qmail Digest 7 May 1999 10:00:00 -0000 Issue 633
Topics (messages 25254 through 25317):
tcpserver control on domain name
25254 by: "Bart van Kaathoven (DSN)" <[EMAIL PROTECTED]>
25255 by: Van Liedekerke Franky <[EMAIL PROTECTED]>
25257 by: "Bart van Kaathoven (DSN)" <[EMAIL PROTECTED]>
25266 by: Chris Johnson <[EMAIL PROTECTED]>
25267 by: "Evan Champion" <[EMAIL PROTECTED]>
25269 by: Russell Nelson <[EMAIL PROTECTED]>
25312 by: "Bart van Kaathoven (DSN)" <[EMAIL PROTECTED]>
ofmip and rcpthost
25256 by: "Fre de Vries" <[EMAIL PROTECTED]>
25265 by: Chris Johnson <[EMAIL PROTECTED]>
POP3 proxy
25258 by: Adrian Pavlykevych <[EMAIL PROTECTED]>
[PATCH] Resolving MAIL FROM domain
25259 by: Balazs Nagy <[EMAIL PROTECTED]>
25260 by: Van Liedekerke Franky <[EMAIL PROTECTED]>
25262 by: "Sam" <[EMAIL PROTECTED]>
FW: [[EMAIL PROTECTED]: ������ߵ�����Ǯ]
25261 by: "d. divine" <[EMAIL PROTECTED]>
25272 by: Yessure <[EMAIL PROTECTED]>
What happens when qmail-send is killed?
25263 by: [EMAIL PROTECTED]
25264 by: [EMAIL PROTECTED]
25279 by: Rick Myers <[EMAIL PROTECTED]>
25282 by: [EMAIL PROTECTED]
25284 by: Mark Delany <[EMAIL PROTECTED]>
25285 by: Mark Delany <[EMAIL PROTECTED]>
OpenSMTP - another approach
25268 by: Mikael Suokas <[EMAIL PROTECTED]>
Where to find the MAIL FROM - DNS patch?
25270 by: "Petr Novotny" <[EMAIL PROTECTED]>
25274 by: Balazs Nagy <[EMAIL PROTECTED]>
25288 by: Markus Stumpf <[EMAIL PROTECTED]>
25313 by: Balazs Nagy <[EMAIL PROTECTED]>
rblsmtp - I need to change the bounce report.
25271 by: torben fjerdingstad <[EMAIL PROTECTED]>
25273 by: "Petr Novotny" <[EMAIL PROTECTED]>
25275 by: torben fjerdingstad <[EMAIL PROTECTED]>
qmail cant find host.
25276 by: Jason <[EMAIL PROTECTED]>
25277 by: Chris Johnson <[EMAIL PROTECTED]>
25278 by: "Timothy L. Mayo" <[EMAIL PROTECTED]>
25287 by: Dave Sill <[EMAIL PROTECTED]>
25289 by: Chris Johnson <[EMAIL PROTECTED]>
25290 by: "Timothy L. Mayo" <[EMAIL PROTECTED]>
25294 by: Chris Johnson <[EMAIL PROTECTED]>
25298 by: "Timothy L. Mayo" <[EMAIL PROTECTED]>
25299 by: Dax Kelson <[EMAIL PROTECTED]>
25301 by: Vince Vielhaber <[EMAIL PROTECTED]>
25305 by: "Timothy L. Mayo" <[EMAIL PROTECTED]>
qmail-analog with cyclog
25280 by: Keith Burdis <[EMAIL PROTECTED]>
rblsmtpd w/inetd?
25281 by: Matthew Kirkwood <[EMAIL PROTECTED]>
qmail as external smtp gateway only
25283 by: Jason <[EMAIL PROTECTED]>
25286 by: "Russell P. Sutherland" <[EMAIL PROTECTED]>
is there a way to..
25291 by: Jason <[EMAIL PROTECTED]>
25293 by: Jere Cassidy <[EMAIL PROTECTED]>
Acting as a middleman
25292 by: Brett Borger <[EMAIL PROTECTED]>
25296 by: Chris Johnson <[EMAIL PROTECTED]>
US Crypto export limits ruled unconstitutional
25295 by: Dax Kelson <[EMAIL PROTECTED]>
25297 by: Vince Vielhaber <[EMAIL PROTECTED]>
25306 by: Bill Parker <[EMAIL PROTECTED]>
25311 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
tcpserver has long (10 min) delay for some domains?
25300 by: "Greg Owen {gowen}" <[EMAIL PROTECTED]>
25302 by: "Gordon Smith (E-mail)" <[EMAIL PROTECTED]>
Qmail header problem
25303 by: Scott Liu <[EMAIL PROTECTED]>
Help for newbies (was: qmail is not a replacement for sendmail)
25304 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
test
25307 by: BoLiang <[EMAIL PROTECTED]>
EZMLM question...
25308 by: Geordon VanTassle <[EMAIL PROTECTED]>
Aliases vs. local users
25309 by: Andy Walden <[EMAIL PROTECTED]>
25310 by: "Stephen C. Comoletti" <[EMAIL PROTECTED]>
(off topic) Math professor wins landmark crypto ruling
25314 by: Bart Blanquart <[EMAIL PROTECTED]>
A couple of smtpd questions..
25315 by: Greg Moeller <[EMAIL PROTECTED]>
25316 by: Van Liedekerke Franky <[EMAIL PROTECTED]>
modifying header fileds before redirect in .qmail?
25317 by: Bruno Boettcher <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Hi,
I'm trying to get tcpserver working to check access based on domain names, I
particulary want to use this in combination with pop-3.
I used the following pop.filter
.mydomain.com:allow
123.123.123.1:allow
123.123.123.2:allow
127.:allow
:deny
with the following startup line:
tcpserver -v -a -c5 -x/etc/pop.cdb 0 pop3 /var/qmail/bin/qmail-popup www.mydomain.com
/bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
The problem is however that it refuses hosts that come from *.mydomain.com.
Am I missing anything?
Regards,
Bart van Kaathoven
Ericsson Business Consulting Netherlands bv.
P.O.Box 209, 5120 AE Rijen
The Netherlands
Tel. +31-161-246378, Fax. +31-161-246612, GSM. +31-6-55303174
Email: [EMAIL PROTECTED], Homepage http://www.ericsson.se/
tcpserver rules only work on ip basis, so change the .mydomain.com to your
range of ip adresses and everthing should work just fine.
Franky
> ----------
> From: Bart van Kaathoven
> (DSN)[SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, May 06, 1999 11:22 AM
> To: 'qmail maillist'
> Subject: tcpserver control on domain name
>
> Hi,
>
> I'm trying to get tcpserver working to check access based on domain names,
> I particulary want to use this in combination with pop-3.
> I used the following pop.filter
> .mydomain.com:allow
> 123.123.123.1:allow
> 123.123.123.2:allow
> 127.:allow
> :deny
>
> with the following startup line:
> tcpserver -v -a -c5 -x/etc/pop.cdb 0 pop3 /var/qmail/bin/qmail-popup
> www.mydomain.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
>
> The problem is however that it refuses hosts that come from
> *.mydomain.com.
> Am I missing anything?
>
> Regards,
>
>
> Bart van Kaathoven
> Ericsson Business Consulting Netherlands bv.
> P.O.Box 209, 5120 AE Rijen
> The Netherlands
>
> Tel. +31-161-246378, Fax. +31-161-246612, GSM. +31-6-55303174
> Email: [EMAIL PROTECTED], Homepage http://www.ericsson.se/
>
Hi,
The problem however is that mydomain.com contains a LOT of ip-ranges which makes it
unrealistic to add all the ip-ranges. Previously when using tcpserver 0.50 there was a
patch which allowed dns-based access control, is there such a patch for ucspi-tcp-0.80
?
Bart van Kaathoven
Internet Consultant
Ericsson Business Consulting Netherlands bv.
P.O.Box 209, 5120 AE Rijen
The Netherlands
Tel. +31-161-246378, Fax. +31-161-246612, GSM. +31-6-55303174
Email: [EMAIL PROTECTED], Homepage http://www.ericsson.se/
-----Original Message-----
From: Van Liedekerke Franky [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 06, 1999 12:10 PM
To: 'qmail maillist'; 'Bart van Kaathoven (DSN)'
Subject: RE: tcpserver control on domain name
tcpserver rules only work on ip basis, so change the .mydomain.com to your
range of ip adresses and everthing should work just fine.
Franky
> ----------
> From: Bart van Kaathoven
> (DSN)[SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, May 06, 1999 11:22 AM
> To: 'qmail maillist'
> Subject: tcpserver control on domain name
>
> Hi,
>
> I'm trying to get tcpserver working to check access based on domain names,
> I particulary want to use this in combination with pop-3.
> I used the following pop.filter
> .mydomain.com:allow
> 123.123.123.1:allow
> 123.123.123.2:allow
> 127.:allow
> :deny
>
> with the following startup line:
> tcpserver -v -a -c5 -x/etc/pop.cdb 0 pop3 /var/qmail/bin/qmail-popup
> www.mydomain.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
>
> The problem is however that it refuses hosts that come from
> *.mydomain.com.
> Am I missing anything?
>
> Regards,
>
>
> Bart van Kaathoven
> Ericsson Business Consulting Netherlands bv.
> P.O.Box 209, 5120 AE Rijen
> The Netherlands
>
> Tel. +31-161-246378, Fax. +31-161-246612, GSM. +31-6-55303174
> Email: [EMAIL PROTECTED], Homepage http://www.ericsson.se/
>
On Thu, May 06, 1999 at 12:15:16PM +0200, Bart van Kaathoven (DSN) wrote:
> Hi,
>
> The problem however is that mydomain.com contains a LOT of ip-ranges which
> makes it unrealistic to add all the ip-ranges. Previously when using
> tcpserver 0.50 there was a patch which allowed dns-based access control, is
> there such a patch for ucspi-tcp-0.80 ?
There's no security in using domain names for access control, since reverse
mapping of names can be spoofed easily.
If someone controlled the reverse mapping for a range of IP addresses and knew
your domain name, he could make one of his addresses reverse map to a name in
your domain and gain access you don't want him to have.
Chris
> If someone controlled the reverse mapping for a range of IP addresses and
knew
> your domain name, he could make one of his addresses reverse map to a name
in
> your domain and gain access you don't want him to have.
