-7f12e3e84000 r--p 00014000 ca:01 10092763 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx 7f12e3e84000-7f12e3e85000 rw-p 00015000 ca:01 10092763 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx 7f12e3e85000-7f12e4038000 r-xp ca:01 10092730 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx 7f12e4038000-7f12e4237000 ---p 001b3000 ca:01 10092730 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx 7f12e4237000-7f12e423b000 r--p 001b2000 ca:01 10092730 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx 7f12e423b000-7f12e423d000 rw-p 001b6000 ca:01 10092730 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx 7f12e423d000-7f12e4242000 rw-p 00:00 0 , referer: xxx 7f12e4242000-7f12e424b000 r-xp ca:01 10092783 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx 7f12e424b000-7f12e444b000 ---p 9000 ca:01 10092783 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx 7f12e444b000-7f12e444c000 r--p 9000 ca:01 10092783 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx 7f12e444c000-7f12e444d000 rw-p a000 ca:01 10092783 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx 7f12e444d000-7f12e447b000 rw-p 00:00 0 , referer: xxx 7f12e447b000-7f12e449d000 r-xp ca:01 10092751 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx 7f12e4688000-7f12e468b000 rw-p 00:00 0 , referer: xxx 7f12e4697000-7f12e469d000 rw-p 00:00 0 , referer: xxx 7f12e469d000-7f12e469e000 r--p 00022000 ca:01 10092751 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx 7f12e469e000-7f12e46a rw-p 00023000 ca:01 10092751 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx 7fff3851d000-7fff3853e000 rw-p 00:00 0[stack], referer: xxx 7fff385ff000-7fff3860 r-xp 00:00 0[vdso], referer: xxx ff60-ff601000 r-xp 00:00 0 [vsyscall], referer: xxx -- - Bob Hutchinson Midwales dot com - !DSPAM:5059a45e34211364084616!
Re: [vchkpw] [SPAM] valias line that pipes into vdelivermail again breaks delivery valias documentation lax
Haven't read your whole email, so I apologize if I'm off base.
vdelivermail should only go in .qmail-default. It should not go in .qmail-alias
files. If you're using it there, you will have problems.
-Tom
(Sent from my phone; forgive my brevity)
On Aug 5, 2012, at 1:13 PM, Luke vpopmail luke+lists+vpopm...@hiled.biz wrote:
Hi Guys,
I've been a Qmail users since Peter Samuel at SLUG.org.au did his talk a
long long time ago.
Now down to business. I have an issue with vpopmail failing with
virtualmin, a webmin spin off..
http://www.virtualmin.com/node/22970
Basically what happening is this, virtualmin is configuring
|/var/vpopmail/bin/vdelivermail user@domain for aliases and it's breaking.
Why it's breaking I don't exactly know why, because according to the valias
code pipes are supported.
I seek confirmation on the mysql implementation of vmail aliases.
* multiple aliases for the same domain are supported (true)
* if qmail extensions are used (user-ext@domain) in aliases they will be
used INSTEAD of the user's alias (?)
* qmail extensions are supported on aliases if there is not a better match
(see above)
? how do qmail extensions on aliases flow through to the user accounts ?
* pipes are supported (true) (see caveat)
* forwarding is supported - in order to support non-standard email naming
conventions i.e. dot qmail compliancy (true?)
* mbox delivery is not supported (true)
* if no hostname is provided on alias it will use
/var/qmail/control/defaultdelivery (true? seems to be using
/var/qmail/bin/qmail-inject at some point noenvhost is ignored)
* aliases are processed before users (true)
* if the database is down, a soft delivery delay occurs (true)
* mail loops for valiases only are detected (true) (not for user accounts
bouncing back to a valias??)
* delivery to maildir folders are supported if the full path is specified
(true)
* delivery to maildir folders are supported for relative paths in relation
to vpopmail's home directory defined in /etc/passwd (true?) i.e. ./domains/
hiled.biz/user/.maildir/ is prepended by vpopmail's home directory
* a maildir folder needs a ./ or a / at the beginning of the line to be
processed (true/false?)
* anything else that should go into the readme file thats not there
I do hope some people can look at that virtualmin ticket to theorize why
vdelivermail doesn't like calling itself to do another delivery.
The issue doesn't affect me, it's just that some other setup's and indeed
virtualmin's non-sql-backend setups are all doing it this way.
It did take day to hunt down, but finally my pain is over (i never thought
of checking the valias database)
I'm also petitioning virtualmin to be fixed fixed to work with gentoo's
defacto .maildir defaultdelivery standard for qmail. They had hardcoded
./Maildir in their source.
Speaking of the maildrop patch for virtualmin, I don't like it in it's
current form. It's messy.
I think that vpopmail should support this setup instead.
1) If a domain is not owned by vpopmail:vckpwd/vpopmail still configure
/var/qmail/users/assign to use uid/gid 89 (vpopmail) - see below, this
should be configured by a #ifdef MAILDROP
2) Add maildrop to your system as SUID with it set up that vpopmail is a
trusted user. --configure-trusted-users=x,y,z,vpopmail in maildrop
configure script.
[ Due to the amount of personal information vpopmail system could release,
it should be pretty locked down anyway if any system administrator is worth
his salt.]
3) I patched vdelivermail to spawn vpopmail in LDA mode.
--- vdelivermail.c.orig2012-08-03 06:51:43.397294158 +
+++ vdelivermail.c2012-08-03 07:56:38.802799846 +
@@ -409,7 +409,7 @@
#ifdef MAILDROP
if ( limits.disable_maildrop==0 vpw!=NULL
!(vpw-pw_gid NO_MAILDROP) ) {
-sprintf(maildrop_command, | preline %s, MAILDROP_PROG);
+sprintf(maildrop_command, | preline %s -a -d %s@%s, MAILDROP_PROG,
TheUser, TheDomain);
run_command(maildrop_command);
DeleteMail = 1;
return(0);
This way maildrop sets up the home directory, the maildir directory and the
appropriate user ID tself. You can still have site-wide configuration by
/etc/maildroprc
4) To make point #3 working you need courier-authlib working. They have
just recently the removed vpopmail authentication backend. However SQL /
LDAP or whatever vpopmail uses can be queried. Here is an an example for
mysql.
/etc/courier/authlib/authmysqlrc:
#address of mysql server
MYSQL_SERVERlocalhost
#login for mysql
MYSQL_USERNAME vpopmail
#password for mysql
MYSQL_PASSWORD secret
# of course i don't use the default password ^%%
#path to mysql socket
MYSQL_SOCKET/var/run/mysqld/mysqld.sock
#mysql port
#MYSQL_PORT 3306
#mysql options (leave alone)
MYSQL_OPT 0
#name of mysql database
MYSQL_DATABASE vpopmail
[vchkpw] [SPAM] Using onchange with jms1 mailhub (update-qmail service)
Anyone else using John Simpson's mailhub technique (http://qmail.jms1.net/mailhub.shtml) for filtering inbound email? I'm triggering a rebuild of the valid recipient list via vpopmail's onchange feature, with the following script (comments removed for brevity): #!/bin/sh PATH=/usr/bin:/bin logger -t onchange $* echo onchange $@ /tmp/update-qmail But I think I've run into an issue where vpopmail blocks until the completion of the write to pipe /tmp/update-qmail. This is problematic when someone is deleting a bunch of users, because they end up waiting for one deletion to complete before doing another, and the qmail-updater service rebuilds the list of valid recipients repeatedly. I added the trailing to the echo command, in an attempt to get it to run in the background, but it hasn't helped. Has anyone else seen this? I'd really like to modify the setup so that the update script flushes the pipe whenever it can; accepting multiple lines of onchange data each time. -- Tom Collins t...@tomlogic.com !DSPAM:4f5687dd34174670517420!
[vchkpw] OT: Dovecot for POP3?
Many of us have switched from Courier to Dovecot for IMAP, I'm wondering if others have also switched from qmail-pop3d to Dovecot for your POP server. I have a client who insists on using POP and leaving lots of messages (~4000) in his inbox. That's starting to cause problems with qmail-pop3d. I'm thinking that switching to Dovecot might solve that problem. Thoughts? -Tom !DSPAM:4e172d9a32711168372950!
Re: [vchkpw] vpopmail v5.4.33 added as a development version
On Feb 3, 2011, at 8:06 AM, Matt Brookings wrote: - Changed relevant quota code to use storage_t 64bit type Matt, How will other programs (like qmail, QmailAdmin and the POP/IMAP servers) handle 64-bit quotas? Is this only for the vusagec/vusaged setup, or does it affect maildirsize as well? -Tom !DSPAM:4d4b4c2b32717265421466!
