Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 02:03:32PM +0800, Philip, Tim (CNBC Asia) wrote: Thanks for all the interest in my original posting to this list. My question was:- "Is it possible to stop qmail from generating multiple bounce messages when mail with a forged sender address is received for multiple bad (non-local) mailboxes?" I guess the simple answer is, NO. (Is this correct?) The answer is, "qmail does NOT DO THAT except in certain configurations." The specific configuration where this happens is when the qmail server is acting as an intermediary, such as a secondary MX. In this case, upon receiving the multiple-rcpt message, it will forward it on as many separate messages (since this is what qmail does), and the destination host (whether it is qmail or not) will send out the required number of bounce messages. --Adam
Re: orbs.org accuses qmail of mailbomb relaying!
Philip, Tim (CNBC Asia) [EMAIL PROTECTED] writes: Thanks for all the interest in my original posting to this list. My question was:- "Is it possible to stop qmail from generating multiple bounce messages when mail with a forged sender address is received for multiple bad (non-local) mailboxes?" I guess the simple answer is, NO. (Is this correct?) Not quite. The answer is that qmail doesn't do this under normal circumstances. It only does this if you're accepting mail that you're not sure is valid and then forwarding it to another system for delivery; if that happens, the single message with multiple recipients ends up being split apart into multiple messages. I bet you could find ways of doing exactly the same thing to sendmail. I really don't think this is a problem peculiar to qmail. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/
Re: bounce management
Hi Aaron, I am that poor soul you mentioned! I've looked at VERPS and it looks pretty good for being able to handle bounces and guaranteeing correct mail addresses, but this still doesn't address the issue of automated bounce handlers. More to the point: I'm trying to find out what rules these automated bounce handlers follow to determine: delete address, try again, no action, etc. Any ideas? Thanks, Thomas At 10:40 AM 7/17/00 -0700, Aaron L. Meehan wrote: Quoting Thomas Duterme ([EMAIL PROTECTED]): I'm new to managing bounces, so please bear with me. I've had a very tough time finding any good documentation which could guide me to building some scripts to parse through my bounces and semi-automate them. I do fairly large mailings at a time, and I'd like to properly manage my bounces. Basically, I'm curious to what everyone else is doing for managing bounces and if anyone has any good online documentation they could point me to. Man, don't even worry about parsing all those different bounces. Another poor soul on this list has said he needs to parse 70,000 or so of them--that sounds awfully painful. Use the method that djb pioneered to handle bounces: VERP. Details at http://cr.yp.to/proto/verp.txt. Set QMAILINJECT="r" in your environment when sending the mail to generate VERP return paths (see the return path of this list message to see what VERP does to the return address). See qmail-inject's man page for details on the QMAILINJECT environment variable. Aaron
log connections using tcpserver?
Hi all, I'm using qmail 1.03, i'd like to log every IP connection to my qmail smtp server, i've noticed that tcpserver is not logging this info for now, my tcpserver runs like follows: tcpserver -R -c 100 -x /etc/tcp.smtp.cdb -v -u 7170 -g 1100 0 smtp /var/qmail/bin/qmail-smtpd \ 21 | /var/qmail/bin/splogger smtpd 3 Any suggestions so i can log IP connections too? Thanks! Enrique-
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 12:53:34AM -0400, Russell Nelson wrote: Peter van Dijk writes: On Sun, Jul 23, 2000 at 08:22:41AM -0400, Russell Nelson wrote: Yup. I'm just going by history here. MAPS has never abused their position, whereas ORBS is known to block non-spammers simply because they refuse to allow ORBS to scan them. Argh. Get that misconception *out your head*. People who disallow ORBS to scan them get listed as *untestable*, not as *open relays*. ORBS doesn't block. Are these records in relays.orbs.org? How can you say that ORBS doesn't block them, then? Oh, I see, ORBS made up their own semantics for the DNS zone entries. Semantics which nobody else uses. There are no defined standards for these zone entries. ORBS uses one standard. MAPS uses another. Hint: use outputs.orbs.org instead of relays.orbs.org if your RBL-checker is buggy. That way it will only block open relays and allow untested hosts through. That's very nice, but what about the people blocking using relays.orbs.org? Who told them that they would find DNS entries belonging to hosts which had never spammed? This is other than what people were led to expect. It's Yet Another reason why ORBS is not to be trusted. I admit that this is a design misfeature. Moving the untestable hosts from the relays.orbs.org zone to another, leaving just relays in relays.orbs.org, is one of the main changes we are proposing to Alan. Greetz, Peter. -- [EMAIL PROTECTED] - Peter van Dijk [student:developer:ircoper]
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 02:03:32PM +0800, Philip, Tim (CNBC Asia) wrote: [snip] PS I don't want to get involved in the ORBS debate [although it is most probably a bit late ;-)], but one of the original orbs probe messages in my mail logs had the following line:- Received: from unknown (HELO relaytest.orbs.vuurwerk.nl) (unknown) Does this mean that vuurwerk.nl is part of orbs and postings from people at vuurwerk.nl shouldn't be viewed as the comments of an innocent mail administrator?!! Our company hosts the relaytester because some of our techies believe the ORBS-project is worth supporting. All opinions I post are mine, possibly but not necessarily shared by zero or more of my co-workers. Greetz, Peter. -- [EMAIL PROTECTED] - Peter van Dijk [student:developer:ircoper]
Re: orbs.org accuses qmail of mailbomb relaying!
Peter van Dijk [EMAIL PROTECTED] writes: On Mon, Jul 24, 2000 at 02:03:32PM +0800, Philip, Tim (CNBC Asia) wrote: PS I don't want to get involved in the ORBS debate [although it is most probably a bit late ;-)], but one of the original orbs probe messages in my mail logs had the following line:- Received: from unknown (HELO relaytest.orbs.vuurwerk.nl) (unknown) Does this mean that vuurwerk.nl is part of orbs and postings from people at vuurwerk.nl shouldn't be viewed as the comments of an innocent mail administrator?!! Our company hosts the relaytester because some of our techies believe the ORBS-project is worth supporting. All opinions I post are mine, possibly but not necessarily shared by zero or more of my co-workers. For what it's worth, while I strongly disagree with the position (see my other messages), I *can* understand why people may feel that the existing blacklists are insufficient and something like ORBS is needed. And I've yet to hear anything from anyone @vuurwerk.nl to make me feel about them the way that I feel about orbs.org; they don't seem to get involved in things like the recent business with AboveNet. So in answer to the original question, I'd expect at least some folks at vuurwerk.nl to have a bias, but I've yet to see anything from them that didn't seem reasonable to some degree. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 01:01:18AM -0700, Russ Allbery wrote: [snip] Our company hosts the relaytester because some of our techies believe the ORBS-project is worth supporting. All opinions I post are mine, possibly but not necessarily shared by zero or more of my co-workers. For what it's worth, while I strongly disagree with the position (see my other messages), I *can* understand why people may feel that the existing blacklists are insufficient and something like ORBS is needed. And I've yet to hear anything from anyone @vuurwerk.nl to make me feel about them the way that I feel about orbs.org; they don't seem to get involved in things like the recent business with AboveNet. Thank you :) So in answer to the original question, I'd expect at least some folks at vuurwerk.nl to have a bias, but I've yet to see anything from them that didn't seem reasonable to some degree. Ofcourse we are biased. Everybody is. I like ORBS because it gives people a choice. I hate how most negative discussions about ORBS are based on misconceptions. I admit that there are flaws in how ORBS handles stuff technically, but admins can work around any of these. The real problem with ORBS, IMHO, is that it takes education to allow admins to *really* take the choice they want. Note that my opinion about ORBS hasn't changed one bit since we started hosting the relay-tester - we started hosting it because some of us like the project and wanted it to continue regardless of AboveNet hindering it. That AboveNet then started pestering us is another issue which is not to be discussed here. Yes, we have been nullrouted at times, causing 15.000 websites and 50.000 domains for email to be unreachable for AboveNet customers. Greetz, Peter. -- [EMAIL PROTECTED] - Peter van Dijk [student:developer:ircoper]
Bouncesaying question
Hi all, I have a ~alias/.qmail-bouncer file with the contents |bouncesaying 'This is an automated bounce message' exit 0 When I send this address a messages I expect to have it bounced back at me... My logs show: Jul 24 18:04:30 maybe smtpd: 964425870.197821 tcpserver: status: 0/40 Jul 24 18:04:30 maybe qmail: 964425870.198741 new msg 15035 Jul 24 18:04:30 maybe qmail: 964425870.199292 info msg 15035: bytes 938 from [EMAIL PROTECTED] qp 74098 uid 82 Jul 24 18:04:30 maybe qmail: 964425870.205003 starting delivery 108963: msg 15035 to local [EMAIL PROTECTED] Jul 24 18:04:30 maybe qmail: 964425870.205801 status: local 1/10 remote 0/20 Jul 24 18:04:30 maybe qmail: 964425870.220733 delivery 108963: success: did_0+0+1/ Jul 24 18:04:30 maybe qmail: 964425870.222576 status: local 0/10 remote 0/20 Jul 24 18:04:30 maybe qmail: 964425870.223126 end msg 15035 The man page says bouncesaying feeds each new mail message to program with the given arguments. If program exits 0, bouncesaying prints error and bounces the message. Any ideas? Thanks in advance Gavin []---+[] | Gavin Cameron | ITworks Consulting | | Ph: +61 3 9642 5477| Level 8, 488 Bourke Street| | Fax : +61 3 9642 5499| Melbourne, Victoria| | Email : [EMAIL PROTECTED] | Australia, 3000 | []---+[]
451 qq trouble creating files in queue (again) ...
Hi *, when I try to torture my brand new qmail installation (qmail-1.03 + bigtodo + bigconcurrency on Solaris 7, queue on a separate 9 GB disk, mounted with 'noatime', conf-split 521 or 321) a little bit, I get this error message after about 1000 mails: 451 qq trouble creating files in queue (#4.3.0) Has anybody else seen this in a qmail+Solaris 7 environment? What can I do to stop it? The queue is completely empty at the start of the test, the filesystem on the disk is just created. The test-tool I use is 'smtpstone'. Thanx for any hints. By Töns -- Linux. The dot in /.
