Re: [qmailtoaster] Virus problem
Natalio Gatti wrote: Hi List. I'm having an intermitten virus problem. From time to time a user gets infected with a virus/worm that send tons of spam through the server. All users are behind a NAT, so I can't know exactly which user/PC is the source of the problem. How can I minimize this problem? Natalio in my case, I am blocking .zip attachment you can add it on your /var/qmail/control/simcontrol :clam=yes,spam=yes,spam_hits=12,attach=.3gp:.zip if my users and other parties want to exchange .zip file they should use online file transfer (megaupload/rapidshare) - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmail-queue.orig - where can I find it? OR messages from gmail rejected because they can't be signed
Dear Jose, Kinldy let us know now currently what entry is in /etc/tcprules.d/tcp.smtp if it is possible can put this entry to tcp.smtp instead of qmail-queue.orig to QMAILQUEUE="/var/qmail/bin/simscan" Kindly correct me if i am wrong. Regards, Ganesh On Thu, Jul 30, 2009 at 5:41 AM, Eric Shubert wrote: > I think you have the correct file from that rpm. Check your permissions and > ownership: > -rws--x--x 1 qmailq qmail 24776 Apr 23 10:28 qmail-queue.orig > > Jose Mario Pires wrote: > >> Hi, >> >> Does anyone know where can I find the /var/qmail/bin/qmail-queue.orig >> ? I erased it by mistake when I wanted to change the qmail-queue link. >> I am using qmail-toaster-1.03-1.3.15. I was hoping that it was the >> qmail-queue found in the >> qmail-toaster-1.03-1.3.15.x86_64.rpm compiled when I installed QMT, >> but when I use this file, this appears on the logs: >> >> >> qmail-smtpd: qq soft reject (qq trouble creating files in queue >> (#4.3.0)): MAILFROM: >> RCPTTO:x...@xpto.com >> >> >> and the message isn't delivered nor any error message is sent to the >> sender. >> >> I guess that I could just reinstall the RPM's (which ones? just the >> qmail-toaster*'s?), but in my ignorance I fear that it will change any >> of the configuration files and that would bring worse troubles than >> the one I am trying to solve. >> >> The reason for using qmail-queue.orig is disabling DK, which seems to >> be causing the rejection of messages coming from gmail. The IT guys >> from client tell me that it began happening when some idiot in the >> client decided to put a spam gateway between the QMT server and the >> router. >> >> Using qmail-dk, any message coming from gmail produces this in the smtp >> log: >> >> >> 2009-07-23 00:20:38.911531500 qmail-smtpd: qq soft reject (mail server >> temporarily rejected message (#4.3.0)): MAILFROM: >> rcpttox...@xto.com >> 2009-07-23 00:20:39.059815500 tcpserver: end 12429 status 0 >> 2009-07-23 00:20:39.059825500 tcpserver: status: 0/100 >> >> >> The error message received by the sender is: >> >> >> The original message was received at Thu, 23 Jul 2009 00:07:07 +0100 >> from mail-fx0-f222.google.com [209.85.220.222] >> >> - The following addresses had permanent fatal errors - >> >> (reason: 554 qmail-dk: Cannot sign message due to invalid message >> syntax. (#5.3.0)) >> >> - Transcript of session follows - >> ... while talking to [192.168.1.7]: >> >>> DATA > <<< 554 qmail-dk: Cannot sign message due to invalid message syntax. >> (#5.3.0) >> 554 5.0.0 Service unavailable >> >> Final-Recipient: RFC822; x...@xpto.com >> Action: failed >> Status: 5.0.0 >> Remote-MTA: DNS; [192.168.1.7] >> Diagnostic-Code: SMTP; 554 qmail-dk: Cannot sign message due to >> invalid message syntax. (#5.3.0) >> Last-Attempt-Date: Thu, 23 Jul 2009 00:20:25 +0100 >> >> >> Any input is welcome. >> >> Thank you very much. >> Jose >> >> > > -- > -Eric 'shubes' > > > > - > Qmailtoaster is sponsored by Vickers Consulting Group ( > www.vickersconsulting.com) > Vickers Consulting Group offers Qmailtoaster support and installations. > If you need professional help with your setup, contact them today! > > - >Please visit qmailtoaster.com for the latest news, updates, and > packages. > To unsubscribe, e-mail: > qmailtoaster-list-unsubscr...@qmailtoaster.com >For additional commands, e-mail: > qmailtoaster-list-h...@qmailtoaster.com > > >
Re: [qmailtoaster] Message not sent
Dear John, Kindly check your /etc/tcprules.d/tcp.smtp and check that CHKUSER setting. if it is possible then paste your /etc/tcprules.d/tcp.smtp contain.. Regards, Ganesh On Thu, Jul 30, 2009 at 1:27 AM, John Hansen wrote: > Hi, > > I'm starting to do some testing on a new install. I set up a couple of test > accounts and when I log into Squirrelmail and try to send an email from one > test account to another on the same server in the same domain, I get this > response just after hitting the send button. > > > Message not sent. Server replied: > > Unknown response > 571 sorry, sender address has invalid format (#5.7.1 - chkuser) > > Please advise. > > Thanks, > > John > > -- > This message has been scanned for viruses and > dangerous content by the Cotter Technology > Department, and is believed to be clean. > > > > - > Qmailtoaster is sponsored by Vickers Consulting Group ( > www.vickersconsulting.com) >Vickers Consulting Group offers Qmailtoaster support and installations. > If you need professional help with your setup, contact them today! > > - > Please visit qmailtoaster.com for the latest news, updates, and > packages. > > To unsubscribe, e-mail: > qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: > qmailtoaster-list-h...@qmailtoaster.com > > >