Re: [vchkpw] Strane problem with vmoddomlimits and 2GB limit
On Feb 1, 2011, at 8:17 AM, Alessio Cecchi wrote: Is vpopmail/vmoddomlimits unable to manage quota more than 2GB but can manage quota of 2GB -1 byte? Some quota code uses a signed 32-bit value so, yes, 2GB - 1 is the maximum you can represent in that datatype. I believe more recent versions of vpopmail have a new vusage client/daemon to manage quotas, and it supports larger quotas. Keep in mind that the old maildirsize standard is implemented in multiple locations. vdelivermail, qmail-local, your POP and IMAP server, QmailAdmin, vmoddomlimits, vmoduser, etc. All of them would need to be reviewed to ensure they work correctly for larger sizes. One proposed fix is to switch to unsigned 32-bit, but that only gets you to 4GB. I think others have proposed 64-bits, or even just storing kbytes instead of bytes in the file. I'm sure others will chime in with advice and guidance. -Tom !DSPAM:4d498e8032711471915979!
Re: [vchkpw] DKIM?
Manvendra, Do you have a page on how to configure DKIM after patching qmail? Or is it in the dkfilter man page as part of the patch? -Tom On Jan 26, 2011, at 9:24 PM, Manvendra Bhangui wrote: On Thu, Jan 27, 2011 at 10:39 AM, Tom Collins t...@tomlogic.com wrote: Any advice on setting up DKIM to sign outbound mail on my vpopmail server? I've spent some time looking around at various patches and I'm a little overwhelmed. I host about 150 domains, and I don't want to mess around with setting up unique keys for each hosted domain. I'm fine with signing all mail using the server's hostname and a single signing key. I'm not really interested in verifying DKIM signatures on inbound mail, unless it will significantly cut down on spam. Any pointers on getting a simple setup in place? At the risk of beating my own drum, I have a patch for netqmail. You can set the QMAILQUEUE environment variable to point to /var/qmail/bin/qmail-dkim You need to set DKIMSIGN environment variable for signing. http://sourceforge.net/projects/indimail/files/netqmail-addons/qmail-dkim-1.0/dkim-netqmail-1.06.patch-1.5.gz/download !DSPAM:4d44836c32711134018752!
[vchkpw] Block all .html attachments?
I've seen a huge increase in spam making use of .html attachments, and I'm considering outright blocking of all .html attachments. Has anyone else done this? Any thoughts on the number of legitimate .html attachments I'd be blocking? -Tom !DSPAM:4c407ddb32711400178195!
Re: [vchkpw] Block all .html attachments?
I'm not proposing it for the list, I'm considering it for my own email hosting. My understanding is that HTML email doesn't use .html attachments, so it shouldn't be affected. -Tom On Jul 16, 2010, at 8:59 AM, Joshua Megerman wrote: I've seen a huge increase in spam making use of .html attachments, and I'm considering outright blocking of all .html attachments. Has anyone else done this? Any thoughts on the number of legitimate .html attachments I'd be blocking? HTML Email is an abomination in the eyes of this (and many other) email administrator. There's no reason for HTML encoded email on this list, let alone .html attachments IMHO. I say kill it. Josh Joshua Megerman SJGames MIB #5273 - OGRE AI Testing Division You can't win; You can't break even; You can't even quit the game. - Layman's translation of the Laws of Thermodynamics vpopm...@honorablemenschen.com !DSPAM:4c4085be32717806057338!
Re: [vchkpw] Re: Trash folder maintenance
On Mar 8, 2010, at 7:32 AM, Ryan Anderson wrote: From a cron job, we use find to remove the old files from the Maildir. Just make sure you test it thoroughly, and try it out on your own email account first! You don't want to get the time parameters to `find` wrong, and you certainly want to make sure you're limiting the search to .Trash and .Deleted Messages folders so you don't trash someone's Inbox. -Tom !DSPAM:4b96599f32711289955855!
Re: [vchkpw] Trash folder maintenance
On Mar 2, 2010, at 3:31 PM, Trey Nolen wrote:
In the past, we have been using Sqwebmail to remove email from the Trash
folder periodically (by default 7 days). Now, we have migrated to a new
server using the new Vpopmail which no longer supports Sqwebmail. We have
moved to SquirrelMail for our main webmail interface. I would still like to
be able to remove deleted items after 7 days. I have seen the Proon plugin
for SquirrelMail, but I believe it is too complex for most users, and it also
will not let us specify global defaults. Does anyone out there have a
solution they are using?
It's a bit of a hack, but here's what I'm doing right now:
#!/usr/bin/perl
$|++;
$days = 60;
@globs = (
'*/*/Maildir/.Trash*/{cur,new}',
'?/*/*/Maildir/.Trash*/{cur,new}',
'*/?/*/Maildir/.Trash*/{cur,new}',
'?/*/?/*/Maildir/.Trash*/{cur,new}',
'*/*/Maildir/.Deleted Messages*/{cur,new}',
'?/*/*/Maildir/.Deleted Messages*/{cur,new}',
'*/?/*/Maildir/.Deleted Messages*/{cur,new}',
'?/*/?/*/Maildir/.Deleted Messages*/{cur,new}'
);
$c = 0;
print Deleting mail in .Trash and .Deleted Messages folders, over $days days
old.\n;
foreach $path (@globs)
{
while ($name = glob ('/home/vpopmail/domains/' . $path))
{
opendir (D, $name);
while ($f = readdir(D))
{
# skip non-files
next if (! -f $name/$f);
$t = -M $name/$f;
if ($t $days)
{
unlink $name/$f;
$c++;
}
}
}
}
print Deleted $c messages over $days days old\n;
-Tom
!DSPAM:4b94359132711951920405!
[vchkpw] SpamAssassin Y2K10 bug
If you're running SpamAssassin, be aware that it has a rule that's adding points to all mail with a 2010 date. You can fix it by adding the following to your local.cf and restarting spamassassin. score FH_DATE_PAST_20XX 0.0 See https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6269 for details. -Tom !DSPAM:4b3e8b8e32711044297984!
Re: [vchkpw] vdeliver perimission denied for vadddomain -u
Sorry to just jump in at a random point in the conversation, but here are some thoughts. If you su to the mike4 user, can you run ~vpopmail/bin/vdelivermail (i.e., do you have execute access on the file)? It needs to be able to do that. Can you cd into the directory with email for that domain? Maybe a higher-level directory prevents you from changing into it (you'll likely have to cd directly to it). I think that vdelivermail is self-contained, so you probably don't need to have access to other binaries. Qmail-local runs with the uid/gid in the users/assign file. -Tom !DSPAM:4b1848d732711437321215!
Re: [vchkpw] vpopmail 5.5 SVN domain quota fix
On Sep 17, 2009, at 10:21 AM, Harm van Tilborg wrote: + if (((vl.diskquota) (bytes = (vl.diskquota * 100))) || ((vl.maxmsgcount) ((count = vl.maxmsgcount Maybe I'm doing too much embedded programming, but seeing the * 100 makes me worry about overflow. If vl.diskquota is a 32-bit integer and you have a 5000MB quota, I think that the multiplication will overflow (5 billion can't be represented in a 32-bit int). Safer to divide bytes by 100 and do the comparison. You'll get the same results. -Tom !DSPAM:4ab52be932711625198986!
Re: [vchkpw] imap before smtp
Even if it's possible to set up imap-before-smtp, you'll be much better off if you have your clients use SMTP AUTH instead. More reliable, more predictable, and supported by almost every email client out there. If you really want to try it, consider Dovecot instead of Courier. I think dovecot uses vchkpw, and is probably going to be easier to configure. -Tom On Sep 16, 2009, at 11:51 PM, kengheng kengh...@mysql.cc wrote: Dear All, would like to check if there is anyway to do imap before smtp relay ? I'm using courier-authlib-0.60.2 with courier-imap. Thanks. -- Best regards, KengHeng. Chan Mobile : +6-016-717-0273 SQL Technology Sdn Bhd http://www.mysql.cc c...@mysql.cc !DSPAM:4ab244f532711143630341!
Re: [vchkpw] Released updated 5.4.28 tarball on SourceForge
If it was modified, you should increment the version number. In 3 months, when someone reports a bug, how will we know which 5.4.28 they're running? -Tom On Sep 2, 2009, at 10:56 AM, Matt Brookings m...@inter7.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Adds a fix for long domain names - -- /* Matt Brookings m...@inter7.com GnuPG Key FAE0672C Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkqesbUACgkQIwet2/rgZyziCQCfX/KidAvmWXWWo8oqOyEszve/ pLYAmQFkxPPSBjUfwiSVZzAwNVx5apaz =vX+w -END PGP SIGNATURE- !DSPAM:4a9ec44932714432088647!