You can compare the forwards and reverse nameservice to make sure that they
are both the same IP/hostname. Ie: the name returned from the reverse
nameservice lookup must have 1 A record that maps to the incoming IP address
(this is equivalent to tcpserver's paranoid mode).
Evan
Chris Johnson writes:
> There's no security in using domain names for access control, since reverse
> mapping of names can be spoofed easily.
Otoh, you *can* use them for denial control, since nobody is going to
go out of their way to deny themselves service.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
This sounds like an option, I found a patch :
http://www.qmail.org/tcpserver-0.80.patch and was under the impression that this does
just that. However I can't get it to work. Is this the right patch or am I confused
here?
Bart
-----Original Message-----
From: Evan Champion [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 06, 1999 2:53 PM
To: Chris Johnson; Bart van Kaathoven (DSN)
Cc: 'qmail maillist'
Subject: Re: tcpserver control on domain name
> If someone controlled the reverse mapping for a range of IP addresses and
knew
> your domain name, he could make one of his addresses reverse map to a name
in
> your domain and gain access you don't want him to have.
You can compare the forwards and reverse nameservice to make sure that they
are both the same IP/hostname. Ie: the name returned from the reverse
nameservice lookup must have 1 A record that maps to the incoming IP address
(this is equivalent to tcpserver's paranoid mode).
Evan
Question,
Doesn't use ofmip /control/rcpthost???
When i use qmail-smtpd a non-allowed rcpthost generates a: ""553 sorry, that
domain isn't in my list of allowed rcpthosts ""
Using ofmipd instead of qmail-smtpd this doesn't see to work
Thanks
Fr�
On Thu, May 06, 1999 at 12:16:55PM +0200, Fre de Vries wrote:
> Question,
>
> Doesn't use ofmip /control/rcpthost???
>
> When i use qmail-smtpd a non-allowed rcpthost generates a: ""553 sorry, that
> domain isn't in my list of allowed rcpthosts ""
>
> Using ofmipd instead of qmail-smtpd this doesn't see to work
Read the man page for ofmipd. Here's part of what you'll find:
Note that ofmipd will relay messages to any destination.
It should be invoked only for connections from preautho-
rized users. With tcpserver you can deny connections that
do not come from preauthorized IP addresses such as
127.0.0.1.
Chris
You can look at addon to FWTK by Eberhard Mattes
<[EMAIL PROTECTED]>
It is designed precisely for giving access to internal (to firewall) POP3
server from untrusted networks
Look in FWTK FAQ at http://www.fwtk.org
Adrian Pavlykevych email: <[EMAIL PROTECTED]>
System Administrator phone/fax: +380 (322) 742041
State University "Lvivska Polytechnica"
Hiyas,
Nowadays I just bored to get mail from illegal hostnames and I created a
diff against vanilla qmail-1.03 (see attachment).
It is simple. It checks for a DNS entry for the MAIL FROM domain if
control/mfcheck or the MFCHECK environment variable is set to nonzero.
Please check it out. Any comments/bugfixes/etc are welcomed.
--
Regards: Kevin (Balazs)
diff -ruN qmail-1.03.orig/Makefile qmail-1.03/Makefile
--- qmail-1.03.orig/Makefile Mon Jun 15 12:53:16 1998
+++ qmail-1.03/Makefile Thu May 6 13:02:37 1999
@@ -1536,13 +1536,13 @@
timeoutwrite.o ip.o ipme.o ipalloc.o control.o constmap.o received.o \
date822fmt.o now.o qmail.o cdb.a fd.a wait.a datetime.a getln.a \
open.a sig.a case.a env.a stralloc.a alloc.a substdio.a error.a str.a \
-fs.a auto_qmail.o socket.lib
+fs.a auto_qmail.o socket.lib dns.o dns.lib
./load qmail-smtpd rcpthosts.o commands.o timeoutread.o \
timeoutwrite.o ip.o ipme.o ipalloc.o control.o constmap.o \
received.o date822fmt.o now.o qmail.o cdb.a fd.a wait.a \
datetime.a getln.a open.a sig.a case.a env.a stralloc.a \
alloc.a substdio.a error.a str.a fs.a auto_qmail.o `cat \
- socket.lib`
+ socket.lib` dns.o `cat dns.lib`
qmail-smtpd.0: \
qmail-smtpd.8
diff -ruN qmail-1.03.orig/qmail-control.9 qmail-1.03/qmail-control.9
--- qmail-1.03.orig/qmail-control.9 Mon Jun 15 12:53:16 1998
+++ qmail-1.03/qmail-control.9 Thu May 6 13:00:45 1999
@@ -55,6 +55,7 @@
.I idhost \fIme \fRqmail-inject
.I localiphost \fIme \fRqmail-smtpd
.I locals \fIme \fRqmail-send
+.I mfcheck \fR0 \fRqmail-smtpd
.I morercpthosts \fR(none) \fRqmail-smtpd
.I percenthack \fR(none) \fRqmail-send
.I plusdomain \fIme \fRqmail-inject
diff -ruN qmail-1.03.orig/qmail-smtpd.8 qmail-1.03/qmail-smtpd.8
--- qmail-1.03.orig/qmail-smtpd.8 Mon Jun 15 12:53:16 1998
+++ qmail-1.03/qmail-smtpd.8 Thu May 6 12:12:31 1999
@@ -97,6 +97,12 @@
This is done before
.IR rcpthosts .
.TP 5
+.I mfcheck
+If set,
+.B qmail-smtpd
+tries to resolve the domain of the envelope from address. It can be
+handy when you want to filter out spamhosts.
+.TP 5
.I morercpthosts
Extra allowed RCPT domains.
If
diff -ruN qmail-1.03.orig/qmail-smtpd.c qmail-1.03/qmail-smtpd.c
--- qmail-1.03.orig/qmail-smtpd.c Mon Jun 15 12:53:16 1998
+++ qmail-1.03/qmail-smtpd.c Thu May 6 13:23:14 1999
@@ -26,6 +26,7 @@
#define MAXHOPS 100
unsigned int databytes = 0;
+unsigned int mfchk = 0;
int timeout = 1200;
int safewrite(fd,buf,len) int fd; char *buf; int len;
@@ -50,6 +51,7 @@
void straynewline() { out("451 See http://pobox.com/~djb/docs/smtplf.html.\r\n");
flush(); _exit(1); }
void err_bmf() { out("553 sorry, your envelope sender is in my badmailfrom list
(#5.7.1)\r\n"); }
+void err_mf() { out("553 sorry, your envelope sender domain must exist
+(#5.7.1)\r\n"); }
void err_nogateway() { out("553 sorry, that domain isn't in my list of allowed
rcpthosts (#5.7.1)\r\n"); }
void err_unimpl() { out("502 unimplemented (#5.5.1)\r\n"); }
void err_syntax() { out("555 syntax error (#5.5.4)\r\n"); }
@@ -112,6 +114,10 @@
if (rcpthosts_init() == -1) die_control();
+ if (control_readint(&mfchk,"control/mfcheck") == -1) die_control();
+ x = env_get("MFCHECK");
+ if (x) { scan_ulong(x,&u); mfchk = u; }
+
bmfok = control_readfile(&bmf,"control/badmailfrom",0);
if (bmfok == -1) die_control();
if (bmfok)
@@ -208,6 +214,23 @@
return 0;
}
+int mfcheck()
+{
+ stralloc sa = {0};
+ ipalloc ia = {0};
+ int j;
+
+ if (!mfchk) return 0;
+ j = byte_rchr(addr.s,addr.len,'@') + 1;
+ if (j < addr.len) {
+ stralloc_copys(&sa, addr.s + j);
+ dns_init(0);
+ if (dns_ip(&ia,&sa) < 0)
+ return 1;
+ }
+ return 0;
+}
+
int addrallowed()
{
int r;
@@ -219,6 +242,7 @@
int seenmail = 0;
int flagbarf; /* defined if seenmail */
+int flagmf; /* defined if seenmail */
stralloc mailfrom = {0};
stralloc rcptto = {0};
@@ -241,6 +265,7 @@
{
if (!addrparse(arg)) { err_syntax(); return; }
flagbarf = bmfcheck();
+ flagmf = mfcheck();
seenmail = 1;
if (!stralloc_copys(&rcptto,"")) die_nomem();
if (!stralloc_copys(&mailfrom,addr.s)) die_nomem();
@@ -251,6 +276,7 @@
if (!seenmail) { err_wantmail(); return; }
if (!addrparse(arg)) { err_syntax(); return; }
if (flagbarf) { err_bmf(); return; }
+ if (flagmf) { err_mf(); return; }
if (relayclient) {
--addr.len;
if (!stralloc_cats(&addr,relayclient)) die_nomem();
I think you just reinvented the wheel here...
> ----------
> From: Balazs Nagy[SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, May 06, 1999 12:29 PM
> To: [EMAIL PROTECTED]
> Subject: [PATCH] Resolving MAIL FROM domain
>
> Hiyas,
>
> Nowadays I just bored to get mail from illegal hostnames and I created a
> diff against vanilla qmail-1.03 (see attachment).
>
> It is simple. It checks for a DNS entry for the MAIL FROM domain if
> control/mfcheck or the MFCHECK environment variable is set to nonzero.
>
> Please check it out. Any comments/bugfixes/etc are welcomed.
> --
> Regards: Kevin (Balazs)
>
>
Balazs Nagy writes:
> Hiyas,
>
> Nowadays I just bored to get mail from illegal hostnames and I created a
> diff against vanilla qmail-1.03 (see attachment).
>
> It is simple. It checks for a DNS entry for the MAIL FROM domain if
> control/mfcheck or the MFCHECK environment variable is set to nonzero.
>
> Please check it out. Any comments/bugfixes/etc are welcomed.
A) It's been done before.
B) You've implemented it wrong. Your patch will reject mail from @vix.com,
for example. You're only checking for A records. You also need to check
for MX records.
