qmail Digest 13 Mar 1999 11:00:01 -0000 Issue 578
Topics (messages 22897 through 22925):
Accepting Backup Mail (relay)
22897 by: Chris Bond <[EMAIL PROTECTED]>
22898 by: Russell Nelson <[EMAIL PROTECTED]>
22899 by: "Timothy L. Mayo" <[EMAIL PROTECTED]>
rewriting to: addresses
22900 by: Jere Cassidy <[EMAIL PROTECTED]>
Attachments in failure notices
22901 by: "Fred Lindberg" <[EMAIL PROTECTED]>
22913 by: Kai MacTane <[EMAIL PROTECTED]>
22914 by: Markus Stumpf <[EMAIL PROTECTED]>
HELP: need Checkpassword
22902 by: Patrick Paysant <[EMAIL PROTECTED]>
22903 by: Russell Nelson <[EMAIL PROTECTED]>
22918 by: Kevin Waterson <[EMAIL PROTECTED]>
Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/
22904 by: Patrick Paysant <[EMAIL PROTECTED]>
mini-qmail on bastion host. Local mail
22905 by: Robin Bowes <[EMAIL PROTECTED]>
rblsmtp - I need to change the bounce report.
22906 by: torben fjerdingstad <[EMAIL PROTECTED]>
22907 by: "Timothy L. Mayo" <[EMAIL PROTECTED]>
22920 by: torben fjerdingstad <[EMAIL PROTECTED]>
22922 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
Alias, dot-qmail, qmail-local, maildir, directories
22908 by: "Joaquim Homrighausen" <[EMAIL PROTECTED]>
22910 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
QMail SMTP goes bonk
22909 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
22911 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
22912 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
22917 by: "Fred Lindberg" <[EMAIL PROTECTED]>
Limit recipients (some how).
22915 by: Markus Stumpf <[EMAIL PROTECTED]>
If this goes thru...
22916 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
Badmailfrom Questions
22919 by: Kai MacTane <[EMAIL PROTECTED]>
22921 by: Chris Johnson <[EMAIL PROTECTED]>
child crashed for non-existant users (qmail-mysql)
22923 by: Omer <[EMAIL PROTECTED]>
Gateway test - ignore
22924 by: Robin Bowes <[EMAIL PROTECTED]>
Announcing: qpopper bulletin auto-installer for qmail
22925 by: [EMAIL PROTECTED]
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Hi,
Whats the correct procedure to accept backup mail?
Do you need an entry in locals, rcpthosts? And what do you put in
smtproutes for when it comes back online?
There seems to be not much documentation on the files in
/var/qmail/control apart from man qmail-control.
Thanks,
Chris.
Chris Bond writes:
> Whats the correct procedure to accept backup mail?
>
> Do you need an entry in locals, rcpthosts? And what do you put in
> smtproutes for when it comes back online?
You only need an entry in rcpthosts.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
The correct procedure is VERY simple.
Add the entry to rcpthosts.
Add the MX record to DNS.
Done. :)
On Fri, 12 Mar 1999, Chris Bond wrote:
> Hi,
>
> Whats the correct procedure to accept backup mail?
>
> Do you need an entry in locals, rcpthosts? And what do you put in
> smtproutes for when it comes back online?
>
> There seems to be not much documentation on the files in
> /var/qmail/control apart from man qmail-control.
>
> Thanks,
> Chris.
>
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Administrator
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
Some scalability concerns when using .qmail-domain-default:
We did the same thing when acquiring a company that was approximately 75%
or size. To a point the following solution seemed perfect since it ony
required that we change the duplicate email users' settings to include the
prefix. Everyone else could simply use their old settings. But then
every message to a majority of the users (not including the duplicates)
experiences a two delivery attempts. So if the following was true:
if 1 qmail user = 1 unit of load to the server
us: 12000 users
company A: 8000 users (including 500 duplicates)
assuming a message to the remaining 7500 must be delivered twice,
we just added approximatly 15000 units of load to a server group that was
doing 12000
Obviously pop3 logins and remote deliveries are increased only by the
number of users.
