qmail Digest 1 Mar 1999 11:00:00 -0000 Issue 566
Topics (messages 22533 through 22546):
qmail-verh-0.01.tar.gz (idiot-proof unsubscribe)
22533 by: "Fred Lindberg" <[EMAIL PROTECTED]>
checkpoppasswd permissions problems
22534 by: Paul Gregg <[EMAIL PROTECTED]>
vacation (yet again!)
22535 by: "Peter Samuel" <[EMAIL PROTECTED]>
22537 by: "Peter Samuel" <[EMAIL PROTECTED]>
qmail-pop3d problems
22536 by: Glenn <[EMAIL PROTECTED]>
beOS
22538 by: xs <[EMAIL PROTECTED]>
22539 by: Ludwig Pummer <[EMAIL PROTECTED]>
22546 by: Vince Vielhaber <[EMAIL PROTECTED]>
wildcarded users in virtualdomains?
22540 by: "Chris Garrigues" <[EMAIL PROTECTED]>
22542 by: "Chris Garrigues" <[EMAIL PROTECTED]>
queue summary
22541 by: "Peter Samuel" <[EMAIL PROTECTED]>
Spawn limit
22543 by: Balazs Nagy <[EMAIL PROTECTED]>
Next MX never used when best MX says 520
22544 by: Mads E Eilertsen <[EMAIL PROTECTED]>
22545 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
ftp://ftp.id.wustl.edu/pub/patches/qmail-verh-0.01.tar.gz
6f6a3cfaf7514790f8e63cd08d38c124 qmail-verh-0.01.tar.gz
This package contains two patches for qmail-1.03 + docs. The first
patch causes qmail-remote to replace '##L' with the recipient local
address and `##H' with the recipient host address. This can be used to
construct rfc2369 List-Unsubscribe etc headers that will always have
the correct subscription address. The second patch causes qmail-local
to
do a similar substitution. In this case, a VERP SENDER (ad modum ezmlm)
is required. This works for all delivery modes except program delivery.
See README in the package for more info.
To see what it looks like, subscribe to the [EMAIL PROTECTED] sublist
and look at the posts. You'll find a
List-unsubscribe: <mailto:[EMAIL PROTECTED]>
header.
Same for the daily [EMAIL PROTECTED]
Thanks to Fred Ringel for testing, and others for inspiring.
-Sincerely, Fred
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
Sorry - I just saw this by searching the newsgroup for my name....
In article <[EMAIL PROTECTED]> you wrote:
> This is really directed more toward Paul Gregg <[EMAIL PROTECTED]>, but I
> thought the whole list might get some benefit from my mistakes.
> I'm using your checkpoppasswd program derived from the checkpasswd of
> Jedi/Sector One. I've modified it by putting more intuitive messages into
> the syslog messages and got it working, authenticating users at one point,
> but now it's failing with the log message "Couldn't setgid (888)." I'm
> running qmail-pop3d.init with the uid and gid of the qmaild user (81 and 80
> respectively. It was originally root, but I thought that might be a security
> hazard and changed it to the same uid/gid of the other qmail servers. Is
> there a valid reason for having qmail-pop3d run as root? Is it because
> qmail-pop3d has to be able to delete files owned by others? I put qmaild into
> the popuser group (888) but it still failed at the same point.
> Anyone, please advise.
Looks like there is a bit of a mix up here...
You would normally run qmail-popup as root, which would then run checkpoppasswd
as root.
chechpoppasswd checks your password against the poppasswd file and ascertains
the userid and gid of the user which has just logged in. checkpoppasswd
then sets the uid/gid of itself to that user. In my single uid system the
uid/gid is always 888/888 (but the numbers are really up to you).
checkpopasswd then sets USER, HOME and SHELL and runs qmail-pop3d under the
uid of the logged in user.
Because the single UID system should always run as uid 888 then you can
happily run qmail-popup via tcpserver with -u888 -g888 if you wish.
I don't because there's no need to.
Paul.
On Fri, 26 Feb 1999, Samuel Dries-Daffner wrote:
>
> I tried the process below and gathered lots of env files. The first few
> times I did the mail from Outlook it actually worked, but thereafter it
> wouldn't. Also I tried from pine and it worked, every single time!!
>
> There are differences, as you point out in the ella.mills.edu and
> mills.edu, but these are resolved by local DNS...mail to and from both
> test acct and me, ( and everyone! ) resolves when using ella.mills.edu or
> mills.edu. I am inculding a few env's for your review. Thanks for your
> help!
What does the qmail log say about the failures?
