qmail Digest 24 Aug 2000 10:00:01 -0000 Issue 1102

qmail-digest-help Thu, 24 Aug 2000 02:55:00 -0700


qmail Digest 24 Aug 2000 10:00:01 -0000 Issue 1102

Topics (messages 47207 through 47280):

Re: qmail-qfilter-problem
        47207 by: Lars Pfuhl
        47208 by: Lars Pfuhl

Re: Help...
        47209 by: Muhammad Yusuf

Fastforward AND smarthost-style operation at once
        47210 by: Brett Randall
        47218 by: Dave Sill
        47231 by: tibbs.joshd.kendle.com
        47243 by: tony.corp.quepasa.com
        47266 by: Brett Randall

dot-qmail and pipe not working properly
        47211 by: Thomas Duterme
        47216 by: Petr Novotny
        47217 by: Ben Beuchler

Re: Qmail-etrn
        47212 by: meric.starcom.co.ug

Re: Linux Mandrake qmail packages available
        47213 by: Vincent Danen

select checkpoppasswd
        47214 by: Jan Stanik

Re: Need Some DNS pointers
        47215 by: Bryan White
        47224 by: David Dyer-Bennet
        47226 by: James Raftery
        47229 by: Eric Cox
        47230 by: Ihnen, David
        47232 by: David Dyer-Bennet
        47233 by: Charles Cazabon
        47234 by: David Dyer-Bennet

Re: password database
        47219 by: Clemens Hermann
        47220 by: Jenny Holmberg
        47274 by: Gjermund Sorseth
        47279 by: Jenny Holmberg

Thanks to all of you
        47221 by: Clemens Hermann

Blackmail / spam
        47222 by: Vu Vuong

DNS problems with CR.YP.TO?
        47223 by: Curtis Generous
        47227 by: Petr Novotny
        47228 by: Peter van Dijk

Re: Web Interface for QMail
        47225 by: Olivier M.
        47240 by: mailing
        47245 by: Iman Budi Setiawan
        47273 by: Iman Budi Setiawan

Re: RFC2487 TLS authenticated SMTP relay
        47235 by: Jamie Heilman

ezmlm+idx:
        47236 by: David Benfell

vpopmail and large domains.
        47237 by: Greg Moeller
        47238 by: Ben Beuchler
        47239 by: Eric Peters

Re: Web Interface for QMail [WING/acmemail]
        47241 by: martin langhoff

Changing mail deliver program to MAILDROP
        47242 by: Daniel Augusto Fernandes

Re: perlmx for qmail?
        47244 by: Jason Haar

ANNOUNCE: Qmail-Scanner 0.92 now available
        47246 by: Jason Haar

Unable to connect to SMTP
        47247 by: Stephen Bosch
        47248 by: Ricardo Cerqueira
        47249 by: Ihnen, David
        47251 by: Ricardo Cerqueira
        47252 by: Dale Miracle
        47259 by: Stephen Bosch

masquerading internal adress for external mail
        47250 by: Davide Giunchi

qmail-scanner and perlmx (was Re: perlmx for qmail?)
        47253 by: sen_ml.eccosys.com
        47255 by: Jason Haar
        47257 by: sen_ml.eccosys.com

Problems with LWQ Install
        47254 by: Larry Masters

yahoo messages
        47256 by: kamal_batra.netwala.com
        47258 by: Alexander Pennace

supposed output of qmail's sendmail wrapper?
        47260 by: FCP Wong
        47261 by: markd.bushwire.net
        47262 by: FCP Wong
        47275 by: FCP Wong

Re: dot-qmail and pipe not working properly and MAGIC(?)
        47263 by: Thomas Duterme

forward help
        47264 by: Alan Chung
        47269 by: sen_ml.eccosys.com

seperating incoming and outgoing mail server
        47265 by: reach_prashant.zeenext.com
        47267 by: Alexander Pennace
        47268 by: reach_prashant.zeenext.com
        47270 by: Alexander Pennace
        47271 by: reach_prashant.zeenext.com
        47272 by: Alexander Pennace

Pop3 for qmail
        47276 by: Wong Chin Shin
        47277 by: Brett Randall

sendmail wrapper not working
        47278 by: FCP Wong

About SSL with qmail
        47280 by: sum2038

Administrivia:

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To bug my human owner, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        [EMAIL PROTECTED]


----------------------------------------------------------------------



Bruce Guenter wrote:
> 
> On Fri, Aug 18, 2000 at 04:38:40PM +0200, Lars Pfuhl wrote:
> > qmail-queue   -rws--x--x qmailq qmail  <-- this is now my shell-script
> > qmail-queue-old  -rws--x--x qmailq qmail <-- the original qmail-queue
> 
> Shell scripts must be readable by the userid that is trying to execute
> them.  The wrapper script also does not need to be (and should not be
> for security reasons) setuid.  Make qmail-queue mode 755 instead of 4711.
> --
> Bruce Guenter <[EMAIL PROTECTED]>                       http://em.ca/~bruceg/

Now it works. The problem weren't the permissions.
In the README stands that you have to change only the CFLAGS-line of
the Makefile if you don't use the QMAILQUEUE-patch.
But you also have to edit the line above.

Lars

Hi Bruce,

Bruce Guenter wrote:
> 
> On Fri, Aug 18, 2000 at 04:38:40PM +0200, Lars Pfuhl wrote:
> > qmail-queue   -rws--x--x qmailq qmail  <-- this is now my shell-script
> > qmail-queue-old  -rws--x--x qmailq qmail <-- the original qmail-queue
> 
> Shell scripts must be readable by the userid that is trying to execute
> them.  The wrapper script also does not need to be (and should not be
> for security reasons) setuid.  Make qmail-queue mode 755 instead of > 4711.

Thanks for helping me.
I changed it but it doesn't work.

1. Is it o.k. that the owner of the shell-script is qmailq?
Now I have:
qmail-queue  -rwxr-xr-x  qmailq qmail  <-- this is my shell-script
qmail-queue-old  -rws--x--x  qmailq qmail  <-- the original
qmail-queue

2. Is the shell-script o.k.?
I have:
#!/bin/sh
exec /var/qmail/bin/qmail-filter /var/qmail/bin/my-filter

3. Who must be the owner of my-filter, root or qmailq (I tried qmailq
and root but it doesn't work, the permissions are 755) ?

4. My error code is now (after I changed some things):
qq write error or disk full (#4.3.0)

5. I give you the perl script (it works but sometimes you don't know):
#!/usr/bin/perl -w

while (<>) {
  s/Lars/Lars Pfuhl/;
  print
}

I hope anyone has an idea.
Thanks in advance!

Lars

thx for your advice,
 I chose to rebuild from scratch.
 and now it work well.

regards.
yusuf

On Mon, 21 Aug 2000, Ronny Haryanto wrote:

> On 21-Aug-2000, Muhammad Yusuf wrote:
> > I've just upgraded FreeBSD,from 2.2.8 to 4.0
> >  qmail : number ****** warning : unable to stat mess/2/54029
> 
> Your queue is probably corrupt. qmail uses the inode information from
> the filesystem to build the queue dir structure, so you can't simply
> move the queue directory (or do anything that changes the inode
> numbers).
> 
> Either fix the queue structure (look for a program to do this in
> qmail.org) or rebuild it from scratch (you most likely will lose mails
> in the queue).
> 
> Ronny
>

Hi All...I have an interesting situation.

I currently have a ~alias/.qmail-default with:
| forward "$LOCAL"@mail.hillsong.com
which forwards e-mail that bounces locally onto another host
(mail.hillsong.com)
HOWEVER I also want to run fastforward at the same time. That is, I want the
functionality of /etc/aliases for a global aliases file, but I want any
e-mail that can't be delivered locally to be forwarded to mail.hillsong.com

SO does anyone know how I can have both of these operations at once? Does
fastfoward have a similar 'if delivery doesn't work, do this' functionality?
It really would be much easier for me and my other admins to use one aliases
file rather than many empty ~alias/.qmail-user files...

Thanks!

/BR

Manager
InterPlanetary Solutions
http://ipsware.com/

"Brett Randall" <[EMAIL PROTECTED]> wrote:

>SO does anyone know how I can have both of these operations at once? Does
>fastfoward have a similar 'if delivery doesn't work, do this' functionality?
>It really would be much easier for me and my other admins to use one aliases
>file rather than many empty ~alias/.qmail-user files...

Read the fine fastforward man page. The pass through ("-p") option
will do exactly what you want. E.g.:

  | fastforward -pd /etc/aliases.cdb
  | forward "$LOCAL"@mail.hillsong.com

-Dave


I'm working on a similar situation. I had tried what Dave suggested and it
worked as documented. However, I need to be able to actually relay messages
that don't match an alias (ie. don't rewrite the recipient address).

My normal config:

I have my qmail box acting as my primary MX and behind that sits my Domino
server running SMTP. My rcpthosts has:
kendle.com

My smtproutes has:
kendle.com:mail.kendle.com

locals has only the machine itself.

So any message for kendle.com is relayed to mail.kendle.com (the Domino
server), which accepts messages for recipients @kendle.com.

Here's what I tried:

I put kendle.com in locals and used a .qmail-default like this:

| fastforward -p /etc/aliases.cdb
| forward "$LOCAL"@mail.kendle.com

messages are forwarded to [EMAIL PROTECTED] instead of [EMAIL PROTECTED]

 If I use:

| fastforward -p /etc/aliases.cdb
| forward "$LOCAL"@kendle.com

the message just loops because qmail-send thinks that kendle.com is local.
I know it's sort of nitpicky, but I need messages to be processed through
fastforward and be relayed to the next server with the recipient address of
[EMAIL PROTECTED] if no match is found.

Any ideas?

Thanks,
Josh

Hi Josh,

I knew I did not write this up in vain. ;^) This is part of a mail I sent
to the list a while ago, you can get it from the archive if you want to
see the orig.

AFAIK you have two instances of qmail to do this. If anyone knows how to
do this with one instance please post the solution....

-Tony

quepasa.com Email system:

NOTE: The reference to "foo.fake" below is a literal reference, I use
"foo.fake" for a strictly internal virtualhost/smtproute setup.

