qmail Digest 5 Feb 1999 11:00:10 -0000 Issue 542
Topics (messages 21482 through 21518):
new-inject vs qmail-inject
21482 by: Robin Bowes <[EMAIL PROTECTED]>
mail for nonexistent user: wrong bounce?
21483 by: "Sam" <[EMAIL PROTECTED]>
21484 by: Van Liedekerke Franky <[EMAIL PROTECTED]>
21485 by: "Sam" <[EMAIL PROTECTED]>
Supervise/Tcpserver/cyclog
21486 by: Peter van Dijk <[EMAIL PROTECTED]>
Redirecting or Copying bounced mail
21487 by: [EMAIL PROTECTED]
21492 by: "Soffen, Matthew" <[EMAIL PROTECTED]>
21493 by: [EMAIL PROTECTED]
21497 by: Sam <[EMAIL PROTECTED]>
21502 by: Russ Allbery <[EMAIL PROTECTED]>
21505 by: [EMAIL PROTECTED]
21506 by: Russ Allbery <[EMAIL PROTECTED]>
21507 by: [EMAIL PROTECTED]
QMTP + VERP
21488 by: "Fred Lindberg" <[EMAIL PROTECTED]>
21490 by: Russell Nelson <[EMAIL PROTECTED]>
Slow Queue Processing
21489 by: Jonathan Nalley <[EMAIL PROTECTED]>
21491 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
21498 by: Peter Gradwell <[EMAIL PROTECTED]>
21499 by: Roger Merchberger <[EMAIL PROTECTED]>
Three solutions for spam
21494 by: [EMAIL PROTECTED]
21496 by: Vince Vielhaber <[EMAIL PROTECTED]>
21501 by: [EMAIL PROTECTED]
Filters with qmail
21495 by: Mike Meyer <[EMAIL PROTECTED]>
NFS attribute caching, was Re: Million users
21500 by: Scott Lystig Fritchie <[EMAIL PROTECTED]>
TCP Rule
21503 by: "Moh. Deny Kurniawan" <[EMAIL PROTECTED]>
21504 by: Chris Johnson <[EMAIL PROTECTED]>
21508 by: "Moh. Deny Kurniawan" <[EMAIL PROTECTED]>
21510 by: Stefan Paletta <[EMAIL PROTECTED]>
21516 by: [EMAIL PROTECTED]
How to slowly drain Maildir via maildirsmtp ?
21509 by: Yusuf Goolamabbas <[EMAIL PROTECTED]>
21511 by: Sam <[EMAIL PROTECTED]>
21512 by: "Justin M. Streiner" <[EMAIL PROTECTED]>
21517 by: [EMAIL PROTECTED]
qmail-send message
21513 by: Ramon H Gonzalez <[EMAIL PROTECTED]>
21515 by: Anand Buddhdev <[EMAIL PROTECTED]>
PATH and related things at installation
21514 by: Chris Green <[EMAIL PROTECTED]>
21518 by: [EMAIL PROTECTED]
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
<[EMAIL PROTECTED]> wrote:
Original Article: http://www.egroups.com/list/djb-qmail/?start=24126
> Paul Halliday writes:
> > Therefore all mail to the internet would be stamped '@ourdomain', but all
> > company mail to companydomain stamped '@ourhost.companydomain'; this is to
> > avoid replied to sensitive company mail being routed via the internet.
>
> With the experimental ofmipd program in the mess822 package you can
> easily set up a gateway that accepts messages from authorized hosts and
> rewrites @ourhost.companydomain as @ourdomain. The other qmail hosts can
> use smtproutes to forward outgoing mail to that gateway.
>
> ---Dan
Hmmmm. I've been trying to do this for a couple of days and, even with
a bit of help from MW have not managed to work out how to do it.
I'm experimenting at home with a single linux box, hostname "grafter".
I've got qmail running on port 25 and ofmitpd on port 26.
My internal domain is "home.internal", my external domain is
dsch.freeserve.co.uk. I'd like to re-write all outgoing mail to use my
external domain.
My qmail/control files are:
defaultdomain:
home.internal
locals:
localhost.home.internal
grafter.home.internal
dsch.freeserve.co.uk
me:
grafter.home.internal
plusdomain:
home.internal
rcpthosts:
localhost.home.internal
grafter.home.internal
dsch.freeserve.co.uk
rewrite
-home.internal:dsch.freeserve.co.uk
smtproutes
home.internal:
.home.internal:
dsch.freeserve.co.uk:grafter.home.internal
:grafter.home.internal:26
With this setup, the re-direction to ofmipd works ie the mail gets
forwarded and re-written but it then loops. It would appear that ofmipd
is using the same smtproutes as qmail-smtpd and re-forwards the mail to
itself.
I'd be really grateful if you could tell me where I'm going wrong.