> Regards: Kevin (Balazs)
>
--
Sam
Looks valid: from fidonet mail program via www.nease.com
-----Original Message-----
From: Peter van Dijk [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 06, 1999 3:58 AM
To: djb's qmail list
Subject: [[EMAIL PROTECTED]: ������ߵ�����Ǯ]
Look at the second-last Received:-line. 'fmail 348 ...'. Is this a fake or
something? (Oh, and I have _no_ idea what the text means :)
----- Forwarded message from ������ �� �� ������ <[EMAIL PROTECTED]> -----
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 878 invoked from network); 6 May 1999 08:55:54 -0000
Received: from zopie.attic.vuurwerk.nl ([EMAIL PROTECTED])
by koek.attic.vuurwerk.nl with QMTP; 6 May 1999 08:55:54 -0000
Received: (qmail 13638 invoked by uid 501); 5 May 1999 08:39:30 -0000
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 13546 invoked from network); 5 May 1999 08:39:16 -0000
Received: from usquerd.vuurwerk.nl ([EMAIL PROTECTED])
by zolder.cx with SMTP; 5 May 1999 08:39:16 -0000
Received: from k9.dds.nl ([EMAIL PROTECTED] [194.109.21.19])
by usquerd.vuurwerk.nl (8.9.1a/8.9.1) with ESMTP id HAA02486
for <[EMAIL PROTECTED]>; Wed, 5 May 1999 07:44:33 +0200
Received: from titanic.dds.nl (titanic.dds.nl [194.109.21.16])
by k9.dds.nl (8.9.1/8.9.1) with ESMTP id HAA18386
for <[EMAIL PROTECTED]>; Wed, 5 May 1999 07:40:53 +0200 (MET DST)
Received: from bftoemail12.bigfoot.com (bftoemail12.bigfoot.com
[208.156.39.212])
by titanic.dds.nl (8.9.1/8.9.1) with SMTP id HAA19517
for <[EMAIL PROTECTED]>; Wed, 5 May 1999 07:32:28 +0100 (WET DST)
Date: Wed, 5 May 1999 07:32:28 +0100 (WET DST)
Message-Id: <[EMAIL PROTECTED]>
Received: from smtp.188.net ([202.96.125.104])
by bftoemail2.bigfooot.com (Bigfoot Toe Mail v1.0
with message handle 990505_014240_1_bftoemail2_smtp;
Wed, 05 May 1999 01:42:40 -0500
for [EMAIL PROTECTED]
Received: (fmail 348 invoked from network); 4 May 1999 18:58:20 -0000
Received: from unknown (HELO ------) (202.109.48.172)
by 202.96.125.104 with SMTP; 4 May 1999 18:58:20 -0000
From: ������ �� �� ������ <[EMAIL PROTECTED]>
To: ������ �� �� ������ <[EMAIL PROTECTED]>
Return-Receipt-To: <[EMAIL PROTECTED]>
Subject: ������ߵ�����Ǯ
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
������ߵ�����Ǯ
����һ�����Ѽ��������Ի�ã���������Ԫ
���ѣ������һ���������յ�һЩ�������������Ǯ�ĵ����ʼ�����Щ�ʼ����ܵ���
վͨ������Ҫ��ӵ��һ��������ҳ�����û�и�����ҳ�Ļ�ֻ��Ϊ�����������ˣ�����
����
Ҳ�ܵ����ֻ�У���Ԫ��
�ڴˣ�������������һ���µ���վ�����վ��Ĵ�������˵�ǵ�ĿǰΪֹ����֪����վ
�д�����ߵ��ˣ�������Ժ�ÿ����һ�����Ѽ���Ϳ��Ի��12.5��Ԫ�����Ҳ���Ҫ
��
����ҳ����ֻҪ�ڼ����������������ѽ���Ϳ����ˣ�
�����վ������Ҫ����Ҫ�˽����߹����������ǰ������д������Ҳ�ܼ�����
����ѡ����и���ɽ�ʰԻ��߶����쳵�����ˣ�
�����������վ���������ע��
http://www.targetshop.com/users/level1.asp?refId=130959
�������ܿ�ͻᱻ����Ϊ��Ա�ģ���Ϊ�����վ��Ҫ���˽��ܵģ������������ٶȾͻ�
����Ҫ���Ϻü��죡�����������ޣ��ȵ�������300��֮��Ͳ������ӻ�Ա�ˣ����Ի��
Ǿ�
�춯�ְɣ�
���Ÿ��������վ����ϸ˵����һ�ݹ����ο���
����1000��Ԫ���밴���в���������
1�����ע�����Targetshop�������۹�˾����Ϊ�ù�˾�Ļ�Ա��
2������������Ƽ���80λ���ϵ����ѣ�ÿ����һλ�»�Ա����˾�ά����12.5��Ԫ��
��Ȼ��ҹ�˾Ҳ���Ƿ�������ģ����ֻ�ܸ�����1000��Ԫ��
�������5��31��ǰ�Ƽ��Ļ�Ա�������ڹ�˾��ǰ300����������1000��Ԫ��
����5000��Ԫ!!!
3���������վ���������ע�ᡣ
http://www.targetshop.com/users/level1.asp?refId=130959
ע�Ἴ�ɣ�
1������ע����ҳ����Ӣ�İ���ʵ�����д����˾��֧Ʊ���㸶�
ע����һ�����Ƽ��˵Ļ�Ա�룬�����Ƽ���������д�˱�ʱ��һ�б�����Ļ�Ա��
2����˾�ᷢ�Ÿ��㣬�����ϵ�Ҫ���ٴη���վ�㣬��дһ����ѯ����
3���ڹ�˾����ĵڶ������У��㽫�õ�һ����Ա��,������ʽ���롣
�����һ�α�ʾǸ�⣬�������ˣ��������뻹��������Ҫ��������Ϣ�ģ��Ͼ�12.5��
Ԫ����һ����ͨ�ϰ�����˵����һ��С��Ŀ�������Ҿ�ð��������������ţ��������
������
������һЩ��Ӣ�ĵ�ַ���ձ������Է�����д
****************************************************************************
****
��ɽ��ʾ���´�37��403��
Room 403,No.37,SiFan Residential Quarter,BaoShan District
�����������·125Ū34��201��
Room 201,No.34,Lane 125,XiKang Road(South),HongKou District
473004����ʡ����������·42�� ������
Zhou Wangcai
Room 42��
Zhongzhou Road��Nanyang City��
Henan Prov.China 473004
434000����ʡ�����к�Է��Ƶ� ������
Zhou Wangcai
Hongyuan Hotel,
Jingzhou city,
Hubei Prov. China 434000
473000���������а�һ·272���ظֹ�˾ ������
Zhou Wangcai
Special Steel Corp��No.272��
Bayi��Road��Nanyang City��
Henan Prov. China 473000
528400�㶫��ɽ�ж�����ﻨ7��702 ������
Zhou Wangcai
Room 702, 7th Building,
Hengda Garden, East District,
Zhongshan, China 528400
361012����ʡ�������������������34��601�� ������
Zhou Wangcai
Room 601, No.34 Long Chang Li,
Xiamen, Fujian, China 361012
361004���Ź����ܹ�˾��ŵ�� ������
Mr. Zhou Wangcai
Cheng Nuo Ban, Gong Jiao Zong Gong Si
Xiamen, Fujian, China 361004
266042ɽ��ʡ�ൺ�п�ƽ·53�Ź����ij�������1��¥2��Ԫ204���� ������
Mr. Zhou Wangcai
NO. 204, A, Building NO. 1,
The 2nd Dormitory of the NO. 4 State-owned Textile Factory,
53 Kaiping Road, Qingdao,
Shandong, China 266042
266211ɽ���ൺ��ī�����ѧ��ѧ�? ������
Zhou Wangcai
Mathematics Section
The NO. 5 Middle School of Jimo,
Jimo, Qingdao, Shandong,
China
----- End forwarded message -----
Greetz, Peter
--
| 'He broke my heart, | Peter van Dijk |
I broke his neck' | [EMAIL PROTECTED] |
nognixz - As the sun | Hardbeat@ircnet - #cistron/#linux.nl |
| Hardbeat@undernet - #groningen/#kinkfm/#vdh |
>Looks valid: from fidonet mail program via www.nease.com
www.nease.com is mx&smtp server of 126.com(It is not an open relay smtp server. it
is belong to Net Ease company,which is one of the most famous and best network
company in china)
>
>-----Original Message-----
>From: Peter van Dijk [mailto:[EMAIL PROTECTED]]
>Sent: Thursday, May 06, 1999 3:58 AM
>To: djb's qmail list
>Subject: [[EMAIL PROTECTED]: ������ߵ�����Ǯ]
>
>
>Look at the second-last Received:-line. 'fmail 348 ...'. Is this a fake or
fmail is not fake. Net Ease company (Neteae.com) has modified some code of
qmail,then rename it as 'fmail'.
>something? (Oh, and I have _no_ idea what the text means :)
The text is writen by Chinese,so You cann't. :p
It is an junk mail. Main idea is if you tell someone to join and become a company's
custom,then you can get $12.5. Funny but shit!
This letter is marked as '202.109.48.172', so it is come from china shanghai
online,you can forward this letter to [EMAIL PROTECTED]
I'll receive this kind of letter more than 20 copies everyday. And I dont't think the
'targetshop.com' ... hehe.
I have told targetshop.com all about it but no any use. I think maybe targetshop.com
is more like this way,let more people know his company? So I had to let my
mailserver delete all letters include 'targetshop',hehe...
