qmail Digest 1 Apr 1999 11:00:01 -0000 Issue 597
Topics (messages 23786 through 23859):
badmailrcptto
23786 by: Stefan Paletta <[EMAIL PROTECTED]>
Q: Is it possible to bind 2 diffrent qmail instances on 2 diffrent network interfaces
23787 by: Andy Smith <[EMAIL PROTECTED]>
23789 by: "Sam" <[EMAIL PROTECTED]>
23790 by: Russell Nelson <[EMAIL PROTECTED]>
23798 by: Kai MacTane <[EMAIL PROTECTED]>
23835 by: David Villeger <[EMAIL PROTECTED]>
telnet to smtp port doesn't work HELP!!
23788 by: Vince Vielhaber <[EMAIL PROTECTED]>
23801 by: Kai MacTane <[EMAIL PROTECTED]>
23806 by: Dustin Marquess <[EMAIL PROTECTED]>
23808 by: Stefan Paletta <[EMAIL PROTECTED]>
23812 by: Mark Delany <[EMAIL PROTECTED]>
Kevin Mitnik
23791 by: Peter van Dijk <[EMAIL PROTECTED]>
23793 by: Mark Bitting <[EMAIL PROTECTED]>
23794 by: Peter van Dijk <[EMAIL PROTECTED]>
Routing incoming emails to another host
23792 by: Peter van Dijk <[EMAIL PROTECTED]>
23803 by: Mark Delany <[EMAIL PROTECTED]>
23804 by: [EMAIL PROTECTED] (B.G. Mahesh)
23810 by: Mark Delany <[EMAIL PROTECTED]>
Wildcarding "user" part in virtualdomains
23795 by: [EMAIL PROTECTED] (Bret Martin)
qmail-queue _exit(61) when run by root
23796 by: [EMAIL PROTECTED]
23809 by: Mark Delany <[EMAIL PROTECTED]>
user masquerading.
23797 by: Mark Swanson <[EMAIL PROTECTED]>
23799 by: "Sam" <[EMAIL PROTECTED]>
23816 by: Faried Nawaz <[EMAIL PROTECTED]>
23819 by: Chris Johnson <[EMAIL PROTECTED]>
Melissa Virus
23800 by: Kai MacTane <[EMAIL PROTECTED]>
23805 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
23811 by: "Dave Teske" <[EMAIL PROTECTED]>
23829 by: [EMAIL PROTECTED]
23849 by: Russ Allbery <[EMAIL PROTECTED]>
23852 by: Paul Farber <[EMAIL PROTECTED]>
23854 by: Vince Vielhaber <[EMAIL PROTECTED]>
23857 by: "Petr Novotny" <[EMAIL PROTECTED]>
23858 by: "Dave Teske" <[EMAIL PROTECTED]>
sending email for local root to local user - I must be doing something wrong?
23802 by: [EMAIL PROTECTED]
23827 by: Keith Burdis <[EMAIL PROTECTED]>
qmail-imap-4.5.BETA patches.
23807 by: Mark Swanson <[EMAIL PROTECTED]>
Qmail and Fetchmail/SerialMail
23813 by: Scott Sharkey <[EMAIL PROTECTED]>
ucspi-tcp
23814 by: xs <[EMAIL PROTECTED]>
what is the proper way to stop a local user from mailing?
23815 by: XxEDGExX <[EMAIL PROTECTED]>
23818 by: Russell Nelson <[EMAIL PROTECTED]>
23820 by: XxEDGExX <[EMAIL PROTECTED]>
23821 by: Russell Nelson <[EMAIL PROTECTED]>
23822 by: XxEDGExX <[EMAIL PROTECTED]>
23823 by: xs <[EMAIL PROTECTED]>
23824 by: Roger Merchberger <[EMAIL PROTECTED]>
23826 by: [EMAIL PROTECTED]
23848 by: "Sam" <[EMAIL PROTECTED]>
disregard my previous email please! (about local-to-root)
23817 by: [EMAIL PROTECTED]
qmail, vchkpw, and nfs
23825 by: John Austin Houlihan <[EMAIL PROTECTED]>
Mail routing question
23828 by: Stephen Anderson <[EMAIL PROTECTED]>
23830 by: Chris Johnson <[EMAIL PROTECTED]>
Mail disturbance
23831 by: Joergen Persson <[EMAIL PROTECTED]>
23833 by: Chris Johnson <[EMAIL PROTECTED]>
23841 by: Joergen Persson <[EMAIL PROTECTED]>
23844 by: Kai MacTane <[EMAIL PROTECTED]>
23846 by: "Sam" <[EMAIL PROTECTED]>
Mail, CNAME, A records, and MX
23832 by: "Greg Owen {gowen}" <[EMAIL PROTECTED]>
23834 by: Hitesh Patel <[EMAIL PROTECTED]>
23836 by: Greg Owen {gowen} <[EMAIL PROTECTED]>
23837 by: Chris Johnson <[EMAIL PROTECTED]>
23838 by: Chris Johnson <[EMAIL PROTECTED]>
23839 by: Greg Owen {gowen} <[EMAIL PROTECTED]>
23842 by: Chris Johnson <[EMAIL PROTECTED]>
23843 by: Hitesh Patel <[EMAIL PROTECTED]>
23847 by: Greg Owen {gowen} <[EMAIL PROTECTED]>
qmail-popbull and multiple messages.
23840 by: Bernd Eckenfels <[EMAIL PROTECTED]>
23850 by: Matt Simerson <[EMAIL PROTECTED]>
23851 by: Mark Delany <[EMAIL PROTECTED]>
23853 by: Matt Simerson <[EMAIL PROTECTED]>
daemontools and sshd
23845 by: <[EMAIL PROTECTED]>
qmail and relaying to an aliased address...
23855 by: Grant Stephenson <[EMAIL PROTECTED]>
Mail server load testing
23856 by: "Dave Teske" <[EMAIL PROTECTED]>
How to start the Virus-Scanner
23859 by: [EMAIL PROTECTED]
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Georgi Kupenov wrote/schrieb/scribsit:
> For QMAIL 1.03, I tried to do restrictions
> with BADRCPTTO file in
> /var/qmail/control, but it didn't work.
Stock qmail-1.03 doesn't know about this control file. It only knows about
badmailfrom. If you really want badrcptto, see
mailto:[EMAIL PROTECTED] e.g.
Stefan
On Wed, 31 Mar 1999, Sam wrote:
> Uwe Wuerdinger writes:
>
> > Hello,
> > I wondered if it is possible to bind on a machine with 2
> > Networkinterfaces to diffrent
> > qmails with 2 different configurations.
>
> Yes. It's a no-brainer. Compile and install Qmail. Then, chance the
> Qmail userids' home directory in your password file, then compile and
> install a second instance of Qmail.
>
> Then run two instances of tcpserver, each one bound to one of the two
> network interfaces.
Which interface will qmail use to send out mail?
--
Andy J. Smith ... <[EMAIL PROTECTED]> ... <http://www.strugglers.net/andy>
Mail to [EMAIL PROTECTED] for PGP Key, or check the key servers ......
KeyID: 0xBF15490B FP: 0E42 36CB 5295 1E14 5360 6622 2099 B64C BF15 490B
Amaze your friends and annoy your enemies:
echo '#define if(x) if (!(x))' >> /usr/include/stdio.h
-- Niall Smart, BUGTRAQ mailing list
Andy Smith writes:
> On Wed, 31 Mar 1999, Sam wrote:
>
> > Uwe Wuerdinger writes:
> >
> > > Hello,
> > > I wondered if it is possible to bind on a machine with 2
> > > Networkinterfaces to diffrent
> > > qmails with 2 different configurations.
> >
> > Yes. It's a no-brainer. Compile and install Qmail. Then, chance the
> > Qmail userids' home directory in your password file, then compile and
> > install a second instance of Qmail.
> >
> > Then run two instances of tcpserver, each one bound to one of the two
> > network interfaces.
>
> Which interface will qmail use to send out mail?
The same one that received the mail, or whichever qmail-inject you execute.
--
Sam
Sam writes:
> Andy Smith writes:
> > Which interface will qmail use to send out mail?
>
> The same one that received the mail, or whichever qmail-inject you execute.
I think he wants to know which IP address it will bind to. The answer
is "whatever". Dan has been asked to change qmail-remote to bind to
the IP address of the hostname part of the envelope sender, but he
dismisses the possibility, claiming that it is is a frivial desire.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Text written by Russell Nelson at 12:56 PM 3/31/99 -0000:
>
>dismisses the possibility, claiming that it is is a frivial desire.
^^^^^^^
Don't know if you intended to coin the word "frivial" or if it's just a
(fortuitous) typo, but either way, I like it.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
die horribly /v./
The software equivalent of crash and burn, and the preferred emphatic
form of die. "The converter choked on an FF in its input and died
horribly".
At 12:56 PM 3/31/99 -0000, Russell Nelson wrote:
>I think he wants to know which IP address it will bind to. The answer
>is "whatever". Dan has been asked to change qmail-remote to bind to
>the IP address of the hostname part of the envelope sender, but he
>dismisses the possibility, claiming that it is is a frivial desire.
Well, maybe the implementation would be trivial and frivolous in his mind
(is that what frivial means?), but this feature could be useful nonetheless.
>From the logs:
---
Connected to 199.246.67.190 but my name was rejected./Remote host said: 501
HELO requires a valid host name as operand: 'web1.cheetahmail.com' rejected
from www.cheetahmail.com remote address [206.132.30.31]: Host name does not
match remote address.
---
Why? Because the address associated with www is a virtual IP on the web1
server. I use virtual IPs all the time (it allows me to move services such
as web, DNS server , etc, around and implement failover mechanisms) and it
would be useful to be able to bind to the physical address only.
Yes, I know, making all the entries (for that machine) in my reverse DNS
table point to the same name would also solve the problem. I was just a
comment, not a criticism.
David.
On Wed, 31 Mar 1999, Brent Clements wrote:
> What am I doing wrong..can anyone help me with this problem? I've used
> qmail on a few of my other servers and the installation has been
> smooth..I don't know what I am doing wrong here.
>
> Or let me ask..can I have qmail-smptd be running all the time instead of
> calling it from inetd.conf?
tcpserver's the preferred method for running it instead of inetd. BTW,
you remembered to stop sendmail, didn't you?
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
Text written by Brent Clements at 12:34 AM 3/31/99 -0600:
>
>[root@manageserv /etc]# telnet 0 25
>Trying 0.0.0.0...
>Connected to 0.
>Escape character is '^]'.
You should definitely be doing "telnet 127.0.0.1 25" or "telnet localhost
25" instead, but even that may not work...
>I checked and rechecked my inetd.conf and the line that I am using is
>
>smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env
>/var/qmail/bin/qmail-smtpd
>
>with everything on one line..
I can't believe no one else has pointed this out yet, but I'm almost
positive there should be an extra "tcp-env" in there. The line should be:
smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env \
/var/qmail/bin/qmail-smtpd
Please, someone, let me know if I'm wrong on that one.
>Or let me ask..can I have qmail-smptd be running all the time instead of
>calling it from inetd.conf?
As people have pointed out, tcpserver is the preferred way to run
qmail-smtpd. Aside from its technical superiority, it will be much easier
to get support on how to do various often-done things with qmail using
tcpserver, whereas getting help on how to do it with inetd will be difficult.
Tcpserver is easy to compile and install -- it worked for me the first time
out as a Linux novice on a Red Hat 4.2 system, no C guruhood required --
and works alongside inetd without a hitch. I'd strongly advise getting it
and using it in conjunction with qmail and its assorted pieces.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
copious free time /n./
1. [used ironically to indicate the speaker's lack of the quantity in
question] A mythical schedule slot for accomplishing tasks held to be
unlikely or impossible. Sometimes used to indicate that the speaker
is interested in accomplishing the task, but believes that the oppor-
tunity will not arise... 2. [Archly] Time reserved for bogus or
otherwise idiotic tasks, such as implementation of chrome, or the
stroking of suits.