Regards
Peter
----------
Peter Samuel [EMAIL PROTECTED]
Technical Consultant or at present:
Uniq Professional Services, [EMAIL PROTECTED]
a division of X-Direct Pty Ltd
Phone: +61 2 9206 3410 Fax: +61 2 9281 1301
"If you kill all your unhappy customers, you'll only have happy ones left"
On Sat, 27 Feb 1999 [EMAIL PROTECTED] wrote:
> On Fri, 26 Feb 1999, Peter Samuel wrote:
>
> > | env | sort -f > /var/tmp/env.$$
>
> Of course, you should sit down and ponder the risks for several minutes
> before using this command. If you are on a real multiuser system, you
> should better put the output into a private directory.
Agreed.
Regards
Peter
----------
Peter Samuel [EMAIL PROTECTED]
Technical Consultant or at present:
Uniq Professional Services, [EMAIL PROTECTED]
a division of X-Direct Pty Ltd
Phone: +61 2 9206 3410 Fax: +61 2 9281 1301
"If you kill all your unhappy customers, you'll only have happy ones left"
Your username is case sensitive in POP.
Telling Netscape: [EMAIL PROTECTED] is different
than telling it [EMAIL PROTECTED], even though
both point to the same email address.
-Glenn
<[EMAIL PROTECTED]>
On Fri, 26 Feb 1999, Niklas Alberth wrote:
> I decided to try qmail-pop3d, but can't get it to work.
>
> I'm using Mate Wierdls src.rpm packages for qmail and starts pop3d from his
> init script.
> I've created a qmail-pop3d.cdb in /etc/tcprules.d with 10.0.0.:allow in it.
> (my network at home).
>
> When I try to access my mail via a pop client (Netscape) I get an errorr
> message: authorization failed, type new password. And I'm sure that I've
> typed the right password.
>
> qmail is running on Redhat linux 2.2.1
>
> --Niklas
>
>
hey all, just thought i'd throw this quick blurb in here
(22:38:06)(root@blade)(~)# telnet mail.be.com 25
Trying 208.243.144.2...
Connected to be.be.com.
Escape character is '^]'.
220 mail.be.com ESMTP
help
214 qmail home page: http://pobox.com/~djb/qmail.html
quit
221 mail.be.com
Connection closed by foreign host.
Looks like they're qmail users. Horay!
end
\\ Greg Albrecht ([EMAIL PROTECTED]) \\
\\ Safari Internet (www.safari.net) \\
\\ 1-888-537-9550 ([EMAIL PROTECTED]) \\
At 07:36 PM 2/28/99 , xs wrote:
...
>220 mail.be.com ESMTP
>help
...
>214 qmail home page: http://pobox.com/~djb/qmail.html
>
>Looks like they're qmail users. Horay!
Anyone tried compiling qmail on BeOS? It's supposed to be POSIX compliant...
--Ludwig Pummer ( [EMAIL PROTECTED] ) ICQ UIN: 692441
On Sun, 28 Feb 1999, Ludwig Pummer wrote:
> At 07:36 PM 2/28/99 , xs wrote:
> ...
> >220 mail.be.com ESMTP
> >help
> ...
> >214 qmail home page: http://pobox.com/~djb/qmail.html
> >
> >Looks like they're qmail users. Horay!
>
> Anyone tried compiling qmail on BeOS? It's supposed to be POSIX compliant...
Dunno, but that mail machine's running *BSD.
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
I'm in the midst of a problem and I can't figure out how to have qmail help me
out of it.
I now have two mail systems in deepeddy.com: highdive.deepeddy.com is
co-located somewhere with real connectivity; backstroke.deepeddy.com is my
system here at home. I've got some mailing lists on deepend, but most mail
into the domain is for me on backstroke. I set things up so that the MX
records would all point at highdive and installed .qmail and .qmail-default
files in my directory there which forward my mail to backstroke.
There's a minor annoyance in that when I send mail to
[EMAIL PROTECTED] it gets bounced via the other system. This
minor annoyance just became a major annoyance because highdive is down. (It's
a free co-location in another city.) This means no mail to deepeddy.com is
working at all since it all points at the down system. It would be real nice
if mail to me here would work.
So, this is what I tried to do:
~alias/.qmail-makeitlocal:
| qmail-inject -f "$SENDER" -- "$[EMAIL PROTECTED]"
/var/qmail/control/virtualdomains:
[EMAIL PROTECTED]:makeitlocal
[EMAIL PROTECTED]:makeitlocal
and then fix the DNS to allow mail to get delivered to backstroke as well as
the now down highdive.
[EMAIL PROTECTED] does the right thing as do things like
[EMAIL PROTECTED], but it's annoying to have to create so many of these,
and it can't possibly catch dynamically generated addresses (like this one has
on it....you'd better either change the host to backstroke.deepeddy.com or
change the user to cwg-qmail if you expect me to see your reply).
