qmail Digest 24 Mar 1999 11:00:01 -0000 Issue 589
Topics (messages 23258 through 23349):
[[EMAIL PROTECTED]: failure notice]
23258 by: Russ Allbery <[EMAIL PROTECTED]>
NOOP and RSET flooding
23259 by: "Sam" <[EMAIL PROTECTED]>
23274 by: Mark Delany <[EMAIL PROTECTED]>
qmail Performance question
23260 by: Markus Stumpf <[EMAIL PROTECTED]>
23261 by: Russell Nelson <[EMAIL PROTECTED]>
[EZMLM] A ML on a virtual domain
23262 by: "Fred Lindberg" <[EMAIL PROTECTED]>
Broken mail clients and fixup
23263 by: "Rick McMillin" <[EMAIL PROTECTED]>
23264 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
Local delivering problem
23265 by: Lorenzo Cavassa <[EMAIL PROTECTED]>
23267 by: Russell Nelson <[EMAIL PROTECTED]>
Trouble bouncing
23266 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
23277 by: Mark Delany <[EMAIL PROTECTED]>
23281 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
Mysterious quotes added in "From: " line
23268 by: "Tetsu Ushijima" <[EMAIL PROTECTED]>
X based mail client
23269 by: "Attila Csosz" <[EMAIL PROTECTED]>
23279 by: [EMAIL PROTECTED]
RELAYCLIENT and InetD - clarification
23270 by: Peter Gradwell <[EMAIL PROTECTED]>
23271 by: Chris Johnson <[EMAIL PROTECTED]>
23272 by: Chris Johnson <[EMAIL PROTECTED]>
23273 by: "Sam" <[EMAIL PROTECTED]>
23275 by: [EMAIL PROTECTED]
23329 by: "Peter Samuel" <[EMAIL PROTECTED]>
Qmail deferral...
23276 by: Mark Delany <[EMAIL PROTECTED]>
23326 by: seiheng <[EMAIL PROTECTED]>
QMQP
23278 by: "Nelson, Chris (USITG)" <[EMAIL PROTECTED]>
23280 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
RBL-Stats v1.0 Released
23282 by: xs <[EMAIL PROTECTED]>
23333 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23338 by: "Pavel V. Piankov" <[EMAIL PROTECTED]>
23345 by: Anand Buddhdev <[EMAIL PROTECTED]>
23346 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
Big problem: [[EMAIL PROTECTED]: failure notice]
23283 by: "Pavel V. Piankov" <[EMAIL PROTECTED]>
I am a bad boy
23284 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
23286 by: Mark Delany <[EMAIL PROTECTED]>
Qmail Case Example
23285 by: xs <[EMAIL PROTECTED]>
failure notice (fwd)
23287 by: xs <[EMAIL PROTECTED]>
23288 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23289 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
23291 by: Vince Vielhaber <[EMAIL PROTECTED]>
documentation, documentation, documentation
23290 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23292 by: Vince Vielhaber <[EMAIL PROTECTED]>
23294 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23309 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
23331 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23349 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
poor documentation example
23293 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23295 by: "Racer X" <[EMAIL PROTECTED]>
23296 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23297 by: Vince Vielhaber <[EMAIL PROTECTED]>
23298 by: Russ Allbery <[EMAIL PROTECTED]>
23299 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23300 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23301 by: "Sam" <[EMAIL PROTECTED]>
23302 by: James Smallacombe <[EMAIL PROTECTED]>
23303 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23304 by: Russ Allbery <[EMAIL PROTECTED]>
23305 by: Russ Allbery <[EMAIL PROTECTED]>
23306 by: Stefan Paletta <[EMAIL PROTECTED]>
23307 by: Mark Delany <[EMAIL PROTECTED]>
23308 by: Russ Allbery <[EMAIL PROTECTED]>
23310 by: "Sam" <[EMAIL PROTECTED]>
23311 by: Mark Delany <[EMAIL PROTECTED]>
23312 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23314 by: Russ Allbery <[EMAIL PROTECTED]>
23315 by: Russ Allbery <[EMAIL PROTECTED]>
23317 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23318 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23319 by: Russ Allbery <[EMAIL PROTECTED]>
23321 by: Kai MacTane <[EMAIL PROTECTED]>
23322 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23323 by: "Racer X" <[EMAIL PROTECTED]>
23324 by: Kai MacTane <[EMAIL PROTECTED]>
23325 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23327 by: Matt Simerson <[EMAIL PROTECTED]>
23336 by: <[EMAIL PROTECTED]>
GET ME OFF THIS DAMN LIST
23313 by: Kevin Phipps <[EMAIL PROTECTED]>
RBL(s)
23316 by: xs <[EMAIL PROTECTED]>
23341 by: Tim Tsai <[EMAIL PROTECTED]>
RBLs and surrended on qmail 1.x docs
23320 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
HELP! Need qmail-etrn patch URGENTLY
23328 by: Operations <[EMAIL PROTECTED]>
FW: GET ME OFF THIS DAMN LIST
23330 by: Lara Little <[EMAIL PROTECTED]>
23348 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
information need, please
23332 by: Enrico Mangano <[EMAIL PROTECTED]>
23334 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23335 by: "Pavel V. Piankov" <[EMAIL PROTECTED]>
keyserver
23337 by:
23339 by: Les Klein <[EMAIL PROTECTED]>
23340 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23342 by: "Frank Tegtmeyer" <[EMAIL PROTECTED]>
23343 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23344 by: Les Klein <[EMAIL PROTECTED]>
Hi!! Domains..
23347 by: "Daniel V. Pedersen" <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Peter van Dijk <[EMAIL PROTECTED]> writes:
> I've written software in C that compiled cleanly on my Slackware, on
> LinuxPPC and others, but not on RedHat. It turns out it needed
> -lcrypt. Does _not_ make sense to me.
Umm... I don't mean to sound harsh here, but this is one of the most
common portability differences between Unixes. Pretty much anyone writing
Unix code that uses crypt() has to deal with at some point or another.
You can blame this one on the U.S. Government's idiotic export
restrictions; that's the original reason why crypt() was spun off into a
separate library on some Unixes (and not on others).
Any portable Unix code that needs to use crypt() should be able to deal
with the possible need to link with -lcrypt. autoconf makes this pretty
trivial.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Przemyslaw Frasunek writes:
> My machine running qmail-1.03 can be heavly loaded by opening
> as much as possible concurrent connections and flooding with RSET
> and NOOP commands.
>
> It is possible to close connection after receiving i.e. 100 NOOPs or RSETs?
Certainly. Write the code to do it.
--
Sam
At 11:30 AM Tuesday 3/23/99, Przemyslaw Frasunek wrote:
>My machine running qmail-1.03 can be heavly loaded by opening
>as much as possible concurrent connections and flooding with RSET
>and NOOP commands.
>
>It is possible to close connection after receiving i.e. 100 NOOPs or RSETs?
Yes, but how about if they sent 100 empty lines. Or 100 RCPT commands or 1
DATA command and 100 data lines?
If you allow the connection in the first place, then there is not a lot you
can do to distinguish a legitimate connection from a DOS connection so I'm
not sure I'd bother.
Of course you can control the maximum number of concurrent sessions by using
tcpserver so your inbound connections might run out, but your system wont
fill up.
Regards.
On Tue, Mar 23, 1999 at 12:02:32AM +0100, Peter van Dijk wrote:
> really work, the mailclient should check pop mail as often as possible.
PLEEEEEEEEEZ ... be careful with that.
We have customers that have a leased line but we manage their Mailboxes (POP3).
Sometimes they receive a "really big" Mail (e.g. 40 MB).
To transfer the file takes longer than the "check interval".
There is a nasty bug in some implementations of browsers.
Looks like they have a timed interupt which causes them to force a
check for new mail. What happens is that the client is in the middle of
fetching the file, the interupt arrives, the transfer is killed the check for
new mail is made and the transfer for the big file is immediately
restarted from the beginning. This way they can NEVER get the whole file
and are transferring and transferring and transferring and ...
:-((((
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | In a world without
Research & Development | mailto:[EMAIL PROTECTED] | walls and fences,
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | who needs
D-80807 Muenchen | Fax: +49 (89) 32356-299 | Windows and Gates?
Markus Stumpf writes:
> On Tue, Mar 23, 1999 at 12:02:32AM +0100, Peter van Dijk wrote:
> > really work, the mailclient should check pop mail as often as possible.
>
> PLEEEEEEEEEZ ... be careful with that.
> We have customers that have a leased line but we manage their Mailboxes (POP3).
> Sometimes they receive a "really big" Mail (e.g. 40 MB).
> To transfer the file takes longer than the "check interval".
> There is a nasty bug in some implementations of browsers.
Oh, well that *certainly* wouldn't work with the proposed system,
which we're suggesting should block on the LIST command (e.g.) or
maybe ....
Oh. OH. OH!!! Hey! I know how this could actually be implemented
without huge amounts of hackery!! Instead of doing this:
qmail-popup checkpassword qmail-pop3d
do this:
qmail-popup checkpassword wait-for-new-mail qmail-pop3d
where wait-for-new-mail is a program that simply pauses waiting to
read that named pipe, which is written to by the suggested .qmail
file. And wait-for-new-mail could be something as simple as this:
#!/bin/sh
read <Maildir/.waiton
This reason this works is because qmail-pop3d prints the OK for the
password command. So, as long as the pop3 client is willing to wait
forever for the OK response (not a good assumption, I know), it'll
receive the new mail moments after it is delivered.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
On Tue, 23 Mar 1999 10:56:21 +0100, Dimitri SZAJMAN wrote:
>Please where can I get explanation about how to create with ezmlm a ML on a
>virtual domain that I host (I am MX for this domain). I only succeed to
>create one on my own domain.
Look in the ezmlm FAQ http://www.ezmlm.org. Look at the ezmlm-make man
page if you use ezmlm-idx. Join the [EMAIL PROTECTED] list which is
for ezmlm.
-Sincerely, Fred
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
I don't think I did a good job of describing my problem. The
problem occurs when one of my customers attempts to send
a message using a broken mail client like Eudora. They will
only put the username in instead of the full email address when
sending mail to someone else at the same domain.
The fixup has fixed this problem, but has caused another problem.
When a customer doesn't type the full email address and only
puts in a username, the fixup will append the full hostname after
the username they entered. So "rmcmilln" would become
something like [EMAIL PROTECTED] I don't want it to append
the hostname of the server, I specifically want it to append just
"iland.net" on the end which would make just "rmcmilln" become
[EMAIL PROTECTED]
When it does append the full hostname, it defeats the purpose of
the load balanced array of servers that we have because instead
of mail being directed to our array for our load balancer to distribute,
mail goes to that specific server instead.
Rick
----- Original Message -----
From: Harald Hanche-Olsen <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, March 22, 1999 2:45 PM
Subject: Re: Broken mail clients and fixup
> - "Rick McMillin" <[EMAIL PROTECTED]>:
>
> | I've implemented the "fixup" which appends the hostname
> | of the server to incomplete email addresses for mail clients
> | like Eudora which allow people to enter just a username
> | instead of a complete email address.
> |
> | My problem now is that since it puts in the full hostname
> | of the server, it defeats the purpose of our server array
> | since the messages are directed towards a specific server
> | instead of to our array so it can be load balanced.
>
> You probably haven't created control/defaulthost with your domain name
> in it. It should cure your problem, I think.
>
> | What I'd like to know is can a domain name be hard-coded
> | in the fix? I assume this would be done in the
> | ~alias/.qmail-fixup-default file. Right now, QMail will rewrite
> | broken addresses to be [EMAIL PROTECTED] and
> | I want to force it to write the address as [EMAIL PROTECTED]
> | Is this possible?
>
> Yes, if the mail comes in with blatantly wrong addresses and you want
> qmail-inject to change them. But my impression from your problem
> descrition is that messages come in without a domain in the from
> addresses, and then defaulthosts will take care of that.
