Re: [courier-users] couriermlm subscribe Subject bounces
Alan Milligan wrote: I'm trying to cleanup all the crap that comes into my mailing list owner mailboxes, and I'm now just down to wanting to automagically bin all *-subscribe requests with a non-blank Subject header. These are invariably spammers who've found a link to a mailbox via our website subscribe portlets/forms. While I could write a filter to do this and place it ahead of the couriermlm msg in the maildrop recipe, it occurs to me that to write a performant C program, it would have somewhat similar functionality to couriermlm. By filter I presume you mean a courier filter. Have you considered simply using a .mailfilter file, in the homedir of the path used for the mail list? - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courier 432filters temporarily unavailable help
Sunet Sysadmin wrote: Hi, We have courier mail server with courier-filter. Modules running on courier-filter are SA, Clamd(using unix socket), SPF. Every thing seems to be working good. But all of a sudden i get these errors Nov 8 08:59:51 jupiter submit: Transport endpoint is not connected Nov 8 08:59:51 jupiter courieresmtpd: error,relay=:::130.94.123.232,from=[EMAIL PROTECTED]: 432 Mail filters temporarily unavailable. Nov 8 08:59:54 jupiter courieresmtpd: started,ip=[:::82.244.132.94] Nov 8 08:59:55 jupiter submit: Transport endpoint is not connected Nov 8 08:59:55 jupiter courieresmtpd: error,relay=:::195.98.170.130,from=[EMAIL PROTECTED]: 432 Mail filters temporarily unavailable. Nov 8 08:59:55 jupiter courieresmtpd: started,ip=[:::202.60.69.27] In my situation, this wound up being a socket (for amavisd) that had incorrect permissions. The filter processes themselves were running quite happily, but the socket wasn't permitting commands to come in. Also, for me this was only happening when using sendmail. Delivery through emstpd was working normally. Bill - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Sendmail issue after upgrade to 0.53.2
Bill Taroli wrote: I also see older references to amavisd-new and the ownersihp of the socket used, but that turned out to be correct as well. In fact, mail is generally being received and delivered just fine. It's just that non-root users can't seem to use sendmail directly. Well, I spoke too soon. Apparently with the latest amavisd-new, the usual umask of 0027 for the socket doesn't seem happy on this host. When I manually chmod'ed it with g+w (ownership is courier:courier, and amavisd-new is running as the same) then non-root users suddenly were able to use sendmail again. I'll follow up on the amavis list, but though I'd note this here in case others run across it later. Bill - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Need Some Advice on SMTP overload issue
Sam Varshavchik wrote: Bill Taroli writes: Any suggestions or pointers are appreciated. I am considering moving to the latest courier release on this system as well, just in case it might be related to any fixes made subsequent. Correct. This will likely fix this issue. Especially since you won't need to do much more than build the new courier-authlib rpms, install them, build the new courier rpms, and install them. Well, I thought I'd write to follow-up and let folks know that the issue wasn't actually being caused by Courier after all. It was something going on with amavisd-new. I was running 2.3.2 on this host and it appears to have started having problems. An upgrade to 2.4.3 fixed it though. :-) - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Need Some Advice on SMTP overload issue
Just lately, one of my courier servers has been getting into a bit of a pickle. In particular, we're getting hammered by so many incoming spam connections that we hit the (as configured) 40 process limit on SMTP. Unfortunately, some of these processes seem to hang open, and I'm not really sure why. This is on FC3 and Courier 0.50.0 (authlib 0.57). I have RBL's enabled, so I see a good number of these get rejected on this check. I'm wondering if I might save myself some grief by adding affected source IP addresses into a reject list for SMTP so they aren't even allowed to connect, as a means of reducing the effect of these connections? For now, I've simply bumped up the max process count a bit and am keeping a close eye on it to see whether the submit/emstpd process list starts growing larger than it should. Any suggestions or pointers are appreciated. I am considering moving to the latest courier release on this system as well, just in case it might be related to any fixes made subsequent. Bill - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Need Some Advice on SMTP overload issue
Mark Bucciarelli wrote: On Thu, Oct 12, 2006 at 11:30:33AM -0700, Bill Taroli wrote: Just lately, one of my courier servers has been getting into a bit of a pickle. In particular, we're getting hammered by so many incoming spam connections that we hit the (as configured) 40 process limit on SMTP. Unfortunately, some of these processes seem to hang open, and I'm not really sure why. This is on FC3 and Courier 0.50.0 (authlib 0.57). Use greylisting? Sure, blocking at f/w would work. But not very nice if you make a mistake. Better is an SMTP proxy that gives 500 msg that includes reason and URL. Why do you think your submit processes are hanging? Because I ps -ef for submit processes when I get reports of people not being able to send mail... and there are a huge raft of them, with a large number of them with start timestamps several hours earlier. Further, the maillog includes things like the following. When I look back in the log in the hours before this, I see a huge number of started lines with no corresponding follow-up, as if the sockets were opened but then nothing came in (DOS?). And, as I mentioned, there is a pretty healthy helping of rejects (511) due to RBL. Oct 11 20:35:19 tanzanite courieresmtpd: 40 maximum active connections. Oct 11 20:35:22 tanzanite courieresmtpd: started,ip=[:::24.159.76.72] Oct 11 20:35:31 tanzanite courieresmtpd: error,relay=:::24.159.76.72,from=[EMAIL PROTECTED],to=[EMAIL PROTECTED]: 511 http://www.spamhaus.org/query/bl?ip=24.159.76.72 Oct 11 20:35:32 tanzanite courieresmtpd: started,ip=[:::219.87.130.10] Oct 11 20:36:20 tanzanite courieresmtpd: started,ip=[:::61.217.232.239] Oct 11 20:46:20 tanzanite courieresmtpd: [:::61.217.232.239]: Connection timed out Oct 11 20:46:20 tanzanite courieresmtpd: 40 maximum active connections. Oct 11 20:46:23 tanzanite courieresmtpd: started,ip=[:::195.177.72.7] Oct 11 20:46:26 tanzanite courieresmtpd: started,ip=[:::84.52.80.68] Oct 11 20:46:26 tanzanite courieresmtpd: 39 active connections. Oct 11 20:46:26 tanzanite courieresmtpd: started,ip=[:::195.177.72.7] Oct 11 20:46:28 tanzanite courieresmtpd: started,ip=[:::130.13.18.71] Oct 11 20:46:28 tanzanite courieresmtpd: started,ip=[:::205.188.139.136] Oct 11 20:46:31 tanzanite courieresmtpd: started,ip=[:::24.176.96.94] Oct 11 20:46:31 tanzanite courieresmtpd: started,ip=[:::195.177.72.7] Oct 11 20:46:34 tanzanite courieresmtpd: started,ip=[:::24.69.176.45] Oct 11 20:46:42 tanzanite courieresmtpd: started,ip=[:::58.252.161.117] Oct 11 20:46:59 tanzanite courieresmtpd: started,ip=[:::218.24.84.77] Oct 11 20:46:59 tanzanite courieresmtpd: started,ip=[:::220.128.238.213] Oct 11 20:46:59 tanzanite courieresmtpd: started,ip=[:::58.252.161.117] Oct 11 20:47:02 tanzanite courieresmtpd: started,ip=[:::24.230.70.58] Oct 11 20:47:20 tanzanite courieresmtpd: started,ip=[:::76.1.85.69] Oct 11 20:47:23 tanzanite courieresmtpd: started,ip=[:::71.168.137.246] Oct 11 20:47:23 tanzanite courieresmtpd: 40 maximum active connections. Oct 11 20:47:23 tanzanite courieresmtpd: started,ip=[:::195.177.72.7] Oct 11 20:47:32 tanzanite courieresmtpd: started,ip=[:::219.156.134.34] Oct 11 20:47:34 tanzanite courieresmtpd: started,ip=[:::219.157.60.174] Oct 11 20:47:38 tanzanite courieresmtpd: started,ip=[:::59.6.204.197] Oct 11 20:47:41 tanzanite courieresmtpd: started,ip=[:::164.77.82.66] Oct 11 20:47:41 tanzanite courieresmtpd: started,ip=[:::66.150.243.7] ... Oct 12 10:55:28 tanzanite courieresmtpd: submitclient: EOF from submit. Oct 12 10:55:28 tanzanite last message repeated 5 times Oct 12 10:55:28 tanzanite courieresmtpd: 35 active connections. Oct 12 10:55:28 tanzanite courieresmtpd: submitclient: EOF from submit. Oct 12 10:55:29 tanzanite last message repeated 24 times Oct 12 10:55:28 tanzanite courieresmtpd: submitclient: EOF from submit. Oct 12 10:55:28 tanzanite last message repeated 4 times Oct 12 10:55:28 tanzanite courieresmtpd: 40 maximum active connections. Oct 12 10:55:28 tanzanite courieresmtpd: submitclient: EOF from submit. But rather than want to use a f/w, I was thinking more like adding the more common IP addresses to the deny list for the daemon prevent them from opening a socket in the first place and burning up a process. Bill - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Need Some Advice on SMTP overload issue
Sam Varshavchik wrote: Bill Taroli writes: Any suggestions or pointers are appreciated. I am considering moving to the latest courier release on this system as well, just in case it might be related to any fixes made subsequent. Correct. This will likely fix this issue. Especially since you won't need to do much more than build the new courier-authlib rpms, install them, build the new courier rpms, and install them. Ah, OK. I've been running 0.53.2 on my Solaris system for a while now, so I definitely recognize the upgrade to be a no-brainer. The older install is a hosted system, so I try to avoid changing it too often. It definitely seems time! :-) Thanks for verifying this impact anyway, since I hate to upgrade just in the hopes that it will fix a problem. ;-) Bill - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Can list creation be automated in couriermlm?
Milan Obuch wrote: On Tuesday 12 September 2006 04:16, Edwin L. Culp W. wrote: ... can't seem to get past the ^D part gracefully to end each sub command. ... Are you talking about scripting sub command? Could you use echo something | couriermlm ... for that? It works for me, or at least worked when I last tried. Exactly. The ^D is used to indicate EOF (interactively) and this happens gracefully when the end of a stream piped into couriermlm occurs. :-) Bill - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Global Filter
Henry F. Camacho Jr wrote: I am trying to create a global filter that will take any message marked as SPAM by Spam assassin and place that email into a Junk Folder. Can someone point me in the right direction. I'm not at all certain that a filter can even do that. I accomplish the same thing with maildrop (in global maildroprc) and it works just fine... ... if ((/^X-Spam-Flag:.*YES/)) { to ./Maildir/.Junk } ... Bill - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Global Filter
Larry Moore wrote: A more refined routine; *bows humbly* - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] authlib 0.58 compile error
N.Khershberg wrote: On Tuesday 13 June 2006 12:10, Sam Varshavchik wrote: You must use GNU LD to compile Courier. I am using GNU SUN , but I get errors anyway ... No, he's not kidding, really. This keeps coming up on the Solaris platform, but I found my salvation by installing Gnu ld into /usr/local/bin and then replacing /usr/ccs/bin/ld with a symlink to /usr/local/bin/ld. The issue seems to be that even if you manage to get configure to recognize the Gnu ld installed in an alternate location, there are still parts of the actual make that still refer to /usr/ccs/bin. If you simply replace /usr/ccs/bin/ld, you will eliminate this problem. I have actually left this in place permanently -- even for other products I build with gcc on Solaris -- and have had absolutely no ill effects. Nor have I had any further Courier build problems. Hope this helps. Bill ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Right and wrong way
Neil Stone wrote: I also at some point would like to get my head around the whole mailing list thing, any suggestions or recommendations ?? $ man couriermlm --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] internal mailing list
Matthew Thomas Broadhead wrote: I wondered if there was an easy way to set up a mailing list to all users at one domain (e.g. [EMAIL PROTECTED]), restricting this email address only to users at that domain who are authenticated to SMTP on the server (i.e. only internal users). I think the most direct way would be to just define an alias, such as staff: tom, dick, harry, jane Then when email is received for the local domain for the user staff it would be sent to each of the other named users. If you instead wanted features such as the ability to subscribe and unsubscribe, or digests, then couriermlm would be better suited to your task. Bill --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: SV: [courier-users] authlib 0.58 compile error
Göran Höglund wrote: Hi, Yes I had the same problem. I did install GNU ld from sun freeware and then short circuited Suns ls by renaming it # mv /usr/ccs/bin/ld /usr/ccs/bin/ld.SUN /GH -Ursprungligt meddelande- Från: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] För Gordon Thagard Skickat: den 24 april 2006 17:01 Till: courier-users@lists.sourceforge.net Ämne: [courier-users] authlib 0.58 compile error gcc 3.4.2 solaris 9 courier-authlib 0.58 Hi, I'm getting a an error trying to compile authlib. Has anybody seen this? Yes, I suppose this would be the absolutely simplest approach to the issue -- replacing /usr/ccs/bin/ld. I wound up doing it the way I did because I had hoped to only bypass it for the builds that required it... and right now the only product I use that does is Courier. Bill --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid0709bid3057dat1642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] authlib 0.58 compile error
Gordon Thagard wrote: rm /usr/ccs/bin/ld mv /usr/ccs/bin/ld.sun /usr/ccs/bin/ld In my case, I don't diddle with the ld symlink each time. I just left it linked to Gnu ld. I've found no negative impact to other builds (for which I use gcc as well) or already built binaries. --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] authlib 0.58 compile error
Gordon Thagard wrote: gcc 3.4.2 solaris 9 courier-authlib 0.58 Hi, I'm getting a an error trying to compile authlib. Has anybody seen this? Oh goodness have I seen it. Gladly, with help from others, I haven't had a problem with it lately. Sam's suggestion about LD is right on. Be sure to install Gnu ld someplace (/usr/local/lib or similar). Also be sure to rename and link that installation to /usr/ccs/bin/ld -- there are some makefiles that don't honor these variables even when you set every possible on to your alternate ld. Once done, I use a script like the following, which I invoke as . ./config.authlib to ensure that the variables are set in the current shell env for the compilations after the configure. export CCLD=/usr/local/bin/ld export CXXLD=/usr/local/bin/ld export LD=/usr/local/bin/ld ./configure your options here... nothing specific to LD --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: SV: [courier-users] Compiling version three
Göran Höglund wrote: As the output snippet from my make command below shows I am trying to compile authlib with mysql support. I have short circuted the solaris linker by renaming it becuse I had problems with this earlier. Right now I suspect gcc not the linker though. I have tried to find more info about gcc: language arch=v8 not recognized but with no success. My worst fear is that I also may have to complie mysql with the same tools (GNU) that I use for courier-authlib. /GH What gcc version are you using? Mine is 3.4.2 and was linked originally with /usr/ccs/bin/ld. I have built from source again using the commands I mentioned (to force gnu ld) and added support for mysql (v4.0.20 in my case) without any problems. Come to think of it... I seem to remember getting a weird build error like that when I was still working on getting it to use the gnu ld... I had configured using it but parts of the make were still referring to Sun's. But using Sun's ld when the make expected gnu caused errors like this. Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid0944bid$1720dat1642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Compiling version three
Göran Höglund wrote: When I compile the authlib i get an compiler error: make[2]: Entering directory `/usr/share/src/courier-authlib-0.58' Compiling authdaemonlib.c gcc: language arch=v8 not recognized gcc: authdaemonlib.c: linker input file unused because linking not done mv: cannot access .deps/authdaemonlib.Tpo make[2]: *** [authdaemonlib.lo] Error 2 Link errors on Solaris tend to make me ask the question are you using Gnu ld? I had serious problems trying build anything after courier-0.50.0 (and it's associated authlib). Nowadays, I'm doing the following in my authlib configure script (also note that this meant installing Gnu ld in /usr/local/bin and symlinking it to replace /usr/ccs/bin/ld). export CFLAGS=-I/usr/local/ssl/include export CPPFLAGS=-I/usr/local/ssl/include export LDFLAGS=-L/usr/local/ssl/lib export CCLD=/usr/local/bin/ld export CXXLD=/usr/local/bin/ld export LD=/usr/local/bin/ld ./configure -C --with-db=gdbm ... I have also taken to running this using . ./script since there were some makefiles that were failing with just the enviornment variables specified in the configure commandline, at least in my expereience. I may try a mysql build of authlib, too, to see what happens. Not using it so far, though I do use Mysql for other things. :-) Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid0944bid$1720dat1642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Fw: couriermlm add footer text?
