Re: [courier-users] Courier-MTA on identi.ca
Sam Varshavchik pisze: Paweł Tęcza writes: Sam, do you have any pretty Courier-MTA logo? I can't find it on http://images.google.com :( I'm afraid I don't. My artistic skills don't go far beyond the URL toolbar icon, http://www.courier-mta.org/icon.gif Hello, Yes, I know that icon :) Don't you have a bit bigger version? ;) Have a nice day, P. -- Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier-MTA on identi.ca
Sam Varshavchik pisze: Paweł Tęcza writes: Yes, I know that icon :) Don't you have a bit bigger version? ;) No -- I never needed it. URL icons are tiny, I just kludged it together in Gimp. It's a pity. So probably I need to make the logo myself ;) Cheers, P. -- Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Courier-MTA on identi.ca
Ehlo People! Are you on identi.ca? If so, then you are very welcome to new group couriermta I've created today: http://identi.ca/group/couriermta If not, then please register free account there ;) Sam, do you have any pretty Courier-MTA logo? I can't find it on http://images.google.com :( My best regards, Pawel -- Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Errorcode -12263
Dnia 2009-07-08, śro o godzinie 13:34 +0200, Jürgen Magin pisze: Hi list When i contact courier with my imap-client (thunderbird (2.0.0.19)) i got the error code -12263. Did anyone know what is the meaning of that? Hello Jürgen, It's very funny coincidence. I've seen the same error today when I was trying to connect to Novell GroupWise IMAP server :) I also use Thunderbird at my workstation. If my memory serves me right I have enabled option Use TLS if available. I can disable it and try again. My best regards, Pawel -- Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Pythonfilter 1.6 doesn't work for MySQL
Gordon Messmer pisze: On 06/29/2009 07:48 AM, Paweł Tęcza wrote: Secondly, the latest version of Pythonfilter can't create automagically tables greylist_passed and greylist_notpassed in my pythonfilter database: Does your pythonfilter user have permissions to create tables in MySQL? Hi Gordon, Thanks a lot for your reply and the hint! Yes, it was my fault and I am really ashamed. I forgot about so simple thing like create table permission. I only set privileges for select, insert, update, delete and lock tables :) BTW, what about the deprecation warnings? Can I ignore them? Have a nice day, Pawel -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Pythonfilter 1.6 doesn't work for MySQL
Hello Gordon, I'm trying to switch from your Pythonfilter 1.5 and PostgreSQL storage to Pythonfilter 1.6 and MySQL storage. Unfortunately it doesn't work for me :( Firsty, when I start Pythonfilter, then it displays me the following warning messages: Jun 29 15:57:15 apollo4 courierfilter: Starting pythonfilter Jun 29 15:57:15 apollo4 courierfilter: /var/lib/python-support/python2.6/courier/config.py:48: DeprecationWarning: os.popen4 is deprecated. Use the subprocess module. Jun 29 15:57:15 apollo4 courierfilter: (chIn, chOut) = os.popen4('courier-config') Jun 29 15:57:15 apollo4 courierfilter: /var/lib/python-support/python2.6/courier/config.py:68: DeprecationWarning: os.popen4 is deprecated. Use the subprocess module. Jun 29 15:57:15 apollo4 courierfilter: (chIn, chOut) = os.popen4('%s/courier --version' % sbindir) Jun 29 15:57:15 apollo4 courierfilter: Initialized the whitelist_auth python filter Jun 29 15:57:15 apollo4 courierfilter: Initialized the whitelist_block python filter Jun 29 15:57:15 apollo4 courierfilter: /var/lib/python-support/python2.6/pythonfilter/greylist.py:21: DeprecationWarning: the md5 module is deprecated; use hashlib instead Jun 29 15:57:15 apollo4 courierfilter: import md5 Jun 29 15:57:15 apollo4 courierfilter: /var/lib/python-support/python2.6/MySQLdb/__init__.py:34: DeprecationWarning: the sets module is deprecated Jun 29 15:57:15 apollo4 courierfilter: from sets import ImmutableSet Jun 29 15:57:15 apollo4 courierfilter: Initialized the greylist python filter Secondly, the latest version of Pythonfilter can't create automagically tables greylist_passed and greylist_notpassed in my pythonfilter database: Jun 29 16:03:19 apollo4 courierfilter: Uncaught exception in greylist doFilter function: class '_mysql_exceptions.ProgrammingError':(1146, Table 'pythonfilter.greylist_Passed' doesn't exist) Jun 29 16:03:19 apollo4 courierfilter: File /etc/courier/filters/active/pythonfilter, line 200, in processMessage Jun 29 16:03:19 apollo4 courierfilter: replyCode = i_filter[1](bodyFile, controlFileList) Jun 29 16:03:19 apollo4 courierfilter: File /var/lib/python-support/python2.6/pythonfilter/greylist.py, line 104, in doFilter Jun 29 16:03:19 apollo4 courierfilter: _sendersPassed.purge() Jun 29 16:03:19 apollo4 courierfilter: File /var/lib/python-support/python2.6/pythonfilter/TtlDb.py, line 159, in purge Jun 29 16:03:19 apollo4 courierfilter: (('value', minVal),)) Jun 29 16:03:19 apollo4 courierfilter: File /var/lib/python-support/python2.6/pythonfilter/TtlDb.py, line 134, in _dbWrite Jun 29 16:03:19 apollo4 courierfilter: c = self._dbExec(query, params) Jun 29 16:03:19 apollo4 courierfilter: File /var/lib/python-support/python2.6/pythonfilter/TtlDb.py, line 113, in _dbExec Jun 29 16:03:19 apollo4 courierfilter: c.execute(query, exec_params) Jun 29 16:03:19 apollo4 courierfilter: File /var/lib/python-support/python2.6/MySQLdb/cursors.py, line 166, in execute Jun 29 16:03:19 apollo4 courierfilter: self.errorhandler(self, exc, value) Jun 29 16:03:19 apollo4 courierfilter: File /var/lib/python-support/python2.6/MySQLdb/connections.py, line 35, in defaulterrorhandler Jun 29 16:03:19 apollo4 courierfilter: raise errorclass, errorvalue I remember that Pythonfilter created them for PostgreSQL without my help. Do I need to create these tables for MySQL manually? I have Ubuntu Jaunty box with the following Python packages: python 2.6.2-0ubuntu1 python-apt 0.7.9~exp2ubuntu10 python-central 0.6.11ubuntu7 python-egenix-mxdatetime3.1.1-1ubuntu1 python-egenix-mxtools 3.1.1-1ubuntu1 python-gdbm 2.6.2-0ubuntu1 python-gnupginterface 0.3.2-9ubuntu2 python-minimal 2.6.2-0ubuntu1 python-mysqldb 1.2.2-7ubuntu1 python-psycopg2 2.0.8-0ubuntu2 python-support 0.8.7ubuntu4 python2.4 2.4.6-1ubuntu3 python2.4-minimal 2.4.6-1ubuntu3 python2.6 2.6.2-0ubuntu1 python2.6-minimal 2.6.2-0ubuntu1 My best regards, Pawel -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Greylisting problem
shion pisze: Hello, I'm using courier with pythonfilter (v.1.6) in a virtualised environment and try to using greylisting. All mails are delayed for 5 minutes but all mails from the local network are delayed too. I have added the external IP-address of the network in the file default which is located in the smtpaccess folder, because the server is located outside of the local network. After entering the IP address I have run makesmtpaccess. Here my entry: X.X.X.X allow,RELAYCLIENT I don't know why all local mails are delayed. Should'nt it forward all mails from the local network or have I forgotten to configure something? I hope someone has an idea. : ) Bye shion Hi Shion, 1. Check whether you enabled whitelist_relayclients module of Pythonfilter in /etc/pythonfilter.conf file. If not, then do it and restart Pythonfilter. 2. Check whether you have Tab(s) character between X.X.X.X and allow,RELAYCLIENT. Courier needs that character. 3. Check how your Courier can see hosts from the local network. Make sure they have the same IP addresses like in lines of the smtpaccess file. If the hosts from your local network shouldn't relay via your Courier, then in my opinion it's better to use whitelist_block of Pythonfilter and allow,BLOCK in the smtpaccess file. Good luck! Pawel -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] python filter howto?
