[qmailtoaster] Re: Log email Account creation date
On 02/12/2012 10:52 PM, Bharath Chari wrote: On Saturday 11 February 2012 03:51 PM, Pak Ogah wrote: On 02/10/12 23:23, Bharath Chari wrote: Thanks. Not really proficient - more of a cut/paste/hack artist :). However, I do think that there are some fundamental changes that are required in the table structures. While I will make these suggestions on the inter7 list, I think some of these changes can be incorporated into QmailToaster, maybe via a qtp script.??? Let me see if I can script some of these changes/tweaks. Bharath Yup, it would be nice to have this feature built-in on vpopmail Eric, Pak et al, I have been going through the vpopmail sources. At the risk of sounding flippant, changing the database structures is quite easy. This is the progress I have made so far with my patched version of vpopmail-toaster /home/vpopmail/bin/vadddomain example.com password a) Table for domain example.com gets created as example_com with the following changes: uid field is added as the first column - auto increment pw_name field is changed from PRIMARY KEY to UNIQUE Verified that the postmaster user is added as expected with a uid of 1. b) Audit log table for example.com domain is created as example_com_log with the fields uid,pw_name,creation_date,deletion_date c) /home/vpopmail/bin/vdeldomain example.com deletes both tables created above I should have a fully working vpopmail-toaster with logging in the next couple of days for testing. I don't know if these changes would ever be accepted into the core vpopmail distribution, but it could be a QMT specific patch if the group agrees. Bharath - I don't have a problem with your changes so long as they can be included as a patch file. I have a few questions though. .) which version are you using? There is a 5.4.33 version at http://qmailtoaster.com/testing/, and I'd like to have any changes put in that or a subsequent version. We're presently a good bit behind the upstream release, and we should get caught up before doing any patching. .) we've talked about removing the --disable-many-domains configuration option at some point. Can your patch work with that configuration? I really think it'd be good to run this idea by Matt Brookings (lead developer of vpopmail) on the vpopmail list. He may have some good thoughts about it. Heck, he also might have already included it in the 5.5.x branch, which is well on its way to becoming stable. ;) Thanks for your work on this Bharath. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Future Distros - RHEL/CentOS ONLY
I've done a good deal of thinking about this, and think that it'd be best to run it by the community at large (not just the developers) for everyone's consideration. This is not really new, and is not much different than what Jake had committed to some time ago. I just want to be sure that everyone is on board with this, and explain a few things. Due to various changes in the IT landscape over the past several years, I think it's best that future QMT development be limited to the RHEL/CentOS platform. There are several factors involved. First is that we'll be changing the method of distribution from source rpms to binary rpms, using yum to install packages (qtp-newmodel will be modified accordingly). We can do this because the qmail (et al) licensing was changed to public domain a couple years ago, so there is no restriction to distribute source-only any more. We also have mirrors in place that eliminate the need to have a single distribution point with high bandwidth capability. Using binary rpms for distribution not only simplifies installs and upgrades, but it also substantially reduces the disk space required, in addition to making QMT more secure due to the absence of a compiler and build tools. All in all, this is a win-win change. Secondly, the industry in general is moving toward virtual hosts, and QMT is making this move as well (many of us already run QMT as one or more VM guests). One of the advantages of virtualization is that multiple machines can coexist on the same host hardware, concurrently running entirely different operating systems and versions of languages and software. There's little need any more for QMT to coexist on the same machine with other applications or services. In fact, things are moving in a direction such that QMT itself will become divided into logical roles that will be able to implemented on separate hosts, allowing for more flexible and scalable QMT configurations. Stay tuned for that development, which is a ways off yet. So let's take a look briefly at the prominent distros that QMT will be discontinuing. Mandriva is on the ropes, struggling to survive. If you presently have a QMT running on Mandy, I would seriously consider a migration in the near future. SUSE does not use yum, it has yast instead. When I looked at yast some time ago it had no CLI, which was a big drawback to me. While I expect that yum could be installed and used, it goes against the When in Rome philosophy. The source rpms will of course continue to be available, so if someone cares to adapt them for SUSE, they may do so. While Fedora contains a great deal of what's in store for future RHEL/CentOS releases, it's not well suited as a QMT platform, simply because it changes too often (a new release twice a year), and most often none of the changes provide any benefit to QMT. If there happens to be something that would benefit QMT, it would most likely be available for RHEL/CentOS in the EPEL repo. So there is really no sense in packaging QMT for Fedora. I think this covers the distros worth mentioning. If I missed one, please let me know. In summary, going forward QMT will be available only on RHEL/CentOS platforms, for both x86 and x86_64 architectures. This will simplify spec files, documentation and installation/utility scripts substantially. For all other distros, the existing build options in the spec files will no longer be included. They will however be archived in a source code repository before being removed, so that they'll be available should anyone want to reference them at some point in the future. If you have a problem with or question about any of this, or you'd simply like to comment about something, please don't hesitate to reply. Thanks to everyone for their continued support and participation. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Log email Account creation date
On Monday 13 February 2012 07:26 PM, Eric Shubert wrote: I don't have a problem with your changes so long as they can be included as a patch file. I have a few questions though. Yes. The changes are via patches to two files vmysql.c and vmysql.h. I will give you a patch file once I am satisfied with the changes and have tested them some more. .) which version are you using? There is a 5.4.33 version at http://qmailtoaster.com/testing/, and I'd like to have any changes put in that or a subsequent version. We're presently a good bit behind the upstream release, and we should get caught up before doing any patching. Patches work with both the 5.4.17 and 5.4.33 versions. Downloaded and patched the toaster source rpm for the 5.4.33 version today and checked it. I agree that we need to catch up with the upstream versions and patch accordingly. I'll take a look at the changelog for the 5.5.x branch too, and see if there are any major changes. .) we've talked about removing the --disable-many-domains configuration option at some point. Can your patch work with that configuration? Just to check if we are on the same page - each domain has it's own table - that's the configuration we want to keep - correct ? However, it is possible for me to patch it for both configurations without too much of a bother. I suspect that if we want it included in the stock upstream version, both will need to be maintained. I really think it'd be good to run this idea by Matt Brookings (lead developer of vpopmail) on the vpopmail list. He may have some good thoughts about it. Heck, he also might have already included it in the 5.5.x branch, which is well on its way to becoming stable. ;) I'll finish up, and then bounce these changes off Matt and others on the vchkpw list. If it's already included in the 5.5.x branch, then that's great. However, I'll continue to work on it - keeps the fingers nimble :) Thanks for your work on this Bharath. Welcome. Helping myself, that's all :) Bharath - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Log email Account creation date