Re: [qmailtoaster] Virus problem
W dniu 29.07.2009 22:01, Natalio Gatti pisze: Maybe I didn'y explain myself. The infected user sends spam using my mail server. Maybe your server is hacked. :( You should check logs, directories with write permission for all. There are many dictionary attacks on ports ssh and pop3. Check ssh daemon (if you're hacked you probably have sshd2), try to find strange directories or binaries. There is possibility that someone has weak password and it was guessed by attacker. OSSEC can help you to protect your server, tripwire is good solution to protect your files. -- Pozdrawiam / Regards, Aleksander Podsiad?y
Re: [qmailtoaster] Re:qmailtoaster relay authentication
Thanks. In Linux it's not in that location. It is under edit > preferences > privacy > passwords It looks like that will do that trick. CJ - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re:qmailtoaster relay authentication
Yes; go to tools->option->security->passwords, there you can manage passwords. Johannes Am 30.07.2009 04:59, schrieb Maxwell Smart: I guess the real question is does Thunderbird have a cache for passwords and a password file? Can the password file be edited to clear passwords? -- |- | weberhofer GmbH | Johannes Weberhofer | information technologies | Austria, 1080 Wien, Blindengasse 52/3 |--->> - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re:qmailtoaster relay authentication
I may have found the problem. It appears to be the application and not the mail server. I was only renaming the outgoing account within Thunderbird. I added another outgoing account and was able to get it to ask me for the password. I am guessing (with no real way to confirm without delving into the inner workings of Thunderbird) that the password is not being deleted when I change the server and it doesn't kick it back as an incorrect password. Once I created a new account, closed and re-opened the application it connected and requested the password. I inserted the password and it authenticated and sent the mail properly. I guess the real question is does Thunderbird have a cache for passwords and a password file? Can the password file be edited to clear passwords? CJ Eric Shubert wrote: > Maxwell Smart wrote: >> I have two qmailtoaster installations that exhibit the same >> behavior. I am wondering if this is normal or can be fixed. >> I have my outgoing SMTP/POP3 mail server (using Thunderbird) on my >> office desktop set to use my toaster as a relay >> (http://mail.example.com) which works fine, but if I try to use it >> from my home machine it never connects. I wind up having to use my >> ISP's outgoing SMTP server. Which is fine for me, but customers with >> multiple desktops at their business are experiencing the same >> trouble. One machine will be able to connect and send mail using the >> toaster (http://mail.example.com), but others in the same office >> cannot. The names of the clients domains are in the rcpthosts file, >> which should allow them access regardless of what machine they are >> sending mail from. >> >> I have experienced this same issue with Qmail before using toaster, >> so it's either something I'm doing or it cannot be done. >> >> Thanks, >> >> CJ >> > > I'm guessing the former. ;) > > I don't think I have a clear picture of your situation yet. > I would check to see what IP the host name resolves to, then check to > be sure that you can route to that address. http://mail.example.com > might resolve to different addresses depending on where you ask > (public/private), and you may or may not be able to route to that > address, again depending on whether it's public or private. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Message not sent
> John Hansen wrote: > > Hi, > > > > I'm starting to do some testing on a new install. I set up a couple of test > > accounts and when I log into Squirrelmail and try to send an email from one > > test account to another on the same server in the same domain, I get this > > response just after hitting the send button. > > > > > > Message not sent. Server replied: > > > > Unknown response > > 571 sorry, sender address has invalid format (#5.7.1 - chkuser) > > > > Please advise. > > > > Thanks, > > > > John > > Eric wrote: > If you show us the sender's address that would help. > > -- > -Eric 'shubes' sender: t...@cotterschools.org recipient: test...@cotterschools.org The error message showed up in the senders window, not as an email, but as an error message immediately after hitting the send button. Both are test accounts I set up earlier. DNS is pointing internally. Let me know what else will help. -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Message not sent
