Re: [qmailtoaster] ClamAV update
Hi Eric. Though it was for Chandran I sneaked in and took advantage of Your work ;-) Works fine! Thanx a bunch /Finn Den 09-04-2015 kl. 03:37 skrev Eric Broch: Chandran, x86_64 rpm: ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/rpms/x86_64/clamav-0.98.6-1.qt.el6.x86_64.rpm I don't have the i386 rpm just the srpm: ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/clamav-0.98.6-1.qt.src.rpm build it as follows: rpmbuild --rebuild --define dist .qt.el6 clamav-0.98.6-1.qt.src.rpm If you send me the i386 rpm I'll put it up on my ftp site. Thanks! EricB On 4/7/2015 4:20 AM, Chandran Manikandan wrote: Hi Friends, I am running Centos 6.5 64 bit and Centos 6.6. 32 bit machine. Would like to know to update Clamav latest release on both machine. could anyone have experience with out any issue. -- *Thanks,* *Manikandan.C* *System Administrator* - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] logging?
Hi-
Remember that logs for some of the programs has changed in Qmailtoaster
for Centos 6 - they are not run by supervise anymore but the system.
(spamd, Clamd..)
check /var/qmail/supervise for those remaining in supervise control and
also - the format (date) has changed in the log for those run by the system.
(Eric S. and the other Qmail mailtainers are moving from supervise in
the latest Centos 7 version to let all of Qmailtoaster be handled by the
system).
Cheers,
Finn
Den 26-03-2015 kl. 18:13 skrev Fabian Santiago:
wow, ok, so i manually ran the mrtg cron job and receive this output:
2015-03-26 13:12:46: WARNING: Problem with External get
'/usr/bin/qmailmrtg C /var/log/qmail/clamd\':
Expected a Number for 'in' but got 'failed to open dir
/var/log/qmail/clamd'
2015-03-26 13:12:46: WARNING: Problem with External get
'/usr/bin/qmailmrtg C /var/log/qmail/clamd\':
Expected a Number for 'out' but nothing'
2015-03-26 13:12:46: WARNING: Problem with External get
'/usr/bin/qmailmrtg S /var/log/qmail/spamd\':
Expected a Number for 'in' but got 'failed to open dir
/var/log/qmail/spamd'
2015-03-26 13:12:46: WARNING: Problem with External get
'/usr/bin/qmailmrtg S /var/log/qmail/spamd\':
Expected a Number for 'out' but nothing'
2015-03-26 13:12:47: ERROR: Target[messages][_IN_] '\
$target-[0]{$mode} ' evaluated to 'REF(0x2d3a448)' instead of a number
2015-03-26 13:12:47: ERROR: Target[messages][_OUT_] '\
$target-[0]{$mode} ' evaluated to 'REF(0x2d27a70)' instead of a number
2015-03-26 13:12:47: ERROR: Target[queue-size][_IN_] '\
$target-[1]{$mode} ' evaluated to 'SCALAR(0x2d1a408)' instead of a number
2015-03-26 13:12:47: ERROR: Target[queue-size][_OUT_] '\
$target-[1]{$mode} ' evaluated to 'SCALAR(0x2d126e0)' instead of a number