Thanks,
R
--
Two rules to success in life:
1. Don't tell people everything you know.
-- Sassan Tat
Franky Van Liedekerke writes:
> Hi,
>
> I've setup qmail 1.03 with the anti UCE path from Sam, but I'm seeing
> some strange things:
>
> when somebody from the external word sends a mail to a nonexistent user,
>
> he gets a mail back
> with failure notice etc, but in the notice it isn't said why it failed.
Since a nonexistent recipient is now rejected by RCPT TO:, it is the
sending host that is responsible for generating the bounce message, not
Qmail.
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 dpinc.ml.org - legitimate mail welcome, 64K max message size ESMTP
MAIL FROM:<>
250 ok
RCPT TO:<[EMAIL PROTECTED]>
550 Sorry, no mailbox here by that name. (#5.1.1)
If the sending mail server takes the 550 rejection, and throws it away,
someone's buggy code needs to be fixed.
> But I can see the reason in the logfiles. Does this have something todo
> with the remote client or remote mailserver?
> When I try the same, it's ok for my hotmail account, and I see the
> failure reason.
Because Hotmail's mail servers properly record the bounce error code.
For everyone's edification, identify the mail server who's bounce is brain
dead. I've heard of certain mail server who can't generate a meaningfull
error message for a MAIL FROM:, but this is a first time I've heard of any
mutation that doesn't even tell you why RCPT TO: rejected.
Hi Sam,
in your patch, I have disabled the REJECTNOSUCHUSER otherwise my ldap users
don't get any mail (or am I wrong?).
Maybe then I should enable BOUNCEMAIL_INTERNAL as well?
> ----------
> From: Sam[SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, February 04, 1999 2:06 PM
> Cc: [EMAIL PROTECTED]
> Subject: Re: mail for nonexistent user: wrong bounce?
>
> Franky Van Liedekerke writes:
>
> > Hi,
> >
> > I've setup qmail 1.03 with the anti UCE path from Sam, but I'm seeing
> > some strange things:
> >
> > when somebody from the external word sends a mail to a nonexistent user,
> >
> > he gets a mail back
> > with failure notice etc, but in the notice it isn't said why it failed.
>
> Since a nonexistent recipient is now rejected by RCPT TO:, it is the
> sending host that is responsible for generating the bounce message, not
> Qmail.
>
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> 220 dpinc.ml.org - legitimate mail welcome, 64K max message size ESMTP
> MAIL FROM:<>
> 250 ok
> RCPT TO:<[EMAIL PROTECTED]>
> 550 Sorry, no mailbox here by that name. (#5.1.1)
>
> If the sending mail server takes the 550 rejection, and throws it away,
> someone's buggy code needs to be fixed.
>
> > But I can see the reason in the logfiles. Does this have something todo
> > with the remote client or remote mailserver?
> > When I try the same, it's ok for my hotmail account, and I see the
> > failure reason.
>
> Because Hotmail's mail servers properly record the bounce error code.
>
> For everyone's edification, identify the mail server who's bounce is brain
> dead. I've heard of certain mail server who can't generate a meaningfull
> error message for a MAIL FROM:, but this is a first time I've heard of any
> mutation that doesn't even tell you why RCPT TO: rejected.
>
Van Liedekerke Franky writes:
> Hi Sam,
>
> in your patch, I have disabled the REJECTNOSUCHUSER otherwise my ldap users
> don't get any mail (or am I wrong?).
No -- that's true. In this case, the bounce should be generated as usual:
Hi. This is the qmail-send program at dpinc.ml.org.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<[EMAIL PROTECTED]>:
Sorry, no mailbox here by that name. (#5.1.1)
--- Below this line is a copy of the message.
...
On Wed, Feb 03, 1999 at 11:28:34AM -0700, John Gonzalez/netMDC admin wrote:
> I'm wondering if anyone here is running the above combination?
>
> I have qmaild running under tcpserver at the time, but now our machine has
> become busy enough that the pop3 service is looping (in inetd) and want to
> replace it with tcpserver.
>
> I've also noticed that the single process on the machine that is a hog is
> the syslog process, so i also want to replace this with cyclog.
>
> What my question is:
>
> I'm running qmail1.03 with Bruce Guenters vmailmgrd package (a checkpw
> replacement) -- what kind of command lines is everyone else running?
>
> I need one for qmail and for qmail-pop3d -- anyone have some suggestions?
I have this in my /etc/rc.d/rc.inet2 for my incoming mail:
/usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -v -u 31 -g 30 0 smtp
/var/qmail/bin/qmail-smtpd 2>&1 | /var/qmail/bin/splogger smtpd 3 &
(That's one line, not two..)
not running qmail-pop3d (yet).
Greetz, Peter.
--
.| Peter van Dijk
.| [EMAIL PROTECTED]
I need to have control over where bounced mail is sent
for this one particular qmail server.
I need at least a copy of all bounced mail sent to a
particular account that is local to the qmail server.
Is this possible or will I need to modify the source code?
Ken Jones
Inter7
This is an easy one.