On 02/13/2012 11:25 AM, Bharath Chari wrote: .) we've talked about removing the --disable-many-domains configuration option at some point. Can your patch work with that configuration? Just to check if we are on the same page - each domain has it's own table - that's the configuration we want to keep - correct ? No. I know it's confusing because of the negative wording. We presently use the --disable-many-domains flag, which puts each domain in a separate table. We would like to discontinue using this flag, and put all domains in a single table. Of course this will require a database conversion to go along with it. Would you care to write us a little script that would do the conversion? We already have a qtp-convert scripts that does this sort of thing for other changes, and would appreciate if you'd like to write the code for this conversion. Thanks again. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
I say it is a move in the right direction. I'm sure it's going to step on some bodies toes at some point, but if the community as a whole moves in this direction and can settle on CentOS as the base OS of choice it will only make us all stronger since we would all be on the same OS whether it's 32 or 64 bit. Not to mention the time saved with coding for so many different OS's that you coders support right now. I propose we move in that direction and make CentOS the OS of choice as soon as possible. Just my 2 cents. Joel -Original Message- From: Eric Shubert [mailto:e...@shubes.net] Sent: Monday, February 13, 2012 11:44 AM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Future Distros - RHEL/CentOS ONLY I've done a good deal of thinking about this, and think that it'd be best to run it by the community at large (not just the developers) for everyone's consideration. This is not really new, and is not much different than what Jake had committed to some time ago. I just want to be sure that everyone is on board with this, and explain a few things. Due to various changes in the IT landscape over the past several years, I think it's best that future QMT development be limited to the RHEL/CentOS platform. There are several factors involved. First is that we'll be changing the method of distribution from source rpms to binary rpms, using yum to install packages (qtp-newmodel will be modified accordingly). We can do this because the qmail (et al) licensing was changed to public domain a couple years ago, so there is no restriction to distribute source-only any more. We also have mirrors in place that eliminate the need to have a single distribution point with high bandwidth capability. Using binary rpms for distribution not only simplifies installs and upgrades, but it also substantially reduces the disk space required, in addition to making QMT more secure due to the absence of a compiler and build tools. All in all, this is a win-win change. Secondly, the industry in general is moving toward virtual hosts, and QMT is making this move as well (many of us already run QMT as one or more VM guests). One of the advantages of virtualization is that multiple machines can coexist on the same host hardware, concurrently running entirely different operating systems and versions of languages and software. There's little need any more for QMT to coexist on the same machine with other applications or services. In fact, things are moving in a direction such that QMT itself will become divided into logical roles that will be able to implemented on separate hosts, allowing for more flexible and scalable QMT configurations. Stay tuned for that development, which is a ways off yet. So let's take a look briefly at the prominent distros that QMT will be discontinuing. Mandriva is on the ropes, struggling to survive. If you presently have a QMT running on Mandy, I would seriously consider a migration in the near future. SUSE does not use yum, it has yast instead. When I looked at yast some time ago it had no CLI, which was a big drawback to me. While I expect that yum could be installed and used, it goes against the When in Rome philosophy. The source rpms will of course continue to be available, so if someone cares to adapt them for SUSE, they may do so. While Fedora contains a great deal of what's in store for future RHEL/CentOS releases, it's not well suited as a QMT platform, simply because it changes too often (a new release twice a year), and most often none of the changes provide any benefit to QMT. If there happens to be something that would benefit QMT, it would most likely be available for RHEL/CentOS in the EPEL repo. So there is really no sense in packaging QMT for Fedora. I think this covers the distros worth mentioning. If I missed one, please let me know. In summary, going forward QMT will be available only on RHEL/CentOS platforms, for both x86 and x86_64 architectures. This will simplify spec files, documentation and installation/utility scripts substantially. For all other distros, the existing build options in the spec files will no longer be included. They will however be archived in a source code repository before being removed, so that they'll be available should anyone want to reference them at some point in the future. If you have a problem with or question about any of this, or you'd simply like to comment about something, please don't hesitate to reply. Thanks to everyone for their continued support and participation. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today!
[qmailtoaster] Backscatter Block Listing
I think that our toaster has been under attack all day (our mail volume is quadruple our normal load), and backscatter from forged addresses is causing our domain to keep getting black listed. Could someone on the list give me a little guidance on how to prove/disprove this theory? If the list needs more info I'm happy to post what ever. Thanks, Robert Van Dresar Airplexus, Inc.
[qmailtoaster] Re: Backscatter Block Listing
On 02/13/2012 02:04 PM, Robert Van Dresar wrote: I think that our toaster has been under attack all day (our mail volume is quadruple our normal load), and backscatter from forged addresses is causing our domain to keep getting black listed. Could someone on the list give me a little guidance on how to prove/disprove this theory? If the list needs more info I'm happy to post what ever. Thanks, Robert Van Dresar Airplexus, Inc. Let's start with triage. Do you have spamdyke installed? If not, install it by running # qtp-install-spamdyke That should give you a little room to breathe. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
On Mon, Feb 13, 2012 at 3:40 PM, Eric Shubert e...@shubes.net wrote: On 02/13/2012 02:04 PM, Robert Van Dresar wrote: I think that our toaster has been under attack all day (our mail volume is quadruple our normal load), and backscatter from forged addresses is causing our domain to keep getting black listed. Could someone on the list give me a little guidance on how to prove/disprove this theory? If the list needs more info I'm happy to post what ever. Thanks, Robert Van Dresar Airplexus, Inc. Let's start with triage. Do you have spamdyke installed? If not, install it by running # qtp-install-spamdyke That should give you a little room to breathe. -- -Eric 'shubes' I do have spamdyke installed, I installed it about three weeks ago. It's been doing really well, however I noticed on the report I received on Saturday, it allowed 96% of the email through, whereas before it was only allowing about 28%. I noticed that you and others are recommending placing my local domains in the blacklist-senders file, however, I don't think I'm using SMTP-Auth everywhere so I'm concerned that I'll block some of my users. What would I have to do to enable SMTP-Auth everywhere? Must everyone use the submission port of 587? Robert --**--** - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --**--** - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@** qmailtoaster.com qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-help@** qmailtoaster.com qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
Hi, On Tue, Feb 14, 2012 at 12:01 AM, Robert Van Dresar rvandre...@airplexus.com wrote: allowing about 28%. I noticed that you and others are recommending placing my local domains in the blacklist-senders file, however, I don't think I'm using SMTP-Auth everywhere so I'm concerned that I'll block some of my users. What would I have to do to enable SMTP-Auth everywhere? Must everyone use the submission port of 587? Yes, at least in my opinion smtp-auth using submission port 587 should be the only way regular users should be able to send mail. Have you checked that your server is not an open relay? If not, please do so. For example use this tool: http://www.southcomputers.com/relaytest.php Best, Peter - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Backscatter Block Listing
