Re: [qmailtoaster] Spam problems
On 03/05/2008 12:34 PM, Richard Starkie wrote: I am trying to find a mail that I suspect may have been declared spam by my SpamAssasin, I have looked in the logs, however they appear to be a little light on content, can someone please confirm where I should be looking, and if the messages are stored somewhere prior to being deleted. I have a “standard” QMT install that has not been tweaked at all. Rich Good luck. Your best bet is to go off of timestamps in the spam logs compared with those from the smtp or send logs. Hopefully your server isn't too busy and you can track them that way. Aside from that, it's pretty hard to track things through the SA logs because as you said, they don't have much to go off of. What I have done to help with this, is to change the spec for simscan and build it with the option --enable-spamc-user=y. This causes simscan to pass the recipient address through to SpamAssassin, rather than calling SA as the clamav user which it does by default in QMT. The recipient then shows up in the SA logs instead of showing that every message was for the clamav user. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] TMDA
On 03/05/2008 01:01 PM, Ayesha wrote: Hi Qmailtoaster-list, Does anybody uses TMDA that could help me in configurations matters? With qmail, sure :-) -- Best regards, Ayesha mailto:[EMAIL PROTECTED] Yes, I have setup and used TMDA with QMT quite successfully on production systems. Contact me off-list and I'd be happy to arrange something with you. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Sorry._Although_I'm_listed_as_a_best-preference_MX_or_A_for_that_host,/it_isn't_in_my_control/locals_file,_so_I_don't_treat_it_as_local.
On 2/20/2008 4:29 PM, lordfuknowsyou wrote: Hello list. I am sorry that this topic has been covered before, I know, but I am stuck.. Please bear with me. Incoming mail works fine. I have a proper MX record. # dig mx miekungfu.com | grep MX ;miekungfu.com. IN MX miekungfu.com. 42532 IN MX 5 mail.miekungfu.com. Everything resolves fine. The problem occurs when I try and send out from the local machine. I have a ~/.forwarders file that should forward my logs etc to the account specified and that is what alerted me that something isn't right as I have not recieved any forwarded logs. So a simple #echo test | mail [EMAIL PROTECTED] fails with the message below. Of note: [EMAIL PROTECTED] -- why this, I sent to [EMAIL PROTECTED] [EMAIL PROTECTED] --again,this isn't a valid address And a few other entries untill I get the error as in the title of this mail. cat locals MAIL.MIEKUNGFU.COM Add localhost to your locals file. Or else use mail.miekungfu.com when sending mail to root. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] qmail question
On 02/13/2008 11:53 AM, [EMAIL PROTECTED] wrote: This isn't so much related to qmailtoaster as it is qmail itself and if this is better suited for a different list please let me know and I'll be happy to ask else where. The company I work at has a regular qmail install (not a toaster) with courier-imap, squirrelmail, qmail (1.05) vpopmail, etc. It's quite similar to a toaster setup but it doesn't seem to have the bells and whistles that make qmail an efficient and effective MTA. The problem I'm having with this qmail install is that it is accepting email from null senders and it's filling up the queue with emails because it can't bounce the emails as there is no from address. qmailctl queue shows similar output to this: 13 Feb 2008 18:34:00 GMT #224857 14730 remote [EMAIL PROTECTED] 13 Feb 2008 18:40:55 GMT #224858 3144 remote [EMAIL PROTECTED] 13 Feb 2008 18:34:21 GMT #224859 4433 remote [EMAIL PROTECTED] 13 Feb 2008 18:35:38 GMT #224862 1614 remote [EMAIL PROTECTED] 13 Feb 2008 18:35:51 GMT #224863 2829 remote [EMAIL PROTECTED] 13 Feb 2008 18:38:47 GMT #224864 2817 remote [EMAIL PROTECTED] 13 Feb 2008 18:39:16 GMT #224865 1665 remote [EMAIL PROTECTED] 13 Feb 2008 18:44:38 GMT #224866 2562 remote [EMAIL PROTECTED] 13 Feb 2008 18:39:21 GMT #224867 3119 remote [EMAIL PROTECTED] 13 Feb 2008 18:39:17 GMT #224868 1607 remote [EMAIL PROTECTED] 13 Feb 2008 18:39:31 GMT #224869 14776 remote [EMAIL PROTECTED] There is a rcpthosts file listing only the mailserver's domain and such so it isn't being used as an open relay. I noticed that my toaster had a badmailfrom file with the following contained within it: .*\ @.* [EMAIL PROTECTED] .*%.* So I added this file in /var/qmail/control on the qmail instance and hoped this would take care of the problem but it isn't. Is there a certain patch that I can install that will fix this problem or a certain file I can add that will fix the problem I'm having? Any advice or references to solutions would be great. Cheers, Jon QMT uses CHKUSER, which will check to make sure (at SMTP time) that a user exists before accepting the message. It rejects at SMTP time if the recipient doesn't exist, thereby eliminating the problem of a queue full of messages to non-existent recipients. http://www.interazioni.it/opensource/chkuser/ There is also a patch called validrcptto which does this same type of thing, but is a bit more flexible IMO. http://qmail.jms1.net/patches/validrcptto.cdb.shtml Implementing either one of these solutions will help you greatly. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] How to Block Insecure SMTP Auth