Anyway, we decided to proceed with the following for future growth.
Add all customers of the new domain with a prefix (included in
virtualdomains, of course). Then implement a second instance of
checkpassword that attaches the prefix on login. We based it on port
number because we could redirect port25 on an address to port xxxx on the
server with the help of an Alteon layer4 switch. But smaller
establishments could do this by patching checkpassword to attach a prefix
based on the incoming IP address. That way you just grab companyB.com's
DNS records and map mail.companyB.com to an additional IP that you specify
for one of you interfaces. Of course you'd only be able to specify 253
additional IP addresses per NIC....<shrug>
Let me know if I am completely off my rocker here !
Harald Hanche-Olsen wrote:
> put the following in ~alias/.qmail-domain-default:
>
> |forward "$DEFAULT"@example.com
>
> (RTFM qmail-command for the meaning of environment variables)
>
> - Harald
--
------------------------------------------------------------------------
// Jere Cassidy - System Administration - D&E SuperNet
email: [EMAIL PROTECTED] phone: (717)738-7054
web: http://www.desupernet.net/jere
pager/pcs: [EMAIL PROTECTED] - (717)203-0042
~~~ "While sowing the seeds of Utopia,
you invoked a convenient amnesia" -BR ~~~
------------------------------------------------------------------------
On Fri, 12 Mar 1999 09:46:14 +0100, Andreas Altenberger wrote:
>The problem is, that the Mailer demon the returns a failure notice
>including the attachment in the text area of the mail.
>
>What can I do to make qmail NOT return the attachment ?
>
>Any help will be appreciated.
ftp://ftp.id.wustl.edu/pub/patches/qmail-mime.tar.gz (README included).
To see how it looks, send a message with attachments to
[EMAIL PROTECTED] (a non-existing address).
-Sincerely, Fred
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
Text written by Fred Lindberg at 08:22 AM 3/12/99 -0600:
>On Fri, 12 Mar 1999 09:46:14 +0100, Andreas Altenberger wrote:
>
>>The problem is, that the Mailer demon the returns a failure notice
>>including the attachment in the text area of the mail.
>>
>>What can I do to make qmail NOT return the attachment ?
>
>ftp://ftp.id.wustl.edu/pub/patches/qmail-mime.tar.gz (README included).
>To see how it looks, send a message with attachments to
>[EMAIL PROTECTED] (a non-existing address).
I sent a message with an attachment there, and it bounced the attachment
along with the rest of the message. I thought it was supposed to strip out
attachments in its failure messages?
For the record, I'm using Eudora 3.0.5 for Windows 95. I attached a copy of
Windows' calc.exe utility using MIME.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
finger trouble /n./
Mistyping, typos, or generalized keyboard incompetence (this is
surprisingly common among hackers, given the amount of time they
spend at keyboards). "I keep putting colons at the end of statements
instead of semicolons", "Finger trouble again, eh?".
On Fri, Mar 12, 1999 at 09:43:03AM -0800, Kai MacTane wrote:
> I sent a message with an attachment there, and it bounced the attachment
> along with the rest of the message. I thought it was supposed to strip out
> attachments in its failure messages?
No.
The problem with a vanilla qmail is that attachments are included
along with the error messages as ONE file, and not as two (or more),
i.e. as a multipart message again, which nearly makes it impossible
for most recipients of the error messages to "sort things out" again.
Fred's patch is fixing this.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | In a world without
Research & Development | mailto:[EMAIL PROTECTED] | walls and fences,
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | who needs
D-80807 Muenchen | Fax: +49 (89) 32356-299 | Windows and Gates?
Hi,
Is there someone nice enough to send the checkpassword
package from Dan Bernstein to me by e-mail.
