Re: Re: [qmailtoaster] queue is flooding user
this shouldn't be happening at all if you've got the QMT installed correctly with CHKUSER (and it is on). These types of messages should be rejected BEFORE the queue--e.g. at the initial SMTP communication. Years ago, qmail USED TO reject messages post-queue with bounces, but that behavior was effectively and correctly modified by patch add-ons years ago. In this day and age, no mail server should ever reject messages post-queue with additional bounce messages. It's just improper and effectively turns your mail server into a spam server itself as you will be sending messages to what are invariably going to be forged return headers. Additionally, if you've got the Spamdyke add-on installed, you will also have additional options on before-the-queue rejections. Tim On Fri, October 9, 2015 4:45 am, Rajesh M wrote: > dan > > sorry to contradict but in my personal opinion this is not a good idea > if a the sender makes a mistake then my customer will not receive the > email and nobody will know. > > rajesh > > - Original Message - > From: Dan McAllister [mailto:q...@it4soho.com] > To: qmailtoaster-list@qmailtoaster.com > Sent: Thu, 8 Oct 2015 15:01:57 -0400 > Subject: Re: [qmailtoaster] queue is flooding user > > I suspect the queue messages that are stacking up are for the delivery > of the bounce -- which is also likely going to a non-existent user or > domain. > > My STRONGEST suggestion is to NOT BOUNCE messages that are directed to > non-existent users!!! > To do this, cd to the top of the domain in vpopmail (e.g.: > /home/vpopmail/domains/) > Then examine the file .qmail-default. > You want the last word to be "delete" not "bounce-no-mailbox" > > Dan > > > On 10/8/2015 2:51 PM, Eric Broch wrote: >> No one should be able to get a message in your queue to a non-existent >> user unless they're using an account that they've hacked. >> Someone correct me if I'm wrong. >> >> On 10/8/2015 12:37 PM, Eric Broch wrote: >>> Has someone hacked a password? >>> >>> On 10/8/2015 11:59 AM, Rajesh M wrote: spammer is emailing a non existent user on my server. qmailtoaster is accepting the email and then trying to respond back my queue is flooding because ot this should'nt chkuser be directly bouncing the email during smtp transaction time when email id is not present on the server ? pl see below the message trapped in my queue. kindly let me know how i could prevent these thanks for your help rajesh log files @40005616a19e352eb154 info msg 1840641: bytes 60095 from qp 40028 uid 89 @40005616a19e36a305bc starting delivery 1066: msg 1840641 to localposeidonship.com-bandu_p-...@poseidonship.com @40005616a19e36a328e4 status: local 1/200 remote 60/60 @40005616a19e374ed234 delivery 1066: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ sample bounce message Received: (qmail 5240 invoked for bounce); 8 Oct 2015 17:23:48 - Date: 8 Oct 2015 17:23:48 - From:mailer-dae...@ns1.bizmailserver.net To:agulle...@redbrokerage.com Subject: failure notice Hi. This is the qmail-send program at ns1.bizmailserver.net. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. : Sorry, no mailbox here by that name. (#5.1.1) --- Below this line is a copy of the message. Return-Path: Received: (qmail 3803 invoked by uid 89); 8 Oct 2015 17:19:29 - Received: by simscan 1.4.0 ppid: 3636, pid: 3743, t: 2.9901s scanners: attach: 1.4.0 clamav: 0.98.6/m: spam: 3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ns1.bizmailserver.net X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=T_FROM_12LTRDOM autolearn=disabled version=3.3.2 Received: from unknown (HELO redbrokerage.com.inbound10.mxlogicmx.net) (187.234.134.4) by ns1.bizmailserver.net with SMTP; 8 Oct 2015 17:19:26 - Received-SPF: unknown (ns1.bizmailserver.net: domain at listrak does not designate permitted sender hosts) Received: from redbrokerage.com.inbound10.mxlogicmx.net (redbrokerage.com.inbound10.mxlogicmx.net [208.65.144.3]) by redbrokerage.com (Outbound Mail Relay) with ESMTP id yZSt49AdKNeARht0 for; Thu, 08 Oct 2015 13:19:29 -0400 (EDT) MIME-Version: 1.0 Message-ID:<5616a5a1.3ff1f...@redbrokerage.com.inbound10.mxlogicmx.net> Date: Thu, 08 Oct 2015 13:15:29 -0400 From: "Noemie Considine" To:bandu_p-...@poseidonship.com Subject: contract Content-Type: multipart/mixed; boundary="070709070301020805080405" --070709070301020805080405 Content-Type: text/plain; charset=utf-8; format=flowed >>
