Re: [qmailtoaster] email address formats... including /
Hello Jared Thanks for the quick reply Erik. Can I ask what the security precautions are? We're trying to see if it's going to be workable to allow it so one of our clients can email. Like I stated before, you can follow the chkuser stuff from the wiki to accomplish this. As far as the security implications, I'd look at this: http://www.lifewithqmail.org/lwq.html#dots-in-extensions G.4. qmail replaces dots (.) in extension addresses with colons (:). Another security feature. The purpose is prevent extension addresses from backing up the file tree using ... By replacing them with colons, qmail ensures that all .qmail files for a user are under their home directory. Documented in the dot-qmail man page. A / is just as interesting as a . as far as file system tree goes. Just to reiterate, we're trying to allow our customers to email outgoing to others with a / in their address, not necessarily allow incoming / addresses, nor create an email account with the / in it on our server. Hope that helps too.. Not sure that'd make a difference. As far as I know, the / in e-mail addresses are for internal only addressses in Domino. Usually there is a different internet address, as that is not an rfc allowed character for smtp.. I work in .gov and I've never had an issue sending or receiving from other agencies. We use the QmailToaster at work, they even paid me to work on it part time for a while last year. Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] GREYLISTING
I will put it there tonight. Erik On 2/9/07, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote: Btw, would be nice if this rpm can go to the devel site.. JP - Original Message - From: Philip Nix Guru [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, February 09, 2007 8:13 PM Subject: Re: [qmailtoaster] GREYLISTING Hello http://wiki.qmailtoaster.com/index.php/TCP_Server_limits_configuration You ll find the ucspi with the limit_patch link and the infos on how to setup the variables in your cdb file Cheers -Philip Erik Espinoza wrote: Hello Rajesh, Greylisting has many issues with newer smtp firewalls and spam appliances. As they do not have much space, they usually do not retry after receiving an error 4xx. As such we are not going to be including greylisting in the QmailToaster. That said, there is info on simple greylisting here: http://www.kabewm.com/?p=19 I believe someone on this list had released a concurrency limit per ip using tcpserver, instead of global. It will probably be a part of the QmailToaster soon. Thanks, Erik On 2/9/07, 24x7server [EMAIL PROTECTED] wrote: hi nowadays once every week or so we get an enormous number of spam hits which increases the number of concurrent incoming connections to around 250, causing too much load on server. reducing this figure means our clients suffer. normally concurrency incoming it is just 25 - 40 range. we are planning to use greylisting, searched and found quite a few websites providing patches a) can anybody point us to good working patch wherein we can have grey and whitelisting of ips known servers b) is there anybody who can share their experience using greylisting mechanism successfully with qmail toaster, problems faced by them if any. rajesh mahadevan - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] Bug Tracker/Feature Requests
Greetings, I have set up a new ticketing system, after the loss of the old mantis. It is available at http://devel.qmailtoaster.com/flyspray/ for all to use. Feel free to report bugs and feature requests here. Just remember the mailing list is for support, not the bug tracker. Any support issues opened on the bug tracker will be immediately closed. Thanks, Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] squirrelmail and submission port
Not really. When all connections are localhost, it doesn't really help. It does help big time for other machines. Erik On 2/8/07, Peter Peltonen [EMAIL PROTECTED] wrote: On 2/7/07, Erik Espinoza [EMAIL PROTECTED] wrote: I usually run imapproxy on the different host and all goes well. Looks like a useful thingie this imapproxy. Would it be useful to use the proxy even if Qmail and Squirrelmail are on the same server? If so and it works, speeds up things and is stable, I'd like to see it as a QMT RPM... Regards, Peter - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] email address formats... including /
Security wise that is a bad thing to allow, but you can follow the chkuser instructions on the wiki and put / as an allowed character. This will not become part of the standard install for the security implications. Erik On 2/8/07, Jared Markell [EMAIL PROTECTED] wrote: I'm sorry if this is on the list already, I'm just not sure how to even begin to look. Anyways, Does anyone know how to get qmail(toaster) to accept email addresses with / in it when users on the server try to send out to an address with one in it? Some governmental agencies use this in their email addresses. For instance.. abc/[EMAIL PROTECTED] and one of our customers has to email to that address. Thanks for any help you guys can provide. Jared - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] squirrelmail and submission port
Hi Slamp Eric, I have done this once, SM on a different host from QT. That was REALLY SLOW even on a 100mbps connection. So I just decided to implement proxy in apache and now it's alot faster. I usually run imapproxy on the different host and all goes well. Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] neat article
January 27, 2006 http://www.serverwatch.com/news/article.php/3580951 Page 2: Tips of the Trade You've probably heard the praises of Qmail, Professor Dan Bernstein's excellent MTA, and you may even have tried to set up a mail server with it. Chances are you found the documentation to be not entirely adequate, and community support not quite what it could be either. Any problems you encountered are not because you're not smart enough but because getting help is sometimes more difficult than it needs to be. Don't give up on Qmail yet because it is a great MTA. Bernstein claims it will move more messages on old weak hardware than any MTA on any platform, and he is so certain it is completely secure that he promises a $500 cash reward to anyone who can find a security flaw. To install and administer Qmail the easy way, take a look at Qmail Toaster. Qmail Toaster packages a complete mail server, based on Qmail, into easy-to-install RPM packages. You get everything you need: Webmail, anti-malware, a mailing list manager, IMAP and POP mail, encryption, a MySQL database backend, SPF (Sender Policy Framework) and a Web-based administration panel. There is even a Sendmail migration tool. An MS Exchange migration tool would make even more admins happy. Qmail Toaster works with Red Hat Linux, CentOS, Fedora, Mandriva, Trustix, and Open SUSE. It installs from source RPMs, so you can install it on other RPM-based systems by tweaking the spec files a bit. With the automated install you'll have a fully functioning mail server in a couple of hours or less. You may also install individual components manually, and take complete control of the installation. Qmail Toaster has no commercial support, but the mailing list is refreshingly civilized and helpful. In addition, every component of the server is standard free/open source software, and it has its own documentation and user communities. Carla Schroder writes the Tips of the Trade section of Enterprise Unix Roundup. She also appears on Enterprise Networking Planet and Linux Planet, covering Linux from the desktop to the server room. She is the author of the Linux Cookbook and the upcoming Linux Networking Cookbook. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] squirrelmail and submission port
Good point. Before it worked without authorization cuz I borked an init script that Jean-Paul found and fixed. But in the latest version on the devel site, you can't point to port 587. I'll update the default tcp.smtp to skip rbl's on localhost. Someone should put that in the wiki. ;) Erik On 2/7/07, Eric Shubes [EMAIL PROTECTED] wrote: That's my understanding, based on man rblsmtpd. So, is it better to run through port 25 with rbl transparent, or run though 587 with no rbl but with authorization? Wouldn't the authorization be unnecessary from SM on localhost? Bill Kwok wrote: Hi Slamp, Thank you for the clarification but sorry for my ignorance. If we have the *127.0.0.1:allow,RELAYCLIENT=,RBLSMTPD=* in tcp.smtp, will the RBLSMTPD process still be involved, but just return a pass status? Best regards, Bill On 2/8/07, *slamp slamp* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Thanks Erik for making the change in the future SM rpm. Bill, To me the real benefit of using the submission port is speed and reliability. The stock SM uses smtp to send mail and gets checked for RBLs. The reason the submission was added was to provide a way of sending without being checked for RBLs but still required to authenticate. Eric, I have done this once, SM on a different host from QT. That was REALLY SLOW even on a 100mbps connection. So I just decided to implement proxy in apache and now it's alot faster. On 2/7/07, *Jake Vickers* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Eric Shubes wrote: Now you've got me thinking, Bill. (which is sometimes dangerous!) For the stock toaster, you bring up a good point. What if I were an Enterprise type of user and wanted to run SM on a separate host from the toaster? How difficult would that be? Can the toaster be packaged in such a way as to make this easier, without 'hurting' the stock toaster? IOW, make them loosely (minimally) coupled? Look at the config.pl file for SM. It's in /usr/share/squirrelmail/config/ You should be able to edit all the functions, and tell it what IMAP server to utilize. I haven't messed with this in a long time, but you may also be able to adjust the port. So in theory, yes, you could use SM on a different server and just have it IMAP to your real mail server. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] squirrelmail and submission port
Hey Slamp, I was under the impression that Squirrelmail used /usr/sbin/sendmail to send mail, not smtp. Doesn't your config.php have $useSendmail = true; Erik The reason squirrelmail uses On 2/6/07, slamp slamp [EMAIL PROTECTED] wrote: Is there a reason why the default config of squirrelmail is not using the submission port? Is it really necessary for squirrelmail to be checked against RBL's? I found that squirrelmail is much faster (sending) when configured to use the submission port since it bypasses RBL checks. This also prevents the error Server replied: 354 when an RBL timeout occurs. BTW I just updated to the latest and greatest including the 3 devel packages and everything is perfect (knocks on wood). Thanks. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Can't locate Crypt/OpenSSL/Bignum.pm
I wish the stock toaster used RPMFORGE for perl modules. yum is so much easier (and you can tell what files belong to which package). ;) 1) Not all distros support yum 2) RPMForge doesn't support all distros we support 3) Crypt::OpenSSL::Bignum is a dep for Mail::DomainKeys and should have been installed automagically by CPAN. Sucks that CPAN isn't doing it's part of the equation. Thanks, Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] changing form djbdns to bind
I always recommend the use of forwarders. The DNS System only works because of all the caching, if everyone went to the root name servers for every query, we'd flood the system. I always install bind, bind-chroot caching-nameserver. I also change options to the following: options { directory /var/named; dump-file /var/named/data/cache_dump.db; statistics-file /var/named/data/named_stats.txt; forward only; forwarders { DNSIP1; DNSIP2; }; allow-recursion { 127.0.0.1; }; version Smart Ass Remark; }; Thanks, Erik On 2/4/07, Alexey Loukianov [EMAIL PROTECTED] wrote: Eric Shubes wrote: bind-chroot is excess (give a bit more security, but the setup is more complicated). Apparently I missed something (again). What's there to set up? I just install it and it runs. Back in times to RHEL2 it was required to do additional setup to get Bind chrooted correctly. I'm not sure that installing bind-chroot will do all the work required, but I hadn't used it since that old times though. It is more important to add to /etc/named.conf the following: to the options { }; clause: options { allow-transfer{ none; }; allow-notify { none; }; allow-recursion { 127.0.0.0/8; your-subnet/mask; }; version Mind your own business!; }; What does this do? Is it needed if the toaster's behind a firewall? How important is it? It restricts access to Bind only for specified subnets (important), refuses to allow IXRF zone transfers (not so important in case of just caching nameserver, but it wouldn't hurt anyway), and prevents hackers from querying the version of the Bing you've got (very important). Someone (EE I think) on the list a while back recommending forward first and forwarders for caching options too. It is just a matter of habbit. Caching nameserver can do all the recursion required to resolve a hostname by itself. But it can also use DNS servers specified by admin to do resolving (forwarders). It is up to admin to decide, which method to use. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Upgrade through qtp-newmodel Error
Hi ES, Without looking at the code in much detail, I can tell that the problem lies with version numbering. This routine assumes (erroneously) that packages have a version number that conforms to n.n.n-n.n.n format. While this is true for toaster packages, it's not true for other packages such as zlib which have both non-toaster and toaster versions. Why the toaster version of zlib isn't named zlib-toaster, I've no idea. I also don't know what the difference is between the toaster and non-toaster versions. I think it's safe to say that you probably want the toaster version though (that's what I'm running). The name is kept the same (sans toaster) because it is a dependency for so many packages. The reason we include it is because there are clamd issues with older versions of zlib. It is not installed unless necessary, for example on FC6 which ships with the same version of zlib, we don't install it when using the fc6 install script. If your toaster is not currently deployed (running live), the fix is easy. Simply # rpm -e --nodeps zlib to remove the existing package. The toaster's zlib should be automatically selected and installed, and away you go. I'd be careful of running this command, as you can be left with a broken system. Thanks, Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Upgrade through qtp-newmodel Error
Hey ES, Is there a specific version of zlib I can check for in qtp-newmodel (i.e. if zlib ?.?.?-?.? or better is installed, don't bother with the toaster version), so that it only asks for the toaster version when necessary? Execute this: rpm -q --queryformat %{name}-%{version}\n zlib Should come back with this: zlib-1.2.3 Now that I think of it though, rpmbuild might not work without it. EGADS! I suppose that it could always be yum'd back though, no? I never had to remove the current zlib package to upgrade. As far as yum, it may not work as zlib is required for rpm decompression. I'd be very careful when removing zlib. Thanks, Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Upgrade through qtp-newmodel Error
Correct. On 2/5/07, Eric Shubes [EMAIL PROTECTED] wrote: Erik Espinoza wrote: Hey ES, Is there a specific version of zlib I can check for in qtp-newmodel (i.e. if zlib ?.?.?-?.? or better is installed, don't bother with the toaster version), so that it only asks for the toaster version when necessary? Execute this: rpm -q --queryformat %{name}-%{version}\n zlib Should come back with this: zlib-1.2.3 So if it's 1.2.3 or better, we don't need the toaster version, right? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] cannot establish SMTP connection
That is giving you an error saying that delapp02.occa.state.ok.us, the mail server in charge of mail for oscn.net, didn't accept your mail. Basically the issue is at their end. Erik On 2/5/07, Steve Ingraham [EMAIL PROTECTED] wrote: Below is an error message one of my users received today. Can anyone explain to me what this means concerning the . . .wasn't able to establish an SMTP connection? Is this telling me there is an issue with our qmail toaster or that the receiving server has an SMTP problem? Thanks, Steve ___ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, February 05, 2007 12:59 PM To: Molly Reid Subject: failure notice Hi. This is the qmail-send program at dellapp02.occa.state.ok.us. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: Sorry, I wasn't able to establish an SMTP connection. (#4.4.1) I'm not going to try again; this message has been in the queue too long. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Installation problems
Hi ES, EE, what's up with Mandriva? Did we go back to the mdk10* numbers instead of the mdv20* numbers? Is Mandriva 2007 not available? Couldn't tell you. I've only done the port for FC6 and maintenance work. Perhaps Nick might be able to shed some light on this. Currently I test on CentOS 3, 4 and FC6 on 32-bit. I don't have the time to test on much else, nor the infrastructure. As far as I know, the web site is correct with mdk103. Thanks, Erk - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How do I use Outlook with submission?
Hey Trung, Just change /var/qmail/supervise/smtp/run and set REQUIRE_AUTH=1 to say export REQUIRE_AUTH=1. It's all this upgrade will do. On 2/5/07, Trung Pham [EMAIL PROTECTED] wrote: I changed the port to 587 and that seems to work. What is the recent fuss about the export REQUIRE_AUTH=1? I dont really want to update the qmail-toaster package. Scared of blowing the toaster up. Currently, my email server prevents people from sending email via outlook because of dynamic IP blacklist. I believe using submission port will get around this problem. And the recent toaster build has submission port. But I wasn't able to find any document showing how to set it up in outlook. Please give me some hint if you have successfully used submission port via outlook. Thanks. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How do I use Outlook with submission?
Correction, follow Jean-Paul's instructions. Mine will ruin your system. Erik On 2/5/07, Erik Espinoza [EMAIL PROTECTED] wrote: Hey Trung, Just change /var/qmail/supervise/smtp/run and set REQUIRE_AUTH=1 to say export REQUIRE_AUTH=1. It's all this upgrade will do. On 2/5/07, Trung Pham [EMAIL PROTECTED] wrote: I changed the port to 587 and that seems to work. What is the recent fuss about the export REQUIRE_AUTH=1? I dont really want to update the qmail-toaster package. Scared of blowing the toaster up. Currently, my email server prevents people from sending email via outlook because of dynamic IP blacklist. I believe using submission port will get around this problem. And the recent toaster build has submission port. But I wasn't able to find any document showing how to set it up in outlook. Please give me some hint if you have successfully used submission port via outlook. Thanks. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How do I use Outlook with submission?