Ricardo Kleemann pisze: Hi, I currently use the perl filter module but I'd like to switch over to the python filter module. Is there a howto somewhere? Hello Ricardo, The best HOWTO is README file distributed with Pythonfilter sources ;) Is there a Ubuntu package for the python filter? I only see the perl filter in apt repository. You can rebuild unofficial Debian source package by Frederik Dannemare. It's available at the following URL and still waits for sponsoring: http://mentors.debian.net/debian/pool/main/c/courier-pythonfilter/ Please note that it's Pythonfilter 1.4, not the latest version 1.5. I've also created unofficial Debian package with Pythonfilter and builded it for Ubuntu I use. Frederik's package is OK, but I have a few ideas how to improve it. Please look at the URL below for more details: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504080 I'm going to update my package to version 1.5 soon, because I want to use psycopg2 support for my clustered mail system. I can share it, of course. I have building machine with a few Ubuntu chrooted releases, so I can easy build the packages for Intrepid, Hardy or Gutsy if you are interested. My best regards, Pawel -- Check out the new SourceForge.net Marketplace. It is the best place to buy or sell services for just about anything Open Source. http://p.sf.net/sfu/Xq1LFB ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] python filter howto?
Dnia 2009-01-07, śro o godzinie 09:07 -0800, Ricardo Kleemann pisze: Thanks Pawel! When do you anticipate being able to update the package to 1.5? I'd like to download the package once it's updated to 1.5, I'm running Ubuntu Hardy server 64 bit. I'm going to start updating my package tomorrow here, it means Thursday. I hope I'll finish it in the current week. But in my opinion you don't need to wait for version 1.5. Differences between 1.4 and 1.5 aren't revolutionary. Gordon has added support for psycopg2 module for PostgreSQL and one another new filter and small function. Please study Pythonfilter's Changelog for more details. I use 1.4 for stable system and I'm very satisfied :) So if you don't have mail cluster or you can install real pgsql module from sources, then 1.4 is also good choice for you. Please let me know if you want Pythonfilter 1.4 backport for Hardy on amd64 architecture. I can build it for you, because it's very easy and fast action. Cheers, P. -- Check out the new SourceForge.net Marketplace. It is the best place to buy or sell services for just about anything Open Source. http://p.sf.net/sfu/Xq1LFB ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courier-authlib 0.58 needed
Dnia 2009-01-02, pią o godzinie 10:54 +0100, Stefan Onken pisze: Hello, not sure if this is the correct mailinglist, but I am looking for the source code of courier-authlib 0.58. Any URL would be helpful. Hi Stefan, packages.debian.org site is your friend: http://security.debian.org/debian-security/pool/updates/main/c/courier-authlib/courier-authlib_0.58.orig.tar.gz Probably you can also use Courier-MTA CVS repo to get that version of courier-authlib. It should have appropriate tag. BTW, interesting name of your domain. Polish meaning of stonki is potato beetles :D My best regards, Pawel -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Corrupted Pythonfilter greylist_NotPassed database
Gordon Messmer pisze: Paweł Tęcza wrote: Paweł Tęcza pisze: What Python module for PostgreSQL support do you use? ... Gordon uses python-pgsql module by Cristian Gafton. You can download it from following URL: http://people.rpath.com/~gafton/pgsql/ Sorry to leave you hanging like that, Paweł. You're correct about the python module, also available here: http://pypi.python.org/pypi/python-pgsql/ Hi Gordon, Thanks a lot for the reply! It's good to know you read my posts :) At some point in the future, I'll probably add support for the psycopg2 module, used by Zope and Django for PostgreSQL support. PostgreSQL is a terrific DB, but it could seriously use a well supported standard Python module. Yuck. Fortunately Debian has good package with psycopg2, so I don't need to debianize it :) Let me know if you run into issues with SQL support. I still consider it experimental. It was implemented to enable SMTP server clustering, but I haven't used it anywhere in production. OK, I'll write here about noticed problems. I'm going to put it into action soon. Have a nice day, P. -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Corrupted Pythonfilter greylist_NotPassed database
Paweł Tęcza pisze: Gordon Messmer pisze: At some point in the future, I'll probably add support for the psycopg2 module, used by Zope and Django for PostgreSQL support. PostgreSQL is a terrific DB, but it could seriously use a well supported standard Python module. Yuck. Fortunately Debian has good package with psycopg2, so I don't need to debianize it :) Hello again, Is it very hard to add support for the psycopg2 module right now? I wrote that I want to debianize real python-pgsql module at Debian Python mailing list [1]. I heard in response that I could try to use psycopg2 module instead of python-pgsql. I did it, but unfortunately it seems that these modules haven't compatible API. Let me know if you run into issues with SQL support. I still consider it experimental. It was implemented to enable SMTP server clustering, but I haven't used it anywhere in production. OK, I'll write here about noticed problems. I'm going to put it into action soon. I'm running your Pythonfilter on one of our front-ends. It's working about 0.5h and haven't seen any issues :) pythonfilter= select count(*) from greylist_notpassed; count --- 57 (1 row) pythonfilter= select count(*) from greylist_passed; count --- 2 (1 row) Cheers, P. [1] http://lists.debian.org/debian-python/2008/12/msg00016.html -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Corrupted Pythonfilter greylist_NotPassed database