I try a dozen times since two weeks to access
http://pobox.com/~djb/, it's impossible !!!!!
I need it to have pop working. I know that there is some other
similar package but I want to keep "pure line" first before
testing other solution. I'm learning qmail.
TIA
Patrick
Patrick Paysant writes:
> Is there someone nice enough to send the checkpassword
> package from Dan Bernstein to me by e-mail.
>
> I try a dozen times since two weeks to access
> http://pobox.com/~djb/, it's impossible !!!!!
Try ftp://koobera.math.uic.edu. Or if that fails, try
ftp://ftp.qmail.org/pub/koobera.math.uic.edu.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Patrick Paysant wrote:
> Hi,
>
> Is there someone nice enough to send the checkpassword
> package from Dan Bernstein to me by e-mail.
>
Do you mean the RPM ?
Kevin
Help, please
I have this warning (/var/log/maillog) for one user. But I
have another user for which one all is good. I verified the
permissions, they are similar.
The only difference I can see is the user which don't receive
mail has a name beginning with capital :-(.
Do you have some docs about error messages ?
Qmail, is not simple, sob..
Patrick
Hi,
I'm in the process of re-configuring our firewall + mail services and
have something like the following in mind:
+-------------+
| ISP |
| mail relay |
+-----+-------+
Internet |
-------+---------+---
|
+---+------+ +----------+
| exterior | | bastion |
| router | | host |
+---+------+ +----------+
| perimeter network |
---+-------------------------+----
| 193.123.253.128-143 (255.255.255.240)
+----+------+
| interior | (address translation)
| router |
+----+------+
| internal network
----+-+----------------------------
| 172.16.x (255.255.240.0)
+-----+------+
| internal |
| mail host | relays all internal mail
+------------+
Incoming mail will be received by the bastion host and forwarded through
the interior router to the internal host using qmqp.
Outgoing mail will either be delivered direct by the internal mail host
or forwarded to our ISP's relay (I've not decided which yet).
I have no problems with things so far. In fact, it worked first time
when I fired it up (well, the mail side of things did - I haven't got the
network topology setup just yet).
My question is regarding mail generated on the bastion host, ie root
mail, messages from the proxy cache (this machine will also be running
squid), and mail from any security measures I may put in place.
Am I right in thinking that I will need a full qmail installation to deal
with this mail or would it be possible to "deliver" mail generated
locally on the bastion host to the internal mail host?
eg:
[EMAIL PROTECTED] --> [EMAIL PROTECTED]
[EMAIL PROTECTED] --> [EMAIL PROTECTED]
etc.
Also, I'm not sure whether I need to setup anything special in our DNS
for this to all work. I am following the recommendations in the O'Reilly
book "Building Internet Firewalls" to hide internal DNS data. The DNS
will be setup as follows:
- a "fake" external DNS with limited information (either hosted by our
ISP or running on the bastion host). Used by external clients, bastion
host, any other machines on the perimeter network. Basically just has MX
data and details of our externally hosted website. Also, receives
forwarded requests from the internal DNS server.
- a "real" DNS on the internal mail host. Used by internal clients.
Contains all internal domain information (eoc.org.uk)
Presumably, since qmqp uses IP addresses in qmqpserver, it doesn't need
to use DNS at all? ie the bastion host doesn't need to know any details
of the internal DNS; it will just relay all incoming mail to the internal
mail host? What about locally generated mail (see previous question)?
Again, presumably that wouldn't need DNS to work correctly?
Thanks for any contributions...
R.
--
Robin Bowes, System Development Manager, Equal Opportunities Commission,
Room 405A, Overseas House, Quay St., Manchester, M3 3HN, UK.
Tel: +44 (0) 161 838 8321 Fax: +44 (0) 161 835 1657
Lord, grant me the serenity to accept the things I cannot change,
the courage to change the things I can, and the wisdom to hide the
bodies of the people I had to kill because they pissed me off - Anon.