Principle problems (background only):

] we have outsourced our web customer email system, so
[EMAIL PROTECTED] is a customer, and has to be delivered to
criticalpath.net (cp.net).

] we have also propagated [EMAIL PROTECTED] as employees email
addresses, which should be delivered locally.

] when you out-source with cp.net they want you to point your domain MX
record at them:
        quepasa.com.     IN      MX 10 inbound.quepasa.com.criticalpath.net.

I was not willing to do that for several reasons:
        ] if cp is down, external email does not come through.
        ] I did not want to have to configure filters and forwards at
        cp.net so all employee mail did the right thing.
        ] as a business continuity measure, I wanted to control the
        mail flow. If we needed/wanted to change email providers, I
        can make the routing change in one qmail file.

] when delivering to cp.net the mail *MUST* be to [EMAIL PROTECTED]
(cp's restriction not mine). I learned the hard way that:
         [EMAIL PROTECTED]
will not work.

The solution is obvious, accept mail at a central box
(mailx.quepasa.com) for [EMAIL PROTECTED], if:

  a.] the mail user is an employee, send it along to a bastion host
  for delivery inside quepasa.com.

  b.] if not send it off to [EMAIL PROTECTED] at cp.net. (i.e. SMTP
  connect is to inbound.quepasa.com.criticalpath.net, RCPT
To:<[EMAIL PROTECTED]>)

The problem comes up at b. the mail has already been delivered to
quepasa.com, if you attempt a forward like.
        |forward $[EMAIL PROTECTED]
with a smtproute entry like:
        quepasa.com:inbound.quepasa.com.criticalpath.net
The smtproute never seems (???) to be consulted, and it fails as a looping
mail.

I tried fooling around with virtual domains and header rewriting, but
it came down to this, (AFAIK) a qmail machine that receives mail
addressed to [EMAIL PROTECTED], will never again deliver it to
[EMAIL PROTECTED]

That left me with one solution another instance of qmail. I did not
want to run it on the same machine, different port. I loaded another box.

Brief description of mail flow:

] mail for [EMAIL PROTECTED] comes in to mailx.quepasa.com,

if
  jane is an employee, deliver mail according to fastforward based
/etc/aliases rule.
else
  forward mail to "[EMAIL PROTECTED]"
done

There is a smtproute for foo.fake to pair.quepasa.com.

pair.quepasa.com accepts the mail for virtual domain foo.fake, then
forwards it [EMAIL PROTECTED] pair.quepasa.com had a smtproute that
sends all quepasa.com mail to inbound.quepasa.com.criticalpath.net.

Pair's entire function is to change mail that comes in as
[EMAIL PROTECTED], back to a clean quepasa.com address.

On Wed, 23 Aug 2000 [EMAIL PROTECTED] wrote:

> 
> I'm working on a similar situation. I had tried what Dave suggested and it
> worked as documented. However, I need to be able to actually relay messages
> that don't match an alias (ie. don't rewrite the recipient address).
> 
> My normal config:
> 
> I have my qmail box acting as my primary MX and behind that sits my Domino
> server running SMTP. My rcpthosts has:
> kendle.com
> 
> My smtproutes has:
> kendle.com:mail.kendle.com
> 
> locals has only the machine itself.
> 
> So any message for kendle.com is relayed to mail.kendle.com (the Domino
> server), which accepts messages for recipients @kendle.com.
> 
> Here's what I tried:
> 
> I put kendle.com in locals and used a .qmail-default like this:
> 
> | fastforward -p /etc/aliases.cdb
> | forward "$LOCAL"@mail.kendle.com
> 
> messages are forwarded to [EMAIL PROTECTED] instead of [EMAIL PROTECTED]
> 
>  If I use:
> 
> | fastforward -p /etc/aliases.cdb
> | forward "$LOCAL"@kendle.com
> 
> the message just loops because qmail-send thinks that kendle.com is local.
> I know it's sort of nitpicky, but I need messages to be processed through
> fastforward and be relayed to the next server with the recipient address of
> [EMAIL PROTECTED] if no match is found.
> 
> Any ideas?
> 
> Thanks,
> Josh
> 

-- 
Tony Hansmann ([EMAIL PROTECTED])
Director of Technical Services
Quepasa.com, INC.
602-716-0100

> the message just loops because qmail-send thinks that kendle.com is local.
> I know it's sort of nitpicky, but I need messages to be processed through
> fastforward and be relayed to the next server with the recipient
> address of
> [EMAIL PROTECTED] if no match is found.
>
> Any ideas?

OK I have spent all day pondering over ideas because I know I will be asked
one day 'why does it say e-mails are getting sent to [EMAIL PROTECTED]
instead of [EMAIL PROTECTED]?' so I better fix it now...

My idea (which I am going to try implementing this weekend not during week
when ppl are working :> ) so I don't know if it will work but it is an idea
anyway...

~alias/.qmail-default:
| fastforward -pd /etc/aliases.cdb
./Other/

Then a cron job every 5 minutes that runs maildir2smtp (part of the
serialmail package) on that ~/alias/Other maildir (might want to run the
e-mails through a perl or sed regex to get rid of the Delivered-to: line) to
pass it on to another relay.

Other thing I can think of (if two *nix boxes available) is have a NFS share
(rw) on the machine you WANT to relay the messages to. Mount this share on
the machine which is receiving the mail that you want to relay/forward on.
Have them delivered to a Maildir on that share (same as above), and run a
cron job on the machine that WILL process them properly (say every 5 minutes
again), which runs a script to go to each file in the Maildir and
qmail-inject it into the queue. I've had to do this before (I have a small
perl script to do it but it isn't hard to make one up...), and it worked
fine then. Different circumstances, however.

Hope this is less complex than Tony's suggestion. Tony's makes sense, but I
don't have the time for that...an extra addition to .qmail-default and a
cron job seems easy and relatively efficient to me... Let me know what you
think!

/BR

Manager
InterPlanetary Solutions
http://ipsware.com/

Hi all,

I have a problem which I've been banging my head against.  I have a .qmail
alias file set up as follows:

cat .qmail-unsubscribe_education
unsubscribe

in /home/unsubscribe/.qmail, I have:
./Maildir/
| /home/unsubscribe/MagazineUnsubscribe.py >> /home/unsubscribe/unsub.log

Now, the weird thing is that qmail won't pass the mail to stdin like it
should (executing the second line of my .qmail...passing the mail to my
python script).  I have tried: changing the ownership of the .py script (to
alias and the grp to qmail) and it still won't work.  Any answers here?

Also, in my Maildir, I eventually get multiple copies of this email. I
believe this problem is somehow related, but I've been banging my head on
the keyboard too much to see how.  Any help or ideas appreciated.

TIA,
Tom

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 23 Aug 2000, at 23:40, Thomas Duterme wrote:

> Now, the weird thing is that qmail won't pass the mail to stdin like
> it should (executing the second line of my .qmail...passing the mail
> to my python script).  I have tried: changing the ownership of the .py
> script (to alias and the grp to qmail) and it still won't work.  Any
> answers here?

What do the logs say(tm)?

> Also, in my Maildir, I eventually get multiple copies of this email. I
> believe this problem is somehow related, but I've been banging my head
> on the keyboard too much to see how.  Any help or ideas appreciated.

It looks like your Python script fails (returns an error code); 
therefore, the delivery is retried later. The logs will tell you more.

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOaPmEVMwP8g7qbw/EQKbgACgln+8uFyktcfKePc2idrd9FCugfMAn0rb
GsbQqBifL2zb3jMPbdXj/ARp
=1myA
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
                                                             [Tom Waits]

On Wed, Aug 23, 2000 at 11:40:21PM +0800, Thomas Duterme wrote:

> cat .qmail-unsubscribe_education
> unsubscribe
> 
> in /home/unsubscribe/.qmail, I have:
> ./Maildir/
> | /home/unsubscribe/MagazineUnsubscribe.py >> /home/unsubscribe/unsub.log
> 
> Now, the weird thing is that qmail won't pass the mail to stdin like it
> should (executing the second line of my .qmail...passing the mail to my
> python script).  I have tried: changing the ownership of the .py script (to
> alias and the grp to qmail) and it still won't work.  Any answers here?
> 
> Also, in my Maildir, I eventually get multiple copies of this email. I
> believe this problem is somehow related, but I've been banging my head on
> the keyboard too much to see how.  Any help or ideas appreciated.

What Do the Logs Say? (tm)

Seriously, the logs will include the error message returned by your no
doubt broken Python script.  qmail most certainly did provide it the
message on stdin.  You are getting multiple messages because the message
is being deferred because the script is failing.  When it retries, it
retries the entire delivery, including the ./Maildir/ part.

Ben

-- 
Ben Beuchler                                         [EMAIL PROTECTED]
MAILER-DAEMON                                         (612) 321-9290 x101
Bitstream Underground                                   www.bitstream.net

 Hi I saw U had posted some query about qmail-etrn, did happen to get a
 break thru, as am having the same prob. how did U go about it?
 Eric
 Am using the latest version of qmail and I get an error that states
 Could'nt exec qmail-etrn when I run etrn on my port 25
 



Systems Engineer 
 Infocom (U) LTD.
 Tel:0077409672
 
 Behind Every Great Network Is a Protocol

On Mon Aug 21, 2000 at 10:00:37AM +0200, Gerrit Pape wrote:

> On Fri, Aug 18, 2000 at 10:21:53AM -0600, Vincent Danen wrote:
> > change (once I get DJB's blessing I hope!).  The following packages are
> > part of the package:
> > 
> > qmail-1.03-7mdk.i386.rpm
> > daemontools-0.70-3mdk.i386.rpm
> > dot-forward-0.51-2mdk.i386.rpm
> > fastforward-0.51-2mdk.i386.rpm
> > ucspi-tcp-0.88-3mdk.i386.rpm
> >
> Hello Vincent,
> 
> I did not look at Your packages yet, but three things:
> 
> o http://cr.yp.to/qmail/var-qmail.html says:
>   > A var-qmail package does not set up qmail to receive and deliver mail. A
>   > user has to follow the instructions in
>   > /var/qmail/doc/fastforward/ALIASES and in /var/qmail/doc/INSTALL starting at
>   > step 9:
>   I do not see a qmail-run rpm, it seems, the qmail-packages sets up qmail
>   as MTA.

