RE: Anti Virus

[Brett Randall]

True, and I shouldn't have recommended Norton Enterprise without the use of
some other filtering software to hold back the yucky vbs, sh, ... files, but
even then our organisation (and how many others?) deals with corporations
from all over the world who do various bits of work for us - art,
programming, web site design...I guess corporate policy and training is the
best solution but a combo of good anti-virus software and good filtering
software (perhaps something to alert sysadmin with it the script attached so
it can be verified and either permanently banned or passed through?) would
do most people fairly well...

Brett.

Manager
InterPlanetary Solutions
http://ipsware.com/



 -Original Message-
 From: Noel Mistula [mailto:[EMAIL PROTECTED]]
 Sent: Friday, August 04, 2000 4:02 PM
 To: Brett Randall; qmail
 Subject: Re: Anti Virus


 But then again, scripts kiddies are "Always" one step
 ahead compared to the dat files of your beautiful Norton Enterprise
 Antivirus.

 cheers

 Noel

 -Original Message-
 From: Brett Randall [EMAIL PROTECTED]
 To: qmail [EMAIL PROTECTED]
 Date: Friday, 4 August 2000 15:51
 Subject: RE: Anti Virus


 Sorry, forgot to add that we use Norton Antivirus as a 'plug-in' for the
 Lotus Notes e-mail server on our internet-viewable SMTP machine. This of
 course adds the possibility of much more functionality, which we
 use as if
 it was sand on the beach in summer, but that's up to your organisation's
 needs :
 
 Brett
 
 Manager
 InterPlanetary Solutions
 http://ipsware.com/
 
 
 
  -Original Message-
  From: Brett Randall [mailto:[EMAIL PROTECTED]]
  Sent: Friday, August 04, 2000 3:44 PM
  To: qmail
  Subject: RE: Anti Virus
 
 
  On another note...
 
  Our organisation has an NT (sorry : ) box which acts as the
  primary MX server for our domain. All mail goes to it and gets
  scanned via the (brilliant, automatic, no-maintenance) Norton
  Antivirus Enterprise software (worth a little money but what is
  your company's data worth to you?). It then just relays it on to
  the internal mail machine (via an MX lookup in the internal DNS
  for the same domain as the e-mail was sent to). We route several
  domains through the one server, and it works like a dream!
 
  Brett.
 
  Manager
  InterPlanetary Solutions
  http://ipsware.com/
 
 
 

Re: Anti Virus

[Robin S. Socha]

* Brett Randall [EMAIL PROTECTED] writes:
 From: Noel Mistula [mailto:[EMAIL PROTECTED]]
 From: Brett Randall [EMAIL PROTECTED]
 From: Brett Randall [mailto:[EMAIL PROTECTED]]

Dear Brett and Randall,

your way of quoting *may* be convenient for you. It is, however, annoying
for probably everyone else (particularly people not reading your "threads"
in a row. It also adds a *massive* amount of unnecessary overhead. May I
suggest your grabbing a copy - really, just about any - of the netiquette
and fixing your mail toys?

 Our organisation has an NT (sorry : ) box which acts as the
 primary MX server for our domain. All mail goes to it and gets
 scanned via the (brilliant, automatic, no-maintenance) Norton
 Antivirus Enterprise software 

So you are basically advocating running a piece of exremely expensive
software with a mixed track record of functionality, running on an
unstable, expensive and insecure operating system for production
services?

 (worth a little money but what is your company's data worth to
 you?).

My company is worth enough to me not to trust closed-source, proprietary
software from a foreign country. Particularly since I've seen NT send
encrypted emails to a firewall in the MS network after installation. Thank
you very much.

 It then just relays it on to the internal mail machine (via an MX
 lookup in the internal DNS for the same domain as the e-mail was
 sent to). We route several domains through the one server, and it
 works like a dream!

Can you - in simple terms so a mere user like me can understand -
explain to me what the advantage of this setup is over, say, RedHat
Linux with Trend Micro's VirusWall (if you think you absolutely must
rely on software you bought instead of the vast array of free software
offering the same functionality but having the advantage of being open
sourced)?

 But then again, scripts kiddies are "Always" one step ahead compared
 to the dat files of your beautiful Norton Enterprise Antivirus.

 Sorry, forgot to add that we use Norton Antivirus as a 'plug-in' for the
 Lotus Notes e-mail server on our internet-viewable SMTP machine. 

So, you're not only running an unstable OS but also an extremely
flaky, bug-ridden MTA, and you actually have this setup connected to
the internet. May I ask what your company is worth *to you*?

 This of course adds the possibility of much more functionality, which
 we use as if it was sand on the beach in summer, but that's up to
 your organisation's needs :

It's more up to one's TCO calculations, isn't it? So, you're not only
running an unstable OS but also an extremely flaky, bug-ridden MTA, have
this setup connected to the internet, but also throw in more money to
buy unneeded functionality that is likely to introduce more bugs. Can
you explain your rationale, please?

 True, and I shouldn't have recommended Norton Enterprise without the
 use of some other filtering software to hold back the yucky vbs, sh,
 ... files, 

Wow, we're finally back on topic... *sigh* I'd like to thank Noel
G. Mistula again for his little script. Works. What was the advantage of
running an expensive peace of feature-ridden software from a dubious
source again?

 but even then our organisation (and how many others?)  deals with
 corporations from all over the world who do various bits of work for
 us - art, programming, web site design... 

You seem not to have grasped the concept of "service" yet. It goes like
this: "you want my money? Here's a list of files we don't accept for
security reasons. Basically everything that says Microsoft is, like,
no-no. Got it? No? Here's our public security policy describing the
conversion of your files to safe formats. Use it or learn to fear me."

 I guess corporate policy and training is the best solution 

It can be. If you add a little spice. Like "in violating our securiy
policy, you're jeopardizing your colleagues' work and the reputation of
the entire company and therefore make yourself subject to immediate
sacking". I've seen this policy at work (first in an Ohio non-profit
organization of all places) and it, well, works. /Telling/ people that
everything Windows is Hiroshima waiting to happen to their company is
not enough - you need to create a personal interest in these matters.

It took a blatant display of arrogance and a lot of security "hype" but
that's how I prevented NT/MS-Exchange to happen on our mailserver. I'm now
running OpenBSD http://www.openbsd.org/ and qmail - everyone's *extremely*
pleased with the result. qmail and DJB's other software as well as the
software submitted by various people are simply excellent. I'd like to
take the opportunity to express my heartfelt gratefulness for providing a
stable, secure and [...] mail environment.

 but a combo of good anti-virus software and good filtering software

I've said it once and I'll say it again: anti-virus software is snake
oil. Under certain circumstances, it will buy you exactly nothing. Had I
sent you ILOVEYOU the moment I got 

Re: Anti Virus

[Adam McKenna]

On Fri, Aug 04, 2000 at 10:17:41AM +0200, Robin S. Socha wrote:
 your way of quoting *may* be convenient for you. It is, however, annoying
 for probably everyone else (particularly people not reading your "threads"
 in a row. It also adds a *massive* amount of unnecessary overhead. May I
 suggest your grabbing a copy - really, just about any - of the netiquette
 and fixing your mail toys?

For christ sake, leave the guy alone.  IMHO your incessant personal attacks 
are way more annoying than his quoting style.

--Adam

Mail archive

[Iain Smith]

Hi there,
I need a way of archiving a copy of all mail that is delivered by
qmail - something I used to do with postfix using 'always bcc' Whats the
best way of doing this?
BTW, I'm using 1.03  vpopmail 4.8.7.

Cheers

   Iain Smith

Re: Mail archive

[Petr Novotny]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 4 Aug 00, at 9:33, Iain Smith wrote:

 I need a way of archiving a copy of all mail that is delivered by
 qmail - something I used to do with postfix using 'always bcc' Whats
 the best way of doing this?

FAQ #8.2 (less /var/qmail/doc/FAQ)

-BEGIN PGP SIGNATURE-
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOYp5KVMwP8g7qbw/EQLWHwCgjj3g5TAyZ66upaS4i44skQNpi7MAn0PN
GLbNY2EpbhcypDnVSpm1SRZK
=b/za
-END PGP SIGNATURE-
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
 [Tom Waits]

How I can turn off delivery for user ?

[Kornyakov Yevgeny]

Hello
How I can turn off delivery for user ?
I use procmail, and if "| preline procmail" line is exist in the .qmail
file, I get two identical letters.
First letter from qmail delivery
Second letter from procmail delivery
I need use only procmail delivery.
Thanks.

qmail Digest 4 Aug 2000 10:00:00 -0000 Issue 1083

[qmail-digest-help]

qmail Digest 4 Aug 2000 10:00:00 - Issue 1083

Topics (messages 46072 through 46127):

Creation of /Maildir/user/ instead of ~/Maildir
46072 by: Thomas Fahle
46076 by: Brett Randall

Re: trouble injecting bounce message
46073 by: Joel Gautschi

Re: Mailing list performance
46074 by: P.Y. Adi Prasaja
46077 by: Dave Sill
46078 by: Dave Sill
46113 by: P.Y. Adi Prasaja

Anti Virus
46075 by: Slider
46079 by: Robin S. Socha
46080 by: Slider
46088 by: Alexander Pennace
46089 by: Robin S. Socha
46090 by: Robin S. Socha
46100 by: Noel Mistula
46101 by: Jason Haar
46102 by: Noel Mistula
46115 by: Eric Cox
46119 by: Brett Randall
46120 by: Brett Randall
46121 by: Noel Mistula
46122 by: Brett Randall
46123 by: Robin S. Socha
46124 by: Adam McKenna

qmail - cyrus
46081 by: Wolfgang Wagner
46082 by: Greg Owen

Re: qmail+mrtg+multilog mods
46083 by: Cedric Fontaine
46085 by: Magnus Bodin
46096 by: Peter Green

Re: source rpm
46084 by: Charles Cazabon

backup of server is timing out
46086 by: Albert Hopkins
46087 by: Albert Hopkins

Re: updated load balancing qmail-qmqpc.c mods
46091 by: Frank D. Cringle

Problems with qmail startup on OpenBSD 2.7/Intel
46092 by: Charles Roten
46093 by: Greg Owen

Re: maildirmake
46094 by: Eddie Greer

Now redhat's mailling lists have been removed to mailman and postfix
46095 by: Irwan Hadi
46099 by: Robin S. Socha
46112 by: Irwan Hadi

Configuring a "Store-and-Forward" backup qmail server
46097 by: Charles Roten
46098 by: James Raftery
46103 by: James R Grinter
46104 by: James R Grinter
46105 by: David Dyer-Bennet

sslwrap problems
46106 by: Adam McKenna
46107 by: Ian Lance Taylor
46108 by: Adam McKenna

Maildir archiving
46109 by: Michael T. Babcock
46110 by: Ben Beuchler
46111 by: Ben Beuchler

Re: duplicating sendmail's virtusertable
46114 by: Sam Carleton
46116 by: David Dyer-Bennet

using fetchmail on qmail machine
46117 by: Vincent Danen
46118 by: Peter Green

Mail archive
46125 by: Iain Smith
46126 by: Petr Novotny

How I can turn off delivery for user ?
46127 by: Kornyakov Yevgeny

Administrivia:

To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]

To subscribe to the digest, e-mail:
[EMAIL PROTECTED]

To bug my human owner, e-mail:
[EMAIL PROTECTED]

To post to the list, e-mail:
[EMAIL PROTECTED]


--



Hello all,


I've come to a point where I'm stuck, and need some help.

I have a separate partion called /Maildir on my LinuxBox.

I want qmail to make the maildirs for each user below /Maildir
eg. /Maildir/joedoe/Maildir instead of /home/joedoe/Maildir




tia


Thomas













Ummm...why? Do the users store other information in their home folders? Why
not just put all the home folders in the seperate partition? But, forsaking
that, just make the .qmail file in each user's home directory point to
/Maildir/user (or did you really want /Maildir/user/Maildir? If so, I ask
the same question as above?). Will need a slight modification of the adduser
script (I totally rewrite mine for each new situation) so that it writes the
.qmail file relevantly instead of the generic one found in /etc/skel.

BTW If you put all the home folders in the seperate partition (advised for
simplicity), remember to change the folder names in /etc/passwd
(obviously...) A simple perl script could do this pretty easily. eg:

#!/usr/bin/perl -w
while () {
s!/home/(\W+)\:!/Maildir/\1\:!g;
print;
}

Then a 'cat /etc/passwd | script  /etc/passwd~'

Check passwd~ and make sure it looks ok, then overwrite the old one. Easier
is just to literally move the /home folder to the new partition and mount it
as /home though.

Manager
InterPlanetary Solutions
http://ipsware.com/



 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
 Behalf Of Thomas Fahle
 Sent: Thursday, August 03, 2000 8:14 PM
 To: [EMAIL PROTECTED]
 Subject: Creation of /Maildir/user/ instead of ~/Maildir


 Hello all,


 I've come to a point where I'm stuck, and need some help.

 I have a separate partion called /Maildir on my LinuxBox.

