qmail Digest 4 Sep 2000 10:00:01 -0000 Issue 1113
Topics (messages 47865 through 47907):
qmail & SSL
47865 by: Petre Rodan
Open relay test.
47866 by: Sean C Truman
47867 by: wolfgang zeikat
47868 by: Magnus Bodin
47869 by: wolfgang zeikat
47870 by: Sean C Truman
47871 by: Sean C Truman
47872 by: Magnus Bodin
47873 by: wolfgang zeikat
47874 by: Sean C Truman
47875 by: Sean C Truman
47876 by: Magnus Bodin
47877 by: wolfgang zeikat
47878 by: Sean C Truman
47879 by: Stephen F. Bosch
47883 by: Eric Cox
47884 by: Eric Cox
47886 by: Russ Allbery
47905 by: Peter van Dijk
47907 by: OK 2 NET - Andr� Paulsberg
smtproutes examples ?
47880 by: mailing
trouble injecting ....
47881 by: Fabio Pedrazzoli
47882 by: Adam McKenna
Re: outgoing mail masquerading and /bin/mail
47885 by: Stephen F. Bosch
Re: can not send email, but can receive email
47887 by: ms7.url.com.tw
47895 by: ms7.url.com.tw
47897 by: Christopher Tolley
Re: Forbid the access to some accounts
47888 by: Russell Nelson
Error Sending
47889 by: ms7.url.com.tw
47890 by: Brett Randall
telnet localhost 25 can not work
47891 by: ms7.url.com.tw
47892 by: Brett Randall
what happen
47893 by: ms7.url.com.tw
47894 by: Brett Randall
47896 by: ms7.url.com.tw
47898 by: Brett Randall
47899 by: Brett Randall
deferral message 451
47900 by: Dale Miracle
47901 by: Christopher Tolley
47902 by: Dale Miracle
47903 by: Christopher Tolley
Slow local deliveries
47904 by: Brian Baquiran
domain
47906 by: Stano Pa�ka
Administrivia:
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Hi folks,
Did anyone tryed a SSL (TLS) and qmail combination so far? If so please
give me some pointers.
I've found something at http://opensource.3gi.com/sendmail-tls/ but I'm
not sure how to make it work with qmail. By default (used with sendmail)
it requires this line in inetd.conf:
smtps stream tcp nowait root /var/qmail/bin/sendmail-tls
sendmail-tls -l ssl3 -u nobody -p /etc/smtps.pem -- /usr/sbin/sendmail
-bs -C/etc/sendmail.relay.cf
My problem is after the '--' where the MTA (qmail) should be started.
I've tried
cd /var/qmail/supervise
/var/qmail/bin/sendmail-tls -l ssl3 -u nobody -p /etc/smtps.pem -- env -
PATH="$PATH" svscan
but no luck ...
Did anyone do a start script for this wrapper (for use with qmail)?
Something outside inetd.conf would be just great ...
Thanks,
Peter
|
Hey all,
I have put together a small OPEN
relay tester. It runs the same test ORBS runs.
|
i tested your tester, thanks :)
(*erm*, wouldnt it be easier if you could copy/paste from the results page
without having to open the page source and seeing those *tons* of
color/font tags? :)
however, your test claims i am running an open relay due to these results:
MAIL FROM:([EMAIL PROTECTED]@62.96.181.213)
250 ok
RCPT TO:("nobody%prodigysolutions.com")
250 ok
250 flushed
and
MAIL FROM:([EMAIL PROTECTED]@62.96.181.213)
250 ok
RCPT TO:("prodigysolutions.com!nobody")
250 ok
250 flushed
i tried both procedures from a shell that is not in my relayclients,
and qmail accepted the mails but then tried to deliver them to
[EMAIL PROTECTED] and domain.ext!user
which are non-existing users, so the mails ended up in the
~/alias/.qmail-default handling. so they were not forwarded to any
external address (at least). so i wonder if your tester's final judgement:
"You are running a Open Relay" is fully correct.
so i wonder:
1. are those two "leaks" in the antirelay settings really a problem? and
2. how could i fix them.
cheers
wolfgang
Also sprach Sean C Truman <[EMAIL PROTECTED]> on
03.09.2000:
Hey all,
I have put together a small OPEN relay tester. It runs the same
test
ORBS runs.
http://www.prodigysolutions.com/relay_test.html
On Sun, Sep 03, 2000 at 09:49:19AM -0400, Sean C Truman wrote:
> Hey all,
>
> I have put together a small OPEN relay tester. It runs the same test ORBS runs.
>
> http://www.prodigysolutions.com/relay_test.html
It also states falsely that if a host that handles mail for the
"example.com" domain e.g. accepts
[EMAIL PROTECTED]
[EMAIL PROTECTED]@example.com
[EMAIL PROTECTED]
then it is an open relay although it isn't.
A TRUE relay tester must wait and see if the mail get's relayed due to
implementation/configuration.
/magnus
--
http://x42.com/
oops sorry,
that was rather a temporary netscape problem that didnt let me copy/paste.
Also sprach wolfgang zeikat <[EMAIL PROTECTED]> on 03.09.2000:
(*erm*, wouldnt it be easier if you could copy/paste from the
results page
without having to open the page source and seeing those *tons* of
color/font tags? :)
I am adding the non-colors, table feature.. I do not like the colors or
tags. GUI people like it.. I will add a Bool for the Graphics and table
format.. so that you can switch from either mode.. however as you reported
at the bottom it is not considered a open relay.. But if ORBS runs the test
and it fails then you are added to the ORBS database..
If you would like to pass all test. get the badmailfrom patch from
www.qmail.org and use it.. and filter out the *%* unless you are using the
percent for anything.
Sean
----- Original Message -----
From: wolfgang zeikat <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, September 03, 2000 10:52 AM
Subject: Re: Open relay test.
> i tested your tester, thanks :)
>
> (*erm*, wouldnt it be easier if you could copy/paste from the results page
> without having to open the page source and seeing those *tons* of
> color/font tags? :)
>
> however, your test claims i am running an open relay due to these results:
> MAIL FROM:([EMAIL PROTECTED]@62.96.181.213)
> 250 ok
> RCPT TO:("nobody%prodigysolutions.com")
> 250 ok
> 250 flushed
> and
> MAIL FROM:([EMAIL PROTECTED]@62.96.181.213)
> 250 ok
> RCPT TO:("prodigysolutions.com!nobody")
> 250 ok
> 250 flushed
>
>
> i tried both procedures from a shell that is not in my relayclients,
> and qmail accepted the mails but then tried to deliver them to
> [EMAIL PROTECTED] and domain.ext!user
> which are non-existing users, so the mails ended up in the
> ~/alias/.qmail-default handling. so they were not forwarded to any
> external address (at least). so i wonder if your tester's final judgement:
> "You are running a Open Relay" is fully correct.
>
> so i wonder:
> 1. are those two "leaks" in the antirelay settings really a problem? and
> 2. how could i fix them.
>
> cheers
> wolfgang
>
>
> Also sprach Sean C Truman <[EMAIL PROTECTED]> on
> 03.09.2000:
>
> Hey all,
>
> I have put together a small OPEN relay tester. It runs the same
> test
> ORBS runs.