Ricardo Kleemann wrote: Repost, I'm not sure if this message made it to the list... Hi, Does couriermlm not allow for appending footer text to posted messages? Ricardo It was and Sam replied. Short answer: no. --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Maildrop with dotforward
Lyndon Tiu wrote: Hello, I need to combine maildrop and dotforward. DEFAULTDELIVERY=|| dotforward | /usr/lib/courier/courier-mail/bin/maildrop I tried the above but email does not go anywhere, just get's queued with no error messages whatsoever. I do it exactly that way in my installation and it works fine. Are you sure that /usr/lib/courier/courier-mail is the installation path? Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] 417 SPF error [EMAIL PROTECTED]: DNS MX lookup failed.?
Jerry Amundson wrote: Subject occurs with user trying to send to me. Line from maillog: Mar 30 09:24:46 athena courieresmtpd: error,relay=:::192.206.149.20,from=[EMAIL PROTECTED]: 417 SPF error [EMAIL PROTECTED]: DNS MX lookup failed.? Courier has set: BOFHSPFMAILFROM=pass,none,unknown,softfail,neutral I think the test against the MX is a different one. Perhaps the complete specification from etc/bofh would help here. IIRC, the MX test is actually controlled with BOFHCHECKHELO and BOFHSPFHELO. Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: 417 SPF error [EMAIL PROTECTED]: DNS MX lookup failed.?
Jerry Amundson wrote: On Thu March 30 2006 13:17, Bill Taroli wrote: Jerry Amundson wrote: Subject occurs with user trying to send to me. Line from maillog: Mar 30 09:24:46 athena courieresmtpd: error,relay=:::192.206.149.20,from=[EMAIL PROTECTED]: 417 SPF error [EMAIL PROTECTED]: DNS MX lookup failed.? Courier has set: BOFHSPFMAILFROM=pass,none,unknown,softfail,neutral I think the test against the MX is a different one. Perhaps the complete specification from etc/bofh would help here. IIRC, the MX test is actually controlled with BOFHCHECKHELO and BOFHSPFHELO. I see. Yes, looks like BOFHSPFHELO=0 would be one direction to go. But, I shy away from making expections like this, so I suggested the user use an office (local) address, or actually authenticate to cogeco.ca to go through their server. Simple fix... ;-) Personally, I have found BOFHCHECKHELO causes too many delivery problems for me. It got to be an increasingly full time job to monitor log reports, add manual exceptions to the rule, and follow up with admins who couldn't apparently figure out how to get their MTA's and DNS'es to agree... and some of these weren't small (like Yahoo). In the end, I left this check turned off and let my other filters catch mail. The other SPF checks are beginning to come alive as more domains supply DNS records... quite effective too! Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Best Platform for Courier
Dew Ediho wrote: I haven't had the benefit of running a production server in any other environment and would like the opinion (please share your experience) of members of this group on which you would consider to be the best platform for Courier? I run a small number of my own domains on Solaris 9. The only real issue I've had was getting more recent versions ( 0.50.0) to build. But since a recent thread describing how to force the use the Gnu ld (even if gcc wasn't built with it), I have been able to get 0.53.1 (and auth 0.58) running w/o issue. The only functional issue that you might find is that this distro doesn't come with famd by default; I've managed to get a build from another source and find it works wonderfully with no more overhead than on Linux. I also run Courier on FC4 for a lab at work, and it runs well there, too. I find that I have been continuing to build from sources there still since (a) got used to it with Solaris and (b) central RPMs don't seem to keep up on latest versions well -- or I just don't know where to look. ;-) So... is there a best platform? Well, I guess it depends on your situation. If you were very high volume, then a clustered implementation with beefy CPU might be advised. But for smaller implementations, I don't think it makes much difference. Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Best Platform for Courier
Bowie Bailey wrote: Bill Taroli wrote: I also run Courier on FC4 for a lab at work, and it runs well there, too. I find that I have been continuing to build from sources there still since (a) got used to it with Solaris and (b) central RPMs don't seem to keep up on latest versions well -- or I just don't know where to look. ;-) Are you installing from source, or just building the RPMs from source? I have been installing from source. I see the potential benefit from doing RPM installs. I guess I'd feel a stronger urge to do it if I were having to manage several servers, too. Definitely food for thought. --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Best Platform for Courier
Lyndon Tiu wrote: On Thu, 30 Mar 2006 18:15:17 -0500 [EMAIL PROTECTED] wrote: Yes, until you clobber your etc folder by untarring over top of it... But I'm sure you're a good sysadmin that would never do that of course :-) That's where backups come into play :) Always backup your courier configurations!!! I second the motion. Heck, I even backup the target path before I'll do an install-strip or install-configure from a source build. You just never know :-D Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk=110944=241720=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Compiling part 2
That's a known issue, and seems to have broken again on later patch bundles of Solaris 9. See http://www.courier-mta.org/FAQ.html#solarisbug Göran Höglund wrote: Hi, I am trying to complie courier on a Solaris 8 machine. The configure script says: checking if wait function is broken... yes configure: error: I give up -- neither wait nor wait3 works properly configure: error: /bin/bash './configure' failed for waitlib My parameters to configure is: ./configure CPPFLAGS=-I/usr/local/BerkeleyDB/include LDFLAGS=-L/usr/local/BerkeleyDB/lib Any cloues what I am missing? Göran Höglund --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=kkid0944bid$1720dat1642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid0944bid$1720dat1642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Solaris and waitfunc
Sam Varshavchik wrote: Alex Moore writes: On Tue, 21 Mar 2006 14:26:14 +0100 Göran Höglund [EMAIL PROTECTED] wrote: configure: error: /bin/bash './configure' failed for waitlib Mr. Sam has answered this one before. A google should reveal that you need to add --with-waitfunc=wait3 to configure. Well, you should really figure out what's broken, first. This is just a bandaid that won't fix the real wound. I may take some time for this now. This compile is the first I've had successful since 0.50.0! ;-) It was nice to be able to upgrade finally. I thought it interesting that this issue, which was apparently fixed some time ago (or at least stopped happening) broke again with later patch bundles. Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid0944bid$1720dat1642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: SV: [courier-users] Compiling
Sam Varshavchik wrote: Göran Höglund writes: Hi, Well I tried: ./configure CPPFLAGS=-I/usr/local/BerkeleyDB/include CCLD=/usr/local/bin/ld CXXLD=/usr/local/bin/ld But ended up with the same result. In addition to CXXLD and CCLD, also try setting LD= Now we're getting somewhere. I see that configure has picked up the use of the alternate LD and recognizes it as the Gnu variety. Will let you know how the make goes. :-) Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid0944bid$1720dat1642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: SV: [courier-users] Compiling
Sam Varshavchik wrote: Göran Höglund writes: Hi, Well I tried: ./configure CPPFLAGS=-I/usr/local/BerkeleyDB/include CCLD=/usr/local/bin/ld CXXLD=/usr/local/bin/ld But ended up with the same result. I guess BillT is on the track the configure script writes the following: checking whether the gcc linker (/usr/ccs/bin/ld) supports shared libraries... yes checking whether -lc should be explicitly linked in... yes checking dynamic linker characteristics... solaris2.8 ld.so I guess its easier to change IMAP server than reinstalling/compiling my entire OS tools In addition to CXXLD and CCLD, also try setting LD= Well, that definitely got me through the configure issue. But there was still a problem in the Makefiles. Namely, despite these variables being set /usr/ccs/bin/ld was still invoked when make time came. I noticed that LD=(CC) in the Makefiles, which I didn't expect given we already knew gcc would invoke /usr/ccs/bin/ld by default -- based on how gcc itself was built. So... I got really ugly and temporarily symlinked /usr/ccs/bin/ld to my Gnu ld. The make and installation completed successfully! I'm not sure of the overall safety of supplanting the ld this way, so I returned it to normal upon completion of the build and installation. The running install doesn't seem any worse for it. Any idea why the Makefiles didn't comply with the variable settings despite the fact that configure seemed to understand what was going on? Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid0944bid$1720dat1642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Compiling
Sam Varshavchik wrote: It looks like your gcc is not using the binutils version of 'ld', GNU ld, it's trying to run Sun's native ld, which barfs. Try to run strings on binutils' ld. I don't think that Symbol referencing errors is a GNU ld error message. You need to use GNU ld for linking. This may be more easily said than done. IIRC, the last time I struggled with this Gnu ld requirement I began by installing the new ld and attempting to use it in a build. But every which way I tried, the gcc build (which was built using Solaris ld) couldn't apparently be made to use the alternate linker. This sort of makes sense, seeing as this means glibc is also linked with Solaris ld. From what I gathered, this would mean that gcc, the libs, and anything built with them (pretty much everything I've compiled) would have to be rebuilt. Not a pretty proposition. Unless of course you know of some way to force the choice of linker for the Courier build? Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier and SpamAssassin
Bowie Bailey wrote: Julie S. Lin wrote: i'm trying to get spamassassin to filter mail to an email alias [EMAIL PROTECTED] . in my courier aliases files list I have hostmaster :user x, user y, user z how can I go about doing that? from my research it's a matter of directing mail to a some file, run the spam filtering, then forward the checked mail onward? is there a better way? There are basically two ways: If you want to reject spam, you can use Amavisd-new to call SpamAssassin (and ClamAV, if you want). The downside is that this method has no capability to change the message and so it can't add markups to the header or subject. If you just want to mark and deliver the spam, you can call spamc from maildrop. With the alias you describe above, you would need to run it individually for each user (since maildrop is a delivery agent, it doesn't see the alias, just the users). In my case, I do a hybrid. I use Amavisd-new to spawn clamav and spamassassin (spamc) -- the latter only to reject spam over a certain threshold. Then I use spamc in maildrop to re-route incoming spam below the given threshold into an alternate user folder so they can review it and selectively sort it as junk or ham. Sure, running spamc twice is somewhat wasteful, maildrop couldn't benefit from spamc's first run (can't modify message during courierfilter step), but I still do want to allow excessively scored spam to be kicked during submit. Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Problem with POP3 and leave on server
Luca Bertoncello wrote: Sam Varshavchik [EMAIL PROTECTED] schrieb: Courier will report no messages in the mailbox if it reads the maildir's new and cur directories, and does not find any messages. It's not possible! We tryed ourselves, with an account WITH E-Mails, and sometimes we got this error! You say an account, so I take it this isn't just happening with the one user's mailbox that you first mentioned. But Sam is quite right about how the server looks for messages. Since Maildirs is file-based, it's really just a matter of whether the server sees files in the directories they should be located. Assuming that the files are indeed there, have you considered that you might be having an NFS issue? You might try running tests of one or several of your seven NFS clients (mail servers) where they interrogate a maildir to see whether they are consistently getting the correct file list. I wonder, too, what would happen if the NFS server (FAS270) returned an error of some kind when the IMAP server was trying to hit the directory. Hmm... Bill --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] configure probs with courier-0.52.2 on Solaris 9
