Re: [qmailtoaster] Is it getting Blocked?
hey eric
Thanks for this I will try it today -- one thing though
regarding : hostname being set correctly for your domain
currently I have the hostname as : taster.local
this machine is sitting off of a router connected to a DSL -- I do not
have a domain like
pps-inc.com --- so is that OK
basically i think you are saying 2 things should 'match' I wonder if I
am clear on that...
I am not doing DNS or a MX for this particular dude.
also I am using my isp smpt.fuse.net
also also _ I have never done a yum remove of sendmail ( or anything
like that before...)
I might like to copy the sendmail.cf some where to see the alterations
I made
things like the SEND_AUTH stuff.
thanks again!
Eric Shubert wrote:
Hey Jim,
I just happened to be doing this today, so here are my notes on how to
set up postfix to send mail out from a generic server, like for
logwatch output and such (that would otherwise go to r...@localhost).
{replace what's in braces, and remove braces}
# yum install postfix
# yum remove sendmail
# cd /etc/pki/tls/certs
# make postcert.pem
# echo {submission.server.com}:587 {user:passwd} \
/etc/postfix/sasl_passwd
# chmod 600 /etc/postfix/sasl_passwd
# chown root:root /etc/postfix/sasl_passwd
# postmap /etc/postfix/sasl_passwd
Edit /etc/aliases if desired, then do newaliases command:
root:sysadmin
# newaliases
Edit /etc/postfix/main.cf, changing these from the default values
(this was CentOS5.3):
myorigin = $mydomain
#mydestination =
mynetworks_style = host
relayhost = {submission.server.com}:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
smtp_use_tls = yes
smtp_tls_CAfile = /etc/pki/tls/certs/postcert.pem
smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session/cache
# service postfix start
# chkconfig postfix on
That should do it.
Note, this configuration relies on hostname being set correctly for
your domain. If it's not, you'll need to change the myorigin variable
appropriately.
Please let us know whether or not this works for you.
Eric Shubert wrote:
That's not telling us much. I sure don't know, and don't care to know
sendmail. If you'd try using postfix again we might be of more help.
For what you need, postfix isn't a bad choice. Certainly better than
sendmail.
Jim Shupert wrote:
it is centos 4.7 running sendmail ( what came with it ) I started
to install postfix because I am a bit more farmilur with that than
send mail.
Postfix was what i was using before i found -- the best mailserver
solution of qmailtoaster...
anyways
I can email with a client ( evolution ) and that does come through
even though I am using sendmail. the smtp server is one from the isp
- a dsl modem etc.
I can command line send mail ( sendmail ) to a gmail account - but
not mu internal domain
I was wondering about MX or Reverse DNS -
here is the full header of the client ( evolution ) email that does
come through
X-Account-Key: account2
X-UIDL: 1251407849.13380.sifter.pps-inc.com,S=1797
X-Mozilla-Status: 0001
X-Mozilla-Status2:
X-Mozilla-Keys:
Return-Path: ppsgr...@zoomtown.com
Delivered-To: jshup...@theppsgroup.com
Received: (qmail 13378 invoked by uid 89); 27 Aug 2009 21:17:29 -
Received: by simscan 1.3.1 ppid: 13371, pid: 13373, t: 0.1506s
scanners: attach: 1.3.1 clamav: 0.95.2
/m:51/d:9450 spam: 3.2.5
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
sifter.pps-inc.com
X-Spam-Level:
X-Spam-Status: No, score=0.1 required=4.0 tests=BAYES_50,RDNS_NONE
autolearn=no version=3.2.5
Received: from unknown (HELO mail-out1.fuse.net) (216.68.8.175)
by sifter.pps-inc.com with SMTP; 27 Aug 2009 21:17:29 -
Received-SPF: pass (sifter.pps-inc.com: SPF record at zoomtown.com
designates 216.68.8.175 as permitted sender)
Return-Path: ppsgr...@zoomtown.com
X-CNFS-Analysis: v=1.0 c=1 a=_0eaEcvx3pEA:10
a=Qu4MKinT0AcdTVkTjP4A:9 a=Er_04BcmBtQYP8STtf3EGQ6vdGwA:4
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Authentication-Results: ecout1 smtp.mail=ppsgr...@zoomtown.com;
spf=unknown
Authentication-Results: ecout1 smtp.user=ppsgr...@zoomtown.com;
auth=pass (LOGIN)
Received-SPF: error (ecout1: 208.102.118.162 is neither permitted
nor denied by domain of zoomtown.com
Received: from [208.102.118.162] ([208.102.118.162:50880]
helo=[172.17.0.10])
by ecout1 (envelope-from ppsgr...@zoomtown.com)
(ecelerity 2.2.2.43 r()) with ESMTPA
id C1/DC-11180-8E7F69A4; Thu, 27 Aug 2009 17:17:29 -0400
Subject: jupiter999
From: ppsBnet ppsgr...@zoomtown.com
Reply-To: ppsgr...@zoomtown.com
To: jshup...@theppsgroup.com
Organization: theppsgroup
Date: Thu, 27 Aug 2009 17:13:02 -0400
Message-Id: 1251407582.3253.0.ca...@taster.local
Mime-Version: 1.0
X-Mailer: Evolution 2.12.3 (2.12.3-8.el5_2.3)
thanks
[qmailtoaster] chkuser question
hello, we get this error VERY RARELY when users try to send emails and we can cannot figure out the reason for this this happens only with ms outlook and there are quotes at each end of the users The following recipient(s) cannot be reached: 'u...@barclaysbank.com' on 6/9/2009 11:23 AM 511 sorry, recipient address has invalid format (#5.1.1 - chkuser) is there a solution / a way to disable checking of email id for quote marks ? thanks rajesh - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] re: harvesting
Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
These look like script kiddies (lame crackers) to me, not harvesters. They're simply a nuisance. Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
Anyway to drop their connection after 3 tries? CJ Eric Shubert wrote: These look like script kiddies (lame crackers) to me, not harvesters. They're simply a nuisance. Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
I don't know Fail2ban, so that might or might not handle it. Are you sure you're not dropping them after 3 tries now? There are only 2 few with 2 max. If you look a the logs in more detail, I expect you'd find that these attempts are coming from limited IP address ranges. You could block them with iptables. I don't think these are worth being concerned about though. Maxwell Smart wrote: Anyway to drop their connection after 3 tries? CJ Eric Shubert wrote: These look like script kiddies (lame crackers) to me, not harvesters. They're simply a nuisance. Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] TLS_connect_failed: Plesk mailserver
My user complain cant sent email to domain pegasusinsurindo.com
when I check on send log this is error
08-28 19:09:05 delivery 243: deferral:
TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake_failure;_connected_to_72.4.126.254./
already search on archive and google and only got this similar.
