qmail Digest 5 Feb 2000 11:00:01 -0000 Issue 902
Topics (messages 36751 through 36813):
Re: qmail and rblsmtpd
36751 by: lemonlainey
36761 by: Paul Schinder
36778 by: kevin
36783 by: schinder.leprss.gsfc.nasa.gov
36791 by: kevin
Is recent version of qmail realy secure?
36752 by: Bolmehag, Peter
36759 by: Russ Allbery
Re: Bandwidth
36753 by: Marek Narkiewicz
Re: Routin only some virtual-adresses
36754 by: Puck
36755 by: Petr Novotny
36757 by: Puck
36762 by: Paul Schinder
36763 by: Petr Novotny
Re: Qmail anti-virus package?
36756 by: Rainer Link
36765 by: Rainer Link
Re: "shell-init: could not get current directory"
36758 by: Russ Allbery
workaround for port 25 block?
36760 by: Brian R
36789 by: Bruno Wolff III
36803 by: Racer X
36805 by: Aaron L. Meehan
36806 by: Aaron L. Meehan
Virtual Domains & Aliases
36764 by: RHubbard.SARCOM.COM
36766 by: Robert Sander
36773 by: Robert Sander
36775 by: Chris Johnson
36776 by: Robert Sander
36777 by: Chris Johnson
36779 by: Robert Sander
Re: fsync semantics (was Re: Linux kernel ....)
36767 by: craig.jcb-sc.com
36774 by: Russell Nelson
36781 by: David Dyer-Bennet
36788 by: Bruno Wolff III
36790 by: Andre Oppermann
Off Topic: Bernstein vs. US DOJ Text of ruling
36768 by: Soffen, Matthew
36770 by: iv0
36771 by: Soffen, Matthew
Re: /var/spool/mail delivery using a dot-qmail file
36769 by: Peter Green
36772 by: Tim Hunter
36801 by: Racer X
Attachments over 500K slow
36780 by: Shakaib Sayyid
36782 by: Uwe Ohse
rcpthosts
36784 by: clifford thurber
36785 by: Chris Johnson
36792 by: Dave Sill
How do I configure an Autoresponder? And which one should I use?
36786 by: Max
36794 by: Dave Sill
I know this isn't the right forum for this message.... but Thanks!
36787 by: Max
Re: how do i
36793 by: Dave Sill
Re: virus scanning & lotus
36795 by: Marco Leeflang
36798 by: Rainer Link
REMOVE
36796 by: Zimmerman, John
qmail daemon dying
36797 by: DeChavez , Andrew
How would one do this? (qmail + exchange servers)
36799 by: Sean Casey
additional info (was workaround for port 25 block?)
36800 by: Brian R
36802 by: Chris Johnson
Re: Restrict Times
36804 by: David L. Nicol
Queue and remote
36807 by: Director tecnico del Nodo Nicarao -- Juan Navas
Pop and systems accounts
36808 by: Director tecnico del Nodo Nicarao -- Juan Navas
36809 by: Juan E Suris
36810 by: Chris Johnson
Hanging of qmail SMTP
36811 by: Md. Sifat Ullah Patwary
Re: LEAVE
36812 by: petervd.vuurwerk.nl
Re: Filtering out email addresses with pipe symbol
36813 by: petervd.vuurwerk.nl
Administrivia:
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Just a thought, if an email is revoked due to rblsmtpd refusing it, will
an email client return the error:
** Couldn�t complete the last command because a network stream error
occurred.
Or, is that just a bad setup of rblsmtpd ?
Regards,
Kevin
At 10:44 AM +0000 2/4/00, kevin wrote:
>Hi All,
>
>Is there anyone who knows about how to setup rblsmtpd ?
>
>I've tried loads of different sources and I can't seem to find a way to
>set-up qmail to bloke relay spam to my server.
>
>This my current start-up for qmail in /etc/init.d :
> /usr/local/bin/tcpserver -v -u 101 -g 100 0 smtp
>/var/qmail/bin/qmail-smtpd &
>
>I have tried the following combinations :
>
>Here is the rblsmtpd help prompt :
> rblsmtpd [ -b ] [ -R ] [ -r domain ] [ -t timeout ] smtpd [ arg ...
>]
>
>And in theory this should work :
> /usr/local/bin/tcpserver -v -u 101 -g 100 0 smtp
>/opt/software/bin/rblmstpd /var/qmail/bin/qmail-smtpd &
>
>But, ir doesn't bloke reply spam from the test from RSS list?
Because you didn't tell it to. rblsmtpd by default only checks the
RBL. You can chain them:
rblsmtpd rbmsmtpd -rrelays.mail-abuse.org ...
or there's a patch available at www.qmail.org to allow rblsmtpd to
take more than one -r.
But you say you're trying to block "relay spam". Do you mean that a
spammer is relaying spam through your server? If so, rblsmtpd isn't
going to fix that. You've botched the installation of qmail if
spammers can relay, since by default qmail won't relay.
>
>Any ideas?
>
>
>Regards,
>
>Kevin Smith
>Lemon Lainey Design UK
>http://www.lemonlaineydesign.com
--
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693
[EMAIL PROTECTED]
The problem I have is if I do use:
/usr/local/bin/tcpserver -v -u 101 -g 100 0 smtp
/opt/software/bin/rblmstpd /var/qmail/bin/qmail-smtpd &
I cannot send mail through my server from an email client like Claris
Emailer, I get the error: network stream error.
I so as I set it back to the orginal settings of:
/usr/local/bin/tcpserver -v -u 101 -g 100 0 smtp
/var/qmail/bin/qmail-smtpd &
Would you know why this is?
Also the line:
rblsmtpd rbmsmtpd -rrelays.mail-abuse.org ...
Is rbmsmtpd meant to be rblsmtpd?
>At 10:44 AM +0000 2/4/00, kevin wrote:
>>Hi All,
>>
>>Is there anyone who knows about how to setup rblsmtpd ?
>>
>>I've tried loads of different sources and I can't seem to find a way to
>>set-up qmail to bloke relay spam to my server.
>>
>>This my current start-up for qmail in /etc/init.d :
>> /usr/local/bin/tcpserver -v -u 101 -g 100 0 smtp
>>/var/qmail/bin/qmail-smtpd &
>>
>>I have tried the following combinations :
>>
>>Here is the rblsmtpd help prompt :
>> rblsmtpd [ -b ] [ -R ] [ -r domain ] [ -t timeout ] smtpd [ arg ...
>>]
>>
>>And in theory this should work :
>> /usr/local/bin/tcpserver -v -u 101 -g 100 0 smtp
>>/opt/software/bin/rblmstpd /var/qmail/bin/qmail-smtpd &
>>
>>But, ir doesn't bloke reply spam from the test from RSS list?
>
>Because you didn't tell it to. rblsmtpd by default only checks the
>RBL. You can chain them:
>
>rblsmtpd rbmsmtpd -rrelays.mail-abuse.org ...
>
>or there's a patch available at www.qmail.org to allow rblsmtpd to
>take more than one -r.
>
>But you say you're trying to block "relay spam". Do you mean that a
>spammer is relaying spam through your server? If so, rblsmtpd isn't
>going to fix that. You've botched the installation of qmail if
>spammers can relay, since by default qmail won't relay.
>
>
>>
>>Any ideas?