On Wed, 31 Mar 1999, Kai MacTane wrote:
> Text written by Brent Clements at 12:34 AM 3/31/99 -0600:
> >
> >[root@manageserv /etc]# telnet 0 25
> >Trying 0.0.0.0...
> >Connected to 0.
> >Escape character is '^]'.
>
> You should definitely be doing "telnet 127.0.0.1 25" or "telnet localhost
> 25" instead, but even that may not work...
>
> >I checked and rechecked my inetd.conf and the line that I am using is
> >
> >smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env
> >/var/qmail/bin/qmail-smtpd
> >
> >with everything on one line..
>
> I can't believe no one else has pointed this out yet, but I'm almost
> positive there should be an extra "tcp-env" in there. The line should be:
>
> smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env \
> /var/qmail/bin/qmail-smtpd
>
> Please, someone, let me know if I'm wrong on that one.
As far as I know, tcp-env gets the name of the program to run
from argv[0] (like tcpd does), so the way he had it was correct.
-Dustin
Dustin Marquess wrote/schrieb/scribsit:
> As far as I know, tcp-env gets the name of the program to run
> from argv[0] (like tcpd does), so the way he had it was correct.
Nope.
SYNOPSIS
tcp-env [ -rR ] [ -ttimeout ] program [ arg ... ]
Stefan
>> >I checked and rechecked my inetd.conf and the line that I am using is
>> >
>> >smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env
>> >/var/qmail/bin/qmail-smtpd
>> >
>> >with everything on one line..
>>
>> I can't believe no one else has pointed this out yet, but I'm almost
>> positive there should be an extra "tcp-env" in there. The line should be:
>>
>> smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env \
>> /var/qmail/bin/qmail-smtpd
>>
>> Please, someone, let me know if I'm wrong on that one.
Point 16. of the INSTALL document describes the exact entry. I'd be looking
to that for definitive information.
Regards.
On Tue, Mar 30, 1999 at 11:59:20AM -0600, Fred Lindberg wrote:
> On Tue, 30 Mar 1999 12:27:26 -0500, Adam D. McKenna wrote:
>
> >I'm not sure what they think he could do with a cell phone that he couldn't
> >do with a regular phone?
>
> Cell phones have 64-bit encryption computers that use 56 bit keys in
> them ;-)
Well if the police/government/anybody wants to eavesdrop on him that's dead easy for
the phone company. Over here in .nl, mobile carriers are _required_ to be technically
able to place taps. We're also country with the highest relative number of taps.
Greetz, Peter.
--
.| Peter van Dijk | <mo|VERWEG> stoned worden of coden
.| [EMAIL PROTECTED] | <mo|VERWEG> dat is de levensvraag
| <mo|VERWEG> coden of stoned worden
| <mo|VERWEG> stonend worden En coden
| <mo|VERWEG> hmm
| <mo|VERWEG> dan maar stoned worden en slashdot lezen:)
Peter van Dijk wrote:
>
> On Tue, Mar 30, 1999 at 11:59:20AM -0600, Fred Lindberg wrote:
> > On Tue, 30 Mar 1999 12:27:26 -0500, Adam D. McKenna wrote:
> >
> > >I'm not sure what they think he could do with a cell phone that he couldn't
> > >do with a regular phone?
> >
> > Cell phones have 64-bit encryption computers that use 56 bit keys in
> > them ;-)
>
> Well if the police/government/anybody wants to eavesdrop on him that's dead easy for
> the phone company. Over here in .nl, mobile carriers are _required_ to be technically
> able to place taps. We're also country with the highest relative number of taps.
>
They should require him to have a cell phone. Here in the Land of the
Free the FBI is trying to implement real-time people-tracking using cell
phones. (A logical extension of the ruling that 9-1-1 calls have to be
triangulated and located to within 100 meters.) The cellular operators
are resisting because of the costs, but the FBI will probably win out.
On Wed, Mar 31, 1999 at 10:14:26AM -0500, Mark Bitting wrote:
> Peter van Dijk wrote:
> >
> > On Tue, Mar 30, 1999 at 11:59:20AM -0600, Fred Lindberg wrote:
> > > On Tue, 30 Mar 1999 12:27:26 -0500, Adam D. McKenna wrote:
> > >
> > > >I'm not sure what they think he could do with a cell phone that he couldn't
> > > >do with a regular phone?
> > >
> > > Cell phones have 64-bit encryption computers that use 56 bit keys in
> > > them ;-)
> >
> > Well if the police/government/anybody wants to eavesdrop on him that's dead easy
>for
> > the phone company. Over here in .nl, mobile carriers are _required_ to be
>technically
> > able to place taps. We're also country with the highest relative number of taps.
> >
> They should require him to have a cell phone. Here in the Land of the
> Free the FBI is trying to implement real-time people-tracking using cell
> phones. (A logical extension of the ruling that 9-1-1 calls have to be
> triangulated and located to within 100 meters.) The cellular operators
> are resisting because of the costs, but the FBI will probably win out.
Over here, the costs are still being debated. But the government (or whoever is
responsible for the taps) has already won. For dutch readers: De volkskrant had a
very good article about this yesterday (page 13).
Greetz, Peter.
--
.| Peter van Dijk | <mo|VERWEG> stoned worden of coden
.| [EMAIL PROTECTED] | <mo|VERWEG> dat is de levensvraag
| <mo|VERWEG> coden of stoned worden
| <mo|VERWEG> stonend worden En coden
| <mo|VERWEG> hmm
| <mo|VERWEG> dan maar stoned worden en slashdot lezen:)
On Tue, Mar 30, 1999 at 01:33:59PM -0500, B.G. Mahesh wrote:
> Hi
>
> I am using qmail on a Linux box. We have several domains that we host.
> For e.g. our domains are
>
> paragon-software.com
> corbanews.com
> camros.com
>
> We have two hosts
>
> 1. drudge.paragon-software.com : open to public
> 2. grub.paragon-software.com: behind the firewall
>
> The MX records of ALL our domains point to drudge. My question,
>
> 1. I want all incoming emails of drudge to be REDIRECTED to grub. grub
> will figure out who is an unknown user etc. I just want everything
> that comes to drudge (incoming) to go to grub.
>
> In sendmail I had the the following,
>
> # who gets all local email traffic ($R has precedence for unqualified names)
> DHgrub.paragon-software.com
>
>
> How do I achieve this? I read the FAQ but did not find this particular
> scenario.
Put all your domains in rcpthosts, and ':grub.paragon-software.com' (mind the colon
at the start) in smtproutes. Make sure to keep locals and virtualdomains empty.
Greetz, Peter.
--
.| Peter van Dijk | <mo|VERWEG> stoned worden of coden
.| [EMAIL PROTECTED] | <mo|VERWEG> dat is de levensvraag
| <mo|VERWEG> coden of stoned worden
| <mo|VERWEG> stonend worden En coden
| <mo|VERWEG> hmm
| <mo|VERWEG> dan maar stoned worden en slashdot lezen:)
>> 1. I want all incoming emails of drudge to be REDIRECTED to grub. grub
>Put all your domains in rcpthosts, and ':grub.paragon-software.com' (mind
>the colon
Sigh. This is wrong.
He only wants mail to the drudge domain forwarded, not all incoming mails
that happen to hit the druge machine (what if it's used for outbound for
example?).
Try this in smtproutes:
drudge.paragon-software.com:grub.paragon-software.com
Regards.
+ >> 1. I want all incoming emails of drudge to be REDIRECTED to grub. grub
+
+ >Put all your domains in rcpthosts, and ':grub.paragon-software.com' (mind
+ >the colon
+
+ Sigh. This is wrong.
+
+ He only wants mail to the drudge domain forwarded, not all incoming mails
+ that happen to hit the druge machine (what if it's used for outbound for
+ example?).
basically all emails for paragon-software.com, camros.com, kamros.com
domains come to drudge (public machine) and that needs to be forwarded
to grub.paragon-software.com
+
+ Try this in smtproutes:
+
+ drudge.paragon-software.com:grub.paragon-software.com
At 01:39 PM Wednesday 3/31/99, B.G. Mahesh wrote:
>+ >> 1. I want all incoming emails of drudge to be REDIRECTED to grub. grub
>+
>+ >Put all your domains in rcpthosts, and ':grub.paragon-software.com' (mind
>+ >the colon
>+
>+ Sigh. This is wrong.
>+
>+ He only wants mail to the drudge domain forwarded, not all incoming mails
>+ that happen to hit the druge machine (what if it's used for outbound for
>+ example?).
>
>basically all emails for paragon-software.com, camros.com, kamros.com
>domains come to drudge (public machine) and that needs to be forwarded
>to grub.paragon-software.com
You didn't say that the first time. You said you hosted the other domains,
but it was only drudge that you referred to wrt arbitary forwarding. Even
so, the complete smtproutes entry would still be wrong if drudge does any
other relaying such as outbound from your internal network.
>+
>+ Try this in smtproutes:
>+
>+ drudge.paragon-software.com:grub.paragon-software.com
If you read up on qmail-remote you will see how to extend this to cover your
particular case. Perhaps when you've done that you'll show up what you've
done for confirmation.
Regards.
Questions about virtual domains do seem to be the most common -- so that
made it a bit tedious to determine if this question has been answered
before. After having read much, though, I shall ask:
The qmail-send(8) manual page implies but doesn't state explicitly that
wildcards for the "user@domain:prepend" lines in virtualdomains only
work for the "domain" part.
The behavior I want could, I believe, be expressed by (in
virtualdomains):
postmaster@:alias
abuse@:alias
but that doesn't work (and it probably isn't supposed to).
What I would like is a way to specify that certain users should be
delivered the same way for all my virtual domains. Other users that
are not so listed would be handled as specified for the individual
domains (by their corresponding lines in virtualdomains).
Currently, I have .qmail files to specify the delivery for these
"boilerplate" addresses for each of the virtual domains. I know I
could also add more lines to virtualdomains to specify these individual
recipients for each domain, but that would add ( n * domains ) lines,
when it seems like it might be possible to do it with only n.
Can I do what I want or is listing everything individually (either in
virtualdomains or in appropriately placed .qmail files) the only way?
Thanks,
--Bret
--
Bret Andrew Martin Student.Net Publishing
[EMAIL PROTECTED] http://www.student.com + http://www.tvgrid.com
Hello,
I built qmail V1.03 on a Solaris 2.5.1 (SPARC) machine.
All went well, but when I tried to do some tests, a strange behaviour
appeared. I was successfully able to do a local-to-local delivery running
the following command as "pv" (a local non-privileged username):
echo to: pv | /var/qmail/bin/qmail-inject
But when I tried to run the same command as root, it failed with the
message:
qmail-inject: fatal: qq trouble in home directory (#4.3.0)
I looked into the syslog file: nothing.
I traced the run with truss(1), with the following command:
truss -iafe sh -c 'echo to: pv | /var/qmail/bin/qmail-inject' 2>&1
and this is (part of) the output:
------------------------------- (cut here) ----------------------------------
1243: execve("/bin/sh", 0xEFFFFD5C, 0xEFFFFD6C) argc = 3
1243: argv: sh -c echo to: pv | /var/qmail/bin/qmail-inject
1243: envp: FROMUSER=root HOME=/ HOSTNAME=lacerta HZ=100
1243: LOGNAME=root MAIL=/usr/local/qmail/alias/Mailbox
1243:
MANPATH=/usr/share/man:/usr/openwin/share/man:/usr/dt/share/man:/usr/local/man
1243: MBOX=+mbox MOZILLA_HOME=/usr/local/netscape
1243:
PATH=/bin:/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/ucb:/usr/openwin/bin:/usr/dt/bin:/usr/local/bin:/usr/local/sbin:/etc:/ccuuroot/bin
1243: PWD=/tmp SHELL=/bin/csh TERM=vt300 TZ=MET USER=root
1243: open("/dev/zero", O_RDONLY) = 3
.
.
.