Re: [qmailtoaster] simcontrol.cdb rebuild
Thank you! Havrla wrote: mirror: http://wiki.qmailtoaster.net/ havrla Dne 8.10.2015 19:37, South Computers napsal(a): Also, a couple of resources for tyhe time being: Sorry to put liinks in, but: Giuseppe Perna wrote: Hello, i have modified the /var/qmail/control/simcontrol and set the values spamhits. How should I rebuild simcontrol.cdb? p.s. because the http://wiki.qmailtoaster.com/ is offline? thanks -- - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] queue is flooding user
It's a personal and business question, and it depends a lot on customer needs. From my point of view, emails are my business but are property of customers, and I must make my best in order to let them control their emails or have the best communication with their business partners using emails. Deleting messages to wrong recipients means to let senders believe their email has been delivered even if they mispelled the address, instead to advice them to correct the address. We are working this way since 15 years, and we never had problems with this way of thinking. Probably attacks may suggest temporary restrictions, but only in exceptional cases, not for normal usage. Normal solution (for us) is to reject messages at SMTP level, as it is done with paper email (unknown recipient) and voice calls (sorry, I'm not the person you are looking for). Regards, Tonino Il 09/10/2015 15:32, Dan McAllister ha scritto: Rajesh: I understand -- and if all the "players" in the email world were legitimate, kind, and thoughtful ... there wouldn't be QMail at all, because sendmail would still be doing a fine job and the configurations therein wouldn't be so hard after all. But that is not the REAL world. In THIS world, people actively work to abuse mail servers -- and many seek little more than the "fun" of disabling or at least disrupting mail service... and we (as mail admins) need to be PROACTIVE (not just reactive) in mitigating the threats. If I wasn't clear in my initial response -- this is what brought you to ask the original question in the first place! (Your queues are filling up with invalid bounce messages). That being said, the "bounce-no-mailbox" option is, in my opinion, the WORST of the 3 available options. It serves as an open invitation to: - shutdown your mail server at-will with bounce and double-bounce messages that will clog your queues for days - mine your system for valid email addresses (those that do not bounce) -- and sell the results to SPAM lists - multiple other "attacks" ... this isn't the point of this email... Sadly, it is also the "default" for our vpopmail implementations. But, _*there is another option*_ (other than "bounce-no-mailbox" or "delete"). If you fear that you may lose or miss something important, then replace the last word with an _*email address*_ (preferably on your server so delivery is local). This way messages sent to non-existent mailboxes will arrive in a specified mailbox and NOT bounce. You can periodically check that mailbox for misaddressed messages -- but be prepared to get a LOT of SPAM! This has the same benefits as "delete" (from the outside world perspective, everything is accepted) but still gives you a place to go to check for misdirected messages. NOTE: When clients want this, I typically create a "mailbox" that is NOT a legitimate Internet mail address. While it may not stay that way forever, I use a "non-existent" (so far) *.mail* TLD for these "catchall" accounts. So, for example, my client *abc.com* wants a catchall account, I configure it as *catch...