You need to setup a /var/qmail/alias/.qmail-default file like this:
In it you have an email address to send the bounces to and a call to a
script like this:
&address_to_get_bounces
|bounce_script
This is what I use as bounce_script
#!/usr/bin/perl
print "Sorry, no mailbox here by that name (#5.1.1)";
print STDERR "Sorry, no mailbox here by that name (#5.1.1)";
exit 100;
This will
1) Send the bounce to address_to_get_bounces
2) Then bounce the letter immediately.
I hope this helps.
Matt Soffen
Webmaster - http://www.iso-ne.com/
==============================================
Boss - "My boss says we need some eunuch programmers."
Dilbert - "I think he means UNIX and I already know UNIX."
Boss - "Well, if the company nurse comes by, tell her I said
never mind."
- Dilbert -
==============================================
> ----------
> From: [EMAIL PROTECTED][SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, February 04, 1999 9:36 AM
> To: [EMAIL PROTECTED]
> Subject: Redirecting or Copying bounced mail
>
>
> I need to have control over where bounced mail is sent
> for this one particular qmail server.
>
> I need at least a copy of all bounced mail sent to a
> particular account that is local to the qmail server.
>
> Is this possible or will I need to modify the source code?
>
> Ken Jones
> Inter7
>
I must not have been clear, I was asking about receiving the bounces
and not generating them.
What I really need to do is re-write the Return-Path on all mail
that is relayed thru our machine.
Ken Jones
On Thu, Feb 04, 1999 at 11:13:06AM -0500, Soffen, Matthew wrote:
> This is an easy one.
>
> You need to setup a /var/qmail/alias/.qmail-default file like this:
> In it you have an email address to send the bounces to and a call to a
> script like this:
> &address_to_get_bounces
> |bounce_script
>
> This is what I use as bounce_script
>
> #!/usr/bin/perl
> print "Sorry, no mailbox here by that name (#5.1.1)";
> print STDERR "Sorry, no mailbox here by that name (#5.1.1)";
> exit 100;
>
>
> This will
> 1) Send the bounce to address_to_get_bounces
> 2) Then bounce the letter immediately.
>
> I hope this helps.
>
> Matt Soffen
> Webmaster - http://www.iso-ne.com/
> ==============================================
> Boss - "My boss says we need some eunuch programmers."
> Dilbert - "I think he means UNIX and I already know UNIX."
> Boss - "Well, if the company nurse comes by, tell her I said
> never mind."
> - Dilbert -
> ==============================================
>
> > ----------
> > From: [EMAIL PROTECTED][SMTP:[EMAIL PROTECTED]]
> > Sent: Thursday, February 04, 1999 9:36 AM
> > To: [EMAIL PROTECTED]
> > Subject: Redirecting or Copying bounced mail
> >
> >
> > I need to have control over where bounced mail is sent
> > for this one particular qmail server.
> >
> > I need at least a copy of all bounced mail sent to a
> > particular account that is local to the qmail server.
> >
> > Is this possible or will I need to modify the source code?
> >
> > Ken Jones
> > Inter7
> >
On Thu, 4 Feb 1999 [EMAIL PROTECTED] wrote:
>
> I must not have been clear, I was asking about receiving the bounces
> and not generating them.
>
> What I really need to do is re-write the Return-Path on all mail
> that is relayed thru our machine.
That's the envelope sender address.
Go into qmail-smtpd.c. Find the part the handles the 'mail from:'
command.
As soon as it gets it, quietly toss away the input buffer, and replace it
with 'mail from: <bounceuser@bouncedomain>', then let qmail-smtpd chug
along on its merry way, hoping that noone would notice.
For a fancy-shmancy solution, populate the address from an environment
variable, then use tcpserver to set the environment variable via tcprules.
Soffen, Matthew <[EMAIL PROTECTED]> writes:
> This is what I use as bounce_script
> #!/usr/bin/perl
> print "Sorry, no mailbox here by that name (#5.1.1)";
> print STDERR "Sorry, no mailbox here by that name (#5.1.1)";
> exit 100;
I like Perl as well or better than the next guy, but wouldn't this be more
succinctly (and slightly faster) written as:
|bouncesaying 'Sorry, no mailbox here by that name. (#5.1.1)'
than with a Perl script?
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
On Thu, Feb 04, 1999 at 05:34:07PM -0800, Russ Allbery wrote:
> johnjohn <[EMAIL PROTECTED]> writes:
>
> > No. This is after the embedding of a perl interpreter in qmail-local.
>
> Ooo, bizarre. Yeah, that'd make Perl scripts faster.
What? Did I forget my smiley again?
--
John White
[EMAIL PROTECTED]
PGP Public Key: http://www.triceratops.com/john/public-key.pgp
johnjohn <[EMAIL PROTECTED]> writes:
> On Thu, Feb 04, 1999 at 05:34:07PM -0800, Russ Allbery wrote:
>> johnjohn <[EMAIL PROTECTED]> writes:
>>> No. This is after the embedding of a perl interpreter in qmail-local.