No, I made a mistake in my instructions. Requiring auth on the smtp port is bad and will break everything. Jean-Paul sent the correct instructions. I answered off the top of my head, without double checking. My apologies. Thanks, Erik On 2/5/07, Trung Pham [EMAIL PROTECTED] wrote: Erik, Are you trying to be funny? Cuz you're confusing me. =P Correction, follow Jean-Paul's instructions. Mine will ruin your system. Erik On 2/5/07, Erik Espinoza [EMAIL PROTECTED] wrote: Hey Trung, Just change /var/qmail/supervise/smtp/run and set REQUIRE_AUTH=1 to say export REQUIRE_AUTH=1. It's all this upgrade will do. On 2/5/07, Trung Pham [EMAIL PROTECTED] wrote: I changed the port to 587 and that seems to work. What is the recent fuss about the export REQUIRE_AUTH=1? I dont really want to update the qmail-toaster package. Scared of blowing the toaster up. Currently, my email server prevents people from sending email via outlook because of dynamic IP blacklist. I believe using submission port will get around this problem. And the recent toaster build has submission port. But I wasn't able to find any document showing how to set it up in outlook. Please give me some hint if you have successfully used submission port via outlook. Thanks. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] toaster as internal relay.
Put ',SENDER_NOCHECK=1' at the end of the relayclient line for the internal ip addresses. On 2/5/07, slamp slamp [EMAIL PROTECTED] wrote: Hi list, I have different linux servers that are internal only but would like to use toaster as the relay. Basically I do not want any mail residing on the local linux servers. So far I've allowed the IP of my linux servers in tcp.smtp (same as 127 line) and able to relay to the toaster ONLY if I rewrite the from address. I do not want to rewrite because I would like to be able to tell where the mail is coming from (e.g. [EMAIL PROTECTED] instead of [EMAIL PROTECTED]). Below is the error message I get. 2007-02-05 19:39:38.952825500 tcpserver: status: 0/100 2007-02-05 19:40:44.788782500 tcpserver: status: 1/100 2007-02-05 19:40:44.788788500 tcpserver: pid 31891 from 192.168.1.3 2007-02-05 19:40:44.788791500 tcpserver: ok 31891 external.domain.com:192.168.1.4:25 :192.168.1.3::56139 2007-02-05 19:40:45.884438500 CHKUSER rejected sender: from [EMAIL PROTECTED]:: remote internal.lan.com:unknown:192.168.1.3 rcpt : invalid sender MX domain 2007-02-05 19:40:45.908143500 tcpserver: end 31891 status 0 FYI: I do not have an internal DNS where I could setup an MX record for internal.lan.com. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Upgrade through qtp-newmodel Error
Try copying the zlib binaries using wget or curl or something. Put them into the lib dir, then install the rpm. Erik On 2/5/07, David J. [EMAIL PROTECTED] wrote: - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, February 06, 2007 12:56 AM Subject: Re: [qmailtoaster] Upgrade through qtp-newmodel Error Erik Espinoza wrote: I'd be careful of running this command, as you can be left with a broken system. Eric Shubes wrote: That's why I asked if he was running live. ;) Now that I think of it though, rpmbuild might not work without it. EGADS! I suppose that it could always be yum'd back though, no? When zlib is not available, rpmbuild, rpm and yum cannot be executed. that was I encountered yesterday, untill I revive with other zlib source. Regards, David J. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Fwd: Re: [qmailtoaster] qtp-newmodel upgrade errors]
Yes. Dev is ready to go. Erik On 2/5/07, Eric Shubes [EMAIL PROTECTED] wrote: David J. wrote: Shubes wrote: Thanks for the Kudos, David. If it ain't fun, it's not worth doing. ;) FWIW, you can go ahead and get started with the upgrade. The downloads and compiles and such can run while the toaster's up. It'll get to a point where it'll tell you it's ready to do the update: session example The major portion of the install/upgrade process is now complete. You may rerun this script later and simply process the update. We are ready to do the update now. qmail will be stopped. Shall we continue? (yes, no|skip, batch, quit) [y] / n|s / b / q : q /session example Simply enter q to quit at this point. Then when you rerun qtp-newmodel later, it'll recognize everything that's already been done. Choose to reuse the existing sandbox, and it'll bring you right back to the same point rather quickly. The entire upgrade should take you less that 10 minutes at that point. Does the qmail-toaster and courier-authlib from development are fine to installed..?? Probably, but I can't vouch for them (haven't installed them yet myself). Do you feel lucky? ;) EE can tell you better than I can. We're working on getting change logging visibility improved. EE's very busy though. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
Other than it's the standard, no. Erik On 2/1/07, Peter Peltonen [EMAIL PROTECTED] wrote: Hi, On 2/1/07, George Sweetnam [EMAIL PROTECTED] wrote: I used to setup port 26 for customers (before submission and didn't use smtp auth's port) to get around isp's blocking port 25 to send (for our hosted customers off-net). I allow relaying for friendly ip's through submission, I still use this method: I run another smtp at port 2525 for authentication. Is there any reason I should change to using the submission port? Regards, Peter - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] DEVEL PACKAGE: courier-authlib
Greetings, I have released an updated courier-authlib package on the devel site (http://devel.qmailtoaster.com/). Feel free to download and update. The current round of packages will be moved from devel to stable later this week. I plan to add an updated qmailadmin within the week. Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] DEVEL PACKAGE: clamav-toaster
Greetings, I have just released a newer devel version of the clamav-toaster package. This is based on version 0.90rc3 and includes FixStaleSocket set to yes by default. This should allow recovery after a loss of power and a more efficient virus scanner than the old 0.88.x branch. This is available from the devel site (http://devel.qmailtoaster.com/). Thanks, Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[2]: [qmailtoaster] Controlling SMTP access to mail server.
A BSD admin that can take qmailtoaster and make it run on BSD can implmenet a firewall policy using ipf. I don't think having two tcp.smtp's is going to help, it doesn't seem to solve any problems we are having. Erik On 1/31/07, Alexey Loukianov [EMAIL PROTECTED] wrote: Greetings, Eric. 31 января 2007 г., 22:05:38 you have wrote: Alexey Loukianov wrote: Greetings, Erik. 31 ?? 2007 ?., 6:02:20 you have wrote: Separate tcprules file for submission port seems to me as a better approach. It keeps administration of QT flexible and unified, and also it is more cross-platforming way, as tcpserver works on any platform qmail can run on, while iptables is available only on linux systems based on kernels 2.4.x and later. Who cares? We don't even support Debian. . . :) Me, for example ;-D. A friend of mine, also a system engineer, administer small FreeBSD based cluster, and he uses QT in his setup. Accordingly to his words, it wasn't too hard to build and install RPM system on his BSD boxes, and then to correct specs so basic QT parts builds up and install successfully. Well, in any case we can always create tcp.submission ourselves, just like I do it for tcp.pop3 ;-D. But the laziness of sysadmin is the thing that makes me want tcp.submission to be included in stock toaster. I agree with Alexey on this. Besides which, wouldn't it be nice to have QT on BSD as well? I wonder if Alexey's friend would care to contribute in this area. It is not so easy, as BSD way is not to use RPMS, while main toaster advantage is it's RPM nature. A friend of mine came to BSD world from RedHad based linux distros, that is why he uses RPM even on BSD - it is just a matter of habbit. Well, it is still possible to port QT on BSD and distribute is as a bunch of tarballs if we will find some BSD geek who will want to maintenance it. But I don't think it is a urgent task for qt-dev team ;-D. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
ES, port 587 is all about SMTP-AUTH, meaning that tcprules shouldn't really matter as it's all done through auth. Port 25 doesn't require auth, therefore it would need independent control. What possible scenario would we need to control port 587 independently of port 25 and why? This seems like unnecessary complication, with no pay off at all. Erik On 1/31/07, Eric Shubes [EMAIL PROTECTED] wrote: Problem: controlling/configuring smtp and submission independently is difficult, if not impossible. Is there are reason why there *shouldn't* be separate tcprules files? I see no advantage to having them share the same one. Erik Espinoza wrote: A BSD admin that can take qmailtoaster and make it run on BSD can implmenet a firewall policy using ipf. I don't think having two tcp.smtp's is going to help, it doesn't seem to solve any problems we are having. Erik On 1/31/07, Alexey Loukianov [EMAIL PROTECTED] wrote: Greetings, Eric. 31 января 2007 г., 22:05:38 you have wrote: Alexey Loukianov wrote: Greetings, Erik. 31 ?? 2007 ?., 6:02:20 you have wrote: Separate tcprules file for submission port seems to me as a better approach. It keeps administration of QT flexible and unified, and also it is more cross-platforming way, as tcpserver works on any platform qmail can run on, while iptables is available only on linux systems based on kernels 2.4.x and later. Who cares? We don't even support Debian. . . :) Me, for example ;-D. A friend of mine, also a system engineer, administer small FreeBSD based cluster, and he uses QT in his setup. Accordingly to his words, it wasn't too hard to build and install RPM system on his BSD boxes, and then to correct specs so basic QT parts builds up and install successfully. Well, in any case we can always create tcp.submission ourselves, just like I do it for tcp.pop3 ;-D. But the laziness of sysadmin is the thing that makes me want tcp.submission to be included in stock toaster. I agree with Alexey on this. Besides which, wouldn't it be nice to have QT on BSD as well? I wonder if Alexey's friend would care to contribute in this area. It is not so easy, as BSD way is not to use RPMS, while main toaster advantage is it's RPM nature. A friend of mine came to BSD world from RedHad based linux distros, that is why he uses RPM even on BSD - it is just a matter of habbit. Well, it is still possible to port QT on BSD and distribute is as a bunch of tarballs if we will find some BSD geek who will want to maintenance it. But I don't think it is a urgent task for qt-dev team ;-D. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] UPDATE qmail-toaster-1.03-1.3.13.src.rpm URGENT
The package has been moved to the devel site. Thanks, Erik On 1/31/07, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote: Hi, This release fixes a mistake in the run script for the submission port. I suggest everyone using the submission port to upgrade asap to this release. Or to manualy change the run script by changing the line REQUIRE_AUTH=1 to export REQUIRE_AUTH=1 For now you can download the new rpm at : http://iserve01.i-serve.net/qmail-toaster-1.03-1.3.13.src.rpm JP - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] one question
Hey Daniel, Here is a link to a modified squirrelmail that may fit your need. http://sourceforge.net/projects/squirreloutlook/ In general this list is about the QmailToaster. We will try to help with other things, but Alexey was just letting you know that you may not find the info you seek on this list. Thanks, Erik On 1/31/07, Daniel R. Hdez [EMAIL PROTECTED] wrote: HI Alexey, I use QmailToaster, sorry for this, i no wirte any more here. Thanks - Original Message - From: Alexey Loukianov [EMAIL PROTECTED] To: Daniel R. Hdez qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 12:16 PM Subject: Re: [qmailtoaster] one question Greetings, Daniel. 31 ?? 2007 ?., 20:49:41 you have wrote: Exist any program that permit conect to mail server by httpmail with the client aoutlook, like to hotmail. You know, your question is a bit unrelated to QmailToaster, so I think that you will not get any valuable answer here. Well, who knows... -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
Nice suggestion, but seriously it's not worth us supporting more packages than we already support. Dag does a great job with his packaging, it'd be best to use his package if it works for you. We're concentrating on making a mail system as best as it can be. We're not trying to handle every aspect of the system you are running. That's for the admin to determine. Thanks, Erik On 1/31/07, Dan Page [EMAIL PROTECTED] wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Greylist for qmailtoaster
Hello PV Very basic greylisting available here: http://www.kabewm.com/?p=19 I recommend against greylisting in general as many spam appliances and firewalls that people use as proxies for their Exchange server (or other servers) do not handle error 4xx as temporary errors. Instead they kick back an error to the user and reject all mail from those sites. Sure they are not following the standard, but you're the one that's going to hear about it and deal with troubleshooting sites with little/no information. Thanks, Erik On 1/31/07, P.V.Anthony [EMAIL PROTECTED] wrote: Hi, I am thinking about trying out greylist for the qmailtoaster currently running on our server. I heard great reports from my friend who is using it on sendmail. Is there any patch that I could use and just compile only the smtp? Is that even possible? Or do I have to recompile everything? Then run the smtp-grey on another ip so that it can be tested on a domain to see if it works. I know I will have to add a MX record for the testing domain. Any advice is greatly appreciated. P.V.Anthony - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] one question
Definitely outside the scope of QmailToaster. That said: http://ypopsemail.com/ I don't know about Hotmail though. On 1/31/07, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote: I think he means he wants to access his mail by using a different connector then imap/pop3. Like there is a hotmail connector in outlook over http/https. I really doubt there is anything that does this , and also I see no good reason you would want it. JP - Original Message - From: Erik Espinoza [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 9:39 PM Subject: Re: [qmailtoaster] one question Hey Daniel, Here is a link to a modified squirrelmail that may fit your need. http://sourceforge.net/projects/squirreloutlook/ In general this list is about the QmailToaster. We will try to help with other things, but Alexey was just letting you know that you may not find the info you seek on this list. Thanks, Erik On 1/31/07, Daniel R. Hdez [EMAIL PROTECTED] wrote: HI Alexey, I use QmailToaster, sorry for this, i no wirte any more here. Thanks - Original Message - From: Alexey Loukianov [EMAIL PROTECTED] To: Daniel R. Hdez qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 12:16 PM Subject: Re: [qmailtoaster] one question Greetings, Daniel. 31 ?? 2007 ?., 20:49:41 you have wrote: Exist any program that permit conect to mail server by httpmail with the client aoutlook, like to hotmail. You know, your question is a bit unrelated to QmailToaster, so I think that you will not get any valuable answer here. Well, who knows... -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
ES, port 587 is all about SMTP-AUTH, meaning that tcprules shouldn't really matter as it's all done through auth. Port 25 doesn't require auth, therefore it would need independent control. This sounds to me like a good argument *for* separating them. The processes are inherently (naturally) different. Saying that tcprules shouldn't really matter for submission isn't really the case. It's true that there should essentially be no rules, but that's different. If you need to put constraints on MTA sessions, as Stephen needed to do (remember what started this thread?), they would be inappropriate for MSA sessions (which would need to be wide open), which causes a problem. I don't see how tcprules would fix Stephen's problem. He's basically ticked that spammers are hitting his hidden server directly. I say don't just hide it, firewall it. What possible scenario would we need to control port 587 independently of port 25 and why? Any time that an admin might need to control MTA traffic/access independently of MSA. The MSA rules would be simple and static (practically non existent, because SMTP-AUTH is handling everything, and would rarely need to change), while most of the tailoring (allowing only MTA from a limited set of servers, for instance) would exist in the MTA rules. This seems like unnecessary complication, with no pay off at all. I guess what you see as complication I see as simplicity. The payoff is being able to change MTA behavior without impacting the MSA. This is the same reason that MSA was separated to begin with, was it not? Show me one scenario where this would make sense? I can't think of one. Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Switching from pop3 to IMAP and how to backup e.mails archives
Yes , we have 4 sales manager who are often abroad and we recently bought blackberry devices with a wordlwide flatrate contract . What they want is to have a central repository .I mean , if they erase a msg while they are away (i.e with their blackberry) , they don't want to find it again on their desktop pc's once they are in the office. Buy Blackberry Enterprise Server. Thanks, Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamhaus - what do you think?