I'll have to look at this again...  Maybe I misunderstood something. 
Changing the name of the RPM is no big deal.  And yes, it does set it
up as MTA.

> o You included man-pages in daemontools and ucspi-tcp packages. Put them in
>   extra packages.

Why?  Are there licensing issues with daemontools and ucspi-tcp that
prevent me from distributing manpages with it?  If there are, I'll
definately do it, but if there aren't, then I don't see why I should
make someone install two extra RPMs just for manpages (seems kinda
silly to me).

> o there allready are qmail rpms?

Not for Mandrake and not in binary form.  I've used Bruce's RPM package
before and although it works great, it's not something that can be
installed without interaction like during a fresh system install off of
a CD-ROM (which is ultimately the aim here).

-- 
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
// Danen Consulting Services    www.danen.net, www.freezer-burn.org
// MandrakeSoft, Inc.           www.linux-mandrake.com
1024D/FE6F2AFD   88D8 0D23 8D4B 3407 5BD7  66F9 2043 D0E5 FE6F 2AFD

Current Linux uptime: 1 day 8 hours 37 minutes.


  Hi,

     I'm looking for script to select two (or more) different
     checkpoppasswds. Does anyone use it? Could you sent me that
     script or location where I can find it, please?

-- 
Regards,

                  Jan Stanik

Jan Stanik
[EMAIL PROTECTED]

> Just out of curiosity: is there an obvious reason that I'm missing that
> a custom app would send out mail faster than qmail?

This is an experment, I don't know what effect it will have.  My
understanding is that currently:
    1) My Program fork/execs qmail-inject and sends it the letter over a
pipe
    2) qmail-inject fork/execs qmail-queue and sends it the letter over a
pipe
    3) qmail-queue writes the letter to disk
    4) qmail-send sees the message on disk and sends a command to the
running qmail-rspawn.
    5) qmail-rspawn fork/execs qmail-remote and reads the letter from disk
and sends the it over a pipe
    6) qmail-remote sends the message

I have no doubt that qmail is very robust because of this mechanism and I
fully intend on relying on it to handle anything that fails my first
attempt.

> Perhaps something else is the bottleneck.  What kind of
> hardware/connection/filesystem are you running?  Have you applied all
> the high-volume patches?

Currently I get around 50 K emails per hour on a PIII 650 with 512MB ram and
dual IDE hard disks (one dedicated to qmail) running RedHat Linux 6.2.

I have applied the patch to allow more that 250 remotes (I currently run 400
remotes). I have applied the "Big Todo" patch and compiled with conf-split
set to 251.

Are there other high volume patches?

At this point we are running 6 outbound qmail servers and they can pretty
much saturate our 10Mbit pipe (minus about 30% for other traffic).  Right
now we are looking to expanding the pipe and I want to see if I can up the
capacity without adding more boxes.

> You must not have the manpages installed on your system.  I can send
> them to you if you like...

I found the man pages but they were fairly specific to individual function
and I need an overview.  Actually I found a chapter in the ORielly "DNS and
Bind" book that should help.

Bryan White <[EMAIL PROTECTED]> writes on 23 August 2000 at 09:35:55 -0400
 > > Just out of curiosity: is there an obvious reason that I'm missing that
 > > a custom app would send out mail faster than qmail?
 > 
 > This is an experment, I don't know what effect it will have. 

It's been frequently discussed, and the gurus think it sounds like the
winning strategy for mass delivery of different messages.  I agree
with them.

 > My
 > understanding is that currently:
 >     1) My Program fork/execs qmail-inject and sends it the letter over a
 > pipe
 >     2) qmail-inject fork/execs qmail-queue and sends it the letter over a
 > pipe
 >     3) qmail-queue writes the letter to disk
 >     4) qmail-send sees the message on disk and sends a command to the
 > running qmail-rspawn.
 >     5) qmail-rspawn fork/execs qmail-remote and reads the letter from disk
 > and sends the it over a pipe
 >     6) qmail-remote sends the message
 > 
 > I have no doubt that qmail is very robust because of this mechanism and I
 > fully intend on relying on it to handle anything that fails my first
 > attempt.

And you also noticed both the number of forks, and the number of
filesystem synchs (and hence actual physical disk IO) required in this
process, I guess.

The elegant approach seems to me to be to use qmqpc to queue the
messages needing queueing, probably on your normal mail server (and
run the generation and direct sending on dedicated boxes).
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]

On Tue, Aug 22, 2000 at 05:36:52PM -0400, Bryan White wrote:
> My problem is doing the DNS lookups.  I have not found any good
> documentation on the process at the 'C' level.  I have stared at
> qmail-1.03/dns.c for a couple hours now.  This code is rather sparse on
> comments.

A suggestion, so that you don't reinvent the wheel if you don't need to;
give the message directly to qmail-remote? It alreadys knows how to
deliver remote messages and has a (apparently) well documented
interface. man qmail-remote.


Regards,

james
-- 
James Raftery (JBR54)  -  Programmer Hostmaster  -  IE TLD Hostmaster
   IE Domain Registry  -  www.domainregistry.ie  -  (+353 1) 706 2375
  "Managing 4000 customer domains with BIND has been a lot like
   herding cats." - Mike Batchelor, on [EMAIL PROTECTED]

Bryan White wrote:
> 
> Sorry if this is a little off topic.
> 
> I am trying to speed up my outbound mail.  I am running a set of ezines and
> we are currently sending around 3 million emails per day.  Currently I have
> a process that envokes qmail-inject for each message.  I am thinking of
> doing a first attempt delivery inside my program and only if that fails,
> hand it off to qmail-inject.

Just out of curiosity: is there an obvious reason that I'm missing that 
a custom app would send out mail faster than qmail?

Perhaps something else is the bottleneck.  What kind of 
hardware/connection/filesystem are you running?  Have you applied all 
the high-volume patches?

[snip.]
> Can anybody point me to some online or in print sources of information on
> the subject.  I am in particular looking for documented examples of the
> res_query, res_search, snf dn_expand functions and the related data
> structures.

You must not have the manpages installed on your system.  I can send 
them to you if you like...

Eric

> And you also noticed both the number of forks, and the number of
> filesystem synchs (and hence actual physical disk IO) required in this
> process, I guess.

Correct me if I'm wrong, but I believe that on any unix system, the file
system cache allows process B to access data written by process A regardless
of whether or not a physical disk synchronization has taken place.  The
actual write-to-disk is unimportant, as the file cache already knows what
that file contains.  It would be wasteful to access the disk for data
already in cache, where it was put by process A's write.

David

Ihnen, David <[EMAIL PROTECTED]> writes on 23 August 2000 at 09:57:43 -0700
 > > And you also noticed both the number of forks, and the number of
 > > filesystem synchs (and hence actual physical disk IO) required in this
 > > process, I guess.
 > 
 > Correct me if I'm wrong, but I believe that on any unix system, the file
 > system cache allows process B to access data written by process A regardless
 > of whether or not a physical disk synchronization has taken place.  The
 > actual write-to-disk is unimportant, as the file cache already knows what
 > that file contains.  It would be wasteful to access the disk for data
 > already in cache, where it was put by process A's write.

I believe that to be true; but when the process does an fsync, it is
blocked until the write to disk has been reported complete.  
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]

Bryan White <[EMAIL PROTECTED]> wrote:
> 
> Currently I get around 50 K emails per hour on a PIII 650 with 512MB ram and
> dual IDE hard disks (one dedicated to qmail) running RedHat Linux 6.2.
> 
> I have applied the patch to allow more that 250 remotes (I currently run 400
> remotes). I have applied the "Big Todo" patch and compiled with conf-split
> set to 251.
> 
> Are there other high volume patches?
> 
> At this point we are running 6 outbound qmail servers and they can pretty
> much saturate our 10Mbit pipe (minus about 30% for other traffic).  Right
> now we are looking to expanding the pipe and I want to see if I can up the
> capacity without adding more boxes.

You might seriously want to consider upgrading your disk subsystem; a RAIDed
10k RPM SCSI setup can sustain much higher disk bandwidth than a single
IDE disk.  If network bandwidth isn't the limiting factor, many people find
the most likely bottleneck to be disk bandwidth for the queue.

Charles
-- 
--------------------------------------------------------------
Charles Cazabon                           <[EMAIL PROTECTED]>
QCC Communications Corporation                   Saskatoon, SK
My opinions do not necessarily represent those of my employer.
--------------------------------------------------------------

Eric Cox <[EMAIL PROTECTED]> writes on 22 August 2000 at 22:47:43 -0700
 > 
 > 
 > Bryan White wrote:
 > > 
 > > Sorry if this is a little off topic.
 > > 
 > > I am trying to speed up my outbound mail.  I am running a set of ezines and
 > > we are currently sending around 3 million emails per day.  Currently I have
 > > a process that envokes qmail-inject for each message.  I am thinking of
 > > doing a first attempt delivery inside my program and only if that fails,
 > > hand it off to qmail-inject.
 > 
 > Just out of curiosity: is there an obvious reason that I'm missing that 
 > a custom app would send out mail faster than qmail?

Yes; if you can skip the step of writing to the queue, you save
considerable disk IO and a fork or two.  Since something vaguely like
90% of deliveries succeed on the first try, it's been frequently
suggested that trying a delivery before queueing would be a winning
strategy.  So, it's not that the custom app would deliver faster than
qmail; it's that it might win to try delivering before queueing, and
only queue if the first delivery attempt fails.
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]

Hi, Gjermund

Thanks for your offer to help me, Chris led me in his postiong to an
existing package which fits exactly my needs.

> Today, my server has roughly one million mail accounts and my current
> password authentication scheme is a bit more sophisticated,
> but that's another story.

If you have time I would greatly appreciate to hear a few lines about it. I
won't have any need the next years for this (I hope ;-) but anyway I really
would like to know what comes after a password database. No description how
(for me ;-) but if you like a few words what.

thanks

> Gjermund Sorseth

Clemens

Gjermund Sorseth <[EMAIL PROTECTED]> writes:

>   Clemens Hermann" <[EMAIL PROTECTED]> writes:
>   > Now my question: how many users can be kept within a text passord
>   > file until it gets slow?
> 
> In my experience, about 10000 but it probably varies. I ran into that
> limit a few years back and made a C library package as described above
> that I can probably make available if you like.