>> Ooo, bizarre. Yeah, that'd make Perl scripts faster.
> What? Did I forget my smiley again?
Hey, I already have a Perl interpretor embedded into INN, and actually
embedding a Perl interpretor into qmail-local on my news machines would
probably speed up mail deliveries, since pretty much all the deliveries on
that machine are to Perl scripts.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
It turns out what we really needed to do was attach
a "Return-Path: <email address>" line to each email
that was being relayed via a C class address.
I added a line to /etc/tcp.smtp and ran tcprules
(we are using tcpserver for the smtp server)
The line consisted of:
IP address:allow,RELAYCLIENT="@fixup"
Then added a line to virtualdomains:
fixup:fixup
Then added a .qmail-fixup-default file in /var/qmail/alias
containing the line:
|/var/qmail/bin/fixup-return-path | /var/qmail/bin/qmail-inject
We wrote a program fixup-return-path that adds a
Return-Path: <bounce email address> to the email message.
The result is: all emails relayed from the C class IP
in /etc/tcp.smtp has a local email address as the Return-Path:
header. If any mail bounces, it is delivered to a local email
address on the relay machine.
Thanks for the help
Ken Jones
Inter7 Internet Technologies, Inc.
http://www.inter7.com/qmail/
On Wed, 03 Feb 1999 23:09:52 +0100 (MET), Stefan Paletta wrote:
>Any takers for an ESMTP server-sided VERP expansion extension draft? ;-)
Any takes for a QMTP _recipient_ side VERP expansion draft?
When you talk about several recipients in a QMTP message where the QMTP
recipient does VERP expansion there are no valid arguments whatsoever
against having multiple recipients.
In essence, you get raw qmail queue communication. Fast, efficient, and
usable both as normal hosts and especially as smarthosts. You can run
mailing lists on a host with a not-so-good connection, QMTP them to a
well-connected smarthost and explode then there. To other QMTP hosts
they go on as multi-recipient messages, to SMTP hosts they go
one-by-one after VERP expansion.
-Sincerely, Fred
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
Fred Lindberg writes:
> On Wed, 03 Feb 1999 23:09:52 +0100 (MET), Stefan Paletta wrote:
>
> >Any takers for an ESMTP server-sided VERP expansion extension draft? ;-)
>
> Any takes for a QMTP _recipient_ side VERP expansion draft?
>
> When you talk about several recipients in a QMTP message where the QMTP
> recipient does VERP expansion there are no valid arguments whatsoever
> against having multiple recipients.
>
> In essence, you get raw qmail queue communication. Fast, efficient, and
> usable both as normal hosts and especially as smarthosts. You can run
> mailing lists on a host with a not-so-good connection, QMTP them to a
> well-connected smarthost and explode then there. To other QMTP hosts
> they go on as multi-recipient messages, to SMTP hosts they go
> one-by-one after VERP expansion.
THAT would be really really cool. There are some people (such as Mark
Crispin) who object to VERP in such strong terms as to call it a
denial of service attack. By way of explanation, his MTA retains
multi-RCPT message in a single file. When a VERP'ed message comes in,
each has to be stored in its own file.
If qmail's QMTP client coagulated recipients addressed to the same
hostname (chasing down MXes take more bandwidth, as Dan has proven),
then we could tell the Mark Crispins of the world, "So implement QMTP
if you're that concerned about resources. QMTP takes less bandwidth,
and can receive any number of recipients in a single message."
I'd really like to see this in qmail 2.0. Anything I can do to help, Dan?
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
I recently installed qmail on our mail server. The interval of time at
which the queue is processed seems quite long. A local to local
delivery may take 45 minutes. The server is very lightly loaded. There
are no more than 300 mail accounts and the queue typically has less than
150 messages (even with the delay). I searched the list archive for
this problem and found many posts that recommended logging using
something other than syslog, so I took that advice and am using:
supervise /var/lock/svc/qmail \
qmail-start "./Mailbox" | accustamp | \
cyclog -s 1000000 -n 20 /var/log/qmail &
to start qmail. Also I read that I could force the queue to run by
sending a SIGALRM to qmail-send. When I do this the log file shows that
the queue attempts to process messages destined for remote hosts, but it
fails to process messages to be delivered locally. If I send a
SIGALRM to qmail-lspawn all messages are processed. As a temporary fix
I have been sending a SIGALRM to qmail-lspawn to force delivery.
I would like to know what causes the queue to be processed, does it
normally run upon receipt of each new message? Any advice for things to
look for is greatly appreciated.
Thanks,
--
Jon Nalley
Systems Administrator
Gulf Interstate Engineering
- Jonathan Nalley <[EMAIL PROTECTED]>:
| The interval of time at which the queue is processed seems quite
| long. A local to local delivery may take 45 minutes.
