qmail Digest 5 Jul 2000 10:00:01 -0000 Issue 1053
Topics (messages 44154 through 44190):
Re: qmail returns failure notices when local2remote
44154 by: Karl Voit
44174 by: wolfgang zeikat
mail flood
44155 by: KUDLAC Tomas
Re: tcprules, rcpthost, ip address problem
44156 by: ertan payci
44158 by: Giuliano Cocchi
44159 by: Ricardo Cerqueira
44160 by: Ricardo Cerqueira
Re: limit to RCPT TO
44157 by: Ricardo Cerqueira
Re: My qmail can not receive email
44161 by: Ronny Haryanto
Re: The most secure POP server
44162 by: clemensF
spam and well known smtp servers
44163 by: Markus Stumpf
44164 by: Ronny Haryanto
44166 by: Markus Stumpf
44169 by: Charles Cazabon
44170 by: Erwin Hoffmann
44172 by: Andre Oppermann
44175 by: Markus Stumpf
44177 by: Cyril Bitterich
44178 by: Eric Cox
44179 by: John Conover
44188 by: Erwin Hoffmann
44189 by: wolfgang zeikat
Re: Not receiving from all domains - is it DNS?
44165 by: clemensF
updated man pages ucspi-tcp-0.88
44167 by: Gerrit Pape
URGENT!!! HELP!!! HP-UX fault
44168 by: Eldar Imangulov
help with fetchmail/qmail interaction
44171 by: Martin Langhoff
LDAP based mailing lists?
44173 by: Mark E. Drummond
Masquerading while sending remote mail over ISP
44176 by: bbrade.arco.de
standalone preline, or ezmlm archive2mbox?
44180 by: Mike Brown
44181 by: Markus Stumpf
bouncesaying install?
44182 by: Hubbard, David
44186 by: Steffan Hoeke
qmail install question
44183 by: J!M
Mail queue
44184 by: Colin Humphreys
44185 by: asantos
Re: POP-before-SMTP: SUMMARY
44187 by: Kristina
cannot authenticate
44190 by: webmaster.thaiLE.com
Administrivia:
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
On Tue, 4 Jul 2000, wolfgang zeikat wrote:
> in the file rcpthosts you need to list all the hosts/domains,
> that you want to get mail FOR, not FROM.
>
> that means the hosts that your qmail server is "responsible" for. so it
> accepts mails from anyone for those domains and tries to deliver them
> directly to the users, virtualusers or recipients listed in aliases ...
>
> mail to hosts that are NOT listed in rcpthosts is considered "relaying"
> which is only allowed for relayclients (tcp.smtp).
>
> so your rcpthosts file should at least contain:
> tux.dyn.priv.at
Ow. This is getting complicated now :(
I want to get my sbox-account (my provider) ALL my mails because my
computer isn't running all the time and when fetchmail isn't running, I
want to read my mails via the provider's webmail-interface.
So I get mails as (for simplicity abbrevated!) vk@sbox, vk@tux, karl@gmx
and anotherone@gmx.
I modified rctphosts:
sbox
tux
gmx
Now I get the mails but the qmail doesn't seem to know what to do with
them because they're getting into my nulldevice: (almost) all mails
deleted from sbox-server and nothing delivered on my
local tux-computer-account.
example of logfile:
qmail: 962705369.790367 delivery
146: success: 129.27.2.2_accepted_message./Remote_host_said:_250_ok_962705383_qp_9618/
qmail: 962705369.791155 status: local 0/10 remote 2/20
qmail: 962705369.791719 end msg 57505
So I guess, I'll have to set aliases for all email-addresses of me.
FIRST QUESTION:
How to set up an alias? (The manuals are quite confusing to me)
I want an alias e.g. for [EMAIL PROTECTED] delivered to vk@tux (local).
Along the dot-qmail, I have to "touch .qmail-gmx:net" and with what
content? vk@tux? This would cause ALL gmx-mails to be forwarded to the
local user vk? But what if several users use an gmx-forward?
PLEASE give me an example with real names (e.g. [EMAIL PROTECTED] -> local
user vk@tux AND [EMAIL PROTECTED] -> local other@tux)!
SECOND QUESTION:
How can I avoid following "couldn't find any host named localhost"?
(I already put "localhost" in rctphosts!)
2:09:24 tux qmail: 962705364.317964 new msg 57498
2:09:24 tux qmail: 962705364.318689 info msg 57498: bytes 11765 from
<[EMAIL PROTECTED]> qp 1261 uid 507
2:09:24 tux qmail: 962705364.355137 starting delivery 150: msg 57498 to
remote vk@localhost
2:09:24 tux qmail: 962705364.360527 status: local 1/10 remote 7/20
2:09:24 tux qmail: 962705364.389012 delivery
150: failure: Sorry,_I_couldn't_find_any_host_named_localhost._(#5.1.2)/
2:09:24 tux qmail: 962705364.389848 status: local 1/10 remote 6/20
2:09:24 tux qmail: 962705364.433603 bounce msg 57498 qp 1270
2:09:24 tux qmail: 962705364.434120 end msg 57498
LAST QUESTION:
How can I restart qmail to apply all changes???
/etc/rc.d/init.d/qmail stop/start
doesn't seem to be enough.
THANK you VERY much for helping me!
btw, trust me: I've tried to search all my questions in the FAQs/manuals.
Karl VOIT, [EMAIL PROTECTED]
Student @ University of Technology of GRAZ (Austria/Europe)
http://www.sbox.tu-graz.ac.at/home/v/vk/
Also sprach Karl Voit <[EMAIL PROTECTED]> on 04.07.2000:
>Ow. This is getting complicated now :(
No its not. its logical:
[EMAIL PROTECTED] connects to your qmail via SMTP
with a mail for [EMAIL PROTECTED]
now qmail checks rcpthosts to find out if whatever.com is a host it
accepts mail for - for delivery. if yes, it delivers them according to
your qmail setup.
if not, it checks if the sender's IP address is a relayclient -
if it is a relayclient, qmail forwards the mail to the Mail eXchanger for
whatever.com
if not, it sends the error "not in my rcpthosts".
thats very basically what your SMTP server does,
and you better understand it to understand whats going on.
greetings
wolfgang
__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com
Hello,
is there any way how to prevent mail floods with qmail? I can imagine that
it's impossible to implement such protection that would function in all
cases (maybe some expert system ;-)), however I need to protect our server
against cases when somebody decides to send let's say 100000 mails to some
internal address. Is there any way how to tell qmail to send alarm (or
perform some action) when number of mails per time interval from one address
(or domain) grows more than certain limit?
note: I am using qmail at the gateway, it's forwarding mails between
internet and our internal mail system.