1244: execve("/var/qmail/bin/qmail-inject", 0x00038884, 0x0003888C) argc = 1
1244: argv: /var/qmail/bin/qmail-inject
1244: envp: FROMUSER=root HOME=/ HOSTNAME=lacerta HZ=100
1244: LOGNAME=root MAIL=/usr/local/qmail/alias/Mailbox
1244:
MANPATH=/usr/share/man:/usr/openwin/share/man:/usr/dt/share/man:/usr/local/man
1244: MBOX=+mbox MOZILLA_HOME=/usr/local/netscape
1244:
PATH=/bin:/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/ucb:/usr/openwin/bin:/usr/dt/bin:/usr/local/bin:/usr/local/sbin:/etc:/ccuuroot/bin
1244: PWD=/tmp SHELL=/bin/csh TERM=vt300 TZ=MET USER=root
1244: Received signal #18, SIGCLD [default]
1244: siginfo: SIGCLD CLD_EXITED pid=1246 status=0x0000
1244: open("/dev/zero", O_RDONLY) = 3
.
.
.
1244: chdir("/usr/local/qmail") = 0
.
.
.
1248: chdir("/usr/local/qmail") = 0
1248: execve("bin/qmail-queue", 0x0002A530, 0xEFFFFD8C) argc = 1
1248: *** SUID: ruid/euid/suid = 0 / 500 / 500 ***
1248: argv: bin/qmail-queue
1248: envp: FROMUSER=root HOME=/ HOSTNAME=lacerta HZ=100
1248: LOGNAME=root MAIL=/usr/local/qmail/alias/Mailbox
1248:
MANPATH=/usr/share/man:/usr/openwin/share/man:/usr/dt/share/man:/usr/local/man
1248: MBOX=+mbox MOZILLA_HOME=/usr/local/netscape
1248:
PATH=/bin:/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/ucb:/usr/openwin/bin:/usr/dt/bin:/usr/local/bin:/usr/local/sbin:/etc:/ccuuroot/bin
1248: PWD=/tmp SHELL=/bin/csh TERM=vt300 TZ=MET USER=root
1244: close(3) = 0
1248: open("/dev/zero", O_RDONLY) = 3
.
.
.
1248: chdir("/usr/local/qmail") Err#13 EACCES
1248: _exit(61)
1244: Received signal #18, SIGCLD, in waitid() [default]
1244: siginfo: SIGCLD CLD_EXITED pid=1248 status=0x003D
1244: waitid(P_PID, 1248, 0xEFFFFAD8, WEXITED|WTRAPPED) = 0
qmail-inject: fatal: qq trouble in home directory (#4.3.0)
1244: write(2, " q m a i l - i n j e c t".., 59) = 59
1244: _exit(111)
1243: Received signal #18, SIGCLD, in waitid() [default]
1243: siginfo: SIGCLD CLD_EXITED pid=1244 status=0x006F
1243: waitid(P_PID, 1244, 0xEFFFFAA0, WEXITED|WTRAPPED|WSTOPPED|WNOWAIT) = 0
1243: ioctl(0, TIOCGPGRP, 0xEFFFFA5C) = 0
1243: ioctl(0, TCGETS, 0x00037C24) = 0
1243: waitid(P_PID, 1244, 0xEFFFFAA0, WEXITED|WTRAPPED|WSTOPPED) = 0
1243: lseek(0, 0, SEEK_CUR) = 103
1243: _exit(111)
------------------------------- (cut here) ----------------------------------
The problem seem to be in the
chdir("/usr/local/qmail")
system call done by qmail-queue.
The question is: why qmail-queue can access regularly /usr/local/qmail when
called by a non-root account, but has permission problems when called by root?
Here are some supplementary data:
------------------------------- (cut here) ----------------------------------
% grep qmailq /etc/passwd
qmailq:x:500:500::/usr/local/qmail:/sbin/sh
% grep 500 /etc/group
qmail::500:
% ls -la /var/qmail
lrwxrwxrwx 1 root sys 16 Mar 29 12:58 /var/qmail -> /usr/local/qmail
% ls -lad / /usr /usr/local /usr/local/qmail
drwxr-sr-x 23 root root 1024 Mar 31 11:25 /
drwxrwxr-x 31 root sys 1024 Oct 20 1997 /usr
drwx--lr-x 17 root sys 512 Mar 29 11:19 /usr/local
drwxr-xr-x 10 root qmail 512 Mar 30 13:04 /usr/local/qmail
% cat `cat SYSDEPS`
qmail 1.03
sunos-5.5.1-generic_103640-18-:sparc-:sun4-:sun4u-:sun4u-
#ifndef SELECT_H
#define SELECT_H
#include <sys/types.h>
#include <sys/time.h>
#include <sys/select.h>
extern int select();
#endif
#ifndef FORK_H
#define FORK_H
extern int fork();
extern int vfork();
#endif
#define HASSIGACTION 1
#ifndef DIRENTRY_H
#define DIRENTRY_H
#include <sys/types.h>
#include <dirent.h>
#define direntry struct dirent
#endif
#define HASSIGPROCMASK 1
#define HASWAITPID 1
#define HASMKFIFO 1
#ifndef UINT32_H
#define UINT32_H
typedef unsigned long uint32;
#endif
-lresolv
-lsocket -lnsl
-lgen
------------------------------- (cut here) ----------------------------------
As a final remark: some months ago I built and installed qmail V1.02 on a
Solaris 2.6 (SPARC) machine and I didn't encounter this problem.
Any ideas?
Any hint will be greatly appreciated. TIA.
Paolo.Vicario
<[EMAIL PROTECTED]>
At 04:15 PM Wednesday 3/31/99, [EMAIL PROTECTED] wrote:
>Hello,
>I built qmail V1.03 on a Solaris 2.5.1 (SPARC) machine.
>All went well, but when I tried to do some tests, a strange behaviour
>appeared. I was successfully able to do a local-to-local delivery running
>the following command as "pv" (a local non-privileged username):
>
> echo to: pv | /var/qmail/bin/qmail-inject
>
>But when I tried to run the same command as root, it failed with the
>message:
>
> qmail-inject: fatal: qq trouble in home directory (#4.3.0)
>
>I looked into the syslog file: nothing.
>
>I traced the run with truss(1), with the following command:
>
> truss -iafe sh -c 'echo to: pv | /var/qmail/bin/qmail-inject' 2>&1
>
>and this is (part of) the output:
>1244: chdir("/usr/local/qmail") = 0
>1248: chdir("/usr/local/qmail") = 0
>1248: execve("bin/qmail-queue", 0x0002A530, 0xEFFFFD8C) argc = 1
>1248: *** SUID: ruid/euid/suid = 0 / 500 / 500 ***
>1248: chdir("/usr/local/qmail") Err#13 EACCES
>1248: _exit(61)
>% ls -lad / /usr /usr/local /usr/local/qmail
>drwxr-sr-x 23 root root 1024 Mar 31 11:25 /
>drwxrwxr-x 31 root sys 1024 Oct 20 1997 /usr
>drwx--lr-x 17 root sys 512 Mar 29 11:19 /usr/local
>drwxr-xr-x 10 root qmail 512 Mar 30 13:04 /usr/local/qmail
Is root in the supplementary group sys?
Do this:
# chmod g+rx /usr/local
(Given you have o=rx, I'm assuming you don't mind the permission issue of g+rx)
Supplementary groups are not relinquished when a setuid program executes and
group 'sys' has no access to /usr/local
If you cannot g+rx, you'll need to move the qmail directory out from
underneath /usr/local
That's my first guess anyway, it's been a while since I've look at this sort
of thing in great detail.
Regards.
Hello,
I've looked at the FAQs, the websites, and searched the qmail list archive
for information on user masquerading and am a bit stumped. What I'm looking
for is a fast way to automatically rewrite the From address for local users
to their alias.
So if I use QMail as my SMTP server and I send an email with the From header
containing <[EMAIL PROTECTED]>, qmail realizes that foo.com is a local domain,
mark1 is a local user, and rewrites the From header to
<[EMAIL PROTECTED]> where "Mark.Swanson" is the alias of mark1.
And it has to scale to 100,000 users.
Does this capability exist in qmail and is it done in an efficient scalable
manner?
Thanks!
Brought to you by the number 3 and the letter D.
Mark Swanson writes:
> So if I use QMail as my SMTP server and I send an email with the From header
> containing <[EMAIL PROTECTED]>, qmail realizes that foo.com is a local domain,
> mark1 is a local user, and rewrites the From header to
> <[EMAIL PROTECTED]> where "Mark.Swanson" is the alias of mark1.
>
> And it has to scale to 100,000 users.
>
> Does this capability exist in qmail
No.
--
Sam
[EMAIL PROTECTED] (Sam) writes:
Mark Swanson writes:
> So if I use QMail as my SMTP server and I send an email with the From header
> containing <[EMAIL PROTECTED]>, qmail realizes that foo.com is a local domain,
> mark1 is a local user, and rewrites the From header to
> <[EMAIL PROTECTED]> where "Mark.Swanson" is the alias of mark1.
>
> And it has to scale to 100,000 users.
>
> Does this capability exist in qmail
No.
Doesn't the mess822 package provide this functionality?
On Wed, Mar 31, 1999 at 11:40:43AM -0500, Mark Swanson wrote:
> Hello,
>
> I've looked at the FAQs, the websites, and searched the qmail list archive
> for information on user masquerading and am a bit stumped. What I'm looking
> for is a fast way to automatically rewrite the From address for local users
> to their alias.
>
> So if I use QMail as my SMTP server and I send an email with the From header
> containing <[EMAIL PROTECTED]>, qmail realizes that foo.com is a local domain,
> mark1 is a local user, and rewrites the From header to
> <[EMAIL PROTECTED]> where "Mark.Swanson" is the alias of mark1.
>
> And it has to scale to 100,000 users.
>
> Does this capability exist in qmail and is it done in an efficient scalable
> manner?
I haven't used it myself, but you may want to investigate ofmipd, which comes
with Dan's mess822 package. See ftp://koobera.math.uic.edu/www/mess822.html.
Chris
Text written by Adam D. McKenna at 02:16 AM 3/31/99 -0500:
>
>: >Emacs is a bad example -- it explicitly asks before executing code.
>:
>: Like Word then!
>
>Think about the people you know who use emacs. Now think about the people
you
>know who use word. Is the difference clear to you now?
Yeah. It's like some of us have been saying: this is more of a user (and
user-education) problem than it is a software problem.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
Godzillagram /god-zil'*-gram/ /n./
[from Japan's national hero] 1. A network packet that in theory is
a broadcast to every machine in the universe... Fortunately, few
gateways are foolish enough to attempt to implement this case!
2. A network packet of maximum size...
From: Kai MacTane <[EMAIL PROTECTED]>
: >: >Emacs is a bad example -- it explicitly asks before executing code.
: >:
: >: Like Word then!
: >
: >Think about the people you know who use emacs. Now think about the
people
: you
: >know who use word. Is the difference clear to you now?
:
: Yeah. It's like some of us have been saying: this is more of a user (and
: user-education) problem than it is a software problem.
Not really. If Microsoft had taken the time to secure/idiot-proof their
package, then Macro viruses probably wouldn't exist. The problem is that
Microsoft markets their software as being "user-friendly", and claims that
it's very easy to use and learn. If they're going to make these types of
claims, then they should take proper security precautions to compensate for
uneducated users.
--Adam
>From: Kai MacTane <[EMAIL PROTECTED]>
>: >: >Emacs is a bad example -- it explicitly asks before executing code.
>: >:
>: >: Like Word then!
>: >
>: >Think about the people you know who use emacs. Now think about the
>people
>: you
>: >know who use word. Is the difference clear to you now?
>:
>: Yeah. It's like some of us have been saying: this is more of a user (and
>: user-education) problem than it is a software problem.
>
>Not really. If Microsoft had taken the time to secure/idiot-proof their
>package, then Macro viruses probably wouldn't exist. The problem is that
>Microsoft markets their software as being "user-friendly", and claims that
>it's very easy to use and learn. If they're going to make these types of
>claims, then they should take proper security precautions to compensate for
>uneducated users.