I have gotten ucspi-ssl working on port 465 for SSL enabled SMTP authentication, and auth is required on that port. What I want to do now is block authentication completely on port 25, so that users are forced to use SSL to auth. I can't find the correct variables for the SMTP run file to do this. On my qmailrocks machine, this is easily accomplished by having AUTH=0 in the smtp run file. What is the syntax to do the equivalent in QmailToaster? I haven't been able to find anything in the archive about this. Thanks, Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to Block Insecure SMTP Auth
On 11/21/2007 6:23 AM, Peter Peltonen wrote: Is it so, that the default SMTP auth is not SLL enabled? If so, could you document for rest of us, how you got SSL enabled? Cheers, Peter The default SMTP run file provides TLS on port 25. I wanted TLS+SSL to run on port 465 to provide a combination of encryption and a different port without RBL spamd checks. It's already in the wiki on how to get SSL working: http://wiki.qmailtoaster.com/index.php/SSL_on_submission_port. These directions worked fine on a brand new CentOS 5 install. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to Block Insecure SMTP Auth
On 11/21/2007 6:36 AM, Igor Smitran wrote: Isn't port 25 needed for incoming mails? If you block port 25 how will some other sender out of your domain be able to send you an email? For example, if [EMAIL PROTECTED] wants to send you an email then he will come to your port 25 and deliver the email. He will not be able to do smtp auth because he is not your user. Or am i wrong? Igor Absolutely. I'm not trying to block port 25. Of course I want to allow other MTA's to connect. What I am trying to do is block unencrypted authentication requests from users trying to send outbound mail. I want to force them to have to use the SSL service I've setup on port 465. As it stands, customers could use unencrypted authentication even though I've provided a secure option. I want to make that unavailable to them. As I said, it was quite easy to do this with my qmailrocks machine. I'm just trying to figure out how to accomplish the same thing on a qmailtoaster box. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to Block Insecure SMTP Auth
On 11/21/2007 07:40 AM, Jean-Paul van de Plasse wrote: Hi Adam, This seems to work : Change the /bin/true to /bin/false in your /var/qmail/supervise/smtp/run JP What I am trying to do is block unencrypted authentication requests from users trying to send outbound mail. I want to force them to have to use the SSL service I've setup on port 465. As it stands, customers could use unencrypted authentication even though I've provided a secure option. I want to make that unavailable to them. JP, Thanks for your suggestion. So I just tried /bin/false, and you are right in that it causes authentication to fail on port 25. However, smtpd still advertises 250 AUTH LOGIN PLAIN CRAM-MD5 which is verified by telnetting to port 25. This means that MUA's will still try to auth and send credentials unencrypted over the wire AFAICT. This is verified by tailing /var/log/maillog while trying to auth (I can see the connection attempts). Setting AUTH=0 on my qmailrocks machine causes smtpd to no longer advertise auth at all, and MUA's detect this and drop the connection with an error before any credentials are sent. This is the setup I am trying to replicate with QMT: to get smtpd on port 25 to not advertise auth at all. Any other ideas by anyone? Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to Block Insecure SMTP Auth
On 11/21/2007 09:31 AM, Davide Bozzelli wrote: Adam Cantwell ha scritto: Setting AUTH=0 on my qmailrocks machine causes smtpd to no longer advertise auth at all, and MUA's detect this and drop the connection with an error before any credentials are sent. This is the setup I am trying to replicate with QMT: to get smtpd on port 25 to not advertise auth at all. Set REQUIRE_AUTH=0 in /var/qmail/supervise/smtp/run do the same as qmailrocks have fun, davide As per my other posts in this thread, I'm not trying to require auth. I already have smtpd setup that way on port 465 using SSL. What I'm trying to do is not advertise auth at all on an unsecured connection. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to Block Insecure SMTP Auth
On 11/21/2007 09:22 AM, Jean-Paul van de Plasse wrote: Hi Adam, You are right about the advertising... Did see that also.. but it does make login in go wrong so to say :) Anyways there is no option now to stop this advertising from happening, I did not think this would be needed when I patched the require auth code in.. Wrong thinking it seems now.. Should be a small change to get what you want, but it requires coding.. Will try to see if I can find some time later today.. JP JP, I agree that it does serve the purpose of letting the user know authentication won't work without changing to use SSL. They will probably only try it once or twice before they switch and then it's not an issue anymore. However, all it takes is those one or two times for someone's credentials to get sniffed. Credentials shouldn't be sent in the clear period even once. IMO auth should only be advertised if the connection is secure. For reference on how I am accomplishing this with my qmailrocks machine, I use John Simpson's combined qmail patch (http://qmail.jms1.net/patches/combined-details.shtml). The particular feature I'm referring to is located at http://qmail.jms1.net/scripts/service-qmail-smtpd-run.shtml under the section called Options for the AUTH command. Thanks for your help on this. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Domain Keys/Yahoo Blocking