So, how can I get my mail unwedged between now and when I get the highdive
fixed?
Chris
--
Chris Garrigues Deep Eddy Internet Consulting
+1 512 432 4046 609 Deep Eddy Avenue O-
http://www.DeepEddy.Com/~cwg/ Austin, TX 78703-4513
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
> From: Chris Garrigues <[EMAIL PROTECTED]>
> Date: Mon, 01 Mar 1999 00:29:49 -0600
>
> I'm in the midst of a problem and I can't figure out how to have qmail help
> me
> out of it.
>
> I now have two mail systems in deepeddy.com: highdive.deepeddy.com is
> co-located somewhere with real connectivity; backstroke.deepeddy.com is my
> system here at home. I've got some mailing lists on deepend, but most mail
>
> into the domain is for me on backstroke. I set things up so that the MX
> records would all point at highdive and installed .qmail and .qmail-default
>
> files in my directory there which forward my mail to backstroke.
>
> There's a minor annoyance in that when I send mail to
> [EMAIL PROTECTED] it gets bounced via the other system. Th
> is
> minor annoyance just became a major annoyance because highdive is down. (I
> t's
> a free co-location in another city.) This means no mail to deepeddy.com is
>
> working at all since it all points at the down system. It would be real ni
> ce
> if mail to me here would work.
>
> So, this is what I tried to do:
>
> ~alias/.qmail-makeitlocal:
>
> | qmail-inject -f "$SENDER" -- "$[EMAIL PROTECTED]"
>
> /var/qmail/control/virtualdomains:
>
> [EMAIL PROTECTED]:makeitlocal
> [EMAIL PROTECTED]:makeitlocal
>
> and then fix the DNS to allow mail to get delivered to backstroke as well a
> s
> the now down highdive.
>
> [EMAIL PROTECTED] does the right thing as do things like
> [EMAIL PROTECTED], but it's annoying to have to create so many of thes
> e,
> and it can't possibly catch dynamically generated addresses (like this one
> has
> on it....you'd better either change the host to backstroke.deepeddy.com or
> change the user to cwg-qmail if you expect me to see your reply).
>
> So, how can I get my mail unwedged between now and when I get the highdive
> fixed?
Never mind. I was clearly making things much to complicated. Solved the
problem...now I just need the DNS to propagate.
Chris
--
Chris Garrigues Deep Eddy Internet Consulting
+1 512 432 4046 609 Deep Eddy Avenue O-
http://www.DeepEddy.Com/~cwg/ Austin, TX 78703-4513
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
On Mon, 1 Mar 1999, Anand Buddhdev wrote:
> On Fri, Feb 26, 1999 at 12:47:33PM +1100, Peter Samuel wrote:
>
> Hello Peter. I have one more suggestion for your program. It expects to
> read the queue by opening a pipe to /var/qmail/bin/qmail-qread. On my
> system I have qmail installed in /usr/local/qmail, so I had to change that
> setting by hand. Perhaps you can make the location of qmail-qread a variable,
> so that in case your script grows, it will not require too many changes.
Eventually these will be Makefile variables - set it once and all of
the programs will know where to find qmail binaries.
>
> Your script is nice and useful. I'd also like to see your other scripts,
> ie. qstatus.