MailDir
Hello, i have a problem with Qmail and Maildir. I installed qmail and vpopmail and everything works fine for local accounts. So if i send an email to [EMAIL PROTECTED] the mail is put into ~philipp/Maildir/new. Thats nice ! But if i send an email to [EMAIL PROTECTED] the log gives me this error message: Jul 20 15:16:13 diavolos qmail: 964098973.224255 delivery 8: failure: Sorry,_no _mailbox_here_by_that_name._(#5.1.1)/ I created the POP account with qmailadmin, and there is a dir in ~vpopmail/domain/virtualdomain/ but it stays empty Here is my qmail startup script: case "$1" in start) echo -n "Starting mail-transfer agent: qmail" /usr/sbin/qmail-start ./Maildir/ splogger qmail /usr/bin/tcpserver 0 pop3 /usr/sbin/qmail-popup diavolos.oberberg-online.de /bin/checkpassword /usr/sbin/qmail-pop3d Maildir echo -s "Starting Pop Service" # prevent denial-of-service attacks, with ulimit ulimit -v 2048 /usr/bin/tcpserver -S -u 71 -g 65534 -x /etc/tcp.smtp.cdb 0 smtp /usr/sbin/qmail-smtpd 21 | logger -t qmail -p mail.notice echo -n "Starting Smtp Service" echo "." ;; stop) As far as i see the "./Maildir/" parameter should tell the qmail deliverer to not use Mailbox. I think that there is a problem with vpopmail. Where is the mail given from qmail to vpopmail ? Or do you think there is another problem ? Thank you for you help. Philipp Steinkrüger
RE: MailDir
One other thing is that each of the home directories must have a .qmail file which contains ./Maildir/ as well (exactly as I have typed it), and make sure that it contains a Maildir naturally with the owner and group being the same as who will be accessing it. Brett Randall. Manager InterPlanetary Solutions http://ipsware.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Philipp Steinkrüger Sent: Monday, July 24, 2000 6:57 PM To: [EMAIL PROTECTED] Subject: MailDir Hello, i have a problem with Qmail and Maildir. I installed qmail and vpopmail and everything works fine for local accounts. So if i send an email to [EMAIL PROTECTED] the mail is put into ~philipp/Maildir/new. Thats nice ! But if i send an email to [EMAIL PROTECTED] the log gives me this error message: Jul 20 15:16:13 diavolos qmail: 964098973.224255 delivery 8: failure: Sorry,_no _mailbox_here_by_that_name._(#5.1.1)/ I created the POP account with qmailadmin, and there is a dir in ~vpopmail/domain/virtualdomain/ but it stays empty Here is my qmail startup script: case "$1" in start) echo -n "Starting mail-transfer agent: qmail" /usr/sbin/qmail-start ./Maildir/ splogger qmail /usr/bin/tcpserver 0 pop3 /usr/sbin/qmail-popup diavolos.oberberg-online.de /bin/checkpassword /usr/sbin/qmail-pop3d Maildir echo -s "Starting Pop Service" # prevent denial-of-service attacks, with ulimit ulimit -v 2048 /usr/bin/tcpserver -S -u 71 -g 65534 -x /etc/tcp.smtp.cdb 0 smtp /usr/sbin/qmail-smtpd 21 | logger -t qmail -p mail.notice echo -n "Starting Smtp Service" echo "." ;; stop) As far as i see the "./Maildir/" parameter should tell the qmail deliverer to not use Mailbox. I think that there is a problem with vpopmail. Where is the mail given from qmail to vpopmail ? Or do you think there is another problem ? Thank you for you help. Philipp Steinkrüger
Re: MailDir
Brett Randall wrote: One other thing is that each of the home directories must have a .qmail file which contains ./Maildir/ as well (exactly as I have typed it), and make sure that it contains a Maildir naturally with the owner and group being the same as who will be accessing it. Allright, there was no .qmail in the vpopmail virtual domain directory. i created one and made vpopmail the owner, because the Maildir directory is owned my vpopmail, too. Unfortunately, i still have the same problem and error message in my logfile. When i asked for help in the IRC chat channel on efnet, someone told me that qmail tries to deliver to a mailbox, instead of Maildir (Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/) ^^^ I think i started qmail correctly to use Maildir. What else could be wrong ?? Thanx, Philipp
Re: MailDir
Frank Tegtmeyer wrote: /usr/bin/tcpserver 0 pop3 /usr/sbin/qmail-popup diavolos.oberberg-online.de /bin/checkpassword /usr/sbin/qmail-pop3d Maildir Here is definitely an error - if you use vpopmail you cannot use the checkpassword provided by DJB. I found this in the qmail-FAQ, Question 5.3: how do i set up qmail-pop3d. So there is a problem with my startup script ? Regarding the delivery you should first try to use the commandline tools of vpopmail for creating virtual domains and POP accounts. If that doesn't work please ask on the vpopmail mailinglist because this is not a qmail issue. I added a domain with the commandline tool, vadddomain, and added a pop account using qmail-admin. as far as i see everything went ok, because the directories were created and i can log on the virtual pop account using sqwebmail. I think that there is problem with qmail giving the mail to vpopmail. Is it possible that my mistake in the startup script is responsible? If, what would be the correct startup command ? Thank you, Philipp
RE: MailDir
OK, try changing the ownership of the Maildir and the .qmail file to the actual person that the mail is being delivered to...When qmail-local tries delivering there, it relies on those permissions to be able to write to the Maildir Brett Manager InterPlanetary Solutions http://ipsware.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Philipp Steinkrüger Sent: Monday, July 24, 2000 7:32 PM To: Brett Randall; [EMAIL PROTECTED] Subject: Re: MailDir Brett Randall wrote: One other thing is that each of the home directories must have a .qmail file which contains ./Maildir/ as well (exactly as I have typed it), and make sure that it contains a Maildir naturally with the owner and group being the same as who will be accessing it. Allright, there was no .qmail in the vpopmail virtual domain directory. i created one and made vpopmail the owner, because the Maildir directory is owned my vpopmail, too. Unfortunately, i still have the same problem and error message in my logfile. When i asked for help in the IRC chat channel on efnet, someone told me that qmail tries to deliver to a mailbox, instead of Maildir (Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/) ^^^ I think i started qmail correctly to use Maildir. What else could be wrong ?? Thanx, Philipp
Re: MailDir
Brett Randall wrote: OK, try changing the ownership of the Maildir and the .qmail file to the actual person that the mail is being delivered to...When qmail-local tries delivering there, it relies on those permissions to be able to write to the Maildir Hmm, i cannot do this, because the user the mail is deliverd to does not exist in /etc/passwd. the account is virtual like the domain. qmail works fine for local accounts but not for the virtual domains, as i described in my first mail. Still an idea what could be wrong ? Philipp
qmail Digest 24 Jul 2000 10:00:00 -0000 Issue 1072
qmail Digest 24 Jul 2000 10:00:00 - Issue 1072 Topics (messages 45349 through 45402): poor performance under tcpserver 45349 by: reach_prashant.zeenext.com 45351 by: asantos Checkpoppasswd again! HELP!!! 45350 by: Manav Re: Attitude 45352 by: Russell Nelson 45361 by: David Dyer-Bennet Re: Duplicate Msgs 45353 by: Russell Nelson Re: Want to know your potential multiple recipient savings? 45354 by: Russell Nelson 45357 by: Frank Tegtmeyer 45360 by: markd.bushwire.net 45362 by: John White 45363 by: John White 45364 by: markd.bushwire.net 45365 by: markd.bushwire.net Re: orbs.org accuses qmail of mailbomb relaying! 45355 by: Russell Nelson 45356 by: Peter van Dijk 45373 by: Nathan J. Mehl 45374 by: Eric Cox 45375 by: Eric Cox 45376 by: Adam McKenna 45377 by: David Benfell 45378 by: David Dyer-Bennet 45379 by: Adam McKenna 45381 by: David Dyer-Bennet 45382 by: Russell Nelson 45383 by: Russ Allbery 45384 by: Russ Allbery 45385 by: Philip, Tim (CNBC Asia) 45386 by: Adam McKenna 45387 by: Russ Allbery 45390 by: Peter van Dijk 45391 by: Peter van Dijk 45392 by: Russ Allbery 45393 by: Peter van Dijk r all these possible with qmail 45358 by: reach_prashant.zeenext.com 45359 by: wolfgang zeikat Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpdqmail-queue procs 45366 by: Andrew 45367 by: Charles Cazabon 45371 by: Jamie Heilman qmailanalog compatible with multilog? 45368 by: John Conover 45369 by: Ronny Haryanto 45370 by: Bruce Guenter Qmail 1.03 45372 by: Bob Ross Re: qmail: cannot mail to root 45380 by: John L. Fjellstad Re: bounce management 45388 by: Thomas Duterme log connections using tcpserver? 45389 by: Enrique Vadillo Bouncesaying question 45394 by: Gavin Cameron 451 qq trouble creating files in queue (again) ... 45395 by: Toens Bueker MailDir 45396 by: Philipp Steinkrüger 45397 by: Brett Randall 45398 by: Frank Tegtmeyer 45399 by: Philipp Steinkrüger 45400 by: Philipp Steinkrüger 45401 by: Brett Randall 45402 by: Philipp Steinkrüger Administrivia: To unsubscribe from the digest, e-mail: [EMAIL PROTECTED] To subscribe to the digest, e-mail: [EMAIL PROTECTED] To bug my human owner, e-mail: [EMAIL PROTECTED] To post to the list, e-mail: [EMAIL PROTECTED] -- hi friends thanks for your help , now the system is working perfectly , ecxcept one problem i have observed that when i run qmail-smtpd under inetd.conf , the responce time ( time it will take to go mails from microsofts outlook or other mailclient or even perl programe of www interface is much much less) from qmail-smtpd compared to time taken by qmail-smtpd running under tcpserver may be i have done some bad config of tcpserver as i dont know much about tcpserver i have just installed V 0.88 of ucspi-tcpserver programme with qmail-ldap , installation of tcpserver is default ( i have just untared ucspi-tcpserver tarball then make setup check ,make install etc ) and got tcpserver bin files in /usr/local/bin/ if you have any idea then please tell me what could be the reason its (qmail-smtpd) really really taking much time (2-3 times) under tcpserver then under inetd.conf thanks once again with warmest regards Prashant Desai From: [EMAIL PROTECTED] [EMAIL PROTECTED] compared to time taken by qmail-smtpd running under tcpserver may be i have done some bad config of tcpserver as i dont know much about tcpserver Add -R to tcpserver. Probably its taking that much time because it is trying to ident the remote host. http://binarios.com/miscnotes/ucspi-tcp.html#_tcpserver might come in handy to check all the parameters. Armando Hi All, I am a newbie to linux and qmail (it couldnt go any worse!), but even after seeing numerous posts on the topic, I still couldnt configure my qmail. 1. Installed qmail according to instructions by DBJ. 2. I now want support for multiple domains, so I followed the instructions by PG. Here is what I have now:- /var/qmail/control/virtualdomains : zoot.com:zoot-com /var/qmail/control/rcpthosts : proton.com zoot.com (/var/qmail/control/locals does not contain zoot.com ) /var/qmail/users/assign : =zoot-com-joe:popuser:510:503:/home/popuser/popboxes/zoot-com/joe where 510 is the UID and 503 is the GID of system user popuser. /var/qmail/users/poppasswd : joe::popuser:/home/popuser/popboxes/zoot-com/joe /home/popuser/popboxes/zoot-com/joe/.qmail : ./Maildir/ /etc/inetd.conf :
RE: MailDir
OK...I didn't know virtual users actually existed. Somewhere along the line qmail has to know where to deliver the mail to, and this is pulled (eventually, no matter how many virtualhosts and aliases you have) from the passwd file or NIS map. It will go to the home directory, open .qmail and see where to store the e-mail. A virtual user? I might be wrong (not unusual), but I don't believe that is possible. Could you e-mail the contents of the virtualhosts file? (If you included it at first, sorry, I have deleted that e-mail already...) Thanks Brett Manager InterPlanetary Solutions http://ipsware.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Philipp Steinkrüger Sent: Monday, July 24, 2000 7:51 PM To: Brett Randall; [EMAIL PROTECTED] Subject: Re: MailDir Brett Randall wrote: OK, try changing the ownership of the Maildir and the .qmail file to the actual person that the mail is being delivered to...When qmail-local tries delivering there, it relies on those permissions to be able to write to the Maildir Hmm, i cannot do this, because the user the mail is deliverd to does not exist in /etc/passwd. the account is virtual like the domain. qmail works fine for local accounts but not for the virtual domains, as i described in my first mail. Still an idea what could be wrong ? Philipp
Re: orbs.org accuses qmail of mailbomb relaying!