Re: [vchkpw] vpopmail UID/GID hardcoded in config.h
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Aug 17, 2009, at 4:03 PM, Matt Brookings wrote: Itamar Reis Peixoto wrote: storing uid / gid in a config file will be light Lighter than accessing an authentication database, agreed. Like I said, I'm hoping to add configuration API to vpopmail that will replace all the configure-time options and settings. The vusage client and daemon use some admittedly rather older and hastily put together configuration code, that really isn't as efficient as it should be, considering the vusage client is built for speed. How often does the code actually reference the UID/GID? Could you have a function to look it up and cache it in a static once found? A quick check and it looks like it's only referenced when adding a user or updating the tcp.smtp.cdb file. There are a few other references, but the common things (like vchkpw and vdelivermail) don't appear to make use of it. Probably not a big deal to use getpwnam. - -Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFKizqBve7eT9VwhJURAo3GAJ0bvRwBCEINbHu1Aajl4oDNwTjnbACaAtMP gtLjiLcK09pkh34A6qBFGBI= =472+ -END PGP SIGNATURE- !DSPAM:4a8b3a9032712083014635!
Re: [vchkpw] quota limit upto 2gb
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Jul 14, 2009, at 12:33 PM, Matt Brookings wrote: The 5.5 branch uses 64bit integers for storing and comparing quotas, so yes, 5.5 can set quotas above 2gb. Furthermore, the latest development version looking to go stable, 5.4.28, has changes to use these same 64bit integers and has support for the vpopmail usage daemon. So it's not using Maildir++ anymore, right? Will we need to do anything to qmail-smtpd and the various POP/IMAP servers to remove Maildir++ support so they don't waste time updating the maildirsize file? - -Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFKYKh3ve7eT9VwhJURApBfAJ9uNxSnOYhvh50ybPqrMNMEDLzB+gCeOYog 0vJ1/ryKsxvgQZgVtoK4iAQ= =0Lpz -END PGP SIGNATURE- !DSPAM:4a60a88232714233911252!
Re: [vchkpw] vdelivermail stdout to Dovecot deliver
On Mar 30, 2009, at 7:32 PM, Rick Romero wrote: What I'm trying to work around with this method is to handle user-specific .qmail directives. Dovecot doesn't do that, and that is why I can't full out replace vdelivermail with deliver. What if vpopmail was updated to store a user's .qmail file as domain.com/.qmail-user instead of domain.com/user/.qmail? Granted, with a lot of users you end up with a huge number of files in the domain directory, and that will have an impact on performance, but it might be a solution to your problem. We'd have to make other changes to the codebase so the alias/forward routines ignored .qmail- user files that belonged to actual POP/IMAP accounts. -Tom !DSPAM:49d4b73032681666196558!
Re: [vchkpw] Deleting primary domain; keeping alias domains
Instead of jumping all of these hoops, I find that it's easier to manually remove the real domain from all files in /var/qmail/controls and its entry in users/assign. Then edit the alias entry in users/ assign to have the new real domain in the second column. You'll have to run qmail-newu, qmail-newmrh and -HUP qmail-send. Keep the directory name the same to avoid breaking .qmail files, autoresponders, mailing lists, etc. If you really want to rename the directory, create a symlink with the old name. (You'll still want to grep the config files of each mailing -Tom (Sent from my iPhone) !DSPAM:49d582f732681184643329!
Re: [vchkpw] Opinions needed
On Jan 22, 2009, at 1:43 AM, Matt Brookings wrote: Where do you come up with 128bit from? On most systems a 'long long' is going to be a 64bit integer. That's what I'm currently using. Sorry, you're right on that. Why isn't it enough to keep the current quota system, and just update all related code to use a long long (64 bits) for the byte counter? Will quotas ever grow that huge? In the next 10 years? You could even keep the 32 bit numbers, and just update all quota- checking code to round sizes up to the nearest KB -- now you're able to have quotas up to 2000 GB (2TB). Since a single email isn't going to be 2GB, each entry in maildirsize can still be a 32-bit int and you may not have to modify qmail or the POP/IMAP servers. You only need to update the code that rebuilds the file and checks for an overquota condition. -Tom !DSPAM:497a2d9e32683946919024!
Re: [vchkpw] Opinions needed
On Jan 21, 2009, at 6:46 AM, Matt Brookings wrote: My question is this; would anyone ever require a quota below a megabyte, or, would any application ever really need to know about specific usage counts below a megabyte? When calculating usage, I'm thinking about making the smallest measure of unit a megabyte storing the result in a 64bit unsigned integer. The 64bit value is almost a requirement, but making the smallest unit of measure a megabyte, should future-proof for quite a bit longer. Two thoughts on quotas. You're going to have to deal in sub-megabyte numbers, since the size of most messages are measured in KB. Maybe you could track the quota in kbytes, rounding up/down as necessary? All programs that deal with the quota (maildirsize file) will have to use 128-bit numbers (long long?) or whatever new method you come up with. This includes not just vpopmail, but your IMAP server and potentially maildrop and qmail (if you have any .qmail files that are handled by qmail and not vdelivermail). Maybe they can use a dynamically linked library? -Tom !DSPAM:4978006832684277763451!
Re: [vchkpw] vpopmail development
On Jan 6, 2009, at 3:54 AM, aledr wrote: There's a lot of patches on SourceForge tracker to be accepted and I have my own patches and improvements for vpopmail that I would like to see in the package. There's no activity on the SF CVS for months, is It in active development yet? It's not in active development. All of the past lead developers on the project (including myself) have been too busy to dedicate any time to it. Some of the patches on SourceForge won't ever go into the mainstream releases (as least as far as I'm concerned), but remain available for those who want to add that functionality. Unfortunately, doing anything with vpopmail and qmailadmin has moved very far down my to do list. -Tom !DSPAM:49665a2332672864611840!
Re: [vchkpw] CentOS 5 64 bit vchkpw segfault - vpopmail 5.4.9 - softlimit related
On Oct 22, 2008, at 9:42 AM, Paul Oehler wrote: Thanks for the suggestion Ken. I finally got around to testing this, and unfortunatly the vchkpw segfaults continue even after recompiling without any compiler optimization flags. The error in the messages log looks like this: kernel: vchkpw[7073]: segfault at ffb8 rip 0047e84c rsp 78eaf898 error 6 Anybody have any tips on how to debug this further? Grep the changelog of the latest vpopmail for 64. I think we made some changes after 5.4.9 that fixed segfaults on some 64-bit platforms. I also recall a compiler option like -fPIC getting used at some point. Sorry I don't have time to research further. Hope this is enough info to point you in the right direction. -Tom !DSPAM:490094d232311638721458!
Re: [vchkpw] CentOS 5 64 bit vchkpw segfault - vpopmail 5.4.9 - softlimit related
On Aug 27, 2008, at 8:35 AM, Paul Oehler wrote: In the ChangeLog for 5.4.10 I see this: Stephan Tesch - md5.h: fix related to segfaults in vchkpw on Sparc64. [1144851] What's the likelyhood that is related? Very high. I think 5.4.13 contained a more important fix for 64-bit when compiling Courier-IMAP against libvpopmail: Compile libvpopmail with -fPIC option so amd64 users can compile courier-authlib against libvpopmail.a. I recommend upgrading. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:48b6c3e632311686415078!
[vchkpw] [OT] I'm afraid I wasn't able to deliver your message...
I host email and websites for a few friends, in addition to the commercial hosting I do, and I really got a kick out of this email I received last night from a friend's 11-year-old son. I guess he just expects qmail to try harder... ;-) -Tom Begin forwarded message: From: Quinn [EMAIL PROTECTED] Date: May 14, 2008 8:22:58 PM PDT To: [EMAIL PROTECTED] Subject: Re: failure notice Delivered-To: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] do better next time On May 14, 2008, at 8:20 PM, [EMAIL PROTECTED] wrote: Hi. This is the qmail-send program at rusty.tomlogic.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. marisa [EMAIL PROTECTED]: Sorry, no mailbox here by that name. (#5.1.1) !DSPAM:482c6ca332351373910016!
Re: [vchkpw] verbose logging ?
On Apr 30, 2008, at 9:33 PM, Sam Ami wrote: is there any way to stop the verbose logging from vpopmail ? 2008-05-01 10:22:17.376833500 delivery 702: success: name:___j.smith/passwd:_$1$Zggeh/pj$XjL4HfIfnfApCOCzmkInk./ clear_passwd:_#878T8vR/comment/gecos:_j.smith/uid:1/gid:0/ flags:__0/gecos:_j.smith/limits:_No_user_limits_set./dir:___/ home/vpopmail/domains/mydomain.tld/1/j.smith/quota:_NOQUOTA/ usage:_NOQUOTA/account_created:_Thu_May__1_12:25:03_2008/ last_auth:_Never_logged_in/forward:_qp_14873/did_0+0+1/ Do you have a call to vuserinfo in your .qmail-default file for some reason? That's what this output looks like... -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:4819bafd120509660958785!
Re: [vchkpw] Enable / disable pop access
On Apr 17, 2008, at 10:39 AM, Wouter van der Schagt wrote: Hi all, i have a question. I know with moduser -p domain.com i can disable pop access. And i know with -x i can clear all bits and enable it again. However i dont want to clear all bits.. i just want to flip the -p bit. Any ideas? - Wouter Unfortunately, no easy way. Some time ago, the developers had discussed different options (using + and - before each flag to set and clear), but nothing ever came of it. Having checkboxes in QmailAdmin would be a nice way to handle it as well, if someone had some time to add it. -Tom !DSPAM:480d7de0120501378613894!