Thanx,
--
Tomas Kudlac
Im afraid, i had a wrong view of the system.
Well i must admit that my idea was not very accurate. It was a very easy
way to
make sure that it (somehow) works. But Adam McKenna ist absolutely
right.
Actually it ist not the right way.
So i reproduced your configuration but had no problems.
If your problem still exists, i can send you pieces of my local
configuration files.
Regards.
Giuliano Cocchi wrote:
>
> Yes, deleting rcphosts the relay works correcly. But this pose the problem to
> deny the relay to unwanted people.
> Through the tcp.smtpd i can really manage the relay?
>
> On Tue, 04 Jul 2000, ertan payci wrote:
> > Hello,
> >
> > Let me see if i got it right: you have users using your mailbox as
> > mailhost,and want
> > them to be able to use your mailhost as relay. Right ?
> > IMHO you should just delete rcpthosts and manage your relaying stuff
> > through
> > your tcp.smtp.cdb stuff. Your tcp.smtp looks correct, so give it a
> > trial.
> >
> > Regards
> >
> > Ertan
> >
> > Barry Dwyer wrote:
> > >
> > > Hi all,
> > >
> > > I've got qmail running properly on a system with a DMZ-firewall setup.
> > > All the local clients are behind the firewall, addressed as 192.168.0.n.
> > > The firewall (a debian box) and the mail server are connected to our
> > > ADSL router and both have class-C addresses. The clients all have hosts
> > > files referencing the mail server.
> > >
> > > My tcp.smtp file has proper settings to allow the local clients to work
> > > as RELAYCLIENTS:
> > >
> > > 127.0.0.1:allow,RELAYCLIENT=""
> > > 192.168.0.:allow,RELAYCLIENT=""
> > > :allow
> > >
> > > (I've recompiled it just to be sure and, yes, the reference in the qmail
> > > startup script points to the proper file '-x/etc/tcp.smtp.cdb')
> > >
> > > If I create a rcpthosts file with just the local domain in it (that's
> > > all I want), then every local client that tries to send mail out to the
> > > 'net gets a qmail error message saying the destination domain is not in
> > > the list of receipt hosts (or something to that effect).
> > >
> > > Is the problem that qmail, running on a mail server, with it's class-C
> > > address, doesn't like the "192" block addresses in tcp.smtp? I've set up
> > > qmail servers before as multihomed systems with a class-C card *and* and
> > > internal one. Must I do that here?
> > >
> > > Thanks
> > > Barry Dwyer
Intruducing
192.168.0.:allow,RELAYCLIENT=""
(and each other network managed by your server)
:deny
it's works correctly !!
On Tue, 04 Jul 2000, ertan payci wrote:
> Im afraid, i had a wrong view of the system.
> Well i must admit that my idea was not very accurate. It was a very easy
> way to
> make sure that it (somehow) works. But Adam McKenna ist absolutely
> right.
> Actually it ist not the right way.
>
> So i reproduced your configuration but had no problems.
> If your problem still exists, i can send you pieces of my local
> configuration files.
>
> Regards.
>
>
>
> Giuliano Cocchi wrote:
> >
> > Yes, deleting rcphosts the relay works correcly. But this pose the problem to
> > deny the relay to unwanted people.
> > Through the tcp.smtpd i can really manage the relay?
> >
> > On Tue, 04 Jul 2000, ertan payci wrote:
> > > Hello,
> > >
> > > Let me see if i got it right: you have users using your mailbox as
> > > mailhost,and want
> > > them to be able to use your mailhost as relay. Right ?
> > > IMHO you should just delete rcpthosts and manage your relaying stuff
> > > through
> > > your tcp.smtp.cdb stuff. Your tcp.smtp looks correct, so give it a
> > > trial.
> > >
> > > Regards
> > >
> > > Ertan
> > >
> > > Barry Dwyer wrote:
> > > >
> > > > Hi all,
> > > >
> > > > I've got qmail running properly on a system with a DMZ-firewall setup.
> > > > All the local clients are behind the firewall, addressed as 192.168.0.n.
> > > > The firewall (a debian box) and the mail server are connected to our
> > > > ADSL router and both have class-C addresses. The clients all have hosts
> > > > files referencing the mail server.
> > > >
> > > > My tcp.smtp file has proper settings to allow the local clients to work
> > > > as RELAYCLIENTS:
> > > >
> > > > 127.0.0.1:allow,RELAYCLIENT=""
> > > > 192.168.0.:allow,RELAYCLIENT=""
> > > > :allow
> > > >
> > > > (I've recompiled it just to be sure and, yes, the reference in the qmail
> > > > startup script points to the proper file '-x/etc/tcp.smtp.cdb')
> > > >
> > > > If I create a rcpthosts file with just the local domain in it (that's
> > > > all I want), then every local client that tries to send mail out to the
> > > > 'net gets a qmail error message saying the destination domain is not in
> > > > the list of receipt hosts (or something to that effect).
> > > >
> > > > Is the problem that qmail, running on a mail server, with it's class-C
> > > > address, doesn't like the "192" block addresses in tcp.smtp? I've set up
> > > > qmail servers before as multihomed systems with a class-C card *and* and
> > > > internal one. Must I do that here?
> > > >
> > > > Thanks
> > > > Barry Dwyer
On Tue, Jul 04, 2000 at 04:36:22PM +0200, Giuliano Cocchi wrote:
> Intruducing
> 192.168.0.:allow,RELAYCLIENT=""
> (and each other network managed by your server)
> :deny
Are you sure? It shouldn't! Are you getting any mail from the outside at all?
RC
> it's works correctly !!
>
>
> On Tue, 04 Jul 2000, ertan payci wrote:
> > Im afraid, i had a wrong view of the system.
> > Well i must admit that my idea was not very accurate. It was a very easy
> > way to
> > make sure that it (somehow) works. But Adam McKenna ist absolutely
> > right.
> > Actually it ist not the right way.
> >
> > So i reproduced your configuration but had no problems.