Paweł Tęcza pisze: Paweł Tęcza pisze: Paweł Tęcza pisze: [...] I've read about PostgreSQL support for Pythonfilter, but supposedly it's experimental. Also I don't have PostgreSQL database right now. Hello Folks, Does someone here use Pythonfilter with PostgreSQL? Gordon, What Python module for PostgreSQL support do you use? This is an information for other Courier users who are trying Pythonfilter with PostgreSQL support like me: Gordon uses python-pgsql module by Cristian Gafton. You can download it from following URL: http://people.rpath.com/~gafton/pgsql/ Please note that Debian/Ubuntu package named python-pgsql is *different* module! The debian/copyright file says that it was created by Billy G. Allie and is available at http://pypgsql.sourceforge.net/ The name of the package is very confusing, but it's old package, so I don't believe that its maintainer will change name of his package. Cheers, P. -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] mta hanging reading smtpaccess.dat
Marcus Pereira pisze: Sam Varshavchik wrote: [...] Except that it's been happening for more than a year, and occurs randomly. My guess is a db library bug. I'd try a different library (probably gdbm). I could do that, but how? I am using libgdbm 1.8.3 Hello Marcus, We also noticed that problem with smtpaccess.dat file many times. We are using libgdbm 1.8.3 (from Ubuntu package libgdbm3 1.8.3-3) like you. It's the most recently version of libgdbm for Debian and Ubuntu. My best regards, Pawel -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Corrupted Pythonfilter greylist_NotPassed database
Paweł Tęcza pisze: Paweł Tęcza pisze: [...] I've read about PostgreSQL support for Pythonfilter, but supposedly it's experimental. Also I don't have PostgreSQL database right now. Hello Folks, Does someone here use Pythonfilter with PostgreSQL? Gordon, What Python module for PostgreSQL support do you use? I've installed PostgreSQL 8.3 server successfully, but I still can't start your Pythonfilter, because of the following error: Dec 15 13:29:34 xxx courierfilter: File /usr/lib/python2.5/site-packages/pythonfilter/TtlDb.py, line 59, in __init__ Dec 15 13:29:34 xxx courierfilter: import pgsql Dec 15 13:29:34 xxx courierfilter: ImportError: No module named pgsql I have installed Ubuntu package named python-pgsql, but it doesn't contain pgsql module. It includes only PgSQL module. There are the same modules? Sorry for stupid questions for you, but I don't have any Python experiences. Have a nice day, P. -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] mta hanging reading smtpaccess.dat
Marcus Pereira pisze: Hi Pawel, I have servers using Debian libdbdm3 1.8.3-3 and 1.8.3-4. Studing libdbm3 package on Debian I found this bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=274417 I feel suspecious about the fix they made. I removed the patch and rebuild the package. Its now running on 4 of my servers, no problem at all but still too early to say this is the problem. If you want to try my package: http://dl.task.net.br/libgdbm3_1.8.3-4.1_amd64.deb for Debian 64. http://dl.task.net.br/libgdbm3_1.8.3-4.1_i386.deb for Debian 32. Thanks for the tip, Marcus! I can take a look at your packages, but I don't know when the problem will occur again, of course. BTW, we also have ext3 filesystem :) Good night, P. PS. Here in Poland we have TASK too. It's Polish acronym for Tri-City Academic Computer Network :D -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Corrupted Pythonfilter greylist_NotPassed database
Hello Gordon, Yesterday I installed your Pythonfilter for my users to improve fighting spam using greylisting module. It has been working well for a few hours. Unfortunately after that time the greylist_NotPassed database has been corrupted: Dec 11 18:37:29 xxx courierfilter: Uncaught exception in greylist doFilter function: class 'bsddb.db.DBRunRecoveryError':(-30975, 'DB_RUNRECOVERY: Fatal error, run database recovery -- PANIC: fatal region error detected; run recovery') Dec 11 18:37:29 xxx courierfilter: File /etc/courier/filters/active/pythonfilter, line 199, in processMessage Dec 11 18:37:29 xxx courierfilter: replyCode = i_filter[1](bodyFile, controlFileList) Dec 11 18:37:29 xxx courierfilter: File /usr/lib/python2.5/site-packages/pythonfilter/greylist.py, line 160, in doFilter Dec 11 18:37:29 xxx courierfilter: _sendersNotPassed.unlock() Dec 11 18:37:29 xxx courierfilter: File /usr/lib/python2.5/site-packages/pythonfilter/TtlDb.py, line 196, in unlock Dec 11 18:37:29 xxx courierfilter: self.db.sync() Dec 11 18:37:29 xxx courierfilter: File bsddb/__init__.py, line 293, in sync Dec 11 18:37:29 xxx courierfilter: return _DeadlockWrap(self.db.sync) In the Courier log file also I can see a lot of error messages like below: Dec 12 11:00:06 xxx courierfilter: Uncaught exception in greylist doFilter function: type 'exceptions.KeyError':'3d89ef72e9bbb1e4d677350b748b1832' Dec 12 11:00:06 xxx courierfilter: File /etc/courier/filters/active/pythonfilter, line 199, in processMessage Dec 12 11:00:06 xxx courierfilter: replyCode = i_filter[1](bodyFile, controlFileList) Dec 12 11:00:06 xxx courierfilter: File /usr/lib/python2.5/site-packages/pythonfilter/greylist.py, line 106, in doFilter Dec 12 11:00:06 xxx courierfilter: _sendersNotPassed.purge() Dec 12 11:00:06 xxx courierfilter: File /usr/lib/python2.5/site-packages/pythonfilter/TtlDb.py, line 214, in purge Dec 12 11:00:06 xxx courierfilter: if float(self.db[key]) minVal: Dec 12 11:00:06 xxx courierfilter: File bsddb/__init__.py, line 223, in __getitem__ Dec 12 11:00:06 xxx courierfilter: return _DeadlockWrap(lambda: self.db[key]) # self.db[key] Dec 12 11:00:06 xxx courierfilter: File bsddb/dbutils.py, line 62, in DeadlockWrap Dec 12 11:00:06 xxx courierfilter: File bsddb/__init__.py, line 223, in lambda Dec 12 11:00:06 xxx courierfilter: return _DeadlockWrap(lambda: self.db[key]) # self.db[key] I know that the greylist_NotPassed file is broken, because I checked it using `db4.6_verify` utility (Debian/Ubuntu db4.6-utils package): # db4.6_verify