John Hansen wrote: Hi, I'm starting to do some testing on a new install. I set up a couple of test accounts and when I log into Squirrelmail and try to send an email from one test account to another on the same server in the same domain, I get this response just after hitting the send button. Message not sent. Server replied: Unknown response 571 sorry, sender address has invalid format (#5.7.1 - chkuser) Please advise. Thanks, John If you show us the sender's address that would help. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re:qmailtoaster relay authentication
Maxwell Smart wrote: I have two qmailtoaster installations that exhibit the same behavior. I am wondering if this is normal or can be fixed. I have my outgoing SMTP/POP3 mail server (using Thunderbird) on my office desktop set to use my toaster as a relay (http://mail.example.com) which works fine, but if I try to use it from my home machine it never connects. I wind up having to use my ISP's outgoing SMTP server. Which is fine for me, but customers with multiple desktops at their business are experiencing the same trouble. One machine will be able to connect and send mail using the toaster (http://mail.example.com), but others in the same office cannot. The names of the clients domains are in the rcpthosts file, which should allow them access regardless of what machine they are sending mail from. I have experienced this same issue with Qmail before using toaster, so it's either something I'm doing or it cannot be done. Thanks, CJ I'm guessing the former. ;) I don't think I have a clear picture of your situation yet. I would check to see what IP the host name resolves to, then check to be sure that you can route to that address. http://mail.example.com might resolve to different addresses depending on where you ask (public/private), and you may or may not be able to route to that address, again depending on whether it's public or private. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re:qmailtoaster relay authentication
I have two qmailtoaster installations that exhibit the same behavior. I am wondering if this is normal or can be fixed. I have my outgoing SMTP/POP3 mail server (using Thunderbird) on my office desktop set to use my toaster as a relay (http://mail.example.com) which works fine, but if I try to use it from my home machine it never connects. I wind up having to use my ISP's outgoing SMTP server. Which is fine for me, but customers with multiple desktops at their business are experiencing the same trouble. One machine will be able to connect and send mail using the toaster (http://mail.example.com), but others in the same office cannot. The names of the clients domains are in the rcpthosts file, which should allow them access regardless of what machine they are sending mail from. I have experienced this same issue with Qmail before using toaster, so it's either something I'm doing or it cannot be done. Thanks, CJ - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmail-queue.orig - where can I find it? OR messages from gmail rejected because they can't be signed
I think you have the correct file from that rpm. Check your permissions and ownership: -rws--x--x 1 qmailq qmail 24776 Apr 23 10:28 qmail-queue.orig Jose Mario Pires wrote: Hi, Does anyone know where can I find the /var/qmail/bin/qmail-queue.orig ? I erased it by mistake when I wanted to change the qmail-queue link. I am using qmail-toaster-1.03-1.3.15. I was hoping that it was the qmail-queue found in the qmail-toaster-1.03-1.3.15.x86_64.rpm compiled when I installed QMT, but when I use this file, this appears on the logs: qmail-smtpd: qq soft reject (qq trouble creating files in queue (#4.3.0)): MAILFROM: RCPTTO:x...@xpto.com and the message isn't delivered nor any error message is sent to the sender. I guess that I could just reinstall the RPM's (which ones? just the qmail-toaster*'s?), but in my ignorance I fear that it will change any of the configuration files and that would bring worse troubles than the one I am trying to solve. The reason for using qmail-queue.orig is disabling DK, which seems to be causing the rejection of messages coming from gmail. The IT guys from client tell me that it began happening when some idiot in the client decided to put a spam gateway between the QMT server and the router. Using qmail-dk, any message coming from gmail produces this in the smtp log: 2009-07-23 00:20:38.911531500 qmail-smtpd: qq soft reject (mail server temporarily rejected message (#4.3.0)): MAILFROM: rcpttox...