 I want qmail to make the maildirs for each user below /Maildir
 eg. /Maildir/joedoe/Maildir instead of /home/joedoe/Maildir




 tia


 Thomas














thanks for your help. I've just found out another way to fix this problem. I
used the queue-fix (http://www.netmeridian.com/e-huss/queue-fix.tar.gz)
program by Eric Huss.
It repairs or generates a qmail queue structure. You can use this to help
move your queue location, or if 

Re: using fetchmail on qmail machine

[Chris, the Young One]

On Fri, Aug 04, 2000 at 12:34:27AM -0400, Peter Green wrote:
! I don't know if it's the ``normal'' behavior, but I have localhost in my
! control/locals with the identical setup to you.

$ grep localhost /var/qmail/control/locals
localhost

Yep, it's there. From a casual perusal of config.sh in the qmail package
it can be seen that it calls a program to get the IP addresses of all
interfaces, then puts their PTR lookups into control/locals.

Unless you lack a loopback interface :-) I believe that localhost should
be in control/locals, at least by default.

---Chris K.
-- 
 Chris, the Young One |_ If you can't afford a backup system, you can't 
  Auckland, New Zealand |_ afford to have important data on your computer. 
http://cloud9.hedgee.com/ |_ ---Tracy R. Reed  
 PGP: 0xCCC6114E/0x706A6AAD |_ 

Newbie help: qmail as a relay gateway

[Leonard Tulipan]

First of: I'm a newbie both to sendmail  qmail. (Read: don't flame me for
my stupidity)

The only thing I really achieved was compiling the packages (both sendmail 
qmail seem to "work" fine in a sense that all the test complete successful)

If you can point me to the correct URLS or Steps I have to do, I'd be more
than grateful, for I have been assigned this project without really knowing
anything.

We currently have this setup:


internal MS Exchange Server
  I
firewall (Linux-box with sendmail)
 I
access router
 I 
Internet

So our sendmail (apparently) does: relay all email to
@bsbanksysteme.com/de/at/ch or @bs-ag.com/de/at to our Exchange Server and
that server relays all outgoing mail to the firewall which sends it.

Since I don't know how that configuration is called (authorized-relay? I
realy don't know) I don't know which questions of the faq realy apply to me.

Please help me out of my misery because I sincerely do hate sendmail.

Ciao
Leo

Re: Anti Virus

[Paul Schinder]

At 4:20 AM -0400 8/4/00, Adam McKenna wrote:
On Fri, Aug 04, 2000 at 10:17:41AM +0200, Robin S. Socha wrote:
  your way of quoting *may* be convenient for you. It is, however, annoying
  for probably everyone else (particularly people not reading your "threads"
  in a row. It also adds a *massive* amount of unnecessary overhead. May I
  suggest your grabbing a copy - really, just about any - of the netiquette
  and fixing your mail toys?

For christ sake, leave the guy alone.  IMHO your incessant personal attacks
are way more annoying than his quoting style.

Does anyone else see what he's complaining about?  I've read this 
thread using MacOS Eudora, and just looked at one of the messages 
with mutt, and I see nothing out of the ordinary.  (Reminds me of the 
time some idiot flamed me on Usenet for using "}" instead of "" as 
the quoting character.)


--Adam

-- 
--
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693
[EMAIL PROTECTED]

RE: Newbie help: qmail as a relay gateway

[Leonard Tulipan]

Yes, thank you, I have been looking thru that but since I don't know what my
config is called, I don't know what to look at.
I'm totally at loss, because I have never before configured a mail server.

Just a short:

do FAQ X.Y
then install Package/Software Z
then do FAQ A.B
check everything is working
enjoy

That's what I have been hoping for.

Thank you for your time
Ciao
Leo

 -Original Message-
 From: Robin S. Socha [SMTP:[EMAIL PROTECTED]]
 Sent: Friday, August 04, 2000 1:26 PM
 To:   Leonard Tulipan
 Subject:  Re: Newbie help: qmail as a relay gateway
 
 * Leonard Tulipan [EMAIL PROTECTED] writes:
  If you can point me to the correct URLS or Steps I have to do, I'd be
 more
  than grateful, for I have been assigned this project without really
 knowing
  anything.
 
 Have you checked /var/qmail/doc ? Read the FAQ and check the PICs. And:
 you cannot have both qmail and sendmail run at the same time.
 -- 
 Robin S. Socha http://socha.net/

Re: Mailing list performance

[Dave Sill]

"P.Y. Adi Prasaja" [EMAIL PROTECTED] wrote:

On Thu, Aug 03, 2000 at 08:14:32AM -0400, Dave Sill wrote:
 
 He apparently confused incoming concurrency with outgoing
 concurrency. Luckily, Postfix defaults to 50, so the results are still 
 valid.

Then you wrong either :-)

No, I'm not wrong. If you're going to "correct" someone, please check
your facts first.

From http://postfix.cloud9.net/rate.html:

  The default_process_limit parameter (default: 50) gives direct
  control over inbound and outbound delivery rates. This parameter
  controls the number of concurrent processes that implement a Postfix 
  service (smtp client, smtp server, local delivery, etc.)

It says 50, not 10.

Default _maximum_ concurrency is 10,

Perhaps you're thinking of  default_destination_concurrency_limit?
That's the *per destination* limit, not the overall concurrency limit.

Even though the author increase the number at master.cf, say 1000 (as
I said that it has nothing todo with concurrency, neither incoming nor
outgoing, beside the fact that there are no _incoming/outgoing_
concurrency in postfix, the number is for differrent purpose).
then the concurrency still be limited to 10 and will started at 5,
etc... etc...

Either you're wrong or the documentation on the web is wrong. I don't
care enough to determine which is the case. Here is what the web docs
say:

From http://postfix.cloud9.net/rate.html:

  You can override [default_process_limit] for specific Postfix
  daemons by editing the master.cf file. For example, if you do not
  wish to receive 50 SMTP messages at the same time, you could
  specify:

 
  # ==
  # service type  private unpriv  chroot  wakeup  maxproc command + args
  #   (yes)   (yes)   (yes)   (never) (50)
  # ==
  . . .
  smtp  inet  n   -   -   -   5   smtpd
  . . .

-Dave

RE: Newbie help: qmail as a relay gateway

[Greg Owen]

Install qmail as described in INSTALL.

For each domain you want to receive mail for:

1) Put that domain name in /var/qmail/control/rctphosts

2) Put domain.com:[w.x.y.z] in /var/qmail/control/smtproutes, where w.x.y.z
is the IP address of your internal exchange server.

3) Make sure that none of these domains are listed in
/var/qmail/control/locals, or the mail will not make it to Exchange.

4) If you will also send mail from the bastion host directly, modify
defaultdomain and defaulthost to your taste (man qmail-control will tell you
where to find more info on them).

These steps will set up inbound relay for your domains; the internet
sends mail to qmail, and qmail forwards it all to Exchange.

To allow Exchange to relay out through the machine,  follow the
selective relaying instructions at
http://www.palomine.net/qmail/selectiverelay.html.

-- 
gowen -- Greg Owen -- [EMAIL PROTECTED] 

Re: How I can turn off delivery for user ?

[Dave Sill]

Kornyakov Yevgeny  [EMAIL PROTECTED] wrote:

I use procmail, and if "| preline procmail" line is exist in the .qmail
file, I get two identical letters.
First letter from qmail delivery
Second letter from procmail delivery
I need use only procmail delivery.

If the only line in the .qmail file is "|preline procmail", you'll
only get one copy.

-Dave

RE: maildirmake

[Dave Sill]

"Eddie Greer" [EMAIL PROTECTED] wrote:

thanks for responding.  The answer that I am trying to find is whether the
maildirmake command creates a file of any sort that keeps track of the
mailboxes.

No, maildirmake makes a maildir. That's all; nothing else.

We changed someone's mailbox,

What do you mean by that? Exactly what did you change?

and copied the new current and tmp
directories into their mailboxes but qmail did not redirect their mail (even
after we did the maildirmake and specified their new home directory).

qmail won't redirect their mail until you tell it to via a .qmail file 
or defauldelivery specification on the qmail-start command line.

I am
hoping that their is a way to modified a user home directory and Maildir
folder without recreating the user from scratch.

There's *never* a need to recreate a user from scratch under UNIX.

-Dave

Re: update Re: help - qmail rejecting mail. no mailbox here by that name

[Dave Sill]

J [EMAIL PROTECTED] wrote:

I changed the alias to:
.qmail-joe:bob  

with the contents:  bobj

I restarted all qmail daemons.. and unfortunatly I
still get the "no mailbox here by that name".

Any other sugguestions?

No, that ought to work--assuming bobj is a valid mail user. For
example:

root@sws5# cd ~alias
root@sws5# echo ./joebob .qmail-joe:bob
root@sws5# echo To: joe.bob |qmail-inject
root@sws5# cat joebob 
From [EMAIL PROTECTED] Fri Aug 04 12:29:17 2000
Return-Path: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 525673 invoked by uid 0); 4 Aug 2000 12:29:17 -
Date: 4 Aug 2000 12:29:17 -
Message-ID: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]

-Dave

domain splitting

[Sheer El-Showk]

Hi I'm posting this on several mail-related newsgroups to try to get as
much information as I can I hope no one regards this as a spam:

I would like to host mail for a single domain (ie all users should be
[EMAIL PROTECTED]) on several (geographically distributed) machines,
with users in each area receiving their mail at the local mail sever.  The
hard part is, as bandwidth is a limiting issue, I don't want all the mail
to be forwarded through a single host (eg if user1 at location A is
sending a 5 MB attachement to user2 at location B, I don't want that to
have to bounce off some central mail sever at location C).  This means
that all the mail servers serve the same domain name but have to be
distinguishable (via DNS or sonmething sendmail does) by users served.

It seems to me that this must be do-able since AOL and other large
multinationals can't have all their mail go through some central
hub.  However since DNS won't resolve different hosts according to user
name (since it knows nothing about the user sending/receiving the
mail) the SMTP protocol must have some way of routing beyond DNS (ie so we
can have one mail server which tells outside mail servers which
internal mail server to send a particular message to accorind to user name
-- without actually receiveing the message proper itself).  This would
require some kind of pre-sending negotiation between mail servers.  Is
such a thing possible?

Does any of what I've said make sense to anybody, and if so can you clue
me in on how to do this (or where to look to find out more).  

I've found some stuff about using qmail + PH that looks like it might be
what I'm looking for (its a user address table thing that works with mail
daemons) -- does anyone know more about this.

Thank a lot in advance,
Sheer

Re: Anti Virus

[Robin S. Socha]

* Paul Schinder [EMAIL PROTECTED] writes:

This is all grossly off topic. I suggest taking this thread off the
list ASAP and apologize for the inconvenience caused by my unnecessary
rudeness.

[my complaint about overhead through uncropped quotes]
 Does anyone else see what he's complaining about?  I've read this
 thread using MacOS Eudora, and just looked at one of the messages with
 mutt, and I see nothing out of the ordinary.

Because I reformatted his mail according to age-old standards. In short,
it boils down to the following:

· your text goes below the quoted text;

· trim and if necessary reformat malformed quotes to the absolute
  minimum, using "[...]" where necessary;

· a line ends at 80 charactes max.;

· no HTML, format-fla^Hwed, or similar "enhancements" on mailing lists -
  ASCII only;

· an attribution line is 1 (one) line;

· sigdashes are "-- " (aka dash, dash, blank RET - you, Paul, are missing
  the blank, rendering the whole thing useless for both my address book
  (which is aimed at snarfing information from signatures) and my email
  setup that automatically nukes signatures in replies);

 (Reminds me of the time some idiot flamed me on Usenet for using "}"
 instead of "" as the quoting character.)

Might as well have been me. "" is for quoted text in a reply, "|" is
for quotes from external sources. Using non-standard conformant quote
strings breaks many editors in the way that text cannot be automatically
reformatted to fit the "80 char per line" limit. It's nice and dandy
that you can do loads of things you might think funny with your MUA -
but it does not really mean you *have* to do them, right? I mean, I
could do quoted-printable, text-enriched text with nested citations and
a 10 line "attribution line". It's all here and I could even encode it
according to some arcane standards. But it would annoy you just as much
as mindless use of toys like Outlook annoys me (and AFAICS the majority
of technically-minded users all over the Net). Rationale: some people
actually pay for download. Full quotes with HTML make an email
significantly bigger than necessary (like, 5 times per average) without
buying the reader anything. All it takes is a little thoughtfulness on
behalf of the users of inferior (or badly set up) software (cf. my sig
for a good tool). Is that asked too much, Paul?
-- 
Robin S. Socha http://socha.net/Gnus/

trouble

[Sumith Ail]

Hi All

I've installed qmail+patches from source rpms on my RH
6.2 1386 linux box from Bruce Guenter source
distribution

1. daemontools 70-1
2. ucpspi-tcp-0.88-1
3. supervise-scripts-2.4
4. qmail-1.03+patches-14

Everythings fine but the smtp server takes a long time
to initialize..like when I telnet to port 25 on my
localhost...the 220 host.domain.com ESMTP appears but
after a long time.

Has anybody experienced such a problem and was able to
solve this...