I registered a mail server at orbs and got the following
note from Alan Brown:
> Would you mind editing things so that it gives the IP number of the
> host it's rejecting?
>
> 451 The server sending this mail is in the ORBS database as an
> insecure email relay. See http://www.orbs.org/ for more
> information.
>
> Isn't very informative for an enduser.
How do I edit the message as requested?
My smtp startup script says:
/usr/local/bin/supervise /usr/local/qmail/supervise/tcpserver env - \
PATH="/usr/local/bin:$PATH" TZ=MET-1METDST,M3.5.0,M10.5.0 \
tcpserver -x /usr/local/etc/tcp.smtp.cdb \
-v -p -t 5 -c 400 -b 40 -u 203 -g 200 0 \
smtp /usr/local/bin/smtplog \
/usr/local/bin/rblsmtpd -rrelays.orbs.org \
/usr/local/bin/rblsmtpd -rrbl.maps.vix.com \
/usr/local/qmail/bin/qmail-smtpd 2>&1 \
| /usr/local/bin/accustamp \
| /usr/local/bin/cyclog -s100004000 -n2 /var/adm/smtpd smtpd 3 &
--
Med venlig hilsen / Regards
Netdriftgruppen / Network Management Group
UNI-C
Tlf./Phone +45 35 87 89 41 Mail: UNI-C
Fax. +45 35 87 89 90 Bygning 304
E-mail: [EMAIL PROTECTED] DK-2800 Lyngby
You don't without a lot of work. The error message is the TXT record from
the ORBS database. If Alan Brown wants the IP address in the message, he
should modify his scripts to place it in the TXT record in his ORBS DNS
database.
On Fri, 12 Mar 1999, torben fjerdingstad wrote:
> I registered a mail server at orbs and got the following
> note from Alan Brown:
>
> > Would you mind editing things so that it gives the IP number of the
> > host it's rejecting?
> >
> > 451 The server sending this mail is in the ORBS database as an
> > insecure email relay. See http://www.orbs.org/ for more
> > information.
> >
> > Isn't very informative for an enduser.
>
> How do I edit the message as requested?
>
> My smtp startup script says:
>
> /usr/local/bin/supervise /usr/local/qmail/supervise/tcpserver env - \
> PATH="/usr/local/bin:$PATH" TZ=MET-1METDST,M3.5.0,M10.5.0 \
> tcpserver -x /usr/local/etc/tcp.smtp.cdb \
> -v -p -t 5 -c 400 -b 40 -u 203 -g 200 0 \
> smtp /usr/local/bin/smtplog \
> /usr/local/bin/rblsmtpd -rrelays.orbs.org \
> /usr/local/bin/rblsmtpd -rrbl.maps.vix.com \
> /usr/local/qmail/bin/qmail-smtpd 2>&1 \
> | /usr/local/bin/accustamp \
> | /usr/local/bin/cyclog -s100004000 -n2 /var/adm/smtpd smtpd 3 &
>
> --
> Med venlig hilsen / Regards
> Netdriftgruppen / Network Management Group
> UNI-C
>
> Tlf./Phone +45 35 87 89 41 Mail: UNI-C
> Fax. +45 35 87 89 90 Bygning 304
> E-mail: [EMAIL PROTECTED] DK-2800 Lyngby
>
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Administrator
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
On Fri, Mar 12, 1999 at 10:56:46AM -0500, Timothy L. Mayo wrote:
> You don't without a lot of work. The error message is the TXT record from
> the ORBS database. If Alan Brown wants the IP address in the message, he
> should modify his scripts to place it in the TXT record in his ORBS DNS
> database.
What kind of work? Changing rblsmtpd? At the same time I think
it should be modified to be able to take multiple -r flags.