Todd W wrote: From: Todd W [EMAIL PROTECTED] I'm using 'v=spf1 mx -all' for my spf record. Is this a good, generic setting that we can suggest on the wiki? (i.e. accept mail from all domains listed in the given domain's MX section) So does the list agree that this is a sane generic DNS TXT record to suggest for spf? Thanks, Todd W. That is definitely how it should look unless you have a specific reason to include additional hosts. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] [tcpserver] defunct - IMAP/POP not starting
On 11/16/2007 02:26 PM, [EMAIL PROTECTED] wrote: Any thoughts folks? --- I think this happened while trying some things in another thread about trying to get DK working. Here's the problem now; authlib: up (pid 2323) 4230 seconds clamd: up (pid 2321) 4230 seconds imap4: up (pid 796) 0 seconds imap4-ssl: up (pid 801) 0 seconds pop3: up (pid 2333) 4230 seconds pop3-ssl: up (pid 806) 0 seconds send: up (pid 25498) 522 seconds smtp: up (pid 25501) 522 seconds spamd: up (pid 2330) 4230 seconds submission: up (pid 2337) 4230 seconds authlib/log: up (pid 2319) 4230 seconds clamd/log: up (pid 2322) 4230 seconds imap4/log: up (pid 2324) 4230 seconds imap4-ssl/log: up (pid 2334) 4230 seconds pop3/log: up (pid 2336) 4230 seconds pop3-ssl/log: up (pid 2320) 4230 seconds send/log: up (pid 2331) 4230 seconds smtp/log: up (pid 2325) 4230 seconds spamd/log: up (pid 2329) 4230 seconds submission/log: up (pid 2327) 4230 seconds IMAP and POP won't start anymore. In ps; Seems to be finding the FQDN alright. /usr/bin/tcpserver -v -R -H -l qm249.domain.com -x /etc/tcprules. This is obviously a problem and part of why IMAP isn't starting, right? root 4835 0.0 0.0 00 ? Z01:12 0:00 [tcpserver] defunct root 4840 0.0 0.0 00 ? Z01:12 0:00 [tcpserver] defunct root4845 0.0 0.0 0 0 ? Z01:12 0:00 [tcpserver] defunct This is qmail restarting repeatedly? root 25507 0.0 0.0 2528 320 ? S 00:59 0:00 qmail-lspawn ./Maildir/ qmailr 25508 0.0 0.0 2208 316 ? S00:59 0:00 qmail-rspawn qmailq 25509 0.0 0.0 2136 312 ? S00:59 0:00 qmail-clean In the /var/log/qmail/imap4/current file; @4000473d1e272f5637ac tcpserver: fatal: unable to figure out port number for /usr/sbin/imaplogin I'm at a loss :). Mike Post your run file for imapd and pop3d. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Domain Keys/Yahoo Blocking
Warren Melnick wrote: Do you have a properly formatted SPF record in place for your domain? W On Nov 12, 2007 9:50 AM, [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Whom ever helps you will ultimately help me as well. Not only do I have this problem with yahoo but email to hotmail just plain disappears. Not even a bounce and nothing in their bulk/spam folders either. Mike On Mon, 12 Nov 2007 09:17:50 -0500, Kyle Quillen wrote: Hello all, I have been fighting a problem with yahoo in that they are deferring all of my mail. Of course I have gone and filled out all of their forms and such but I just cannot seem to figure out what is going on and they for sure are not getting back to me. Anyways I think I have narrowed it down to be that it is a domain keys problem and that is why they are blocking me. Does anyone have any kind of an idea as to what I can do to start to get my emails flowing back to them? Thanks for your help Q Here is the error messages I keep getting: Connected to 216.39.53.1 http://216.39.53.1 but greeting failed. Remote host said: 421 Message from (74.218.24.5 http://74.218.24.5) temporarily deferred - 4.16.50. : Connected to 216.39.53.1 http://216.39.53.1 but greeting failed. Remote host said: 421 Message from (74.218.24.5 http://74.218.24.5) temporarily deferred - 4.16.50 . ly deferred or 421 Message from x.x.x.x temporarily deferred errors when sending mail to Yahoo!? If you are seeing the error code 421 Message from x.x.x.x temporarily deferred or 451 Message temporarily deferred in your SMTP logs, this indicates that the message you attempted to send was not accepted at Yahoo!. It is not a permanent error; your system will automatically re-try later. If you are seeing this same error consistently over an extended period of time, and you feel that your policies and practices comply with our guidelines (described below), we would encourage you to contact us with detailed information so that we can help diagnose your problem. For bulk mailers, please visit this page to review our best practice recommendations and, if appropriate, request assistance. If your mail server does not primarily send bulk mailings (e.g., you run a personal, corporate, educational, or ISP mail server), please fill out this form instead. If you are not the administrator of the mail server in question, please contact the administrator directly with the error message you are receiving. For Yahoo, you should have domainkeys setup properly. For Hotmail, you should setup a null SPF 2 (senderID) record (http://www.openspf.org/SPF_vs_Sender_ID) like this spf2.0/pra. This solved all off my issues with Hotmail/MSN. Before, I had the same Hotmail issues you describe. You should also have a normal SPF 1 record. Google checks both SPF and DK. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Domain Keys/Yahoo Blocking
