RE: [qmailtoaster] Odd msg numbers in /var/log/qmail/send/current

2018-01-17 Thread Dan McAllister - QMT DNS Admin 
There is nothing unusual about the message numbers: to essentially guarantee a 
unique number, Qmail uses the inode address (inode number) of the file as the 
message number.

Your inodes are being used and released as normal, and there are blocks the get 
reused over and over

 

Dan

 

From: Chris [mailto:boh...@gmail.com] 
Sent: Thursday, January 11, 2018 9:22 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] Odd msg numbers in /var/log/qmail/send/current

 

While tracing a message today, I noticed something weird.  A strange 
distribution of message numbers.  running this command:

grep 'end msg' /var/log/qmail/send/current  | awk '{print $4}' | sort | uniq -c 
| sort -n

I got this result, which indicates that I'm not getting an even distribution of 
msg numbers.   I know this isn't a case of some messages getting stuck in the 
queue and having repeated delivery attempts, because I checked for that.  
Anyone else notice this before?

  1 1169605
  1 485974
  1 485993
  1 485994
  1 518835
  1 598620
  1 598621
  1 598622
  1 598623
  1 871911
  2 871910
  3 522872
  3 598618
  3 598619
  4 598617
  5 518834
  5 598612
  5 598615
  6 485973
  7 485972
  7 485991
  7 598614
  8 485971
 10 485970
 11 598608
 12 485990
 12 598611
 13 485968
 13 598600
 14 518833
 14 598613
 15 485989
 16 598606
 16 598610
 17 403440
 17 485969
 17 485988
 21 598609
 33 518832
 41 485987
 47 485965
 51 485975
 53 485983
 54 485967
 55 485986
 59 485977
 60 485966
 61 485985
 87 598607
107 522877
163 160176
168 485978
171 485976
188 485984
240 485981
255 485979
268 598599
280 485982
290 526373
406 485980
559 536520
627 485963
770 160177
   1356 485964

RE: [qmailtoaster] dmarc implementation

2018-01-02 Thread Dan McAllister - QMT DNS Admin 
A couple of things:

1) The QMail DKIM solution works well -- EXCEPT when connecting to other QMail 
DKIM enabled systems, at which point it tends to disallow messages. No one has 
found a fix for this, to the standard is to keep DKIM turned OFF.

2) DMARC is not a security implementation like SPF or DKIM, it is more of a 
reporting and admin tool, the former being the original intent. Your DMARC 
settings tell other servers that they should send reports about failed connects 
to an email address. That way, should you misconfigure your DKIM or SPF 
settings and someone starts blocking your messages, you don't have to wait for 
USERS to complain to know about it!

Thus, DMARC is a purely DNS setting -- there is nothing to do in QMail to 
manage DMARC. If you follow the project lead and leave DKIM turned off, you 
simply indicate as such in your DMARC setting for your domain.

Finally, to my knowledge, only the "Big Guns" have implemented the email-server 
side of DMARC (that is, the side that generates reports and sends them). 
Hotmail/MSN/Outlook.com, Gmail, and Yahoo being the ones I've received reports 
from.

I hope this helps


Dan



-Original Message-
From: Rajesh M [mailto:24x7ser...@24x7server.net] 
Sent: Tuesday, January 2, 2018 1:21 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] dmarc implementation

Eric

2 questions please

Question 1)

the default qmail install points the symlink for qmailqueue to qmail-dk

which i have changed to

qmail-queue -> qmail-queue.orig

Do keep the same setting which is

qmail-queue -> qmail-queue.orig


Question 2)

Could you please send me the corresponding settings required in the tcp.smtp 
file ?

thanks,
rajesh



- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 2 Jan 2018 08:51:07 -0700
Subject: 

Hi Rajesh,

Thank you! I appreciate your sentiments and hope your New Year brings blessings 
of health and happiness as well.

This is a better link:

http://qmailtoaster.org/dkim.html

which will show you how to implement per domain.

Remember this is only signing messages going out. As of yet there is no dkim 
checking coming in, I'm looking into that.

Eric


On 1/2/2018 7:50 AM, Rajesh M wrote:
> eric,
>
> Wish you a wonderful New Year, full of health and happiness.
>
> I wish to implement  dmarc on my qmailtoaster servers
>
> i am using centos6 64 bit with the latest versions of qmailtoaster
>
> SPF is already being used on my server
>
> Concerning dkim, currently my  qmail-queue is symlinked to 
> qmail-queue.orig and not pointing to qmail-dk
>
> qmail-queue -> qmail-queue.orig
>
> could you please guide me on the implementation of DMARC
>
> i am planning to implement this for all the domains in my server.
>
> I saw this link while searching for a solution.
>
> https://github.com/qmtoaster/dkim
>
> Should i follow these steps as per the above link or would you like recommend 
> some other document.
>
> thanks as always,
> rajesh
>
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: 
> qmailtoaster-list-h...@qmailtoaster.com

--
Eric Broch
White Horse Technical Consulting (WHTC)




-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] Fail2ban for Squirrelmail.

2017-12-29 Thread Dan McAllister - QMT DNS Admin 
My understanding of SquirrelMail is old (limited) because so many of my users 
prefer the RoundCube (I offer both)... You get 1 if you go to mail.domain and 
the other if you go to webmail.domain

In any case, I will have to look but I thought SM didn't write system logs when 
users failed on auth... perhaps there is a way to turn that on?
Also, I will want/need a similar solution for RC

Thanks for sharing your config tho!

Dan

-Original Message-
From: CarlC Internet Services Service Desk [mailto:ab...@carlc.com] 
Sent: Friday, December 29, 2017 11:53 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] Fail2ban for Squirrelmail.

