qmail Digest 6 Apr 1999 10:00:00 -0000 Issue 602
Topics (messages 23922 through 23945):
can't find tcpmakectl
23922 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
DNS-induced delay in tcpserver (not normal DNS weenie query...)
23923 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
Procmail & Maildir
23924 by: Mark Weinem <[EMAIL PROTECTED]>
Melissa Mutations
23925 by: Kai MacTane <[EMAIL PROTECTED]>
qmail-uce & procmail-fromfilter & stderr
23926 by: "Roland Schneider" <[EMAIL PROTECTED]>
MD5 in djb-c?
23927 by: Dave Sill <[EMAIL PROTECTED]>
Compiling qmail on Solaris 7
23928 by: "Eric Lewandowski" <[EMAIL PROTECTED]>
Hotmail LAST_ACK
23929 by: Paul Farber <[EMAIL PROTECTED]>
Qmail is changing the FROM address
23930 by: Robert Palma <[EMAIL PROTECTED]>
23931 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
23932 by: Robert Palma <[EMAIL PROTECTED]>
checkpassword RPMs?
23933 by: "Chris Garrigues" <[EMAIL PROTECTED]>
23934 by: Bruce Guenter <[EMAIL PROTECTED]>
23936 by: "Chris Garrigues" <[EMAIL PROTECTED]>
23938 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
23939 by: Kevin Waterson <[EMAIL PROTECTED]>
AOL Cname lookup failure???
23935 by: "Aaron L. Meehan" <[EMAIL PROTECTED]>
23940 by: [EMAIL PROTECTED]
23942 by: Richard Letts <[EMAIL PROTECTED]>
23943 by: Peter van Dijk <[EMAIL PROTECTED]>
Preventing UCE / Comprehensive Documentation?
23937 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23941 by: Fabrice Scemama <[EMAIL PROTECTED]>
Starting with a problem
23944 by: Ashish <[EMAIL PROTECTED]>
realying in two directions
23945 by: Anders Fristedt <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
+ [EMAIL PROTECTED] (Ed Weinberg):
| ./age-smtp: /usr/local/bin/tcpmakectl: No such file or directory
|
| I installed ucspi-tcp-0.84.tar.gz, and open-smtp3.tar.gz, but, that
| file does not seem to be on my server.
|
| Did I miss something?
tcpmakectl has been replaced by tcprules in ucsp-tcp 0.84.
Also, note that tcpcontrol is obsolete; its functionality is now built
into tcpserver.
- Harald
+ Jason Haar <[EMAIL PROTECTED]>:
| SMTP connections to our sendmail and qmail servers take over 80sec
| to return a banner when connected to _from_ machines on our own LAN
| (i.e. whose info is in our DNS - not the downed forwarder). [...]
|
| Once the initial delay is over, sendmail and qmail acts as normal.
|
| Any ideas why this is happening? Using strace I can see sendmail
| receiving timeouts from DNS lookups - although I can't see what it's
| looking up.
Probably it is trying an inverse lookup on the remote host's IP
address, possibly followed by a forward lookup.
You might test this by running
env - PATH=$PATH tcpserver -H 0 9999 printenv
on the server and trying telnet server 9999 from a client; compare
with what happens if you remove the -H flag, or even replace it by the
-p flag. You may also wish to experiment with the -R flag.
- Harald
Hi,
New incomming Mail is in $HOME/Maildir.
I want Procmail to sort the messages from $HOME/Maildir into destinated
directories.
When I used Exim I started Procmail with the following script:
# ! /bin/sh
ORGMAIL=/var/spool/mail/mark
if cd $HOME &&
test -s $ORGMAIL &&
lockfile -r0 -l1024 .newmail.lock 2>/dev/null
then
trap "rm -f .newmail.lock" 1 2 3 13 15
umask 077
lockfile -l1024 -ml
cat $ORGMAIL >>.newmail &&
cat /dev/null >$ORGMAIL
lockfile -mu
formail -s procmail <.newmail &&
rm -f .newmail
rm -f .newmail.lock
fi
exit 0
I want to keep this but Procmail must handle maildir now.
Is it necessary to patch Procmail (v3.11pre7 from Debian 2.0) ?
(What's the right way to do this: "patch procmail procmail-patch" or:
"patch -pnum <procmail-patch" ?)