On 02/13/2012 03:01 PM, Robert Van Dresar wrote: On Mon, Feb 13, 2012 at 3:40 PM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: On 02/13/2012 02:04 PM, Robert Van Dresar wrote: I think that our toaster has been under attack all day (our mail volume is quadruple our normal load), and backscatter from forged addresses is causing our domain to keep getting black listed. Could someone on the list give me a little guidance on how to prove/disprove this theory? If the list needs more info I'm happy to post what ever. Thanks, Robert Van Dresar Airplexus, Inc. Let's start with triage. Do you have spamdyke installed? If not, install it by running # qtp-install-spamdyke That should give you a little room to breathe. -- -Eric 'shubes' I do have spamdyke installed, I installed it about three weeks ago. It's been doing really well, however I noticed on the report I received on Saturday, it allowed 96% of the email through, whereas before it was only allowing about 28%. I noticed that you and others are recommending placing my local domains in the blacklist-senders file, however, I don't think I'm using SMTP-Auth everywhere so I'm concerned that I'll block some of my users. What would I have to do to enable SMTP-Auth everywhere? Must everyone use the submission port of 587? Robert All of your users must be using authentication, otherwise you'd be an open relay (a very bad thing). Anything that's not authenticating would be web apps and such, which you have specified in your tcp.smtp file. Note, if you have web forms running on your QMT host which submit emails, these might be blocked when blacklisting your local domains. If you don't have any web apps that send email, you should be safe blacklisting your local domains. I highly recommend doing this. Authentication can be done using port 587 (where it must be done) or port 25 (where it may be done). Authenticated users on port 25 bypass all of spamdyke's filters, so my guess at this point is that one (or more) of your users' login credentials have been compromised. Have a look at your smtp log, and see if you can determine which account(s) is being authenticated against with the bad emails. spamdyke messages in the smtp log will tell you the account name that was used for authentication (after auth:). The account(s) should be pretty easy to spot. Change the associated password(s), and notify the user. Keep us posted with what you find. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
On Mon, Feb 13, 2012 at 4:32 PM, Peter Peltonen peter.pelto...@gmail.comwrote: Hi, On Tue, Feb 14, 2012 at 12:01 AM, Robert Van Dresar rvandre...@airplexus.com wrote: allowing about 28%. I noticed that you and others are recommending placing my local domains in the blacklist-senders file, however, I don't think I'm using SMTP-Auth everywhere so I'm concerned that I'll block some of my users. What would I have to do to enable SMTP-Auth everywhere? Must everyone use the submission port of 587? Yes, at least in my opinion smtp-auth using submission port 587 should be the only way regular users should be able to send mail. Have you checked that your server is not an open relay? If not, please do so. For example use this tool: http://www.southcomputers.com/relaytest.php Best, Peter I did test our server against three different open relay test sites, and all three respond that the server is not an open relay. - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
On Mon, Feb 13, 2012 at 4:33 PM, Eric Shubert e...@shubes.net wrote: On 02/13/2012 03:01 PM, Robert Van Dresar wrote: On Mon, Feb 13, 2012 at 3:40 PM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: On 02/13/2012 02:04 PM, Robert Van Dresar wrote: I think that our toaster has been under attack all day (our mail volume is quadruple our normal load), and backscatter from forged addresses is causing our domain to keep getting black listed. Could someone on the list give me a little guidance on how to prove/disprove this theory? If the list needs more info I'm happy to post what ever. Thanks, Robert Van Dresar Airplexus, Inc. Let's start with triage. Do you have spamdyke installed? If not, install it by running # qtp-install-spamdyke That should give you a little room to breathe. -- -Eric 'shubes' I do have spamdyke installed, I installed it about three weeks ago. It's been doing really well, however I noticed on the report I received on Saturday, it allowed 96% of the email through, whereas before it was only allowing about 28%. I noticed that you and others are recommending placing my local domains in the blacklist-senders file, however, I don't think I'm using SMTP-Auth everywhere so I'm concerned that I'll block some of my users. What would I have to do to enable SMTP-Auth everywhere? Must everyone use the submission port of 587? Robert All of your users must be using authentication, otherwise you'd be an open relay (a very bad thing). Anything that's not authenticating would be web apps and such, which you have specified in your tcp.smtp file. Note, if you have web forms running on your QMT host which submit emails, these might be blocked when blacklisting your local domains. If you don't have any web apps that send email, you should be safe blacklisting your local domains. I highly recommend doing this. Authentication can be done using port 587 (where it must be done) or port 25 (where it may be done). Authenticated users on port 25 bypass all of spamdyke's filters, so my guess at this point is that one (or more) of your users' login credentials have been compromised. Have a look at your smtp log, and see if you can determine which account(s) is being authenticated against with the bad emails. spamdyke messages in the smtp log will tell you the account name that was used for authentication (after auth:). The account(s) should be pretty easy to spot. Change the associated password(s), and notify the user. Keep us posted with what you find. -- -Eric 'shubes' You are right, all of our users have to authenticate to send email, I believe that's the default behavior of a stock QMT, so does that mean I can add our domains to the blacklist-senders file?? I've tested for open relay, and that test returns OK. The failure notices I receive in the postmaster account point to one of our users, but it says the offending email is from her-email-address@our.domain@some-random-ip-address, and bounces back to about 50 other email addresses. Her computer was off all weekend, and we virus scanned it this morning and nothing. I really didn't think of her password being compromised that's easy enough to change. I guess I'll try that, especially since we're listed on five block lists now. --**--** - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --**--** - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@** qmailtoaster.com qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-help@** qmailtoaster.com qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Backscatter Block Listing
On 02/13/2012 03:47 PM, Robert Van Dresar wrote: You are right, all of our users have to authenticate to send email, I believe that's the default behavior of a stock QMT, so does that mean I can add our domains to the blacklist-senders file?? Yes, by all means. Records in that file should look like: @mydomain.com I've tested for open relay, and that test returns OK. The failure notices I receive in the postmaster account point to one of our users, but it says the offending email is from her-email-address@our.domain@some-random-ip-address, and bounces back to about 50 other email addresses. I'm not quite sure what you mean here. A specific example with headers would help. Try to leave as much data intact as you can, but user and domain names can be substituted consistently if you want to. Her computer was off all weekend, and we virus scanned it this morning and nothing. I really didn't think of her password being compromised that's easy enough to change. I guess I'll try that, especially since we're listed on five block lists now. Sounds as though that's the culprit then. You should attempt to find out how her password was compromised. It can (and does occasionally) happen by network traffic sniffing if her configuration sends a password in clear text anywhere (I've seen it happen, once). This could be via webmail w/out https (the stock QMT unfortunately allows this), or via a client program that's not using TLS, such as a remote Outlook03 client. If you have remote clients using Outlook03, you should set up QMT to handle smtps (port 465), and configure those clients to use SSL accordingly. If possible, all clients should use TLS for their smtp submissions, whether on port 25 or 587. Unfortunately, QMT cannot yet enforce use of TLS. Such a feature has been requested to be added to spamdyke, and may (if we're lucky) be included in the next spamdyke release. Please keep us posted. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