Dan,

I have it working showing the IP address:

In /etc/fail2ban/jail.conf:

# squirrelmail
[squirrelmail-iptables]
enabled  = true
filter   = squirrelmail
action   = iptables[name=SquirrelMail, port=http, protocol=tcp]
   sendmail-squirrelmail[name=SquirrelMail,dest=ab...@carlc.com, 
sender=ab...@carlc.com] # adjust logpath with Squirrelmail's squirrel_logger 
plugin log logpath  = /var/log/squirrelmail.log maxretry = 5


-Then in /etc/fail2ban/filter.d/squirrelmail.conf


[Definition]

failregex = ^ \[LOGIN_ERROR\].*from : Unknown user or password 
incorrect\.$

ignoreregex =

[Init]

datepattern = ^%%m/%%d/%%Y %%H:%%M:%%S

# DEV NOTES:
#
# Author: Daniel Black

For sendmail-squirrelmail in /etc/fail2ban/action.d, I copied 
sendmail-whois-lines.conf to sendmail-squirrelmail.conf and changed the very 
last line to:

# Path to the log files which contain relevant lines for the abuser IP # 
logpath = /var/log/squirrelmail.log

I hope this helps...
Carl


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] connection issues again.

2017-12-29 Thread Dan McAllister - QMT DNS Admin 
Indeed: my systems use fail2ban on both smtp-auth and imap-auth (which is how 
both squirrelmail and roundcube authenticate) -- the only issue is that you 
have to whitelist/exclude from the test the SquirrelMail server itself 
(127.0.0.1 usually).

I am not aware of (and would love to get info on) detecting the SOURCE IP out 
of squirrelmail or roundcube so I can block the ORIGIN IP for systems attacking 
thru the webserver.

Thanks

Dan



-Original Message-
From: CarlC Internet Services Service Desk [mailto:ab...@carlc.com] 
Sent: Friday, December 29, 2017 10:57 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] connection issues again.

Would FAIL2BAN be an ideal setup here? I use it to control the attacks 
[example: more than 10 failed logins in 1 day, your banned for "X" hours].

Fail2ban also works with the SquirrelMail, Roundcube, etc... I have it setup on 
SMTP, SMTPS, SUBMISSION, POP3s and IMAPs. You can also use FAIL2BAN for SSH and 
ftp. The part I like, you can have fail2ban to send you an email that looks 
like this:

example

The IP 202.62.224.40 has just been banned by Fail2Ban after
10 attempts against pop3.


Lines containing IP:202.62.224.40 in /var/log/maillog

Dec 28 21:49:59 mail7 spamdyke[978]: DENIED_RELAYING from: x...@tea.com to: 
eax...@yahoo.com origin_ip: 202.62.224.40 origin_rdns: solar.ortel.net auth: 
(unknown) encryption: (none) reason: (empty) Dec 28 21:50:24 mail7 
vpopmail[1202]: vchkpw-smtp: null password given Newsletter:202.62.224.40 Dec 
28 21:51:11 mail7 vpopmail[1263]: vchkpw-smtp: null password given 
Company:202.62.224.40 Dec 28 21:51:46 mail7 vpopmail[1324]: vchkpw-smtp: null 
password given root:202.62.224.40 Dec 28 21:52:58 mail7 vpopmail[1451]: 
vchkpw-smtp: null password given temp:202.62.224.40 Dec 28 21:53:18 mail7 
vpopmail[1492]: vchkpw-smtp: null password given Test:202.62.224.40 Dec 28 
21:54:22 mail7 vpopmail[1577]: vchkpw-smtp: null password given 
abuse:202.62.224.40 Dec 28 21:54:42 mail7 vpopmail[1598]: vchkpw-smtp: null 
password given MYSQL:202.62.224.40 Dec 28 21:55:16 mail7 vpopmail[1804]: 
vchkpw-smtp: null password given office:202.62.224.40 Dec 28 21:55:44 mail7 
vpopmail[1844]: vchkpw-smtp: vpopmail user not found customer@:202.62.224.40 
Dec 28 21:56:07 mail7 vpopmail[1870]: vchkpw-smtp: vpopmail user not found 
company@:202.62.224.40 Dec 28 21:56:50 mail7 vpopmail[1920]: vchkpw-smtp: 
vpopmail user not found testing@:202.62.224.40 Dec 28 21:57:19 mail7 
vpopmail[1961]: vchkpw-smtp: vpopmail user not found temp@:202.62.224.40 Dec 28 
21:57:39 mail7 vpopmail[1991]: vchkpw-smtp: vpopmail user not found 
test@:202.62.224.40 Dec 28 21:59:11 mail7 vpopmail[2288]: vchkpw-smtp: vpopmail 
user not found newsletter@:202.62.224.40 Dec 28 21:59:37 mail7 vpopmail[2473]: 
vchkpw-smtp: vpopmail user not found customer@:202.62.224.40 Dec 28 22:00:05 
mail7 vpopmail[2826]: vchkpw-smtp: vpopmail user not found 
company@:202.62.224.40 Dec 28 22:00:49 mail7 vpopmail[2888]: vchkpw-smtp: 
vpopmail user not found testing@:202.62.224.40 Dec 28 22:01:05 mail7 
vpopmail[2919]: vchkpw-smtp: vpopmail user not found postmaster@:202.62.224.40

end example

If needed, I can post a few fail2ban scripts but I'm pretty sure they are 
available on the web for qmail if you search for them.

Carl

-Original Message-
From: A. Galatis [mailto:a...@unet.de]
Sent: Friday, December 29, 2017 10:25 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: AW: [qmailtoaster] connection issues again.

Hi Tony,

i have a script counting authentification errors from ip-addresses.
If an address appears more then my threshhold it is blocked vi iptables.
The log where I count ist he usual maillog.

Andreas

-Ursprüngliche Nachricht-
Von: jin [mailto:jinhit...@gmail.com]
Gesendet: Freitag, 29. Dezember 2017 15:59
An: qmailtoaster-list@qmailtoaster.com
Betreff: Re: [qmailtoaster] connection issues again.

Hi Remo
Are using some kind of autonomous app/scrpt to block them ? If  so, what kind 
of app/script are you using for drop them ?

On 29 Dec 2017 5:19 p.m., "Remo Mattei"  wrote:


Yes I created some rules based on connection time like 30 sec 5 min 30 
min etc. Dropped them.

Il giorno 29 dic 2017, alle ore 06:07, Solo  ha scritto:

Hi Tony.