Re: [vchkpw] not auto-learning passwords
On Apr 14, 2008, at 3:46 PM, D. Hilbig wrote: If I do a plaintext login which will check against the hashed password stored in the SQL table, I can login with any password. However, a CRAM-MD5 login (which checks against the clear password) with any password will fail. If both the hashed password and clear password in the SQL table are NULL (empty), I'd expect the behavior to be the same regardless of CRAM- MD5 or plaintext. IIRC, this was intentional. It's impossible to learn a password via CRAM-MD5, so we fail until we can learn a password through some other method. Password learning happens in vchkpw, but I guess it should move into vpopmail so any app calling the API can have a password learned. And to those who recommend Dovecot, it probably doesn't do learning either, for the same reasons. I just checked courier 3.0.8, and it looks like it should update the password... I checked dovecot 1.0.10, and found this, Thanks to Courier-IMAP for showing how the vpopmail API should be used. It doesn't appear to have code that updates the password. Unfortunately, there's no way to update libvpopmail to have it learn the password. We'll have to update the individual apps (courier and dovecot) and get the maintainers to accept the changes into the next release. -Tom !DSPAM:48043658120501762112807!
Re: [vchkpw] Disable non webmail IMAP access
On Mar 5, 2008, at 6:58 PM, Patrick Grimm wrote: I am not restricting imap access to web client only but my understanding is courier CAN use vchkpw. Courier uses the vpopmail API to authenticate users instead of using the vchkpw command-line program. Since the authentication API doesn't include IP address or reason for authenticating (POP, IMAP, webmail, SMTP AUTH, QmailAdmin login, etc.) the courier authvchkpw module doesn't make use of the access- restriction flags. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:47d163e4120501677339429!
Re: [vchkpw] Postmaster email quota management.
On Mar 3, 2008, at 12:13 AM, Tariq Azad/OPS wrote: i want to give previledge to postmaster to change email quota in qmail admin. How can i do that.Can any body help on this. Configure qmailadmin with the --enable-modify-quota option. -Tom !DSPAM:47ccedcb120506567532625!
Re: [vchkpw] Disable non webmail IMAP access
On Feb 29, 2008, at 12:45 AM, Alessio Cecchi wrote: With vmoduser would seem simple: ~/vpopmail/bin/vmoduser -i [EMAIL PROTECTED] but but in reality does not work, in fact the command totally disables access to IMAP. There is someone who is able to disable access IMAP except for webmail (login via localhost) ? Recent versions (like the past year, at least) include a list of IPs for which IMAP connections are considered webmail and don't get rejected for users who don't have IMAP access. Look in vchkpw.c for a 127.0.0.1 -- that's where the list is. -Tom !DSPAM:47c84501120506094020535!
Re: [vchkpw] Courier-Authlib Enhancement Requested
On Feb 28, 2008, at 2:55 PM, Steve wrote: If you are using it, do you know for sure? Anything I should know that is missing? Can't guarantee that it will fit all of your needs, but I'm very pleased with the performance improvement of replacing courier-imap with dovecot. Especially for some of my clients with 1GB+ mailboxes. Well worth the time spent upgrading. -Tom !DSPAM:47c799dc120501787114668!
Re: [vchkpw] Re: Double bounce message
On Jan 25, 2008, at 5:01 AM, ckubu wrote: than create a file named alias-home/.qmail-dev-null with content: | cat /dev/null Easier to just put a # in .qmail-dev-null. Same effect without having to launch cat and pipe the email message through it to /dev/null. -Tom !DSPAM:479a1309310541499614883!
Re: [vchkpw] local delivery failure when forwarding messages
On Jan 5, 2008, at 4:46 AM, Charlie Garrison wrote: 2008-01-05 21:58:01.211526500 delivery 32: deferral: Unable_to_forward_message:_unable_to_exec_qq_(#4.3.0)./ This error message means that it's having trouble running qmail- queue, probably as called from qmail-inject. -Tom !DSPAM:477fbab3310541028110374!
Re: [vchkpw] Upgrade to Vpopmail 5.4.26 and .qmail-default issues
On Jan 2, 2008, at 1:29 AM, Matthew Goodman wrote: ---.qmail file for users without any maildrop rules to run--- |/var/vpopmail/bin/vdelivermail /var/vpopmail/domains/%d/%u/Maildir No! You don't want to do this. Reminder to everyone in the world -- vdelivermail should only be in your .qmail-default file. Never anywhere else. I'm not sure I understand why your installation of 5.4.26 isn't working -- if there isn't a .qmail file, the message should just go into the user's maildir. If you absolutely MUST have a .qmail file, it will just contain a single line -- the path to that user's Maildir. Keep in mind that with directory hashing, their maildir might not be in domains/%d/%u/Maildir. You could try using just ./Maildir and see if that works -- I think vdelivermail is already in the user's directory when it's parsing the .qmail file. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:477bb968310541098019786!
Re: [vchkpw] Upgrade to Vpopmail 5.4.26 and .qmail-default issues
On Jan 2, 2008, at 10:59 AM, Matthew Goodman wrote: To my understanding, --enable-valias just stores alias info into the mysql database. This should not be affecting the delivery of email to non-aliased email, should it? Correct. --enable-valias means that instead of using .qmail-alias files in the domain directory, aliases are stored in the database. It does not affect individual user .qmail files. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:477be152310542880817634!
Re: [vchkpw] Upgrade to Vpopmail 5.4.26 and .qmail-default issues
On Jan 2, 2008, at 3:05 PM, Matthew Goodman wrote: @4000477c1866206baccc delivery 30202: deferral: /usr/bin/maildrop:_Unable_to_create_a_dot-lock_at_/var/ vpopmail/./.maildir/25184.0.ark.// I see a few of these... aside from the usual Unable to create log file error that maildrop kicks out for aliases or emails that don't belong to actual accounts. Any ideas? Why does maildrop want to use .maildir instead of Maildir? Odd that it wants to use the vpopmail directory instead of a user's directory as well... -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:477c2eeb310543570762282!
[vchkpw] [OT] IMAP Servers: Dovecot or Binc?
Courier-IMAP seems to be putting a heavy load on my server when someone accesses a mailbox with a large number of messages in it. I recently scanned the mailboxes on my server, and sent some notices out to clients who had boxes with old, unread messages in them. I think that today some have gone online to pick up that mail, and I'm suffering the consequences (server load of 14.0+). What's the preferred IMAP server for a machine that will have 100-200 connections (plan for growth...) but may have an occasional mailbox with 1000+ messages in it. I've searched the archives and tried to google for imap server performance and imap server comparison but haven't come up with much after an hour. My impression is that Dovecot performs well, better than courier, but I'm wondering if anyone can offer up some real-world numbers to help me make my decision. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:47696ce032001469882697!
Re: [vchkpw] Create .qmail files when using vadduser
On Dec 14, 2007, at 5:04 AM, aledr wrote:
What is the best way to create .qmail files automatically when adding
the user with vadduser command?
Should I create an script to add the users and then find its directory
('cause 0/user, 1/user...), or patch vpopmail.c?
You could use the onchange feature of the recent versions of
vpopmail. Vpopmail would call your script whenever a change
happened, your script could check for the adduser event, use the
vuserinfo -d command to get the directory, and then create the .qmail
file.
--
Tom Collins - [EMAIL PROTECTED]
Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/
QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
!DSPAM:4762ab1532002047515320!
Re: [vchkpw] Qmail Courier-Imap (authlib) and Vpopmail trouble
On Dec 8, 2007, at 4:26 PM, Thiago Camargo Martins Cordeiro wrote: My system is: uname -a Linux devel 2.6.18-xen #1 SMP Mon Dec 3 18:30:06 BRST 2007 x86_64 GNU/Linux I got the same problem on x86_32 too. Always inside a PVM of XEN, out of XEN, vchkpw works fine. I do a workarround with my patched qmail (AUTH_CDB patch) from JMS qmail patch, onchance script maintain a /var/qmail/control/auth.cdb in sync with vpopmail user db, so I can login via smtp-auth with AUTH_CDB qmail patch. But I'd like to see vchkpw working fine inside a virtual machine... :) Is it possible to compile and install vchkpw with debugging information, so we can find out which call to strstr() called the segfault? Or is it the getrlimit() call from the strace? Maybe you could email me a more detailed trace off-list and I'll try to find the section of code that's actually crashing? If you grep through the ChangeLog for 64, you'll see that we've made various changes to support 64-bit over the past few years. I'm guessing that this is another 64-bit issue, maybe one that only comes up on machines with lots of RAM? -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:475d7c7332006819015875!