Alan Brown also wrote me this note about TXT records:
*-I don't have individual TXT records for ORBS as the zonefile is
*-already 2.5Mb. With TXT records in there, that grows to 7Mb. :-(
> On Fri, 12 Mar 1999, torben fjerdingstad wrote:
>
> > I registered a mail server at orbs and got the following
> > note from Alan Brown:
> >
> > > Would you mind editing things so that it gives the IP number of the
> > > host it's rejecting?
> > >
> > > 451 The server sending this mail is in the ORBS database as an
> > > insecure email relay. See http://www.orbs.org/ for more
> > > information.
> > >
> > > Isn't very informative for an enduser.
> >
> > How do I edit the message as requested?
> >
> > My smtp startup script says:
> >
> > /usr/local/bin/supervise /usr/local/qmail/supervise/tcpserver env - \
> > PATH="/usr/local/bin:$PATH" TZ=MET-1METDST,M3.5.0,M10.5.0 \
> > tcpserver -x /usr/local/etc/tcp.smtp.cdb \
> > -v -p -t 5 -c 400 -b 40 -u 203 -g 200 0 \
> > smtp /usr/local/bin/smtplog \
> > /usr/local/bin/rblsmtpd -rrelays.orbs.org \
> > /usr/local/bin/rblsmtpd -rrbl.maps.vix.com \
> > /usr/local/qmail/bin/qmail-smtpd 2>&1 \
> > | /usr/local/bin/accustamp \
> > | /usr/local/bin/cyclog -s100004000 -n2 /var/adm/smtpd smtpd 3 &
--
Med venlig hilsen / Regards
Netdriftgruppen / Network Management Group
UNI-C
Tlf./Phone +45 35 87 89 41 Mail: UNI-C
Fax. +45 35 87 89 90 Bygning 304
E-mail: [EMAIL PROTECTED] DK-2800 Lyngby
- torben fjerdingstad <[EMAIL PROTECTED]>:
| On Fri, Mar 12, 1999 at 10:56:46AM -0500, Timothy L. Mayo wrote:
| > You don't without a lot of work. The error message is the TXT
| > record from the ORBS database. If Alan Brown wants the IP address
| > in the message, he should modify his scripts to place it in the
| > TXT record in his ORBS DNS database.
|
| What kind of work? Changing rblsmtpd?
Why not? It shouldn't be too hard: In the check() routine, just
before "if (message.len > 200) message.len = 200;" insert something
along the lines of (** untested code follows **)
x = env_get("TCPREMOTEIP");
if (x)
if (*x) {
if (!stralloc_cats(&message, " (Remote IP: ")) die_sys();
if (!stralloc_cats(&message, x) die_sys();
if (!stralloc_cats(&message, ")")) die_sys();
}
| At the same time I think it should be modified to be able to take
| multiple -r flags.
Would be useful. I'll leave that as an exercise for the reader. 8-)
- Harald
Couple of questions:
1. I cannot get "redirection" to work when I use a .qmail
file containing a complete maildir path. If I replace the
maildir path with another local user, the redirection
works. In the former case, qmail(-local I assume) complains
about delivery being temporarily deferred.
What I had was:
.qmail-john:doe
In the default home directory. The file contained
/home/special/mailadd/johndoe02/Maildir/
The ./johndoe02 directory is owned by johndoe02 (not world writeable)
The same ownership applies to all of the directories below ./johndoe02
If I log-in as johndoe02, I can change to /home/special/mailadd..
although I cannot do a pwd.
What does qmail(-local) require as far as directory rights in the
above scenario.
I have temporarily circumvented the problem by replacing the path
specification in the .qmail-john:doe file with 'johndoe02', which
works but isn't an elegant solution (IMHO) since it requires extra
work on qmail's behalf.
2. Is there a file or document which describes which directories must
be owned/groupowned by the various qmail UIDs/GIDs as well as other
directories (such as the one in the first question above)?
I'm somewhat behind in this mailing list, so if you do reply, please
CC me ([EMAIL PROTECTED]) on your reply.