Yes I see a lot - in my logs I think it's those spammers that tries to
connect to Your server using a lot of different names and end up getting
refused by vpopmail - se my logwatch file below (all ip addresses match
log entries in maillog and vpopmail)

- vpopmail Begin 


No Such User Found:
   4f3c5634.2010906@ - 1 Time(s)
   abc@ - 1 Time(s)
   ada@ - 1 Time(s)
   agenda@ - 1 Time(s)
   am@ - 1 Time(s)
   benson@ - 1 Time(s)

[qmailtoaster] DNS services -- ATTN DNS MIRROR ADMINS!

2017-12-20 Thread Dan McAllister - QMT DNS Admin 
NOTE: 

 

If you are a QMailToaster DNS mirror, we need for you to make a change to
your configuration:

 

The OLD IP address of the master DNS server has changed (no longer 71..28)

The new and correct IP address is 47.206.57.8

 

Please update ASAP and email me here ( 
q...@it4soho.com) when you do!

 

Thanks,

 

Dan McAllister

RE: [qmailtoaster] Fwd: qmhandle

2017-02-17 Thread Dan McAllister - QMT DNS Admin 
I like Eric's collection there -- I couldn't do my job without qmlog! :)

Dan

-Original Message-
From: Eric Broch [mailto:ebr...@whitehorsetc.com] 
Sent: Friday, February 17, 2017 10:11 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Fwd: qmhandle

ftp://ftp.qmailtoaster.com/pub/qmail/CentOS7/qmt/plus/qmailtoaster-plus/bin/


On 2/17/2017 7:33 AM, Todor Petrov wrote:
> Hi all,
>
> Can someone tell me how you manage the queue in Centos 7 toaster. 
> There are qmqtool and qmHandle tools missing.
>
> Are there tools for queue management  integrated or should I install 
> them manually? In toaster - Centos 6 are all of management tools 
> integrated.
>
> Best regards,
>
> Todor
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: 
> qmailtoaster-list-h...@qmailtoaster.com
>

--
Eric Broch, IMSO, DAM, NGOO, DITH, URTS
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] Fwd: qmhandle

2017-02-17 Thread Dan McAllister - QMT DNS Admin 
Qmtool and qmhandle are part of what used to be QmailToasterPlus -- and are not 
"standard".
They are just scripts (and actually in need of some cleaning up -- they can be 
buggy in some cases).

Never the less, you can fetch copies from my file server if you like
http://mirror0.qmailtoaster.com/

Dan

PS: I just put those files out there -- there is a possibility they'll go away 
when the mirrors synch, and it so I'll just put them someplace else.  Let me 
know if they disappear



-Original Message-
From: Todor Petrov [mailto:tpet...@vmobile.eu] 
Sent: Friday, February 17, 2017 9:33 AM
To: qmailtoaster-list 
Subject: [qmailtoaster] Fwd: qmhandle

Hi all,

Can someone tell me how you manage the queue in Centos 7 toaster. There are 
qmqtool and qmHandle tools missing.

Are there tools for queue management  integrated or should I install them 
manually? In toaster - Centos 6 are all of management tools integrated.

Best regards,

Todor


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] SQwebmail

2017-02-13 Thread Dan McAllister - QMT DNS Admin 
Roundcube is the service most of my clients prefer.
It will work with either Courier or Dovecot
It can work side-by-side with other webmail options (that's how I determined
that my clients prefer RC -- I let them choose!

Dan

-Original Message-
From: CarlC Internet Services Service Desk [mailto:ab...@carlc.com] 
Sent: Sunday, February 12, 2017 10:42 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] SQwebmail

For our newer CentOS 7 qmail servers, does anyone have a recommended
procedure to build SQwebmail [and do we need to load Courier? I hope not].
We have squirrelmail working [thank you Eric], but wanted to see what other
webmail type applications we can load, and we have a few users who want to
stay with SQwebmail.

How about Roundcube?

Do these require rebuilding the qmail server [for example: Roundcube
requires --with-pdo-mysql]? Or is it as simple as "yum install roundcube"
and configure to your needs?

Again, Thanks in advance!
Carl




-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] SMTP run script

2017-02-10 Thread Dan McAllister - QMT DNS Admin 
The RUN file for SMTP is (or should be) nearly identical to the one for
SUBMISSION (and, if you're using it, SMTP-SSL).
The differences will be:
 - change port 587 to port 25 (note, your files may show "smtp" or
"submission" in the command line -- I prefer NOT to make it lookup those
values every time!)
 - turn off auth required (note: this is the REQUIRE_AUTH command

One final note: in MY files, I use DIFFERENT SpamDyke settings for each
(smtp, submission, smtp-ssl) -- so in MY case, that would be different too.

Dan McAllister

-Original Message-
From: pe...@peterse-uithuizen.com [mailto:pe...@peterse-uithuizen.com] 
Sent: Friday, February 10, 2017 7:21 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] SMTP run script

Hello all,

does anyone knows where to find a right copy of the script
/var/qmail/supervise/smtp/run?

I screwed the file by accident.

Regards,
Peter

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] question about qmailtoaster and + as a delimiter instead of the default - option

2017-02-03 Thread Dan McAllister - QMT DNS Admin 
Eric:

 

I’m about at my wits end on this server. I’ve tested the RAM, I’ve checked 
EVERYTHING I can think of… and to no avail.

As it turns out, the ripmime error ONLY shows up when an email is submitted to 
the SUBMISSION port and ONLY when SSL is invoked.

Whats more, it fails the submit job, rendering outside clients UINABLE to send 
messages (though internal clients are sending without incident)

 

I’m about to the point of ripping this thing out and migrating the client to a 
new service., but I was wondering if you’d be willing to remote in and look 
things over – maybe I’m missing something simple. (NOTE: This is an OLD config 
– courier and all!)

 

I’d be willing to pay you for your time – but I’ve gotta do SOMETHING with it 
this weekend. My client’s about to pull their hair out over this!

 

Thanks

 

Dan

 

727-213-2280 (my follow-me number – I’m on Eastern time – Florida – and am 
usually up until midnight, and awaken at about 8AM)

 

 

 

From: Eric Broch [mailto:ebr...@whitehorsetc.com] 
Sent: Friday, February 3, 2017 5:13 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] question about qmailtoaster and + as a delimiter 
instead of the default - option

 

Thanks for clearing it up Dan.