Kyle Quillen wrote: So am I Right in saying that my dns record should look like this for the spf2.0 IN TXT spf2.0/pra Thanks Q Yes, that syntax is correct. Like I said, that alone solved all of my issues with Hotmail/MSN. As for Yahoo, they don't check SPF. They are the originators of DomainKey, and so you should have that setup properly to have reliable delivery to them. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Domain Keys/Yahoo Blocking
Kyle Quillen wrote: If I remember correctly Domain Keys was broken in the Toaster and thus was disabled. How did you work around that or is it now working correctly? Thanks Q I wasn't aware DK was broken in the toaster? I admin several QMT boxes, but none of them actually use DK to sign, they just validate incoming DK signed messages and that part works fine. The only qmail box I use to sign with DK is my qmailrocks-ish machine. I can try it out on a QMT box late tonight, but won't have time to get to it before then. Maybe someone has a better answer on this than me? Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Maximum Quota?
On Tue, September 18, 2007 8:45 am, Roxanne Sandesara wrote: Is there something with qmailadmin, or anything else anyone can think of or point me to, that determines an absolute maximum for allowable quota for a user's account? When I attempt to raise a quota on my system above 2gb (2048mb), the system sets a quota of 2048. I have users with a good bit more than that in their email stores currently on their computers. Now that I've managed to build a successful Horde installation, I've been seriously considering moving everyone to using Horde rather than Outlook (and a smattering of other clients). But if I can't bump their quota up any higher than 2048, I won't be able to do that, as I'll max them out just moving their email up onto the server. Roxanne The max quota size per user is 2GB. I can't remember if this is a limitation of qmail itself, vpopmail, courier-imap, or a combination of all of those. At any rate, you can't exceed 2GB to my knowledge. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] heavy load for latest clamav and spamd?
L. A. wrote: Is there anybody who try latest clamav 0.91.1 or spamassasin 3.2.2 that live on devel site under heavy load? I have load approx 1-3 messages per day at send or receive. And clamav 0 88 and spamd 3.1.8 works great, but for now i saw that clamd cannot use all viruses that freshclam download. So i want build new qt with latest versions of clamav and spamd but i'am not shure, because they stay long time on devel site. So is there somebody who have any problems on hi load servers with them? First of all, 10,000 - 30,000 messages per day is not even close to what I consider heavy load. I manage a couple of qmailtoaster servers, one of which handles 200,000 messages per day and the other one more than twice that. Even these I do not consider high load. I am currently running SA 3.2.1 and ClamAV 0.90.3 and have not had any issues at all with said load. I will be upgrading both of these machines tonight to the latest SA and clamav packages on the devel site. I had been waiting for the new SA to show up there to do an upgrade. Whenever I build a new QMT box, I always include whatever latest packages are on the devel site, and for the past two years that I have been using QMT I have not had any issues. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamassassin-toaster-3.2.1 ?
Running it on several machines here. Some upgraded, some fresh installs. I have not had any problems. Adam Johannes Weberhofer, Weberhofer GmbH wrote: At one of my servers it is running for a month without any problems. Johannes [EMAIL PROTECTED] schrieb: Hello, Just curious, has anyone been able to successfully upgrade to spamassassin-toaster-3.2.1 from the development site? regards, Chas - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] per-account SA config?
Russ Goodwin wrote: On our old qmail server we allowed users to modify their own white/black lists and SpamAssassin settings... we cobbled together maildrop scripts and a squirrelmail plugin to expose the functionality. I've searched the wiki and list archives, but I can't seem to find directions for doing this the QmailToaster way... I don't want to implement something custom only to have it break if/when we upgrade qmt. Are there directions out there? If you've done it before on qmt, any guidance would be greatly appreciated. -Russ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] The way I do it is by using a sql.cf for SpamAssassin, which allows per-user white/black lists, hit count, and subject line to be stored in MySQL. Then, I use the sasql Squirrelmail plugin which adds black/whitelist links when reading messages, plus an Options page. This seems to work fairly well. The QMT upgrade process doesn't hose SA, because it backs up the cf files. You may have add the plugin for Squirrelmail again after an upgrade, I can't remember. Even if you do, this is a fairly easy thing to have to fix after an upgrade. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamassassin-toaster-3.2.1 ?