Re: [vchkpw] Qmail rejection of overquota messages instead of bouncing
On Dec 9, 2007, at 6:03 AM, [EMAIL PROTECTED] wrote: I'm using John Simpsons last combined patch... I'm trying to know if I could any way... cause qmail to reject messages at smtp dialogue if users we're trying to deliver is overquota instead of bouncing it... black lists are nowadays becoming quite crazy IMHO but they're know blacklisting this servers who bounce overquota... well infact now all servers that bounce directly... it would be a nice idea to reject messages for overquoted mailboxes... I've proposed the following solution, a few times over the years, and I still think it's a good one. It would fit your needs (and most people's needs) well. Someone needs to make a qmail-smtpd patch that calls an external program to verify an account. That way, there's a single qmail-smtpd patch and you can come up with whatever program (chkuser, validrcptto, etc.) you want to verify an account. You'd pass in the sender's address and the attempted recipient address. The program can have different exit codes for different conditions, and can even output a custom reject message. This would allow for handling lots of conditions: * Temporary failure, user is over quota * Permanent failure, user is over quote * Permanent failure, account does not exist * Permanent failure, account closed, please use [EMAIL PROTECTED] instead * Accepted * Accepted (by catchall) * Rejected, this account does not accept mail from [EMAIL PROTECTED] Hopefully someone with some time on their hands will take this on. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:475d7dd032002197873115!
Re: [vchkpw] hyphen in local address part
On Dec 5, 2007, at 12:52 AM, Hartmut Wernisch wrote:
823 #ifdef QMAIL_EXT
824 /* format the file name */
825 if (strlen(TheExt)) {
826 strcpy(tmpbuf,.qmail-);
827 strcat(tmpbuf,TheExt);
828 if ( (fs = fopen(tmpbuf,r)) == NULL ) {
829 for (i=strlen(TheExt);i=0;--i) {
830 if (!i || TheExt[i-1]=='-') {
831 strcpy(tmpbuf,.qmail-);
832 strncat(tmpbuf,TheExt,i);
833 strcat(tmpbuf,default);
834 if ( (fs = fopen(tmpbuf,r)) != NULL) {
835 break;
836 }
837 }
838 }
839 }
840 } else {
841 fs = fopen(.qmail,r);
842 }
843 #else
844 fs = fopen(.qmail,r);
845 #endif
I think I know what the problem is, and it should be a simple fix.
Before line 823, add:
fs = NULL;
Remove lines 840 - 845 and replace with the following:
840 #endif
841 if (fs == NULL) fs = fopen (.qmail, r);
Hartmut, can you test this fix? Rick, can you get this into the next
vpopmail release if Hartmut reports it as good?
--
Tom Collins - [EMAIL PROTECTED]
Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/
QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
!DSPAM:4756f8b332001478990189!
Re: [vchkpw] mysql sourcing read/update server config file
On Dec 5, 2007, at 2:51 AM, Hartmut Wernisch wrote: So now I am wondering why line 197-202 is setting the values to MYSQL_READ_SOCKET and MYSQL_READ_PORT instead of MYSQL_UPDATE_SOCKET and MYSQL_UPDATE_PORT? In my opinion these values should be set to MYSQL_UPDATE_SOCKET and MYSQL_UPDATE_PORT? You are correct, and that probably fixes an outstanding bug report on SourceForge. Most people use the same info for read and update, so no one has fixed the problem before. Rick, another fix for the next release. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:4756f8ce32009276917098!
Re: [vchkpw] mysql sourcing read/update server config file
On Dec 5, 2007, at 5:49 PM, Rick Widmer wrote: Tom: Do you have the tracker number? I did not see anything that jumped out at me from the open reports, or even the first 50 any entries. Maybe it was something that I saw on the list. I went in and looked at the trackers and didn't see anything. -Tom !DSPAM:4757804532001552416675!
[vchkpw] [OT] VPS recommendations to offload spam/virus scanning?
One of my hosting servers has become overwhelmed with processing inbound mail, and it's affecting the web and POP/IMAP hosting too much. I feel that it will be easier to move spam/virus scanning off to another machine than it will be to try splitting my customers across two servers (I do not want to move web and email hosting for a bunch of domains). I'm currently considering a VPS (virtual private server) solution, and it looks like I'll be fine with a server that provides 512MB of RAM and a minimal amount of disk space. Can anyone recommend a hosting company that they've been happy with? My plan is to do a full Shupp Toaster install, but leave out apache and SquirrelMail. I'll use rsync from my main server to sync ~vpopmail/domains (minus Maildir directories) so chkuser will work. I'll sync the appropriate files from /var/qmail/control, and add an smtproutes file built from the rcpthosts and morercpthosts files (it will just point to my server's IP). If, over time, the VPS becomes overloaded, I should be able to pay for a larger resource allocation with my VPS provider, or just duplicate the VPS and start another instance with it's own IP and have equally-weighted MX records point to each. I'd probably even host the VPS copy with a different provider for redundancy. Thoughts? Recommendations? -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
[vchkpw] chkuser and qmail ext
What am I doing wrong with my chkuser setup? I want to have an alias of .qmail-fred, yet allow email to be accepted for .qmail-fred-something. I'm using chkuser 2.0.8. Do I need to create .qmail-fred-default and define CHKUSER_ENABLE_ALIAS_DEFAULT? I have CHKUSER_ENABLE_USERS_EXTENSIONS defined, but it only seems to apply for users and not aliases. If I have a .qmail-fred-default, will email for fred come in, or will it only work for fred-something? -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] vpopmail or qmail problem?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Oct 2, 2007, at 7:19 PM, John Simpson wrote: and knowing qmail like i do, i suspect there's nothing wrong with qmail-local except maybe some error or warning condition that it's silently ignoring, where we might wish it would complain about, so we know what's happening and can fix it. My quick guess: .qmail-bob-clamav is a blank file, when you really want a single line with # and nothing else. Blank files are ignored; a file with a comment will be treated like delete. If you want to go even further, take a look at the bouncesaying program that's a part of qmail. You can use it to bounce messages for a particular address with a message of your choice. - -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFHAyzLve7eT9VwhJURAqbSAJ9+ec4cQbhWgqc8pzq9hf+c6gXxFQCeJtj3 httVt1yz3q31XBSK/Rmmjmg= =3+dY -END PGP SIGNATURE-
Re: [vchkpw] vpopmail or qmail problem?
On Oct 3, 2007, at 1:53 AM, Andy wrote: jedi padawan.org # cat .qmail-kindred-clamav | /var/vpopmail/bin/vdelivermail '' delete There's your mistake. What's happening is qmail-local hands the message off to vdelivermail (because you told it to), which looks for an account kindred-clamav (which it does not find), then an account named kindred (which it does) and then delivers to kindred. domain.com/.qmail-alias files are only read/processed by qmail- local. vdelivermail only looks at accounts (in whatever backend you're using) and possibly valias entries in a database. Rick, can you put this somewhere in the documentation: VDELIVERMAIL SHOULD ONLY APPEAR IN YOUR .qmail-default FILE. IF YOU PUT IT ELSEWHERE, IT WILL NOT DO WHAT YOU EXPECT IT TO DO. Solution: echo # .qmail-kindred-clamav Or to bounce the email: echo |/var/qmail/bin/bouncesaying 'Invalid account' .qmail- kindred-clamav -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] vpopmail 5.4.24 released
On Oct 1, 2007, at 6:02 AM, DAve wrote: I am not a developer, and I didn't sleep in a Holiday Inn last night. I would like to know what is going on and just maybe, when I am certain it may be a good thing, comment. Could I subscribe to the dev list? I would absolutely understand a no answer and not give it a second thought. I think if you go to the vpopmail Sourceforge page (see my .sig) you can find the link to subscribe. The developer list is open to anyone who's interested. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Possible problem with nested pipes in vpopmail 5.4.18?