And the new Desing of the script?
thanks,
Mark Weinem
Text written by Scott D. Yelich at 10:52 PM 4/2/99 -0700:
>
>> >From the Jargon File: (v4.0.0, 25 Jul 1996)
>> feature shock /n./
>> [from Alvin Toffler's book title "Future Shock"] A user's (or
>> programmer's!) confusion when confronted with a package that has too
>> many features and poor introductory material.
>
>How... utterly.... appropriate.
It was bound to happen sooner or later. I don't actually pick them before
sending them; I just have a thing that randomly picks one every 60 seconds
(the time is configurable) and rewrites my .sig accordingly. I don't
usually look to see which one it will be before sending -- except when
sending to management, when I try to make sure it isn't something like
"drool-proof paper" or similarly anti-management phrases. :)
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
say /vt./
1. To type to a terminal. "To list a directory verbosely, you have
to say ls -l." Tends to imply a newline-terminated command (a
`sentence'). 2. A computer may also be said to `say' things to you,
even if it doesn't have a speech synthesizer, by displaying them on
a terminal in response to your commands. Hackers find it odd that
this usage confuses mundanes.
On Sun, 4 Apr 1999 14:44:43 -0400 (EDT), Sam wrote:
>On Sun, 4 Apr 1999, Roland Schneider wrote:
>
>> Instead of sending this string back to the remote side, it
>> just gets logged in the procmail.log:
> ==========================
>
>Obviously procmail's doing that. You'll need to check procmail's doc.
>Try sending the error message to stdout. Procmails up to 3.11pre7
>discarded stdout, and only left stderr alone. I haven't looked at
>procmail in a long time, but perhaps the current version handles stderr
>differently.
Thanks Sam,
I always used procmail 3.11pre7 and it worked once...
They also found new buffer-overflows in Bugtraq yesterday
in all versions up to 3.12 (upgrade to 3.13 recommended).
Now I replaced procmail with your maildrop and everything
works again as expected without any troubles.
Roland
[I replied to Russ, but others might be interested in this, too. -Dave]
Russ Nelson wrote:
>Has anyone coded MD5 (message digest 5) in djb-style C?
DJB has. Back in '93/'94 he wrote a package called "fingerprint" that
included it. Unfortunately, he seems to have orphaned it.
>From the README:
This is the fingerprint 0.75 package, gamma.
940205
Daniel J. Bernstein, [EMAIL PROTECTED]
The fingerprint program produces a base-64-sanely-encoded fingerprint of
its input. I imagine this fingerprint as something universal and
permanent, which people will use forever. If the fingerprint is ever
broken, I'd rather make an entirely new version than try to extend this
one.
A fingerprint is 76 characters long. What does it contain? Here's a list:
1. A Snefru-8 (version 2.5, 8 passes, 512->256) hash.
(Code derived from the Xerox Secure Hash Function.)
2. An MD5 hash, as per RFC 1321.
(Code derived from the RSADSI MD5 Message-Digest Algorithm.)
3. A CRC checksum, as in the new cksum utility.
4. Length modulo 2^40.
The output format is not expected to be compatible with anything.
However, I have helper utilities which take a fingerprint and produce
the purported output of Merkle's snefru program (fptosnefru), the
purported output of RSADSI's mddriver -x (fptomd5), or the purported
output of the POSIX cksum program (fptocksum).
Also included: (1) a clone of the snefru program, with some extra
features; (2) a cksum implementation; (3) an md5 driver; (4) libraries
with a uniform interface for calculating these hashes; (5) some
documentation.
----snip----
-Dave
I received these errors when compiling qmail 1.03 on Solaris 7:
./compile dns.c
"/usr/include/arpa/nameser_compat.h", line 55: (in preprocessor if): syntax
error
"/usr/include/arpa/nameser_compat.h", line 56: Can't find include file
machine/endian.h
"/usr/ucbinclude/resolv.h", line 91: macro MAXDNAME redefines previous macro
at "/usr/include/arpa/nameser_compat.h", line 141
*** Error code 2
make: Fatal error: Command failed for target `dns.o'
Can anyone lend some help to getting this to compile?
TIA,
======================================================
Eric Lewandowski System Administrator
[EMAIL PROTECTED] Old Dominion University
http://www.cs.odu.edu/~lewandow Computer Science Dept.
======================================================
Hello all,
I had asked this question a few months ago... evidently some of the
HotMail smtp servers are not sending back the final "close connection"
command, and when I do a netstat -a the LAST_ACK's from hotmail are
filling up the list, effectivly blocking that port for future use.
Has anyone got a solution? My kernel version is 2.0.36.. would a new
kernel help?
