Re: [qmailtoaster] Is it getting Blocked?
hey eric Thanks for this I will try it today -- one thing though regarding : hostname being set correctly for your domain currently I have the hostname as : taster.local this machine is sitting off of a router connected to a DSL -- I do not have a domain like pps-inc.com --- so is that OK basically i think you are saying 2 things should 'match' I wonder if I am clear on that... I am not doing DNS or a MX for this particular dude. also I am using my isp smpt.fuse.net also also _ I have never done a yum remove of sendmail ( or anything like that before...) I might like to copy the sendmail.cf some where to see the alterations I made things like the SEND_AUTH stuff. thanks again! Eric Shubert wrote: Hey Jim, I just happened to be doing this today, so here are my notes on how to set up postfix to send mail out from a generic server, like for logwatch output and such (that would otherwise go to r...@localhost). {replace what's in braces, and remove braces} # yum install postfix # yum remove sendmail # cd /etc/pki/tls/certs # make postcert.pem # echo {submission.server.com}:587 {user:passwd} \ /etc/postfix/sasl_passwd # chmod 600 /etc/postfix/sasl_passwd # chown root:root /etc/postfix/sasl_passwd # postmap /etc/postfix/sasl_passwd Edit /etc/aliases if desired, then do newaliases command: root:sysadmin # newaliases Edit /etc/postfix/main.cf, changing these from the default values (this was CentOS5.3): myorigin = $mydomain #mydestination = mynetworks_style = host relayhost = {submission.server.com}:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_use_tls = yes smtp_tls_CAfile = /etc/pki/tls/certs/postcert.pem smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session/cache # service postfix start # chkconfig postfix on That should do it. Note, this configuration relies on hostname being set correctly for your domain. If it's not, you'll need to change the myorigin variable appropriately. Please let us know whether or not this works for you. Eric Shubert wrote: That's not telling us much. I sure don't know, and don't care to know sendmail. If you'd try using postfix again we might be of more help. For what you need, postfix isn't a bad choice. Certainly better than sendmail. Jim Shupert wrote: it is centos 4.7 running sendmail ( what came with it ) I started to install postfix because I am a bit more farmilur with that than send mail. Postfix was what i was using before i found -- the best mailserver solution of qmailtoaster... anyways I can email with a client ( evolution ) and that does come through even though I am using sendmail. the smtp server is one from the isp - a dsl modem etc. I can command line send mail ( sendmail ) to a gmail account - but not mu internal domain I was wondering about MX or Reverse DNS - here is the full header of the client ( evolution ) email that does come through X-Account-Key: account2 X-UIDL: 1251407849.13380.sifter.pps-inc.com,S=1797 X-Mozilla-Status: 0001 X-Mozilla-Status2: X-Mozilla-Keys: Return-Path: ppsgr...@zoomtown.com Delivered-To: jshup...@theppsgroup.com Received: (qmail 13378 invoked by uid 89); 27 Aug 2009 21:17:29 - Received: by simscan 1.3.1 ppid: 13371, pid: 13373, t: 0.1506s scanners: attach: 1.3.1 clamav: 0.95.2 /m:51/d:9450 spam: 3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sifter.pps-inc.com X-Spam-Level: X-Spam-Status: No, score=0.1 required=4.0 tests=BAYES_50,RDNS_NONE autolearn=no version=3.2.5 Received: from unknown (HELO mail-out1.fuse.net) (216.68.8.175) by sifter.pps-inc.com with SMTP; 27 Aug 2009 21:17:29 - Received-SPF: pass (sifter.pps-inc.com: SPF record at zoomtown.com designates 216.68.8.175 as permitted sender) Return-Path: ppsgr...@zoomtown.com X-CNFS-Analysis: v=1.0 c=1 a=_0eaEcvx3pEA:10 a=Qu4MKinT0AcdTVkTjP4A:9 a=Er_04BcmBtQYP8STtf3EGQ6vdGwA:4 X-CM-Score: 0 X-Scanned-by: Cloudmark Authority Engine Authentication-Results: ecout1 smtp.mail=ppsgr...@zoomtown.com; spf=unknown Authentication-Results: ecout1 smtp.user=ppsgr...@zoomtown.com; auth=pass (LOGIN) Received-SPF: error (ecout1: 208.102.118.162 is neither permitted nor denied by domain of zoomtown.com Received: from [208.102.118.162] ([208.102.118.162:50880] helo=[172.17.0.10]) by ecout1 (envelope-from ppsgr...@zoomtown.com) (ecelerity 2.2.2.43 r()) with ESMTPA id C1/DC-11180-8E7F69A4; Thu, 27 Aug 2009 17:17:29 -0400 Subject: jupiter999 From: ppsBnet ppsgr...@zoomtown.com Reply-To: ppsgr...@zoomtown.com To: jshup...@theppsgroup.com Organization: theppsgroup Date: Thu, 27 Aug 2009 17:13:02 -0400 Message-Id: 1251407582.3253.0.ca...@taster.local Mime-Version: 1.0 X-Mailer: Evolution 2.12.3 (2.12.3-8.el5_2.3) thanks
[qmailtoaster] chkuser question
hello, we get this error VERY RARELY when users try to send emails and we can cannot figure out the reason for this this happens only with ms outlook and there are quotes at each end of the users The following recipient(s) cannot be reached: 'u...@barclaysbank.com' on 6/9/2009 11:23 AM 511 sorry, recipient address has invalid format (#5.1.1 - chkuser) is there a solution / a way to disable checking of email id for quote marks ? thanks rajesh - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] re: harvesting
Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
These look like script kiddies (lame crackers) to me, not harvesters. They're simply a nuisance. Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
Anyway to drop their connection after 3 tries? CJ Eric Shubert wrote: These look like script kiddies (lame crackers) to me, not harvesters. They're simply a nuisance. Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
I don't know Fail2ban, so that might or might not handle it. Are you sure you're not dropping them after 3 tries now? There are only 2 few with 2 max. If you look a the logs in more detail, I expect you'd find that these attempts are coming from limited IP address ranges. You could block them with iptables. I don't think these are worth being concerned about though. Maxwell Smart wrote: Anyway to drop their connection after 3 tries? CJ Eric Shubert wrote: These look like script kiddies (lame crackers) to me, not harvesters. They're simply a nuisance. Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] TLS_connect_failed: Plesk mailserver
My user complain cant sent email to domain pegasusinsurindo.com when I check on send log this is error 08-28 19:09:05 delivery 243: deferral: TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake_failure;_connected_to_72.4.126.254./ already search on archive and google and only got this similar. http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e-workaround-and-fix/ but I am not using openssl 0.9.8e and from http://forum.parallels.com/printthread.php?t=52543 which I quote Does anybody know of a way to prevent Qmail from attempting a STARTTLS when sending to a server advertising STARTTLS capability? I am using centos 4.6 my toaster package is: [r...@server2 send]# rpm -qa | grep toaster libdomainkeys-toaster-0.68-1.3.3 courier-authlib-toaster-0.59.2-1.3.6 ezmlm-toaster-0.53.324-1.3.3 maildrop-toaster-2.0.3-1.3.5 squirrelmail-toaster-1.4.9a-1.3.6 simscan-toaster-1.3.1-1.3.6 daemontools-toaster-0.76-1.3.3 vpopmail-toaster-5.4.17-1.3.4 libsrs2-toaster-1.0.18-1.3.3 qmail-pop3d-toaster-1.03-1.3.15 courier-imap-toaster-4.1.2-1.3.7 control-panel-toaster-0.5-1.3.4 ezmlm-cgi-toaster-0.53.324-1.3.3 qmailmrtg-toaster-4.2-1.3.3 maildrop-toaster-devel-2.0.3-1.3.5 vqadmin-toaster-2.3.4-1.3.3 ripmime-toaster-1.4.0.6-1.3.3 qmailtoaster-plus.repo-0.1-1 spamassassin-toaster-3.2.5-1.3.17 ucspi-tcp-toaster-0.88-1.3.5 qmail-toaster-1.03-1.3.15 autorespond-toaster-2.0.4-1.3.3 qmailadmin-toaster-1.2.11-1.3.4 isoqlog-toaster-2.1-1.3.4 qmailtoaster-plus-0.3.1-1.4.11 clamav-toaster-0.95.2-1.3.29 my openssl version is [r...@server2 send]# rpm -qa | grep openssl openssl-0.9.7a-43.17.el4_6.1 xmlsec1-openssl-1.2.6-3 openssl096b-0.9.6b-22.46 openssl-devel-0.9.7a-43.17.el4_6.1 does anyone can execute the below command on his box? below output is the result on my end. openssl s_client -starttls smtp -crlf -connect mail.pegasusinsurindo.com:25 -debug CONNECTED(0003) read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37)) - 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152-app3. 0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152-app3.dotc 0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com 0030 - 45 53 4d 54 50 0d 0a ESMTP.. write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA)) - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS.. read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13)) - 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for tl 0010 - 73 0d 0a s.. write to 09D43330 [09D43378] (142 bytes = 142 (0x8E)) - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c... ..9.. 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.f. 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .c.. 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...@ 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`... 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56 ...V 0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96 .?..n.88C.y. 0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{ read from 09D43330 [09D488D8] (7 bytes = 7 (0x7)) - 15 03 01 00 02 02 28 ..( 9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:470: thanks before for the responde - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver
PakOgah wrote: My user complain cant sent email to domain pegasusinsurindo.com when I check on send log this is error 08-28 19:09:05 delivery 243: deferral: TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake_failure;_connected_to_72.4.126.254./ already search on archive and google and only got this similar. http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e-workaround-and-fix/ but I am not using openssl 0.9.8e and from http://forum.parallels.com/printthread.php?t=52543 which I quote Does anybody know of a way to prevent Qmail from attempting a STARTTLS when sending to a server advertising STARTTLS capability? I am using centos 4.6 my toaster package is: [r...