 

On 2/3/2017 3:11 PM, Dan McAllister - QMT DNS Admin wrote:

Just catching up on emails in this box, and have 4 notes on this topic:

1.  The dash being a delimiter is embedded inside of qmail. It was done so 
primarily to help the likes of the ezmlm group management system, but it comes 
in handy in TONS of ways. (For example, I use dan=ms@mydomain as my email at 
live.com so that when SPAM shows up in my inbox having been addresses to 
dan-ms@mydomain, I know that Microsoft has sold my email address (or leaked it 
in a data breach!)).
2.  You cannot change the delimiter in qmail unless you recompile the code. 
It’s not a variable that is set somewhere (AFIK). It’s OLD qmail.
3.  The qmail-users file is designed for use in old-qmail – but we (qmt) 
use qmail with vpopmail – so the folders are located differently. Just an FYI 
for when you go out and read some of the documentation for the format of that 
file.
4.  You CAN accomplish using + as a delimiter by using vpopmail aliases…. 
But that’s not likely what you want at all.

 

Dan

 

From: Eric Broch [mailto:ebr...@whitehorsetc.com] 
Sent: Friday, February 3, 2017 12:45 PM
To: qmailtoaster-list@qmailtoaster.com 
<mailto:qmailtoaster-list@qmailtoaster.com> 
Subject: Re: [qmailtoaster] question about qmailtoaster and + as a delimiter 
instead of the default - option

 

Perhaps,

This may help, although, honestly, I wouldn't know now how to implement it.

http://www.lifewithqmail.org/lwq.html#qmail-users

Eric

 

On 2/3/2017 10:33 AM, Eric Broch wrote:

Okay, I understand.

I'm not sure how to use a + instead of a -, easily in qmail.

 

On 2/3/2017 9:58 AM, Michiel van Es wrote:

Hi Eric, 

 

I don't want to create a new user but it should be all sent to the same mailbox.
For example test+t...@domain.ltd <mailto:test+t...@domain.ltd>  should go to 
the mailbox of user t...@domain.ltd <mailto:t...@domain.ltd> .

The good thing with the delimiter is that you can use 
user+websitewhereyouveboughtsomethin...@domain.ltd 
<mailto:user+websitewhereyouveboughtsomethin...@domain.ltd>  and it is always 
sent to the u...@domain.ltd <mailto:u...@domain.ltd>  mailbox where the user 
can filter the detail part and sent it to a subfolder and keep track on all 
those websites.

 

Cheers,

 

Michiel

 

2017-02-03 17:27 GMT+01:00 Eric Broch <ebr...@whitehorsetc.com 
<mailto:ebr...@whitehorsetc.com> >:

Hi Michiel

I have to admit that I know nothing about the delimiters in qmail, but as a 
test set up two accounts on my own server:

1) test+t...@mydomain.com <mailto:test+t...@mydomain.com> 

2) test-t...@mydomain.com <mailto:test-t...@mydomain.com> 

qmail accepted mail for both users.

Personally I use Maildrop, but have looked into using Sieve for Dovecot 
'triggered' by its own LDA, 'deliver' here:  
http://www.qmailtoaster.org/notes.html 

originally here: wiki: http://wiki.dovecot.org/LDA/Qmail

Eric

 

On 2/3/2017 9:04 AM, Michiel van Es wrote:

Hi Eric, 

 

Correct. I use sieve to filter on the detail part.

 

Cheers,

 

Michiel

 

2017-02-03 16:27 GMT+01:00 Eric Broch <ebr...@whitehorsetc.com 
<mailto:ebr...@whitehorsetc.com> >:

Hi Michiel,

Are you talking about an address like

test+t...@domain.tld <mailto:test+t...@domain.tld> 

as opposed to

test+t...@domain.tld <mailto:test+t...@domain.tld> 

?

Eric


On 2/3/2017 6:19 AM, Michiel van Es wrote:

Hi,

I am using Postfix/OpenSMTPD which use the + as delimiter which I can filter on 
with sieve (dovecot).
I know that the default delimiter in Qmail is - and if you want to change it, 
you have to recompile Qmail to use + as a delimiter.

My question is: is there an easy way

RE: [qmailtoaster] question about qmailtoaster and + as a delimiter instead of the default - option

2017-02-03 Thread Dan McAllister - QMT DNS Admin 
Just catching up on emails in this box, and have 4 notes on this topic:

1.  The dash being a delimiter is embedded inside of qmail. It was done so 
primarily to help the likes of the ezmlm group management system, but it comes 
in handy in TONS of ways. (For example, I use dan=ms@mydomain as my email at 
live.com so that when SPAM shows up in my inbox having been addresses to 
dan-ms@mydomain, I know that Microsoft has sold my email address (or leaked it 
in a data breach!)).
2.  You cannot change the delimiter in qmail unless you recompile the code. 
It’s not a variable that is set somewhere (AFIK). It’s OLD qmail.
3.  The qmail-users file is designed for use in old-qmail – but we (qmt) 
use qmail with vpopmail – so the folders are located differently. Just an FYI 
for when you go out and read some of the documentation for the format of that 
file.
4.  You CAN accomplish using + as a delimiter by using vpopmail aliases…. 
But that’s not likely what you want at all.

 

Dan

 

From: Eric Broch [mailto:ebr...@whitehorsetc.com] 
Sent: Friday, February 3, 2017 12:45 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] question about qmailtoaster and + as a delimiter 
instead of the default - option

 

Perhaps,

This may help, although, honestly, I wouldn't know now how to implement it.

http://www.lifewithqmail.org/lwq.html#qmail-users

Eric

 

On 2/3/2017 10:33 AM, Eric Broch wrote:

Okay, I understand.

I'm not sure how to use a + instead of a -, easily in qmail.

 

On 2/3/2017 9:58 AM, Michiel van Es wrote:

Hi Eric, 

 

I don't want to create a new user but it should be all sent to the same mailbox.
For example test+t...@domain.ltd   should go to 
the mailbox of user t...@domain.ltd  .

The good thing with the delimiter is that you can use 
user+websitewhereyouveboughtsomethin...@domain.ltd 
  and it is always 
sent to the u...@domain.ltd   mailbox where the user 
can filter the detail part and sent it to a subfolder and keep track on all 
those websites.