On Mon, Feb 13, 2012 at 4:47 PM, Robert Van Dresar rvandre...@airplexus.com wrote: On Mon, Feb 13, 2012 at 4:33 PM, Eric Shubert e...@shubes.net wrote: On 02/13/2012 03:01 PM, Robert Van Dresar wrote: On Mon, Feb 13, 2012 at 3:40 PM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: On 02/13/2012 02:04 PM, Robert Van Dresar wrote: I think that our toaster has been under attack all day (our mail volume is quadruple our normal load), and backscatter from forged addresses is causing our domain to keep getting black listed. Could someone on the list give me a little guidance on how to prove/disprove this theory? If the list needs more info I'm happy to post what ever. Thanks, Robert Van Dresar Airplexus, Inc. Let's start with triage. Do you have spamdyke installed? If not, install it by running # qtp-install-spamdyke That should give you a little room to breathe. -- -Eric 'shubes' I do have spamdyke installed, I installed it about three weeks ago. It's been doing really well, however I noticed on the report I received on Saturday, it allowed 96% of the email through, whereas before it was only allowing about 28%. I noticed that you and others are recommending placing my local domains in the blacklist-senders file, however, I don't think I'm using SMTP-Auth everywhere so I'm concerned that I'll block some of my users. What would I have to do to enable SMTP-Auth everywhere? Must everyone use the submission port of 587? Robert All of your users must be using authentication, otherwise you'd be an open relay (a very bad thing). Anything that's not authenticating would be web apps and such, which you have specified in your tcp.smtp file. Note, if you have web forms running on your QMT host which submit emails, these might be blocked when blacklisting your local domains. If you don't have any web apps that send email, you should be safe blacklisting your local domains. I highly recommend doing this. Authentication can be done using port 587 (where it must be done) or port 25 (where it may be done). Authenticated users on port 25 bypass all of spamdyke's filters, so my guess at this point is that one (or more) of your users' login credentials have been compromised. Have a look at your smtp log, and see if you can determine which account(s) is being authenticated against with the bad emails. spamdyke messages in the smtp log will tell you the account name that was used for authentication (after auth:). The account(s) should be pretty easy to spot. Change the associated password(s), and notify the user. Keep us posted with what you find. -- -Eric 'shubes' You are right, all of our users have to authenticate to send email, I believe that's the default behavior of a stock QMT, so does that mean I can add our domains to the blacklist-senders file?? I've tested for open relay, and that test returns OK. The failure notices I receive in the postmaster account point to one of our users, but it says the offending email is from her-email-address@our.domain@some-random-ip-address, and bounces back to about 50 other email addresses. Her computer was off all weekend, and we virus scanned it this morning and nothing. I really didn't think of her password being compromised that's easy enough to change. I guess I'll try that, especially since we're listed on five block lists now. Eric, OK, I changed the password for the user I see in the emails. Also, I added our domains to the blacklist_senders file for spamdyke, and we don't have any webforms. However, I'm not the sharpest knife in the drawer when it comes to reading the smtp logs. I assume you mean the current log in the /var/logs/qmail/smtp directory. I'm doing a tail -f now to see if I can spot any patterns. I do see spamdyke doing its job and denying plenty of email. --**--** - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --**--** - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@** qmailtoaster.com qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-help@** qmailtoaster.com qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
On Mon, Feb 13, 2012 at 5:09 PM, Eric Shubert e...@shubes.net wrote: On 02/13/2012 03:47 PM, Robert Van Dresar wrote: You are right, all of our users have to authenticate to send email, I believe that's the default behavior of a stock QMT, so does that mean I can add our domains to the blacklist-senders file?? Yes, by all means. Records in that file should look like: @mydomain.com I've tested for open relay, and that test returns OK. The failure notices I receive in the postmaster account point to one of our users, but it says the offending email is from her-email-address@our.domain@**some-random-ip-address, and bounces back to about 50 other email addresses. I'm not quite sure what you mean here. A specific example with headers would help. Try to leave as much data intact as you can, but user and domain names can be substituted consistently if you want to. Her computer was off all weekend, and we virus scanned it this morning and nothing. I really didn't think of her password being compromised that's easy enough to change. I guess I'll try that, especially since we're listed on five block lists now. Sounds as though that's the culprit then. You should attempt to find out how her password was compromised. It can (and does occasionally) happen by network traffic sniffing if her configuration sends a password in clear text anywhere (I've seen it happen, once). This could be via webmail w/out https (the stock QMT unfortunately allows this), or via a client program that's not using TLS, such as a remote Outlook03 client. If you have remote clients using Outlook03, you should set up QMT to handle smtps (port 465), and configure those clients to use SSL accordingly. If possible, all clients should use TLS for their smtp submissions, whether on port 25 or 587. Unfortunately, QMT cannot yet enforce use of TLS. Such a feature has been requested to be added to spamdyke, and may (if we're lucky) be included in the next spamdyke release. Please keep us posted. -- -Eric 'shubes' Here's the evidence from one of the block lists: Return-Path: m...@spencer.com X-Original-To: mail@SPAMTRAP.INVALID Received: from mail.airplexus.com (mail.airplexus.com [65.245.57.15]) by mail.ixlab.de (Spamtrap) with ESMTP for mail@SPAMTRAP.INVALID; Mon, 13 Feb 2012 21:38:50 +0100 (CET) Received: (qmail 9460 invoked by uid 89); 13 Feb 2012 18:16:22 - Received: by simscan 1.4.0 ppid: 8048, pid: 9438, t: 0.7778s scanners: attach: 1.4.0 clamav: 0.97.3 /m:54/d:14401 Received: from 184-82-61-166.static.hostnoc.net (HELO User) (email address removed@airplexus.com@184.82.61.166) by mail.airplexus.com with ESMTPA; 13 Feb 2012 18:16:22 - Reply-To: emma.thompso...@ymail.com From: Rose Brownm...@spencer.com Subject: Offers : Marks Spencer Date: Mon, 13 Feb 2012 19:16:18 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1251 Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600. X-NiX-Spam-Hash2: d36eed170eb389bf1a5ab832cf972a4b X-NiX-Spam-Source-IP: 65.245.57.15 X-NiX-Spam-MX: mail.ixlab.de X-NiX-Spam-Listed: yes I've left our mail server stuff intact, but removed her email address - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --**--** - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@** qmailtoaster.com qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-help@** qmailtoaster.com qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
On Mon, Feb 13, 2012 at 5:19 PM, Robert Van Dresar rvandre...@airplexus.com wrote: On Mon, Feb 13, 2012 at 5:09 PM, Eric Shubert e...@shubes.net wrote: On 02/13/2012 03:47 PM, Robert Van Dresar wrote: You are right, all of our users have to authenticate to send email, I believe that's the default behavior of a stock QMT, so does that mean I can add our domains to the blacklist-senders file?? Yes, by all means. Records in that file should look like: @mydomain.com I've tested for open relay, and that test returns OK. The failure notices I receive in the postmaster account point to one of our users, but it says the offending email is from her-email-address@our.domain@**some-random-ip-address, and bounces back to about 50 other email addresses. I'm not quite sure what you mean here. A specific example with headers would help. Try to leave as much data intact as you can, but user and domain names can be substituted consistently if you want to. Her computer was off all weekend, and we virus scanned it this morning and nothing. I really didn't think of her password being compromised that's easy enough to change. I guess I'll try that, especially since we're listed on five block lists now. Sounds as though that's the culprit then. You should attempt to find out how her password was compromised. It can (and does occasionally) happen by network traffic sniffing if her configuration sends a password in clear text anywhere (I've seen it happen, once). This could be via webmail w/out https (the stock QMT unfortunately allows this), or via a client program that's not using TLS, such as a remote Outlook03 client. If you have remote clients using Outlook03, you should set up QMT to handle smtps (port 465), and configure those clients to use SSL accordingly. If possible, all clients should use TLS for their smtp submissions, whether on port 25 or 587. Unfortunately, QMT cannot yet enforce use of TLS. Such a feature has been requested to be added to spamdyke, and may (if we're lucky) be included in the next spamdyke release. Please keep us posted. -- -Eric 'shubes' Here's the evidence from one of the block lists: Return-Path: m...