Thanx in advance

- Sumith

__
Do You Yahoo!?
Kick off your party with Yahoo! Invites.
http://invites.yahoo.com/

RE: trouble

[Greg Owen]

 Everythings fine but the smtp server takes a long time
 to initialize..like when I telnet to port 25 on my
 localhost...the 220 host.domain.com ESMTP appears but
 after a long time.
 
 Has anybody experienced such a problem and was able to
 solve this...

Your tcpserver invocation is probably trying to get IDENT info,
which is the default.  This times out after 26 seconds or so.  Put '-R' into
your tcpserver command line and the lag goes away, or open up port 113 on
the firewall to allow IDENT traffic to freely flow.

From http://cr.yp.to/ucspi-tcp/tcpserver.html:

-r: (Default.) Attempt to obtain $TCPREMOTEINFO from the remote host. 
-R: Do not attempt to obtain $TCPREMOTEINFO from the remote host. To avoid
loops, you must use this option for servers on TCP ports 53 and 113. 

-- 
gowen -- Greg Owen -- [EMAIL PROTECTED] 

RE: Anti Virus

[Brett Randall]

 Because I reformatted his mail according to age-old standards. In short,
 it boils down to the following:

Some ideas for the list and it turns to this? Any voters to return to the
topic of how to stop our users getting virii attacks?

Thanks for opinions, defences, and updates on the latest netiquette.

Brett.

Manager
InterPlanetary Solutions
http://ipsware.com/

Qmail-Spawn

[Slider]

Can anyone reflect a little light as to why I might be getting this error??

965396867.707127 delivery 8637: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)/
965396867.707147 status: local 41/120 remote 0/20
965396867.707234 delivery 8638: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)/
965396867.707255 status: local 40/120 remote 0/20
965396867.707636 delivery 8639: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)/
965396867.707656 status: local 39/120 remote 0/20
965396867.707671 delivery 8640: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)/
965396867.707690 status: local 38/120 remote 0/20
965396867.707803 delivery 8641: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)

Thanks

Slider

Re: Anti Virus

[Michael T. Babcock]

I beg you to cite the place where this list abides by these "Age-old
standards".
I've cited some standards about mailing lists to people before -- but
usually along the lines of "don't quote 100 lines and give only 1 of your
own" or "don't use 10 line signatures".  I don't complain about whether my
mail reader is only intelligent enough to recognise "-- " as a leader to a
signature instead of "--" or "- Michael" ...  That, and I much prefer to put
my statements above the quoted text if my statement deals with the entirety
of the comment (not just segments, as yours was), so that anyone following
the list can quickly read what I have to say without scrolling.

- Original Message -
From: "Robin S. Socha" [EMAIL PROTECTED]


Because I reformatted his mail according to age-old standards. In short,
it boils down to the following:

[ MTB: available in archives: http://www-archive.ornl.gov:8000/ ]

Rationale: some people
actually pay for download. Full quotes with HTML make an email
significantly bigger than necessary (like, 5 times per average) without
buying the reader anything. All it takes is a little thoughtfulness on
behalf of the users of inferior (or badly set up) software (cf. my sig
for a good tool). Is that asked too much, Paul?

[ MTB: cf. http://cr.yp.to/sarcasm/modest-proposal.txt ]

qmail-pop3d problem

[kapil sharma]

Hi,
I have installed qmail-pop3d, checkpassword with qmail on redhat linux
6.2. I have entered the following lines in my "/etc/inetd.conf" file:

pop-3 stream tcp nowait root /var/qmail/bin/qmail-popup qmail-popup \
 foo.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir

I am able to connect to 110 port but unable to authenticate. Following
is the session:

telnet foo.com 110
Trying 202.54.67.72...
Connected to foo.com.
Escape character is '^]'.
+OK 15634.965386256@\
user naminfo
+OK
pass g
-ERR authorization failed
Connection closed by foreign host.

Please help

Re: Qmail-Spawn

[Russell Nelson]

Slider writes:
  Can anyone reflect a little light as to why I might be getting this error??

Bad karma??  Too many years spent in pubs downing a warm one??

  965396867.707127 delivery 8637: deferral:
  qmail-spawn_unable_to_create_pipe._(#4.3.0)/

This is almost always due to some kind of operating system limit.
Strace (truss in your case) is usually helpful.

-- 
-russ nelson [EMAIL PROTECTED]  http://russnelson.com  | If you think 
Crynwr sells support for free software  | PGPok | health care is expensive now
521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait until you see
Potsdam, NY 13676-3213  | +1 315 268 9201 FAX   | what it costs when it's free. 

RE: qmail-pop3d problem

[Brett Randall]

OK. First make sure that the Maildir is readable by the group and user that
will be using it, then make sure that the folder actually exists and that
the folders leading up to it (eg /home) are readableby all users. This was a
problem for me once. No guarantees but take a look...

Brett.


Manager
InterPlanetary Solutions
http://ipsware.com/


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Sent: Saturday, August 05, 2000 12:17 AM
 To: [EMAIL PROTECTED]
 Subject: qmail-pop3d problem


 Hi,
 I have installed qmail-pop3d, checkpassword with qmail on redhat linux
 6.2. I have entered the following lines in my "/etc/inetd.conf" file:

 pop-3 stream tcp nowait root /var/qmail/bin/qmail-popup qmail-popup \
  foo.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir

 I am able to connect to 110 port but unable to authenticate. Following
 is the session:

 telnet foo.com 110
 Trying 202.54.67.72...
 Connected to foo.com.
 Escape character is '^]'.
 +OK 15634.965386256@\
 user naminfo
 +OK
 pass g
 -ERR authorization failed
 Connection closed by foreign host.

 Please help

Re: domain splitting

[Russell Nelson]

Sheer El-Showk writes:
  I would like to host mail for a single domain (ie all users should be
  [EMAIL PROTECTED]) on several (geographically distributed) machines,
  with users in each area receiving their mail at the local mail sever.  The
  hard part is, as bandwidth is a limiting issue, I don't want all the mail
  to be forwarded through a single host (eg if user1 at location A is
  sending a 5 MB attachement to user2 at location B, I don't want that to
  have to bounce off some central mail sever at location C).  This means
  that all the mail servers serve the same domain name but have to be
  distinguishable (via DNS or sonmething sendmail does) by users served.

Qmail lets you implement this using virtualdomains.  You can
virtualize a domain on a per-use basis.  So tell the qmail running at
location A that [EMAIL PROTECTED] is actually [EMAIL PROTECTED]

Unfortunately, both sites A and B have to be running qmail and must be 
configured with the user table.  There's no global way to do what you
want.  I suggest that you colocate the central mail server somewhere
where there's plenty of bandwidth, and configure it with the user table.

-- 
-russ nelson [EMAIL PROTECTED]  http://russnelson.com  | If you think 
Crynwr sells support for free software  | PGPok | health care is expensive now
521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait until you see
Potsdam, NY 13676-3213  | +1 315 268 9201 FAX   | what it costs when it's free. 

Re: Qmail-Spawn

[Fernando Almeida]

I would like to known WHAT is qmail-spawn too... :-)


Slider wrote:

 Can anyone reflect a little light as to why I might be getting this error??

 965396867.707127 delivery 8637: deferral:
 qmail-spawn_unable_to_create_pipe._(#4.3.0)/
 965396867.707147 status: local 41/120 remote 0/20
 965396867.707234 delivery 8638: deferral:
 qmail-spawn_unable_to_create_pipe._(#4.3.0)/
 965396867.707255 status: local 40/120 remote 0/20
 965396867.707636 delivery 8639: deferral:
 qmail-spawn_unable_to_create_pipe._(#4.3.0)/
 965396867.707656 status: local 39/120 remote 0/20
 965396867.707671 delivery 8640: deferral:
 qmail-spawn_unable_to_create_pipe._(#4.3.0)/
 965396867.707690 status: local 38/120 remote 0/20
 965396867.707803 delivery 8641: deferral:
 qmail-spawn_unable_to_create_pipe._(#4.3.0)

 Thanks

 Slider

--
_
Fernando Costa de Almeida
ICQ - 72293951

Re: Qmail-Spawn

[Magnus Bodin]

On Fri, Aug 04, 2000 at 02:56:10PM +0100, Slider wrote:
 
 
 Can anyone reflect a little light as to why I might be getting this error??
 
 965396867.707127 delivery 8637: deferral:
 qmail-spawn_unable_to_create_pipe._(#4.3.0)/

One of the few errors I've covered in my brief error guide ;-)

http://x42.com/qmail/error/#spawnpipe

/magnus

--
http://x42.com/

Re: Anti Virus

[Michael T. Babcock]

- Original Message -
From: "Robin S. Socha" [EMAIL PROTECTED]


 So you are basically advocating running a piece of exremely expensive
 software with a mixed track record of functionality, running on an
 unstable, expensive and insecure operating system for production
 services?
 [ ... ]
 So, you're not only running an unstable OS but also an extremely
 flaky, bug-ridden MTA, and you actually have this setup connected to
 the internet. May I ask what your company is worth *to you*?

Sometimes its not their choice, you do realise.  It might be that any tech
that decides to change operating systems gets fired.  That happens.  Deal
with the question at hand, please.

 It's more up to one's TCO calculations, isn't it? So, you're not only
 running an unstable OS but also an extremely flaky, bug-ridden MTA, have
 this setup connected to the internet, but also throw in more money to
 buy unneeded functionality that is likely to introduce more bugs. Can
 you explain your rationale, please?

They have no need to justify their rationale to you.  You don't matter to
their corporation in all likelihood.  In that light, maybe you could have
stuck to answering what was asked?

 Wow, we're finally back on topic... *sigh*

The previous part of the message was to satisfy those folks who always say
'give us more detail about your setup' (like me).

Incidentally, I dislike NT, Microsoft Outlook and Exchange as much as you
probably do.

 I've said it once and I'll say it again: anti-virus software is snake
 oil. Under certain circumstances, it will buy you exactly nothing. Had I
 sent you ILOVEYOU the moment I got it, you would have been fucked. Real
 bad. Maybe your filter would have caught it, but who knows?

No, its not snake-oil.  Its just not perfect.  The anti-virus software
companies, by necessity, need to analyse a virus before they can add the
signature to their software.  That usually requires that the virus be "in
the wild" for some period of time first.  However, I've had client machines
come in with dozens of viruses -- usually some combination of Stoned or
Monkey with a few other oldies.  These are all caught by modern anti virus
software and thus it _should_ be installed on machines.  McAfee VirusScan
for workstations is only $15 (cost).

I don't classify that as snake-oil
--
Michael T. Babcock
CTO, FibreSpeed

RE: Anti Virus

[Slider]

Well,

I think we should keep the topic!

There are alot of inexperienced users out there like myself who are rather
interested in this topic!

Slider


 Because I reformatted his mail according to age-old standards. In short,
 it boils down to the following:

Some ideas for the list and it turns to this? Any voters to return to the
topic of how to stop our users getting virii attacks?

Thanks for opinions, defences, and updates on the latest netiquette.

Brett.

Manager
InterPlanetary Solutions
http://ipsware.com/

Re: qmail-spawn

[Magnus Bodin]

On Fri, Aug 04, 2000 at 11:20:38AM -0300, Fernando Almeida wrote:
 I would like to known WHAT is qmail-spawn too... :-)

qmail-spawn is either qmail-lspawn or qmail-rspawn, as they both share the
code in spawn.c where this error message lives and prospers. 

/magnus

--
http://x42.com/

concurrencyremote up to 500

[Ricardo Albano]

Hello,I'm trying to get qmail running in a 
Solaris 7 box and get up to 500 qmail-remote proccesses at the same time, I do 
the following steps :

1. Before compiling qmail-1.03 I applyed the 
big concurrency patch
2. Set conf-spawn to 500 in the qmail source 
tree
3. make setup check
4. echo 500  
/var/qmail/control/concurrencyremote
5. Get it running!.

But I noticed that the maximun number of 
qmail-remote procs is 30 !
My box is a high traffic outbound smtp server 
and 30 qmail-remote procs. is very poor. the same steps I do in a Linux box 
and get 500 qmail-remote without any problem

Any Idea ???

This is possible relationed with a per user/max 
procs in Solaris or any like this ?

Thank you.
RDA.-

RE: Anti Virus

[Brett Randall]

OK I wasn't planning on continuing my argument but since others are for me!
...

 Incidentally, I dislike NT, Microsoft Outlook and Exchange as much as you
 probably do.

I dislike them as well. All our servers are transitioning to linux/openbsd
EXCEPT for this one virus-scanning machine. Virtually a day after the "I
Love you" virus was realised, Norton had a fix for it and liveupdate
automatically updated it on our server. This change was propogated to every
client in the building, as well as used in scanning of e-mails. Luckily this
prestigous event happened largely on a weekend and so the few e-mails which
got through the server were then killed on Monday when the user went to read
their e-mail...We have stopped countless hundreds of this virus, and tens of
thousands of other virii with this firewall-style approach.

 come in with dozens of viruses -- usually some combination of Stoned or
 Monkey with a few other oldies.  These are all caught by modern anti virus
 software and thus it _should_ be installed on machines.  McAfee VirusScan
 for workstations is only $15 (cost).