>
> To force another address, use the line
>
> |QMAILINJECT=f QMAILHOST=domain.com qmail-inject -f "$SENDER" --
"$DEFAULT"
>
> | I've tried changing this line:
> |
> | | [ "@$HOST" = "@fixme" ] || ( echo Permission denied; exit 100 )
> |
> | to something like this:
> |
> | | [ "@domain.com" = "@fixme" ] || ( echo Permission denied; exit 100 )
> |
> | with no luck.
>
> Indeed; that test will always fail. You just turned off the access
> control to your script. Just change it back. You changed the wrong
> line anyhow.
>
> | Also, am I correct that this fix only affects emails that contain
> | incomplete email addresses (i.e. username without "@domain.com")?
>
> Yes, unless you set the QMAILINJECT variable like above. If you do
> set it, you will always override the sender's wishes, which may or may
> not be what you want to do.
>
> - Harald
>
- "Rick McMillin" <[EMAIL PROTECTED]>:
| When a customer doesn't type the full email address and only
| puts in a username, the fixup will append the full hostname after
| the username they entered. So "rmcmilln" would become
| something like [EMAIL PROTECTED] I don't want it to append
| the hostname of the server, I specifically want it to append just
| "iland.net" on the end which would make just "rmcmilln" become
| [EMAIL PROTECTED]
I can only repeat what I said:
| > You probably haven't created control/defaulthost with your domain
| > name in it. It should cure your problem, I think.
But now that you gave more information, I can be more specific:
echo iland.net > /var/qmail/control/defaulthost
- Harald
Hi,
i'm running qmail 1.03 on a RedHat 5.2 system.
I've configured qmail to accept mail for a virtualdomain and to redirect
all the mail to a specified user.
Qmail is configured with an assign table in ~qmail/users like this:
+fax-0:fax:509:509:/home/fax:::
+fax-1:fax:509:509:/home/fax:::
and so on until '+fax-9'.
In
/home/fax
is a .qmail file:
| /home/fax/bin/central-fax
where central-fax is a perl script.
All seems to be good, but a local or a remote delivery to fax-{any number}
go in /home/fax/Mailbox, and the file .qmail seems to be not interpretated.
A command-line test with qmail-local ( /usr/local/qmail/bin/qmail-local -n
$USER ~ $USER '' '' '' '' ./Mailbox ) seems to run well ( the report is: did
0+0+1 ) while in a remote delivery qmail-local reports, in
/var/log/messages, a 'did_1+0+0'.
Any ideas?
Thank you!
kawa
Lorenzo Cavassa writes:
> I've configured qmail to accept mail for a virtualdomain and to redirect
> all the mail to a specified user.
> Qmail is configured with an assign table in ~qmail/users like this:
>
> +fax-0:fax:509:509:/home/fax:::
> +fax-1:fax:509:509:/home/fax:::
>
> and so on until '+fax-9'.
I'm not sure what problem this is solving. Why not just use:
+fax-:fax:509:509:/home/joe:-::
And then have a /home/fax/.qmail-default
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Hi. I keep getting messages like this in /var/adm/messages at a rate of
1-2 per second. Could it be a user's homedir with too many entries? I
use Maildir. Also, how can I trace the source of the problem?
Mar 23 12:11:15 pcs002 qmail: 922201875.698487 warning: trouble
injecting bounce message, will try later
Mar 23 12:11:15 pcs002 qmail: 922201875.765157 warning: trouble
injecting bounce message, will try later
Mar 23 12:11:15 pcs002 qmail: 922201875.831855 warning: trouble
injecting bounce message, will try later
Mar 23 12:11:15 pcs002 qmail: 922201875.898539 warning: trouble
injecting bounce message, will try later
Mar 23 12:11:17 pcs002 qmail: 922201877.940420 warning: trouble
injecting bounce message, will try later
Mar 23 12:11:18 pcs002 qmail: 922201878.007051 warning: trouble
injecting bounce message, will try later
Mar 23 12:11:18 pcs002 qmail: 922201878.073751 warning: trouble
injecting bounce message, will try later
Mar 23 12:11:18 pcs002 qmail: 922201878.140387 warning: trouble
injecting bounce message, will try later
Mar 23 12:11:18 pcs002 qmail: 922201878.207083 warning: trouble
injecting bounce message, will try later
Mar 23 12:11:18 pcs002 qmail: 922201878.273821 warning: trouble
injecting bounce message, will try later
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Inform�tica e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
qmail-queue is failing.
Check:
1. Number of inodes on the /var/qmail partition
2. Amount of free space on /var/qmail partition
3. Permissions of the install with
# make check
Regards.
At 12:51 PM Tuesday 3/23/99, Juan Carlos Castro y Castro wrote:
>Hi. I keep getting messages like this in /var/adm/messages at a rate of
>1-2 per second. Could it be a user's homedir with too many entries? I
>use Maildir. Also, how can I trace the source of the problem?
>
>Mar 23 12:11:15 pcs002 qmail: 922201875.698487 warning: trouble
>injecting bounce message, will try later
>Mar 23 12:11:15 pcs002 qmail: 922201875.765157 warning: trouble
>injecting bounce message, will try later
>Mar 23 12:11:15 pcs002 qmail: 922201875.831855 warning: trouble
>injecting bounce message, will try later
>Mar 23 12:11:15 pcs002 qmail: 922201875.898539 warning: trouble
>injecting bounce message, will try later
>Mar 23 12:11:17 pcs002 qmail: 922201877.940420 warning: trouble
>injecting bounce message, will try later
>Mar 23 12:11:18 pcs002 qmail: 922201878.007051 warning: trouble
>injecting bounce message, will try later
>Mar 23 12:11:18 pcs002 qmail: 922201878.073751 warning: trouble
>injecting bounce message, will try later
>Mar 23 12:11:18 pcs002 qmail: 922201878.140387 warning: trouble
>injecting bounce message, will try later
>Mar 23 12:11:18 pcs002 qmail: 922201878.207083 warning: trouble
>injecting bounce message, will try later
>Mar 23 12:11:18 pcs002 qmail: 922201878.273821 warning: trouble
>injecting bounce message, will try later
>--
> ___THE___ One man alone cannot fight the future. USE LINUX!
> \ \ / / _______________________________________________
> \ V / |Juan Carlos Castro y Castro |
> \ / |[EMAIL PROTECTED] |
> / \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
> / ^ \ |Diretor de Informatica e Eventos Sobrenaturais |
> / / \ \ |da E-RACE CORPORATION |
> ~~~ ~~~ -----------------------------------------------
> RACER
>
Mark Delany wrote:
>
> qmail-queue is failing.
>
> Check:
>
> 1. Number of inodes on the /var/qmail partition
> 2. Amount of free space on /var/qmail partition
> 3. Permissions of the install with
>
> # make check
Free space I have a-plenty (1.3 gigs). Inodes too. I wonder if some user
deleted or otherwise messed with his/her ~/Maildir.
How can I relate these numbers with the contents of the queue/mess
directory so I can find out who the @#$%&*!! sent those messages?
> Regards.
>
> At 12:51 PM Tuesday 3/23/99, Juan Carlos Castro y Castro wrote:
> >Hi. I keep getting messages like this in /var/adm/messages at a rate of
> >1-2 per second. Could it be a user's homedir with too many entries? I
> >use Maildir. Also, how can I trace the source of the problem?
> >
> >Mar 23 12:11:15 pcs002 qmail: 922201875.698487 warning: trouble
> >injecting bounce message, will try later
> >Mar 23 12:11:15 pcs002 qmail: 922201875.765157 warning: trouble
> >injecting bounce message, will try later
> >Mar 23 12:11:15 pcs002 qmail: 922201875.831855 warning: trouble
> >injecting bounce message, will try later
> >Mar 23 12:11:15 pcs002 qmail: 922201875.898539 warning: trouble
> >injecting bounce message, will try later
> >Mar 23 12:11:17 pcs002 qmail: 922201877.940420 warning: trouble
> >injecting bounce message, will try later
> >Mar 23 12:11:18 pcs002 qmail: 922201878.007051 warning: trouble
> >injecting bounce message, will try later
> >Mar 23 12:11:18 pcs002 qmail: 922201878.073751 warning: trouble
> >injecting bounce message, will try later
> >Mar 23 12:11:18 pcs002 qmail: 922201878.140387 warning: trouble
> >injecting bounce message, will try later
> >Mar 23 12:11:18 pcs002 qmail: 922201878.207083 warning: trouble
> >injecting bounce message, will try later
> >Mar 23 12:11:18 pcs002 qmail: 922201878.273821 warning: trouble
> >injecting bounce message, will try later
> >--
> > ___THE___ One man alone cannot fight the future. USE LINUX!
> > \ \ / / _______________________________________________
> > \ V / |Juan Carlos Castro y Castro |
> > \ / |[EMAIL PROTECTED] |
> > / \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
> > / ^ \ |Diretor de Informatica e Eventos Sobrenaturais |
> > / / \ \ |da E-RACE CORPORATION |
> > ~~~ ~~~ -----------------------------------------------
> > RACER
> >
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Inform�tica e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
Sameer Vijay writes:
> 1. Why is the 'From: ' line not changed when the return-path and from
> lines show the changed address?
The -f option sets the envelope sender address only. It has nothing
to do with the From field of the message header.
> 2. Why are the mysterious quotes added in the address for 'From: '
> line? What could be the reason that those quotes are only added around
> '48]'? Is there any reason that the backslash be added before [ or ]?
I suspect this is a bug in qmail-inject. It seems that qmail-inject
blindly takes $QMAILHOST as TOKEN822_ATOM. In your case the type
should be, I think, TOKEN822_LITERAL.
> 3. Is there anything I can do to avoid the quotes in the address part?
You can replace qmail-inject with new-inject, an experimental new
version of qmail-inject, included in the mess822 package. new-inject
doesn't have the problem you described.
Alternatively, you can apply my _untested_ patch attached below.
This seems to work, but I'm not sure whether this is the right way
to go. Use it at your own risk.
Of course, you could choose to avoid using domain literals in mail
addresses. Is it really necessary?
--
Tetsu Ushijima
*** qmail-inject.c.dist Mon Jun 15 19:53:16 1998
--- qmail-inject.c Tue Mar 23 00:35:38 1999
***************
*** 418,423 ****
--- 418,424 ----
void defaultfrommake()
{
char *fullname;
+ unsigned int mailhostlen;
fullname = env_get("QMAILNAME");
if (!fullname) fullname = env_get("MAILNAME");
if (!fullname) fullname = env_get("NAME");
***************
*** 446,454 ****
{
df.t[df.len].type = TOKEN822_AT;
++df.len;
! df.t[df.len].type = TOKEN822_ATOM;
! df.t[df.len].s = mailhost;
! df.t[df.len].slen = str_len(mailhost);
++df.len;
}
if (fullname && !flagnamecomment)
--- 447,465 ----
{
df.t[df.len].type = TOKEN822_AT;
++df.len;
! mailhostlen = str_len(mailhost);
! if (mailhostlen >= 2 && mailhost[0] == '[' && mailhost[mailhostlen-1] == ']')
! {
! df.t[df.len].type = TOKEN822_LITERAL;
! df.t[df.len].s = mailhost + 1;
! df.t[df.len].slen = mailhostlen - 2;
! }
! else
! {
! df.t[df.len].type = TOKEN822_ATOM;
! df.t[df.len].s = mailhost;
! df.t[df.len].slen = mailhostlen;
! }
++df.len;
}
if (fullname && !flagnamecomment)
Is there any X based mail client that supports the maildir format?
Thanks
Attila
On Tue, Mar 23, 1999 at 05:22:32PM +0100, Attila Csosz wrote:
> Is there any X based mail client that supports the maildir format?
>
> Thanks
> Attila
>
Balsa is supposed to support maildirs
http://www.balsa.net
It works with gnome and X
Ken Jones
Inter7
www.inter7.com/qmail/
Hi,
I want to use INETD and a RELAYCLIENT variable. I have been to the
archives and done my homework, but I can't find a specific example.
(I currently can't / don/t want to change to using tcpserver, as I'm
keen to make as few changes to the server as possible.)