You cannot do more than check a single IP address and get a yes or no response without having a signed agreement with the RBL team. At the moment, I don't believe they even allow you to download their whole list at all since they're reworking the agreement. Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll give you the entire list. Appearantly, they never read DJB's docs on DNS. ;-) RC -- +--- | Ricardo Cerqueira | PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42 | Novis - Engenharia ISP / Rede Técnica | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal | Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
Re: MailDir
I found this in the qmail-FAQ, Question 5.3: how do i set up qmail-pop3d. So there is a problem with my startup script ? Definitely. You will not be able to get mails by POP3 for virtual domains. created and i can log on the virtual pop account using sqwebmail. That would surprise me. Are you sure? I think that there is problem with qmail giving the mail to vpopmail. Is it possible that my mistake in the startup script is responsible? If, what would be the correct startup command ? The startup command for qmail is the same with and without using vpopmail (Maildir delivery assumed). What has to be different is the start of qmail-popup/qmail-pop3d because the checkpassword is replaced. I think your problem is either in virtualdomains or users/assign or simply a missing restart of qmail. Please post that files for further assistance. Still this would better go to the vpopmail list. Regards, Frank
Re: orbs.org accuses qmail of mailbomb relaying!
Ricardo Cerqueira [EMAIL PROTECTED] writes: Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll give you the entire list. Without signing the document? That sounds like a bug, since they say on the web page that they didn't intend to allow that without someone signing. Have you mentioned that to them? (More to the point, though, can you get the RSS? That would be closer to what ORBS is doing; getting the RBL gives you a bunch of networks and a bunch of sites that aren't open relays and isn't nearly as directly useful.) -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 03:47:03AM -0700, Russ Allbery wrote: Ricardo Cerqueira [EMAIL PROTECTED] writes: Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll give you the entire list. Without signing the document? That sounds like a bug, since they say on the web page that they didn't intend to allow that without someone signing. Have you mentioned that to them? (More to the point, though, can you get the RSS? That would be closer to what ORBS is doing; getting the RBL gives you a bunch of networks and a bunch of sites that aren't open relays and isn't nearly as directly useful.) www.orbs.org/database.html ORBS only provides dumps consisting of hosts over 30 days old. From RSS, tho, a current list is easily obtained as Alan outlines there. Greetz, Peter. -- [EMAIL PROTECTED] - Peter van Dijk [student:developer:ircoper]
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 03:47:03AM -0700, Russ Allbery wrote: ! Ricardo Cerqueira [EMAIL PROTECTED] writes: ! Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll ! give you the entire list. ! ! Without signing the document? Yes. DJB has posted on [EMAIL PROTECTED] a side-channel means of getting it, by exploiting BIND features (which don't include AXFR, despite Ricardo's use of the words ``zone transfers''). ---Chris K. -- Chris, the Young One |_ If you can't afford a backup system, you can't Auckland, New Zealand |_ afford to have important data on your computer. http://cloud9.hedgee.com/ |_ ---Tracy R. Reed PGP: 0xCCC6114E/0x706A6AAD |_
Re: orbs.org accuses qmail of mailbomb relaying!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 24 Jul 00, at 22:54, Chris, the Young One wrote: ! Wrong. You can perform zone transfers on MAPS' nameservers :-) ! That'll give you the entire list. ! ! Without signing the document? Yes. DJB has posted on [EMAIL PROTECTED] a side-channel means of getting it, by exploiting BIND features (which don't include AXFR, despite Ricardo's use of the words ``zone transfers''). Do you mean the same one as I do? That one doesn't do anything else than "bruteforce-downloading" the entire zone on host-by-host basis (the only "speedups" come from the possibility of having the entire /24, /16 or even /8 network blacklisted). I'd like to hear any definite statement about plausibility of this "pseudo zone transfer"; it's certainly beyond my Internet connection limits (64kb, pair per byte transferred). (Even the mere idea of spawning 2^32 grep's is beyond my comprehension.) In other words, did anyone actually try? -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOXwT81MwP8g7qbw/EQJabACg4W+fg6Vvxrj6eGnA/MX5L+OSZQsAoKiM QJXavXP4/vm15TFju57z+A0V =9+eH -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 03:47:03AM -0700, Russ Allbery wrote: Ricardo Cerqueira [EMAIL PROTECTED] writes: Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll give you the entire list. Without signing the document? That sounds like a bug, since they say on the web page that they didn't intend to allow that without someone signing. Have you mentioned that to them? (More to the point, though, can you get the RSS? That would be closer to what ORBS is doing; getting the RBL gives you a bunch of networks and a bunch of sites that aren't open relays and isn't nearly as directly useful.) I can get the RSS, but can't get the RBL. :-) About warning them... not yet. I just found out yesterday. RC -- +--- | Ricardo Cerqueira | PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42 | Novis - Engenharia ISP / Rede Técnica | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal | Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
Re: MailDir
Brett Randall wrote: OK...I didn't know virtual users actually existed. Somewhere along the line qmail has to know where to deliver the mail to, and this is pulled (eventually, no matter how many virtualhosts and aliases you have) from the passwd file or NIS map. It will go to the home directory, open .qmail and see where to store the e-mail. A virtual user? I might be wrong (not unusual), but I don't believe that is possible. Could you e-mail the contents of the virtualhosts file? (If you included it at first, sorry, I have deleted that e-mail already...) hmm, allright, perhaps my bad english made you misunderstood what i tried to say. the pop account is virtual, because it is no real account on the box. there is no entry in the passwd. here is my /var/qmail/control/virtualdomains (i hope this is the file you mean) file: test.de:test.de cyberraum.de:cyberraum.de I read in the vpopmail docu about these .qmail files. there is a file /home/vpopmail/cyberraum.de/ called .qmail-default and it looks like this: | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox Perhaps here is something wrong. I tried to create files like .qmail-philipp but it didnt work out... Do you need something else ? Philipp
Re: orbs.org accuses qmail of mailbomb relaying!
Peter van Dijk [EMAIL PROTECTED] writes: www.orbs.org/database.html ORBS only provides dumps consisting of hosts over 30 days old. From RSS, tho, a current list is easily obtained as Alan outlines there. That claims a straight-forward zone transfer works. Grr. Okay, off to mail the RSS folks; I think that's a bad idea. I know that you can "brute force" a zone transfer by just querying every IP address, but this is also very detectable by the operator of the list, and I'd *hope* that they'd block off sites that were doing that. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 10:54:38PM +1200, Chris, the Young One wrote: On Mon, Jul 24, 2000 at 03:47:03AM -0700, Russ Allbery wrote: ! Ricardo Cerqueira [EMAIL PROTECTED] writes: ! Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll ! give you the entire list. ! ! Without signing the document? Yes. DJB has posted on [EMAIL PROTECTED] a side-channel means of getting it, by exploiting BIND features (which don't include AXFR, despite Ricardo's use of the words ``zone transfers''). Chris... It's been blocked somewhere since I wrote that mail: then --- $ dig @NS-EXT.VIX.COM axfr relays.mail-abuse.org ; DiG 8.2 @NS-EXT.VIX.COM axfr relays.mail-abuse.org ; (1 server found) $ORIGIN relays.mail-abuse.org. @ 1D IN SOA @ iverson.mail-abuse.org. ( 964432803 ; serial 10M ; refresh 5M ; retry 1W ; expiry 30M ) ; minimum [etc...] XX.88.XXX.130 5M IN A 127.0.0.2 5M IN TXT "Open relay problem - see URL:http://www.mail-abuse.org/cgi-bin/nph-rss?130.XXX.88.XX" XXX.240.XXX.130 5M IN A 127.0.0.2 5M IN TXT "Open relay problem - see URL:http://www.mail-abuse.org/cgi-bin/nph-rss?130.XXX.240.XXX" [etc, etc, etc...] --- (The XXX were placed by me) and now, it refuses the query :-) RC PS: I guess the mail I was writing to them isn't necessary anymore :) -- +--- | Ricardo Cerqueira | PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42 | Novis - Engenharia ISP / Rede Técnica | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal | Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 01:01:23PM +0200, Petr Novotny wrote: ! Do you mean the same one as I do? That one doesn't do anything ! else than "bruteforce-downloading" the entire zone on host-by-host ! basis (the only "speedups" come from the possibility of having the ! entire /24, /16 or even /8 network blacklisted). That's right. Basically: Let a, b, c, d be 0, ..., 255. 1. If *.a.rbl.maps.vix.com (without globbing the *) has answers, this means that $a.x.y.z is listed, for all values of x, y, z. Print positive response, increment a, go to step 1. 2. If *.a.rbl.maps.vix.com (again without globbing) has errors, this means that $a.x.y.z is not listed, for all x, y, z. Increment a, go to step 1. 3. If *.b.a.rbl.maps.vix.com has answers, print positive response, increment b, go to step 3. 4. If *.b.a.rbl.maps.vix.com has errors, increment b, go to step 3. 5. If *.c.b.a.rbl.maps.vix.com has answers, print positive response, increment c, go to step 5. 6. If *.c.b.a.rbl.maps.vix.com has errors, increment c, go to step 5. 7. If d.c.b.a.rbl.maps.vix.com has answers, print positive response. 8. Increment d, go to step 7. Items 1 and 2 are the real speedups, especially 2. ! In other words, did anyone actually try? Not yet. I may get around to it though. ---Chris K. -- Chris, the Young One |_ heartbleed (OpenBSD/i386) has now been up for Auckland, New Zealand |_ all of 26 days, 09:25:14 http://cloud9.hedgee.com/ |_ PGP: 0xCCC6114E/0x706A6AAD |_
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 12:12:32PM +0100, Ricardo Cerqueira wrote: and now, it refuses the query :-) I hate replying to myself, but it still works. Must have been a momentary failure. RC -- +--- | Ricardo Cerqueira | PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42 | Novis - Engenharia ISP / Rede Técnica | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal | Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
Re: orbs.org accuses qmail of mailbomb relaying!