Totally agreed with. You can't always catch the latest and greatest virii
with virus scanning software and yes killing every binary attachment is an
approach to removing the possibility altogether, but in many cases that is
just not an option. Killing script files, ok...can understand that. Less
impact on working habits, 95% agree with it. I trust stuff I pay for more
than free, open source scripting efforts. Just a peace-of-mind. Norton are
not overly bloated. Lotus' Notes is, to some extent, bloated, but we have
been using it for the last couple of years with thousands of e-mails coming
through and being scanned daily and have had no obvious problems thus far...

Brett.

Manager
InterPlanetary Solutions
http://ipsware.com/


 -Original Message-
 From: Michael T. Babcock [mailto:[EMAIL PROTECTED]]
 Sent: Saturday, August 05, 2000 12:36 AM
 To: qmail list; Robin S. Socha
 Subject: Re: Anti Virus


 - Original Message -
 From: "Robin S. Socha" [EMAIL PROTECTED]

Re: using fetchmail on qmail machine

[Vincent Danen]

On Fri, Aug 04, 2000 at 12:34:27AM -0400, Peter Green wrote:

  Can someone let me know if the adding localhost to control/locals is
  the "normal" behaviour?  I think a lot of people would like to use
  qmail as their own MTA instead of sendmail or postfix, so knowing
  this would be of great help to me.
 
 I don't know if it's the ``normal'' behavior, but I have localhost in my
 control/locals with the identical setup to you.

That's the only way I could get qmail to deliver the mail that
fetchmail was sending it.  FYI, I'm now looking at maildrop as
opposed to procmail...  should be interesting... =)

-- 
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
// Danen Consulting Serviceswww.danen.net, www.freezer-burn.org
// MandrakeSoft, Inc.   www.linux-mandrake.com
1024D/FE6F2AFD   88D8 0D23 8D4B 3407 5BD7  66F9 2043 D0E5 FE6F 2AFD

Current Linux uptime: 20 hours 33 minutes.

Re: using fetchmail on qmail machine

[Vincent Danen]

On Fri, Aug 04, 2000 at 10:37:03PM +1200, Chris, the Young One wrote:

 ! I don't know if it's the ``normal'' behavior, but I have localhost in my
 ! control/locals with the identical setup to you.
 
 $ grep localhost /var/qmail/control/locals
 localhost
 
 Yep, it's there. From a casual perusal of config.sh in the qmail package
 it can be seen that it calls a program to get the IP addresses of all
 interfaces, then puts their PTR lookups into control/locals.
 
 Unless you lack a loopback interface :-) I believe that localhost should
 be in control/locals, at least by default.

Hmmm...  it never put it in mine...  wierd.  Oh well, now I know that
this is "normal".  Thanks!

-- 
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
// Danen Consulting Serviceswww.danen.net, www.freezer-burn.org
// MandrakeSoft, Inc.   www.linux-mandrake.com
1024D/FE6F2AFD   88D8 0D23 8D4B 3407 5BD7  66F9 2043 D0E5 FE6F 2AFD

Current Linux uptime: 20 hours 34 minutes.

Re: Unable to create pipe

[Brett Randall]

This was posted here just a few hours ago...look at it

Brett


Manager
InterPlanetary Solutions
http://ipsware.com/


-Original Message-
From: Magnus Bodin [mailto:[EMAIL PROTECTED]]
Sent: Saturday, August 05, 2000 12:25 AM
To: qmail list
Subject: Re: Qmail-Spawn


On Fri, Aug 04, 2000 at 02:56:10PM +0100, Slider wrote:


 Can anyone reflect a little light as to why I might be getting this
error??

 965396867.707127 delivery 8637: deferral:
 qmail-spawn_unable_to_create_pipe._(#4.3.0)/

One of the few errors I've covered in my brief error guide ;-)

http://x42.com/qmail/error/#spawnpipe

/magnus

--
http://x42.com/

Editing error messages

[Erich Zigler]

I was wondering if its possible to edit the error messages in qmail. And
what is the simplest way to do it?

For example, I want to change "This address is not in my rcpthosts" message
to something different.

-- 
Erich Zigler   Sr. System Administrator

Interesting how the need for substance in an unexamined life
often times leads to gulibility. -- Cornfed

Re: qmail-pop3d problem

[Chris, the Young One]

On Fri, Aug 04, 2000 at 07:47:27PM +0530, kapil sharma wrote:
! pop-3 stream tcp nowait root /var/qmail/bin/qmail-popup qmail-popup \
!  foo.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
[...]
! +OK 15634.965386256@\

Are you sure that ``\'' is an acceptible line continuation character?
qmail-popup seems to think that ``\'' is the host name, so maybe you
should just put everything on one line without using ``\''.

---Chris K.
-- 
 Chris, the Young One |_ but what's a dropped message between friends? 
  Auckland, New Zealand |_ this is UDP, not TCP after all ;) ---John H. 
http://cloud9.hedgee.com/ |_ Robinson, IV  
 PGP: 0xCCC6114E/0x706A6AAD |_ 

RE: qmail-pop3d problem

[Brett Randall]

 On Fri, Aug 04, 2000 at 07:47:27PM +0530, kapil sharma wrote:
 ! pop-3 stream tcp nowait root /var/qmail/bin/qmail-popup qmail-popup \
 !  foo.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
 [...]
 ! +OK 15634.965386256@\

 Are you sure that ``\'' is an acceptible line continuation character?
 qmail-popup seems to think that ``\'' is the host name, so maybe you
 should just put everything on one line without using ``\''.

The command line is interpreted by bash (I take it you are using bash)
before the program that is being called (try typing some nonexistant command
followed by a '\' and there will be no error) so qmail-popup won't even know
it existed.

Brett.


Manager
InterPlanetary Solutions
http://ipsware.com/

Re: Anti Virus

[Robin S. Socha]

* Michael T Babcock [EMAIL PROTECTED] writes:
 From: "Robin S. Socha" [EMAIL PROTECTED]

Michael,

I thought you were making sense when you suggested ending this thread in
PM. Unfortunately, I was wrong. So here goes...

 Deal with the question at hand, please.

,
| A+14  [Slider  ]:=Anti Virus
|  +20 [Robin S. Socha  ]:= - anomy for procmail
| A+41[Slider  ]:=
|  +20   [Robin S. Socha  ]:- 
|http://www.qmail.org/top.html#microsoft
|[...]
|  +59 Noel Mistula:=
| A+86[Brett Randall   ]:=
|  +128  [Robin S. Socha  ]:=
| A+14  [Adam McKenna]:=
| A+29 [Paul Schinder   ]:=
|  +55[Robin S. Socha  ]:=
|  +32   [Michael T. Babcock  ]:  - you are here
`

I presume you can see where you missed the point, Michael?

 I've said it once and I'll say it again: anti-virus software is
 snake oil. Under certain circumstances, it will buy you exactly
 nothing. Had I sent you ILOVEYOU the moment I got it, you would have
 been fucked. Real bad. Maybe your filter would have caught it, but
 who knows?

 No, its not snake-oil.  Its just not perfect.  

It is inherently snake-oilish. I would call my colleague in London an
experienced NT admin with a lot of common sense. He went "we've now got
4 virus scanners running, so we're safe". So I went "On your backup
mailserver, too? Cause some nasty buddy just DOS'ed your primary one."
So he went "AAARRR!!!1".

The problem is not the quality of the scanners, the frequency of your
updates, the speed with which updates are released or whatever. The
problem is the quality of MS Software. Windows is a disaster waiting
to happen. Brett advocated using an insecure OS with closed source
protection mechanisms to secure a production environment running an
operating system that is as secure as a bullet proof vest made of
NT-CDs.

Since the system cannot be secured, the threat must be eliminated. Either
by changing the OS or by nuking all attachments that are potentially
dangerous.

 The anti-virus software companies, by necessity, need to analyse a
 virus before they can add the signature to their software.  That
 usually requires that the virus be "in the wild" for some period of
 time first.  

Right. And you do remember how fast ILOVEYOU spread, don't you?

 However, I've had client machines come in with dozens of viruses --
 usually some combination of Stoned or Monkey with a few other oldies.
 These are all caught by modern anti virus software and thus it _should_
 be installed on machines.  McAfee VirusScan for workstations is only
 $15 (cost).

You're working around the problem. Ever wondered how come there are
no[1] viruses for Un*x?

 I don't classify that as snake-oil

You're as entitled to your personal opinion as everybody else. Too
bad it's beside the point since the OP wasn't interested in fixing
an infected system but preventing from viruses (or other dangerous
content) from entering his system. reply-to set accordingly.

Footnotes: 
[1]  Yes, there are three. But they don't exist.
-- 
Robin S. Socha http://socha.net/

Re: trouble

[Sean C Truman]

Your also might want to look into installing dnscache
http://cr.yp.to/djbdns/dnscache-1.00.tar.gz and have a local caching only
server running on the qmail machine.

Sean Truman

- Original Message -
From: Greg Owen [EMAIL PROTECTED]
To: Qmail List (E-mail) [EMAIL PROTECTED]
Sent: Friday, August 04, 2000 9:13 AM
Subject: RE: trouble


  Everythings fine but the smtp server takes a long time
  to initialize..like when I telnet to port 25 on my
  localhost...the 220 host.domain.com ESMTP appears but
  after a long time.
 
  Has anybody experienced such a problem and was able to
  solve this...

 Your tcpserver invocation is probably trying to get IDENT info,
 which is the default.  This times out after 26 seconds or so.  Put '-R'
into
 your tcpserver command line and the lag goes away, or open up port 113 on
 the firewall to allow IDENT traffic to freely flow.

 From http://cr.yp.to/ucspi-tcp/tcpserver.html:

 -r: (Default.) Attempt to obtain $TCPREMOTEINFO from the remote host.
 -R: Do not attempt to obtain $TCPREMOTEINFO from the remote host. To avoid
 loops, you must use this option for servers on TCP ports 53 and 113.

 --
 gowen -- Greg Owen -- [EMAIL PROTECTED]

Re: concurrencyremote up to 500

[Charles Cazabon]

Ricardo Albano [EMAIL PROTECTED] wrote:
 Hello,I'm trying to get qmail running in a Solaris 7 box and get up to 500
 qmail-remote proccesses at the same time, I do the following steps :
[...] 
 But I noticed that the maximun number of "qmail-remote procs" is 30 !  My
 box is a high traffic outbound smtp server and 30 qmail-remote procs. is very
 poor. the same steps I do in a Linux box and get 500 qmail-remote without
 any problem
[...] 
 This is possible relationed with a per user/max procs in Solaris or any like
 this ?

It is almost certainly a resource limit the system is imposing.  It may be
fds, or it could be something else.  What are you limits currently set to?
Have you tried changing them?  You seem to have diagnosed your own problem
here.

Charles
-- 
---
Charles Cazabon[EMAIL PROTECTED]
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
---

RE: qmail-pop3d problem

[Petr Novotny]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 5 Aug 00, at 1:49, Brett Randall wrote:

 The command line is interpreted by bash (I take it you are using bash)
 before the program that is being called (try typing some nonexistant
 command followed by a '\' and there will be no error) so qmail-popup
 won't even know it existed.

I beg to differ.

1. inetd doesn't support wrapped lines in /etc/inetd.conf. At least 
mine doesn't. It doesn't know about the second line at all.

2. inetd doesn't run the command through bash. Where did you 
hear that?

-BEGIN PGP SIGNATURE-
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOYraKVMwP8g7qbw/EQL2xgCfeWq+XgG/ESanEVRtMK5Yl8oHvEQAnRiK
hHXnlYyRwU1ygxyqrZ43yOMx
=HKTS
-END PGP SIGNATURE-
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
 [Tom Waits]

Re: concurrencyremote up to 500

[Ricardo Albano]

I can't imagine where to start the diagnostic, I think the problem is in the
OS Limit but I need some specific pointers to the problem to ask Sun
peoples.


Ricardo Albano [EMAIL PROTECTED] wrote:
 Hello,I'm trying to get qmail running in a Solaris 7 box and get up to
500
 qmail-remote proccesses at the same time, I do the following steps :
[...]
 But I noticed that the maximun number of "qmail-remote procs" is 30 !
My
 box is a high traffic outbound smtp server and 30 qmail-remote procs. is
very
 poor. the same steps I do in a Linux box and get 500 qmail-remote
without
 any problem
[...]
 This is possible relationed with a per user/max procs in Solaris or any
like
 this ?

It is almost certainly a resource limit the system is imposing.  It may be
fds, or it could be something else.  What are you limits currently set to?
Have you tried changing them?  You seem to have diagnosed your own problem
here.

Charles
--
---
Charles Cazabon[EMAIL PROTECTED]
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
---

Re: using fetchmail on qmail machine

[markd]

On Fri, Aug 04, 2000 at 09:27:00AM -0600, Vincent Danen wrote:
 On Fri, Aug 04, 2000 at 10:37:03PM +1200, Chris, the Young One wrote:
 
  ! I don't know if it's the ``normal'' behavior, but I have localhost in my
  ! control/locals with the identical setup to you.
  