2015-03-26 13:12:47: ERROR: Target[clamd][_IN_] '\ $target-[2]{$mode} '
evaluated to 'SCALAR(0x2d3)' instead of a number
2015-03-26 13:12:47: ERROR: Target[clamd][_OUT_] '\ $target-[2]{$mode}
' evaluated to 'SCALAR(0x2d27830)' instead of a number
2015-03-26 13:12:47: ERROR: Target[spamd][_IN_] '\ $target-[3]{$mode} '
evaluated to 'SCALAR(0x2d3b150)' instead of a number
2015-03-26 13:12:47: ERROR: Target[spamd][_OUT_] '\ $target-[3]{$mode}
' evaluated to 'SCALAR(0x2d3b180)' instead of a number
2015-03-26 13:12:47: ERROR: Target[concurrency][_IN_] '\
$target-[4]{$mode} ' evaluated to 'REF(0x2d3af70)' instead of a number
2015-03-26 13:12:47: ERROR: Target[concurrency][_OUT_] '\
$target-[4]{$mode} ' evaluated to 'SCALAR(0x2d3b0f0)' instead of a number
2015-03-26 13:12:47: ERROR: Target[messstatus][_IN_] '\
$target-[5]{$mode} ' evaluated to 'REF(0x2d3b1e0)' instead of a number
2015-03-26 13:12:47: ERROR: Target[messstatus][_OUT_] '\
$target-[5]{$mode} ' evaluated to 'SCALAR(0x2d3b228)' instead of a number
2015-03-26 13:12:47: ERROR: Target[bytes][_IN_] '\ $target-[6]{$mode} '
evaluated to 'REF(0x2d404a8)' instead of a number
2015-03-26 13:12:47: ERROR: Target[bytes][_OUT_] '\ $target-[6]{$mode}
' evaluated to 'REF(0x2d404c0)' instead of a number
2015-03-26 13:12:47: ERROR: Target[smtp][_IN_] '\ $target-[7]{$mode} '
evaluated to 'REF(0x2d406d0)' instead of a number
2015-03-26 13:12:47: ERROR: Target[smtp][_OUT_] '\ $target-[7]{$mode} '
evaluated to 'REF(0x2d406e8)' instead of a number
2015-03-26 13:12:47: ERROR: Target[smtpad][_IN_] '\ $target-[8]{$mode}
' evaluated to 'REF(0x2d408f8)' instead of a number
2015-03-26 13:12:47: ERROR: Target[smtpad][_OUT_] '\ $target-[8]{$mode}
' evaluated to 'SCALAR(0x2d40910)' instead of a number
so no good somewhere?
- Fabian S.
On Thu, Mar 26, 2015 at 12:55 PM, Fabian Santiago
fsanti...@garden-life.org mailto:fsanti...@garden-life.org wrote:
ok so now isoqlog works and displays data but still no mrtg. i
presume they aren't directly related.
On Thu, Mar 26, 2015 at 12:53 PM, Fabian Santiago
fsanti...@garden-life.org mailto:fsanti...@garden-life.org wrote:
well, i hadn't but it was listed in my cron jobs. i then
realized when i tried it manually that the domains file was
missing. so i added it. will i have to manually edit this file
each time i add a virtual domain to the server?
On Thu, Mar 26, 2015 at 12:45 PM, Eric Broch
ebr...@whitehorsetc.com mailto:ebr...@whitehorsetc.com wrote:
On 3/26/2015 10:39 AM, Fabian Santiago wrote:
Are the mrtg and isoqlogs supposed to still work? in my
default build
on centos 6.6, they do not. the isoqlog isn't even
accessible via the
browser (I can probably figure that out) and the mrtg log
is blank /
no activity.
thoughts???
--
- Sincerely,
Fabian S.