http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e-workaround-and-fix/
but I am not using openssl 0.9.8e
and from http://forum.parallels.com/printthread.php?t=52543
which I quote Does anybody know of a way to prevent Qmail from
attempting a STARTTLS when sending to a server advertising STARTTLS
capability?
I am using centos 4.6
my toaster package is:
[r...@server2 send]# rpm -qa | grep toaster
libdomainkeys-toaster-0.68-1.3.3
courier-authlib-toaster-0.59.2-1.3.6
ezmlm-toaster-0.53.324-1.3.3
maildrop-toaster-2.0.3-1.3.5
squirrelmail-toaster-1.4.9a-1.3.6
simscan-toaster-1.3.1-1.3.6
daemontools-toaster-0.76-1.3.3
vpopmail-toaster-5.4.17-1.3.4
libsrs2-toaster-1.0.18-1.3.3
qmail-pop3d-toaster-1.03-1.3.15
courier-imap-toaster-4.1.2-1.3.7
control-panel-toaster-0.5-1.3.4
ezmlm-cgi-toaster-0.53.324-1.3.3
qmailmrtg-toaster-4.2-1.3.3
maildrop-toaster-devel-2.0.3-1.3.5
vqadmin-toaster-2.3.4-1.3.3
ripmime-toaster-1.4.0.6-1.3.3
qmailtoaster-plus.repo-0.1-1
spamassassin-toaster-3.2.5-1.3.17
ucspi-tcp-toaster-0.88-1.3.5
qmail-toaster-1.03-1.3.15
autorespond-toaster-2.0.4-1.3.3
qmailadmin-toaster-1.2.11-1.3.4
isoqlog-toaster-2.1-1.3.4
qmailtoaster-plus-0.3.1-1.4.11
clamav-toaster-0.95.2-1.3.29
my openssl version is
[r...@server2 send]# rpm -qa | grep openssl
openssl-0.9.7a-43.17.el4_6.1
xmlsec1-openssl-1.2.6-3
openssl096b-0.9.6b-22.46
openssl-devel-0.9.7a-43.17.el4_6.1
does anyone can execute the below command on his box? below output is
the result on my end.
openssl s_client -starttls smtp -crlf -connect
mail.pegasusinsurindo.com:25 -debug
CONNECTED(0003)
read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37))
- 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152-app3.
0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152-app3.dotc
0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com
0030 - 45 53 4d 54 50 0d 0a ESMTP..
write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA))
- 53 54 41 52 54 54 4c 53-0d 0a STARTTLS..
read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13))
- 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for tl
0010 - 73 0d 0a s..
write to 09D43330 [09D43378] (142 bytes = 142 (0x8E))
- 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.f.
0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .c..
0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...@
0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`...
0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56 ...V
0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96 .?..n.88C.y.
0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{
read from 09D43330 [09D488D8] (7 bytes = 7 (0x7))
- 15 03 01 00 02 02 28 ..(
9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure:s23_clnt.c:470:
thanks before for the responde
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver
PakOgah wrote:
My user complain cant sent email to domain pegasusinsurindo.com
when I check on send log this is error
08-28 19:09:05 delivery 243: deferral:
TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake_failure;_connected_to_72.4.126.254./
already search on archive and google and only got this similar.
http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e-workaround-and-fix/
but I am not using openssl 0.9.8e
and from http://forum.parallels.com/printthread.php?t=52543
which I quote Does anybody know of a way to prevent Qmail from
attempting a STARTTLS when sending to a server advertising STARTTLS
capability?
