qmail Digest 3 Mar 1999 11:00:00 -0000 Issue 568
Topics (messages 22581 through 22622):
Parsing all OUTGOING messages
22581 by: Andrew Richards <[EMAIL PROTECTED]>
22582 by: "Alex Shipp" <[EMAIL PROTECTED]>
22589 by: Kai MacTane <[EMAIL PROTECTED]>
full mail partition
22583 by: Anand Buddhdev <[EMAIL PROTECTED]>
22584 by: Russell Nelson <[EMAIL PROTECTED]>
22585 by: Krzysztof Dabrowski <[EMAIL PROTECTED]>
how to check supervise is running, from scripts
22586 by: Mate Wierdl <[EMAIL PROTECTED]>
DNS & /etc/hosts
22587 by: Florent Guillaume <[EMAIL PROTECTED]>
22588 by: "Timothy L. Mayo" <[EMAIL PROTECTED]>
22592 by: Mark Delany <[EMAIL PROTECTED]>
unsubscribe...
22590 by: Dino Di Stefano <[EMAIL PROTECTED]>
POP3: Connection reset by peer
22591 by: Jere Cassidy <[EMAIL PROTECTED]>
qmail strangeness
22593 by: Bill Parker <[EMAIL PROTECTED]>
22594 by: Mark Delany <[EMAIL PROTECTED]>
ezmlm with Postfix
22595 by: Michael Graff <[EMAIL PROTECTED]>
22596 by: Mark Delany <[EMAIL PROTECTED]>
Second attempt - rewriting outgoing mail addresses
22597 by: "Martin Green" <[EMAIL PROTECTED]>
22599 by: Mate Wierdl <[EMAIL PROTECTED]>
22607 by: "D. J. Bernstein" <[EMAIL PROTECTED]>
ofmipd to rewrite return-path header
22598 by: "D. J. Bernstein" <[EMAIL PROTECTED]>
22601 by: James Smallacombe <[EMAIL PROTECTED]>
22602 by: Mate Wierdl <[EMAIL PROTECTED]>
22604 by: James Smallacombe <[EMAIL PROTECTED]>
22606 by: Mate Wierdl <[EMAIL PROTECTED]>
fastforward weirdness...
22600 by: "D. J. Bernstein" <[EMAIL PROTECTED]>
request: 822body
22603 by: Mate Wierdl <[EMAIL PROTECTED]>
max concurrency remote
22605 by: Tracy R Reed <[EMAIL PROTECTED]>
22613 by: Anand Buddhdev <[EMAIL PROTECTED]>
22617 by: Balazs Nagy <[EMAIL PROTECTED]>
SMTP proxies for Windows
22608 by: "D. J. Bernstein" <[EMAIL PROTECTED]>
22609 by: Mark Delany <[EMAIL PROTECTED]>
22610 by: "Sam" <[EMAIL PROTECTED]>
22611 by: Scott Schwartz <[EMAIL PROTECTED]>
22614 by: "Roman V. Isaev" <[EMAIL PROTECTED]>
22615 by: Russ Allbery <[EMAIL PROTECTED]>
22616 by: Scott Schwartz <[EMAIL PROTECTED]>
22618 by: Richard Letts <[EMAIL PROTECTED]>
22621 by: "Roman V. Isaev" <[EMAIL PROTECTED]>
22622 by: Russ Allbery <[EMAIL PROTECTED]>
qmail failure w/qmail.init
22612 by: Bill Parker <[EMAIL PROTECTED]>
Off topic: Open relay
22619 by: "Petr Novotny" <[EMAIL PROTECTED]>
22620 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Hi,
This is something I'd be interested in too - and I suspect
others on the list, so please don't take the discussion "Offline".
I was looking at exactly this a while back, with a view to
manipulating E-mail messages to add e.g. "This E-mail
brought to you by... etc.". I didn't look in depth, but a
couple of issues I noticed were,
- What to do with multipart messages
- What to do with non-plaintext messages
which meant that my thoughts ended up being
directed towards only "text/plain" messages, and
avoiding 'Messing' with anything else for fear of
corrupting someone's mail.
The fact that at the time I was looking at implementing
this on a sendmail-based system meant that I never
actually got anywhere. Qmail looks so much easier,
however...
cheers,
Andrew Richards.
----------
From: Jacek Czerwinski[SMTP:[EMAIL PROTECTED]]
Sent: Dienstag, 02. M=E4rz 1999 00,15
To: [EMAIL PROTECTED]
Subject: Re: Parsing all OUTGOING messages
> I want to either add a line to the bottom of every outgoing message or
edit
> the subject line of everyoutgoing message.
>=20
> I want all incoming messages to be left alone,
>=20
> Where should I place a program in the stream to parse all outoging
messages
> and edit the subject or maybe and an organization tag line to the end =
of
a
> message?
>=20
> Any suggestions?
I use a serialmail packet (www.qmail.org) like in 'howto' and parse &
rewrite all messages in normal ppp-alias Maildir (external loop in =
shell,
message parser in perl). Basic qmail structure is unmodified.