Ricardo Cerqueira [EMAIL PROTECTED] writes: On Mon, Jul 24, 2000 at 12:12:32PM +0100, Ricardo Cerqueira wrote: and now, it refuses the query :-) I hate replying to myself, but it still works. Must have been a momentary failure. I've mailed them and made the same arguments that I was making here. I still find the ORBS approach a lot more blatant about helping spammers, given that they offer a neat file download (most spammers have no clue as to how to do a zone transfer), but I don't think either of them should be offering the data in that form. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 04:45:31AM -0700, Russ Allbery wrote: Ricardo Cerqueira [EMAIL PROTECTED] writes: On Mon, Jul 24, 2000 at 12:12:32PM +0100, Ricardo Cerqueira wrote: and now, it refuses the query :-) I hate replying to myself, but it still works. Must have been a momentary failure. I've mailed them and made the same arguments that I was making here. I still find the ORBS approach a lot more blatant about helping spammers, given that they offer a neat file download (most spammers have no clue as to how to do a zone transfer), but I don't think either of them should be offering the data in that form. Agreed... I also mailed them just before I sent my previous mail to this list. Most spammers may be clueless, but not all. And those lists should be kept "hidden", by any means possible. RC -- +--- | Ricardo Cerqueira | PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42 | Novis - Engenharia ISP / Rede Técnica | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal | Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
qmail delivery 'blocked'
This had happened serveral times before: My qmail+ezmlm mailling-list server suddenly stopped all delivery. No mail could be send from remote to local, local to remote, or even local to local. All qmail-inject return success. And no error messages were logged. But then I log in as root, and delete all files in the queue directories: /var/qmail/queue/remote/0 - 22/* /var/qmail/queue/mess/0 - 22/* /var/qmail/queue/local/0 - 22/* etc. etc. The delivery will be funcional again! Even those mails that were delivered and blocked BEFORE I delete the queue will reach its destination. What was all this about? How do I prevent this from happening again?
qmail bouncing messages
hi list, it seems that my qmail setup is bouncing messages every once in a while. lists managed by ezmlm send me warnings such as : Messages to you from the vmailmgr mailing list seem to have been bouncing. I've attached a copy of the first bounce message I received. and the bounce looks like : Return-Path: Received: (qmail 432 invoked from network); 11 Jul 2000 15:18:53 - Received: from m36-ras4.netizen.com.ar (HELO localhost.localdomain) ([EMAIL PROTECTED]) by lists.em.ca with SMTP; 11 Jul 2000 15:18:53 - Received: (qmail 7888 invoked for bounce); 11 Jul 2000 15:13:33 - Date: 11 Jul 2000 15:13:33 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the qmail-send program at localhost.localdomain. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: Sorry, I couldn't find any host named localhost.localdomain. (#5.1.2) --- Below this line is a copy of the message. now i don't have the experience to know why once in a while doesn't recognize the virtual user [EMAIL PROTECTED] and wants to resolve localhost.locadomain. has anyone seen this? [hope the answers don't bounce too ;)] martin
Re: bounce management
Thomas Duterme [EMAIL PROTECTED] wrote: I've looked at VERPS and it looks pretty good for being able to handle bounces and guaranteeing correct mail addresses, but this still doesn't address the issue of automated bounce handlers. More to the point: I'm trying to find out what rules these automated bounce handlers follow to determine: delete address, try again, no action, etc. Any ideas? Look at what ezmlm does. -Dave
Re: orbs.org accuses qmail of mailbomb relaying!
On Sun, Jul 23, 2000 at 07:36:55PM -0500, David Dyer-Bennet wrote: Adam McKenna [EMAIL PROTECTED] writes on 23 July 2000 at 19:53:13 -0400 On Sun, Jul 23, 2000 at 04:21:53PM -0700, Eric Cox wrote: Some would argue that MAPS abused their position when they listed ORBS - they do have a competing service, do they not? By using the word "competing", you're implying that admins have a choice of running one or the other, but not both. This isn't the case. Admins can run any combination of RSS, RBL, ORBS and DUL (not to mention several other similar services). That's not at all the way the word is usually used. Coke and Pepsi are competing products, even though I can buy and drink both. Ford and Chrysler are in competition even though people can buy multiple cars. And so forth. yes, but most people only have enough money for so many cars, or can only drink so much pepsi or coke. an admin can use as many or as few of the lists as they want without any cost/limit. when you go to buy a car, you generally buy just A car, when you go and get a soda, you get one soda at a time, but with spam relay lists, you pick whichever one(s) you decide are best, and use them all together.. there's no reason for them having to compete for users -- Brian Johnson [EMAIL PROTECTED] --- **FATAL ERROR! HIT ANY USER TO CONTINUE**
virtualdomain mapping to ~alias users
Hi. I would like to be able to setup multiple pop3 email accounts using the virtual domains file allowing the following. [EMAIL PROTECTED] - [EMAIL PROTECTED] [EMAIL PROTECTED] - [EMAIL PROTECTED] [EMAIL PROTECTED] - [EMAIL PROTECTED] How do I do this with regard to mapping the entry in virtualdomains and .qmail aliases files? i.e is this correct? virtualdomains: [EMAIL PROTECTED]:alias-fred@bloggs-com [EMAIL PROTECTED]:[EMAIL PROTECTED] bloggs.com:alias-bloggs.com in $QMAIL/aliases .qmail-fred@blogs:com reads [EMAIL PROTECTED] .qmail-joe@blogg:com reads [EMAIL PROTECTED] .qmail-bloggs:com reads [EMAIL PROTECTED] Is this syntactically correct?? Best Wishes, Daniel.
Re: qmail died again... 3x in 3 weeks
It seems that all of a sudden my RH had a resource limit problem. DNS is fine, but after 61 qmail-remotes it wouls appear that RH ran out of resources. I searched the archives and added some ulimit commands to the qmail.init script, but I couldn't find a way to determine how many files to allow open etc If anyone knows how many resources qmail needs for a concurrancy of 100 let me know as the default RH settings are to low plus the other services on the box, https, ssh, ntp etc. Paul Farber Farber Technology [EMAIL PROTECTED] Ph 570-628-5303 Fax 570-628-5545 On Sat, 22 Jul 2000, Eric Cox wrote: Paul Farber wrote: telnetting to port 25 and 110 just timed out. This usually means (when it has happened to me anyway) that the server is listening on the port you're telnetting to, but is stalled doing a reverse DNS lookup of the client's IP address. Perhaps a munged reverse DNS zonefile? DNS was fine... it means just that, I could ping via hostname and the dns logs show it was running. That could still happen under the above scenario... Eric
Re: virtualdomain mapping to ~alias users
Wow! you do this in such a complex way! Install fastforward, then set up virtualdomains as: bloggs.com:alias {literally the word 'alias'} Then edit /etc/aliases and add aliases: [EMAIL PROTECTED]: [EMAIL PROTECTED] [EMAIL PROTECTED]: [EMAIL PROTECTED] Then run newaliases to update the database file Done, easy to maintain, and fast. I use it with no obvious speed decreases... Sendmail compatible, and more... Brett Randall. -Original Message- From: Daniel Cave [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] Date: Tuesday, July 25, 2000 12:11 AM Subject: virtualdomain mapping to ~alias users Hi. I would like to be able to setup multiple pop3 email accounts using the virtual domains file allowing the following. [EMAIL PROTECTED] - [EMAIL PROTECTED] [EMAIL PROTECTED] - [EMAIL PROTECTED] [EMAIL PROTECTED] - [EMAIL PROTECTED] How do I do this with regard to mapping the entry in virtualdomains and .qmail aliases files? i.e is this correct? virtualdomains: [EMAIL PROTECTED]:alias-fred@bloggs-com [EMAIL PROTECTED]:[EMAIL PROTECTED] bloggs.com:alias-bloggs.com in $QMAIL/aliases .qmail-fred@blogs:com reads [EMAIL PROTECTED] .qmail-joe@blogg:com reads [EMAIL PROTECTED] .qmail-bloggs:com reads [EMAIL PROTECTED] Is this syntactically correct?? Best Wishes, Daniel.
Re: orbs.org accuses qmail of mailbomb relaying!
"Michael T. Babcock" [EMAIL PROTECTED] wrote: Incidentally, is there a discussion in the past that I've missed about 'void main' declarations? :-) Yes. A quick search of the archives for "void main" yields: http://www.ornl.gov/its/archives/mailing-lists/qmail/1996/12/msg01898.html -Dave
Re: orbs.org accuses qmail of mailbomb relaying!
No offense to DJB at all, but you have a very strange view of open sourced software if you don't believe in using patches. I presume you don't use rolled distributions of Linux (if you run Linux at all) either, seeing as they're usually packed with patches. Patches are basically the equivalent of plug-ins, which you probably don't use either (for your browser, if you use anything but Lynx). That said, if DJB says 'this patch breaks the security in Qmail' I'd be tempted not to use it, if he has no comment, that's another thing entirely. If he just doesn't like the proliferation of patches for Qmail, I don't really care. Example: I use vpopmail to replace the usual pop authentication, for instance. Do I think it should be part of the Qmail distribution? No, I think it works better on its own. Russ Allbery wrote: Michael T Babcock [EMAIL PROTECTED] writes: Considering the number of useful patches that aren't part of the qmail distribution that the average qmail admin seems to be using, I disagree. I disagree with the contention that the *average* qmail admin is using any patches at all, if by average you mean the mode, and possibly even the median. I'm running qmail on a half-dozen different machines and I've never used a third-party patch to qmail for anything. I've never needed to. If your qmail installation is dependent on patches not written by Dan, I will echo my same recommendation: Seriously consider using another MTA. My opinion as a system administrator is that attempting to use and support packages plus third-party patches not blessed by the package maintainer is a recipe for disaster. With all due respect to the qmail-ldap people, for example, I'd be much more confident in Postfix's LDAP support because it's part of the main distribution.
Re: orbs.org accuses qmail of mailbomb relaying!