My car is "user-friendly" and easy to use, so are you saying that if I go
out and drive at 100mph and crash that it's Ford's fault for not limiting
the maximum speed of my car? No it's my duty (as a driver or computer user)
to take precautions and then to take responsibility for my actions. Now if
I'm out driving obeying all the driving laws and I've properly maintained my
car and suddenly the wheel falls off, then the manufacturer is at fault.
The macro virus situation probably falls somewhere in the middle of the
examples before. This is certainly not the first macro virus so our users
should be aware of the potential problem (but how many organizations take
the time to explain this to EVERY computer user?). Also I believe the
default in MS office is to not run macros or at least to warn you before
running them. So the user knows that their might be a problem if they open
the file (as I know that if I'm driving at 100mph I'm at risk).
Blame MS for producing buggy, bloated and poorly designed software but you
surely can't blame them for user actions.
--Dave
>> On Wed, 31 Mar 1999 14:21:37 -0500,
>> "Dave Teske" <[EMAIL PROTECTED]> said:
D> My car is "user-friendly" and easy to use, so are you saying that if I
D> go out and drive at 100mph and crash that it's Ford's fault for not
D> limiting the maximum speed of my car? No it's my duty (as a driver or
D> computer user) to take precautions and then to take responsibility for
D> my actions. Now if I'm out driving obeying all the driving laws and
D> I've properly maintained my car and suddenly the wheel falls off, then
D> the manufacturer is at fault.
If someone buys a car, they generally don't go out and drive like
Emerson Fittipaldi. If they buy an X-acto knife, they generally don't
think that qualifies them to hang out a shingle offering surgery
while-u-wait. Unfortunately, the same level of common sense doesn't
seem to kick in where computers are concerned, and that's partly due to
the efforts of some companies to make something complex seem simpler
than it really is.
If Bill's Bloatware in Redmond offers me a package that will do all my
thinking for me, half the blame goes to him for selling that kind of
bilge. The other half goes to me for being stupid enough to believe it.
--
Karl Vogel
ASC/YCOA, Wright-Patterson AFB, OH 45433, USA
[EMAIL PROTECTED] or [EMAIL PROTECTED]
Peter C Norton <[EMAIL PROTECTED]> writes:
> On Tue, Mar 30, 1999 at 03:52:31PM -0800, Russ Allbery wrote:
>> Bruno Wolff <[EMAIL PROTECTED]> writes:
>>> This isn't the same thing. They don't run commands imbedded in the the
>>> documents.
>> emacs does.
> I had been told that it didn't anymore, unless you enable that behavior.
I have been told the same thing about Microsoft Word, except for documents
that require a password. :) (There have been conflicting reports here.)
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
But in driving a car means that you were educated formally BEFORE you got
the keys. Schools, a test, permits, etc. Any dolt can by a computer and
screw it up.. and they do!
You cannot make any case against making it DIFFICULT to erase a
file/format a drive. Most of the helpdesks in the WORLD would get laid
off if MS said "Were gonna make it a royal pain to erase a system file".
But they won't. And sadly enough, they will not relase source code to let
US do it for them.
So, I will use my UNIX/LINUX boxes cause I like to know that there are no
viruses, and no way for "Carl the computer retard" to screw it up.
Paul D. Farber II
Farber Technology
Ph. 570-628-5303
Fax 570-628-5545
[EMAIL PROTECTED]
> My car is "user-friendly" and easy to use, so are you saying that if I go
> out and drive at 100mph and crash that it's Ford's fault for not limiting
> the maximum speed of my car? No it's my duty (as a driver or computer user)
> to take precautions and then to take responsibility for my actions. Now if
> I'm out driving obeying all the driving laws and I've properly maintained my
> car and suddenly the wheel falls off, then the manufacturer is at fault.
On 01-Apr-99 Paul Farber wrote:
> But in driving a car means that you were educated formally BEFORE you got
> the keys. Schools, a test, permits, etc. Any dolt can by a computer and
> screw it up.. and they do!
>
> You cannot make any case against making it DIFFICULT to erase a
> file/format a drive. Most of the helpdesks in the WORLD would get laid
> off if MS said "Were gonna make it a royal pain to erase a system file".
> But they won't. And sadly enough, they will not relase source code to let
> US do it for them.
>
> So, I will use my UNIX/LINUX boxes cause I like to know that there are no
> viruses, and no way for "Carl the computer retard" to screw it up.
I've been watching this thread with amusement. I've yet to see anyone
mention the real cause of the spreading of the virus. The world is full
of stupid people. Technology (of all forms) attracts them, remember CB?
Anyway, like most other industries, the software industry isn't driven by
the engineering dept or the security teams or really even the lusers. It's
pretty much run by the marketing departments. These people are pretty
much among the stupid when it comes to technology. They go for the buzz
words, then shove them down the throats of the unsuspecting.
These unsuspecting lusers go crazy over it (a body part gets hard) and
think they've become experts in all aspects of computing (I see these types
on a regular basis). The marketing departments feed off of this and
dictate what the developers will produce. Want to see (or at least remember)
a demo of this? Think/go back to the discussions of news software on
news.software.readers a year or two ago. The developers from either Netscape,
M$ or both stated that they would stop making the default compositions an
HTML document. They agreed it was the wrong thing to do. BUT! They also
admitted that it was the marketing depts that would push for it go remain.
Around the same time that Netscape was about to hit 3.0, there was a
presentation given by Netscape, Lotus, IBM and a few others at work (Chrysler).
The Netscape marketing types were going on about how the new Netscape would
have all these wonderful things included in the mail portion of the browser.
All the things that the programmers said wouldn't be there but the marketing
dept would lobby for them to be there. Those wonderful HTML mail messages,
the same for News, too. These marketing types had the non-technical types
ooh-ing and ahh-ing over this new and wonderful stuff that soon be gracing
us with their long awaited and needed presence.
Remember, if you tell someone something enough they will eventually believe it.
So who is to blame? The luser? M$? Netscape? The virus authors? Fill
in the blank: ___________? If you ask me it's the marketing depts for
Netscape and M$ and any other company that gets involved in this. (M$ isn't
off the hook here, they were battling Netscape over who could promise the
most features) A good marketing gimic or campaign will be able to sell
sand in the desert as long as the lusers are gullible enough to believe
it and whine for it. Once this cycle starts, there's no turning back.
Who gets the short end of the stick? It's not marketing, it's not the
lusers, it's not M$ and it's not Netscape. It's us. The admins and
support folks. We're the ones that have to make this crap work, and when
a Melissa or Papa or Fill in the Blank _________ comes around, we're the
ones that have to mop it up. And you know what? We have the right to
be pissed off about it 'cuze if they'd listened to us to begin with, this
would never have happened! And halfass fixes like the sendmail thing
only makes it worse.
Y'know how it's always darkest before the dawn? We ain't even close to
dawn yet. As it stands, the Wintel folks have been the main recipients
of these gifts. With the (almost scary) rapid growth of Linux' popularity
we're going to begin to see a number of virus infecting our world (that
covers FreeBSD, Linux, Solaris, etc) in the not too distant future. The
way IBM, Novell and every other large company is jumping on the Linux
bandwagon, you're gonna see the marketing departments jumping on this new
ground playing their old games. Question is, is it too late?
Not sure if this was a soapbox, a rant or what, but I'll shut up now.
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
> My car is "user-friendly" and easy to use, so are you saying that if
> I go out and drive at 100mph and crash that it's Ford's fault for
> not limiting the maximum speed of my car?
Dismissed - invalid analogy. You need a licence to drive a car. You
probably did some tests to prove you know what you're doing. If there
were no licence for driving a car, Ford would make a car that would
limit your maximum speed.
Next!
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
All anyone needs to drive a car are the keys. Sure to drive legally I need a
license but there isn't anything stopping the 14 year old kid (or the 41
year lod man with no license) down the street from stealing my keys/car and
driving/crashing.
And since people had so many issues with my last analogy here's another one.
How many people wore seat belt's before it was mandated by law. 10-20% max!
Yet everyone knew that seat belts saved lives (the ultimate security risk).
Was it GM/Ford/... fault? Sure the Mfg's included them in the cars (just
like M$ turn's off macro's by default or at least they warn you before
opening the doc) but if the people ignore them then it's their own fault.
My point here is that people (ie computer users) need to take responsibility
for their actions and stop blaming others. Just like I, a licensed driver
(and reasonably knowledgable computer user) know the risks of driving in an
unsafe manner. Anyone using a computer needs some minimum "knowledge" to
operate it in a safe manner.
If companies would just get it that ALL of their PC users need training and
rules to follow (like never turn off macro protection or you get canned)
then all of us who have to support these under educated users would have
much more time for Quake and such.
> My car is "user-friendly" and easy to use, so are you saying that if
> I go out and drive at 100mph and crash that it's Ford's fault for
> not limiting the maximum speed of my car?
>Dismissed - invalid analogy. You need a licence to drive a car. You
>probably did some tests to prove you know what you're doing. If there
>were no licence for driving a car, Ford would make a car that would
>limit your maximum speed.
>Next!
Cheers
--Dave
If I send an email to local [EMAIL PROTECTED], I get the following
error:
delivery xxx: Deferral:
Unable_to_open_/var/spool/mail/jurriaan./_(#4.2.1)/
in /root/.qmail:
[EMAIL PROTECTED]
in /home/jurriaan/.qmail:
/var/spool/mail/jurriaan
All other mail send from outside to jurriaan, sent from jurriaan to
jurriaan goes well. Other local users can send to jurriaan as well.
I've read and re-read man dot-qmail, and I don't see what's going wrong
here. Permissions on both /root/.qmail and /home/jurriaan/.qmail are
-rw-------, owned by root resp. jurriaan.
middle.of.nowhere is listed in /var/qmail/control/locals, so no
virtualdomain should interfere. I've even added a
/home/jurriaan/.qmail-default and /home/jurriaan/.qmail-root, same
permissions, same content as /home/jurriaan/.qmail. No luck.
I'm not sure how the dot after /var/spool/mail/jurriaan comes into
existence, I'm not sure if some qmail-subprogram (qmail-queue, right) is
run as user root and cannot send email to jurriaan?
Please give some hint as to what is going wrong here!
Jurriaan
--
We carry in our hearts the true country
And that cannot be stolen
We follow in the steps of our ancestry
And that cannot be stolen
Midnight Oil - The dead heart.
On Wed 1999-03-31 (20:04), [EMAIL PROTECTED] wrote:
> If I send an email to local [EMAIL PROTECTED], I get the following
> error:
>
> delivery xxx: Deferral:
> Unable_to_open_/var/spool/mail/jurriaan./_(#4.2.1)/
>
> in /root/.qmail:
>
> [EMAIL PROTECTED]
>
> in /home/jurriaan/.qmail:
>
> /var/spool/mail/jurriaan
>
> All other mail send from outside to jurriaan, sent from jurriaan to
> jurriaan goes well. Other local users can send to jurriaan as well.
> I've read and re-read man dot-qmail, and I don't see what's going wrong
> here. Permissions on both /root/.qmail and /home/jurriaan/.qmail are
> -rw-------, owned by root resp. jurriaan.
>
> middle.of.nowhere is listed in /var/qmail/control/locals, so no
> virtualdomain should interfere. I've even added a
> /home/jurriaan/.qmail-default and /home/jurriaan/.qmail-root, same
> permissions, same content as /home/jurriaan/.qmail. No luck.
>
> I'm not sure how the dot after /var/spool/mail/jurriaan comes into
> existence, I'm not sure if some qmail-subprogram (qmail-queue, right) is
> run as user root and cannot send email to jurriaan?
>
> Please give some hint as to what is going wrong here!
Qmail never delivers mail as root, so it won't look up a .qmail file in
root's home directory (since the usual process is to change to the uid of the
user before doing this). So, you have to create ~alias/.qmail-root
containing:
[EMAIL PROTECTED]
and you should get what you want.