If You don't use serialmail, you need to modify qmail 'kernel' modules. =
If
You do, I am very interesting, please mail me. I think, DJB will don't =
like
it ;-)
>I was looking at exactly this a while back, with a view to
>manipulating E-mail messages to add e.g. "This E-mail
>brought to you by... etc.". I didn't look in depth, but a
>couple of issues I noticed were,
>- What to do with multipart messages
>- What to do with non-plaintext messages
>which meant that my thoughts ended up being
>directed towards only "text/plain" messages, and
>avoiding 'Messing' with anything else for fear of
>corrupting someone's mail.
Try this: if its a singlepart mail, add at the end. If it's
multipart, add just before the 2nd boundary (optionally add before
the 1st as well, to catch those email clients who don't understand multipart).
However, if that message part is not text, do nothing.
Also, if the message is encrypted or digitally signed, do nothing
Alex
______________________________________________________________________
This message has been checked for viruses by the Star Screening System
http://www.star.co.uk
Text written by Andrew Richards at 11:36 AM 3/2/99 +0100:
>
>I was looking at exactly this a while back, with a view to
>manipulating E-mail messages to add e.g. "This E-mail
>brought to you by... etc.". I didn't look in depth, but a
>couple of issues I noticed were,
> - What to do with multipart messages
> - What to do with non-plaintext messages
>which meant that my thoughts ended up being
>directed towards only "text/plain" messages, and
>avoiding 'Messing' with anything else for fear of
>corrupting someone's mail.
That's a good way to stay safe. My quick thought on multipart messages, at
least, is: find the last part of type text/plain and place your special
footer at the end of that.
It also would probably not be too hard to throw in a little extra code to
place an equivalent-but-formatted version at the end of a text/html part. I
suspect that messages that contain neither text/plain nor text/html parts
constitute less than .1% of traffic on most systems.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
drool-proof paper /n./
Documentation that has been obsessively dumbed down, to the point
where only a cretin could bear to read it, is said to have succumbed
to the `drool-proof paper syndrome' or to have been `written on
drool-proof paper'. For example, this is an actual quote from
Apple's LaserWriter manual: "Do not expose your LaserWriter to open
fire or flame."
Sorry for being off-topic, but I have a small crisis on my hands. I've just
been handed the administration of a machine, and its /var/mail containing
mbox files is 100% full. qpopper is unable to make temporary drop copies
for users POPping email. I know there are many mailboxes with old messages
in them. Does anyone know of a script which will let me expire old message
automatically on these mailboxes?
TIA.
--
See complete headers for address, homepage and phone numbers
Anand Buddhdev writes:
> Sorry for being off-topic, but I have a small crisis on my hands. I've just
> been handed the administration of a machine, and its /var/mail containing
> mbox files is 100% full. qpopper is unable to make temporary drop copies
> for users POPping email. I know there are many mailboxes with old messages
> in them. Does anyone know of a script which will let me expire old message
> automatically on these mailboxes?
Unfortunately, no. You can back-date the info file past
queuelifetime, and qmail will bounce that mail, but bouncing requires
the ability to inject a bounce. I'd suggested to Dan that a timestamp
in the early 1970's should be interpreted as a request to discard the
mail, but I never heard back from him. It's easy to implement, but
I'd rather everyone get the benefit of it.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
At 14:00 99-03-02 +0000, Russell Nelson wrote:
>Anand Buddhdev writes:
> > Sorry for being off-topic, but I have a small crisis on my
hands. I've just
> > been handed the administration of a machine, and its /var/mail
containing
> > mbox files is 100% full. qpopper is unable to make temporary
drop copies
> > for users POPping email. I know there are many mailboxes with
old messages
> > in them. Does anyone know of a script which will let me expire
old message
> > automatically on these mailboxes?
>
>Unfortunately, no. You can back-date the info file past
heh. unfortunately YES ;)
I've sent it to Anand in private mail, but i see that it can be of some
interest for others on the list:
read about it at:
http://ct.us.mirrors.freshmeat.net/appindex/1999/02/04/918130316.html
or download it imediately at;
ftp://ftp.signum.se/pub/misc/garbmail/garbmail-1.0.tar.gz
This should solve all you problems.
Kris
On Tue, Mar 02, 1999 at 02:37:34PM +0000, Martijn Koster wrote:
> My questions are:
> - what methods are other people using to check up on supervise?
> - is it worth including this functionality in the base distribution,
> using esvc or some other mechanism?
>From daemontools-2.0:
man supervise
[...]
OPTIONS
[...]
-cnumber
number is between 1 and 255, and it signifies the number of
supervise in a supervise chain in which each supervise supervises
the previous supervise (in the supervise chain). The upper limit,
255, can be changed with the -l flag. By default, each supervise
in the chain supervises in dir/n, where n is the position of the
supervise in the chain. If number is 1, then the subdirectory 1
is omitted.
-llimit
The maximum number of supervise that can be started in a supervise
chain. Default is 255.