Joe Kelsey wrote: If a major point of Qmail's existence is to provide reliable E-mail delivery, then this _must_ include cooperating with other MTAs (without violating standards) at least enough to keep from crashing / giving them headaches so that we don't 'encourage' them to lose mail ... (through failures of their own). You *REALLY* don't understand the point of Qmail. Qmail is designed to be standards compliant, fast, reliable and secure. Your belief seems to be that the designer of Qmail only cared about reliability. That is demonstrably false, by DJB's own admission. I didn't say it was "just" reliability ... I've quoted myself above, but that isn't good enough, so I'll say it again, "major point provide reliable E-mail delivery". I was commenting on trade-offs between speed and reliability. Helping to keep other MTAs from crashing is to help reliability with a potential speed trade-off. Nothing in the design or implementation of Qmail was there ever consideration given to causing or preventing broken implementations of SMTP from crashing. I realise that -- that's why I mentionned it. Now you have gone and changed the subject to secure e-mail. There is no such thing in the defined SMTP protocol. Security is an add-on and has nothing to do with Qmail. Security has many definitions. Come back later when you can interpret a topic outside your preconceptions.
Re: orbs.org accuses qmail of mailbomb relaying!
I must have mistakenly added the message to the list. As my own comment stated, I didn't mean to subject the list to our discussion. I wrote: That said, I'm leaving this off the list because I don't like noise, so I'm not going to subject others to it. Joe Kelsey wrote: You don't bother to read headers? I sent a private message to you. Why would you even consider broadcasting a private message over a public mailing list?
RE: Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpdqmail-queue procs
- 3. The sending IP is using a broken mailer that's generating bare LFs, and this mailer regards the resulting temporary error code generated by qmail as 'Please try again straightaway'. I'd be particularly interested to know if anyone has come across the 3rd possibility... Yup, I see it happen on occasion. I usually sniff the message off the wire to see if its anything I care about then toss a deny rule into my tcprules for that ip to stop the hammering. Sending the remote party a message is nice too though I rarely get any cluefull responses. I recently had this problem - some mailserver (Something Microsoft-based) kept trying to get a bare LF message to me over and over again, and sending the remote party a message about it did not yield anything like a clueful response. However, in this experience I realized I don't understand a couple of things about the whole bare LF issue - according to the page Dan Bernstein set up, bare LFs are prohibited by 822bis, but as far as I know, 822bis is still in drafting stages ( not a standard yet ), so that's not exactly something I can tell the remote party in trying to convince them to fix their mailer. qmail-smtpd does not convert bare linefeeds because it doesn't want to corrupt data - instead if an e-mail it receives has bare linefeeds, it just rejects the message. Sendmail just goes ahead and converts the bare linefeeds to CRLF, and accepts the message. The question I have is, and excuse my ignorance if it's something silly: why not just accept the bare linefeeds? From what I can understand in RFC822, there's nothing wrong with bare linefeeds in the body of the messages as long as the headers have all the right CRLFs. From looking through qmail archives and reading a few webpages, all I can find is some reference to the fact that you shouldn't have bare linefeeds after the smtpd process. Anyone have any more specifics about this? Is it to protect mailers that don't know how to interpret bare linefeeds? Or something integral to the MTA? Sorry if this is something obvious, or if there is some piece of documentation out there I'm missing; if there is, please point me in the right direction. Thank you for your time, Jamie Blondin
Re: procmail/vpopmail
Chester Chee wrote: Hi, Does anyone has an experience using procmail with vpopmail (virtual domain)? I am trying to setup procmail to filter "junk" mail to specific mail folder for vpopmail user. And it does not seem to work at all. My vpopmail users access their mail via IMAP instead of Maildir. Am I using the right approach to taggle this problem? Any pointer or help is greatly appreciated. Thanks in advance. Here is my .procmailrc:- :0: * ^X-JunkMail: Yes junk-mail Take a look at the development version of vpopmail, 4.8.6. It contains a new filtering module. Ken Jones inter7
[Fwd: Attitude]
Score: Apology for indirection: 1 Asanine comments: 1 Thanks everyone. I think this discussion has been very helpful to the Qmail cause ... really. Adam McKenna wrote: On Sun, Jul 23, 2000 at 12:37:55AM -0500, David Dyer-Bennet wrote: Probably our responses are by now somewhat cryptic, encoded in local language that's completely clear to those of us who've been through the argument umpteen times before. And which is probably NOT clear to you; sorry about that! Yes, let me translate for David: "Shut Up and Go Away" --Adam
Re: [Fwd: Attitude]
On Mon, 24 Jul 2000, Michael T. Babcock wrote: "Shut Up and Go Away" You're not gonna SUGA down yer comments, are ya? Why not pour a little SUGA on this thread? Scott
Re: orbs.org accuses qmail of mailbomb relaying!
"Michael T. Babcock" [EMAIL PROTECTED] writes: VERP was proposed by DJB as a way to identify bounce recipients. VERP requires that each recipient have their own From: as well as To:. Not quite: it's envelope senders and recipients, not To: and From: fields. (So recipients can still receive exactly the same message - with the same To: and From: fields - but with SMTP, the messages will need to be delivered separately, and they'll get different Delivered-To, Return-Path, and Received fields added during delivery.) Does QMTP support per-recipient envelope senders for a single copy of a single message? paul
RE: Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpdqmail-queue procs
"James Blondin" [EMAIL PROTECTED] wrote: The question I have is, and excuse my ignorance if it's something silly: why not just accept the bare linefeeds? From what I can understand in RFC822, there's nothing wrong with bare linefeeds in the body of the messages as long as the headers have all the right CRLFs. From looking through qmail archives and reading a few webpages, all I can find is some reference to the fact that you shouldn't have bare linefeeds after the smtpd process. Anyone have any more specifics about this? Is it to protect mailers that don't know how to interpret bare linefeeds? Or something integral to the MTA? The problem is simple. If a message contains a bare linefeed, qmail will convert it to a premature end-of-line if it resends the message. E.g.: This message consists of one line\012with an embedded linefeed. Will become: This message consists of one line with an embedded linefeed. -Dave
Re: Want to know your potential multiple recipient savings?
This is what I've asked for too -- and been given "do it yourself". Best of luck. Frank Tegtmeyer wrote: In his measurements that indicated that qmail used less bandwidth in real-life situations than sendmail, Dan counted the DNS traffic due to sendmail. And I have never seen numbers, only Dan's claims. It's hard to argue using them without being backed up by numbers.
Re: Qmail 1.03
"Bob Ross" [EMAIL PROTECTED] wrote: The questoin is I want to add the new domain righ now so that users will be able to collect mail sent to either domain to make the transiction easier. Do I just add the new domain in the same locations as the old domain under the /var/qmail/control files? to allow mail to [EMAIL PROTECTED] and mail to [EMAIL PROTECTED] to show up in the same mailbox?. Yes, add the new domain to control/rcpthosts and control/locals. -Dave
Re: orbs.org accuses qmail of mailbomb relaying!
In the immortal words of Michael T. Babcock ([EMAIL PROTECTED]): No offense to DJB at all, but you have a very strange view of open sourced software if you don't believe in using patches. One last time. Qmail is not "open source software". Is not now. Has never been. In all probability never will be. You can reasonably maintain that this is not a good thing. (Heck, I'd agree with you.) You can argue that qmail would benefit from an OSS development model. (You might be right.) But understand that you are talking about a hypothetical: qmail is _not_ OSS. And it seems to me that a great deal of your confusion on this list stems from your misapprehension of this fact. -n --[EMAIL PROTECTED] Don't blame me -- I voted for the Unabomber! http://www.blank.org/memory/--
Re: log connections using tcpserver?
[EMAIL PROTECTED] (Enrique Vadillo) wrote: I'm using qmail 1.03, i'd like to log every IP connection to my qmail smtp server, i've noticed that tcpserver is not logging this info for now, my tcpserver runs like follows: tcpserver -R -c 100 -x /etc/tcp.smtp.cdb -v -u 7170 -g 1100 0 smtp /var/qmail/bin/qmail-smtpd \ 21 | /var/qmail/bin/splogger smtpd 3 Any suggestions so i can log IP connections too? The -v should cause connections to be logged. Try putting it first, e.g.: tcpserver -v -R ... -Dave
Re: Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpdqmail-queue procs
The 'problem' as it relates to RFCs, not to Qmail's implementation, is probably the original question. Dave Sill wrote: "James Blondin" [EMAIL PROTECTED] wrote: The question I have is, and excuse my ignorance if it's something silly: why not just accept the bare linefeeds? From what I can understand in RFC822, there's nothing wrong with bare linefeeds in the body of the messages as long as the headers have all the right CRLFs. From looking through qmail archives and reading a few webpages, all I can find is some reference to the fact that you shouldn't have bare linefeeds after the smtpd process. Anyone have any more specifics about this? Is it to protect mailers that don't know how to interpret bare linefeeds? Or something integral to the MTA? The problem is simple. If a message contains a bare linefeed, qmail will convert it to a premature end-of-line if it resends the message. E.g.: This message consists of one line\012with an embedded linefeed. Will become: This message consists of one line with an embedded linefeed. -Dave
Re: Bouncesaying question
Gavin Cameron writes: I have a ~alias/.qmail-bouncer file with the contents |bouncesaying 'This is an automated bounce message' exit 0 bouncesaying tries to execvp() the given program; it doesn't use a shell to run the program. So it can't run a shell built-in command. Instead of above, you might want to write: |bouncesaying 'This is an automated bounce message' sh -c 'exit 0' or simply: |bouncesaying 'This is an automated bounce message' -- Tetsu Ushijima
Re: void main (no, not a long one)
I don't see how "If there is ever a compiler dumb enough to break void main(), I will happily advise everyone to use a different compiler" engenders any trust in someone's ability to write C code. Qmail is well written, sure. But void main() is and always has been wrong on 99% of platforms and adding "return 0;" to the end of the function will shut up GCC as well. That said ... Dave Sill wrote: Incidentally, is there a discussion in the past that I've missed about 'void main' declarations? :-) Yes. A quick search of the archives for "void main" yields: http://www.ornl.gov/its/archives/mailing-lists/qmail/1996/12/msg01898.html
Re: Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpdqmail-queue procs
[EMAIL PROTECTED] wrote: The 'problem' as it relates to RFCs, not to Qmail's implementation, is probably the original question. Probably? If you don't know, why bother guessing? I answered the question I thought was asked. If the person who asked the question isn't satisfied with that answer, he can say so. -Dave
Re: void main (no, not a long one)
Michael T. Babcock wrote: I don't see how "If there is ever a compiler dumb enough to break void main(), I will happily advise everyone to use a different compiler" engenders any trust in someone's ability to write C code. Qmail is well written, sure. But void main() is and always has been wrong on 99% of platforms and adding "return 0;" to the end of the function will shut up GCC as well. That said ... void main() does NOT shut recent versions of gcc up, unless you specify -Wno-main. cat void.c void main() {} gcc void.c void.c: In function `main': void.c:1: warning: return type of `main' is not `int' Was there a problem with int main() that was giving people trouble? Mark -- Do not reply directly to this e-mail address -- Mark Mentovai UNIX Engineer Gillette Global Network
Re: void main (no, not a long one)
[EMAIL PROTECTED] wrote: I don't see how "If there is ever a compiler dumb enough to break void main(), I will happily advise everyone to use a different compiler" engenders any trust in someone's ability to write C code. The proof of Dan's pudding is in the eating. Theoretically, "void main" is wrong. In practice, it works just fine. Personally, I could not care less. Please stop trying to make mountains out of old, dead molehills. If you have a serious, practical problem, we'll be glad to help. -Dave
Re: orbs.org accuses qmail of mailbomb relaying!