Paul D. Farber II
Farber Technology
Ph. 570-628-5303
Fax 570-628-5545
[EMAIL PROTECTED]
We are running qmail 1.03 here with virtual domain pops
A customer of ours has their email address and reply-to address set to
[EMAIL PROTECTED]
Our machine is tempest.nac.net, but it does all mail for the nac.net
domain and about 300 virtual domains
When this customer sends an email out, qmail changes the "from" address
from [EMAIL PROTECTED] to [EMAIL PROTECTED]
Does anyone have a clue as to how to fix this?
Thanks
-----
The way it is, is the way that it goes
Happening day after day.
The way it is, is the way that it goes
Working in the strangest ways.
-----
Robert Palma
[EMAIL PROTECTED]
+ Robert Palma <[EMAIL PROTECTED]>:
| We are running qmail 1.03 here with virtual domain pops
|
| A customer of ours has their email address and reply-to address set to
| [EMAIL PROTECTED]
| Our machine is tempest.nac.net, but it does all mail for the nac.net
| domain and about 300 virtual domains
|
| When this customer sends an email out, qmail changes the "from" address
| from [EMAIL PROTECTED] to [EMAIL PROTECTED]
|
| Does anyone have a clue as to how to fix this?
Not without further information, I am afraid.
First, please tell us if it is the envelope sender address, or the
>From header field that is changed (or both).
Second, what is the route your customer's mail travels to get into the
queue? If it's processed ala FAQ 5.5, for example, you will have to
do something to the fixup script.
Basically, qmail-inject is the only component of qmail that will ever
rewrite header fields, so that is where you need to look.
- Harald
On Mon, 5 Apr 1999, Harald Hanche-Olsen wrote:
> + Robert Palma <[EMAIL PROTECTED]>:
>
> | We are running qmail 1.03 here with virtual domain pops
> |
> | A customer of ours has their email address and reply-to address set to
> | [EMAIL PROTECTED]
> | Our machine is tempest.nac.net, but it does all mail for the nac.net
> | domain and about 300 virtual domains
> |
> | When this customer sends an email out, qmail changes the "from" address
> | from [EMAIL PROTECTED] to [EMAIL PROTECTED]
> |
> | Does anyone have a clue as to how to fix this?
>
> Not without further information, I am afraid.
>
> First, please tell us if it is the envelope sender address, or the
> >From header field that is changed (or both).
It changes the "From" header field AND the Reply-To address
>
> Second, what is the route your customer's mail travels to get into the
> queue? If it's processed ala FAQ 5.5, for example, you will have to
> do something to the fixup script.
>
It is a basic SMTP receive from Netscape address to an email address off
our system.
> Basically, qmail-inject is the only component of qmail that will ever
> rewrite header fields, so that is where you need to look.
>
> - Harald
>
-----
The way it is, is the way that it goes
Happening day after day.
The way it is, is the way that it goes
Working in the strangest ways.
-----
Robert Palma
[EMAIL PROTECTED]
Is there an existing RPM anywhere for checkpassword?
Chris
--
Chris Garrigues virCIO
+1 512 432 4046 4314 Avenue C O-
http://www.DeepEddy.Com/~cwg/ Austin, TX 78751-3709
+1 512 374 0500
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
On Mon, Apr 05, 1999 at 04:40:07PM -0500, Chris Garrigues wrote:
> Is there an existing RPM anywhere for checkpassword?
Yes. I have one at
http://www.qcc.sk.ca/~bguenter/distrib/checkpassword/
--
Bruce Guenter, QCC Communications Corp. EMail: [EMAIL PROTECTED]
Phone: (306)249-0220 WWW: http://www.qcc.sk.ca/~bguenter/
> From: Bruce Guenter <[EMAIL PROTECTED]>
> Date: Mon, 5 Apr 1999 15:53:37 -0600
>
> On Mon, Apr 05, 1999 at 04:40:07PM -0500, Chris Garrigues wrote:
> > Is there an existing RPM anywhere for checkpassword?
>
> Yes. I have one at
> http://www.qcc.sk.ca/~bguenter/distrib/checkpassword/
If you check your ftp logs you'll see I've already been there. It's 0.76,
however, and 0.81 appears to be the latest.
I suppose I'm going to have to learn to make my own RPMs one of these days.