 

Cheers,

 

Michiel

 

2017-02-03 17:27 GMT+01:00 Eric Broch  >:

Hi Michiel

I have to admit that I know nothing about the delimiters in qmail, but as a 
test set up two accounts on my own server:

1) test+t...@mydomain.com  

2) test-t...@mydomain.com  

qmail accepted mail for both users.

Personally I use Maildrop, but have looked into using Sieve for Dovecot 
'triggered' by its own LDA, 'deliver' here:  
http://www.qmailtoaster.org/notes.html 

originally here: wiki: http://wiki.dovecot.org/LDA/Qmail

Eric

 

On 2/3/2017 9:04 AM, Michiel van Es wrote:

Hi Eric, 

 

Correct. I use sieve to filter on the detail part.

 

Cheers,

 

Michiel

 

2017-02-03 16:27 GMT+01:00 Eric Broch  >:

Hi Michiel,

Are you talking about an address like

test+t...@domain.tld  

as opposed to

test+t...@domain.tld  

?

Eric


On 2/3/2017 6:19 AM, Michiel van Es wrote:

Hi,

I am using Postfix/OpenSMTPD which use the + as delimiter which I can filter on 
with sieve (dovecot).
I know that the default delimiter in Qmail is - and if you want to change it, 
you have to recompile Qmail to use + as a delimiter.

My question is: is there an easy way to switch from the - delimiter to + so I 
can keep my current email addresses intact?

Cheers,

Michiel


-- 
Eric Broch, IMSO, DAM, NGOO, DITH, URTS
White Horse Technical Consulting (WHTC)
406.214.6802  


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com 
 
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com 
 

 





-- 
Eric Broch, IMSO, DAM, NGOO, DITH, URTS
White Horse Technical Consulting (WHTC)
406.214.6802  

 





-- 
Eric Broch, IMSO, DAM, NGOO, DITH, URTS
White Horse Technical Consulting (WHTC)
406.214.6802





-- 
Eric Broch, IMSO, DAM, NGOO, DITH, URTS
White Horse Technical Consulting (WHTC)
406.214.6802

RE: [qmailtoaster] Been away for a long while...

2016-11-09 Thread Dan McAllister - QMT DNS Admin 
Craig:

 

Yes on both counts – QMT utilizes the VPopMail add-on for virtual domains, and 
ezmlm is part of the default config.

 

Dan McAllister

 

 

From: Craig McLaughlin [mailto:craig.p.mclaugh...@gmail.com] 
Sent: Wednesday, November 9, 2016 3:10 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] Been away for a long while...

 

 

... can someone point me to an up to date project status?



... or just answer this question:

Does qmt handle virtual domains & ezmlm for same?

Thanks,

--Craig

RE: [qmailtoaster] Fetchmail install and configure on qmailtoaster system

2016-11-08 Thread Dan McAllister - QMT DNS Admin 
Apologies to the group – my outlook took eric’s email and applied the group 
address to it.

 

My bad (would belong on the developer group anyway!)

 

Dan

 

From: Dan McAllister - QMT DNS Admin [mailto:q...@it4soho.com] 
Sent: Tuesday, November 8, 2016 3:41 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] Fetchmail install and configure on qmailtoaster 
system

 

Eric:

 

I took a moment today and looked over your install scripts for QMT on COS 6 and 
noted you had a way to switch between BIND & Daniel’s DJBDNS… to that end, I 
have some thoughts. (I’m assuming you and I – and hopefully a 3rd – can start 
moving forward on re-setting this project in a forward motion!)

 

The use/presence of a DNS “server” in a QMT “server” was an issue Shubes and I 
went around and around on – the gist (from my perspective) being that we (as-in 
the QMT service) don’t need a DNS “server” so-to-speak, rather we need a fast 
and efficient DNS “resolver”. Along those lines, my default COS 6 install uses 
PowerDNS (pdns-recursor from EPEL), and I’ve found it to be REMARKABLY fast and 
light-weight.

 

I have a NUMBER of config settings I think you might agree make sense to be 
defaults. Here are some examples:

-  qmail-smtp on port 25 uses spamdyke to REMOVE SMTPAUTH (so users 
CANNOT submit mail on port 25)

-  qmail-smtp on port 587 is ENABLED by default, and ALLOWS encryption 
and REQUIRES login (SMTPAUTH)

-  qmail-smtp on port 465 is ENABLED by default, and REQUIRES both 
SMTPAUTH and encryption

-  POP and IMAP are enabled by default, but ONLY on the SSL ports (993 
& 993).

-  I install and enable BOTH squirrelmail (mail.domain.com) AND 
roundcube (webmail.domain.com) by default

 

NOTE: I still use COURIER IMAP – tho I’m trying to get into DoveCot on my next 
system.

 

 

More later

 

Dan

 

From: Eric Broch [mailto:ebr...@whitehorsetc.com] 
Sent: Monday, November 7, 2016 12:52 AM
To: qmailtoaster-list@qmailtoaster.com 
<mailto:qmailtoaster-list@qmailtoaster.com> 
Subject: Re: [qmailtoaster] Fetchmail install and configure on qmailtoaster 
system

 

If I understand you correctly here are some examples (just a little googling): 

Maildrop: https://bbs.archlinux.org/viewtopic.php?id=147058

Dovecot LDA:

poll  with proto POP3
user u...@domain.tld <mailto:u...@domain.tld>  there with pass 
options fetchall
mda "/usr/libexec/dovecot/deliver -d u...@domain.tld <mailto:u...@domain.tld> "
 
 
 
 

 

On 11/6/2016 10:16 PM, Chandran Manikandan wrote:

Dear Friends, 

 

I have running qmailtoaster in centos 6.6 system and kept in datacenter.

 

I am planning to keep one more server in our office with the same domain.

All the emails want to store both server with the same domain .

Is it possible to do fetchmail installation in my local office server to 
configure the same domain with the email accounts.

Anyone have the experience.

Could you help me to provide the installation and configuration steps.