I am using centos 4.6
my toaster package is:
[r...@server2 send]# rpm -qa | grep toaster
libdomainkeys-toaster-0.68-1.3.3
courier-authlib-toaster-0.59.2-1.3.6
ezmlm-toaster-0.53.324-1.3.3
maildrop-toaster-2.0.3-1.3.5
squirrelmail-toaster-1.4.9a-1.3.6
simscan-toaster-1.3.1-1.3.6
daemontools-toaster-0.76-1.3.3
vpopmail-toaster-5.4.17-1.3.4
libsrs2-toaster-1.0.18-1.3.3
qmail-pop3d-toaster-1.03-1.3.15
courier-imap-toaster-4.1.2-1.3.7
control-panel-toaster-0.5-1.3.4
ezmlm-cgi-toaster-0.53.324-1.3.3
qmailmrtg-toaster-4.2-1.3.3
maildrop-toaster-devel-2.0.3-1.3.5
vqadmin-toaster-2.3.4-1.3.3
ripmime-toaster-1.4.0.6-1.3.3
qmailtoaster-plus.repo-0.1-1
spamassassin-toaster-3.2.5-1.3.17
ucspi-tcp-toaster-0.88-1.3.5
qmail-toaster-1.03-1.3.15
autorespond-toaster-2.0.4-1.3.3
qmailadmin-toaster-1.2.11-1.3.4
isoqlog-toaster-2.1-1.3.4
qmailtoaster-plus-0.3.1-1.4.11
clamav-toaster-0.95.2-1.3.29
my openssl version is
[r...@server2 send]# rpm -qa | grep openssl
openssl-0.9.7a-43.17.el4_6.1
xmlsec1-openssl-1.2.6-3
openssl096b-0.9.6b-22.46
openssl-devel-0.9.7a-43.17.el4_6.1
does anyone can execute the below command on his box? below output is
the result on my end.
openssl s_client -starttls smtp -crlf -connect
mail.pegasusinsurindo.com:25 -debug
CONNECTED(0003)
read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37))
- 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152-app3.
0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152-app3.dotc
0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com
0030 - 45 53 4d 54 50 0d 0a ESMTP..
write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA))
- 53 54 41 52 54 54 4c 53-0d 0a STARTTLS..
read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13))
- 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for tl
0010 - 73 0d 0a s..
write to 09D43330 [09D43378] (142 bytes = 142 (0x8E))
- 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.f.
0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .c..
0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...@
0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`...
0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56 ...V
0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96 .?..n.88C.y.
0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{
read from 09D43330 [09D488D8] (7 bytes = 7 (0x7))
- 15 03 01 00 02 02 28 ..(
9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure:s23_clnt.c:470:
thanks before for the responde
I get the same failure with CentOS5.3, all up to date packages. So
upgrading isn't going to fix this.
I don't believe this is a problem on your end, and I don't know of a
workaround either.
You could try dyndns.org's outbound mailhop service ($15/yr). You would
route mail for that domain via dyndns.org using smtproutes. Their
mailhop servers might not fare any better though.
I would contact the mail administrator at pegasus (dotcomindonesia.com)
to see if you can't help with fixing their server. Better yet, offer to
host pegasus's email for them, as their provider doesn't appear to have
the most reliable system. ;)
--
-Eric 'shubes'
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
Eric, I will look at the logs in more detail. Thanks for your input, I won't dwell on it. CJ Eric Shubert wrote: I don't know Fail2ban, so that might or might not handle it. Are you sure you're not dropping them after 3 tries now? There are only 2 few with 2 max. If you look a the logs in more detail, I expect you'd find that these attempts are coming from limited IP address ranges. You could block them with iptables. I don't think these are worth being concerned about though. Maxwell Smart wrote: Anyway to drop their connection after 3 tries? CJ Eric Shubert wrote: These look like script kiddies (lame crackers) to me, not harvesters. They're simply a nuisance. Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
I am currently looking into fail2ban and qmail. (since my sandbox stuff on centos still failing ;) Ole J Eric, I will look at the logs in more detail. Thanks for your input, I won't dwell on it. CJ Eric Shubert wrote: I don't know Fail2ban, so that might or might not handle it. Are you sure you're not dropping them after 3 tries now? There are only 2 few with 2 max. If you look a the logs in more detail, I expect you'd find that these attempts are coming from limited IP address ranges. You could block them with iptables. I don't think these are worth being concerned about though. Maxwell Smart wrote: Anyway to drop their connection after 3 tries? CJ Eric Shubert wrote: These look like script kiddies (lame crackers) to me, not harvesters. They're simply a nuisance. Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch - vpopmail Begin No Such User Found: acc...@area510.net - 1 Time(s) acco...@area510.net - 1 Time(s) ad...@area510.net - 2 Time(s) administra...@area510.net - 2 Time(s) a...@area510.net - 1 Time(s) bac...@area510.net - 1 Time(s) char...@area510.net - 1 Time(s) da...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) in...@area510.net - 1 Time(s) infor...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) li...@area510.net - 1 Time(s) m...@area510.net - 1 Time(s) mo...@area510.net - 1 Time(s) mon...@area510.net - 1 Time(s) nic...@area510.net - 1 Time(s) orac...@area510.net - 1 Time(s) ora...@area510.net - 2 Time(s) p...@area510.net - 1 Time(s) r...@area510.net - 2 Time(s) serv...@area510.net - 1 Time(s) ser...@area510.net - 1 Time(s) syb...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) te...@area510.net - 1 Time(s) t...@area510.net - 2 Time(s) te...@area510.net - 1 Time(s) tho...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) us...@area510.net - 1 Time(s) u...@area510.net - 2 Time(s) w...@area510.net - 2 Time(s) webmas...@area510.net - 2 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 1 Time(s) w...@area510.net - 2 Time(s) -- vpopmail End - - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] TLS_connect_failed: Plesk mailserver
If you won't want to pay $15, don't want to contact the other server's
admin, or you can't just get that domain's hosting yourself, you might
consider setting up another qmail server w/o tls, possibly on a virtual
machine or something, and use smtproutes on your main server, to send to
that new qmail server, that will then forward it to the current hosts
server, without tls.