Chris
--
Chris Garrigues virCIO
+1 512 432 4046 4314 Avenue C O-
http://www.DeepEddy.Com/~cwg/ Austin, TX 78751-3709
+1 512 374 0500
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
Chris Garrigues wrote:
>
> > On Mon, Apr 05, 1999 at 04:40:07PM -0500, Chris Garrigues wrote:
> > > Is there an existing RPM anywhere for checkpassword?
> >
> > Yes. I have one at
> > http://www.qcc.sk.ca/~bguenter/distrib/checkpassword/
>
> If you check your ftp logs you'll see I've already been there. It's 0.76,
> however, and 0.81 appears to be the latest.
>
> I suppose I'm going to have to learn to make my own RPMs one of these days.
You can also screw RPMs, install the thing under /bin and be happy (like
me).
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Inform�tica e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
Chris Garrigues wrote:
> > From: Bruce Guenter <[EMAIL PROTECTED]>
> > Date: Mon, 5 Apr 1999 15:53:37 -0600
> >
> > On Mon, Apr 05, 1999 at 04:40:07PM -0500, Chris Garrigues wrote:
> > > Is there an existing RPM anywhere for checkpassword?
> >
> > Yes. I have one at
> > http://www.qcc.sk.ca/~bguenter/distrib/checkpassword/
>
> If you check your ftp logs you'll see I've already been there. It's 0.76,
> however, and 0.81 appears to be the latest.
I have 81-2 on a site ftp://linux.oceania.net/pub/memphis
Well I say one thing here: it would be nice if AOL's TTL for the zone
was a bit higher. An hour seems a bit low and not net-friendly since
there are so many MX lookups, etc, for aol.com. Am I being
unreasonable or just highly pedantic? :) I have a mind to gather some
stats..
Aaron
Quoting Keith Burdis ([EMAIL PROTECTED]):
> Yes, smtproutes goes in the control directory (man qmail-control). Basically,
> as I understand it, if you list a host or domain in smtproutes qmail will not
> do a DNS lookup to find out where to deliver the mail, it will use the host
> that you specify instead.
>
> So, to get around the fact that AOL returns large DNS packets when qmail does
> an MX lookup, the suggestion was to hardcode one of AOL's mail servers as the
> destination for all aol mail and thereby avoid doing the DNS lookups.
Aaron L. Meehan write:
> Well I say one thing here: it would be nice if AOL's TTL for the zone
> was a bit higher. An hour seems a bit low and not net-friendly since
> there are so many MX lookups, etc, for aol.com. Am I being
> unreasonable or just highly pedantic? :) I have a mind to gather some
> stats..
I've always wanted to be able to tweak the DNS servers to apply a formula
to the TTLs to derive a new TTL that I want the server to really use, one
that can be constrained by my own intents. That might not make others
happy, but I have found some places with TTLs less that 5 minutes. I'd
also like to see separate timings for "TTR" (Time To Refresh) where the
data is requeried after TTR and replaced with the answer is received,
but not removed unless TTL passes with no answer (TTR < TTL, obviously).
But I guess we don't have qnamed yet.
--
Phil Howard | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
phil | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
at | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
ipal | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
dot | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
net | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
On Mon, 5 Apr 1999, Aaron L. Meehan wrote:
> Well I say one thing here: it would be nice if AOL's TTL for the zone
> was a bit higher. An hour seems a bit low and not net-friendly since
> there are so many MX lookups, etc, for aol.com. Am I being
> unreasonable or just highly pedantic? :) I have a mind to gather some
> stats..
given the few numbers of packets required to obtain the information in
comparison to the number required to transfer mail I'd not worry about
it myself.
I use TTL values down to <5 minutes for some names in the zones I'm
responsible for. of course I normally only expect people on my campus to
be using those and we're about to change them to something else.
RjL
On Tue, Apr 06, 1999 at 12:53:05AM +0100, Richard Letts wrote:
> On Mon, 5 Apr 1999, Aaron L. Meehan wrote:
>
> > Well I say one thing here: it would be nice if AOL's TTL for the zone
> > was a bit higher. An hour seems a bit low and not net-friendly since
> > there are so many MX lookups, etc, for aol.com. Am I being
> > unreasonable or just highly pedantic? :) I have a mind to gather some
> > stats..
>
> given the few numbers of packets required to obtain the information in
> comparison to the number required to transfer mail I'd not worry about
> it myself.
well the number of packets doesn't really matter in itself. But DNS packets have high
latency when not cached, which means they're a _slowdown_. This exact point is one of
the things holding up widespread QMTP acceptance, because djb can't decide on an
efficient way to tell if a host supports QMTP, without having to do more DNS requests
than he does now.