Could some one please confirm that I could put this in my qmail/rc
file and have it work nicely. I want to allow relaying from
212.228.2.223
--- begins ---
exec env - PATH="/var/qmail/bin:$PATH" \
exec env - RELAYCLIENT="212.228.2.223" \
/var/qmail/bin/qmail-start ./Mailbox /usr/local/bin/accustamp \
| /usr/local/bin/setuser qmaill /usr/local/bin/cyclog -s 5000000 -n
30 /var/log/qmail &
---ends ---
- i would try it, but it's a fairly important server and I don't have
a spare :-)
thanks,
peter.
--
peter at gradwell dot com; online @ http://www.gradwell.com/
"To look back all the time is boring. Excitement lies in tomorrow"
On Tue, Mar 23, 1999 at 04:32:57PM +0000, Peter Gradwell wrote:
> Hi,
>
> I want to use INETD and a RELAYCLIENT variable. I have been to the
> archives and done my homework, but I can't find a specific example.
>
> (I currently can't / don/t want to change to using tcpserver, as I'm
> keen to make as few changes to the server as possible.)
You'd be doing yourself a big favor by using tcpserver. It'd take you ten
minutes to set up.
> Could some one please confirm that I could put this in my qmail/rc
> file and have it work nicely. I want to allow relaying from
> 212.228.2.223
>
> --- begins ---
>
> exec env - PATH="/var/qmail/bin:$PATH" \
> exec env - RELAYCLIENT="212.228.2.223" \
> /var/qmail/bin/qmail-start ./Mailbox /usr/local/bin/accustamp \
> | /usr/local/bin/setuser qmaill /usr/local/bin/cyclog -s 5000000 -n
> 30 /var/log/qmail &
It's qmail-smtpd that cares about RELAYCLIENT. Setting it for qmail-start won't
do anything. You need to set it via your inetd/tcpd invocation. (I don't know
how, as I use tcpserver.)
Read http://www.palomine.net/qmail/selectiverelay.html. It'll get you set up
with selective relaying and tcpserver in no time flat. (This is very similar to
Peter Samuel's document on the same subject, but I wrote it to go along with my
"qmail newbie's guide to relaying.")
Chris
On Tue, Mar 23, 1999 at 11:57:55AM -0500, Chris Johnson wrote:
[snip]
> Read http://www.palomine.net/qmail/selectiverelay.html. It'll get you set up
> with selective relaying and tcpserver in no time flat. (This is very similar to
> Peter Samuel's document on the same subject, but I wrote it to go along with my
> "qmail newbie's guide to relaying.")
Michael Samuel, that is. I got my Samuels mixed up.
Chris
Peter Gradwell writes:
> Hi,
>
> I want to use INETD and a RELAYCLIENT variable. I have been to the
> archives and done my homework, but I can't find a specific example.
>
> (I currently can't / don/t want to change to using tcpserver, as I'm
> keen to make as few changes to the server as possible.)
>
> Could some one please confirm that I could put this in my qmail/rc
> file and have it work nicely. I want to allow relaying from
> 212.228.2.223
>
> --- begins ---
>
> exec env - PATH="/var/qmail/bin:$PATH" \
> exec env - RELAYCLIENT="212.228.2.223" \
> /var/qmail/bin/qmail-start ./Mailbox /usr/local/bin/accustamp \
> | /usr/local/bin/setuser qmaill /usr/local/bin/cyclog -s 5000000 -n
> 30 /var/log/qmail &
No. This does absolutely nothing meaningfull.
Read the manual page for qmail-smtpd, which tells you that qmail-smtpd is
the one that uses the environment variables.
Then program inetd to invoke qmail-smtpd in the fashion outlined in the
manual page.
--
Sam
Chris,
Are there other "newbie" guides available? I just read your guide to relaying
and it answered many of the questions I've had rolling around in the back of my
head. I have followed all the links from the qmail.org home page but never saw
your guide, if others are available I'm sure many of us would benefit from them.
http://www.palomine.net/qmail/selectiverelay.html
http://www.palomine.net/qmail/relaying.html
Thanks,
Rick
On Tue, 23 Mar 1999, Chris Johnson wrote:
> On Tue, Mar 23, 1999 at 11:57:55AM -0500, Chris Johnson wrote:
>
> [snip]
>
> > Read http://www.palomine.net/qmail/selectiverelay.html. It'll get you set up
> > with selective relaying and tcpserver in no time flat. (This is very similar to
> > Peter Samuel's document on the same subject, but I wrote it to go along with my
> > "qmail newbie's guide to relaying.")
>
> Michael Samuel, that is. I got my Samuels mixed up.
That's good, because I was confused too :)
Regards
Peter
----------
Peter Samuel [EMAIL PROTECTED]
Technical Consultant or at present:
Uniq Professional Services, [EMAIL PROTECTED]
a division of X-Direct Pty Ltd
Phone: +61 2 9206 3410 Fax: +61 2 9281 1301
"If you kill all your unhappy customers, you'll only have happy ones left"
At 03:01 PM Tuesday 3/23/99, seiheng wrote:
>Hello to all,
>
>I have encounter a following problem:
>
>My qmail just gave a deferral message without explaining why the mail is
>defer. Usaully, if there is any error occur, qmail will print out the
>coz' of it. But this time it doesn't.
>
>I like to know what kind of error that would possibly result in this
>case.?
Almost certainly something you, or one of your users did in a .qmail file
that does a deferral exit without printing a message.
The precise exit codes are documented in the qmail-command page. Compare
what you have in any .qmail files to the description provided in that manpage.
Btw. An (unadulterated) fragment of the log file would have made it possible
to give a better answer.
Regards.
Well, there is no exit code printout also... however, we discover the coz' may
be the mailfilter that been use by this user.
There are some email that are really 'huge' that been send to this use, and the
mailfilter seem to have problem in handling large email...
Sei Heng
Mark Delany wrote:
> At 03:01 PM Tuesday 3/23/99, seiheng wrote:
> >Hello to all,
> >
> >I have encounter a following problem:
> >
> >My qmail just gave a deferral message without explaining why the mail is
> >defer. Usaully, if there is any error occur, qmail will print out the
> >coz' of it. But this time it doesn't.
> >
> >I like to know what kind of error that would possibly result in this
> >case.?
>
> Almost certainly something you, or one of your users did in a .qmail file
> that does a deferral exit without printing a message.
>
> The precise exit codes are documented in the qmail-command page. Compare
> what you have in any .qmail files to the description provided in that manpage.
>
> Btw. An (unadulterated) fragment of the log file would have made it possible
> to give a better answer.
>
> Regards.
Hello,
I've been trying to write a perl script that will talk to a qmqp server,
without much luck. I send my data to the server and await it's responce and
nothing ever shows up, I end up killing my program. I think I'm following
the protocol to the letter, but I must be missing something. Any ideas?
Following is the text I'm attempting to send to the server.
-Chris
115:64:From: Chris
To: cnelson
Subject: Testing
This is a test
Blah!
,16:[EMAIL PROTECTED],23:[EMAIL PROTECTED],,
- "Nelson, Chris (USITG)" <[EMAIL PROTECTED]>:
| I've been trying to write a perl script that will talk to a qmqp
| server, without much luck. I send my data to the server and await
| it's responce and nothing ever shows up, I end up killing my
| program. I think I'm following the protocol to the letter, but I
| must be missing something. Any ideas? Following is the text I'm
| attempting to send to the server.
Looks fine to me. I guess you got the networking part wrong in perl.
Try putting the text in a file textmsg and run
; tcpclient localhost 628 sh -c 'cat testmsg >&7; cat <&6'
If it works, you should get a response somewhat like what I got:
21:Kok 922214215 qp 9852,;
Then you can start looking for errors in your perl code...
Make sure your tcpserver setup for qmqpd actually allows connections
from localhost. Mine didn't at first, which caused some head
scratching.
- Harald
hey all, here is a quickie little program i wrote to see exactly what
rblsmtp is doing for you, here is an example of the output:
#
RBL-Stats v1.0 by xs <[EMAIL PROTECTED]>
checking your logfile, this'll take a few.
Since Mar 3 16:51:40
RBL has blocked 2265 connections.
DUL has blocked 1219 connections.
DSSL has blocked 11008 connections.
ORBS has blocked 364248 connections.
For a total of 378740 connections blocked.
Great Hunt.
#
and here is the source:
#!/bin/sh
echo "RBL-Stats v1.0 by xs <[EMAIL PROTECTED]>"
echo ""
echo "checking your logfile, this'll take a few."
cat $1|grep rblsmtp > ~/.rbltmp.bak
echo "Since `head -1 ~/.rbltmp.bak|awk '{print $1" "$2" "$3}`"
echo "RBL has blocked `grep "com/cgi" ~/.rbltmp.bak|wc -l` connections."
echo "DUL has blocked `grep "com/dul" ~/.rbltmp.bak|wc -l` connections."
echo "DSSL has blocked `grep dssl ~/.rbltmp.bak|wc -l` connections."
echo "ORBS has blocked `grep orbs.org ~/.rbltmp.bak|wc -l` connections."
echo ""
echo "For a total of `grep rblsmtp ~/.rbltmp.bak|wc -l` connections
blocked."
echo "Great Hunt."
rm ~/.rbltmp.bak
#EOF
end
-------------------------------------------------
Greg Albrecht Safari Internet
System Administrator Fort Lauderdale, FL
[EMAIL PROTECTED] www.safari.net
+1[888|954]537-9550
-------------------------------------------------
> hey all, here is a quickie little program i wrote to see exactly what
> rblsmtp is doing for you, here is an example of the output:
> #!/bin/sh
> echo "RBL-Stats v1.0 by xs <[EMAIL PROTECTED]>"
> echo ""
> echo "checking your logfile, this'll take a few."
> cat $1|grep rblsmtp > ~/.rbltmp.bak
> echo "Since `head -1 ~/.rbltmp.bak|awk '{print $1" "$2" "$3}`"
> echo "RBL has blocked `grep "com/cgi" ~/.rbltmp.bak|wc -l` connections."
> echo "DUL has blocked `grep "com/dul" ~/.rbltmp.bak|wc -l` connections."
> echo "DSSL has blocked `grep dssl ~/.rbltmp.bak|wc -l` connections."
> echo "ORBS has blocked `grep orbs.org ~/.rbltmp.bak|wc -l` connections."
> echo ""
> echo "For a total of `grep rblsmtp ~/.rbltmp.bak|wc -l` connections
> blocked."
> echo "Great Hunt."
> rm ~/.rbltmp.bak
> #EOF
Has anyone managed to get this to run?
My /bin/sh doesn't do ~ expansion
and the awk line appears tohave syntax errors with either the "
or the ` or both.
Scott
Hi,
it looks like you have a very special Unix tho (:
the scriptie worked fine for me.
On Wed, Mar 24, 1999 at 12:48:25AM -0700, Scott D. Yelich wrote:
> Has anyone managed to get this to run?
> My /bin/sh doesn't do ~ expansion
> and the awk line appears tohave syntax errors with either the "
> or the ` or both.
Pashah
--
http://www.spb.sitek.net/~pashah/public-key-0x97739141.pgp
On Wed, Mar 24, 1999 at 12:48:25AM -0700, Scott D. Yelich wrote:
> > blocked."
> > echo "Great Hunt."
> > rm ~/.rbltmp.bak
> > #EOF
>
> Has anyone managed to get this to run?
> My /bin/sh doesn't do ~ expansion
> and the awk line appears tohave syntax errors with either the "
> or the ` or both.
Traditional bourne shells did not do tilde expansion. The newer sh that
comes with OS's like FreeBSD will do tilde expansion. It's best to use csh
for tilde expansion to maintain portability, or to explicitly use bash.
--
System Administrator
See complete headers for address, homepage and phone numbers
> > > rm ~/.rbltmp.bak
> > Has anyone managed to get this to run?
> > My /bin/sh doesn't do ~ expansion
> > and the awk line appears tohave syntax errors with either the "
> > or the ` or both.
> Traditional bourne shells did not do tilde expansion. The newer sh that
> comes with OS's like FreeBSD will do tilde expansion. It's best to use csh
> for tilde expansion to maintain portability, or to explicitly use bash.