@xto.com 2009-07-23 00:20:39.059815500 tcpserver: end 12429 status 0 2009-07-23 00:20:39.059825500 tcpserver: status: 0/100 The error message received by the sender is: The original message was received at Thu, 23 Jul 2009 00:07:07 +0100 from mail-fx0-f222.google.com [209.85.220.222] - The following addresses had permanent fatal errors - (reason: 554 qmail-dk: Cannot sign message due to invalid message syntax. (#5.3.0)) - Transcript of session follows - ... while talking to [192.168.1.7]: DATA <<< 554 qmail-dk: Cannot sign message due to invalid message syntax. (#5.3.0) 554 5.0.0 Service unavailable Final-Recipient: RFC822; x...@xpto.com Action: failed Status: 5.0.0 Remote-MTA: DNS; [192.168.1.7] Diagnostic-Code: SMTP; 554 qmail-dk: Cannot sign message due to invalid message syntax. (#5.3.0) Last-Attempt-Date: Thu, 23 Jul 2009 00:20:25 +0100 Any input is welcome. Thank you very much. Jose -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmailtoaster and active directory integration
José Campos wrote: How can I authenticate windows active directory users on qmailtoaster (squirrelmail). Is this possible? All my users are windows ad objects. Thanks in advanced. That's not possible at this time ttbomk. We're working on an option to use LDAP in place of MySQL to store vpopmail authentication information. That along with samba *might* get you to where you want to go. A long term goal (of mine) is to have QMT able to authenticate with FreeIPA, which I believe will interface with AD nicely at some point. That's a ways off though. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Auto Bcc of incoming and ougoing mails
I have accounts on 32-bit toaster with >2G worth of email. Not all in the same folder though. I'm not using quotas and I am running dovecot. Courier doesn't handle large numbers of messages so well. ole.johan...@cryonix.no wrote: FYI 2: If you want to tap the whole server- multiple domain hosted QT, add this line in /var/qmail/control/taps: *:u...@example.com Where u...@example.com recieve all in/outbound emails regardsless what domain. Just a tought, 32 bits system you should not exceed 2GB sized email accounts, 64bit version handles larger sized accounts. Perhaps someone can verify this. Do: touch /var/qmail/control/taps vi /var/qmail/control/taps In vi, add the lines into taps: *...@yourdomainname.com:u...@example.com FYI u...@example.com is the email account who recieve the emails for both in/outbound of your *...@yourdomainname.com Ole. Thanks Ole, This helps me to mark a copy of both incoming and outgoing mails on 1 particular email id. What to do for below scenario: 1) All incoming copies on server is sent on incom...@example.com 2) All outgoing copies from server is sent to outgo...@example.com Thanks and Regards, Amit On Wed, Jul 22, 2009 at 5:25 PM, wrote: Hello, Wiki on Qmailatoaster: http://wiki.qmailtoaster.com Wiki spesific on the TAPS function: http://wiki.qmailtoaster.com/index.php/Taps Enjoy! Best Regards Ole Johansen CDS Hi Jake, Can you let me know the archive website URL. I'm using " http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/";. But I'm unable to find help about "getmail". Regards, Amit On Wed, Jul 22, 2009 at 5:03 PM, Jake Vickers wrote: amit IKF wrote: Hi, I want to make some settings on my server. 1) All the copy of incoming mails should be sent to 1 of the email id. 2) All the copy of outgoing mails from user should automatically sent to any single email id. Regards, Amit Read the wiki or the archives. Specifically "taps" -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] script needed
John Hansen wrote: I have converted from mbox to Maildir folders on my old server. I am moving the folders from my old mail server to my new mail server which is using Maildir with Qmailtoaster. The problem is my courierimapsubscribed file is unaware of the non-default folders the users have added themselves. I need a script that can look at all the files in my existing Maildir folder that do not match the default folders (ie .Sent, .Trash, .Drafts, cur, new, tmp, etc) and then append those file names to courierimapsubscribed so that my imap clients will recognize them. For example, say my user created a Maildir/.Folder1, I need the line INBOX.Folder1 appended to courierimapsubscribed. Can anyone help me come up with a script to do this? Thanks. I hate the way courier does that. Might I suggest using dovecot instead of courier? Dovecot would handle this as is, with no need for a script. Let me know offline if you'd like some help with dovecot. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Virus problem
On Wed, Jul 29, 2009 at 5:10 PM, Johannes Weberhofer, Weberhofer GmbH < off...@weberhofer.at> wrote: > I highly recommend to force the users to use Submission-Port 587 instead of > SMTP, which forces senders to authenticate against the server. Most > spam-senders do not have credentials for sending. In case they have, you can > simply locate the spam originators (and block them) > > Johannes > > It seems to be the "way to go". Thanks to all who contribute. Natalio.
