Re: Machine names in message headers
John, Try reading the man page for qmail-control and qmail-inject. I suspect that some of your qmail control files still reference the original hostname of the machine, and not the current hostname. Jamin On Mon, 30 Jul 2001, John Portwin wrote: > >From any e-mail I send through our server: > > Received: (qmail 20807 invoked by uid 0); 30 Jul 2001 15:08:06 - > Received: from [EMAIL PROTECTED] by pluto2001.office.internal with > qmail-scanner-0.96 (uvscan: v4.1.40/v4121. . Clean. Processed in 0.193495 > secs); 30 Jul 2001 15:08:06 - > Received: from unknown (HELO doc2) (10.0.0.22) > by pluto.office.internal with SMTP; 30 Jul 2001 15:08:06 - > > > When qmail delivers the mail, the machine name shouldn't be > 'pluto2001.office.internal' it should be 'pluto.office.internal'. pluto2001 > was the name of the machine while it was in 'test' phase, and has been > removed from all DNS, hosts etc. Why does qmail still think it's called > that? And why does it change? > > > > Regards, > John >
Re: Problem with Qmail Queueing
It sounds to me like you didn't stop and restart the qmail-send daemon after making those changes. Read the man page on qmail-send. This little snippet is probably the most helpful: CONTROL FILES WARNING: qmail-send reads its control files only when it starts. If you change the control files, you must stop and restart qmail-send. Exception: If qmail-send receives a HUP signal, it will reread locals and virtualdomains. Jamin On Tue, 24 Jul 2001, Edward McLain wrote: > Ive got a quick problem and I hope that someone can help me with this. > In the past month my company has switched from using Sendmail with > linuxconf and virtualpop3 to using qmail with vpoppasswd. Everything > converted great and I have a couple of bash scripts and php scripts that > make this conversion easy and fast if anyone is interested. The problem > I am having is in the queuing. I cannot seem to get qmail-send to run > more than 20 qmail-remotes at any one time. I have changed > /var/qmail/control/concurrencyremote to 90 and it still stops at 20. > Ive searched through the archives and done as much research as > possible, but still cant find anyway around this. I also set > /var/qmail/control/queuelifetime to 345600, which should reflect about 4 > days, however mail is still sticking around in the queue for a week. > Anyone have any suggestions or otherwise on this? > > Thanks, > > Ed McLain > High Speed Solutions > [EMAIL PROTECTED] > --------- Jamin A. Brown Systems Operations Supervisor [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA 1024 PGP Key:http://home.gwi.net/~jamin/pgp/jamin.asc
Re: Error deferral: Unable_to_chdir_to_maildir._(#4.2.1)/
Eddy, qmail delivers mail as the user it is delivering to (assuming a standard install). So the recipient of the mail has to A.) have permissions to get to and write into the Maildir, and B.) The Maildir and its subdirectories need to exist. You should be able to use ls -l to determine if the ownership and permissions are correct on the homedirectory and Maildir in question. If the Maildir doesn't exist, create it. If you can't figure it out, we will need more information, like logfiles, an ls -lR of the user's home directory, etc. Jamin On Thu, 5 Jul 2001, eddy wrote: > I have a problem with qmail, and make me cannot send or receive mail, and it > show error messages like this : > > delivery 1: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/ > > Can anyone help me to fix it out > Thanks > > Regards, > > > Eddy >
Re: MAIL FROM: <#@[]>
On Mon, 19 Mar 2001, Dave Sill wrote: > "Jamin A. Brown" <[EMAIL PROTECTED]> wrote: > > >I'm noticing a fair amount of spam coming into our system where the > >sending server is using MAIL FROM: <#@[]>. > > Really? Where's it coming from? Sure you're not seeing this in double > bounces? That's what I get for making assumptions... It probably is coming from double bounces. But Sendmail on the sending server is rejecting the bounce because of this, so I'm not seeing them. I assumed it was spam, my bad. Thanks. Jamin
MAIL FROM: <#@[]>
Hello, I'm noticing a fair amount of spam coming into our system where the sending server is using MAIL FROM: <#@[]>. Is there a quick an easy way to block this using tcpserver and/or rblsmtpd? I would like to setup something like: RULE:allow,RBSMTPD="Domain of sender address does not exist." (This is the same as Sendmail does by default.) But I can't seem to get the rule working correctly. Any pointers, or am I going about it the wrong way? Perhaps I should be using procmail instead? Jamin GWI Operations