configure falls over in waitlib, complaining that neither wait nor wait3 seem happy. Below is an exerpt from my waitlog config.log. In progress looking for internet-based Solaris tips on building courier (and authlib) post 0.50.0... whatever changed seems to make building it on Solaris 9 seem near impossible. configure:4025: checking if wait function is broken configure:4047: gcc -o conftest -g -O2 conftest.c 5 configure:4050: $? = 0 configure:4052: ./conftest configure:4055: $? = 1 configure: program exited with status 1 configure: failed program was: | /* confdefs.h. */ | | #define PACKAGE_NAME | #define PACKAGE_TARNAME | #define PACKAGE_VERSION | #define PACKAGE_STRING | #define PACKAGE_BUGREPORT | #define HAVE_SYS_WAIT_H 1 | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_SYS_WAIT_H 1 | #define HAVE_UNISTD_H 1 | #define RETSIGTYPE void | #define HAVE_WAIT 1 | #define HAVE_WAIT3 1 | #define HAVE_SIGHOLD 1 | #define HAVE_SIGPROCMASK 1 | /* end confdefs.h. */ | | #include confdefs.h | #include ./confwait.c | configure:4069: result: yes configure:4142: error: I give up -- neither wait nor wait3 works properly ## ## ## Cache variables. ## ## ## ac_cv_build=sparc-sun-solaris2.9 ac_cv_build_alias=sparc-sun-solaris2.9 ac_cv_c_compiler_gnu=yes ac_cv_c_const=yes ac_cv_c_inline=inline ac_cv_cxx_compiler_gnu=yes ac_cv_env_CC_set= ac_cv_env_CC_value= ac_cv_env_CFLAGS_set= ac_cv_env_CFLAGS_value= ac_cv_env_CPPFLAGS_set= ac_cv_env_CPPFLAGS_value= ac_cv_env_CPP_set= ac_cv_env_CPP_value= ac_cv_env_CXXCPP_set= ac_cv_env_CXXCPP_value= ac_cv_env_CXXFLAGS_set= ac_cv_env_CXXFLAGS_value= ac_cv_env_CXX_set= ac_cv_env_CXX_value= ac_cv_env_F77_set= ac_cv_env_F77_value= ac_cv_env_FFLAGS_set= ac_cv_env_FFLAGS_value= ac_cv_env_LDFLAGS_set= ac_cv_env_LDFLAGS_value= ac_cv_env_build_alias_set= ac_cv_env_build_alias_value= ac_cv_env_host_alias_set= ac_cv_env_host_alias_value= ac_cv_env_target_alias_set= ac_cv_env_target_alias_value= ac_cv_exeext= ac_cv_f77_compiler_gnu=yes ac_cv_func_db_env_create=yes ac_cv_func_db_open=no ac_cv_func_dbopen=no ac_cv_func_dlopen=no ac_cv_func_gdbm_fdesc=yes ac_cv_func_gdbm_open=yes ac_cv_func_inet_pton=no ac_cv_func_initgroups=yes ac_cv_func_poll=yes ac_cv_func_readlink=yes ac_cv_func_regcomp=yes ac_cv_func_setgroups=yes ac_cv_func_setlocale=yes ac_cv_func_setpgrp=yes ac_cv_func_setpgrp_void=yes ac_cv_func_shl_load=no ac_cv_func_sigblock=no ac_cv_func_sighold=yes ac_cv_func_sigprocmask=yes ac_cv_func_strcasecmp=yes ac_cv_func_strdup=yes ac_cv_func_strncasecmp=yes ac_cv_func_symlink=yes ac_cv_func_utime=yes ac_cv_func_utimes=yes ac_cv_func_wait=yes ac_cv_func_wait3=yes ac_cv_header_arpa_inet_h=yes ac_cv_header_dirent_dirent_h=yes ac_cv_header_dlfcn_h=yes ac_cv_header_errno_h=yes ac_cv_header_fam_h=no ac_cv_header_fcntl_h=yes ac_cv_header_inttypes_h=yes ac_cv_header_iostream=yes ac_cv_header_iostream_h=yes ac_cv_header_istream=yes ac_cv_header_istream_h=yes ac_cv_header_limits_h=yes ac_cv_header_locale_h=yes ac_cv_header_memory_h=yes ac_cv_header_minix_config_h=no ac_cv_header_netdb_h=yes ac_cv_header_netinet_in_h=yes ac_cv_header_new=yes ac_cv_header_ostream=yes ac_cv_header_ostream_h=yes ac_cv_header_pcre_h=yes ac_cv_header_pcre_pcre_h=no ac_cv_header_pthread_h=yes ac_cv_header_stdc=yes ac_cv_header_stddef_h=yes ac_cv_header_stdint_h=no ac_cv_header_stdlib_h=yes ac_cv_header_string_h=yes ac_cv_header_strings_h=yes ac_cv_header_sys_fcntl_h=yes ac_cv_header_sys_file_h=yes ac_cv_header_sys_ioctl_h=yes ac_cv_header_sys_poll_h=yes ac_cv_header_sys_select_h=yes ac_cv_header_sys_socket_h=yes ac_cv_header_sys_stat_h=yes ac_cv_header_sys_time_h=yes ac_cv_header_sys_types_h=yes ac_cv_header_sys_wait_h=yes ac_cv_header_sysexits_h=yes ac_cv_header_time=yes ac_cv_header_unistd_h=yes ac_cv_header_utime_h=yes ac_cv_header_vector=yes ac_cv_header_vector_h=yes ac_cv_header_wchar_h=yes ac_cv_host=sparc-sun-solaris2.9 ac_cv_host_alias=sparc-sun-solaris2.9 ac_cv_lib_db_db_env_create=yes ac_cv_lib_db_db_open=no ac_cv_lib_db_dbopen=no ac_cv_lib_dl_dlopen=yes ac_cv_lib_dld_shl_load=no ac_cv_lib_fam_FAMOpen=no ac_cv_lib_gdbm_gdbm_open=yes ac_cv_lib_nsl_inet_addr=yes ac_cv_lib_socket_socket=yes ac_cv_objext=o ac_cv_path_COURIERAUTHCONFIG=/usr/local/bin/courierauthconfig ac_cv_path_GPG=/usr/bin/gpg ac_cv_path_MAILBOT=/usr/lib/courier/bin/mailbot ac_cv_path_PERL=/usr/local/bin/perl ac_cv_path_PS=/usr/bin/ps ac_cv_path_SETENV=/usr/bin/env ac_cv_path_SYSCONFTOOL_PERL=/usr/local/bin/perl ac_cv_path_W=/usr/bin/w ac_cv_prog_AWK=nawk ac_cv_prog_CPP=$'gcc -E' ac_cv_prog_CXXCPP=$'g++ -E' ac_cv_prog_ac_ct_AR=ar ac_cv_prog_ac_ct_CC=gcc ac_cv_prog_ac_ct_CXX=g++ ac_cv_prog_ac_ct_F77=g77 ac_cv_prog_ac_ct_RANLIB=ranlib ac_cv_prog_ac_ct_STRIP=strip ac_cv_prog_cc_g=yes
[courier-users] make probs with courier-authlib-0.58 on Solaris 9
I make it through the configure just fine. The first time, the link fell over in the mysql stuff, but I don't use it, so I started again with --without-authmysql. This time, I get into the home stretch of linking and then it falls over with the following. Still seeking answers on the general net too. Not sure why building courier has gotten so difficult... built 0.50.0 and 0.56 (and numerous versions before those) just fine back when it arrived, but haven't had success with anything after that. :-( make[2]: Entering directory `/data1/home/wwt/install/courier-authlib-0.58' Compiling authdaemon.c Compiling authdaemonlib.c Compiling preauthdaemon.c Compiling authmoduser2.c Compiling authmoduser3.c Compiling debug.c debug.c: In function `courier_authdebug': debug.c:142: warning: subscript has type `char' Compiling authoption.c Linking libcourierauth.la Compiling authsasl.c Compiling authsaslcram.c Compiling authsasllogin.c Compiling authsaslplain.c Compiling authsaslfrombase64.c Compiling authsasltobase64.c Linking libcourierauthsasl.la Compiling authsaslclient.c Compiling authsaslclientcram.c Compiling authsaslclientcrammd5.c Compiling authsaslclientcramsha1.c Compiling authsaslclientlogin.c Compiling authsaslclientplain.c Linking libcourierauthsaslclient.la Compiling authpwdenumerate.c Compiling authsyschangepwd.c Compiling authsyscommon.c Compiling cramlib.c Compiling checkpassword.c Compiling cryptpassword.c Compiling checkpasswordmd5.c Compiling checkpasswordsha1.c Linking libcourierauthcommon.la Compiling authuserdb.c Compiling preauthuserdb.c Compiling preauthuserdbcommon.c Compiling authuserdbpwd.c Linking libauthuserdb.la Compiling authpam.c authpam.c:89: warning: initialization from incompatible pointer type Compiling preauthpam.c Linking libauthpam.la Compiling authcustom.c Compiling preauthcustom.c Linking libauthcustom.la Compiling authpipe.c Compiling authpipelib.c Linking libauthpipe.la Compiling authinfo.c Linking courierauthconfig Compiling authdaemontest.c Linking authdaemontest Compiling authmksock.c Linking authmksock Compiling authdaemond.c Linking authdaemondprog Undefined first referenced symbol in file libmail_encode_start./.libs/libcourierauthcommon.so libmail_str_gid_t authdaemond.o libmail_str_uid_t authdaemond.o md5_crypt_redhat./.libs/libcourierauthcommon.so sha1_hash ./.libs/libcourierauthcommon.so hmac_list ./.libs/libcourierauthcommon.so hmac_hashtext ./.libs/libcourierauthcommon.so hmac_hashkey./.libs/libcourierauthcommon.so sha256_hash ./.libs/libcourierauthcommon.so libmail_encode ./.libs/libcourierauthcommon.so libmail_encode_end ./.libs/libcourierauthcommon.so md5_hash_courier./.libs/libcourierauthcommon.so ld: fatal: Symbol referencing errors. No output written to .libs/authdaemondprog collect2: ld returned 1 exit status make[2]: *** [authdaemondprog] Error 1 make[2]: Leaving directory `/data1/home/wwt/install/courier-authlib-0.58' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/data1/home/wwt/install/courier-authlib-0.58' make: *** [all] Error 2 --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] configure probs with courier-0.52.2 on Solaris 9
Bill Taroli wrote: configure falls over in waitlib, complaining that neither wait nor wait3 seem happy. Below is an exerpt from my waitlog config.log. In progress looking for internet-based Solaris tips on building courier (and authlib) post 0.50.0... whatever changed seems to make building it on Solaris 9 seem near impossible. configure:4142: error: I give up -- neither wait nor wait3 works properly Found the FAQ entry and tried |--with-waitfunc=wait3. Seems to be helping the configure step. Now I see I've run into the same tcpd problem reported in here a short while ago, so I'll try the patch they mentioned in that thread. Does anyone know if there is a here's all the hoops you have to jump through to get recent Courier versions to build on Solaris document or page? And any idea whether the build process might possibly ever be made a little more Solaris friendly? I know we're all supposed to be running Linux these days, but some of us don't... ;-) Bill | --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Compilation problems with authlib 0.57 on Solaris 10
Linus Lund wrote: Linus Lund wrote: Dear list, I've been trying to compile the courier authlib 0.57 on a Solaris 10 (sparc64) machine, but I keep getting stuck in symbol referenced errors. I have no problems when compiling version 0.56. I'm not very good in solving linking errors so any suggestions would be much appreciated. This is what I've tried and the results of those trials: o Installed latest libtool, gcc. o Run configure script env CC=gcc CPPFLAGS=-I/usr/local/berkeleydb/include -I/usr/local/ldap/include/ LDFLAGS=-L/usr/local/berkeleydb/lib/ -L/usr/local/ldap/lib ./configure --with-mailuser=courier --with-mailgroup=courier --without-authuserdb --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --without-authmysql --without-authcustom --without-authpipe o Run make. Looks good for a bit and returns the following: [...] Linking authdaemondprog Undefined first referenced symbol in file libmail_encode_start./.libs/libcourierauthcommon.so libmail_str_gid_t authdaemond.o libmail_str_uid_t authdaemond.o md5_crypt_redhat./.libs/libcourierauthcommon.so sha1_hash ./.libs/libcourierauthcommon.so hmac_list ./.libs/libcourierauthcommon.so hmac_hashtext ./.libs/libcourierauthcommon.so hmac_hashkey./.libs/libcourierauthcommon.so sha256_hash ./.libs/libcourierauthcommon.so libmail_encode ./.libs/libcourierauthcommon.so libmail_encode_end ./.libs/libcourierauthcommon.so md5_hash_courier./.libs/libcourierauthcommon.so ld: fatal: Symbol referencing errors. No output written to .libs/authdaemondprog collect2: ld returned 1 exit status make[2]: *** [authdaemondprog] Error 1 o Repeated the same procedure with cc, with changing some options in the configure-line. If anyone else experience the same problem this is how I solved it: o Reread the README file and installed the GNU linker o Tried to recompile, worked fine! What exactly did you do to install the GNU linker *and* get configure to recognize it? I've gotten it onto the system, but the gcc I have (from sunfreeware of some old 3.x vintage) was build with Sun's ld... and configure uses it despite the availability of the GNU linker on the system Bill --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] make probs with courier-authlib-0.58 on Solaris 9
Bill Taroli wrote: I make it through the configure just fine. The first time, the link fell over in the mysql stuff, but I don't use it, so I started again with --without-authmysql. This time, I get into the home stretch of linking and then it falls over with the following. Still seeking answers on the general net too. Not sure why building courier has gotten so difficult... built 0.50.0 and 0.56 (and numerous versions before those) just fine back when it arrived, but haven't had success with anything after that. :-( Found an old thread from Linus Lund and following up there. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Filtering
Jay Lee wrote: ... Here's what I'm using: Clamcour - http://www.becrux.com/index.php?page=projectsname=clamcour AV filter that uses ClamAV and rejects viruses at the SMTP level. This is much more efficient than waiting until after the email is accepted to filter viruses. SpamAssassin - http://spamassassin.apache.org I call SpamAssassin from the global maildrop script (/etc/courier/maildroprc for me). I store user prefs and bayes data in MySQL making web based spam rules changes for end users simple (I use the SA-SQL plugin for Squirrelmail to do it)... The place where I vary from this is the use of amavisd-new, as a filter. I have continued to use it not so much for ClamAV, but instead to allow SA to reject messages (during submit) that exceed an exceptional spam level. Therefore, the maildrop SA run can route the lower-scoring spam to the spam folder. I guess my question is... is it possible to utilize SA from courierfilter in such a way to accomplish this same result w/o the use of amavisd-new? Mind you, there are *other* checks that amavisd-new provides that I value, but the key reason I use it is to provide ClamAV and SA hooks during SMTP submit. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: Courier Authentication (MySQL)
Wow... confirmation there is more than one smartass on the board... get over top-posting, guys... after all, even MICROSOFT condones it! ;-) hahaha Jerry Amundson wrote: This is reply text posted at the top - hence the term top-posting... ;-) On Mon October 31 2005 04:12, Robert Samuel White wrote: AND FINALLY, ONE RANT: The Installation instructions on the website need to be updated! Many of the paths on that website do not correlate to the paths that were AUTOMATICALLY placed on my server when doing the RPM install - making it very difficult for someone like me to know if I need to move things around to make sure the correct files are read (authdaemonrc, for example.)! Paths for packages built from source are relative - get used to it. In other words, generally available doc's, such as on a website, cannot include all possible configure paths given by every sys. admin. - it's simple enough to think in terms of etc/ bin/ sbin/ etc... Maybe they don't match on the web site, but they'll match in the INSTALLED MANPAGES. Yes, the config scripts are smart enough to embed the selected configuration paths into the manpages that are later intalled on your system. So if you use man locally, you'll find that the paths match. Bill --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Anyone else having probs receiving email from Yahoo?