-S supervise supervises itself as well as program. By default, a
selfsupervising supervise supervises in dir/self.
-Z same as -S but no program is supervised; only supervise supervises
itself.
[...]
Mate
(PGP-sig card: just kidding with no malicious intent)
Jacek Czerwinski wrote:
>
> qmail MUST have DNS (caching named plus LAN adresses ?), q. don't use
> /etc/hosts.
Surely you mean that qmail uses the resolver, who in turn may use the
DNS ? Or does qmail make direct DNS requests ?
Because this is quite different, the resolver may be configured to
look at /etc/hosts first and then use the DNS if it doesn't find an
answer.
Anyone ?
Florent
On Tue, 2 Mar 1999, Florent Guillaume wrote:
> Jacek Czerwinski wrote:
> >
> > qmail MUST have DNS (caching named plus LAN adresses ?), q. don't use
> > /etc/hosts.
>
> Surely you mean that qmail uses the resolver, who in turn may use the
> DNS ? Or does qmail make direct DNS requests ?
>
No, qmail does NOT use the resolver. Yes it makes direct DNS requests.
> Because this is quite different, the resolver may be configured to
> look at /etc/hosts first and then use the DNS if it doesn't find an
> answer.
qmail NEVER uses /etc/hosts, period. It only uses DNS, regardless of how
you have set up your resolver. The only way to override the use of DNS is
by using /var/qmail/control/smtproutes.
>
> Anyone ?
>
>
> Florent
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Administrator
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
At 10:58 AM 3/2/99 -0500, Timothy L. Mayo wrote:
>On Tue, 2 Mar 1999, Florent Guillaume wrote:
>
>> Jacek Czerwinski wrote:
>> >
>> > qmail MUST have DNS (caching named plus LAN adresses ?), q. don't use
>> > /etc/hosts.
>>
>> Surely you mean that qmail uses the resolver, who in turn may use the
>> DNS ? Or does qmail make direct DNS requests ?
>>
>
>No, qmail does NOT use the resolver. Yes it makes direct DNS requests.
I don't think that's right. After all, if qmail were to contact a name
server directly, how are we telling it which ones? I see nothing in
/var/qmail/control that talks about addresses for name servers.
The correct answer is that qmail *does* use the resolver libraries for at
least two reasons:
1. The code
$ grep res_ *.c
dns.c:extern int res_query();
dns.c:extern int res_search();
dns.c:static int (*lookup)() = res_query;
dns.c: res_init();
dns.c: if (flagsearch) lookup = res_search;
2. Comments in THOUGHTS suggesting that Dan may one day write his own
resolver library to avoid using the system-supplied one.
Regards.
unsubscribe.
Hello all,
I've got the following problem that has started occuring recently.
(To the best of my knowledge, nothing major has changed). It seems to
be happing more and more frequently.
If I have a group of messages in Maildir/new (say 10 messages) and
number 8 is large ( ~4 MB or so) when retrieving mail, my client will
get past number 8 and then say "Connection reset by peer". The client
will think that it didnt get the messages and begin downloading again.
I have verified this through a telnet connection to pop3 port. The
weird thing is at the end of the large message I will see:
retr 8
asdjkfhalsdjkhflasjkhdfljkasdhfklasjhfklashdflkjasdhlkfjhasdlkjfhsdklajhf
aljkhdsfklajshf0789234092874kljahsdflkahfo3789409872308497asldfl
.
indicating that the message is done. When i try to do a retr 9, I get a
"connection lost" message. I can only assume that my mail clients are
experiencing the same thing.
The weird thing is that this appears to happen on all of our servers. I
was thinking that this was a quota issue, but some of the people that
have experienced the problem have unlimited quotas. I understand that
if I login via pop3, the process runs as me, and if it creates a temp
file for big messages, I may be over my quota. Fortunately my quota is
a few GB, disk space seems fine... so I am unsure what is the cause of
these problems.
Any help would be appreciated.
--
------------------------------------------------------------------------
// Jere Cassidy - System Administration - D&E SuperNet
email: [EMAIL PROTECTED] phone: (717)738-7054
web: http://www.desupernet.net/jere
pager/pcs: [EMAIL PROTECTED] - (717)203-0042
~~~ "While sowing the seeds of Utopia,
you invoked a convenient amnesia" -BR ~~~
------------------------------------------------------------------------
Hello All,
I am running qmail v1.03, but when I try to telnet to my SMTP port
(25) it takes upwards of 60 seconds or more to respond. Does anyone have
an idea as to what could be wrong? I am using tcpserver to control qmail's
control
-Bill
You might want to look into the -H and -R options associated with tcpserver.
Naturally you'll want to ensure they are relevant before using them.
Regards.
At 01:18 PM 3/2/99 -0800, Bill Parker wrote:
>Hello All,
>
> I am running qmail v1.03, but when I try to telnet to my SMTP port
>(25) it takes upwards of 60 seconds or more to respond. Does anyone have
>an idea as to what could be wrong? I am using tcpserver to control qmail's
>control
>
>-Bill
>
>
>
I'm considering switching to Postfix. The reasons are long, so I
won't go into that here.