greylist_Passed # db4.6_verify greylist_NotPassed db4.6_verify: Page 20: hash page has bad prev_pgno db4.6_verify: Page 11: first page in hash bucket 9 has a prev_pgno db4.6_verify: Page 14: non-empty page in unused hash bucket 12 db4.6_verify: greylist_NotPassed: DB_VERIFY_BAD: Database verification failed I've fixed it using `db4.6_dump` and `db4.6_load` tools (the same package): # db4.6_dump greylist_NotPassed greylist_NotPassed.dump # rm -f greylist_NotPassed # db4.6_load greylist_NotPassed greylist_NotPassed.dump # db4.6_verify greylist_NotPassed It seems to be OK now, but I'm affaid to enable Pythonfilter again :) Here more details about my mail system. It includes a few virtual OpenVZ front-ends. My users Maildirs are shared between front-ends using NFS, so the greylist_* files was also shared via NFS. Do you think it matters? I've read about PostgreSQL support for Pythonfilter, but supposedly it's experimental. Also I don't have PostgreSQL database right now. What's your opinion about using NFS to sharing the greylist_* files? Do you think that PostgreSQL support is ready to use in stable and production environment? My best regards, Pawel -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] SMTP Auth via SSL/TLS required
Sam Varshavchik pisze: [UTF-8]Pawe T™cza writes: Hello People, Is it possible to force authenticated SMTP relaying only via SSL/TLS? We need to protect the passwords of our users strongly, so they should use secure connection (via SSL) to ESMTP/POP3/IMAP servers. But how can we force the users to use STARTTLS for normal ESMTP server which listens on port 25? STARTTLS is only option here, so some users can bypass our security policy. You can make it a mandatory setting only if it's a dedicated server, by setting ESMTP_TLS_REQUIRED. You can't do that if you share the same server for incoming mail, and smarthosted mail for your clients. Hi Sam, Thanks a lot for your reply! I have that server, but I'm affraid that ESMTP_TLS_REQUIRED setting is too restrictive for me, because I'm not quite sure that all clients support TLS. An option that may work for you is to remove the ESMTPAUTH setting, and put it into ESMTPAUTH_TLS. Courier will advertise no support for authentication in non-encrypted connections, and will advertise AUTH support only after STARTTLS. This setting only turns off the advertisement for AUTH support. I like that option, so I choose it :) Clients are not supposed to authenticate unless the server advertises this capability, however it's possible that buggy clients will blindly try to authenticate even if the server doesn't advertise AUTH support. But all clients, buggy and not, will not send message via my server if they try to use non-encrypted connections. Then they should see an error message like 513 Relaying denied.. Right? My best regards, Pawel -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] SMTP Auth via SSL/TLS required
Marcus Ilgner pisze: On Tue, Dec 9, 2008 at 10:16 AM, Paweł Tęcza [EMAIL PROTECTED] wrote: Sam Varshavchik pisze: Clients are not supposed to authenticate unless the server advertises this capability, however it's possible that buggy clients will blindly try to authenticate even if the server doesn't advertise AUTH support. But all clients, buggy and not, will not send message via my server if they try to use non-encrypted connections. Then they should see an error message like 513 Relaying denied.. Right? Yes but if I understand correctly the problem in this case is that by then the password has already been sent over the network without issuing STARTTLS. Hello Marcus, You're right. It's security problem, but I can't see any good solution here. Probably I can only ask a user to change his password when he will raport us that he is not able to send message without TLS/SSL. My best regards, Pawel -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] SMTP Auth via SSL/TLS required
Hello People, Is it possible to force authenticated SMTP relaying only via SSL/TLS? We need to protect the passwords of our users strongly, so they should use secure connection (via SSL) to ESMTP/POP3/IMAP servers. But how can we force the users to use STARTTLS for normal ESMTP server which listens on port 25? STARTTLS is only option here, so some users can bypass our security policy. My best regards, Pawel -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] SMTP Auth via SSL/TLS required
Paweł Tęcza pisze: Hello People, Is it possible to force authenticated SMTP relaying only via SSL/TLS? We need to protect the passwords of our users strongly, so they should use secure connection (via SSL) to ESMTP/POP3/IMAP servers. But how can we force the users to use STARTTLS for normal ESMTP server which listens on port 25? STARTTLS is only option here, so some users can bypass our security policy. I've found the solution. It seems that I have full effect if I disable all ESMTP authentication mechanisms supported by Courier: sudo vim /etc/courier/esmtpd ESMTPAUTH= I hope it can be interesting tip for you. Cheers, P. -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Can not more send messages to my own host since some days...
Sam Varshavchik pisze: Michelle Konzack writes: Also, you are missing all the *.dist files. Rather than fix this mess by hand, one file at a time, you should just reinstall. It'll probably be faster than just trying to fix this disaster, one brick at a time. There are no *.dist files on a Debian System... ;-) Well, I have nothing else to suggest. I only know how Courier should be installed, according to the default installation script. You'll have to wait until to hear from someone who knows better how things are done on Debian. Hi Sam, On Debian filename.dist files are installed simply as filename. For example we have /etc/courier/imapd config file instead of /etc/courier/imapd.dist. My best regards, Pawel Tecza - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Can not more send messages to my own host since some days...