@server2 send]# rpm -qa | grep toaster libdomainkeys-toaster-0.68-1.3.3 courier-authlib-toaster-0.59.2-1.3.6 ezmlm-toaster-0.53.324-1.3.3 maildrop-toaster-2.0.3-1.3.5 squirrelmail-toaster-1.4.9a-1.3.6 simscan-toaster-1.3.1-1.3.6 daemontools-toaster-0.76-1.3.3 vpopmail-toaster-5.4.17-1.3.4 libsrs2-toaster-1.0.18-1.3.3 qmail-pop3d-toaster-1.03-1.3.15 courier-imap-toaster-4.1.2-1.3.7 control-panel-toaster-0.5-1.3.4 ezmlm-cgi-toaster-0.53.324-1.3.3 qmailmrtg-toaster-4.2-1.3.3 maildrop-toaster-devel-2.0.3-1.3.5 vqadmin-toaster-2.3.4-1.3.3 ripmime-toaster-1.4.0.6-1.3.3 qmailtoaster-plus.repo-0.1-1 spamassassin-toaster-3.2.5-1.3.17 ucspi-tcp-toaster-0.88-1.3.5 qmail-toaster-1.03-1.3.15 autorespond-toaster-2.0.4-1.3.3 qmailadmin-toaster-1.2.11-1.3.4 isoqlog-toaster-2.1-1.3.4 qmailtoaster-plus-0.3.1-1.4.11 clamav-toaster-0.95.2-1.3.29 my openssl version is [r...@server2 send]# rpm -qa | grep openssl openssl-0.9.7a-43.17.el4_6.1 xmlsec1-openssl-1.2.6-3 openssl096b-0.9.6b-22.46 openssl-devel-0.9.7a-43.17.el4_6.1 does anyone can execute the below command on his box? below output is the result on my end. openssl s_client -starttls smtp -crlf -connect mail.pegasusinsurindo.com:25 -debug CONNECTED(0003) read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37)) - 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152-app3. 0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152-app3.dotc 0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com 0030 - 45 53 4d 54 50 0d 0a ESMTP.. write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA)) - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS.. read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13)) - 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for tl 0010 - 73 0d 0a s.. write to 09D43330 [09D43378] (142 bytes = 142 (0x8E)) - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c... ..9.. 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.f. 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .c.. 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...@ 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`... 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56 ...V 0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96 .?..n.88C.y. 0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{ read from 09D43330 [09D488D8] (7 bytes = 7 (0x7)) - 15 03 01 00 02 02 28 ..( 9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:470: thanks before for the responde I get the same failure with CentOS5.3, all up to date packages. So upgrading isn't going to fix this. I don't believe this is a problem on your end, and I don't know of a workaround either. You could try dyndns.org's outbound mailhop service ($15/yr). You would route mail for that domain via dyndns.org using smtproutes. Their mailhop servers might not fare any better though. I would contact the mail administrator at pegasus (dotcomindonesia.com) to see if you can't help with fixing their server. Better yet, offer to host pegasus's email for them, as their provider doesn't appear to have the most reliable system. ;) -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
Eric, I will look at the logs in more detail. Thanks for your input, I won't dwell on it. CJ Eric Shubert wrote: I don't know Fail2ban, so that might or might not handle it. Are you sure you're not dropping them after 3 tries now? There are only 2 few with 2 max. If you look a the logs in more detail, I expect you'd find that these attempts are coming from limited IP address ranges. You could block them with iptables. I don't think these are worth being concerned about though. Maxwell Smart wrote: Anyway to drop their connection after 3 tries? CJ Eric Shubert wrote: These look like script kiddies (lame crackers) to me, not harvesters. They're simply a nuisance. Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
I am currently looking into fail2ban and qmail. (since my sandbox stuff on centos still failing ;) Ole J Eric, I will look at the logs in more detail. Thanks for your input, I won't dwell on it. CJ Eric Shubert wrote: I don't know Fail2ban, so that might or might not handle it. Are you sure you're not dropping them after 3 tries now? There are only 2 few with 2 max. If you look a the logs in more detail, I expect you'd find that these attempts are coming from limited IP address ranges. You could block them with iptables. I don't think these are worth being concerned about though. Maxwell Smart wrote: Anyway to drop their connection after 3 tries? CJ Eric Shubert wrote: These look like script kiddies (lame crackers) to me, not harvesters. They're simply a nuisance. Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] TLS_connect_failed: Plesk mailserver