  $ grep localhost /var/qmail/control/locals
  localhost
  
  Yep, it's there. From a casual perusal of config.sh in the qmail package
  it can be seen that it calls a program to get the IP addresses of all
  interfaces, then puts their PTR lookups into control/locals.
  
  Unless you lack a loopback interface :-) I believe that localhost should
  be in control/locals, at least by default.
 
 Hmmm...  it never put it in mine...  wierd.  Oh well, now I know that
 this is "normal".  Thanks!

Hmmm. I use fetchmail in one (admittedly simple) scenario and it doesn't
require localhost in control/locals


Regards.

RE: qmail-pop3d problem

[Brett Randall]

 I beg to differ.

 1. inetd doesn't support wrapped lines in /etc/inetd.conf. At least
 mine doesn't. It doesn't know about the second line at all.

 2. inetd doesn't run the command through bash. Where did you
 hear that?

My apologies : It is 2am over here and I forgot this is an inetd call, not
a tcpserver call!

Brett.


Manager
InterPlanetary Solutions
http://ipsware.com/

Re: concurrencyremote up to 500

[Charles Cazabon]

Ricardo Albano [EMAIL PROTECTED] wrote:
 It is almost certainly a resource limit the system is imposing.  It may be
 fds, or it could be something else.  What are you limits currently set to?
 Have you tried changing them?  You seem to have diagnosed your own problem
 here.

 I can't imagine where to start the diagnostic, I think the problem is in the
 OS Limit but I need some specific pointers to the problem to ask Sun
 peoples.

Try adding some ulimit calls to your qmail startup script.  `man ulimit`
for details.

Charles
-- 
---
Charles Cazabon[EMAIL PROTECTED]
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
---

Re: duplicating sendmail's virtusertable

[Ben Beuchler]

On Thu, Aug 03, 2000 at 11:05:47PM -0400, Sam Carleton wrote:

   I also need to change the from header from [EMAIL PROTECTED] to
   [EMAIL PROTECTED]  I am trying to stealth my user account because
   it is the only account able to su in as root.  I would prefer if folks
   do not know the user name on the account:)  (No, it isn't sam, that is
   simply my example g)
  
  Both of these can be accomplished using fastforward, available from
  http://www.qmail.org.
 
 I have installed fastforward and I am aliasing incoming mail from
 sam.carleton@domain to sam@domain, but I do not have a clue as to how to
 use fastforward to change the From: header on out going mail from
 sam@domain to sam.carleton@domain.  Can someone enlighten me?

My error.  I did not read your request carefully enough.  The "From: "
header is entirely under the control of your MUA (mutt, pine, mailx,
etc).  The envelope "from " header is controlled via your MTA (qmail, in
this case) and can be controlled either by using the sendmail wrapper
with a "[EMAIL PROTECTED]" or setting some environment variables
before calling qmail-inject.

Ben

-- 
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground   www.bitstream.net

Re-injecting complete messages

[Brett Randall]

Hi...I've been asked by a fellow sysadmin to reinject a number of complete
e-mails (containing every original header field and the body with the
standard one-line gap) into the mail system for delivery to their relevant
locations, both locally and remotely. What is the best way of doing this?
Thanks!

Brett.

Manager
InterPlanetary Solutions
http://ipsware.com/

Re: Editing error messages

[Ben Beuchler]

On Fri, Aug 04, 2000 at 10:28:27AM -0500, Erich Zigler wrote:

 I was wondering if its possible to edit the error messages in qmail.
 And what is the simplest way to do it?
 
 For example, I want to change "This address is not in my rcpthosts"
 message to something different.

They are hard-coded.  Edit the code at your own risk.

Ben

-- 
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground   www.bitstream.net

Re: Editing error messages

[Robin S. Socha]

* Erich Zigler [EMAIL PROTECTED] writes:

 I was wondering if its possible to edit the error messages in qmail. And
 what is the simplest way to do it?

Grab an editor and UTSL.

 For example, I want to change "This address is not in my rcpthosts"
 message to something different.

That'd be qmail-(s|q)mtpd.c - but why would you want to do that?
-- 
Robin S. Socha http://socha.net/

Re: Anti Virus

[Robin S. Socha]

* Brett Randall [EMAIL PROTECTED] writes:
 OK I wasn't planning on continuing my argument but since others are for me!

I'm still against you, Brett, so let's see how far we'll get... ]:-

 Incidentally, I dislike NT, Microsoft Outlook and Exchange as much as
 you probably do.

 I dislike them as well. All our servers are transitioning to
 linux/openbsd EXCEPT for this one virus-scanning machine. 

Interestingly, this will leave this one machine open to attacks against the
OS itself. Strange notion of security. You could be running TrendMicro's
viruswall or [insert AV-vendor] stuff on various flavours of Un*x or Linux
as well.

 Virtually a day after the "I Love you" virus was realised, Norton had
 a fix for it and liveupdate automatically updated it on our server.

Literally one minute after I was informed about the problem via my
email2sms gateway (one of those things you'd call a "scripting effort"
monitoring various security MLs), I had remotely logged into our
mailserver and added a rule nuking all respective emails. Arguably, the
approach is different, but with the gaping holes in MS's security
"policy", chances are yet another script kiddy will find yet another
exploit soonish and it will not qualify as a virus again. Technically
speaking, BTW, ILOVEYOU was not a virus, anyway. Needless to say that
there are i18n versions of MS Office viruses that aren't caught by
American scanners...

 Luckily this prestigous event happened largely on a weekend and so the
 few e-mails which got through the server were then killed on Monday
 when the user went to read their e-mail... 

"Luckily"... how do you sleep at night, Brett, when an integral part of
your security policy relies on luck?

 We have stopped countless hundreds of this virus, and tens of thousands
 of other virii with this firewall-style approach.

Brett, I just talked to my firewall. She's a nice firewall, y'know, and
she's got a great sense of humour. But that carpet was quite expensive,
and I stronly advise you not to make such rude jokes again unless you
want to face punitive damages. Besides, a 19" rack biting a rug is just
plainly ridiculous.

 come in with dozens of viruses -- usually some combination of Stoned
 or Monkey with a few other oldies.  These are all caught by modern
 anti virus software and thus it _should_ be installed on machines.
 McAfee VirusScan for workstations is only $15 (cost).

 Totally agreed with. You can't always catch the latest and greatest
 virii with virus scanning software and yes killing every binary
 attachment is an approach to removing the possibility altogether, but
 in many cases that is just not an option. 

True. That's why you set up sandboxes in each department, running
Linux and StarOffice. For the unaware, StarOffice is a free, GPL'ed
(?)  Office Suite running on Windows and various Un*xoid OSes. Yes,
it's a little inconvenient to hop to another office to take a look at
an attachment. But it also makes you very angry at the people sending
them. Which is good.

 I trust stuff I pay for more than free, open source scripting efforts.

Ok, so on top of luck, you rely on trust. Then again, it's all that's
left to you, isn't it? While you can have an expert audit Open Source
Software, (closed source) commercial software has to be trusted. I
don't trust closed source software, and even less so if it comes from a
foreign country. Can you guarantee (100%) where Notes or Exchange or
whatever send your company's trade secrets? Does the word OPSEC ring a
bell? IT security isn't everything.

And, quite honestly, I don't like your condescending tone when you talk
about OSS. Calling OpenBSD or qmail "scripting efforts" is, well.. you
know, if MS ever released the Exchange code, and one were to compare it
to qmail's... oh, well...

 Just a peace-of-mind.

Then why are you running qmail? You /are/ running qmail, aren't you?

 Norton are not overly bloated. Lotus' Notes is, to some extent,
 bloated, but we have been using it for the last couple of years with
 thousands of e-mails coming through and being scanned daily and have
 had no obvious problems thus far...

Notes Server has had some bugs that qualify as lethal. And they weren't
fixed nearly as quickly as those in, say, sendmail. What makes you
recommend software with a bad track record in security on a ML for the
most secure mailserver there is?
-- 
Robin S. Socha http://socha.net/

Bah!

[Holborn BongMiester]

Hi all,

I've finally got my arse around to using tcpserver.
 
Well I say using, more like installing and then ripping my hair out.
 
Is there any _useful_ documentation, with some examples out there
on how to use it? I saw one snippet that mentioned it goes in inetd.conf
If so what the bleeding point?? I'd rather be using FreeBSD's improved
tcp_wrappers than using them and having to use tcpserver within it.
 
I'm mainly going to it becuase of the god awful RELAYCLIENT hack to 
allow a few hosts to use me as a smarthost (instead of a more sane
/var/qmail/control file that allows named ip's to connect).
 
Yours close to another MTA,
 
D.

Re: Editing error messages

[Bryan Ischo]

"Robin S. Socha" [EMAIL PROTECTED] writes:

 * Erich Zigler [EMAIL PROTECTED] writes:
 
  I was wondering if its possible to edit the error messages in qmail. And
  what is the simplest way to do it?
 
 Grab an editor and UTSL.
 
  For example, I want to change "This address is not in my rcpthosts"
  message to something different.

 That'd be qmail-(s|q)mtpd.c - but why would you want to do that?

I am sure Erich can answer for himself, but may I posit one possible
reason:

The people who read bounce mails are typically those who sent it, which,
99% of the time, is a person who is completely unfamiliar with mail
systems.

To them, something like, "You cannot sent mail to that site using this
mail server", or somesuch, would be less confusing and more personable.

Just a thought.

On the flip side, as soon as the word "rcpthosts" leaves a user's
mouth, I am pretty sure I know exactly what the problem is.

Bryan

-- 


p l u m b d e s i g n 
 
Bryan Ischo | Software Developer 
157 chambers st ny ny 10007
p.212-285-8600 x233 f.212-285-8999

terminology (was Re: duplicating sendmail's virtusertable)

[Chris, the Young One]

``The "From: " header'' and ``The envelope "from " header''---I knew I
was confused the first time I read the message...

On Fri, Aug 04, 2000 at 11:22:12AM -0500, Ben Beuchler wrote:
! My error.  I did not read your request carefully enough.  The "From: "
! header is entirely under the control of your MUA (mutt, pine, mailx,
! etc).

The address listed in the From field is what I call the header sender.
There could be a different official name for it though.

!The envelope "from " header is controlled via your MTA (qmail, in
! this case) and can be controlled either by using the sendmail wrapper
! with a "[EMAIL PROTECTED]" or setting some environment variables
! before calling qmail-inject.

That's what I (and most people I know of) call the envelope sender, and
it does not appear in the header (unless your mailer puts it into the
Return-Path field, but it's not an obligatory behaviour).

The other thing that should be clarified is that there is _one_ header
in a message, consisting of one or more fields. For more definitions,
see http://cr.yp.to/immhf/header.html.

---Chris K.
-- 
 Chris, the Young One |_ Never brag about how your machines haven't been 
  Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's 
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of 
 PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider 

Re: Anti Virus

[Steve Wolfe]

  I dislike them as well. All our servers are transitioning to
  linux/openbsd EXCEPT for this one virus-scanning machine.

 Interestingly, this will leave this one machine open to attacks against
the
 OS itself. Strange notion of security.

  Well, in a world devoid of any other security mechanisms, perhaps.  But
it's perfectly easy to simply deny all traffic to the machine not related to
SMTP, at the router, firewall, and on the machine itself.  It's hard to
exploit something on the machine if your packets never get there.

  I trust stuff I pay for more than free, open source scripting efforts.

  Well, it's sixes.  Some commercial software is well-written, a lot isn't.
Some open-source software is well-written, I've found a lot that's not.  It
all comes down to the individual package.

steve

Re: Bah!

[Ben Beuchler]

On Fri, Aug 04, 2000 at 05:45:06PM +0100, Holborn BongMiester wrote:

 I've finally got my arse around to using tcpserver.
  
 Well I say using, more like installing and then ripping my hair out.
  
 Is there any _useful_ documentation, with some examples out there
 on how to use it? I saw one snippet that mentioned it goes in inetd.conf
 If so what the bleeding point?? I'd rather be using FreeBSD's improved
 tcp_wrappers than using them and having to use tcpserver within it.
  
 I'm mainly going to it becuase of the god awful RELAYCLIENT hack to 
 allow a few hosts to use me as a smarthost (instead of a more sane
 /var/qmail/control file that allows named ip's to connect).

You have a very charming way of asking for help.  Also of not reading
readily and freely available documentation.

Start with the home page for ucspi-tcp.  Documents every option of every
program in the package.

http://cr.yp.to/ucspi-tcp.html

If that is too obtuse for you, try David Sill's excellent "Life With
qmail", linked to from the qmail.org page.

http://web.infoave.net/~dsill/lwq.html

If you find that too difficult, follow some of the other links
concerning "anti-relaying" from the qmail.org page.  There are several.
All of which offer complete descriptions for setting up tcpserver.

If you still can't figure it out, hire a 12 year old.

Ben

-- 
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground   www.bitstream.net

Re: Anti Virus

[Chris, the Young One]

On Sat, Aug 05, 2000 at 01:13:05AM +1000, Brett Randall wrote:
!  I trust stuff I pay for more
! than free, open source scripting efforts. Just a peace-of-mind.