>
> http://www.prodigysolutions.com/relay_test.html
>
>
Magnus,
Thanks for the input.. I will go ahead and have it send a message then
check to see if it actually relayed it. I just pretty much copied the telnet
mail-abuse.org test onto a Web page..
Sean
----- Original Message -----
From: Magnus Bodin <[EMAIL PROTECTED]>
To: qmail list <[EMAIL PROTECTED]>
Sent: Sunday, September 03, 2000 10:54 AM
Subject: Re: Open relay test.
>
> On Sun, Sep 03, 2000 at 09:49:19AM -0400, Sean C Truman wrote:
> > Hey all,
> >
> > I have put together a small OPEN relay tester. It runs the same test
ORBS runs.
> >
> > http://www.prodigysolutions.com/relay_test.html
>
> It also states falsely that if a host that handles mail for the
> "example.com" domain e.g. accepts
>
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]@example.com
> [EMAIL PROTECTED]
>
> then it is an open relay although it isn't.
>
> A TRUE relay tester must wait and see if the mail get's relayed due to
> implementation/configuration.
>
> /magnus
>
> --
> http://x42.com/
On Sun, Sep 03, 2000 at 11:00:14AM -0400, Sean C Truman wrote:
> I am adding the non-colors, table feature.. I do not like the colors or
> tags. GUI people like it.. I will add a Bool for the Graphics and table
> format.. so that you can switch from either mode.. however as you reported
> at the bottom it is not considered a open relay.. But if ORBS runs the test
> and it fails then you are added to the ORBS database..
But ORBS tests are dumb.
[EMAIL PROTECTED] could actually be a
mail address at my system.
Why should anybody make a false decision about me running an open relay due
to the fact that there are lots of MTA:s out there with buggy percenthack
implementations/configurations?
This holds for the other "strange" e-mail addresses in the test as well.
/magnus
--
http://x42.com/
Also sprach Sean C Truman <[EMAIL PROTECTED]> on
03.09.2000:
But if ORBS runs the test
and it fails then you are added to the ORBS database..
i doubt that.
my server has repeatedly been tested by ORBS and is considered clean.
wolfgang
Magnus,
I agree the ORBS test are dumb and don't really pertain to 95% of the
mail servers out there. But if you are in the ORBS database then some mail
is going to be rejected. This test is just a overall test so that all system
administrators can test. Not just the 95% of us out there. And as far as
decision making.. no one is making any decisions. If you know certain test
don't apply to you. Ignore them! As a mail administrator you should know
which test do and don't apply to your server.. The test does not report it's
results to anywhere except your browser.
Sean
----- Original Message -----
From: Magnus Bodin <[EMAIL PROTECTED]>
To: qmail list <[EMAIL PROTECTED]>
Sent: Sunday, September 03, 2000 11:07 AM
Subject: Re: Open relay test.
> On Sun, Sep 03, 2000 at 11:00:14AM -0400, Sean C Truman wrote:
> > I am adding the non-colors, table feature.. I do not like the colors or
> > tags. GUI people like it.. I will add a Bool for the Graphics and table
> > format.. so that you can switch from either mode.. however as you
reported
> > at the bottom it is not considered a open relay.. But if ORBS runs the
test
> > and it fails then you are added to the ORBS database..
>
> But ORBS tests are dumb.
>
> [EMAIL PROTECTED] could actually be a
> mail address at my system.
>
> Why should anybody make a false decision about me running an open relay
due
> to the fact that there are lots of MTA:s out there with buggy percenthack
> implementations/configurations?
>
> This holds for the other "strange" e-mail addresses in the test as well.
>
> /magnus
>
> --
> http://x42.com/
Wolfgang,
This test doesn't do the ORBS test.. It does the test at mail-abuse.org.
If you can send me a copy of the test that ORBS preforms. I would be happy
to add them.. If you would like to see what I am talking about with
mail-abuse.org, From your mail server just telnet to mail-abuse.org and you
will see what I am explaining.
Sean
----- Original Message -----
From: wolfgang zeikat <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, September 03, 2000 11:16 AM
Subject: Re: Open relay test.
> Also sprach Sean C Truman <[EMAIL PROTECTED]> on
> 03.09.2000:
> But if ORBS runs the test
> and it fails then you are added to the ORBS database..
>
> i doubt that.
> my server has repeatedly been tested by ORBS and is considered clean.
>
> wolfgang
>
>
>
>
>
On Sun, Sep 03, 2000 at 11:42:22AM -0400, Sean C Truman wrote:
> Magnus,
>
> I agree the ORBS test are dumb and don't really pertain to 95% of the
> mail servers out there. But if you are in the ORBS database then some mail
> is going to be rejected. This test is just a overall test so that all system
> administrators can test. Not just the 95% of us out there. And as far as
> decision making.. no one is making any decisions. If you know certain test
> don't apply to you. Ignore them! As a mail administrator you should know
> which test do and don't apply to your server.. The test does not report it's
> results to anywhere except your browser.
I agree partly.
But my point is that the test is misleading and will cause confusion for
those who don't understand. Especially if it states with big letters that
"You are running an Open Relay" without any explanations.
/magnus
--
http://x42.com/
*duh* - telnetting into the world from our mail server is prohibited by
the firewall hehe.
mail-abuse.org accepts mail from me via that server tho (relay reports).
wolfgang
Also sprach Sean C Truman <[EMAIL PROTECTED]> on
03.09.2000:
From your mail server just telnet to mail-abuse.org and you
will see what I am explaining.
Magnus,
Newbieproof the script.. Gottcha.. That all you had to say.. Sorry.. :)
Sean
----- Original Message -----
From: Magnus Bodin <[EMAIL PROTECTED]>
To: qmail list <[EMAIL PROTECTED]>
Sent: Sunday, September 03, 2000 12:02 PM
Subject: Re: Open relay test.
> On Sun, Sep 03, 2000 at 11:42:22AM -0400, Sean C Truman wrote:
> > Magnus,
> >
> > I agree the ORBS test are dumb and don't really pertain to 95% of
the
> > mail servers out there. But if you are in the ORBS database then some
mail
> > is going to be rejected. This test is just a overall test so that all
system
> > administrators can test. Not just the 95% of us out there. And as far
as
> > decision making.. no one is making any decisions. If you know certain
test
> > don't apply to you. Ignore them! As a mail administrator you should know
> > which test do and don't apply to your server.. The test does not report
it's
> > results to anywhere except your browser.
>
> I agree partly.
>
> But my point is that the test is misleading and will cause confusion for
> those who don't understand. Especially if it states with big letters that
> "You are running an Open Relay" without any explanations.
>
> /magnus
>
> --
> http://x42.com/
I imagine that more than one person on this list has spoken to ORBS
about their misleading relay test? How many people have ended up on the
ORBS list simply because their qmail installations accepted emails with
"%" or "!" in the To: field?
This seems extraordinarily stupid to me...
-Stephen-
Sean C Truman wrote:
>
> I am adding the non-colors, table feature.. I do not like the colors or
> tags. GUI people like it.. I will add a Bool for the Graphics and table
> format.. so that you can switch from either mode.. however as you reported
> at the bottom it is not considered a open relay.. But if ORBS runs the test
> and it fails then you are added to the ORBS database..