Thanks.
-+-
Joaquim Homrighausen * [EMAIL PROTECTED] * 2:201/330@fidonet
Definite Solutions * Stockholm, Sweden
Phone: +46 8 6505087 * Fax: +46 8 4410010 * http://www.defsol.se
-+-
- "Joaquim Homrighausen" <[EMAIL PROTECTED]>:
| 1. I cannot get "redirection" to work when I use a .qmail
| file containing a complete maildir path. If I replace the
| maildir path with another local user, the redirection
| works. In the former case, qmail(-local I assume) complains
| about delivery being temporarily deferred.
|
| What I had was:
|
| .qmail-john:doe
|
| In the default home directory.
You mean, in ~alias? (I'll assume so.)
| The file contained
|
| /home/special/mailadd/johndoe02/Maildir/
|
| The ./johndoe02 directory is owned by johndoe02 (not world writeable)
| The same ownership applies to all of the directories below ./johndoe02
Won't work. qmail-local *always* runs as the user you're trying to
deliver to; in this case, the alias user. So it cannot usually
deliver to another user's maildir or mbox.
| I have temporarily circumvented the problem by replacing the path
| specification in the .qmail-john:doe file with 'johndoe02', which
| works but isn't an elegant solution (IMHO) since it requires extra
| work on qmail's behalf.
So use the users/assign mechanism instead. Put the following (or have
a script put it) in users/assign:
=john:johndoe2:123:456:/home/special/mailadd/johndoe02:::
(where 123:456 should be replaced by johndoe2's uid:gid). This
declares /home/special/mailadd/johndoe02 to be the home directory of
johndoe2. So unless the default delivery instruction (argument to
qmail-start) is ./Maildir/, put ./Maildir/ into the
/home/special/mailadd/johndoe02/.qmail file.
Remember to run qmail-newu after updating the assign file.
| 2. Is there a file or document which describes which directories must
| be owned/groupowned by the various qmail UIDs/GIDs as well as other
| directories (such as the one in the first question above)?
Not in one place, as far as I know. Each user must own his home
directory, which must not be world writable. As far as maildirs go,
the user must be able to chdir() into the maildir, then have full read
and write access to the tmp/ and new/ subdirectories.
| I'm somewhat behind in this mailing list, so if you do reply, please
| CC me ([EMAIL PROTECTED]) on your reply.
I'm somewhat current in this mailing list, so if you do reply, please
don't CC me on your reply. 8-)
- Harald
Hi. My SMTP is going kablooie. Nobody is able to send messages until I
reboot the machine. And then after a few minutes it dies again. POP
works ok. Well, dying is not the exact term.
I do a ps ax | grep qmail and I get something like this:
72 ? S 0:00 qmail-lspawn ./Maildir/
71 ? S 0:00 splogger qmail
74 ? S 0:00 qmail-clean
73 ? S 0:00 qmail-rspawn
104 ? S 0:00 qmail-remote texaco.com [EMAIL PROTECTED]
[EMAIL PROTECTED]
158 ? S 0:00 qmail-remote gld.mmtr.or.jp [EMAIL PROTECTED]
chapolim
904 ? S 0:00 qmail-remote gld.mmtr.or.jp [EMAIL PROTECTED]
chapolim
926 ? S 0:00 qmail-remote pop.openlink.com.br
[EMAIL PROTECTED]
1286 ? S 0:00 qmail-remote hotmail.com [EMAIL PROTECTED]
1542 ? S 0:00 qmail-remote hotmail.com [EMAIL PROTECTED]
68 ? S 0:01 qmail-send
1550 p0 S 0:00 grep qmail
Theres no qmail-smtpd because I killed them in panic. :-O
The ones like "qmail-remote hotmail.com [EMAIL PROTECTED]" keep
showing up at an alarming rate. Sometimes there are 10,15 of them, then
the number decreases, then rises again. Could it be a DoS attack? Spam?