http://www.corpit.ru/mjt/rbldnsd.html On 1/30/07, Jake Vickers [EMAIL PROTECTED] wrote: Eric Shubes wrote: Jake Vickers wrote: Do you guys think a wiki page should be started so we can all help each other out to find a good mix to replace zen? I'd like to see some collaboration on RBLs in general. I suppose we could use the wiki in addition to this list. At this point I'd even be amicable to running a BL, so that it fit MY needs; it would be nice if it fit other people's needs as well. I took a quick peek on the 'net, but couldn't find anything that had any example scripts/submission pages to run your own BL. Guess I'll look some more later, but I'll probably end up just going with a new set of BLs to filter my connections. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spamassassin has problem in scanning
I'm using OpenProtect on my QmailToaster. Works beautifully. Erik On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: ashok wrote: Dear Alexey,, I did not install simscan-toaster bcoz it gave me some problems ,, So I have used openprotect with my qmail toaster. www.openprotect.com http://www.openprotect.com/ [ include SPAM + Virus filtering ] which can be easily integrated to qmail toaster. I'd be leery of straying this far from the stock toaster. What problem(s) did you have with simscan? I wouldn't expect much help with openprotect from this list. Does openprotect have a community for support? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spamassassin has problem in scanning
Updated rules, catches more of the stock spam and what not. It's nice. Read up at http://saupdates.openprotect.com/ Erik On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: Cool. What does it do that the stock toaster doesn't? Erik Espinoza wrote: I'm using OpenProtect on my QmailToaster. Works beautifully. Erik On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: ashok wrote: Dear Alexey,, I did not install simscan-toaster bcoz it gave me some problems ,, So I have used openprotect with my qmail toaster. www.openprotect.com http://www.openprotect.com/ [ include SPAM + Virus filtering ] which can be easily integrated to qmail toaster. I'd be leery of straying this far from the stock toaster. What problem(s) did you have with simscan? I wouldn't expect much help with openprotect from this list. Does openprotect have a community for support? -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Yahoo bulk seems SOLVED but Hotmail Junk PROBLEM
I just replace v=spf1 w/ spf2.0/mfrom and use the same line twice. Erik On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: Erik Espinoza wrote: As a Hotmail user I've always felt as though the Spam goes into the Inbox and the Good stuff is always in the Junk Folder. However, for my domain I have two txt records: $ host -t txt kabewm.com kabewm.com text spf2.0/mfrom mx ip4:12.168.80.34 ip4:216.31.139.108 ~all kabewm.com text v=spf1 mx ip4:12.168.80.34 ip4:216.31.139.108 ~all And Hotmail doesn't Junk Mail my stuff. Erik Is this the recommended practice then, to have a record for both SPF versions? If so, I can update the wiki (that page could use some work as it is). -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Yahoo bulk seems SOLVED but Hotmail Junk PROBLEM
ES, Take a look at my actual line by typing 'host -t txt kabewm.com' The first line is basically the same as the second, just one minor change. Althoiugh QmailToaster doesn't support spf2 (aka SenderID), but it doesn't matter since we're publishing both records. Erik On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: I see that. Is this the recommended practice? Because some servers haven't been updated to v2 yet? Erik Espinoza wrote: I just replace v=spf1 w/ spf2.0/mfrom and use the same line twice. Erik On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: Erik Espinoza wrote: As a Hotmail user I've always felt as though the Spam goes into the Inbox and the Good stuff is always in the Junk Folder. However, for my domain I have two txt records: $ host -t txt kabewm.com kabewm.com text spf2.0/mfrom mx ip4:12.168.80.34 ip4:216.31.139.108 ~all kabewm.com text v=spf1 mx ip4:12.168.80.34 ip4:216.31.139.108 ~all And Hotmail doesn't Junk Mail my stuff. Erik Is this the recommended practice then, to have a record for both SPF versions? If so, I can update the wiki (that page could use some work as it is). -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
Indeed, I'd run port 25 and iptables it so that only the scanning server can connect. Then force the users to use the standard port of 587 for outgoing smtp. Erik On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: Stephen Spicer wrote: Hello List, I have a small problem I though someone might have a solution for. I put an anti-spam server in front of our local qmail system and this is working pretty well, it has dropped the load on our qmail server drastically. The problem I'm having is spammers are sending email directly to our server bypassing the anti-spam server, I have tried a deny in /etc/tcpserver.d/tcp.smtp file but then we have problems with offsite customers connecting via smtp, I thought that smtp relay was supposed to get set if they have an authenticated account but apparently I'm not understanding fully how this is supposed to work. Sounds to me like you need two tcprules (tcp.smtp) files, one for port 25 (allowing connections from your anti-spam server and deny everything else), and a separate one for port 587 (submissions). In the present stock toaster, the two qmail-smtp processes share the same tcp.smtp.cdb (tcprules) file. I think you can simply configure a separate tcp.smtp.cdb (tcp.submit.cdb or some other name) file, one for each port. Then change the appropriate run file and qmailctl script accordingly. Someone will undoubtedly correct me here if this isn't right, or there's a better way. EE, it might not be a bad idea to create a separate tcprules file for submissions. I'm kinda surprised you didn't do this when you created the submission port. :( Anyway I need Mr. Toaster to receive smtp connections from customers local and off subnet and only except email from our anti-spam system, other than that I want all smtp rejected. I thought about adding a deny for the spammers that are sending directly to the qmail system but there are really to many. Thanks for any help/ideas, Stephen Do offsite -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spamassassin has problem in scanning
I haven't used rdj. Not planning on including in the stock toaster. I think any customization to SpamAssassin should be done by the admin. On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: Looks good. I think I'll add it to qtp, unless you're planning on including it in the stock toaster. Any thoughts on rules_du_jour vs openprotect? Erik Espinoza wrote: Updated rules, catches more of the stock spam and what not. It's nice. Read up at http://saupdates.openprotect.com/ Erik On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: Cool. What does it do that the stock toaster doesn't? Erik Espinoza wrote: I'm using OpenProtect on my QmailToaster. Works beautifully. Erik On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: ashok wrote: Dear Alexey,, I did not install simscan-toaster bcoz it gave me some problems ,, So I have used openprotect with my qmail toaster. www.openprotect.com http://www.openprotect.com/ [ include SPAM + Virus filtering ] which can be easily integrated to qmail toaster. I'd be leery of straying this far from the stock toaster. What problem(s) did you have with simscan? I wouldn't expect much help with openprotect from this list. Does openprotect have a community for support? -- -Eric 'shubes' -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
Hi Alexey, Separate tcprules file for submission port seems to me as a better approach. It keeps administration of QT flexible and unified, and also it is more cross-platforming way, as tcpserver works on any platform qmail can run on, while iptables is available only on linux systems based on kernels 2.4.x and later. Who cares? We don't even support Debian. . . :) Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How do you suspend an email box or several email boxes?
Change their passwords. Erik On 1/30/07, Edwin Casimero of Filipino Web [EMAIL PROTECTED] wrote: How do you suspend an email box or several email boxes? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Yahoo bulk seems SOLVED but Hotmail Junk PROBLEM
As a Hotmail user I've always felt as though the Spam goes into the Inbox and the Good stuff is always in the Junk Folder. However, for my domain I have two txt records: $ host -t txt kabewm.com kabewm.com text spf2.0/mfrom mx ip4:12.168.80.34 ip4:216.31.139.108 ~all kabewm.com text v=spf1 mx ip4:12.168.80.34 ip4:216.31.139.108 ~all And Hotmail doesn't Junk Mail my stuff. Erik On 1/29/07, bb. [EMAIL PROTECTED] wrote: I do not think so. But plus, i did those: SPF record Reverse DNS Check if IP is in black list. Seems thats all for Yahoo, may try in other Yahoo accounts to see results. But for Hotmail, i reffered to: http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx and checked our SPF if it is ok at: http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/default.aspx and emailed to HUMAN at microsoft, they wanted some info, checked and as result they said: Sender Score (www.senderscorecertified.com) is the only White Listing service to which we subscribe. and it seems we must pay hundereds of dollars per month but i am not sure, is there anyone who solved for free? --- Harry Zink [EMAIL PROTECTED] wrote: On Jan 29, 2007, at 10:42 PM, bb. wrote: We do not use domain keys. Our first emails were in Bulk folder but when we checked them as not spam, Yahoo learned and now they go to inbox (Even sender is not in adress book) For you - other recipients will still get them in spam inbox. --- Antoine De Saint-Exupery True happiness comes from the joy of deeds well done, the zest of creating things new. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] 8:00? 8:25? 8:40? Find a flick in no time with the Yahoo! Search movie showtime shortcut. http://tools.search.yahoo.com/shortcuts/#news - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] RELEASE PACKAGE: qmail-toaster, ucspi-tcp-toaster, simscan-toaster, control-panel-toaster
Greetings, I have finally moved the packages from devel to stable. The only package remaining in devel is the ClamAV. This is not due to the package being insecure or untrustworthy, but more because it is a Release Candidate. Once ClamAV 0.90 is released, I will make that the new stable package fairly quickly. Thanks, Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] overquota.msg typo again
I'll investigate Trac. I've used Mantis before and liked that. Erik On 1/28/07, Quinn Comendant [EMAIL PROTECTED] wrote: Typo in /home/vpopmail/domains/.overquota.msg: This user has exceeded there mail quota. there = their I've reported this before...but? It seems we could use a system for managing bugs tasks and issues. It could be as easy as adding an ISSUES page to the wiki, although it could become unmanageable quickly if there are more than a few items. I'd be more inclined to setup and use web-based issue-tracking software such as Trac www.edgewall.com/trac. We use that constantly here at Strangecode and it is awesome. Or even a hosted system like bugzilla. Whichever system is used it is essential of course that it *is* used consistently. If y'all think Trac is an aTractive option I'm happy to assist in installing or even hosting it on our servers (eg: trac.qmailtoaster.com). Quinn - Strangecode :: Internet Consultancy http://www.strangecode.com/ +1 530 624 4410 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SRS with multi frontend smtp
Hey Phil, Set SRS on the machine that has real users. If both machines have real users, set SRS up on both. Don't use the same srs_domain/srs_secret unless both machines are running in a clustered config. Erik On 1/27/07, Philip Nix Guru [EMAIL PROTECTED] wrote: Hello I was just thinking If you have lets say a couple of frontend smtp servers filtering emails before delivering (smtproute) to some other qtoaster machines holding your mailboxes. How would you implement SRS ? If you send an email with machine B (where you have mailboxes and srs configured), you change your envelope sender address of your outgoing message and if then the email gets bounced but goes through another smtp (frontend), machine A (the filtering machine) . How would that work ? You should set exactly same SECRET on all machines or by having smtproute configured for that domain the srs check would get by passed ? or maybe point srs.YOURDOMAIN mx record to the machine used for sending ? (if you got a few ... ?) Just wondering on the good setup in that kind of situation Thx -P - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] setting noreplace more in *-toaster.specs
These too are definitely config files (the .pre extension simply means they are loaded before other .cf files). 7 lines are different in mine than those distributed (i.e. I've enabled 7 plugins). A normal spamassassin upgrade with never overwrite files in /etc/mail/spamassassin, so we shouldn't either. These should definitely be tagged as noreplace in the spec file. Permanently. ;) I put all of my custom conifg in myconfig.cf. It's easier that way, just a thought. The wiki instructions for SURBL say to modify v310.pre to add the loading of URIDNSBL. Couldn't this be included in the stock toaster without changing its behavior (given the -L switch)? I think this would be desirable to have in the stock toaster. I'm not sure if URIDNSBL is enabled by -L. -L says to use only local rules, which *disables* URIDNSBL, along with other rules that require internet connectivity to operate. I believe this flag is intended for stand-alone SA implementations. I don't think it's generally a good option for the toaster. My guess is that it is intended to 'protect' a toaster that doesn't have caching DNS set up properly. -L has been removed as a default for a long time now. Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SRS with multi frontend smtp
Philip, I don't know how you have everything configured, so I can't tell you how to run your infrastructure. As far as multiple entries, I'd recommend doing srs1.yourdomain.com for the first box, srs2.yourdomain.com and srs3 and so forth. Unless they are running in a clustered configuration. Thanks, Erik On 1/27/07, Philip Nix Guru [EMAIL PROTECTED] wrote: Forgot one thing :) the srs.yourdoamin MX record should point to the server hosting the real users or it can point to the MX with the lower priorities ? and can you set as many MX entries as you want ? Thx again for the help Cheers -P Erik Espinoza wrote: Hey Phil, Set SRS on the machine that has real users. If both machines have real users, set SRS up on both. Don't use the same srs_domain/srs_secret unless both machines are running in a clustered config. Erik On 1/27/07, Philip Nix Guru [EMAIL PROTECTED] wrote: Hello I was just thinking If you have lets say a couple of frontend smtp servers filtering emails before delivering (smtproute) to some other qtoaster machines holding your mailboxes. How would you implement SRS ? If you send an email with machine B (where you have mailboxes and srs configured), you change your envelope sender address of your outgoing message and if then the email gets bounced but goes through another smtp (frontend), machine A (the filtering machine) . How would that work ? You should set exactly same SECRET on all machines or by having smtproute configured for that domain the srs check would get by passed ? or maybe point srs.YOURDOMAIN mx record to the machine used for sending ? (if you got a few ... ?) Just wondering on the good setup in that kind of situation Thx -P - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SRS with multi frontend smtp