-- 

Thanks, 

Manikandan.C

System Administrator

RE: [qmailtoaster] Fetchmail install and configure on qmailtoaster system

2016-11-08 Thread Dan McAllister - QMT DNS Admin 
Eric:

 

I took a moment today and looked over your install scripts for QMT on COS 6 and 
noted you had a way to switch between BIND & Daniel’s DJBDNS… to that end, I 
have some thoughts. (I’m assuming you and I – and hopefully a 3rd – can start 
moving forward on re-setting this project in a forward motion!)

 

The use/presence of a DNS “server” in a QMT “server” was an issue Shubes and I 
went around and around on – the gist (from my perspective) being that we (as-in 
the QMT service) don’t need a DNS “server” so-to-speak, rather we need a fast 
and efficient DNS “resolver”. Along those lines, my default COS 6 install uses 
PowerDNS (pdns-recursor from EPEL), and I’ve found it to be REMARKABLY fast and 
light-weight.

 

I have a NUMBER of config settings I think you might agree make sense to be 
defaults. Here are some examples:

-  qmail-smtp on port 25 uses spamdyke to REMOVE SMTPAUTH (so users 
CANNOT submit mail on port 25)

-  qmail-smtp on port 587 is ENABLED by default, and ALLOWS encryption 
and REQUIRES login (SMTPAUTH)

-  qmail-smtp on port 465 is ENABLED by default, and REQUIRES both 
SMTPAUTH and encryption

-  POP and IMAP are enabled by default, but ONLY on the SSL ports (993 
& 993).

-  I install and enable BOTH squirrelmail (mail.domain.com) AND 
roundcube (webmail.domain.com) by default

 

NOTE: I still use COURIER IMAP – tho I’m trying to get into DoveCot on my next 
system.

 

 

More later

 

Dan

 

From: Eric Broch [mailto:ebr...@whitehorsetc.com] 
Sent: Monday, November 7, 2016 12:52 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Fetchmail install and configure on qmailtoaster 
system

 

If I understand you correctly here are some examples (just a little googling): 

Maildrop: https://bbs.archlinux.org/viewtopic.php?id=147058

Dovecot LDA:

poll  with proto POP3
user u...@domain.tld   there with pass 
options fetchall
mda "/usr/libexec/dovecot/deliver -d u...@domain.tld  "
 
 
 
 

 

On 11/6/2016 10:16 PM, Chandran Manikandan wrote:

Dear Friends, 

 

I have running qmailtoaster in centos 6.6 system and kept in datacenter.

 

I am planning to keep one more server in our office with the same domain.

All the emails want to store both server with the same domain .

Is it possible to do fetchmail installation in my local office server to 
configure the same domain with the email accounts.

Anyone have the experience.

Could you help me to provide the installation and configuration steps.

-- 

Thanks, 

Manikandan.C

System Administrator

RE: [qmailtoaster] concerning updates to qmailtoaster

2016-07-28 Thread Dan McAllister - QMT DNS Admin 
Rajesh & Eric:

I find this thread particularly compelling -- I have 3 different "large" qmail 
servers, each of which hosts more than 20,000 users. One of the most difficult 
items to control is when one of my users gets infected with a "virus" (or other 
type of malware) that then abuses the fact that qmail itself (or, at least not 
QMT) doesn't validate the FROM header entry against the authentication 
credentials.

Years ago, when I spoke to Jake Vickers about it, he claimed it was essentially 
impossible, however since then I have to suspect it is very much possible -- 
because the CHKUSER log entries show (on a single line) the from and auth user 
data.

Not having the time to delve into CHKUSER arguments, I wrote a script that 
checks the CHKUSER entries in the log files and warns (and eventually suspends) 
users who send from different domains than what they logged in as. (I also use 
it to automatically throttle users who send too many emails -- SPAM! I allow 
only 250 SMTP connections a day. :)

It would be an AMAZING help to me if SpamDyke (or CHKUSER) would be able to 
DENY these fraudulent headers INSTANTLY... so let's keep looking at this, if 
you don't mind!

Thanks

Dan McAllister
IT4SOHO

PS: NOTE: It is NECESSARY for some users to be allowed to bypass this check 
(and SPF and other checks) -- in particular for backup mail servers who might 
queue up messages for a server while it is down and deliver them once back up.

-Original Message-
From: Rajesh M [mailto:24x7ser...@24x7server.net] 
Sent: Sunday, July 24, 2016 9:51 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] concerning updates to qmailtoaster

eric

i am using spamdyke5

a new spamdyke.conf was generated which i am using and the qmail services are 
working like normal

my idea was to block email ids where the reply-to (envelope sender) were 
different from authentication domain.

so in my config file i have this since as per spamdyke config it will go 
through all the aspects

reject-sender=not-local
reject-sender=authentication-domain-mismatch
reject-sender=no-mx

however in my thunderbird when using a different reply-to email id it does not 
work.

in whitelist_ip i have only one ip : 127.0.0.0.1

in my whitelist_senders i do  not have the sending domain listed

rajesh

- Original Message -
From: Eric [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 24 Jul 2016 11:57:17 -0600
Subject: 

Rajesh,

It would be just like any other RPM update. The RPM install will stop and start 
services. With Spamdyke, if you're upgrading to 5, you'll have to run a script 
(below) I provided, but until you run it you're toaster will be rejecting email 
(it only takes a second to run).

Remember if you have special settings in spamdyke.conf backup!


#!/bin/sh
sed -i \
-e 's/reject-missing-sender-mx/reject-sender=no-mx/g' \ -e 
's/rejection-text-missing-sender-mx/rejection-text-sender-no-mx/g' \ -e 
's/reject-identical-sender-recipient/reject-recipient=same-as-sender/g' \ -e 
's/rejection-text-identical-sender-recipient/rejection-text-recipient-same-as-sender/g'
 
\
-e 's/local-domains-file/qmail-rcpthosts-file/g' \ -e 
's/local-domains-entry=/#local-domains-entry=(Add these entries to 
qmail-rcpthosts-file)/g' \ -e 's/morercpthosts/qmail-morercpthosts-cdb/'g 
/etc/spamdyke/spamdyke.conf 

Eric

On 7/24/2016 5:32 AM, Rajesh M wrote:
> hi
>
> i am using qmailtoaster on centos 6
>
> the SRPMS i have are from the old qmail site and a few from 
> ftp.whitehorse
>
> my question was whether i can update dovecot, spamassassin and 
> spamdyke without causing intereference with existing working qmailtoaster, 
> similar to the manner in which i update clam.
>
> i would be shutting down the qmailserver during the updates
>
>
> thanks
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: 
> qmailtoaster-list-h...@qmailtoaster.com
>

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com




-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] temporarily disable a domain

2016-07-21 Thread Dan McAllister - QMT DNS Admin 
I never saw a reply to this, so I’ll pipe up here

 

When you “lose a domain” but need to keep “supporting” that domain (e.g. so 
users can still get to their old mail), the thing to do is to create a rule 
that forwards messages addressed to that domain to the correct server.