The thing is I have several hundred ezmlm maintained mailing lists at
this point.
Has anyone hacked ezmlm to be driven from and drive Postfix rather
than QMail?
--Michael
No can do until postfix directly supports VERP. This has been discussed on
the
postfix list I believe.
The particular features that ezmlm uses are discussed in the QMAIL EXTENSIONS
sections of addresses(5).
Regards.
At 15:37 2/03/99 -0800, Michael Graff wrote:
>
>I'm considering switching to Postfix. The reasons are long, so I
>won't go into that here.
>
>The thing is I have several hundred ezmlm maintained mailing lists at
>this point.
>
>Has anyone hacked ezmlm to be driven from and drive Postfix rather
>than QMail?
>
>--Michael
>
>
Hi all,
A week or two ago, I posted a message asking if it was possible
to rewrite outgoing mail. The problem is that I belong to
two organisations, with exclusive sets of recipients for each
organisation. I would like to ensure that an outgoing message
always has the correct from address, based on which set the
recipient belongs to.
In other words
If I mail [EMAIL PROTECTED]
- the message should be from [EMAIL PROTECTED]
If I mail [EMAIL PROTECTED]
- the message should be from [EMAIL PROTECTED]
Note that this should work for replies to - if fred mails me, and
I reply, it must correctly drop in my 'fruitconsultants' ID.
I am quite happy to maintain a mapping of recipient domains and
the corresponding from addresses in an ascii file..
--
My last message generated a couple of replies, both stating a) that
this is an MUA problem b) I should look at Mutt and c) why on earth
am I using Outlook...
Well:
a. I don't believe it's an MUA problem, because the mapping as described
applies to my assistant as much as myself, and maybe to other employees.
Moreover, I want the process automated. Using a client that relies on my
remembering to switch identity before accessing messages is far too
error-prone.
b. I can't seem to find Mutt on the PC, and I don't want a character-mode
client thanks.
c. Even if outlook breaks every RFC in the book, it still has a semi-decent
integrated contacts database, which I particularly appreciate.
--
So - how do I modify the Qmail suite to allow me to examine the To address
of an outgoing message and fixup the reply address??
Any suggestions?
Thanks
Martin Green
What was wrong with the following (admittedly not hightech) solution:
(it is assumed that the local host is bbconsult.co.uk, and do the
substitutions
somewhereelse.co.uk -> fruitconsultants.co.uk
dom -> bannas
)
Do you have more than one domain you need to use these mappings?
Date: Tue, 23 Feb 1999 22:55:08 CST
To: "Martin Green" <[EMAIL PROTECTED]>
cc: [EMAIL PROTECTED]
From: Mate Wierdl <mw>
Subject: Re: Filtering outgoing mail
In-Reply-To: Message from "Martin Green" <[EMAIL PROTECTED]>
of "Wed, 24 Feb 1999 00:29:05 GMT." <000b01be5f8c$afd49f80$210be83e@de
***v>
Why not set up, for each domain an alias, and then do the filtering in
the alias file. This would mean though that even if you reply to a
message, you would need to send the message to the alias.
Here is what I mean. For the domain dom.com, (for which you want to
appear as [EMAIL PROTECTED]), create the file
~martin/.qmail-dom-default
with (all on one line)
|reformail -I"From: [EMAIL PROTECTED]"
-I"Reply-To: [EMAIL PROTECTED]" |
forward $[EMAIL PROTECTED]
This would make sure that if you address a message to martin-dom-joe,
then it will be forwarded to [EMAIL PROTECTED] with the From: and the Reply-To:
appropriately rewritten.
If it is a concern, you can always rewrite the To: header as well
adding
-I"To: $[EMAIL PROTECTED]"
This is not perfect, since maybe you are cc-ing a message to
[EMAIL PROTECTED]
reformail is part of the maildrop package.
Mate
Martin Green writes:
> If I mail [EMAIL PROTECTED]
> - the message should be from [EMAIL PROTECTED]
> If I mail [EMAIL PROTECTED]
> - the message should be from [EMAIL PROTECTED]
What if you send a message to both of them?
What if you send a message to a mailing list that they're both on?
What if one of them forwards a message from you to a mailing list that
the other one is on?
> Note that this should work for replies to - if fred mails me, and
> I reply, it must correctly drop in my 'fruitconsultants' ID.
What if you reply to fred's message, sending a copy to a third party?
Should the third party see your fruitconsultants address too?
What if fred sends a message to your fruitconsultants address from a new
address of his own? If you reply, should he see your fruitconsultants
address?
Presumably you want to use your fruitconsultants address whenever you're
reading your fruitconsultants mailbox. Your MUA knows which mailbox
you're reading. Your MTA does not.
If, for some reason, you really do want qmail to rewrite outgoing
messages to selected addresses, you can feed those messages through an
ofmipd gateway. See http://pobox.com/~djb/mess822.html.