Hey Phil, Sounds like you have the following config: real box - 3 scanners - Internet If this is correct, then only the real box needs srs setup. As far as the latest srs patch, we're already including it on the devel site. Marcelo and I are in communication about srs status. Erik On 1/27/07, Philip Nix Guru [EMAIL PROTECTED] wrote: Hi yes was thinking doing something similiar My concern is more the return bounced message, the outgoing signing process is trivial The setup I wanna add SRS support is 1 machine running a qtoaster based system, holding the real users, machine used by the same users to send emails.. Then there are 3 other qtoaster machines dedicated to only do the scanning and routing of the incoming mails once scanned , emails are smtprouted to that box mentioned previously I was wondering how the srs process handles that situation If you only set srs on the box with the real users and the mx to that same box .. it should work I was wondering if setting it aswell on the filtering machines could change its behavior I didnt find any infos on that sort of setup. On anothe note , a new version of the patch has been released http://opensource.mco2.net/download/qmail/qmail-srs-0.5.patch 2007-01-11 (0.5): * Added parameters srs_separator and srs_alwaysrewrite from libsrs2. just for the info :) Erik Espinoza wrote: Philip, I don't know how you have everything configured, so I can't tell you how to run your infrastructure. As far as multiple entries, I'd recommend doing srs1.yourdomain.com for the first box, srs2.yourdomain.com and srs3 and so forth. Unless they are running in a clustered configuration. Thanks, Erik On 1/27/07, Philip Nix Guru [EMAIL PROTECTED] wrote: Forgot one thing :) the srs.yourdoamin MX record should point to the server hosting the real users or it can point to the MX with the lower priorities ? and can you set as many MX entries as you want ? Thx again for the help Cheers -P Erik Espinoza wrote: Hey Phil, Set SRS on the machine that has real users. If both machines have real users, set SRS up on both. Don't use the same srs_domain/srs_secret unless both machines are running in a clustered config. Erik On 1/27/07, Philip Nix Guru [EMAIL PROTECTED] wrote: Hello I was just thinking If you have lets say a couple of frontend smtp servers filtering emails before delivering (smtproute) to some other qtoaster machines holding your mailboxes. How would you implement SRS ? If you send an email with machine B (where you have mailboxes and srs configured), you change your envelope sender address of your outgoing message and if then the email gets bounced but goes through another smtp (frontend), machine A (the filtering machine) . How would that work ? You should set exactly same SECRET on all machines or by having smtproute configured for that domain the srs check would get by passed ? or maybe point srs.YOURDOMAIN mx record to the machine used for sending ? (if you got a few ... ?) Just wondering on the good setup in that kind of situation Thx -P - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SRS with multi frontend smtp
SRS is just a rewriting scheme. It has no pass/fail, just rewrite conditions. No need to worry about rejectoins Erik On 1/27/07, Philip Nix Guru [EMAIL PROTECTED] wrote: Actually it is more : incoming : internet - scanners - real box if all scanners are down, internet - real box (lowest mx priority) outgoing : realbox - internet(on that setup, customers email arent scanned, we trust them in a way :) ) For instance with spf , all 4 servers can check if the sender's domain complies with the domain's stated policy. so mail can be dropped/ rejected by the scanners. I was wondering if srs could somehow drop a bounced message at the scanners level in that setup. Just curious .. couldnt find much infos about it Have a nice evening Erik and thx for the infos .. Erik Espinoza wrote: Hey Phil, Sounds like you have the following config: real box - 3 scanners - Internet If this is correct, then only the real box needs srs setup. As far as the latest srs patch, we're already including it on the devel site. Marcelo and I are in communication about srs status. Erik On 1/27/07, Philip Nix Guru [EMAIL PROTECTED] wrote: Hi yes was thinking doing something similiar My concern is more the return bounced message, the outgoing signing process is trivial The setup I wanna add SRS support is 1 machine running a qtoaster based system, holding the real users, machine used by the same users to send emails.. Then there are 3 other qtoaster machines dedicated to only do the scanning and routing of the incoming mails once scanned , emails are smtprouted to that box mentioned previously I was wondering how the srs process handles that situation If you only set srs on the box with the real users and the mx to that same box .. it should work I was wondering if setting it aswell on the filtering machines could change its behavior I didnt find any infos on that sort of setup. On anothe note , a new version of the patch has been released http://opensource.mco2.net/download/qmail/qmail-srs-0.5.patch 2007-01-11 (0.5): * Added parameters srs_separator and srs_alwaysrewrite from libsrs2. just for the info :) Erik Espinoza wrote: Philip, I don't know how you have everything configured, so I can't tell you how to run your infrastructure. As far as multiple entries, I'd recommend doing srs1.yourdomain.com for the first box, srs2.yourdomain.com and srs3 and so forth. Unless they are running in a clustered configuration. Thanks, Erik On 1/27/07, Philip Nix Guru [EMAIL PROTECTED] wrote: Forgot one thing :) the srs.yourdoamin MX record should point to the server hosting the real users or it can point to the MX with the lower priorities ? and can you set as many MX entries as you want ? Thx again for the help Cheers -P Erik Espinoza wrote: Hey Phil, Set SRS on the machine that has real users. If both machines have real users, set SRS up on both. Don't use the same srs_domain/srs_secret unless both machines are running in a clustered config. Erik On 1/27/07, Philip Nix Guru [EMAIL PROTECTED] wrote: Hello I was just thinking If you have lets say a couple of frontend smtp servers filtering emails before delivering (smtproute) to some other qtoaster machines holding your mailboxes. How would you implement SRS ? If you send an email with machine B (where you have mailboxes and srs configured), you change your envelope sender address of your outgoing message and if then the email gets bounced but goes through another smtp (frontend), machine A (the filtering machine) . How would that work ? You should set exactly same SECRET on all machines or by having smtproute configured for that domain the srs check would get by passed ? or maybe point srs.YOURDOMAIN mx record to the machine used for sending ? (if you got a few ... ?) Just wondering on the good setup in that kind of situation Thx -P - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED
Re: [qmailtoaster] SRS setting for second domain
You only configure srs once on your mail server. Those settings are used for every domain. Erik On 1/25/07, Trung Pham [EMAIL PROTECTED] wrote: How do I configure SRS for my second domain? echo srs.YOURDOMAIN /var/qmail/control/srs_domain echo SECRET /var/qmail/control/srs_secrets If I do that then it will replace the entry for my first domain. Thanks. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spf and domainkey settings in bind zone....newbie question probably
There is always xname or granitecanyon for free dns hosting. Erik On 1/24/07, Vince Callaway [EMAIL PROTECTED] wrote: I'm coming into this conversation a bit late. My clueless ISP has had me offline since last wed. Having nameservers outsourced is good if you have redundant servers out there. If you have everything running on a single connection it does not really matter if your dns stays up, you are already hosed. soapbox Personally I think ALL hosting/ISP services should provide dynamic DNS. The idea of static addresses should be reserved for data centers only. Using a static address for a single website or mail server is a waste of resources. /soapbox I'm using xpertdns.com for my nameservice. They charge $6.95 a year for 1 to 5 domains. The nameservers are in two geographically separated locations. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] question on install
Whoa that thing still works? I gotta redo it to include srs support later this week. Erik On 1/23/07, Gary [EMAIL PROTECTED] wrote: Hi guys, I have just installed the QT VMware appliance, which was successful. I am grateful to those who have put this out, and for putting out the toaster in general. It is a lot of hard work, especially keeping the patches straight:) . so thanks. In looking at the release notes on http://devel.qmailtoaster.com/info/QmailToaster.zip.html I have a couple of questions, since I am not familiar with vpopmail, as previously have used vmailmgr. I also have not used mysql.. Given this, how do I set my mysql root password? Also, how do I change the default password to the vpopmail database ? Thanks for your help. -- Regards, Glenn - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[2]: [qmailtoaster] question on install
Sure thing. As far as setting a mysql root password, simply type the following: mysqladmin -u root password 'newpassword' mysqladmin -u root -h `hostname -s` password 'newpassword' If the second one fails, don't worry about it. As far as the appliance, it is dated 10/1/06, but it was created much earlier. It took a while before I submitted this to the VMware site. Glad it worked for you. I believe the next one will work better. Erik On 1/23/07, Glenn [EMAIL PROTECTED] wrote: Hello Erik, gulp.. yah it still works :) The VMware appliance is dated 10/1/06, from their site. If you redo it, can you add in a CDrom on the appliance? Reason being, no cdrom dev is in that Centos version 4.3 final, so I cannot mount it to install VMware tools, which means I am limited to the size of the screen to as is, (currently very small), and it is very hard working with files, or reading logs or directories when it is that small. thanks Glenn Tuesday, January 23, 2007, 12:34:56 PM, you wrote: Whoa that thing still works? I gotta redo it to include srs support later this week. Erik On 1/23/07, Gary [EMAIL PROTECTED] wrote: Hi guys, I have just installed the QT VMware appliance, which was successful. I am grateful to those who have put this out, and for putting out the toaster in general. It is a lot of hard work, especially keeping the patches straight:) . so thanks. In looking at the release notes on http://devel.qmailtoaster.com/info/QmailToaster.zip.html I have a couple of questions, since I am not familiar with vpopmail, as previously have used vmailmgr. I also have not used mysql.. Given this, how do I set my mysql root password? Also, how do I change the default password to the vpopmail database ? Thanks for your help. -- Regards, Glenn - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[2]: [qmailtoaster] question on install
Yep, I have it bookmarked. Glad it worked for you. It should still work, but it will not know what to do with libsrs2-toaster. Once the current dev packages are moved onto the main site, it will fail to install as the libsrs2-toaster package is now a requirement. Erik On 1/23/07, Glenn [EMAIL PROTECTED] wrote: Hello Eric, This is the actual VMware appliance URL. I just can't believe how easy this install was for qmail and all the package goodies, including SquirrelMail, etc. Your scripts were perfect for all this http://www.vmware.com/vmtn/appliances/directory/579 Glenn Tuesday, January 23, 2007, 12:48:04 PM, you wrote: I'm not familiar with that installation. EE, can you answer his question? ;) Erik Espinoza wrote: Whoa that thing still works? I gotta redo it to include srs support later this week. Erik On 1/23/07, Gary [EMAIL PROTECTED] wrote: Hi guys, I have just installed the QT VMware appliance, which was successful. I am grateful to those who have put this out, and for putting out the toaster in general. It is a lot of hard work, especially keeping the patches straight:) . so thanks. In looking at the release notes on http://devel.qmailtoaster.com/info/QmailToaster.zip.html I have a couple of questions, since I am not familiar with vpopmail, as previously have used vmailmgr. I also have not used mysql.. Given this, how do I set my mysql root password? Also, how do I change the default password to the vpopmail database ? Thanks for your help. -- Regards, Glenn - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] greylisting warning
Hey Guys, I ran into a problem while testing a greylisting patch from Bill Shupp's site. Many of the new antispam appliances and certain firewalals are used as a smart host, so it looks as follows: Exchange - antispam appliance - QmailToaster Many of the antispam appliances are having issues with temporary 4xx errors, they will not retry later as per the standard. I've run into this a few times, and it's always tough to diagnose. Just thought I'd put out a notice that if you use greylisting, you may lose valid mail because of this. Buyer Beware Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
Done! On 1/23/07, Eric Shubes [EMAIL PROTECTED] wrote: EE, The firewall.sh script needs to be modified on the main site to allow port 587 for submission. Just a reminder. ;) Dan Herbon wrote: No I cannot telnet to port 587. ill look around. Thanks -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:47 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
That's what she said . . . Erik On 1/23/07, Eric Shubes [EMAIL PROTECTED] wrote: Gee you're fast! :) Erik Espinoza wrote: Done! On 1/23/07, Eric Shubes [EMAIL PROTECTED] wrote: EE, The firewall.sh script needs to be modified on the main site to allow port 587 for submission. Just a reminder. ;) Dan Herbon wrote: No I cannot telnet to port 587. ill look around. Thanks -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:47 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[2]: [qmailtoaster] Auth before RBL patch
Well said. Following the standard will simply ensure that everyone does the right thing. Erik On 1/23/07, Alexey Loukianov [EMAIL PROTECTED] wrote: Greetings, Sergey. 23 ?? 2007 ?., 21:48:21 you have wrote: Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Few bits for colleague in native language: Оно понятно, что народ будет лениться вместо 25 порта 587 прописывать по началу. Однако это уже принятый стандарт, есть соответствующие RFC, так что нам по любому с этим жить предстоит. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problem Mysql ( vpopmail user not found)
What happens when you restart mysql? On 1/23/07, Viscardi [EMAIL PROTECTED] wrote: Hello List ! log: Jan 23 16:17:52 smtp vpopmail[12061]: vchkpw-pop3: vpopmail user not found [EMAIL PROTECTED] My mysql stop and users not found ! Help me ! Fedora 4 install - Sun Jan 21 autorespond-toaster-2.0.4-1.3.2.src.rpm clamav-toaster-0.88.7-1.3.7.src.rpm control-panel-toaster-0.5-1.3.2.src.rpm courier-authlib-toaster-0.59-1.3.4.src.rpm courier-imap-toaster-4.1.2-1.3.6.src.rpm daemontools-toaster-0.76-1.3.2.src.rpm djbdns-1.05-1.0.3.src.rpm ezmlm-toaster-0.53.324-1.3.2.src.rpm isoqlog-toaster-2.1-1.3.2.src.rpm libdomainkeys-toaster-0.68-1.3.2.src.rpm libsrs2-toaster-1.0.18-1.3.2.src.rpm maildrop-toaster-2.0.3-1.3.4.src.rpm qmailadmin-toaster-1.2.9-1.3.3.src.rpm qmailmrtg-toaster-4.2-1.3.2.src.rpm qmail-toaster-1.03-1.3.10.src.rpm ripmime-toaster-1.4.0.6-1.3.2.src.rpm simscan-toaster-1.3.1-1.3.3.src.rpm spamassassin-toaster-3.1.7-1.3.6.src.rpm squirrelmail-toaster-1.4.9a-1.3.5.src.rpm ucspi-tcp-toaster-0.88-1.3.2.src.rpm vpopmail-toaster-5.4.13-1.3.3.src.rpm vqadmin-toaster-2.3.4-1.3.2.src.rpm zlib-1.2.3-1.0.3.src.rpm V I V A X - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] perl module mail::domainkeys