>
>----- Forwarded message from ������ �� �� ������ <[EMAIL PROTECTED]> -----
>
>Return-Path: <[EMAIL PROTECTED]>
>Delivered-To: [EMAIL PROTECTED]
>Received: (qmail 878 invoked from network); 6 May 1999 08:55:54 -0000
>Received: from zopie.attic.vuurwerk.nl ([EMAIL PROTECTED])
> by koek.attic.vuurwerk.nl with QMTP; 6 May 1999 08:55:54 -0000
>Received: (qmail 13638 invoked by uid 501); 5 May 1999 08:39:30 -0000
>Delivered-To: [EMAIL PROTECTED]
>Received: (qmail 13546 invoked from network); 5 May 1999 08:39:16 -0000
>Received: from usquerd.vuurwerk.nl ([EMAIL PROTECTED])
> by zolder.cx with SMTP; 5 May 1999 08:39:16 -0000
>Received: from k9.dds.nl ([EMAIL PROTECTED] [194.109.21.19])
> by usquerd.vuurwerk.nl (8.9.1a/8.9.1) with ESMTP id HAA02486
> for <[EMAIL PROTECTED]>; Wed, 5 May 1999 07:44:33 +0200
>Received: from titanic.dds.nl (titanic.dds.nl [194.109.21.16])
> by k9.dds.nl (8.9.1/8.9.1) with ESMTP id HAA18386
> for <[EMAIL PROTECTED]>; Wed, 5 May 1999 07:40:53 +0200 (MET DST)
>Received: from bftoemail12.bigfoot.com (bftoemail12.bigfoot.com
>[208.156.39.212])
> by titanic.dds.nl (8.9.1/8.9.1) with SMTP id HAA19517
> for <[EMAIL PROTECTED]>; Wed, 5 May 1999 07:32:28 +0100 (WET DST)
>Date: Wed, 5 May 1999 07:32:28 +0100 (WET DST)
>Message-Id: <[EMAIL PROTECTED]>
>Received: from smtp.188.net ([202.96.125.104])
> by bftoemail2.bigfooot.com (Bigfoot Toe Mail v1.0
> with message handle 990505_014240_1_bftoemail2_smtp;
> Wed, 05 May 1999 01:42:40 -0500
> for [EMAIL PROTECTED]
>Received: (fmail 348 invoked from network); 4 May 1999 18:58:20 -0000
>Received: from unknown (HELO ------) (202.109.48.172)
> by 202.96.125.104 with SMTP; 4 May 1999 18:58:20 -0000
>From: ������ �� �� ������ <[EMAIL PROTECTED]>
>To: ������ �� �� ������ <[EMAIL PROTECTED]>
>Return-Receipt-To: <[EMAIL PROTECTED]>
>Subject: ������ߵ�����Ǯ
>Mime-Version: 1.0
>Content-Type: text/plain; charset="us-ascii"
>Content-Transfer-Encoding: 7bit
>
> ������ߵ�����Ǯ
>
> ����һ�����Ѽ��������Ի�ã���������Ԫ
>
>
>���ѣ������һ���������յ�һЩ�������������Ǯ�ĵ����ʼ�����Щ�ʼ����ܵ���
>վͨ������Ҫ��ӵ��һ��������ҳ�����û�и�����ҳ�Ļ�ֻ��Ϊ�����������ˣ�����
>����
>Ҳ�ܵ����ֻ�У���Ԫ��
>
>
>�ڴˣ�������������һ���µ���վ�����վ��Ĵ�������˵�ǵ�ĿǰΪֹ����֪����վ
>�д�����ߵ��ˣ�������Ժ�ÿ����һ�����Ѽ���Ϳ��Ի��12.5��Ԫ�����Ҳ���Ҫ
>��
>����ҳ����ֻҪ�ڼ����������������ѽ���Ϳ����ˣ�
>
>
>�����վ������Ҫ����Ҫ�˽����߹����������ǰ������д������Ҳ�ܼ�����
>����ѡ����и���ɽ�ʰԻ��߶����쳵�����ˣ�
>
> �����������վ���������ע��
>
> http://www.targetshop.com/users/level1.asp?refId=130959
>
>
>�������ܿ�ͻᱻ����Ϊ��Ա�ģ���Ϊ�����վ��Ҫ���˽��ܵģ������������ٶȾͻ�
>����Ҫ���Ϻü��죡�����������ޣ��ȵ�������300��֮��Ͳ������ӻ�Ա�ˣ����Ի��
>Ǿ�
>�춯�ְɣ�
>
> ���Ÿ��������վ����ϸ˵����һ�ݹ����ο���
>
>����1000��Ԫ���밴���в���������
>1�����ע�����Targetshop�������۹�˾����Ϊ�ù�˾�Ļ�Ա��
>2������������Ƽ���80λ���ϵ����ѣ�ÿ����һλ�»�Ա����˾�ά����12.5��Ԫ��
> ��Ȼ��ҹ�˾Ҳ���Ƿ�������ģ����ֻ�ܸ�����1000��Ԫ��
> �������5��31��ǰ�Ƽ��Ļ�Ա�������ڹ�˾��ǰ300����������1000��Ԫ��
> ����5000��Ԫ!!!
>3���������վ���������ע�ᡣ
>
> http://www.targetshop.com/users/level1.asp?refId=130959
>
>ע�Ἴ�ɣ�
>1������ע����ҳ����Ӣ�İ���ʵ�����д����˾��֧Ʊ���㸶�
> ע����һ�����Ƽ��˵Ļ�Ա�룬�����Ƽ���������д�˱�ʱ��һ�б�����Ļ�Ա��
>2����˾�ᷢ�Ÿ��㣬�����ϵ�Ҫ���ٴη���վ�㣬��дһ����ѯ����
>3���ڹ�˾����ĵڶ������У��㽫�õ�һ����Ա��,������ʽ���롣
>
>
>�����һ�α�ʾǸ�⣬�������ˣ��������뻹��������Ҫ��������Ϣ�ģ��Ͼ�12.5��
>Ԫ����һ����ͨ�ϰ�����˵����һ��С��Ŀ�������Ҿ�ð��������������ţ��������
>������
>
>������һЩ��Ӣ�ĵ�ַ���ձ������Է�����д
>****************************************************************************
>****
> ��ɽ��ʾ���´�37��403��
> Room 403,No.37,SiFan Residential Quarter,BaoShan District
>
--
Yessure
On Wed, 5 May 1999, Rick Myers wrote:
> On May 05, 1999 at 13:23:48 -0700, Mark Delany twiddled the keys to say:
> > qmail-remote has no permissions to touch the queue and there are no kill
> > calls in any of the qmail code, so:
> >
> > o nothing gets rid of running qmail-remotes (as also evidenced by the log
> > entries when you shutdown qmail-send)
What I do if I'm in a hurry, is kill qmail-send, and rather than waiting
for it to die, kill all the qmail-remotes. Since qmail-send is waiting on
the qmail-remotes (indirectly), this finishes things off quickly.
> Yes, but a `shutdown' generally won't wait for qmail-anything to finish.
> At least on my system all processes get a -KILL within 30 seconds.
>
> For what it's worth, I've noticed quite a bit fewer dupes since 1.03.
> And moreso since I've adopted the policy of giving qmail-send the -TERM
> and waiting for it to die naturally before rebooting.
>
> Rick Myers [EMAIL PROTECTED]
> ----------------------------------------------------
> The Feynman Problem 1) Write down the problem.
> Solving Algorithm 2) Think real hard.
> 3) Write down the answer.
>
--
"Life is much too important to be taken seriously."
Thomas Erskine <[EMAIL PROTECTED]> (613) 998-2836
On Wed, 5 May 1999, Fred Lindberg wrote:
[snip]
> So would:
>
> killall qmail-send qmail-remote qmail-local
Please be careful of recommending "killall". Under linux, it kills
processes running the named program. Under solaris, it kills everything.
> be a more correct way of doing it?
>
> Would it be more correct for qmail-send to kill it's children upon
> receiving sigterm?
>
> Thanks!
>
> -Sincerely, Fred
>
> (Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
>
>
>
--
"Life is much too important to be taken seriously."
Thomas Erskine <[EMAIL PROTECTED]> (613) 998-2836
On May 05, 1999 at 15:19:36 -0700, Mark Delany twiddled the keys to say:
> At 07:40 PM Wednesday 5/5/99, Rick Myers wrote:
> >Yes, but a `shutdown' generally won't wait for qmail-anything to finish.
> >At least on my system all processes get a -KILL within 30 seconds.
>
> Right. But that's not how the standard qmail works, as others have noted.
> Perhaps it's yet again the case of an rpm-styled installed doing "almost the
> right thing". (I confess to continually seeing reasons why DjB was/is so
> paranoid about others packaging up qmail).
Sorry, this installation is "by the book" as per the instructions in
INSTALL. This machine has never seen an rpm, and probably never will.
(That is, unless Mr. Volkerding and crew don't get it together before
glibc becomes de facto.)
> A proper and normal qmail shutdown is an orderly affair where all outstanding
> deliveries are completed and accepted as complete prior to qmail-send exiting.
Right. It's been my own laziness that's kept me from rewriting the
shutdown script to wait for qmail-send to exit. I probably never will
though, since stopping qmail-send first is trivial and rarely needed
anyway.
> >For what it's worth, I've noticed quite a bit fewer dupes since 1.03.
> >And moreso since I've adopted the policy of giving qmail-send the -TERM
> >and waiting for it to die naturally before rebooting.
>
> You would need to demonstrate this via log entries. I have seen no change in
> behaviour in this regard with 1.03
Sorry again, I dumped the logs from last year. My previous comment can
be considered an opinion, but am I wrong in thinking that qmail-send ala
1.01 wasn't as orderly upon receiving a -TERM? I remember saying to
myself, "that's a neat feature" the first time I saw 1.03 log entries
stating that qmail-send was exiting asap. Maybe I just never noticed this
behaviour in 1.01, or maybe it just wasn't logged.
Rick Myers [EMAIL PROTECTED]
----------------------------------------------------
The Feynman Problem 1) Write down the problem.
Solving Algorithm 2) Think real hard.
3) Write down the answer.
Mark Delany <[EMAIL PROTECTED]> writes on 5 May 1999 at 15:19:36 -0700
> Perhaps it's yet again the case of an rpm-styled installed doing
> "almost the right thing". (I confess to continually seeing reasons
> why DjB was/is so paranoid about others packaging up qmail).
Yes, BUT...*everything else* on this system (that I didn't write
myself) was installed from RPMs, and it *all* works. I've never made
an RPM myself, and I don't mean to cast aspersions on those who made
the qmail RPMs. But the evidence suggests either that qmail is
somehow harder to install right than anything else (including
sendmail), or else that the RPMs for qmail are all badly made.
If qmail is harder to install, is it for good, solid reasons, or is it
the strain of attempting to satisfy Dan's whims? Clearly there *are*
some good solid reasons for some of the strange things about qmail.
Since a number of different people have made qmail RPMs, it seems
somewhat unlikely that they're *all* bad.
Dan may believe his restrictions on distribution serve to protect
qmail's reputation (by preventing a bad distribution from having
security holes, for example). I'm quite sure, from the questions and
problems I see people having, that in fact qmail's reputation is being
seriously damaged by the lack of standard binary packages for it,
especially a really clean RPM for the Linux world.
Oh well. Doesn't interfere with *my* use of it, I can install it from
the tarball just fine. And I've managed (just barely) to avoid any
emotional connection with qmail's broader success, so I'm not letting
the other aspects bother me. I'm also not trying to maintain a few
dozen systems.
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
At 12:07 PM Thursday 5/6/99, [EMAIL PROTECTED] wrote:
>Mark Delany <[EMAIL PROTECTED]> writes on 5 May 1999 at 15:19:36 -0700
>
> > Perhaps it's yet again the case of an rpm-styled installed doing
> > "almost the right thing". (I confess to continually seeing reasons
> > why DjB was/is so paranoid about others packaging up qmail).