---Dan
FastWeb writes:
> What is the syntax for the name.cdb file to re-write a
> from or return-path header?
See the ofmipname man page:
# From: "Joe Shmoe" <[EMAIL PROTECTED]>
[EMAIL PROTECTED]:Joe Shmoe:[EMAIL PROTECTED]:
There's no support for wildcards. If a user's MUA isn't smart enough to
put together an RFC 822 header then presumably it's limited to a small
number of preconfigured return paths.
> Also: is it possible to rewrite the Return-Path header
> and not touch the From header?
No. Why would a user want that?
---Dan
On 3 Mar 1999, D. J. Bernstein wrote:
> > Also: is it possible to rewrite the Return-Path header
> > and not touch the From header?
>
> No. Why would a user want that?
Well, for one, a user that's subscribed to an ezmlm mailing list that has
posts restricted to subscribers might want to be able to post from
envelope sender "[EMAIL PROTECTED]" as well as
[EMAIL PROTECTED] this has been driving alot of people nuts.
James Smallacombe Internet Access for The Delaware
[EMAIL PROTECTED] Valley in PA, NJ and DE
PlantageNet Internet Ltd. http://www.pil.net
=====================================================================
ISPF 2.0b, The Forum for ISPs by ISPs. San Diego, CA, March 8-10 '99
Three days of clues, news, and views from the industry's best and
brightest. http://www.ispf.com for information and registration.
=====================================================================
On 3 Mar 1999, D. J. Bernstein wrote:
> > Also: is it possible to rewrite the Return-Path header
> > and not touch the From header?
>
> No. Why would a user want that?
Well, for one, a user that's subscribed to an ezmlm mailing list that has
posts restricted to subscribers might want to be able to post from
envelope sender "[EMAIL PROTECTED]" as well as
[EMAIL PROTECTED] this has been driving alot of people nuts.
So then why not rewrite the From: header as well. The messages are
sent to the envelope address anyways.
BTWY, under ezmlm-idx, it is possible to use several envelope
addresses using allow.
Mate
On Tue, 2 Mar 1999, Mate Wierdl wrote:
> On 3 Mar 1999, D. J. Bernstein wrote:
>
> > > Also: is it possible to rewrite the Return-Path header
> > > and not touch the From header?
> >
> > No. Why would a user want that?
>
> Well, for one, a user that's subscribed to an ezmlm mailing list that has
> posts restricted to subscribers might want to be able to post from
> envelope sender "[EMAIL PROTECTED]" as well as
> [EMAIL PROTECTED] this has been driving alot of people nuts.
>
> So then why not rewrite the From: header as well. The messages are
> sent to the envelope address anyways.
Sorry, I just don't follow you here...
> BTWY, under ezmlm-idx, it is possible to use several envelope
> addresses using allow.
This does not scale when you're admin'ing dozens of lists with thousands
of subscribers, as I am.
James Smallacombe Internet Access for The Delaware
[EMAIL PROTECTED] Valley in PA, NJ and DE
PlantageNet Internet Ltd. http://www.pil.net
=====================================================================
ISPF 2.0b, The Forum for ISPs by ISPs. San Diego, CA, March 8-10 '99
Three days of clues, news, and views from the industry's best and
brightest. http://www.ispf.com for information and registration.
=====================================================================
On Tue, Mar 02, 1999 at 08:42:02PM -0500, James Smallacombe wrote:
> On Tue, 2 Mar 1999, Mate Wierdl wrote:
>
> > On 3 Mar 1999, D. J. Bernstein wrote:
> >
> > > > Also: is it possible to rewrite the Return-Path header
> > > > and not touch the From header?
> > >
> > > No. Why would a user want that?
> >
> > Well, for one, a user that's subscribed to an ezmlm mailing list that has
> > posts restricted to subscribers might want to be able to post from
> > envelope sender "[EMAIL PROTECTED]" as well as
> > [EMAIL PROTECTED] this has been driving alot of people nuts.
> >
> > So then why not rewrite the From: header as well. The messages are
> > sent to the envelope address anyways.
>
> Sorry, I just don't follow you here...
Original header
return-path: [EMAIL PROTECTED]
From:[EMAIL PROTECTED]
Joe is subscribed as [EMAIL PROTECTED], so want
return-path: [EMAIL PROTECTED]
From:[EMAIL PROTECTED]
so what is wrong with
return-path: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
>
> > BTWY, under ezmlm-idx, it is possible to use several envelope
> > addresses using allow.
>
> This does not scale when you're admin'ing dozens of lists with thousands
> of subscribers, as I am.
You are not maintaining allow---users send a message to an appropriate
address.
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
[EMAIL PROTECTED] writes:
> haha: hehe, hihi
Messages to haha are forwarded to hehe@defaultdomain and
hihi@defaultdomain.
> hehe: jijisa
> hihi: jijisa, airheech
fastforward doesn't know whether your hehe and hihi wildcards cover
hehe@defaultdomain and hihi@defaultdomain. Presumably you want explicit
aliases for hehe@defaultdomain and hihi@defaultdomain.