Bernd Wurst wrote: Hi. Am Montag, 19. September 2005 23:15 schrieb Bill Taroli: Sep 19 13:59:02 jeff courieresmtpd: [ID 702911 mail.error] error,relay=:::206.190.37.98,from=[EMAIL PROTECTED]: 517 HELO web81409.mail.yahoo.com does not exist. Jeah, great, it's not my fault. ;-) I have also seen this on my box. Do you have any solution to this? Anyone? I had no follow-up on this until your message. No, I don't have a solution. I set BOFHCHECKHELO to 0 and let SpamAssassin deal with the extra incoming spam that resulted; this has thankfully stabilized now. I would very much like to re-enable CHECKHELO, but it seems to cause more problems lately... Bill --- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] alias configuration
Joe Long wrote: ... I guess we'll have to set up mail list software -- any suggestions for a good, simple free one? We won't need any bells and whistles, no autosubcribe or such. For no frills mail list serving -- which does actually include auto-subscribe, if you configure for it -- the full Courier distribution includes couriermlm (Mail List Manager). :-) See the couriermlm manpage. --- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Anyone else having probs receiving email from Yahoo?
Ever since about September 14 or so, I have been having the strangest behavior with a good deal of the email coming from yahoo.com. I suspect it's a DNS issue, but I've not yet been able to reproduce one of the problem cases manually. I'm seeing them in the log as entries like this: Sep 19 13:59:02 jeff courieresmtpd: [ID 702911 mail.error] error,relay=:::206.190.37.98,from=[EMAIL PROTECTED]: 517 HELO web81409.mail.yahoo.com does not exist. But, when I look this host up by name and IP (from the same box Courier is running on) the lookups work fine (host/dig). I've purged my local DNS cache, to be sure there is no trouble there, and my other email is entirely unaffected by this. Though I am tempted to turn off HELO checking altogether, I unfortunately know what kind of extra influx of spam that will cause. I'm hoping someone else has run up against this, or has ideas for things I might check. I happen to be running 0.50 now, but have downloaded 0.52 to begin building today. Bill --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Recent fam issues...
Sam Varshavchik wrote: Bill Taroli writes: Sep 19 14:54:15 jeff last message repeated 38 times Sep 19 14:54:16 jeff inetd[###]: [ID 667328 daemon.error] sgi_fam/rpc/tcp server failing (looping), service terminated I somehow suspect one of my email clients (ChatterEmail, which is going through release candidates for it's 1.1 release), since this problem only started happening in earnest on 9/13. Since this is a problem with getting FAM running reliably, you might want to run this by some Solaris-specific audience, or maybe a FAM-specific audience. This is something specific to Solaris' FAM flavor. Sure thing. It's just that it's been running without incident for almost six months now. :-) Odd to see a sudden change, which is why I suspect either the client or an interaction between client and IMAP server. Bill --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] disabling delete trash
Aaron P. Martinez wrote: I want to disable automatic deleting of the trash folder but i don't see an example how to do it and i found on the list an answer from 2003 that doesn't make sense. the imapd file says the default is pulled from the imaps.dist file so it seems if i comment out the IMAP_EMPTYTRASH=Trash:7 line, it will still be the same setting because that is what is in the imapd.dist. Can i just leave it as IMAP_EMPTYTRASH= or IMAP_EMPTYTRASH=Trash:0 to disable the deleting of the trash? I simply comment the entire line for that effect. Bill --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] How to use DOTFORWARD from MAILDROPRC
Kia T. Vang wrote: I have virtual domains. I want to enable forwarding using .forward mechanism. How would I use the dotfoward program from my maildroprc? I've always done this by defining the following in the courierd configuration file: DEFAULTDELIVERY=|| dotforward | /usr/lib/courier/bin/maildrop Not to say you may not be able to do it the way you describe -- there's a million ways to do most things -- but this one is one (extra) line and works well. ;-) Bill --- This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput a projector? How fast can you ride your desk chair down the office luge track? If you want to score the big prize, get to know the little guy. Play to win an NEC 61 plasma display: http://www.necitguy.com/?r ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Spam black hole?
This might be considered OT, but I figure this might be relevant in relation to MTA/MX'es and spam control. I learned recently that my employer's IT organization has decided it best for the MX to process all mail as if it were successful even when it's final disposition isn't. It neither returns 5xx (such as on bad address) nor do the subsequent MTA's and MDA's generate DSN's. Is this acceptable, or even suggested, practice? It's apparently generated a few angry customers -- who think their emails are being ignored due to lack of response -- but it also just seems wrong. I haven't reviewed the RFCs, but I wonder if it might also be considered non-compliant. I'm curious to hear what others are doing in this regard. Bill --- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Concern over SPF HELO results
Hmm not sure why I'd be seeing this lookup result come back, since as far as I can tell all my DNS setup is correct. This isn't resulting in a failure to deliver mail, at least, because the MAILFROM test still passes... but I wouldn't expect to be getting an error on HELO like this. Any ideas, or things I should additionally test? Received-SPF: error (DNS MX lookup failed.?) SPF=HELO; sender=mail.billsden.org; remoteip=:::66.218.52.56; remotehost=billsden.com; helo=mail.billsden.org; receiver=mail.revereacademy.com; --- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Concern over SPF HELO results
Sam Varshavchik wrote: Bill Taroli writes: Hmm not sure why I'd be seeing this lookup result come back, since as far as I can tell all my DNS setup is correct. This isn't resulting in a failure to deliver mail, at least, because the MAILFROM test still passes... but I wouldn't expect to be getting an error on HELO like this. Any ideas, or things I should additionally test? Received-SPF: error (DNS MX lookup failed.?) SPF=HELO; sender=mail.billsden.org; remoteip=:::66.218.52.56; Go and bitch at your registrar, UltraDNS. This is a long-standing bug in their TLD servers, and they are either too stupid to know how to fix it, or too stupid to understand what the problem is. The description of the bug is rather technical, and I won't expect you to understand it, but someone who's supposed to be in the business of providing top level DNS should know how these things are supposed to work. The only way to fix this is to use .com or .net name servers to provide authoritative name services for your .org domain. Actually, you can use any other TLD, except for .org, to provide DNS for .org domains. Well, I know we simple-minded folk can be slow sometimes... but why not slap us with the explanation just in case? :) --- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Concern over SPF HELO results
Julian Mehnle wrote: Bill Taroli wrote: Hmm not sure why I'd be seeing this lookup result come back, since as far as I can tell all my DNS setup is correct. This isn't resulting in a failure to deliver mail, at least, because the MAILFROM test still passes... but I wouldn't expect to be getting an error on HELO like this. Any ideas, or things I should additionally test? Received-SPF: error (DNS MX lookup failed.?) SPF=HELO; sender=mail.billsden.org; remoteip=:::66.218.52.56; remotehost=billsden.com; helo=mail.billsden.org; receiver=mail.revereacademy.com; The result of the SPF lookup is error which indicates a temporary DNS error. The error should go away if the check is repeated. No, definitely not temporary -- i've sent several test messages there with the same result. But when I actually go to the receiving host and run all manner of queries with host and dig, they work fine. Looking foward to hearing what Sam wanted to share about UltraDNS'es issue. ;-) Bill --- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Solaris, CSWfam, and Courier 0.50
OK. I've finally reached a point where I *really* want FAM running on my Solaris 9 box, so that I can support ENHANCEDIDLE for IMAP... yes, even if FAM has to poll and there's no kernel module to help it. So, install CSWfam I did. It appears to run normally (foreground) and has placed all the necessary hooks into the system config to launch via inetd. Next, I unpack a fresh source tar of Courier and run a configure. I am in the habit of adding CFLAGS=-I /usr/local/ssl/include to my configure string, and since CSWfam puts it's include in another non-standard location, I use instead CFLAGS=-I /usr/local/include -I /opt/csw/include. The configure completes fine, except the configure output says that the FAMOpen() test fails for maildir, since it cannot resolve some symbols from libnsl an libsocket. I have been able to demonstrate that if the test includes -lnsl -lsocket in the compile for the FAMOpen() test, it succeeds. Unfortunately, every method I've used -- (1) trying to set -lnsl -lsocket in an env var and (2) modifying configure.in for maildir -- both seem to make the maildir configure step work, but break the build process. I guess the primary thing I need to know is how do I safely get libnsl and libsocket included when configuring and building maildir? Alternatively, if someone else has gone down this path before and knows of a much more direct solution to making this work on Solaris, I'm *all* ears. I'm happy to provide logs, etc, etc, should that prove helpful in understanding what I've tried. But I figured I'd start simple and let it build from here, if need be. Regards, Bill Taroli --- This SF.Net email is sponsored by Oracle Space Sweepstakes Want to be the first software developer in space? Enter now for the Oracle Space Sweepstakes! http://ads.osdn.com/?ad_id=7412alloc_id=16344op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] filter problem
I seem to recall recently having to reset DEFAULTDELIVERY after one of the upgrades. Might want to check your courierd file. -Original Message- From: WILL HALSALL [EMAIL PROTECTED] Date: Monday, May 23, 2005 10:55 am Subject: [courier-users] filter problem Hi all After upgrading from courier-0.49.0 to courier-0.50.0 the user filters are no-longer applied. Mail is still delivered but not filtered. I see in the changlog that some bug was fixed for this so I was wondering if I need to do some other config to get it to work again Thanks * Name: Will Halsall E-Mail: [EMAIL PROTECTED] ** This e-mail and --- This SF.Net email is sponsored by Oracle Space Sweepstakes Want to be the first software developer in space? Enter now for the Oracle Space Sweepstakes! http://ads.osdn.com/?ad_id=7412alloc_id=16344op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Problems with Apple Mail.app 2.0/2.0.1 (Tiger) and Courier servers?