We've got servers with 1,200,000 users in /etc/passwd and they still
work fine. But we'll probably switch that setup before the passwd gets
much larger than this...

-- 
"I live in the heart of the machine. We are one."

>  >  Clemens Hermann" <[EMAIL PROTECTED]> writes:
>  >  > Now my question: how many users can be kept within a text passord
>  >  > file until it gets slow?
>  > 
>  > Gjermund Sorseth replies:
>  > In my experience, about 10000 but it probably varies.
>
>  Jenny Holmberg <[EMAIL PROTECTED]> replies:
>  We've got servers with 1,200,000 users in /etc/passwd and they still
>  work fine. But we'll probably switch that setup before the passwd gets
>  much larger than this...

I should have added that my number of 10000 comes from the days before
some vendors added caching, like Sun with their nscd program. With
these new schemes the number can be much higher, but programs
like nscd introduce other problems and I recomend against using them
when the number of /etc/passwd entries gets very very large.

Gjermund Sorseth

Gjermund Sorseth <[EMAIL PROTECTED]> writes:

> I should have added that my number of 10000 comes from the days before
> some vendors added caching, like Sun with their nscd program. With
> these new schemes the number can be much higher, but programs
> like nscd introduce other problems and I recomend against using them
> when the number of /etc/passwd entries gets very very large.

This is true. Updating passwd on servers with more than a million
entries generally requires shutting qmail while nscd updates itself.
On one occasion, when I neglected to do so, I saw a server load of
above 250... So, yes, we're moving over to another scheme before the
passwd file grows much larger. Somewhere around 2 million entries
seems to be the limit for our system, running Solaris 2.6 (yes,
upgrade to 8 is in the works...) on various types of Sun Ultras. 

-- 
"I live in the heart of the machine. We are one."

Hi,

thanks to anybody who helped me this time. Finally I chose Chris' suggestion
because it was exactly what I needed and what ran out of the box with my
existing setup

By the way, I think now it is time to point out that I am really thankful
for the great help I received from many of you during the last weeks. I am
no Linux crack at all, I simply tried to set up a small webserver for a few
pages. Everything worked fin - except sendmail. I read two books about
sendmail and finally when I was trying to solve a relay problem I left
sendmail. I found the qmail webpage and tried to install it. Dave's LWQ
helped me a lot but without the help of you nothing would work now. The
first days with qmail were a bit frustrating, because I had some little
difficulties with te source installation and I made a typing error in one
script Dave suggested. In any case - when I asked for help here there was
not just one answer but alwas several. Any of them very detailled and
understandable for me. When I had an error I did not find, one of you loged
in my machine and led me to the error.
Now I have running qmail for a few days and I am really glad to have don the
step of switching to qmail. qmail is the package I really love on my server.
Although it runs really perfect now from any point of view I spend some time
in reading webpages aboput add ons and patches every day and my qmail
grows - every day a little bit.

Thanks again my friends thanks for all your great help.

Clemens

Hi all,
        Anyone using blackmail with qmail?  I am having problems getting this to
work.  When ever I turn it on, it stops incomming email.
vav

I'm unable to resolve and DNS queries against the CR.YP.TO domain.
Running doc(1) against it shows timeouts with all of the top
level servers:

    % doc cr.yp.to.
    Doc-2.1.1: doc cr.yp.to.
    Doc-2.1.1: Starting test of cr.yp.to.   parent is yp.to.
    Doc-2.1.1: Test date - Wed Aug 23 09:39:59 EDT 2000
    ;; res_send to server a.ns.yp.to.  131.193.178.181: Connection timed out
    DIGERR (UNKNOWN): dig @a.ns.yp.to. for SOA of parent (yp.to.) failed
    ;; res_send to server b.ns.yp.to.  131.193.178.181: Connection timed out
    DIGERR (UNKNOWN): dig @b.ns.yp.to. for SOA of parent (yp.to.) failed
    WARNING: No servers for yp.to. returned SOAs ...
    ;; res_send to server ns1.iafrica.com.  196.7.0.139: Connection timed out
    DIGERR (UNKNOWN): dig @ns1.iafrica.com. for NS of cr.yp.to. failed
    ;; res_send to server a.ns.yp.to.  131.193.178.181: Connection timed out
    DIGERR (UNKNOWN): dig @a.ns.yp.to. for SOA of cr.yp.to. failed
    ;; res_send to server b.ns.yp.to.  131.193.178.181: Connection timed out
    DIGERR (UNKNOWN): dig @b.ns.yp.to. for SOA of cr.yp.to. failed
    SYSerr: No servers for cr.yp.to. returned SOAs ...
    Summary:
       YIKES: doc aborted while testing cr.yp.to.  parent to.
       WARNINGS issued for cr.yp.to. (count: 1)
       Incomplete test for cr.yp.to. (3)
    Done testing cr.yp.to.  Wed Aug 23 09:41:19 EDT 2000

Is this problem being experienced by others on this list too?
I can't get to any of DJB's web sites because of this.

--curtis
p.s. yes I know this list runs on a cr.yp.to host... so you may
not get this email until after the problem is resolved.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 23 Aug 2000, at 9:46, Curtis Generous wrote:

> Is this problem being experienced by others on this list too?

Yep; both a.ns.yp.to and b.ns.yp.to were inaccessible (traceroute 
ended on a border router of UIC).

> p.s. yes I know this list runs on a cr.yp.to host... so you may
> not get this email until after the problem is resolved.

Exactly. :-)

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOaPzqFMwP8g7qbw/EQKMYgCg4yOVLmv+uweFX800+qN04wVLsykAn2/E
uHvWWgilXQ2Xe7ZmZJ/IUWgZ
=GpFB
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
                                                             [Tom Waits]

On Wed, Aug 23, 2000 at 09:46:15AM -0400, Curtis Generous wrote:
> I'm unable to resolve and DNS queries against the CR.YP.TO domain.
> Running doc(1) against it shows timeouts with all of the top
> level servers:

http://cr.yp.to/ shows (bottom line) a crash report. I noticed the same
problems today.

Greetz, Peter.
-- 
[ircoper]        [EMAIL PROTECTED] - Peter van Dijk / Hardbeat
[student]        Undernet:#groningen/wallops | IRCnet:/#alliance
[developer]                                _____________
[disbeliever - the world is backwards]    (__VuurWerk__(--*-

On Tue, Aug 22, 2000 at 04:02:01PM -0400, Jason McCormick wrote:
> support users w/o requiring system accounts.  My questions is this: What, 
> if any, Web-based mail clients will work with Maildir?  I looked through 
> the FAQ and Qmail site and didn't see anything that works for me. 

Did you really looked www.qmail.org ? There really are some links
there about webmail and users administration...

2 exmples:

1. use vmailmgr <http://www.vmailmgr.org> with omail-admin <http://omail.omnis.ch> 
  as administration tool, and omail-webmail <http://webmail.omnis.ch?action=about> 
  as... webmail :)

2. or vpopmail with sqwebmail and qmailadmin (url's on qmail.org)

> anyone implemented such a setup?  If so, do you have documentation?

I'm using the first one on a lots of servers...

Good luck,
Olivier

-- 
_________________________________________________________________
 Olivier Mueller - [EMAIL PROTECTED] - PGPkeyID: 0E84D2EA - Switzerland

Hi,


 For the web client, We use IMP at http://www.horde.org which we feel is
superb.

   For multiple users in multiple domains take a look at qmailadmin &
vpopmail from http://www.inter7.com

  This is all excellant software, let me know if you have any questions
about setting this up.

Regards

  Ken

[EMAIL PROTECTED]
[EMAIL PROTECTED]


----- Original Message -----
From: Jason McCormick <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 22, 2000 10:02 PM
Subject: Web Interface for QMail


  Hi everyone, I'm new to Qmail and I'm attempting to get a fully-
functioning service going.  But fully functioning I mean I need to
provide POP3 + SMTP + a web client of some sort.  I also need to support
multiple users in multiple domains.  I was hoping to use the setup
outlined by Paul Gregg in the Single-UID POP3 Box HOWTO to use Maildir to
support users w/o requiring system accounts.  My questions is this: What,
if any, Web-based mail clients will work with Maildir?  I looked through
the FAQ and Qmail site and didn't see anything that works for me.  Has
anyone implemented such a setup?  If so, do you have documentation?

Thanks, Jason McCormick

Hi,

Can IMP use Maildir ?
I've try it but ... the folder doesn't work  ... (It works for mbox only)
How to configure the folders with Maildir ?
Thanks.

~iman

----- Original Message ----- 
From: "mailing" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, August 23, 2000 3:45 AM
Subject: Re: Web Interface for QMail


> Hi,
> 
> 
>  For the web client, We use IMP at http://www.horde.org which we feel is
> superb.
> 
>    For multiple users in multiple domains take a look at qmailadmin &
> vpopmail from http://www.inter7.com
> 
>   This is all excellant software, let me know if you have any questions
> about setting this up.
> 
> Regards
> 
>   Ken
> 
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]

----- Original Message -----
From: "Adam McKenna" <[EMAIL PROTECTED]>
>
> IMP uses IMAP.  If you want it to use Maildir, then you need to run an
IMAPD
> that uses Maildir.
Thanks to Adam.

I use Courier IMAP to implement the Maildir ...
(Maildir only support syntax : a001 create INBOX.test)  -> test is folder's
name

But IMP use PHP built in function like imap_create_folders(...)
I've changed the parameters to support Maildir, but it didn't work ...

IMP implementation use parameter like this : (stream,
{localhost:portno}INBOXtest)
I've change to (stream, {localhost:portno}INBOX.test) or (stream,
INBOX.test)
It still didn't work ...

Nb: It works only if I don't use PHP built in functions, but I must use
'fput' (C function that use stream parameter and the mail parameters).

Someone can explain more to me ...

Thanks.