> > If your problem still exists, i can send you pieces of my local
> > configuration files.
> >
> > Regards.
> >
> >
> >
> > Giuliano Cocchi wrote:
> > >
> > > Yes, deleting rcphosts the relay works correcly. But this pose the problem to
> > > deny the relay to unwanted people.
> > > Through the tcp.smtpd i can really manage the relay?
> > >
> > > On Tue, 04 Jul 2000, ertan payci wrote:
> > > > Hello,
> > > >
> > > > Let me see if i got it right: you have users using your mailbox as
> > > > mailhost,and want
> > > > them to be able to use your mailhost as relay. Right ?
> > > > IMHO you should just delete rcpthosts and manage your relaying stuff
> > > > through
> > > > your tcp.smtp.cdb stuff. Your tcp.smtp looks correct, so give it a
> > > > trial.
> > > >
> > > > Regards
> > > >
> > > > Ertan
> > > >
> > > > Barry Dwyer wrote:
> > > > >
> > > > > Hi all,
> > > > >
> > > > > I've got qmail running properly on a system with a DMZ-firewall setup.
> > > > > All the local clients are behind the firewall, addressed as 192.168.0.n.
> > > > > The firewall (a debian box) and the mail server are connected to our
> > > > > ADSL router and both have class-C addresses. The clients all have hosts
> > > > > files referencing the mail server.
> > > > >
> > > > > My tcp.smtp file has proper settings to allow the local clients to work
> > > > > as RELAYCLIENTS:
> > > > >
> > > > > 127.0.0.1:allow,RELAYCLIENT=""
> > > > > 192.168.0.:allow,RELAYCLIENT=""
> > > > > :allow
> > > > >
> > > > > (I've recompiled it just to be sure and, yes, the reference in the qmail
> > > > > startup script points to the proper file '-x/etc/tcp.smtp.cdb')
> > > > >
> > > > > If I create a rcpthosts file with just the local domain in it (that's
> > > > > all I want), then every local client that tries to send mail out to the
> > > > > 'net gets a qmail error message saying the destination domain is not in
> > > > > the list of receipt hosts (or something to that effect).
> > > > >
> > > > > Is the problem that qmail, running on a mail server, with it's class-C
> > > > > address, doesn't like the "192" block addresses in tcp.smtp? I've set up
> > > > > qmail servers before as multihomed systems with a class-C card *and* and
> > > > > internal one. Must I do that here?
> > > > >
> > > > > Thanks
> > > > > Barry Dwyer
--
+-------------------
| Ricardo Cerqueira
| PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
| Novis - Engenharia ISP / Rede T�cnica
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166730/00 (24h/dia) - Fax: +351 21 3166701
On Tue, Jul 04, 2000 at 05:00:11PM +0200, Giuliano Cocchi wrote:
> Yes, i receive mail from outside for my local and virtual domain,
> and only the listed networks can use my server to send mail to outside.
Something's wrong then... That final :deny rule should reject any outside TCP
connection to your port 25. Which means no mail. The last rule should be :allow (or
nothing at all, which implies :allow)
RC
>
> On Tue, 04 Jul 2000, you wrote:
> > On Tue, Jul 04, 2000 at 04:36:22PM +0200, Giuliano Cocchi wrote:
> > > Intruducing
> > > 192.168.0.:allow,RELAYCLIENT=""
> > > (and each other network managed by your server)
> > > :deny
> >
> > Are you sure? It shouldn't! Are you getting any mail from the outside at all?
> >
> > RC
> >
> > > it's works correctly !!
> > >
> > >
> > > On Tue, 04 Jul 2000, ertan payci wrote:
> > > > Im afraid, i had a wrong view of the system.
> > > > Well i must admit that my idea was not very accurate. It was a very easy
> > > > way to
> > > > make sure that it (somehow) works. But Adam McKenna ist absolutely
> > > > right.
> > > > Actually it ist not the right way.
> > > >
> > > > So i reproduced your configuration but had no problems.
> > > > If your problem still exists, i can send you pieces of my local
> > > > configuration files.
> > > >
> > > > Regards.
> > > >
> > > >
> > > >
> > > > Giuliano Cocchi wrote:
> > > > >
> > > > > Yes, deleting rcphosts the relay works correcly. But this pose the problem to
> > > > > deny the relay to unwanted people.
> > > > > Through the tcp.smtpd i can really manage the relay?
> > > > >
> > > > > On Tue, 04 Jul 2000, ertan payci wrote:
> > > > > > Hello,
> > > > > >
> > > > > > Let me see if i got it right: you have users using your mailbox as
> > > > > > mailhost,and want
> > > > > > them to be able to use your mailhost as relay. Right ?
> > > > > > IMHO you should just delete rcpthosts and manage your relaying stuff
> > > > > > through
> > > > > > your tcp.smtp.cdb stuff. Your tcp.smtp looks correct, so give it a
> > > > > > trial.
> > > > > >
> > > > > > Regards
> > > > > >
> > > > > > Ertan
> > > > > >
> > > > > > Barry Dwyer wrote:
> > > > > > >
> > > > > > > Hi all,
> > > > > > >
> > > > > > > I've got qmail running properly on a system with a DMZ-firewall setup.
> > > > > > > All the local clients are behind the firewall, addressed as 192.168.0.n.
> > > > > > > The firewall (a debian box) and the mail server are connected to our
> > > > > > > ADSL router and both have class-C addresses. The clients all have hosts
> > > > > > > files referencing the mail server.
> > > > > > >
> > > > > > > My tcp.smtp file has proper settings to allow the local clients to work
> > > > > > > as RELAYCLIENTS:
> > > > > > >
> > > > > > > 127.0.0.1:allow,RELAYCLIENT=""
> > > > > > > 192.168.0.:allow,RELAYCLIENT=""
> > > > > > > :allow
> > > > > > >
> > > > > > > (I've recompiled it just to be sure and, yes, the reference in the qmail
> > > > > > > startup script points to the proper file '-x/etc/tcp.smtp.cdb')
> > > > > > >
> > > > > > > If I create a rcpthosts file with just the local domain in it (that's
> > > > > > > all I want), then every local client that tries to send mail out to the
> > > > > > > 'net gets a qmail error message saying the destination domain is not in
> > > > > > > the list of receipt hosts (or something to that effect).