Step 1: Remove the domain from the list of LOCAL DOMAINS (see 
/var/qmail/control/[locals | rcpthosts | virtualdomains]

Step 2: Create a rule to forward mail for that domain to the correct server 
(entry in /var/qmail/control/smtproutes)

 

To explain:

In Step 1 we had to remove the local-delivery mechanism for .tv – that is, 
STOP processing mail received by SMTP as-if we were a valid server for that 
domain

In Step 2 we had to tell the server just what to do with mail from that domain. 
See our wiki (http://wiki.qmailtoaster.com/index.php/Smtproutes) for a full 
explanation of smtproutes, and know that QMT already includes the 
qmail-remote-auth patch mentioned

 

NOTES: 

-  If you still wish to receive mail for that domain, but just forward 
it to the other server, you can do so by restoring the entry in rcpthosts

-  If you are worried about SPF or other types of issues that this kind 
of forwarding can cause, create a “back channel” connection. This takes 
advantage of QMT’s allowing any authorized user to send mail as any user they 
want! To do this, just add account authentication on the end of the smtproutes 
entry.

 

I hope you find this useful

 

Dan McAllister

IT4SOHO

 

 

 

From: Jim Shupert [mailto:jshup...@pps-inc.com] 
Sent: Friday, July 15, 2016 5:21 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] temporarily disable a domain

 

Friends

I wish to temporarily disable or sever a domain on my qmailtoaster

I have 4 domains

.com
.com
.com
.tv   

and .tv is being moved ( maybe )

In truth
the folks who "are" .tv are having thier mail going to a 
rackspace mail providing service /server

so you could say i am losing them as a client ...
they have changed thier A record & the dns
But they are in the same bldging - the users are inside the same router / 
firewall.

( .tv  is a division of a master company that is .com )

my goal is to disable "my" .tv 
so that all the world sees the rackspace .tv 


I see under
Qmail Toaster Admin

http://mailhost..com/mail/vqadmin/toaster.vqadmin?nav=view_domain 

 =.tv

6 check boxes

Disable pop access   
Disable imap access   
Disable dialup access   
Disable change password   
Disable web access   
Disable email relay 

if I check  

Disable pop access   
Disable imap access 
( or all six )

and click   Modify Domain

will "my" .tv  effectively be "turned OFF"

and I could then , if i wish to , unCheck & Modify Domain there by turn it "on"


thanks

sorry this is a wacky Q

RE: [qmailtoaster] DMARC checking?

2016-07-21 Thread Dan McAllister - QMT DNS Admin 
LOL - Thanks for the "education" about DMARC :)

For the record, I depend heavily on DMARC records -- but 90% of mail servers 
that will even check for SPF, do so with the SPF record in mind, and not the 
DMARC one. As I asserted in my original message, only a few "big guns" are even 
looking at the DMARC records at all, much less providing the response 
mechanisms.

To my knowledge, the DMARC record cannot REPLACE the SPF record (they're both 
just TXT record lookups), but the DMARC record CAN tell a recipient server that 
you are interested in hearing about "bad mail" from your domain(s).
(Most SPF records end with a "~all" -- which is actually an indication that 
you're "just testing SPF" and creating a "soft fail" when it is violated. MY 
SPF records end with "-all" [that would be a DASH instead of a TILDE] -- which 
is an indication that we think we know what we're doing, and if It fails SPF, 
it should be considered a HARD FAIL... what you do with it after that is up to 
the recipient mail server. The supposition is that, someday, most will reject 
or discard HARD FAIL messages, but even in QMail, we have our own options (read 
up on SPF levels), so not everyone is playing by the same rules.)

Generally equivalent statements can be made about DKIM.

In NEITHER case have I seen any kind of documentation on what an organization 
is supposed to do if SPF says to HARD FAIL any disproven sender, but DMARC says 
not to... or the other way around!

So I repeat my assertion that the real VALUE of DMARC is in the back-reporting 
function which I will repeat has helped me numerous times to detect an 
issue BEFORE other mechanisms (like RBLs) have been triggered!

As you might expect, my servers & domains use SPF and DMARC -- and if we had 
better processing (long-standing bug) in QMAIL for DKIM, I would use it too!

Cheers!

Dan McAllister

PS: Perhaps when I retire in a few years I'll fix the DKIM processing and 
create DMARC processing for QMAIL :) 
Most on here don't know it, but I started in SW development tracking missiles 
at CCAFS!


-Original Message-
From: Eric [mailto:ebr...@whitehorsetc.com] 
Sent: Thursday, July 21, 2016 2:05 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] DMARC checking?

Dan,

This is from the DMARC website
(https://dmarc.org/wiki/FAQ#How_does_DMARC_work.2C_briefly.2C_and_in_non-technical_terms.3F):

"How does DMARC work, briefly, and in non-technical terms?"

"A DMARC policy allows a sender to indicate that their messages are protected 
by SPF and/or DKIM, and tells a receiver what to do if neither of those 
authentication methods passes – such as junk or reject the message. DMARC 
removes guesswork from the receiver’s handling of these failed messages, 
limiting or eliminating the user’s exposure to potentially fraudulent & harmful 
messages. DMARC also provides a way for the email receiver to report back to 
the sender about messages that pass and/or fail DMARC evaluation."

And:

"Why is DMARC needed?"