Why not change "~" to /tmp/.rbls.$$ or /tmp/.rbls.$$.$USER or something
and be done with limiting code? The echo with " inside the awk is
also nasty. I'm not trying to critisize the programmer -- although
it is amusing to see my "non standard standard solaris" system
referenced again.
Scott
in the morning I got >6000 bounces ...
On Tue, Mar 23, 1999 at 12:03:54PM +0300, Roman V. Isaev wrote:
> And what your logs say? If these e-mails are not logged, then
> you did not relay.
the logs are long ...
they say that some of the host the spam was originated from, were rejected,
ether by ORBS or by RBL ... some were not.
none was allowed to relay.
but this didn`t prevent from the spammer to set a `From` to be looked like
it was sent from our site ... when they used other relay ...
I don`t know how ...
And it looks like there is .no. solutin to prevent that ...
as long as there are open relays ...
it soooo annoying ...
Okay this has too little to do with qmail
Oh well .. larking mode on ...
Pashah
--
http://www.spb.sitek.net/~pashah/public-key-0x97739141.pgp
Ooops. I was P.O.'d with all the "Trouble bouncing" messages I couldn't
figure out, I deleted all the files in the queue/bounce directory. Now
the syslog reads like this. How can I restore qmail's integrity?
Thanx,
Mar 23 18:12:05 pcs002 qmail: 922223525.194041 warning: trouble opening
remote/1
4/860352; will try again later
Mar 23 18:12:05 pcs002 qmail: 922223525.194305 warning: trouble opening
remote/9
/860347; will try again later
Mar 23 18:12:14 pcs002 qmail: 922223534.203901 warning: trouble opening
remote/2
/860340; will try again later
Mar 23 18:12:16 pcs002 qmail: 922223536.787896 warning: trouble opening
remote/1
3/860351; will try again later
Mar 23 18:12:16 pcs002 qmail: 922223536.788166 warning: trouble opening
remote/3
/860341; will try again later
Mar 23 18:12:16 pcs002 qmail: 922223536.953633 warning: trouble opening
remote/1
0/860348; will try again later
Mar 23 18:12:16 pcs002 qmail: 922223536.953970 warning: trouble opening
remote/5
/860343; will try again later
Mar 23 18:12:16 pcs002 qmail: 922223536.954086 warning: trouble opening
remote/1
2/860350; will try again later
Mar 23 18:12:30 pcs002 qmail: 922223550.573874 warning: trouble opening
remote/6
/860344; will try again later
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Inform�tica e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
At 06:16 PM Tuesday 3/23/99, Juan Carlos Castro y Castro wrote:
>Ooops. I was P.O.'d with all the "Trouble bouncing" messages I couldn't
>figure out, I deleted all the files in the queue/bounce directory. Now
>the syslog reads like this. How can I restore qmail's integrity?
Put the files back?
The real answer is that it looks like you've trashed your queue and are
going downhill fast. The warnings will go away eventually. Alternatively you
could start again with a good queue by going:
1. Stop qmail
2. # mv /var/qmail/queue /var/qmail/queue.stuffed
3. # cd myqmail_install_sources && make setup
4. Start qmail
Regards.
>
>Thanx,
>
>Mar 23 18:12:05 pcs002 qmail: 922223525.194041 warning: trouble opening
>remote/1
>4/860352; will try again later
>Mar 23 18:12:05 pcs002 qmail: 922223525.194305 warning: trouble opening
>remote/9
>/860347; will try again later
>Mar 23 18:12:14 pcs002 qmail: 922223534.203901 warning: trouble opening
>remote/2
>/860340; will try again later
>Mar 23 18:12:16 pcs002 qmail: 922223536.787896 warning: trouble opening
>remote/1
>3/860351; will try again later
>Mar 23 18:12:16 pcs002 qmail: 922223536.788166 warning: trouble opening
>remote/3
>/860341; will try again later
>Mar 23 18:12:16 pcs002 qmail: 922223536.953633 warning: trouble opening
>remote/1
>0/860348; will try again later
>Mar 23 18:12:16 pcs002 qmail: 922223536.953970 warning: trouble opening
>remote/5
>/860343; will try again later
>Mar 23 18:12:16 pcs002 qmail: 922223536.954086 warning: trouble opening
>remote/1
>2/860350; will try again later
>Mar 23 18:12:30 pcs002 qmail: 922223550.573874 warning: trouble opening
>remote/6
>/860344; will try again later
>
>
>--
> ___THE___ One man alone cannot fight the future. USE LINUX!
> \ \ / / _______________________________________________
> \ V / |Juan Carlos Castro y Castro |
> \ / |[EMAIL PROTECTED] |
> / \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
> / ^ \ |Diretor de Informatica e Eventos Sobrenaturais |
> / / \ \ |da E-RACE CORPORATION |
> ~~~ ~~~ -----------------------------------------------
> RACER
>
Hello all,
Here is a case example of how i have qmail setup on my network here at
safari.net. this system works great for our 5000+ customers.
__
I ) ----------> mail1.safari.net
N ) /\ |
T ) | +--> pop3.safari.net
E ) | +--> imap.safari.net
R ) |
N ) ----------> mail2.safari.net
E ) | |
T ) | +-----> mail.(client).[com|net|org|fl.us]
) \/
) ----------> vpop.safari.net
)
__) <---------- smtp.safari.net
(NOTE: all boxen run qmail)
i know it looks hard, or even more like bomb diagrams, but heres how it
works:
incoming mail will first try mail1.safari.net (mx10), then
mail2.safari.net (mx20). if it gets to mail1 first it'll get spooled and
sit in the users Maildir for pop3 or imap pickup. else it'll sit on mail2
till mail1 comes back up.
as for outgoing mail, it goes thru smtp.safari.net, if it's bound for
safari.net i'll come back to mail1.safari.net, or mail2 if that ones
down... and so on.
as for vpop mail:
will first try vpop.safari.net (mx10), if thats down it'll goto
mail2.safari.net (mx20) till vpop comes back up.
outgoing vpop mail goes thru smtp.safari.net, and if bound for safari.net
it'll go thru mail1.safari.net, or mail2 as the case may be.
mail2:
secondary mx for 400+ domains.
anyway, just wanted to share my setup. copy it if u like.
later,
-g
end
-------------------------------------------------
Greg Albrecht Safari Internet
System Administrator Fort Lauderdale, FL
[EMAIL PROTECTED] www.safari.net
+1[888|954]537-9550
-------------------------------------------------
hey all, since it seems that jos' email address is no longer valid, i'd
figure i'd throw the question out here for an answer.
thanks,
-xs
hi there jos, i was taking a look at your toolarge program and i had a few
questions:
in:
echo '|condredirect $USER-toolarge $HOME/toolarge test'>.qmail-default
echo '|$HOME/toolarge bounce"'>.qmail-toolarge
i currently have "./Maildir/" in my .qmail, now would i enter this code
before or after "./Maildir/", or does the fact that it's in .qmail-default
make qmail look at it first then .qmail?
thanks for the help.
-xs
end
-------------------------------------------------
Greg Albrecht Safari Internet
System Administrator Fort Lauderdale, FL
[EMAIL PROTECTED] www.safari.net
+1[888|954]537-9550
-------------------------------------------------
Since there is/was no response about running
rblsmtp without tcpserver, I'll now install
tcpserver.
I think it would be nice to be able to run a
filter before a normal stmpd... but one that
didn't require tcpserver.
Scott
Presumably you run qmail in order to take advantage of its speed and
features. If another program is available which extends this functionality,
why wouldn't you want to use it as well?
By the way, RTFM rblsmtpd, or look at the way it was called in the examples.
You should be able to figure out how to call it from inetd if you are really
so against using tcpserver.
--Adam
----- Original Message -----
From: Scott D. Yelich <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 23, 1999 6:06 PM
Subject: Re: failure notice (fwd)
:
:
: Since there is/was no response about running
: rblsmtp without tcpserver, I'll now install
: tcpserver.
:
: I think it would be nice to be able to run a
: filter before a normal stmpd... but one that
: didn't require tcpserver.
:
: Scott
:
:
:
On 23-Mar-99 Adam D. McKenna wrote:
> Presumably you run qmail in order to take advantage of its speed and
> features. If another program is available which extends this functionality,
> why wouldn't you want to use it as well?
>
> By the way, RTFM rblsmtpd, or look at the way it was called in the examples.
> You should be able to figure out how to call it from inetd if you are really
> so against using tcpserver.
Perhaps tcpserver or the docs are just intimidating. I know I was a bit
reluctant to use it at first, now I find myself using it for just about
everything - including backups, passing encrypted data between hosts, etc.
It's really handy! Thanks Dan!!
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
> By the way, RTFM rblsmtpd, or look at the way it was called in the examples.
> You should be able to figure out how to call it from inetd if you are really
> so against using tcpserver.
I sense a wee bit of hostility on this list! sheesh!
Whether you think their witnesses are credible or non-credible...
they've admitted monopoly power, they've admitted the absence of
competitive constraints, they've admitted raising prices to hurt
consumers, they've admitted depriving consumers of choice and they've
admitted that the reason was because they were afraid that consumers
would in their view make the wrong choice, which is the non-Microsoft
choice. -- DAVID BOIES, US Department of Justice
I'm mostly interested in the last part. I sure would be nice if the
docs didn't assume that the consumer/installer hasn't made the non-qmail
or non-djb choice. You know, sometimes it is nice to use standards. If
qmail offers a sufficient reason to change, people will -- but forcing
part of qmail on people isn't well accepted by me and I'm sure there
are others that feel the same way.
I use tcpd/inetd and I fail to see why I need to start splitting up my
system to run tcpserver, xinetd, etc., just to get an smtp to run!
I once tried to install ppp under sunos... way back in like 93 or 94 or
something. You see, this one package required another package to be
pre-installed before it would work. Of course, that package was not
distributed as part of the original, since they were separate
packages... and you had to find the package -- since there might be
upgrades and fixes to it. Fine, found that package. Now that package
required two more other packages to be previously installed before *it*
would go it. Repeat this a few times and add a package or two that no
longer is used (superceded?) and you have a royal mess.
I just wish the qmail system would be friendly to non-djb software
and/or have instructions that were laid out with some vision. It's
really nice to see a context diff patch -- but it doesn't do any good if
the file being patched is hard referenced through someone's personal src
tree (ie: not just ./file) and/or the patch doesn't tell you when or
how to apply it (ie; before make config check or after?).
Anyway, enough rant.
Yes, I'll rtfm *again* and see the same old examples which won't help
any more now than it did the first time that I read them. Yes, I'll
figure it out. I'm just doing what I've always done on this list and
suggested that if, perhaps, qmail really wants more people to use it --
perhaps the install could be a little more organized and/or straight
forward and documented!
Right now I consider qmail (source) as organized as an egg after an m80
has gone off inside it. I've seen many people give up trying to install
qmail because it was just too convoluted. I also think that
documentation that assumes or requires other system design capitulations
that may or may not be neccessary -- will be viewed as distractful at the very least.
Scott
On 23-Mar-99 Scott D. Yelich wrote:
>
> I just wish the qmail system would be friendly to non-djb software
> and/or have instructions that were laid out with some vision. It's
> really nice to see a context diff patch -- but it doesn't do any good if
> the file being patched is hard referenced through someone's personal src
> tree (ie: not just ./file) and/or the patch doesn't tell you when or
> how to apply it (ie; before make config check or after?).
Actually, Scott, it used to be. But there were so many broken instances
of tcpd, security concerns with some of the implementations, etc. that
Dan finally said enough and decided it was too much of a headache to keep
supporting and dropped support - for which I applaud his decision.
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
> Actually, Scott, it used to be. But there were so many broken instances
> of tcpd, security concerns with some of the implementations, etc. that
> Dan finally said enough and decided it was too much of a headache to keep
> supporting and dropped support - for which I applaud his decision.
Fine. We've all seen djb's choices through different lists... etc.
How about something like this is one of the source files?