@spencer.com X-Original-To: mail@SPAMTRAP.INVALID Received: from mail.airplexus.com (mail.airplexus.com [65.245.57.15]) by mail.ixlab.de (Spamtrap) with ESMTP for mail@SPAMTRAP.INVALID; Mon, 13 Feb 2012 21:38:50 +0100 (CET) Received: (qmail 9460 invoked by uid 89); 13 Feb 2012 18:16:22 - Received: by simscan 1.4.0 ppid: 8048, pid: 9438, t: 0.7778s scanners: attach: 1.4.0 clamav: 0.97.3 /m:54/d:14401 Received: from 184-82-61-166.static.hostnoc.net (HELO User) (email address removed@airplexus.com@184.82.61.166) by mail.airplexus.com with ESMTPA; 13 Feb 2012 18:16:22 - Reply-To: emma.thompso...@ymail.com From: Rose Brownm...@spencer.com Subject: Offers : Marks Spencer Date: Mon, 13 Feb 2012 19:16:18 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1251 Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600. X-NiX-Spam-Hash2: d36eed170eb389bf1a5ab832cf972a4b X-NiX-Spam-Source-IP: 65.245.57.15 X-NiX-Spam-MX: mail.ixlab.de X-NiX-Spam-Listed: yes I've left our mail server stuff intact, but removed her email address - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --**--** - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@** qmailtoaster.com qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-help@** qmailtoaster.com qmailtoaster-list-h...@qmailtoaster.com Sorry, I meant /var/log/qmail/send/current: Here's a snippet from tail -f / www.google.com/mail/help/bulk_mail.html/421_4.7.0_to_review_our_Bulk_Email_Senders_Guidelines._x3si1699355oeb.22/ @40004f399b773829fbac status: local 0/10 remote 59/60 @40004f399b77382a037c starting delivery 6158346: msg 111052977 to remote rhender...@reviewjournal.com @40004f399b77382a0764 status: local 0/10 remote 60/60 @40004f399b7800f51ff4 delivery 6158340: success: User_and_password_not_set,_continuing_without_authentication./ rhende...@edisto.cofc.edu _153.9.243.29_accepted_message./Remote_host_said:_250_2.0.0_Ok:_queued_as_DCED3DCE63BBF87A/ @40004f399b7800f52bac status: local 0/10 remote 59/60 @40004f399b7800f52f94 starting delivery 6158347: msg 111052977 to remote
[qmailtoaster] Re: Backscatter Block Listing
On 02/13/2012 04:12 PM, Robert Van Dresar wrote: OK, I changed the password for the user I see in the emails. Also, I added our domains to the blacklist_senders file for spamdyke, and we don't have any webforms. However, I'm not the sharpest knife in the drawer when it comes to reading the smtp logs. I assume you mean the current log in the /var/logs/qmail/smtp directory. I'm doing a tail -f now to see if I can spot any patterns. I do see spamdyke doing its job and denying plenty of email. qmlog is great for monitoring logs: # qmlog -f smtp If you omit -f (follow, like tail), it'll put you into 'less' on the current log, and you can browse from there. qmlog does some nicer formatting. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Backscatter Block Listing
On 02/13/2012 04:19 PM, Robert Van Dresar wrote: Here's the evidence from one of the block lists: Return-Path: m...@spencer.com mailto:m...@spencer.com X-Original-To: mail@SPAMTRAP.INVALID Received: frommail.airplexus.com http://mail.airplexus.com (mail.airplexus.com http://mail.airplexus.com [65.245.57.15]) bymail.ixlab.de http://mail.ixlab.de (Spamtrap) with ESMTP for mail@SPAMTRAP.INVALID; Mon, 13 Feb 2012 21:38:50 +0100 (CET) Received: (qmail 9460 invoked by uid 89); 13 Feb 2012 18:16:22 - Received: by simscan 1.4.0 ppid: 8048, pid: 9438, t: 0.7778s scanners: attach: 1.4.0 clamav: 0.97.3 /m:54/d:14401 Received: from184-82-61-166.static.hostnoc.net http://184-82-61-166.static.hostnoc.net (HELO User) (email address removed@airplexus.com@184.82.61.166 mailto:airplexus.com@184.82.61.166) bymail.airplexus.com http://mail.airplexus.com with ESMTPA; 13 Feb 2012 18:16:22 - Reply-To:emma.thompso...@ymail.com mailto:emma.thompso...@ymail.com From: Rose Brownm...@spencer.com mailto:m...@spencer.com Subject: Offers : Marks Spencer Date: Mon, 13 Feb 2012 19:16:18 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1251 Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600. X-NiX-Spam-Hash2: d36eed170eb389bf1a5ab832cf972a4b X-NiX-Spam-Source-IP:65.245.57.15 X-NiX-Spam-MX:mail.ixlab.de http://mail.ixlab.de X-NiX-Spam-Listed: yes I've left our mail server stuff intact, but removed her email address Looks to me as though the address in the Received: from184 line contains the ip address of the culprit. If that's a random/widespread address, then it would appear to be a distributed source all right. It would be nice find the IP of the host which originated the message, either from the headers of the original message (which you may or may not be able to see in the bounce - I'm not sure), or you might use qmlog to search through your smtp and submission logs to see if you can find the IP address of the original sender. qmlog's -lc (logs containing) flag is useful for that. Once you know this address, you should feel comfortable whether the messages are coming from legitimate clients or not. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
Eric Shubert wrote: ... Authenticated users on port 25 bypass all of spamdyke's filters, so my guess at this point is that one (or more) of your users' login credentials have been compromised. Have a look at your smtp log, and see if you can determine which account(s) is being authenticated against with the bad emails. Do the back-scattered messages necessarily have to originate from your server? I've seen plenty of bounce messages that were sent to me simply because the spammer had forged an email address in the 'From' line or envelope of the message. Often, the address is not even an address that exists, but just one of the many nonsense addresses that not-too-smart spamware will extract from message IDs, mangled versions of real addresses, or fake addresses forged by other spammers. There are a lot of hosts out there that will still send NDRs to the envelope sender or 'From' address even though an SPF check ought to tell them that that address should never be sending mail from some-hacked-pc.bigtelco.ru. Angus - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
On Mon, Feb 13, 2012 at 5:45 PM, Eric Shubert e...@shubes.net wrote: On 02/13/2012 04:19 PM, Robert Van Dresar wrote: Here's the evidence from one of the block lists: Return-Path: m...@spencer.com mailto:m...@spencer.com X-Original-To: mail@SPAMTRAP.INVALID Received: frommail.airplexus.com http://mail.airplexus.com ( mail.airplexus.com http://mail.airplexus.com [65.245.57.15]) bymail.ixlab.de http://mail.ixlab.de (Spamtrap) with ESMTP for mail@SPAMTRAP.INVALID; Mon, 13 Feb 2012 21:38:50 +0100 (CET) Received: (qmail 9460 invoked by uid 89); 13 Feb 2012 18:16:22 - Received: by simscan 1.4.0 ppid: 8048, pid: 9438, t: 0.7778s scanners: attach: 1.4.0 clamav: 0.97.3 /m:54/d:14401 Received: from184-82-61-166.static.**hostnoc.nethttp://from184-82-61-166.static.hostnoc.net http://184-82-61-166.static.**hostnoc.nethttp://184-82-61-166.static.hostnoc.net (HELO User) (email address removed@airplexus.com@184.82.**61.166airplexus.com@184.82.61.166 mailto: airplexus.com@184.82.**61.166 airplexus.com@184.82.61.166) bymail.airplexus.com http://mail.airplexus.com with ESMTPA; 13 Feb 2012 18:16:22 - Reply-To:emma.thompson67@**ymail.com emma.thompso...@ymail.com mailto: emma.thompson67@ymail.**com emma.thompso...@ymail.com From: Rose Brownm...@spencer.com mailto:m...@spencer.com Subject: Offers : Marks Spencer Date: Mon, 13 Feb 2012 19:16:18 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1251 Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600. X-NiX-Spam-Hash2: d36eed170eb389bf1a5ab832cf972a**4b X-NiX-Spam-Source-IP:65.245.**57.15 X-NiX-Spam-MX:mail.ixlab.de http://mail.ixlab.de X-NiX-Spam-Listed: yes I've left our mail server stuff intact, but removed her email address Looks to me as though the address in the Received: from184 line contains the ip address of the culprit. If that's a random/widespread address, then it would appear to be a distributed source all right. It would be nice find the IP of the host which originated the message, either from the headers of the original message (which you may or may not be able to see in the bounce - I'm not sure), or you might use qmlog to search through your smtp and submission logs to see if you can find the IP address of the original sender. qmlog's -lc (logs containing) flag is useful for that. Once you know this address, you should feel comfortable whether the messages are coming from legitimate clients or not. -- -Eric 'shubes' Those addresses are not in my address space. I'll check the logs to see what I find? --**--** - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --**--** - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@** qmailtoaster.com qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-help@** qmailtoaster.com qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Backscatter Block Listing