Basically, build your own proxy server for this one domain...Seems like a
waste of time, but it's better than $15 a month for someone elses proxy
server. :-)
I like the idea of just getting them to host with you instead, and point out
why they should. As Eric said, it doesn't look like their current host
knows what's up.
Mike
-Original Message-
From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert
Sent: Friday, August 28, 2009 10:13 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver
PakOgah wrote:
My user complain cant sent email to domain pegasusinsurindo.com
when I check on send log this is error
08-28 19:09:05 delivery 243: deferral:
TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:ssl
v3_alert_handshake_failure;_connected_to_72.4.126.254./
already search on archive and google and only got this similar.
http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e-
workaround-and-fix/
but I am not using openssl 0.9.8e
and from http://forum.parallels.com/printthread.php?t=52543
which I quote Does anybody know of a way to prevent Qmail from
attempting a STARTTLS when sending to a server advertising STARTTLS
capability?
I am using centos 4.6
my toaster package is:
[r...@server2 send]# rpm -qa | grep toaster
libdomainkeys-toaster-0.68-1.3.3
courier-authlib-toaster-0.59.2-1.3.6
ezmlm-toaster-0.53.324-1.3.3
maildrop-toaster-2.0.3-1.3.5
squirrelmail-toaster-1.4.9a-1.3.6
simscan-toaster-1.3.1-1.3.6
daemontools-toaster-0.76-1.3.3
vpopmail-toaster-5.4.17-1.3.4
libsrs2-toaster-1.0.18-1.3.3
qmail-pop3d-toaster-1.03-1.3.15
courier-imap-toaster-4.1.2-1.3.7
control-panel-toaster-0.5-1.3.4
ezmlm-cgi-toaster-0.53.324-1.3.3
qmailmrtg-toaster-4.2-1.3.3
maildrop-toaster-devel-2.0.3-1.3.5
vqadmin-toaster-2.3.4-1.3.3
ripmime-toaster-1.4.0.6-1.3.3
qmailtoaster-plus.repo-0.1-1
spamassassin-toaster-3.2.5-1.3.17
ucspi-tcp-toaster-0.88-1.3.5
qmail-toaster-1.03-1.3.15
autorespond-toaster-2.0.4-1.3.3
qmailadmin-toaster-1.2.11-1.3.4
isoqlog-toaster-2.1-1.3.4
qmailtoaster-plus-0.3.1-1.4.11
clamav-toaster-0.95.2-1.3.29
my openssl version is
[r...@server2 send]# rpm -qa | grep openssl
openssl-0.9.7a-43.17.el4_6.1
xmlsec1-openssl-1.2.6-3
openssl096b-0.9.6b-22.46
openssl-devel-0.9.7a-43.17.el4_6.1
does anyone can execute the below command on his box? below output is
the result on my end.
openssl s_client -starttls smtp -crlf -connect
mail.pegasusinsurindo.com:25 -debug
CONNECTED(0003)
read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37))
- 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152-
app3.
0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152-
app3.dotc
0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com
0030 - 45 53 4d 54 50 0d 0a ESMTP..
write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA))
- 53 54 41 52 54 54 4c 53-0d 0a STARTTLS..
read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13))
- 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for
tl
0010 - 73 0d 0a s..
write to 09D43330 [09D43378] (142 bytes = 142 (0x8E))
- 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c...
..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0
8..5
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00
..3..2../.f.
0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00
.c..
0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40
b..a...@
0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00
..e..d..`...
0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56
...V
0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96
.?..n.88C.y.
0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{
read from 09D43330 [09D488D8] (7 bytes = 7 (0x7))
- 15 03 01 00 02 02 28 ..(
9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure:s23_clnt.c:470:
thanks before for the responde
I get the same failure with CentOS5.3, all up to date packages. So
upgrading isn't going to fix this.
I don't believe this is a problem on your end, and I don't know of a
workaround either.
You could try dyndns.org's outbound mailhop service ($15/yr). You would
route mail for that domain
Re: [qmailtoaster] re: harvesting
Did you install kernel-xen-devel ?? There will be a new unionfs implementation for qtp-newmodel released soon, probably by the end of next week. You might just want to wait for that. This unionfs is implemented with FUSE (Filesystem in USEr space), so it's a bit more independent of the kernel. Stay tuned. ;) ole.johan...@cryonix.no wrote: I am currently looking into fail2ban and qmail. (since my sandbox stuff on centos still failing ;) Ole J -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver
That's $15/YR (for the record). That allows 150 emails per day. Pretty
affordable, but then again, why spend it if you don't have to?
Michael Colvin wrote:
If you won't want to pay $15, don't want to contact the other server's
admin, or you can't just get that domain's hosting yourself, you might
consider setting up another qmail server w/o tls, possibly on a virtual
machine or something, and use smtproutes on your main server, to send to
that new qmail server, that will then forward it to the current hosts
server, without tls.
Basically, build your own proxy server for this one domain...Seems like a
waste of time, but it's better than $15 a month for someone elses proxy
server. :-)
I like the idea of just getting them to host with you instead, and point out
why they should. As Eric said, it doesn't look like their current host
knows what's up.