[EMAIL PROTECTED] wrote: Adam and Johannes, Thanks for replying. Were there any issues with installed Perl modules, etc? I have tried twice to upgrade and had to go back to the earlier version both times. I'm running CentOS 4.5 and the latest (non-dev) qmt files. thanks, Chas. Running it on several machines here. Some upgraded, some fresh installs. I have not had any problems. Adam Johannes Weberhofer, Weberhofer GmbH wrote: At one of my servers it is running for a month without any problems. Johannes [EMAIL PROTECTED] schrieb: Hello, Just curious, has anyone been able to successfully upgrade to spamassassin-toaster-3.2.1 from the development site? regards, Chas - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Yes, there are a couple additional Perl modules you need for 3.2.1. Look at the QMT CentOS 5 Perl script: http://www.qmailtoaster.com/centos/cnt50/cnt50-perl.sh and it has them in there, I believe. I upgraded all of the Perl modules mentioned in that script when I installed 3.2.1 so that everything was current. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] per-account SA config?
Russ Goodwin wrote: At 08:35 PM 7/11/2007, Adam Cantwell wrote: Russ Goodwin wrote: On our old qmail server we allowed users to modify their own white/black lists and SpamAssassin settings... we cobbled together maildrop scripts and a squirrelmail plugin to expose the functionality. I've searched the wiki and list archives, but I can't seem to find directions for doing this the QmailToaster way... I don't want to implement something custom only to have it break if/when we upgrade qmt. Are there directions out there? If you've done it before on qmt, any guidance would be greatly appreciated. -Russ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] The way I do it is by using a sql.cf for SpamAssassin, which allows per-user white/black lists, hit count, and subject line to be stored in MySQL. Then, I use the sasql Squirrelmail plugin which adds black/whitelist links when reading messages, plus an Options page. This seems to work fairly well. The QMT upgrade process doesn't hose SA, because it backs up the cf files. You may have add the plugin for Squirrelmail again after an upgrade, I can't remember. Even if you do, this is a fairly easy thing to have to fix after an upgrade. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Thanks Adam, this looks better than our old solution... I'm trying it now and the only hitch is that SA seems to always think the user is clamav, instead of the actual [EMAIL PROTECTED], thus ignoring the users' preferences. How'd you get spamd/spamc to see the right user? I looked at simcontrol, but don't see how to change how spamc is called. The relevant line in my /var/qmail/supervise/spamd/run file reads: exec /usr/bin/spamd -x -q -u vpopmail -s stderr 21 Thanks. -Russ Your spamd run line looks good. I think your problem is with simscan. If I remember correctly, simscan needs to be compiled with '--enable-spamc-user=y' in order for it to pass the recipients address through to spamd. The QMT simscan is not compiled this way. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] help getting tmomail.net MMS messages -- invalid sender issues
Need some help getting tmomail.net MMS messages into my qmail server. Gmail.com has apparently overcome the invalid sender issues which are blocked by chkuser. Mail to earthlink.net also succeeds. My qmail / vpopmail: vpopmail-toaster-5.4.13-1.3.3 Uses chkuser: v. 2.0.8 for vpopmail 5.3.x Email server blocks MMS email from tmomail.net e.g. # grep -i 'invalid sender address format' Log | tai64nlocal Log /var/log/qmail/[EMAIL PROTECTED] Produces invalid sender address format for the TMOMAIL MMS email.. 2007-05-28 21:31:54.930953500 CHKUSER rejected sender: from \ 1805nnn/[EMAIL PROTECTED]:: remote mailx06.tmomail.net:unknown:66.94.9.236 \ I get the same thing when a user I have tries to send using his Tmobile phone. Whats happening is the / in the username; what chkuser is seeing is 1805nnn/[EMAIL PROTECTED] as the username. It doesn't like the slash. You can recompile chkuser to accept these, if you don't mind opening a security risk like that (actually, I'm not 100% positive you can allow a / or not...). Coincidentally, I just had this same issue come up. According to RFC 2822, a forward slash apparently is a valid character in an address - http://www.zvon.org/tmRFC/RFC2822/Output/chapter3.html#dot-atom. Am I reading this wrong? In the Chkuser documentation, http://www.interazioni.it/opensource/chkuser/documentation/chkuser_settings.html#MX_format_checking there is apparently an environment variable you can set called CHKUSER_ALLOW_SENDER_CHAR_xxx where you can tell it to allow certain characters, but a / isn't one of them. Did the original poster ever come up with a solution other than recompiling Chkuser? Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamassassin-toaster-3.2.0
On 5/26/2007 9:52 AM, slamp slamp wrote: anyone using this in production? any issues? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Yes, and No. Could just be me, but 3.2.0 seems to flag a lot more spam and at higher hits than 3.1.8. I haven't looked it detail to see what kinds of additional check are being done, though. The RPM from the devel site worked great on Suse 10.1. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] qmailtoaster and openSuse 10.1