I don't think that's true. They bad-mouth qmail for doing this in their
tech section, but I'm almost certain that the mail has to actually be
relayed to get listed.
Eric
"Stephen F. Bosch" wrote:
>
> I imagine that more than one person on this list has spoken to ORBS
> about their misleading relay test? How many people have ended up on the
> ORBS list simply because their qmail installations accepted emails with
> "%" or "!" in the To: field?
None. ORBS doesn't do this. If none of the mails are relayed back to
one of the ORBS recieving machines, the tested machine is not listed.
> This seems extraordinarily stupid to me...
It would be if it were true...
Eric
Sean C Truman <[EMAIL PROTECTED]> writes:
> I agree the ORBS test are dumb and don't really pertain to 95% of the
> mail servers out there. But if you are in the ORBS database then some mail
> is going to be rejected.
Except that ORBS doesn't actually add people who "fail" that test but
don't relay the mail. So it's not true that your tester is using the same
tests as ORBS is.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
On Sun, Sep 03, 2000 at 02:07:25PM -0700, Eric Cox wrote:
[snip]
> > I am adding the non-colors, table feature.. I do not like the colors or
> > tags. GUI people like it.. I will add a Bool for the Graphics and table
> > format.. so that you can switch from either mode.. however as you reported
> > at the bottom it is not considered a open relay.. But if ORBS runs the test
> > and it fails then you are added to the ORBS database..
>
> I don't think that's true. They bad-mouth qmail for doing this in their
> tech section, but I'm almost certain that the mail has to actually be
> relayed to get listed.
The badmouthing at www.orbs.org is about qmail being an open relay if
rcpthosts doesn't exist.
And yes, orbs only lists you if the relay test message gets delivered.
Greetz, Peter.
--
[ircoper] [EMAIL PROTECTED] - Peter van Dijk / Hardbeat
[student] Undernet:#groningen/wallops | IRCnet:/#alliance
[developer] _____________
[disbeliever - the world is backwards] (__VuurWerk__(--*-
> I imagine that more than one person on this list has spoken to ORBS
> about their misleading relay test? How many people have ended up on the
> ORBS list simply because their qmail installations accepted emails with
> "%" or "!" in the To: field?
NO ONE!
ORBS tester requires the E-Mail to reach them at their test account,
this can only happen if you are an Open Relay server.
They also keep the relayed message at their site for verification.
MVH Andr� Paulsberg
|
Hello,
Could someone possibly send a few
control/smtproutes examples, I haven't been able to find much info in the
docs.
Is it possible to forward all mail for
adomain.com to mailserver.domain.com using this ?
Thanks in advance
Regards
Ken
|
Hi,
I have problems when delivering some kind of messages;
by command line, i can deliver JUST FROM ROOT and JUST REMOTE messages:
this work:
# echo to: [EMAIL PROTECTED]|/var/qmail/bin/qmail-inject
# tail -f /var/log/qmail/current | tai64nlocal
2000-09-02 03:57:16.713748500 new msg 48075
2000-09-02 03:57:16.713757500 info msg 48075: bytes 194 from
<[EMAIL PROTECTED]> qp 12231 uid 0
2000-09-02 03:57:16.717471500 starting delivery 8: msg 48075 to remote
[EMAIL PROTECTED]
2000-09-02 03:57:16.717476500 status: local 0/10 remote 1/20
2000-09-02 03:57:46.962870500 delivery 8: success:
212.110.6.34_accepted_message./Remote_host_said:_250_DAA11694_Message_accepted_for_delivery/
2000-09-02 03:57:46.962883500 status: local 0/10 remote 0/20
2000-09-02 03:57:46.962886500 end msg 48075
all the other "kind" of messages fault,
for example:
from root to root ( I have a correct alias for root in .qmail-root ):
# echo to: root |/var/qmail/bin/qmail-inject
# tail -f /var/log/qmail/current |tai64nlocal
2000-09-02 04:00:48.849831500 new msg 48075
2000-09-02 04:00:48.849953500 info msg 48075: bytes 197 from
<[EMAIL PROTECTED]> qp 12251 uid 0
2000-09-02 04:00:48.853694500 starting delivery 9: msg 48075 to local
[EMAIL PROTECTED]
2000-09-02 04:00:48.853699500 status: local 1/10 remote 0/20
2000-09-02 04:00:48.859922500 delivery 9: deferral:
Unable_to_forward_message:_unable_to_exec_qq_(#4.3.0)./
2000-09-02 04:00:48.859932500 status: local 0/10 remote 0/20
from a ID !=0 to remote:
# su fp
$ echo to: [EMAIL PROTECTED] |/var/qmail/bin/qmail-inject
qmail-inject: fatal: unable to exec qq (#4.3.0)
from a ID !=0 to local:
$echo to: root|/var/qmail/bin/qmail-inject
qmail-inject: fatal: unable to exec qq (#4.3.0)
I looked all RFCs and documentation but i'm not able to find out a
solution .... i set up another machine
with the same qmail installation [from the tarball] and the same Debian
gnu linux and the second server
works fine [!]
I tried to find out when the mail process stops looking in the big
pictures ...
$ date
Sat Sep 2 04:17:39 CEST 2000
$ echo to:[EMAIL PROTECTED] |/var/qmail/bin/qmail-inject
$ su
# cd /var/qmail/bin
# ls -f -lu qmail-inject qmail-queue qmail-send qmail-lspawn
qmail-local
-rwxr-xr-x 1 root qmail 35252 Sep 2 04:17 qmail-inject
for example:
from root to root ( I have a correct alias for root in .qmail-root ):
# echo to: root |/var/qmail/bin/qmail-inject
# tail -f /var/log/qmail/current |tai64nlocal
2000-09-02 04:00:48.849831500 new msg 48075
2000-09-02 04:00:48.849953500 info msg 48075: bytes 197 from
<[EMAIL PROTECTED]> qp 12251 uid 0
2000-09-02 04:00:48.853694500 starting delivery 9: msg 48075 to local
[EMAIL PROTECTED]
2000-09-02 04:00:48.853699500 status: local 1/10 remote 0/20
2000-09-02 04:00:48.859922500 delivery 9: deferral:
Unable_to_forward_message:_unable_to_exec_qq_(#4.3.0)./
2000-09-02 04:00:48.859932500 status: local 0/10 remote 0/20
from a ID !=0 to remote:
# su fp
$ echo to: [EMAIL PROTECTED] |/var/qmail/bin/qmail-inject
qmail-inject: fatal: unable to exec qq (#4.3.0)
from a ID !=0 to local:
$echo to: root|/var/qmail/bin/qmail-inject
qmail-inject: fatal: unable to exec qq (#4.3.0)
I looked all RFCs and documentation but i'm not able to find out a
solution .... i set up another machine
with the same qmail installation [from the tarball] and the same Debian
gnu linux and the second server
works fine [!]
I tried to find out when the mail process stops looking in the big
pictures ...