Re: smtplf
Ari, 1.) You *shouldn't* have to patch Qmail for this behavior. Qmail is following the RFCs and denying your mail because it has bare linefeeds. 2.) If you must "fix" Qmail, use the fixcrio program. This program comes as part of the ucspi-tcp-0.88 package. Jamin On Mon, 12 Feb 2001, Ari Arantes Filho wrote: > Hi, > > I'm using a qmail box (redhat 6.2) to send messages from a dedicaded > server running cold fusion (windows NT), but some messages are refused > because of: http://cr.yp.to/docs/smtplf.html. This messages are > filled (TEXTAREA) and something are refused. > > How can I patch qmail to avoid this error, I want these message to be > sent. > > Thanks, > > Ari > > --------- Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: virtualdomain/smtproute
Michael, Haven't yet seen a response, so I'll write one. :) You can do this fairly easily by setting up the following: virtualdomains: corp.rocketcash.com:alias-corp_rocketcash_com/ Then, you'll need to 'mkdir ~alias/.qmail-corp_rocketcash_com' Inside that directory, you'll want to create a file called '-default' (this can be tricky, as most programs see - as a switch delimiter. You will probably need to specify the file as ./-default while in that directory.) Inside this file, place the line: |forward ${DEFAULT}@corp.netzero.net The above file acts as a .qmail-default for that domain, forwarding anything not already specified to the same [EMAIL PROTECTED] You can now create specific user files in the same directory to override this behaviour. Say you wanted [EMAIL PROTECTED] to forward to [EMAIL PROTECTED] You would create a file called -jamin in the ~alias/.qmail-corp_rocketcash_com directory, and inside it place: &jbrown@@corp.netzero.net Hope this makes sense to you. Jamin On Mon, 5 Feb 2001, Michael Boyiazis wrote: > I have a situation which leaves me (I think) caught between > virtualdomain and smtproute files... > > We have qmail running on a firewall box and forwarding > to the corporate exchange server... > > We have users from one domain: > aimtv.com which we use smtproutes to forward directly > to a virus scan box... all the email addresses in the aimtv > domain match those found on the forwarding domain, so > smtproutes is appropriate. > > I'd like all our domains to be that way, but each domain that > the virus scan box checks needs extra licensing ($$)... > > so, we have another domain, corp.rocketcash.com... > some email addresses are [EMAIL PROTECTED] > > the mail comes in and I use a .qmail file to forward these to > [EMAIL PROTECTED] > > future new addresses will be along the line of > [EMAIL PROTECTED] which will forward > to the equivalent on corp.netzero.net > > is there a way to catch all those future addresses and forward them to > @corp.netzero.net w/o using smtproutes and without creating a separate > .qmail for each new employee? would a catchall .qmail > file be able to do that? i don't see how. it makes sense to use smtproutes > but i cannot from what i can see. > > any suggestions? > > Thanks, > -- > Michael Boyiazis > [EMAIL PROTECTED] > Mail Architect, NetZero, Inc. > > - Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: Memphis RSS service will be cancelled
Mate, There is a patch for rblsmtpd that allows it to block using A records (as opposed to TXT records). We've applied it in order to use mail-abuse.org's RSS list. I would point you directly to it, but I can't seem to get to www.qmail.org at the moment. Jamin On Tue, 30 Jan 2001, Mate Wierdl wrote: > Yusuf just told me that one has to pay for zone transfers of the RSS > zone. This means, I have to cancel the RSS RBL service of > relays.msci.memphis.edu as of tomorrow, noon, US Central. > > It would be great if Dan would write an official version of rblsmtpd > that supports A records. > > Does anybody have any other suggestion (like an available replacement > of the RSS list I could exercise my rbldns on)? > > BTWY, they have about 300 subscribers to the service; that is at least > $700 each nameserver/year >= $420,000/year. But you need to add $50 > per 1000 users... Based on the listed participant ISPs, it looks like > more than a million/year goes to support needy antispammers. > > Mate > --------- Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: Help for the new guy.