This reminds me of http://www.ultraviolet.org/treed/lam.txt. :-)

---Chris K.
-- 
 Chris, the Young One |_ Never brag about how your machines haven't been 
  Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's 
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of 
 PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider 

Re: Editing error messages

[Erich Zigler]

On Fri, Aug 04, 2000 at 12:40:14PM -0400, Bryan Ischo wrote:

 The people who read bounce mails are typically those who sent it, which,
 99% of the time, is a person who is completely unfamiliar with mail
 systems.

Your actually quite right.

 To them, something like, "You cannot sent mail to that site using this
 mail server", or somesuch, would be less confusing and more personable.

Actually we use vpopmail's roaming users. So if they dont check their email
beforehand they cannot use us as a relay. We get many calls from angry
customers and employees because all they see in the current error message is 
"You cant send mail."

 On the flip side, as soon as the word "rcpthosts" leaves a user's
 mouth, I am pretty sure I know exactly what the problem is.

Yeah, but in my opinion I dont want to hear of those calls in the first
place. =)

-- 
Erich Zigler   Sr. System Administrator

Re: using fetchmail on qmail machine

[Vincent Danen]

On Fri, Aug 04, 2000 at 09:03:07AM -0700, [EMAIL PROTECTED] wrote:

   Unless you lack a loopback interface :-) I believe that localhost should
   be in control/locals, at least by default.
  
  Hmmm...  it never put it in mine...  wierd.  Oh well, now I know that
  this is "normal".  Thanks!
 
 Hmmm. I use fetchmail in one (admittedly simple) scenario and it doesn't
 require localhost in control/locals

Do you have fetchmail sending to procmail or something?  I have
fetchmail sending it to port 25 on the local machine (ie. qmail) so
qmail still has to do the delivering to my maildirs.  Are you maybe
sending it to something other than port 25?

-- 
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
// Danen Consulting Serviceswww.danen.net, www.freezer-burn.org
// MandrakeSoft, Inc.   www.linux-mandrake.com
1024D/FE6F2AFD   88D8 0D23 8D4B 3407 5BD7  66F9 2043 D0E5 FE6F 2AFD

Current Linux uptime: 22 hours 10 minutes.

Re: Bah!

[Holborn BongMiester]

Ben Beuchler wrote:
 You have a very charming way of asking for help.  Also of not reading
 readily and freely available documentation.

Maybee I should of took a break and then asked. Dan's links on his main
page are hidden everywhere. I followed the 'installing tcpserver' and
also the other ucspi-tcp link and the info I got out of that was
untar and make. His INSTALL could do with a, for some examples and
further documnetaion go here...

 http://cr.yp.to/ucspi-tcp.html

Great! I'll go take a ganders.

 If that is too obtuse for you, try David Sill's excellent "Life With
 qmail", linked to from the qmail.org page.
 
 http://web.infoave.net/~dsill/lwq.html

I'm not too bad with qmail, it's just to get things to function b4 I
didnt need this tcpserver.

 If you find that too difficult, follow some of the other links
 concerning "anti-relaying" from the qmail.org page.  There are several.
 All of which offer complete descriptions for setting up tcpserver.

Sensible place to put it (as oppsed to 'installing tcpserver' :) But
thnks for the pointer.

 If you still can't figure it out, hire a 12 year old.

I guess I asked for that :) Been a bad day at work and I've been having
helll with tcpserver and pop3d and qmail-smtpd.

D.

RE: Bah!

[Hubbard, David]

I'd hire that 12 year old if he/she could tell me what the
damn status codes for tcpserver meant.  :-)  Seriously
though, those pages need some updates, I spent an hour or two
searching the archives of this list the other day to find
out the reason my post card cgi perl script needed to have
\r\n on the end of each of it's lines when constructing
the mail headers...  The only thing I had to search on
was the fact that my tcpserver was logging the undocumented
status=256 which seems to be spit out for multiple problems.

Dave

-Original Message-
From: Ben Beuchler
To: [EMAIL PROTECTED]
Sent: 8/4/00 12:53 PM
Subject: Re: Bah!


You have a very charming way of asking for help.  Also of not reading
readily and freely available documentation.

Start with the home page for ucspi-tcp.  Documents every option of every
program in the package.

http://cr.yp.to/ucspi-tcp.html

If that is too obtuse for you, try David Sill's excellent "Life With
qmail", linked to from the qmail.org page.

http://web.infoave.net/~dsill/lwq.html

If you find that too difficult, follow some of the other links
concerning "anti-relaying" from the qmail.org page.  There are several.
All of which offer complete descriptions for setting up tcpserver.

If you still can't figure it out, hire a 12 year old.

Ben

-- 
Ben Beuchler
[EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290
x101
Bitstream Underground
www.bitstream.net

Re: Bah!

[Ben Beuchler]

On Fri, Aug 04, 2000 at 06:14:39PM +0100, Holborn BongMiester wrote:

 I guess I asked for that :) Been a bad day at work and I've been having
 helll with tcpserver and pop3d and qmail-smtpd.

My apologies.  I'm a tad short-tempered myself.

Anyway, tcpserver is quite easy.  I found it preferable to inetd by a
long shot.  And having the tcp program do the IP based stuff makes
perfect sense as the stuff qmail sees is too easily forged.  It only has
envelope information to work from, after all.

As a peace offering, here's my tcpserver setup:

/usr/local/bin/tcpserver -R -c 80 -q -p -x /etc/smtprules/tcp.smtp.cdb \
 -u79 -g1003 0 smtp /var/qmail/bin/qmail-smtpd  21 

There are several other options, all well documented on the ucspi-tcp
page.  Of course, the -u and -g options need to be changed to match the
correct UID/GID on your box.  And the -x option needs to point to your
tcprules file, the format of which is documented on the tcprules page at
the ucspi-tcp site.

A typical line looks like this:

123.45.67.89:allow,RELAYCLIENT=""

Ben
-- 
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground   www.bitstream.net

patch to require helo before mail from

[Darrell Wright]

I have written a patch to force clients to say helo first.

 ahelocheck.diff

Problems w/ pop3

[Adam McKenna]

Some people where I work use pop3 at home and at work.  When they check their
mail from home, they are leaving the messages on the server.  The problem
happens when they get to work the next day.  Apparently, when using the old
pop3 server, messages they had already downloaded from home were marked
"read".  But now, with qmail-pop3d, they show up as "unread" when the people
come into work.

Anyone know why this problem happens?  I assume it is some POP3
feature/extension that qmail-pop3d doesn't support.  By the way, the people 
complaining are using Eudora.

--Adam

Re: Anti Virus

[Robin S. Socha]

* Steve Wolfe [EMAIL PROTECTED] writes:

[scanning for MS viruses under MS OSes]
 Well, in a world devoid of any other security mechanisms, perhaps.
 But it's perfectly easy to simply deny all traffic to the machine not
 related to SMTP, at the router, firewall, and on the machine itself.
 It's hard to exploit something on the machine if your packets never
 get there.

man gauntlet

  I trust stuff I pay for more than free, open source scripting efforts.

 Well, it's sixes.  Some commercial software is well-written, a lot
 isn't.  

I beg to differ. You simply cannot know if closed source commercial
software is well written. I may seem to work well, but you don't know
what's under the hood. Back in university, we had the NT 4.0 CD that we
installed on a spare computer for laughs. We had blocked it inside a
firewall. It sent two crypted emails. We let them free. They disappeared
behind a MSN firewall. We did not laugh.

 Some open-source software is well-written, I've found a lot that's
 not.  It all comes down to the individual package.

That's so true it's meaningless, I'd say. There is a lot of really bad
software available especially for Linux, true. But if you take a well
audited distribution (Jurix would be one) or stick to a core *BSD, you'll
find that the code base is excellent. It still remains to be shown how
you break into a bare-bones OpenBSD. I could not say that for a couple
commercial OSes. Bottom line: every system can be made insecure. But some
"packages" are secure by default. qmail springs to mind ;-) Stick to
those and you're fine.
-- 
Robin S. Socha http://socha.net/

Re: Bah!

[Robin S. Socha]

* Holborn BongMiester [EMAIL PROTECTED] writes:

 Is there any _useful_ documentation [for tcpserver], with some examples
 out there on how to use it? 

You've already been pointed to DJB's site. There also exists a tarball
with man pages at http://innominate.de/, compiled by G. Pape.

 I saw one snippet that mentioned it goes in inetd.conf If so what the
 bleeding point?? I'd rather be using FreeBSD's improved tcp_wrappers
 than using them and having to use tcpserver within it.

I don't think so. But go see for yourself. If you don't see the value of
this excellent software package, you probably don't need it.
-- 
Robin S. Socha http://socha.net/

Re: patch to require helo before mail from

[Scott Gifford]

"Darrell Wright" [EMAIL PROTECTED] writes:

 I have written a patch to force clients to say helo first.

Out of curiosity and not unpleasantness, why would one want such a
patch?  I've seen that sendmail has options to do the same thing, and
have never understood exactly what it accomplishes.

Thanks for any insight,

--ScottG.

sqwebmail qmail-pop3d ?

[Jens Georg]

hi,

i am running a small internet-server with several virtual domains and
i would like to install sqwebmail for my customers. the question is:
does qmail work together with /Maildir format and a running qmail-pop3d
or do i need the install vpopmail ? user should be able not open new
pop3 accounts; they should only read and write emails using the web.

-- 
regards,
jens
---
department computer science, university of dortmund
linux ... life's too short for reboots!

begin:vcard 
n:Georg;Jens
x-mozilla-html:FALSE
org:University of Dortmund, Germany;computer science
adr:;;
version:2.1
email;internet:[EMAIL PROTECTED]
x-mozilla-cpt:;0
fn:Jens Georg
end:vcard

What a mess...

[Goran Blazic]

Hi...

I have a problem for wich I haven't got a clue on where to start looking for
a possible sollution...
There is this company that wanted to have mails coming to their domain...
(slofit.si). Ok, no problem, a virtual mail domain... But no, they had to go
ask their internet provider first, and what they did is forward all mail for
this domain (slofit.si) into a single mailbox!?!.
So the company has been using this setup for some time (haven't got the
faintest idea for how long) and now they are asking me to fix this, but they
still want to use this single mailbox at their internet providers server.
They are using a dialup link, so I was thinking of setting up a qmail server
on a local machine and allowing mail from the local network to be relayed
outwards... This is all well, but what about the incoming mail?

My idea is: Get the mails from the mailbox and inject them into qmail... Is
this possible? I dont really have the time to test this and try it out, so I
hope someone will have some info for me...

Thanks, Goran

The documentation said to install Windows NT 4.0 or better - so I installed
Linux 2.2.13!

Re: What a mess...

[markd]

Sounds like a job for fetchmail unless the ISP offers ETURN services.

fetchmail connects to a remote POP server (so that it can slurp all
the mail for a single mailbox) and reinjects it into your local
mail system. It's not necessarily perfect depending on the ISPs
mail system (especially wrt retrieving envelope info) but it's
better than nothing if you have no choice.


Mark.

On Fri, Aug 04, 2000 at 08:22:13PM +0200, Goran Blazic wrote:
 Hi...
 
 I have a problem for wich I haven't got a clue on where to start looking for
 a possible sollution...
 There is this company that wanted to have mails coming to their domain...
 (slofit.si). Ok, no problem, a virtual mail domain... But no, they had to go
 ask their internet provider first, and what they did is forward all mail for
 this domain (slofit.si) into a single mailbox!?!.
 So the company has been using this setup for some time (haven't got the
 faintest idea for how long) and now they are asking me to fix this, but they
 still want to use this single mailbox at their internet providers server.
 They are using a dialup link, so I was thinking of setting up a qmail server
 on a local machine and allowing mail from the local network to be relayed
 outwards... This is all well, but what about the incoming mail?
 
 My idea is: Get the mails from the mailbox and inject them into qmail... Is
 this possible? I dont really have the time to test this and try it out, so I
 hope someone will have some info for me...
 
 Thanks, Goran
 
 The documentation said to install Windows NT 4.0 or better - so I installed
 Linux 2.2.13!
 

Re: What a mess...

[Darrell Wright]

I believe procmail does this.  I do not use it, but I remember reading it in
a document somewhere.  I would try there.

Darrell Wright
- Original Message -
From: "Goran Blazic" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, August 04, 2000 2:22 PM
Subject: What a mess...