I have used the script with open SuSE 10.1 several times with no problems. Adam On 12/27/2006 9:58 AM, Daniel Persson wrote: Is the skript on the qmailtoaster hompeage realy made for opensuse, what i can see its made for the non open Suse 10.1. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] SPF Logging
I have been dealing with what I finally determined were SPF violations for the past couple days and it has brought up the issue of SPF logging - or rather the lack there of. I have spfbehavior set to the default of 3. A particular client was attempting to send an email through a MX not listed in the SPF record for their domain. When the message came in to the Toaster server, I just see a successful connect and then disconnect in the smtp log, like this: @40004575d3a50d221d2c tcpserver: status: 1/100 @40004575d3a50d2516e4 tcpserver: pid 21638 from 204.239.136.10 @40004575d3a50d26b4f4 tcpserver: ok 21638 srv1:68.142.145.58:25 :204.239.136.10::28178 @40004575d3a9012a1e5c CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote shield3.vancity.com:unknown:204.239.136.10 rcpt : sender accepted @40004575d3aa1d4e53b4 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote shield3.vancity.com:unknown:204.239.136.10 rcpt : sender accepted @40004575d3ab22ad tcpserver: end 21638 status 0 @40004575d3ab22add49c tcpserver: status: 0/100 I could not figure out what was going on for awhile, and didn't think even look at SPF. What I finally ended up doing is have the client send a message through to another toaster that I manage, except it runs an install closer to QmailRocks. It also uses SPF, and has spfbehavior set to 3, but look at what I get in the smtp log: @400045770cbd2cfa7144 tcpserver: status: 1/30 @400045770cbd2cfa9854 tcpserver: pid 25637 from 204.239.136.10 @400045770cbe023817a4 tcpserver: ok 25637 mail.leezer.net:10.9.2.65:25 www.vancity.bc.ca:204.239.136.10::45145 @400045770cc1347d3f8c Received-SPF: fail (mail.leezer.net: SPF record at citizensbank.ca does not designate 204.239.136.10 as permitted sender) @400045770cc2225ed20c tcpserver: end 25637 status 0 @400045770cc2225ef14c tcpserver: status: 0/30 In this log, I could plainly see the SPF violation. I manage 5 QmailToaster servers and they all behave this same way, but my QmailRocks server logs SPF. So, my question is if there is a way to enable SPF logging in the QmailToaster? If not, would you consider using a different SPF patch in the future that does do logging? Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SPF Logging
Jake Vickers wrote: Adam Cantwell wrote: I have been dealing with what I finally determined were SPF violations for the past couple days and it has brought up the issue of SPF logging - or rather the lack there of. I have spfbehavior set to the default of 3. A particular client was attempting to send an email through a MX not listed in the SPF record for their domain. When the message came in to the Toaster server, I just see a successful connect and then disconnect in the smtp log, like this: @40004575d3a50d221d2c tcpserver: status: 1/100 @40004575d3a50d2516e4 tcpserver: pid 21638 from 204.239.136.10 @40004575d3a50d26b4f4 tcpserver: ok 21638 srv1:68.142.145.58:25 :204.239.136.10::28178 @40004575d3a9012a1e5c CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote shield3.vancity.com:unknown:204.239.136.10 rcpt : sender accepted @40004575d3aa1d4e53b4 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote shield3.vancity.com:unknown:204.239.136.10 rcpt : sender accepted @40004575d3ab22ad tcpserver: end 21638 status 0 @40004575d3ab22add49c tcpserver: status: 0/100 I could not figure out what was going on for awhile, and didn't think even look at SPF. What I finally ended up doing is have the client send a message through to another toaster that I manage, except it runs an install closer to QmailRocks. It also uses SPF, and has spfbehavior set to 3, but look at what I get in the smtp log: @400045770cbd2cfa7144 tcpserver: status: 1/30 @400045770cbd2cfa9854 tcpserver: pid 25637 from 204.239.136.10 @400045770cbe023817a4 tcpserver: ok 25637 mail.leezer.net:10.9.2.65:25 www.vancity.bc.ca:204.239.136.10::45145 @400045770cc1347d3f8c Received-SPF: fail (mail.leezer.net: SPF record at citizensbank.ca does not designate 204.239.136.10 as permitted sender) @400045770cc2225ed20c tcpserver: end 25637 status 0 @400045770cc2225ef14c tcpserver: status: 0/30 In this log, I could plainly see the SPF violation. I manage 5 QmailToaster servers and they all behave this same way, but my QmailRocks server logs SPF. So, my question is if there is a way to enable SPF logging in the QmailToaster? If not, would you consider using a different SPF patch in the future that does do logging? A patch for this and DK logging are in the works now. I think they're just in the testing phase. Now I need to go over to QMR and see what patches they're using. Thanks! All of the patches that QMR uses are written and/or put together by John Simpson. You can find his combined patch set at http://qmail.jms1.net/patches/combined.shtml Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SPF Logging
