qmail Digest 4 Jun 2001 10:00:01 -0000 Issue 1385
Topics (messages 63405 through 63432):
Re: ORBS, and RFC-ignorant blacklists
63405 by: Piotr Kasztelowicz
63406 by: Peter van Dijk
63430 by: Piotr Kasztelowicz
Re: smtp on a specific IP
63407 by: Ross Davis
63408 by: Russell Nelson
63409 by: Henning Brauer
63413 by: Ross Davis
anyone using qmail-qfilter?
63410 by: Jon Rust
Re: Oops,I guess Sendmail wasn't secure after all...
63411 by: Felix von Leitner
Re: Enquiry
63412 by: Pavel Kankovsky
63417 by: Russell Nelson
PROBLEM Setting up RELAYDOMAINS
63414 by: avi
63415 by: Milind Nanal
Qmailadmin
63416 by: Zak Thompson
What about www.mail-abuse.org ?
63418 by: daiyuwen
63419 by: Tupshin Harper
63422 by: Mark Delany
qmail on SCO OpenServer
63420 by: Jason Heskett
63423 by: Mark Delany
do I need to log
63421 by: NewBiePortal
63424 by: Mark Delany
whether original sender can receiver a notic mail when mail can't send?
63425 by: george
63426 by: george
63429 by: Todd A. Jacobs
How filter a special mail address or subject when receiver all mail ?
63427 by: george
Re: How filter a special mail address or subject when receiver all mail.
63428 by: Todd A. Jacobs
direct connection to qmqp or qmtpd server
63431 by: Newbieportal
where can found exit code explain ?
63432 by: george
Administrivia:
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Hello
>Alan Brown, operator of ORBS, was served 2 New Zealand High Court
>injunctions ordering the removal of several OBRS listings. The compalies
>who filed for these injunctions are Actrix and NZ Telecom.
I have written to this list one year ago, Allan Brown activity
is illegal, moreover hi helps hackers more than normal peoples.
Also good decision of NZ Court.
Piotr
---
Piotr Kasztelowicz <[EMAIL PROTECTED]>
[http://www.am.torun.pl/~pekasz]
On Sun, Jun 03, 2001 at 11:25:10AM +0000, Piotr Kasztelowicz wrote:
> Hello
>
> >Alan Brown, operator of ORBS, was served 2 New Zealand High Court
> >injunctions ordering the removal of several OBRS listings. The compalies
> >who filed for these injunctions are Actrix and NZ Telecom.
>
> I have written to this list one year ago, Allan Brown activity
> is illegal, moreover hi helps hackers more than normal peoples.
> Also good decision of NZ Court.
I hate starting a flamethread (and hope you all are smart enough not
to), but ORBS does not help hackers.
Furthermore, Alan Brown's activities are not illegal - the ORBS
relaytester runs in The Netherlands, where this is not illegal by any
law.
Greetz, Peter.
On Sun, 3 Jun 2001, Peter van Dijk wrote:
> Furthermore, Alan Brown's activities are not illegal - the ORBS
> relaytester runs in The Netherlands, where this is not illegal by any
> law.
Maybe in Netherlands is not illegal, but in Netherlands even euthanasia
is legal by any law, in other countries not! The tester is in Netherlands
but it otucomes follow results in other countries, where performing
such lists and testing, which seeks the vulnerabilities in servers
and helps hackers at attacks, is illegal. From corespondence on this
list can be considered, that in US, NZ is illegal, in my country (Poland)
too. So, if Netherland will be right to others, probably shall give
this same injunction as NZ High Court - this want only a lot time
Best Wishes
Piotr
---
Piotr Kasztelowicz <[EMAIL PROTECTED]>
[http://www.am.torun.pl/~pekasz]
Thank you for correcting me on what is doing the sending.
I still can't believe that after all this time, I am the only one that wants
to control what ip a domain sends mail out on.
Is it physically possible to control the IP that qmail-remote uses to send
from?
----- Original Message -----
From: "Henning Brauer" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, June 03, 2001 2:28 AM
Subject: Re: smtp on a specific IP
> On Sat, Jun 02, 2001 at 05:41:51PM -0700, Ross Davis wrote:
> > There has to be some kind of config file that tells qmail-smtpd what
domains
> > to send for.
>
> qmail-smtpd does not send mail. It receives mails via smtp.
> qmail-send takes care of sending and starts qmail-remote for off-site
> deliveries. qmail-remote does not bind to a specific IP at all.