On Sep 27, 2007, at 6:16 PM, Tren Blackburn wrote: However as soon as I append another pipe like so: cat .qmail-default |/home/vpopmail/etc/qmail-pipe |/home/vpopmail/bin/vdelivermail '' bounce-no-mailbox (I'm working offline, so apologies if an answer has already shown up on the list). If qmail-pipe doesn't alter the contents of the message, then you wan this: cat .qmail-default |/home/vpopmail/etc/qmail-pipe |/home/vpopmail/bin/vdelivermail '' bounce-no-mailbox With that setup, qmail-pipe's exit code will tell qmail-local to defer delivery if necessary. If it does alter the contents, then you want to make sure you're not passing any output to vdelivermail. I'm not an expert on pipes, but you may have to break the pipeline somehow for the qmail-pipe exit code to get through to qmail-local. Otherwise, it really doesn't matter how qmail-pipe exits, the message will continue to flow through the pipeline. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Shared libvpopmail thoughts
On Sep 25, 2007, at 6:31 AM, Joshua Megerman wrote: Perhaps the first step is to document the API as it currently stands, and give people the option to build a shared library with the caviat that if you reconfigure vpopmail, you need to rebuild those things that link against it. That would be a 5.5 branch, since it doesn't change the current functionality (much). Then we can in parallel start developing the truly stable API and other changes that will become 6.0, and when we do we can increment libvpopmail.so to indicate the ABI difference. I would love to see this happen, but it is going to take a considerable amount of work. I'm willing to provide lots of input on the API, but really don't have time to contribute actual code. I can help out with documenting some of the ways that QmailAdmin interfaces with vpopmail. Getting a new version of QmailAdmin to compile to a shared vpopmail lib with a single vpopmail.h to describe the API would be great. As it is now, QmailAdmin actually uses vpopmail's config.h file at build time. That will definitely have to go. If we use two different names, could we retain backward compatibility by building a libvpopmail the way we do now (statically linked, apps may use vpopmail's config.h, etc.) in addition to the new-style, shared library with a well-defined API? -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Shared libvpopmail thoughts
On Sep 25, 2007, at 10:06 AM, John Simpson wrote: the idea of splitting the domains and mailboxes into different directories has been around forever, there's no excuse for somebody to not have made the adjustment by now. I'm all for keeping it, but someone should fix it. On my server, with a cdb backend, I have the following structure: main directory: 65 domains 0: 25 domains 1: 2 domains 2: 2 domains 3: 0 domains 4: 3 domains 5: 44 domains Just for reference, here's the .dir-control file for that server: 116 0 3 0 0 0 61 61 61 0 2 2 5 0 0 5 I'd love to see vadddomain do a better job of back-filling domains. Maybe vadddomain and vdeldomain could work together to keep directories at a balanced level. Keep track of the next directory to fill in a file (which needs to be protected by a file lock). The .dir-control file is supposed to work that way. On vdeldomain, if the domain came out of a directory less than the next_directory, update next_directory. On vadddomain, if next_directory has 100 domains after the addition, scan forward until you find a directory with 100 domains and update next_directory. It should be possible to make the code generalized enough to work for the domains directory and the individual domain directories (for managing users via vuseradd and vuserdel). -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Mysql table
On Sep 20, 2007, at 12:56 PM, Rick Widmer wrote: If I remember right, speed was the reason for separate tables, but testing showed it was not faster. I think the single table works better because all your mail users are accessing the same table, and its indexes so they stay loaded all the time. If you use separate tables it is always thrashing the cache as different files need to be accessed. If we were really looking for speed, we could move to a ng (next generation) table format that was more relational. Provide tools to migrate from the old to the new for those people who only access the data through vpopmail's APIs. Continue to support the old method for people who have home-grown apps that access the data. The domains should be in a table of their own, and the users table should index the domains table. Having an index in the users table on an int (and the resulting size savings) would be measurable. The biggest change would be updating the selects and inserts in the code. Not a huge change -- just a join between the tables. Something to consider, and perhaps discuss further (on this list or vpopmail-devel). -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] 5.4.22 + Qmailadmin...is it going to be fixed ?
On Sep 21, 2007, at 3:33 PM, Rick Widmer wrote: There is a patch for qmailadmin on SourceForge. Its tracker number is [1795973]. On the other hand, this weekend I will release 5.4.23 that backs out the change that caused this problem. I want a stable release that does not require any changes to existing code before the next batch of innovation. Thanks for that -- I'm going to try to make a QmailAdmin release, and that patch to QmailAdmin isn't really a proper solution. You'll get compiler errors from the implicit declaration of readuserquota (since it's been removed from the .h). One solution would be to keep readuserquota() as it is, and create a new function to replace it (if that's necessary). -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Re: Mysql table
On Sep 21, 2007, at 4:32 PM, Rick Widmer wrote: Comments? I think we'll get better domain alias support if you pull column `domain` out of table `Domains` and add it to the table `domain_alias`. Domain name to domain on the system is a many to one relationship, so the name should be in a separate table. I'm not sure we need to have a master and alias -- the names can all be equal with this setup. I mention it because it reduces lookups to a single query (or at least a simpler query). Instead of needing to check for the domain name in one of two tables, you just check one. Apologies if this SQL has any MySQL-flavored syntax... SELECT `user`.`password`, `user`.`flags` FROM `domain_name`, `domain`, `users` WHERE `domain_name`.`domain_id` = `domain`.`domain_id` AND `user`.`domain_id` = `domain`.`domain_id` AND `domain_name`.`name` = '%s' AND `user`.`name` = '%s' You might even want to have the limits fields go into a separate table, with one entry in that table declared default. That way, domains with default entries can all point to that single row in the limits table. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Feature Request - vmoduser addition
On Sep 20, 2007, at 12:19 AM, Quey wrote: Is it possible to have vmoduser modified so that changing a password with a new -$option changes both encrypted and clear text passwords in one run? It already does that. When you set the clear password, it also updates the encrypted password. I can't think of a time when you'd use the option to set the encrypted password directly, but it's there in case someone needs it... -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] chkuser in my secondary MX
On Aug 28, 2007, at 4:33 AM, Jean Carlos Oliveira Guandalini wrote: I need run chkuser in my secondary MX server. I followed the following steps: snip but it does not function. On the backup MX, the domain should be in rcpthosts (or morercpthosts which builds morercpthosts.cdb) and users/assign (which builds to users/cdb). It should NOT be in virtualdomains and it does not need to be in smtproutes if your primary server has a lower MX record than the backup server. If you're using the CDB-backend, you'll probably want to copy the whole ~vpopmail/domains over, excluding Maildir directories, so chkuser will work. And you'll probably want to rsync it every so often so new users and aliases go across. I rsync the whole ~vpopmail/domains directory each night so I have an off-site backup of email as well. Here's what I rsync every 5 minutes, script runs on primary mx, and I've added the primary mx's ssh key to mx2's authorized_keys file: rsync -azl --numeric-ids --exclude=Maildir --delete --exclude=lastauth \ /home/vpopmail/domains/ [EMAIL PROTECTED]:/home/vpopmail/domains/ rsync -azl --numeric-ids /var/qmail/users [EMAIL PROTECTED]:/var/ qmail/ rsync -azl --numeric-ids --exclude=*.lock \ /var/qmail/control/*hosts* /var/qmail/control/smtproutes \ /var/qmail/control/badmail* [EMAIL PROTECTED]:/var/qmail/control/ I guess if I was backing up Maildirs as well, throughout the day, I could failover to that server should the primary die a horrible death. I'd have to copy the virtualdomains file, stop the rsync, and update DNS so the backup had the lowest MX record. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] CRAM-MD5 vchkpw problem
On Aug 28, 2007, at 10:47 AM, Jonathan Selander wrote: I've set up SMTP AUTH and AUTH LOGIN works without problems, however when i try to login with mozilla thunderbird (which as far as i know uses CRAM-MD5), the login fails with the error message: Aug 28 14:39:30 mail vpopmail[16420]: vchkpw-smtp: password fail (pass: '[EMAIL PROTECTED]') [EMAIL PROTECTED]: 127.0.0.1 As if it uses the CRAM challenge as the password or something? I run vpopmail 5.4.17-6 (debian package from http:// wiki.debian.iuculano.it/quick_howto) You've got the wrong AUTH patch to qmail-smtpd. Use the one from vpopmail contrib. A long time ago I had considered modifying vchkpw to try swapping the challenge and response if the first pw check failed, but I don't think I ever got around to trying it. That would allow vchkpw to work with both the old patch (which passed the challenge and response in the wrong order) and the current one. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
[vchkpw] Off Topic: Virtual FTP Server or web-based file manager?