Stefan Hornburg pisze: Paweł Tęcza wrote: Hi Sam, On Debian filename.dist files are installed simply as filename. For example we have /etc/courier/imapd config file instead of /etc/courier/imapd.dist. Just for the record, with some modifications as shown below. Any comments are appreciated. Hello Stefan, At first, thanks a lot for your feedback and packaging Courier for Debian (and Ubuntu)! :) I'm not quite sure it's a good idea to enable all Courier services/servers after installation. Probably it's a better policy to disable them by default and starting only when an admin really needs them. If they are unconfigured, then they should be stopped. It's my 0.03 PLN in that topic ;) Have a nice day, Pawel - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier Cluster
Svetozar Mihailov pisze: Hello all, Hello Svetozar, Sorry for the late response, but recently I've not had much free time to watch this mailing list. 2.2 I do not want to use load balancer because if load balancer dies everything stop. I will implement monitoring (ping?) daemon, which will add/remove servers to dns if some of them dies. Is there recomended minimal TTL for dns records in this case? Yes, it's true that only one load balancer is not good idea. Hence, you should have two redundant load balancers or second backup load balancer on the alert. In my opinion a load balancer is a base element of modern and high availability cluster in these days. Below is a short list of the most important advantages of the load balancer: 1. Network traffic load balancing My administrator experience is that DNS based load balancing sucks. It's not a blame of architecture of domain names system. It's because of stupid Windows hosts. They ignore setting of DNS TTL and cache resolved IP addresses, so you can't stop them to connect with your cluster nodes when you want to reboot them, for example. Of course, you can move IP addresses between machines, but I don't like that manual job. If you want to switch the network traffic when you upgrade a distro on one of your nodes or do some tests, then you should use some free load balancer. Your jobs will be invisible for your users! We use Keepalived in our clustered mail system and I can recommend it for you if you prefer Linux. 2. Security What do you do when some evil people make DoS attack on your cluster? Probably you drop or reject their IP address on all nodes of the cluster. Yes, you can do it in that way, but it's not quick and handy. If you have load balancer(s), then you can cut off aggressors on only one (or two) machine(s) and the problem is resolved. I hope it will be helpful for you or another Courier admins. My best regards, Pawel Tecza - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier Cluster
Manuel Schneider pisze: Hi, Paweł Tęcza schrieb, Am 16.09.2008 10:04: Svetozar Mihailov pisze: 2.2 I do not want to use load balancer because if load balancer dies everything stop. I will implement monitoring (ping?) daemon, which will add/remove servers to dns if some of them dies. Is there recomended minimal TTL for dns records in this case? Yes, it's true that only one load balancer is not good idea. Hence, you should have two redundant load balancers or second backup load balancer on the alert. Hello Manuel, you could do poor man's loadbalancing by assigning several IP adresses to the same virtual host name which acts as MX. This way there is some kind of round robin (not a real load balancing) among the mail servers. We were doing it exactly in that way before, but as I wrote in my previous post, it's not good solution for serious mail system because of Windows client hosts which piss on DNS TLL. We don't want to do any breaks for our users, if it's not necessary, so now we had to use real load-balancer to switch a traffic while administrator jobs. We do this with a little cluster system for failover of different services, including mail. We run the primary and secondary nameservers on the both nodes which advertise their IP adresses with TTL 60. So when a host goes down the nameserver is also down and the IP adress isn't advertised any more. That's not very sophisticated, but cheap... For what the folks want to pay for it it does a great job. Our university mail system should be available for users by 24 hours per day and 365 days per year, so we have separated and redundant name servers, load-balancers, front-ends with SMTP/POP3/IMAP/webmail/anti-virus servers and anti-spam nodes and storages. All runs on Linux/OpenVZ/free software based platform. As you can see it's not a little system :) Have a nice day, Pawel - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier Cluster
Steve Shockley pisze: Paweł Tęcza wrote: We were doing it exactly in that way before, but as I wrote in my previous post, it's not good solution for serious mail system because of Windows client hosts which piss on DNS TLL. If you have control of the clients, you can stop/disable the DNS Client service to fix that. Good architecture is probably a better solution though. Hi Steve, Thanks for the hint! I don't use Windows, because I'm happy Linux user, so I didn't know about such interesting service like DNS Client :) (Un)fortunately, I haven't got any control of work/home stations of our university employees and students, because I'm only mail system administrator here. My best regards, Pawel - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Looped DSNs when empty sender and broken user's forward
On Cz, 2008-07-03 at 07:57 -0700, Gordon Messmer wrote: Double-bounces aren't usually a problem. Courier already detects the situation that a message can't be delivered, and the DSN can't be delivered either. Those bounces go to the postmaster. If your postmaster account is the one bouncing mail, then I suggest you set up a postmaster address that doesn't use mailfilters that are prone to breaking. Just create a dot-courier file in your home directory and specify a delivery rule that indicates a Maildir path. alias: postmaster: ptecza-postmaster /home/ptecza/.courier-postmaster: ./Maildir/.Postmaster/. Hi Gordon, Thank you very much for your reply! Unfortunately, my postmaster account is used not only by me. It's simply an alias for all admins of our mail system. I asked Sam, because I couldn't see any good reasons for setting SENDER=$FROM. My best regards, Pawel signature.asc Description: This is a digitally signed message part - Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Looped DSNs when empty sender and broken user's forward
On Cz, 2008-07-03 at 18:26 -0400, Sam Varshavchik wrote: Paweł Tęcza writes: So, my question is: why don't you set SENDER='[EMAIL PROTECTED]' or SENDER='[EMAIL PROTECTED]' or something similar if SENDER variable is empty? In that case, if user's forward is broken, then Courier is trying to deliver a DSN message to a postmaster, not to a user with not working forward. I think it's reasonable solution, because information about broken user's forward is valuable for mail system administrator. What's your opinion? Yes, I think that's reasonable. The original reason for resetting the return address would be to be notified if forwarded mail bounces. I expected people to set up forwarding rules carefully, and take care not to indiscriminantly forward all mail, rather only ones that match narrow filtering criteria. But I suppose that's too much to expect, from people, so I guess this will have to change. I'll change the return address on forwarded mail to a null address, which will bounce to the postmaster's mailbox automatically. Hello Sam, Thanks a lot for your feedback! I'm glad to see you will change it :) Have a nice coding day, Pawel signature.asc Description: This is a digitally signed message part - Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Looped DSNs when empty sender and broken user's forward
Hello Sam, I would like to ask you about setting SENDER=$FROM in user's mailfilter file when SENDER variable is empty (please see maildir_filter_saverules() function in maildir/maildirfilter.c file): import SENDER if ($SENDER eq ) { SENDER=$FROM } Unfortunately, that maildrop filter code can be dangerous for a mail server if a user has broken forward and he received a message from empty address. Recently we have had that situation in our mail system. Courier server couldn't deliver a message to user's external account, so it was trying to deliver DSN to our user, because the maildrop filter code has set his internal address as a return address. The DSN message wasn't delivered too, because user's forward didn't work, etc, etc. In result we had looped DSNs from MAILDER-DAEMON... I noticed it watching mail queue peak on our Munin graph. Fortunately we have strong servers, so it wasn't noticeable for the rest our users. So, my question is: why don't you set SENDER='[EMAIL PROTECTED]' or SENDER='[EMAIL PROTECTED]' or something similar if SENDER variable is empty? In that case, if user's forward is broken, then Courier is trying to deliver a DSN message to a postmaster, not to a user with not working forward. I think it's reasonable solution, because information about broken user's forward is valuable for mail system administrator. What's your opinion? My best regards, Pawel signature.asc Description: This is a digitally signed message part - Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Blocking outgoing messages?
On Pt, 2008-06-27 at 10:19 +0800, Jeff Jansen wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Pawel Tecza [EMAIL PROTECTED] wrote on 2008-Jun-27: Maybe my post wasn't clear enough, but I don't want to block messages which my server *receives* from [EMAIL PROTECTED] address. I need to block messages my users *send* to that address and it's not one of my addresses, of course. Create an alias for the bad address on your server and do something with it locally. Then it won't ever leave your server. Hi Jeff, Thank you very much for the tip! It really works and does what I want :) Below is an example piece of aliases file. It forwards user's reply to postmaster and does a copy of the reply in a text file. [EMAIL PROTECTED]: [EMAIL PROTECTED], phishing-reply phishing-reply: |cat /path/to/phishing-reply.txt I think it can be useful for another postmasters. Have a nice day, Pawel signature.asc Description: This is a digitally signed message part - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Blocking outgoing messages?