(IMHO) It'd be great if everything was rpm based, so CPAN wouldn't be necessary. I think EE might be working on that. I don't think I have the time or energy to handle rpm's for every perl module used by SpamAssassin for every distribution we support. For those that can, use RPMForge, for those distros not covered you'll have to use CPAN. That said, if you are on CentOS4 + RPMForge you can run this command: yum -y install autoconf automake automake17 bzip2 bzip2-devel compat-gcc-32 compat-gcc-32-c++ curl curl-devel expect expect-devel gcc gcc-c++ gdbm gdbm-devel gmp gmp-devel httpd httpd-devel krb5-devel krb5-libs libidn libidn-devel libtool mysql mysql-devel mysql-server mrtg openssh openssh-clients openssh-server openssl openssl-devel pcre pcre-devel php-imap php-mysql redhat-rpm-config rpm-build rpm-devel rpm-libs rpm-python sed setup stunnel which groff make diffutils pam-devel procmail ntp perl-DBD-MySQL perl-URI perl-Digest-HMAC perl-Net-DNS perl-Net-SSLeay perl-Net-Ident perl-Archive-Tar perl-Net-CIDR-Lite perl-libwww-perl perl-Socket6 perl-Filter perl-DBI perl-HTML-Tagset perl-Digest-SHA1 perl-HTML-Parser perl-Time-HiRes perl-IO-Socket-SSL perl-IO-Zlib perl-Sys-Hostname-Long perl-Mail-SPF-Query perl-LWP-UserAgent-Determined perl-IO-Socket-INET6 perl-Geography-Countries perl-IP-Country perl-Razor-Agent For all dependencies on CentOS 4.x. Thanks, Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problem: Mysql stop end user not found (vpopmail)
What happens when you start the MySQL Server back up? Erik On 1/23/07, Rodrigo [EMAIL PROTECTED] wrote: Help me Please ! Problem: Mysql stop end user not found (vpopmail) Jan 23 16:17:54 smtp vpopmail[12068]: vchkpw-pop3: vpopmail user not found [EMAIL PROTECTED] Fedora 4 Mysql 4.1.20 Install - Today January 23, 2007 2:47 PM autorespond-toaster-2.0.4-1.3.2.src.rpm clamav-toaster-0.88.7-1.3.7.src.rpm control-panel-toaster-0.5-1.3.2.src.rpm courier-authlib-toaster-0.59-1.3.4.src.rpm courier-imap-toaster-4.1.2-1.3.6.src.rpm daemontools-toaster-0.76-1.3.2.src.rpm djbdns-1.05-1.0.3.src.rpm ezmlm-toaster-0.53.324-1.3.2.src.rpm isoqlog-toaster-2.1-1.3.2.src.rpm libdomainkeys-toaster-0.68-1.3.2.src.rpm libsrs2-toaster-1.0.18-1.3.2.src.rpm maildrop-toaster-2.0.3-1.3.4.src.rpm qmailadmin-toaster-1.2.9-1.3.3.src.rpm qmailmrtg-toaster-4.2-1.3.2.src.rpm qmail-toaster-1.03-1.3.10.src.rpm ripmime-toaster-1.4.0.6-1.3.2.src.rpm simscan-toaster-1.3.1-1.3.3.src.rpm spamassassin-toaster-3.1.7-1.3.6.src.rpm squirrelmail-toaster-1.4.9a-1.3.5.src.rpm ucspi-tcp-toaster-0.88-1.3.2.src.rpm vpopmail-toaster-5.4.13-1.3.3.src.rpm vqadmin-toaster-2.3.4-1.3.2.src.rpm zlib-1.2.3-1.0.3.src.rpm Rodrigo - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Mysql stop end user not found
What happens when you start MySQL back up? On 1/23/07, Viscardi [EMAIL PROTECTED] wrote: Hello List ! Help me Please ! Problem: Mysql stop end user not found Jan 23 16:17:54 smtp vpopmail[12068]: vchkpw-pop3: vpopmail user not found [EMAIL PROTECTED] Fedora 4 Install - Today January 23, 2007 2:47 PM autorespond-toaster-2.0.4-1.3.2.src.rpm clamav-toaster-0.88.7-1.3.7.src.rpm control-panel-toaster-0.5-1.3.2.src.rpm courier-authlib-toaster-0.59-1.3.4.src.rpm courier-imap-toaster-4.1.2-1.3.6.src.rpm daemontools-toaster-0.76-1.3.2.src.rpm djbdns-1.05-1.0.3.src.rpm ezmlm-toaster-0.53.324-1.3.2.src.rpm isoqlog-toaster-2.1-1.3.2.src.rpm libdomainkeys-toaster-0.68-1.3.2.src.rpm libsrs2-toaster-1.0.18-1.3.2.src.rpm maildrop-toaster-2.0.3-1.3.4.src.rpm qmailadmin-toaster-1.2.9-1.3.3.src.rpm qmailmrtg-toaster-4.2-1.3.2.src.rpm qmail-toaster-1.03-1.3.10.src.rpm ripmime-toaster-1.4.0.6-1.3.2.src.rpm simscan-toaster-1.3.1-1.3.3.src.rpm spamassassin-toaster-3.1.7-1.3.6.src.rpm squirrelmail-toaster-1.4.9a-1.3.5.src.rpm ucspi-tcp-toaster-0.88-1.3.2.src.rpm vpopmail-toaster-5.4.13-1.3.3.src.rpm vqadmin-toaster-2.3.4-1.3.2.src.rpm zlib-1.2.3-1.0.3.src.rpm RodrigoV I V A X - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problem Mysql ( vpopmail user not found)
good. On 1/23/07, Rodrigo [EMAIL PROTECTED] wrote: The server return to function normal - Original Message - From: Erik Espinoza [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, January 23, 2007 11:01 PM Subject: Re: [qmailtoaster] Problem Mysql ( vpopmail user not found) What happens when you restart mysql? On 1/23/07, Viscardi [EMAIL PROTECTED] wrote: Hello List ! log: Jan 23 16:17:52 smtp vpopmail[12061]: vchkpw-pop3: vpopmail user not found [EMAIL PROTECTED] My mysql stop and users not found ! Help me ! Fedora 4 install - Sun Jan 21 autorespond-toaster-2.0.4-1.3.2.src.rpm clamav-toaster-0.88.7-1.3.7.src.rpm control-panel-toaster-0.5-1.3.2.src.rpm courier-authlib-toaster-0.59-1.3.4.src.rpm courier-imap-toaster-4.1.2-1.3.6.src.rpm daemontools-toaster-0.76-1.3.2.src.rpm djbdns-1.05-1.0.3.src.rpm ezmlm-toaster-0.53.324-1.3.2.src.rpm isoqlog-toaster-2.1-1.3.2.src.rpm libdomainkeys-toaster-0.68-1.3.2.src.rpm libsrs2-toaster-1.0.18-1.3.2.src.rpm maildrop-toaster-2.0.3-1.3.4.src.rpm qmailadmin-toaster-1.2.9-1.3.3.src.rpm qmailmrtg-toaster-4.2-1.3.2.src.rpm qmail-toaster-1.03-1.3.10.src.rpm ripmime-toaster-1.4.0.6-1.3.2.src.rpm simscan-toaster-1.3.1-1.3.3.src.rpm spamassassin-toaster-3.1.7-1.3.6.src.rpm squirrelmail-toaster-1.4.9a-1.3.5.src.rpm ucspi-tcp-toaster-0.88-1.3.2.src.rpm vpopmail-toaster-5.4.13-1.3.3.src.rpm vqadmin-toaster-2.3.4-1.3.2.src.rpm zlib-1.2.3-1.0.3.src.rpm V I V A X - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Error when trying to set a Domain Admin in VqAdmin. Anyone else seeing this? It is occuring on 2 new toaster installs. Thanks Ed
LOL! Glad someone thought it was funny. I was wondering if anyone noticed. Erik On 1/22/07, Alexey Loukianov [EMAIL PROTECTED] wrote: Erik Espinoza wrote: On 1/16/07, *Ed Morrison* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: *LAUGHING LOUDLY* Erik, you're awesome :). I propose to put a requirement on all the members of this list to send mails in png/jpg/tiff format ;-). -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] compile errors
ES, It's in the QmailToaster howto I sent you that I wanted you to peer-review Erik On 1/22/07, Eric Shubes [EMAIL PROTECTED] wrote: Will one of you guys please post the yum conf for DAG (dag.repo?) along with packages that should be yum'd? Erik Espinoza wrote: I too use the DAG/RPMForge rpm's for perl. Makes things a lot easier. Erik On 1/22/07, Alexey Loukianov [EMAIL PROTECTED] wrote: Vince Callaway wrote: While in general I would agree with you, but not in this case. Centos works fine with the exception of spamassassin. All the people that sent me the lint outputs only one showed all the modules functioning. Spamassassin is one of the key elements needed in the spam battle. That is not the critical difference to exchange the security and stability of RHEL-derivate with the 'bleeding-edge' Fedora testbox. Each distro is good for the things it had been produced for. That is why all of the servers I handle use RHEL3/4 or CentOS3/4, while my home desktop has god Fedora6 installed. To get all the modules of SA working on CentOS, the only thing you have to do is to use CPAN to install some perl extensions (bad way), or to use DAG's repos to fetch RPM with relevant perl modules already compiled and ready for use. Even more, it was newer a big challenge to write a RPM SPEC file for any CPAN module source and compile module yourself. I now have five fedora boxes running qmail-toaster, all are stable and spam free. Sorry, but I don't believe you ;-D. Such thing as 'SPAM-FREE' is only possible in case current email-protocols will get replaced somehow with more security related ones, with a guaranteed sender authentication. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SRS documentation?
My mistake, follow the documentation. Erik On 1/19/07, Buzzz [EMAIL PROTECTED] wrote: It is only necessary if your users choose to change their account routing from Normal to Forward in their acct. Say [EMAIL PROTECTED] forwards to [EMAIL PROTECTED] If I send an e-mail to [EMAIL PROTECTED], and my domain uses spf, then gmail will see an e-mail coming from your server from my domain. Since your server isn't authorized for my domain, then gmail will reject this as a spam. Basically if anyone forwards outside of the domain, then you should definitely setup srs. It takes 2 seconds (add 1 mx record and 1 line into /var/qmail/control/srs_domain). In general I'd recommend everyone do srs and spf whenever possible. Please let me understand how SRS should be configured from qmt view . The official documentation of SRS patch says: Configure your SRS domain. echo srs.YOURDOMAIN /var/qmail/control/rcpthosts echo srs.YOURDOMAIN:srs /var/qmail/control/virtualdomains echo | /var/qmail/bin/srsfilter /var/qmail/alias/.qmail-srs-default but you say: takes 2 seconds (add 1 mx record and 1 line into /var/qmail/control/srs_domain). In general I'd recommend everyone do srs and spf whenever possible. So ... i'm a little bit confused ... Could you please provide an official documentation which guide in the process of configuring SRC for qmail toaster ? thx - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SRS documentation?
srs.thephams.org.IN MX 10mail.thephams.org. Erik On 1/19/07, Trung Pham [EMAIL PROTECTED] wrote: What should the new MX record for BIND look like? My mistake, follow the documentation. Erik On 1/19/07, Buzzz [EMAIL PROTECTED] wrote: It is only necessary if your users choose to change their account routing from Normal to Forward in their acct. Say [EMAIL PROTECTED] forwards to [EMAIL PROTECTED] If I send an e-mail to [EMAIL PROTECTED], and my domain uses spf, then gmail will see an e-mail coming from your server from my domain. Since your server isn't authorized for my domain, then gmail will reject this as a spam. Basically if anyone forwards outside of the domain, then you should definitely setup srs. It takes 2 seconds (add 1 mx record and 1 line into /var/qmail/control/srs_domain). In general I'd recommend everyone do srs and spf whenever possible. Please let me understand how SRS should be configured from qmt view . The official documentation of SRS patch says: Configure your SRS domain. echo srs.YOURDOMAIN /var/qmail/control/rcpthosts echo srs.YOURDOMAIN:srs /var/qmail/control/virtualdomains echo | /var/qmail/bin/srsfilter /var/qmail/alias/.qmail-srs-default but you say: takes 2 seconds (add 1 mx record and 1 line into /var/qmail/control/srs_domain). In general I'd recommend everyone do srs and spf whenever possible. So ... i'm a little bit confused ... Could you please provide an official documentation which guide in the process of configuring SRC for qmail toaster ? thx - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SRS documentation?
looks like your domain is hosted by yahoo dns. You should be doing your records on that. On 1/19/07, Trung Pham [EMAIL PROTECTED] wrote: Can you give me a sample entry for the new MX record using BIND? I am still new with it. My mistake, follow the documentation. Erik On 1/19/07, Buzzz [EMAIL PROTECTED] wrote: It is only necessary if your users choose to change their account routing from Normal to Forward in their acct. Say [EMAIL PROTECTED] forwards to [EMAIL PROTECTED] If I send an e-mail to [EMAIL PROTECTED], and my domain uses spf, then gmail will see an e-mail coming from your server from my domain. Since your server isn't authorized for my domain, then gmail will reject this as a spam. Basically if anyone forwards outside of the domain, then you should definitely setup srs. It takes 2 seconds (add 1 mx record and 1 line into /var/qmail/control/srs_domain). In general I'd recommend everyone do srs and spf whenever possible. Please let me understand how SRS should be configured from qmt view . The official documentation of SRS patch says: Configure your SRS domain. echo srs.YOURDOMAIN /var/qmail/control/rcpthosts echo srs.YOURDOMAIN:srs /var/qmail/control/virtualdomains echo | /var/qmail/bin/srsfilter /var/qmail/alias/.qmail-srs-default but you say: takes 2 seconds (add 1 mx record and 1 line into /var/qmail/control/srs_domain). In general I'd recommend everyone do srs and spf whenever possible. So ... i'm a little bit confused ... Could you please provide an official documentation which guide in the process of configuring SRC for qmail toaster ? thx - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] reason: 554 : Relay access denied / Returned mail: see transcript for details
Set up MX records. On 1/17/07, Harry Zink [EMAIL PROTECTED] wrote: At this point, this problem is really paralizing, so I implore anyone for some help and assistance. Okay, this is a repeat, and a renewed effort to try to get to the bottom of this - I am starting to believe that there is something screwed up on my qmail toaster, as this odd behavior seems to have started around the same time I performed the last update - but that's speculation. Anyway, here's the scenario: QmailToaster installed on a Centos 4.4 box (frequently updated via yum) Pre-existing accounts work just fine. When creating a new domain (either via vqadmin, or vadddomain), and subsequently setting up new accounts using qmailadmin, the error below happens every single time when someone tries to send mail *TO* those accounts. Anyone else on the same server can send and receive mail from those accounts. Someone from an outside server, say Yahoo, dot-mac, or gmail, for example, will get the error message below back, claiming inability to deliver. Other domains and accounts on that same server, that existed previously, work just fine. Only new domains and accounts act that way. Essentially, it acts as if someone tried to relay through it, but in fact, how would that pop up if one is just sending mail, simply, from an outside account? Only additional piece of that puzzle might be that this is a separate mail server box, from the domain's web-server, and DNS server. Within the DNS record, it simply points properly to the IP of the web-server, and the one from the mail server - just as the others are doing. Is there something in DNS I should be checking out? Anyway, from Yahoo.com sent mail gets the error message below: [EMAIL PROTECTED]: 216.193.231.146 does not like recipient. Remote host said: 554 [EMAIL PROTECTED]: Relay access denied Giving up on 216.193.231.146. All other accounts get the error message as follows: Begin forwarded message: From: Mail Delivery Subsystem [EMAIL PROTECTED] Date: January 17, 2007 11:30:23 PM PST To: [EMAIL PROTECTED] Subject: Returned mail: see transcript for details The original message was received at Wed, 17 Jan 2007 23:30:23 -0800 (PST) from smtpin05-en2 [10.13.10.150] - The following addresses had permanent fatal errors - [EMAIL PROTECTED] (reason: 554 [EMAIL PROTECTED]: Relay access denied) - Transcript of session follows - ... while talking to realasia-services.com.: DATA 554 [EMAIL PROTECTED]: Relay access denied 554 5.0.0 Service unavailable 554 Error: no valid recipients Reporting-MTA: dns; smtpout.mac.com Received-From-MTA: DNS; smtpin05-en2 Arrival-Date: Wed, 17 Jan 2007 23:30:23 -0800 (PST) Final-Recipient: RFC822; [EMAIL PROTECTED] Action: failed Status: 5.0.0 Remote-MTA: DNS; realasia-services.com Diagnostic-Code: SMTP; 554 [EMAIL PROTECTED]: Relay access denied Last-Attempt-Date: Wed, 17 Jan 2007 23:30:23 -0800 (PST) From: Harry Zink [EMAIL PROTECTED] Date: January 17, 2007 11:30:20 PM PST To: Dr. Harald K. Zink [EMAIL PROTECTED] Subject: new test (from mac.com) - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Update Simscan Error Package.