Oh, I struggled with Mail.app hoping it would work (and I do run 10.4 on all my Macs now).. but then I tried a variety of IMAP clients to gauge them. And after all this, I still come up with the same simple answer: Thunderbird Bill Greg Earle wrote: Starting with 10.3.9, the Apple Mail.app client has not played nice in the sandbox with Courier. The 10.4 client (Mail.app 2.0; now 2.0.1 in 10.4.1) fares no better. This is what I posted to MacInTouch a week ago regarding the symptoms I'm seeing: Mail.app 2.0 has been a disaster for me. Performance with my main e-mail (IMAP) server at work has been extremely sluggish - I can go to a folder with only 1 new e-mail in it and instead of it being shown immediately, the 1 indicator turns into a clock and it takes minutes to update the counter and display the message. But that's only the start of it. I have a secondary backup/testbed e-mail server (also Courier IMAP) that uses, for expediency's sake, the same SSL Certificate as the main server. Since the hostnames don't match, the Certificate is technically invalid. But 10.3.8's Mail.app worked just fine with it - it would ask you on first connection if you wanted to Continue, and you could just click on it and things worked fine. (I also have a home e-mail server, using the same software, but with a self-signed certificate. It's also invalid.) With this Certificate issue, I cannot use the testbed e-mail server when Secure IMAP (on port 993) is in use. I have to fall back to unsecure (port 143) IMAP where passwords are sent in the clear - which is clearly not a long-term solution. But because I'm not willing to send cleartext passwords over the Internet, I cannot use my home e-mail server at all - Mail.app 2.0 connects, but it never shows any new e-mail. I thought it was a problem with Mail.app 2.0's Import function, so I deleted the account and recreated it manually. I then did a Synchronize so that all of the home e-mail messages were sucked up and cached. While that worked, once everything was pulled in, it went right back to its previous behavior of not pulling in new e-mail! VERY frustrating ... In short, Mail.app 2.0 has been an unmitigated disaster in my environment. Something is clearly wrong with Mail.app 2.0 vs. invalid/expired SSL Certificates, at a minimum. I even tried pulling all of the Certificates onto my Mac (using Keychain Access' new Certificate Assistant sidecar app) and changing the policy on all of them to Always Trust (in Keychain Access), and it *still* doesn't work. I sure hope Apple fixes this soon ... Other people have been mentioning Mail.app problems, and Courier IMAP comes up a lot in these posts. Now, mind you, I don't think Courier is doing anything wrong here - the fact that the Mail.app in 10.3.8 works just fine is proof of that (and, to be more specific, Entourage and Thunderbird work just fine with it in 10.4.1, too). I'm just posting to the list to see if there's anyone else out there who uses Apple's Mail.app 2.0(.1) with a Courier server, and I'd be especially keen to know if anyone uses multiple IMAP servers where one (or more) is Courier and there's at least one other one they're using that isn't - and whether or not they're having problems talking to the Courier server but not the others. I'm hoping there's some common thread, and that perhaps there's a way to change something in Courier's setup that can work around this new Apple brain-damage in the Mail.app client. Thanks, - Greg --- This SF.Net email is sponsored by Oracle Space Sweepstakes Want to be the first software developer in space? Enter now for the Oracle Space Sweepstakes! http://ads.osdn.com/?ad_id=7412alloc_id=16344op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users --- This SF.Net email is sponsored by Oracle Space Sweepstakes Want to be the first software developer in space? Enter now for the Oracle Space Sweepstakes! http://ads.osdn.com/?ad_id=7412alloc_id=16344op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: Info: 550 Don't like your HELO/EHLO. Hostname must contain a dot.
Well, one might suggest you RTFM (http://www.courier-mta.org/?courier.html) for the files esmtphelo and me. If you set this to something other than what courier otherwise determines is your hostname, then you may also need to put that FQDN into esmtpacceptmailfor. Jeremy Smith wrote: If this is a Courier configuration issue, will you please enlighten me? Is there somewhere you are setting your server's fully qualified domain name? If so, where? Thanks. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: Thunderbird - courier-IMAP interaction problems
Peter Ford wrote: It's not the standard MAXPERIP problem - MAXDAEMONS=4000 and MAXPERIP=100, and have done for a long time. I only have about 10 users total, and only the guys connecting by ADSL get any trouble. Their T-bird settings all say 5 (as usual), but still the Sent folder is causing problems. Thunderbird still seems to be the least bad client, but I'm looking around for options (especially for Windoze) using those values for TEN users? wow... But I've been running courier versions back into the early 40's and never have had another speck of trouble with Thunderbird (back to 0.7) since increasing the MAXPERIP (mine's at 50). I support about a dozen users on my system, and I've set up one for a jewelry school in SF the same way (with about 20 users)... nary a problem there either. Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: Thunderbird - courier-IMAP interaction problems
James Graves wrote: Bill Taroli wrote: Chris Fletcher wrote: On Fri, 1 Apr 2005, James Graves wrote: Yes, this seems to help me a lot too with other issues I've seen with Thunderbird. Sometimes it seems to hang when trying to open another subfolder. I just set the threads down to one, and it all seems to better so far. You can also increase the number of threads you can connect to the IMAP system. Put something like: MAXDAEMONS=40 into your imap config file. This has gotta be better than changing the settings on EVERY client's firefox that uses the daemon! Agreed. It's also handy to have multiple command threads when you want to do something like run a Search and do other email things while that's running, for example. What's curious is that I had already set MAXDAEMONS=40 in the IMAP configuration file for Courier. And I was still experiencing problems. Why would setting MAXDAEMONS have any affect on the MAXPERIP setting? It's MAXPERIP that interacts with Thunderbird's Number of Server Connections to Cache setting. My bad for missing this in my first reply, as I was just focused on the number. Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: Thunderbird - courier-IMAP interaction problems
Chris Fletcher wrote: On Fri, 1 Apr 2005, James Graves wrote: Chris Lear [EMAIL PROTECTED] wrote: * Peter Ford wrote (30/03/2005 16:39): I know this is almost certainly an issue withthe client-side, but I have users complaining that Thunderbird (and Mozilla mail) are hanging when trying to copy messages to the IMAP Sent folder after sending through SMTP. You could try reducing the maximum number of server connections to cache in Thunderbird (under Advanced Account settings). I seem to remember that this worked for me. Yes, this seems to help me a lot too with other issues I've seen with Thunderbird. Sometimes it seems to hang when trying to open another subfolder. I just set the threads down to one, and it all seems to better so far. You can also increase the number of threads you can connect to the IMAP system. Put something like: MAXDAEMONS=40 into your imap config file. This has gotta be better than changing the settings on EVERY client's firefox that uses the daemon! Agreed. It's also handy to have multiple command threads when you want to do something like run a Search and do other email things while that's running, for example. Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Any ideas on this error?
Several possible replies come to mind... but do you have any information from the server's logs? Matt wrote: Does anyone have any ideas why this error message would come up when someone tries to access their INBOX? ERROR: ERROR : Could not complete request. Query: FETCH (FLAGS BODYSTRUCTURE) Reason Given: Error in IMAP command received by server. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Mail disapearing in IMAP
Martijn Lievaart wrote: Bernd Wurst wrote: Am Tuesday, 8. March 2005 16:23 schrieb Jay Lee: I have circa 500 users on my network, mostly of them using the Courier-IMAP server and Mozilla Mail. The problem is that sometimes emails just stop showing in the Mozilla. I can see the files in the Maildir, but not in the Mail program. Anyone has seem something like that? I saw the same problem with a single user using Mozilla Mail and Courier-IMAP. It occured when I moved a message to another folder [...] I think this is more or less a mozilla-mail (and Thunderbird) Problem. The messages are there, no question about it. Messages to the troublesome account are delivered over NFS, other accounts seem not to have this problem, but then, I''m the only Mozilla user. I'm not entirely sure if this would be related, but I know that my Thunderbird visibility problems had more to do with the fact that it didn't always seem to check/watch all subscribed (even with subscribe all option) folders for new mail. I found that I had to add a value into my prefs.js file in order to get it to do this consistently, and I have ever since had no trouble with disappearing messages, or folders I had to click on in order to kick it in to realizing new messages had been received user_pref(mail.check_all_imap_folders_for_new, true); Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] SpamAssassin during SMTP dialog
Well, I'm not sure it's what you had in mind... but I've been running Amavis as a global filter for a while now. In my case, I prefer to just have it do virus scanning... but if you wanted spam rejected similarly, it can easily accomplish that. If someone had a more direct integration of spamc/spamd as a filter, then it might be a lot more efficient... Bill Taroli Wiebke Doerper wrote: hi, I would like to use SpamAssassin during the SMTP dialog, to discard everything with a high spam rating. I know some people have been thinking of implementing this. Does someone have a working courier(perl)filter to do it? --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] SpamAssassin during SMTP dialog
Dirk Kulmsee wrote: Bill Taroli schrieb: Wiebke Doerper wrote: I would like to use SpamAssassin during the SMTP dialog, to discard everything with a high spam rating. I know some people have been thinking of implementing this. Does someone have a working courier(perl)filter to do it? Well, I'm not sure it's what you had in mind... but I've been running Amavis as a global filter for a while now. In my case, I prefer to just have it do virus scanning... but if you wanted spam rejected similarly, it can easily accomplish that. If someone had a more direct integration of spamc/spamd as a filter, then it might be a lot more efficient... We all would love to block spam at the earliest stage, but at least here in Good ol' Germany you are half way in Jail if you do so. Mail letters are PERSONAL and you may not intrude. So we filter SPAM and put it into a seperate folder which POP3 users don't get. Every user is still able to log in via webmail and check his SPAM folder if she/ he misses something. How do you (all) do it? Oh, note that I said that actually only use the global filter for viruses... meaning that I only reject messages during submit IF they contain a virus. For spam, I instead call spamc/spamd from within Maildrop (globally), and put suspected SPAM into a folder that users can review normally. I also set expiration so that if they don't review them after a while, they are cleaned up. In my opinion, spam filters aren't quite exact enough to be sure that always what gets labeled is in fact spam -- or that what is spam for one person isn't perfectly acceptable for someone else. So I take a more cautious approach to that type of filtering. Bill Taroli --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] More root folders
Jacob Friis Larsen wrote: Tools - Account Settings - Server Settings - Advanced - IMAP server directory should be set to: INBOX. Can I set this in the server config, so that users won't have to? The server can't force the client to see the namespace any differently than it wants... though it can suggest defaults. As yet, I haven't seen these defaults actually work with Thunderbird, for example. I've always had to specify them. That said, you *should* be able to pre-configure your clients in a reasonable way. For example, here's a snippet from my prefs.js file: Data\\Thunderbird\\Profiles\\.default\\ImapMail\\#); ... user_pref(mail.server.server2.namespace.personal, \INBOX.\); user_pref(mail.server.server2.namespace.public, \shared.\,\#shared.\); user_pref(mail.server.server2.server_sub_directory, INBOX.); ... All you'd have to do is locate their default profile for Tbird and edit the prefs.js accordingly. Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courierlogger -noidentlookup
I seem to recall this is a more generic couriertcpd option, not specific to the logger. It is mentioned in the tcpd manpage. Bill Ben Kennedy wrote: The courierlogger man page does not mention -noidentlookup as a valid option. I've had this in my /etc/courier/esmtpd for quite some time now: TCPDOPTS=-stderrlogger=/usr/sbin/courierlogger -noidentlookup I think the advice came from this list, but I'm not sure. Is this actually having no effect, or is the man page omitting this switch? -ben --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier 20050130
I second that... THANK YOU! :-) Mark Bucciarelli wrote: On Sunday 30 January 2005 12:25, Sam Varshavchik wrote: Changes: opt BOFHCHECKHELO=2 makes HELO rejections a temporary error code. Great, thank you! --- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag--drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Spam-filter training magic folders
This is exactly what I do in my implementation though in my case I call them Junk and Junk.Not. :-) If by magic you mean is there a way to get Courier to do this for you, the answer is no. The directories you want would need to be created when you make new users -- which means either putting them in an appropriate script *or* using something like /etc/skel/. Then you'd have to also implement cronjobs to process all the mail users' accounts, to check the contents of their spam and not spam folders. In my case, I have set things up so that messages marked as read in either folder are processed through sa-learn (I use SpamAssassin) once a day. If a message is left in spam for more than a week, it's automatically processed. This way, folks get the opportunity to wade through their spam, or they can totally ignore it and let it take care of itself. :-) Bill Troels Arvin wrote: Hello, Speaking of magic folders (see the Trash folder automatically created thread: I would love a system with two special folders such as This is not spam or This is spam which would allow users to train/correct spam-detection systems: When a message is dropped to such a folder, it should trigger relevant training software on the mail-server. Is there a way to do that, somehow? --- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag--drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] ssl serving multiple domains