~iman

Jamie Heilman wrote:
> So the question of the day - has anyone else run into this, and more
> importantly figured out a way around it?  Frankly I think TLS authenticated
> relays would be an incredibly snazzy way to handle roaming users, if only I
> could make it work with the mail clients that would be using it!

Word from Frederik Vermeulen author of the TLS patch is that Outlook
doesn't ever pass a client certificate to the mail server, hence making it
impossible to utilize the relay functionality.  In a word - "damn!"

-- 
Jamie Heilman                               http://wcug.wwu.edu/~jamie/
"Most people wouldn't know music if it came up and bit them on the ass."
                                                        -Frank Zappa

Hello all,

I have ezmlm-idx installed and it seems to have been working.  But
today I set up a new list and when I send to it, it complains in the
log:

Aug 23 11:06:32 area66-1 qmail: 967053992.534602 starting delivery
151: msg 223016 to local [EMAIL PROTECTED]
Aug 23 11:06:32 area66-1 qmail: 967053992.534741 status: local 1/10
remote 0/20
Aug 23 11:06:32 area66-1 qmail: 967053992.671444 delivery 151:
failure:
ezmlm-reject:_fatal:_List_address_must_be_in_To:_or_Cc:_(#5.7.0)/

This is from the second attempt to send the message, whose headers
follow.  The first attempt produced the same result.

> Date: Wed, 23 Aug 2000 10:43:21 -0700
> From: David Benfell <[EMAIL PROTECTED]>
> Subject: <snip>
> To: Snip Snip Snip <[EMAIL PROTECTED]>

To me, it looks like the List address is in the To: field.  Why is it
complaining that it isn't?

-- 
David Benfell
[EMAIL PROTECTED]
ICQ 59438240 [e-mail first for access]
---
There are no physicists in the hottest parts of hell, because the
existence of a "hottest part" implies a temperature difference, and
any marginally competent physicist would immediately use this to
run a heat engine and make some other part of hell comfortably cool.
This is obviously impossible.
                                -- Richard Davisson
 
                                        [from fortune]

PGP signature

I've just installed vpopmail and it's working quite nice.

The only problem I've encountered is with it's method of finding a directory
for a new user.  The concept is good, only 100 users per directory, but when 
it goes to find a new one, after a few thousand users it can get very slow(and 
IO intensive on the box)  I was testing with adding 50,000 users to a domain 
and it took several hours to get to 7000.  If I were to move our user base to 
vpopmail in a single maintence window, it'd take a week or more!  :)

Anyone encountered this and more to the point found a solution?
I'm using version 4.9 of vpopmail.

Greg

On Wed, Aug 23, 2000 at 01:55:52PM -0500, Greg Moeller wrote:

> I've just installed vpopmail and it's working quite nice.

Spiffy.  Although this may be a more appropriate question for the
vpopmail list, not the qmail list.

> The only problem I've encountered is with it's method of finding a
> directory for a new user.  The concept is good, only 100 users per
> directory, but when it goes to find a new one, after a few thousand
> users it can get very slow(and IO intensive on the box)  I was testing
> with adding 50,000 users to a domain and it took several hours to get
> to 7000.  If I were to move our user base to vpopmail in a single
> maintence window, it'd take a week or more!  :)

Try using the '-s' flag to vadduser.  I suspect you are seeing slow
downs from rehashing the cdb file after each new user is added.  The
'-s' flag tells it to not try to recreate the cdb file.  Then when you
are all done, run 'vmkpasswd' and you're all set.  You should see a
significant speed increase.

I created around 6000 accounts in about 15 minutes.  Give or take 5
minutes...

Ben

-- 
Ben Beuchler                                         [EMAIL PROTECTED]
MAILER-DAEMON                                         (612) 321-9290 x101
Bitstream Underground                                   www.bitstream.net


i'm running vpopmail 4.9 with a vadduser .dir-control file locking that i
recently posted the patch to the vckpw mailing list with 237,650 email
accounts under a domain with mysql as the authentication it's working beautifully
at this point

Eric

On Wed, 23 Aug 2000, Greg Moeller wrote:

> I've just installed vpopmail and it's working quite nice.
> 
> The only problem I've encountered is with it's method of finding a directory
> for a new user.  The concept is good, only 100 users per directory, but when 
> it goes to find a new one, after a few thousand users it can get very slow(and 
> IO intensive on the box)  I was testing with adding 50,000 users to a domain 
> and it took several hours to get to 7000.  If I were to move our user base to 
> vpopmail in a single maintence window, it'd take a week or more!  :)
> 
> Anyone encountered this and more to the point found a solution?
> I'm using version 4.9 of vpopmail.
> 
> Greg
> 
> 
>

hi

        I'm looking also for a web interface for qmail, and I'd like it to be
programmed in perl for mod_perl. I'm now looking into WING, wondering if
anyone has tried it with qmails virtual domains ?




martin


Could you help me on how to change my qmail start scripts to use
maildrop as the deliver program?

--------------------------------------------------------------------
Daniel Augusto Fernandes (DAF tm)               [EMAIL PROTECTED]
GCSNet                                    http://www.gcsnet.com.br/
--------------------------------------------------------------------
                     Se voc� n�o encontra
                     o sentido das coisas
                     � porque este n�o
                     se encontra, se cria.
                                   Antoine Saint-Exup�ry

On Tue, Aug 22, 2000 at 09:42:45AM +0200, Olivier M. wrote:
> On Tue, Aug 22, 2000 at 02:51:29PM +0900, [EMAIL PROTECTED] wrote:
> > is there was any interest in developing something like perlmx [1] for
> > qmail?  i presume that to do so, there would need to be hooks w/in
> > qmail itself.
> 
> that would be great to have such filter possiblity, 
> especially in case of vbs-like virus...

Have you checked out Qmail-Scanner (previously known as Scan4Virus)?

http://qmail-scanner.sourceforge.net/

Perl-based qmail-queue replacement that attempts to do what perlmx does -
but with deliberate support for commercial virus scanners.

-- 
Cheers

Jason Haar

Unix/Network Specialist, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417

Qmail-Scanner 0.92 is now available.

See http://qmail-scanner.sourceforge.net/

Qmail-Scanner, (also known as scan4virus) is an addon that enables a Qmail
Email server to scan all gatewayed Email for certain characteristics. It is
typically used for its anti-virus protection functions, in which case it is
used in conjunction with commercial virus scanners. but also enables a site
to react to Email (at a server/site level) that contains specific strings in
particular headers, or particular attachment filenames or types (e.g. *.VBS
attachments). It also can be used as an archiving tool for auditing or
backup purposes. Qmail-Scanner is integrated into the mail server at a lower
level than some other Unix-based virus scanners, resulting in better
performance. It is capable of scanning not only locally sent/received Email,
but also Email that crosses the server in a relay capacity.

Features

   * Uses any commercial Unix command-line virus scanner.
   * Can call more than one virus scanner for each mail message
   * Has its own internal scanner that can be used to pick up viruses
     for which commercial scanner updates are not yet available
   * The internal scanner can also be used to block attachment types, or
     Email with certain Email headers... Need to stop *.mp3 files or
     "Subject: ILOVEYOU" Email getting onto and off your LAN -
     can do! :-)
   * Auto-detects Email from "postmaster"-style and mailing-list addresses -
     and doesn't send virus reports to them (i.e. attempts to act more like
     a responsible net citizen)
   * Each message is tagged via a new Received: header with a virus report     
     showing whether it is clean or not and virus scanner version
     numbers/etc
   * Messages with viruses are moved into a "maildir" mail folder for later
     perusal by the appropriate staff
   * Can optionally add a descriptive header: X-QmailScan to every Email
     that passes through the system to allow users to see that a scanner has
     run over their messages
   * Can archive all processed Email into an archive directory. Useful when
     debugging Email-based apps, for backup purposes and for audit policy
     reasons.
          
See http://qmail-scanner.sourceforge.net/

-- 
Cheers

Jason Haar

Unix/Network Specialist, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417


I have just added a new user who uses an AT&T dialup account that is
typically assigned an address in the 12.72. range. I have added this range
to my tcprules file.

Below is the exact content of tcprules:

209.115.249.:allow,RELAYCLIENT=""
12.72.:allow,RELAYCLIENT=""
192.168.:allow,RELAYCLIENT=""
127.0.0.1:allow,RELAYCLIENT=""
:allow

For some reason, however, this person can't connect - not even with telnet
to port 25 (it tells her that her connection failed). She can telnet
normally, however.

What else should I be looking for? /etc/hosts.deny and /etc/hosts.allow do
not contain any addresses, either.

Thanks,

Stephen

Can that person connect to any other SMTP servers from AT&T?
Many ISPs block all outgoing SMTP connections except those coming from 
their own servers.

RC

On Wed, Aug 23, 2000 at 06:21:15PM -0600, Stephen Bosch wrote:
> 
> I have just added a new user who uses an AT&T dialup account that is
> typically assigned an address in the 12.72. range. I have added this range
> to my tcprules file.
> 
> Below is the exact content of tcprules:
> 
> 209.115.249.:allow,RELAYCLIENT=""
> 12.72.:allow,RELAYCLIENT=""
> 192.168.:allow,RELAYCLIENT=""
> 127.0.0.1:allow,RELAYCLIENT=""
> :allow
> 
> For some reason, however, this person can't connect - not even with telnet
> to port 25 (it tells her that her connection failed). She can telnet
> normally, however.
> 
> What else should I be looking for? /etc/hosts.deny and /etc/hosts.allow do
> not contain any addresses, either.
> 
> Thanks,
> 
> Stephen
> 
> 

-- 
+-------------------
| Ricardo Cerqueira  
| PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 DB 28 DE 03 42 
| Novis  -  Engenharia ISP / Rede T�cnica 
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701

PGP signature

Do you have any idea what the reasoning/legality for that is?

If my personal mail.com mail transmittals stopped working, I would be pretty
upset at being denied access to a legitimate service!  They shouldn't be
able to restrict me to having their mail server process all my e-mail!