Adam Cantwell wrote: I have been dealing with what I finally determined were SPF violations for the past couple days and it has brought up the issue of SPF logging - or rather the lack there of. I have spfbehavior set to the default of 3. A particular client was attempting to send an email through a MX not listed in the SPF record for their domain. When the message came in to the Toaster server, I just see a successful connect and then disconnect in the smtp log, like this: @40004575d3a50d221d2c tcpserver: status: 1/100 @40004575d3a50d2516e4 tcpserver: pid 21638 from 204.239.136.10 @40004575d3a50d26b4f4 tcpserver: ok 21638 srv1:68.142.145.58:25 :204.239.136.10::28178 @40004575d3a9012a1e5c CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote shield3.vancity.com:unknown:204.239.136.10 rcpt : sender accepted @40004575d3aa1d4e53b4 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote shield3.vancity.com:unknown:204.239.136.10 rcpt : sender accepted @40004575d3ab22ad tcpserver: end 21638 status 0 @40004575d3ab22add49c tcpserver: status: 0/100 I could not figure out what was going on for awhile, and didn't think even look at SPF. What I finally ended up doing is have the client send a message through to another toaster that I manage, except it runs an install closer to QmailRocks. It also uses SPF, and has spfbehavior set to 3, but look at what I get in the smtp log: @400045770cbd2cfa7144 tcpserver: status: 1/30 @400045770cbd2cfa9854 tcpserver: pid 25637 from 204.239.136.10 @400045770cbe023817a4 tcpserver: ok 25637 mail.leezer.net:10.9.2.65:25 www.vancity.bc.ca:204.239.136.10::45145 @400045770cc1347d3f8c Received-SPF: fail (mail.leezer.net: SPF record at citizensbank.ca does not designate 204.239.136.10 as permitted sender) @400045770cc2225ed20c tcpserver: end 25637 status 0 @400045770cc2225ef14c tcpserver: status: 0/30 In this log, I could plainly see the SPF violation. I manage 5 QmailToaster servers and they all behave this same way, but my QmailRocks server logs SPF. So, my question is if there is a way to enable SPF logging in the QmailToaster? If not, would you consider using a different SPF patch in the future that does do logging? Jake Vickers wrote: A patch for this and DK logging are in the works now. I think they're just in the testing phase. Now I need to go over to QMR and see what patches they're using. Thanks! All of the patches that QMR uses are written and/or put together by John Simpson. You can find his combined patch set at http://qmail.jms1.net/patches/combined.shtml Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] qmailadmin quota management
Howdy, Does anybody have a good reason for why qmailadmin is compiled to allow postmaster accounts to change mailbox quotas, including changing them to unlimited? Seems to me that considering the way most people would use the toaster (hosting many domains), you would not want the postmasters to be able to modify quotas. Is there a way to change this ability in a setting somewhere I have missed without re-compiling qmailadmin? Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] qmailadmin quota management
David Sánchez Martín wrote: AFAIK you can limit also domain quotas (i don't use it) via vqadmin http://YOUTOASTERIP/mail/vqadmin/toaster.vqadmin?nav=view_domaindname=THEDO MAINYOUWANTTOLIMIT.COM. Is up to the postmaster of whatever domain what he can do with that quota. *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* | David Sanchez Martin | [EMAIL PROTECTED] Administrador de Sistemas| http://www.e2000.es E2000 Nuevas Tecnologias | | E2000 Organizacion de Empresarios|Tel : +34 902 19 61 77 Mediadores de Seguros | | Agustin Bravo Esquina Calle C| 33120 Pravia Asturias Spain | | *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* -Mensaje original- De: Adam Cantwell [mailto:[EMAIL PROTECTED] Enviado el: jueves, 16 de noviembre de 2006 12:27 Para: qmailtoaster-list@qmailtoaster.com Asunto: [qmailtoaster] qmailadmin quota management Howdy, Does anybody have a good reason for why qmailadmin is compiled to allow postmaster accounts to change mailbox quotas, including changing them to unlimited? Seems to me that considering the way most people would use the toaster (hosting many domains), you would not want the postmasters to be able to modify quotas. Is there a way to change this ability in a setting somewhere I have missed without re-compiling qmailadmin? Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Right, you can also do the same thing with vmoddomlimits. However, I have never had good luck with domain quotas. If you read the documentation from Inter7, they say that domain quotas are broken and that they don't ever have any plans to fix them. That is why I don't want to allow the postmasters to be able to modify quotas. Are domain quotas working correctly for others out there? Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spamassassin user preferences
Eric Shubes wrote: I'd like to see the basic toaster move in this direction. What will it take to make this happen? Mark Samples wrote: Quinn Comendant wrote: I also was wondering about this. With unix accounts + sendmail every user has their own SA config file at ~/.spamassassin/user_prefs. But with vpopmail I don't think SA knows where to look for the file. I think the best option is to move all SA configuration into MySQL and then it can be managed by the user via a web-based interface. Does anybody know how this works? I will check into it and report back. I use MySQL db configuration exclusively. No directory files, Squirrelmail, all userprefs can be controlled through Squirrelmail, and the db is dumped every night (BTW, all the addressbook stuff, is included in this dump). Quinn On Fri, 29 Sep 2006 