>
>Yes, BUT...*everything else* on this system (that I didn't write
>myself) was installed from RPMs, and it *all* works. I've never made
>an RPM myself, and I don't mean to cast aspersions on those who made
>the qmail RPMs. But the evidence suggests either that qmail is
>somehow harder to install right than anything else (including
>sendmail), or else that the RPMs for qmail are all badly made.
Good lord. What evidence is that exactly? Note that I only made an allusion,
not an insinuation and I specifically said "rpm-styled" to indicate that it
wasn't RPM per se. More that people who make packages need to ensure that
their startup and shutdown scripts work properly with the s/w they install.
In fact, in this case it turns out that the problem wasn't related to
packaging at all. Rather, it was the assumption that killall is universally
the right way to stop any application on Unix. As others has pointed out,
this is not the "right" way to shutdown qmail.
>If qmail is harder to install, is it for good, solid reasons, or is it
>the strain of attempting to satisfy Dan's whims? Clearly there *are*
>some good solid reasons for some of the strange things about qmail.
How you conclude that a poorly programmed package that sends the wrong
signals to the wrong processes is somehow the problem of the program that
receives the signal is well beyond me. The man page for qmail-send clearly
states what signals do what. Or is it now the case that package makers
should be excused from reading the documentation and understanding the s/w
as well?
>Since a number of different people have made qmail RPMs, it seems
>somewhat unlikely that they're *all* bad.
Who said they were? But is it possible that they are not all good?
If you've been watching this list you'll surely agree that there have been
numerous cases recently where the installation package has *not* done the
right thing and has caused more confusion that it has solved.
>Dan may believe his restrictions on distribution serve to protect
>qmail's reputation (by preventing a bad distribution from having
>security holes, for example). I'm quite sure, from the questions and
>problems I see people having, that in fact qmail's reputation is being
>seriously damaged by the lack of standard binary packages for it,
>especially a really clean RPM for the Linux world.
This has nothing whatsoever to do with anything. If you send the wrong
signal to sendmail it does not shutdown cleanly either. If you send the
wrong signal to init the system doesn't shutdown cleanly either. So it goes
for qmail. The particular distribution restrictions that Dan applies have no
bearing on this aspect whatsoever.
Regards.
>Sorry again, I dumped the logs from last year. My previous comment can
>be considered an opinion, but am I wrong in thinking that qmail-send ala
>1.01 wasn't as orderly upon receiving a -TERM? I remember saying to
>myself, "that's a neat feature" the first time I saw 1.03 log entries
>stating that qmail-send was exiting asap. Maybe I just never noticed this
>behaviour in 1.01, or maybe it just wasn't logged.
I don't think the behaviour changed, but certainly the log entry was
introduced later - perhaps at 1.03.
Regards.
On Fri, 30 Apr 1999, Petr Novotny wrote:
[ Description of an OpenSMTP scheme where mail submitted via SMTP
is put into a "quarantine spool", to be "POP Authenticated"
and delivered later, has been removed]
[ Also sorry for the late reply, I'm lagging in reading this list ]
> What do you think, is it a DoS in disguise, or is there a decent
> chance to get it working?
A potentially fatal problem comes to mind: are you sure that all
the mail clients do the POP afterwards? Perhaps a busy businessperson
just wants to send a piece of mail, but does not have the time to
fetch/read incoming mail at the time.
Perhaps the modem-over-GSM line fails just after the mail has been sent,
so there never is a POP transaction to do the authentication. Even
worse, the next time they dial in, they get a different IP address, making
it impossible to authenticate the earlier mail.
By accepting the mail you are, in effect, promising to deliver it.
Someone may be upset to find out that you bounced it back or
silently deleted it later.
There may not be any problems in real life, especially if the users
know the idea behind the protocol, so that they always make sure to
do the POP/mail fetching after the mail has been sent.
Just my 2 cents,
- Mikael -
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Mikael Suokas + [EMAIL PROTECTED] + For PGP key finger [EMAIL PROTECTED] +
+ PGP Key fingerprint = C0 3F 31 49 2F 5B EB ED 18 AA 38 E1 63 18 3B FC +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
you said today that writing a patch to refuse mails where the MAIL
FROM domain does not resolve is reinventing the wheel. Now I was
looking for it at www.qmail.org and didn't find it - please tell me the
URL.
Thanks
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBNzGzYFMwP8g7qbw/EQKv/ACcC0H+bYro5k5yiOg9rDyYKmwUQEwAn0dY
dGq01udI73yTIJrpGhM+0srG
=nL6I
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
On Thu, 6 May 1999, Petr Novotny wrote:
> Hi,
>
> you said today that writing a patch to refuse mails where the MAIL
> FROM domain does not resolve is reinventing the wheel. Now I was
> looking for it at www.qmail.org and didn't find it - please tell me the
> URL.
I am curious too.
Today Sam wrote:
sam>>>> A) It's been done before.
Where? I have rechecked the www page and I just didn't find it.
sam>>>> B) You've implemented it wrong. Your patch will reject mail from
sam>>>> @vix.com, for example. You're only checking for A records. You also
sam>>>> need to check for MX records.
Yeah, you're right. I should use dns_mxip instead of dns_ip. My new patch
is downloadable from http://lsc.kva.hu/dl/qmail-1.03-mfcheck.patch
--
Regards: Kevin (Balazs)
On Thu, May 06, 1999 at 04:21:05PM +0100, Petr Novotny wrote:
> you said today that writing a patch to refuse mails where the MAIL
> FROM domain does not resolve is reinventing the wheel. Now I was
> looking for it at www.qmail.org and didn't find it - please tell me the
> URL.
It's the first link in the
Yet More Qmail Addons
section on www.qmail.org pointing to
ftp://ftp.fmp.com/pub/linux/qmail/
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | Yeah, yo mama dresses
Research & Development | mailto:[EMAIL PROTECTED] | you funny and you need
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | a mouse to delete files
D-80807 Muenchen | Fax: +49 (89) 32356-299 |
On Thu, 6 May 1999, Markus Stumpf wrote:
> ftp://ftp.fmp.com/pub/linux/qmail/
I had a look to that patch and I found that I don't want to patch my qmail
with that unconceptious patch. Syslog? Badrcptto? Denymail parsing?
These solutions aren't what I saw in the qmail code.
--
Regards: Kevin (Balazs)
ORBS complained about my mailserver because it did not tell which
orbs'd host it would not talk to.
Harald suggested a patch for rblsmtpd which has been working
fine for a long time. But now it has stopped working. I don't
understand what has happened. The patched rblsmtpd is still
installed. It added the string "Remote IP: x.x.x.x".
Now, the bounce messages says (yes, it really is truncated):
926001343.724531 rblsmtpd: pid 20216: 451 The server sending your mail is in the ORBS
database as an insecure email relay and the admin of the server giving you this
message has not set his filtering up correctly to provide you with the I
What has happened? Where did the "Remote IP .." string go?
How can I fix it? I have not changed anything since it worked.
I suppose ORBS has.
On Sun, Mar 14, 1999 at 02:48:09PM +0100, torben fjerdingstad wrote:
> On Fri, Mar 12, 1999 at 11:19:30PM +0100, Harald Hanche-Olsen wrote:
> > - torben fjerdingstad <[EMAIL PROTECTED]>:
> >
> > | On Fri, Mar 12, 1999 at 10:56:46AM -0500, Timothy L. Mayo wrote:
> > | > You don't without a lot of work. The error message is the TXT
> > | > record from the ORBS database. If Alan Brown wants the IP address
> > | > in the message, he should modify his scripts to place it in the
> > | > TXT record in his ORBS DNS database.
> > |
> > | What kind of work? Changing rblsmtpd?
> >
> > Why not? It shouldn't be too hard: In the check() routine, just
> > before "if (message.len > 200) message.len = 200;" insert something
> > along the lines of (** untested code follows **)
> >
> > x = env_get("TCPREMOTEIP");
> > if (x)
> > if (*x) {
> > if (!stralloc_cats(&message, " (Remote IP: ")) die_sys();
> > if (!stralloc_cats(&message, x) die_sys();
> > if (!stralloc_cats(&message, ")")) die_sys();
> > }
>
> Thank you very much. It works after I added the missing ')'
> right after 'x)' in the second die_sys() line.
--
Med venlig hilsen / Regards
Netdriftgruppen / Network Management Group
UNI-C
Tlf./Phone +45 35 87 89 41 Mail: UNI-C
Fax. +45 35 87 89 90 Bygning 304
E-mail: [EMAIL PROTECTED] DK-2800 Lyngby
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Harald suggested a patch for rblsmtpd which has been working
> fine for a long time. But now it has stopped working. I don't
> understand what has happened. The patched rblsmtpd is still
> installed. It added the string "Remote IP: x.x.x.x".
>
> Now, the bounce messages says (yes, it really is truncated):
>
> 926001343.724531 rblsmtpd: pid 20216: 451 The server sending your mail is
> in the ORBS database as an insecure email relay and the admin of the
> server giving you this message has not set his filtering up correctly to
> provide you with the I
>
> What has happened? Where did the "Remote IP .." string go?
> How can I fix it? I have not changed anything since it worked.
> I suppose ORBS has.
Hey read the patch; Harald says there is a line
"if (message.len > 200) message.len = 200;"
Now what gives? :-)
ORBS has probably prolonged the TXT record.
People out there, is it possible to change the length of the
message simply? Thanks
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBNzG9ZFMwP8g7qbw/EQKcOwCg2S0u/10iUhDBizufIlPvhKDuYXEAn2ey
HIpIIu08PwhwRNwuV/rtiGQI
=10ff
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
On Thu, May 06, 1999 at 05:03:47PM +0100, Petr Novotny wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> > Harald suggested a patch for rblsmtpd which has been working
> > fine for a long time. But now it has stopped working. I don't
> > understand what has happened. The patched rblsmtpd is still
> > installed. It added the string "Remote IP: x.x.x.x".
> >
> > Now, the bounce messages says (yes, it really is truncated):
> >
> > 926001343.724531 rblsmtpd: pid 20216: 451 The server sending your mail is
> > in the ORBS database as an insecure email relay and the admin of the
> > server giving you this message has not set his filtering up correctly to
> > provide you with the I
> >
> > What has happened? Where did the "Remote IP .." string go?
> > How can I fix it? I have not changed anything since it worked.
> > I suppose ORBS has.
>
> Hey read the patch; Harald says there is a line
> "if (message.len > 200) message.len = 200;"
> Now what gives? :-)
Yeah. That's it. Thanks. All well, except for that stupid TXT
message.