``Due to to so many broken instances of tcpd and other security
concerns with some implementations, I (djb) have decided not
to support this program working with tcpd. You may be able
to get this program to work with tcpd, but it is strongly
advised that you take the time to investigate tcpserver.''
Do we have that? Perhaps I just missed it... along with
all the rest of the documentation that (and others) have
missed.
Scott
From: Scott D. Yelich <[EMAIL PROTECTED]>
> I'm mostly interested in the last part. I sure would be nice if the
> docs didn't assume that the consumer/installer hasn't made the non-qmail
> or non-djb choice. You know, sometimes it is nice to use standards. If
> qmail offers a sufficient reason to change, people will -- but forcing
> part of qmail on people isn't well accepted by me and I'm sure there
> are others that feel the same way.
SYNTAX
rblsmtpd [ -b ] [ -R ] [ -r domain ] [ -t timeout ] smtpd
[ arg ... ]
commands encased in []'s are optional.
that means that the only necessary argument to rblsmtpd is "smtpd", which is
in your case, /var/qmail/bin/qmail-smtpd [ arg ... ]
--Adam
On Tue, 23 Mar 1999, Adam D. McKenna wrote:
> From: Scott D. Yelich <[EMAIL PROTECTED]>
> > I'm mostly interested in the last part. I sure would be nice if the
> > docs didn't assume that the consumer/installer hasn't made the non-qmail
> > or non-djb choice. You know, sometimes it is nice to use standards. If
> > qmail offers a sufficient reason to change, people will -- but forcing
> > part of qmail on people isn't well accepted by me and I'm sure there
> > are others that feel the same way.
>
> SYNTAX
> rblsmtpd [ -b ] [ -R ] [ -r domain ] [ -t timeout ] smtpd
> [ arg ... ]
> commands encased in []'s are optional.
>
> that means that the only necessary argument to rblsmtpd is "smtpd", which is
> in your case, /var/qmail/bin/qmail-smtpd [ arg ... ]
>From inetd.conf;
smtp stream tcp nowait qmaild /usr/sbin/tcpd /var/qmail/bin/tcp-env
/usr/local/bin/rblsmtpd /var/qmail/bin/qmail-smtpd
I can't really tell if it's working or not. I tried sending mail to the
test address at [EMAIL PROTECTED] and I only got one message
back about the message being blocked.
I can't find any documentation (other than the source) on any
configuration for rblsmtpd. What RBL does it use? How can I configure
this?
Why doesn't it or how can I make it syslog so I can tell if it's working
or not?
Scott
- "Scott D. Yelich" <[EMAIL PROTECTED]>:
| I can't find any documentation (other than the source) on any
| configuration for rblsmtpd.
Then I presume you haven't got rblsmtpd from the same place I got it,
namely from DJB's FTP site. That version comes with a manual page
which explains it all. If versions of rblsmtpd are distributed
without the documentation, that's bad news.
- Harald
> Perhaps tcpserver or the docs are just intimidating. I know I was a bit
> reluctant to use it at first, now I find myself using it for just about
> everything - including backups, passing encrypted data between hosts, etc.
> It's really handy! Thanks Dan!!
Example:
ucwhatever INSTALL instructions:
spy [4246]> less INSTALL
Like any other piece of software (and information generally), ucspi-tcp
comes with NO WARRANTY.
Things you have to decide before starting:
* The ucspi-tcp home directory, normally /usr/local. To change this
directory, edit conf-home now.
How to install:
1. Compile the programs and create the formatted man pages:
% make
2. Install the programs and man pages:
# make setup check
That's it! To report success:
% ( echo 'First M. Last'; cat `cat SYSDEPS` ) | mail [EMAIL PROTECTED]
Replace First M. Last with your name.
chmod 755 compile
./compile tcpclient.c
./compile: cc: not found
*** Error code 1
make: Fatal error: Command failed for target `tcpclient.o'
spy [4228]> cat compile
#!/bin/sh
# WARNING: This file was auto-generated. Do not edit!
exec cc -O2 -c ${1+"$@"}
Where does it say edit conf-cc and conf-ld ?
if I cat compile -- it says "cc" but that file is generate?
Of course, I could do something like:
spy [4250]> egrep -i "conf\-cc" *
FILES:conf-cc
Makefile:warn-auto.sh conf-cc
Makefile: echo exec "`head -1 conf-cc`" '-c $${1+"$$@"}' \
Makefile:recordio.c argv0.1 argv0.c rts.sh rts.tests rts.exp conf-cc conf-ld \
Makefile:find-systype.sh conf-cc conf-ld trycpp.c
Makefile: echo CC=\'`head -1 conf-cc`\'; \
and see that games being played with conf-cc ...
but then ld will fail, and I'll have to do the same for that after
the make fails.
Why not mention *this* in this INSTALL?
How many people here had to ask or figure this out for
themselves provided that they didn't have "cc" working?
Scott
> Why not mention *this* in this INSTALL?
>
> How many people here had to ask or figure this out for
> themselves provided that they didn't have "cc" working?
Uh, you're kidding, right?
I think the assumption is that you won't be messing around with compiling a
new mail server (or anything else for that matter) from scratch if you
can't even figure out your compiler. I've yet to find a stock system with
development tools installed where "cc" didn't invoke the compiler.
shag
> > Why not mention *this* in this INSTALL?
> > How many people here had to ask or figure this out for
> > themselves provided that they didn't have "cc" working?
> Uh, you're kidding, right?
> I think the assumption is that you won't be messing around with compiling a
> new mail server (or anything else for that matter) from scratch if you
> can't even figure out your compiler. I've yet to find a stock system with
> development tools installed where "cc" didn't invoke the compiler.
Fine. Be hostile -- you're not hurting me. Try any solaris system.
security [4258]> /usr/ucb/cc
/usr/ucb/cc: language optional software package not installed
I have gcc, but I don't just link cc to gcc as some systems
seem very broken when they depend on the name of the "cc"
compiler for things.
You know, solaris boot has a check for the current user to be "root"
so if you put another entry in the /etc/passwd *before* root
with uid 0, a solaris system won't boot? Isn't that kind of
pathetic? Why can't the script check "id" or something for
the uid instead of depending on the *text* output of
some user check?
I know you don't see my point.
Scott
On 23-Mar-99 Scott D. Yelich wrote:
>> > Why not mention *this* in this INSTALL?
>> > How many people here had to ask or figure this out for
>> > themselves provided that they didn't have "cc" working?
>> Uh, you're kidding, right?
>> I think the assumption is that you won't be messing around with compiling a
>> new mail server (or anything else for that matter) from scratch if you
>> can't even figure out your compiler. I've yet to find a stock system with
>> development tools installed where "cc" didn't invoke the compiler.
>
> Fine. Be hostile -- you're not hurting me. Try any solaris system.
>
> security [4258]> /usr/ucb/cc
> /usr/ucb/cc: language optional software package not installed
>
> I have gcc, but I don't just link cc to gcc as some systems
> seem very broken when they depend on the name of the "cc"
> compiler for things.
>
> You know, solaris boot has a check for the current user to be "root"
> so if you put another entry in the /etc/passwd *before* root
> with uid 0, a solaris system won't boot? Isn't that kind of
> pathetic? Why can't the script check "id" or something for
> the uid instead of depending on the *text* output of
> some user check?
Just guessing, but I bet you'd bitch if you were hung with a new rope.
I've had tcpserver compile just fine even with HP's broken compiler. It
seems as if you're trying to find fault just to try and prove your point.
If you know/knew in advance of your non-standard compiler setup you'd be
prepared for it.
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
Scott D Yelich <[EMAIL PROTECTED]> writes:
> Fine. Be hostile -- you're not hurting me. Try any solaris system.
> security [4258]> /usr/ucb/cc
> /usr/ucb/cc: language optional software package not installed
windlord:~> ls /usr/ucb/cc
ls: /usr/ucb/cc: No such file or directory
windlord:~> uname -a
SunOS windlord.stanford.edu 5.6 Generic_105181-11 sun4u sparc SUNW,Ultra-1
Much better.
> I have gcc, but I don't just link cc to gcc as some systems seem very
> broken when they depend on the name of the "cc" compiler for things.
Everything that you have to compile depends on the name of the C compiler.
I edited conf-cc and conf-ld once when I was first building qmail, saved
it as a local patch, and problem was forever solved. One gets very used
to doing that on Solaris to get things to compile with gcc instead,
particularly given that I *have* cc (/opt/SUNWspro/bin/cc, to be precise).
> You know, solaris boot has a check for the current user to be "root" so
> if you put another entry in the /etc/passwd *before* root with uid 0, a
> solaris system won't boot? Isn't that kind of pathetic? Why can't the
> script check "id" or something for the uid instead of depending on the
> *text* output of some user check?
Don't create multiple UID 0 accounts. You'll horribly regret it later.
Been there, done that.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
> I've had tcpserver compile just fine even with HP's broken compiler. It
> seems as if you're trying to find fault just to try and prove your point.
> If you know/knew in advance of your non-standard compiler setup you'd be
> prepared for it.
*sigh*
You just don't get it... do you.
I have a standard compiler set up. I have gcc. I do not have cc.
I get 99% of my programs in source and they tell me to
edit the Make file and change the "cc" line to "gcc"
or to type ./Configure. Both of these get me to
compile (maybe I have to define solaris, etc.) just
fine.
Then comes qmail, et al., does it use Makefile with
CC=gcc? no. Does it use ./Configure? no. It says
"type make; make config check; # that's all!"
BUT IT IS NOT ALL.
That's all (I'm trying to say).
Scott
> Everything that you have to compile depends on the name of the C compiler.
> I edited conf-cc and conf-ld once when I was first building qmail, saved
> it as a local patch, and problem was forever solved. One gets very used
> to doing that on Solaris to get things to compile with gcc instead,
> particularly given that I *have* cc (/opt/SUNWspro/bin/cc, to be precise).
bingo. Lets say I had your setup. Fine, I type make and it uses "cc"
.. which, if it's sunpro, is better than gcc anyway, but *if* I wanted
to compile using gcc? How would I do that? I'd have to dig through the
source until I found the "tricks" ...
*I* kow the tricks. As someone else said, every since first struggling
with it when trying to compile qmail, I have known to look for
conf (in fact, I look for conf* and */conf*) just to look around.
> > You know, solaris boot has a check for the current user to be "root" so
> > if you put another entry in the /etc/passwd *before* root with uid 0, a
> > solaris system won't boot? Isn't that kind of pathetic? Why can't the
> > script check "id" or something for the uid instead of depending on the
> > *text* output of some user check?
> Don't create multiple UID 0 accounts. You'll horribly regret it later.
> Been there, done that.
Why do people say this? What the hell does it matter? People these days
spout a bunch of baseless crap. If you want to discuss this, I'd be
glad to take it to email to see where we differ in philosophies.
Scott
Scott D. Yelich writes:
[ snip ]
> chmod 755 compile
> ./compile tcpclient.c
> ./compile: cc: not found
> *** Error code 1
Bad example.
If you do not have a functioning C compiler installed on your system, you
have no business compiling or installing any software, not just Qmail.
[ snip ]
> and see that games being played with conf-cc ...
> but then ld will fail, and I'll have to do the same for that after
> the make fails.
>
> Why not mention *this* in this INSTALL?
Why make so much fuss about this?
This is a minor glitch. Although it's real cause is your broken C
compiler, let's say that's even not case. Things like this happen all the
time, and I don't see the big deal about it.
The only item I'll agree with you on is that djb should be using GNU
auto-bloat, in order to handle convoluted compilers like that.
--
Sam
On Tue, 23 Mar 1999, Scott D. Yelich wrote:
> > I've had tcpserver compile just fine even with HP's broken compiler. It
> > seems as if you're trying to find fault just to try and prove your point.
> > If you know/knew in advance of your non-standard compiler setup you'd be
> > prepared for it.
>
> *sigh*
>
> You just don't get it... do you.
>
> I have a standard compiler set up. I have gcc. I do not have cc.
The first thing I do after I install gcc on a new Solaris box is symlink
cc to gcc. I recall you saying that this breaks things, but I haven't had
a problem with it.