What logfiles can I read to trace this?
Thanx,
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Inform�tica e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
- Juan Carlos Castro y Castro <[EMAIL PROTECTED]>:
| Theres no qmail-smtpd because I killed them in panic. :-O
|
| The ones like "qmail-remote hotmail.com [EMAIL PROTECTED]" keep
| showing up at an alarming rate. Sometimes there are 10,15 of them, then
| the number decreases, then rises again. Could it be a DoS attack? Spam?
Sounds to me like you're running an open relay and have been found by
the spammers. Run (don't walk) to your control/rcpthosts and check
it. Don't have one? Create it *now*. Add in all your local domains,
all your virtual domains (if you have any) and any domains that your
machine is an MX for (ditto).
| What logfiles can I read to trace this?
Impossible to say, because qmail is so flexible as to how it performs
logging, and how much logging it does. Oh, I see you run splogger, so
mail logs wind up wherever /etc/syslog.conf says they should go. I
don't know if and where you log smtp traffic, since you didn't tell us
how you run your qmail-stmpd. But /var/qmail/bin/qmail-qread will at
least tell you what messages are in your queue right now.
- Harald
Harald Hanche-Olsen wrote:
>
> - Juan Carlos Castro y Castro <[EMAIL PROTECTED]>:
>
> | Theres no qmail-smtpd because I killed them in panic. :-O
> |
> | The ones like "qmail-remote hotmail.com [EMAIL PROTECTED]" keep
> | showing up at an alarming rate. Sometimes there are 10,15 of them, then
> | the number decreases, then rises again. Could it be a DoS attack? Spam?
>
> Sounds to me like you're running an open relay and have been found by
> the spammers. Run (don't walk) to your control/rcpthosts and check
> it. Don't have one? Create it *now*. Add in all your local domains,
> all your virtual domains (if you have any) and any domains that your
> machine is an MX for (ditto).
Bullseye! That was it. There was no rcpthosts! But when I add one with
my domains I can't send anything from my local network. I have to enable
mail coming from 200.244.84.x or else our ISP clients won't send mail.
How do I do that?
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Inform�tica e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
On Fri, 12 Mar 1999 14:42:08 -0300, Juan Carlos Castro y Castro wrote:
>Bullseye! That was it. There was no rcpthosts! But when I add one with
>my domains I can't send anything from my local network. I have to enable
>mail coming from 200.244.84.x or else our ISP clients won't send mail.
>How do I do that?
Per qmail FAQ, search for RELAYCLIENT. Use the tcpserver version ...
-Sincerely, Fred
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
On Fri, Mar 12, 1999 at 12:19:21PM +0200, Georgi Kupenov wrote:
> Any idea how to limit the number of
> recepients per message?
Check out
http://www.qmail.org/
or of of the mirror sites.
There is a reference to such a patch from Michael Samuel.
Just search for "RCPT" in the page.
However this is for SMTP connections. You didn't say if you want
it for SMTP or local injections.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | In a world without
Research & Development | mailto:[EMAIL PROTECTED] | walls and fences,
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | who needs
D-80807 Muenchen | Fax: +49 (89) 32356-299 | Windows and Gates?
...then I and the crew at PC-Shop ISP are ETERNALLY GRATEFUL to Mate and
Harald for saving our sorry butts! :-D
In technical terms, It means I learned how to use tcpserver and now I
can have a rcpthosts file. Gee, this should be a system requirement for
qmail! And I tell you more, a version of tcpserver should be included in
qmail just in case there's not one in the target machine.
Thanx again guys!
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Inform�tica e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
Hello, Folks--
I have a couple of questions about the control/badmailfrom file:
1) As long as it's readable by qmail, does its ownership matter?
2) Which part of qmail needs to read it? My quick scan of the docs
says qmail-smtpd is the only thing that looks at control/badmailfrom,
but I'd like to double-check.