David

> -----Original Message-----
> From: Ricardo Cerqueira [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 23, 2000 5:52 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Unable to connect to SMTP
> 
> 
> Can that person connect to any other SMTP servers from AT&T?
> Many ISPs block all outgoing SMTP connections except those 
> coming from 
> their own servers.
> 
> RC
> 
> On Wed, Aug 23, 2000 at 06:21:15PM -0600, Stephen Bosch wrote:
> > 
> > I have just added a new user who uses an AT&T dialup account that is
> > typically assigned an address in the 12.72. range. I have 
> added this range
> > to my tcprules file.
> > 
> > Below is the exact content of tcprules:
> > 
> > 209.115.249.:allow,RELAYCLIENT=""
> > 12.72.:allow,RELAYCLIENT=""
> > 192.168.:allow,RELAYCLIENT=""
> > 127.0.0.1:allow,RELAYCLIENT=""
> > :allow
> > 
> > For some reason, however, this person can't connect - not 
> even with telnet
> > to port 25 (it tells her that her connection failed). She can telnet
> > normally, however.
> > 
> > What else should I be looking for? /etc/hosts.deny and 
> /etc/hosts.allow do
> > not contain any addresses, either.
> > 
> > Thanks,
> > 
> > Stephen
> > 
> > 
> 
> -- 
> +-------------------
> | Ricardo Cerqueira  
> | PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 
> DB 28 DE 03 42 
> | Novis  -  Engenharia ISP / Rede T�cnica 
> | P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
> | Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
>

There are 2 main reasons:

        1 - Not having their users using open relays outside and getting
them into trouble
        2 - By forning all SMTP trafic to move through their own servers,
they can have some numbers on mail trafic to show in director board
meetings.

RC

On Wed, Aug 23, 2000 at 05:51:07PM -0700, Ihnen, David wrote:
> Do you have any idea what the reasoning/legality for that is?
> 
> If my personal mail.com mail transmittals stopped working, I would be pretty
> upset at being denied access to a legitimate service!  They shouldn't be
> able to restrict me to having their mail server process all my e-mail!
> 
> David
> 
> > -----Original Message-----
> > From: Ricardo Cerqueira [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, August 23, 2000 5:52 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Unable to connect to SMTP
> > 
> > 
> > Can that person connect to any other SMTP servers from AT&T?
> > Many ISPs block all outgoing SMTP connections except those 
> > coming from 
> > their own servers.
> > 
> > RC
> > 
> > On Wed, Aug 23, 2000 at 06:21:15PM -0600, Stephen Bosch wrote:
> > > 
> > > I have just added a new user who uses an AT&T dialup account that is
> > > typically assigned an address in the 12.72. range. I have 
> > added this range
> > > to my tcprules file.
> > > 
> > > Below is the exact content of tcprules:
> > > 
> > > 209.115.249.:allow,RELAYCLIENT=""
> > > 12.72.:allow,RELAYCLIENT=""
> > > 192.168.:allow,RELAYCLIENT=""
> > > 127.0.0.1:allow,RELAYCLIENT=""
> > > :allow
> > > 
> > > For some reason, however, this person can't connect - not 
> > even with telnet
> > > to port 25 (it tells her that her connection failed). She can telnet
> > > normally, however.
> > > 
> > > What else should I be looking for? /etc/hosts.deny and 
> > /etc/hosts.allow do
> > > not contain any addresses, either.
> > > 
> > > Thanks,
> > > 
> > > Stephen
> > > 
> > > 
> > 
> > -- 
> > +-------------------
> > | Ricardo Cerqueira  
> > | PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 
> > DB 28 DE 03 42 
> > | Novis  -  Engenharia ISP / Rede T�cnica 
> > | P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
> > | Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
> > 

-- 
+-------------------
| Ricardo Cerqueira  
| PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 DB 28 DE 03 42 
| Novis  -  Engenharia ISP / Rede T�cnica 
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701

PGP signature

Stephen Bosch wrote:
> 
> I have just added a new user who uses an AT&T dialup account that is
> typically assigned an address in the 12.72. range. I have added this range
> to my tcprules file.
> 
> Below is the exact content of tcprules:
> 
> 209.115.249.:allow,RELAYCLIENT=""
> 12.72.:allow,RELAYCLIENT=""
> 192.168.:allow,RELAYCLIENT=""
> 127.0.0.1:allow,RELAYCLIENT=""
> :allow
> 
> For some reason, however, this person can't connect - not even with telnet
> to port 25 (it tells her that her connection failed). She can telnet
> normally, however.
> 
> What else should I be looking for? /etc/hosts.deny and /etc/hosts.allow do
> not contain any addresses, either.
> 
> Thanks,
> 
> Stephen

Sounds like they maybe blocking that on their network.  If that is the
case there is nothing that can be done.  IMHO, blindly denying a service
like that is not the way to control a service.  That is what I really
like about the Qmail/Vpopmail package.  The pop before smtp function is
a great idea and controls relaying to who should be able to relay.  It
uses the same files you are using but does it automatically and then
will expire the ip after a period of time that you set.
-- 

Dale Miracle
System Administrator
Teoi Virtual Web Hosting

Dale Miracle wrote:
> 
> Stephen Bosch wrote:
> >
> > I have just added a new user who uses an AT&T dialup account that is
> > typically assigned an address in the 12.72. range. I have added this range
> > to my tcprules file.

<SNIP>

> >
> > For some reason, however, this person can't connect - not even with telnet
> > to port 25 (it tells her that her connection failed). She can telnet
> > normally, however.

> Sounds like they maybe blocking that on their network.  If that is the
> case there is nothing that can be done.

Okay - this sounds plausible...

Just tried it - she can't make simple SMTP connections to ANY other mail
servers... sounds like you are right.

What about assigning this user a special SMTP port? Can I do this with
qmail? Run an additional SMTP service at a custom port number? That
would bypass such a block.

-Stephen-

Hi all.

I have a qmail smtp-pop3 server under linux that administer 30 internal user account, 
this is only an internal server so the internal adresses aren't really present on the 
net, i would like that if an internal users send an e-mail to the external word the 
"From:" field would masquerade his internal adress with an unique adress (the only 
adress that is present on the internet).
A friend of mine say me that in sendmail there's this possibility and i'm sure that 
this is possible in qmail too, how can i do? 

Thanks      Davide.

From: Jason Haar <[EMAIL PROTECTED]>
Subject: Re: perlmx for qmail?
Date: Thu, 24 Aug 2000 11:51:06 +1200
Message-ID: <[EMAIL PROTECTED]>

> On Tue, Aug 22, 2000 at 09:42:45AM +0200, Olivier M. wrote:
> > On Tue, Aug 22, 2000 at 02:51:29PM +0900, [EMAIL PROTECTED] wrote:
> > > is there was any interest in developing something like perlmx [1] for
> > > qmail?  i presume that to do so, there would need to be hooks w/in
> > > qmail itself.
> > 
> > that would be great to have such filter possiblity, 
> > especially in case of vbs-like virus...
> 
> Have you checked out Qmail-Scanner (previously known as Scan4Virus)?
> 
> http://qmail-scanner.sourceforge.net/

that looks pretty interesting.

for reference, there are a couple of other things like this listed at:

  http://www.qmail.org/top.html#microsoft

as well.  (perhaps the scan4virus url listed there should be updated)

> Perl-based qmail-queue replacement that attempts to do what perlmx does -

you mean particularly for virus scanning, right?

there does seem to be an overlap between the two.  my impressions from
reading the qmail-scanner and perlmx pages is that:

  -perlmx provides a framework which would (among other things) allow you
   to do (at least some of) what qmail-scanner does.

  -qmail-scanner already does virus scanning, whereas one would have
   to implement something using perlmx at this point.

  -there are some things in the perlmx framework that don't seem to
   be in qmail-scanner (yet? ;-) ).  a few examples in particular:

   1) "Content Rewriting: add new headers or change existing content 
       of to incoming messages"

      i don't see any mention of this on the qmail-scanner page.  is this
      possible at this point?

   2) "... operates at the level of the incoming SMTP connection, which 
      means it has complete control over factors such as whether a 
      connection should be accepted, and whether the content received 
      during the connection should be altered before delivery ..."

      it seems to me that to do that, one would need to have hooks
      in qmail-smtpd.

does that seem about right?

btw, do you think it's really a good idea to have the X-QmailScan
header?  what's to stop some other software from placing it in the
headers?  [ there was a discussion of this sort of thing a bit back on
the vuln-dev mailing list if you are interested ]

On Thu, Aug 24, 2000 at 10:57:56AM +0900, [EMAIL PROTECTED] wrote:
> > Perl-based qmail-queue replacement that attempts to do what perlmx does - 
> you mean particularly for virus scanning, right?

Indeed. That's why it started out as scan4virus, however over time it's
moved towards more generalised scanning features - hence the name change.

>   -there are some things in the perlmx framework that don't seem to
>    be in qmail-scanner (yet? ;-) ).  a few examples in particular:
> 
>    1) "Content Rewriting: add new headers or change existing content 
>        of to incoming messages"
> 
>       i don't see any mention of this on the qmail-scanner page.  is this
>       possible at this point?

No - I'm looking at rewriting Qmail-Scanner with internal MIME support to
give me the extra hooks required to do that...

> 
>    2) "... operates at the level of the incoming SMTP connection, which 
>       means it has complete control over factors such as whether a 
>       connection should be accepted, and whether the content received 
>       during the connection should be altered before delivery ..."
> 
>       it seems to me that to do that, one would need to have hooks
>       in qmail-smtpd.

Yeah - that would definitely require qmail-smtpd to be rewritten.

Of course Courier does all that right now :-)

http://courier.sourceforge.net/


> btw, do you think it's really a good idea to have the X-QmailScan
> header?  what's to stop some other software from placing it in the
> headers?  [ there was a discussion of this sort of thing a bit back on
> the vuln-dev mailing list if you are interested ]

So what if they do? It's not used for anything... Also it's turned off by
default anyway.