>
> --
> * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
> * Roedingsmarkt 14, 20459 Hamburg, Germany *
> Unix is very simple, but it takes a genius to understand the simplicity.
> (Dennis Ritchie)
Ross Davis writes:
> I still can't believe that after all this time, I am the only one that wants
> to control what ip a domain sends mail out on.
Quoting from www.qmail.org:
<li><a
href="http:[EMAIL PROTECTED]";>Markus
Stumpf</a> has a <a
href="http://www.lamer.de/maex/creative/software/qmail/";>pair of qmail
patches</a>, one to cause qmail-smtpd to log its disposition of mail,
and another to convince qmail-remote to use a fixed IP address other
than the one you get without binding to an address. Andy Repton has
ported the <a href="outgoingip.patch">fixed IP address</a> patch to
qmail 1.03. Damir Cifer has better instructions for his <a
href="http://tycho.edico.si/linuxtnt/#qmail-patch";>port</a>.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Microsoft rivets everything.
521 Pleasant Valley Rd. | +1 315 268 1925 voice | Linux has some loose screws.
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | You own a screwdriver.
On Sun, Jun 03, 2001 at 09:55:46AM -0700, Ross Davis wrote:
> I still can't believe that after all this time, I am the only one that wants
> to control what ip a domain sends mail out on.
Why should anyone care? For most of us the machine qmail runs on differs
from the one the webserver runs on, so it's another IP anyways. Do
accounting based on qmail's logfiles.
> Is it physically possible to control the IP that qmail-remote uses to send
> from?
Well, you can patch qmail-remote of course. There's a patch floating around
to let qmail-remote bind to ONE specific IP. If you still insist on your
idea it may be possible to modify this one. But be warned: parsing the
sender's address, getting the domaina nd looking up a IP for it adds a lot
of cruft to the code. This _may_ result in security problems, bad
performance, instability and so on.
--
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)
Thanks to all that helped. After seeing what would be involved, I think I
will just report from the log files.
Thanks again.
I'm getting these in my syslog:
.../kernel: pid 93400 (qmail-qfilter), uid 82: exited on signal 11
I was getting LOTS of them, and I thought it was related to my filter
attempting to reject messages with error code 31. Well my current filter
consists of:
#!/usr/bin/perl
while (<>) {
print;
}
exit (0);
And I'm still seeing them. Bruce Guenter appears to have stopped
development of qmail-qfilter (anything related to qmail?). Bummer, since
this looks like the only option for filtering, and BG wrote some handy
stuff.
I'm using FreeBSD 4.2-Stable. Any suggestions are welcome.
Thanks,
jon
Thus spake Boris ([EMAIL PROTECTED]):
> JA> Not quite. More like "someone inspects your free car and finds a button
> JA> that can make it explode. Maybe he pushes the button, maybe not. Maybe he
> JA> pushes the button on someone else's car". Are you willing to take that
> JA> risk? I can imagine two situations where that would be the case: either
> Well, there is no button with a text like "press me here" -))))) for
> the public.
Can we _please_ drop this?
Boris has shown that his pitiful excuse for knowledge about his
computer, his software, the Internet and just about everything else is
not worth spending time on. If he does not go by himself, just killfile
him and be done with it.
This kind of bullshit is "discussed" with cluon sinks like Boris here
hundreds of time every day on Usenet. No need to repeat that here.
Thanks. Now: Boris, please crawl back under your stone, and the rest:
let's talk about qmail again on the qmail list.
Felix
On Sat, 2 Jun 2001, Russell Nelson wrote:
> Qmail doesn't need any queue management.
Sure. Everything you need to do when your mail queue gets clogged with
10,000 spam messages is to close your eyes and wait a week or two until
these messages and their undeliverable bounces time out and the queue
is cleared out in a natural way. ;)
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
Pavel Kankovsky writes:
> On Sat, 2 Jun 2001, Russell Nelson wrote:
>
> > Qmail doesn't need any queue management.
>
> Sure. Everything you need to do when your mail queue gets clogged with
> 10,000 spam messages is to close your eyes and wait a week or two until
> these messages and their undeliverable bounces time out and the queue
> is cleared out in a natural way. ;)
Sure. You may *wish* to do something about it, but it's not required.