Jay Lee wrote: chester c young said: does anyone have any idea on how to have ssl with multiple domains? Must use different ip addresses. That's rooted in the ssl handshake: the client does not send the name of the (virtual) host before it receives the server's certificate. Have multiple ip's, and certificate for each ip (using them for https). but cannot figure out how to make them work for courier imap and esmtp. I have never tried this configuration before but according to an old post of Sam's, naming the certs imapd.pem.$ip works. i.e. imapd.pem.10.1.5.10, imapd.pem.10.1.5.15, etc. Same thing for esmtp and pop3d. Sam's post is here: http://groups-beta.google.com/group/mailing.unix.courier-imap/browse_thread/thread/4b0689256161ec2/df0e25e72846ac70?q=ssl+certificate+ip+sam_done=%2Fgroup%2Fmailing.unix.courier-imap%2Fsearch%3Fgroup%3Dmailing.unix.courier-imap%26q%3Dssl+certificate+ip+sam%26qt_g%3D1%26searchnow%3DSearch+this+group%26_doneTitle=Back+to+Searchd#df0e25e72846ac70 But as I recall, that will only work for IP, not named domains, right? I think in his case he may only have one IP to use. Bill --- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almosthttp://www.thinkgeek.com/sfshirt ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] ssl serving multiple domains
I host a few domains and chose to handle this by not having them each connect to a named server in their own domains. Instead, they continue to connect to the mail server in a single domain. Bill Taroli chester c young wrote: does anyone have any idea on how to have ssl with multiple domains? in imapd-ssl, for example, a certificate is generated for one domain - that works fine, but when a second domain logs in, the mail client (thunderbird) gives a big warning that the certificate does not match. have tried to make it work without certificates (tls?), just using ssl2, but then the client says it cannot agree on an encryption method with the server. --- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almosthttp://www.thinkgeek.com/sfshirt ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] 0.47 couriermlm sub/unsub issue
Just curious whether anyone else had noticed this, and to confirm if this will be address in a forthcoming release. Bill Taroli wrote: I couldn't find a specific reference to this or the mail list archive, so I'm posting it as a possible bug needing fixing. I'm running Courier 0.47 (9/18) and just today set up a couriermlm list. I have done this with previous releases without incident. But while testing and confirming the content of my templates, I found that I could not successfully process subscribe and unsubscribe events, regardless of the SIMPLECONFIRM setting. The symptom was that all moderator replies to un/subscribe events returned Invalid confirmation from courierlocal in the syslog. In tracking down where the message was being reported, I noticed something unusual in the source and confirmed that it seems invalid based on the definition of a utility function. The code snippet, from cmlmsubunsubmsg.C in function domodsub(): if (subfilename.GetLength() = 0 || (token ifs) || !goodconfirm(msg) ) { cerr Invalid confirmation. endl; return (EX_SOFTWARE); } To make a stab at this, I peeked at goodconfirm() from cmlm.C. In it, it would seem that a 0 result indicates success, whereas a -1 return indicates problems. Therefore a check for !goodconfirm() to test for failure in domodsub() seems incorrect. I modified my own source so that the name snippet reads if (subfilename.GetLength() = 0 || (token ifs) || !(goodconfirm(msg) == 0)) { cerr Invalid confirmation. endl; return (EX_SOFTWARE); } and now my subscribe and unsubscribe events are working correctly. YMMV. If this hasn't already been caught, could we please get an official fix? Many thanks. Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users --- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almosthttp://www.thinkgeek.com/sfshirt ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RE: Strange SPF error message sequence
Weird... just as a passing observation... shouldn't the BOFH check have caused the message to be rejected if it failed to pass the SPF checks? Jason L. Buberel wrote: Here is the header/envelope information on a message that also generated an SPF failure in my logs. Based on the Received-SPF headers, it looks like everything passed. Yet the log output corresponding to this message indicates otherwise (see below): Delivered-To: [EMAIL PROTECTED] Return-Path: [EMAIL PROTECTED] Received: from smtp-outbound.nix.paypal.com (smtp-outbound.nix.paypal.com [:::64.4.240.67]) by buberel.org with esmtp; Wed, 29 Dec 2004 19:24:52 -0500 id 003F61D5.41D34ADB.26C3 Received-SPF: pass (Address passes the Sender Policy Framework) SPF=MAILFROM; [EMAIL PROTECTED]; remoteip=:::64.4.240.67; remotehost=smtp-outbound.nix.paypal.com; helo=smtp-outbound.nix.paypal.com; receiver=buberel.org; Received: from web29.nix.paypal.com (web29.nix.paypal.com [10.192.2.29]) by smtp-outbound.nix.paypal.com (Postfix) with SMTP id 6EC223CC0A0 for [EMAIL PROTECTED]; Wed, 29 Dec 2004 16:24:16 -0800 (PST) Received: (qmail 18597 invoked by uid 99); 30 Dec 2004 00:24:16 - Date: Wed, 29 Dec 2004 16:24:16 -0800 Message-Id: [EMAIL PROTECTED] Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Receipt for your Payment Received-SPF: pass (Address passes the Sender Policy Framework) SPF=FROM; [EMAIL PROTECTED]; remoteip=:::64.4.240.67; remotehost=smtp-outbound.nix.paypal.com; helo=smtp-outbound.nix.paypal.com; receiver=buberel.org; X-Mime-Autoconverted: from 8bit to 7bit by courier 0.47 I see the following SPF failure in my /var/log/maillog, indicating that there was an SPF failure: Dec 29 19:24:52 colo courieresmtpd: started,ip=[:::64.4.240.67] Dec 29 19:24:59 colo courierd: newmsg,id=003F61D5.41D34ADB.26C3: dns; smtp-outbound.nix.paypal.com (smtp-outbound.nix.paypal.com [:::64.4.240.67]) Dec 29 19:24:59 colo courierd: started,id=003F61D5.41D34ADB.26C3,from=[EMAIL PROTECTED],module=local,host=jason!!501!501!/usr/local/mail/jason!!,addr=jason Dec 29 19:24:59 colo courierd: Waiting. shutdown time=none, wakeup time=none, queuedelivering=1, inprogress=1 Dec 29 19:25:10 colo courieresmtpd: error,relay=:::64.4.240.67,from=[EMAIL PROTECTED]: 517 SPF fail [EMAIL PROTECTED]: Address does not pass the Sender Policy Framework Dec 29 19:25:20 colo courierlocal: id=003F61D5.41D34ADB.26C3,from=[EMAIL PROTECTED] com,addr=[EMAIL PROTECTED],size=2538,success: Message delivered. Dec 29 19:25:20 colo courierd: completed,id=003F61D5.41D34ADB.26C3 Dec 29 19:25:20 colo courierd: Waiting. shutdown time=Wed Dec 29 20:13:57 2004, wakeup time=Wed Dec 29 20:13:57 2004, queuedelivering=0, inprogress=0 -jason --- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almosthttp://www.thinkgeek.com/sfshirt ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] patch submit process
I noticed, having upgraded to 0.48 just over the weekend, that a BOFHCHECKHELO item we'd been discussing -- though had no particular agreement on -- wasn't in fact included in courier/submit.C. Namely, to reduce (or make configurable) the severity of SMTP result codes for HELO and DNS mismatches. From our original conversation, I'd suggested that 417 would be better than 517 because it actually allows a proactive administrator time to put exceptions into place without getting angry calls from users who can't receive their mail from legitimate -- albeit misconfigured -- sources. Is there a process for ratifying or submitting such requests for change that needs to be followed here? Bill --- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almosthttp://www.thinkgeek.com/sfshirt ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] patch submit process
Sam Varshavchik wrote: Bill Taroli writes: I noticed, having upgraded to 0.48 just over the weekend, that a BOFHCHECKHELO item we'd been discussing -- though had no particular agreement on -- wasn't in fact included in courier/submit.C. Namely, to reduce (or make configurable) the severity of SMTP result codes for HELO and DNS mismatches. From our original conversation, I'd suggested that 417 would be better than 517 because it actually allows a proactive administrator time to put exceptions into place without getting angry calls from users who can't receive their mail from legitimate -- albeit misconfigured -- sources. Is there a process for ratifying or submitting such requests for change that needs to be followed here? No. No process needs to be followed. I was not looking at anything new in the last two months, instead focusing on troubleshooting the authentication library overhaul. With this particular proposal, the primary issue is: you will find that quite a few broken mail servers interpret a 4xx response to a HELO as meaning disconnect and try again immediately. The results will not be pretty. I considered that, and have found in practice that especially the legitimate ones do make additional attempts. They also seem to follow the pattern of lengthening the time between attempts, as per usual temporary mail interruptions. I haven't seen one repeatedly just keep trying endlessly -- not to say that it couldn't happen. For the particularly egregious -- those that attempt a few hundred addresses and domains but from one IP address -- I add them to my deny list. If I have to choose between a lot of angry and confused calls from users and a few extra attempts to submit messages (when they never get past the HELO command), then I personally select the latter. I don't mean to suggest that it be changed permanently... but perhaps a bofh configuration variable that determines if BOFHCHECKHELO should fail hard or soft? Bill --- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almosthttp://www.thinkgeek.com/sfshirt ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] DomainKeys
Randy PerlStalker Smith wrote: Julian Mehnle wrote: If you think that SPF or DK will stop spam, you're certainly on the wrong track. These are sender authentication technologies, and if spammers use their own domains in the sender address (which is actually what we want), none of these technologies will be able to stop their spam. You are, of course, right. However, by rejecting messages that fail SPF and DK checks, I can trust that the message was send from a server under the sender's direct control. I can use this trust to blacklist authenticated spammer domains. I can also drop mail that fails authentication attempts which actually will (and does) limit the amount of spam I get to deal with in other ways. Well, I'm totally confused what point was being made. Cause you basically just said the same thing Julian did. :-) My understanding of your original message was that you weren't happy with the results you were getting from SPF to block spam. But ignoring for the moment that it doesn't actually block spam, there is another reason that SPF (or even DomainKeys) won't be that useful right now. Not very many domains have actually implemented it (them). And until that happens, the utility of having them configured is questionable. For myself, I have left SPF checks run in advisory mode for a while now... almost two months. And the amount of mail I receive from domains where SPF has even been implemented (results other than none) is very small. Naturally, I'm not interested in turning blocks on now because virtually all my mail would spill out into oblivion... :-) The real effort to make it (them) more useful is to build awareness and widen adoption... Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] esmtpd not responding
Well, I put a little effort in to reproduce this. First and foremost, your block clearly wasn't working properly. You say you put an entry in smtpaccess, but what exactly did you do? There should, by default, be a file .../etc/smtpaccess/default, into which you'd add the appropriate line (assuming 127.0.0.1 deny, and early enough in the file so that another allow doesn't supersede it) and THEN run .../sbin/makesmtpaccess. If you miss the last step, the data that courier actually uses won't be updated. Why do I suspect this? Because with a correct setting, your *connection* would be denied, not just your SMTP session. oscar:~ courier$ telnet jeff 25 Trying 192.168.58.08... Connected to jeff. Escape character is '^]'. Connection closed by foreign host. That said, I *do* see the same behavior you noted with nc. But run it in verbose mode and you find something interesting. Namely, it seems not to wait for the responder to be ready to receive input. I put two lines (helo and quit) in a test file and tried nc'ing that to the host, and as I said got the same behavior. Then I tried setting the verbose options on nc and when I stopped the process got the following: ^C sent 16, rcvd 29 And, as it happens, my test input file has 16 bytes in it. So nc says it sent them, but the service obviously didn't receive them successfully. So, it's off to snoop land, and here is what happens up to the point where the smtp server displays it's banner. # snoop host oscar Using device /dev/hme (promiscuous mode) oscar - jeff SMTP C port=51596 jeff - oscar SMTP R port=51596 oscar - jeff SMTP C port=51596 oscar - jeff SMTP C port=51596 HELO oscar\nquit\n jeff - oscar SMTP R port=51596 jeff - oscar SMTP R port=51596 220 mail.billsden.or oscar - jeff SMTP C port=51596 oscar - jeff SMTP C port=51596 jeff - oscar SMTP R port=51596 jeff - oscar SMTP R port=51596 oscar - jeff SMTP C port=51596 Two things to note here. First, nc did *not* send \r\n, as Sam indicated the server was expecting. Second, and perhaps more important, is that nc sent it's entire data stream *before* the smtp server issued it's first prompt. So which is the problem? Fix the easy thing (\r\n) and test again. This time we get (on the client side) oscar:/tmp courier$ cat test.txt | nc -v -v jeff 25 jeff [192.168.58.08] 25 (smtp) open 220 mail.billsden.org ESMTP 250 mail.billsden.org Ok. 221 Bye. sent 18, rcvd 66 and (on the server side). # snoop host oscar Using device /dev/hme (promiscuous mode) oscar - jeff SMTP C port=51628 jeff - oscar SMTP R port=51628 oscar - jeff SMTP C port=51628 oscar - jeff SMTP C port=51628 helo oscar\r\nquit\r\n jeff - oscar SMTP R port=51628 jeff - oscar SMTP R port=51628 220 mail.billsden.or jeff - oscar SMTP R port=51628 250 mail.billsden.or oscar - jeff SMTP C port=51628 oscar - jeff SMTP C port=51628 jeff - oscar SMTP R port=51628 Oh, look! We see \r\n now! And it works... imagine. Moral of this story... pay attention to the man who knows the code and says the spec says CRLF. I have a sneaking suspicion that if you do this it will also work on the other smtp servers for which you use this nc test. Bill Fabiano Sidler wrote: Hello list! My esmtpd does not respond anything on connect, even when I specify BLOCK for localhost (in smtpaccess) with an error message: user@host $ nc localhost 25 220 host ESMTP HELO localhost [^C] user@host $ The only log entry (with ESMTP_LOG_DIALOG=1) is as follows: Dec 14 19:00:41 host courieresmtpd: started,ip=[:::127.0.0.1] I didn't configure any further access restriction or TLS setting yet. I only let esmtpd listen on 127.0.0.1 exclusively. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Authenticated SMTP in Courier
Sam Varshavchik wrote: Alejandro Facultad writes: Hi people, Now I'm installing the Courier 0.48 in my Fedora OS, and because I need Authenticated SMTP, I just want to know if I have to open the ESMTP tcp port in my firewall or just the SMTP tcp/25 port in order to authenticate the Authenticated SMTP uses the same port, port 25. Perhaps you're referring to the message submission port, port 587. It's up to you to decide if you want to open it up. So many options. ;-) In my installations, I *allow* authentication on 25 but never allow relaying on that port. Relaying requires submit port and submit port only allows authenticated connections. With so many options, one wonders if there is a good resource for best practices when it comes to email servers and, perhaps more specifically, Courier configuration (for various target functionality). Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] couriermlm: bounced messages never get unsubscribed