>>
>>
>>Regards,
>>
>>Kevin Smith
>>Lemon Lainey Design UK
>>http://www.lemonlaineydesign.com
>
>--
>Paul J. Schinder
>NASA Goddard Space Flight Center
>Code 693
>[EMAIL PROTECTED]
>
On Fri, Feb 04, 2000 at 04:20:48PM +0000, kevin wrote:
} The problem I have is if I do use:
} /usr/local/bin/tcpserver -v -u 101 -g 100 0 smtp
} /opt/software/bin/rblmstpd /var/qmail/bin/qmail-smtpd &
Could this typo ^^^ be the problem?
}
} I cannot send mail through my server from an email client like Claris
} Emailer, I get the error: network stream error.
}
} I so as I set it back to the orginal settings of:
} /usr/local/bin/tcpserver -v -u 101 -g 100 0 smtp
} /var/qmail/bin/qmail-smtpd &
}
} Would you know why this is?
}
}
} Also the line:
}
} rblsmtpd rbmsmtpd -rrelays.mail-abuse.org ...
}
} Is rbmsmtpd meant to be rblsmtpd?
Yes, it is.
--
--------
Paul J. Schinder
NASA Goddard Space Flight Center
[EMAIL PROTECTED]
Also, do you know what the flags -R and -b mean for rblsmtpd ?
>On Fri, Feb 04, 2000 at 04:20:48PM +0000, kevin wrote:
>} The problem I have is if I do use:
>} /usr/local/bin/tcpserver -v -u 101 -g 100 0 smtp
>} /opt/software/bin/rblmstpd /var/qmail/bin/qmail-smtpd &
>
>Could this typo ^^^ be the problem?
>
>}
>} I cannot send mail through my server from an email client like Claris
>} Emailer, I get the error: network stream error.
>}
>} I so as I set it back to the orginal settings of:
>} /usr/local/bin/tcpserver -v -u 101 -g 100 0 smtp
>} /var/qmail/bin/qmail-smtpd &
>}
>} Would you know why this is?
>}
>}
>} Also the line:
>}
>} rblsmtpd rbmsmtpd -rrelays.mail-abuse.org ...
>}
>} Is rbmsmtpd meant to be rblsmtpd?
>
>Yes, it is.
>
>
>--
>--------
>Paul J. Schinder
>NASA Goddard Space Flight Center
>[EMAIL PROTECTED]
>
Regards,
Kevin Smith
Lemon Lainey Design UK
http://www.lemonlaineydesign.com
Hi!
I have installed the recent (yesterday) version of qmail. I have a rcphosts
file with a few domains. Now is it secure or nor? I get confused by reading
the list.
My setup fails test 6 at orbs, but some say it is safe anyway and that the
mail is rejected internally. Some say that I need to install some extra
program to get that security.
Which is the correct answer?
/peter
Bolmehag, Peter <[EMAIL PROTECTED]> writes:
> My setup fails test 6 at orbs, but some say it is safe anyway and that
> the mail is rejected internally. Some say that I need to install some
> extra program to get that security.
> Which is the correct answer?
The simple ORBS tester (the one that doesn't actually try to receive the
mail message back again) returns false positives with qmail. (And with
Postfix too, IIRC.) If you have a rcpthosts file and you don't relay mail
to a sendmail machine that supports percent-hack and other sorts of
things, you should be fine.
qmail doesn't need patches to not relay. The default qmail configuration
doesn't relay.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Thanks everyone who replied on and off list. I now have enough data to stop worrying
that i've under
provisioned. Guess i have somewhere to play quake from now. :-)
Await the next installation. Cheers all. :-)
On Thu, 3 Feb 2000 18:54:25 -0800, [EMAIL PROTECTED] wrote:
>If I understand correctly, you don't need to plan bandwidth for
>web browsing, as that goes through the dial-in provider, but
>you do need to plan for smtp bandwidth, as that's in-house?
>
>I'm reading page 33 of the Jan 31, 2000 Netword World magazine,
>which has an article quoting stats from Ferris Research:
>
>User messaging will jump 81% to 34 messages -received- per user per day.
>Message size will jump 192% to 286KB per message.
>
>If you take that at face value, you need to be able to handle
>(286KB * 8) * 34 * 10,000 (or whatever you said), divided by
>36000 seconds in 10 hours, gets you ... 21Kb/sec? Assuming
>every user also sends you that traffic as a smarthost in that
>same time period means you need... 63Kb/sec line?
>
>And you have a 2meg line spec'd currently? :)
>
>This all changes if you need bandwidth for web traffic, of course.
>
>John
--
Marek Narkiewicz, Systems Director WelshDragon ltd
[EMAIL PROTECTED]
02/03/2000 at 11:18:18
>> The original sender and recipient must stay intact, that's the
>> problem!
> Is that really neccessary?
Yes it is ! :-(
> Sure there is. You need two qmail installations for that
> (edit conf-home, and recompile/reinstall).
Must this be so complicated?
Is there perhaps a shell-script that can be called by a .qmail-username file to do
what i need ?
Thanks,
Thomas
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 4 Feb 00, at 12:22, Puck wrote:
> > Is that really neccessary?
>
> Yes it is ! :-(
Why? :-)
> > Sure there is. You need two qmail installations for that
> > (edit conf-home, and recompile/reinstall).
>
> Must this be so complicated?
What makes you think it's complicated? Will take you some 30
minutes to set up :-)
> Is there perhaps a shell-script that can be called by a
> .qmail-username file to do what i need ?
Yes, sure. Write a short script which does connect to port25 on
internal server, and then stuff like
HELO it.is.me
MAIL FROM:<$SENDER>
RCPT TO:<$USER@$HOST>
DATA
now copy stdin to stdout
.
QUIT
and exit 111 if anything breaks or 4xx SMTP answer is given, 100
is 5xx SMTP answer is given, or 0 is everything succeeds.
Why do you think this is not-so-complicated? :-)
Anyway, it can be written in Perl or C or whatever in just 30
minutes as well...
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOJrH01MwP8g7qbw/EQKzxQCcCidt+pmdqyR1Ig4Lrouzx2T0Z00AoK8l
q0DMpQQGe8CO4FZxSNLfmYgE
=webQ
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
Hi !
>> > Is that really neccessary?
>> Yes it is ! :-(
> Why? :-)
Because at this adress there is running a "tobit david mailserver" (windows-nonsene ;)
)
that can only be set up to parse for [EMAIL PROTECTED] (for internal reasons) :-|
> What makes you think it's complicated? Will take you some 30
> minutes to set up :-)
Hm .... i don't know, doesn sound very handy this solution ?
> Yes, sure. Write a short script which does connect to port25 on
> internal server, and then stuff like
> HELO it.is.me
> MAIL FROM:<$SENDER>
> RCPT TO:<$USER@$HOST>
> DATA
> now copy stdin to stdout
> .
> QUIT
> and exit 111 if anything breaks or 4xx SMTP answer is given, 100
> is 5xx SMTP answer is given, or 0 is everything succeeds.
> Why do you think this is not-so-complicated? :-)
> Anyway, it can be written in Perl or C or whatever in just 30
> minutes as well...