Hello again :) On Pt, 2008-06-27 at 07:06 +0200, Bernd Wurst wrote: Hi. On Thursday 26 June 2008, Pawel Tecza wrote: In my opinion difference between badfrom and spamtrap options is that badfrom is for addresses in MAIL FROM: and spamtrap is for addresses in RCPT TO:, but both are for domains I host. Please correct me, if I'm wrong. I've never seen such a limitation. But seems like you're right. In a current test, this did not work as I expected. Sorry, I thought this could contain arbitrary values for recipient addresses. This seems wrong. No problem :) Maybe my post wasn't clear enough, but I don't want to block messages which my server *receives* from [EMAIL PROTECTED] address. I need to block messages my users *send* to that address and it's not one of my addresses, of course. I understood what you want, thought this should work... Okay, I'm out. A custom alias won't work either, I suppose. A courierfilter should be able to do this, perhaps one of the pytonfilters can blacklist some addresses? I'm not very familiar with pythonfilters by Gordon Messmer, but Jeff Jansen has just pointed me the solution. It seems that using aliases is a good method to blocking outgoing messages. My best regards, Pawel signature.asc Description: This is a digitally signed message part - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Blocking outgoing messages?
On Pt, 2008-06-27 at 07:07 -0400, Sam Varshavchik wrote: Paweł Tęcza writes: Below is an example piece of aliases file. It forwards user's reply to postmaster and does a copy of the reply in a text file. [EMAIL PROTECTED]: [EMAIL PROTECTED], phishing-reply phishing-reply: |cat /path/to/phishing-reply.txt I think it can be useful for another postmasters. The whole problem with this approach is then you'll need to constantly maintain and update a list of phishing mailboxes. Hi Sam, Fortunately we have been attacked only one time. I hope I never need to use that tip :) This is a losing war. The only solution here is a large cluestick, applied sufficiently to the lusers' heads. I believe that people aren't so stupid to send their passwords to anyone, but I would like to have any weapons to protect also dumb users. Best regards, Pawel signature.asc Description: This is a digitally signed message part - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Blocking outgoing messages?
Hello, Is it a way to block outgoing messages from my authenticated users to specified e-mail address? Something like badfrom [EMAIL PROTECTED] in the bofh file, but for external addresses. Recently many of my users have received the phishing messages. I sent a warning to them, of course, but some of the users replied to the address from Reply-To: header. Fortunately nobody disclosed his password :) I know I can block IP address of MX for that domain using firewall, but I rather prefer block only one e-mail address. Have you ever been attacked by the phishing messages? What do you do in that situations to protect yourself? My best regards, Pawel signature.asc Description: This is a digitally signed message part - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] GFS
On Wt, 2008-06-03 at 12:56 +0200, Dino Ciuffetti wrote: Pawel Tecza wrote: Did you try also another distributed file systems, for example Coda or Lustre? What's your opinion? Hi. I didn't try any distributed fs, but... if you want a way to do RAID1 over ETHERNET you can use DRBD (http://www.drbd.org/) with heartbeat to mount the filesystem on one node or another. DRBD Version = 8.0.0 support local mount of both nodes, giving the free opportunity to have the same thing you can have with high cost Shared SCSI buses or the like. Of course you need a filesystem like GFS in front of it if you want to mount a filesystem on both nodes, but we use it mounted RW on one node only. We are so happy with it!! HTH Hi Dino, At first, thank you very much for your interesting and valuable hint! Yes, I need to mount my storage on a few nodes. Now we use NFS to access to the storage, but unfortunately NFS is slowly and it's a bottleneck of our mail system. My best regards, Pawel - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] GFS
On Pn, 2008-06-02 at 10:04 -0400, Bowie Bailey wrote: Pawel Tecza wrote: Sorry for off topic, but I'm very curious about your experiences with GFS for Courier, because we think about using any distributed file system in our mail system. Could you please write us more about it? Did you try also another distributed file systems, for example Coda or Lustre? What's your opinion? I have only used GFS, so I can't compare with any other file systems. My setup was three servers (two live, one for backups) sharing a GFS volume via AoE (Coraid box). The project has not gone live yet, so I can't comment on real-world performance, but it has worked well in all of our testing. Hello Bowie, Thanks a lot for your feedback! It's good to know about ATA-over-Ethernet, but we have just iSCSI storage (Infotrend EonStor A16E-G2130-4), so we rather will not use AoE. Is it a dead/frozen project or are you still testing it? Why did you choose GFS? Did you have any troubles with setting up that file system? What operating system do you use? Is it Linux? If so, what version of Linux you was trying? Sorry for a lot of questions, but I would like to know more details about your project :) I think it can be very interesting also for another Courier admins. Have a nice day, Pawel - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] GFS
On Wt, 2008-06-03 at 09:18 -0400, Bowie Bailey wrote: Pawel Tecza wrote: Hello Bowie, Thanks a lot for your feedback! It's good to know about ATA-over-Ethernet, but we have just iSCSI storage (Infotrend EonStor A16E-G2130-4), so we rather will not use AoE. Is it a dead/frozen project or are you still testing it? Why did you choose GFS? Did you have any troubles with setting up that file system? What operating system do you use? Is it Linux? If so, what version of Linux you was trying? Sorry for a lot of questions, but I would like to know more details about your project :) I think it can be very interesting also for another Courier admins. iSCSI would work just as well. We used AoE simply because we were looking for fairly inexpensive shared storage and the Coraid boxes looked good. The project stalled because of some issues that came up in last minute testing and then other priorities took over. These issues had nothing to do with Courier or GFS. The OS is CentOS 4.6. We chose GFS because it did what we needed it to do and it is available via RPM. I didn't have any problems setting up the file system. The only issue is that there is a bit of a learning curve figuring out how to configure the clustering. Once you sort out how everything links together, the actual creation of the file system is very easy. Thanks a lot for your reply and all information about the GFS project! I hope it will come back to life soon :) Cheers, Pawel - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Moving Courier to a new host/server