On 02/13/2012 04:27 PM, Robert Van Dresar wrote: On Mon, Feb 13, 2012 at 5:19 PM, Robert Van Dresar rvandre...@airplexus.com mailto:rvandre...@airplexus.com wrote: On Mon, Feb 13, 2012 at 5:09 PM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: On 02/13/2012 03:47 PM, Robert Van Dresar wrote: You are right, all of our users have to authenticate to send email, I believe that's the default behavior of a stock QMT, so does that mean I can add our domains to the blacklist-senders file?? Yes, by all means. Records in that file should look like: @mydomain.com http://mydomain.com I've tested for open relay, and that test returns OK. The failure notices I receive in the postmaster account point to one of our users, but it says the offending email is from her-email-address@our.domain@__some-random-ip-address, and bounces back to about 50 other email addresses. I'm not quite sure what you mean here. A specific example with headers would help. Try to leave as much data intact as you can, but user and domain names can be substituted consistently if you want to. Her computer was off all weekend, and we virus scanned it this morning and nothing. I really didn't think of her password being compromised that's easy enough to change. I guess I'll try that, especially since we're listed on five block lists now. Sounds as though that's the culprit then. You should attempt to find out how her password was compromised. It can (and does occasionally) happen by network traffic sniffing if her configuration sends a password in clear text anywhere (I've seen it happen, once). This could be via webmail w/out https (the stock QMT unfortunately allows this), or via a client program that's not using TLS, such as a remote Outlook03 client. If you have remote clients using Outlook03, you should set up QMT to handle smtps (port 465), and configure those clients to use SSL accordingly. If possible, all clients should use TLS for their smtp submissions, whether on port 25 or 587. Unfortunately, QMT cannot yet enforce use of TLS. Such a feature has been requested to be added to spamdyke, and may (if we're lucky) be included in the next spamdyke release. Please keep us posted. -- -Eric 'shubes' Here's the evidence from one of the block lists: Return-Path: m...@spencer.com mailto:m...@spencer.com X-Original-To: mail@SPAMTRAP.INVALID Received: frommail.airplexus.com http://mail.airplexus.com (mail.airplexus.com http://mail.airplexus.com [65.245.57.15]) bymail.ixlab.de http://mail.ixlab.de (Spamtrap) with ESMTP for mail@SPAMTRAP.INVALID; Mon, 13 Feb 2012 21:38:50 +0100 (CET) Received: (qmail 9460 invoked by uid 89); 13 Feb 2012 18:16:22 - Received: by simscan 1.4.0 ppid: 8048, pid: 9438, t: 0.7778s scanners: attach: 1.4.0 clamav: 0.97.3 /m:54/d:14401 Received: from184-82-61-166.static.hostnoc.net http://184-82-61-166.static.hostnoc.net (HELO User) (email address removed@airplexus.com@184.82.61.166 mailto:airplexus.com@184.82.61.166) bymail.airplexus.com http://mail.airplexus.com with ESMTPA; 13 Feb 2012 18:16:22 - Reply-To:emma.thompso...@ymail.com mailto:emma.thompso...@ymail.com From:Rose Brownm...@spencer.com mailto:m...@spencer.com Subject: Offers : Marks Spencer Date: Mon, 13 Feb 2012 19:16:18 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1251 Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600. X-NiX-Spam-Hash2: d36eed170eb389bf1a5ab832cf972a4b X-NiX-Spam-Source-IP:65.245.57.15 X-NiX-Spam-MX:mail.ixlab.de http://mail.ixlab.de X-NiX-Spam-Listed: yes I've left our mail server stuff intact, but removed her email address - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com http://www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --__--__- Please visit qmailtoaster.com http://qmailtoaster.com for the latest news, updates, and packages.
Re: [qmailtoaster] Re: Backscatter Block Listing
On Mon, Feb 13, 2012 at 5:52 PM, Eric Shubert e...@shubes.net wrote: On 02/13/2012 04:27 PM, Robert Van Dresar wrote: On Mon, Feb 13, 2012 at 5:19 PM, Robert Van Dresar rvandre...@airplexus.com mailto:rvandresar@airplexus.**comrvandre...@airplexus.com wrote: On Mon, Feb 13, 2012 at 5:09 PM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: On 02/13/2012 03:47 PM, Robert Van Dresar wrote: You are right, all of our users have to authenticate to send email, I believe that's the default behavior of a stock QMT, so does that mean I can add our domains to the blacklist-senders file?? Yes, by all means. Records in that file should look like: @mydomain.com http://mydomain.com I've tested for open relay, and that test returns OK. The failure notices I receive in the postmaster account point to one of our users, but it says the offending email is from her-email-address@our.domain@**__some-random-ip-address, and bounces back to about 50 other email addresses. I'm not quite sure what you mean here. A specific example with headers would help. Try to leave as much data intact as you can, but user and domain names can be substituted consistently if you want to. Her computer was off all weekend, and we virus scanned it this morning and nothing. I really didn't think of her password being compromised that's easy enough to change. I guess I'll try that, especially since we're listed on five block lists now. Sounds as though that's the culprit then. You should attempt to find out how her password was compromised. It can (and does occasionally) happen by network traffic sniffing if her configuration sends a password in clear text anywhere (I've seen it happen, once). This could be via webmail w/out https (the stock QMT unfortunately allows this), or via a client program that's not using TLS, such as a remote Outlook03 client. If you have remote clients using Outlook03, you should set up QMT to handle smtps (port 465), and configure those clients to use SSL accordingly. If possible, all clients should use TLS for their smtp submissions, whether on port 25 or 587. Unfortunately, QMT cannot yet enforce use of TLS. Such a feature has been requested to be added to spamdyke, and may (if we're lucky) be included in the next spamdyke release. Please keep us posted. -- -Eric 'shubes' Here's the evidence from one of the block lists: Return-Path: m...@spencer.com mailto:m...@spencer.com X-Original-To: mail@SPAMTRAP.INVALID Received: frommail.airplexus.com http://mail.airplexus.com ( mail.airplexus.com http://mail.airplexus.com [65.245.57.15]) bymail.ixlab.de http://mail.ixlab.de (Spamtrap) with ESMTP for mail@SPAMTRAP.INVALID; Mon, 13 Feb 2012 21:38:50 +0100 (CET) Received: (qmail 9460 invoked by uid 89); 13 Feb 2012 18:16:22 - Received: by simscan 1.4.0 ppid: 8048, pid: 9438, t: 0.7778s scanners: attach: 1.4.0 clamav: 0.97.3 /m:54/d:14401 Received: from184-82-61-166.static.**hostnoc.nethttp://from184-82-61-166.static.hostnoc.net http://184-82-61-166.static.**hostnoc.nethttp://184-82-61-166.static.hostnoc.net (HELO User) (email address removed@airplexus.com@184.82.**61.166airplexus.com@184.82.61.166 mailto: airplexus.com@184.82.**61.166 airplexus.com@184.82.61.166) bymail.airplexus.com http://mail.airplexus.com with ESMTPA; 13 Feb 2012 18:16:22 - Reply-To:emma.thompson67@**ymail.com emma.thompso...@ymail.com mailto: emma.thompson67@ymail.**com emma.thompso...@ymail.com From:Rose Brownm...@spencer.com mailto:m...@spencer.com Subject: Offers : Marks Spencer Date: Mon, 13 Feb 2012 19:16:18 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1251 Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600. X-NiX-Spam-Hash2: d36eed170eb389bf1a5ab832cf972a**4b X-NiX-Spam-Source-IP:65.245.**57.15 X-NiX-Spam-MX:mail.ixlab.de http://mail.ixlab.de X-NiX-Spam-Listed: yes I've left our mail server stuff intact, but removed her email address --**--** - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com http://www.vickersconsulting.**comhttp://www.vickersconsulting.com ) Vickers Consulting Group
[qmailtoaster] Backscatter Block Listing
Can someone on the list please give me a little guidance? Our mail server has been under attack today. Our normal email load is between 30 and 50 thousand emails per day; today we've processed close to 200 thousand. If I'm reading the bounce messages right, it looks like one of our users emails is being forged, and backscatter is spewing from our server causing us to be black listed repeatedly. Can someone explain to me how to verify this theory, or determine if our server is actually sending all of this mail? I recently implemented Spamdyke, and it has been doing a great job. Should I have our local domains in the blacklist-senders file? What do I need to implement before I do that? Is there some info I can post to help determine the cause of this PITA? Thanks in advance Robert Van Dresar Airplexus, Inc. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