Yes, that's what i thought of ... if i would be able to code this :-<
I don't know (anymore) how to c-code and in perl i'm not familar with sockets and so
on :-((
Anyone there who could do this? :-)
Thomas
At 12:43 PM +0100 2/4/00, Puck wrote:
>
>Yes, that's what i thought of ... if i would be able to code this :-<
>I don't know (anymore) how to c-code and in perl i'm not familar
>with sockets and so on :-((
Install libnet, available from CPAN (if you don't know what CPAN is,
you should: http://cpan.perl.org), and you won't have to deal with
sockets and so on. You simply "use Net::SMTP;" and proceed from
there, following the documentation.
>Anyone there who could do this? :-)
>
>Thomas
--
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693
[EMAIL PROTECTED]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 4 Feb 00, at 8:28, Paul Schinder wrote:
> >Yes, that's what i thought of ... if i would be able to code this :-<
> >I don't know (anymore) how to c-code and in perl i'm not familar with
> >sockets and so on :-((
>
> Install libnet, available from CPAN (if you don't know what CPAN is,
> you should: http://cpan.perl.org), and you won't have to deal with
> sockets and so on. You simply "use Net::SMTP;" and proceed from
> there, following the documentation.
What about simply calling qmail-remote from Perl script, and
parsing the result?
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOJriz1MwP8g7qbw/EQIOdQCgu/+iMLbwfwFUVSj/7BRsPvHtyCEAn2qj
408vjGAijfB5Yi//ZMdzyS11
=1pxT
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
Erwin van Kroonenburg wrote:
>
> Hi,
>
> There seems to be something wrong but I can't figure out what.
> I've setup Qmail-1.03, AVP 3.0 Beta 2 and compiled amavis with "configure
> --enable-qmail". I followed the instructions on www.unixzone.com/virus and
> even applied the "error in Kaspersky AVP call" fix. When I try so send an
> email there is a loop and there's no local delivery. What could be wrong?
Well, I'm a little bit confused, because AMaViS 0.2.0-pre6-clm-rl-5
(available at www.unixzone.com/virus) should not need the AVP call bug
fix, because it was already fixed in -pre6-clm-rl. So, are you using the
original AMaViS 0.2.0-pre6 or AMaViS 0.2.0-pre6-clm-rl-5?
Any error or warning messages in the log files?!
Btw, did (local) delivery work, before you used AMaViS?
best regards,
Rainer Link
--
Rainer Link, eMail: [EMAIL PROTECTED], WWW: http://rainer.w3.to/
Student of Communication Engineering/Computer Networking, University of
Applied Sciences,Furtwangen,Germany,http://www.ce.is.fh-furtwangen.de/
Rainer Link wrote:
Just as a follow-up:
Please use *only* AMaViS 0.2.0-pre6-clm-rl-5 with qmail. The official
AMaViS 0.2.0-pre6 has (still) some problems with qmail.
Thanks.
> > There seems to be something wrong but I can't figure out what.
> > I've setup Qmail-1.03, AVP 3.0 Beta 2 and compiled amavis with "configure
> > --enable-qmail". I followed the instructions on www.unixzone.com/virus and
> > even applied the "error in Kaspersky AVP call" fix. When I try so send an
> > email there is a loop and there's no local delivery. What could be wrong?
>
> Well, I'm a little bit confused, because AMaViS 0.2.0-pre6-clm-rl-5
> (available at www.unixzone.com/virus) should not need the AVP call bug
> fix, because it was already fixed in -pre6-clm-rl. So, are you using the
> original AMaViS 0.2.0-pre6 or AMaViS 0.2.0-pre6-clm-rl-5?
best regards,
Rainer Link
--
Rainer Link, eMail: [EMAIL PROTECTED], WWW: http://rainer.w3.to/
Student of Communication Engineering/Computer Networking, University of
Applied Sciences,Furtwangen,Germany,http://www.ce.is.fh-furtwangen.de/
Mullen, Patrick <[EMAIL PROTECTED]> writes:
> Well, after grinding the heck out of my hard drive, I finally found both
> "shell-init" and "could not get current directory" in the same program.
> As should have been expected, they were from /bin/bash (and /bin/sh
> which is only a symbolic link to /bin/bash on RH6.1).
Something is using /bin/sh to run another program. When it does this,
it's doing so with a current directory set to a directory that the
program, given current permissions, can't read. bash is then complaining.
Chances are that somewhere there's a daemon being started from a directory
that, down the line, some other program running with different permissions
can't read. It's usually good to always start daemons with a current
directory of / to avoid this sort of problem.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Hi all,
My isp blocks port 25, I was looking for suggestions to get around this. The
only thing I can come up with is: setting up a relay from an outside box to
another port on my machine. Is this plausible?
Thanks,
Brian
On Fri, Feb 04, 2000 at 07:46:17AM -0500,
Brian R <[EMAIL PROTECTED]> wrote:
>
> My isp blocks port 25, I was looking for suggestions to get around this. The
> only thing I can come up with is: setting up a relay from an outside box to
> another port on my machine. Is this plausible?
I am assuming you mean they are blocking connections to port 25 on your
machine, but not other ports.
You will need to find a host that will act as a relay for you. You need to
get an MX record created that points your domain name to their domain
name. If your ISP is also handling your DNS, this may not work.
You need to have the relay server configured to accept mail for your
domain. It needs to be configured to relay this email to your host on
an alternate port.
You might want to double check that it isn't actually connections to port
25 on remote hosts that is being blocked. Some ISPs are doing this to prevent
spammers from causing them grief. If so, you might be able to get your ISP
to lift the block. If not, you can use an outbound relay similar to the one
above that listens on an alternate port.
if you mean the ISP blocks inbound port 25 connections to your machine: yell
at your ISP. they're being too nazi with their firewall rules. if they
don't open the port find a new ISP. this is assuming, btw, that you have a
static IP. if you don't, you really have no reason to complain, cuz people
won't be able to send you mail easily anyway.
if you mean the ISP blocks outbound port 25 connections from your machine to
arbitrary internet hosts: as bruno mentioned, some ISPs (such as my company)
block these connections to control spam. it's much easier to figure out who
the spammer is if they have to relay through your server. we simply require
our customers to relay through our mail servers. we don't have any
restrictions on relay from our dialups, though; customers can use any
address they want and send anywhere.
some customers have complained about security or similar - "i don't want to
send my confidential mail through your server." they neglect, of course,
the fact that we own the network in between, so if we really wanted to
sniff, merely avoiding one mail server isn't gonna help. most people smack
their foreheads when they realize that, and so then i tell them about PGP or
something similar. usually it tends to be just one remote server they need
to hit, and so if they REALLY want to, i tell them to open up a high port on
the remote server for smtp.
in any case, your ISP should at least let you relay through their servers
using any address(es) if they block your outbound connects. if they won't
even do that, i'd just find a new ISP.
shag
----- Original Message -----
From: Bruno Wolff III <[EMAIL PROTECTED]>
To: Brian R <[EMAIL PROTECTED]>
Cc: Qmail List <[EMAIL PROTECTED]>
Sent: Fri 4 Feb 2000 11.04
Subject: Re: workaround for port 25 block?
On Fri, Feb 04, 2000 at 07:46:17AM -0500,
Brian R <[EMAIL PROTECTED]> wrote:
>
> My isp blocks port 25, I was looking for suggestions to get around this.
The
> only thing I can come up with is: setting up a relay from an outside box
to
> another port on my machine. Is this plausible?
I am assuming you mean they are blocking connections to port 25 on your
machine, but not other ports.
You will need to find a host that will act as a relay for you. You need to
get an MX record created that points your domain name to their domain
name. If your ISP is also handling your DNS, this may not work.