> I get 99% of my programs in source and they tell me to
> edit the Make file and change the "cc" line to "gcc"
> or to type ./Configure. Both of these get me to
> compile (maybe I have to define solaris, etc.) just
> fine.
So does linking gcc to cc.
> Then comes qmail, et al., does it use Makefile with
> CC=gcc? no. Does it use ./Configure? no. It says
> "type make; make config check; # that's all!"
No, it doesn't. It doesn't need to, since it doesn't have a bazillion
compile-time options (I kinda wish it did, but that's another story).
> BUT IT IS NOT ALL.
>
> That's all (I'm trying to say).
Okay, okay, you've said it. That being said, tcpserver is the quickest
and easiest piece of software I've ever built and installed. YMMV
James Smallacombe Internet Access for The Delaware
[EMAIL PROTECTED] Valley in PA, NJ and DE
PlantageNet Internet Ltd. http://www.pil.net
=========================================================================
ISPF 3 - The Forum for ISPs by ISPs(tm) || Nov 15-17, 1999, New Orleans
3 days of clues, news, and views from the industry's best and brightest.
Visit <http://www.ispf.com/> for information and registration.
=========================================================================
> > chmod 755 compile
> > ./compile tcpclient.c
> > ./compile: cc: not found
> > *** Error code 1
> Bad example.
not a bad example. get a standard solaris machine (without
paying for sun's sunpro cc) and install gcc.
try to compile anything of dans for the first time
(ie; first time compile, not new software
for the first time). I work with admins who just
can't figure out his compiling mechanism.
> If you do not have a functioning C compiler installed on your system, you
> have no business compiling or installing any software, not just Qmail.
I have never said that I do not have a functioning C compiler.
You have said and assumed this. You have assumed incorrectly.
> > and see that games being played with conf-cc ...
> > but then ld will fail, and I'll have to do the same for that after
> > the make fails.
> > Why not mention *this* in this INSTALL?
> Why make so much fuss about this?
Why? because it's necessary in order to compile?
> This is a minor glitch. Although it's real cause is your broken C
> compiler, let's say that's even not case. Things like this happen all the
> time, and I don't see the big deal about it.
I do not have a broken C compiler. You can say it as much and as
often as you like, but that doesn't make it any more true.
> The only item I'll agree with you on is that djb should be using GNU
> auto-bloat, in order to handle convoluted compilers like that.
./Configure is nice... but it's not the only way. Dan's way works --
once you've dug through the source. Gee, one line in the install/readme
would prevent this.
Why does one have to read the qmail FAQ just to be able to
install qmail Can you answer that?
Scott
Scott D Yelich <[EMAIL PROTECTED]> writes:
> bingo. Lets say I had your setup. Fine, I type make and it uses "cc"
> .. which, if it's sunpro, is better than gcc anyway,
That's a matter of opinion.
> but *if* I wanted to compile using gcc? How would I do that? I'd have to
> dig through the source until I found the "tricks" ...
I read the install file and noted that it talked about modifying lots of
files that started with conf-. I thought "huh, wonder what all there is."
I did an ls conf-*, saw conf-cc and conf-ld, figured I'd better edit them,
and did.
It could stand a single line at the top of INSTALL, sure.
But if you actually read the make output after it fails:
( cat warn-auto.sh; \
echo CC=\'`head -1 conf-cc`\'; \
echo LD=\'`head -1 conf-ld`\' \
) > auto-ccld.sh
is kinda obviously pointing at the files to change, I'd say.
>> Don't create multiple UID 0 accounts. You'll horribly regret it later.
>> Been there, done that.
> Why do people say this? What the hell does it matter?
* You're allowing multiple access paths to what should be the most secure
account on your system. You now have *multiple* potentially
compromised passwords rather than just one. You have to check and
maintain all of them. Not good.
* Stuff gets confused. You already gave an example of that yourself.
* You lose simple auditing. Rather than checking for root logins, you
now have to check for logins on a bunch of random accounts.
* No one expects there to be multiple UID 0 accounts, since that's not
the way a Unix system normally works. So they do things under the
assumption there's only one UID 0 account and you can get security
holes that way.
* Those extra accounts look like normal accounts but can't be dealt with
via normal account management policies. Real example (yes, this
actually happened): Someone was cleaning up after an employee who left
the company and was using admintool to delete his accounts (yes, I
know, first mistake...). Deleted the UID 0 account. Checked the box
for "remove home directory" since it was the default. Whoops.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Scott D Yelich <[EMAIL PROTECTED]> writes:
> Why does one have to read the qmail FAQ just to be able to install qmail
> Can you answer that?
Please name a fully-functional Internet MTA for which you do not have to
read the documentation to install it.
RPMs don't count.
(Yes, I agree with you that a line in INSTALL about configuring the
compiler and linker is appropriate. But the statements you're using to
support your argument are going too far.)
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Scott D. Yelich wrote/schrieb/scribsit:
> ./Configure is nice... but it's not the only way. Dan's way works --
> once you've dug through the source. Gee, one line in the install/readme
> would prevent this.
stefanp@horatio[qmail-1.03]$ head -1 Makefile
# Don't edit Makefile! Use conf-* for configuration.
Stefan
At 05:10 PM Tuesday 3/23/99, Scott D. Yelich wrote:
>> I've had tcpserver compile just fine even with HP's broken compiler. It
>> seems as if you're trying to find fault just to try and prove your point.
>> If you know/knew in advance of your non-standard compiler setup you'd be
>> prepared for it.
>
>*sigh*
>
>You just don't get it... do you.
>
>I have a standard compiler set up. I have gcc. I do not have cc.
Ahh. You mean you have a NON-standard compiler setup. Now I understand.
Regards.
Mark Delany <[EMAIL PROTECTED]> writes:
> At 05:10 PM Tuesday 3/23/99, Scott D. Yelich wrote:
>> I have a standard compiler set up. I have gcc. I do not have cc.
> Ahh. You mean you have a NON-standard compiler setup. Now I understand.
Mark, that's a standard compiler setup for a Solaris machine. Seriously.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Scott D. Yelich writes:
>
> > > chmod 755 compile
> > > ./compile tcpclient.c
> > > ./compile: cc: not found
> > > *** Error code 1
> > Bad example.
>
> not a bad example. get a standard solaris machine (without
> paying for sun's sunpro cc) and install gcc.
"Standard Solaris machine" is not the same thing as a "Standard UNIX
machine". A standard UNIX machine comes with a functioning C compiler.
> > This is a minor glitch. Although it's real cause is your broken C
> > compiler, let's say that's even not case. Things like this happen all the
> > time, and I don't see the big deal about it.
>
> I do not have a broken C compiler. You can say it as much and as
> often as you like, but that doesn't make it any more true.
Well, it is true. Your C compiler is broken. "cc" has been used on UNIX to
invoke a functioning C compiler since the dark ages. No matter how often
you claim it, that historical fact won't go away. When you have software
that should work on most UNIX systems, you don't go in and hardcode in
features that are specific to only one common UNIX flavor. You go for the
least common denominator, which happens to be cc.
Do you think that people should go around putting out stuff that's
hardcoded for gcc?
> Why does one have to read the qmail FAQ just to be able to
> install qmail Can you answer that?
Nope. I've installed Qmail without reading the FAQ. With selective
relaying, and all that. Granted, my selective relaying solution wasn't the
best one, but you can't have everything.
--
Sam
At 04:32 PM Tuesday 3/23/99, Russ Allbery wrote:
>Mark Delany <[EMAIL PROTECTED]> writes:
>> At 05:10 PM Tuesday 3/23/99, Scott D. Yelich wrote:
>
>>> I have a standard compiler set up. I have gcc. I do not have cc.
>
>> Ahh. You mean you have a NON-standard compiler setup. Now I understand.
>
>Mark, that's a standard compiler setup for a Solaris machine. Seriously.
What?! That the compiler is called gcc is a standard Solaris setup? Now I
don't understand. None of the Solaris machines I have access to come
installed with gcc as standard.
Now, if I hack around and install non-standard stuff, I may end up with a
gcc and maybe even a link to that from cc, but as I said, I'd call that
non-standard and wouldn't expect an independent software bundle to know that
that's what I'd been doing to my system.
Regards.
> Scott D Yelich <[EMAIL PROTECTED]> writes:
> > bingo. Lets say I had your setup. Fine, I type make and it uses "cc"
> > .. which, if it's sunpro, is better than gcc anyway,
> That's a matter of opinion.
hahah.... fine. I'll leave it at the code that I used
to benchmark sun ultra code from sunpro-cc and gcc --
the sunpro-cc was 20% faster. That's how
I base my opinion. I'm sure there are other factors.
> > but *if* I wanted to compile using gcc? How would I do that? I'd have to
> > dig through the source until I found the "tricks" ...
>
> I read the install file and noted that it talked about modifying lots of
> files that started with conf-. I thought "huh, wonder what all there is."
> I did an ls conf-*, saw conf-cc and conf-ld, figured I'd better edit them,
> and did.
ucp* install mentions conf-home, but not others. sorry.
> >> Don't create multiple UID 0 accounts. You'll horribly regret it later.
> >> Been there, done that.
>
> > Why do people say this? What the hell does it matter?
>
> * You're allowing multiple access paths to what should be the most secure
> account on your system. You now have *multiple* potentially
> compromised passwords rather than just one. You have to check and
> maintain all of them. Not good.
baloney. If the passwords are the same, then you still only
have one password.
> * Stuff gets confused. You already gave an example of that yourself.
Um. no and no. *I* am not confused. I am fighting and arguing with
people on this list over what I feel would be contributions to the
overall documentation style of qmail components.
nothing gets confused with a second root entry.
> * You lose simple auditing. Rather than checking for root logins, you
> now have to check for logins on a bunch of random accounts.
Not true. Did I say the shell was interactive?
> * No one expects there to be multiple UID 0 accounts, since that's not
> the way a Unix system normally works. So they do things under the
> assumption there's only one UID 0 account and you can get security
> holes that way.
you are saying the same thing over and over without really providing
any concrete reasons.
> * Those extra accounts look like normal accounts but can't be dealt with
> via normal account management policies. Real example (yes, this
> actually happened): Someone was cleaning up after an employee who left
> the company and was using admintool to delete his accounts (yes, I
> know, first mistake...). Deleted the UID 0 account. Checked the box
> for "remove home directory" since it was the default. Whoops.
does admintool run the rm-user-home as the user or as root?
how would this differ from setting a normal user home to /?
so, lets argue a second root entry vs remote exploit/access
to your system via admintool.
Fine. This is the qmail mailing list. I'm trying to talk about qmail
-- but we're side tracked.
I consult for an ISP that uses sendmail -- sorry, there's no way in hell
that I'm going to instll qmail due to how non-standard it is and how
poor the documentation is. It's ok, for *me* because I have fought with
it and I canuse it, but for anyone else coming it, it's "not standard"
and I think it's in poor taste to do that to a client.
So, this client owns their own isp. They have root access. They often
type "passwd" without an account to change the password for one of
their account -- yet they zap the root password. Ignore my solution --
how would you prevent this provided that the isp owner will not stop
using the command and you don't want to write a wrapper for them around
the root command (since it's not a single person who does this).
Anyway, I'll now install tcpserver and see how long my mail is down.
I'll report back.
Scott
Sam <[EMAIL PROTECTED]> writes:
> "Standard Solaris machine" is not the same thing as a "Standard UNIX
> machine". A standard UNIX machine comes with a functioning C compiler.
Solaris doesn't. HP-UX comes with something that's functioning only under
the most general possible definition of the term. I don't believe AIX
does. IRIX doesn't even come with header files, let alone a compiler.
Linux and *BSD come with functioning C compilers.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Mark Delany <[EMAIL PROTECTED]> writes:
> At 04:32 PM Tuesday 3/23/99, Russ Allbery wrote:
>> Mark, that's a standard compiler setup for a Solaris machine. Seriously.
> What?! That the compiler is called gcc is a standard Solaris setup? Now
> I don't understand. None of the Solaris machines I have access to come
> installed with gcc as standard.