> > > > > > >
> > > > > > > Is the problem that qmail, running on a mail server, with it's class-C
> > > > > > > address, doesn't like the "192" block addresses in tcp.smtp? I've set up
> > > > > > > qmail servers before as multihomed systems with a class-C card *and* and
> > > > > > > internal one. Must I do that here?
> > > > > > >
> > > > > > > Thanks
> > > > > > > Barry Dwyer
> >
> > --
> > +-------------------
> > | Ricardo Cerqueira
> > | PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
> > | Novis - Engenharia ISP / Rede T�cnica
> > | P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
> > | Tel: +351 21 3166730/00 (24h/dia) - Fax: +351 21 3166701
--
+-------------------
| Ricardo Cerqueira
| PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
| Novis - Engenharia ISP / Rede T�cnica
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166730/00 (24h/dia) - Fax: +351 21 3166701
On Tue, Jul 04, 2000 at 10:51:00AM +0200, Claus F�rber wrote:
> Rodrigo Severo <[EMAIL PROTECTED]> schrieb/wrote:
> > void err_vrfy() { out("252 send some mail, i'll try my best\r\n"); }
> > void err_qqt() { out("451 qqt failure (#4.3.0)\r\n"); }
> > ! void err_excessrcpt() { out("666 Too many recipients specified
> ~~~
> > (#5.5.4)\r\n"); } /* Agregado por mi para el maxrcpt */
>
> That's a very bad idea.
>
I said that the first time I posted the patch :)
The best idea, as far as I can see, would be to assign it a 5xx code. I threw 666 in
just for kicks.
RC
> Claus
>
> --
> http://www.faerber.muc.de
--
+-------------------
| Ricardo Cerqueira
| PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
| Novis - Engenharia ISP / Rede T�cnica
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166730/00 (24h/dia) - Fax: +351 21 3166701
On 04-Jul-2000, Iman Budi Setiawan wrote:
> but it can not work when other send email to my qmail.
Define "can not work". What kind of messages/errors do they get when
sending? You can't expect a specific solution unless you're specific
with the problem.
Ronny
> Scott Gifford:
> > to use apop, germanynet (calisto) barked, thay would not change their
> > entire setup for just one customer, when i asked them for apop. i dared
> > to ask only because their greeting looks like an apop prompt, and it
> > even changes on every dialup... so much for technical competence.
>
> They probably don't store plaintext passwords, which would make it
> impossible to support your request. Not a matter of technical
> competence as much as system design.
that i don't understand. i can get my password anytime from any provider,
just askin', maybe answering "secret questions". what makes you think
they don't store plaintext-passwords?
clemens
Hoi folx,
we have the problem that we receive a lot of spam with sender addresses
e.g. @hotmail.com but the mail is relayed via open relay mailservers
(not on e.g. mail-abuse RBL).
I think it would not be too hard to hack qmail-smtpd to check for the
existance of e.g.
/var/qmail/control/knownsmpt/hotmail.com
in case the sender domain is hotmail.com, read from the file a list
of IP addresses and accept the mail, if TCPREMOTEIP is on the list
or deny it otherwise (hard or temporary, one's milleage may vary).
Has anyone done something like that?
Any comments (pro/con) on doing somthing like that? (I know it is some
additional maintenance effort, but maybe one could convince the "big
mail hosters" to provide such lists for download?)
\Maex
On 04-Jul-2000, Markus Stumpf wrote:
> we have the problem that we receive a lot of spam with sender addresses
> e.g. @hotmail.com but the mail is relayed via open relay mailservers
> (not on e.g. mail-abuse RBL).
You might want to look at MAPS RSS and MAPS DUL too. We use
RBL+RSS+DUL.
> I think it would not be too hard to hack qmail-smtpd to check for the
> existance of e.g.
> /var/qmail/control/knownsmpt/hotmail.com
> in case the sender domain is hotmail.com, read from the file a list
> of IP addresses and accept the mail, if TCPREMOTEIP is on the list
> or deny it otherwise (hard or temporary, one's milleage may vary).
> Has anyone done something like that?
See the tcpserver man page at http://cr.yp.to/ucspi-tcp/tcpserver.html
for -x option. It does the checking to everyone though, regardless of
the sender domain.
Ronny
On Tue, Jul 04, 2000 at 11:23:05AM -0500, Ronny Haryanto wrote:
> You might want to look at MAPS RSS and MAPS DUL too. We use
> RBL+RSS+DUL.
This was an example. Ok... they use a relay open mailserver that is on no
list yet.
> See the tcpserver man page at http://cr.yp.to/ucspi-tcp/tcpserver.html
> for -x option. It does the checking to everyone though, regardless of
> the sender domain.
But this is exactly the point.
Valid (e.g.!!!) hotmail.com eMails should come from an outgoing
hotmail.com smtp server. If they don't they're most probably faked
sender addresses used by spammers.
There is not any switch of tcpserver that helps detect this and there is
no rule that you can specify in a cdb file that prevents this spam, yet.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | Stress is when you wake
Research & Development | mailto:[EMAIL PROTECTED] | up screaming and you
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | realize you haven't
D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet.
Markus Stumpf <[EMAIL PROTECTED]> wrote:
>
> But this is exactly the point.
> Valid (e.g.!!!) hotmail.com eMails should come from an outgoing
> hotmail.com smtp server. If they don't they're most probably faked
> sender addresses used by spammers.
> There is not any switch of tcpserver that helps detect this and there is
> no rule that you can specify in a cdb file that prevents this spam, yet.
This would block a lot of valid mail as well. I frequently send mail from
a given machine using a different (but valid) envelope sender -- and I will
sometimes use my Hotmail address if I am afraid that I might end up on
the recipient's mailing list(s).
The SMTP envelope sender doesn't truly mean "this mail comes from this email
domain". Instead it means something closer to "if this can't be delivered,
notify this address". Attempting to ensure that the envelope sender matches
the domain of the machine making the connection will break a lot of
connections; what about mail which is (legitimately) relayed through another
domain?
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------
Hi,
since I'm dealing with the SPAMCONTROL patch, I would like to comment your
problem:
1. You are right. Within the filtering mechanisms a logical "AND" scheme is
missing. To implement this requires some attention.
2. Principally the following checks could be applied:
Logic:
a) The envelope's MAIL FROM: address has to be taken.
b) From TCPENV the REMOTEIP has to be taken (=> real Sender IP)
c) By means of a DNS A-Lookup(MAIL FROM: address) the (let's call it)
pretended IP address has to be evaluated.