> ORBS has probably prolonged the TXT record.
>
> People out there, is it possible to change the length of the
> message simply? Thanks
I would like to customize the whole text.
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 6.0.2 -- QDPGP 2.60
> Comment: http://community.wow.net/grt/qdpgp.html
>
> iQA/AwUBNzG9Y1MwP8g7qbw/EQJWCACdGn6+cr7lhGQIozLxeyP71khEii0AoNq5
> Il4fGHRmk81Uz1lYo7SoDfLu
> =rhE+
> -----END PGP SIGNATURE-----
> --
> Petr Novotny, ANTEK CS
> [EMAIL PROTECTED]
> http://www.antek.cz
> PGP key ID: 0x3BA9BC3F
> -- Don't you know there ain't no devil there's just God when he's drunk.
> [Tom Waits]
--
Med venlig hilsen / Regards
Netdriftgruppen / Network Management Group
UNI-C
Tlf./Phone +45 35 87 89 41 Mail: UNI-C
Fax. +45 35 87 89 90 Bygning 304
E-mail: [EMAIL PROTECTED] DK-2800 Lyngby
all we want it to do is forward incomming smtp mail to our lotus notes
mail
servers..
ive got it set up and ive got in my /var/qmail/control/smtproutes
:notesbox.qrtp.quintiles.com
and in my /etc/hosts i have
10.1.1.1 notesbox.qrtp.quintiles.com notesbox
but when i try sending mail, in the qmail logs, i get
925994401.502934 delivery 3: failure:
Sorry,_I_couldn't_find_any_host_named_notesbox.qrtp.quintiles.co
m._(#5.1.2)/
do i need to define notesbox elsewhere? i CAN ping it just fine from the
box that qmail is running on.
any help appreciated,
Jason
--
=======================================================================
| Jason Welsh [EMAIL PROTECTED] | If you think there's |
| | good in everybody, you |
| http://welsh.dynip.com/ | haven't met everybody. |
=======================================================================
On Thu, May 06, 1999 at 11:38:18AM -0400, Jason wrote:
> all we want it to do is forward incomming smtp mail to our lotus notes
> mail
> servers..
> ive got it set up and ive got in my /var/qmail/control/smtproutes
> :notesbox.qrtp.quintiles.com
>
> and in my /etc/hosts i have
> 10.1.1.1 notesbox.qrtp.quintiles.com notesbox
>
> but when i try sending mail, in the qmail logs, i get
>
> 925994401.502934 delivery 3: failure:
> Sorry,_I_couldn't_find_any_host_named_notesbox.qrtp.quintiles.co
> m._(#5.1.2)/
>
> do i need to define notesbox elsewhere? i CAN ping it just fine from the
> box that qmail is running on.
qmail uses DNS only--it won't look at /etc/hosts.
Change your control/smtproutes file to:
:10.1.1.1
Chris
qmail only uses DNS! It never, NEVER uses /etc/hosts.
On Thu, 6 May 1999, Jason wrote:
> all we want it to do is forward incomming smtp mail to our lotus notes
> mail
> servers..
> ive got it set up and ive got in my /var/qmail/control/smtproutes
> :notesbox.qrtp.quintiles.com
>
> and in my /etc/hosts i have
> 10.1.1.1 notesbox.qrtp.quintiles.com notesbox
>
> but when i try sending mail, in the qmail logs, i get
>
> 925994401.502934 delivery 3: failure:
> Sorry,_I_couldn't_find_any_host_named_notesbox.qrtp.quintiles.co
> m._(#5.1.2)/
>
> do i need to define notesbox elsewhere? i CAN ping it just fine from the
> box that qmail is running on.
>
> any help appreciated,
> Jason
> --
> =======================================================================
> | Jason Welsh [EMAIL PROTECTED] | If you think there's |
> | | good in everybody, you |
> | http://welsh.dynip.com/ | haven't met everybody. |
> =======================================================================
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Administrator
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
Chris Johnson <[EMAIL PROTECTED]> wrote:
>
>qmail uses DNS only--it won't look at /etc/hosts.
>
>Change your control/smtproutes file to:
>
>:10.1.1.1
Make that:
:[10.1.1.1]
-Dave
On Thu, May 06, 1999 at 03:04:09PM -0400, Dave Sill wrote:
> Chris Johnson <[EMAIL PROTECTED]> wrote:
> >
> >qmail uses DNS only--it won't look at /etc/hosts.
> >
> >Change your control/smtproutes file to:
> >
> >:10.1.1.1
>
> Make that:
>
> :[10.1.1.1]
You don't need the brackets. It'll work without them.
Chris
According to the qmail-remote man page, the brackets ARE required.
"host can be either a fully-qualified domain name:
silverton.berkeley.edu
or an IP address enclosed in brackets:
[128.32.183.163]"
On Thu, 6 May 1999, Chris Johnson wrote:
> On Thu, May 06, 1999 at 03:04:09PM -0400, Dave Sill wrote:
> > Chris Johnson <[EMAIL PROTECTED]> wrote:
> > >
> > >qmail uses DNS only--it won't look at /etc/hosts.
> > >
> > >Change your control/smtproutes file to:
> > >
> > >:10.1.1.1
> >
> > Make that:
> >
> > :[10.1.1.1]
>
> You don't need the brackets. It'll work without them.
>
> Chris
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Administrator
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
On Thu, May 06, 1999 at 04:00:49PM -0400, Timothy L. Mayo wrote:
> According to the qmail-remote man page, the brackets ARE required.
>
> "host can be either a fully-qualified domain name:
>
> silverton.berkeley.edu
>
> or an IP address enclosed in brackets:
>
> [128.32.183.163]"
The bit you've referenced has nothing to do with what goes in
control/smtproutes. The above is a requirement for the 'host' argument to
qmail-remote.
The qmail-remote man page seems to suggest that you shouldn't use IP addresses
in smtproutes at all: "...qmail-remote will connect to relay, as if host had
relay as its only MX." Since an MX record can't be an IP address--only a host
name--this might lead one to believe that only a host name should appear after
the colon. We know, however, that it does work with IP addresses. The man page
doesn't address using IP addresses at all, with or without brackets.
Chris
You are correct and I was wrong. smtproutes does not need the []s.
dns_ip() is coded such that it is simply looking for a dotted quad IP
address, regardless of whether there are braces. :)
Sorry for the confusion on my part. DJB is fairly strict on his syntax
for other files and it surprises me that it is not the case for
smtproutes.
On Thu, 6 May 1999, Chris Johnson wrote:
> On Thu, May 06, 1999 at 04:00:49PM -0400, Timothy L. Mayo wrote:
> > According to the qmail-remote man page, the brackets ARE required.
> >
> > "host can be either a fully-qualified domain name:
> >
> > silverton.berkeley.edu
> >
> > or an IP address enclosed in brackets:
> >
> > [128.32.183.163]"
>
> The bit you've referenced has nothing to do with what goes in
> control/smtproutes. The above is a requirement for the 'host' argument to
> qmail-remote.
>
> The qmail-remote man page seems to suggest that you shouldn't use IP addresses
> in smtproutes at all: "...qmail-remote will connect to relay, as if host had
> relay as its only MX." Since an MX record can't be an IP address--only a host
> name--this might lead one to believe that only a host name should appear after
> the colon. We know, however, that it does work with IP addresses. The man page
> doesn't address using IP addresses at all, with or without brackets.
>
> Chris
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Administrator
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
Timothy L. Mayo said once upon a time (Thu, 6 May 1999):
> You are correct and I was wrong. smtproutes does not need the []s.
> dns_ip() is coded such that it is simply looking for a dotted quad IP
> address, regardless of whether there are braces. :)
It used to require []s.
On 06-May-99 Dax Kelson wrote:
> Timothy L. Mayo said once upon a time (Thu, 6 May 1999):
>
>> You are correct and I was wrong. smtproutes does not need the []s.
>> dns_ip() is coded such that it is simply looking for a dotted quad IP
>> address, regardless of whether there are braces. :)
>
> It used to require []s.
>
I would expect this to be one of those 'subject to change without notice'
kinda things.
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
Glad to hear that. :) I was beginning to think I was off my rocker. :)
On Thu, 6 May 1999, Dax Kelson wrote:
> Timothy L. Mayo said once upon a time (Thu, 6 May 1999):
>
> > You are correct and I was wrong. smtproutes does not need the []s.
> > dns_ip() is coded such that it is simply looking for a dotted quad IP
> > address, regardless of whether there are braces. :)
>
> It used to require []s.
>
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Administrator
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
On Thu 1999-04-29 (15:36), Chris Garrigues wrote:
> In recent times, I've been installing qmail off of the SRPM from
> [EMAIL PROTECTED] Previously, I built it myself. This SRPM uses a
> variety of packages that I haven't fully mastered yet (such as daemontools,
> etc).
>
> One of the changes is that I was using syslog and it uses cyclog.
>
> Every night at midnight, I have a cronjob that rotates the syslog and sends
> email with a qmail-analog report in it. Since cyclog may cycle it's logs at
> any time, it isn't clear to me how to integrate qmail-analog with cyclog.
>
> How are other people getting daily reports of qmail usage when they use cyclog?
I'm doing that. When I first started using the Memphis rpm I just changed the
init script to use splogger, but after asking questions on this and the
cyclog list I came up with something that gives me stats every day using
cyclog and qmailanalog. It's a bit of a hack and needs cleaning up, but you
can find it at:
ftp://yoda.cs.ru.ac.za/pub/qmail/krb
HTH
- Keith
> Chris
--
Keith Burdis - MSc (Com Sci) - Rhodes University, South Africa
Email : [EMAIL PROTECTED]
WWW : http://www.rucus.ru.ac.za/~keith/
IRC : Panthras JAPH
"Any technology sufficiently advanced is indistinguishable from a perl script"
Standard disclaimer.
---
Hi,
(I've been off this list for a while, but I'm back
now - apologies if I've just missed anything like
this)
Has anyone successfully setup rblsmtpd (as a front
for qmail-smtpd) running through inetd?
I realise that having something like:
smtp stream tcp nowait.1000 qmaild /usr/sbin/tcpd \
/usr/local/qmail/bin/tcp-env /usr/local/qmail/bin/rblsmtpd \
/usr/local/qmail/bin/qmail-smtpd
is going to be at least a little inefficient, but it
would do an initial attempt to start using the RBLs.