Cindi, In this output, user-bounce-27... is the *sender* of the message. This is normal, and 27 means this is the 27th message the list server has sent for this particular list. If any of the recipients is bad, then these will sit in the queue until they have actually failed. If you want to force them to fail (for undelivered recipients), then use cancelmsg. But it usually takes a few days (if you're receiving temporary SMTP failures) for them to fail on their own. If this message was only sent on 12/14 (as shown), then you've still got a few days before it'll expire on it's own. The couriermlm list will *not* recognize any problem with the recipient until after it has actually received enough NDR (non-delivery reports) replies to mark the recipient as bad. So... question is how patient do you want to be? ;-) Bill Cindi Nosewater wrote: Hi, It seems that bounced messages never get unsubscribed. I see things like this in my mailq: 2.3K 004E46D5.41BF4F23.3D8D Dec 14 15:37 daemon [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Does the 27 mean the message has bounced 27 times? How can I ensure that these addresses get unsubscribed? I have a mysql backend and each mysql row gives the home dir. In each homedir for a couriermlm list I have: -rw--- 1 daemon daemon 89 Nov 11 16:35 .courier -rw--- 1 daemon daemon 144 Nov 11 16:35 .courier-admin -rw--- 1 daemon daemon 92 Nov 11 16:36 .courier-default -rw--- 1 daemon daemon 15 Nov 11 00:38 .courier-owner drwx-- 9 daemon daemon 4096 Nov 17 15:28 Listdir .courier executes: couriermlm msg on the Listdir .courier-admin: executes a special python script i wrote which is used to exec commands in the subject of email with a password .courier-default: executes couriermlm ctlmsg on the Listdir .courier-owner: [EMAIL PROTECTED] showconfig below: Thanks! [~] ./showconfig backuprelay: (none) - relay for undeliverable messages batchsize: 100 - split messages if there are more recipients defaultdomain: conlatus.net - domain to append to addresses by default dsnfrom: Courier mail server at conlatus.net @ - return address on delivery status notifications dsnlimit: 32 Kb - maximum message size returned in DSN in is entirety esmtpacceptmailfor: conlatus.net - accept mail for these domains via SMTP esmtpgreeting: conlatus.net ESMTP - my ESMTP identification banner esmtphelo: conlatus.net - my parameter to the HELO/EHLO SMTP verbs esmtptimeout: 10 mins - Timeout for most outbound ESMTP commands esmtptimeoutconnect: 1 min - Timeout for ESMTP connection attempt. esmtptimeoutdata: 5 mins - Timeout for ESMTP data transfer. esmtptimeouthelo: 5 mins - Timeout for the response to the initial EHLO/HELO command. esmtptimeoutkeepalive: 1 min - How long to keep outbound ESMTP connections idle, before closing esmtptimeoutkeepaliveping: - How often outbound ESMTP connections are pinged esmtptimeoutquit: 10 secs - Timeout for the response to the QUIT command. faxqueuetime: 8 hours - how long fax messages stay in the queue localtimeout: 15 mins - watchdog timeout for local mail deliveries msgidhost: conlatus.net - hostname used in generating Message-ID: headers me: conlatus.net - my hostname queuelo: default - Message queue cache low watermark queuehi: default - Message queue cache high watermark queuefill: 5 mins - Message queue refill interval queuetime: 1 week - how long messages stay in the queue respawnlo: 1 hour - courierd automatic restart low watermark respawnhi: 1 week - courierd automatic restart high watermark retryalpha: 5 mins - 'alpha' retry interval retrybeta: 3 - 'beta' retry count retrygamma: 15 mins - 'gamma' retry interval retrymaxdelta: 3 - 'maxdelta' retry exponent sizelimit: 10.0 Mb - maximum size of a message submitdelay: - delay before initial delivery attempt warntime: 4 hours - how long messages stay in the queue before a warning message is sent (a delayed delivery status notification) --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] esmtpd not responding
Sam Varshavchik wrote: Fabiano Sidler writes: Hello list! My esmtpd does not respond anything on connect, even when I specify BLOCK for localhost (in smtpaccess) with an error message: user@host $ nc localhost 25 220 host ESMTP HELO localhost Does your nc program, whatever it is, automatically translate newlines into CRLF? As you know, SMTP commands are terminated by the CRLF sequence, so your nc program needs to send a CRLF every time it reads the newline character from standard input. nc (aka netcat) doesn't appear to offer such an option, so it would be important to insure that the input stream was so formatted. Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: BOFHCHECKHELO and consequences
Of course... if you could write an algorithm to tell the difference. ;-) What I typically do is check the identify of the server by name, by IP, it's soa and mx records. If everything looks above board -- which I take to generally mean they show up as the same domain -- then I'll go ahead and whitelist them. Of course, there are *exceptions* where I know that a user is expecting a message from a particular source, so I know it's non-spam, but the information for the lookups doesn't match. This latter case happens a lot with folks who have outsourced parts of their IT, or are smaller companies where they completely host their services somewhere else. Might be hard to write a script that could realistically catch all the cases. And that's why I generally send mail to the administrators of the affected domains... so they understand that this will eventually cause them real headaches if they don't fix their config. Bill Mark Bucciarelli wrote: On Thursday 09 December 2004 03:59, Bill Taroli wrote: So far, I've seen a handful come in since I built and installed the updated code... and it appears to be working as advertised :-) If spammers never retry, shouldn't it be easy to write a script that parses the mail.log and auto-whitelists the valid servers? Regards, Mark --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] disabling checkhelo's
Yes, it's IP. You can also specify subnets by including only a partial address (a.b.c vs a.b.c.d). Of course, if you wanted to disable BOFHCHECKHELO globally, you'd just set that value in the bofh file... ;-) I haven't gotten annoyed enough with it yet to resort to that, though. Bill Mark Bucciarelli wrote: if i want to disable bofhcheckhelo, do i use the ip of the domain returned by the ehlo statement or the connecting ip? reading man couriertcpd, it looks like it should be the connecting ip. am i reading that right? --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: BOFHCHECKHELO and consequences
Mark Bucciarelli wrote: On Tuesday 09 November 2004 02:48, Martijn Lievaart wrote: Lloyd Zusman wrote: I keep tweaking my custom HELO checks, but lately, they have settled down into something that approaches stability. If anyone is interested, I will post a summary of the HELO checking that I do. I'm interested. Maybe put up a webpage? Did this info ever get pulled posted somewhere? Not that I'm aware. I wound up putting a simple report in place that greps out all these entries from my mail logs, and then removes those known to be suspect. For those IP addresses or blocks that I wish to ignore the messages for, I keep a file that the script uses to filter them from the report. Very manual, but it works allright. The problem, of course, is that when an otherwise legitimate sender (with an admittedly misconfigured mail server or DNS) gets caught by this trap, it's very painful. Why? Because the SMTP return is 5xx, and no attempts are made again for delivery. Does anyone know if there is a way to change this to a 4xx? That way, a complaint received in reasonable time (I'm not getting mail from so-and-so...) could be corrected (smtpaccess) and the mail would simply be delivered. The way it is now, the process of having the sender re-send the message can be difficult -- such as with airline reservations, in a recent situation I came across. I appreciate that a temporary failure will mean that spammers may also resend, but at least those will never get delivered... which is the real goal, after all. Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Virtual Domain Aliases - courier 0.47/Slackware 10.0/MySQL Backend
Toby Heywood wrote: I have ensured that there are entries in hosteddomains for both domains, and that they have an entry in estmpacceptmailfor. Were you sure to run the makehosteddomains and makeacceptmailfor scripts, too? Bill --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Status of SRS (SPF forwarding fix)
Sam Varshavchik wrote: Julian Mehnle writes: Alessandro Vesely [EMAIL PROTECTED] wrote: It is still not clear why one would rewrite senders. SPF should work if everybody takes the burden of declaring what are the mail servers they use. Suppose I have an account with the CPAN project and thus have the e-mail address [EMAIL PROTECTED]. Instead of fetching mail from there via POP3/IMAP, I set it to forward mail to my other address [EMAIL PROTECTED]. The mehnle.net MTA does SPF checking. ... To solve the problem, cpan.org would have to rewrite the envelope sender to something at cpan.org before forwarding the message. This is a very classical forwarding scenario. If you know that you're going to get forwarded mail, then you'll just have to turn off SPF; or, with some additional planning, disable SPF checking for mail received from CPAN's IP address (this can actually be done in Courier, using the smtpaccess file). Though I'm not necessarily advocating the SRS issue itself, the fact that you *can* disable the checks does little to soothe the nerves of email users who don't even realize the mail is being blocked right away. That is, putting the exceptions into the config is always a reactionary process. Nor would this necessarily be something you can plan for, as in Julian's scenario where a user can arbitrarily decide to have mail forwarded to them. Again, not pushing SRS necessarily, but if there is something that can bridge the gap between absolutely no SPF enabled and bye-bye email, that'd be a big help. SPF clearly is something intended to be phased in -- going to the point of allowing advisory messages in email headers rather than totally dumping the messages. Anything that prevents mail delivery without a means of providing an out -- globally ,if need be -- seems to fly in the face of how they've been pushing SPF (IMHO). Bill --- This SF.Net email is sponsored by: InterSystems CACHE FREE OODBMS DOWNLOAD - A multidimensional database that combines robust object and relational technologies, making it a perfect match for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8 ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] BOFHCHECKHELO and consequences
I'm just curious. Having installed 0.47 a couple of weeks ago, I was naturally enthusiastic about the SPF features, and have enabled them (with all, so I can least gauge the impact of really making them live). But the BOFHCHECKHELO feature by itself has definitely made the DNS misconfiguration of many environments very apparent. I've found myself busy emailing fellow administrators about mail delivery issues that have resulted in more stringent checking of mail servers' identities. Have others noticed a significant ramp in these sorts of issues with the strict enforcement of this checking? Regards, Bill Taroli smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] Re: BOFHCHECKHELO and consequences
Martijn Lievaart wrote: Bill Taroli [EMAIL PROTECTED] writes: [...] the BOFHCHECKHELO feature by itself has definitely made the DNS misconfiguration of many environments very apparent. I've found myself busy emailing fellow administrators about mail delivery issues that have resulted in more stringent checking of mail servers' identities. You don't have to mail the fellow admin, another option is to whitelist the domain. Especially yahoo and hotmail will probably not change thir hello strings for some smalltime mailservers. Wouldn't it make more sense to whitelist by IP address rather than domain? After all, all it takes to spoof a domain is to change what gets sent in the HELO string... hence the desire for the verification in the first place. :-) smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] Sending mail to servers that are hosted on the local machine but mx is still pointing to other delivers mail to local machine?!?
I believe that your basic assessment -- domain is listed as a local delivery domain and server doesn't consult MX -- is correct. But that's what's supposed to happen; if the server believes it is the destination for the domain, then it will naturally deliver mail locally. Conversely, if you *don't* list it as a local domain and the MX *does* point to the server, it will cause what the server believes is a mail loop. That is, DNS thinks I'm the MX but I don't believe I'm supposed to be delivering that locally. So the real question comes down to, how are you managing the switchover of users? In the last case I managed, we targeted the DNS change over a weekend and had users migrated to the new destination on the following Monday. Then, all mail delivered to accounts on the old server was shuttled over until it was clear mail was no longer being received there. Conceivably, we could also have ensured that the MX used by the old server pointed to the new one and removed the domain from the local list. But I'm sure there are many folks out there who have done migrations and would love to share. :-) Bill Peter Holm wrote: Hi, I have a problem from time to time when changing IP-adresses for servers or taking over other domains: I have example.com correctly set up on a mailserver-A as a hosteddomain, this server is working good, no problems and maildelivery for this example.com works well. BUT: MX records for example.com are still pointing to mailserver-B and NOT to mailserver-A. This is still ok, because the take over should take place on a quiet sunday night... NOW if I send mail from any account on mailserver-A to example.com, the mail is NOT delivered to mailserver-B, as this is still set in the actual mx-record for example.com, but the message never leaves mailserver-A and is delivered to the hosted mail account for example.com on mailserver-A. In other words: in such a case, that a domain is setup to be hosteddomained and esmtpacceptedfor on my mailserver-A courier doesn´t seem to be interested in the actual mx record for a domain. In other words: my courier-installation overrides the mx record data with local configuration info. In other words: maybe courier does not even look for the actual mx record, because the target domain is configured to be accepted as a locally hosted domain. I hope, I could describe the situation so that everybody can understand, what I mean... sorry, my english is still not A-Class. Question: Is this a configuration error? If not, is it a hardwired courier behavior to ignore mx records for domains setup to be hosted on the actual server? If this is NOT a configuration error, am I the only one that has problems with this kind of behaviour? How can it be avoided? Thank you very much for your attention, Peter --- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_idU88alloc_id065op=click ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] esmtp authentication
I do the same thing, but use TLS over esmtpd-msa (587). And I did this for exactly the same reason as the original poster... so that only authenicated (and secure) connections can relay. :-) Jay Lee wrote: chester c young said: has anyone gotten esmpt authentication to work with mozilla or thunderbird email? I have clients outside the firewall with varying ip's who need to send email, but do not want an open relay! Yes, it works perfectly. I configure tb to use port 465 (ESMTP SSL) so that passwords and email are not sent in clear text. It authenticates against the same LDAP backend that IMAP and POP3 do. Are you asking just to ask or are you having specific problems with ESMTP Auth. I do the same thing, but use TLS over esmtpd-msa (587). And I did this for exactly the same reason as the original poster... so that only authenicated (and secure) connections can relay. :-) smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] Utility for determining DEFAULT courier delivery location?