Assumption:
For legitamate E-Mails both IP addresses belong (usually) to the same IP
subnet. However, one has to define a range of significant IP address bits
to evaluate (common in the CIDR scheme).
Result:
=> Comparing both IP addresses would effectively eliminate reception of
E-mail thru 3rd party relays, as in your case.
I think about but don't promise anything. There are other items on my agenda.
cheers.
eh.
At 18:04 4.7.2000 +0200, Markus Stumpf wrote:
>Hoi folx,
>
>we have the problem that we receive a lot of spam with sender addresses
>e.g. @hotmail.com but the mail is relayed via open relay mailservers
>(not on e.g. mail-abuse RBL).
>
>I think it would not be too hard to hack qmail-smtpd to check for the
>existance of e.g.
> /var/qmail/control/knownsmpt/hotmail.com
>in case the sender domain is hotmail.com, read from the file a list
>of IP addresses and accept the mail, if TCPREMOTEIP is on the list
>or deny it otherwise (hard or temporary, one's milleage may vary).
>
>Has anyone done something like that?
>Any comments (pro/con) on doing somthing like that? (I know it is some
>additional maintenance effort, but maybe one could convince the "big
>mail hosters" to provide such lists for download?)
>
> \Maex
>
>
+-----------------------------------------------------------------------+
| fff hh http://www.fehcom.de Dr. Erwin Hoffmann |
| ff hh |
| ff eee hhhh ccc ooo mm mm mm Wiener Weg 8 |
| fff ee ee hh hh cc oo oo mmm mm mm 50858 Koeln |
| ff ee eee hh hh cc oo oo mm mm mm |
| ff eee hh hh cc oo oo mm mm mm Tel 0221 484 4923 |
| ff eeee hh hh ccc ooo mm mm mm Fax 0221 484 4924 |
+-----------------------------------------------------------------------+
Erwin Hoffmann wrote:
>
> Hi,
>
> since I'm dealing with the SPAMCONTROL patch, I would like to comment your
> problem:
>
> 1. You are right. Within the filtering mechanisms a logical "AND" scheme is
> missing. To implement this requires some attention.
>
> 2. Principally the following checks could be applied:
>
> Logic:
> a) The envelope's MAIL FROM: address has to be taken.
> b) From TCPENV the REMOTEIP has to be taken (=> real Sender IP)
> c) By means of a DNS A-Lookup(MAIL FROM: address) the (let's call it)
> pretended IP address has to be evaluated.
>
> Assumption:
> For legitamate E-Mails both IP addresses belong (usually) to the same IP
> subnet. However, one has to define a range of significant IP address bits
> to evaluate (common in the CIDR scheme).
Unfortunatly this assumption is pretty much flawed. For example I have
two IP ranges, 195.134.128/19 and 62.48.0.0/19. Now my customers are
usually in the 195 range but my mail servers are in the 62 range. So
how do you propose to handle that?
> Result:
> => Comparing both IP addresses would effectively eliminate reception of
> E-mail thru 3rd party relays, as in your case.
>
> I think about but don't promise anything. There are other items on my agenda.
--
Andre
On Tue, Jul 04, 2000 at 01:17:46PM -0600, Charles Cazabon wrote:
> This would block a lot of valid mail as well. I frequently send mail from
> a given machine using a different (but valid) envelope sender -- and I will
> sometimes use my Hotmail address if I am afraid that I might end up on
> the recipient's mailing list(s).
I know.
But my alternative in the moment (we do receive at most one legitimite
email from hotmail.com a month) - as we have now - is to put hotmail.com
in badmailfrom.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | Stress is when you wake
Research & Development | mailto:[EMAIL PROTECTED] | up screaming and you
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | realize you haven't
D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet.
Hi Marcus,
> existance of e.g.
> /var/qmail/control/knownsmpt/hotmail.com
> in case the sender domain is hotmail.com, read from the file a list
> of IP addresses and accept the mail, if TCPREMOTEIP is on the list
> or deny it otherwise (hard or temporary, one's milleage may vary).
[...]
> Any comments (pro/con) on doing somthing like that? (I know it is some
> additional maintenance effort, but maybe one could convince the "big
> mail hosters" to provide such lists for download?)
Maybe you want to have a look at my header. The E-Mail adress I use is not in any way
realted with the Relay-Server I use. And I do use it legitmatly.
I could use almost every From-adress I 'd like.
But there is a good Point in you proposal. Maybe you just wanted to reject the mail
with a
notification that you do not accept this mail because they are not sent via Hotmail.
But you know that hotmail uses round-robin?
Just my 2 cents,
Cyril
Markus Stumpf wrote:
>
> On Tue, Jul 04, 2000 at 01:17:46PM -0600, Charles Cazabon wrote:
> > This would block a lot of valid mail as well. I frequently send mail from
> > a given machine using a different (but valid) envelope sender -- and I will
> > sometimes use my Hotmail address if I am afraid that I might end up on
> > the recipient's mailing list(s).
>
> I know.
> But my alternative in the moment (we do receive at most one legitimite
> email from hotmail.com a month) - as we have now - is to put hotmail.com
> in badmailfrom.
I use ORBS (orbs.org) here and at work, although some people have said it
has too many false positives and other problems (but let's not rehash that
issue, okay folks?)
But I also use my own RBL-style spammer domain, myrbl.com, and feed it
to rblsmtpd its command line. Then just put the rIP of the offending
machine in the domain, and presto! It's gone. This allows me to add any
spammer/open relay to the list in a matter of seconds. (I wrote some
simple python scripts to make it easier - email me if interested). Also,
with BIND 8, you can have the domain appear only on your mail machine's
nameserver too - so if someone else runs the main nameserver, he/she won't
have to deal with it.
Eric
Hi Markus. Or, your users can put the following in their
individual ~/.procmailrc:
:0
* ? test -f "${HOME}/.procmail.reject"
* ? formail -c -x received: | fgrep -i -s -f "${HOME}/.procmail.reject"
/dev/null
where ${HOME}/.procmail.reject is a record list of the form:
[123.321.123.321]
to reject stuff from a specific machine, or:
[123.321.
to reject messages from an entire class B domain, which is placed in
the "Received:" header.