Fabian,
Did you run this command
# sh /usr/share/toaster/isoqlog/bin/cron.sh
Eric
Re: [qmailtoaster] Webmail issue
Hi Alex. I use RC and and change password is possible. I don't use other plugins but according to what I read at the RC maillist, there is plugins for many things. Cheers, Finn Den 13-03-2015 kl. 03:43 skrev Alex Kan: Dear All, I would like to use roundcube too. But is it possible for roundcube to let the user to change their password, setup auto-reply and email forward, etc? Best regards, Alex *From:*Helmut Fritz [mailto:hel...@fritz.us.com] *Sent:* Thursday, March 12, 2015 12:45 AM *To:* qmailtoaster-list@qmailtoaster.com *Subject:* RE: [qmailtoaster] Webmail issue I know it does not help resolve the issue, but you could try roundcube. Easy to set up to see if you have the same issue. sorry I cannot be of more help. Have you checked your httpd logs to see if there are any errors? *From:*Chandran Manikandan [mailto:tech2m...@gmail.com] *Sent:* Tuesday, March 10, 2015 9:50 PM *To:* qmailtoaster-list@qmailtoaster.com mailto:qmailtoaster-list@qmailtoaster.com; qmailtoaster-h...@qmailtoaster.com mailto:qmailtoaster-h...@qmailtoaster.com *Subject:* [qmailtoaster] Webmail issue Dear All, I am running Qmailtoaster with squirrelmail toaster on Centos 6.6 32 bit machine . Our users facing the webmail issue while they tried to forward or reply to the received email. When they try to send reply the body of the contents not displayed on the body section in webmail using Google chrome, IE 11 and firefox . I have try to setup default display in HTML format in options menu still the same problem facing . PHP packages below running on my system. php55w-5.5.20-1.w6.i386 php55w-pdo-5.5.20-1.w6.i386 php55w-cli-5.5.20-1.w6.i386 php55w-mysql-5.5.20-1.w6.i386 php55w-common-5.5.20-1.w6.i386 php55w-gd-5.5.20-1.w6.i386 php55w-xml-5.5.20-1.w6.i386 php55w-pear-1.9.4-7.w6.noarch Squirrelmail toaster is squirrelmail-1.4.22-0.qt.el6.i686 Could any one help me to resolve this issue. -- *Thanks,* *Manikandan.C* *System Administrator* - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] virtual SUB-domain on the VPOPAMAIL
Hi. Have You inserted the sub domain into rcpthosts and virtualdomains ? Regards, Finn Den 07-02-2015 kl. 15:18 skrev Noriyuki Hayashi: Hi, Thank you for kindly support. Let me know if you have any good idea. Virtual SUB-domain with qmail-toaster and vpopmail. Environment CentOS-5.11 64bit qmail-toaster works fine. I added virtual sub domain on the vpopmail. Real exist user works fine. but .qmail-hoge-default can't receive as alias. I am wondering some solution for this issue. below received message -- User and password not set, continuing without authentication. 192.168.1.11 does not like recipient. Remote host said: 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) smtp/current log @400054d616341b297bcc tcpserver: pid 1443 from 192.168.1.11 @400054d616341b2a6244 tcpserver: ok 1443 sub.hoge.jp:192.168.1.11:25 :192.168.1.2::57139 @400054d616341d03e8ec CHKUSER rejected rcpt: from h...@hoge.jp:: remote main.hoge.jp:unknown:192.168.1.2 rcpt f-...@sub.hoge.jp : not existing recipient @400054d616351d2b470c tcpserver: end 1443 status 0 @400054d616351d2b4af4 tcpserver: status: 0/100 Kind regards, Noriyuki Hayashi - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmailtoaster very slow
Hi Guiseppe. I will recommend an upgrade of Centos (version 6 and then latest Qmail). This I would do in another box or in a virtuel box to make sure the new Qmail is up running before shutting down the ol' one. Centos 4.6 hasn't been maintained since back in 2012 or before so there may be a risk that some libraries may have been updated and therefore a qtp-sa-update may end bad. You could try the sandbox feature in Qmailtoaster-plus if You are familiar with it (I'm not) and check if the update works - but this may also lead into difficulties if You haven't used that before (again new libraries etc..). If possible at all, then make a new install of Centos 6.x (not version 7 yet), install Qmail using the latest procedure (yum). Create a backupfile of Your mailboxes using qtp-backup from Your version and then using the backupfile and qt-restore on the new system - it should be possible. Look at the qmailtoaster-list to check out how to install latest Qmail - there are many entries describing the commands to do it (Thanks to Eric 'Shubes' and others). Hope this helps You on the way ahead. Cheers, Finn Den 06-02-2015 kl. 11:25 skrev Giuseppe Perna: Hello everyone, there is' someone who can give me some indication, or what to check? I have the httpd process and imapd that allocate a lot of resources and slow down the frighteningly server. thank you 2015-02-06 9:47 GMT+01:00 Giuseppe Perna gpe...