Also, (and slightly off-topic) does anyone here have
experience of the list at http://www.imrss.org/dssl/?
Cheers,
Matthew.
ok, ive got the ip address in my smtproutes file pointing to
my internal notes box..
now that will forward "outgoing" mail to my notes box (i guess, correct
me if im worng)..
ive telneted to the qmail box on port 25 and sent a test message
to my account on the notes box..
the qmail log says it cant establish an smtp connection..
I believe its going to my dns and trying to send to the server that
the MX record points to... (its an external entry, so it wont work)
this box is eventually going to be on our DMZ forwarding mail inside
our lan. Is there any way i can just get qmail to
force deliveries to the notesbox on my internal network?
more help appreciated..
--
=======================================================================
| Jason Welsh [EMAIL PROTECTED] | If you think there's |
| | good in everybody, you |
| http://welsh.dynip.com/ | haven't met everybody. |
=======================================================================
On Thu, May 06, 1999 at 01:34:20PM -0400, Jason wrote:
> I believe its going to my dns and trying to send to the server that
> the MX record points to... (its an external entry, so it wont work)
> this box is eventually going to be on our DMZ forwarding mail inside
> our lan. Is there any way i can just get qmail to
> force deliveries to the notesbox on my internal network?
In the smtproutes file use:
domain:[IP address]
instead of
domain:[FQDN]
For example:
bozo.com:[100.110.111.1]
This allows one to simulate an MX record with higher precedence
that those in the DNS.
--
Quist Consulting Email: [EMAIL PROTECTED]
219 Donlea Drive Voice: +1.416.696.7600
Toronto ON M4G 2N1 Fax: +1.416.978.6620
CANADA WWW: http://www.quist.on.ca
have qmail try to deliver something local and if it cant deliver it
there,
try to deliver it remotely?
for instance ive got the domain foo.com. I have foo.com in my locals
file
so I can forward stuff like [EMAIL PROTECTED] and
[EMAIL PROTECTED] but thats it.. for ALL other users on foo.com, i
want it to forward those to some other server.. is there a slick way to
do that?
hopefully this will be my last question :)
--
=======================================================================
| Jason Welsh [EMAIL PROTECTED] | If you think there's |
| | good in everybody, you |
| http://welsh.dynip.com/ | haven't met everybody. |
=======================================================================
Yes in .qmail-default for your server, (usually in ~alias)
put in the line:
|forward $[EMAIL PROTECTED]
Anything that doesn't get delivered on the first try will be delivered
to [EMAIL PROTECTED]
--
------------------------------------------------------------------------
// Jere Cassidy - System Administration - D&E SuperNet
email: [EMAIL PROTECTED] phone: (717)738-7054
web: http://www.desupernet.net/jere
pager/pcs: [EMAIL PROTECTED] - (717)203-0042
~~~ "While sowing the seeds of Utopia,
you invoked a convenient amnesia" -BR ~~~
------------------------------------------------------------------------
> Unfortunately, qmail-smtpd does not *make* any log entries. This is a
> huge defect, as you can see. You'll have to rely getting the bounce
> messages, whereever they wind up.
Can someone please explain what these messages in /var/log/maillog
mean? (RH5.2 sys, I installed qmail, but I probably botched it) It
appears that messages to most hosts are sent as intended,
but anything to @psu.edu gets deferred (We haven't noticed any lost
mail, and we've been running for a while, albeit with only a little
mail, so I'm assuming they eventually get through). I'm told psu.edu
is a multi-homed host, and that that may be a source of problems. Is
this it? Is it something else? How do I correct it?
(User ID's modifyied, datestamps removed for space)
Thanks again in advance!
maillog section:
info msg 20153: bytes 1530 from <[EMAIL PROTECTED]> qp 13463 uid
1004
starting delivery 14: msg 20153 to remote [EMAIL PROTECTED]
status: local 0/10 remote 1/20
delivery 14: deferral:
Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
status: local 0/10 remote 0/20
new msg 20158
info msg 20158: bytes 2828 from <[EMAIL PROTECTED]> qp 13563 uid
1004
starting delivery 15: msg 20158 to remote [EMAIL PROTECTED]
status: local 0/10 remote 1/20
delivery 15: deferral:
Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
status: local 0/10 remote 0/20
starting delivery 16: msg 20148 to remote [EMAIL PROTECTED]
status: local 0/10 remote 1/20
delivery 16: deferral:
Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
status: local 0/10 remote 0/20
new msg 20160
info msg 20160: bytes 1303 from <[EMAIL PROTECTED]> qp 13598 uid 1004
starting delivery 17: msg 20160 to remote [EMAIL PROTECTED]
status: local 0/10 remote 1/20
delivery 17: success: 207.227.134.2_accepted_message./Remote_host_said:_250_Ok/
status: local 0/10 remote 0/20
end msg 20160
starting delivery 18: msg 20155 to remote [EMAIL PROTECTED]
status: local 0/10 remote 1/20
delivery 18: deferral:
Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
status: local 0/10 remote 0/20
starting delivery 19: msg 20153 to remote [EMAIL PROTECTED]
status: local 0/10 remote 1/20
delivery 19: deferral:
Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
status: local 0/10 remote 0/20
On Thu, May 06, 1999 at 04:59:20PM -0400, Brett Borger wrote:
> > Unfortunately, qmail-smtpd does not *make* any log entries. This is a
> > huge defect, as you can see. You'll have to rely getting the bounce
> > messages, whereever they wind up.
>
> Can someone please explain what these messages in /var/log/maillog
> mean? (RH5.2 sys, I installed qmail, but I probably botched it) It
> appears that messages to most hosts are sent as intended,
> but anything to @psu.edu gets deferred (We haven't noticed any lost
> mail, and we've been running for a while, albeit with only a little
> mail, so I'm assuming they eventually get through). I'm told psu.edu
> is a multi-homed host, and that that may be a source of problems. Is
> this it? Is it something else? How do I correct it?
The messages say, "unable to establish an SMTP connection," and this is exactly
what they mean. I just tried connecting to port 25 on each of psu.edu's MX
hosts, and they all refused the connection. Apparently they're having problems
of some sort.
Chris
Go DAN!!! I can wait for qmail2 if this is what your up too...
http://www.news.com/News/Item/0,4,0-36217,00.html?st.ne.lh..ni
On 06-May-99 Dax Kelson wrote:
>
> Go DAN!!! I can wait for qmail2 if this is what your up too...
>
> http://www.news.com/News/Item/0,4,0-36217,00.html?st.ne.lh..ni
>
>
>
Woo Hoo! Dan 2 Clinton & Co. 0 Good goin' Dan!!
Now to watch koobera.
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
At 03:32 PM 5/6/99 -0600, you wrote:
>
>Go DAN!!! I can wait for qmail2 if this is what your up too...
>
>http://www.news.com/News/Item/0,4,0-36217,00.html?st.ne.lh..ni
I wouldn't get too happy yet, I live in the area of the 9th Circuit
Court of Appeals, they have been reversed more than any other circuit
court in the US (28 of 30 decisions reversed on cert. granted by the
US Supreme Court)...In my opinion, this decision will be reversed by
the Supreme Court, if it decides to grant cert. by basis of Gov't appeal
-Bill
p.s. - I also believe that most of the judges who make up the 9th
circuit court of appeals smoke crack while on the bench...
-----BEGIN PGP SIGNED MESSAGE-----
On Thu, 6 May 1999, Bill Parker wrote:
> p.s. - I also believe that most of the judges who make up the 9th
> circuit court of appeals smoke crack while on the bench...
Are these guys related to the people who felt it was necessary to get
a search warrant to search the government owned computer of the suspected
Chinese spy at Lost Alamos?
Scott
ps: Notice that I have a pgp sig? I just put that in place after the
ruling on pgp (exporting).
pps: Sun just pu and decided to put 128bit encryption on its desktop,
worlwide, for worldwide compatiblity.. the justice department decided
*not* to even bother with that. Makes you wonder, doesn't it?
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNzJxC1vCesh4C4FtAQE9GAP9FwSzhAY2bklNcTWygLhxp0n604zJWg9a
Nq8u7zcCy8iXvtty+e+OJlVSP7/TJSFiWc5hco1M8rNUSJbEAWOHmfa52cX/BlnU
bskvd/JiGdvkGqaDoGosPP4ppM3JZNiDrmMYVPNQuit7ecMxP0qKcaFnzuFT5h0s
jaxf+ycHDVA=
=L4CL
-----END PGP SIGNATURE-----
Hello,
Another site can't send mail to my site because the connection times
out. I believe the connection may be timing out because of his DNS. I'd
like to air my reasoning out here so that a) people who understand tcpserver
better can verify what I believe the man page is telling me, and b) people
who understand DNS better can verify what I'm seeing in DNS.
The really short version is:
1) I don't think logical.logical-approach.com (207.168.117.16) has reverse
DNS mappings. Am I wrong?
2) If it doesn't, could that trigger a 10 minute delay before tcpserver goes
ahead with the connection?
The long version is:
My machine is hunin.scansoft.com (4.17.150.117), running qmail-1.0.3 and
ucspi-tcp-0.84. The remote site has various machines which are
demonstrating this problem, notably carrera.nine-eleven.com but, in this
test, logical.logical-approach.com (207.168.117.16).
The symptom is that SMTP connections from there hang for 10 minutes
before the "220 hunin.scansoft.com ESMTP" message is sent. Their sendmail
config has a 5-minute connection timeout (I don't know if that's greet or in
general), so they give up before they get through.
I'm logging tcpserver with -v to get more info. Here is the command
line, pulled out of 'ps', for a connection attempt in progress (wrapped by
me):
qmaild 6428 0.0 0.3 844 424 ? S 16:07 0:00 \
tcpserver -v -c100 -x/etc/tcp.smtp.cdb -u 501 -g 500 \
0 smtp /var/qmail/bin/qmail-smtpd
Here are the 3 lines concerning this connection that tcpserver logs
(also wrapped by me):
May 6 16:07:34 hunin tcpserver: 926021254.455163 tcpserver: \
pid 6428 from 207.168.117.16
May 6 16:17:01 hunin tcpserver: 926021821.613477 tcpserver: \
ok 6428 hunin.scansoft.com:4.17.150.117:25 :207.168.117.16::52739
May 6 16:17:01 hunin tcpserver: 926021821.613671 tcpserver: \
end 6428 status 256
Note that it took 9-1/2 minutes for tcpserver to continue, and when it
did so, it had not figured out the name for this host.