---Dan
It seemed that people several times requested features that required
separately parsing the body of a message.
So as a counterpart to 822header, it would be great to have 822body as
well.
Thx
mate
Could someone refresh my memory why the maximum value for concurrencyremote is
255? I searched the archives and found where people said this but I didn't
find out why the limit is 255. No matter what I do I can't squeeze out more
than 254 concurrent qmail-remote's. Running multiple qmail queues will get me
by for now, I'm just curious as to what limits it.
--
Tracy Reed http://www.ultraviolet.org
What's nice about GUI is that you see what you manipulate.
What's bad about GUI is that you can only manipulate what you see.
On Tue, Mar 02, 1999 at 05:43:52PM -0800, Tracy R Reed wrote:
AFAIK, it's something about the concurrency variable being 8 bits long, and
8 bits allow 256 possible values (from 0-255).
> Could someone refresh my memory why the maximum value for concurrencyremote is
> 255? I searched the archives and found where people said this but I didn't
> find out why the limit is 255. No matter what I do I can't squeeze out more
> than 254 concurrent qmail-remote's. Running multiple qmail queues will get me
> by for now, I'm just curious as to what limits it.
--
See complete headers for address, homepage and phone numbers
On Wed, 3 Mar 1999, Anand Buddhdev wrote:
> On Tue, Mar 02, 1999 at 05:43:52PM -0800, Tracy R Reed wrote:
>
> AFAIK, it's something about the concurrency variable being 8 bits long, and
> 8 bits allow 256 possible values (from 0-255).
there's in auto_spawn.c:
int auto_spawn = 255;
AFAIK int isn't 8 bits long. BTW I had asked it a day or two before.
--
Regards: Kevin (Balazs)
Glenn writes:
> What's needed for Windows is a simple, but configurable program that
> runs on the user's machine and listens to localhost:25.
Right. MUAs can use 127.0.0.1:25 (and 127.0.0.1:110) by default. An ISP
can supply its favorite proxy program, including configuration, directly
to the users. Some benefits:
* Users won't have to type in server addresses.
* ISPs won't have to explain how to configure different MUAs.
* MUAs won't have to deal with different ISP authentication systems.
Today's proxies could provide authenticated mail submission for roaming
users. Tomorrow's proxies could support backup servers, faster message
injection, and maybe even strong encryption.
---Dan
At 04:22 3/03/99 -0000, D. J. Bernstein wrote:
>Glenn writes:
>> What's needed for Windows is a simple, but configurable program that
>> runs on the user's machine and listens to localhost:25.
>
>Right. MUAs can use 127.0.0.1:25 (and 127.0.0.1:110) by default. An ISP
>can supply its favorite proxy program, including configuration, directly
>to the users.
Doesn't scale particularly well for the plethora of people that use multiple
ISPs or roam. Unless the supplied program is in fact common, then why not
have this common code in the UA in the first place?
I've always had a soft spot for a "special" domain, call it .local
smtp.local, news.local, pop3.local, www.local, whatever, where the current
name server supplies local addresses for .local queries.
Given that PPP, eg, provides the ability to exchange name server addresses,
it provides a fully boot-strappable environment.
Regards.
Mark Delany writes:
> At 04:22 3/03/99 -0000, D. J. Bernstein wrote:
> >Glenn writes:
> >> What's needed for Windows is a simple, but configurable program that
> >> runs on the user's machine and listens to localhost:25.
> >
> >Right. MUAs can use 127.0.0.1:25 (and 127.0.0.1:110) by default. An ISP
> >can supply its favorite proxy program, including configuration, directly
> >to the users.
>
> Doesn't scale particularly well for the plethora of people that use multiple
> ISPs or roam. Unless the supplied program is in fact common, then why not
> have this common code in the UA in the first place?
Actually, this does seem to me to be the perfect answer to those who insist
that they must keep their relays open in order to cater to their roaming
customers.
>From now on, my standard answer will be exactly that: provide your customer
with a port 25 proxy that authenticates his IP address using whatever
method you feel is convenient, and then simply does a pass through to your
own port 25.
I don't see the argument re multiple ISPs. After all, the claim is that the
stupid user is too stupid to properly configure his mail client, and he
wants to have the same configuration no matter which ISP he's dialed into,
and his stupid mail client doesn't check mail via POP before trying to send
mail, so pop-before-transmit won't work.
Okee-dokee. Configure his mail client to connect to 127.0.0.1 port 25, and
provide him with a custom-made proxy that transparently forwards to your
port 25 after authenticating itself, somehow.
--
Sam
"Sam" <[EMAIL PROTECTED]> writes:
| Okee-dokee. Configure his mail client to connect to 127.0.0.1 port 25,
Actually, a really good proxy would be able to stick that info right
into the MUA's config file. For popular ones that's probably doable as
such, and in any case it underscores that applications should have
programmatic interfaces so that they can be driven by other programs
when necessary.