Since you are using the devel clamav, try using the devel simscan package. It has a fix for this exact problem. Erik On 1/14/07, Wiliarto Prio Utomo [EMAIL PROTECTED] wrote: I tried to update simscan-toaster package. But, when rebuild package of simscan-toaster-1.2-1.3.1.src.rpm had error : configure: error: Unable to find your clamav databases, specify --enable-clamavdb-path. error: Bad exit status from /var/tmp/rpm-tmp.34058 (%build) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.34058 (%build) My old simscan : simscan-toaster-1.1-1.2.6 I Think, this packages conflict with Clamav packages. clamav-toaster-0.90rc2-1.3.8. So, How can I update simscan packages..? Warm Regards Tommy - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] qtp-newmodel upgrade errors
rpm -e --nodeps courier-authlib-toaster yum install libtool-ltdl-devel libtool-ltdl rpm -Uhv courier-authlib-toaster-NEW.rpm On 1/18/07, Dan Herbon [EMAIL PROTECTED] wrote: The log now states: - Installing courier-authlib-toaster-0.59-1.3.4 in the sandbox ... error: Failed dependencies: libltdl.so.3 is needed by courier-authlib-toaster-0.59-1.3.4.i686 - I then attempt to 'yum install libtool-ltdl.i386' which contains libltdl.so.3 and then I get: - --- Package libtool-ltdl.i386 0:1.5.22-2.3 set to be updated -- Running transaction check -- Processing Conflict: courier-authlib-toaster conflicts libtool-ltdl -- Finished Dependency Resolution Error: courier-authlib-toaster conflicts with libtool-ltdl - -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Thursday, January 18, 2007 12:15 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] qtp-newmodel upgrade errors Dan Herbon wrote: - libsrs2-toaster-1.0.18-1.3.2 is already installed in sandbox, not built qmail-toaster-1.03-1.3.10 is already installed in sandbox, not built Building courier-authlib-toaster-0.59-1.3.4 ... error: unpacking of archive failed on file /usr/src/redhat/SOURCES/courier-authlib-0.59.tar.bz2;45af8f5d: cpio: read error: /usr/src/qtp-upgrade/SRPMS/courier-authlib-toaster-0.59-1.3.4.src.rpm cannot be installed Installing /usr/src/qtp-upgrade/SRPMS/courier-authlib-toaster-0.59-1.3.4.src.rpm - I am running Fedora Core 5. All patches, etc. Anyone have any idea what could be causing this to fail? Thanks. Dan Out of disk space? (just a guess) # df Corrupted download? # md5sum courier-authlib-toaster-0.59-1.3.4.src.rpm 51d46db59287bce41d49a4de0246c370 courier-authlib-toaster-0.59-1.3.4.src.rpm # md5sum courier-authlib-0.59.tar.bz2 dbfc58a17149fd0f8c0983662ecc8ba8 courier-authlib-0.59.tar.bz2 If you can't free up enough disk space, (re)building a linked sandbox might help (depending on how your toaster's partitioned). -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Yahoo bulk folder and domainkeys
Put your IP in this: http://www.robtex.com/rbls.html See if you are on any of the RBL's. Perhaps Yahoo's scoring you very low because you're on a list. Erik On 1/18/07, Trung Pham [EMAIL PROTECTED] wrote: I have setup my domain key correctly. But yahoo still puts my mail in the Bulk Folder even though they confirmed my domainkey setting. Yahoo! DomainKeys has confirmed that this message was sent by .com. I have static IP business line BTW. If they have confirmed my domain, why do they still put it in the Bulk Folder? Thanks. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Yahoo bulk folder and domainkeys
Find a way to contact Yahoo!. The problem is on their side. For hotmail, you can go to support.msn.com and report mislabeled spam. I'd imagine Yahoo has something similar. You can also try going here: http://www.robtex.com/rbls.html and seeing if you are listed on any of the rbl's that they may use. Erik On 1/18/07, Trung Pham [EMAIL PROTECTED] wrote: I have setup my domain key correctly. But yahoo still puts my mail in the Bulk Folder even though they confirmed my domainkey setting. Yahoo! DomainKeys has confirmed that this message was sent by .com. I have static IP business line BTW. If they have confirmed my domain, why do they still put it in the Bulk Folder? Thanks. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Where the heck is my mail going?
Ensure that you don't have the same entry in locals and virtualdomains. Erik On 1/18/07, James Jarrett [EMAIL PROTECTED] wrote: I'ts not in there. Believe me I looked. The mail that has vanished is just gone, no delivery information in the SEND log *UNLESS* I got it, if I got it, all the info is in the send log. James On Thu, 2007-01-18 at 22:46 +0100, Jean-Paul van de Plasse wrote: Hi James, Anything about the delivery in the send log? /var/log/qmail/send/current It should at least tell you to what account it went. JP - Original Message - From: James Jarrett [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, January 18, 2007 10:33 PM Subject: [qmailtoaster] Where the heck is my mail going? I'm a new list member, and usually, when I start on a list, I like to spend a few days/weeks getting the feel of the place before I start talking, but this time I don't have a choice, I'm in a bit of a bind and need some serious help. First of all, while I have a fair amount of unix / pc experience, I am somewhat new to email in general and qmail in particular. I have just set up a qmail box for my school to replace an aging exim server. We *THOUGHT* everything was working and had scheduled the rollout for tonight when we realized that only some of the e-mail from the outside world is getting in. According to the smtp logs, everything is being delivered to the box, but a fair amount of it is never actually delivered (per the send log). A bit of information in no partcular order: I don't think it is a virus/spam check that is stopping the mail, on the off chance it was, I disabled both virus and spam checking in simscan and the problem did not go away. Then just to be thurough, I turned off both the clamd and spamd daemons. We have an e-mail filtering appliance out in front of this box anyway, so I don't need any of that. I am using the centos version of qmail-toaster from qmailtoaster.com, I started with the VM build from: http://www.vmware.com/vmtn/appliances/directory/579 This has qmail, vqadmin-2.3.4, qmailadmin-1.2.9, qmailmrtg7-42, and isolog-2.1 I checked my queue with the: qmailctl queue command. It says that there is one mail message in the queue pending delviery, so that's not the issue. After a minute or two, it showed empty. The results of the qmailctl stat command are: authlib: up (pid 2060) 144335 seconds clamd: up (pid 2055) 144335 seconds imap4: up (pid 2064) 144335 seconds imap4-ssl: up (pid 2071) 144335 seconds pop3: up (pid 2067) 144335 seconds pop3-ssl: up (pid 2063) 144335 seconds send: up (pid 26399) 54483 seconds smtp: up (pid 26405) 54483 seconds spamd: up (pid 2062) 144335 seconds authlib/log: up (pid 2057) 144335 seconds clamd/log: up (pid 2054) 144335 seconds imap4/log: up (pid 2087) 144335 seconds imap4-ssl/log: up (pid 2069) 144335 seconds pop3/log: up (pid 2058) 144335 seconds pop3-ssl/log: up (pid 2059) 144335 seconds send/log: up (pid 2056) 144335 seconds smtp/log: up (pid 2070) 144335 seconds spamd/log: up (pid 2061) 144335 seconds I'm not sure how to list what patches have been applied, if someone can give me some idea how to provide this I will. I have a test account on the box. Some mail gets to me and some does not. I can't figure a rhyme or reason for it, and the mail that does NOT get there shows up in the smtp logs as getting to the box, but then just vanishes. Any ideas PLEASE!! This box was supposed to go live for use yesterday and I'm at my wits end. Thanks, James PS, if you need any more info, just ask, I'll get it to you. JJ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Yahoo bulk folder and domainkeys
You can't change reverse dns. Only SBC can do that. That said, I don't know why Yahoo thinks your e-mail is spam, only Yahoo can answer that. If you have DomainKeys configured and are not on any rbl, I can't think of a reason why they would do that. Aside from getting you to pay for a mailhop service such as one offered by DynDNS, I don't know what else you can try on your end. Try sending an e-mail to [EMAIL PROTECTED] It'll probably take awhile to get a response. Thanks, Erik On 1/18/07, Trung Pham [EMAIL PROTECTED] wrote: Nope, not on any blacklist. Maybe because of reverse DNS? I still can not figure out how to setup reverse DNS using BIND. Plus I don't think it will be possible to do so anyway since I am using SBC DSL. Find a way to contact Yahoo!. The problem is on their side. For hotmail, you can go to support.msn.com and report mislabeled spam. I'd imagine Yahoo has something similar. You can also try going here: http://www.robtex.com/rbls.html and seeing if you are listed on any of the rbl's that they may use. Erik On 1/18/07, Trung Pham [EMAIL PROTECTED] wrote: I have setup my domain key correctly. But yahoo still puts my mail in the Bulk Folder even though they confirmed my domainkey setting. Yahoo! DomainKeys has confirmed that this message was sent by .com. I have static IP business line BTW. If they have confirmed my domain, why do they still put it in the Bulk Folder? Thanks. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] *.pem security issue
I'll answer this one with a not sure. I don't remember this question being asked. Since all of my toasters have no users on them, I never really thought about it. Maybe Nick will have some insight, as I have no clue. Erik On 1/18/07, Eric Shubes [EMAIL PROTECTED] wrote: EE (or anyone), Any word about this? Seems to me that servercert.pem shouldn't be world readable since it contains the private (signing) key and all parent directories are world readable. (I seem to remember EE answering this, but can't find nor remember the answer) Also, I came across this at http://qmail.jms1.net/scripts/qfixpermissions: # some broken install guides (i.e. qmailrocks) tell you to create # servercert.pem and clientcert.pem as a single file, with one as a symbolic # link to the other. this is wrong, since qmail-smtpd and qmail-remote (the # two programs which need to read these files) run as different userids and # different group ids. the only way that a symbolic link scenario will work # is if the file is readable to every userid on the system- and this is a # major security hole, since the file contains the secret key for encrypting # your SMTP sessions, both incoming and outgoing. How is the toaster handling this? I can't figure out how/why the toaster seems to work with clientcert.pem symlinked. Eric Shubes wrote: I just configured SSL on my server, and noticed what I think is a bit of a security risk. All of the *.pem files are readable by any account, e.g.: lrwxrwxrwx 1 root qmail 14 Sep 10 10:08 clientcert.pem - servercert.pem -rw-r--r-- 1 root qmail 1693 Jun 21 08:21 servercert.pem Isn't this a bad idea, given that this file in particular contains a private key? To fix it, I did: # cd /var/qmail/control # chgrp vchkpw *.pem # chmod o-r *.pem # rm -f clientcert.pem # cp -p servercert.pem clientcert.pem # chgrp qmail clientcert.pem Is this a non issue, or should it be changed in the basic toaster? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] *.pem security issue
Agreed, it's why I asked for Nick's input. Thanks, Erik On 1/18/07, Eric Shubes [EMAIL PROTECTED] wrote: Erik Espinoza wrote: I'll answer this one with a not sure. I don't remember this question being asked. Since all of my toasters have no users on them, I never really thought about it. I don't have any users either (as I imagine is the case with most toasters), so it's not a gaping hole. I just like seeing holes (however little) plugged up. Maybe Nick will have some insight, as I have no clue. Erik On 1/18/07, Eric Shubes [EMAIL PROTECTED] wrote: EE (or anyone), Any word about this? Seems to me that servercert.pem shouldn't be world readable since it contains the private (signing) key and all parent directories are world readable. (I seem to remember EE answering this, but can't find nor remember the answer) Also, I came across this at http://qmail.jms1.net/scripts/qfixpermissions: # some broken install guides (i.e. qmailrocks) tell you to create # servercert.pem and clientcert.pem as a single file, with one as a symbolic # link to the other. this is wrong, since qmail-smtpd and qmail-remote (the # two programs which need to read these files) run as different userids and # different group ids. the only way that a symbolic link scenario will work # is if the file is readable to every userid on the system- and this is a # major security hole, since the file contains the secret key for encrypting # your SMTP sessions, both incoming and outgoing. How is the toaster handling this? I can't figure out how/why the toaster seems to work with clientcert.pem symlinked. Eric Shubes wrote: I just configured SSL on my server, and noticed what I think is a bit of a security risk. All of the *.pem files are readable by any account, e.g.: lrwxrwxrwx 1 root qmail 14 Sep 10 10:08 clientcert.pem - servercert.pem -rw-r--r-- 1 root qmail 1693 Jun 21 08:21 servercert.pem Isn't this a bad idea, given that this file in particular contains a private key? To fix it, I did: # cd /var/qmail/control # chgrp vchkpw *.pem # chmod o-r *.pem # rm -f clientcert.pem # cp -p servercert.pem clientcert.pem # chgrp qmail clientcert.pem Is this a non issue, or should it be changed in the basic toaster? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Where the heck is my mail going?
SPF would be a really good guess since everything would appear to arrive from the scanning appliance. The other good guess would be DomainKeys. Check the log in the appliance for error 4xx/5xx rejections from your server. Erik On 1/18/07, Eric Shubes [EMAIL PROTECTED] wrote: I'm guessing that SPF's rejecting them. The newer toaster gives you a meaningful message, but the version you have simply quits and looks normal on the log. Change /var/qmail/control/spfbehavior from 3 to 1. I'm not sure if restarting is necessary, but stop then start qmail to be safe. Report back. James Jarrett wrote: This: ucspi-tcp-toaster-0.88-1.3.1 qmail-pop3d-toaster-1.03-1.3.6 control-panel-toaster-0.5-1.3.1 qmailmrtg-toaster-4.2-1.3.1 vqadmin-toaster-2.3.4-1.3.2 ripmime-toaster-1.4.0.6-1.3.1 vpopmail-toaster-5.4.13-1.3.2 courier-authlib-toaster-0.58-1.3.1 ezmlm-toaster-0.53.324-1.3.1 maildrop-toaster-2.0.2-1.3.1 squirrelmail-toaster-1.4.8-1.3.3 simscan-toaster-1.2-1.3.1 libdomainkeys-toaster-0.68-1.3.1 courier-imap-toaster-4.1.1-1.3.2 ezmlm-cgi-toaster-0.53.324-1.3.1 maildrop-toaster-devel-2.0.2-1.3.1 spamassassin-toaster-3.1.5-1.3.3 daemontools-toaster-0.76-1.3.1 qmail-toaster-1.03-1.3.6 autorespond-toaster-2.0.4-1.3.1 qmailadmin-toaster-1.2.9-1.3.1 isoqlog-toaster-2.1-1.3.1 clamav-toaster-0.88.4-1.3.3 On Thu, 2007-01-18 at 14:58 -0700, Eric Shubes wrote: What does # rpm -qa | grep toaster show you? James Jarrett wrote: I'ts not in there. Believe me I looked. The mail that has vanished is just gone, no delivery information in the SEND log *UNLESS* I got it, if I got it, all the info is in the send log. James On Thu, 2007-01-18 at 22:46 +0100, Jean-Paul van de Plasse wrote: Hi James, Anything about the delivery in the send log? /var/log/qmail/send/current It should at least tell you to what account it went. JP - Original Message - From: James Jarrett [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, January 18, 2007 10:33 PM Subject: [qmailtoaster] Where the heck is my mail going? I'm a new list member, and usually, when I start on a list, I like to spend a few days/weeks getting the feel of the place before I start talking, but this time I don't have a choice, I'm in a bit of a bind and need some serious help. First of all, while I have a fair amount of unix / pc experience, I am somewhat new to email in general and qmail in particular. I have just set up a qmail box for my school to replace an aging exim server. We *THOUGHT* everything was working and had scheduled the rollout for tonight when we realized that only some of the e-mail from the outside world is getting in. According to the smtp logs, everything is being delivered to the box, but a fair amount of it is never actually delivered (per the send log). A bit of information in no partcular order: I don't think it is a virus/spam check that is stopping the mail, on the off chance it was, I disabled both virus and spam checking in simscan and the problem did not go away. Then just to be thurough, I turned off both the clamd and spamd daemons. We have an e-mail filtering appliance out in front of this box anyway, so I don't need any of that. I am using the centos version of qmail-toaster from qmailtoaster.com, I started with the VM build from: http://www.vmware.com/vmtn/appliances/directory/579 This has qmail, vqadmin-2.3.4, qmailadmin-1.2.9, qmailmrtg7-42, and isolog-2.1 I checked my queue with the: qmailctl queue command. It says that there is one mail message in the queue pending delviery, so that's not the issue. After a minute or two, it showed empty. The results of the qmailctl stat command are: authlib: up (pid 2060) 144335 seconds clamd: up (pid 2055) 144335 seconds imap4: up (pid 2064) 144335 seconds imap4-ssl: up (pid 2071) 144335 seconds pop3: up (pid 2067) 144335 seconds pop3-ssl: up (pid 2063) 144335 seconds send: up (pid 26399) 54483 seconds smtp: up (pid 26405) 54483 seconds spamd: up (pid 2062) 144335 seconds authlib/log: up (pid 2057) 144335 seconds clamd/log: up (pid 2054) 144335 seconds imap4/log: up (pid 2087) 144335 seconds imap4-ssl/log: up (pid 2069) 144335 seconds pop3/log: up (pid 2058) 144335 seconds pop3-ssl/log: up (pid 2059) 144335 seconds send/log: up (pid 2056) 144335 seconds smtp/log: up (pid 2070) 144335 seconds spamd/log: up (pid 2061) 144335 seconds I'm not sure how to list what patches have been applied, if someone can give me some idea how to provide this I will. I have a test account on the box. Some mail gets to me and some does not. I can't figure a rhyme or reason for it, and the mail that does NOT get there shows up in the smtp logs as getting to the box, but then just vanishes. Any ideas PLEASE!! This box was supposed to go live for use yesterday and I'm at my wits end. Thanks, James PS, if you need any more info, just ask, I'll get it to you. JJ
Re: [qmailtoaster] Where the heck is my mail going?