Follows:
Regards
Peter
----------
Peter Samuel [EMAIL PROTECTED]
Technical Consultant or at present:
Uniq Professional Services, [EMAIL PROTECTED]
a division of X-Direct Pty Ltd
Phone: +61 2 9206 3410 Fax: +61 2 9281 1301
"If you kill all your unhappy customers, you'll only have happy ones left"
###########################################################################
#!/usr/local/bin/perl -w
use strict;
die("Only the superuser can run this program\n") if $>;
$| = 1;
my $one_shot = 0;
my $queued;
my $unprocessed;
my $locals;
my $remotes;
my $remoteprocs;
my $localprocs;
my $tcpto;
my $loadavg;
my $concurrencylocal;
my $concurrencyremote;
$one_shot = scalar @ARGV;
print << "EOF";
queue recipients processes tcpto load
processed/unprocessed local/remote local/remote ips avg
EOF
my $count = 0;
my @dial = ("|", "/", "-", "\\");
while (1)
{
$concurrencylocal = &getconcurrencylocal;
$concurrencyremote = &getconcurrencyremote;
&getstats;
if ($one_shot)
{
print "\n";
exit(0);
}
sleep(10);
}
sub getstats
{
my($sig) = @_;
$unprocessed = 0;
$locals = 0;
$remotes = 0;
$remoteprocs = 0;
$localprocs = 0;
$tcpto = 0;
++$count;
&qstat;
&qread;
&processes;
&tcpto;
&uptime;
printf("%s %9d %11d %5d %6d %2d/%-2d %2d/%-2d %5d %5.2f\r",
$dial[$count % 4],
$queued,
$unprocessed,
$locals,
$remotes,
$localprocs,
$concurrencylocal,
$remoteprocs,
$concurrencyremote,
$tcpto,
$loadavg
);
}
sub processes
{
open(PS, "ps -ef 2>/dev/null |");
while(<PS>)
{
++$remoteprocs if (/qmail-remote/);
++$localprocs if (/qmail-local/);
}
close(PS);
}
sub qread
{
my @f;
open(QREAD, "/var/qmail/bin/qmail-qread 2>/dev/null |");
while(<QREAD>)
{
chomp;
@f = split(' ');
++$remotes if ($f[0] eq "remote");
++$locals if ($f[0] eq "local");
}
close(QREAD);
}
sub qstat
{
my @f;
open(QSTAT, "/var/qmail/bin/qmail-qstat 2>/dev/null |");
while(<QSTAT>)
{
chomp;
@f = split(' ');
$queued = $f[3] if (/queue:/);
$unprocessed = $f[7] if (/not yet/);
}
close(QSTAT);
}
sub tcpto
{
open(TCPTO, "/var/qmail/bin/qmail-tcpto 2>/dev/null |");
while(<TCPTO>)
{
chomp;
++$tcpto;
}
close(TCPTO);
}
sub uptime
{
my @f;
open(UPTIME, "uptime 2>/dev/null |");
while(<UPTIME>)
{
chomp;
s/\s//g;
@f = split(/,/);
@f = split(/:/, $f[3]);
$loadavg = $f[1];
}
}
sub getconcurrencylocal
{
my $file = "/var/qmail/control/concurrencylocal";
my $default = 10;
my $value;
if (
-e $file
&&
-f $file
&&
-r $file
)
{
open(LOCAL, "$file");
while (<LOCAL>)
{
chomp;
$value = $_;
}
close(LOCAL);
return $value if ($value =~ /^\d+$/);
return $default;
}
else
{
return $default;
}
}
sub getconcurrencyremote
{
my $file = "/var/qmail/control/concurrencyremote";
my $default = 20;
my $value;
if (
-e $file
&&
-f $file
&&
-r $file
)
{
open(LOCAL, "$file");
while (<LOCAL>)
{
chomp;
$value = $_;
}
close(LOCAL);
return $value if ($value =~ /^\d+$/);
return $default;
}
else
{
return $default;
}
}
Hiyas,
Why the spawn limit is hardcoded to 255? Gives this some performance lost?
Or this is just for lower load? I hope not the second one.
Regards: Kevin (Balazs)
--
#!/usr/bin/perl -export-a-crypto-system-sig -http://dcs.ex.ac.uk/~aba/rsa
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
I can't get mail delivered to a specific domain. The messages just
stay in the queue.
DNS says
domain MX 0 host1
domain MX 10 host2
host1 says
520 Connection not authorised from this address.
qmail connects to host1 and says
deferral: Connected_to_N.N.N.N_but_greeting_failed./...
qmail seemingly never tries host2.
The administrators of domain says
- this setup is intentional (sort of firewall/spam control)
- why isn't your mailer using the second-best MX?
- others have reported this too. They use qmail too.
What's wrong here? The error code? qmail?
Mads
- Mads E Eilertsen <[EMAIL PROTECTED]>:
| I can't get mail delivered to a specific domain. The messages just
| stay in the queue.
|
| DNS says
| domain MX 0 host1
| domain MX 10 host2
|
| host1 says
| 520 Connection not authorised from this address.
|
| qmail connects to host1 and says
| deferral: Connected_to_N.N.N.N_but_greeting_failed./...
|
| qmail seemingly never tries host2.
|
| The administrators of domain says
| - this setup is intentional (sort of firewall/spam control)
| - why isn't your mailer using the second-best MX?
| - others have reported this too. They use qmail too.
|
| What's wrong here? The error code? qmail?
I would say that error code is an abuse of the domain naming system.
According to RFC 974, senders are only required to try the
lowest-preference MX(s) before giving up. Thus, a domain that expects
to be able to reliably receive mail, *must* have its lowest priority
MX set up to accept mail most of the time.
Instead of abusing the DNS MX records as they do, this domain should
set up explicit routes from their MX hosts to the final destination
without involving the DNS in this.
The qmail strategy is to only go on beyond the primary MX(s) if
connection to its (or their) SMTP port fails. This is not a violation
of any RFC as far as I know, though the wisdom of this approach is a
bit controversial.
- Harald