: Hi...
:
: I have a problem for wich I haven't got a clue on where to start looking
for
: a possible sollution...
: There is this company that wanted to have mails coming to their domain...
: (slofit.si). Ok, no problem, a virtual mail domain... But no, they had to
go
: ask their internet provider first, and what they did is forward all mail
for
: this domain (slofit.si) into a single mailbox!?!.
: So the company has been using this setup for some time (haven't got the
: faintest idea for how long) and now they are asking me to fix this, but
they
: still want to use this single mailbox at their internet providers server.
: They are using a dialup link, so I was thinking of setting up a qmail
server
: on a local machine and allowing mail from the local network to be relayed
: outwards... This is all well, but what about the incoming mail?
:
: My idea is: Get the mails from the mailbox and inject them into qmail...
Is
: this possible? I dont really have the time to test this and try it out, so
I
: hope someone will have some info for me...
:
: Thanks, Goran
:
: The documentation said to install Windows NT 4.0 or better - so I
installed
: Linux 2.2.13!
:

Re: Problems w/ pop3

[Ben Beuchler]

On Fri, Aug 04, 2000 at 02:00:24PM -0400, Adam McKenna wrote:

 Some people where I work use pop3 at home and at work.  When they check their
 mail from home, they are leaving the messages on the server.  The problem
 happens when they get to work the next day.  Apparently, when using the old
 pop3 server, messages they had already downloaded from home were marked
 "read".  But now, with qmail-pop3d, they show up as "unread" when the people
 come into work.
 
 Anyone know why this problem happens?  I assume it is some POP3
 feature/extension that qmail-pop3d doesn't support.  By the way, the people 
 complaining are using Eudora.

I encountered the same problem.

qmail-pop3d does not support the (deprecated) LAST command.  Instead, it
generates a unique ID for each message which it sends in response to the
UIDL command.  This is supposed to be cached by the client and used to
figure out which messages it has already read.  The idea was to remove
the 'state' onus from the server and give it to the client.

No solution, realy.  Tell 'em if they want to leave mail on the server,
use a protocol designed for that, like IMAP.  Or find a client that
correctly implements the POP3 protocol.

Ben

-- 
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground   www.bitstream.net

Re: What a mess...

[Charles Cazabon]

Goran Blazic [EMAIL PROTECTED] wrote:
 
 I have a problem for wich I haven't got a clue on where to start looking for
 a possible sollution...
[...]
 My idea is: Get the mails from the mailbox and inject them into qmail... Is
 this possible? I dont really have the time to test this and try it out, so I
 hope someone will have some info for me...

Other people have mentioned fetchmail; that can work.  You might also try
my own 'fetchmail' -- it has support for domain mailboxes, and delivers
into Maildirs or mboxes.

Charles
-- 
---
Charles Cazabon[EMAIL PROTECTED]
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
---

Re: What a mess...

[Charles Cazabon]

Following up on my own reply, I wrote:
 
 You might also try my own 'fetchmail'...

Of course, I meant "my own 'getmail'".  My bad.

Charles
-- 
---
Charles Cazabon[EMAIL PROTECTED]
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
---

filter by subject and deliver elsewhere

[M.B.]

http://www.ornl.gov/its/archives/mailing-lists/qmail/2000/06/msg00284.html

The above link sends one to a script that filters based on subject.

It bounces the mail.  I, however, wish to instead forward this
email to an alternative Maildir.  How might I do that?

mike.


___
Why pay for something you could get for free?
NetZero provides FREE Internet Access and Email
http://www.netzero.net/download/index.html

Re: domain splitting

[Sheer El-Showk]

Thanks, but my real concern is that all the mail NOT go through a SINGLE
mail server (in terms of bandwithd).  If I do what you suggested
[EMAIL PROTECTED] still has to go through location A (the full message,
including attachements has to be received at that location) which means
that it becomes a bandwidth bottle-kneck (and since there will be many
locations all with very little bandwidth supporting a large organization
this can be a problem).  At least that's how I understand it -- if you
know some way that location A could tell the outside server just to route
directly to location B, that's what I'm really looking for (sort of a SMTP
user-based server resolution).  Please correct me if I misunderstood what
you said or if it doens't require full mail routing through location A.

By the way, an entirely qmail solution shouldn't be a problem since the my
clients seem to like the idea of linux and I am a big fan of qmail ;-

Thanks anyway,
Sheer

On Fri, 4 Aug 2000, Russell Nelson wrote:

 Sheer El-Showk writes:
   I would like to host mail for a single domain (ie all users should be
   [EMAIL PROTECTED]) on several (geographically distributed) machines,
   with users in each area receiving their mail at the local mail sever.  The
   hard part is, as bandwidth is a limiting issue, I don't want all the mail
   to be forwarded through a single host (eg if user1 at location A is
   sending a 5 MB attachement to user2 at location B, I don't want that to
   have to bounce off some central mail sever at location C).  This means
   that all the mail servers serve the same domain name but have to be
   distinguishable (via DNS or sonmething sendmail does) by users served.
 
 Qmail lets you implement this using virtualdomains.  You can
 virtualize a domain on a per-use basis.  So tell the qmail running at
 location A that [EMAIL PROTECTED] is actually [EMAIL PROTECTED]
 
 Unfortunately, both sites A and B have to be running qmail and must be 
 configured with the user table.  There's no global way to do what you
 want.  I suggest that you colocate the central mail server somewhere
 where there's plenty of bandwidth, and configure it with the user table.
 
 -- 
 -russ nelson [EMAIL PROTECTED]  http://russnelson.com  | If you think 
 Crynwr sells support for free software  | PGPok | health care is expensive now
 521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait until you see
 Potsdam, NY 13676-3213  | +1 315 268 9201 FAX   | what it costs when it's free. 
 

Re: domain splitting

[Chris Garrigues]

 From:  Sheer El-Showk [EMAIL PROTECTED]
 Date:  Fri, 4 Aug 2000 21:13:32 + (WET)

 
 Thanks, but my real concern is that all the mail NOT go through a SINGLE
 mail server (in terms of bandwithd).  If I do what you suggested
 [EMAIL PROTECTED] still has to go through location A (the full message,
 including attachements has to be received at that location) which means
 that it becomes a bandwidth bottle-kneck (and since there will be many
 locations all with very little bandwidth supporting a large organization
 this can be a problem).  At least that's how I understand it -- if you
 know some way that location A could tell the outside server just to route
 directly to location B, that's what I'm really looking for (sort of a SMTP
 user-based server resolution).  Please correct me if I misunderstood what
 you said or if it doens't require full mail routing through location A.
 
 By the way, an entirely qmail solution shouldn't be a problem since the my
 clients seem to like the idea of linux and I am a big fan of qmail ;-

This is doable as long as you find some reasonably automated way to maintain 
the .qmail files that forward the users identically everywhere.

Make domain.com a virtual domain at all locations.  Tell qmail at all 
locations that [EMAIL PROTECTED] is really [EMAIL PROTECTED] and 
[EMAIL PROTECTED] is really [EMAIL PROTECTED] and so on.

Point MX records equally at all your locations.  The outside world will send 
the mail to one of your hosts which will then forward it to where you really 
want it.

I'd probably maintain the .qmail-domain-* files for the virtual domain
in one central location and then rsync or rdist them to all the servers at the 
same time.

Also, I think qmail-ldap has a facility for doing this more magically out of 
LDAP.

Chris


 On Fri, 4 Aug 2000, Russell Nelson wrote:
 
  Sheer El-Showk writes:
I would like to host mail for a single domain (ie all users should be
[EMAIL PROTECTED]) on several (geographically distributed) machines,
with users in each area receiving their mail at the local mail sever. 
  The
hard part is, as bandwidth is a limiting issue, I don't want all the m
 ail
to be forwarded through a single host (eg if user1 at location A is
sending a 5 MB attachement to user2 at location B, I don't want that t
 o
have to bounce off some central mail sever at location C).  This means
that all the mail servers serve the same domain name but have to be
distinguishable (via DNS or sonmething sendmail does) by users served.
  
  Qmail lets you implement this using virtualdomains.  You can
  virtualize a domain on a per-use basis.  So tell the qmail running at
  location A that [EMAIL PROTECTED] is actually [EMAIL PROTECTED]
 
  Unfortunately, both sites A and B have to be running qmail and must be 
  configured with the user table.  There's no global way to do what you
  want.  I suggest that you colocate the central mail server somewhere
  where there's plenty of bandwidth, and configure it with the user table.
  
  -- 
  -russ nelson [EMAIL PROTECTED]  http://russnelson.com  | If you think 
  Crynwr sells support for free software  | PGPok | health care is expensiv
 e now
  521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait until you see
  Potsdam, NY 13676-3213  | +1 315 268 9201 FAX   | what it costs when it's
  free. 
  
 

-- 
Chris Garrigues http://www.DeepEddy.Com/~cwg/
virCIO  http://www.virCIO.Com
4314 Avenue C   
Austin, TX  78751-3709  +1 512 374 0500

  My email address is an experiment in SPAM elimination.  For an
  explanation of what we're doing, see http://www.DeepEddy.Com/tms.html 

Nobody ever got fired for buying Microsoft,
  but they could get fired for relying on Microsoft.



 PGP signature

Re: Anti Virus

[David Dyer-Bennet]

Michael T. Babcock [EMAIL PROTECTED] writes on 4 August 2000 at 10:02:54 -0400
  I beg you to cite the place where this list abides by these "Age-old
  standards".
  I've cited some standards about mailing lists to people before -- but
  usually along the lines of "don't quote 100 lines and give only 1 of your
  own" or "don't use 10 line signatures".  I don't complain about whether my
  mail reader is only intelligent enough to recognise "-- " as a leader to a
  signature instead of "--" or "- Michael" ...  

Signature is pretty well-defined, and "-- " is the delimiter.  Stuff
that uses other delimiters breaks all sorts of archiving and reply
software. 

  That, and I much prefer to put
  my statements above the quoted text if my statement deals with the entirety
  of the comment (not just segments, as yours was), so that anyone following
  the list can quickly read what I have to say without scrolling.

I wish you wouldn't.  When I then respond to various paragraphs of
your text, the resulting sequence is very confusing -- or would be if
I didn't take the trouble to reorder your message first.
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]

tcpserver hanging

[Adam McKenna]

Does anyone know why tcpserver would do this?

It seems to be randomly hanging on incoming connections, about 1 in every 10:

Connection closed by foreign host.
adam@orbicus:~$ telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK 25910.965424763@orbicus
quit
+OK
Connection closed by foreign host.
adam@orbicus:~$ telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK 25912.965424764@orbicus
quit
+OK
Connection closed by foreign host.

[a bunch more times]

then... randomly, this will happen:

adam@orbicus:~$ telnet localhost 110
Trying 127.0.0.1...
[hangs]

Logs show nothing out of the ordinary:

@4000398b36852712097c tcpserver: status: 1/40
@4000398b368527154d6c tcpserver: pid 25910 from 127.0.0.1
@4000398b3685271c9c84 tcpserver: ok 25910 localhost:127.0.0.1:110
:127.0.0.1::3755
@4000398b368605ccc39c tcpserver: end 25910 status 256
@4000398b368605cd486c tcpserver: status: 0/40
@4000398b36861a2ae01c tcpserver: status: 1/40
@4000398b36861a324a8c tcpserver: pid 25912 from 127.0.0.1
@4000398b36861a39dc0c tcpserver: ok 25912 localhost:127.0.0.1:110
:127.0.0.1::3757
@4000398b368633f6a29c tcpserver: end 25912 status 256
@4000398b368633f7276c tcpserver: status: 0/40

Here is the command I'm using to run tcpserver:

adam@orbicus:~$ cat /var/qmail/supervise/qmail-popup/run 
#!/bin/sh

PATH=$PATH:/var/qmail/bin:/usr/local/bin

exec /usr/local/bin/softlimit -m 200 \
tcpserver -R -H -v -x/etc/tcp.pop3.cdb -u0 0 110 qmail-popup
orbicus /bin/checkpassword qmail-pop3d Maildir 21

Any ideas?  I've already recompiled both qmail and ucspi-tcp.  We had some
disk problems recently so I wanted to make sure they weren't damaged somehow.

--Adam

/var/qmail/rc

[James]

I've installed qmail from the FreeBSD ports collection, and I'm
trying to get it going... so when reading the help documents, I
see references to /var/qmail/rc. I don't see this file. I even
checked in the distribution tarball, and I don't see this file. Is
there something I'm missing?

Re: /var/qmail/rc

[Ben Beuchler]

On Fri, Aug 04, 2000 at 03:13:26PM -0700, James wrote:

 I've installed qmail from the FreeBSD ports collection, and I'm
 trying to get it going... so when reading the help documents, I
 see references to /var/qmail/rc. I don't see this file. I even
 checked in the distribution tarball, and I don't see this file. Is
 there something I'm missing?

Yup.

In the file named "INSTALL" on line 24 it says:

8. Copy /var/qmail/boot/home (or proc) to /var/qmail/rc.

That should take care of it.

Ben

-- 
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground   www.bitstream.net

Re: domain splitting

[Ben Beuchler]

On Fri, Aug 04, 2000 at 09:13:32PM +, Sheer El-Showk wrote:

 Thanks, but my real concern is that all the mail NOT go through a SINGLE
 mail server (in terms of bandwithd).  If I do what you suggested

I don't think it's possible to avoid that.  Which server mail is sent to
is a function of DNS, not mail server configuration.  The only way an
MTA has of knowing where to send a piece of mail is by looking up an MX
record for it.  It can only look up based on domain.  DNS does not know
anything about users and should not.

So.  Your only real option is to have a single mail server accepting
mail and then distribute it to other servers.  This does not fix your
bandwidth problem.  But, with a little research you can find one of
several ways to use the primary mail server only as a way to accept
inbound mail and then redistribute it to any one of several other mail
servers based on multiple criteria.