Mike
-Original Message-
From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert
Sent: Friday, August 28, 2009 10:13 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver
PakOgah wrote:
My user complain cant sent email to domain pegasusinsurindo.com
when I check on send log this is error
08-28 19:09:05 delivery 243: deferral:
TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:ssl
v3_alert_handshake_failure;_connected_to_72.4.126.254./
already search on archive and google and only got this similar.
http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e-
workaround-and-fix/
but I am not using openssl 0.9.8e
and from http://forum.parallels.com/printthread.php?t=52543
which I quote Does anybody know of a way to prevent Qmail from
attempting a STARTTLS when sending to a server advertising STARTTLS
capability?
I am using centos 4.6
my toaster package is:
[r...@server2 send]# rpm -qa | grep toaster
libdomainkeys-toaster-0.68-1.3.3
courier-authlib-toaster-0.59.2-1.3.6
ezmlm-toaster-0.53.324-1.3.3
maildrop-toaster-2.0.3-1.3.5
squirrelmail-toaster-1.4.9a-1.3.6
simscan-toaster-1.3.1-1.3.6
daemontools-toaster-0.76-1.3.3
vpopmail-toaster-5.4.17-1.3.4
libsrs2-toaster-1.0.18-1.3.3
qmail-pop3d-toaster-1.03-1.3.15
courier-imap-toaster-4.1.2-1.3.7
control-panel-toaster-0.5-1.3.4
ezmlm-cgi-toaster-0.53.324-1.3.3
qmailmrtg-toaster-4.2-1.3.3
maildrop-toaster-devel-2.0.3-1.3.5
vqadmin-toaster-2.3.4-1.3.3
ripmime-toaster-1.4.0.6-1.3.3
qmailtoaster-plus.repo-0.1-1
spamassassin-toaster-3.2.5-1.3.17
ucspi-tcp-toaster-0.88-1.3.5
qmail-toaster-1.03-1.3.15
autorespond-toaster-2.0.4-1.3.3
qmailadmin-toaster-1.2.11-1.3.4
isoqlog-toaster-2.1-1.3.4
qmailtoaster-plus-0.3.1-1.4.11
clamav-toaster-0.95.2-1.3.29
my openssl version is
[r...@server2 send]# rpm -qa | grep openssl
openssl-0.9.7a-43.17.el4_6.1
xmlsec1-openssl-1.2.6-3
openssl096b-0.9.6b-22.46
openssl-devel-0.9.7a-43.17.el4_6.1
does anyone can execute the below command on his box? below output is
the result on my end.
openssl s_client -starttls smtp -crlf -connect
mail.pegasusinsurindo.com:25 -debug
CONNECTED(0003)
read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37))
- 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152-
app3.
0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152-
app3.dotc
0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com
0030 - 45 53 4d 54 50 0d 0a ESMTP..
write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA))
- 53 54 41 52 54 54 4c 53-0d 0a STARTTLS..
read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13))
- 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for
tl
0010 - 73 0d 0a s..
write to 09D43330 [09D43378] (142 bytes = 142 (0x8E))
- 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c...
..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0
8..5
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00
..3..2../.f.
0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00
.c..
0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40
b..a...@
0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00
..e..d..`...
0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56
...V
0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96
.?..n.88C.y.
0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{
read from 09D43330 [09D488D8] (7 bytes = 7 (0x7))
- 15 03 01 00 02 02 28 ..(
9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure:s23_clnt.c:470:
thanks before for the responde
I get the same failure with CentOS5.3, all up to date packages. So
upgrading isn't going to fix this.
I don't believe this is a problem on your end, and I don't know of a
workaround either.
You could try dyndns.org's outbound mailhop service ($15/yr). You would
route mail for that domain via
Re: [qmailtoaster] VPOPMail Question
Michael Colvin wrote: A week or so ago I had some questions about QMT and brought up some questions about VPOPMail, related to connecting to a non-local database for the purposes of chkuser/vpopmail. I later thought, can I connect to two different databases? If I put two lines in vpopmail.mysql, will it check one, then the next? I did a little research, and it looks like you can put two lines in, but one is used for read only, and the other is used for read/write. Is this correct? Can anyone shed any light on this? I don't know. I would ask this on the vpopmail list (if nobody here knows). My goal is to have two databases. One that's used simply to verify that a specific account at a specific domain is legit. The other would be for mail that's delivered locally. There may not be a reason to do this, in the long run, but I'd like to know if it's possible. I'm sorta curious now too. And, lastly, what are peoples thoughts on using vpopmail configured where each domain has it's own table w/in MySQL (I believe this is default for the ISO), versus having one table for all domains? (This is how I have qmailrocks running now.) Are there any performance benefits to doing it one way or the other? I don't know this either. I doubt that performance would vary much one way or another. There are performance tuning factors that would have a much bigger impact. Personally, I prefer each domain with its own table, as it's more normalized (natural). That being said, if you're concerned about performance, you might want to consider an LDAP backend when it becomes available in vpopmail-5.5. I expect this to happen near the end of the year. (LDAP is available in 5.4.28, but you may need a patch for it, and it will change in 5.5 soon anyhow). -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Is it getting Blocked?
Jim Shupert wrote:
hey eric
Thanks for this I will try it today -- one thing though
regarding : hostname being set correctly for your domain
currently I have the hostname as : taster.local
this machine is sitting off of a router connected to a DSL -- I do not
have a domain like
pps-inc.com --- so is that OK
basically i think you are saying 2 things should 'match' I wonder if I
am clear on that...