While those 10,000 spam messages are sitting in your queue (on
average, 434 per directory; a reasonable size for a directory on ufs
or e2fs), new emails will continue to be received and sent. Visualize
sendmail with a 10,000 message queue. Or rather, don't, unless you
wish to spoil an otherwise beautiful Sunday night / Monday morning.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Microsoft rivets everything.
521 Pleasant Valley Rd. | +1 315 268 1925 voice | Linux has some loose screws.
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | You own a screwdriver.
|
I have given the IP address list in RELAYCLIENTS
& it is working fine. Now I want to restrict relaying based on domain name
also. That means though the IP address of the person relaying through
my SMTP server is listed in my RELAYCLIENTS list, I want his domain
should be checked. (Don't allow if his mail from domain is not my own
domain)
In short we have
problem in setting relaydomains
Suppose my domain is MYDOMAIN.COM & I am
allowing 203.61.22.21 IP from RELAYCLIENT. The sender having the same IP but he
is sending MAIL from OTHERDOMAIN.COM to SOMEOTHERDOMAIN.COM then it should not
be allowed.
. If the IP addess listed in RELAYCLIENTS
is allow the system is checking setting in RCPTHOSTS & if the domain is
not listed in RCPTHOSTS then is gives '553 sorry, that domain isn't allowed to
be relayed thru this MTA (#5.7.1)' error. It dose'nt checks RELAYDOMAINS setting
at all. We tried verious options to set RELAYDOMAINS working but could't solve
the problem.
Please help me in solving this.
Regards,
Milind
|
I have given the IP address list in RELAYCLIENTS
& it is working fine. Now I want to restrict relaying based on domain name
also. That means though the IP address of the person relaying through
my SMTP server is listed in my RELAYCLIENTS list, I want his domain
should be checked. (Don't allow if his mail from domain is not my own
domain)
In short we have
problem in setting relaydomains
Suppose my domain is MYDOMAIN.COM & I am
allowing 203.61.22.21 IP from RELAYCLIENT. The sender having the same IP but he
is sending MAIL from OTHERDOMAIN.COM to SOMEOTHERDOMAIN.COM then it should not
be allowed.
. If the IP addess listed in RELAYCLIENTS
is allow the system is checking setting in RCPTHOSTS & if the domain is
not listed in RCPTHOSTS then is gives '553 sorry, that domain isn't allowed to
be relayed thru this MTA (#5.7.1)' error. It dose'nt checks RELAYDOMAINS setting
at all. We tried verious options to set RELAYDOMAINS working but could't solve
the problem.
Please help me in solving this.
Regards,
Milind
|
Hey guys/gals I'm currently running a Cobalt Raq4 and not having to much of
luck running qmailadmin if i just run qmailadmin from a cgi-bin i get all
sorts of ASCII characters on the screen. If i rename it to a .cgi i get
CGIWrap Error: Execution of this script not permitted, Execution of
(vpopmail) is not permitted for the following reason: User not Privileged
Any ideas? And the times that i didn't get the error i enter postmaster, a
domainname, and the password and I get a method POST not allowed for this
URL. Any ideas or howto's to get this working?
Thanks!
---------------------------------
Zak Thompson
[EMAIL PROTECTED]
Network Administrator
Nexpoint Technologies, Inc.
http://www.ntidesign.com
Hi, Dear All
Somebody are talking about www.orbs.org.
What about www.mail-abuse.org? I think they're abusing their influence. Many sites
are using their blacklist. So they should be very responsible for every IP address
their list.
For my instance, my server is on the RSS list because it WAS an open-relay server.
Then I fixed the problem and sent a removal request. But mail-abuse.org said I
blocked their mail server (I didn't. I don't know why). Now they even refuse my
removal request on the web. According their "order", I had to mail to
[EMAIL PROTECTED], explaining why I blocked their server. But I just got an
auto-relay that said I should submit removal request on the web. Dead loop :-(
Any body kind enough to test if my server is third-party relay? Its IP address is
202.96.230.197
Best regards,
Dai Yuwen
______________________________________
===================================================================
������ѵ������� (http://mail.sina.com.cn)
ʹ���ֻ����š��ʼ����ѡ����ܣ���ʱ�˽�������������
(http://sms.sina.com.cn/docs/sina_mailalert.html)
�����ֻ����Ŷ�������ÿ����¿��ֻ��� (http://dailynews.sina.com.cn/c/266499.html)
My test of your server indicates that you appropriately block relaying.
-Tupshin
----- Original Message -----
From: "daiyuwen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, June 03, 2001 9:11 PM
Subject: What about www.mail-abuse.org ?