-- 
Cheers

Jason Haar

Unix/Network Specialist, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417

From: Jason Haar <[EMAIL PROTECTED]>
Subject: Re: qmail-scanner and perlmx (was Re: perlmx for qmail?)
Date: Thu, 24 Aug 2000 14:10:40 +1200
Message-ID: <[EMAIL PROTECTED]>

> On Thu, Aug 24, 2000 at 10:57:56AM +0900, [EMAIL PROTECTED] wrote:
> > > Perl-based qmail-queue replacement that attempts to do what perlmx does - 
> > you mean particularly for virus scanning, right?
> 
> Indeed. That's why it started out as scan4virus, however over time it's
> moved towards more generalised scanning features - hence the name change.

i presume the trend toward generalization is continuing ;-)

> >   -there are some things in the perlmx framework that don't seem to
> >    be in qmail-scanner (yet? ;-) ).  a few examples in particular:
> > 
> >    1) "Content Rewriting: add new headers or change existing content 
> >        of to incoming messages"
> > 
> >       i don't see any mention of this on the qmail-scanner page.  is this
> >       possible at this point?
> 
> No - I'm looking at rewriting Qmail-Scanner with internal MIME support to
> give me the extra hooks required to do that...

that sounds promising.

for reference, i've been using the MIME::Tools module and have found
the author of it to be quite responsive.

i am particularly interested in changing existing content of incoming
messages w.r.t. creating a mailing list w/ support for confidentiality
(each subscriber gets a separately encrypted message) and signature
services.

> >    2) "... operates at the level of the incoming SMTP connection, which 
> >       means it has complete control over factors such as whether a 
> >       connection should be accepted, and whether the content received 
> >       during the connection should be altered before delivery ..."
> > 
> >       it seems to me that to do that, one would need to have hooks
> >       in qmail-smtpd.
> 
> Yeah - that would definitely require qmail-smtpd to be rewritten.
> 
> Of course Courier does all that right now :-)
> 
> http://courier.sourceforge.net/

hmmm, hadn't heard about this one, will have to take a look.  thanks
for the info.

> > btw, do you think it's really a good idea to have the X-QmailScan
> > header?  what's to stop some other software from placing it in the
> > headers?  [ there was a discussion of this sort of thing a bit back on
> > the vuln-dev mailing list if you are interested ]
> 
> So what if they do? 

if you're interested, i think the relevant thread can be found at:

  
http://securityfocus.com/templates/archive.pike?list=82&date=2000-06-22&[EMAIL PROTECTED]

> Also it's turned off by default anyway.

a good choice, imho.

Hello all,

I am new to qmail. I am running Slackware 7.1 and trying to setup
qmail using the instructions in LWQ. I get to the following part and
I am stuck:

#################################

Create the script using your editor or by downloading it with your
web browser, then install it into your system's init.d directory,
which should be in one of the following locations:

/etc/init.d
/sbin/init.d
/etc/rc.d/init.d
Name the script qmail. You'll also need to link the script into a
couple of "rc" directories. These directories are named like rcN.d,
where N is the runlevel they apply to. The intricacies of the startup
directory tree are beyond the scope of this document, so if these
simplified instructions don't suffice, consult your system
documentation. Your rc directories will probably be in one of:

/etc
/sbin
/etc/rc.d
To create the links, execute the following commands, replacing RCDIR
with the location of your system's rc directories:

    ln -s ../init.d/qmail RCDIR/rc0.d/K30qmail
    ln -s ../init.d/qmail RCDIR/rc1.d/K30qmail
    ln -s ../init.d/qmail RCDIR/rc2.d/S80qmail
    ln -s ../init.d/qmail RCDIR/rc4.d/S80qmail
    ln -s ../init.d/qmail RCDIR/rc5.d/S80qmail
    ln -s ../init.d/qmail RCDIR/rc6.d/K30qmail

###############################################

I do not have a /init.d directory on my server so I created
/etc/rc.d/init.d and continued with the setup.

Could not create links...

    ln -s ../init.d/qmail RCDIR/rc0.d/K30qmail
    ln -s ../init.d/qmail RCDIR/rc1.d/K30qmail
    ln -s ../init.d/qmail RCDIR/rc2.d/S80qmail
    ln -s ../init.d/qmail RCDIR/rc4.d/S80qmail
    ln -s ../init.d/qmail RCDIR/rc5.d/S80qmail
    ln -s ../init.d/qmail RCDIR/rc6.d/K30qmail

I get no such file or directory errors

Skipped this part.

finished the setup tried starting with:
/usr/local/sbin/qmail
get
/usr/local/sbin/qmail No such file or directory error.

tried /etc/rd.c/init.d/qmail
get
/usr/local/sbin/qmail No such file or directory.

tried /var/qmail/rc
system hangs.
Telnet in from another system I can see qmail running but main
console is still froze. use crtl - c system is usable but qmail stops
running.

Ok I think that is about all I got.

Thanks for your help,

Larry Masters

Hi,

Any message sento to yahoo.com gives an error as follows:

Aug 24 08:09:42 mail qmail: 96714598.526974 delivery 154:deferral: 
Connected_to_128.11.69.55_but_connection_died._(#4.4.2)/

Can u tell help me why it is happening with yahoo.com

Regards,
kamal



*****************
Go to:
www.NetWala.com  " The Internet in every wallet "

On Thu, Aug 24, 2000 at 08:36:33AM -0400, [EMAIL PROTECTED] wrote:
> Hi,
> 
> Any message sento to yahoo.com gives an error as follows:
> 
> Aug 24 08:09:42 mail qmail: 96714598.526974 delivery 154:deferral: 
>Connected_to_128.11.69.55_but_connection_died._(#4.4.2)/
> 
> Can u tell help me why it is happening with yahoo.com

It appears yahoo is having problems at its end. Nothing for you to
worry about, unless all messages sent to yahoo ultimately bounce.

PGP signature

Hi

What am I supposed to see when I run /var/qmail/bin/sendmail from the
command line?

Even if I just type "sendmail --help", it just carriage returns into the
next line and hangs there indefinitely... Happens too for every other
combination of options I tried... qmail-inject works fine doing "echo me |
/var/qmail/bin/qmail-inject"... sending mail through the qmail server as a
relay works too...

Is there any way to know exactly what the sendmail wrapper is capable of
doing and what options are there for it?

Thanks
Wong

On Thu, Aug 24, 2000 at 11:50:27AM +0800, FCP Wong wrote:
> Hi
> 
> What am I supposed to see when I run /var/qmail/bin/sendmail from the
> command line?

Nothing except an exit code, just as you do with qmail-inject.

> Even if I just type "sendmail --help", it just carriage returns into the
> next line and hangs there indefinitely...

Yep. It's waiting for an eof, just as qmail-inject does.

> Happens too for every other
> combination of options I tried... qmail-inject works fine doing "echo me |
> /var/qmail/bin/qmail-inject"... sending mail through the qmail server as a
> relay works too...

what happens when you go: echo To: me | /var/qmail/bin/sendmail
?

> Is there any way to know exactly what the sendmail wrapper is capable of
> doing and what options are there for it?

If you want the greatest flexibility, use qmail-inject directly, it
is well documented and well defined. /var/qmail/bin/sendmail is a
compatibility program aimed at people who have code that cannot
be changed.

Regards.


Thanks for the answers... gotta couple more to verify...

> > Even if I just type "sendmail --help", it just carriage returns into the
> > next line and hangs there indefinitely...
>
> Yep. It's waiting for an eof, just as qmail-inject does.
>
ok... may I know what character is the exit code? usually when I type
"sendmail [EMAIL PROTECTED]" I can exit by typing ".". But the qmail
sendmail seems to ignore this.

> > Happens too for every other
> > combination of options I tried... qmail-inject works fine doing "echo me
|
> > /var/qmail/bin/qmail-inject"... sending mail through the qmail server as
a
> > relay works too...
>
> what happens when you go: echo To: me | /var/qmail/bin/sendmail
> ?
>
it exits normally, as of now I haven't received the mail yet... but I typed
"echo to: [EMAIL PROTECTED] | var/qmail/bin/sendmail" 'cos I haven't set up
my local MailDir yet... it's been almost 5 minutes since I entered the above
command... does it normally take so long to deliver the mail?

and may I know where all this is being logged? the file beginning with "@"
in /var/log/qmail doesn't seem to log all these... and /var/log/maillog is
empty so far...

> If you want the greatest flexibility, use qmail-inject directly, it
> is well documented and well defined. /var/qmail/bin/sendmail is a
> compatibility program aimed at people who have code that cannot
> be changed.
>
I'm using PHP which uses sendmail by default... has anybody found a way to
use qmail-inject directly? Greatly appreciate any info on this...

Thanks
Wong


> what happens when you go: echo To: me | /var/qmail/bin/sendmail
> ?
>
Nothing happens when I do this. In fact, I've almost got everything working
except for the sendmail wrapper... This is really weird...

Wong

Thank you Ben,

Strange...I checked the logs and found that maillog wasn't recording 
anything and then i went to /var/log/qmail and found 3 folders: qmail-pop3d/ 
 qmail-send/  qmail-smtpd/.   In these, there wasn't anything really 
useful..the last logged file was on Aug 14th!  It appeared we were running 
without logging anything!  