That is *definitely* wrong.
| Also I read that I could force the queue to run by sending a SIGALRM
| to qmail-send. When I do this the log file shows that the queue
| attempts to process messages destined for remote hosts, but it fails
| to process messages to be delivered locally.
Is it possible that some local deliveries are hanging, taking up all
the local delivery slots? Check the log for status messages. A
typical one looks like this: status: local 1/10 remote 1/20 which
means that one out of 10 local delivery slots is taken, etc.
| If I send a SIGALRM to qmail-lspawn all messages are processed. As
| a temporary fix I have been sending a SIGALRM to qmail-lspawn to
| force delivery.
Hmm. I don't see a signal handler for SIGALRM in the code, so I would
expect that to terminate qmail-lspawn and hence bring qmail-send
crashing down??
| I would like to know what causes the queue to be processed, does it
| normally run upon receipt of each new message?
Yes. See the end of the INTERNALS file, and check the permissions on
stuff in the lock/ subdirectory. "make check" does this for you. If
it reports any problems, stop qmail and run "make setup" to repair the
damage. (But a wrong permission on lock/trigger will typically only
cause a <25 minute delay, as that is how often qmail-send checks the
todo/ subdir in the absense of activity on lock/trigger.)
| Any advice for things to look for is greatly appreciated.
Other than the above, the only thing I can think of is to trace your
processes to see what they're up to. And you could tell us what OS
you're on. Maybe there is an OS bug or gotcha that someone here knows
about.
- Harald
At 4:49 pm +0100 4/2/99,the wonderful Harald Hanche-Olsen wrote:
>Hmm. I don't see a signal handler for SIGALRM in the code, so I would
>expect that to terminate qmail-lspawn and hence bring qmail-send
>crashing down??
it's in the FAQ:
--
7.2. How do I manually run the queue? I'd like qmail to try delivering
all the remote messages right now.
Answer: Give the qmail-send process an ALRM. (Do svc -a /var/run/qmail
if qmail is supervised.)
You may want to run qmail-tcpok first, to guarantee that qmail-remote
will try all addresses. Normally, if an address fails repeatedly,
qmail-remote leaves it alone for an hour.
--
Peter
--
gradwell dot com ltd - writing the bits of the web you don't see
online @ http://www.gradwell.com/ mailto:[EMAIL PROTECTED]
"To look back all the time is boring. Excitement lies in tomorrow"
Once upon a midnight dreary, Peter Gradwell had spoken clearly:
>At 4:49 pm +0100 4/2/99,the wonderful Harald Hanche-Olsen wrote:
>
>>Hmm. I don't see a signal handler for SIGALRM in the code, so I would
>>expect that to terminate qmail-lspawn and hence bring qmail-send
^^^^^^^^^^^^^^^^^^^^^^
>>crashing down??
>
>it's in the FAQ:
>--
>7.2. How do I manually run the queue? I'd like qmail to try delivering
>all the remote messages right now.
>
>Answer: Give the qmail-send process an ALRM. (Do svc -a /var/run/qmail
^^^^^^^^^^
>if qmail is supervised.)
Right... but the original poster said that he was sending qmail-lspawn the
signal, not qmail-send.
Sending a signal to qmail-lspawn might send it into a tailspin, but there
are others on this list better to comment on that than I.
HTH,
Roger "Merch" Merchberger
--
Roger "Merch" Merchberger --- sysadmin, Iceberg Computers
Recycling is good, right??? Ok, so I'll recycle an old .sig.
If at first you don't succeed, nuclear warhead
disarmament should *not* be your first career choice.
>Did anyone catch the CNN.com frontpage article (link) about
>Cyber Vigilantes? *shudder*
I couldn't find this when I looked recently...if anyone has a URL,
I'd like to see it, and maybe others would too.
tq vm, (burley)
On 4 Feb 1999 [EMAIL PROTECTED] wrote:
> >Did anyone catch the CNN.com frontpage article (link) about
> >Cyber Vigilantes? *shudder*
>
> I couldn't find this when I looked recently...if anyone has a URL,
> I'd like to see it, and maybe others would too.
>
> tq vm, (burley)
>
How's this?
http://cnn.com/TECH/computing/9901/12/cybervigilantes.idg/index.html
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
>How's this?
>
>http://cnn.com/TECH/computing/9901/12/cybervigilantes.idg/index.html
Thanks!!!
tq vm, (burley)
On 4 Feb 1999, Lorens Kockum wrote:
> On the qmail list [EMAIL PROTECTED] wrote:
> >
> >Oh, tosh. I've got a server listed on those lists - has been for close
> >to a year. It runs mail lists, [...]
>
> And I suppose that you don't care that your server is probably
> being used to send spam all over the world ?
Actually, the server is no longer an open relay. Getting it taken off
the blocking lists is more trouble than it's worth, as there aren't
enough sites using them to matter. When it was open, I dealt with it
with the same kinds of tools as the people who are talking about doing
it here are doing.