I am not doing DNS or a MX for this particular dude.
myorigin is the domain that you want postfix to appear to be sending
from. In your case, I think you'd want to use:
myorigin = pps-inc.com
also I am using my isp smpt.fuse.net
That shouldn't come into play (unless they're blocking port 587 outbound
from your remote/postfix server).
also also _ I have never done a yum remove of sendmail ( or anything
like that before...)
I might like to copy the sendmail.cf some where to see the alterations
I made
things like the SEND_AUTH stuff.
Suit yourself. You shouldn't really need it any more though.
thanks again!
Sure.
Eric Shubert wrote:
Hey Jim,
I just happened to be doing this today, so here are my notes on how to
set up postfix to send mail out from a generic server, like for
logwatch output and such (that would otherwise go to r...@localhost).
{replace what's in braces, and remove braces}
# yum install postfix
# yum remove sendmail
# cd /etc/pki/tls/certs
# make postcert.pem
# echo {submission.server.com}:587 {user:passwd} \
/etc/postfix/sasl_passwd
# chmod 600 /etc/postfix/sasl_passwd
# chown root:root /etc/postfix/sasl_passwd
# postmap /etc/postfix/sasl_passwd
Edit /etc/aliases if desired, then do newaliases command:
root:sysadmin
# newaliases
Edit /etc/postfix/main.cf, changing these from the default values
(this was CentOS5.3):
myorigin = $mydomain
#mydestination =
mynetworks_style = host
relayhost = {submission.server.com}:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
smtp_use_tls = yes
smtp_tls_CAfile = /etc/pki/tls/certs/postcert.pem
smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session/cache
# service postfix start
# chkconfig postfix on
That should do it.
Note, this configuration relies on hostname being set correctly for
your domain. If it's not, you'll need to change the myorigin variable
appropriately.
Please let us know whether or not this works for you.
Eric Shubert wrote:
That's not telling us much. I sure don't know, and don't care to know
sendmail. If you'd try using postfix again we might be of more help.
For what you need, postfix isn't a bad choice. Certainly better than
sendmail.
Jim Shupert wrote:
it is centos 4.7 running sendmail ( what came with it ) I started
to install postfix because I am a bit more farmilur with that than
send mail.
Postfix was what i was using before i found -- the best mailserver
solution of qmailtoaster...
anyways
I can email with a client ( evolution ) and that does come through
even though I am using sendmail. the smtp server is one from the isp
- a dsl modem etc.
I can command line send mail ( sendmail ) to a gmail account - but
not mu internal domain
I was wondering about MX or Reverse DNS -
here is the full header of the client ( evolution ) email that does
come through
X-Account-Key: account2
X-UIDL: 1251407849.13380.sifter.pps-inc.com,S=1797
X-Mozilla-Status: 0001
X-Mozilla-Status2:
X-Mozilla-Keys:
Return-Path: ppsgr...@zoomtown.com
Delivered-To: jshup...@theppsgroup.com
Received: (qmail 13378 invoked by uid 89); 27 Aug 2009 21:17:29 -
Received: by simscan 1.3.1 ppid: 13371, pid: 13373, t: 0.1506s
scanners: attach: 1.3.1 clamav: 0.95.2
/m:51/d:9450 spam: 3.2.5
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
sifter.pps-inc.com
X-Spam-Level:
X-Spam-Status: No, score=0.1 required=4.0 tests=BAYES_50,RDNS_NONE
autolearn=no version=3.2.5
Received: from unknown (HELO mail-out1.fuse.net) (216.68.8.175)
by sifter.pps-inc.com with SMTP; 27 Aug 2009 21:17:29 -
Received-SPF: pass (sifter.pps-inc.com: SPF record at zoomtown.com
designates 216.68.8.175 as permitted sender)
Return-Path: ppsgr...@zoomtown.com
X-CNFS-Analysis: v=1.0 c=1 a=_0eaEcvx3pEA:10
a=Qu4MKinT0AcdTVkTjP4A:9 a=Er_04BcmBtQYP8STtf3EGQ6vdGwA:4
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Authentication-Results: ecout1 smtp.mail=ppsgr...@zoomtown.com;
spf=unknown
Authentication-Results: ecout1 smtp.user=ppsgr...@zoomtown.com;
auth=pass (LOGIN)
Received-SPF: error (ecout1: 208.102.118.162 is neither permitted
nor denied by domain of zoomtown.com
Received: from [208.102.118.162] ([208.102.118.162:50880]
helo=[172.17.0.10])
by ecout1 (envelope-from ppsgr...@zoomtown.com)
(ecelerity 2.2.2.43 r()) with ESMTPA
id C1/DC-11180-8E7F69A4; Thu, 27 Aug 2009 17:17:29 -0400
Subject: jupiter999
Re: [qmailtoaster] re: harvesting
I do use OSSEC. Do you have a particular page that discusses this and how to set it up for blocking? or at least where I can read up on it? CJ Constantin IOAJA wrote: Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch *OSSEChttp://www.ossec.net/ OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Regards Constantin * - *E-mail Notification* == OSSEC HIDS Notification. 2009 Aug 28 14:09:22 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:09:20 mail vpopmail[5529]: vchkpw-pop3: vpopmail user not found test@:62.20.103.103 Aug 28 14:09:20 mail vpopmail[5526]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 .. Aug 28 14:09:17 mail vpopmail[5501]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 Aug 28 14:09:16 mail vpopmail[5497]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 --- OSSEC HIDS Notification. 2009 Aug 28 14:19:56 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:19:55 mail vpopmail[6175]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 Aug 28 14:19:55 mail vpopmail[6169]: vchkpw-pop3: vpopmail user not found backup@:62.20.103.103 . Aug 28 14:19:53 mail vpopmail[6147]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 Aug 28 14:19:53 mail vpopmail[6144]: vchkpw-pop3: vpopmail user not found news@:62.20.103.103 --- *active-responses.log* Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251458396.242407 9952 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