If you won't want to pay $15, don't want to contact the other server's admin, or you can't just get that domain's hosting yourself, you might consider setting up another qmail server w/o tls, possibly on a virtual machine or something, and use smtproutes on your main server, to send to that new qmail server, that will then forward it to the current hosts server, without tls. Basically, build your own proxy server for this one domain...Seems like a waste of time, but it's better than $15 a month for someone elses proxy server. :-) I like the idea of just getting them to host with you instead, and point out why they should. As Eric said, it doesn't look like their current host knows what's up. Mike -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: Friday, August 28, 2009 10:13 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver PakOgah wrote: My user complain cant sent email to domain pegasusinsurindo.com when I check on send log this is error 08-28 19:09:05 delivery 243: deferral: TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:ssl v3_alert_handshake_failure;_connected_to_72.4.126.254./ already search on archive and google and only got this similar. http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e- workaround-and-fix/ but I am not using openssl 0.9.8e and from http://forum.parallels.com/printthread.php?t=52543 which I quote Does anybody know of a way to prevent Qmail from attempting a STARTTLS when sending to a server advertising STARTTLS capability? I am using centos 4.6 my toaster package is: [r...@server2 send]# rpm -qa | grep toaster libdomainkeys-toaster-0.68-1.3.3 courier-authlib-toaster-0.59.2-1.3.6 ezmlm-toaster-0.53.324-1.3.3 maildrop-toaster-2.0.3-1.3.5 squirrelmail-toaster-1.4.9a-1.3.6 simscan-toaster-1.3.1-1.3.6 daemontools-toaster-0.76-1.3.3 vpopmail-toaster-5.4.17-1.3.4 libsrs2-toaster-1.0.18-1.3.3 qmail-pop3d-toaster-1.03-1.3.15 courier-imap-toaster-4.1.2-1.3.7 control-panel-toaster-0.5-1.3.4 ezmlm-cgi-toaster-0.53.324-1.3.3 qmailmrtg-toaster-4.2-1.3.3 maildrop-toaster-devel-2.0.3-1.3.5 vqadmin-toaster-2.3.4-1.3.3 ripmime-toaster-1.4.0.6-1.3.3 qmailtoaster-plus.repo-0.1-1 spamassassin-toaster-3.2.5-1.3.17 ucspi-tcp-toaster-0.88-1.3.5 qmail-toaster-1.03-1.3.15 autorespond-toaster-2.0.4-1.3.3 qmailadmin-toaster-1.2.11-1.3.4 isoqlog-toaster-2.1-1.3.4 qmailtoaster-plus-0.3.1-1.4.11 clamav-toaster-0.95.2-1.3.29 my openssl version is [r...@server2 send]# rpm -qa | grep openssl openssl-0.9.7a-43.17.el4_6.1 xmlsec1-openssl-1.2.6-3 openssl096b-0.9.6b-22.46 openssl-devel-0.9.7a-43.17.el4_6.1 does anyone can execute the below command on his box? below output is the result on my end. openssl s_client -starttls smtp -crlf -connect mail.pegasusinsurindo.com:25 -debug CONNECTED(0003) read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37)) - 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152- app3. 0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152- app3.dotc 0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com 0030 - 45 53 4d 54 50 0d 0a ESMTP.. write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA)) - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS.. read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13)) - 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for tl 0010 - 73 0d 0a s.. write to 09D43330 [09D43378] (142 bytes = 142 (0x8E)) - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c... ..9.. 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.f. 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .c.. 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...@ 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`... 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56 ...V 0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96 .?..n.88C.y. 0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{ read from 09D43330 [09D488D8] (7 bytes = 7 (0x7)) - 15 03 01 00 02 02 28 ..( 9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:470: thanks before for the responde I get the same failure with CentOS5.3, all up to date packages. So upgrading isn't going to fix this. I don't believe this is a problem on your end, and I don't know of a workaround either. You could try dyndns.org's outbound mailhop service ($15/yr). You would route mail for that domain
Re: [qmailtoaster] re: harvesting
Did you install kernel-xen-devel ?? There will be a new unionfs implementation for qtp-newmodel released soon, probably by the end of next week. You might just want to wait for that. This unionfs is implemented with FUSE (Filesystem in USEr space), so it's a bit more independent of the kernel. Stay tuned. ;) ole.johan...@cryonix.no wrote: I am currently looking into fail2ban and qmail. (since my sandbox stuff on centos still failing ;) Ole J -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver
That's $15/YR (for the record). That allows 150 emails per day. Pretty affordable, but then again, why spend it if you don't have to? Michael Colvin wrote: If you won't want to pay $15, don't want to contact the other server's admin, or you can't just get that domain's hosting yourself, you might consider setting up another qmail server w/o tls, possibly on a virtual machine or something, and use smtproutes on your main server, to send to that new qmail server, that will then forward it to the current hosts server, without tls. Basically, build your own proxy server for this one domain...Seems like a waste of time, but it's better than $15 a month for someone elses proxy server. :-) I like the idea of just getting them to host with you instead, and point out why they should. As Eric said, it doesn't look like their current host knows what's up. Mike -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: Friday, August 28, 2009 10:13 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver PakOgah wrote: My user complain cant sent email to domain pegasusinsurindo.com when I check on send log this is error 08-28 19:09:05 delivery 243: deferral: TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:ssl v3_alert_handshake_failure;_connected_to_72.4.126.254./ already search on archive and google and only got this similar. http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e- workaround-and-fix/ but I am not using openssl 0.9.8e and from http://forum.parallels.com/printthread.php?t=52543 which I quote Does anybody know of a way to prevent Qmail from attempting a STARTTLS when sending to a server advertising STARTTLS capability? I am using centos 4.6 my toaster package is: [r...