"End users and companies all suffer from the high volume of spam and phishing 
on the Internet. Over the years several methods have been introduced to try and 
identify when mail from (for example) IRS.GOV really is, or really isn’t coming 
from the IRS. However:

 These mechanisms all work in isolation from each other
 Each receiver makes unique decisions about how to evaluate the results
 The legitimate domain owner (e.g. IRS) never gets any feedback

DMARC attempts to address this by providing coordinated, tested methods for:

 Domain owners to:
 Signal that they are using email authentication (SPF, DKIM)
 Provide an email address to gather feedback about messages using their 
domain – legitimate or not
 A policy to apply to messages that fail authentication (report, 
quarantine, reject)

 Email receivers to:
 Be certain a given sending domain is using email authentication
 Consistently evaluate SPF and DKIM along with what the end user sees 
in their inbox
 Determine the domain owner’s preference (report, quarantine or
reject) for messages that do not pass authentication checks
 Provide the domain owner with feedback about messages using their 
domain

A domain owner who has deployed email authentication can begin using DMARC in 
“monitor mode” to collect data from participating receivers. As the data shows 
that their legitimate traffic is passing authentication checks, they can change 
their policy to request that failing messages be quarantined. As they grow 
confident that no legitimate messages are being incorrectly quarantined, they 
can move to a 'reject' policy."

It seems to me that the DMARC website indicates that not only is feedback 
provided for but a message policy (report, quarantine, reject) for failed 
authentication.

Correc

RE: [qmailtoaster] DMARC checking?

2016-07-20 Thread Dan McAllister - QMT DNS Admin 
I'm not sure what you mean by DMARC checking?
Generally, SPF is triggered by the existence of an appropriate DNS entry, while 
a DKIM check would be triggered by a DKIM signature in the header of the 
message.
The point of DMARC isn't to trigger any checking, it is to provide a FEEDBACK 
mechanism to senders whose domains may be being attacked or otherwise abused.
AFIK, only a few MAJOR mail providers are actively providing that feedback -- 
but even so, it's been EXTREMELY valuable to me as an ESP admin! They have 
helped me capture abuse far faster than otherwise possible!

So again, I'm not sure what you're asking for with regards to DMARC

Dan McAllister
IT4SOHO

-Original Message-
From: Eric [mailto:ebr...@whitehorsetc.com] 
Sent: Wednesday, July 20, 2016 12:44 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] DMARC checking?

Jaime,

I'm not sure. It can be run from the command line so I'm wondering if it could 
not be put in a .qmail/.mailfilter file or even implemented with 
Dovecot...somehow?

Eric


On 7/20/2016 9:07 AM, Jaime Lerner wrote:
> Is it possible to set up inbound DMARC checking on a QMT setup?

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] catch all account and the spam

2016-07-11 Thread Dan McAllister - QMT DNS Admin 
The CORRECT way to do this is to create the .qmail-default file with an entry 
that says:

|   /home/vpopmail/bin/vdelivermail   ‘’   delete

 

NOTE: Extra spaces added for readability on “variable width font” readers :)

You will find the DEFAULT entry says “bounce-no-mailbox” where I have delete 
above.

 

I haven’t been following this thread, but I assume you were using an email 
address instead of “bounce-no-mailbox” to create your catchall account? 

If not, that would be the appropriate way to do so.

 

Now I can’t just reply to HOW without adding my 2-cents worth as to why I think 
“bounce-no-mailbox” is the WORST of the options:

-  It allows spammers to “mine” your domain for “good” email addresses 
(which then get sold!)… how? Send a note to a...@yourdomain.com 
 , b...@yourdomain.com  
, etc. For each one that does NOT get a bounceback, you have a good address! 
SPAM IT!

-  Once your domain is “mature” (been around a few years), your 
“catchall” account will get thousands of emails a day – from spammers trying to 
mine your domain!

 

That means (to me, anyway) that you should DEFAULT to a “delete” policy… if 
they send to a bad email address… oh well, I guess they won’t get a reply! When 
they CHECK with the recipient, they’ll be able to figure it out. But in the 
few, rare instances where there needs to be SOMETHING done with badly addressed 
messages, a catchall account is superior to a “bounce-no-mailbox” option.

 

Those opinions are MINE. Feel free to share in them or oppose them – but their 
only value is the time you have invested in reading them, so treat accordingly.

 

Have a great day all!

 

Dan McAllister

IT4SOHO

 

QMT DNS Admin (or at least I WAS!)

 

 

 

From: Angus McIntyre [mailto:an...@pobox.com] 
Sent: Friday, July 8, 2016 9:49 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] catch all account and the spam

 

On Jul 7, 2016, at 1:10 PM, Jim Shupert  > wrote:

I am wondering what a "wise" method of doing the catch all account regarding 
spam might be

To limit the amount of spam that a standard user who is catch all (me for 
example )

I have created a usr named d...@mydom.com  
this "usr" has a quota of 40 MB … so it goes over quota in a day or so...
It is ,for the sake of argument , ALL spam.
what are you wise folk doing?

 

Because spammers will spam anything and everything — I have seen spam targeting 
‘email addresses’ that were obviously created by some scraper program so dumb 
that it thought a message ID (something like 
“122324313109.1231...@somedomain.com 
 ”) was an email account — I would 
question whether there’s any value in having a catch-all. Better to set up 
.qmail files for the addresses you actually want, and then just send everything 
else to /dev/null.

 

To do that, create a ‘.qmail-default’ file for your domain, enter a ‘#’ 
character on the first line, and then add one blank line after it.

 

If you think that you might some day get useful mail sent to a catch-all 
address, then you’ll probably want to do two things. 

 

One is to set up a cron job that just throws away everything in the catch-all 
account at regular intervals, so that you don’t go over quota and start 
bouncing mail.

 

The other is to use something like procmail to filter the mail coming into the 
catch-all. You can write two kinds of filters. One filter will throw away stuff 
that’s known to be spam (to prevent the mailbox overflowing, and to reduce the 
amount of mail you need to review manually). The other should look for 
particular keywords that indicate something that might be interesting to you, 
and divert that to one of your active mailboxes.

 

Also consider making use of Spamdyke features — for example, rejecting messages 
from domains without valid RDNS — to reduce the amount of spam you need to 
process.

 

Angus