Re: [qmailtoaster] Virus problem
I highly recommend to force the users to use Submission-Port 587 instead of SMTP, which forces senders to authenticate against the server. Most spam-senders do not have credentials for sending. In case they have, you can simply locate the spam originators (and block them) Johannes Am 29.07.2009 22:01, schrieb Natalio Gatti: On Wed, Jul 29, 2009 at 4:50 PM, Aleksander Podsiadly mailto:a...@westside.kielce.pl>> wrote: W dniu 29.07.2009 20:39, Natalio Gatti pisze: I saw your post, but using a proxy does not seem to be a solution for me. I already scan mails with clamav and spamassassin. I don't see which other benefits brings up to use that proxy. The spam sent by the infected machine does not contains virus. You scan only emails sent via you mail server. You don't scan emails sent directly to random IP's or via external mail servers, and that is the problem. SMTP-proxy and proper port 25 redirection can help you. For example: iptables -t nat -A PREROUTING -i $I_DEV -p tcp --dport 25 -s $MY_INTRANET --dst ! $E_IP -j DNAT --to $I_IP:9199 I_DEV - intranet eth device E_IP - external server IP I_IP - internal (intranet) server IP MY_INTRANET - IP/mask of intranet Maybe I didn'y explain myself. The infected user sends spam using my mail server. -- |- | weberhofer GmbH | Johannes Weberhofer | information technologies | Austria, 1080 Wien, Blindengasse 52/3 |--->> - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Virus problem
On Wed, Jul 29, 2009 at 4:50 PM, Aleksander Podsiadly < a...@westside.kielce.pl> wrote: > W dniu 29.07.2009 20:39, Natalio Gatti pisze: > > > > I saw your post, but using a proxy does not seem to be a solution for me. I > already scan mails with clamav and spamassassin. I don't see which other > benefits brings up to use that proxy. > The spam sent by the infected machine does not contains virus. > > You scan only emails sent via you mail server. You don't scan emails sent > directly to random IP's or via external mail servers, and that is the > problem. SMTP-proxy and proper port 25 redirection can help you. > For example: > iptables -t nat -A PREROUTING -i $I_DEV -p tcp --dport 25 -s $MY_INTRANET > --dst ! $E_IP -j DNAT --to $I_IP:9199 > I_DEV - intranet eth device > E_IP - external server IP > I_IP - internal (intranet) server IP > MY_INTRANET - IP/mask of intranet > Maybe I didn'y explain myself. The infected user sends spam using my mail server.