@server2 send]# rpm -qa | grep toaster libdomainkeys-toaster-0.68-1.3.3 courier-authlib-toaster-0.59.2-1.3.6 ezmlm-toaster-0.53.324-1.3.3 maildrop-toaster-2.0.3-1.3.5 squirrelmail-toaster-1.4.9a-1.3.6 simscan-toaster-1.3.1-1.3.6 daemontools-toaster-0.76-1.3.3 vpopmail-toaster-5.4.17-1.3.4 libsrs2-toaster-1.0.18-1.3.3 qmail-pop3d-toaster-1.03-1.3.15 courier-imap-toaster-4.1.2-1.3.7 control-panel-toaster-0.5-1.3.4 ezmlm-cgi-toaster-0.53.324-1.3.3 qmailmrtg-toaster-4.2-1.3.3 maildrop-toaster-devel-2.0.3-1.3.5 vqadmin-toaster-2.3.4-1.3.3 ripmime-toaster-1.4.0.6-1.3.3 qmailtoaster-plus.repo-0.1-1 spamassassin-toaster-3.2.5-1.3.17 ucspi-tcp-toaster-0.88-1.3.5 qmail-toaster-1.03-1.3.15 autorespond-toaster-2.0.4-1.3.3 qmailadmin-toaster-1.2.11-1.3.4 isoqlog-toaster-2.1-1.3.4 qmailtoaster-plus-0.3.1-1.4.11 clamav-toaster-0.95.2-1.3.29 my openssl version is [r...@server2 send]# rpm -qa | grep openssl openssl-0.9.7a-43.17.el4_6.1 xmlsec1-openssl-1.2.6-3 openssl096b-0.9.6b-22.46 openssl-devel-0.9.7a-43.17.el4_6.1 does anyone can execute the below command on his box? below output is the result on my end. openssl s_client -starttls smtp -crlf -connect mail.pegasusinsurindo.com:25 -debug CONNECTED(0003) read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37)) - 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152- app3. 0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152- app3.dotc 0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com 0030 - 45 53 4d 54 50 0d 0a ESMTP.. write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA)) - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS.. read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13)) - 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for tl 0010 - 73 0d 0a s.. write to 09D43330 [09D43378] (142 bytes = 142 (0x8E)) - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c... ..9.. 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.f. 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .c.. 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...@ 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`... 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56 ...V 0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96 .?..n.88C.y. 0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{ read from 09D43330 [09D488D8] (7 bytes = 7 (0x7)) - 15 03 01 00 02 02 28 ..( 9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:470: thanks before for the responde I get the same failure with CentOS5.3, all up to date packages. So upgrading isn't going to fix this. I don't believe this is a problem on your end, and I don't know of a workaround either. You could try dyndns.org's outbound mailhop service ($15/yr). You would route mail for that domain via
Re: [qmailtoaster] VPOPMail Question
Michael Colvin wrote: A week or so ago I had some questions about QMT and brought up some questions about VPOPMail, related to connecting to a non-local database for the purposes of chkuser/vpopmail. I later thought, can I connect to two different databases? If I put two lines in vpopmail.mysql, will it check one, then the next? I did a little research, and it looks like you can put two lines in, but one is used for read only, and the other is used for read/write. Is this correct? Can anyone shed any light on this? I don't know. I would ask this on the vpopmail list (if nobody here knows). My goal is to have two databases. One that's used simply to verify that a specific account at a specific domain is legit. The other would be for mail that's delivered locally. There may not be a reason to do this, in the long run, but I'd like to know if it's possible. I'm sorta curious now too. And, lastly, what are peoples thoughts on using vpopmail configured where each domain has it's own table w/in MySQL (I believe this is default for the ISO), versus having one table for all domains? (This is how I have qmailrocks running now.) Are there any performance benefits to doing it one way or the other? I don't know this either. I doubt that performance would vary much one way or another. There are performance tuning factors that would have a much bigger impact. Personally, I prefer each domain with its own table, as it's more normalized (natural). That being said, if you're concerned about performance, you might want to consider an LDAP backend when it becomes available in vpopmail-5.5. I expect this to happen near the end of the year. (LDAP is available in 5.4.28, but you may need a patch for it, and it will change in 5.5 soon anyhow). -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Is it getting Blocked?