So, I asked our mail admin why splogger wasn't running and to please turn it 
on.  We got this running and suddenly, POOF, it works...the mail is piped in 
the the python script and the python script executes.  Any explanations to 
why it suddenly started working when logging was turned on?  (I did not 
change anything else)

Thanks,
Thomas
>
>At 11:03 AM 8/23/2000 -0500, you wrote:
>>On Wed, Aug 23, 2000 at 11:40:21PM +0800, Thomas Duterme wrote:
>>
>>> cat .qmail-unsubscribe_education
>>> unsubscribe
>>> 
>>> in /home/unsubscribe/.qmail, I have:
>>> ./Maildir/
>>> | /home/unsubscribe/MagazineUnsubscribe.py >> /home/unsubscribe/unsub.log
>>> 
>>> Now, the weird thing is that qmail won't pass the mail to stdin like it
>>> should (executing the second line of my .qmail...passing the mail to my
>>> python script).  I have tried: changing the ownership of the .py script (to
>>> alias and the grp to qmail) and it still won't work.  Any answers here?
>>> 
>>> Also, in my Maildir, I eventually get multiple copies of this email. I
>>> believe this problem is somehow related, but I've been banging my head on
>>> the keyboard too much to see how.  Any help or ideas appreciated.
>>
>>What Do the Logs Say? (tm)
>>
>>Seriously, the logs will include the error message returned by your no
>>doubt broken Python script.  qmail most certainly did provide it the
>>message on stdin.  You are getting multiple messages because the message
>>is being deferred because the script is failing.  When it retries, it
>>retries the entire delivery, including the ./Maildir/ part.
>>
>>Ben
>>

I am looking for help on forwarding. Here is my question: I have two mail servers, host1.mydomain (in Office A) and host2.mydomain (in Office B). They are both running qmail but located physically in different places. Host1 is my MX. Basically, I want the people in Office B (where host2 is located) are able to receive and deliver mails from host2 instead of from MX (host1). Can I set up forwarding for each person (of Office B) individually and have qmail on MX (host1) to forward mail to host2 without leaving mails locally? Or is there any other better way of doing this? A virtual domain? Thanks for any help in advance. Alan ************************************* $B%7%9%F%`%M%C%H%o!<%/%^%M!<%8%c!<(B $B%"%i%s!!%A%c%s(B ************************************* $B%7%k%P!<%(%C%0%F%/%N%m%8!<3t<02qhttp://www.silveregg.co.jp *************************************

From: Alan Chung <[EMAIL PROTECTED]>
Subject: forward help
Date: Thu, 24 Aug 2000 14:11:52 +0900
Message-ID: <[EMAIL PROTECTED]>

> I have two mail servers, host1.mydomain (in Office A) and host2.mydomain 
> (in Office B).  They are both running qmail but located physically in 
> different places.
> 
> Host1 is my MX.  Basically, I want the people in Office B (where host2 is 
> located) are able to receive and deliver mails from host2 instead of from 
> MX (host1).  Can I set up forwarding for each person (of Office B) 
> individually and have qmail on MX (host1) to forward mail to host2 without 
> leaving mails locally?  

yes -- depending on what you mean by "leaving mail locally".  

if mail is going to be passing through host1, mail will be stored
there locally in the queue -- if only for a temporary period before
being forwarded, for instance.

> Or is there any other better way of doing this?  A virtual domain?

if all of the people in office b have addresses different from those
using office a (e.g. the domain part of their addresses differ), it's
pretty easy to do (e.g. make host2 an appropriate mx) -- if that's not
the case, the option you mentioned above seems like a good way to
accomplish what you want.

i'd be interested in hearing about other possibilities, if anyone
knows of any.

p.s. your sig contains japanese, which might be hard on the eyes of
many subscribers of this list who don't have the appropriate fonts ;-)



   hello friends 


  can any one tell me how can i use seperate mail server for incoming and
outgoing mails , 
 lets assume i wanna use one qmail server which can only
relay all outgoing mails for mydomain  and the other qmail server  
which only accepts mails for my domain ( that i have listed in my MX)

  but the doubt is  , if someone is sending mails from mydomain to
otherdomain and if the mailserver for otherdomain wants valid MX entrie
before accepting mail from any domain  , then how to deal with it ?

thanks once again 
Prashant Desai

On Thu, Aug 24, 2000 at 01:24:49AM +0300, [EMAIL PROTECTED] wrote:
>   can any one tell me how can i use seperate mail server for incoming and
> outgoing mails , 
>  lets assume i wanna use one qmail server which can only
> relay all outgoing mails for mydomain  and the other qmail server  
> which only accepts mails for my domain ( that i have listed in my MX)
> 
>   but the doubt is  , if someone is sending mails from mydomain to
> otherdomain and if the mailserver for otherdomain wants valid MX entrie
> before accepting mail from any domain  , then how to deal with it ?

Then the server for otherdomain is broken. It is quite common for
hosts not listed in any DNS MX RR to send mail to other SMTP servers.

PGP signature



hello Alexander  

    thanks a lot for ur reply 

   would you please suggest any method which helps me to in seperating my
incoming and outgoing mail servers 

  what i think is 
 i have to mention DNS MX RR  for my incoming qmail server 

 and relay all mails from my domain to other SMTP servers 


 am i correct  ?


 but what if i want more then one SMTP servers for incoming as well as
outgoing and loadbalence between them ?


thanks once again
Prashant Desai

On Thu, Aug 24, 2000 at 01:42:49AM +0300, [EMAIL PROTECTED] wrote:
> 
> 
> hello Alexander  
> 
>     thanks a lot for ur reply 
> 
>    would you please suggest any method which helps me to in seperating my
> incoming and outgoing mail servers 
> 
>   what i think is 
>  i have to mention DNS MX RR  for my incoming qmail server 
> 
>  and relay all mails from my domain to other SMTP servers 

Let's go over a basic setup.

foo.example.com is to be the outbound server. It is a normal qmail
installation. rcpthosts should be a blank file. Set up qmail-smtpd to
allow relaying for authorized clients.

bar.example.com is to be the inbound server. It runs the basic qmail
daemons and qmail-send. It has all the various spool disks and other
fun things. smtproutes should contain:

:foo.example.com

PGP signature


hi Alexander 

  is it necessay to define smtproute for foo.example.com on bar.example.com
, 

my incoming is  bar.example.com 
out going is    foo.example.com 


 if i define DNS MX bar.example.com 

and tell my users to rerlay through  foo.example.com  
 then will it work  , 


and how do i load balance if i need to have more then one incoming and more
then one outgoing  qmail smtp servers 


thanks once again 
Prashant desai

On Thu, Aug 24, 2000 at 02:27:34AM +0300, [EMAIL PROTECTED] wrote:
>   is it necessay to define smtproute for foo.example.com on bar.example.com
> , 
> 
> my incoming is        bar.example.com 
> out going is  foo.example.com 
> 
> 
>  if i define DNS MX bar.example.com 
> 
> and tell my users to rerlay through  foo.example.com  
>  then will it work  , 

That works for most cases, but keep in mind that bar.example.com might
generate its own outgoing mail. In that case you want bar.example.com
to relay the message through foo.example.com, which the smptroutes
entry achieves.

> and how do i load balance if i need to have more then one incoming and more
> then one outgoing  qmail smtp servers 

You must be expecting a LOT of mail to anticipate the need for load
balancing. Remember that qmail is not a resource hog, you should be
able to serve thousands of users with one Pentium Pro/Pentium II class
machine.

The quickest way to load balance is to use DNS round-robin entries for
both foo.example.com and bar.example.com. Remember that all machines
that receive mail as bar.example.com should have access to the same
spool directories, so a user gets messages regardless of which machine
the message came through.

PGP signature

I'm trying to set up pop3 access to use tcpserver instead of inetd, the
"Life with qmail" document says the following :

-----------------
To use tcpserver, add the following to your qmail startup script (not
inetd.conf):
    tcpserver -v -R 0 pop3 /var/qmail/bin/qmail-popup FQDN \
        /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir 2>&1 | \
        /var/qmail/bin/splogger pop3d &
where pop3 is the name of the POP3 service listed in /etc/services and FQDN
is the fully qualified domain name of the POP server you're setting up,
e.g., pop.example.net.
-----------------

May I know what exactly is meant by "startup script"? is it the "qmail"
startup script in init.d? or "/var/qmail/rc"?

Wong

Any startup script that is guaranteed to start when your system starts

Most people will stick it in the /etc/rc.d file

/BR

 
Manager
InterPlanetary Solutions
http://ipsware.com/


> -----Original Message-----
> From: Wong Chin Shin [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, August 24, 2000 5:28 PM
> To: [EMAIL PROTECTED]
> Subject: Pop3 for qmail
> 
> 
> I'm trying to set up pop3 access to use tcpserver instead of inetd, the
> "Life with qmail" document says the following :
> 
> -----------------
> To use tcpserver, add the following to your qmail startup script (not
> inetd.conf):
>     tcpserver -v -R 0 pop3 /var/qmail/bin/qmail-popup FQDN \
>         /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir 2>&1 | \
>         /var/qmail/bin/splogger pop3d &
> where pop3 is the name of the POP3 service listed in 
> /etc/services and FQDN
> is the fully qualified domain name of the POP server you're setting up,
> e.g., pop.example.net.
> -----------------
> 
> May I know what exactly is meant by "startup script"? is it the "qmail"
> startup script in init.d? or "/var/qmail/rc"?
> 
> Wong
> 
>


Hi,

I've got almost everything in my qmail installation working except for the
sendmail wrapper.

-----------------------------

This is the multilog output which I get when I type this :

echo to: myname | /var/qmail/bin/qmail-inject

@4000000039a4d82e09f1e024 new msg 32098
@4000000039a4d82e09f1fb7c info msg 32098: bytes 248 from
[EMAIL PROTECTED]> qp 7126 uid 500
@4000000039a4d82e0c60730c starting delivery 17: msg 32098 to local
[EMAIL PROTECTED]
@4000000039a4d82e0c60924c status: local 1/10 remote 0/20
@4000000039a4d82e1050d77c delivery 17: success: did_1+0+0/
@4000000039a4d82e1050f6bc status: local 0/10 remote 0/20
@4000000039a4d82e1050fe8c end msg 32098

I receive the mail A-OK and everything's fine, everyone's smiling...

-----------------------------

This is the multilog output when I key in :

echo to: myname | /var/qmail/bin/sendmail

@4000000039a4d83c0620c384 new msg 32098
@4000000039a4d83c0620dedc info msg 32098: bytes 248 from
<[EMAIL PROTECTED]> qp 7642 uid 500
@4000000039a4d83c06d40a0c end msg 32098

I wait half the day for the mail to come in and everybody passes the time by
screaming into my ears "Is it here yet?"

What can I derive from the output? Thanks for any answers...

Wong

I am new to SSL-mechanism of qmail server.

It seems that we have two choices to do that:

(1)use stunnel

    stunnel can listen a specific port and unencrypt the

   encrypted packets and redirect to standard port.

   stunnel do the "listen and decrypt"task well.

  But how to send out mails encrypetd by stunnel?

(2)use tls.patch

    This patch can patch the qmail-smtpd and qmail-remote.

    But if some mail server which isn't able to speak SSL,

    what will qmail-smtpd process this case?

   And what will qmail-remote do if it send a mail to

   non-SSL mail server.?

Should I read RFC2487 to get knowledge in detail?

  Might someone give me a hand?

qmail Digest 24 Aug 2000 10:00:01 -0000 Issue 1102

Reply via email to