You need to have the relay server configured to accept mail for your
domain. It needs to be configured to relay this email to your host on
an alternate port.
You might want to double check that it isn't actually connections to port
25 on remote hosts that is being blocked. Some ISPs are doing this to
prevent
spammers from causing them grief. If so, you might be able to get your ISP
to lift the block. If not, you can use an outbound relay similar to the one
above that listens on an alternate port.
Quoting Racer X ([EMAIL PROTECTED]):
> if you mean the ISP blocks inbound port 25 connections to your machine: yell
> at your ISP. they're being too nazi with their firewall rules. if they
> don't open the port find a new ISP. this is assuming, btw, that you have a
The reason they took this draconian measure was to protect the rest of
us from their customers. Hundreds, if not thousands, of their
customers are running proxies and mail servers with little or no
security. The vast majority of these proxies and relays were allowing
mail relaying and proxied usenet posting (proxy everything, for that
matter). Very nasty. They were facing UDP and probably other
sanctions. @home: scourge of the internet.
Aaron
Quoting Aaron L. Meehan ([EMAIL PROTECTED]):
> sanctions. @home: scourge of the internet.
Bleh, of course we're talking about road runner! I get all these mega
cable co's confused, I guess.
Perhaps they learned from @home's problems and took proactive measures.
Aaron
We are presently Qmail 1.03. We added a virtual domain. To route the mail
to the virtual domain users, we had to add an alias for each user. We're
actually routing the mail for that domain to a specific mail server. Is
there a way to route that email w/o adding an alias for each emember of that
domain.
Thanks.
Ralph Hubbard
Systems Engineer
Sarcom INC.
8337-A Green Meadows Dr. N
Lewis Center, OH 43035
(614) 854-1918
(614) 854-1590 FAX
On Fri, Feb 04, 2000 at 08:39:01AM -0500, [EMAIL PROTECTED] wrote:
Set up an entry in virtualdomains like
vdomain.foo:alias-virtual-vdomain
Every mail to [EMAIL PROTECTED] would be redirected to the local
[EMAIL PROTECTED]
Set up an ~alias/.qmail-virtual-vdomain-default that contains
|/var/qmail/bin/forward `echo $LOCAL | cut -f 4- -d "-"`
That cuts the first three parts of alias-virtual-vdomain-user revealing the
real username. Look into dot-qmail(5) for explanations of the
Enverinmoentvariables.
Greetings
--
Robert Sander www.gurubert.de
On Fri, Feb 04, 2000 at 03:01:11PM -0000, Petr Novotny wrote:
> > Set up an ~alias/.qmail-virtual-vdomain-default that contains
> >
> > |/var/qmail/bin/forward `echo $LOCAL | cut -f 4- -d "-"`
> >
> > That cuts the first three parts of alias-virtual-vdomain-user
> > revealing the real username.
>
> $DEFAULT would do just fine.
But is $DEFAULT not the complete address [EMAIL PROTECTED], or am I missing
something here, is it just the user-part?
BTW: the man page is qmail-command(8)
Greetings
--
Robert Sander www.gurubert.de
On Fri, Feb 04, 2000 at 04:40:34PM +0100, Robert Sander wrote:
> On Fri, Feb 04, 2000 at 03:01:11PM -0000, Petr Novotny wrote:
>
> > > Set up an ~alias/.qmail-virtual-vdomain-default that contains
> > >
> > > |/var/qmail/bin/forward `echo $LOCAL | cut -f 4- -d "-"`
> > >
> > > That cuts the first three parts of alias-virtual-vdomain-user
> > > revealing the real username.
> >
> > $DEFAULT would do just fine.
>
> But is $DEFAULT not the complete address [EMAIL PROTECTED], or am I missing
> something here, is it just the user-part?
Mail to [EMAIL PROTECTED] is delivered locally as virtual-vdomain-user. If that
ends up being handled by ~alias/.qmail-virtual-vdomain-default, then $DEFAULT
is user, i.e. the address with virtual-vdomain stripped off. If the address
wound up being handled by .qmail-virtual-default, then $DEFAULT would have been
vdomain-user. It's the portion of the address that matches the -default part of
the .qmail-... file.
Chris
On Fri, Feb 04, 2000 at 11:02:09AM -0500, Chris Johnson wrote:
> Mail to [EMAIL PROTECTED] is delivered locally as virtual-vdomain-user. If that
> ends up being handled by ~alias/.qmail-virtual-vdomain-default, then $DEFAULT
> is user, i.e. the address with virtual-vdomain stripped off. If the address
> wound up being handled by .qmail-virtual-default, then $DEFAULT would have been
> vdomain-user. It's the portion of the address that matches the -default part of
> the .qmail-... file.
I see, I just thought -default matches the complete [EMAIL PROTECTED] part.
Then it is very (and more performant) in .qmail-virtual-vdomain-default:
|/usr/bin/forward $DEFAULT
should do it.
Greetings
--
Robert Sander www.gurubert.de
On Fri, Feb 04, 2000 at 05:05:21PM +0100, Robert Sander wrote:
> On Fri, Feb 04, 2000 at 11:02:09AM -0500, Chris Johnson wrote:
> > Mail to [EMAIL PROTECTED] is delivered locally as virtual-vdomain-user. If that
> > ends up being handled by ~alias/.qmail-virtual-vdomain-default, then $DEFAULT
> > is user, i.e. the address with virtual-vdomain stripped off. If the address
> > wound up being handled by .qmail-virtual-default, then $DEFAULT would have been
> > vdomain-user. It's the portion of the address that matches the -default part of
> > the .qmail-... file.
>
> I see, I just thought -default matches the complete [EMAIL PROTECTED] part.
>
> Then it is very (and more performant) in .qmail-virtual-vdomain-default:
>
> |/usr/bin/forward $DEFAULT
>
> should do it.
That'll deliver the mail locally. If you want to do that, just make it a local
domain. I don't think that's what you want to do.
If all mail for this domain is to be sent off to some other server, just list
the domain in rcpthosts, remove it from locals and virtualdomains, and put:
vdomain.foo:mailserver.for.vdomain.foo
in control/smtproutes. Unless I misunderstand your original question, this is
all you need to do.
Chris
On Fri, Feb 04, 2000 at 11:12:59AM -0500, Chris Johnson wrote:
> > Then it is very (and more performant) in .qmail-virtual-vdomain-default:
> > |/usr/bin/forward $DEFAULT
> > should do it.
>
> That'll deliver the mail locally. If you want to do that, just make it a local
> domain. I don't think that's what you want to do.
>
> If all mail for this domain is to be sent off to some other server, just list
> the domain in rcpthosts, remove it from locals and virtualdomains, and put:
>
> vdomain.foo:mailserver.for.vdomain.foo
>
> in control/smtproutes. Unless I misunderstand your original question, this is
> all you need to do.
It was not my original question. But the thread was useful to me because I
have a setup with a mailserver handling several domains and every user is a
local one. I have set up virtualdomains in the described way to handle them.
But $DEFAULT would just do it, too.
Greetings
--
Robert Sander www.gurubert.de
>[EMAIL PROTECTED] writes:
> > Why require two separate fsync() calls when one
> > will do?
>
>Because it's faster to only do the one. What is the point of spending
>10% of your disk throughput taking steps to prevent something that
>never happens?