Jim Shupert wrote: hey eric Thanks for this I will try it today -- one thing though regarding : hostname being set correctly for your domain currently I have the hostname as : taster.local this machine is sitting off of a router connected to a DSL -- I do not have a domain like pps-inc.com --- so is that OK basically i think you are saying 2 things should 'match' I wonder if I am clear on that... I am not doing DNS or a MX for this particular dude. myorigin is the domain that you want postfix to appear to be sending from. In your case, I think you'd want to use: myorigin = pps-inc.com also I am using my isp smpt.fuse.net That shouldn't come into play (unless they're blocking port 587 outbound from your remote/postfix server). also also _ I have never done a yum remove of sendmail ( or anything like that before...) I might like to copy the sendmail.cf some where to see the alterations I made things like the SEND_AUTH stuff. Suit yourself. You shouldn't really need it any more though. thanks again! Sure. Eric Shubert wrote: Hey Jim, I just happened to be doing this today, so here are my notes on how to set up postfix to send mail out from a generic server, like for logwatch output and such (that would otherwise go to r...@localhost). {replace what's in braces, and remove braces} # yum install postfix # yum remove sendmail # cd /etc/pki/tls/certs # make postcert.pem # echo {submission.server.com}:587 {user:passwd} \ /etc/postfix/sasl_passwd # chmod 600 /etc/postfix/sasl_passwd # chown root:root /etc/postfix/sasl_passwd # postmap /etc/postfix/sasl_passwd Edit /etc/aliases if desired, then do newaliases command: root:sysadmin # newaliases Edit /etc/postfix/main.cf, changing these from the default values (this was CentOS5.3): myorigin = $mydomain #mydestination = mynetworks_style = host relayhost = {submission.server.com}:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_use_tls = yes smtp_tls_CAfile = /etc/pki/tls/certs/postcert.pem smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session/cache # service postfix start # chkconfig postfix on That should do it. Note, this configuration relies on hostname being set correctly for your domain. If it's not, you'll need to change the myorigin variable appropriately. Please let us know whether or not this works for you. Eric Shubert wrote: That's not telling us much. I sure don't know, and don't care to know sendmail. If you'd try using postfix again we might be of more help. For what you need, postfix isn't a bad choice. Certainly better than sendmail. Jim Shupert wrote: it is centos 4.7 running sendmail ( what came with it ) I started to install postfix because I am a bit more farmilur with that than send mail. Postfix was what i was using before i found -- the best mailserver solution of qmailtoaster... anyways I can email with a client ( evolution ) and that does come through even though I am using sendmail. the smtp server is one from the isp - a dsl modem etc. I can command line send mail ( sendmail ) to a gmail account - but not mu internal domain I was wondering about MX or Reverse DNS - here is the full header of the client ( evolution ) email that does come through X-Account-Key: account2 X-UIDL: 1251407849.13380.sifter.pps-inc.com,S=1797 X-Mozilla-Status: 0001 X-Mozilla-Status2: X-Mozilla-Keys: Return-Path: ppsgr...@zoomtown.com Delivered-To: jshup...@theppsgroup.com Received: (qmail 13378 invoked by uid 89); 27 Aug 2009 21:17:29 - Received: by simscan 1.3.1 ppid: 13371, pid: 13373, t: 0.1506s scanners: attach: 1.3.1 clamav: 0.95.2 /m:51/d:9450 spam: 3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sifter.pps-inc.com X-Spam-Level: X-Spam-Status: No, score=0.1 required=4.0 tests=BAYES_50,RDNS_NONE autolearn=no version=3.2.5 Received: from unknown (HELO mail-out1.fuse.net) (216.68.8.175) by sifter.pps-inc.com with SMTP; 27 Aug 2009 21:17:29 - Received-SPF: pass (sifter.pps-inc.com: SPF record at zoomtown.com designates 216.68.8.175 as permitted sender) Return-Path: ppsgr...@zoomtown.com X-CNFS-Analysis: v=1.0 c=1 a=_0eaEcvx3pEA:10 a=Qu4MKinT0AcdTVkTjP4A:9 a=Er_04BcmBtQYP8STtf3EGQ6vdGwA:4 X-CM-Score: 0 X-Scanned-by: Cloudmark Authority Engine Authentication-Results: ecout1 smtp.mail=ppsgr...@zoomtown.com; spf=unknown Authentication-Results: ecout1 smtp.user=ppsgr...@zoomtown.com; auth=pass (LOGIN) Received-SPF: error (ecout1: 208.102.118.162 is neither permitted nor denied by domain of zoomtown.com Received: from [208.102.118.162] ([208.102.118.162:50880] helo=[172.17.0.10]) by ecout1 (envelope-from ppsgr...@zoomtown.com) (ecelerity 2.2.2.43 r()) with ESMTPA id C1/DC-11180-8E7F69A4; Thu, 27 Aug 2009 17:17:29 -0400 Subject: jupiter999
Re: [qmailtoaster] re: harvesting
I do use OSSEC. Do you have a particular page that discusses this and how to set it up for blocking? or at least where I can read up on it? CJ Constantin IOAJA wrote: Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch *OSSEChttp://www.ossec.net/ OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Regards Constantin * - *E-mail Notification* == OSSEC HIDS Notification. 2009 Aug 28 14:09:22 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:09:20 mail vpopmail[5529]: vchkpw-pop3: vpopmail user not found test@:62.20.103.103 Aug 28 14:09:20 mail vpopmail[5526]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 .. Aug 28 14:09:17 mail vpopmail[5501]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 Aug 28 14:09:16 mail vpopmail[5497]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 --- OSSEC HIDS Notification. 2009 Aug 28 14:19:56 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:19:55 mail vpopmail[6175]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 Aug 28 14:19:55 mail vpopmail[6169]: vchkpw-pop3: vpopmail user not found backup@:62.20.103.103 . Aug 28 14:19:53 mail vpopmail[6147]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 Aug 28 14:19:53 mail vpopmail[6144]: vchkpw-pop3: vpopmail user not found news@:62.20.103.103 --- *active-responses.log* Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251458396.242407 9952 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