Now, my understanding of the default tcpserver behavior is:
-P (not paranoid, so no hangups there)
-h (look up remote host name and set TCPREMOTEHOST)
-r (Attempt to obtain TCPREMOTEINFO from the remote host) (ident?!?)
-t... (give up on TCPREMOTEINFO after 26 seconds by default)
So, it'll try 'ident' for 26 seconds, then give up. But it will also
try to do a reverse DNS lookup on the remote host. It isn't being paranoid,
so it won't refuse it on the basis of that info, but the reverse DNS lookup
doesn't have a specific timeout.
So, next I ran nslookup to figure out if this place has reverse info.
My understanding (NOTE, here's where I'm shaky!) is that the following
commands (ptr, then any) should show me if there are any reverse records
(log prefixed with "% "):
% [gowen@hunin log]$ nslookup
% Default Server: vnsc-pri.sys.gtei.net
% Address: 4.2.2.1
%
% > set type=ptr
% > 16.117.168.207.in-addr.arpa
% Server: vnsc-pri.sys.gtei.net
% Address: 4.2.2.1
%
% *** vnsc-pri.sys.gtei.net can't find 16.117.168.207.in-addr.arpa:
% Non-existent host/domain
% > set type=any
% > 16.117.168.207.in-addr.arpa
% Server: vnsc-pri.sys.gtei.net
% Address: 4.2.2.1
%
% *** vnsc-pri.sys.gtei.net can't find 16.117.168.207.in-addr.arpa:
% Non-existent host/domain
And, just to check myself, let's do it for my host (hunin.scansoft.com):
% > 117.150.17.4.in-addr.arpa
% Server: vnsc-pri.sys.gtei.net
% Address: 4.2.2.1
%
% Non-authoritative answer:
% 117.150.17.4.in-addr.arpa name = hunin.scansoft.com
%
% Authoritative answers can be found from:
% 150.17.4.in-addr.arpa nameserver = knock.ser.bbnplanet.net
% 150.17.4.in-addr.arpa nameserver = nic3.barrnet.net
% 150.17.4.in-addr.arpa nameserver = nic.near.net
% knock.ser.bbnplanet.net internet address = 192.239.16.129
% nic3.barrnet.net internet address = 131.119.245.6
% nic.near.net internet address = 192.52.71.4
So, my theory:
1) They don't have reverse DNS on logical.logical-approach.com (they say
they do)
2) tcpserver takes 10 minutes before giving up on the reverse DNS lookup
3) so when it continues with the transaction, they've already hung up.
If this is all true:
1) Is there anything requiring reverse DNS for mail hosts (i.e., are they
broken?)
If I'm blowing smoke out my *ss:
1) Any other suggestions as to what I should look at?
Any help you can give is greatly appreciated.
--
gowen -- Greg Owen -- [EMAIL PROTECTED]
I had a similar problem - took a very long time to establish connections
from outside my own network. It turned out to be DNS-related. Basically, I
only allow specific ports through the router, and deny everything else. i.e.
I allow ports 22,25,110
What I had to do was to allow packets with the ACK bit set to pass on other
ports i.e. the connection is established, and a port is negotiated for the
server and client to talk on. The server then continues listening on the
default SMTP and POP3 ports.
We have been using Qmail to automatically send emails to people. But the
header format has been giving us problems.
In our email construction we have
1) no "CC: " field in the header:
Subject: some subject here
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
This will result in
Subject: some subject here
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
CC: recipient list not shown: ; <== this gives people an
impression that we are forwarding the email
to other
people and in fact we did not.
2) If we use an empty list of "CC: ":
Subject: some subject here
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
CC:
Return_Path: [EMAIL PROTECTED]
We get
From: [EMAIL PROTECTED]
CC: Return-Path:, [EMAIL PROTECTED]
How can I not let the "CC: " field be shown in the constructed email
when a recipient receives it?
Thanks.
Scott Liu
Software Developer
831 460 4300
.....................................................................
TAPESTRY.NET - On Target, Online Recruiting
111 Mission St. Santa Cruz, CA 95060
Visit our web sites at:
http://www.tapestry.net
http://www.asia-net.com Bilingual Professionals
http://www.developers.net Software Developers
-----BEGIN PGP SIGNED MESSAGE-----
> Russ went a little too far, I think. "Ability to ask questions that
> demonstrate that one has read the documentation and that include at
> least some of the relevant details" would be good enough. One can't
> expect someone to know exactly which information is required if they
> don't know what the problem is.
Right. I'm not a QMAIL expert. I do not want to be. I just want to
install it and have it work. I do know 80% (probably more) of sendmail,
although I only needed to know how to compile to get it to install.
I now have set up a sparc Sparc of mine at home (LX, 96MB ram, 4GB disk)
so that I can DJB'ify it with DJBware. I have broken my home mailer
since I can't figure out how to get rblsmtpd started the same way that I
got it started when I last spent days working on it.
So, anyway, the bottom line here is that now I will finally start
producing those docs taht everyone says that anyone can write if they
don't think the current docs are sufficient. Of course, the docs are
going to be written by someone who is not a qmail expert and will thus
reflect that (and certainly receive very harsh treatment from this list
because the docs may not just be 100% correct with everything).
I am going to do it anyway -- if nothing else, then for myself when I
next am asked to install qmail at some un-suspecting site.
Scott
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNzJFRFvCesh4C4FtAQFOmQP8CvMbLK+m1Ud2qVOa+aQr5qL6UeaKXxR1
uO9sNZZu6UsD11qV4kvulJOJUFyvsZNUCAC5u/l508q8TAlBMy7Ga3Ngr/bgJVNk
/gRPukVMJxCC/QImRTQrZeYNBGw7CTLNyaRcLv5W9af1wU4V9UDFppxf851scL3/
29h5yETy9Fs=
=+lmX
-----END PGP SIGNATURE-----
hi
this is a test.
----
BoLiang [EMAIL PROTECTED]
I don't recall seeing it in the FAQ or docs for EZMLM,
but is there a way to set it to a "digest" mode for the mailing
list?
Thanks!
Be well!
--
Pax, Amor, Concordia,
Conchobar mac Gabhann
e-mail:
[EMAIL PROTECTED]
http://www.auborneoaks.com/~gvantass
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
You've gotta dance like nobody's watching,
And love like it ain't ever gonna hurt.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I'm using fast-forward and an assing db. It appears that the local user
pulls rank over the alias. I figured having:
| /bin/fastforward -d /etc/aliases.cdb
in ~alias/.qmail-default would stop that, but apparently I'm wrong. What
do I need to do to shift priorities? Thanks. andy
--
-----------------------------------------------------------------------
Andy Walden Work Email: [EMAIL PROTECTED]
Network Administrator, Pers Email: [EMAIL PROTECTED]
MTCO Communications Phone: (800) 859-6826
" Reality is just Chaos with better lighting. "
On Thursday, May 06, 1999 at 08:58:33 PM, Andy Walden wrote:
Change your call to fastforward as follows:
| /bin/fastforward -p -d /etc/aliases.cdb;
The -p will force it to exit with code 99 and prevent the rest of
your .qmail-default from completing. Check the man page, more info
is included.
Steve
>
> I'm using fast-forward and an assing db. It appears that the local user
> pulls rank over the alias. I figured having:
> | /bin/fastforward -d /etc/aliases.cdb
> in ~alias/.qmail-default would stop that, but apparently I'm wrong. What
> do I need to do to shift priorities? Thanks. andy
>
>
> --
> -----------------------------------------------------------------------
> Andy Walden Work Email: [EMAIL PROTECTED]
> Network Administrator, Pers Email: [EMAIL PROTECTED]
> MTCO Communications Phone: (800) 859-6826
> " Reality is just Chaos with better lighting. "
>
>
>
>
>
Nothing to do with qmail, but I thought some people might be interested.
"In a 2-to-1 vote, a federal panel affirmed U.S. District Judge Marilyn Patel's 1997
landmark ruling in Daniel Bernstein vs. the Justice Department. That decision states
that software source code is a language, and therefore the export controls violate the
University of Illinois math professor's First Amendment right."
full story at http://www.news.com/News/Item/0,4,0-36217,00.html?st.ne.lh..ni
bt
--
Bart Blanquart
[EMAIL PROTECTED]
tel (02)50 51 916 fax (02)50 51 930
TV is called a medium because it is neither rare nor well done.
I've got a couple of things that are happening with smtpd..
First, they have a habit of sticking around...
I have smtpd processes stuck in the system that are around 2 weeks old.
Each one seems to have a defunct task tied to it and when I kill the smtpd,
the defunct vanishes with it.
Second is a complaint from our Customer Service folk, seems clients with
outlook(Yeah, I know it's microsoft, so who should care :) have problems when
they send large attachments. About 600k-1Meg into the transfer, it slows down
to a crawl. Anyone heard of this one?
Thanks in advance...
Greg
I'm encountering the first problem as well (hanging defunct smtpd
processes). I would like to hear any solution on this matter...
Franky
> ----------
> From: Greg Moeller[SMTP:[EMAIL PROTECTED]]
> Sent: Friday, May 07, 1999 11:12 AM
> To: [EMAIL PROTECTED]
> Subject: A couple of smtpd questions..
>
> I've got a couple of things that are happening with smtpd..
> First, they have a habit of sticking around...
> I have smtpd processes stuck in the system that are around 2 weeks old.
> Each one seems to have a defunct task tied to it and when I kill the
> smtpd,
> the defunct vanishes with it.
>
> Second is a complaint from our Customer Service folk, seems clients with
> outlook(Yeah, I know it's microsoft, so who should care :) have problems
> when
> they send large attachments. About 600k-1Meg into the transfer, it slows
> down
> to a crawl. Anyone heard of this one?
>
> Thanks in advance...
>
> Greg
>
>
hello,
some times as now i have to set up a mini-mailing list for <10 persons, i do
not want to install a heavyweight list manager, only for one sporadic small
list...
but to be fully usable, i would like to change or set the REPLY-TO field of the
incoming messages. I lokked into the FAQ, but didn't found this problem
adressed... i tryed to parse the thing through deliver, but the messages goes
out inchanged, thus the return from deliver to qmail doesn't seem to work....
so is there a way to manipulate the header in user-land through a .qmail-list?
ciao
bboett
==============================================================
acount at earthling net
http://erm6.u-strasbg.fr/~bboett
===============================================================
Unsolicited commercial email is NOT welcome at this email address
To contact me replace acount by bboett in above addresses