On Mon, Feb 13, 2012 at 6:04 PM, Robert Van Dresar rvandre...@airplexus.com wrote: On Mon, Feb 13, 2012 at 5:52 PM, Eric Shubert e...@shubes.net wrote: On 02/13/2012 04:27 PM, Robert Van Dresar wrote: On Mon, Feb 13, 2012 at 5:19 PM, Robert Van Dresar rvandre...@airplexus.com mailto:rvandresar@airplexus.**comrvandre...@airplexus.com wrote: On Mon, Feb 13, 2012 at 5:09 PM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: On 02/13/2012 03:47 PM, Robert Van Dresar wrote: You are right, all of our users have to authenticate to send email, I believe that's the default behavior of a stock QMT, so does that mean I can add our domains to the blacklist-senders file?? Yes, by all means. Records in that file should look like: @mydomain.com http://mydomain.com I've tested for open relay, and that test returns OK. The failure notices I receive in the postmaster account point to one of our users, but it says the offending email is from her-email-address@our.domain@**__some-random-ip-address, and bounces back to about 50 other email addresses. I'm not quite sure what you mean here. A specific example with headers would help. Try to leave as much data intact as you can, but user and domain names can be substituted consistently if you want to. Her computer was off all weekend, and we virus scanned it this morning and nothing. I really didn't think of her password being compromised that's easy enough to change. I guess I'll try that, especially since we're listed on five block lists now. Sounds as though that's the culprit then. You should attempt to find out how her password was compromised. It can (and does occasionally) happen by network traffic sniffing if her configuration sends a password in clear text anywhere (I've seen it happen, once). This could be via webmail w/out https (the stock QMT unfortunately allows this), or via a client program that's not using TLS, such as a remote Outlook03 client. If you have remote clients using Outlook03, you should set up QMT to handle smtps (port 465), and configure those clients to use SSL accordingly. If possible, all clients should use TLS for their smtp submissions, whether on port 25 or 587. Unfortunately, QMT cannot yet enforce use of TLS. Such a feature has been requested to be added to spamdyke, and may (if we're lucky) be included in the next spamdyke release. Please keep us posted. -- -Eric 'shubes' Here's the evidence from one of the block lists: Return-Path: m...@spencer.com mailto:m...@spencer.com X-Original-To: mail@SPAMTRAP.INVALID Received: frommail.airplexus.com http://mail.airplexus.com ( mail.airplexus.com http://mail.airplexus.com [65.245.57.15]) bymail.ixlab.de http://mail.ixlab.de (Spamtrap) with ESMTP for mail@SPAMTRAP.INVALID; Mon, 13 Feb 2012 21:38:50 +0100 (CET) Received: (qmail 9460 invoked by uid 89); 13 Feb 2012 18:16:22 - Received: by simscan 1.4.0 ppid: 8048, pid: 9438, t: 0.7778s scanners: attach: 1.4.0 clamav: 0.97.3 /m:54/d:14401 Received: from184-82-61-166.static.**hostnoc.nethttp://from184-82-61-166.static.hostnoc.net http://184-82-61-166.static.**hostnoc.nethttp://184-82-61-166.static.hostnoc.net (HELO User) (email address removed@airplexus.com@184.82.**61.166airplexus.com@184.82.61.166 mailto: airplexus.com@184.82.**61.166 airplexus.com@184.82.61.166) bymail.airplexus.com http://mail.airplexus.com with ESMTPA; 13 Feb 2012 18:16:22 - Reply-To:emma.thompson67@**ymail.com emma.thompso...@ymail.com mailto: emma.thompson67@ymail.**com emma.thompso...@ymail.com From:Rose Brownm...@spencer.com mailto:m...@spencer.com Subject: Offers : Marks Spencer Date: Mon, 13 Feb 2012 19:16:18 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1251 Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600. X-NiX-Spam-Hash2: d36eed170eb389bf1a5ab832cf972a**4b X-NiX-Spam-Source-IP:65.245.**57.15 X-NiX-Spam-MX:mail.ixlab.de http://mail.ixlab.de X-NiX-Spam-Listed: yes I've left our mail server stuff intact, but removed her email address --**--** - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com
[qmailtoaster] Re: Backscatter Block Listing
On 02/13/2012 05:04 PM, Robert Van Dresar wrote: Eric, What's the syntax for the qmHandle -ts command?? I keep getting Subject: -ts not found in queue when I execute qmHandle -ts 'string'?? Are you specifying the entire subject string (which is what I think you need with -ts)? If you simply want to match part of the subject, I'd try the -Stext option. I didn't write the thing, so I'm not exactly sure. ;) -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Backscatter Block Listing
On 02/13/2012 05:12 PM, Robert Van Dresar wrote: Never mind, I figured it out. Now when I restart qmail I get unable to acquire send/supervise/lock: temporary failure Stop qmail, then kill any remaining qmail processes (smtp, remote), then remove the /var/qmail/supervise/send/supervise/lock file. It would be good to then do # queue_repair.py -r to be sure that there's no queue corruption. Then start qmail again. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Backscatter Block Listing
On Mon, Feb 13, 2012 at 6:24 PM, Eric Shubert e...@shubes.net wrote: On 02/13/2012 05:12 PM, Robert Van Dresar wrote: Never mind, I figured it out. Now when I restart qmail I get unable to acquire send/supervise/lock: temporary failure Stop qmail, then kill any remaining qmail processes (smtp, remote), then remove the /var/qmail/supervise/send/**supervise/lock file. It would be good to then do # queue_repair.py -r to be sure that there's no queue corruption. Then start qmail again. -- -Eric 'shubes' Everything appears to be back up and running smoothly. I haven't seen anymore of the spam messages in the queue since deleting them. I guess her account got compromised and changing the password might have worked. Thanks for all of your help I really appreciate it. Robert --**--** - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --**--** - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@** qmailtoaster.com qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-help@** qmailtoaster.com qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
On 02/14/2012 01:43 AM, Eric Shubert wrote: In summary, going forward QMT will be available only on RHEL/CentOS platforms, for both x86 and x86_64 architectures. This will simplify spec files, documentation and installation/utility scripts substantially. I agree and thank you all for the great work done. P.V.Anthony - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
1+ 2012/2/13, P.V.Anthony pvant...@singnet.com.sg: On 02/14/2012 01:43 AM, Eric Shubert wrote: In summary, going forward QMT will be available only on RHEL/CentOS platforms, for both x86 and x86_64 architectures. This will simplify spec files, documentation and installation/utility scripts substantially. I agree and thank you all for the great work done. P.V.Anthony - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Enviado desde mi dispositivo móvil - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
I have to echo the sentiment so far. I do not see an issue with CentOS and moved that way myself well over two years ago after starting on Fedora. CentOS is just more stable and the versions are supported longer. -Original Message- From: Carlos Herrera Polo [mailto:carlos.herrerap...@gmail.com] Sent: Monday, February 13, 2012 5:50 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY 1+ 2012/2/13, P.V.Anthony pvant...@singnet.com.sg: On 02/14/2012 01:43 AM, Eric Shubert wrote: In summary, going forward QMT will be available only on RHEL/CentOS platforms, for both x86 and x86_64 architectures. This will simplify spec files, documentation and installation/utility scripts substantially. I agree and thank you all for the great work done. P.V.Anthony -- --- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Enviado desde mi dispositivo móvil - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
+1 for CentOS, I ve used Scientific Linux and found CentOS still is a better fit for Enterprise. -Original Message- From: Helmut Fritz [mailto:hel...@fritz.us.com] Sent: Monday, February 13, 2012 8:40 PM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Future Distros - RHEL/CentOS ONLY I have to echo the sentiment so far. I do not see an issue with CentOS and moved that way myself well over two years ago after starting on Fedora. CentOS is just more stable and the versions are supported longer. -Original Message- From: Carlos Herrera Polo [mailto:carlos.herrerap...@gmail.com] Sent: Monday, February 13, 2012 5:50 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY 1+ 2012/2/13, P.V.Anthony pvant...@singnet.com.sg: On 02/14/2012 01:43 AM, Eric Shubert wrote: In summary, going forward QMT will be available only on RHEL/CentOS platforms, for both x86 and x86_64 architectures. This will simplify spec files, documentation and installation/utility scripts substantially. I agree and thank you all for the great work done. P.V.Anthony -- --- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Enviado desde mi dispositivo móvil - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