3) Will control/badmailfrom take regexes or any other form of pattern
matching besides the simple "@host" that matches all addresses at
a given host? Since it appears not, are there any patches to
enable this?
4) After altering it, I don't need to restart anything, right?
Hope these questions aren't too simple. Thanks.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
scram switch /n./
[from the nuclear power industry] An emergency-power-off switch (see
Big Red Switch), esp. one positioned to be easily hit by evacuating
personnel. In general, this is *not* something you frob lightly;
these often initiate expensive events (such as Halon dumps) and are
installed in a dinosaur pen for use in case of electrical fire or
in case some luckless field servoid should put 120 volts across
himself while Easter egging.
On Fri, Mar 12, 1999 at 12:03:35PM -0800, Kai MacTane wrote:
> Hello, Folks--
>
> I have a couple of questions about the control/badmailfrom file:
>
> 1) As long as it's readable by qmail, does its ownership matter?
Nope.
> 2) Which part of qmail needs to read it? My quick scan of the docs
> says qmail-smtpd is the only thing that looks at control/badmailfrom,
> but I'd like to double-check.
Only qmail-smtpd reads it.
> 3) Will control/badmailfrom take regexes or any other form of pattern
> matching besides the simple "@host" that matches all addresses at
> a given host? Since it appears not, are there any patches to
> enable this?
The only things you can have in badmailfrom are user@host or @host. I do recall
seeing some patches to allow regexes; check www.qmail.org.
> 4) After altering it, I don't need to restart anything, right?
Right. It's reread every time a new qmail-smtpd is run.
Chris
Hi,
First of all, my apologies if you have received this twice.
I have just finished setting up a qmail system here.
The system is supposed to handle quite a lot of users
(mail-only) so I decided to use the mysql patch to manage
all the accounts using a mySQL database, and use a single
uid for the pop-boxes themselves. Ok, so everything works
fine, until...Someone tries to logon on with a user that
doesn't exist. Fex:
telnet localhost 110
+OK <[EMAIL PROTECTED]>
USER bozo
+OK
PASS theclown
-ERR aack, child crashed
Connection closed by foreign host.
And it core dumps inside the control directory.
qmail-getpw just returns the alias user for non-existant users,
so I guess that's ok. Users that exist work just fine.
Can anyone offer any insight/help on this?
Thanks,
-- Omer
|---------------------------------------------------------------------------|
| A bus station is where a bus stops. A train | Omer Efraim |
| station is where a train stops. On my desk I | [EMAIL PROTECTED] |
| have work station... -Author Unknown | |
|---------------------------------------------------------------------------|
Sorry.
R.
Take a moment to admire the density of the subject line. I worked hard at it.
Now, the point of the announcement: I know I can't be the only one running
qmail and qpopper together. I also know I can't be the only one getting sick
of the tedious procedure involved in installing a new bulletin. So I did
something about it. I wrote qmail-qpopbull, a pair of programs which automate
the job. Now you just have to go through one more tedious install procedure -
my package - and afterward your PHB and/or clueless client will be able to
maintain his own bulletin directory using nothing but his mailreader of
choice.
>From the README:
---------------
This package is designed to provide a PHB-friendly front end to installing
qpopper bulletins on a qmail server. It operates under the same principle as
a moderated ezmlm list: there is a submission address, and submissions are
sent to moderators for approval, with a return address containing a random
string which is used to recognize a valid confirmation.
---------------
I have not yet put this into Real Use yet, so if you're really paranoid you
should wait a while, but otherwise, get it from
http://defiant.cqc.com/~pacman/projects/qmail-qpopbull/
I'm not on this list any more (I'm down to 2 lists and getting off another
one soon! Life is good), so reply directly to me if you have something to
say, or if you want to be notified of future bugfixes and improvements,
because I don't intend to annoy the list again.
--
Alan Curry