On 03/03, D. J. Bernstein wrote:
> > What's needed for Windows is a simple, but configurable program that
> > runs on the user's machine and listens to localhost:25.
> Right. MUAs can use 127.0.0.1:25 (and 127.0.0.1:110) by default. An ISP
> can supply its favorite proxy program, including configuration, directly
> to the users. Some benefits:
> * Users won't have to type in server addresses.
> * ISPs won't have to explain how to configure different MUAs.
> * MUAs won't have to deal with different ISP authentication systems.
> Today's proxies could provide authenticated mail submission for roaming
> users. Tomorrow's proxies could support backup servers, faster message
> injection, and maybe even strong encryption.
Yeah, the only question is: WHO will write such proxy? ;-)
BTW, correct me if I'm wrong, but I never saw any good SMTP
authentication schemes -- all of them send the password in clear :(
Also, it's quite possible that users will send their passwords to
wrong servers... this means passwords must be mangled with MD5 or
something like that...
--
Roman V. Isaev http://www.gunlab.com.ru Moscow, Russia
Roman V Isaev <[EMAIL PROTECTED]> writes:
> On 03/03, D. J. Bernstein wrote:
>> Right. MUAs can use 127.0.0.1:25 (and 127.0.0.1:110) by default. An ISP
>> can supply its favorite proxy program, including configuration,
>> directly to the users. Some benefits:
>> * Users won't have to type in server addresses.
>> * ISPs won't have to explain how to configure different MUAs.
>> * MUAs won't have to deal with different ISP authentication systems.
>> Today's proxies could provide authenticated mail submission for roaming
>> users. Tomorrow's proxies could support backup servers, faster message
>> injection, and maybe even strong encryption.
> Yeah, the only question is: WHO will write such proxy? ;-)
We did, for IMAP and POP. Was easier to write a proxy that spoke Kerberos
than it was to try to get vendors to support Kerberos. SMTP is even
simpler than those. (*Much* simpler than IMAP, which is a royal pain of a
protocol to write software for.)
> BTW, correct me if I'm wrong, but I never saw any good SMTP
> authentication schemes -- all of them send the password in clear :(
ssh tunneling should work fairly well. Also, there's no particular reason
why one couldn't wrap SMTP with a SASL negotiation, and have the proxy and
the server take care of that and then just expose regular SMTP to the
client.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
"Roman V. Isaev" <[EMAIL PROTECTED]> writes:
| Yeah, the only question is: WHO will write such proxy? ;-)
There was a recent USENIX paper on such a thing.
On Wed, 3 Mar 1999, Roman V. Isaev wrote:
> BTW, correct me if I'm wrong, but I never saw any good SMTP
> authentication schemes -- all of them send the password in clear :(
> Also, it's quite possible that users will send their passwords to
> wrong servers... this means passwords must be mangled with MD5 or
> something like that...
wouldn't yu kow it the day after I delete the internet-draft off my had
disk someone could make use of it. hopefully there;s an internet draft
something like *overall-srap-* which is a draft for a simple roaming acess
protocol written by someone at the ISP I use. they have windows and perl
agents that run locally. and is intended to authneitcate systems rather
than users. (ie this laptop has a valid demon account)
otoh some ISPS, like freeserve.co.uk, automatically re-direct SMTP to
their relays regardless of the actions of the client neatly avoiding the
problems of reconfiguring the SMTP destination between the campus network
and the ISP when mobile. (I don't bother to offer a dial-in service at
work. pay-for ISPs will provide it for $100/user/year and free ones for
nothing (they get 17% of the call charges whilst users are connected) )
The problems of the world can't be solved by fixing the working
C. Daniluk
On 03/02, Russ Allbery wrote:
> >> Today's proxies could provide authenticated mail submission for roaming
> >> users. Tomorrow's proxies could support backup servers, faster message
> >> injection, and maybe even strong encryption.
> > Yeah, the only question is: WHO will write such proxy? ;-)
> We did, for IMAP and POP. Was easier to write a proxy that spoke Kerberos
> than it was to try to get vendors to support Kerberos. SMTP is even
> simpler than those. (*Much* simpler than IMAP, which is a royal pain of a
> protocol to write software for.)
Is your proxy in public domain, GPL or whatever? :-)
> > BTW, correct me if I'm wrong, but I never saw any good SMTP
> > authentication schemes -- all of them send the password in clear :(
> ssh tunneling should work fairly well. Also, there's no particular reason
> why one couldn't wrap SMTP with a SASL negotiation, and have the proxy and
> the server take care of that and then just expose regular SMTP to the
> client.
RFC2222 was written in 1997, and now 1999. We still do not have
common SMTP authentication. Yes, everything above CAN be done, but
it's too complicated for an average programmer, and there are a lot of
assinine problems with strong encryption like U.S. export troubles,
prohibited strong cryptography in Russia, etc, etc. What we really need is:
1. Simple SASL implementation in public domain, available to everyone
without any restriction (quite probably it was done alredy),
2. Easy to use proxy for end-users, speakin this particular SASL, and
3. Someone who will patch every popular MTA and bugger MTA authors
to include these in the standard distribution. You know, 99.9% of mailers
work in their default configuration...