Ben

-- 
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground   www.bitstream.net

Re: domain splitting

[Adam McKenna]

On Fri, Aug 04, 2000 at 05:25:46PM -0500, Ben Beuchler wrote:
 On Fri, Aug 04, 2000 at 09:13:32PM +, Sheer El-Showk wrote:
 
  Thanks, but my real concern is that all the mail NOT go through a SINGLE
  mail server (in terms of bandwithd).  If I do what you suggested
 
 I don't think it's possible to avoid that.  Which server mail is sent to
 is a function of DNS, not mail server configuration.  The only way an
 MTA has of knowing where to send a piece of mail is by looking up an MX
 record for it.  It can only look up based on domain.  DNS does not know
 anything about users and should not.
 
 So.  Your only real option is to have a single mail server accepting
 mail and then distribute it to other servers.  This does not fix your
 bandwidth problem.  But, with a little research you can find one of
 several ways to use the primary mail server only as a way to accept
 inbound mail and then redistribute it to any one of several other mail
 servers based on multiple criteria.

What about having two servers with the same MX priority?  That should work.

adam@spotted:~$ dig earthlink.net mx

;  DiG 8.2  earthlink.net mx 
;; res options: init recurs defnam dnsrch
;; got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;  earthlink.net, type = MX, class = IN

;; ANSWER SECTION:
earthlink.net.  0S IN MX5 mx09.earthlink.net.
earthlink.net.  0S IN MX5 mx00.earthlink.net.
earthlink.net.  0S IN MX5 mx01.earthlink.net.
earthlink.net.  0S IN MX5 mx02.earthlink.net.
earthlink.net.  0S IN MX5 mx03.earthlink.net.
earthlink.net.  0S IN MX5 mx04.earthlink.net.
earthlink.net.  0S IN MX5 mx05.earthlink.net.
earthlink.net.  0S IN MX5 mx06.earthlink.net.
earthlink.net.  0S IN MX5 mx07.earthlink.net.
earthlink.net.  0S IN MX5 mx08.earthlink.net.

--Adam

RE: domain splitting

[Ihnen, David]

If you wish to load balance mail through several servers, then just use a
load balancing scheme like through red hats new product, though I forget its
name, or use a cisco loaddirector or an F5 BigIP or any number of farm
solutions.

Each server can have a copy of the user table and route to the appropriate
mail servers as needed.

Bottleneck Eliminated.

(two server addresses on the same MX priority is not as configurable or
reliable as the load balancing hardware)

"Nothing eliminates stress like having auto-redundant systems" - me as a
network administrator

David


 -Original Message-
 From: Sheer El-Showk [mailto:[EMAIL PROTECTED]]
 Sent: Friday, August 04, 2000 2:14 PM
 To: Russell Nelson
 Cc: [EMAIL PROTECTED]
 Subject: Re: domain splitting
 
 
 
 Thanks, but my real concern is that all the mail NOT go 
 through a SINGLE
 mail server (in terms of bandwithd).  If I do what you suggested
 [EMAIL PROTECTED] still has to go through location A (the full message,
 including attachements has to be received at that location) 
 which means
 that it becomes a bandwidth bottle-kneck (and since there will be many
 locations all with very little bandwidth supporting a large 
 organization
 this can be a problem).  At least that's how I understand it -- if you
 know some way that location A could tell the outside server 
 just to route
 directly to location B, that's what I'm really looking for 
 (sort of a SMTP
 user-based server resolution).  Please correct me if I 
 misunderstood what
 you said or if it doens't require full mail routing through 
 location A.
 
 By the way, an entirely qmail solution shouldn't be a problem 
 since the my
 clients seem to like the idea of linux and I am a big fan of qmail ;-
 
 Thanks anyway,
 Sheer
 
 On Fri, 4 Aug 2000, Russell Nelson wrote:
 
  Sheer El-Showk writes:
I would like to host mail for a single domain (ie all 
 users should be
[EMAIL PROTECTED]) on several (geographically distributed) 
 machines,
with users in each area receiving their mail at the 
 local mail sever.  The
hard part is, as bandwidth is a limiting issue, I don't 
 want all the mail
to be forwarded through a single host (eg if user1 at 
 location A is
sending a 5 MB attachement to user2 at location B, I 
 don't want that to
have to bounce off some central mail sever at location 
 C).  This means
that all the mail servers serve the same domain name but 
 have to be
distinguishable (via DNS or sonmething sendmail does) by 
 users served.
  
  Qmail lets you implement this using virtualdomains.  You can
  virtualize a domain on a per-use basis.  So tell the qmail 
 running at
  location A that [EMAIL PROTECTED] is actually [EMAIL PROTECTED]
  
  Unfortunately, both sites A and B have to be running qmail 
 and must be 
  configured with the user table.  There's no global way to 
 do what you
  want.  I suggest that you colocate the central mail server somewhere
  where there's plenty of bandwidth, and configure it with 
 the user table.
  
  -- 
  -russ nelson [EMAIL PROTECTED]  http://russnelson.com  | 
 If you think 
  Crynwr sells support for free software  | PGPok | health 
 care is expensive now
  521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait 
 until you see
  Potsdam, NY 13676-3213  | +1 315 268 9201 FAX   | what it 
 costs when it's free. 
  
 

Softgoods payload app using PayPal and qmail?

[Thomas David Kehoe]

Should I use qmail for this application?  I was going to write it in PHP.
Qmail looks interesting, but I have zero experience with it.

I want customers to e-mail money to my website, and my website automatically
e-mails them a file (text, photo, MP3, etc.).  I want to use PayPal to
handle the credit card transaction.

There are e-commerce applications that can do "softgoods payload delivery,"
e.g. Hazel.  But these applications are much bigger than I need.  If I use
PayPal, I don't need credit card processing.  Security concerns are simpler.
I don't need hardgoods processing, shopping carts, etc.

Plus, PayPal has zero transaction fees.  Wells Fargo charges me up to 12%
for small credit card transactions.

My plan is to write a PHP script to parse the e-mail that PayPal sends to
the seller.  PayPal sends an e-mail to the seller saying, "[EMAIL PROTECTED]
has paid you $3 and attached this note: 'I want gilliananderson.jpg.'"  I
was going to parse that e-mail into "[EMAIL PROTECTED], $1,
gilliananderson.jpg" and then send out the photo to that address.

Comments, suggestions?  Would this be easier to do in qmail or in PHP?  Can
I hire a qmail consultant to write this for me?
-- 
Thomas David KehoeCasa Futura Technologies
http://www.FriendshipCenter.com   Stuttering Science  Therapy Website
The free penpals database forhttp://www.fluencydevices.com
individuals with disabilities.  (888) FLU-ENCY

Re: Softgoods payload app using PayPal and qmail?

[Chris Garrigues]

 From:  Thomas David Kehoe [EMAIL PROTECTED]
 Date:  Fri, 04 Aug 2000 16:40:38 -0700

 Comments, suggestions?  Would this be easier to do in qmail or in PHP?

umm, qmail isn't a programming language.  qmail could call a php script (or a 
perl script or a c program) which would do this.  qmail is a replacement for 
sendmail.

Chris

-- 
Chris Garrigues http://www.DeepEddy.Com/~cwg/
virCIO  http://www.virCIO.Com
4314 Avenue C   
Austin, TX  78751-3709  +1 512 374 0500

  My email address is an experiment in SPAM elimination.  For an
  explanation of what we're doing, see http://www.DeepEddy.Com/tms.html 

Nobody ever got fired for buying Microsoft,
  but they could get fired for relying on Microsoft.



 PGP signature

Re: domain splitting

[Russell Nelson]

Sheer El-Showk writes:
  Thanks, but my real concern is that all the mail NOT go through a SINGLE
  mail server (in terms of bandwithd).  If I do what you suggested
  [EMAIL PROTECTED] still has to go through location A (the full message,
  including attachements has to be received at that location) which means
  that it becomes a bandwidth bottle-kneck (and since there will be many
  locations all with very little bandwidth supporting a large organization
  this can be a problem).  At least that's how I understand it -- if you
  know some way that location A could tell the outside server just to route
  directly to location B, that's what I'm really looking for (sort of a SMTP
  user-based server resolution).  Please correct me if I misunderstood what
  you said or if it doens't require full mail routing through location A.

You can't get the rest of the world to send mail to a single domain
except by going to the host that accepts mail for that domain.  But
within your domain, you can split it any way you want.  You could use
LDAP, you could use the DNS, you could use fastforward, you could use
a bunch of .qmail files.  Personally, I'd use the DNS.  It's an
efficient, scalable, secure (well, okay, it's secure if you use
djbdns), cross-host, cross-platform database.  Just do this:

echo 'example.com:alias-example' /var/qmail/control/virtualdomains

echo '|forward $EXT2@$EXT2.example.com'

Then set up a bunch of DNS records that point to the host with that
user's mailbox.

-- 
-russ nelson [EMAIL PROTECTED]  http://russnelson.com  | If you think 
Crynwr sells support for free software  | PGPok | health care is expensive now
521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait until you see
Potsdam, NY 13676-3213  | +1 315 268 9201 FAX   | what it costs when it's free. 

Re: Softgoods payload app using PayPal and qmail?

[David Dyer-Bennet]

Thomas David Kehoe [EMAIL PROTECTED] writes on 4 August 2000 at 16:40:38 -0700

  Comments, suggestions?  Would this be easier to do in qmail or in PHP?  Can
  I hire a qmail consultant to write this for me?

I find the "qmail or PHP" question confusing.  For a moderate volume
(and you say you don't need some of the more heavy-duty commercial
softgoods payload delivery systems), I'd write a CGI in something like
Perl, or use PHP, or use ColdFusion if I already had it on my server,
or something like that.  And then I'd use whatever MTA was installed
on the server to accept and deliver the incoming, and to dispatch the
outgoing. 

Qmail is a fine choice for MTA; it's fast, reliable, secure, and
easy to interface to from a CGI application.  If there's no MTA
currently installed, or if it's time for a change, qmail would be a
good choice.

I'm sure you can hire a consultant to write this for you.  I'd look
for web expertise more than qmail expertise, since the interface to
whatever MTA you use isn't particularly the hard part.  If you're
setting up the server yourself you might want a qmail consultant to
get the whole mail handling thing set up for you, and finding somebody
who can do both parts might be more convenient for you.
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]

Re: tai64n -- why?

[Russ Allbery]

David Dyer-Bennet [EMAIL PROTECTED] writes:

 Yes, when I first looked at it.  As is often the case with Dan, I just
 disagree.  It's not straight text in the sense I mean; it's not human
 readable.  Of all the strange choices Dan's made that I've encountered
 in working with qmail, this is the first one that I fail completely to
 understand.  All the others, I see the tradeoffs and I see why he chose
 as he did, even if I might have chosen otherwise.  This one makes zero
 sense.  It's non-functional.  It doesn't connect to the way I work.

syslog timestamps are amazingly annoying to try to parse.  TAI64 is
trivial to parse.  This is a significant improvement.

ISO date/time format would also have been easy to parse, and I would have
been slightly happier with that, but TAI64 is definitely a *huge*
improvement over syslog if you want to do anything at all automated with
the logs.

-- 
Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/

Re: Now redhat's mailling lists have been removed to mailman and postfix

[Russ Allbery]

Irwan Hadi [EMAIL PROTECTED] writes:

 , PayPal/Confinity, Red Hat's mailing lists, Hypermart.net, Casema,
 ^^
 Rediffmail.co.in, Topica, MyNet.com.tr, FSmail.net, and vuurwerk.nl.

 at www.qmail.org/top.html should be removed right ?

It can be replaced with all of the Perl development mailing lists, all of
which are using ezmlm-idx.

-- 
Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/

Re: Editing error messages

[Eric Cox]

Bryan Ischo wrote:
 
 The people who read bounce mails are typically those who sent it, which,
 99% of the time, is a person who is completely unfamiliar with mail
 systems.
 
 To them, something like, "You cannot sent mail to that site using this
 mail server", or somesuch, would be less confusing and more personable.


Another possibility is putting personal, domain-specific info into the 
bounce messages, like who to contact for help, etc...

Eric

Problems whith scan4virus

[Kornyakov Yevgeny]

Hi all !!!

I have installed perl based programm Scan4virus from Jason Haar
but I have problems whith execute this program.
When I try execute I get next message
==
www:/var/qmail/bin# ./antivirus-qmail-queue.pl -t
YOU HAVEN'T DISABLED SET-ID SCRIPTS IN THE KERNEL YET!
FIX YOUR KERNEL, PUT A C WRAPPER AROUND THIS SCRIPT, OR USE -u AND UNDUMP!
==
What can I do ?
  

-- 
Best regards,
 Kornyakov  mailto:[EMAIL PROTECTED]

Unable to create pipe

[Ricardo Albano]

I get a lot of errors like this in the qmail 
logs :

delivery 4770: deferral: 
qmail-spawn_unable_to_create_pipe._(#4.3.0)/

How can I solve this ?, I readed the FAQ and 
mailling list archives but I can't find this.

Thanks
RDA.-