OK, so it's off-topic, but can anyone recommend an FTP server or web- based file manager that I can deploy on my hosting server that either integrates with vpopmail (like maybe Pure-FTPd) and has a nice interface for managing accounts? I only have two IPs for my server, so multiple clients would share the same FTP server. I'm considering having usernames that include domain names for logging in, and thought that QmailAdmin might be a good interface for managing the FTP accounts. Web may be a better way to go, because FTP is already in use by clients for managing their web content. If I use Pure-FTPd or vsftpd, it will need to be configured for both system users and virtual users. A well-designed, web-based file manager would be a great replacement for FTP. A search on SourceForge didn't turn up many promising leads. Lots of stuff that hasn't been maintained since 2004, or has less than 1000 downloads. Any recommendations? -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Using vdelivermail
On Jul 13, 2007, at 3:31 PM, Rick Widmer wrote: Bounce-no-mailbox is no longer recommended, as it allows your mail server to be used in Joe-Jobs. It now seems better to delete all mail to invalid addresses rather than spamming the random senders used by spam-bots. I still recommend bounce-no-mailbox, certainly if you have the qmail- smtpd chkuser patch installed. It's the best way to reject bogus emails at the SMTP level and avoid wasting resources on spam/virus scanning. With chkuser, is it possible to pull a joe-job? The spammer connects directly to my SMTP server, but I reject it at the SMTP level instead of generating a bounce that I then try to deliver to the actual target (the forged sender of the message). Please reconsider that recommendation. Perhaps some discussion on the list is in order... -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] alias .qmail-default do not work, qmail complains message_is_looping
On Jul 7, 2007, at 7:24 PM, Shaohui Zheng wrote: 4. I replace /var/qmail/bin/qmail-local with /home/vpopmail/bin/vqmaillocal(by following the installation docs) if I do not replace, .qmail-default can work, but I can not recevie any mail. after I install vpopmail, I try to send a mail to an nonexist account like this Don't use vqmaillocal. It hasn't been kept up to date, and is no longer supported. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Rules on linking against the vpopmail libraries
On Jun 25, 2007, at 1:58 AM, Rick Widmer wrote: I think it would because QmailAdmin includes vpopmail code at the linker level which requires it to be under the GPL license too. Late linking with .so files is acceptable, because the product does not include GPL code, and only links to an existing copy at run time. That effect is why he wants the vpopmail library to be under LGPL, but it is not. Vpopmail does make .so files now, but there are configuration options that change the library interface. If Bert can dictate to the customer what vpopmail ./configure options to use it should work. If various customers demand different settings he may need to compile a different version of his program for each. I don't know what options are safe to change and what will be a problem. Perhaps Bert could contribute to vpopmail to make it a dynamically linked library (.a instead of .so?), and to work in a way where programs like QmailAdmin don't need to pull information from Vpopmail's config.h file in order to compile correctly. I'd really like to see that in vpopmail's future, so it would theoretically be possible to upgrade vpopmail without having to recompile qmailadmin, qmail-smtpd (for the chkuser patch) and whatever other apps have a statically linked vpopmail in them. Of course, if the company Bert is working for is just going to use this software internally, then he might be OK as well (again, IANAL). I thought GPL only came into play when you sold and/or distributed binaries to other people. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Rules on linking against the vpopmail libraries
On Jun 24, 2007, at 2:35 PM, Rick Widmer wrote: Selling a commercial product that includes vpopmail code is exactly what the GPL license is designed to prevent. Why should you get to sell our labor without paying us? What if QmailAdmin had been written as a proprietary, commercial app? Would the GPL have prevented someone from doing that? IANAL, but I don't think that linking libvpopmail and using it's API would necessarily force a program to be GPL. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Farewell
On May 14, 2007, at 9:58 PM, Michael Bowe wrote: Tom Collins even popped in one day to say hello when he was on holidays in my neck of the woods (Australia). Was great to meet him in person. And it was great to meet Michael as well. Those of you who weren't using vpopmail before 2003 probably don't realize how many improvements were made back in the 5.3 days. Michael helped out considerably with documentation and making code changes to prevent buffer overflows. Take a look a the ChangeLog entries from 5.3.20 to 5.4.0 to get an idea of how much Michael helped me in improving vpopmail. Thanks for your help Michael, and if you find a suitable replacement for vpopmail that works with postfix, let us know about it! -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Re: chkuser wrongly accept emails for default@
On Apr 18, 2007, at 2:31 AM, tonix (Antonio Nati) wrote: I suggest also to introduce a new notation for rejecting users/ aliases with a custom message (i.e.: reject user has changed address. Write to [EMAIL PROTECTED]). This would be a lot more useful than barely put a generic bounce string. Until that's a part of chkuser, Stephane (and others) can use qmail's bouncesaying program in their .qmail-alias files. # cat .qmail-someaddress |/var/qmail/bin/bouncesaying 'user has changed address. Write to [EMAIL PROTECTED]' Please be aware that vdelivermail should ONLY be in a domain's .qmail- default file. Putting it into a .qmail-alias file or a user's .qmail file can introduce a mail loop (which vdelivermail should detect and stop looping) and probably won't accomplish what you want it to. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] admin forwards via email
On Apr 13, 2007, at 3:23 PM, Jeremy Kister wrote: I advocate giving separate email addresses to everyone possible. Meaning if you're signing up for an account with a new site called BigFancySite.tld, i'd give them the email address [EMAIL PROTECTED] Then I'd create a forward called bigfancysite.tld and send it to my main mailbox. This is useful because it's an instant way to see who's given out your email address as well as being able to turn off the address with ease. I've just advised users to use extended addresses. As in email [EMAIL PROTECTED] and have it automatically go into [EMAIL PROTECTED] Of course, a person could probably figure out your real email address, but in most cases you're looking at automated systems. I guess that spambots might get smart and try dropping the -whatever and +whatever extensions on some email addresses at some point... Either way, your script looks like a cool way to add a forward. Should I add it to vpopmai's contrib directory? Do you want to wait a few weeks for feedback, make updates, and then have it added? -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
[vchkpw] [SPAM] Re: [vchkpw] [SPAM] valias dont authenticate! helpzz
On Mar 13, 2007, at 12:30 PM, [EMAIL PROTECTED] wrote: I give this command: mailz#valias -i [EMAIL PROTECTED] [EMAIL PROTECTED] But, When I do an telnet localhost 143: -a login [EMAIL PROTECTED] pass -a NO Login failed. valias is used for email forwarding, and it can forward messages to any address (including remote servers). Logins only work for POP/ IMAP mailboxes. vaddaliasdomain creates a domain alias, which is treated just like the real domain name in almost all cases. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/ !DSPAM:45f7014c19878534716275!
Re: [vchkpw] Vpopmail smtp-auth
DAve, I think you've found a bug in vchkpw. For some reason, it wants to create the user's directory if it doesn't already exist. This could be related to updating the lastauth file in the user's directory. Disabling AUTH_LOGGING on that system will help, but you'll still have code trying to create the directory. Go into login_virtual_user() and get rid of everything from the comment, If thier directory path is empty make them a new one to right before #ifdef CLEAR_PASS. Let me know if that works, and I'll make changes to the release version. That code could probably be permanently removed -- the user's directory is created by vdelivermail when necessary. vchkpw doesn't need to be doing it. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Better smtp logs
On Feb 21, 2007, at 2:56 PM, Max Esquivel wrote: Is there any way to configure the smtp log to show which account is being logged in or auth'ed to send, sort of like what the pop log shows? Take a look at the chkuser patch http://www.interazioni.it/ opensource/chkuser/. It will log the SMTP envelope information, including what account authenticated. It also rejects email to non- existent users at the SMTP level, instead of waiting for it to get to vdelivermail and generate a bounce. Also consider simscan http://inter7.com/simscan/. It logs the sender, recipient, ip address and subject line of messages considered spam. You could modify it to log more headers if chkuser isn't giving you enough. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Moving vpop virtual acounts to another server
On Feb 22, 2007, at 1:58 PM, Claas Langbehn wrote: sure there is. You need to copy ~vpopmail/domains to the new server. That countains all accounts and data. To make qmail know about them you need to copy /var/qmail/users/*, /var/qmail/control/rcpthosts and /var/qmail/control/morercpthosts, too. Jst in case, check the directories under /var/qmail/ for special configs on your system. You forgot /var/qmail/control/virtualdomains. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Change/Rename all users to new domain
On Jan 24, 2007, at 10:32 AM, Juliano Souza - Tecnologia wrote: I have 300 users at the domain anyexample.net, we register a new domain called example.net. But the users authenticate via imap using [EMAIL PROTECTED]. I want to change/rename all the users to the new domain example.net , so the user are now [EMAIL PROTECTED], and authenticate using this account. How I can change transparently the method of auth and internal delivery (qmail/vpopmail) ? vaddaliasdomain anyexample.net example.net -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Change/Rename all users to new domain
On Jan 24, 2007, at 11:14 AM, Juliano Souza - Tecnologia wrote: I know about it, but it is incoming mails, if the user [EMAIL PROTECTED] send an email for the internet, the receiver [EMAIL PROTECTED] see the origin via anyexample.net, not example.net To fix that, you'll need to get the users to update their email client. I don't know of any way to have qmail rewrite headers on outbound email... -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Error: Illegal username
On Jan 15, 2007, at 7:19 AM, martin wrote: cd /home/vpopmail/bin ./vpasswd [EMAIL PROTECTED] password Error: Illegal username domain and user still exists. Tried other users in the domain and the second domain It fails with Error: Illegal username on all attempts. Is domain in /var/qmail/users/assign? Does vuserinfo work? Can you see the domain and it's vpasswd file in ~vpopmail/domains (exact directory will be listed in /var/qmail/users/assign)? -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] vpopmail max quota of 2GB
On Jan 15, 2007, at 9:29 AM, Iulian Liviu Ionescu wrote:
It seems that there's a limit in quota at 2GB. What are the options
available to have mail accounts with more than 4 GB quota?
One options: rewrite the Maildir++ patches for qmail and POP/IMAP
servers, along with vpopmail's quota support code to use a larger
variable type to store the sizes (long long?). It might be possible
to work around it with a hack of storing message sizes in bytes, but
the total of the sizes (and the user's quota) in KB. This would get
you up to 2TB quotas.
foreach message_size do {
bytes += message_size;
kbytes += bytes / 1024;
bytes = bytes % 1024;
}
I'm sure that at the time it was written, 2GB seemed like an insane
quota for a mailbox. Unfortunately it's now a realistic number.