Russell Nelson wrote: Are these records in relays.orbs.org? How can you say that ORBS doesn't block them, then? Oh, I see, ORBS made up their own semantics for the DNS zone entries. Semantics which nobody else uses. That's very nice, but what about the people blocking using relays.orbs.org? Who told them that they would find DNS entries belonging to hosts which had never spammed? This is other than what people were led to expect. It's Yet Another reason why ORBS is not to be trusted. The ORBS pages are abundantly clear that relays.orbs.org does NOT contain a list of spammers AT ALL but of open relays or potentially open relays. These CAN be used for spam, but it isn't AT ALL necessary that they HAVE been used. Read their pages. Using relays.orbs.org is a BAD idea IMHO as the other lists, such as RBL are more specific.
Re: log connections using tcpserver?
I just restarted it with "tcpserver -v -R ..." and still nothing! I *only* get this in /var/log/syslog for mail delivery from a remote host: Jul 24 10:54:51 mail qmail: 964454091.551368 new msg 223505 Jul 24 10:54:51 mail qmail: 964454091.551743 info msg 223505: bytes 199 from [EMAIL PROTECTED] qp 28030 uid 91 Jul 24 10:54:51 mail qmail: 964454091.612723 starting delivery 3: msg 223505 to local [EMAIL PROTECTED] Jul 24 10:54:51 mail qmail: 964454091.612972 status: local 1/10 remote 0/20 Jul 24 10:54:51 mail qmail: 964454091.694699 delivery 3: success: did_1+0+1/ Jul 24 10:54:51 mail qmail: 964454091.709046 status: local 0/10 remote 0/20 Jul 24 10:54:51 mail qmail: 964454091.709290 end msg 223505 any ideas why my tcpserver won't log remote IP connections? I'm using Solaris 7 and 8 and on both it fails. Enrique- |o| Dave Sill escribió |o| [EMAIL PROTECTED] (Enrique Vadillo) wrote: |o| |o| I'm using qmail 1.03, i'd like to log every IP connection to my qmail |o| smtp server, i've noticed that tcpserver is not logging this info for now, |o| my tcpserver runs like follows: |o| |o| tcpserver -R -c 100 -x /etc/tcp.smtp.cdb -v -u 7170 -g 1100 0 smtp |/var/qmail/bin/qmail-smtpd \ |o| 21 | /var/qmail/bin/splogger smtpd 3 |o| |o| Any suggestions so i can log IP connections too? |o| |o| The -v should cause connections to be logged. Try putting it first, |o| e.g.: |o| |o| tcpserver -v -R ... |o| |o| -Dave
Re: void main (no, not a long one)
Dave Sill [EMAIL PROTECTED] writes: Theoretically, "void main" is wrong. In practice, it works just fine. Personally, I could not care less. Theoretically, BIND's noncompliance with standards is wrong. In practice, it interoperates with most of the world (i.e., itself) just fine. But I care. paul
RE: Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpdqmail-queue procs
Dave Sill wrote: [EMAIL PROTECTED] wrote: The 'problem' as it relates to RFCs, not to Qmail's implementation, is probably the original question. Probably? If you don't know, why bother guessing? I answered the question I thought was asked. If the person who asked the question isn't satisfied with that answer, he can say so. The answer you gave was useful, Dave, but although I didn't realize it at first, my question is really relating to the RFCs more than to qmail's implementation. It's just that qmail's implementation of it led me to asking the question. I appreciate your information... Jamie Blondin
Re: MailDir
Philipp Steinkrüger wrote: Here is definitely an error - if you use vpopmail you cannot use the checkpassword provided by DJB. I found this in the qmail-FAQ, Question 5.3: how do i set up qmail-pop3d. So there is a problem with my startup script ? Just a poor assumption -- qmail-pop3d isn't being used if you use virtual domains, the vpopmail package comes with its own. Read the vpopmail INSTALL files (and FAQ) for their example of how to set up POP3. All your other startup configuration should be the same as a standard Qmail install.
Re: orbs.org accuses qmail of mailbomb relaying!
You are free to tell me where I was supposed to agree to a license agreement before downloading it and/or where the LICENSE file is and/or where the license is embedded in C source files ... "Nathan J. Mehl" wrote: In the immortal words of Michael T. Babcock ([EMAIL PROTECTED]): No offense to DJB at all, but you have a very strange view of open sourced software if you don't believe in using patches. One last time. Qmail is not "open source software". Is not now. Has never been. In all probability never will be. You can reasonably maintain that this is not a good thing. (Heck, I'd agree with you.) You can argue that qmail would benefit from an OSS development model. (You might be right.) But understand that you are talking about a hypothetical: qmail is _not_ OSS. And it seems to me that a great deal of your confusion on this list stems from your misapprehension of this fact.
Re: void main (no, not a long one)
Dan's comment was that 'void main()' was done because 'int main()' caused compiler warnings. If so, int main() should now prevail because void main() causes the warnings. Dave Sill wrote: I don't see how "If there is ever a compiler dumb enough to break void main(), I will happily advise everyone to use a different compiler" engenders any trust in someone's ability to write C code. The proof of Dan's pudding is in the eating. Theoretically, "void main" is wrong. In practice, it works just fine. Personally, I could not care less.
Re: void main (no, not a long one)
Well said, considering how often DJB waxes eloquent about non-standards compliant and/or broken software. Paul Jarc wrote: Dave Sill [EMAIL PROTECTED] writes: Theoretically, "void main" is wrong. In practice, it works just fine. Personally, I could not care less. Theoretically, BIND's noncompliance with standards is wrong. In practice, it interoperates with most of the world (i.e., itself) just fine. But I care.
Re: orbs.org accuses qmail of mailbomb relaying!
"Michael T. Babcock" [EMAIL PROTECTED] writes: "Nathan J. Mehl" wrote: Qmail is not "open source software". Is not now. Has never been. In all probability never will be. You are free to tell me where I was supposed to agree to a license agreement before downloading it Those license agreements are not legally binding. See URL:http://cr.yp.to/softwarelaw.html. Also, the existence (as opposed to the content) of those license agreements have nothing whatsoever to do with the definition of Open Source software. See URL:http://www.opensource.org/osd.html. qmail's license does not meet these requirements. and/or where the LICENSE file is and/or where the license is embedded in C source files ... The license terms aren't not required to be distributed along with the material they apply to in order to be legally binding. paul
Re: void main (no, not a long one)
[EMAIL PROTECTED] (Paul Jarc) wrote: Theoretically, BIND's noncompliance with standards is wrong. In practice, it interoperates with most of the world (i.e., itself) just fine. But I care. I'll care about "void main" when it causes me problems. Until then, I've got real problems to worry about. -Dave
Re: void main (no, not a long one)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 24 Jul 00, at 12:55, Michael T. Babcock wrote: Dan's comment was that 'void main()' was done because 'int main()' caused compiler warnings. If so, int main() should now prevail because void main() causes the warnings. The newer djb sources (like djbdns - formerly dnscache) uses main(int argc,char **argv) without return value specifications, which, by C standards, mean implicit int main(). However, what do you expect, Michael? qmail-1.04 which would only "fix" void main()? -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOXxoR1MwP8g7qbw/EQKahACfT7P1CKNaXdilUUeGwJSFm2RaPDkAoN4L 3YNAR1KCzNMTc4gHfEgNQDGP =qqTo -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: orbs.org accuses qmail of mailbomb relaying!
[EMAIL PROTECTED] wrote: You are free to tell me where I was supposed to agree to a license agreement before downloading it and/or where the LICENSE file is and/or where the license is embedded in C source files ... qmail is copyrighted by DJB. You have no rights to copy or use it other than those he provides you, which are outlined in his pages. See: http://Web.InfoAve.Net/~dsill/lwq.html#license -Dave
RE: Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpdqmail-queue procs
"James Blondin" [EMAIL PROTECTED] wrote: The answer you gave was useful, Dave, but although I didn't realize it at first, my question is really relating to the RFCs more than to qmail's implementation. It's just that qmail's implementation of it led me to asking the question. In that case, qmail is not strictly RFC822 compliant in rejecting messages with bare linefeeds. Apparently Dan felt that the effort necessary to allow messages to contain LF's was more trouble than it was worth--especially considered that 822bis prohibits bare LF's. -Dave
Re: void main (no, not a long one)
I was hoping for an admission of guilt rather than a fight. Petr Novotny wrote: However, what do you expect, Michael? qmail-1.04 which would only "fix" void main()?
Re: orbs.org accuses qmail of mailbomb relaying!
I understand Copyright law as much as many long time free / open source software advocates do. That said, I have still seen nothing about the licensing of his software besides that he doesn't care about anything that isn't implicitly illegal. That said, in a case-law country, I can do pretty much whatever I think is legal to do until he sues me. At that point, the courts decide. Most importantly, will he allow full-modification and redistribution with a new name (GPL style). IE, forking. Dave Sill wrote: [EMAIL PROTECTED] wrote: You are free to tell me where I was supposed to agree to a license agreement before downloading it and/or where the LICENSE file is and/or where the license is embedded in C source files ... qmail is copyrighted by DJB. You have no rights to copy or use it other than those he provides you, which are outlined in his pages. See: http://Web.InfoAve.Net/~dsill/lwq.html#license
Re: Yet another /var/spool/mail questions
"David Bouw" [EMAIL PROTECTED] wrote: Everything works nicely, but I would like to have all mail be delivered in the the /var/spool/mail directory instead of $HOME/$USER/Mailbox.. I read the INSTALL files, but I can't figure out something.. You run the command 'qmail-start ./Mailbox splogger qmail' to deliver to Mailbox file When I read the documentation what you need to change in order to get the delivery in your /va/spool directory they tell you, you need to use Procmail (or binmail) to deliver your mail to /var/spool/mail.. Is this correct? Yes. The qmail delivery agent *only* delivers to mailboxes under the user's home directory. Isn't there a easier way? Nope. This is intentionally "hard" to do with qmail because it's inferior to storing them in the user's home directory. The central mail spool is security nightmare. -Dave
Re: void main (no, not a long one)
On Mon, 24 Jul 2000, Michael T. Babcock wrote: I was hoping for an admission of guilt rather than a fight. Why? Does it excite you or something? It all looks more to me like you've been trying to pick a fight. Vince. -- == Vince Vielhaber -- KA8CSHemail: [EMAIL PROTECTED]http://www.pop4.net 128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking Online Campground Directoryhttp://www.camping-usa.com Online Giftshop Superstorehttp://www.cloudninegifts.com ==
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, 24 Jul 2000, Michael T. Babcock wrote: I understand Copyright law as much as many long time free / open source software advocates do. That said, I have still seen nothing about the licensing of his software besides that he doesn't care about anything that isn't implicitly illegal. That said, in a case-law country, I can do pretty much whatever I think is legal to do until he sues me. At that point, the courts decide. Most importantly, will he allow full-modification and redistribution with a new name (GPL style). IE, forking. In that case you'd be "distributing" which has a link on the qmail home page (http://cr.yp.to/qmail.html). Vince. -- == Vince Vielhaber -- KA8CSHemail: [EMAIL PROTECTED]http://www.pop4.net 128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking Online Campground Directoryhttp://www.camping-usa.com Online Giftshop Superstorehttp://www.cloudninegifts.com ==
Re: orbs.org accuses qmail of mailbomb relaying!