"never happens" != "can't happen". My impression is that qmail users
are more interested in the latter claim than in the former. ;-/
> > Further, what is the point if the first fsync() call
> > is useless without the second, and vice versa?
>
>Because the ext2 filesystem has the ability to rebuild the file from
>the data.
I've been assuming something throughout this interchange, and
would like some confirmation.
Russ, is it your contention that if a program reliably fsync()'s
a *file* it is writing, and if the OS/filesystem/etc. isn't buggy,
that there exists no window of time during which a crash will lose
that file *or* data such that neither of the following will be
true following a reboot running fsck:
- The file and its data will appear at the appropriate inode
and in the appropriate directory
- The file and its data will appear at the appropriate inode
and in /lost+found
Reason I ask is, I can certainly see the utility of making sure file
*contents* aren't lost as distinct from ensuring the file's name's
*directory entry* isn't lost. If the former is needed but not the
latter, and if the file contents offer enough info for a human or
program to move it back to where it belongs (and do whatever relevant
cleanup is needed)...
...then I agree that there's a performance benefit available, at least
in theory, to programs that don't need to fsync() the parent directory
of a file, as long as that isn't *implicit* when fsync()'ing the file
itself.
Now, if the data's still intact but the file doesn't necessarily show
up anywhere on the file system, e.g. in /lost+found, the question is,
can that data be overwritten during system operation prior to a search-
and-rescue mission being undertaken? If so, then the data isn't really
intact. Again, this might "never happen", but it surely *can* happen
that fsync()'ing a file isn't enough to ensure that its data is intact
for long enough after a crash/power-off to reliably restore it to its
proper position in the filesystem.
tq vm, (burley)
P.S. Apologies to those who think I should say "Now, if the data're still
intact...". I usually stick with the singular form in casual
correspondence. I've used the plural in technical writing, but have
also seen persuasive explanations of why I shouldn't. ;-\
[EMAIL PROTECTED] writes:
> >[EMAIL PROTECTED] writes:
> > > Why require two separate fsync() calls when one
> > > will do?
> >
> >Because it's faster to only do the one. What is the point of spending
> >10% of your disk throughput taking steps to prevent something that
> >never happens?
>
> "never happens" != "can't happen". My impression is that qmail users
> are more interested in the latter claim than in the former. ;-/
Life is full of risks, Craig. On an active mail server, a crash might
cause one out of a billion email messages to be lost (assuming a crash
ten times per year, a 1/30 chance of losing a file in each crash, and
a million messages a day). That's 99.9999999% reliability, and those
estimates are WAY out of line with my real-world experience. My Linux
server never *ever* crashed until it's CPU fan died -- not unless you
count the various times my cheezy colocation site lost power.
Worry about significant risks in your life, like getting hit by a car.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | "Ask not what your country
521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
[EMAIL PROTECTED] <[EMAIL PROTECTED]> writes on 3 February 2000 at 22:49:15 -0600
>
> On Thu, 3 Feb 2000 23:15:41 -0500 (EST) , Russell Nelson writes:
> > [EMAIL PROTECTED] writes:
> > > What use is syncing the data to disk, if you can't
> > > get to it after a crash? It might as well have just
> > > stayed in cache otherwise....
> >
> > fsync the data if you want the data on disk.
> > fsync the directory if you want the metadata on disk.
> >
> > What's complicated or difficult about that?
>
> It's not difficult -- just overly complicated, compared
> to the standard
>
> - fsync the file if you want the file on disk
>
> Why require two separate fsync() calls when one
> will do?
>
> Further, what is the point if the first fsync() call
> is useless without the second, and vice versa?
>
> (If the data is on disk, but the on-disk metadata is
> not sufficient to locate it, then the data is, for
> all practical purpose, useless.)
True; but if you're modifying existing files, the directory data to
locate it is already safely on disk; only the timestamp might be
wrong. This isn't the qmail situation, but it's an important real
situation, and suggests a reason why it makes sense to to separate
file sync and directory sync. Maybe.
--
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]
On Fri, Feb 04, 2000 at 10:43:37AM -0600,
David Dyer-Bennet <[EMAIL PROTECTED]> wrote:
> True; but if you're modifying existing files, the directory data to
> locate it is already safely on disk; only the timestamp might be
> wrong. This isn't the qmail situation, but it's an important real
> situation, and suggests a reason why it makes sense to to separate
> file sync and directory sync. Maybe.
Another situation is when dealing with several files in the same directory.
You need to fsync each file, but you only need to fsync the directory once.
Bruno Wolff III wrote:
>
> On Fri, Feb 04, 2000 at 10:43:37AM -0600,
> David Dyer-Bennet <[EMAIL PROTECTED]> wrote:
> > True; but if you're modifying existing files, the directory data to
> > locate it is already safely on disk; only the timestamp might be
> > wrong. This isn't the qmail situation, but it's an important real
> > situation, and suggests a reason why it makes sense to to separate
> > file sync and directory sync. Maybe.
>
> Another situation is when dealing with several files in the same directory.
> You need to fsync each file, but you only need to fsync the directory once.
And how does this help you with qmail?
--
Andre
I am wondering if this ruling is available online ?
The reason in I ask is that in the deCSS case the judge has stated that
software is NOT speech, If memory serves me correct, the judge in Dan's case
stated that software IS speech.
Thanks for any help !
Matt Soffen
Applications Developer
http://www.iso-ne.com/
==============================================
Boss - "My boss says we need some eunuch programmers."
Dilbert - "I think he means UNIX and I already know UNIX."
Boss - "Well, if the company nurse comes by, tell her I said
never mind."
- Dilbert -
==============================================
If you read what the Judge said in the DeCSS case in New York, he
stated that the courts are not clear on this issue. He sited
the Bernstein case as "it is speech" and cited some other cases
as "it is not speech".
Ken Jones
"Soffen, Matthew" wrote:
>
> I am wondering if this ruling is available online ?
>
> The reason in I ask is that in the deCSS case the judge has stated that
> software is NOT speech, If memory serves me correct, the judge in Dan's case
> stated that software IS speech.
>
> Thanks for any help !
>
> Matt Soffen
> Applications Developer
> http://www.iso-ne.com/
> ==============================================
> Boss - "My boss says we need some eunuch programmers."
> Dilbert - "I think he means UNIX and I already know UNIX."
> Boss - "Well, if the company nurse comes by, tell her I said
> never mind."
> - Dilbert -
> ==============================================
*confused look*
Strange, either something IS speech, or it isn't (in my opinion anyways)..
This is going to be one HELL of a legal precedent setting case if the deCSS
defendants can't present more evidence in their favor.
Matt
> -----Original Message-----
> From: iv0 [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, February 04, 2000 10:35 AM
> To: Soffen, Matthew
> Cc: [EMAIL PROTECTED]
> Subject: Re: Off Topic: Bernstein vs. US DOJ Text of ruling
>
>
> If you read what the Judge said in the DeCSS case in New York, he
> stated that the courts are not clear on this issue. He sited
> the Bernstein case as "it is speech" and cited some other cases
> as "it is not speech".
>
> Ken Jones
>
> "Soffen, Matthew" wrote:
> >
> > I am wondering if this ruling is available online ?
> >
> > The reason in I ask is that in the deCSS case the judge has stated that
> > software is NOT speech, If memory serves me correct, the judge in Dan's
> case
> > stated that software IS speech.
> >
> > Thanks for any help !