On Pt, 2008-05-30 at 09:41 -0400, Bowie Bailey wrote: Pawel Tecza wrote: [...] Sometimes we have to migrate our OpenVZ front-ends with Courier server to another physical machine. We wrote simple Bash script to fix mail queue file names, because the files after migration have different inodes and then filenames are invalid. We can share it, if you are interested. Interesting idea, but... Jérôme Blion wrote: For mail waiting in the queue, it could be interesting to convert the old server to a smarthost, emptying all the queue on the new server. I did it this way. It has the advantage of being simple, quick and effective. And since everything happens through normal mail channels, I don't have to worry about somehow screwing up the queue. Hello Bowie, Probably you're right. I didn't know about a relay client method, so we was fixing the mail queue filenames :) Sorry for off topic, but I'm very curious about your experiences with GFS for Courier, because we think about using any distributed file system in our mail system. Could you please write us more about it? Did you try also another distributed file systems, for example Coda or Lustre? What's your opinion? My best regards, Pawel - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Moving Courier to a new host/server
On Cz, 2008-05-29 at 12:24 -0400, Bowie Bailey wrote: ravi wrote: Hello all, I am planning on moving my Courier installation to a new server. I searched in the archives and Interwebs, but did not find anything authoritative. The docs give Upgrade instructions which I think do cover some of the issues. But I wanted to post here and ask if there is a particular document that is useful for this purpose? Thank you, I have moved my installation a couple of times. It's not difficult. What I did was this: - Create a new installation of Courier on the new server - Copy over the config files from the old server - Make any config changes needed (server name, IP, etc) - Rsync maildirs from the old server (while it's still running) - Shutdown Courier on the old server - Rsync the maildirs again to pick up any last minute changes - Bring up the new server The only downtime will be during the second rsync, which will not take nearly as long as the first one. Don't forget the authlib config files. Hi Bowie, The Maildirs of our users are available via NFS, so we don't need to rsync them. I think it's a good idea to use NFS or another network file system, if you have many users and multiple servers. The only thing this doesn't get you is the contents of the outgoing mailq. I don't think there is a good way to transfer that to the new server. What I did was just let the old server run with no incoming smtp or pop3 access for a day or so to let the queue clear out as much as possible before I shut it down completely. Sometimes we have to migrate our OpenVZ front-ends with Courier server to another physical machine. We wrote simple Bash script to fix mail queue file names, because the files after migration have different inodes and then filenames are invalid. We can share it, if you are interested. My best regards, Pawel - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] greylist pythonfilter before DATA command
On So, 2008-04-12 at 13:57 +0200, Lorenzo Perone wrote: Hi, I'm using courier since 2002 and love it. It's stable and flexible. I also would advocate a filter architecture such as milter, which has several event handlers and would suit, among others, to the purpose you mention. It is the only feature missing to courier. Afaik there is no way to emulate it at this time. Hello Lorenzo, Thanks a lot for your fast reply! It's a pity that I can not do it with pythonfilter, but it is not a big problem for me. It's rather my request, so I can use greylist pythonfilter after DATA command of SMTP protocol too. My best regards, Pawel - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] greylist pythonfilter before DATA command
On Pn, 2008-04-14 at 00:02 -0700, Gordon Messmer wrote: Paweł Tęcza wrote: I'm curious whether it's possible to invoke greylist (or another) filter of pythonfilter by Gordon Messmer _before_ DATA command of SMTP protocol. pythonfilter uses the courierfilter interface, so the answer is no. Courier also offers the localmailfilter interface which can run before the DATA command. You could write a greylist filter with that interface. Hi Gordon, Thank you very much for your response and the hint! I can take a look at localmailfilter, but probably it's easier to use your pythonfilter, because it's ready now, stable and has also another useful filters :) Thanks a lot for your filter framework and have a nice day! Pawel - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] greylist pythonfilter before DATA command
Hello Courier Users! :) I'm curious whether it's possible to invoke greylist (or another) filter of pythonfilter by Gordon Messmer _before_ DATA command of SMTP protocol. I'm trying with his pythonfilter and it seems that it works for me well. However I think it's a better way to say 451 4.7.1 Greylisting in action to sender before he send his message to my Courier server. I'm not sure it can work with Courier filter architecture, so I would like to know your opinion about it. My best regards, Pawel Tecza - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] New releases of Courier packages
Sam Varshavchik [EMAIL PROTECTED] writes: Download: http://www.courier-mta.org/download.php See below for release notes specific to each package. Highlights: • All packages' distribution terms are now GPL 3 • Many fixes to sqwebmails handling of HTML mail • Some people may see noticable performance gains when running Courier-IMAP over NFS. • If you're using courier-analog, don't forget to update it too. Hi Sam, My congratulation and many thanks! :) What a pity that you didn't release your Courier one day earlier. It could be really great present for my birthday ;) My best regards, Pawel - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] www.broken-starttls.org?
Hi All, As you can see below now I have more then 130 entries for domains with broken STARTTLS in my esmtproutes file: [EMAIL PROTECTED]:~# grep SECURITY=NONE /etc/courier/esmtproutes |wc -l 133 Daily (half-automated) grepping maillog and sending messages to postmasters of broken domains is boring and probably never ending story. I know that domains always will be exist, but now I'm thinking about how to decrease number of them. Maybe we should found the special website, something like www.rfc-ignorant.org, to reporting domains with broken STARTTLS? Branding broken domains is not only one solution, of course. It also can include good STARTTLS HOWTOs for all modern and popular MTAs, for example Courier, Exim, Postfix, Qmail, Sendmail, etc. What's your opinion about it? My best regards, Pawel - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] www.broken-starttls.org?
Sam Varshavchik [EMAIL PROTECTED] writes: Paweł Tęcza writes: [...] What's your opinion about it? Well, if you want to do it, go right ahead. I don't see anything wrong, conceptually with it, except that I would go even further, and expand the scope to include other kinds of breakages -- broken DNS settings, etc… Hello Sam, Thanks a lot for the positive response! :) I didn't wrote I want to do it alone ;) I haven't too much free time, but the website could be maintained by the community. www.broken-mta.org will be better name for all MTA breakages, but I'm afraid that it can be partially redundant for the sites like www.rfc-ignorant.org. My best regards, Pawel - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Relay the same like domain