[qmailtoaster] Message not sent
Hi, I'm starting to do some testing on a new install. I set up a couple of test accounts and when I log into Squirrelmail and try to send an email from one test account to another on the same server in the same domain, I get this response just after hitting the send button. Message not sent. Server replied: Unknown response 571 sorry, sender address has invalid format (#5.7.1 - chkuser) Please advise. Thanks, John -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Virus problem
W dniu 29.07.2009 20:39, Natalio Gatti pisze: I saw your post, but using a proxy does not seem to be a solution for me. I already scan mails with clamav and spamassassin. I don't see which other benefits brings up to use that proxy. The spam sent by the infected machine does not contains virus. You scan only emails sent via you mail server. You don't scan emails sent directly to random IP's or via external mail servers, and that is the problem. SMTP-proxy and proper port 25 redirection can help you. For example: iptables -t nat -A PREROUTING -i $I_DEV -p tcp --dport 25 -s $MY_INTRANET --dst ! $E_IP -j DNAT --to $I_IP:9199 I_DEV - intranet eth device E_IP - external server IP I_IP - internal (intranet) server IP MY_INTRANET - IP/mask of intranet -- Pozdrawiam / Regards, Aleksander Podsiadły mail: a...@westside.kielce.pl jid: a...@jabber.westside.kielce.pl ICQ: 201121279 gg: 9150578
Re: [qmailtoaster] Virus problem
On Wed, Jul 29, 2009 at 4:16 PM, Vincent Deschênes wrote: > Requires authentication for your clients to send message and apply spam > protection to message coming from inside your network as if there were > coming from the internet. > > Your spam protection will not filter your authenticated sessions but will > filter the message sent by the virus (if the virus does not have access to > the credentials to authenticate.) > Mmm, that's a nice idea. I hope that the virus does not use authentication to send the spam. > VD > > > > *From:* Natalio Gatti [mailto:nga...@gmail.com] > *Sent:* Wednesday, July 29, 2009 1:46 PM > *To:* qmailtoaster-list@qmailtoaster.com > *Subject:* [qmailtoaster] Virus problem > > > > Hi List. > > I'm having an intermitten virus problem. From time to time a user gets > infected with a virus/worm that send tons of spam through the server. All > users are behind a NAT, so I can't know exactly which user/PC is the source > of the problem. > > How can I minimize this problem? > > > > Natalio >
Re: [qmailtoaster] Virus problem
2009/7/29 RICARDO BARROS > Block and log with iptables. > >From my server point of view, I see a single IP address (rememeber that the clients are behind NAT), so I can not control number of simultaneous connectios.
RE: [qmailtoaster] Virus problem
Requires authentication for your clients to send message and apply spam protection to message coming from inside your network as if there were coming from the internet. Your spam protection will not filter your authenticated sessions but will filter the message sent by the virus (if the virus does not have access to the credentials to authenticate.) VD From: Natalio Gatti [mailto:nga...@gmail.com] Sent: Wednesday, July 29, 2009 1:46 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Virus problem Hi List. I'm having an intermitten virus problem. From time to time a user gets infected with a virus/worm that send tons of spam through the server. All users are behind a NAT, so I can't know exactly which user/PC is the source of the problem. How can I minimize this problem? Natalio
Re: [qmailtoaster] Virus problem
Block and log with iptables. Ricardo Barros Manaus - AM - Brazil 2009/7/29 Aleksander Podsiadly > W dniu 29.07.2009 19:46, Natalio Gatti pisze: > > Hi List. > I'm having an intermitten virus problem. From time to time a user gets > infected with a virus/worm that send tons of spam through the server. All > users are behind a NAT, so I can't know exactly which user/PC is the source > of the problem. > How can I minimize this problem? > > Natalio > > Look at topic ,,how to control infected users'' and my post: > > http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg23261.html > > -- > Pozdrawiam / Regards, > Aleksander Podsiadły > >
Re: [qmailtoaster] Virus problem
On Wed, Jul 29, 2009 at 3:28 PM, Aleksander Podsiadly < a...@westside.kielce.pl> wrote: > W dniu 29.07.2009 19:46, Natalio Gatti pisze: > > Hi List. > I'm having an intermitten virus problem. From time to time a user gets > infected with a virus/worm that send tons of spam through the server. All > users are behind a NAT, so I can't know exactly which user/PC is the source > of the problem. > How can I minimize this problem? > > Natalio > > Look at topic ,,how to control infected users'' and my post: > > http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg23261.html > > -- > Pozdrawiam / Regards, > Aleksander Podsiadły > > I saw your post, but using a proxy does not seem to be a solution for me. I already scan mails with clamav and spamassassin. I don't see which other benefits brings up to use that proxy. The spam sent by the infected machine does not contains virus.
Re: [qmailtoaster] Virus problem
W dniu 29.07.2009 19:46, Natalio Gatti pisze: Hi List. I'm having an intermitten virus problem. From time to time a user gets infected with a virus/worm that send tons of spam through the server. All users are behind a NAT, so I can't know exactly which user/PC is the source of the problem. How can I minimize this problem? Natalio Look at topic ,,how to control infected users'' and my post: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg23261.html -- Pozdrawiam / Regards, Aleksander Podsiad?y
[qmailtoaster] Virus problem
Hi List. I'm having an intermitten virus problem. From time to time a user gets infected with a virus/worm that send tons of spam through the server. All users are behind a NAT, so I can't know exactly which user/PC is the source of the problem. How can I minimize this problem? Natalio