Maxwell Smart wrote: I do use OSSEC. Do you have a particular page that discusses this and how to set it up for blocking? or at least where I can read up on it? CJ Nope ! Only OSSEC site. http://www.ossec.net/wiki/index.php/FAQ http://www.ossec.net/main/manual/manual-faq/ http://www.ossec.net/main/manual/#install http://marc.info/?l=ossec-list and google ! Constantin - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
I found out what was happening. My notifications were being blocked by my SpamDyke. :( CJ Constantin IOAJA wrote: Maxwell Smart wrote: I do use OSSEC. Do you have a particular page that discusses this and how to set it up for blocking? or at least where I can read up on it? CJ Nope ! Only OSSEC site. http://www.ossec.net/wiki/index.php/FAQ http://www.ossec.net/main/manual/manual-faq/ http://www.ossec.net/main/manual/#install http://marc.info/?l=ossec-list and google ! Constantin - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] re: harvesting
Hello again, Sounds pretty stupid but is there a script to test email harvesting - I have to check my fail2ban addition.. Perhaps I got it right, but no one tries to hammer my vpopmail .. Ole J _ From: Constantin IOAJA [mailto:io...@cartel-alfa.ro] Sent: 28. august 2009 21:40 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] re: harvesting Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch OSSEChttp://www.ossec.net/ OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Regards Constantin - E-mail Notification == OSSEC HIDS Notification. 2009 Aug 28 14:09:22 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:09:20 mail vpopmail[5529]: vchkpw-pop3: vpopmail user not found test@:62.20.103.103 Aug 28 14:09:20 mail vpopmail[5526]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 .. Aug 28 14:09:17 mail vpopmail[5501]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 Aug 28 14:09:16 mail vpopmail[5497]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 --- OSSEC HIDS Notification. 2009 Aug 28 14:19:56 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:19:55 mail vpopmail[6175]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 Aug 28 14:19:55 mail vpopmail[6169]: vchkpw-pop3: vpopmail user not found backup@:62.20.103.103 . Aug 28 14:19:53 mail vpopmail[6147]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 Aug 28 14:19:53 mail vpopmail[6144]: vchkpw-pop3: vpopmail user not found news@:62.20.103.103 --- active-responses.log Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251458396.242407 9952
Re: [qmailtoaster] re: harvesting
Not stupid really. I don't know of one. Would someone care to create a wiki page about fail2ban on a toaster? Or perhaps write an install script for it that could be included in QTP? Ole N.Johansen wrote: Hello again, Sounds pretty stupid but is there a script to test “email harvesting” - I have to check my fail2ban addition.. Perhaps I got it right, but no one tries to hammer my vpopmail .. Ole J *From:* Constantin IOAJA [mailto:io...@cartel-alfa.ro] *Sent:* 28. august 2009 21:40 *To:* qmailtoaster-list@qmailtoaster.com *Subject:* Re: [qmailtoaster] re: harvesting Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch *OSSEChttp://www.ossec.net/ OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Regards Constantin * - *E-mail Notification* == OSSEC HIDS Notification. 2009 Aug 28 14:09:22 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:09:20 mail vpopmail[5529]: vchkpw-pop3: vpopmail user not found test@:62.20.103.103 mailto:test@:62.20.103.103 Aug 28 14:09:20 mail vpopmail[5526]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 .. Aug 28 14:09:17 mail vpopmail[5501]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 Aug 28 14:09:16 mail vpopmail[5497]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 --- OSSEC HIDS Notification. 2009 Aug 28 14:19:56 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:19:55 mail vpopmail[6175]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 mailto:demo@:62.20.103.103 Aug 28 14:19:55 mail vpopmail[6169]: vchkpw-pop3: vpopmail user not found backup@:62.20.103.103 mailto:backup@:62.20.103.103 . Aug 28 14:19:53 mail vpopmail[6147]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 mailto:demo@:62.20.103.103 Aug 28 14:19:53 mail vpopmail[6144]: vchkpw-pop3: vpopmail user not found news@:62.20.103.103 mailto:news@:62.20.103.103 --- *active-responses.log* Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251458396.242407 9952 -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
Constantin, Is that your OSSEC excerpt? What is the corresponding .conf look like? A wiki page for fail2ban and OSSEC would be nice. Inclusion in the QTP would be excellent too. The latest version of Webmin would be nice too. I will see if I can come up with some write up on fail2ban or OSSEC. I am by no means an expert. CJ Eric Shubert wrote: Not stupid really. I don't know of one. Would someone care to create a wiki page about fail2ban on a toaster? Or perhaps write an install script for it that could be included in QTP? Ole N.Johansen wrote: Hello again, Sounds pretty stupid but is there a script to test “email harvesting” - I have to check my fail2ban addition.. Perhaps I got it right, but no one tries to hammer my vpopmail .. Ole J *From:* Constantin IOAJA [mailto:io...