Its less efficient, and won't work for a major mail gateway, but it is
adaquate to allow users to prohibit reception of mail from certain
specific machines/domains.
John
BTW, you might want to replace "/dev/null" with something like:
{
EXITCODE=100
:0
/dev/null
}
which will cause qmail to refuse to deliver the email-since many
spammers keep email addresses in a database, which will be removed
under an exception.
Eric Cox writes:
>
>
> Markus Stumpf wrote:
> >
> > On Tue, Jul 04, 2000 at 01:17:46PM -0600, Charles Cazabon wrote:
> > > This would block a lot of valid mail as well. I frequently send mail from
> > > a given machine using a different (but valid) envelope sender -- and I will
> > > sometimes use my Hotmail address if I am afraid that I might end up on
> > > the recipient's mailing list(s).
> >
> > I know.
> > But my alternative in the moment (we do receive at most one legitimite
> > email from hotmail.com a month) - as we have now - is to put hotmail.com
> > in badmailfrom.
>
> I use ORBS (orbs.org) here and at work, although some people have said it
> has too many false positives and other problems (but let's not rehash that
> issue, okay folks?)
>
> But I also use my own RBL-style spammer domain, myrbl.com, and feed it
> to rblsmtpd its command line. Then just put the rIP of the offending
> machine in the domain, and presto! It's gone. This allows me to add any
> spammer/open relay to the list in a matter of seconds. (I wrote some
> simple python scripts to make it easier - email me if interested). Also,
> with BIND 8, you can have the domain appear only on your mail machine's
> nameserver too - so if someone else runs the main nameserver, he/she won't
> have to deal with it.
>
> Eric
--
John Conover [EMAIL PROTECTED] http://www.johncon.com/
631 Lamont Ct. Tel. 408.370.2688 http://www.johncon.com/ntropix/
Campbell, CA 95008 Fax. 408.379.9602 http://www.johncon.com/nformatix/
Hi again,
At 22:37 4.7.2000 +0200, Andre Oppermann wrote:
>Erwin Hoffmann wrote:
>>
>> Hi,
>>
>> since I'm dealing with the SPAMCONTROL patch, I would like to comment your
>> problem:
>>
>> 1. You are right. Within the filtering mechanisms a logical "AND" scheme is
>> missing. To implement this requires some attention.
>>
>> 2. Principally the following checks could be applied:
>>
>> Logic:
>> a) The envelope's MAIL FROM: address has to be taken.
>> b) From TCPENV the REMOTEIP has to be taken (=> real Sender IP)
>> c) By means of a DNS A-Lookup(MAIL FROM: address) the (let's call it)
>> pretended IP address has to be evaluated.
>>
>> Assumption:
>> For legitamate E-Mails both IP addresses belong (usually) to the same IP
>> subnet. However, one has to define a range of significant IP address bits
>> to evaluate (common in the CIDR scheme).
>
>Unfortunatly this assumption is pretty much flawed. For example I have
>two IP ranges, 195.134.128/19 and 62.48.0.0/19. Now my customers are
>usually in the 195 range but my mail servers are in the 62 range. So
>how do you propose to handle that?
Yes, I know about that. The other attempt is to use static IP adresses as
Markus' proposed. Both schemes could be combined. Let's assume we have an
additional control file ./stmpallowedfrom:
hotmail.com:195.111.222.200/19 (address range)
fehcom.de:195.162.195.1,195.162.195.2 (list of static ip addresses)
This would give you some possibilty without the need to really now what are
the IP adresses of an SMTP sender. The address parsing is a little tricky.
eh.
>
>> Result:
>> => Comparing both IP addresses would effectively eliminate reception of
>> E-mail thru 3rd party relays, as in your case.
>>
>> I think about but don't promise anything. There are other items on my
agenda.
>
>--
>Andre
>
+-----------------------------------------------------------------------+
| fff hh http://www.fehcom.de Dr. Erwin Hoffmann |
| ff hh |
| ff eee hhhh ccc ooo mm mm mm Wiener Weg 8 |
| fff ee ee hh hh cc oo oo mmm mm mm 50858 Koeln |
| ff ee eee hh hh cc oo oo mm mm mm |
| ff eee hh hh cc oo oo mm mm mm Tel 0221 484 4923 |
| ff eeee hh hh ccc ooo mm mm mm Fax 0221 484 4924 |
+-----------------------------------------------------------------------+
this is a bit off topic,
but i consider it useful anyway ...
http://spamcop.net offers handy online forms
that process spam mails (do whois / dns lookups) and prepare a
ready-to-send
complaint emails with choices which ISP/Mail Server to send them to ... i
use it a lot with spam arriving in our domain.
to use the service you need to sign up once at
http://spamcop.net/anonsignup.shtml
regards
wolfgang
__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com
> Barry Dwyer:
> Would this reverse-DNS entry (apparently there for the convenience of
> the ISP's reseller) be preventing some mail servers from forwarding to
> ours?
this is the usual setup if you rely on the services of an isp. mail
doesn't let itself get disturbed by this, rest assured.
your mail to the list arrives..
clemens
There is an updated set of man pages for ucspi-tcp-0.88
(http://cr.yp.to/ucspi-tcp.html), now including man pages for rblsmtpd,
addcr, delcr:
ftp://ftp.innominate.org/pub/pape/djb/ucspi-tcp-0.88-man.tar.gz
Regards, Gerrit.
--
[EMAIL PROTECTED]
innominate AG
networking people
fon: +49.30.308806-0 fax: -77 web: http://innominate.de pgp: /pgp/gpa
Hello ppl!
I have
HP-UX web1 B.11.00 U 9000/800 610339382 unlimited-user license
my qmail start script runs Ok, but qmail stops. When I restart qmail deamon
manualy it keeps runing.
here is what I run:
#!/sbin/sh
#
# /etc/rc*.d/S**qmail - Start/Stop the qmail daemon
#
PATH=/usr/bin:/bin:/var/qmail/bin:/var/qmail/conf:$PATH
case $1 in
"start")
# csh -cf '/var/qmail/rc &' && echo -n ' qmail'
csh -cf '/var/qmail/bin/qmail-start ./Mailbox splogger qmail &' &&
echo -n ' qmail'
sleep 10
;;
"stop")
pid=`/usr/bin/ps -e | /usr/bin/grep qmail-send | /usr/bin/sed -e
's/^ *//' -e 's/ .*//'`
if test "$pid"
then
kill $pid
fi
;;
"start_msg")
echo "Starting qmail"
;;
"stop_msg")
echo "Stopping qmail"
;;
*)
echo "usage: /sbin/init.d/qmail {start|stop}"
;;
esac
Any ideas?