- Keith
> Jurriaan
--
Keith Burdis - MSc (Com Sci) - Rhodes University, South Africa
Email : [EMAIL PROTECTED]
WWW : http://www.rucus.ru.ac.za/~keith/
IRC : Panthras JAPH
"Any technology sufficiently advanced is indistinguishable from a perl script"
Standard disclaimer.
---
Hello,
Some people on this list were discussing a new imapd for qmail Maildir
format. When I downloaded the rpm I found:
1. The patches in the RPM try to patch qmail-4.1.BETA.
2. Some of them do patch (or even partially patch) qmail-4.5.BETA (and then
partially patch 4.1.BETA)
Should I simply ignore this, patching what I can (and ignoring the patch
errors that occur)?
Or should I assume the source in the RPM is already patched?
Thanks!
Brought to you by the number 3 and the letter D.
Hello everyone,
I've got a situation that I need help with. It's not a qmail
question specifically, though I'm using qmail in this case.
We've got an ISDN connection to our ISP via a Netgear NAT-enabled
router. So, our local machines are all in 192.168.x.x, and the
router translates them to our assigned ISP address when it connects.
That part is working fine. HOWEVER, we need to use one of the
machines here as a local mail server on the 192.168.x.x net (for
internal mail) and as the gateway to the internet. I know that I
need the ISP to have an MX for our domain, pointing to one of his
mail servers. And I probably need to use fetchmail to connect
periodically and get our mail (or is it serialmail?). How do I set
qmail to deliver mail to our domain locally, and hold everything
else for forwarding? I am assuming that I need fetchmail or
serialmail, correct?
What about the DNS setup? I know that we need an MX to point
the world to our ISP, but how does our ISP know to deliver to
us?
Sorry if this is too basic for this list... a reference would
be appreciated so I can read up on it.
Thanks.
-Scott
hey all, albeit my fault if there is a ucspi mailing list, but:
i've been trying to figure out how with tcpd (tcp wrappers) to get
something to bind to a particular interface, but since i've had no luck
with that, i figured i'd try tcpserver (since it is a replacement).
anyway, i'm trying to replace this entry in /etc/inetd.conf:
shell stream tcp nowait root /usr/sbin/tcpd in.rshd
with this:
tcpserver -v -u0 -g0 206.96.248.4 shell /usr/sbin/in.rshd
and it starts, and seems to work, so from another box i type:
(14:17:02)(root@simba)(~)# rsh katanga cat /etc/hosts
27.0.0.1 localhost localhost.localdomain
weird? so i try something else:
(14:23:38)(root@simba)(~)# rsh katanga /root/suspend pzn
Protocol error, katanga.safari.net closed connection
none the less, the command is executed. as far as the error, is there
something i'm doing wrong w/ tcpserver?
ps: no errors in the log either btw.
thanks,
-xs
end
+-------------------------------------+
|Greg Albrecht KF4MKT [EMAIL PROTECTED]|
|Safari Internet Fort Lauderdale, FL|
|www.safari.net 888-537-9550|
+------L-O-W-E-R--D-O-T--O-R-G--------+
We found a user who is sending out spam by the thousands, and I'd like to
stop this user from sending any more. I'm not quite sure what the proper
way to do this is. I've put this from addresses in badmailfrom. I've
also taken his domain out of rcpthosts and virtualdomains.
The user is on a machine which simple has a smtproutes file that points to
the real mail server.
What do I need to do to stop this user's mail without crippling everyone
elses mail.
Thanks
-jeremy
http://www.xxedgexx.com | [EMAIL PROTECTED]
---------------------------------------------
Y2K. We're all gonna die.
XxEDGExX writes:
>
> We found a user who is sending out spam by the thousands, and I'd like to
> stop this user from sending any more. I'm not quite sure what the proper
> way to do this is. I've put this from addresses in badmailfrom. I've
> also taken his domain out of rcpthosts and virtualdomains.
>
> The user is on a machine which simple has a smtproutes file that points to
> the real mail server.
>
> What do I need to do to stop this user's mail without crippling everyone
> elses mail.
>
> Thanks
> -jeremy
>
> http://www.xxedgexx.com | [EMAIL PROTECTED]
> ---------------------------------------------
> Y2K. We're all gonna die.
Tell him that if he does it again, you're going to give him an early Y2K.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
PFfft. HAHA.
Thanks :-)
-jeremy
>
> Tell him that if he does it again, you're going to give him an early Y2K.
>
> --
> -russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
> Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
> 521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
> Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
>
http://www.xxedgexx.com | [EMAIL PROTECTED]
---------------------------------------------
Y2K. We're all gonna die.
XxEDGExX writes:
> Russ writes:
> > Tell him that if he does it again, you're going to give him an early Y2K.
>
> PFfft. HAHA.
>
> Thanks :-)
No, I'm serious. Some problems are better suited to a social than a
technological solution. If your own user is misbehaving, you tell
them to behave. If they don't, you whack their entire access. Why
should you be burdened with trying to install capability limiting when
a simple "Don't do this again." should be sufficient?
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Honestly, I agree with you 100%, but pointy haired boss's get a strange
look on their face when you give them the "we'll just get rid of them"
answer. So, what is an admin to do when your boss doesn't want to remove
the user, but also doesn't want to be getting 1000 hate mail messages from
your customers selling the get rich plan.
This user was warned, and I did what I could to remove his messages in the
queue, but I'm still seeing an occassional bounce back. What sucks is a
lot of these guys don't care what you tell them as long as they're on long
enough to get their 100,000 messages out the door.
-jeremy
> XxEDGExX writes:
> > Russ writes:
> > > Tell him that if he does it again, you're going to give him an early Y2K.
> >
> > PFfft. HAHA.
> >
> > Thanks :-)
>
> No, I'm serious. Some problems are better suited to a social than a
> technological solution. If your own user is misbehaving, you tell
> them to behave. If they don't, you whack their entire access. Why
> should you be burdened with trying to install capability limiting when
> a simple "Don't do this again." should be sufficient?
>
> --
> -russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
> Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
> 521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
> Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
>
http://www.xxedgexx.com | [EMAIL PROTECTED]
---------------------------------------------
Y2K. We're all gonna die.
well, perhaps try tarpitting, there is a patch on www.qmail.org
i stop outgoing mail at 25 rcpts and incoming at 100 rcpts.
also, i try to scare the piss out of spammers, for example we use to offer
payment by check, and so we would have some customers call in, sign up to
pay by check, so at 5:00pm the new accounts were added, and at 8:00pm when
tech support went home, the spamming started. i remember one time this
*hole signed up, and around 11pm started spamming, luckaly (or unluckaly)
for me i was at work late, and i allways keep a xterm open with the mail
log scrolling by, and all of a sudden i saw 500 emails outbound for
aol.com. so i stoped qmail, and started sorting thru the queue, and
watching inbound smtp connections, and boom, i see a dialup keep trying to
connect to port 25, so i find out who that dialup was, and it was the only
customer that signed up to pay by check that day... damn. so i dug out his
papers and *67,called his ass and read him the riot act.
anyway, thats my $0.50
lates,
-xs
end
+-------------------------------------+
|Greg Albrecht KF4MKT [EMAIL PROTECTED]|
|Safari Internet Fort Lauderdale, FL|
|www.safari.net 888-537-9550|
+------L-O-W-E-R--D-O-T--O-R-G--------+
On Wed, 31 Mar 1999, XxEDGExX wrote:
>
>Honestly, I agree with you 100%, but pointy haired boss's get a strange
>look on their face when you give them the "we'll just get rid of them"
>answer. So, what is an admin to do when your boss doesn't want to remove
>the user, but also doesn't want to be getting 1000 hate mail messages from
>your customers selling the get rich plan.
>
>This user was warned, and I did what I could to remove his messages in the
>queue, but I'm still seeing an occassional bounce back. What sucks is a
>lot of these guys don't care what you tell them as long as they're on long
>enough to get their 100,000 messages out the door.
>
>-jeremy
>
>> XxEDGExX writes:
>> > Russ writes:
>> > > Tell him that if he does it again, you're going to give him an early Y2K.
>> >
>> > PFfft. HAHA.
>> >
>> > Thanks :-)
>>
>> No, I'm serious. Some problems are better suited to a social than a
>> technological solution. If your own user is misbehaving, you tell
>> them to behave. If they don't, you whack their entire access. Why
>> should you be burdened with trying to install capability limiting when
>> a simple "Don't do this again." should be sufficient?
>>
>> --
>> -russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
>> Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
>> 521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
>> Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
>>
>
>
>http://www.xxedgexx.com | [EMAIL PROTECTED]
>---------------------------------------------
>Y2K. We're all gonna die.
>
>
Once upon a midnight dreary, XxEDGExX had spoken clearly:
>
>Honestly, I agree with you 100%, but pointy haired boss's get a strange
>look on their face when you give them the "we'll just get rid of them"
>answer.
I had that problem, too... except my boss was one damn fine lookin' blonde
woman who was my boss, and a good friend. It was *her* pointy-haired-boss
that was making the strange looks...
Unforch, the person I wouldn't allow back on our system was a nephew of the
tribal chief of the Indian tribe I worked for (and still belong to.)
If your company doesn't have a decent acceptable use agreement, lemme know
and I'll send you a copy of ours - it has a special line right in it about
spamming and the stern stance we take here. Then all you say (as you whack
their account and keep their money) is -- you signed, you agreed to the
contract. We also mention to our customers in layman's terms what the UCE
means - add a little humor to the explanation, and customers don't mind at
all what they're signing.
> So, what is an admin to do when your boss doesn't want to remove
>the user, but also doesn't want to be getting 1000 hate mail messages from
>your customers selling the get rich plan.
Do what I did - threaten to quit -- then if the pointies don't see it your
way... quit. With two friends, started up a new ISP (in direct competition
to the one I used to work for), swayed over a decent chunk of their
customers, because *they* haven't found anyone who could do 1/10 of what I
did for them.
>> Russ writes:
>> No, I'm serious. Some problems are better suited to a social than a
>> technological solution. If your own user is misbehaving, you tell
>> them to behave. If they don't, you whack their entire access.
I agree - just be sure to CYA with an acceptable use agreement.
HTH,
Roger "Merch" Merchberger
--
Roger "Merch" Merchberger --- sysadmin, Iceberg Computers
Recycling is good, right??? Ok, so I'll recycle an old .sig.
If at first you don't succeed, nuclear warhead
disarmament should *not* be your first career choice.
XxEDGExX wrote:
[this is more of an ISP business issue, and there are mailing lists just
for that, but I'll give it a go once here for summary sake, and suggest
that the points be followed up on other lists as appropriate. Much of
the observation here comes from just such discussions on such lists.]
> Honestly, I agree with you 100%, but pointy haired boss's get a strange
> look on their face when you give them the "we'll just get rid of them"
> answer. So, what is an admin to do when your boss doesn't want to remove
> the user, but also doesn't want to be getting 1000 hate mail messages from
> your customers selling the get rich plan.
It's time for the techie to go to the PHB and start talking business.
The summary is that it is NOT in the best interest of an ISP to keep
absolutely 100% of their customers. They should NOT bend over backwards
(or forwards for that matter) to keep every last one of them. Perhaps
the clearer example (to the PHB) will be the slow-pay and no-pay customers.
Accounting and collections can only spend so much effort for such a
customer. You don't spend $100 worth of time to collect $100 worth of
debt. And you most certainly don't try to get that customer to stay with
your service. Let some other ISP deal with their poor payment history.
Abusing your systems is no different. It degrades the service you offer to
everyone else. It costs time. It loses profit (or delays the date of
becoming profitable).
Make a business case. Itemize the time you spent dealing with the spam
effects. Count the customers actually lost for a week or two after that
event and compare to your average customer losage for as much a time.
Don't explain it as technical. Explain it as business ... money ... loss.
> This user was warned, and I did what I could to remove his messages in the
> queue, but I'm still seeing an occassional bounce back. What sucks is a
> lot of these guys don't care what you tell them as long as they're on long
> enough to get their 100,000 messages out the door.
The spammers won't care. In many cases they get an account, and start spewing
overnight, and by 9 AM have written off the account and any more time they get
from it is "icing on the cake". They are not loyal customers, and in most
cases never pay.