The only relation between technical solutions and business models is
that the first enables the second. In spite of what the Politically
Correct SMTP Server Police want you to believe, open relays are a
perfectly valid technical solution, and enable some usefull business
models. Since the internet is no longer a nice neighborhood, you need
*other* technical solutions to block spammers. Those exist, and giving
people trying to find them a blanket "don't do that" is *at best*
pointless, and may actually do harm.
Personally, I favor more aggressive solutions. For instance, if
someone obviously has no problems with putting email addresses on mail
lists without the owners permission, putting a few of theirs on a
news-answers feed seems justified.
<mike
>>>>> "jc" == Jere Cassidy <[EMAIL PROTECTED]> writes:
jc> ... Backend network is a Netapp F230 that is handling the Maildirs.
jc> a) Almost all delivery (from sending client to remote client)
jc> takes 3 to 4 minutes. However, If I look in the receiving
jc> client's Maildir/new after the sending client sends the message,
jc> it is there in 5 to 10 seconds. Any POP3 connection simply does
jc> not notice the file is there even though it is present on all 4
jc> servers (via the Netapp, of course). Most likely this is the
jc> result of some caching that the front end servers are doing, but
jc> we haven't been able to track it down exactly.
You're probably being bitten by NFS attribute caching. Under Solaris,
the "actimo" option ought to be cranked down to zero if you want to
have new files be visible to other NFS clients immediately. See the
"File Attributes" portion of the Solaris mount_nfs(1M) man page.
Other OSes may or may not have knobs to tweak for NFS attribute
caching.
A good reference for this sort of thing is a paper from the USENIX
Symposium on Internet Technologies and Systems (USITS) Proceedings,
Monterey, CA, December 1997: "A Highly Scalable Electronic Mail
Service Using Open Systems" by Nick Christenson, Tim Bosserman, and
David Beckemeyer of EarthLink Network, Inc. The email servers at
EarthLink have been using NetApp fileservers for message storage for
years; the paper discusses the architecture, problems they
encountered, and solutions used.
-Scott
---
Scott Lystig Fritchie, Minneapolis, MN
Professional Governing: Is It Faked?
Help...
I have a problem with tcprules
I deny every host to use smtp.x.x.x, except 209.134.x.x
and it works fine
but when i tried to send an e-mail from somewhere (i.e mail.yahoo.com) to
smtp.x.x.x machine, that e-mail has been denied too.
What I want is:
deny every host to use smtp server on smtp.x.x.x except 209.134.x.x but
allow every host to send e-mails to smtp.x.x.x machine.
Thanks in advances
On Fri, Feb 05, 1999 at 08:21:58AM +0700, Moh. Deny Kurniawan wrote:
> Help...
>
> I have a problem with tcprules
>
> I deny every host to use smtp.x.x.x, except 209.134.x.x
>
> and it works fine
>
> but when i tried to send an e-mail from somewhere (i.e mail.yahoo.com) to
> smtp.x.x.x machine, that e-mail has been denied too.
>
> What I want is:
>
> deny every host to use smtp server on smtp.x.x.x except 209.134.x.x but
> allow every host to send e-mails to smtp.x.x.x machine.
You don't want to deny them use of your SMTP server; you just want to disallow
them from using you for a relay (i.e. from sending mail to a non-local
address). In your rules file you want the following single line:
209.134.:allow,RELAYCLIENT=""
And in the file control/rcpthosts you want to list all the domains for which
you want to accept mail. The above line will set RELAYCLIENT for any host
209.134.x.x, which will allow that host to relay. Any other host will be
allowed to connect, but will be restricted to sending mail to a domain you've
listed in control/rcpthosts.
Chris
Thanks for your reply Mr Johnson,
Actually what I want is:
# first step:
deny every host to use smtp server on smtp.x.x.x, except 209.134.x.x
so every computer with IP 209.134.x.x can send e-mail to everywhere.
# second step:
smtp.x.x.x allow to receive e-mail from everywhere.
# but
when I did the "first step" , unfortunately smtp.x.x.x can not receive
e-mail from all host, except 209.134.x.x
I think imposibble to list thousand host to control/rcpthost because I
want to allow smtp.x.x.x machine to receive e-mail from everywhere.
On Thu, 4 Feb 1999, Chris Johnson wrote:
> On Fri, Feb 05, 1999 at 08:21:58AM +0700, Moh. Deny Kurniawan wrote:
> > Help...
> >
> > I have a problem with tcprules
> >
> > I deny every host to use smtp.x.x.x, except 209.134.x.x
> >
> > and it works fine
> >
> > but when i tried to send an e-mail from somewhere (i.e mail.yahoo.com) to
> > smtp.x.x.x machine, that e-mail has been denied too.
> >
> > What I want is:
> >
> > deny every host to use smtp server on smtp.x.x.x except 209.134.x.x but
> > allow every host to send e-mails to smtp.x.x.x machine.