> >
> > Matt Soffen
> > Applications Developer
> > http://www.iso-ne.com/
> > ==============================================
> > Boss - "My boss says we need some eunuch programmers."
> > Dilbert - "I think he means UNIX and I already know UNIX."
> > Boss - "Well, if the company nurse comes by, tell her I said
> > never mind."
> > - Dilbert -
> > ==============================================
On Fri, Feb 04, 2000 at 05:10:01PM +0900, Kristina wrote:
> I want to configure qmail-local to deliver mail to /var/spool/mail.
> The /usr/share/man/cat5/dot-qmail.0 file tells you how to write a
> .qmail file to change delivery, however its too difficult for me to comprehe
> nd.
>
> Can someone help me here?
> Thanks in advance,
> Kristina
>
> P.S I do not want to use /bin/mail or procmail for /var/spool/mail delivery.
> I want to use qmail-local.
"I would like to cut down the mightiest tree in the forest.
P.S. I do not want to use an axe or a chainsaw. I want to use a herring."
Sorry in advance, but that's what your question sounds like. I don't think
qmail-local can do this because /var/spool/mail/$USER is not a good thing,
in many people's opinion. Delivery to vsm is only supported by third-party
apps, like procmail, as far as I know. Right tool for the right job, and all
that...
/pg
--
Peter Green
Gospel Communications Network, SysAdmin
[EMAIL PROTECTED]
I agree, I used to deliver to /var/spool/mail/$USER but I am happy to say I
do no longer.
The only way I was able to do it was to use procmail and fastforward for my
aliases.
I cant remember the syntax exactly but you need a .qmail-default to call
procmail from.
Its ugly, unreliable, and a security risk. Why would you not use qmail in
the way it was intended?
just my .02
-----Original Message-----
From: Peter Green [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 04, 2000 10:32 AM
To: Kristina
Cc: [EMAIL PROTECTED]
Subject: Re: /var/spool/mail delivery using a dot-qmail file
On Fri, Feb 04, 2000 at 05:10:01PM +0900, Kristina wrote:
> I want to configure qmail-local to deliver mail to /var/spool/mail.
> The /usr/share/man/cat5/dot-qmail.0 file tells you how to write a
> .qmail file to change delivery, however its too difficult for me to
comprehe
> nd.
>
> Can someone help me here?
> Thanks in advance,
> Kristina
>
> P.S I do not want to use /bin/mail or procmail for /var/spool/mail
delivery.
> I want to use qmail-local.
"I would like to cut down the mightiest tree in the forest.
P.S. I do not want to use an axe or a chainsaw. I want to use a herring."
Sorry in advance, but that's what your question sounds like. I don't think
qmail-local can do this because /var/spool/mail/$USER is not a good thing,
in many people's opinion. Delivery to vsm is only supported by third-party
apps, like procmail, as far as I know. Right tool for the right job, and all
that...
/pg
--
Peter Green
Gospel Communications Network, SysAdmin
[EMAIL PROTECTED]
if you need to actually STORE the mail spool under /var/spool/mail/*, then
yes, you need procmail or similar. however, if you just need to fool stupid
lusers/mail clients, you can deliver to the homedir and have a symlink from
/var/spool/mail/user -> ~user/Mailbox.
of course, mbox delivery has its own problems, which are well known to this
list :)
shag
----- Original Message -----
From: Tim Hunter <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Fri 4 Feb 2000 7.37
Subject: RE: /var/spool/mail delivery using a dot-qmail file
I agree, I used to deliver to /var/spool/mail/$USER but I am happy to say I
do no longer.
The only way I was able to do it was to use procmail and fastforward for my
aliases.
I cant remember the syntax exactly but you need a .qmail-default to call
procmail from.
Its ugly, unreliable, and a security risk. Why would you not use qmail in
the way it was intended?
just my .02
-----Original Message-----
From: Peter Green [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 04, 2000 10:32 AM
To: Kristina
Cc: [EMAIL PROTECTED]
Subject: Re: /var/spool/mail delivery using a dot-qmail file
On Fri, Feb 04, 2000 at 05:10:01PM +0900, Kristina wrote:
> I want to configure qmail-local to deliver mail to /var/spool/mail.
> The /usr/share/man/cat5/dot-qmail.0 file tells you how to write a
> .qmail file to change delivery, however its too difficult for me to
comprehe
> nd.
>
> Can someone help me here?
> Thanks in advance,
> Kristina
>
> P.S I do not want to use /bin/mail or procmail for /var/spool/mail
delivery.
> I want to use qmail-local.
"I would like to cut down the mightiest tree in the forest.
P.S. I do not want to use an axe or a chainsaw. I want to use a herring."
Sorry in advance, but that's what your question sounds like. I don't think
qmail-local can do this because /var/spool/mail/$USER is not a good thing,
in many people's opinion. Delivery to vsm is only supported by third-party
apps, like procmail, as far as I know. Right tool for the right job, and all
that...
/pg
--
Peter Green
Gospel Communications Network, SysAdmin
[EMAIL PROTECTED]
We are an ISP and whenever our dialup customer send an attachment
over 500K it returns with the error "SMPT timed out".
Thanks for all the suggestions to find a solution.
Shakaib
On Fri, Feb 04, 2000 at 11:39:00AM -0500, Shakaib Sayyid wrote:
> We are an ISP and whenever our dialup customer send an attachment
> over 500K it returns with the error "SMPT timed out".
>
> Thanks for all the suggestions to find a solution.
first: look into the ISPs mail server log files.
second: look into the customers log files.
third: if none of the above helps you should try to reproduce the
problem in a way which allows you to see what's going on. This includes
sending large mail from somewhere else to see if that works, and to
send a large mail from the customer to some other mail server. Both
together might help to find the cause of the problem.
fourth: did you set $DATABYTES?
Regards, Uwe
Hello,
I am trying to configure qmail so that I may send mail from our domain to
any other domain. Does this require an empty RCPTHOSTS
file? I currently have .mydomain.com in out rcpthosts file as well as
127.0.0.1. When telnetting to port 25 and typing Rcpt To: [EMAIL PROTECTED] I
am given the message: 553 sorry, that domain isn't in my list of allowed
rcpthosts (#5.7.1) which of course makes sense. I need to configure qmail
so that we may sendmail from our machine to any other domain yet make sure
that is will not relay form spammers etc. Can someone elaborate on the
proper entries in to control files? Thanks in advance.
Clifford Thurber
Web Systems Administrator
LiveUniverse.com
[EMAIL PROTECTED]
565 5th Ave. 29th Fl.
New York, NY 10017
Ph:212 883 6940 (131)
Fax:212 856 9134
On Fri, Feb 04, 2000 at 01:03:00PM -0500, clifford thurber wrote:
> I am trying to configure qmail so that I may send mail from our domain to any
> other domain. Does this require an empty RCPTHOSTS file? I currently have
> .mydomain.com in out rcpthosts file as well as 127.0.0.1. When telnetting to
> port 25 and typing Rcpt To: [EMAIL PROTECTED] I am given the message: 553 sorry,
> that domain isn't in my list of allowed rcpthosts (#5.7.1) which of course
> makes sense. I need to configure qmail so that we may sendmail from our
> machine to any other domain yet make sure that is will not relay form
> spammers etc. Can someone elaborate on the proper entries in to control
> files? Thanks in advance.
http://www.palomine.net/qmail/selectiverelay.html
Chris
clifford thurber <[EMAIL PROTECTED]> wrote:
>I am trying to configure qmail so that I may send mail from our domain to
>any other domain. Does this require an empty RCPTHOSTS
>file?