Trying to appeal to the customer is pointless. Go for the PHB, or revise your
resume.
--
Phil Howard | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
phil | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
at | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
ipal | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
dot | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
net | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
XxEDGExX writes:
>
> Honestly, I agree with you 100%, but pointy haired boss's get a strange
> look on their face when you give them the "we'll just get rid of them"
> answer. So, what is an admin to do when your boss doesn't want to remove
> the user, but also doesn't want to be getting 1000 hate mail messages from
> your customers selling the get rich plan.
Resign, and go work for a better boss.
Frankly, if your organization fails to do something about a spamming
customer, inform your boss that you can easily solev the 1000 hate mail
messages problem by simply announcing your policy to the world, thus
resulting in pretty much everyone walling you off. Nobody will complain
simply because they won't get your crap in the first place.
--
Sam
I checked INSTALL.alias again, and found out why
/var/qmail/alias/.qmail-root containing /var/spool/mail/jurriaan
just didn't do the job right.
Sorry to bother y'all,
Jurriaan
--
You touch my love with shades of blue
Lillian Axe - Poetic Justice
I was experimenting with using vchkpw (virtual domains and pop
users without any users in /etc/passwd) and qmail and having the mail
sent to /home/popusers/..../Maildir, where
/home/popusers is mounted via NFS. I was successfully able to
deliver mail, but I was unable to get a user to retrieve his/her mail.
The software was never able to authenticate the user's password.
Must vchkpw be compiled on the NFS server? (I copied its /bin files
there and I set the user's password there.) (qmail is compiled on the
NFS server (because vchkpw scripts keep looking for it), but it does
not run there.)
Of those who have this configuration working, what step am I missing?
(I can get vchkpw working fine on one machine.)
Thanks for any advice,
John Houlihan
Forte Communications, Inc.
I have a mail routing question and I'm hoping someone can help me. I have
searched through the mailing list archive (approx 580 msgs) and I couldn't
decipher the answer from any post(s) as being definative.
I have several domains to recieve mail for (names have been changed to
protect the ignorant <grin>)
company.com
alpha.company.com
beta.company.com
Correspondingly I have three machines, mail.company.com,
mail.alpha.company.com, and mail.beta.company.com. In my DNS I have:
company.com. IN MX 0 mail.company.com.
IN MX 10 mail.alpha.company.com.
IN MX 10 mail.beta.company.com.
alpha.company.com. IN MX 0 mail.alpha.company.com.
IN MX 10 mail.company.com.
IN MX 20 mail.beta.company.com.
beta.company.com. IN MX 0 mail.beta.company.com.
IN MX 10 mail.company.com.
IN MX 20 mail.alpha.company.com.
Now, all of these mail machines will be running Qmail. I need to figure
out how to configure each system so that *company.com mail is delivered
from mail.company.com (where it will all arrive) to the appropriate
mailhost via DNS MX records. All mail coming from the subdomains should
use DNS MX records for internal mail delivery. And finally, all company
external outgoing mail should override DNS MX records and forward through
our mail gateway (mail.company.com).
I'm very confused as to how to get his all setup to intermingle both MX
and (i guess) smtproute processing. Please, any help would be greatly
appreciated!
Stephen Anderson
<[EMAIL PROTECTED]>
On Wed, Mar 31, 1999 at 03:01:43PM -0600, Stephen Anderson wrote:
> I have a mail routing question and I'm hoping someone can help me. I have
> searched through the mailing list archive (approx 580 msgs) and I couldn't
> decipher the answer from any post(s) as being definative.
>
> I have several domains to recieve mail for (names have been changed to
> protect the ignorant <grin>)
>
> company.com
> alpha.company.com
> beta.company.com
>
> Correspondingly I have three machines, mail.company.com,
> mail.alpha.company.com, and mail.beta.company.com. In my DNS I have:
>
> company.com. IN MX 0 mail.company.com.
> IN MX 10 mail.alpha.company.com.
> IN MX 10 mail.beta.company.com.
>
> alpha.company.com. IN MX 0 mail.alpha.company.com.
> IN MX 10 mail.company.com.
> IN MX 20 mail.beta.company.com.
>
> beta.company.com. IN MX 0 mail.beta.company.com.
> IN MX 10 mail.company.com.
> IN MX 20 mail.alpha.company.com.
>
> Now, all of these mail machines will be running Qmail. I need to figure
> out how to configure each system so that *company.com mail is delivered
> from mail.company.com (where it will all arrive) to the appropriate
> mailhost via DNS MX records. All mail coming from the subdomains should
> use DNS MX records for internal mail delivery. And finally, all company
> external outgoing mail should override DNS MX records and forward through
> our mail gateway (mail.company.com).
Each machine should have all three domains in rcpthosts, but only the domain
it's hosting in locals (or virtualdomains, as the case may be).
mail.alpha.company.com's smtproutes file should look like this:
beta.company.com:mail.beta.company.com
:mail.company.com
Mail arriving at mail.alpha.company.com for alpha.company.com will be handled
locally (because alpha.company.com is in locals). Mail arriving for
beta.company.com will get sent to mail.beta.company.com, and mail for any other
domain will get forwarded to mail.company.com (because of the smtproutes
entries). You could leave the beta.company.com line out of smtproutes, but then
mail arriving at mail.alpha.company.com for beta.company.com would take an
extra hop to get to mail.beta.company.com. (It would be forwarded to
mail.company.com, and then DNS would take care of its getting to
mail.beta.company.com.)
mail.beta.company.com's setup will be similar.
You shouldn't need any smtproutes on mail.company.com. The MX records in DNS
will take care of mail arriving there and destined for
(alpha|beta).company.com.
Chris
Hi List
I've started to get repeated stochastic disturbance in my outgoing mail.
Any idea where to look for the problem?
I'll get the following errors from nearby servers:
Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
Sorry,_I_couldn't_find_any_host_named_efd.lth.se?._(#5.1.2)/
Connected_to_192.138.110.253_but_connection_died._(#4.4.2)/
I've checked the nameservers and they seem ok. I'm currently looking for
some sort of regularity - might be something about my lists (Ezmlm-idx).
Sincerely,
---
Joergen Persson
Sysadmin TLTH
On Wed, Mar 31, 1999 at 11:33:42PM +0200, Joergen Persson wrote:
> Hi List
> I've started to get repeated stochastic disturbance in my outgoing mail.
> Any idea where to look for the problem?
>
> I'll get the following errors from nearby servers:
> Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
> Sorry,_I_couldn't_find_any_host_named_efd.lth.se?._(#5.1.2)/
> Connected_to_192.138.110.253_but_connection_died._(#4.4.2)/
>
> I've checked the nameservers and they seem ok. I'm currently looking for
> some sort of regularity - might be something about my lists (Ezmlm-idx).
Here's my interpretation of these messages:
Sorry,_I_wasn't_able_to_establish_an_SMTP_connection: qmail was unable to
establish an SMTP connection.
Sorry,_I_couldn't_find_any_host_named_efd.lth.se?: qmail couldn't find any host
named efd.lth.se?.
Connected_to_192.138.110.253_but_connection_died: qmail connected to
192.138.110.253, but the connection died.
In other words, the messages mean exactly what they say, and would seem to
indicate temporary problems on the remote end of the connection (except for the
one about the host named efd.lth.se?, which shouldn't be a surprise).
If every connection to every host failed, I'd suspect a local machine or
network problem. But you should expect sporadic instances of these errors.
Chris
At 16:49 1999-03-31 -0500, Chris Johnson wrote:
>On Wed, Mar 31, 1999 at 11:33:42PM +0200, Joergen Persson wrote:
>> Hi List
>> I've started to get repeated stochastic disturbance in my outgoing mail.
>> Any idea where to look for the problem?
>>
>> I'll get the following errors from nearby servers:
>> Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
>> Sorry,_I_couldn't_find_any_host_named_efd.lth.se?._(#5.1.2)/
>> Connected_to_192.138.110.253_but_connection_died._(#4.4.2)/
[snip]
>In other words, the messages mean exactly what they say, and would seem to
>indicate temporary problems on the remote end of the connection (except
for the
>one about the host named efd.lth.se?, which shouldn't be a surprise).
[snip]
Well, I think it's weird since efd.lth.se is a good server by a splendid
admin about 500 meters away. I sent 157 successful mail to his server on
Mar 31 and got eight #5.1.2 This happens to several nearby mail servers. I
don't belive that all the name servers are under that heavy load at the
same time.
I often get #4.4.2 from two major Swedish companies - I don't doubt their
mail servers first thing. They might be under pressure though.
--
J�rgen Persson
Datoransvarig, Teknologk�ren vid LTH
Text written by Joergen Persson at 12:38 AM 4/1/99 +0200:
>At 16:49 1999-03-31 -0500, Chris Johnson wrote:
>
>>(except for the one about the host named efd.lth.se?, which shouldn't
>>be a surprise).
>[snip]
>
>Well, I think it's weird since efd.lth.se is a good server by a splendid
>admin about 500 meters away.
Well, sure, but is there a host named "efd.lth.se?" anywhere around? I've
never even heard of a .se? top-level domain, and I think it violates the
DNS standard, which doesn't allow ? as a character in host or domain names.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
die horribly /v./
The software equivalent of crash and burn, and the preferred emphatic
form of die. "The converter choked on an FF in its input and died
horribly".
Joergen Persson writes:
> Well, I think it's weird since efd.lth.se is a good server by a splendid
> admin about 500 meters away. I sent 157 successful mail to his server on
> Mar 31 and got eight #5.1.2 This happens to several nearby mail servers. I
> don't belive that all the name servers are under that heavy load at the
> same time.
This can happen if one of the *authoritative* name servers for that domain
is broken.
>
> I often get #4.4.2 from two major Swedish companies - I don't doubt their
> mail servers first thing. They might be under pressure though.
>
> --
> J�rgen Persson
> Datoransvarig, Teknologk�ren vid LTH
>
--
Sam
>From FAQ 2.5:
Answer: The SMTP standard does not permit aliased hostnames,...
I'm trying to do something with DNS alias involved, but I think it should
still work. If someone could just sanity check me here, I'd appreciate it.
The base:
I have a machine search.scansoft.com. It is a web server, and has many
aliases (www, beta, etc. etc.). I am installing mailing list services on
this web server. As their use grows, we'll probably want to move them off,
so I'm setting the list server as 'list.scansoft.com' and have created an
alias in DNS pointing 'list.scansoft.com' to 'search.scansoft.com'. Now, as
I understand it, that won't work, in and of itself, as per FAQ 2.5. But
I've also requested an MX record pointing 'list.scansoft.com' to
'search.scansoft.com' (the A record for this machine) with an MX value of
10.
Currently, when I mail to this system through my qmail relays, I get:
<[EMAIL PROTECTED]>:
4.17.150.115 does not like recipient.
Remote host said: 553 sorry, that domain isn't in my list of allowed
rcpthosts (
#5.7.1)
Giving up on 4.17.150.115.
Is that because the MX record isn't working yet, or is it because of
something more complicated? Let me explain the rest of my mail setup.
Aside from this mail server, I have two mail relays (hunin.scansoft.com MX
10, and munin.scansoft.com MX 20) which accept mail for "scansoft.com".
They then pass it along to the actual mail store via smtproutes. Is it
possible that, because they accept mail for "scansoft.com", they're not even
looking further for "list.scansoft.com"? (4.17.150.115 above is
munin.scansoft.com, the outgoing mail relay). Or will it start working as
soon as that MX record for list.scansoft.com gets installed on the DNS
servers?
Any thoughts you have on this are appreciated!
--
gowen -- Greg Owen -- [EMAIL PROTECTED] -- [EMAIL PROTECTED]
Please note my new [EMAIL PROTECTED] address which will
become my default address in March, and which works now.
Greg Owen {gowen} wrote:
>
> >From FAQ 2.5:
>
> Answer: The SMTP standard does not permit aliased hostnames,...