> Hi, Dear All
>
> Somebody are talking about www.orbs.org.
> What about www.mail-abuse.org? I think they're abusing their influence.
Many sites are using their blacklist. So they should be very responsible
for every IP address their list.
>
> For my instance, my server is on the RSS list because it WAS an open-relay
server. Then I fixed the problem and sent a removal request. But
mail-abuse.org said I blocked their mail server (I didn't. I don't know
why). Now they even refuse my removal request on the web. According their
"order", I had to mail to [EMAIL PROTECTED], explaining why I blocked their
server. But I just got an auto-relay that said I should submit removal
request on the web. Dead loop :-(
>
> Any body kind enough to test if my server is third-party relay? Its IP
address is
> 202.96.230.197
>
> Best regards,
> Dai Yuwen
> ______________________________________
>
> ===================================================================
> ������ѵ������� (http://mail.sina.com.cn)
> ʹ���ֻ����š��ʼ����ѡ����ܣ���ʱ�˽�������������
(http://sms.sina.com.cn/docs/sina_mailalert.html)
> �����ֻ����Ŷ�������ÿ����¿��ֻ���
(http://dailynews.sina.com.cn/c/266499.html)
>
On Sun, Jun 03, 2001 at 09:04:22PM -0700, Tupshin Harper allegedly wrote:
> My test of your server indicates that you appropriately block relaying.
(Let me say beforehand that I don't know anything about mail-abuse.org
and whether they do or do not have this address listed, or indeed
whether they have this address listed for valid reasons).
The fact that some IPs are not accepted for relaying does not mean
that all are. It may well be, for example, that the IP in question
relays mail from, say, all 202. addresses or all 202.96 addresses.
Of course this is not a qmail related issue unless the original poster
has a problem understanding relay protection with qmail and starts
with a posting of his tcpserver rules and his expectations of what
they do.
Regards.
>
> -Tupshin
>
> ----- Original Message -----
> From: "daiyuwen" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Sunday, June 03, 2001 9:11 PM
> Subject: What about www.mail-abuse.org ?
>
>
> > Hi, Dear All
> >
> > Somebody are talking about www.orbs.org.
> > What about www.mail-abuse.org? I think they're abusing their influence.
> Many sites are using their blacklist. So they should be very responsible
> for every IP address their list.
> >
> > For my instance, my server is on the RSS list because it WAS an open-relay
> server. Then I fixed the problem and sent a removal request. But
> mail-abuse.org said I blocked their mail server (I didn't. I don't know
> why). Now they even refuse my removal request on the web. According their
> "order", I had to mail to [EMAIL PROTECTED], explaining why I blocked their
> server. But I just got an auto-relay that said I should submit removal
> request on the web. Dead loop :-(
> >
> > Any body kind enough to test if my server is third-party relay? Its IP
> address is
> > 202.96.230.197
> >
> > Best regards,
> > Dai Yuwen
> > ______________________________________
> >
> > ===================================================================
> > ������ѵ������� (http://mail.sina.com.cn)
> > ʹ���ֻ����š��ʼ����ѡ����ܣ���ʱ�˽�������������
> (http://sms.sina.com.cn/docs/sina_mailalert.html)
> > �����ֻ����Ŷ�������ÿ����¿��ֻ���
> (http://dailynews.sina.com.cn/c/266499.html)
> >
>
Hi
there,
I am probably
opening a long-running topic here, but here goes...
I have just
successfully compiled qmail on SCO OpenServer. However, it seems that my outgoing mail
queue is getting "stuck".
The log includes,
Connected_to_......._but_connection_died._(#4.4.2)/
Running a "ps" shows
qmail-remote sitting there, trying to deliver the queue.
Local deliveries
work just fine.
I know similar
messages have been posted to the list, and I apologise for the duplication,
however I have spent the last two days pouring through the archives but unable
to find the resolution (if there is one).
Before you say
anything.... I can't move to Linux just yet...
Thanks for your
time.
Kind
regards
Jason
On Mon, Jun 04, 2001 at 02:16:20PM +1000, Jason Heskett allegedly wrote:
> Hi there,
>
> I am probably opening a long-running topic here, but here goes...
> I have just successfully compiled qmail on SCO OpenServer. However, it seems
> that my outgoing mail queue is getting "stuck".
Is that true for all outgoing mail or just some?