$ date
Sat Sep 2 04:17:39 CEST 2000
$ echo to:[EMAIL PROTECTED] |/var/qmail/bin/qmail-inject
$ su
# cd /var/qmail/bin
# ls -f -lu qmail-inject qmail-queue qmail-send qmail-lspawn
qmail-local
-rwxr-xr-x 1 root qmail 35252 Sep 2 04:17 qmail-inject
-rws--x--x 1 qmailq qmail 12908 Sep 2 04:07 qmail-queue
-rwx--x--x 1 root qmail 40748 Sep 2 03:27 qmail-send
-rwx------ 1 root qmail 17532 Sep 2 03:27 qmail-lspawn
-rwx--x--x 1 root qmail 34396 Sep 2 04:15 qmail-local
I also have obviously problems with web server's cgi [php] when mailing
web users...
Can anyone help me?
Does exist some verbose archive of qmail errors [not rfcs] and
troubleshooting?
Thanks in advance,
bye
Fabio Pedrazzoli
On Sun, Sep 03, 2000 at 08:46:47PM +0200, Fabio Pedrazzoli wrote:
> Hi,
> I have problems when delivering some kind of messages;
> by command line, i can deliver JUST FROM ROOT and JUST REMOTE messages:
>
Most likely you have the wrong permissions set on qmail-queue, it should look
like this:
-rws--x--x 1 qmailq qmail 11308 May 2 02:57 /var/qmail/bin/qmail-queue
--Adam
Andrzej Szydlo wrote:
>
> Hi,
>
> Have you tried mutt as a mail client?
> You could also user qmail-qfilter to rewrite the header.
You know what I did instead?
I used Dan Bernstein's fabulous mess822! It's great! I can pipe any file
to /usr/local/bin/new-inject, and if the file contains appropriate
header fields, the mail goes, exactly as I want it!
THANK YOU DAN
-Stephen-
Dear Sir:
When I checked the /var/log/maillog file, I can not find out any error
message, except I entried wrong account/password on purpose.
Then error message from Email reader, netscape messager:
the server may not be accepting connection or may be busy,
try connecting again later.
But, my friend do some testing in this server, he said: it fine, sent and
received from US.
So, do you have any ideal about this? Thanks
best regards,
MH
----- Original Message -----
From: "Dale Miracle" <[EMAIL PROTECTED]>
To: "ms7.url.com.tw" <[EMAIL PROTECTED]>
Cc: "Qmail" <[EMAIL PROTECTED]>
Sent: Saturday, September 02, 2000 1:24 AM
Subject: Re: can not send email, but can receive email
> > "ms7.url.com.tw" wrote:
> >
> > Hi folks:
> >
> > I got a problem, I think it could be series. The situation is:
> >
> > I want to use Email reader to catch email from
> > qmail+vpopmail+tcpserver. First, the mail system will check
> > account/password, I sure it ok, it means this is a legal. Now, I want
> > to send some email to different people by this qmail system, now, the
> > email system response me a error or information message, I can not
> > sure what type of messages, is
> >
> > the server may not be accepting connection or may be busy,
> > try connecting again later
> >
> > But, I can sure my connection works, and just for send/receive email.
> >
> > What can I do???
> >
> > Thanks,
> >
> > mARS
> >
> >
>
> What does your log say for qmail? There should be a log for it in
> /var/log . The logs should say what error occurred.
> --
>
> Dale Miracle
> System Administrator
> Teoi Virtual Web Hosting
Dear Sir:
Just like you say, I check every setting file, likes hosts.allow,
hosts.deny, and tcp.smtp.cdb. I did not do more limited in my server. So,
have others configuration files I need to notices.
best regard,
mARS Huang
----- Original Message -----
From: "Dale Miracle" <[EMAIL PROTECTED]>
To: "ms7.url.com.tw" <[EMAIL PROTECTED]>
Sent: Monday, September 04, 2000 11:39 AM
Subject: Re: can not send email, but can receive email
> "ms7.url.com.tw" wrote:
> >
> > Dear Sir:
> >
> > When I checked the /var/log/maillog file, I can not find out any error
> > message, except I entried wrong account/password on purpose.
> >
> > Then error message from Email reader, netscape messager:
> >
> > the server may not be accepting connection or may be busy,
> > try connecting again later.
> >
> > But, my friend do some testing in this server, he said: it fine, sent
and
> > received from US.
> >
> > So, do you have any ideal about this? Thanks
>
> So other people can use the mail server and you can't? Are you using
> any type of relaying control? Like in the hosts.allow file or
> TCPserver's tcp.smtp .
>
> --
>
> Dale Miracle
> System Administrator
> Teoi Virtual Web Hosting
Jesus...I suppose RTFM won't work with the language barrier...
OK...Hopefully the language barrier won't be to big for me to explain this.
It sounds like you are using tcpserver to run qmail-smtpd. If you ARE using
"tcpserver", you should be running it like this:
tcpserver -x /etc/tcp.smtp.cdb -u UID# -g GID# 0 smtp
/var/qmail/bin/qmail-smtpd
UID# and GID# should be replaced with the UID for "qmaild" and the GID for
"nofiles".
If you don't know what these numbers are, run:
id qmaild
or you can check your /etc/passwd and /etc/group files.
Next, if it does not already exist, create a file called:
/etc/tcp.smtp
Inside that file, put the following:
127.0.0.:allow,RELAYCLIENT=""
:allow
Now run:
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp </etc/tcp.smtp
If tcpserver is already started and running, you should then be able to send
mail from localhost (127.0.0.1). Changes to /etc/tcp.smtp.cdb are
immediately known to "tcpserver" after you run the "tcprules" command.
Also make sure that you have "localhost" added to the file:
/etc/qmail/control/rcpthosts
Hope that helps you out.
-CT
PS. I wonder if anyone out there knows Chinese and English well enough for
doing the Qmail FAQ and "Life with Qmail" in Chinese? Or has this already
been done? Please point this person towards it if it exists.
----- Original Message -----
From: "ms7.url.com.tw" <[EMAIL PROTECTED]>
To: "Dale Miracle" <[EMAIL PROTECTED]>
Cc: "Qmail Mailing List" <[EMAIL PROTECTED]>
Sent: Sunday, September 03, 2000 11:21 PM
Subject: Re: can not send email, but can receive email
> Dear Sir:
>
> Just like you say, I check every setting file, likes hosts.allow,
> hosts.deny, and tcp.smtp.cdb. I did not do more limited in my server. So,
> have others configuration files I need to notices.
>
> best regard,
>
> mARS Huang
> ----- Original Message -----
> From: "Dale Miracle" <[EMAIL PROTECTED]>
> To: "ms7.url.com.tw" <[EMAIL PROTECTED]>
> Sent: Monday, September 04, 2000 11:39 AM
> Subject: Re: can not send email, but can receive email
>
>
> > "ms7.url.com.tw" wrote:
> > >
> > > Dear Sir:
> > >
> > > When I checked the /var/log/maillog file, I can not find out any error
> > > message, except I entried wrong account/password on purpose.
> > >
> > > Then error message from Email reader, netscape messager:
> > >
> > > the server may not be accepting connection or may be busy,
> > > try connecting again later.
> > >
> > > But, my friend do some testing in this server, he said: it fine, sent
> and
> > > received from US.