>
> You don't want to deny them use of your SMTP server; you just want to disallow
> them from using you for a relay (i.e. from sending mail to a non-local
> address). In your rules file you want the following single line:
>
> 209.134.:allow,RELAYCLIENT=""
>
> And in the file control/rcpthosts you want to list all the domains for which
> you want to accept mail. The above line will set RELAYCLIENT for any host
> 209.134.x.x, which will allow that host to relay. Any other host will be
> allowed to connect, but will be restricted to sending mail to a domain you've
> listed in control/rcpthosts.
>
> Chris
>
Moh. Deny Kurniawan wrote/schrieb/scribsit:
> I think imposibble to list thousand host to control/rcpthost because I
> want to allow smtp.x.x.x machine to receive e-mail from everywhere.
In control/rcpthosts you list hosts you take mail _for_, not from.
A "deny" in tcprules means "I won't let him talk to me at all". For a mail
server of course, this is not an acceptable default if you want to receive
mail from everywhere. By default, qmail will do only that, take mail from
anywhere addressed to itself (listed in rcpthosts) but not to elsewhere.
If, in your case, you want to allow a specific set of hosts to inject mail
on the server, you have to overwrite qmail's default by supplying the
RELAYCLIENT enviroment variable to qmail-smtpd. tcpserver will do that for
you dependant on the client's address. This is what Chris wrote.
Stefan
On Fri, Feb 05, 1999 at 10:02:21AM +0700, Moh. Deny Kurniawan wrote:
>
> Thanks for your reply Mr Johnson,
>
> Actually what I want is:
>
> # first step:
> deny every host to use smtp server on smtp.x.x.x, except 209.134.x.x
> so every computer with IP 209.134.x.x can send e-mail to everywhere.
> # second step:
> smtp.x.x.x allow to receive e-mail from everywhere.
My machine is 206.*. I connect to smtp.x.x.x. smtp.x.x.x's
first step is to "deny every host except 209.134.*". 206....
doesn't fall into that group, so my connection is dropped.
I never get to you second step.
Which means your first step is flawed. See?
What you really want is to accept connections from "everywhere",
and set RELAYCLIENT for mail from 209.134.x.x
--
John White
[EMAIL PROTECTED]
PGP Public Key: http://www.triceratops.com/john/public-key.pgp
Hi, I had setup a backup mailserver to collect incoming mail whilst my
server was being upgraded. I used virtualdomains and put it all in a
Maildir. Now that the server has been upgraded, I plan to use
maildirsmtp to send the mail back out. However, I would like to not
flood the remote machine and send some messages, wait for (a little
while) the remote machine to clear its queue etc
Appreciate any ideas
Regards, Yusuf
--
Yusuf Goolamabbas
[EMAIL PROTECTED]
On 5 Feb 1999, Yusuf Goolamabbas wrote:
> maildirsmtp to send the mail back out. However, I would like to not
> flood the remote machine and send some messages, wait for (a little
> while) the remote machine to clear its queue etc
Set concurrencyremote to 1. Not exactly what you want, but that's the
best you can do without hacking the code.
On 5 Feb 1999, Yusuf Goolamabbas wrote:
> Hi, I had setup a backup mailserver to collect incoming mail whilst my
> server was being upgraded. I used virtualdomains and put it all in a
> Maildir. Now that the server has been upgraded, I plan to use
> maildirsmtp to send the mail back out. However, I would like to not
> flood the remote machine and send some messages, wait for (a little
> while) the remote machine to clear its queue etc
If you're running tcpserver on the new main mail server, you can adjust
the number of concurrent qmail-smtpd processes that can be opened at any
one time. IIRC maildirsmtp uses qmail's normal remote delivery system,
so you can also set your concurrencyremote accordingly. Your machines and
network will determine what you can reasonably set this to without
burying the primary server.
We've had to do something similar to this in the past.
jms
On Fri, Feb 05, 1999 at 12:48:48AM -0500, Sam wrote:
> On 5 Feb 1999, Yusuf Goolamabbas wrote:
>
> > maildirsmtp to send the mail back out. However, I would like to not
> > flood the remote machine and send some messages, wait for (a little
> > while) the remote machine to clear its queue etc
>
> Set concurrencyremote to 1. Not exactly what you want, but that's the
> best you can do without hacking the code.
I don't think this is what you want.
maildirsmtp connects to a single smtp server, and sends each message
to that single server.
I don't think that a single instance of qmail-smtpd can accept
mail fast enough to overwhelm qmail-send.
The key is to either
1) Not worry (my suggestion)
or
2) limit qmail-smtpd's concurrency using tcpserver -c
Again, qmail should be able to queue mail faster than you can send
it to the machine using serialmail.
--
John White
[EMAIL PROTECTED]
PGP Public Key: http://www.triceratops.com/john/public-key.pgp
Greetings,
How do I change the format of the message generated by qmail-send for mail
deliveries which are non-existent. I want to change:
Hi. This is the qmail-send program at my.host.com.
I'm afraid I wasn't able to deliver your message to the following
addresses. This is a permanent error; I've given up. Sorry it didn't work
out.