================================
Regards,
Eldar Imangulov
hi,
i've got server A online, running qmail with vmailmgr and user
SCIMNET handling all the virtualdomain SCIM.NET
I've got my intranet server, which runs in a similar fashion, and
connects to the internet regularly and runs fetchmail. It has the same
v-users configured under the SCIMNET user.
I've been reading the docs on fetchmail (specially the man pages and
the FAQ) and can't get the sample settings for qmail to work. Under my
scimnet user in my intranet server I've got a .fetchmail file that says
(mostly) this:
-----------------------------------------------------------------
defaults
qvirtual "scimnet-"
smtpaddress "scim.net"
forcecr
fetchtall
keep # at least until it works!
# and this one for a test-user
poll mail.scim.net with protocol pop3
no dns
envelope "Delivered To:
user scimnet-test # for [EMAIL PROTECTED]
password xxxxxx
-------------------------
I've read in the docs that its feasible to setup a .fetchmail file
that will get the emails for all the possible v-users, but I can't
really get not even 1 user to work! I really though that the qvirtual
setting plus the smtpaddress setting would strip the scimnet- part from
the username and append the resulting user to the server's address.
Right now I'm lost, dazed and confused. Is there anyone that's got
it working? Fetchmail is 5.4.0 by the way...
martin
Perhaps this would be better asked of the ezmlm list but ... without a
doubt one of the most useful features of my Netscape Messageing Server
based mail hub is it's integration with LDAP (which is the way of the
future of course ...) in particular it's "dynamic" mailing lists based
on LDAP URLs.
Is anyone working on something similar to this? Maybe there would be a
way to set up an account that used preline to run a prog that handled
the LDAP lookup?
--
Mark Drummond|ICQ#19153754|mailto:[EMAIL PROTECTED]
UNIX System Administrator|Royal Military College of Canada
The Kingston Linux Users Group|http://signals.rmc.ca/klug/
Saving the World ... One CPU at a Time
Please excuse me if I am terse. I answer dozens of emails every day.
Hallo list,
When sending all mail as user me for remote hosts out of ./mailppp/ by:
me@bbrade:~ > maildirsmtp ./mailppp "" mail.arco.de bbrade
I get following answer:
> FROM: Mail Delivery Subsystem <[EMAIL PROTECTED]>
> Subject: Mail Delivery Subsystem <[EMAIL PROTECTED]>
> TO: [EMAIL PROTECTED]
>
> The original message was received at Tue, 4 Jul 2000 02:29:08 +0200
> from [EMAIL PROTECTED] [194.156.253.66]
>
> ----- The following addresses had permanent fatal errors -----
> <[EMAIL PROTECTED]>
>
> ----- Transcript of session follows -----
> 550 <[EMAIL PROTECTED]>... Host unknown (Name server:
> bbrade.bbrade: host
> not found)
My host is local called bbrade.bbrade but my ISP arco.de knows me as
[EMAIL PROTECTED] the mail in ./mailppp/ looked like this:
> Return-Path: <[EMAIL PROTECTED]>
> Delivered-To: [EMAIL PROTECTED]
> Date: 4 Jul 2000 22:14:46 -0000
> FROM: [EMAIL PROTECTED]
> TO: [EMAIL PROTECTED]
> CC:
> Subject: test
>
> test
I sent it over .qmail-pppdir by:
cat mail | /var/qmail/bin/qmail-inject [EMAIL PROTECTED] me-pppdir
I have no DNS running, why looks mail.arco.de for a DNS at my host.
Is it enough to delete the "Delivered-To: [EMAIL PROTECTED]" line
to cover the internal hostnam bbrade.bbrade?
Thanks for help.
Ciao
Bernd Bradenahl
----------------------------------
E-Mail: [EMAIL PROTECTED]
Date: 04-Jul-00
Time: 23:59:58
This message was sent by XFMail
----------------------------------
For mailing lists I serve, I need to maintain both ezmlm archive
directories as well as mbox files. Working out the archiving to mbox files
was not difficult, but I forgot to do it for one of my lists and now have
about 3 months worth of ezmlm archives that I need to pipe through the
mbox archive script.
All I need to do is add the "From " line to the top of each message. I'd
like it to be an accurate line, not a generic one, so I thought, hey, I
could use preline. Unfortunately I can't figure out how to use preline
outside of the context of qmail. If it's expecting all of the environment
variables listed in the qmail-command man page, then I'm at square one,
because if I spend half a day debugging a script to get those variables
right, writing the "From " line would be cake.
Can someone explain if/how I can use preline as a tool on its own, or
point me to an ezmlm archive2mbox script somewhere? I've looked quite a
bit through docs, FAQs and search engines before posting.
Thanks,
- Mike
____________________________________________________________________
Mike J. Brown, software engineer at My XML/XSL resources:
webb.net in Denver, Colorado, USA http://www.skew.org/xml/
On Tue, Jul 04, 2000 at 06:18:11PM -0600, Mike Brown wrote:
> Can someone explain if/how I can use preline as a tool on its own, or
> point me to an ezmlm archive2mbox script somewhere? I've looked quite a
> bit through docs, FAQs and search engines before posting.
Maybe
/var/qmail/bin/maildir2mbox
would suit you?
It shouldn't be too hard to create a dummy maildir, move/rename all the
ezmlm archive files there and then usr maildir2mbox.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | Stress is when you wake
Research & Development | mailto:[EMAIL PROTECTED] | up screaming and you
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | realize you haven't
D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet.
Hi all,
I just discovered the 'bouncesaying' utility from someone
elses post. Does anyone know why this is not installed anywhere
by default but it's man pages are installed? Are there other useful
utilities/programs that are built but not installed?
Thanks,
Dave
On Tue, Jul 04, 2000 at 10:15:06PM -0400, Hubbard, David wrote:
> Hi all,
> I just discovered the 'bouncesaying' utility from someone
> elses post. Does anyone know why this is not installed anywhere
> by default but it's man pages are installed? Are there other useful
> utilities/programs that are built but not installed?
>
> Thanks,
> Dave
For example:
* condredirect;
* except;
* and maybe others.