> > >
> > > So, do you have any ideal about this? Thanks
> >
> > So other people can use the mail server and you can't? Are you using
> > any type of relaying control? Like in the hosts.allow file or
> > TCPserver's tcp.smtp .
> >
> > --
> >
> > Dale Miracle
> > System Administrator
> > Teoi Virtual Web Hosting
>
Ruben Curto writes:
> Now, I need to create some mail accounts for the internal network only,
> without outer world access.
>
> I can't forbid the access by IP, since there are 2 accounts in a same
> PC, one with access to Internet, and the other not.
Trapping incoming mail is much easier than trapping outgoing mail.
Look for the "with SMTP" string on line 5 of the message (presuming no
internal forwarding) in a .qmail file for the internal-only users.
To trap outgoing mail, you need something which distinguishes the
internal-only users. You can't allow two accounts on the same IP,
because one of them could forge mail as the other. There's no way to
stop that.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com |
Crynwr sells support for free software | PGPok | Damn the firewalls!
521 Pleasant Valley Rd. | +1 315 268 1925 voice | Full connectivity ahead!
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX |
Title: �ť�
|
Dear Sir:
When I used Email Reader, pine under Red Hat Linux, to send one message,
but it responsed me one error message:
[Error sending: Connection failed to mail.wwtoptech.com, 25: Connection
refuse]
What can I do for this? thansk
best regards,
mARS Huang
|
aA�DOIt appears as if they are having problems. An nslookup on wwtoptech.com
shows the IP address for mail.wwtoptech.com (hostname colo) as the MX for
wwtoptech.com, and a telnet to port 25 on that machine fails so just leave
it a day and try again...otherwise there is nothing you can do.
/BR
Manager
InterPlanetary Solutions
http://ipsware.com/
-----Original Message-----
From: ms7.url.com.tw [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 04, 2000 1:11 PM
To: Qmail Mailing List
Cc: Ben Tasi
Subject: Error Sending
Dear Sir:
When I used Email Reader, pine under Red Hat Linux, to send one message,
but it responsed me one error message:
[Error sending: Connection failed to mail.wwtoptech.com, 25: Connection
refuse]
What can I do for this? thansk
best regards,
mARS Huang
Title: �ť�
|
Dear Sir:
When I used this: telnet localhost 25, in Email server, the server
responsed me an error message:
trying 127.0.0.1...
telnet: unable to connect to remote host: conection refused
The Email server, I use qmail + ucspi-tcp + autoresponder +
courier-imap.
What can I do for this? thansk
best regards,
mARS Huang
|
aA�DOOK What would really help us is the settings you are starting qmail
with. ie this is the line in the rc file that starts qmail. Note that you
need to start two things: qmail-send, and tcpserver (or inetd, however this
is now not encouraged). qmail-send handles the processing of messages, but
tcpserver handles accepting connections (in this case on port 25). You need
to tell us how you have set qmail up. Using 'Life with qmail', or the
instructions that came with qmail, or have you just made your own up? I
recommend going through Life with qmail step-by-step and using those
instructions, because they work.
/BR
Manager
InterPlanetary Solutions
http://ipsware.com/
-----Original Message-----
From: ms7.url.com.tw [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 04, 2000 1:30 PM
To: Qmail Mailing List
Cc: Ben Tasi
Subject: telnet localhost 25 can not work
Dear Sir:
When I used this: telnet localhost 25, in Email server, the server
responsed me an error message:
trying 127.0.0.1...
telnet: unable to connect to remote host: conection refused
The Email server, I use qmail + ucspi-tcp + autoresponder + courier-imap.
What can I do for this? thansk
best regards,
mARS Huang
Title: �ť�
|
Dear Sir:
Who can tell me what happen in the message:
--- Transcript of session follows --- Link 00/09/04 11:47:07
[202.43.85.10] colo.wwtoptech.com By [EMAIL PROTECTED]>>
220 colo.wwtoptech.com ESMTP << HELO relay12.url.com.tw >> 250
colo.wwtoptech.com << MAIL From:< [EMAIL PROTECTED]> >>
250 ok << RCPT To:< [EMAIL PROTECTED]> >> 553
sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) <<
QUIT O.K. 00/09/04 11:47:08 --- Original mail follows
--- X-MAILFROM: [EMAIL PROTECTED]Received:
from ms7.url.com.tw
([210.59.228.90]) by AccSMTP/NT
2.5 (210.59.228.144) [210.59.228.144]; Mon, 4 Sep 2000 10:34:19
+0800 Received: from IBM240
([202.43.125.81]) by AccSMTP/NT
2.5 (210.59.228.43) [210.59.228.43]; Mon, 4 Sep 2000 10:34:12
+0800 Message-ID: < 003e01c01618$073f77c0$[EMAIL PROTECTED]> From:
"ms7.url.com.tw" < [EMAIL PROTECTED]> To:
< [EMAIL PROTECTED]> References:
< [EMAIL PROTECTED]> Subject:
Re: Date: Mon, 4 Sep 2000 10:29:59 +0800 MIME-Version:
1.0 Content-Type: text/plain; charset="big5" Content-Transfer-Encoding:
7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft
Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE
V5.50.4133.2400 ----- Original Message ----- From: < [EMAIL PROTECTED]> To: < [EMAIL PROTECTED]> Sent:
Monday, September 04, 2000 10:24 AM > |
aA�DOGeez, you are having more problems than a stick figure has sticks in its
body!
OK tell us - is wwtoptech.com your domain or are you just trying to send
e-mail there? This whole time you haven't given us many details as far as
your setup is concerned. If it is your domain, we may be able to help. If
not, it is not your problem. Oh, and are you able to send your messages in
plain text? This continual chinese text is screwing my replies up and I am
sure making reading interesting for many other people.
/BR
Manager
InterPlanetary Solutions
http://ipsware.com/
-----Original Message-----
From: ms7.url.com.tw [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 04, 2000 2:13 PM
To: Qmail Mailing List
Subject: what happen
Dear Sir:
Who can tell me what happen in the message:
--- Transcript of session follows ---
Link 00/09/04 11:47:07 [202.43.85.10] colo.wwtoptech.com
By [EMAIL PROTECTED]
>> 220 colo.wwtoptech.com ESMTP
<< HELO relay12.url.com.tw
>> 250 colo.wwtoptech.com
<< MAIL From:<[EMAIL PROTECTED]>
>> 250 ok
<< RCPT To:<[EMAIL PROTECTED]>
>> 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
<< QUIT
O.K. 00/09/04 11:47:08
Dear Sir:
First, thanks you more help and care.