Hello Sam, Is it a possible to set relay exactly the same like domain in esmtproutes file? If not, why not? Why am I asking you? One of my users was trying to send a message to another user tt ciia.org.cn domain. His DNS violates RFC 1035: [EMAIL PROTECTED]:~$ host -t mx ciia.org.cn ciia.org.cn mail is handled by 5 203.207.195.99. [EMAIL PROTECTED]:~$ host ciia.org.cn ciia.org.cn has address 203.207.195.99 so a message of my user wasn't delivered, of course. I added ciia.org.cn: ciia.org.cn line to my esmtproutes file, but it didn't help: Aug 20 12:38:57 hermes2 courierd: started,id=000A6AB8.46C96F40.3EBD,from=[EMAIL PROTECTED],module=esmtp,host=ciia.org.cn,addr=[EMAIL PROTECTED] Aug 20 12:38:57 hermes2 courieresmtp: id=000A6AB8.46C96F40.3EBD, from=[EMAIL PROTECTED],addr=[EMAIL PROTECTED]: This domain's DNS violates RFC 1035. Aug 20 12:38:57 hermes2 courieresmtp: id=000A6AB8.46C96F40.3EBD, from=[EMAIL PROTECTED],addr=[EMAIL PROTECTED],status: failure It works only when I add a line with IP address of domain, it means ciia.org.cn: [203.207.195.99]: Aug 20 13:10:28 hermes2 courierd: started,id=000A6B41.46C976A4.3FAF,from=[EMAIL PROTECTED],module=esmtp,host=ciia.org.cn,addr=[EMAIL PROTECTED] Aug 20 13:10:39 hermes2 courieresmtp: id=000A6B41.46C976A4.3FAF,from=[EMAIL PROTECTED],addr=[EMAIL PROTECTED]: 250 ok 118760 qp 9768 Aug 20 13:10:39 hermes2 courieresmtp: id=000A6B41.46C976A4.3FAF,from=[EMAIL PROTECTED],addr=[EMAIL PROTECTED],size=1211,success: delivered: [203.207.195.99] [203.207.195.99] Aug 20 13:10:39 hermes2 courieresmtp: id=000A6B41.46C976A4.3FAF,from=[EMAIL PROTECTED],addr=[EMAIL PROTECTED],size=1211,status: success Is it a good behave of my Courier? I still use 0.53.2. Yes, I know that version is not up-to-date, but I don't believe it matters ;) My best regards, Pawel - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Relay the same like domain
Gordon Messmer [EMAIL PROTECTED] writes: Paweł Tęcza wrote: It works only when I add a line with IP address of domain, it means ciia.org.cn: [203.207.195.99]: ... Is it a good behave of my Courier? Yep. Hi Gordon, Thanks for the response! It's good to know it, but could you please explain me why I can't use domain: domain line in my esmtproutes file? Quoting man courier(8): relay can be another domain, or an explicit IP address inside brackets. But IMHO it doesn't mean that relay the same like domain is forbidden. Kind regards, Pawel - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Relay the same like domain
Ben Kennedy [EMAIL PROTECTED] writes: Paweł Tęcza wrote at 8:57 PM (+0200) on 8/20/07: Thanks for the response! It's good to know it, but could you please explain me why I can't use domain: domain line in my esmtproutes file? Well, the problem is that the domain in question has broken DNS. Therefore, instructing courier to look itself up again will obviously cause it to find the same broken DNS. Therefore you have to explicitly tell courier what you want it to do; i.e. in this case give it the fixed IP where you want it to deliver mail. Hello Ben, Probably you're right, but I still have the doubts :) I'll quote man courier(8) one more time: If the domain is found in esmtproutes, however, any MX or A records for the domain are ignored; instead Courier delivers the message to the specified relay. I understand that in my scenario Courier ignores MX or A records for domain, because domain exists in esmtproutes. But I also think that Courier should deliver the message to specified relay, that is to domain. Why? Because when Courier can see name of relay, then it doesn't care whether DNS is broken or not, but it only resolves IP address of relay. Please say that it sounds logically ;) My best regards, Pawel - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Relay the same like domain
Gordon Messmer [EMAIL PROTECTED] writes: Paweł Tęcza wrote: Thanks for the response! It's good to know it, but could you please explain me why I can't use domain: domain line in my esmtproutes file? Quoting man courier(8): relay can be another domain, or an explicit IP address inside brackets. It also says: Courier looks up MX and A records for relay.example.com So, since the MX records for the relay in esmtproutes are looked up, they're expected to be valid. I give up. You and Ben are the winners ;) I just overlooked that note. Have a nice day, Pawel - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Forward E-Mails with Courier-Mailserver
Maik Brauer [EMAIL PROTECTED] writes: Hi Pawel, can you give me a short intruduction, what is to do ? So what I need to modify (Files, Mysql Tables, etc.) to get it work. Many Thanks for your help Hello Maik, I'm sending my reply also to the mailing list, because I hope it's useful for other Courier users too :) Below is structure of my tables: CREATE TABLE `users` ( `user_id` int(11) unsigned NOT NULL auto_increment, `cryptpw` varchar(128) NOT NULL default '', `clearpw` varchar(128) NOT NULL default '', `uid` smallint(5) unsigned NOT NULL default '600', `gid` smallint(5) unsigned NOT NULL default '600', `home` varchar(255) NOT NULL default '', `maildir` varchar(255) NOT NULL default '', `quota` varchar(128) NOT NULL default '', `fullname` varchar(128) NOT NULL default '', `number` varchar(64) NOT NULL default '', `number_id` enum('','N','D','P','I','O') NOT NULL default '', `title_id` tinyint(3) unsigned NOT NULL default '0', `status_id` tinyint(3) unsigned NOT NULL default '1', `type_id` enum('','P','F','G','E','S','C') NOT NULL default '', `creator_id` int(11) unsigned NOT NULL default '0', `create_ts` timestamp(14) NOT NULL, `life_ts` timestamp(14) NOT NULL default '00', `locker_id` int(11) unsigned NOT NULL default '0', `lock_ts` timestamp(14) NOT NULL default '00', `lock_id` tinyint(3) unsigned NOT NULL default '0', PRIMARY KEY (`user_id`) ) TYPE=MyISAM; CREATE TABLE `user_local_part` ( `user_id` int(11) unsigned default '0', `local_part` varchar(128) NOT NULL default '', `local_part_id` enum('G','A','P') NOT NULL default 'G', `forward` varchar(128) default NULL, KEY `ulp_local_part` (`local_part`) ) TYPE=MyISAM; Here is a piece of my authmysqlrc file: MYSQL_USER_TABLEusers MYSQL_CRYPT_PWFIELD cryptpw MYSQL_CLEAR_PWFIELD clearpw MYSQL_UID_FIELD uid MYSQL_GID_FIELD gid MYSQL_LOGIN_FIELD user_id MYSQL_HOME_FIELDhome MYSQL_NAME_FIELDfullname MYSQL_QUOTA_FIELD quota MYSQL_SELECT_CLAUSE \ SELECT ulp.local_part, u.cryptpw, u.clearpw, u.uid, u.gid, \ u.home, '', u.quota, u.fullname \ FROM users AS u, user_local_part AS ulp \ WHERE u.user_id=ulp.user_id AND ulp.local_part='$(local_part)' \ AND (u.status_id=0 OR (u.status_id IN (2, 3) \ AND '$(service)'='courier' AND '$(domain)'!='')) MYSQL_CHPASS_CLAUSE \ UPDATE users AS u, user_local_part AS ulp \ SET u.create_ts=u.create_ts, \ clearpw='$(newpass)', u.cryptpw='$(newpass_crypt)' \ WHERE u.user_id=ulp.user_id AND ulp.local_part='$(local_part)' A short comment for the select clause: If status_id of user is 0, it means that it's active user. The accounts of users with status_id=2 or status_id=3 have been soft locked. They still can receive messages, but they can't use POP3/IMAP/webmail services. If status_id of user is greater then 3, it means that it's hard locked user. He can't use any our services and he doesn't receive messages to him. I'm going to switch to the newest version of MySQL soon and use view to joining tables. The clauses will be much easier then. Have a nice day, Pawel - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users