@abc.com./mail/*//-- vpopmail has no issue creating the accounts, and the client can access the mailbox just fine, but no outside mailer will ever succeed in deliberately sending mail to or from that account, and my client cannot accidentally send mail from that account. If I have learned anything from the past 18 years of being an email admin it is that nothing is as easy as it seems. AKA: The devil is in the details. If you insist on keeping the "bounce-no-mailbox" option, get yourself some qmail queue handling tools (like qmHandle or qmqtool), not to mention qfixq -- all of which can be found with a simple google search. Good luck! Dan McAllister IT4SOHO On 10/9/2015 5:45 AM, Rajesh M wrote: dan sorry to contradict but in my personal opinion this is not a good idea if a the sender makes a mistake then my customer will not receive the email and nobody will know. rajesh - Original Message - From: Dan McAllister [mailto:q...@it4soho.com] To:qmailtoaster-list@qmailtoaster.com Sent: Thu, 8 Oct 2015 15:01:57 -0400 Subject: Re: [qmailtoaster] queue is flooding user I suspect the queue messages that are stacking up are for the delivery of the bounce -- which is also likely going to a non-existent user or domain. My STRONGEST suggestion is to NOT BOUNCE messages that are directed to non-existent users!!! To do this, cd to the top of the domain in vpopmail (e.g.: /home/vpopmail/domains/) Then examine the file .qmail-default. You want the last word to be "delete" not "bounce-no-mailbox" Dan On 10/8/2015 2:51 PM, Eric Broch wrote: No one should be able to get a message in your queue to a non-existent user unless they're using an account that they've hacked. Someone correct me if I'm wrong. On 10/8/2015 12:37 PM, Eric Broch wrote: Has someone hacked a pa
Re: [qmailtoaster] queue is flooding user
Rajesh: I understand -- and if all the "players" in the email world were legitimate, kind, and thoughtful ... there wouldn't be QMail at all, because sendmail would still be doing a fine job and the configurations therein wouldn't be so hard after all. But that is not the REAL world. In THIS world, people actively work to abuse mail servers -- and many seek little more than the "fun" of disabling or at least disrupting mail service... and we (as mail admins) need to be PROACTIVE (not just reactive) in mitigating the threats. If I wasn't clear in my initial response -- this is what brought you to ask the original question in the first place! (Your queues are filling up with invalid bounce messages). That being said, the "bounce-no-mailbox" option is, in my opinion, the WORST of the 3 available options. It serves as an open invitation to: - shutdown your mail server at-will with bounce and double-bounce messages that will clog your queues for days - mine your system for valid email addresses (those that do not bounce) -- and sell the results to SPAM lists - multiple other "attacks" ... this isn't the point of this email... Sadly, it is also the "default" for our vpopmail implementations. But, _*there is another option*_ (other than "bounce-no-mailbox" or "delete"). If you fear that you may lose or miss something important, then replace the last word with an _*email address*_ (preferably on your server so delivery is local). This way messages sent to non-existent mailboxes will arrive in a specified mailbox and NOT bounce. You can periodically check that mailbox for misaddressed messages -- but be prepared to get a LOT of SPAM! This has the same benefits as "delete" (from the outside world perspective, everything is accepted) but still gives you a place to go to check for misdirected messages. NOTE: When clients want this, I typically create a "mailbox" that is NOT a legitimate Internet mail address. While it may not stay that way forever, I use a "non-existent" (so far) *.mail* TLD for these "catchall" accounts. So, for example, my client *abc.com* wants a catchall account, I configure it as *catch...