Maxwell Smart wrote: I do use OSSEC. Do you have a particular page that discusses this and how to set it up for blocking? or at least where I can read up on it? CJ Nope ! Only OSSEC site. http://www.ossec.net/wiki/index.php/FAQ http://www.ossec.net/main/manual/manual-faq/ http://www.ossec.net/main/manual/#install http://marc.info/?l=ossec-list and google ! Constantin - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
I found out what was happening. My notifications were being blocked by my SpamDyke. :( CJ Constantin IOAJA wrote: Maxwell Smart wrote: I do use OSSEC. Do you have a particular page that discusses this and how to set it up for blocking? or at least where I can read up on it? CJ Nope ! Only OSSEC site. http://www.ossec.net/wiki/index.php/FAQ http://www.ossec.net/main/manual/manual-faq/ http://www.ossec.net/main/manual/#install http://marc.info/?l=ossec-list and google ! Constantin - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] re: harvesting
Hello again, Sounds pretty stupid but is there a script to test email harvesting - I have to check my fail2ban addition.. Perhaps I got it right, but no one tries to hammer my vpopmail .. Ole J _ From: Constantin IOAJA [mailto:io...@cartel-alfa.ro] Sent: 28. august 2009 21:40 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] re: harvesting Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch OSSEChttp://www.ossec.net/ OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Regards Constantin - E-mail Notification == OSSEC HIDS Notification. 2009 Aug 28 14:09:22 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:09:20 mail vpopmail[5529]: vchkpw-pop3: vpopmail user not found test@:62.20.103.103 Aug 28 14:09:20 mail vpopmail[5526]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 .. Aug 28 14:09:17 mail vpopmail[5501]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 Aug 28 14:09:16 mail vpopmail[5497]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 --- OSSEC HIDS Notification. 2009 Aug 28 14:19:56 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:19:55 mail vpopmail[6175]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 Aug 28 14:19:55 mail vpopmail[6169]: vchkpw-pop3: vpopmail user not found backup@:62.20.103.103 . Aug 28 14:19:53 mail vpopmail[6147]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 Aug 28 14:19:53 mail vpopmail[6144]: vchkpw-pop3: vpopmail user not found news@:62.20.103.103 --- active-responses.log Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251458396.242407 9952
Re: [qmailtoaster] re: harvesting
Not stupid really. I don't know of one. Would someone care to create a wiki page about fail2ban on a toaster? Or perhaps write an install script for it that could be included in QTP? Ole N.Johansen wrote: Hello again, Sounds pretty stupid but is there a script to test “email harvesting” - I have to check my fail2ban addition.. Perhaps I got it right, but no one tries to hammer my vpopmail .. Ole J *From:* Constantin IOAJA [mailto:io...@cartel-alfa.ro] *Sent:* 28. august 2009 21:40 *To:* qmailtoaster-list@qmailtoaster.com *Subject:* Re: [qmailtoaster] re: harvesting Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch *OSSEChttp://www.ossec.net/ OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Regards Constantin * - *E-mail Notification* == OSSEC HIDS Notification. 2009 Aug 28 14:09:22 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:09:20 mail vpopmail[5529]: vchkpw-pop3: vpopmail user not found test@:62.20.103.103 mailto:test@:62.20.103.103 Aug 28 14:09:20 mail vpopmail[5526]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 .. Aug 28 14:09:17 mail vpopmail[5501]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 Aug 28 14:09:16 mail vpopmail[5497]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 --- OSSEC HIDS Notification. 2009 Aug 28 14:19:56 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:19:55 mail vpopmail[6175]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 mailto:demo@:62.20.103.103 Aug 28 14:19:55 mail vpopmail[6169]: vchkpw-pop3: vpopmail user not found backup@:62.20.103.103 mailto:backup@:62.20.103.103 . Aug 28 14:19:53 mail vpopmail[6147]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 mailto:demo@:62.20.103.103 Aug 28 14:19:53 mail vpopmail[6144]: vchkpw-pop3: vpopmail user not found news@:62.20.103.103 mailto:news@:62.20.103.103 --- *active-responses.log* Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251458396.242407 9952 -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: harvesting
Constantin, Is that your OSSEC excerpt? What is the corresponding .conf look like? A wiki page for fail2ban and OSSEC would be nice. Inclusion in the QTP would be excellent too. The latest version of Webmin would be nice too. I will see if I can come up with some write up on fail2ban or OSSEC. I am by no means an expert. CJ Eric Shubert wrote: Not stupid really. I don't know of one. Would someone care to create a wiki page about fail2ban on a toaster? Or perhaps write an install script for it that could be included in QTP? Ole N.Johansen wrote: Hello again, Sounds pretty stupid but is there a script to test “email harvesting” - I have to check my fail2ban addition.. Perhaps I got it right, but no one tries to hammer my vpopmail .. Ole J *From:* Constantin IOAJA [mailto:io...@cartel-alfa.ro] *Sent:* 28. august 2009 21:40 *To:* qmailtoaster-list@qmailtoaster.com *Subject:* Re: [qmailtoaster] re: harvesting Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch *OSSEChttp://www.ossec.net/ OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Regards Constantin * - *E-mail Notification* == OSSEC HIDS Notification. 