On Wed, 17 Jan 2001, Chandler wrote: > Wow. It never occuered to me. It's working now, sorta. I need to sort > out host information. Like, I can send to hades.solidst8.org, but not > just 'solidst8.org' I get to learn more about bind now I suppose. > Thank you trmendously for the help. I'll try to be more prepared next > time there's a problem. Thanks again. This has to do with both MX records (getting the mail to the server) and the Qmail configuration (letting the mail server know what to do with mail for that domain). The Qmail part is sovered in the docs. Jamin --------- Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: Help for the new guy.
On Wed, 17 Jan 2001, Chandler wrote: > Hrmm... ok, does anyone use inetd for it? I use inetd for a lot of other > stuff, so I chose to stick with it. I don't think inetd is your problem, after all, the connetion is being opened. > > > permissions of Maildir: > > > > > > drwxr-x--- 5 chandler chandler 512 Jan 17 11:22 Maildir > > > > What are the perms on the homedir itself, and what about the > > subdirectories of Maildir? > > /usr/home/chandler > drwxr-xr-x 41 chandler chandler 3072 Jan 17 10:41 chandler > /usr/home/chandler/Maildir > drwxr-x--- 5 chandler chandler 512 Jan 17 11:22 . > drwxr-xr-x 41 chandler chandler 3072 Jan 17 10:41 .. > -rw--- 1 root chandler 537 Jan 17 11:22 chandler > drwx-- 2 root chandler 512 Jan 17 01:23 cur > drwx-- 2 root chandler 512 Jan 17 01:23 new > drwx-- 2 root chandler 512 Jan 17 01:23 tmp Hmmm, you do realize that qpop3d runs as the user, not root? Look at the ownership of the new, cur and tmp directories. Change them to chandler, not root. This should fix the problem. Also, what's the chandler dir for? > Eh, my install and config of qmail went somehting like this... I > downloaded all the binaries I found that I neededuntarred them, and > started with INSTALL from the qmail docs. I don't recall wether or not I > set Maildir to be default or not. Mostly, I assumed that as long as I > changed as little as I could, I'd be ok... That doesn't appear to be the > case anymore. Was just curious. It seemed like it might be redundant. Jamin - Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: Help for the new guy.
On Wed, 17 Jan 2001, Chandler wrote: > ah, ok. Mah bad for not supplying enough information. And it was my > typo.. freebsd 4.2 is what I installed, although the time machine is in > the works. Ah, well let us know when it is working then. :) > This is what I have in inetd.conf: > > smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env > /var/qmail/bin/qmail-smtpd > pop3stream tcp nowait root/var/qmail/bin/qmail-popup > qmail-popup solidst8.org/usr/local/bin/checkpassword > /var/qmail/bin/qmail-pop3d Maildir Looks OK to me, although we use tcpserver here and I've never tried to use qpop3d from inetd. > permissions of Maildir: > > drwxr-x--- 5 chandler chandler 512 Jan 17 11:22 Maildir What are the perms on the homedir itself, and what about the subdirectories of Maildir? > results of 'cat /usr/home/chandler/.qmail' > > su-2.03# cat /usr/home/chandler/.qmail > ./Maildir/ Why have a .qmail file? Or do you not have Maildir as your default delivery mechanism? > I also just noticed that I failed to set up an mx record for mail... I'm > sure that causes some issue.. but it wouldn't be the reason for the error > would it? Doubtful. Jamin - Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: Help for the new guy.
On Wed, 17 Jan 2001, Chandler wrote: > I just got my first computer and got freebsd 4.4 setup on it. HUH? You a time traveler or something? FreeBSD-stable is currently 4.2. I wouldn't run a development or beta OS on a production server. I'm going to assume this is a typo. > -ERR unable to scan $HOME/Maildir >From my expereience, this indicates that the homedir and/or Maildir directories either do not exist, or have improper permissions/ownership. It could also mean that the qpop3d is not running as the user in question. --------- Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: Hotmail Woes.