@abc.com./mail/*//-- vpopmail has no issue creating the accounts, and the client can access the mailbox just fine, but no outside mailer will ever succeed in deliberately sending mail to or from that account, and my client cannot accidentally send mail from that account. If I have learned anything from the past 18 years of being an email admin it is that nothing is as easy as it seems. AKA: The devil is in the details. If you insist on keeping the "bounce-no-mailbox" option, get yourself some qmail queue handling tools (like qmHandle or qmqtool), not to mention qfixq -- all of which can be found with a simple google search. Good luck! Dan McAllister IT4SOHO On 10/9/2015 5:45 AM, Rajesh M wrote: dan sorry to contradict but in my personal opinion this is not a good idea if a the sender makes a mistake then my customer will not receive the email and nobody will know. rajesh - Original Message - From: Dan McAllister [mailto:q...@it4soho.com] To: qmailtoaster-list@qmailtoaster.com Sent: Thu, 8 Oct 2015 15:01:57 -0400 Subject: Re: [qmailtoaster] queue is flooding user I suspect the queue messages that are stacking up are for the delivery of the bounce -- which is also likely going to a non-existent user or domain. My STRONGEST suggestion is to NOT BOUNCE messages that are directed to non-existent users!!! To do this, cd to the top of the domain in vpopmail (e.g.: /home/vpopmail/domains/) Then examine the file .qmail-default. You want the last word to be "delete" not "bounce-no-mailbox" Dan On 10/8/2015 2:51 PM, Eric Broch wrote: No one should be able to get a message in your queue to a non-existent user unless they're using an account that they've hacked. Someone correct me if I'm wrong. On 10/8/2015 12:37 PM, Eric Broch wrote: Has someone hacked a password? On 10/8/2015 11:59 AM, Rajesh M wrote: spammer is emailing a non existent user on my server. qmailtoaster is accepting the email and then trying to respond back my queue is flooding because ot this should'nt chkuser be directly bouncing the email during smtp transaction time when email id is not present on the server ? pl see below the message trapped in my queue. kindly let me know how i could prevent these thanks for your help rajesh log files @40005616a19e352eb154 info msg 1840641: bytes 60095 from qp 40028 uid 89 @40005616a19e36a305bc starting delivery 1066: msg 1840641 to localposeidonship.com-bandu_p-...@poseidonship.com @40005616a19e36a328e4 status: local 1/200 remote 60/60 @40005616a19e374ed234 delivery 1066: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ sample bounce message Received: (qmail 5240 invoked for bounce); 8 Oct 2015 17:23:48 - Date: 8 Oct 2015 17:23:48 - From:mailer-dae
Re: [qmailtoaster] simcontrol.cdb rebuild
mirror: http://wiki.qmailtoaster.net/ havrla Dne 8.10.2015 19:37, South Computers napsal(a): Also, a couple of resources for tyhe time being: Sorry to put liinks in, but: Archive.org: https://web.archive.org/web/20150302083237/http://wiki.qmailtoaster.com/index.php/Main_Page Google cache (doesn't stay around too long, but for what it's worth): http://webcache.googleusercontent.com/search?q=cache%3Awiki.qmailtoaster.com%2Findex.php%2FRebuilding_cdb_files&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:unofficial&client=seamonkey-a Giuseppe Perna wrote: Hello, i have modified the /var/qmail/control/simcontrol and set the values spamhits. How should I rebuild simcontrol.cdb? p.s. because the http://wiki.qmailtoaster.com/ is offline? thanks -- - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] queue is flooding user
dan sorry to contradict but in my personal opinion this is not a good idea if a the sender makes a mistake then my customer will not receive the email and nobody will know. rajesh - Original Message - From: Dan McAllister [mailto:q...