> The log includes,
> Connected_to_......._but_connection_died._(#4.4.2)/
>
> Running a "ps" shows qmail-remote sitting there, trying to deliver the
> queue.
Does SCO has a truss or strace or some similar system call trace? If
so, attach to the qmail-remote and show us the output. Yo may also
want to get a tcpdump/snoop of the tcp traffic.
> Local deliveries work just fine.
>
> I know similar messages have been posted to the list, and I apologise for
> the duplication,
You'll also note that SCO in general is not well loved/supported by
djbware. The problem seems to be that the tcp/ip stack sucks - to use
a technical term.
> Before you say anything.... I can't move to Linux just yet...
That still leaves any of the BSD variants then :>
Regards.
Hi
I'm wondering, do I really need to log anything. Is this must or is it extra for
debugging purpose. I just feel that there would be much improvement with the sending
mail if my cpu did not have to bother with logging every email that's leaving my
mailer. I mean I have millions of junk emails which none of them are important at all.
I'm kinda of newbie but can someone confirm that It's okay to get rip of
qmail-smtpd/log/run
thanks in advance
Sudong Lee
http://newbieportal.com
On Tue, Jun 05, 2001 at 02:28:31AM +0000, NewBiePortal allegedly wrote:
>
> Hi
>
> I'm wondering, do I really need to log anything. Is this must or is it extra for
>debugging purpose. I just feel that there would be much improvement with the sending
>mail if my cpu did not have to bother with logging every email that's leaving my
>mailer. I mean I have millions of junk emails which none of them are important at
>all.
>
> I'm kinda of newbie but can someone confirm that It's okay to get rip of
> qmail-smtpd/log/run
It's entirely up to you. I wish I was lucky enough to work on an email
system that has "millions of junk emails" and which required no
analysis or problem diagnosis or anything, ever! Just remember most
problems have to be looked "back at" which is only possible with some
sort of log.
Of course the fact that your system does have "millions of junk
emails" suggests that something is very wrong in the first instant -
something like being abused as an open-relay that a log might well
identify.. But as I say, it's your server.
There is the final point that you don't know what your logging really
costs. How much of a "bother" is it to your CPU? Have you measured it
or are you speculating? Is the bother greater than that or the
"millions of junk emails" that you might be able to eliminate?
Regards.
Hello all:
I have two question.
1. I want to know how to process when qmail received a not exist user in qmail server.
which program to process, is qmail-send ?
whether original sender can receiver a notic mail?
2. About quota ,when user mail sizes execd max quota size,qmail how to process, or
qmail-local error .
whether original sender can receiver a notic mail?
Thank you.
Hello all:
I have two question.
1. I want to know how to process when qmail received a not exist user in qmail server.
which program to process, is qmail-send ?
whether original sender can receiver a notic mail?
2. About quota ,when user mail sizes execd max quota size,qmail how to process, or
qmail-local error .
whether original sender can receiver a notic mail?
Thank you.
On Mon, 4 Jun 2001, george wrote:
> 1. I want to know how to process when qmail received a not exist user
qmail will automatically return a failure message to the originator if the
local recipient does not exist.
> 2. About quota ,when user mail sizes execd max quota size,qmail how
> to process, or qmail-local error .
The same. qmail handles this automatically.
--
Todd A. Jacobs
CodeGnome Consulting, LTD
--------------------------------------------------------------------------------
Hello :
I use qmail+mysql system in SunOS.I want to filter a special mail address or subject
or content when qmail server receiver all mail.
How to do ?
Thank you!
On Sun, 3 Jun 2001, George Xu wrote:
> I use qmail+mysql system in SunOS.I want to filter a special mail
> address or subject or content when qmail server receiver all mail.
Make procmail your MDA, and set up a global procmailrc file that does
whatever you like with the mail. As long as the message hasn't been
delivered in the global procmailrc, execution falls through to the user's
.procmailrc when the recipe falls off the end of the global rc.
That said, a dot-qmail file will override any procmail delivery recipes,
so this isn't a good solution if you're trying to force something on
un-cooperative users, since they can more or less bypass your global
configs.
--
Todd A. Jacobs
CodeGnome Consulting, LTD
Hi Everone.
Here's my next experiment and wondering if this is possible
Everyone knows that we can connect to smtp server directly using telnet or
simple socket connection script.
Can I do the same for qmqp server or qmtpd server.
If yes, is this better way to speed up the sending mail.
If no, how come.
thanks in advance
Sudong Lee
where can found exit code explain ?
Thank you.