11:17:30 -0700, Eric Shubes wrote: There is some user level control available in /var/qmail/control/simcontrol. You can vary the level at which spam is dropped (spam_hits setting). See http://wiki.qmailtoaster.com/index.php/Simscan I don't know if you can adjust the score at which something is considered spam or not though. Please let us know what you find out (and update the wiki accordingly!). ;) The score at which something is considered spam is set in /etc/mail/spamassassin/local.cf with the required_hits variable. The score at which spam is dropped is in /var/qmail/control/simcontrol with the spam_hits variable. To have spam flagged at 5.0 and dropped if = 6.0 set 'required_hits 5.0' in /etc/mail/spamassassin/local.cf and 'spam_hits=6.0' in /var/qmail/control/simcontrol. Then run /var/qmail/bin/simscanmk and restart SpamAssassin. Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] updated packages broke my qmail install
To view the timestamp in normal format, you would use tai64nlocal. So, you would do something like this for your smtp log: cat current | tai64nlocal | more Adam On 6/13/2006 12:19 AM, Ing-Long Eric Kuo (DraconPern) wrote: It seems to have worked. At least I got the test mail I sent just now. Now, the problem is notifying everyone who has sent an email and notifying them that they need resend it again. There's a time stamp in the log file. How do I convert that to an actual time? -Eric - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, June 13, 2006 12:44 AM Subject: Re: [qmailtoaster] updated packages broke my qmail install I just noticed something in the update.sh script (I've been working on all day) which could be your problem. There's an errant exit 0 near the end before the configuration files are restored, right after the Finished message. Take a look at your script. If you have the exit 0 statement there, try executing the commands after it to the end of the script. These commands should restore your configuration files, and restart qmail. (You might want to add a '-p' option to the cp commands). Let us know... HTH -Eric 'shubes Ing-Long Eric Kuo (DraconPern) wrote: I am having problems with the update script also. First, I had to manually compile and install libdomain and courier-authlib. After it's all installed, I can no longer receive any email. -Eric - Original Message - From: Nick Hemmesch [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Monday, June 12, 2006 9:13 PM Subject: Re: [qmailtoaster] updated packages broke my qmail install Hi, Did you verify that all the packages were build and installed properly? Please do: rpm -qa | grep toaster | sort rpm-list.txt And send ot to me right away. Regards, Nick I have centos 4.3. I used the upgrade script and hit yes for every package. I can't send/receive any e-mails. Please help! Requested action aborted: error in processing Server replied: 451 qq write error or disk full (#4.3.0) I get the error when using squirrelmail on the server itself or any e-mail client. I ran queue_repair.py thinking the queue is damaged and I have plenty of space. (don't mind my partition scheme) # df -h FilesystemSize Used Avail Use% Mounted on /dev/mapper/VolGroup00-LogVol00 109G 1.9G 102G 2% / /dev/hda1 99M 13M 82M 13% /boot none 252M 0 252M 0% /dev/shm - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] SuSE Support
OK, I have looked through the list archives and not been able to find anything about this. A few months ago, I noticed that SuSE 10 was added to the list of supported OS's for QmailToaster. This was great because we have (my employer) all of our production servers running SuSE and then had all of our mail servers running some RedHat variant because QmailToaster did not support SuSE. Since that time, I have installed three production mail servers with SuSE 10 and QmailToaster and was going to move two more over that way. Sometime within the last month, SuSE was removed from the list and the URL's /sus100 and /sus10064 have been removed. So, my question is, is this temporary, or is SuSE going to be supported with QmailToaster again in the near future? Why was it removed from the list? Any comments would be great. Thanks, Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SuSE Support
Great! Just what I wanted to hear. Thanks for your prompt reply. Adam On 6/7/2006 10:43 PM, Nick Hemmesch wrote: Hi Adam, This is temporary. This weekend we will have our SuSE 10.1 i586 and x86_64 packages available for download. We are nearing the end of our testing proceedure. Regards, Nick OK, I have looked through the list archives and not been able to find anything about this. A few months ago, I noticed that SuSE 10 was added to the list of supported OS's for QmailToaster. This was great because we have (my employer) all of our production servers running SuSE and then had all of our mail servers running some RedHat variant because QmailToaster did not support SuSE. Since that time, I have installed three production mail servers with SuSE 10 and QmailToaster and was going to move two more over that way. Sometime within the last month, SuSE was removed from the list and the URL's /sus100 and /sus10064 have been removed. So, my question is, is this temporary, or is SuSE going to be supported with QmailToaster again in the near future? Why was it removed from the list? Any comments would be great. Thanks, Adam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