The Email System components:
autoresponder.tgz
qmail-1.03.tar.gz
courier-imap-0.36b.tar.gz
qmailadmin-0.32.tar.gz
ezmlm-idx-0.53.316-1.i386.rpm
sqwebmail.tgz
iputils-20000121-2.i386.rpm
ucspi-tcp-0.88.tar.gz
vpopmail-4.8.5.tar.gz
The Email System setting files:
/etc/inetd.conf
#
# inetd.conf This file describes the services that will be available
# through the INETD TCP/IP super server. To re-configure
# the running INETD process, edit this file, then send the
# INETD process a SIGHUP signal.
#
# Version: @(#)/etc/inetd.conf 3.10 05/27/93
#
# Authors: Original taken from BSD UNIX 4.3/TAHOE.
# Fred N. van Kempen, <[EMAIL PROTECTED]>
#
# Modified for Debian Linux by Ian A. Murdock <[EMAIL PROTECTED]>
#
# Modified for RHS Linux by Marc Ewing <[EMAIL PROTECTED]>
#
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
#
# Echo, discard, daytime, and chargen are used primarily for testing.
#
# To re-read this file after changes, just do a 'killall -HUP inetd'
#
#echo stream tcp nowait root internal
#echo stream tcp nowait root internal
#echo dgram udp wait root internal
#discard stream tcp nowait root internal
#discard dgram udp wait root internal
#daytime stream tcp nowait root internal
#daytime dgram udp wait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp wait root internal
#time stream tcp nowait root internal
#time dgram udp wait root internal
#
# These are standard services.
#
#ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -a
#telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
#
# Shell, login, exec, comsat and talk are BSD protocols.
#
#shell stream tcp nowait root /usr/sbin/tcpd in.rshd
#login stream tcp nowait root /usr/sbin/tcpd in.rlogind
#exec stream tcp nowait root /usr/sbin/tcpd in.rexecd
#comsat dgram udp wait root /usr/sbin/tcpd in.comsat
#talk dgram udp wait nobody.tty /usr/sbin/tcpd in.talkd
#talk dgram udp wait nobody.tty /usr/sbin/tcpd in.talkd
#ntalk dgram udp wait nobody.tty /usr/sbin/tcpd in.ntalkd
#dtalk stream tcp wait nobody.tty /usr/sbin/tcpd in.dtalkd
#
# Pop and imap mail services et al
#
#pop-2 stream tcp nowait root /usr/sbin/tcpd ipop2d
pop-3 stream tcp nowait root /usr/sbin/tcpd ipop3d
imap stream tcp nowait root /usr/sbin/tcpd imapd
#
# The Internet UUCP service.
#
#uucp stream tcp nowait uucp /usr/sbin/tcpd /usr/lib/uucp/uucico
-l
#
# Tftp service is provided primarily for booting. Most sites
# run this only on machines acting as "boot servers." Do not uncomment
# this unless you *need* it.
#
#tftp dgram udp wait root /usr/sbin/tcpd in.tftpd
#bootps dgram udp wait root /usr/sbin/tcpd bootpd
#
# Finger, systat and netstat give out user information which may be
# Finger, systat and netstat give out user information which may be
# valuable to potential "system crackers." Many sites choose to disable
# some or all of these services to improve security.
#
#finger stream tcp nowait nobody /usr/sbin/tcpd in.fingerd
#cfinger stream tcp nowait root /usr/sbin/tcpd in.cfingerd
#systat stream tcp nowait guest /usr/sbin/tcpd /bin/ps -auwwx
#netstat stream tcp nowait guest /usr/sbin/tcpd /bin/netstat
-f inet
#
# Authentication
#
# identd is run standalone now
#
#auth stream tcp wait root /usr/sbin/in.identd in.identd -e -o
#
# End of inetd.conf
#linuxconf stream tcp wait root /bin/linuxconf linuxconf --http
#smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env
/var/qmail/bin/qmail-smtpd
/etc/rc.d/init.d/qmail as /etc/rc.d/rc3.d/S80qmail
#!/bin/sh
#
# qmail: mail daemon
# Source function library.
. /etc/rc.d/init.d/functions
RETVAL=0
# See how we were called.
case "$1" in
start)
echo -n "Starting QMail server."
/var/qmail/rc &
RETVAL=$?
;;
*)
echo "Usage: $0 {start}"
exit 1
esac
exit $RETVAL
/var/qmail/rc
#!/bin/sh
# Using splogger to send the log through syslog.
# Using qmail-local to deliver messages to ~/Mailbox by default.
exec env - PATH="/var/qmail/bin:/usr/local/bin" \
tcpserver -H -R 0 pop3 \
/var/qmail/bin/qmail-popup colo.wwtoptech.com \
/usr/local/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir &
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start ./Maildir/ splogger qmail
/etc/more tcp.smtp
127.0.0.:allow,RELAYCLIENT=""
202.43.85.10:allow,RELAYCLIENT=""
202.43.85.167:allow,RELAYCLIENT=""
/usr/local/bin/tcprulescheck /etc/tcp.smtp.cdb
default:
allow connection
best regards,
mARS Huang
----- Original Message -----
From: "Brett Randall" <[EMAIL PROTECTED]>
To: "ms7.url.com.tw" <[EMAIL PROTECTED]>; "qmail"
<[EMAIL PROTECTED]>
Sent: Monday, September 04, 2000 1:24 PM
Subject: RE: what happen
> aA�DOGeez, you are having more problems than a stick figure has sticks in
its
> body!
>
> OK tell us - is wwtoptech.com your domain or are you just trying to send
> e-mail there? This whole time you haven't given us many details as far as
> your setup is concerned. If it is your domain, we may be able to help. If
> not, it is not your problem. Oh, and are you able to send your messages in
> plain text? This continual chinese text is screwing my replies up and I am
> sure making reading interesting for many other people.
>
> /BR
>
>
> Manager
> InterPlanetary Solutions
> http://ipsware.com/
> -----Original Message-----
> From: ms7.url.com.tw [mailto:[EMAIL PROTECTED]]
> Sent: Monday, September 04, 2000 2:13 PM
> To: Qmail Mailing List
> Subject: what happen
>
>
> Dear Sir:
>
> Who can tell me what happen in the message:
>
> --- Transcript of session follows ---
>
> Link 00/09/04 11:47:07 [202.43.85.10] colo.wwtoptech.com
> By [EMAIL PROTECTED]
> >> 220 colo.wwtoptech.com ESMTP
> << HELO relay12.url.com.tw
> >> 250 colo.wwtoptech.com
> << MAIL From:<[EMAIL PROTECTED]>
> >> 250 ok
> << RCPT To:<[EMAIL PROTECTED]>
> >> 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
> << QUIT
> O.K. 00/09/04 11:47:08
>
OK first let me highlight some things:
/etc/inetd.conf:
> #smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env
> /var/qmail/bin/qmail-smtpd
/var/qmail/rc:
> exec env - PATH="/var/qmail/bin:$PATH" \
> qmail-start ./Maildir/ splogger qmail
/etc/tcp.smtp
> 127.0.0.:allow,RELAYCLIENT=""
> 202.43.85.10:allow,RELAYCLIENT=""
> 202.43.85.167:allow,RELAYCLIENT=""
OK you have commented out the smtp line in inetd.conf. This is the usual
when you move over to using tcpserver as the spawning daemon for
qmail-smtpd. However nowhere in your rc files do I see a line to start
tcpserver (which uses the tcp.smtp file, compiled into tcp.smtp.cdb) for
smtpd, only for pop3d and imapd. Since it appears as if you have used a few
different sources for your setup, try the following:
1. Add this line to the /etc/rc.d/init.d/qmail file, either before or after
the other lines, it doesn't matter as long as it starts:
tcpserver -x /etc/tcp.smtp.cdb -u UID# -g GID# 0 smtp
/var/qmail/bin/qmail-smtpd
2. Compile /etc/tcp.smtp to /etc/smtp.cdb via (at the command line):
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp </etc/tcp.smtp
3. Restart the qmail processes ('/etc/rc.d/init.d/qmail stop', then
'/etc/rc.d/init.d/qmail start' since you have modified the rc file).