If nothing else, authtest will wind up in the authlib directory of the source distribution after a build as been completed. Being on Solaris, I'm used to having to do this. YMMV if you're used to having a binary distribution. One thing I noticed is that authlib absolutely did *not* like me throwing a email address at it, I had to use local user names. I wonder if this has to do with the fact that I don't use LDAP at present, but instead rely upon shadow for authentication (with the daemon)? Regardless, it's nice to know this tool might be used to troubleshoot that sort of setup when the time comes for me to play in LDAP land. :-) Bill Alessandro Vesely wrote: Lloyd Zusman wrote: % deliveryloc [EMAIL PROTECTED] /home/uname/Maildir What about # authtest [EMAIL PROTECTED] Authenticated: module authdaemon Home directory: /home/uname UID/GID: 12345/12345 [EMAIL PROTECTED] AUTHFULLNAME=User Full Name Not (always) installed, no alias lookup, must be run by root. Local names need (and result in) no "@domain.TLD" part, so a script may need to try without it, in case of failure. --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] outbound TLS errors
I would argue that this *is* the correct behavior *for Courier* in this situation... which is that the remote server indicates that it supports STARTTLS. But due to a remote configuration error -- probably a lack of a certificate -- TLS doesn't actually function. I rather like the idea of knowing that a server says it can communicate securely but really doesn't deliver on that. As for esmtproutes, I prefer a simpler form that *just* disables secure communication to one or more domains. domain.com: /SECURITY=NONE Why? Because I don't like the idea of forcing my server always to talk through just one MX. And by not indicating it in the routes line, I'm really doing what I intended: just turn off secure communication with that domain. Bill Jacob S. Barrett wrote: Add a line like this to esmtproutes: mrswashington2003.com:mail.mrswashington2003.com/SECURITY=NONE This says that for mail to mrwashington2003.com go through the host mail wtih no SSL/TLS. smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] Standard for [shared] remote addressbook using imap
Well, I've taken pains to ensure that as I add features to my environment that I can also maintain a choice of client setup. Mind you, for email, it's really IMAP that makes this possible. But I haven't seen any kind of slam dunk for PIM functions. I see it as an advantage that I don't have to depend on this or that client in order to access my email, for example; I use any of Thunderbird, Mozilla, web, phone (EmailViewer on Nokia 6820). As for address books, I'm soon looking to make the foray into LDAP, but there seem to be as many approaches as their are grains of sand in a beach. It would be nice if anyone knew of a best practices list that people could share their experiences with their own implementations. Scott wrote: All of those either suffer from: 1. Users can't write/make changes to the LDAP directory 2. Made for Outlook 3. Strictly web based What I want is something that is platform independent like iCal. Any server can host a directory (secure or otherwise with read/write perms) where users can store their contact dbs. This works great with mozilla's calendar and webDAV right now. I think a great solution would be something along those lines, but with contacts dbs. smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] File Permissions may have foobar'd my installation
Joshua Archer wrote: @4000414321873228f71c X-Qmail-Scanner-1.22:[cathedral.brothersdigital.com109491852547926553] d_m: output spotted from /usr/local/bin/reformime -x/var/spool/qmailscan/tmp/cathedral.brothersdigital.com109491852547926553/ (sh: line 1: /usr/local/bin/reformime: Permission denied @40004143218732290aa4 ) - that shouldn't happen! more permissions issues, dated to the same thing. One thing I would do is look back to the shell history and try to figure out what precisely was done and where it was done. To be getting permission errors from /usr, or perhaps specifically /usr/local, is disconcerting. But you might help define the scope of impact if you can determine what happened. And knowing what happened might help determine the corrective action you can take. And, above all, you do have system backups right? Bill Taroli smime.p7s Description: S/MIME Cryptographic Signature
[courier-users] Alternative Webmail Interfaces
I've been using the bundled webmail interface for a while. I recently assisted a local business in their email migration and did a full Courier deployment. The only part they seem to be having difficulty with is webmail, where the interface isn't feeling particularly intuitive or comfortable for them -- as, say, opposed to Thunderbird. I'm wondering what alternative webmail interfaces have people tried or successfully deployed? What issues or gotchas might I need to be aware of when I attempt to integrate these into Courier? I would presume, for example, that most will wind up just acting like local IMAP clients to courier... Regards, Bill Taroli smime.p7s Description: S/MIME Cryptographic Signature
[courier-users] couriertls connect error
Seems the emstpd session from my Courier 0.45.6 setup is identifying that the recipient MX supports STARTTLS, but fails to communicate with it correctly. I'm noticing an increasing number of these lately, Nokia USA was another recent example. Could this be a local problem, or am I just encountering bad MX'es? [EMAIL PROTECTED]: mx.agilenoc.com [66.230.157.100]: STARTTLS 500 couriertls: connect: error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] couriertls connect error
Jerry Amundson wrote: In etc/esmtproutes ... agilemobile.com: /SECURITY=NONE or, if the flag requires a relay to be present... agilemobile.com: mx.agilenoc.com /SECURITY=NONE Oh yeah this is exactly what I've been doing. I was just getting concerned that I was encountering more of these. I'd consider emailing them to warn them, too, but then I wonder whether it's worth the effort to bang my head on the wall. ;-) Bill smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] Re: Enhancement request
Sam Varshavchik wrote: Jon Nelson writes: I recently gave Dovecot a try. It's not nearly as featureful (or seemingly as stable) as courier-imap, but it has one very important distinction: It is *wicked* fast. It made me think - indexes are what makes dovecot so fast. What would it take to add similar indexing capabilities to courier-imap? So, if you want to evaluate indexing you need to take a reasonably popular IMAP client, log its IMAP commands, then show how indexing will help. Arbitrary benchmarks won't cut it, and adding indexes for the benefit of a lesser-used IMAP tool will come at the expense of greater overhead for the rest of the IMAP clients, which makes no sense. I can't speak for him, but perhaps he's referring to server-side searches? I can't say that my database is all that large, but I do know that searches can take eons (I run a Solaris 9 system with 1GB RAM, 2x300MHz procs, and LVD disk). I agree that server-side cache would do little for client performance. But is there anything other than a search that might benefit on the server side? And, regardless, are such features used enough to make the effort to include the caching worthwhile? Bill smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] Re: Enhancement request
Sam Varshavchik wrote: Bill Taroli writes: Sam Varshavchik wrote: Jon Nelson writes: I recently gave Dovecot a try. It's not nearly as featureful (or seemingly as stable) as courier-imap, but it has one very important distinction: It is *wicked* fast. It made me think - indexes are what makes dovecot so fast. What would it take to add similar indexing capabilities to courier-imap? So, if you want to evaluate indexing you need to take a reasonably popular IMAP client, log its IMAP commands, then show how indexing will help. Arbitrary benchmarks won't cut it, and adding indexes for the benefit of a lesser-used IMAP tool will come at the expense of greater overhead for the rest of the IMAP clients, which makes no sense. I can't speak for him, but perhaps he's referring to server-side searches? And how would the server telepathically know what the client is going to search for, and thus prepare a suitable index in advance? Well, it's not as if we're talking about a normalized database here... there is a quite finite amount of data one can search. Just a brief review of search options in the clients I use suggests that the most likely thing to index are header fields. The body of the message, much like blob objects in databases, might well be considered something not worthy of indexing but still searchable -- no different than it is now. It might even be that what gets indexed be a local decision. As you suggest, indexing isn't one of those things that's usually one-size-fits-all... And *maybe* the indexing itself isn't something that gets done in imapd at all... perhaps it would make more sense to extend the search capability by allowing the searches to be passed to an external agent, which itself would be interested in the indexing and management of the information to do searches ? Seems more in keeping with the Courier design philosophy I remember reading a long time ago that says if it isn't something that's focused on the processing of mail, then implement that somewhere else. In this case, the something else would then need to be hooked via imapd when search requests were executed. Bill smime.p7s Description: S/MIME Cryptographic Signature
Re: [courier-users] Sub-sub-sub folder question
Phillip Hutchings wrote: Jonathan Nichols wrote: Inbox (main inbox) - Mailing Lists - Courier - Postfix - NANOG Is it possible to safely make such a folder structure? What issues might I run into? Works fine for me ;) The only real limitation is that courier stores things as .Mailing Lists.Postfix in the maildir, so if it gets longer than your filesystem's directory name limit you might hit problems. I've never had any. I might caution on the use of spaces in folder names. While one might hope that the server would be nice and put a non-space character in the directory name, it doesn't. So just be aware that if you run any shell scripts against your folders on the server -- I do this for things like expiring old messages after a certain time after reading them -- you may have to deal with spaces in your directory names if you put them in your folder names. :-) Bill smime.p7s Description: S/MIME Cryptographic Signature
[courier-users] Seeking Feedback on PDA / Phone Integration
I'm just beginning to investigate possibilities for a PDA or Cellphone/PDA that can access Courier through secure IMAP. In my particular situation, I'm also interested in having one that has bluetooth -- for integration with headsets, computer, and car -- but since one of my primary objectives is to have wireless access to my email, IMAP compatibility with Courier is very important. Does anyone out there have experiences to share? Good or bad, please. I know nothing will be perfect, but I'd like to start somewhere. :-) Bill --- This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Maildrop: Completely unable to delete mail.
Jeff Jansen wrote: On Wednesday 21 April 2004 08:52, Matt Savigear wrote: I'm getting to the point where I am entirely happy to grovel for assistance. As with many folk I'm using SpamAssassin and want to delete certain mails. I have checked the lists, and come up with a number of methods. None of them actually work - whatever I try, the mail _always_ gets requeued for another delivery attempt. Eventually it bounces, which given the fact that most headers are faked gives me some problems. I've got a user in my userdb called "null". In null's $HOME directory there's a .courier file with a single newline (\n) in it (a NON-empty .courier file). When I want to drop a message I send it to "null" and it disappears. Hope that helps. WRT preventing spam from being delivered, I think another option that many people use are global filters... especially relating to amavis. Being that spam trapping is a not-so-precise art, however, I personally tend to just drop them into a common folder (ala Junk) and have jobs to monitor them and clean up on a regular basis -- allows me to ignore if I wish or review in case of false positives. But back to my original point: the amavis/global filter approach, while it can't modify the content of the message when used as a global filter, enables the rejection of spam much earlier in the process. The only possible drawback would be that it might not be capable of rejecting it without returning an error to the client during SMTP submission... but if this is not an issue, it might be a useful alternative. Bill --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470_id=3638=click ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Help needed debugging .mailfilter file
I would remove the exception block, just leaving the to. I think what you have only executes if there is an exception... Bill Shaun T. Erickson wrote: I want to have all mail that has a To: header containing dhpotter+ste@ (without the quotes) to be moved to the ste subfolder of the inbox. I've tried: if (/^To: [EMAIL PROTECTED]/) { exception { to $HOME/$DEFAULT/.Ste/ } } --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: Help needed debugging .mailfilter file
I'd personally take out the .*$ at the end, unless you also wanted to indicate that the address in question should appear at *the end* of the To line. Shaun T. Erickson wrote: Then, would this be better? /^To:[EMAIL PROTECTED]/ --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Problem with list subscriber.
Those replies are almost certainly coming direct from that user, in response to the messages you've submitted to the list (because this list doesn't force default replies back to the list itself). My Bayesian filter has gotten good enough to just toss those into the Junk folder now. ;-) I can't really fault anyone for wanting to do something like that, it's certainly effective at keeping spam away -- if it doesn't do anything to reduce the congestion on mail servers. I think it would be nice if his mail setup only sent those every so many days, like vacation, instead of once per message though I'd suggest emailing him directly to ask about that, but then you'd only get another please confirm email back. *chuckle* Bill Shaun T. Erickson wrote: I keep getting email from [EMAIL PROTECTED] in response to mail sent to this list, requesting me to reply to become one of his 'confirmed senders'. I have gotten several of these from him today, and they show no sign of stopping. The damage is already done, but I have to say that I find it very offensive that these confirmation programs are used on a mailing list, and that there is no way to say no, I don't want to confirm, and please go away!. --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: Help needed debugging .mailfilter file
Oh, quite correct about that, but that means it might actually process the rest of the line. :-) By omitting the .*$, you say find dhpotter+sf@ anywhere after To: :-) It won't *break* it to leave the .*$ in, but it's not as efficient. ;-) Bill Shaun T. Erickson wrote: Hmmm. Doesn't the above (with the + escaped, as I forgot to do) say: Match a To: at the beginning of the line, followed by 0 or more characters, followed by dhpotter+sf@, followed by 0 or more characters, between it and the end of the line? --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users