To disable DK, go to /var/qmail/bin and type rm -f qmail-queue ln -s qmail-queue.orig qmail-queue Erik On 1/18/07, Erik Espinoza [EMAIL PROTECTED] wrote: SPF would be a really good guess since everything would appear to arrive from the scanning appliance. The other good guess would be DomainKeys. Check the log in the appliance for error 4xx/5xx rejections from your server. Erik On 1/18/07, Eric Shubes [EMAIL PROTECTED] wrote: I'm guessing that SPF's rejecting them. The newer toaster gives you a meaningful message, but the version you have simply quits and looks normal on the log. Change /var/qmail/control/spfbehavior from 3 to 1. I'm not sure if restarting is necessary, but stop then start qmail to be safe. Report back. James Jarrett wrote: This: ucspi-tcp-toaster-0.88-1.3.1 qmail-pop3d-toaster-1.03-1.3.6 control-panel-toaster-0.5-1.3.1 qmailmrtg-toaster-4.2-1.3.1 vqadmin-toaster-2.3.4-1.3.2 ripmime-toaster-1.4.0.6-1.3.1 vpopmail-toaster-5.4.13-1.3.2 courier-authlib-toaster-0.58-1.3.1 ezmlm-toaster-0.53.324-1.3.1 maildrop-toaster-2.0.2-1.3.1 squirrelmail-toaster-1.4.8-1.3.3 simscan-toaster-1.2-1.3.1 libdomainkeys-toaster-0.68-1.3.1 courier-imap-toaster-4.1.1-1.3.2 ezmlm-cgi-toaster-0.53.324-1.3.1 maildrop-toaster-devel-2.0.2-1.3.1 spamassassin-toaster-3.1.5-1.3.3 daemontools-toaster-0.76-1.3.1 qmail-toaster-1.03-1.3.6 autorespond-toaster-2.0.4-1.3.1 qmailadmin-toaster-1.2.9-1.3.1 isoqlog-toaster-2.1-1.3.1 clamav-toaster-0.88.4-1.3.3 On Thu, 2007-01-18 at 14:58 -0700, Eric Shubes wrote: What does # rpm -qa | grep toaster show you? James Jarrett wrote: I'ts not in there. Believe me I looked. The mail that has vanished is just gone, no delivery information in the SEND log *UNLESS* I got it, if I got it, all the info is in the send log. James On Thu, 2007-01-18 at 22:46 +0100, Jean-Paul van de Plasse wrote: Hi James, Anything about the delivery in the send log? /var/log/qmail/send/current It should at least tell you to what account it went. JP - Original Message - From: James Jarrett [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, January 18, 2007 10:33 PM Subject: [qmailtoaster] Where the heck is my mail going? I'm a new list member, and usually, when I start on a list, I like to spend a few days/weeks getting the feel of the place before I start talking, but this time I don't have a choice, I'm in a bit of a bind and need some serious help. First of all, while I have a fair amount of unix / pc experience, I am somewhat new to email in general and qmail in particular. I have just set up a qmail box for my school to replace an aging exim server. We *THOUGHT* everything was working and had scheduled the rollout for tonight when we realized that only some of the e-mail from the outside world is getting in. According to the smtp logs, everything is being delivered to the box, but a fair amount of it is never actually delivered (per the send log). A bit of information in no partcular order: I don't think it is a virus/spam check that is stopping the mail, on the off chance it was, I disabled both virus and spam checking in simscan and the problem did not go away. Then just to be thurough, I turned off both the clamd and spamd daemons. We have an e-mail filtering appliance out in front of this box anyway, so I don't need any of that. I am using the centos version of qmail-toaster from qmailtoaster.com, I started with the VM build from: http://www.vmware.com/vmtn/appliances/directory/579 This has qmail, vqadmin-2.3.4, qmailadmin-1.2.9, qmailmrtg7-42, and isolog-2.1 I checked my queue with the: qmailctl queue command. It says that there is one mail message in the queue pending delviery, so that's not the issue. After a minute or two, it showed empty. The results of the qmailctl stat command are: authlib: up (pid 2060) 144335 seconds clamd: up (pid 2055) 144335 seconds imap4: up (pid 2064) 144335 seconds imap4-ssl: up (pid 2071) 144335 seconds pop3: up (pid 2067) 144335 seconds pop3-ssl: up (pid 2063) 144335 seconds send: up (pid 26399) 54483 seconds smtp: up (pid 26405) 54483 seconds spamd: up (pid 2062) 144335 seconds authlib/log: up (pid 2057) 144335 seconds clamd/log: up (pid 2054) 144335 seconds imap4/log: up (pid 2087) 144335 seconds imap4-ssl/log: up (pid 2069) 144335 seconds pop3/log: up (pid 2058) 144335 seconds pop3-ssl/log: up (pid 2059) 144335 seconds send/log: up (pid 2056) 144335 seconds smtp/log: up (pid 2070) 144335 seconds spamd/log: up (pid 2061) 144335 seconds I'm not sure how to list what patches have been applied, if someone can give me some idea how to provide this I will. I have a test account on the box. Some mail gets to me and some does not. I can't figure a rhyme or reason
Re: [qmailtoaster] Yahoo bulk folder and domainkeys
At the command line type: yum -y install jwhois whois $IP replace $IP with your machines IP address. It will tell you who is responsible for reverse DNS of your ip addresses. Thanks, Erik On 1/18/07, Trung Pham [EMAIL PROTECTED] wrote: I am the authoritative DNS server for my domain. This is how I am able to setup SPF and Domainkey. But still no luck with reverse DNS. Is there anyone who is able to setup reverse DNS having SBC as their ISP? Thanks. I suppose that's a possibility. Have you verified that your reverse DNS is not set up right? (http://www.dnstools.com) Where/who is the authoritative DNS server for your domain? Are you doing this or is SBC supposed to be handling that? Trung Pham wrote: Nope, not on any blacklist. Maybe because of reverse DNS? I still can not figure out how to setup reverse DNS using BIND. Plus I don't think it will be possible to do so anyway since I am using SBC DSL. Find a way to contact Yahoo!. The problem is on their side. For hotmail, you can go to support.msn.com and report mislabeled spam. I'd imagine Yahoo has something similar. You can also try going here: http://www.robtex.com/rbls.html and seeing if you are listed on any of the rbl's that they may use. Erik On 1/18/07, Trung Pham [EMAIL PROTECTED] wrote: I have setup my domain key correctly. But yahoo still puts my mail in the Bulk Folder even though they confirmed my domainkey setting. Yahoo! DomainKeys has confirmed that this message was sent by .com. I have static IP business line BTW. If they have confirmed my domain, why do they still put it in the Bulk Folder? Thanks. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SRS documentation?
/var/qmail/doc/README.srs or http://opensource.mco2.net/qmail/srs/ I will update the main site. On 1/18/07, Trung Pham [EMAIL PROTECTED] wrote: I follow this link on the main page for SRS documentation but it's a deadlink. http://devel.qmailtoaster.com/info/srs-readme.txt - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SRS documentation?
It is only necessary if your users choose to change their account routing from Normal to Forward in their acct. Say [EMAIL PROTECTED] forwards to [EMAIL PROTECTED] If I send an e-mail to [EMAIL PROTECTED], and my domain uses spf, then gmail will see an e-mail coming from your server from my domain. Since your server isn't authorized for my domain, then gmail will reject this as a spam. Basically if anyone forwards outside of the domain, then you should definitely setup srs. It takes 2 seconds (add 1 mx record and 1 line into /var/qmail/control/srs_domain). In general I'd recommend everyone do srs and spf whenever possible. Thanks, Erik On 1/18/07, Trung Pham [EMAIL PROTECTED] wrote: Sorry for this silly question. Is SRS even need if I don't plan to let anyone use my server to forward their emails? In another word, this qmail server will only be used by my domain. /var/qmail/doc/README.srs or http://opensource.mco2.net/qmail/srs/ I will update the main site. On 1/18/07, Trung Pham [EMAIL PROTECTED] wrote: I follow this link on the main page for SRS documentation but it's a deadlink. http://devel.qmailtoaster.com/info/srs-readme.txt - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] smtproutes and domainkeys, spf, srs
SRS and SPF can be used if your upstream isp publishes spf records. You can use the include statement (more info at openspf.org) to include their spf entries into your spf records. SBC, however, doesn't publish SPF records as Yahoo handles their infrastructure. The Qmail DomainKey implementation is to spec, but doesn't implement the optional h= header that limits the scope of the DomainKey signature to certain parts. Because of this, DomainKeys will fail if it is forwarded through a third party server. Erik On 1/16/07, Trung Pham [EMAIL PROTECTED] wrote: I currently have all my outgoing emails forwarded to my ISP server using smtproutes. So I am curious if I can still use domainkeys, spf, or srs features since my ISP will definitely modify the email header. FYI, I am using SBC Business DSL. I had to resolve to smtproutes otherwise Yahoo will put emails coming from me into the bulk folder. Please let me know if those features still work if I use my ISP to relay my mails. My goal is to stop incoming spams that forge my own address. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Should I use qmail toaster?
Might want to check out the wiki. There are a ton of scripts that you can use to keep the QT up to date. ES and JV have done some great work on keeping the QmailToaster up to date. Due to licensing restrictions, we aren't allowed to give out binary updates, so no yum. The wiki has an faq entry on this. Thanks, Erik On 1/16/07, Dave Q.T. Newbiw [EMAIL PROTECTED] wrote: Hi Erik, Thanks for the reply... What size VM, memory-wise, does QM Toaster need? Is 96MB enough? In anticipation of the fact the that over the next few years _some_ bug/security issues will be found, how exactly does the auto update process work? Is everything updated, or just the base CentOS files? Thank you, David Erik Espinoza [EMAIL PROTECTED] wrote: Hello Dave Can QM Toaster be used to turn a default CentOS install into a very basic POP3/IMAP/SMTP email server? It's a lot more than basic, as it comes with antivirus, antispam, domainkeys, spf and srs. I'd call it thorough rather than basic. Our current ISP where we host ~15 domains and ~25+ email accounts has a mandatory incoming auto-discard spam filter that is far too strict to continue using. That sucks. Unfortunately, switching ISPs is not an option right now. Good luck! I am looking at signing up for a basic low-memory CentOS Virtual Dedicated Server to handle our own incoming ( outgoing) mail. I wouldn't go too low on the memory unless you don't want antivirus and antispam. There will not be a full-time IT person to maintain the server, so simplicity is a must. The QmailToaster is very simple. This is a no brainer. I am perfectly fine with leaving out server-side spam filtering, though I suspect that some basic blacklist usage would be a good idea. I'd recommend against leaving out the spam filtering, as blacklists are usually too encompassing. Most specifically, I don't want to add the performance overhead, security liability, and maintenance requirements of a typical default server. (Apache, MySQL, Bind, etc.) In reality, the only thing that requires maintenance is the antispam, antivirus and webmail.The project keeps those all up to date. The rest is, for the most part, already a couple of years old and battle tested on the internet. Known to be secure. Basically, I want an ultra-basic server that I can set for automatic updates and let it continue running hands-off until CentOS 4 is no longer supported with security patches. Sounds like the plan. It's how I run mine. Will Qmail Toaster do what I need? Yes. It's not basic, but it is simple. And there is plenty of support here, on the wiki and on the main site. Thanks, Erik - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Don't be flakey. Get Yahoo! Mail for Mobile and always stay connected to friends. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] compile errors
yum install libtool-ltdl libtool-ltdl-devel Try again. Erik On 1/17/07, Kisakye Alex [EMAIL PROTECTED] wrote: Hello 1)I have been trying to install Toaster on Fedora Core 5! I have been getting the error below during installation! can any one point me in the right direction?? 2) There was a post earlier on the list on problems experienced while installing toaster on CentOS server install, was this erectified?? ie can I move my installation to CentOS?? I have just had enough with Fedora Core Errors below; Installing courier-authlib-toaster-0.59-1.3.4.src.rpm error: Failed build dependencies /usr/include/ltdl.h is needed by courier-authlib-toaster-0.59-1.3.4.i386 error: File not found by glob: /usr/src/redhat/RPMS/i386/courier-authlib-toaster*.rpm Installing courier-imap-toaster-4.1.2-1.3.6.src.rpm error: Failed build dependencies courier-authlib-toaster is needed by courier-imap-toaster-4.1.2-1.3.6.i386 error: File not found by glob: /usr/src/redhat/RPMS/i386/courier-imap-toaster*.rpm thanks ALex - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Re: Accepting mail from local mail servers
You can disable sender checking by adding the nat public IP to tcp.smtp with the RELAYCLIENT option On 1/17/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi, I am not sure what the problem is and how to resolve it. I am hosting my company qmailtoaster server in the datacenter on an external ip, I also have some development machines inside the company behind the nat on internal ips. When an internal application sends email out to [EMAIL PROTECTED] using sendmail on localhost, I am not getting that email at [EMAIL PROTECTED] I am pretty sure qmail rejects these emails because they come from a mailserver behind nat which doesnt resolve to anything. What do I need to configure on qmailtoaster so I can allow my development machines to send me email to [EMAIL PROTECTED] Is there a setting where I can just specify my company external ip to allow all the mail from my internal subnet without being rejected? Thank you - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Re: Accepting mail from local mail servers
ES, Only udp and icmp connections can be spoofed. The tcp handshake makes spoofing tcp impossible. The only way for such an attach to be feasible would be to hack a few different routers in between their link. At that point, they got bigger problems than an open relya. Erik On 1/17/07, Eric Shubes [EMAIL PROTECTED] wrote: What JP says would certainly help. Given what you *have* said though, and making a few presumptions, I might have a fix for you. Since your internal machines are being nat'd, I'm thinking that the smtp sessions for these will appear to the toaster to be coming from the external address of the natting device. Simply add that address (the external address of your natting device) to /etc/tcprules.d/tcp.smtp file like so: external.address.of.nat:allow,RELAYCLIENT= Regenerate your cdb file: # qmailctl cdb and you should be good to go. Note, this solution is a tad bit insecure. If someone were able to spoof this address (while unlikely it *is* possible), they could use your toaster as an open relay. Not much of an issue if it's a private address, somewhat more so if it's public. The best solution, while not as easy but more secure, would be to configure the sendmail clients to authenticate themselves. Jean-Paul van de Plasse wrote: Hi, Any messages in the logfiles (on both qmailtoaster server and development machines) What do you get when you telnet from the development machine to the qmailtoaster on port 25 and type something like helo mail from:[EMAIL PROTECTED] rcpt to:[EMAIL PROTECTED] data subject: test test . Simply said, more info is needed to solve this for you. Regards, JP - Original Message - From: [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 17, 2007 8:29 PM Subject: [qmailtoaster] Re: Accepting mail from local mail servers Hi, I am not sure what the problem is and how to resolve it. I am hosting my company qmailtoaster server in the datacenter on an external ip, I also have some development machines inside the company behind the nat on internal ips. When an internal application sends email out to [EMAIL PROTECTED] using sendmail on localhost, I am not getting that email at [EMAIL PROTECTED] I am pretty sure qmail rejects these emails because they come from a mailserver behind nat which doesnt resolve to anything. What do I need to configure on qmailtoaster so I can allow my development machines to send me email to [EMAIL PROTECTED] Is there a setting where I can just specify my company external ip to allow all the mail from my internal subnet without being rejected? Thank you -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] smtproutes and domainkeys, spf, srs
SPF will not work in this case. Reread my earlier email. Yahoo doesn't publish records for one to include. In addition DK usually fails when you use a smarthost. On 1/17/07, Eric Shubes [EMAIL PROTECTED] wrote: Trung, Is your toaster on a dynamic or static IP address? Trung Pham wrote: So in my case, I am forwarding my mail through Yahoo. I should not bother setting up SPF, SRS, and Domainkeys since I won't see any benefit at all. Supposed if I handle my own outbound email and setup all those features properly. Do you think Yahoo will still put my mails in the Bulk folder? TTBOMK, yahoo will not put your mail in bulk folders if you have DK configured properly. Another question, is it necessary for us to setup reverse IP DNS? Because I think SBC will not help me do it. SRS and SPF can be used if your upstream isp publishes spf records. You can use the include statement (more info at openspf.org) to include their spf entries into your spf records. SBC, however, doesn't publish SPF records as Yahoo handles their infrastructure. The Qmail DomainKey implementation is to spec, but doesn't implement the optional h= header that limits the scope of the DomainKey signature to certain parts. Because of this, DomainKeys will fail if it is forwarded through a third party server. Erik On 1/16/07, Trung Pham [EMAIL PROTECTED] wrote: I currently have all my outgoing emails forwarded to my ISP server using smtproutes. So I am curious if I can still use domainkeys, spf, or srs features since my ISP will definitely modify the email header. FYI, I am using SBC Business DSL. I had to resolve to smtproutes otherwise Yahoo will put emails coming from me into the bulk folder. Please let me know if those features still work if I use my ISP to relay my mails. My goal is to stop incoming spams that forge my own address. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] tcpserver-limits-patch
Hey JP, Please ensure that the patch defaults to the original behavior of the QmailToaster if no settings are added to the tcp.smtp. I don't want to accept a patch that changes the default behavior of the default install. Thanks, Erik On 1/17/07, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote: I could not agree more on this. Will do this today! JP - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, January 18, 2007 12:24 AM Subject: Re: [qmailtoaster] tcpserver-limits-patch While doing this w/ iptables is certainly doable, I'd like to see a simple way of handling it with the toaster too. The patch would be nice (imho). Philip Nix Guru wrote: Hi JP I was just thinking in a general setup. Not everyone knows how to set iptables. And I often see spammers connecting to some of my smtps with 30-40 connections (at least trying ..) :) that would easily get your server down for your customers, the max concurrencyincoming wont allow any new connections I use that kind of template (you can easily add -s and -d to filter) iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m recent --set iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROP QToaster should add either the option through tcp.smtp or some basic iptables rules it would help a few users I think. Too often you see 30-100 connections from the same source and that just blocks your server for your real users Just an idea :) Jean-Paul van de Plasse wrote: Hi Philip, Just curious but what good does it do when you can allready do this with iptables? When I changed ucspi-tcp-toaster last week I figured they were not very usefull.. Regards, JP - Original Message - From: Philip Nix Guru [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 17, 2007 10:24 PM Subject: [qmailtoaster] tcpserver-limits-patch Hello EE would it be possible to integrate the tcpserver-limits-patch into the ucspi-tcp-toaster ? It is pretty useful to have MAXLOAD MAXCONNIP MAXCONNC DIEMSG in the tcp.smtp cdb file I am already doing that trough my iptables setup but it could be useful Thx -Philip -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Re: Accepting mail from local mail servers
Question is, why is the toaster at company.com rejecting the message? I'm not quite sure. A look at /var/log/qmail/smtp/current on the toaster should tell. I'm curious to know exactly why the message is failing (I'm still learning this stuff too!). In any case, the changes to tcp.smtp should give a green light (open relay) for any session coming from the specified address. I'd wager that the relay was denied because the internal machines hostnames aren't resolve-able in DNS on the real Internet. Suppose my public internet is kabewm.com and my internal infrastructure runs on internal.kabewm.com. Since my public DNS records don't have any A, MX or other entries for internal.kabewm.com, then the QmailToaster will reject e-mail coming from [EMAIL PROTECTED] since it couldn't possibly be a real return e-mail. shamelessplugBy the way, my blog is http://www.kabewm.com/ and contains info on things going on with QmailToaster. :)/shamelessplug Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Should I use qmail toaster?