"Michael T. Babcock" [EMAIL PROTECTED] writes: That said, I have still seen nothing about the licensing of his software besides that he doesn't care about anything that isn't implicitly illegal. See URL:http://cr.yp.to/qmail/dist.html. paul
Re: orbs.org accuses qmail of mailbomb relaying!
[EMAIL PROTECTED] wrote: That said, in a case-law country, I can do pretty much whatever I think is legal to do until he sues me. At that point, the courts decide. Most importantly, will he allow full-modification and redistribution with a new name (GPL style). IE, forking. It's clear from http://cr.yp.to/qmail/dist.html that that would be against his wishes without his prior approval. Rest assured that Dan is willing to engage in a legal battle. Consider Bernstein v. Justice. -Dave
Re: Want to know your potential multiple recipient savings?
On Mon, Jul 24, 2000 at 11:31:05AM -0400, Michael T. Babcock wrote: This is what I've asked for too -- and been given "do it yourself". Almost certainly because: a) It's hard to arrange a reproducable set of deliveries that can be run on qmail and sendmail. Even a couple of hours on the Internet can change the exact same run, eg, if AOL changes the size of the response to MX lookups, even an identical run will generate different traffic loads. b) It's especially hard with email because you really want to deliver the email to the recipient. How do you do a real life test with real-life recipients on remote networks without spamming them? c) It's hard because everyone's situation differs. Should you run a benchmark in isolation from your other network traffic or with it? Is it legitimate to gain the benefits of, eg, DNS caching that your web browsing might pre-load? d) It's hard to measure. What it needs is a dedicated machine that you can generate just the email load you want, then take measurements off the interface (or connecting router). Many don't have the setup/skill/motivation to set this up. Actually, it wouldn't be that hard, you'd need a dedicated server that you can run qmail and sendmail on. A real life set of mail submissions and recipient addresses and you'd smarthost qmail and sendmail to an smtpsink. You's also use a dnscache on another machine so that you see perfect and uncached DNS traffic. But no one seems to have posted a test like this so until that happens, I guess it's "do it yourself". Regards. Frank Tegtmeyer wrote: In his measurements that indicated that qmail used less bandwidth in real-life situations than sendmail, Dan counted the DNS traffic due to sendmail. And I have never seen numbers, only Dan's claims. It's hard to argue using them without being backed up by numbers.
RE: orbs.org accuses qmail of mailbomb relaying!
Greg Owen writes: Yup. If you have one qmail box forwarding to a second qmail box which is the mail store, you get this amplification. No, you don't get any amplification. You only get amplification if you can get someone else's machine to expend resources that you didn't. Yes, there is amplification. It does work, I have tested it, what follows is a description of how it works. Given a qmail box which relays mail to one other box (qmail, exchange, sendmail, whatever), a malicious user can generate N messages of size X (N * X) with the use of (N * sizeof(rcpt to)) + X. Note that sizeof(rcpt to) is miniscule compared to the possible values for X. Let's say you own qmail box mx10.example.com, and mx10.example.com relays to mx5.example.com as the final mail store. It has no knowledge of users; it just forwards as defined by MX records or smtproutes. Let's also say I am at dialup06.msn.com, and that I'm pissed at heaven.af.mil. If I (at dialup06.msn.com) connect to mx10.example.com, I can use a MAIL FROM that points to [EMAIL PROTECTED]: MAIL FROM: [EMAIL PROTECTED] I can then enter 100 RCPT TOs, all pointing to invalid users for the valid domain example.com, which MX10 accepts mail for: RCPT TO: [EMAIL PROTECTED] RCPT TO: [EMAIL PROTECTED] ... RCPT TO: [EMAIL PROTECTED] This costs me 100 * 28 bytes, or under 3k. Now I send a 1 megabyte DATA segment. The total cost to me, on my dialup line, is 1 meg + 3k. mx10.example.com then sends that message to mx5.example.com, but instead of aggregating the RCPT TOs, it sends it 100 times, with one RCPT TO per message. Presumably mx10 and mx5 are connected by LAN not WAN, so this is not a problem for the example.com network. But upon reaching mx5.example.com, each one of these messages bounces because u001 through u100 do not exist at example.com. Example.com then sends 100 bounce messages, EACH CONTAINING A 1 MEG ATTACHMENT, to [EMAIL PROTECTED] This imposes a 100 megabyte traffic hit on the relatively lower bandwidth WAN lines of example.com and heaven.af.mil. Therefore, I have amplified my force from 1meg + 3k to over 100 meg. Note that this scales at the cost of 28 bytes per 1 meg of amplified force, and that the amount of force amplified (the 1 meg) is also able to scale up (a 5 meg file, for example, is tedious but possible from a dialup line). If both example.com and heaven.af.mil have a T1 line, then this attack DOSes both of them equally (at little cost to lil ole me @ msn.com). If example.com has a T3 compared to heaven.af.mil's T1, or if I can find more than one bounce-relay victim (example1.com, example2.com, etc.) then I can hit heaven.af.mil hard enough to saturate its T1 link. (Forget downloading the MAPS list; go to qmail.org and then probe the list of "large internet sites using qmail" to see which ones have more than one mail hop. How do you probe? Send an email to a made up address and study the Received: headers of the bounce.) The point that the original ORBS quote apparently tried to make is that other MTAs (like sendmail) which would forward the message once with the 100 RCPT TO lines, and bounce it once with 100 "User [EMAIL PROTECTED] not known" only adds the slight overhead of the bounce text, and are therefore not effective in this type of attack. I don't play with sendmail any more, and can neither confirm nor deny this understanding. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
Re: void main (no, not a long one)
On Mon, Jul 24, 2000 at 01:10:45PM -0400, Michael T. Babcock wrote: I was hoping for an admission of guilt rather than a fight. It's nice to hope for things. However, the only thing you're going to get is membership in a lot of procmail filters. (I've just added you to mine.) --Adam
RE: Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpdqmail-queue procs
Dave Sill wrote: In that case, qmail is not strictly RFC822 compliant in rejecting messages with bare linefeeds. Apparently Dan felt that the effort necessary to allow messages to contain LF's was more trouble than it was worth--especially considered that 822bis prohibits bare LF's. This basically answers my question. My only other query would be as to what made allowing messages to contain LFs so troublesome. Any specific reasons? Thanks much, Jamie Blondin
Re: orbs.org accuses qmail of mailbomb relaying!
On Mon, Jul 24, 2000 at 09:06:43AM -0400, Brian Johnson wrote: yes, but most people only have enough money for so many cars, or can only drink so much pepsi or coke. an admin can use as many or as few of the lists as they want without any cost/limit. when you go to buy a car, you generally buy just A car, when you go and get a soda, you get one soda at a time, but with spam relay lists, you pick whichever one(s) you decide are best, and use them all together.. there's no reason for them having to compete for users Thanks, I was trying to think of a way to say this. It's also worth noting that these lists should *not* be competing in this manner -- the only thing they should be "competing" on is who can block the most spam while generating the least false positives. --Adam
Re: Yet another /var/spool/mail questions
Dave Sill [EMAIL PROTECTED] writes: The qmail delivery agent *only* delivers to mailboxes under the user's home directory. Well, qmail-local can deliver to maildirs or mboxes anywhere, but there's no way to describe a maildir or mbox in a user-dependent way except by using a path relative to the user's home directory. So /var/spool/mail/user can be used in users' .qmail files, but not as the default delivery instruction. paul
RE: Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpdqmail-queue procs
"James Blondin" [EMAIL PROTECTED] wrote: Dave Sill wrote: In that case, qmail is not strictly RFC822 compliant in rejecting messages with bare linefeeds. Apparently Dan felt that the effort necessary to allow messages to contain LF's was more trouble than it was worth--especially considered that 822bis prohibits bare LF's. This basically answers my question. My only other query would be as to what made allowing messages to contain LFs so troublesome. Any specific reasons? qmail stores messages in the queue in the standard UNIX format: lines terminated with newlines (LF's). In SMTP, the line terminator is CRLF. qmail replaces that with LF when it writes the message to disk. qmail could have used CRLF to terminate lines in the queue files, but that would require converting CRLF to LF on the fly during delivery to files/programs. -Dave
pop3d config, This user has no $HOME/Maildir
I'm getting this message from my pop3 clients. Could not login in to mail server. The server responded: This user has no $HOME/Maildir Well, the user does have a Maildir. I can see new mail piling up in Maildir/new. It's being started as follows: supervise /var/lock/qmail-pop3d tcpserver -v -c40 -u0 -g0 0 pop-3 qmail-popup checkpassword qmail-pop3d Maildir Any ideas as to what to do next? If this is a case of RTFM could someone direct me to the appropriate section in the FM? Thanks, Bruce.
Re: Yet another /var/spool/mail questions
[EMAIL PROTECTED] (Paul Jarc) wrote: Well, qmail-local can deliver to maildirs or mboxes anywhere, but there's no way to describe a maildir or mbox in a user-dependent way except by using a path relative to the user's home directory. So /var/spool/mail/user can be used in users' .qmail files, but not as the default delivery instruction. You're absolutely correct. I spoke too strongly. -Dave
Re: licensing
The question is: does DJB prefer that one modify (should they wish to) 55% of the source code (say) and make this mod available as a patch, or simply rename it to "rmail" (or whatever) and mention that it is derived from Qmail, available at ... blah ... Vince Vielhaber wrote: I understand Copyright law as much as many long time free / open source software advocates do. That said, I have still seen nothing about the licensing of his software besides that he doesn't care about anything that isn't implicitly illegal. That said, in a case-law country, I can do pretty much whatever I think is legal to do until he sues me. At that point, the courts decide. Most importantly, will he allow full-modification and redistribution with a new name (GPL style). IE, forking. In that case you'd be "distributing" which has a link on the qmail home page (http://cr.yp.to/qmail.html).
pop3d config, This user has no $HOME/Maildir
Never mind, I found the problem, dnsfq is failing to return my hostname correctly. That said, any thoughts on this: [root@mail control]# /usr/local/src/qmail-1.03/dnsfq mail.sattel.com hard error [root@mail control]# [root@mail control]# hostname mail.sattel.com My dns server is local: [root@mail control]# nslookup Default Server: localhost Address: 127.0.0.1 mail.sattel.com Server: localhost Address: 127.0.0.1 Name:mail.sattel.com Address: 192.168.1.100 This is correct as far as I can tell. Bruce Edge wrote: I'm getting this message from my pop3 clients. Could not login in to mail server. The server responded: This user has no $HOME/Maildir Well, the user does have a Maildir. I can see new mail piling up in Maildir/new. It's being started as follows: supervise /var/lock/qmail-pop3d tcpserver -v -c40 -u0 -g0 0 pop-3 qmail-popup checkpassword qmail-pop3d Maildir Any ideas as to what to do next? If this is a case of RTFM could someone direct me to the appropriate section in the FM? Thanks, Bruce.