/BR
Manager
InterPlanetary Solutions
http://ipsware.com/
Also I forgot to add:
In the tcpserver line, UID# and GID# should be replaced with the UID for
"qmaild" and the GID for "nofiles" (scumming off Christopher now :) Thanks!)
/BR
Manager
InterPlanetary Solutions
http://ipsware.com/
Hello Everyone,
I searched through the archive on this and it seems to be a subject that
has been beat pretty well so I will get to the point. I know the
problem is with dns but with who's is a good question and why it is
sporadic.
I have noticed in my logs that the same virtual domain gets the error
"Sender_domain_must_resolve" from the same 3 mail servers quite often
though the mail eventually does go through after as many as 100 retries.
delivery 70: deferral:
Connected_to_204.210.223.23_but_sender_was_rejected./Remote_host_said:_451_<[EMAIL PROTECTED]>..._Sender_domain_must_resolve/
That ip address according to ARIN is Timewarner Cable cable modem
service
The other two ip's that is always having this error is:
207.180.206.1 which ARIN reports is North Coast Web
216.196.0.17 which is my isp's mail server. I host the domains on my
servers and they only have a reverse.
I have a couple friends on warners cable service and send mail to them
quite often and never get this error when sending them mail but this
virtual domain always seems to get the error.
This virtual domain is setup to use my MX in dns. If I use nslookup on
the above ip's, my isp can do a look up of lsbsolutions.com with no
problem. North Coast web can only look up my domain (teoi.net) and one
other virtual domain on my box but not any other (which are on the same
box using the same DNS) but it could do reverses on all of my virtual
domains. Timewarner couldn't even look up names in it's own domain so I
wrote them off (I am not surprised, but that is a story for another
day).
Is this my problem or their problem? Some days it is fine and others it
is not. I hope it is not my isp's because getting in touch with them is
like getting my dog to balance my check book though they are a good isp
(little down time and decent backbone connections) you just don't want
to try to e-mail or call them.
Thanks!
--
Dale Miracle
System Administrator
Teoi Virtual Web Hosting
I'm no DNS genius, but I think I see what the problem is. Here is the entire zone
record for that domain:
$ORIGIN lbsolutions.com.
@ 1D IN SOA dns.wwnet.net. hostmaster.wwnet.net. (
1999080901 ; serial
4H ; refresh
2H ; retry
1w3d ; expiry
1D ) ; minimum
1D IN NS dns.wwnet.net.
1D IN NS dns2.wwnet.net.
1D IN A 209.142.242.133
1D IN MX 5 smtp.logitrak.com.
www 1D IN A 209.142.242.133
@ 1D IN SOA dns.wwnet.net. hostmaster.wwnet.net. (
1999080901 ; serial
4H ; refresh
2H ; retry
1w3d ; expiry
1D ) ; minimum
heh...they didn't block full lookups :-)
Part of the problem is the line with "www". This should be a CNAME...not an A Record.
When I reverse 209.142.242.133, I get this:
133.242.142.209.in-addr.arpa. 1D IN PTR www.lbsolutions.com.
This means that the PTR record that is on dns.wwnet.net is incorrectly configured to
www.lbsolutions.com instead of lbsolutions.com.
Since the zone record is lbsolutions.com and not www.lbsolutions.com, the DNS query
can't find the zone record and figure out the MX
host.
As I said, I'm not a DNS genius, so I could be off-track here, but I'm pretty sure
that's your problem. Correct the PTR record (at
the very least) and change that www A Record to a CNAME and everything should clear
up. If you just fix the PTR record, you should
be OK with leaving the www as an A Record. Sloppy, but OK.
-CT
----- Original Message -----
From: "Dale Miracle" <[EMAIL PROTECTED]>
To: "qmail list" <[EMAIL PROTECTED]>
Sent: Monday, September 04, 2000 12:20 AM
Subject: deferral message 451
> Hello Everyone,
>
> I searched through the archive on this and it seems to be a subject that
> has been beat pretty well so I will get to the point. I know the
> problem is with dns but with who's is a good question and why it is
> sporadic.
>
> I have noticed in my logs that the same virtual domain gets the error
> "Sender_domain_must_resolve" from the same 3 mail servers quite often
> though the mail eventually does go through after as many as 100 retries.
>
> delivery 70: deferral:
>
>Connected_to_204.210.223.23_but_sender_was_rejected./Remote_host_said:_451_<[EMAIL PROTECTED]>..._Sender_domain_must_resolve/
>
> That ip address according to ARIN is Timewarner Cable cable modem
> service
> The other two ip's that is always having this error is:
> 207.180.206.1 which ARIN reports is North Coast Web
> 216.196.0.17 which is my isp's mail server. I host the domains on my
> servers and they only have a reverse.
>
> I have a couple friends on warners cable service and send mail to them
> quite often and never get this error when sending them mail but this
> virtual domain always seems to get the error.
> This virtual domain is setup to use my MX in dns. If I use nslookup on
> the above ip's, my isp can do a look up of lsbsolutions.com with no
> problem. North Coast web can only look up my domain (teoi.net) and one
> other virtual domain on my box but not any other (which are on the same
> box using the same DNS) but it could do reverses on all of my virtual
> domains. Timewarner couldn't even look up names in it's own domain so I
> wrote them off (I am not surprised, but that is a story for another
> day).
>
> Is this my problem or their problem? Some days it is fine and others it
> is not. I hope it is not my isp's because getting in touch with them is
> like getting my dog to balance my check book though they are a good isp
> (little down time and decent backbone connections) you just don't want
> to try to e-mail or call them.
>
> Thanks!
> --
>
> Dale Miracle
> System Administrator
> Teoi Virtual Web Hosting
>
Christopher Tolley wrote:
>
> I'm no DNS genius, but I think I see what the problem is. Here is the entire zone
>record for that domain:
>
> $ORIGIN lbsolutions.com.
> @ 1D IN SOA dns.wwnet.net. hostmaster.wwnet.net. (
There is a tiny bit of a typo there, you switched the b and s around.
The domain is actually lsbsolutions.com .
Thanks for going through the trouble of looking that up though I really
appreciate it. This little problem has been driving me a little crazy.
I can't quite get a handle on it.
--
Dale Miracle
System Administrator
Teoi Virtual Web Hosting
Damn...Since I messed that up completely, here is another try:
Your IP reverses back to this:
42.147.30.206.in-addr.arpa. 1D IN PTR server.lsbsolutions.com.
Same potential problem. The PTR should point to lsbsolutions.com, not
server.lsbsolutions.com
Also, you should be using CNAMEs instead of multiple A records. The only time you
need more than one A record in a zone is when
it's different.
$ORIGIN lsbsolutions.com.
@ 1D IN SOA atlas.teoi.net. dale.atlas.teoi.net. (
2000081601 ; serial
12H ; refresh
2H ; retry
1W ; expiry
1D ) ; minimum
1D IN NS atlas.teoi.net.