Hi Dave, There are projects about Network ACL's (IPTables), System backups (Amanda), Daemon Lockdowns (Bastille) and so on. In addition there are plenty of books on the subject matter. That said I mean absolutely no offense to anyone by this next comment. This community isn't here to teach you (or anyone) how to be a network and system admin. We're here about the QmailToaster Project. Don't get me wrong, this community always goes above and beyond to help out a straggled user, but come on . . . My apologies if anyone is offended. Thanks, Erik Here are some things that come to mind, but I am sure you folks can think of much more: - Network ACL's - System backups - User data and config backups - Daemon lockdown - Removal of unneeded services - Auto-updates of anything possible. (Think Apache/PHP/SSH/etc... or, even more important, SquirrelMail.) - Basic health reporting / stats to someone. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Should I use qmail toaster?
For that we have the QmailToaster Virtual Appliance for VMware Server/Player/Workstation. :) Erik On 1/17/07, Dave [EMAIL PROTECTED] wrote: Hi Erik, We're here about the QmailToaster Project. Don't get me wrong, this community always goes above and beyond to help out a straggled user, but come on . . . My apologies if anyone is offended. No offense taken The impressive amount of customization and packaging effort that has been put into QmailToaster project solves some of the biggest problems that a new sysadmin would face in setting up an email server. As you rightly point out, much of remaining points are not at all about qmail. This project almost provides a turn-key solution that even the most harried office administrator could use to set up a small email server. The suggestions, if implemented, would simply move the project further down the appliance path. -- David Sucker-punch spam with award-winning protection. Try the free Yahoo! Mail Beta. http://advision.webevents.yahoo.com/mailbeta/features_spam.html - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Greylisting
You may want to check this out: http://thomas.mangin.me.uk/software/qmail-greylist.html Install instructions are simple: cd /var/qmail/bin ; wget http://thomas.mangin.me.uk/data/source/greyd ; chmod +x greyd mkdir /var/qmail/grey ; chown vpopmail.vchkpw /var/qmail/grey Add ',GREY=' to the :allow statement at the bottom of /etc/tcprules.d/tcp.smtp Then change /var/qmail/supervise/smtp/run to look like this: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` BLACKLIST=`cat /var/qmail/control/blacklists` SMTPD=/var/qmail/bin/qmail-smtpd GREYD=/var/qmail/bin/greyd TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb RBLSMTPD=/usr/bin/rblsmtpd HOSTNAME=`hostname` VCHKPW=/home/vpopmail/bin/vchkpw exec /usr/bin/softlimit -m 1200 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ $GREYD $RBLSMTPD $BLACKLIST $SMTPD $VCHKPW /bin/true 21 On 1/16/07, Wojciech Gabor [EMAIL PROTECTED] wrote: I plan start any greylisting with QT. What package is recommended for QT? Any HOWTO? -- Tuptus System uptime: 41 years 8 months 3 weeks 0 days 3 hours 45 minuts Why use windows since there is a door? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] apostrophe
The + has been allowed for some time in the default toaster. On 1/16/07, Tim Mancour [EMAIL PROTECTED] wrote: Erik, Which characters in the sender's mailbox identifier represent a security issue? In my thinking these should be the only characters that are restricted in the C code. The badmailfrom file can then be used to allow site to site customization. I know that everytime that I upgrade I have to do the hand building step to allow the '+' character and would really like to be able to configure thus sort of thing in a control file. Regards, Tim -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Monday, January 15, 2007 8:09 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] apostrophe Tim, Not a good idea. If you write this patch, it shall not be included into the Toaster. Qmail gets a lot of security by not allowing certain characters. For example, any e-mail address that contains a . is stored in the file system as a : because the period is a file system navigation character. Thanks, Erik On 1/15/07, Tim Mancour [EMAIL PROTECTED] wrote: Hi, The toaster seems to be more restrictive than the current SMTP specification. RFC 2821 (page 37) only specifically prohibts ASCII characters 0 through 31 and characters greater than 126 from the name of a mailbox. As a long term solution, couldn't we modify the C code (specifically the function check_sender_address_format) to allow any character in the ASCII range 33 through 126. We could then use the badmailfrom control file to filter out sender addresses that contain characters that are undesirable. A single line with an explicit set of characters could be used - e.g. [ ,;:'`%\$\^\{\[\(\|\)\]\}\*\+\?\\]. I could be missing something but I think that this will allow each site to customize as required without rebuilding the C code and without losing any functionality. I'd be happy to make the C code changes if this make sense to everyone. Regards, Tim -Original Message- From: Trung Pham [mailto:[EMAIL PROTECTED] Sent: Friday, January 12, 2007 5:14 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] apostrophe Yeah, you will need to edit the C code before compiling it. eh no.. Its just that to change qmailtoaster/checkuser you have to change the code a bit. Like Eric explained below. - Original Message - From: Dan Herbon [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, January 12, 2007 10:48 PM Subject: RE: [qmailtoaster] apostrophe So I have to have any user emailing this person to add a \ in front of the email address?: Bd\'[EMAIL PROTECTED] -Original Message- From: Trung Pham [mailto:[EMAIL PROTECTED] Sent: Friday, January 12, 2007 4:37 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] apostrophe #define CHKUSER_ALLOW_SENDER_CHAR_2 '\'' that's the correct syntax Dan Herbon wrote: I've been live on the new qmailtoaster server now for about 3 weeks and no problems have arisen, everythings been great. Today however I came across my first problem. A user we used to email back and forth has an apostrophe in her name and for some strange odd reason whoever set this person up put the apostrophe in her email address. So her email address is: bd'[EMAIL PROTECTED] The qmail server is rejecting this with: 2007-01-12 15:09:52.456145500 CHKUSER rejected sender: from BD'[EMAIL PROTECTED]:: remote mail-bh.server.com:unknown:12.19.*.* rcpt : invalid sender address format - Is there an easy way to allow an apostrophe in the email address be delivered? Perhaps add just this users email address to some sort of whitelist somewhere. Any help would be great. I have to get this working. thank You should try very hard to have the admin for that domain change the name. Short of success with that, you *can* tailor chkuser to accept additional special characters, but tailoring chkuser is somewhat of a PITA. See http://wiki.qmailtoaster.com/index.php/Chkuser. In chkuser.h you'll want to modify /* #define CHKUSER_ALLOW_SENDER_CHAR_2 '%' */ by uncommenting the #define, and specifying the apostrophe as the special character. I'm not sure how to do that properly in C, but it might be #define CHKUSER_ALLOW_SENDER_CHAR_2 '\'' or #define CHKUSER_ALLOW_SENDER_CHAR_2 Maybe a C guru can help you out on that. HTH -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org -- -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster
Re: [qmailtoaster] djbdns and domain keys
I believe It should be noted that djbdns can't be both authoratative and caching (recursive) at the same time. Sanchez will correct me if I'm wrong. ;) On 1/16/07, Vince Callaway [EMAIL PROTECTED] wrote: On Tue, 2007-01-16 at 08:12 -0800, Ed Morrison wrote: Hi All: I'm trying to setup djbdns with domain keys for my server using these instructions from the wiki: DJBDNS - in /var/djbdns/tinydns/root/data (make from your-domain-dk.txt): '_domainkey.your-domain.com:o=-; [EMAIL PROTECTED] 'private._domainkey.your-domain.com:k=rsa; p=MEwwDQY . . . to end of key Has the new toaster changed so these instructions no longer apply? The directory tinydns/root/data does not exist on my install. Am I missing something obvious? These instructions apply if your mail server is ALSO your authoritive DNS server. The mail servers public key record has to be part of your public DNS. If you installed the caching nameserver you will not have the tinydns/root/data folder. That is fine if your mailserver is NOT your authoritive name server. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] apostrophe
I'd be okay with that. On 1/16/07, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote: I think that making this a runtime configurable option is the best option. Not that much of a problem to implement, and when we default it to the same behaviour it has now it is up to the admins what they do with it. Can you find yourself in that Erik? JP - Original Message - From: Tim Mancour [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, January 16, 2007 5:15 PM Subject: RE: [qmailtoaster] apostrophe Erik, Which characters in the sender's mailbox identifier represent a security issue? In my thinking these should be the only characters that are restricted in the C code. The badmailfrom file can then be used to allow site to site customization. I know that everytime that I upgrade I have to do the hand building step to allow the '+' character and would really like to be able to configure thus sort of thing in a control file. Regards, Tim -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Monday, January 15, 2007 8:09 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] apostrophe Tim, Not a good idea. If you write this patch, it shall not be included into the Toaster. Qmail gets a lot of security by not allowing certain characters. For example, any e-mail address that contains a . is stored in the file system as a : because the period is a file system navigation character. Thanks, Erik On 1/15/07, Tim Mancour [EMAIL PROTECTED] wrote: Hi, The toaster seems to be more restrictive than the current SMTP specification. RFC 2821 (page 37) only specifically prohibts ASCII characters 0 through 31 and characters greater than 126 from the name of a mailbox. As a long term solution, couldn't we modify the C code (specifically the function check_sender_address_format) to allow any character in the ASCII range 33 through 126. We could then use the badmailfrom control file to filter out sender addresses that contain characters that are undesirable. A single line with an explicit set of characters could be used - e.g. [ ,;:'`%\$\^\{\[\(\|\)\]\}\*\+\?\\]. I could be missing something but I think that this will allow each site to customize as required without rebuilding the C code and without losing any functionality. I'd be happy to make the C code changes if this make sense to everyone. Regards, Tim -Original Message- From: Trung Pham [mailto:[EMAIL PROTECTED] Sent: Friday, January 12, 2007 5:14 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] apostrophe Yeah, you will need to edit the C code before compiling it. eh no.. Its just that to change qmailtoaster/checkuser you have to change the code a bit. Like Eric explained below. - Original Message - From: Dan Herbon [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, January 12, 2007 10:48 PM Subject: RE: [qmailtoaster] apostrophe So I have to have any user emailing this person to add a \ in front of the email address?: Bd\'[EMAIL PROTECTED] -Original Message- From: Trung Pham [mailto:[EMAIL PROTECTED] Sent: Friday, January 12, 2007 4:37 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] apostrophe #define CHKUSER_ALLOW_SENDER_CHAR_2 '\'' that's the correct syntax Dan Herbon wrote: I've been live on the new qmailtoaster server now for about 3 weeks and no problems have arisen, everythings been great. Today however I came across my first problem. A user we used to email back and forth has an apostrophe in her name and for some strange odd reason whoever set this person up put the apostrophe in her email address. So her email address is: bd'[EMAIL PROTECTED] The qmail server is rejecting this with: 2007-01-12 15:09:52.456145500 CHKUSER rejected sender: from BD'[EMAIL PROTECTED]:: remote mail-bh.server.com:unknown:12.19.*.* rcpt : invalid sender address format - Is there an easy way to allow an apostrophe in the email address be delivered? Perhaps add just this users email address to some sort of whitelist somewhere. Any help would be great. I have to get this working. thank You should try very hard to have the admin for that domain change the name. Short of success with that, you *can* tailor chkuser to accept additional special characters, but tailoring chkuser is somewhat of a PITA. See http://wiki.qmailtoaster.com/index.php/Chkuser. In chkuser.h you'll want to modify /* #define CHKUSER_ALLOW_SENDER_CHAR_2 '%' */ by uncommenting the #define, and specifying the apostrophe as the special character. I'm not sure how to do that properly in C, but it might be #define CHKUSER_ALLOW_SENDER_CHAR_2 '\'' or #define CHKUSER_ALLOW_SENDER_CHAR_2 Maybe a C guru can help you out