2009 Aug 28 14:09:22 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:09:20 mail vpopmail[5529]: vchkpw-pop3: vpopmail user not found test@:62.20.103.103 mailto:test@:62.20.103.103 Aug 28 14:09:20 mail vpopmail[5526]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 .. Aug 28 14:09:17 mail vpopmail[5501]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 Aug 28 14:09:16 mail vpopmail[5497]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 --- OSSEC HIDS Notification. 2009 Aug 28 14:19:56 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:19:55 mail vpopmail[6175]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 mailto:demo@:62.20.103.103 Aug 28 14:19:55 mail vpopmail[6169]: vchkpw-pop3: vpopmail user not found backup@:62.20.103.103 mailto:backup@:62.20.103.103 . Aug 28 14:19:53 mail vpopmail[6147]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 mailto:demo@:62.20.103.103 Aug 28 14:19:53 mail vpopmail[6144]: vchkpw-pop3: vpopmail user not found news@:62.20.103.103 mailto:news@:62.20.103.103 --- *active-responses.log* Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251458396.242407 9952 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qtp-backup as root
Jake Vickers wrote:
I found where the
issue was coming into play. When the script was
refactored a
space was accidentially introduced into the mysqldump
routine
that should not be there. I have fixed the error and if you
download just the qtp-backup script from the QTP web site
(http://qtp.qmailtoaster.com) this
will correct the issue.
Or you can edit the qtp-backup script
and change line number 172 to look
like this:
-p$mysql_password \
Thanks that did work.
It appears that when we keep a few days worth of backups in our
/backup/qmailbkup directory, that the old backups are being included when
the script condenses all the individual backups into 1 file. How would we
modify the qtp-backup script so it only condenses down the current backup
information into one file and leaves the previous backups alone?
We are setting up the server so the qtp-backup script runs each
night using our /etc/crontab file. Then we copy the backup file to an
external USB hard drive. We also have lines to delete out the backups that
are older than 3 days on the server itself and older than 14 days on the
external USB hard drive.
In case other people are interested in backing up to an external USB
Drive -- We do this with the following lines in our /etc/crontab file:
# backup the qmailtoaster data files including squirrelmail plugins
05 2 * * * root /usr/sbin/qtp-backup
# copy today's backup file to USB drive to the postofficeBkups
directory
32 03 * * * root find /backup/qmailbkup/* -type f -name '*'
-mtime -1 -exec cp {} /mnt/usbdrive/postofficeBkups/ \;
# delete local mail backups more than 3 days old
32 04 * * *
root find /backup/qmailbkup/ -type f -cmin +4320 -exec rm -f {} \;
# delete mail backups more than 14 days old (from time changed) on
external USB drive
01 05 * * * root find
/mnt/usbdrive/postofficeBkups/ -type f -ctime 14 -exec rm -f {} \;
[qmailtoaster] ETRN (Store and Forward)
I have a client with an Exchange server that just recently move to a location with high speed Internet, but they are behind a hosted firewall that does not allow the email to be delivered directly. The appropriate changes have been requested, but they need a temporary solution for the interum period. Is there a method to allow incoming email for their domain to be queued until their server requests the email. Thank you in advance, James _ Hotmail® is up to 70% faster. Now good news travels really fast. http://windowslive.com/online/hotmail?ocid=PID23391::T:WLMTAGL:ON:WL:en-US:WM_HYGN_faster:082009
Re: [qmailtoaster] ETRN (Store and Forward)
James Ecker wrote: I have a client with an Exchange server that just recently move to a location with high speed Internet, but they are behind a hosted firewall that does not allow the email to be delivered directly. The appropriate changes have been requested, but they need a temporary solution for the interum period. Is there a method to allow incoming email for their domain to be queued until their server requests the email. Thank you in advance, James Can't you simply receive email for their domain (on your toaster I'm presuming), then use smtproutes to send it on to exchange on a non-standard (e.g. 2525) port? They would need to configure exchange to listen on that port. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] ETRN (Store and Forward)
Unfortunately, there are no open ports. To: qmailtoaster-list@qmailtoaster.com From: e...@shubes.net Date: Fri, 28 Aug 2009 19:50:37 -0700 Subject: Re: [qmailtoaster] ETRN (Store and Forward) James Ecker wrote: I have a client with an Exchange server that just recently move to a location with high speed Internet, but they are behind a hosted firewall that does not allow the email to be delivered directly. The appropriate changes have been requested, but they need a temporary solution for the interum period. Is there a method to allow incoming email for their domain to be queued until their server requests the email. Thank you in advance, James Can't you simply receive email for their domain (on your toaster I'm presuming), then use smtproutes to send it on to exchange on a non-standard (e.g. 2525) port? They would need to configure exchange to listen on that port. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com _ Hotmail® is up to 70% faster. Now good news travels really fast. http://windowslive.com/online/hotmail?ocid=PID23391::T:WLMTAGL:ON:WL:en-US:WM_HYGN_faster:082009