+1 for CentOS Biju Jose Mobile : +91 9895 990 272 Visit us at http://whitesindia.com please consider the environment before printing this e-mail. -Original Message- From: Domnick Eger [mailto:de...@cobercafe.net] Sent: Tuesday, February 14, 2012 9:18 AM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Future Distros - RHEL/CentOS ONLY +1 for CentOS, I ve used Scientific Linux and found CentOS still is a better fit for Enterprise. -Original Message- From: Helmut Fritz [mailto:hel...@fritz.us.com] Sent: Monday, February 13, 2012 8:40 PM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Future Distros - RHEL/CentOS ONLY I have to echo the sentiment so far. I do not see an issue with CentOS and moved that way myself well over two years ago after starting on Fedora. CentOS is just more stable and the versions are supported longer. -Original Message- From: Carlos Herrera Polo [mailto:carlos.herrerap...@gmail.com] Sent: Monday, February 13, 2012 5:50 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY 1+ 2012/2/13, P.V.Anthony pvant...@singnet.com.sg: On 02/14/2012 01:43 AM, Eric Shubert wrote: In summary, going forward QMT will be available only on RHEL/CentOS platforms, for both x86 and x86_64 architectures. This will simplify spec files, documentation and installation/utility scripts substantially. I agree and thank you all for the great work done. P.V.Anthony -- --- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Enviado desde mi dispositivo móvil - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
Thumbs up :) On 14 February 2012 05:49, Biju Jose b...@whitesindia.com wrote: +1 for CentOS Biju Jose Mobile : +91 9895 990 272 Visit us at http://whitesindia.com please consider the environment before printing this e-mail. -Original Message- From: Domnick Eger [mailto:de...@cobercafe.net] Sent: Tuesday, February 14, 2012 9:18 AM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Future Distros - RHEL/CentOS ONLY +1 for CentOS, I ve used Scientific Linux and found CentOS still is a better fit for Enterprise. -Original Message- From: Helmut Fritz [mailto:hel...@fritz.us.com] Sent: Monday, February 13, 2012 8:40 PM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Future Distros - RHEL/CentOS ONLY I have to echo the sentiment so far. I do not see an issue with CentOS and moved that way myself well over two years ago after starting on Fedora. CentOS is just more stable and the versions are supported longer. -Original Message- From: Carlos Herrera Polo [mailto:carlos.herrerap...@gmail.com] Sent: Monday, February 13, 2012 5:50 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY 1+ 2012/2/13, P.V.Anthony pvant...@singnet.com.sg: On 02/14/2012 01:43 AM, Eric Shubert wrote: In summary, going forward QMT will be available only on RHEL/CentOS platforms, for both x86 and x86_64 architectures. This will simplify spec files, documentation and installation/utility scripts substantially. I agree and thank you all for the great work done. P.V.Anthony -- --- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Enviado desde mi dispositivo móvil - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
+1 CentOs Thumbs up :) On 14 February 2012 05:49, Biju Jose b...@whitesindia.com wrote: +1 for CentOS Biju Jose Mobile : +91 9895 990 272 Visit us at http://whitesindia.com snip - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
Good call. I've been using the CentOS/QMT combination since 2005 and wouldn't think of any other. On 2/13/2012 10:43 AM, Eric Shubert wrote: I've done a good deal of thinking about this, and think that it'd be best to run it by the community at large (not just the developers) for everyone's consideration. This is not really new, and is not much different than what Jake had committed to some time ago. I just want to be sure that everyone is on board with this, and explain a few things. Due to various changes in the IT landscape over the past several years, I think it's best that future QMT development be limited to the RHEL/CentOS platform. There are several factors involved. First is that we'll be changing the method of distribution from source rpms to binary rpms, using yum to install packages (qtp-newmodel will be modified accordingly). We can do this because the qmail (et al) licensing was changed to public domain a couple years ago, so there is no restriction to distribute source-only any more. We also have mirrors in place that eliminate the need to have a single distribution point with high bandwidth capability. Using binary rpms for distribution not only simplifies installs and upgrades, but it also substantially reduces the disk space required, in addition to making QMT more secure due to the absence of a compiler and build tools. All in all, this is a win-win change. Secondly, the industry in general is moving toward virtual hosts, and QMT is making this move as well (many of us already run QMT as one or more VM guests). One of the advantages of virtualization is that multiple machines can coexist on the same host hardware, concurrently running entirely different operating systems and versions of languages and software. There's little need any more for QMT to coexist on the same machine with other applications or services. In fact, things are moving in a direction such that QMT itself will become divided into logical roles that will be able to implemented on separate hosts, allowing for more flexible and scalable QMT configurations. Stay tuned for that development, which is a ways off yet. So let's take a look briefly at the prominent distros that QMT will be discontinuing. Mandriva is on the ropes, struggling to survive. If you presently have a QMT running on Mandy, I would seriously consider a migration in the near future. SUSE does not use yum, it has yast instead. When I looked at yast some time ago it had no CLI, which was a big drawback to me. While I expect that yum could be installed and used, it goes against the When in Rome philosophy. The source rpms will of course continue to be available, so if someone cares to adapt them for SUSE, they may do so. While Fedora contains a great deal of what's in store for future RHEL/CentOS releases, it's not well suited as a QMT platform, simply because it changes too often (a new release twice a year), and most often none of the changes provide any benefit to QMT. If there happens to be something that would benefit QMT, it would most likely be available for RHEL/CentOS in the EPEL repo. So there is really no sense in packaging QMT for Fedora. I think this covers the distros worth mentioning. If I missed one, please let me know. In summary, going forward QMT will be available only on RHEL/CentOS platforms, for both x86 and x86_64 architectures. This will simplify spec files, documentation and installation/utility scripts substantially. For all other distros, the existing build options in the spec files will no longer be included. They will however be archived in a source code repository before being removed, so that they'll be available should anyone want to reference them at some point in the future. If you have a problem with or question about any of this, or you'd simply like to comment about something, please don't hesitate to reply. Thanks to everyone for their continued support and participation. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
On Tue, Feb 14, 2012 at 11:01 AM, Eric Broch ebr...@whitehorsetc.comwrote: Good call. I've been using the CentOS/QMT combination since 2005 and wouldn't think of any other. On 2/13/2012 10:43 AM, Eric Shubert wrote: I've done a good deal of thinking about this, and think that it'd be best to run it by the community at large (not just the developers) for everyone's consideration. This is not really new, and is not much different than what Jake had committed to some time ago. I just want to be sure that everyone is on board with this, and explain a few things Good news I should say. CentOS I've been using for long now. It is my preferred GNU/Linux server OS. What about Ubuntu server, would the team consider getting qmailtoaster to work with it? If not why? Ashraf - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Khan Md. Ashraf First Floor, New #8 Old #12, 9th Cross Street, Shastrinagar, Chennai 600 020 India Tel: 91 44 24462713, 43018713, 42029358 Mobile: 91 9841032607