I'm making a distinction between "stock" and "standard" that you may not
be. To me, "standard" in this context is "what I expect to see on a
normal Solaris machine." Pretty much everyone who runs lots of Solaris
machines installs gcc sooner or later.
> Now, if I hack around and install non-standard stuff, I may end up with
> a gcc and maybe even a link to that from cc, but as I said, I'd call
> that non-standard and wouldn't expect an independent software bundle to
> know that that's what I'd been doing to my system.
Most free software figures it out, since autoconf copes fine.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
> Scott D Yelich <[EMAIL PROTECTED]> writes:
> >> Don't create multiple UID 0 accounts. You'll horribly regret it later.
> >> Been there, done that.
> > Why do people say this? What the hell does it matter?
> * Those extra accounts look like normal accounts but can't be dealt with
> via normal account management policies. Real example (yes, this
> actually happened): Someone was cleaning up after an employee who left
> the company and was using admintool to delete his accounts (yes, I
> know, first mistake...). Deleted the UID 0 account. Checked the box
> for "remove home directory" since it was the default. Whoops.
(Sorry this is old, please don't panic!)
export list for 36.93.0.22:
/usr (everyone)
/usr1 (everyone)
/usr2 (everyone)
dontpanic[17]% iphost !$
iphost 36.93.0.22
finch.Stanford.EDU
wyse2:#hack f0rced H [EMAIL PROTECTED] (Operator)
I don't think it would be good to post password files from stanford
or the old root passwords. I'm sure things have changed since then.
Thank goodness.
I think the point of your statements is that perhaps it's not standard
to have multiple root entries just as you shouldn't export your
filesystems to the world. If you know what you're doing, then it
doesn't really matter unless someone comes along who doesn't know
what they're doing. Gee, I'm saying the exact same thing. Perhaps
people come along that just don't know how to deal with the source.
I'm sorry, but I have to consult for people who have their own "root"
access, but who don't know to do much more than vi html files. These
people are not the ones trying to compile qmail, etc., but there are
some people who are trying to progress from just about that level and
they are getting confused with the lack of documentation in qmail.
Scott
ps: the issue is not that I can't get qmail to compile -- I can.
I can't get the rbl patches to apply -- but I was told that they
were superceded with rblsmpt. Fine, I can apply the patches
by *hand*, but that's a lot of work. So, I'll go with rblsmtpd
(and now tcpserver just for rblsmtpd). No problem. It does compile
(and I guess install) since the installs don't ever seem to output
any information.
On 23 Mar 1999, Russ Allbery wrote:
> Sam <[EMAIL PROTECTED]> writes:
> > "Standard Solaris machine" is not the same thing as a "Standard UNIX
> > machine". A standard UNIX machine comes with a functioning C compiler.
> Solaris doesn't. HP-UX comes with something that's functioning only under
> the most general possible definition of the term. I don't believe AIX
> does. IRIX doesn't even come with header files, let alone a compiler.
> Linux and *BSD come with functioning C compilers.
This may not be the place to ask... and I'm not sure I'd like
the answers -- but I'll ask anyway:
(1) is it standard (practice) to link cc to gcc? (and who says it is
standard practice?)
and
(2) how many people here have done this?
As far as linking cc to gcc breaking things. I'll provide examples.
Say, was the SunOS cc ansi compatible? I really do remember
commany line options to cc that didn't work with gcc and
vice-versa.
Scott
(If I sound upset, btw, I'm not. So don't read that into tone; it's not
meant.)
Scott D Yelich <[EMAIL PROTECTED]> writes:
> hahah.... fine. I'll leave it at the code that I used to benchmark sun
> ultra code from sunpro-cc and gcc -- the sunpro-cc was 20% faster.
> That's how I base my opinion. I'm sure there are other factors.
Yes, like a compiler that works the same and takes the same flags across
the eight different platforms I have to support.
>> * You're allowing multiple access paths to what should be the most
>> secure account on your system. You now have *multiple* potentially
>> compromised passwords rather than just one. You have to check and
>> maintain all of them. Not good.
> baloney. If the passwords are the same, then you still only have one
> password.
Whether you set the password to the same thing on all the accounts or not,
there are now multiple privileged password entries. They *can* be
different (or made different by an attacker). Keeping more than one thing
secure is harder than keeping one thing secure.
Most of the installations I've seen with multiple UID 0 accounts set the
passwords to different things. You're being more intelligent about it
than most; that's good.
>> * Stuff gets confused. You already gave an example of that yourself.
> Um. no and no.
You said that Solaris has a boot script that does a text check for root
and gets confused if there's a UID 0 account in /etc/passwd before root.
> I am fighting and arguing with people on this list over what I feel
> would be contributions to the overall documentation style of qmail
> components.
No, you're fighting and arguing with people on this list about all sorts
of random other topics. I've yet to see anyone say that a line in INSTALL
mentioning where to configure the compilers would be a bad thing.
> you are saying the same thing over and over without really providing any
> concrete reasons.
I am giving you a concrete reason. "People get confused." You have not
yet encountered people who are confused by this. I'm glad for that. I
have. There are a lot of them. I've done this before I've seen them get
confused. I've seen the problems that result. I think it's a bad idea,
and therefore recommend that other people don't do it. I'm not going to
break into your machine and remove your extra UID 0 accounts; if you don't
agree with me, that's your lookout. It's not going to break your system
to have multiple UID 0 accounts; it's quite possible to maintain a system
in that fashion.
> does admintool run the rm-user-home as the user or as root? how would
> this differ from setting a normal user home to /?
It doesn't. Don't do that either. :)
> so, lets argue a second root entry vs remote exploit/access to your
> system via admintool.
admintool isn't an exploit. admintool is something that people who don't
really understand a Solaris machine use to do things on it. If you
thoroughly understand your machine, you can do anything you want to it and
probably make it work with enough persistance. If you want people who are
used to normal Unix systems or people who don't really know what they're
doing to be able to work with your box, in my experience UID 0 accounts
other than root are a bad idea.
> I consult for an ISP that uses sendmail -- sorry, there's no way in hell
> that I'm going to instll qmail due to how non-standard it is and how
> poor the documentation is.
You don't need to defend your choice of an MTA. I run both qmail and
sendmail and am considering Postfix for other things. Lots of us are like
that. It's not a binary choice. In fact, casting suggestions in terms of
"I can't install qmail because X is broken" tends to be needlessly
inflammatory.
> So, this client owns their own isp. They have root access. They often
> type "passwd" without an account to change the password for one of their
> account -- yet they zap the root password. Ignore my solution -- how
> would you prevent this provided that the isp owner will not stop using
> the command and you don't want to write a wrapper for them around the
> root command (since it's not a single person who does this).
So you have someone with root access who regularly types incorrect
commands as root and is unwilling to learn how to do it right and you
can't take root away from them.
You're right. Ignore my suggestions about UID 0 accounts; they'll be the
least of your problems.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Text written by Scott D. Yelich at 05:44 PM 3/23/99 -0700:
>
>So, this client owns their own isp. They have root access. They often
>type "passwd" without an account to change the password for one of
>their account -- yet they zap the root password. Ignore my solution --
>how would you prevent this provided that the isp owner will not stop
>using the command and you don't want to write a wrapper for them around
>the root command (since it's not a single person who does this).
Around "the root command"? Personally, I'd write a wrapper around the
_passwd_ command, partly _because_ more than one person keeps making this
mistake.
My preferred wrapper would either prompt when called with no argument
("Change the password for the foobar account?"), or perhaps force the user
to specify an account no matter what ("You must provide an account name!").
However, another possibility would be to simply have the wrapper get the
real UID and pass that to passwd as an arg, thus changing the password on
the account the person su'd from. This means that only those who know how
to get around the wrapper can change the root password. (Of course, if they
routinely log in as root from the console, that wouldn't work.)
Either way, if your users keep screwing up with root power, some kind of
safeguards need to be put in place.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
Godzillagram /god-zil'*-gram/ /n./
[from Japan's national hero] 1. A network packet that in theory is
a broadcast to every machine in the universe... Fortunately, few
gateways are foolish enough to attempt to implement this case!
2. A network packet of maximum size...
> >the root command (since it's not a single person who does this).
> Around "the root command"? Personally, I'd write a wrapper around the
> _passwd_ command, partly _because_ more than one person keeps making this
> mistake.
god damn, jump down my throat why don't you?
People miss my humor so much I sometimes think I'm not funny.
Main Entry: 1root
Pronunciation: 'r|t, 'rut
Function: noun
3 a : something that is an origin or source (as of a condition or
quality) <the love of money is the root of all evil -- 1 Tim 6:10
(Authorized Version)> b : one or more progenitors of a group of
descendants -- usually used in plural c : an underlying support : BASIS
d : the essential core : HEART -- often used in the phrase at root e :
close relationship with an environment : TIE -- usually used in plural
3(d)
Ok, so it was a poor choice of words. I thought it was clever.
> My preferred wrapper would either prompt when called with no argument
> ("Change the password for the foobar account?"), or perhaps force the user
> to specify an account no matter what ("You must provide an account name!").
> However, another possibility would be to simply have the wrapper get the
> real UID and pass that to passwd as an arg, thus changing the password on
> the account the person su'd from. This means that only those who know how
> to get around the wrapper can change the root password. (Of course, if they
> routinely log in as root from the console, that wouldn't work.)
You're right! That is so much easier than another copy of the
original root password in the /etc/passwd (/etc/shadow) file.
> Either way, if your users keep screwing up with root power, some kind of
> safeguards need to be put in place.
My safeguard is another copy of the original root password in the
/etc/password (or /etc/shadow) file. I really didn't see it
as a major foopah.
Scott
> *sigh*
>
> You just don't get it... do you.
>
> I have a standard compiler set up. I have gcc. I do not have cc.
ahem. earlier you were complaining about "cc" being installed on solaris
but not working because hey, guess what, it WASN'T really installed. now
you are saying that you have a "standard" compiler setup involving gcc.
gcc is not a "standard" compiler on anything but linux or *bsd, and on
those systems it's set up by default so that "cc" invokes "gcc", which
means that your argument about "cc" not working doesn't really hold water.
if you want to play a game of semantics, you'd better get your facts and
your words straight.
shag
Text written by Scott D. Yelich at 06:46 PM 3/23/99 -0700:
>
>> >the root command (since it's not a single person who does this).
>> Around "the root command"? Personally, I'd write a wrapper around the
>> _passwd_ command, partly _because_ more than one person keeps making this
>> mistake.
>
>god damn, jump down my throat why don't you?
Sorry, I wasn't trying to jump down your throat. I was honestly confused by
your word choice.
Okay, so I advised doing the thing you didn't want to do.
>Ok, so it was a poor choice of words. I thought it was clever.
Sorry, it went straight over my head. After all, "root" does have another
common meaning in Unix-ese.
>My safeguard is another copy of the original root password in the
>/etc/password (or /etc/shadow) file. I really didn't see it
>as a major foopah.
I don't think it's really that awful, although I do prefer the idea of
training the users to deal with the system properly rather than expecting
it to read their minds.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
earthquake /n./
[IBM] The ultimate real-world shock test for computer hardware.
Hackish sources at IBM deny the rumor that the Bay Area quake of
1989 was initiated by the company to test quality-assurance
procedures at its California plants.
Regarding the wrapper -- yes, the wrapper is a decent idea. Then
everyone would have to be educated (ie: forced?) to use that command and
not an alternative such as npasswd, etc. Of course, the only way to
do this would probably be to disable the old passwd (and wonder
what that breaks). It's not all that simple, in the end.
> >Ok, so it was a poor choice of words. I thought it was clever.
> Sorry, it went straight over my head. After all, "root" does have another
> common meaning in Unix-ese.
What does it mean to Australians? Wouldn't it be nice to change your
fv<k account to sysadm or something else? Just try it with Solaris.
> >My safeguard is another copy of the original root password in the
> >/etc/password (or /etc/shadow) file. I really didn't see it
> >as a major foopah.
> I don't think it's really that awful, although I do prefer the idea of
> training the users to deal with the system properly rather than expecting
> it to read their minds.