To something a little more personal.
Thanks,
ramon
On Fri, Feb 05, 1999 at 12:52:27AM -0700, Ramon H Gonzalez wrote:
The format of bounce messages for qmail-send is known as QSBMF, the
qmail-send bounce message format. For more information about it, go to:
ftp://koobera.math.uic.edu/www/proto/qsbmf.txt
This format relies on the string "Hi. This is the" to indicate that it is
in QSBMF. If you are happy about making changes that will break this
feature, go ahead and edit qmail-send.c, recompile and reinstall.
Note for Dan: QSBMF relies on an English string "Hi. This is the". But
English is not the only language in use around the 'net. What happens to
those who want to use say German or French for their bounce message and
still rely on QSBMF? The only way I can think of is to retain the English
message, and tag the other language onto the English paragraph. This will
be in keeping with QSBMF and yet provide support for another language.
However, this would look messy, with the second language following English
in the same paragraph, and possibly being missed. I am aware that most 'net
users understand English, but it's wrong to assume everyone knows English,
especially since more and more countries in the world join the 'net.
> Greetings,
>
> How do I change the format of the message generated by qmail-send for mail
> deliveries which are non-existent. I want to change:
>
> Hi. This is the qmail-send program at my.host.com.
> I'm afraid I wasn't able to deliver your message to the following
> addresses. This is a permanent error; I've given up. Sorry it didn't work
> out.
>
> To something a little more personal.
>
> Thanks,
> ramon
>
>
--
Anand
System Administrator
Africa Online Ltd
http://www.anand.org
I am currently in the process of setting up qmail on a SoHo system
running RedHat 5.2 Linux. While following the INSTALL document(s) has
lead me through most things fairly easily I am left with a couple of
queries:-
1 - The default installation directory is /var/qmail, do most
installations actually use this? If you do use this do you add
/var/qmail/bin to the qmail administrator's (usually root) path
or what? After install unless you do something manually none of
the executables are accessible and nor are the man pages.
2 - Related to the above (and I know there's a checkpasswd list)
checkpasswd has / as its default installation root. It works
OK there but sets the permissions on / to 0700 which is a bit
disastrous! It took me quite a while to fathom out what had
happened.
3 - The INSTALL.maildir file says: "Here's how to set up qmail to use
maildir for your incoming mail:
% maildirmake $HOME/Maildir
% echo ./Maildir/ > ~/.qmail
Make sure you include the trailing slash on Maildir/.
The system administrator can set up Maildir as the default for everybody
by creating a maildir in the new-user template directory and replacing
./Mailbox with ./Maildir/ in /var/qmail/rc."
Two things - firstly 'maildirmake' won't work unless you've
previously added to your path as I've asked about above. Secondly
what's this bit about "creating a maildir in the new-user template
directory"? A bit more help would be welcome here.
As a general comment, since qmail is often suggested as the easiest to
install mail system for Linux/Unix it will often be chosen by
relatively inexperienced newcomers to Linux. Thus the rather basic
things like paths and so on need to be spelt out a bit better I think.
--
Chris Green ([EMAIL PROTECTED])
Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED]
WWW: http://www.isbd.co.uk/
On Fri, Feb 05, 1999 at 08:28:43AM +0000, Chris Green wrote:
>
> 1 - The default installation directory is /var/qmail, do most
> installations actually use this? If you do use this do you add
> /var/qmail/bin to the qmail administrator's (usually root) path
> or what? After install unless you do something manually none of
> the executables are accessible and nor are the man pages.
>
In bash, the default shell for a linux system,
export PATH=${PATH}:/var/qmail/bin
export MANPATH=${MANPATH}:/var/qmail/man
> 2 - Related to the above (and I know there's a checkpasswd list)
> checkpasswd has / as its default installation root.
Really? my conf-home says /usr/local. I don't remember if I
changed it or not...
> Two things - firstly 'maildirmake' won't work unless you've
> previously added to your path as I've asked about above.
I agree. You generally cannot run a program that isn't in your
path, or referenced explicitly.
> Secondly
> what's this bit about "creating a maildir in the new-user template
> directory"? A bit more help would be welcome here.
>
man adduser
/skel
> As a general comment, since qmail is often suggested as the easiest to
> install mail system for Linux/Unix it will often be chosen by
> relatively inexperienced newcomers to Linux. Thus the rather basic
> things like paths and so on need to be spelt out a bit better I think.
If I understand you correctly, you missed:
1) that qmail binaries aren't installed in /usr/local/bin, which is
generally already in a user's PATH.
Did you know about PATH?
2) that qmail's man pages aren't installed in /usr/man or /usr/local/man,
which have a very strong potential of being in the default MANPATH.
Did you know about MANPATH?
3) what was meant by a new-user template directory.
--
John White
[EMAIL PROTECTED]
PGP Public Key: http://www.triceratops.com/john/public-key.pgp