@cartel-alfa.ro] *Sent:* 28. august 2009 21:40 *To:* qmailtoaster-list@qmailtoaster.com *Subject:* Re: [qmailtoaster] re: harvesting Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch *OSSEChttp://www.ossec.net/ OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Regards Constantin * - *E-mail Notification* == OSSEC HIDS Notification. 2009 Aug 28 14:09:22 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:09:20 mail vpopmail[5529]: vchkpw-pop3: vpopmail user not found test@:62.20.103.103 mailto:test@:62.20.103.103 Aug 28 14:09:20 mail vpopmail[5526]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 .. Aug 28 14:09:17 mail vpopmail[5501]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 Aug 28 14:09:16 mail vpopmail[5497]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 --- OSSEC HIDS Notification. 2009 Aug 28 14:19:56 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:19:55 mail vpopmail[6175]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 mailto:demo@:62.20.103.103 Aug 28 14:19:55 mail vpopmail[6169]: vchkpw-pop3: vpopmail user not found backup@:62.20.103.103 mailto:backup@:62.20.103.103 . Aug 28 14:19:53 mail vpopmail[6147]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 mailto:demo@:62.20.103.103 Aug 28 14:19:53 mail vpopmail[6144]: vchkpw-pop3: vpopmail user not found news@:62.20.103.103 mailto:news@:62.20.103.103 --- *active-responses.log* Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251458396.242407 9952 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qtp-backup as root
Jake Vickers wrote: I found where the issue was coming into play. When the script was refactored a space was accidentially introduced into the mysqldump routine that should not be there. I have fixed the error and if you download just the qtp-backup script from the QTP web site (http://qtp.qmailtoaster.com) this will correct the issue. Or you can edit the qtp-backup script and change line number 172 to look like this: -p$mysql_password \ Thanks that did work. It appears that when we keep a few days worth of backups in our /backup/qmailbkup directory, that the old backups are being included when the script condenses all the individual backups into 1 file. How would we modify the qtp-backup script so it only condenses down the current backup information into one file and leaves the previous backups alone? We are setting up the server so the qtp-backup script runs each night using our /etc/crontab file. Then we copy the backup file to an external USB hard drive. We also have lines to delete out the backups that are older than 3 days on the server itself and older than 14 days on the external USB hard drive. In case other people are interested in backing up to an external USB Drive -- We do this with the following lines in our /etc/crontab file: # backup the qmailtoaster data files including squirrelmail plugins 05 2 * * * root /usr/sbin/qtp-backup # copy today's backup file to USB drive to the postofficeBkups directory 32 03 * * * root find /backup/qmailbkup/* -type f -name '*' -mtime -1 -exec cp {} /mnt/usbdrive/postofficeBkups/ \; # delete local mail backups more than 3 days old 32 04 * * * root find /backup/qmailbkup/ -type f -cmin +4320 -exec rm -f {} \; # delete mail backups more than 14 days old (from time changed) on external USB drive 01 05 * * * root find /mnt/usbdrive/postofficeBkups/ -type f -ctime 14 -exec rm -f {} \;
[qmailtoaster] ETRN (Store and Forward)
I have a client with an Exchange server that just recently move to a location with high speed Internet, but they are behind a hosted firewall that does not allow the email to be delivered directly. The appropriate changes have been requested, but they need a temporary solution for the interum period. Is there a method to allow incoming email for their domain to be queued until their server requests the email. Thank you in advance, James _ Hotmail® is up to 70% faster. Now good news travels really fast. http://windowslive.com/online/hotmail?ocid=PID23391::T:WLMTAGL:ON:WL:en-US:WM_HYGN_faster:082009
Re: [qmailtoaster] ETRN (Store and Forward)
James Ecker wrote: I have a client with an Exchange server that just recently move to a location with high speed Internet, but they are behind a hosted firewall that does not allow the email to be delivered directly. The appropriate changes have been requested, but they need a temporary solution for the interum period. Is there a method to allow incoming email for their domain to be queued until their server requests the email. Thank you in advance, James Can't you simply receive email for their domain (on your toaster I'm presuming), then use smtproutes to send it on to exchange on a non-standard (e.g. 2525) port? They would need to configure exchange to listen on that port. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] ETRN (Store and Forward)
Unfortunately, there are no open ports. To: qmailtoaster-list@qmailtoaster.com From: e...@shubes.net Date: Fri, 28 Aug 2009 19:50:37 -0700 Subject: Re: [qmailtoaster] ETRN (Store and Forward) James Ecker wrote: I have a client with an Exchange server that just recently move to a location with high speed Internet, but they are behind a hosted firewall that does not allow the email to be delivered directly. The appropriate changes have been requested, but they need a temporary solution for the interum period. Is there a method to allow incoming email for their domain to be queued until their server requests the email. Thank you in advance, James Can't you simply receive email for their domain (on your toaster I'm presuming), then use smtproutes to send it on to exchange on a non-standard (e.g. 2525) port? They would need to configure exchange to listen on that port. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com _ Hotmail® is up to 70% faster. Now good news travels really fast. http://windowslive.com/online/hotmail?ocid=PID23391::T:WLMTAGL:ON:WL:en-US:WM_HYGN_faster:082009