Keep in mind that if you've got 2GB mailboxes, it probably requires
lots of resources to recalculate disk usage. Consider running a
nightly cronjob that calculates disk usage for all email users and
warns the ones who are over quota. If they stay over for a certain
period, bill them or turn their account off.
Not a pretty solution, but I'm afraid there's no easy way to support
quotas over 2GB.
--
Tom Collins - [EMAIL PROTECTED]
Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/
QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] qmail-tap installation issue
On Jan 10, 2007, at 11:30 AM, Facundo Barrera - GMail wrote: any ideas how to solute this?? You want -p1 instead of -p0. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] how use chkuser on dmz
On Jan 10, 2007, at 3:25 PM, Miki wrote: Ho I can handle it ? Chkuser is working fine when are domains on server, but how I can check user existency on remote server ? FYI: rsync of passwd.cdb is ok, but how check against aliases ? rsync ~vpopmail/domains but have it ignore any directory with Maildir in the name. That way you won't be syncing gigabytes of email. As Rick mentioned, mirror the /var/qmail/control/* and /var/qmail/ users/* files, *except* for /var/qmail/control/virtualdomains. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] onauth API
Guys, If you're on the vpopmail-devel list on Sourceforge, it would be a great place to take these discussions. They're good discussions to have, but I think it helps to keep discussions of the nitty-gritty details separate from the general user list. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] The future of valias other topics
On Jan 6, 2007, at 12:26 AM, John Simpson wrote: as for making .vpopmail* files fully compatible with .qmail* files, that could also be a good thing- however the interface (in terms of which environment variables will be passed to scripts run from the .vpopmail file, what values will be contained in those variables, and how the return values will be interpreted) should be not only documented, but made to be as compatible as possible with what qmail-local would pass to a script in the .qmail file of a system account mailbox. this way if somebody has to transition a domain from being system accounts to being managed by vpopmail, there should be no changes to the files or scripts (as long as they are using the environment variables properly, as opposed to hard- coding path names into the script- which we all know users do.) Except they would need to rename all of the .qmail-ext files in the user's directory to .vpopmail-ext. i respect charles and his opinion about .qmail and .vpopmail files... but making charles happy is not a primary goal of vpopmail, and it's certainly not an excuse to unsafely force this change on all of the existing vpopmail systems out there. i think it makes more sense to explain the situation to the administrators, provide them with a tool to manually rename the files en masse (and identify any problem cases where both .qmail and .vpopmail files already exist) and TELL them that it should be done- but the final decision about whether and when to do the change should be left in the hands of the administrator of each system. of course i would also remove the either/or filename logic from the NEXT version of vpopmail, so that if they haven't renamed the files, they become broken and it's their own fault. How about this -- make it a configure option. People who want to call them .vpopmail can choose that option and run the tool to do the conversion. People who want to continue using .qmail (like me) can easily do so. Seriously, I don't see any advantages for vpopmail admins to use .vpopmail instead of .qmail, other than it makes clear which files are parsed by .qmail-local and which are parsed by vdelivermail. (2) change all of the database back-ends to store their aliases in the filesystem. while this allows these users to control the sequence in which the delivery instructions will be processed, it TAKES AWAY their current ability to maintain the contents of their aliases by doing SQL queries, and FORCES them to have to edit a file on the filesystem in order to maintain their aliases. the second option would certainly be easier to write (only one set of maintenance functions involved.) however, if there are users who NEED to have the alias lines stored in a database, and they are willing to adjust their own systems to deal with a sequence field, then there is no reason (other than time constraints) that we can't store everything in a database. This already exists -- no need to write it. Just compile with -- disable-valias. i've already written pseudo-code for the framework of each maintenance operation, the only thing preventing me from turning that into real working code at this point is free time, and the lack of a consensus about how it will be handled (i.e. i don't want to write code which won't actually be used.) if there are users out there who NEED to have the alias lines stored in their database back-ends, we CAN make that happen. granted, it means more coding and more testing, which means it'll probably take a little longer to finish, but if it makes the program usable to more people, isn't that the important thing? I've pictured this in my head as well, and I agree with John that we should add a sequence field to the existing table, then add the tools to support it properly. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Rename user's .qmail to .vpopmail
On Jan 6, 2007, at 3:34 AM, Rick Widmer wrote: Tom Collins wrote: Now that .qmail files are fully supported in vpalias.c, we can update QmailAdmin to use the vpopmail API to work with the files, and it won't know anything about their contents. I'm planning on it. I may even have it done in some of the old code I have around here. I was working on unifying aliases when Ken released the daemon. Please let me do it -- I'm in the middle of working with some guys on making QmailAdmin skinnable with css. I know where to make the change, because I remember when I added valias support to QmailAdmin and had to leave some code in to handle dotqmail files. I'd bet a little bit that we are there already, I think extension handling was the last missing piece. I compared vdelivermail.c with man qmail-local and nothing stood out. Before I say they _are_ the same I'll have to compare the source code of both and do some testing. Since it took a week to write my last message, I make no promises when that will happen... maybe I'll just wait till someone discovers a difference. Do you think it would be possible for vdelivermail to set up the environment variables correctly and then call qmail-local on the virtual user's directory? Just a thought. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] The future of valias other topics
On Jan 6, 2007, at 5:15 PM, Rick Widmer wrote: Yes there will be a sequence field in the table. The question is how do we add the tools. Do we break the existing alias interface, or do we provide an alternate interface for when order is important, leaving all existing code intact. I'm working on a reply to John on this, but it may be a day or two... If the order isn't specified, it's added to the end. Create a new function in libvpopmail and new switches to the valias program to specify order. The old function just becomes a call to the new function. Include a define or configure check in QmailAdmin to see if they new API is present and, if so, show an interface to the user for it. Or, to make things easier, that QmailAdmin can require a minimum version of vpopmail. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Rename user's .qmail to .vpopmail
On Jan 5, 2007, at 10:34 AM, Rick Widmer wrote: I did not see any objections on changing to .vpopmail* files in user but not domain directories. If anyone does object, now is the time. Files in ~vppopmail/domains/user_name/ are executed by vdelivermail and will be renamed. Files in ~vpopmail/domains/ will stay .qmail and are executed by qmail-local. Vdelivermail will look for .vpopmail files and .qmail files in the users directory. If both exist, only the .vpopmail file will be executed. If it does not check the sticky bit and defer messages like qmail- local it needs to. Editing a user .qmail file with the library should result in it being renamed to .vpopmail. If both exist, the .qmail file is ignored. UPGRADE will recommend running Jeremy's script to bulk rename the files when you install. I don't see a huge reason to change to .vpopmail. Yes, it's true that vdelivermail is responsible for parsing it, but we're using identical syntax to a .qmail file. Looking at the old source, it appears that someone was working on a replacement for qmail-local that would understand the vpopmail setup. Here's where I get worried: QmailAdmin and (I think) SquirrelMail plugins and who-knows-what-else already make use of .qmail files. Now that .qmail files are fully supported in vpalias.c, we can update QmailAdmin to use the vpopmail API to work with the files, and it won't know anything about their contents. I do worry about version compatibility though -- someone running new vpopmail and old qmailadmin. I see limited benefit to changing at this point. If we're going to make vdelivermail more and more like qmail-local, then I'm for keeping the .qmail filenames. Tom Collins Tom Logic LLC PO Box 5717 Napa, CA 94581 (707) 265-6622 (707) 265-6646 fax [EMAIL PROTECTED]
Re: [vchkpw] Rename user's .qmail to .vpopmail
(sorry for not including this in my last email) On Jan 5, 2007, at 10:34 AM, Rick Widmer wrote: I still want to change files to .vpopmail, unless they go out of their way to disable it. I think Charles Cazabon's objection to .qmail files that are executed by vdelivermail is a strong enough reason to do so. I want to eliminate as many of his objections to vpopmail as I can. Who the heck is Charles Cazabon and why should I care that he thinks our files shouldn't be called .qmail? Vpopmail is an add-on to Qmail -- let's just rename vdelivermail to qmail-vpop... If vdelivermail handled the file identically to the way qmail-local does, would he be OK with that? -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Further thoughts on my localrelay patch
On Jan 3, 2007, at 10:48 AM, John Simpson wrote: there does need to be a way to set what gets added to the smtpd access control file for dynamic entries. i'm not sure that highjacking an existing option is the right way to do it, nor do i think it should be a configure option. i think it makes more sense to let it be configured at run time- something like read the first line of a ~vpopmail/etc/_ file and use that. I like the idea of an environment variable -- no overhead from reading it from a file every time vchkpw runs. You can also customize it per connection if necessary. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] A vpopmail farm/NFS framework?
On Jan 2, 2007, at 1:37 PM, DAve wrote: front-end (target)- NFS (source) --- /home/vpopmail/domains - /shared/vdomains /var/qmail/control - /shared/qmail-control /usr/local/www - /shared/webmail /var/tmp - /shared/webmail-sessions Don't forget /var/qmail/users as well. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