Re: pop3d config, This user has no $HOME/Maildir
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 24 Jul 00, at 18:15, Bruce Edge wrote: That said, any thoughts on this: [root@mail control]# /usr/local/src/qmail-1.03/dnsfq mail.sattel.com hard error [snip] Name:mail.sattel.com Address: 192.168.1.100 Is there the reverse record for 192.168.1.100 pointing to mail.sattel.com? -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOXx6vlMwP8g7qbw/EQLFtACg8+V4+oQXTSe5iIe9f0tVDMYblBoAoLrN 3lQf5LH+wcTUwRfsX9JO/xWF =QaVZ -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: licensing
On Mon, 24 Jul 2000, Michael T. Babcock wrote: The question is: does DJB prefer that one modify (should they wish to) 55% of the source code (say) and make this mod available as a patch, or simply rename it to "rmail" (or whatever) and mention that it is derived from Qmail, available at ... blah ... What part of "If you want to distribute modified versions of qmail (including ports, no matter how minor the changes are) you'll have to get my approval." didn't you understand? Vince. Vince Vielhaber wrote: I understand Copyright law as much as many long time free / open source software advocates do. That said, I have still seen nothing about the licensing of his software besides that he doesn't care about anything that isn't implicitly illegal. That said, in a case-law country, I can do pretty much whatever I think is legal to do until he sues me. At that point, the courts decide. Most importantly, will he allow full-modification and redistribution with a new name (GPL style). IE, forking. In that case you'd be "distributing" which has a link on the qmail home page (http://cr.yp.to/qmail.html). -- == Vince Vielhaber -- KA8CSHemail: [EMAIL PROTECTED]http://www.pop4.net 128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking Online Campground Directoryhttp://www.camping-usa.com Online Giftshop Superstorehttp://www.cloudninegifts.com ==
RE: Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpdqmail-queue procs
Dave Sill wrote: "James Blondin" [EMAIL PROTECTED] wrote: Dave Sill wrote: In that case, qmail is not strictly RFC822 compliant in rejecting messages with bare linefeeds. Apparently Dan felt that the effort necessary to allow messages to contain LF's was more trouble than it was worth--especially considered that 822bis prohibits bare LF's. This basically answers my question. My only other query would be as to what made allowing messages to contain LFs so troublesome. Any specific reasons? qmail stores messages in the queue in the standard UNIX format: lines terminated with newlines (LF's). In SMTP, the line terminator is CRLF. qmail replaces that with LF when it writes the message to disk. qmail could have used CRLF to terminate lines in the queue files, but that would require converting CRLF to LF on the fly during delivery to files/programs. Ah, it makes some sense now. Thanks tons for the information. -Jamie Blondin
Re: orbs.org accuses qmail of mailbomb relaying!
Michael T. Babcock [EMAIL PROTECTED] wrote: I understand Copyright law as much as many long time free / open source software advocates do. Very few people understand copyright law in general. Free software advocates are not much better at it than others; RMS is a notable exception. That said, in a case-law country, I can do pretty much whatever I think is legal to do until he sues me. At that point, the courts decide. Not exactly. Copyright and the protections thereof come into effect the moment the work is created. No notice is required in the work itself to be legally binding. In the absence of a statement granting you certain rights, the legal assumption is you have no right to use the work in any way. Note that one point which is still questionable is whether a statement of your rights applies if it is not signed by the creator of the work; if licenses shipped with code in digital format are found to not be legally binding, the situation reverts to you having no license, and therefore no rights to the work in question. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: orbs.org accuses qmail of mailbomb relaying!
Argh. Get that misconception *out your head*. People who disallow ORBS to scan them get listed as *untestable*, not as *open relays*. ORBS doesn't block. Are these records in relays.orbs.org? How can you say that ORBS doesn't block them, then? Oh, I see, ORBS made up their own semantics for the DNS zone entries. Semantics which nobody else uses. There isn't any "default" semantics for how to set up these DNS zones, just using rblsmtpd with relays.orbs.org will block any potential Open Relay and list the reason why it was blocked in the bounce message. (if the sending MTA doesn't cut it out or try translation) You may at anytime choose your own method of checking the DNS information, create your own scripts or programs or whatever you want/need. That's very nice, but what about the people blocking using relays.orbs.org? Thats up to them if they choose to "trust" those who block ORBS, they can use output.orbs.org if thats what they want. While others might be paranoid and block them for trying to hide. No matter what reason, ORBS can not be blamed for individual chosing. These mail-administrators may very well have valid conserns about the problems that Open Relay can cause them and their networks. Who told them that they would find DNS entries belonging to hosts which had never spammed? This is other than what people were led to expect. It's Yet Another reason why ORBS is not to be trusted. ORBS policies and handling here is quite clear and documented, it suprices me that so many who disagree with what Alan does can't get their facts straight about this! Never has the policies of ORBS have ANYTHING directly to do with SPAM, it is an validated Open Relay database which for obvious reason also contains those who deny/decive ORBS testing by blocking it. If YOU don't trust someone for your lack of knowledge that's one thing, it's another thing when you tell people publicly ORBS can not be trusted for this and that based on this lack of knowledge. Regards André Paulsberg
Re: orbs.org accuses qmail of mailbomb relaying!
OK 2 NET - André Paulsberg writes: Never has the policies of ORBS have ANYTHING directly to do with SPAM, it is an validated Open Relay database which for obvious reason also contains those who deny/decive ORBS testing by blocking it. In other words, it's a good place to go to find open relays, in order to abuse them. Also, it's NOT a good listing to use to block sources of spam, since it lists many hosts which have never sourced spam. -- -russ nelson [EMAIL PROTECTED] http://russnelson.com Crynwr sells support for free software | PGPok | Tornadoes, earthquakes, 521 Pleasant Valley Rd. | +1 315 268 1925 voice | hurricanes and government: Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | uncontrollable forces
Re: pop3d config, This user has no $HOME/Maildir
On Mon, Jul 24, 2000 at 06:03:00PM -0700, Bruce Edge wrote: I'm getting this message from my pop3 clients. Could not login in to mail server. The server responded: This user has no $HOME/Maildir Well, the user does have a Maildir. I can see new mail piling up in Maildir/new. It's being started as follows: supervise /var/lock/qmail-pop3d tcpserver -v -c40 -u0 -g0 0 pop-3 qmail-popup checkpassword qmail-pop3d Maildir Any ideas as to what to do next? If this is a case of RTFM could someone direct me to the appropriate section in the FM? RTFM the Synopsis section of the qmail-popup man page. I quote it here for your convenience: SYNOPSIS qmail-popup hostname subprogram You left out the hostname, so qmail-popup interpreted checkpassword as the hostname and exec'ed qmail-pop3d instead of checkpassword. Chris
RE: orbs.org accuses qmail of mailbomb relaying!
Greg Owen writes: Yes, there is amplification. It does work, I have tested it, what follows is a description of how it works. Yes, you have described the situation accurately, and yes, I was wrong. In the main, though, you've laid out yet another argument against secondary MX. -- -russ nelson [EMAIL PROTECTED] http://russnelson.com Crynwr sells support for free software | PGPok | Tornadoes, earthquakes, 521 Pleasant Valley Rd. | +1 315 268 1925 voice | hurricanes and government: Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | uncontrollable forces
RE: orbs.org accuses qmail of mailbomb relaying!
In the main, though, you've laid out yet another argument against secondary MX. If so, it's the first anti-secondary-MX argument I've seen that didn't boil down to "incompetent machine administration causes problems," which is true with or without multiple MX - it's just easier for mistakes to happen with more machines involved. But even if you got rid of secondary MXs, there's another scenario this attacks, one which most basic firewall design courses and books recommend: using a mail relay as a bastion host in the DMZ to disallow direct access from the Internet to the mail store. For example, people running Exchange or Notes (and many do, for various good or bad reasons) may not want that box directly on the Internet, open to SYN flooding, DOS attacks, and buffer overflow attempts. qmail makes the perfect intermediate relay - high performance, high security, high reliability. If the bastion host is attacked, internal mail isn't directly affected, which is a good thing. Let me try this argument instead: Between two networkographically close mail hosts owned by a single entity (Secondary and primary MX, or bastion relay and mail store), the high bandwidth and low latency of the LAN connection means that the SMTP latency issue is diminished. Between such hosts, then, using multiple RCPTs with a single DATA may be faster then qmail's default behavior, which is tuned for the high-latency Internet environment. Therefore, having the ability to modify qmail's behavior on a host-by-host basis (much as smtproutes affects mail routing) might be useful. It would also close this DOS capability. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
Re: orbs.org accuses qmail of mailbomb relaying!
Russ Allbery [EMAIL PROTECTED] writes on 23 July 2000 at 22:54:44 -0700 Eric Cox [EMAIL PROTECTED] writes: Some would argue that MAPS abused their position when they listed ORBS - they do have a competing service, do they not? And ORBS is both spamming and operating a spam support service under the definition of that service. Suppose you run a security consulting service and as part of that service you publish vulnerabilities in commonly used products, as well as provide a network scanner. Now suppose you find a security vulnerability in someone else's network scanner. Do you publish that vulnerability? Of course you do; being *very* careful to get it right, since people will be inclined to see any mistake you make as a deliberate attack on your competition. (And after giving them reasonable advance notice). This is the full disclosure argument all over again, isn't it? I don't mind ORBS publishing the list of known open relays, and I don't mind ORBS accepting open-relay reports based on scans (or even running their own). I find RSS not adequate and RBL badly inadequate (though I continue to use it to help them be the big stick you describe, a goal I definitely support and which I have seen work well). I'd like to use ORBS, but in fact I find the politics intolerable and the arbitrary behavior too risky. I don't know the details of the alleged "spamming" -- it sounds like they're bulk-mailing stuff to the admins of open relays? -- Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]