>
> I'm trying to do something with DNS alias involved, but I think it should
> still work. If someone could just sanity check me here, I'd appreciate it.
>
> The base:
>
> I have a machine search.scansoft.com. It is a web server, and has many
> aliases (www, beta, etc. etc.). I am installing mailing list services on
> this web server. As their use grows, we'll probably want to move them off,
> so I'm setting the list server as 'list.scansoft.com' and have created an
> alias in DNS pointing 'list.scansoft.com' to 'search.scansoft.com'. Now, as
> I understand it, that won't work, in and of itself, as per FAQ 2.5. But
> I've also requested an MX record pointing 'list.scansoft.com' to
> 'search.scansoft.com' (the A record for this machine) with an MX value of
> 10.
>
> Currently, when I mail to this system through my qmail relays, I get:
>
> <[EMAIL PROTECTED]>:
> 4.17.150.115 does not like recipient.
> Remote host said: 553 sorry, that domain isn't in my list of allowed
> rcpthosts (
> #5.7.1)
> Giving up on 4.17.150.115.
>
> Is that because the MX record isn't working yet, or is it because of
> something more complicated? Let me explain the rest of my mail setup.
>
> Aside from this mail server, I have two mail relays (hunin.scansoft.com MX
> 10, and munin.scansoft.com MX 20) which accept mail for "scansoft.com".
> They then pass it along to the actual mail store via smtproutes. Is it
> possible that, because they accept mail for "scansoft.com", they're not even
> looking further for "list.scansoft.com"? (4.17.150.115 above is
> munin.scansoft.com, the outgoing mail relay). Or will it start working as
> soon as that MX record for list.scansoft.com gets installed on the DNS
> servers?
>
> Any thoughts you have on this are appreciated!
>
> --
> gowen -- Greg Owen -- [EMAIL PROTECTED] -- [EMAIL PROTECTED]
>
> Please note my new [EMAIL PROTECTED] address which will
> become my default address in March, and which works now.
You probably need to add 'list.scansoft.com' into you
/var/qmail/control/rcpthosts file. Also... if i'm thinking right you
need to add it to /var/qmail/control/locals too. After that send a
SIGHUP to the qmail-send process and it should work fine.
Looking at your DNS everything seems ok... but i might be missing
something.....
--
|---------------------------------|----------------------------|
| Hitesh Patel | Voice: (541) 759-3126 |
| Facilities Development Manager | Fax: (541) 759-3214 |
| Preferred Systems | Email: [EMAIL PROTECTED] |
|---------------------------------|----------------------------|
On Wed, 31 Mar 1999, Hitesh Patel wrote:
> You probably need to add 'list.scansoft.com' into you
> /var/qmail/control/rcpthosts file. Also... if i'm thinking right you
> need to add it to /var/qmail/control/locals too. After that send a
> SIGHUP to the qmail-send process and it should work fine.
rcpthosts and locals on 'list.scansoft.com' do contain
'list.scansoft.com', but not on 'hunin' or 'munin', which should just
treat it as another remote host once that MX record is up.
--
gowen -- Greg Owen -- [EMAIL PROTECTED] -- [EMAIL PROTECTED]
Please note my new [EMAIL PROTECTED] address which will
become my default address in March, and which works now.
On Wed, Mar 31, 1999 at 04:43:13PM -0500, Greg Owen {gowen} wrote:
> From FAQ 2.5:
>
> Answer: The SMTP standard does not permit aliased hostnames,...
>
> I'm trying to do something with DNS alias involved, but I think it should
> still work. If someone could just sanity check me here, I'd appreciate it.
>
> The base:
>
> I have a machine search.scansoft.com. It is a web server, and has many
> aliases (www, beta, etc. etc.). I am installing mailing list services on
> this web server. As their use grows, we'll probably want to move them off,
> so I'm setting the list server as 'list.scansoft.com' and have created an
> alias in DNS pointing 'list.scansoft.com' to 'search.scansoft.com'. Now, as
> I understand it, that won't work, in and of itself, as per FAQ 2.5. But
> I've also requested an MX record pointing 'list.scansoft.com' to
> 'search.scansoft.com' (the A record for this machine) with an MX value of
> 10.
Don't "also" have an MX record, in addition to a CNAME record. MTAs will (or
might?) canonicalize the name before doing any MX lookups, so the MX record
will never be seen. That is to say, the MTA will note that search.scansoft.com
is the canonical name for list.scansoft.com, and will do any MX lookups on
search.scansoft.com.
If you all you want is for mail for list.scansoft.com to be handled by
search.scansoft.com, then use *only* an MX record. If you also want the machine
to be addressable as list.scansoft.com, add an A record--not a CNAME. Don't use
CNAME records to route mail.
> Currently, when I mail to this system through my qmail relays, I get:
>
> <[EMAIL PROTECTED]>:
> 4.17.150.115 does not like recipient.
> Remote host said: 553 sorry, that domain isn't in my list of allowed
> rcpthosts (
> #5.7.1)
> Giving up on 4.17.150.115.
>
> Is that because the MX record isn't working yet, or is it because of
> something more complicated? Let me explain the rest of my mail setup.
You need to add list.scansoft.com to rcpthosts. You also need to add it to
locals or virtualdomains, depending on how you're using it.
> Aside from this mail server, I have two mail relays (hunin.scansoft.com MX
> 10, and munin.scansoft.com MX 20) which accept mail for "scansoft.com".
> They then pass it along to the actual mail store via smtproutes. Is it
> possible that, because they accept mail for "scansoft.com", they're not even
> looking further for "list.scansoft.com"? (4.17.150.115 above is
> munin.scansoft.com, the outgoing mail relay). Or will it start working as
> soon as that MX record for list.scansoft.com gets installed on the DNS
> servers?
scansoft.com and list.scansoft.com are two different domains. Fix up your DNS,
rcpthosts, and locals/virtualdomains stuff, and none of this will be a problem.
Chris
On Wed, Mar 31, 1999 at 05:12:26PM -0500, Greg Owen {gowen} wrote:
>
> On Wed, 31 Mar 1999, Hitesh Patel wrote:
> > You probably need to add 'list.scansoft.com' into you
> > /var/qmail/control/rcpthosts file. Also... if i'm thinking right you
> > need to add it to /var/qmail/control/locals too. After that send a
> > SIGHUP to the qmail-send process and it should work fine.
>
> rcpthosts and locals on 'list.scansoft.com' do contain
> 'list.scansoft.com', but not on 'hunin' or 'munin', which should just
> treat it as another remote host once that MX record is up.
It needs to be in rcpthosts. Otherwise hunin and munin will reject the
recipient during the SMTP conversation.
Chris
On Wed, 31 Mar 1999, Chris Johnson wrote:
> On Wed, Mar 31, 1999 at 05:12:26PM -0500, Greg Owen {gowen} wrote:
> > rcpthosts and locals on 'list.scansoft.com' do contain
> > 'list.scansoft.com', but not on 'hunin' or 'munin', which should just
> > treat it as another remote host once that MX record is up.
>
> It needs to be in rcpthosts. Otherwise hunin and munin will reject the
> recipient during the SMTP conversation.
They are designed to relay mail from the internal mail store to
the outside world, and vice versa. So if I'm sending from
internal-mail.scansoft.com to, say, [EMAIL PROTECTED], it'll relay it
just fine, and microsoft.com isn't in the rcpthosts.
So are you saying that because this is a special case for relaying
(i.e., does qmail automatically try to fold host.domain.com into
domain.com if it has domain.com in its rcpthosts?), or because you assume
the error message I've seen came from a host which wasn't allowed to relay
through the relays?
--
gowen -- Greg Owen -- [EMAIL PROTECTED] -- [EMAIL PROTECTED]
Please note my new [EMAIL PROTECTED] address which will
become my default address in March, and which works now.
On Wed, Mar 31, 1999 at 05:31:19PM -0500, Greg Owen {gowen} wrote:
>
> On Wed, 31 Mar 1999, Chris Johnson wrote:
> > On Wed, Mar 31, 1999 at 05:12:26PM -0500, Greg Owen {gowen} wrote:
> > > rcpthosts and locals on 'list.scansoft.com' do contain
> > > 'list.scansoft.com', but not on 'hunin' or 'munin', which should just
> > > treat it as another remote host once that MX record is up.
> >
> > It needs to be in rcpthosts. Otherwise hunin and munin will reject the
> > recipient during the SMTP conversation.
>
> They are designed to relay mail from the internal mail store to
> the outside world, and vice versa. So if I'm sending from
> internal-mail.scansoft.com to, say, [EMAIL PROTECTED], it'll relay it
> just fine, and microsoft.com isn't in the rcpthosts.
Then you have tcpserver set up to do selective relaying. There's no other way
around it. If some host connects to you and says:
RCPT TO:<[EMAIL PROTECTED]>
and your host says:
250 ok
then microsoft.com is in rcpthosts, or you don't even have a rcpthosts file, or
you've set RELAYCLIENT for the host that's sending this message.
> So are you saying that because this is a special case for relaying
> (i.e., does qmail automatically try to fold host.domain.com into
> domain.com if it has domain.com in its rcpthosts?),
qmail doesn't do any folding, or ironing for that matter. host.domain.com is
one domain, and domain.com is another. If you don't have host.domain.com in
rcpthosts (or a wildcard .domain.com), then host.domain.com gets rejected,
without regard for how you handle domain.com.
> or because you assume the error message I've seen came from a host which
> wasn't allowed to relay through the relays?
You can't get the "list of allowed rcpthosts" message from a host which is
allowed to relay, so I did assume that you were trying to send from a host that
wasn't allowed to relay.
Chris
Greg Owen {gowen} wrote:
>
> On Wed, 31 Mar 1999, Chris Johnson wrote:
> > On Wed, Mar 31, 1999 at 05:12:26PM -0500, Greg Owen {gowen} wrote:
> > > rcpthosts and locals on 'list.scansoft.com' do contain
> > > 'list.scansoft.com', but not on 'hunin' or 'munin', which should just
> > > treat it as another remote host once that MX record is up.
> >
> > It needs to be in rcpthosts. Otherwise hunin and munin will reject the
> > recipient during the SMTP conversation.
>
> They are designed to relay mail from the internal mail store to
> the outside world, and vice versa. So if I'm sending from
> internal-mail.scansoft.com to, say, [EMAIL PROTECTED], it'll relay it
> just fine, and microsoft.com isn't in the rcpthosts.
>
> So are you saying that because this is a special case for relaying
> (i.e., does qmail automatically try to fold host.domain.com into
> domain.com if it has domain.com in its rcpthosts?), or because you assume
> the error message I've seen came from a host which wasn't allowed to relay
> through the relays?
>
> --
> gowen -- Greg Owen -- [EMAIL PROTECTED] -- [EMAIL PROTECTED]
>
> Please note my new [EMAIL PROTECTED] address which will
> become my default address in March, and which works now.
Are you using tcpserver to control who can relay through your box?
--
|---------------------------------|----------------------------|
| Hitesh Patel | Voice: (541) 759-3126 |
| Facilities Development Manager | Fax: (541) 759-3214 |
| Preferred Systems | Email: [EMAIL PROTECTED] |
|---------------------------------|----------------------------|
On Wed, 31 Mar 1999, Chris Johnson wrote:
> > They are designed to relay mail from the internal mail store to
> > the outside world, and vice versa. So if I'm sending from
> > internal-mail.scansoft.com to, say, [EMAIL PROTECTED], it'll relay it
> > just fine, and microsoft.com isn't in the rcpthosts.
>
> Then you have tcpserver set up to do selective relaying. There's no
> other way around it. If some host connects to you and says:
Yes, that's correct, these systems are configured as per Michael
Samuel's "How to Configure Qmail to be a Selective Relay."
> You can't get the "list of allowed rcpthosts" message from a host
> which is allowed to relay, so I did assume that you were trying to
> send from a host that wasn't allowed to relay.
Ah. I've found the problem.
Firstly, I got the IP address of the mail relay and the "list"
server confused, so I was looking at the wrong machine for the error.
Stupid user error.