This problem can be solved only with complex actions -- both
programming and lobbying particular implementation (I don't like
the idea of free-for-all authentication methods -- Micro@&#*^$ will
come up with their own for sure). And lobbying is much more important...
--
Roman V. Isaev http://www.gunlab.com.ru Moscow, Russia
Roman V Isaev <[EMAIL PROTECTED]> writes:
> On 03/02, Russ Allbery wrote:
>> We did, for IMAP and POP. Was easier to write a proxy that spoke
>> Kerberos than it was to try to get vendors to support Kerberos. SMTP
>> is even simpler than those. (*Much* simpler than IMAP, which is a
>> royal pain of a protocol to write software for.)
> Is your proxy in public domain, GPL or whatever? :-)
Good question. Answer is, I don't know. I'll try to find that out. It
was a project that various people here were working on in conjuction with
other projects, one of which I think we're not releasing for export
reasons and such not, and the other of which was in cooperation with a
particular vendor. So the licensing is probably confused. The part I
personally did was a proof of concept server-side proxy implementation
(see below) that were I to turn into an actual release I'd probably clean
up and rework a good bit anyway.
> RFC2222 was written in 1997, and now 1999. We still do not have common
> SMTP authentication. Yes, everything above CAN be done, but it's too
> complicated for an average programmer, and there are a lot of assinine
> problems with strong encryption like U.S. export troubles, prohibited
> strong cryptography in Russia, etc, etc. What we really need is:
SASL's actually pretty straightforward. I wrote an IMAP Kerberos 4 proxy
that uses SASL in about two days from blank screen to fully debugged and
working (if not maximally feature-full or robust) code, and most of that
time was spent fighting with the IMAP protocol, not with the SASL pieces.
> 1. Simple SASL implementation in public domain, available to everyone
> without any restriction (quite probably it was done alredy),
I rolled my own, but I wouldn't recommend that anyone else does this.
Best starting point is probably heading to
<URL:ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/>
and grabbing the latest version of cyrus-sasl.
> 2. Easy to use proxy for end-users, speakin this particular SASL, and
This part is the part that takes some time, since they need dialog boxes
to put their password, auth credentials, and what have you in somewhere.
And if they're using Kerberos, some way of interacting with whatever else
on the system is obtaining Kerberos credentials.
> 3. Someone who will patch every popular MTA and bugger MTA authors to
> include these in the standard distribution.
You don't need to do that, actually. Proxy both ends. Run a daemon on
the Unix side that speaks SASL to a client and runs on a different port.
You don't have to run the thing on port 25, since you control the client
end as well with the client proxy. The server proxy and the client proxy
speak authentication to each other and then turn into passthroughs for the
pieces that want to talk SMTP on both ends.
This is what I did to Kerberize an IMAP server that I couldn't munge
directly. And that way on the SMTP end all that remains is to allow
unlimited relaying from localhost, since the proxied incoming connection
will appear to be from there.
The Unix-side server proxy is seriously only a day or two of work, if
someone just sits down and writes it straight through. Maybe less, with
the SASL library from Cyrus.
The PC/Mac client end is harder, since you have to actually worry about a
user interface and whatnot. But it's still pretty straightforward.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Hello,
I am in need of a lot of help, I am no longer able to send or receive
qmail at all on my main server at work...We had a power failure, and when
the system restarted, all the qmail daemons started up, but Eudora and
other remote
MUA's responded with connection refused.
I also cannot get qmail started via tcpserver at all, here is what the
current ps aux looks like as of 10:10pm (PST):
qmaild 1347 0.0 0.9 828 296 ? S 15:48 0:00
/usr/local/bin/tcpserver -R -x /etc/tcp.smtp.cdb -g 2108 -u 7791 0 smtp
/var/qmail/bin/qmail-smtpd (this is the line I used to start smtpd)
root 1350 0.0 0.9 828 296 ? S 15:48 0:00
/usr/local/bin/tcpserver -R 0 pop3 /var/qmail/bin/qmail-popup
odie.donbest.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
(this is the command i used to start pop3)
there are no other qmail daemons present (qmails, etc)...?!?!?!
I see I do not have all of the script stuff running, but what can I do to
get the mail system working again (even w/o spam blocking)? I am really up
the creek w/o a paddle it would seem...
I suppose I could start qmail via inetd.conf, but even that does not work...
Can you help me at all? (I guess I don't know as much as I thought I did) :(
-Bill ([EMAIL PROTECTED])
Hi,
sorry for the off-topic: Where do I report open relay complaint
(other that the postmaster at the site)? Thanks
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
- "Petr Novotny" <[EMAIL PROTECTED]>:
| sorry for the off-topic: Where do I report open relay complaint
| (other that the postmaster at the site)? Thanks
Read <URL:http://maps.vix.com/rbl/> and links therein.
- Harald