But the're in my /var/qmail/bin directory.
I did a default build and install, so maybe there's something wrong,
or you have a different idea of what 'installed' means ;-)
HTH,
Steffan
--
http://therookie.dyndns.org
Hi,
Installed qmail based on instructions in Life With qmail, by Dave
Sill...
Upon starting qmail, I get a looping error as svscan attempts to
acquire these two directories, returning this error:
supervise: fatal: unable to acquire qmail-send/supervise/lock:
temporary failure
supervise: fatal: unable to acuire qmail-smtpd/supervise/lock:
temporary failure
Clifford Thurber suggested that I check the ownership of the
directories and chown them to qmaill.nofiles, but that wasn't the
ticket.
Can anyone suggest a fix? Or even a little insight into what these
locks accomplish...
Thanks, I'm really looking forward to having a stable, secure,
Running, server.
J!M
PS New to qmail, new to Linux, want to dump my NT servers asap.
I have a mail server with a large amount of mail in the queue for a
particualar host which was having nameserver problems. Those lookups are
resolved... Is there a quick way to get the mail in the queue to be sent
now, instead of delayed till whenever the current timeout is (could be
up to a day by now)?
From: Colin Humphreys <[EMAIL PROTECTED]>
>I have a mail server with a large amount of mail in the queue for a
>particualar host which was having nameserver problems. Those lookups are
>resolved... Is there a quick way to get the mail in the queue to be sent
>now, instead of delayed till whenever the current timeout is (could be
>up to a day by now)?
Send an ALRM to the qmail-send process.
Armando
smime.p7s
At 08:54 00/06/14 +0900, you wrote:
>
> Has anyone installed any of the POP-before-SMTP
> packages available on the www.qmail.org page with qmail-ldap
> on Solaris 6 or 7 SUCCESSFULLY?
>
> Please let me know.
>
> Kristina
**************************************************
STEP-BY-STEP MINI-HOWTO FOR RELAY-CTRL-1.4
Well, here I am answering my own post! Thanks to the owner of relay-ctrl-1.4,
Bruce, I was able to get over some of my troubles. I now have POP-before-SMTP
running on our qmail server serving ASP clients. The following step-by-step
should get any newbie with POP-before-SMTP installed on Solaris 7. Works fine
on both qmail and qmail-ldap.
(1) decompress
% tar -xvf relay-ctrl-1.4.tar.gz?
(2) edit some files in the source
% cd relay-ctrl-1.4
a) EDIT THE defines.h FILE
% vi defines.h
#ifndef AGE_MINUTES
#define AGE_MINUTES 15 <- No of minutes user can SMTP after POP
#endif
#ifndef BUFSIZE
#define BUFSIZE 4096
#endif
#ifndef RULESDIR
#define RULESDIR "/etc/tcpcontrol" <-The path to your database
#endif
#ifndef SPOOLDIR
#define SPOOLDIR "/var/spool/relay-ctrl"
#endif
#ifndef AGE_CMD
#define AGE_CMD "/usr/sbin/relay-ctrl-age"
#endif
#ifndef TCPRULES
#define TCPRULES "/usr/local/bin/tcprules" <- change according to your system
#endif
#ifndef SMTPRULES
#define SMTPRULES "smtp.rules" <- name of the rules files
#endif
#ifndef SMTPCDB
#define SMTPCDB "tcp.smtp.cdb" <- name of your cdb file
#endif
#ifndef SMTPFIXUP?
#define SMTPFIXUP "smtp.fixup"
#endif
b) EDIT THE relay-ctrl-allow.c file
% vi relay-ctrl-allow.c
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <fcntl.h> <- add this
c) EDIT THE Makefile file
% vi Makefile
prefix = /usr
sbindir = $(prefix)/sbin
mandir = $(prefix)/man
man8dir = $(mandir)/man8
install = /usr/sbin/install <- change according to your system
installdata = $(install) -m 644?
installbin = $(install) -m 755
installdir = $(install) -d
(3) COMPILE
% make
(4) INSTALL
% cp relay-ctrl-allow /usr/sbin
% cp relay-ctrl-age /usr/sbin
% cp relay-ctrl-age.8 /usr/man/man8/
% cp relay-ctrl-allow.8 /usr/man/man8/
% make install
% chmod u+s /usr/sbin/relay-ctrl-allow
(5) EDIT crontab
% setenv EDITOR vi
% crontab -e
0-59 * * * * /usr/sbin/relay-ctrl-age
% crontab -l
(6) CREATE A DIRECTORY AND CHANGE PERMISSIONS
% mkdir /var/spool/relay-ctrl
% chmod 766 /var/spool/relay-ctrl
% mkdir /etc/tcpcontrol
% chmod 777 /etc/tcpcontrol
(7) EDIT THE START-UP FILE FOR TCPSERVER
% vi /etc/rc2.d/S89tcpserver
#!/bin/sh
PATH=/var/qmail/bin:/usr/local/bin:/usr/sbin; export PATH
#SMTP for POP-before-SMTP
tcpserver -v -u xxxxx -g xxxxx -x /etc/tcpcontrol/tcp.smtp.cdb 0 smtp
qmail-smtpd 2>
&1 |splogger smtpd &
-u xxxxxx is the uid
-g xxxxxx is the gid
-x /etc/tcpcontrol/tcp.smtp.cdb is the full path to your database which must
match
your entries for RULESDIR and SMTPCDB in defines.h
(8) RESTART THE TCPSERVER
***********************************************
Hi there:
I'm not sure if this list is the right place, or I should post it to
vpopmail list. But please help.
---
I'm new to qmail, but have installed it according to the INSTALL file, and
faq. I also installed vpopmail. Problem is when I tested the system the
delivery works fine. All mails go to the right path in each virtual domain
Maildir. But when I tried to pop in to get mail from a virtual domain that
I put in place, using outlook express, I couldn't authenticate. The log
mesg says:
Jul 5 10:25:35 myhost in.qpopper[972]: webmaster%mydomain.com at
bkk7a-102.dial56k.cscoms.com (202.183.197.102): -ERR [AUTH] Password
supplied for "webmaster%mydomain.com" is incorrect.
The password is correct, but look like qpopper is doing the job, instead of
qmail or vpopmail. I couldn't find the document on this, so any help would
be really appreciated.
Thanks
kittiwat