Right. I prefer the idea of having decent documentation on things so
that I don't have to read the author's mind.
Do I have to install tcpserver as root? I did and I didn't even
check beforehand. I *trust* djb. It doesn't mean that a config
wasn't missed that would do something that I'd really prefer not
be done to my system, though.
Scott
On Tue, 23 Mar 1999, Scott D. Yelich wrote:
> So, this client owns their own isp. They have root access. They often
> type "passwd" without an account to change the password for one of
> their account -- yet they zap the root password. Ignore my solution --
> how would you prevent this provided that the isp owner will not stop
> using the command and you don't want to write a wrapper for them around
> the root command (since it's not a single person who does this).
Easy enough, use something like sudo and adjust your passwd program (you
have source right?) to disallow the changing of the root password. Only
allow them to execute your passwd changing <program/script/wrapper>
through sudo. You're the con<in>sultant. It's your job to protect them
from themselves. :-)
Matt
``````````````````````````````````````````````````````````````````
Matt Simerson http://users.michweb.net/~matt
MichWeb Inc. - President http://www.michweb.net
The Art Farm - Technical Wizard http://www.theartfarm.com
Better to dare Mighty Things and fail, than to live in __o
a gray twilight where there is neither victory or _-\<,_
defeat. -- attributed to Theodore Roosevelt ......(_)/ (_)
``````````````````````````````````````````````````````````````````
On Tue, 23 Mar 1999, Scott D. Yelich wrote:
>
> Then comes qmail, et al., does it use Makefile with
> CC=gcc? no. Does it use ./Configure? no. It says
> "type make; make config check; # that's all!"
>
No need to edit the Makefile to set the compiler option. As a
feature of make you can pass the necessary parameters from the command
line like so:- 'make CC=gcc' or whatever compiler is necessary. At no
stage is it absolutely necessary to edit the make file.
--
Our OS who art in CPU, UNIX be thy name.
Thy programs run, thy syscalls done,
In kernel as it is in user!
*********************************************
Matthew Gibbins
email : [EMAIL PROTECTED]
unsubscribe
hey all,
as anyone had the pleasure of dealing with some of the (excuse the
language) ass pirates that refuse to fix their MTA(s) or work to get their
sites taken out of the ORBS, RBL, DSSL, or DUL databases?
i've been using all four of the above for about a month and have just
received two loveley emails from some persons (i'd rather not say) that
seem to be lacking the common knowledge to read the error messages that
are returned by these lists or even acknowledge that they have a problem.
not only that, these people have the balls to email *OUR* customers
accusing us of censoring the email that they receive? go figure.
anyway, thats what the BS in ORBS stands for, Behavor
modification System.
later,
-xs
end
-------------------------------------------------
Greg Albrecht Safari Internet
System Administrator Fort Lauderdale, FL
[EMAIL PROTECTED] www.safari.net
+1[888|954]537-9550
-------------------------------------------------
On Tue, Mar 23, 1999 at 07:55:05PM -0500, xs wrote:
> as anyone had the pleasure of dealing with some of the (excuse the
> language) ass pirates that refuse to fix their MTA(s) or work to get their
> sites taken out of the ORBS, RBL, DSSL, or DUL databases?
We haven't had these types of complaints yet, as we only use RBL and
DUL on a site basis currently. I do use ORBS on my personal account in
an advisory basis (mail goes to a separate folder not bounced) but I
don't think I can enable it for our site. gte.net (which one of my
friends use) and a few competitor ISP's are in ORBS and I don't want to
lose e-mail coming from them.
I catch most of the SPAM using a procmail receipe by simplying looking
for e-mail not specifically addressed to me (or any of my known aliases).
ORBS comes second. We hardly ever see RBL or DUL rejects, but I guess
we're not a big enough site yet.
Tim
> not only that, these people have the balls to email *OUR* customers
> accusing us of censoring the email that they receive? go figure.
Before I switched from a sendmail open relay to a qmail open relay...
I got a message from a guy threatening to prosecute me because he
received a message that had been routed through me. He wasn't too upset
about the message, he was upset because I said I couldn't give him the
800 number for the Internet. He continued threatened me and demand that
I give him the 800 number for the Internet because he was going to get
the sender's account shut down and he said that all people who connect
to the Internet can be traced and that I was helping to prevent him from
tracing the server back to the server's dialin account. This guy was
from AOL.
And, I surrender on the qmail 1.x documentation thing. I'll simply
privately curse djb (et all) and wait until qmail 2.x and see
if the song remains the same.
Scott
Hi
Can someone point me to the URL for the qmail-etrn patch? need to
re-install it but couldn't find the site.
THANKS in advance.
EZ Wang
unsubscribe!!! me too
-----Original Message-----
From: Kevin Phipps [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 24, 1999 2:51 AM
To: [EMAIL PROTECTED]
Subject: GET ME OFF THIS DAMN LIST
unsubscribe
It is perhaps time for a gentle reminder: Every message from the list
contains the following header:
Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
Now, if a person were to send a message to that address a reply would
come back explaining, among other things, how to get off the list.
But I'll divulge the secret right here: Send an empty message to
[EMAIL PROTECTED]
and follow the instructions in the resulting reply. Enough said.
- Harald
I have a problem with fetchmail 4.3.9, to whom could
i ask? I subscribed the fetchmail-friends mailing list
4 days ago, but i'm not recieving any emails!
__
Thanks in advance,
Enrico.
Hello everyone. If you haven't already mail filtered me ...
I'm looking for information on the following items -- any
information would be appreciated:
(1) What is the proper or "official" want to rbl with qmail? with
tcp-env? with qmail itself? with tcpserver? and/or with with rblsmtpd? I
have found docs on many of these systems, but not one says which is
preferred or "officially" blessed. Right now I use tcpserver with
rblsmtpd.
(2) How can I make qmail not accept mail when a domain isn't given in
the return address? How can I make qmail check the return address of the
"mail from: part (and the helo part?) as well as the incoming connecting
IP? Do I really want to do this? The reason is that I get a lot of mail
forwarded through a lot of systems and the final system connecting to me
is valid and not a relay or a spam site, but the email coming through
is.
(3) How can I get rblsmtpd to use multiple DNS "rbl" style maps such as
ORBS, DUL, RBL and others?
(4) Is there documentation that states that if you are going from
tcp-env to tcpserver you have to convert your /etc/hosts.allow tcp-env
RELAYCLIENT rules into tcpserver .cdb rules so that your smtp will still
relay allowed clients?
Thanks!
Scott
hi,
On Wed, Mar 24, 1999 at 01:05:14AM -0700, Scott D. Yelich wrote:
> (3) How can I get rblsmtpd to use multiple DNS "rbl" style maps such as
> ORBS, DUL, RBL and others?
here goes an example of multiple invocation:
-----
env - PATH="/var/qmail/bin:$PATH" \
/usr/local/bin/supervise /var/run/tcpserver \
/usr/bin/tcpserver -v -c 70 \
-u 71 -g 71 -x /etc/tcp.smtp.cdb 0 smtp /usr/local/bin/smtplog \
/usr/local/bin/rblsmtpd -rrelays.orbs.org \
/usr/local/bin/rblsmtpd -rrbl.maps.vix.com \
/usr/local/bin/rblsmtpd -rdul.maps.vix.com \
/var/qmail/bin/qmail-smtpd 2>&1 | /usr/local/bin/accustamp \
| /usr/local/bin/cyclog -s1000000 -n20 /var/log/smtpd &
----
instead of /usr/local/bin/rblsmtpd -rrbl.maps.vix.com
I could have used just /usr/local/bin/rbldmtpd (it looks up the rbl.maps by
default)
Regards,
Pashah
--
http://www.spb.sitek.net/~pashah/public-key-0x97739141.pgp
Is it possible with qmail to create a PGP Keyserver ?
I want the following solution :
User creates email to another user (kept in a userlist), the server crypt
this mail with an organisation wide PGP key and delivers this mail. The
recipient answers this email with the organisation wide PGP key and the
server will encrypt this mail and delivers it to the recipient !
Is this possible ?!
stefan loewe
inter-check
[EMAIL PROTECTED] wrote:
> Is it possible with qmail to create a PGP Keyserver ?
> I want the following solution :
>
> User creates email to another user (kept in a userlist), the server crypt
> this mail with an organisation wide PGP key and delivers this mail. The
> recipient answers this email with the organisation wide PGP key and the
> server will encrypt this mail and delivers it to the recipient !
>
> Is this possible ?!
>
> stefan loewe
> inter-check
I would like to know how/why the mailing list thinks that I sent this
message (see the top line) when it was in fact sent by stefan loewe (who
does not work here!!)
Thanks
Les.
On Wed, 24 Mar 1999, Les Klein wrote:
> [EMAIL PROTECTED] wrote:
^-- the return address was strange too. I got mine
as qmail-return-28866-somethi=lobodirect.com or something.
It's as if the list bounced someone's delivery and that
bounce was then sent out to each of the members of the list.
I sh!tcanned the messaged as I didn't know the
answer and it appeared as if it wasn't directed
toward me in the first place.
> I would like to know how/why the mailing list thinks that I sent this
> message (see the top line) when it was in fact sent by stefan loewe (who
> does not work here!!)
> Thanks
> Les.
Just my guess. It wouldn't be the first time that qmail/ezmlm did
something that I couldn't figure out! :-/
Scott
> as qmail-return-28866-somethi=lobodirect.com or something.
Should be [EMAIL PROTECTED]
> Just my guess. It wouldn't be the first time that qmail/ezmlm did
> something that I couldn't figure out! :-/
Have a look for VERP at Dans site.
Regards, Frank
On Wed, 24 Mar 1999, Frank Tegtmeyer wrote:
> > as qmail-return-28866-somethi=lobodirect.com or something.
> Should be [EMAIL PROTECTED]
no, not really. just like the /bin/sh script that was posted
before was actually a bash script (or something other
non-standard /bin/sh). When I say it was lobodirect,
I mean that. I'm subscribed to this list from there, not here
or scottyelich.com.
> > Just my guess. It wouldn't be the first time that qmail/ezmlm did
> > something that I couldn't figure out! :-/
> Have a look for VERP at Dans site.
I've been scouring the documentation since my rant earlier tonight that
was 8 hrs ago? It's now 2:30am. I'm also creating my own qmail page
just so I can save my friends from the insanity of the qmail docs. I
just found the
http://www.geocities.com/SiliconValley/Peaks/5799/qmail-uce.html page
and it looks really impressive.
I've been trying to find a consolidated documentation on all the
accustamp, cyclog, supervise, etc. I barely found a link to
daemontools!
I was at least able to solve the tcp-env /etc/hosts.allow RELAY client
issue to a tcpserver .cdb, without even a reference to it in any of the
docs. I've manage to dig up a message from feb 1 from the qmail list (I
saved it for future reference) to come back to when I was going to
address spam -- to allow me to use multiple rbl lookups with rblsmtpd
(although I didn't quite get why I have to run multiple rblsmtpds
instead of just passing multiple -r's to a single rblsmtpd).
There's just a lot of potholes in the documentation.
The qmail-uce stuff is awesome. I can't wait to fileter some mail that
way -- but the install assumes that I'm doing the qmail install from
scratch -- and I already have it installed. Unless I missed it, it
doesn't say whether or not the re-install over the current install won't
harm anything. I'm going to try to install the qmail-smtp (or is it
qmail-send?) manually. Wish me luck.
Scott
Thanks to Frank Tegtmeyer, Rick Myers, and Sameer Vijay for taking the
time to reply to this for me.
I am now wiser(!)
Les.
Hi, like i said before :) -
I have a Unix box who is going to host several
domains, running Qmail.
Now, the prob is i can make aliases for
(.qmail-alias) each user just fine, but when i delivers the mail into the system
acount's inbox (/home/acount/.mbox) the .mbox doesen't get chowned to the system
acount..
so the way i have it setup now is that the alias
deliver to a system acount email adress (&[EMAIL PROTECTED]) but ehm.. :) - that
sucks ..
if anoyne could help me i would very much
apriciate it!
#Daniel.