Corey, Is the IP brand new? If the IP has ever been used by a spammer, it could be on a lit somewhere. I would advise looking it up at www.mail-abuse.org and www.orbs.org just in case. Also, what happens if you manually connect to the hotmail server to send a message (using telnet)? Jamin On Fri, 12 Jan 2001, Corey Jarvis wrote: > To whomever, > I am having a wierd problem with hotmail.com smtp connections, > Anyone in the world can send to me however when I send to hotmail.com it > won't accept any smtp connection. > I can send to yahoo or whomever accept to hotmail and certain other > domains. I know I am not black listed since this machine is brand new. > Any ideas? And I have checked my reverse maps and they work properly. > Signed, > Corey > --------- Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Deny for DNS Mismatch
Hello, Sorry to bring this to the list, as I'm sure that instructions for this are posted *somewhere*, but I can seem to find them. We are running Qmail with tcpserver, and would like to duplicate the sendmail feature of denying connections from mail servers which do not have DNS setup correctly for them. We are not so concerned with how a server IDs itself, (HELO) just as long as forward and reverse DNS for their hostname/IP matches. The last requirement is that we want to deny these connections with an error message. Denying with tcpserver directly just causes the remote host to contact the next highest preference MX server. Can anyone point me in teh direction of some good documentation on this? My inclanation at this point is to run tcpserver with -p and have it call a program that will deny the connection if $TCPREMOTEHOST is not set. Thanks for your time. Jamin - Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: fastforward + #5.1.1
Does the user "info" exist on your system? If it does, and you haven't changed Qmail's default dash-extension value, Qmail will be looking for ~info/.qmail-world for delivery instructions for this address. You can change the dashext character to something like '='. Or you can create the .qmail-world file in the ~user directory. Jamin On Tue, 2 Jan 2001, jx001 wrote: > Hi, > > I'm using qmail and fastforward. > > My aliases File is looking like: > postmaster: info > webmaster: info > verna: [EMAIL PROTECTED] > info-world: [EMAIL PROTECTED] > ... > > The alias-name "info-world" in my aliases.cdb doesn't work and I receive > the following message: > sorry, no mailbox here by that name. (#5.1.1) > > But the User "info-world" exist on my mailserver. > What is wrong > > THX > > Joe > - Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: rcpt/backup mx based on IP ?
Sendmail has a switch to turn this on, which is off by default... Reason being, anyone can point their domain's MX records to your server and then freely send mail to/through it. I'm curious to know if qmail starts having performance issues at higher numbers of rcpthosts. We're currently running about 1800 domains, most of them in the morercpthosts file. I personally prefer having more control through these files. Easier to deny access to someone who leaves or whose server gets compromised. Jamin On Wed, 20 Dec 2000, Markus Stumpf wrote: > Our rcpthosts file ist getting quite big, adding all the domains > we're doing POP Boxes for and those our customer request backup MX > for. > > Has anyone thought of/patched qmail-smtpd to accept messages based on > the IP of the MX records? > > Are there any pitfalls that I don't think of in the moment that would make > the mailserver relay open? > > \Maex > > --------- Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: Redirect addresses
Ari, As appears to be normal in qmail, there are a few ways to do this. You could setup the smtproutes file with an entry like: domain.com.br:intranet.domain.com.br Or, you could setup an entry in virtualdomains: domain.com.br:alias-domain_com And create the file ~alias/.qmail-domain_com-default which would contain: |forward ${DEFAULT}@intranet.domain.com.br Hope that helps. Jamin On Tue, 19 Dec 2000, Ari Arantes Filho wrote: > Hi, > > I need to integrate an qmail instalation on a real IP machine with an > intranet (192.168.1.2) machine with NT and Exchange. > > How can I configure qmail to every email @domain.com.br is sent to same > [EMAIL PROTECTED]? Like: *@domain.com.br goes to > *@intranet.domain.com.br > > The DNS is ok and I can send emails to @intranet.domain.com.br > (exchange). > > I know I can create a /var/qmail/alias/.qmail- and redirect it to > [EMAIL PROTECTED], but this problem is to avoid double user > management, the customer only wants to create user in Exchange!!! > > Is it possible? > > Best regards, > > Ari > > --------- Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Re: Long Local Delivery Delays