> I use TTL values down to <5 minutes for some names in the zones I'm
> responsible for. of course I normally only expect people on my campus to
> be using those and we're about to change them to something else.
Well if most usage is on campus, that means that the caching server is as close as
the authorative server, or they might be even the same machine. Then it doesn't
matter that much. OTOH, if people are using your nameserver as their nameserver
anyway, you might as well beef up the TTL since people on campus will see updates
immediately, unless they run their own caching named's.
Greetz, Peter
--
| 'He broke my heart, | Peter van Dijk |
I broke his neck' | [EMAIL PROTECTED] |
nognixz - As the sun | Hardbeat@ircnet - #cistron/#linux.nl |
| Hardbeat@undernet - #groningen/#kinkfm/#vdh |
-----BEGIN PGP SIGNED MESSAGE-----
Does anyone have a comprehensive page for qmail address filtering?
Specifically (any of these, I'm not even sure they all exist).
Bad Mail From addresses, Bad Mail To addresses, maildrop system filters,
maildrop user filters, tcpserver access lists, tcp-env access lists,
tcprules (ie: can you put a hostname?), rblsmtp and qmail-uce (usage
examples and suggestions)?
Briefly, I'm just looking to disable target addresses (on a host with
virtual domains) with the minimum number of required new DJBWare
softwares to decode and install to get this functionality above the
basic qmail 1.03. I'd like the mail to be bounced at the SMTP dialogue
when this address is used.
Example: I have signed up at a site to get some "free" images. I used
an address handled by a virtual domain global to forward to my address.
I did this with an address similar to ``dontspamme''
(@somevirtualdomain.com). Of course, I got spammed. I have blocked the
offending spam sites and all domains associated with all of the
tech/zone/admin/billing contacts... but I fear the above address could
be sold or transferred to another sending site and I want to block the
address at my site (of course, while keeping other virtual addresses at
that virtual domain still open and valid).
Any suggestions?
Scott
ps: thanks!
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNwk1VFvCesh4C4FtAQFE6AP9EdcmxNglvMPYldkeV1nMIKxhvvu/Ei6l
9MIHkOHZ9HcpBWcLqcPnmV+m+zZrprQ2nSv/3xcsNvqB09WrHTGOsz+oKlln/zUe
uPdbJgOoNji7adi72S3dtRBtP4ZEHhEAZ7Cs6pNfoh1y5es7P5Ld1ST7iXvZRZbV
NnxhKaWsYr0=
=gbmg
-----END PGP SIGNATURE-----
"Scott D. Yelich" wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Does anyone have a comprehensive page for qmail address filtering?
(snip)
I'm afraid the only way to stop spam is either stop companies
from relaying the stuff, either stop people from reading it.
They'll just write scripts to get rid of any script we'll
set up against 'em.
Fabrice Scemama
Greetings,
Just boarded on and that too with a problem.
The setup is as follows:
A domain "company.com" has been added to /var/qmail/control/virtualdomains
like this :
company.com:mailbox
where mailbox is an account created where all the @company.com mails will drop
into.
Now, suppose I send a mail to more than one [EMAIL PROTECTED], then
those users get those many number of mails !! i.e if I send a mail to a user
and Cc it to 2 other people, then these 3 people get this mail thrice !!!
the .fetchmailrc at the client side says,
poll isp proto pop3 localdomains company.com
user mailbox pass pass_word
smtp localhost
is * here
Could someone pl. help me solve this problem ?
My sendmail options( on the client side ) are the default ones plus I added one
more "-t", but still the same result.
One more thing, I have observed that there are actually 'n' copies of the mail
on the server if I send a mail to 'n' people. Any qmail settings to be done ?
Thanks.
- Ashish
--
******************************************************************************
lp1 on fire
(One of the more obfuscated kernel messages)
******************************************************************************
Hi,
sorry for any newbie errors (better safe than sorry!).
I'd like to configure qmail to relay incoming AND outgoing
mailconnections.
To configure it to do either of these two services is simple enough. But I
can't see how to configure qmail to bi-directional relaying without
loosing the security and control over my mailserver, that is withour
permitting anyone to use my mailserver for spamming, etc.
Typically I's like to forward any mail from "the internet" to an internal
mailserver. AND mail from the internal mailserver according to DNS
lookups.
could anyone please crack the nut for me?
regards,
Anders Fristedt