1D IN NS tethys.teoi.net.
1D IN MX 10 atlas.teoi.net.
1D IN A 206.30.147.42
smtp 1D IN CNAME server <--------you are doing nested
lookups here
server 1D IN A 206.30.147.42 <--------should be a CNAME
pop3 1D IN CNAME server <--------more nested lookups
localhost 1D IN A 127.0.0.1 <-------localhost.lsbsolutions.com?
ppl can't get to it, so why in DNS?
www 1D IN CNAME server <------even more nested lookups
ftp 1D IN CNAME server <-------ditto
@ 1D IN SOA atlas.teoi.net. dale.atlas.teoi.net. (
2000081601 ; serial
12H ; refresh
2H ; retry
1W ; expiry
1D ) ; minimum
It should look like this
$ORIGIN lsbsolutions.com.
@ 1D IN SOA atlas.teoi.net. dale.atlas.teoi.net. (
2000081601 ; serial
12H ; refresh
2H ; retry
1W ; expiry
1D ) ; minimum
1D IN NS atlas.teoi.net.
1D IN NS tethys.teoi.net.
1D IN MX 10 atlas.teoi.net.
1D IN A 206.30.147.42
smtp 1D IN CNAME @
server 1D IN CNAME @
pop3 1D IN CNAME @
www 1D IN CNAME @
ftp 1D IN CNAME @
@ 1D IN SOA atlas.teoi.net. dale.atlas.teoi.net. (
2000081601 ; serial
12H ; refresh
2H ; retry
1W ; expiry
1D ) ; minimum
and your PTR should end up returning info like this:
42.147.30.206.in-addr.arpa. 1D IN PTR lsbsolutions.com.
-CT
----- Original Message -----
From: "Dale Miracle" <[EMAIL PROTECTED]>
To: "qmail list" <[EMAIL PROTECTED]>
Sent: Monday, September 04, 2000 12:20 AM
Subject: deferral message 451
> Hello Everyone,
>
> I searched through the archive on this and it seems to be a subject that
> has been beat pretty well so I will get to the point. I know the
> problem is with dns but with who's is a good question and why it is
> sporadic.
>
> I have noticed in my logs that the same virtual domain gets the error
> "Sender_domain_must_resolve" from the same 3 mail servers quite often
> though the mail eventually does go through after as many as 100 retries.
>
> delivery 70: deferral:
>
>Connected_to_204.210.223.23_but_sender_was_rejected./Remote_host_said:_451_<[EMAIL PROTECTED]>..._Sender_domain_must_resolve/
>
> That ip address according to ARIN is Timewarner Cable cable modem
> service
> The other two ip's that is always having this error is:
> 207.180.206.1 which ARIN reports is North Coast Web
> 216.196.0.17 which is my isp's mail server. I host the domains on my
> servers and they only have a reverse.
>
> I have a couple friends on warners cable service and send mail to them
> quite often and never get this error when sending them mail but this
> virtual domain always seems to get the error.
> This virtual domain is setup to use my MX in dns. If I use nslookup on
> the above ip's, my isp can do a look up of lsbsolutions.com with no
> problem. North Coast web can only look up my domain (teoi.net) and one
> other virtual domain on my box but not any other (which are on the same
> box using the same DNS) but it could do reverses on all of my virtual
> domains. Timewarner couldn't even look up names in it's own domain so I
> wrote them off (I am not surprised, but that is a story for another
> day).
>
> Is this my problem or their problem? Some days it is fine and others it
> is not. I hope it is not my isp's because getting in touch with them is
> like getting my dog to balance my check book though they are a good isp
> (little down time and decent backbone connections) you just don't want
> to try to e-mail or call them.
>
> Thanks!
> --
>
> Dale Miracle
> System Administrator
> Teoi Virtual Web Hosting
>
Local deliveries are very slow -- I cannot seem to get local concurrency to go to
double digits, even if the number of queued messages is high (say 20k). This results
in the local queue building up rapidly. All remote deliveries go out to a separate
machine listed in smtproutes. qmail has the big-concurrency patch applied. It's mostly
set up according to LWQ, except that we also run qmail-qmqpd. Linux has been patched
to increase NR_TASKS to 4090.
This is for a quad Xeon, 2GB RAM machine. Filesystem is ext2 on RAID5. The permissions
on /var/qmail/queue/lock/trigger are as expected, prw--w--w-.
I can provide additional info if needed. qmail-showctl output is quite extensive, as
we host many virtual domains with vpopmail.
Here's output from `vmstat 10`:
procs memory swap io system cpu
r b w swpd free buff cache si so bi bo in cs us sy id
0 3 0 8 3184 1836572 59792 0 0 8 12 15 12 6 3 13
0 9 1 8 3024 1835872 59476 0 0 59 188 640 1617 2 3 95
0 2 0 8 3480 1834692 59708 0 0 38 169 777 1732 3 4 93
2 11 1 8 2740 1832468 59208 0 0 58 184 669 1569 3 4 93
1 2 0 8 6304 1821128 64148 0 0 51 275 674 2171 15 5 80
0 3 0 8 18976 1824612 52284 0 0 61 124 606 1522 14 22 63
0 1 0 8 20396 1824612 53752 0 0 21 297 792 2114 4 4 92
Here's some of my qmail-send logs. I've been watching the logs roll by for the entire
day and I don't see anything strange. 210.16.71.8 is our outgoing mail machine.
@4000000039b348ff1b00fc9c new msg 521463
@4000000039b348ff1b02f09c info msg 521463: bytes 10113 from <LifeMinders.com@mai
lgate.lifeminders.com> qp 2353 uid 502
@4000000039b348ff24f7f37c new msg 521464
@4000000039b348ff24fa29e4 info msg 521464: bytes 8204 from <sentto-1870233-2567-
[EMAIL PROTECTED]> qp 2355 uid 502
@4000000039b348ff2eb6465c starting delivery 3020: msg 499042 to local edsamail.c
[EMAIL PROTECTED]
@4000000039b348ff2eb6b3bc status: local 2/120 remote 31/500
@4000000039b348ff2eb874f4 starting delivery 3021: msg 500497 to remote bluer@gop
lay.com
@4000000039b348ff2eb8e254 status: local 2/120 remote 32/500
@4000000039b348ff2ebf5e7c delivery 3018: failure: User_is_over_quota_email_retur
ned/
@4000000039b348ff2ed5865c status: local 1/120 remote 32/500
@4000000039b348ff2ed795b4 delivery 3019: success: 210.16.71.8_accepted_message./
Remote_host_said:_250_ok_968050802_qp_3363/
@4000000039b348ff2eda1a3c status: local 1/120 remote 31/500
@4000000039b348ff2ef0a7ac new msg 521506
@4000000039b348ff2ef2d25c info msg 521506: bytes 1942 from <Ryan@alittefaqsteel.
com> qp 2929 uid 502
Any hints would be appreciated. Thanks.
//bbaquian
|
Imagine:
I have domain ddd.com
Qmail runs on computer ccc (FQDN is
ccc.ddd.com)
Some user is uuu
(I have MX record in my DNS
server)
What can I do?
Stano Paska
|