On Mon, 13 Nov 2000 [EMAIL PROTECTED] wrote: > On Mon, Nov 13, 2000 at 04:39:11PM -0500, Jamin A. Brown wrote: > > Hello, > > > > We have just completed migrating a sendmail installation for roughly 15000 > > users to qmail. After doing so, we are experiencing longish delays on the > > delivery of incoming messages. > > What sort of passwd technology are you using? /etc/passwd? NIS, NIS+? /etc/passwd at this point. > > The delay seems to occur from when mx0 accepts the message to when mx0 > > writes it to the user's Maildir. My guess would be that the queue is not > > being processed fast enough. It seems that the problem may have been related to the number of open files that BSD/OS allows by default. After increasing this number by quite a bit, qmail-send is finally showing us approach our concurrency limits. If things continue to seem slow, I will email the list with logfile entries. Jamin --------- Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Long Local Delivery Delays
Hello, We have just completed migrating a sendmail installation for roughly 15000 users to qmail. After doing so, we are experiencing longish delays on the delivery of incoming messages. We currently have qmail-smtpd starting from tcpserver using: #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -c 512 -v -pR -x /usr/local/etc/tcp.smtp.cdb \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd -b -r \ "relays.mail-abuse.org:Open relay problem - see <http://www.mail-abuse.org/cgi-bin/nph-rss?%IP%>" \ -r dialups.mail-abuse.org \ -r rbl.maps.vix.com \ /var/qmail/bin/qmail-smtpd 2>&1 And logging using: #!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s250 /var/log/qmail/qmail-smtpd I have increased our conncurrencylocal and concurrencyremote to 50 each. The qmail-send log we have seems to indicate that we aren't coming close to this limit: @40003a105ba216072edc status: local 1/50 remote 3/50 @40003a105ba21626288c end msg 695835 @40003a105ba2196aff04 new msg 695707 @40003a105ba21a78f464 info msg 695707: bytes 8004 from <> qp 18635 uid 59 @40003a105ba21dda6ee4 starting delivery 18024: msg 695707 to remote [EMAIL PROTECTED] @40003a105ba21ddd7454 status: local 1/50 remote 4/50 Our architecture is setup as: mx0.gwi.net - Incoming server, BDS/OS, Dual PIII 550, 256 MB RAM. This server writes incoming mail to a NetApp NFS server. Unfortunately also running qmail-pop3d right now for some of our customers. Will be disabling this ASAP. pop0.gwi.net - POP server. (Same hardware). Just running qmail-pop3d and reading from the NetApp. The delay seems to occur from when mx0 accepts the message to when mx0 writes it to the user's Maildir. My guess would be that the queue is not being processed fast enough. We are NOT yet using the big-todo patch at this time. We are seeing delays of up to a couple hours on messages, so any assistance or pointers in the right direction would be appreciated. If you would be so kind as to CC any responses to [EMAIL PROTECTED] (to get to me directly rather than through the qmail server) it would be appreciated. --------- Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Possible to Log usernames with qmail-pop3d?
Hello, Is it possible to write the username and hopefully connection status (good, password rejected, etc.) of any connections to qmail-pop3d through tcpserver? We are starting tcpserver with: #!/bin/sh exec /usr/local/bin/tcpserver -v -R 0 pop3 \ /var/qmail/bin/qmail-popup aeryn.gwi.net \ /usr/local/bin/checkpassword \ /var/qmail/bin/qmail-pop3d Maildir 2>&1 And using the daemontools logger: #!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s250 /var/log/qmail/qmail-pop3d Thanks for any input. ----- Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc
Sendmail %1 Virtual Aliases -> Qmail?
Hello Everyone, I am in the progress of migrating a fairly large sendmail system to qmail. One of the problems I have run into is the differences in when aliases are resolved by the two programs. I have installed and am planning on using the fastforward program with qmail. The main issues are these: 1.) We have over 1000 virtualdomains that we handle mail for. 2.) Due in part to bad planning, we allow defaulting delivery of those domains to the localdomain. e.g. If we host custdomain.com, we allow mail to [EMAIL PROTECTED] to delivery to the same [EMAIL PROTECTED] 3.) With a small number of our virtualdomains, we have a setup that forwards [EMAIL PROTECTED] to the same [EMAIL PROTECTED] using the sendmail virtusertable format @domain1.com[EMAIL PROTECTED] The questions are: 1.) Is it possible to have the fastforward alias file read *before* the local user check, AND have it delivery to the local user if there is no alias? 2.) Using the fastforward aliases file, is there an equivilant to the @domain1.com[EMAIL PROTECTED] style of aliasing? I am aware that using qmail's .qmail file aliasing is it possible to do the defaulting aliasing through a .qmail-default file containing: ${DEFAULT}@gwi.net However, to make it easier on our support department, having aliasing act exactly the same as in sendmail would be much preferrable. Thank you for your time. - Jamin A. Brown Systems Operations Department [EMAIL PROTECTED] * Great Works Internet * 207.286.8686 x142 RSA PGP Key: http://www.gwi.net/~jamin/pgp/jamin.asc