@it4soho.com] To: qmailtoaster-list@qmailtoaster.com Sent: Thu, 8 Oct 2015 15:01:57 -0400 Subject: Re: [qmailtoaster] queue is flooding user I suspect the queue messages that are stacking up are for the delivery of the bounce -- which is also likely going to a non-existent user or domain. My STRONGEST suggestion is to NOT BOUNCE messages that are directed to non-existent users!!! To do this, cd to the top of the domain in vpopmail (e.g.: /home/vpopmail/domains/) Then examine the file .qmail-default. You want the last word to be "delete" not "bounce-no-mailbox" Dan On 10/8/2015 2:51 PM, Eric Broch wrote: > No one should be able to get a message in your queue to a non-existent > user unless they're using an account that they've hacked. > Someone correct me if I'm wrong. > > On 10/8/2015 12:37 PM, Eric Broch wrote: >> Has someone hacked a password? >> >> On 10/8/2015 11:59 AM, Rajesh M wrote: >>> spammer is emailing a non existent user on my server. >>> >>> qmailtoaster is accepting the email and then trying to respond back >>> >>> my queue is flooding because ot this >>> >>> should'nt chkuser be directly bouncing the email during smtp transaction >>> time when email id is not present on the server ? >>> >>> pl see below the message trapped in my queue. kindly let me know how i >>> could prevent these >>> >>> thanks for your help >>> >>> rajesh >>> >>> log files >>> >>> @40005616a19e352eb154 info msg 1840641: bytes 60095 >>> from qp 40028 uid 89 >>> @40005616a19e36a305bc starting delivery 1066: msg 1840641 to >>> localposeidonship.com-bandu_p-...@poseidonship.com >>> @40005616a19e36a328e4 status: local 1/200 remote 60/60 >>> @40005616a19e374ed234 delivery 1066: failure: >>> Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ >>> >>> >>> sample bounce message >>> >>> Received: (qmail 5240 invoked for bounce); 8 Oct 2015 17:23:48 - >>> Date: 8 Oct 2015 17:23:48 - >>> From:mailer-dae...@ns1.bizmailserver.net >>> To:agulle...@redbrokerage.com >>> Subject: failure notice >>> >>> Hi. This is the qmail-send program at ns1.bizmailserver.net. >>> I'm afraid I wasn't able to deliver your message to the following addresses. >>> This is a permanent error; I've given up. Sorry it didn't work out. >>> >>> : >>> Sorry, no mailbox here by that name. (#5.1.1) >>> >>> --- Below this line is a copy of the message. >>> >>> Return-Path: >>> Received: (qmail 3803 invoked by uid 89); 8 Oct 2015 17:19:29 - >>> Received: by simscan 1.4.0 ppid: 3636, pid: 3743, t: 2.9901s >>> scanners: attach: 1.4.0 clamav: 0.98.6/m: spam: 3.3.2 >>> X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on >>> ns1.bizmailserver.net >>> X-Spam-Level: >>> X-Spam-Status: No, score=0.0 required=5.0 tests=T_FROM_12LTRDOM >>> autolearn=disabled version=3.3.2 >>> Received: from unknown (HELO redbrokerage.com.inbound10.mxlogicmx.net) >>> (187.234.134.4) >>>by ns1.bizmailserver.net with SMTP; 8 Oct 2015 17:19:26 - >>> Received-SPF: unknown (ns1.bizmailserver.net: domain at listrak does not >>> designate permitted sender hosts) >>> Received: from redbrokerage.com.inbound10.mxlogicmx.net >>> (redbrokerage.com.inbound10.mxlogicmx.net [208.65.144.3]) >>> by redbrokerage.com (Outbound Mail Relay) with ESMTP id >>> yZSt49AdKNeARht0 >>> for; Thu, 08 Oct 2015 13:19:29 -0400 >>> (EDT) >>> MIME-Version: 1.0 >>> Message-ID:<5616a5a1.3ff1f...@redbrokerage.com.inbound10.mxlogicmx.net> >>> Date: Thu, 08 Oct 2015 13:15:29 -0400 >>> From: "Noemie Considine" >>> To:bandu_p-...@poseidonship.com >>> Subject: contract >>> Content-Type: multipart/mixed; >>> boundary="070709070301020805080405" >>> --070709070301020805080405 >>> Content-Type: text/plain; charset=utf-8; format=flowed >>> Content-Transfer-Encoding: 7bit >>> >>> Dear customer, >>> >>> I'm sending you a new contract of the project (Private collateral statement >>> of account) >>> >>> --070709070301020805080405 >>> Content-Type: application/zip; name="Private collateral statement of >>> account.zip" >>> Content-Description: "Private collateral statement of account.doc" >>> Content-Disposition: attachment; filename="Private collateral statement of >>> account.zip"; size=43024; >>> creation-date="Thu, 08 Oct 2015 13:16:29 -0400"; >>> modification-date="Thu, 08 Oct 2015 13:17:29 -0400" >>> Content-Transfer-Encoding: base64 >>> >>> >>> >>> >>> >>> - >>> To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com >>> For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com >> > --