No.
>Can someone elaborate on the
>proper entries in to control files? Thanks in advance.
See:
http://Web.InfoAve.Net/~dsill/lwq.html#relaying
-Dave
I need to configure several e-mail boxes
with autoresponders something like this...
info@domain (responds with message "Thank
you blah, blah, blah", and forwards the e-mail to
"inside-info@domain").
How do I configure this on my newly
configured qmail system (I have never used qmail before).
I started looking at Vacation (when I was
still running sendmail), but it had a crevat about looping e-mails for permanent
autoreplies (it wanted a time limit). Is there something better that I should be
using?
Thanks in advance
"Max" <[EMAIL PROTECTED]> wrote:
>I need to configure several e-mail boxes with autoresponders
>something like this...
>
>info@domain (responds with message "Thank you blah, blah, blah", and
>forwards the e-mail to "inside-info@domain").
There's a qmail vacation program. See www.qmail.org.
-Dave
I would just like to take a quick second to
thank the following people for all of their help installing and configuring my
qmail box.
Dave Sill, Chris Johnson, Patrick Mullen,
and Petr Movotny thank you all very much!
"Chris Burton" <[EMAIL PROTECTED]> wrote:
>how do i unsubscribe from this list
See:
http://Web.InfoAve.Net/~dsill/lwq.html#mailing-lists
-Dave
Roland Pelzer wrote:
> -----Ursprngliche Nachricht-----
> Von: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
> An: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
> Datum: Mittwoch, 2. Februar 2000 22:10
> Betreff: virus scanning & lotus
>
> >Hi everyone.
> >
> >question:
> >
> >I mentioned that there is open source virus scanning software for email to
> >my manager, he responded who updates the signature files? I didn't have an
> >answer.
> >
> >I did some searching in the archives and haven't found anything yet. I
> >thought there was quite a discussion about a virus scanner for qmail
> >several months ago on this list. But now I'm wondering if I may have spoken
> >to soon. Was I wrong about this? If I was not wrong then who does update
> >these files or how does one go about getting updates?
> >
> >We use lotus on NT. I know, I know... I'm trying to build up a argument for
> >integrating more open source. What are the pros and cons of qmail vs.
> >lotus in an NT house?
>
> In our company we are using both qmail and Notes (on NT). qmail checks all
> mail for viruses and handles relay/spam-control and some further stuff, then
> it forwards the mail using smtproutes to our Notes server. Works very well
> for our purposes.
What tools are used to check mail for viruses.
I have to setup virusscanning with qmail.
greetings,
marco leeflang
Marco Leeflang wrote:
[cut]
> What tools are used to check mail for viruses.
> I have to setup virusscanning with qmail.
Well, what about reading the archive?! :-) This question is getting
boring ;-)
Step 1: get one or more virus scanners, for Linux see Mini-FAQ
"antivirus software for Linux" at http://av-linux.w3.to
Step 2: get AMaViS 0.2.0-pre6-clm-rl-5 at http://www.unixzone.com/virus,
or scan4virus or inflex to name also some competitors :-) (do a search
at freshmeat for them) - follow the instructions on the homepage and/or
INSTALL + README file.
Step 3: test your installation with the eicar test file virus
Step 4: keep your antivirus software up-to-date
HTH
best regards,
Rainer Link
--
Rainer Link, eMail: [EMAIL PROTECTED], WWW: http://rainer.w3.to/
Student of Communication Engineering/Computer Networking, University of
Applied Sciences,Furtwangen,Germany,http://www.ce.is.fh-furtwangen.de/
For some strange reason, the qmail daemon on my machine would just die.
Is there a way I could keep track of what happened?
There's no trace of it under /var/log/qmail, /var/adm/messages.
It didn't produce any core file...
Pls. help...tnx
-Andrew
Note: I haven't set this up yet. I need to figure how doable it is before I
start.
I want to set up a high-uptime qmail server for all our inbound
([EMAIL PROTECTED]) mail, and to send out machine generated email. Our
employees, however, are going to be on an exchange server. I have no choice
in that. And it's VERY desirable to keep user administration on exchange,
which means I'd rather that qmail and exchange not have to trade directory
information. If they did, it'd need to be very automatic.
So I'm thinking, install qmail, and tell it "If you get inbound mail to
[EMAIL PROTECTED], and it's not local, kick it to the exchange server."
The exchange server then takes it and delivers to its local user.
Okay, so what if an exchange user needs to send mail to a mailbox local to
the qmail server? Well, I could tell exchange "If you don't know this
address, kick it to the qmail box."
But then if exchange doesn't know it, and it's not local for qmail, qmail
will want to send it back. And if I read the docs right, then postmaster is
going to get it.
Can anyone think of a way to work this? I imagine someone's already done
something similar. Or *is* there a good way for exchange to trade directory
info with qmail so qmail can route by address?
Sorry if this has been asked before...
Sean
ok to answer the numerous questions:
My isp is Time-Warner (roadrunner), they block incoming only. I am assuming
this is to avoid the problems that @home has(had) with open mail relays and
spamming, though i could be wrong. Yes, they do offer to open it for an
additional cost. Unfortunately, for the same service i recieve now, it is
almost 20 times more. Sorry, but that is too rich for my blood. This isn't
for business, it is only for educational purposes. I do my own DNS through
dhs.org, so I dont have to deal with my isp for that.
the outside box , would be a friend doing me a favor so i thought a relay to
a different port would be the most unobtrusive.(minimal resources used) I
would then set his machine as my MX record in my DNS. And automagically i
would begin being able to send and recieve mail.
After reading several documents on relaying, i never saw anything about
relaying to another port. So i wondered if it was possible to do with QMail.
On the same note, is their anything special that needs to be done to QMail
for it to listen on a non-standard port. (besides changing /etc/services)
anyways. i hope that clears it up a bit. as far my AUP, well like i said, i
am only doing this so I can learn. 15 or 20 emails, consisting of "this is a
test", shouldn't offend them too much.
thanks
Brian
On Fri, Feb 04, 2000 at 05:51:16PM -0500, Brian R wrote:
> My isp is Time-Warner (roadrunner), they block incoming only. I am assuming
> this is to avoid the problems that @home has(had) with open mail relays and
> spamming, though i could be wrong. Yes, they do offer to open it for an
> additional cost. Unfortunately, for the same service i recieve now, it is
> almost 20 times more. Sorry, but that is too rich for my blood. This isn't
> for business, it is only for educational purposes. I do my own DNS through
> dhs.org, so I dont have to deal with my isp for that.
>
> the outside box , would be a friend doing me a favor so i thought a relay to
> a different port would be the most unobtrusive.(minimal resources used) I
> would then set his machine as my MX record in my DNS. And automagically i
> would begin being able to send and recieve mail.
>
> After reading several documents on relaying, i never saw anything about
> relaying to another port. So i wondered if it was possible to do with QMail.
> On the same note, is their anything special that needs to be done to QMail
> for it to listen on a non-standard port. (besides changing /etc/services)
On your friend's box, he should list your domain in rcpthosts, but not in
locals or virtualdomains. In smtproutes, he should put (for example):
yourdomain.com:yourbox.com:26
This makes his box send any @yourdomain.com mail to yourbox.com on port 26.