Secondly, the "list" server had the alias name --
'list.scansoft.com' -- in rcpthosts and locals. However, the mail relays
apparently rewrite the envelope to use the A record,
'search.scansoft.com', which WASN'T in rcpthosts/locals on the 'list'
machine. So when the relay spoke to 'list', 'list' said "NO WAY."
Thanks for the help, everybody - clearly, mucking about with
CNAMEs does make life harder. The reason I'm doing it, FWIW, is that the
list server will be running a web interface at http://list.scansoft.com/,
and I was trying to do it without putting two IPs on the machine's card.
--
gowen -- Greg Owen -- [EMAIL PROTECTED] -- [EMAIL PROTECTED]
Please note my new [EMAIL PROTECTED] address which will
become my default address in March, and which works now.
On Tue, Mar 30, 1999 at 09:00:58AM -0800, Mark Delany wrote:
> > creat is equivalent to open with flags equal to
> > O_CREAT|O_WRONLY|O_TRUNC.
>
> Yes. My manpage says that too. I wonder whether mtime only applies if the
> file doesn't exist though?
Not creating an existing file does not modify it.
Greetings
Bernd
So guys (Mark, Bernd, or Russ), what do you think? Is there anything that
you'd like me to try to get this working? I'd love to have popbull
working correctly.
Matt
On Thu, 1 Apr 1999, Bernd Eckenfels wrote:
> On Tue, Mar 30, 1999 at 09:00:58AM -0800, Mark Delany wrote:
> > > creat is equivalent to open with flags equal to
> > > O_CREAT|O_WRONLY|O_TRUNC.
> >
> > Yes. My manpage says that too. I wonder whether mtime only applies if the
> > file doesn't exist though?
>
> Not creating an existing file does not modify it.
>
> Greetings
> Bernd
>
>>Mark Delany writes:
>> > Hmm. According to Solaris, mtime changes when you issue one of:
>> >
>> > creat(), mknod(), pipe(), utime(), and write(2).
>> >
>> > Does the patch write anything into .timestamp? Should it?
>>
>>No and absent a kernel bug, no:
>>
>> creat is equivalent to open with flags equal to
>> O_CREAT|O_WRONLY|O_TRUNC.
>>
>>int open_trunc(fn) char *fn;
>>{ return open(fn,O_WRONLY | O_NDELAY | O_TRUNC | O_CREAT,0644); }
>>
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
``````````````````````````````````````````````````````````````````
Matt Simerson http://users.michweb.net/~matt
MichWeb Inc. - President http://www.michweb.net
The Art Farm - Technical Wizard http://www.theartfarm.com
Better to dare Mighty Things and fail, than to live in __o
a gray twilight where there is neither victory or _-\<,_
defeat. -- attributed to Theodore Roosevelt ......(_)/ (_)
``````````````````````````````````````````````````````````````````
Change the patch so that after the open, do a write.
write(fd, "0", 1);
will do it.
At 08:37 PM Wednesday 3/31/99, Matt Simerson wrote:
>
>So guys (Mark, Bernd, or Russ), what do you think? Is there anything that
>you'd like me to try to get this working? I'd love to have popbull
>working correctly.
>
>Matt
>
>On Thu, 1 Apr 1999, Bernd Eckenfels wrote:
>
>> On Tue, Mar 30, 1999 at 09:00:58AM -0800, Mark Delany wrote:
>> > > creat is equivalent to open with flags equal to
>> > > O_CREAT|O_WRONLY|O_TRUNC.
>> >
>> > Yes. My manpage says that too. I wonder whether mtime only applies if the
>> > file doesn't exist though?
>>
>> Not creating an existing file does not modify it.
>>
>> Greetings
>> Bernd
>>
>>>Mark Delany writes:
>>> > Hmm. According to Solaris, mtime changes when you issue one of:
>>> >
>>> > creat(), mknod(), pipe(), utime(), and write(2).
>>> >
>>> > Does the patch write anything into .timestamp? Should it?
>>>
>>>No and absent a kernel bug, no:
>>>
>>> creat is equivalent to open with flags equal to
>>> O_CREAT|O_WRONLY|O_TRUNC.
>>>
>>>int open_trunc(fn) char *fn;
>>>{ return open(fn,O_WRONLY | O_NDELAY | O_TRUNC | O_CREAT,0644); }
>>>
>--
>-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
>Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
>521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
>Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
>
>``````````````````````````````````````````````````````````````````
> Matt Simerson http://users.michweb.net/~matt
> MichWeb Inc. - President http://www.michweb.net
> The Art Farm - Technical Wizard http://www.theartfarm.com
>
> Better to dare Mighty Things and fail, than to live in __o
> a gray twilight where there is neither victory or _-\<,_
> defeat. -- attributed to Theodore Roosevelt ......(_)/ (_)
>``````````````````````````````````````````````````````````````````
>
Well, I tried adding the write line in the code. I recompiled, installed
the patched qmail-popbull and qmail-pop3d and telneted in to port 100. It
still didn't update the .timestamp file.
I deleted the .timestamp file. It created a new one with the right
timestamp but....isn't that line supposed to put a "0" in the file? I'm
not a programmer but that's what it looks to me to be doing. The new
.timestamp file is still 0 bytes and empty.
????
Matt
On Wed, 31 Mar 1999, Mark Delany wrote:
> Change the patch so that after the open, do a write.
>
> write(fd, "0", 1);
>
> will do it.
>
> At 08:37 PM Wednesday 3/31/99, Matt Simerson wrote:
> >
> >So guys (Mark, Bernd, or Russ), what do you think? Is there anything that
> >you'd like me to try to get this working? I'd love to have popbull
> >working correctly.
> >
> >Matt
> >
> >On Thu, 1 Apr 1999, Bernd Eckenfels wrote:
> >
> >> On Tue, Mar 30, 1999 at 09:00:58AM -0800, Mark Delany wrote:
> >> > > creat is equivalent to open with flags equal to
> >> > > O_CREAT|O_WRONLY|O_TRUNC.
> >> >
> >> > Yes. My manpage says that too. I wonder whether mtime only applies if the
> >> > file doesn't exist though?
> >>
> >> Not creating an existing file does not modify it.
> >>
> >> Greetings
> >> Bernd
> >>
> >>>Mark Delany writes:
> >>> > Hmm. According to Solaris, mtime changes when you issue one of:
> >>> >
> >>> > creat(), mknod(), pipe(), utime(), and write(2).
> >>> >
> >>> > Does the patch write anything into .timestamp? Should it?
> >>>
> >>>No and absent a kernel bug, no:
> >>>
> >>> creat is equivalent to open with flags equal to
> >>> O_CREAT|O_WRONLY|O_TRUNC.
> >>>
> >>>int open_trunc(fn) char *fn;
> >>>{ return open(fn,O_WRONLY | O_NDELAY | O_TRUNC | O_CREAT,0644); }
> >>>
> >--
> >-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
> >Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
> >521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
> >Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
> >
> >``````````````````````````````````````````````````````````````````
> > Matt Simerson http://users.michweb.net/~matt
> > MichWeb Inc. - President http://www.michweb.net
> > The Art Farm - Technical Wizard http://www.theartfarm.com
> >
> > Better to dare Mighty Things and fail, than to live in __o
> > a gray twilight where there is neither victory or _-\<,_
> > defeat. -- attributed to Theodore Roosevelt ......(_)/ (_)
> >``````````````````````````````````````````````````````````````````
> >
>
>
``````````````````````````````````````````````````````````````````
Matt Simerson http://users.michweb.net/~matt
MichWeb Inc. - President http://www.michweb.net
The Art Farm - Technical Wizard http://www.theartfarm.com
Better to dare Mighty Things and fail, than to live in __o
a gray twilight where there is neither victory or _-\<,_
defeat. -- attributed to Theodore Roosevelt ......(_)/ (_)
``````````````````````````````````````````````````````````````````
Thanks. That did the trick.
--George
On Sat, 27 Mar 1999, Keith Burdis wrote:
> On Thu 1999-03-25 (14:45), [EMAIL PROTECTED] wrote:
> > Hi there,
> > I know it's a little bit off the topic of this list. Please accept my
> > apology here. I just try to find out anybody out there has ever tried this
> > combination before.
> >
> > Here is the script to start the daemon:
> > #! /bin/sh
> > ROG=sshd
> > LKDIR=/var/lock/sshd
> >
> > mkdirs() {
> > [ -d $LKDIR ] || ( mkdir -p $LKDIR );
> > }
> >
> > start () {
> > mkdirs
> > echo -n "Starting $PROG..."
> > supervise $LKDIR /usr/local/sbin/$PROG &
> > echo "done"
> > }
> >
> > But the supervise somehow thinks the sshd is dead and keeps starting
> > it, giving out the following messages continuously:
> >
> > Starting sshd...FATAL: Creating listener failed: port 22 probably
> > already in use!
> > ....
> >
> > The sshd program is downloaded and compiled from
> > http://www.ssh.fi/sshprotocols2/index.html
>
> I remember hacking at Mate Wierdl's tcpserver-initscripts package to make it
> use ssh instead of rsh, and IIRC I had to use sshd -i rather than just sshd.
> This prevents it from forking and putting itself in the background.
>
> - Keith
>
> > Thanks a lot in advanced.
> > --George Hong
>
> --
> Keith Burdis - MSc (Com Sci) - Rhodes University, South Africa
> Email : [EMAIL PROTECTED]
> WWW : http://www.rucus.ru.ac.za/~keith/
> IRC : Panthras JAPH
>
> "Any technology sufficiently advanced is indistinguishable from a perl script"
>
> Standard disclaimer.
> ---
>
ok I mean sending an email through smtp-pop client it can send anything to
anyone.. but I get the below message when I try to send to an aliased
address.. (works fine say though pine)
Mar 30 18:33:57 lan qmail-smtpd: 922847637.576748 14661: DENYMAIL:
Filter.TO:_451_-exec_procmail_failed_-_try_again_later. relay
client.stephenson.cc [192.168.1.3] FROM <[EMAIL PROTECTED]>
On Wed, 31 Mar 1999, Sam wrote:
> Grant Stephenson writes:
>
> > hello...
> > I am having a problem with qmail when I send email through pop on my
> > server...
> > the mail sits in the que, and doesn't go out, because the server logs..
> >
> > Mar 30 18:33:57 lan qmail-smtpd: 922847637.576748 14661: DENYMAIL:
> > Filter.TO:_451_-exec_procmail_failed_-_try_again_later. relay
> > client.stephenson.cc [192.168.1.3] FROM <[EMAIL PROTECTED]>
> >
> > yet the host can send to any address it wants in the domain as long is
> > it's a real user, and not an alias.. (can also relay outside useing the
> > open-smtp patch)
> > so it works fine... but where is it checking for the userid?
> > I have also installed the "qmail-smtpd which calls procmail recipes to
> > filter spam" installed but the problem is only in sending through pop...
> > email send to the system from remote gets process fine with the aliases..
> > you just can't send to the aliases through pop through this server it's
> > thought of as a relay..
>
> Define what you 'through pop'.
>
>
> --
> Sam
>
Does anyone know of any apps that can do load testing on mail servers. I've
seen a bunch that do web server load testing but none for mail servers. I've
got our server on a tiny (486 w/P90 upgrade chip & 24mb ram)box and I'd like
to see how much load it'll handle before I go scrounging for a replacement.
Thanks
--Dave
I am trying to run the amavis package together with qmail.
If i put
|/usr/sbin/scanmails $SENDER $RECIPIENT
/var/here/lays/the/Maildir/
into one .qmail-file everything works fine.
But i would like qmail to scan every mail so i tried starting qmail like
this:
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start |/usr/sbin/scanmails $SENDER $RECIPIENT ./Mailbox splogger
qmail
that works for scanning the mails but of course there is no logging
anymore.
can anyone tell me how i have to change that line to still log?
BTW: I have adopted Sascha Ottolski's changes to Amavis 0.2.0pre2
to the new pre4 version. my version is available on request.
--
mfg sven lankes
megabit informationstechnik
http://www.megabit.net