You'd have an instance of tcpserver/qmail-smtpd listening on port 26 (just
replace smtp with 26 in your tcpserver incantation). Configure your computer
normally for incoming mail for that domain (rcpthosts and locals or
virtualdomains), and you're all set.
Chris
Director tecnico del Nodo Nicarao -- Juan Navas wrote:
>
> Hi,
>
> I was wondering if any of you know of any qmail feature that allows
> restrict E-Mail checking at a specific time of the day
>
> Juan Navas
> System Administrator
> Managua, Nicaragua
The general solution to this kind of thing is to hack and add, if
not already available, a feature by which the behavior you want to
modify is controllable by a configuration file, and then to write
two scripts to modify the configuration file for on and off, and
invoke the scripts from the crontab.
Don't know what you mean by "E-Mail checking" so can't be any more
specific.
___________________________________________________________________
David Nicol 816.235.1187 [EMAIL PROTECTED]
I would vote for a Trump/Hightower reform ticket
Hi,
I was checking my qmail queue (with ./qmail-qread) and I found a lot of :
.
.
done remote [EMAIL PROTECTED]
doen remote "
done remote "
done remote "
done remote "
done remote "
.
.
Can you tell me what documentation should I read in order to clean all
these "done remote"?
Juan Navas
Nicarao Node
I'm still having problems setting up a pop account without a system
account.Everything has been ok so far. I can send mails from anywhere and
qmail redirect everyone to the non system pop account test mailbox
(./qmail/popboxes/domain-com/test).But when I try to check these mails the
system tells me that the password is incorrect for the user test (I use
the password testpw -- DmIMm9e5Hc8ic).
.
.
# telnet mailhost 110
Trying mailhost...
Connected to mailhost.
Escape character is '^]'.
+OK QPOP (version 2.53) at mailhost starting.
USER test
+OK Password required for test.
PASS testpw
-ERR Password supplied for "test" is incorrect.
+OK Pop server at mailhost signing off.
Connection closed by foreign host.
#
.
.
It seems to me that qpop doesn't recognize the password file (poppasswd)
that is located on ./qmail/users
**** poppasswd ****
testid:DmIMm9e5Hc8ic:popuser:./qmail/popboxes/domain-com/test
**** poppasswd ****
popuser is a valid system account with a proper group and user ID.
Here's what I have on ./qmail/users/assign
=domian-com-test:popuser:888:888:./qmail/popboxes/domain-com/test:::
.
Should I run an additional daemon ir order to make this password file
valid for qpop? I did believe that only qpop was necessary.
Did you run qmail-newu?
JES
Director tecnico del Nodo Nicarao -- Juan Navas wrote:
> I'm still having problems setting up a pop account without a system
> account.Everything has been ok so far. I can send mails from anywhere and
> qmail redirect everyone to the non system pop account test mailbox
> (./qmail/popboxes/domain-com/test).But when I try to check these mails the
> system tells me that the password is incorrect for the user test (I use
> the password testpw -- DmIMm9e5Hc8ic).
>
> .
> .
> # telnet mailhost 110
> Trying mailhost...
> Connected to mailhost.
> Escape character is '^]'.
> +OK QPOP (version 2.53) at mailhost starting.
> USER test
> +OK Password required for test.
> PASS testpw
> -ERR Password supplied for "test" is incorrect.
> +OK Pop server at mailhost signing off.
> Connection closed by foreign host.
> #
> .
> .
>
> It seems to me that qpop doesn't recognize the password file (poppasswd)
> that is located on ./qmail/users
>
> **** poppasswd ****
> testid:DmIMm9e5Hc8ic:popuser:./qmail/popboxes/domain-com/test
> **** poppasswd ****
>
> popuser is a valid system account with a proper group and user ID.
>
> Here's what I have on ./qmail/users/assign
>
> =domian-com-test:popuser:888:888:./qmail/popboxes/domain-com/test:::
> .
>
> Should I run an additional daemon ir order to make this password file
> valid for qpop? I did believe that only qpop was necessary.
On Fri, Feb 04, 2000 at 06:39:10PM -0600, Director tecnico del Nodo Nicarao -- Juan
Navas wrote:
> I'm still having problems setting up a pop account without a system
> account.Everything has been ok so far. I can send mails from anywhere and
> qmail redirect everyone to the non system pop account test mailbox
> (./qmail/popboxes/domain-com/test).But when I try to check these mails the
> system tells me that the password is incorrect for the user test (I use
> the password testpw -- DmIMm9e5Hc8ic).
>
> .
> .
> # telnet mailhost 110
> Trying mailhost...
> Connected to mailhost.
> Escape character is '^]'.
> +OK QPOP (version 2.53) at mailhost starting.
> USER test
> +OK Password required for test.
> PASS testpw
> -ERR Password supplied for "test" is incorrect.
> +OK Pop server at mailhost signing off.
> Connection closed by foreign host.
> #
> .
> .
>
> It seems to me that qpop doesn't recognize the password file (poppasswd)
> that is located on ./qmail/users
No, it doesn't. qpopper is not a part of qmail, and even if you were using
qmail-pop3d you'd need a special version of checkpassword for it to recognize
non-system accounts with an external POP database.
> **** poppasswd ****
> testid:DmIMm9e5Hc8ic:popuser:./qmail/popboxes/domain-com/test
> **** poppasswd ****
This means absolutely nothing to qpopper.
> popuser is a valid system account with a proper group and user ID.
>
>
> Here's what I have on ./qmail/users/assign
>
>
> =domian-com-test:popuser:888:888:./qmail/popboxes/domain-com/test:::
> .
>
> Should I run an additional daemon ir order to make this password file
> valid for qpop? I did believe that only qpop was necessary.
You can't use qpopper with a non-system user database (unless you get in there
and hack it). You're going to need qmail-pop3d, and you're going to have to use
maildir-format mailboxes. You're also going to have to use a custom
checkpassword. The one at http://www.palomine.net/qmail/checkcdb.tar.gz will
work with the poppasswd database you're trying to use.
Chris
Hi all!
I found my qmail server has been hanging time to time. At hang situatin, it
receives mail from any smtp client but does not delever it to destination.
All mails are queued. I have to restart the machine to get life working.
qmail works nice for 2/3 days and suddenly hangs again. Even if I kill
qmail-send and restart it again (of give kill -ALRM `pidof qmail-send`), it
doesnt work properly.
Any help please?
Sifat.
On Wed, Jan 05, 2000 at 06:53:37PM +0100, Carles Latorre wrote:
> LEAVE
No, I think I'll stay ;)
Greetz, Peter.
--
Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder
|
| 'C makes it easy to shoot yourself in the foot;
| C++ makes it harder, but when you do it blows your whole leg off.'
| Bjarne Stroustrup, Inventor of C++
On Mon, Jan 31, 2000 at 04:19:21PM -0500, Russell Nelson wrote:
> Charles Leeds writes:
> > We were audited and one of the findings was that our qmail server allowed
> > addresses with the pipe symbol in them, which was reported in our audit as a
> > bad practice.
>
> Sounds like a good time to pick new auditors.
I wholeheartedly agree. They stink. Really.
Greetz, Peter.
--
Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder
|
| 'C makes it easy to shoot yourself in the foot;
| C++ makes it harder, but when you do it blows your whole leg off.'
| Bjarne Stroustrup, Inventor of C++