@csait.eu: Hello Peter, thanks for your kind response. But this version so old I could bring problems if I upgrade? aggiornre to just start the command QTP-sa-update? I noticed that the processes that take up a lot of resources are qmail and httpd. please give me some info? 2015-02-06 8:06 GMT+01:00 Peter Peterse pe...@peterse-uithuizen.com: Maybe an update could give you some security fixes. Giuseppe Perna gpe...@csait.eu schreef op 5 februari 2015 20:39:38 CET: Hello , i have qmailtoaster-plus-0.2.14-1.317 vpopnmail-toaster5.4.17-1.3.4 vqadmin-toaster 2.3.4-1.3.3 ecc.. my server is a centos 4.6 i686 There are about 1000 mailboxes this server inherited, at certain times of the day is very slow, the webmail does not work and the SMTP connection is rejected with error: user does not exist on the system. maybe I could use a good anti-spam spamdyke type, but are still not sure, how do I do a bit of trabolsutting? thank all -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- Giuseppe - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] How to see the spamdyke log in centos 6.6 32 bit with new Qmailtoaster
Hi again. Also look at the lines before this entry - DENIED_OTHER is mostly because something was caught/wrong in the mail - maybe by spamassassin. / Finn Den 28-01-2015 kl. 11:34 skrev Chandran Manikandan: Hi All, I have below issue. One of our friend send email to me . but couldn't receive that email on my mailbox then i went to check the mail log it's shows below message. DENIED_OTHER from: exam...@gmail.com mailto:exam...@gmail.com to: exam...@panasiagroup.net mailto:exam...@panasiagroup.net origin_ip: 202.40.249.108 origin_rdns: r08.singnet.com.sg http://r08.singnet.com.sg auth: (unknown) encryptio n: (none) reason: 503_MAIL_first_(#5.5.1) I am able to see the qmail log only smtp,send,submission folders under the qmail folder and couldn't see the spamd folder. Could anyone help me to resolve this issue. -- *Thanks,* *Manikandan.C* *System Administrator* - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] How to see the spamdyke log in centos 6.6 32 bit with new Qmailtoaster
Hi Chandran. Have a look at the below partly inserted mail from Eric 'Shubes' dated July 2014 to explain : Services are being changed to use standard mechanisms. This will eventually make daemontools and ucspi-tcp packages unnecessary. Dovecot has replaced pop3, imap and auth services formerly run by supervise. You can do service dovecot status to check on it. Its log messages are in the /var/log/dovecot.log file. clamd now also runs as a normal service (service clamd status). Its messages are now in /var/log/maillog along with vpopmail messages which have been there all along. This is the standard mail log location for syslog. Note, spamassassin will also be updated soon to run as a normal service and use syslog, so its messages will also be in /var/log/maillog at that time. The next spamdyke will also send log messages to syslog. This will require a simple manual configuration change though, as the spamdyke configuration file is set up as config(noreplace). These changes are in preparation for using systemd in CentOS7, as well as an ELK (ElasticSearch-Logstash-Kibana) stack that will be forthcoming for QMT. END OF MAIL Hope it helps ? /Cheers Finn Den 28-01-2015 kl. 11:34 skrev Chandran Manikandan: Hi All, I have below issue. One of our friend send email to me . but couldn't receive that email on my mailbox then i went to check the mail log it's shows below message. DENIED_OTHER from: exam...@gmail.com mailto:exam...@gmail.com to: exam...@panasiagroup.net mailto:exam...@panasiagroup.net origin_ip: 202.40.249.108 origin_rdns: r08.singnet.com.sg http://r08.singnet.com.sg auth: (unknown) encryptio n: (none) reason: 503_MAIL_first_(#5.5.1) I am able to see the qmail log only smtp,send,submission folders under the qmail folder and couldn't see the spamd folder. Could anyone help me to resolve this issue. -- *Thanks,* *Manikandan.C* *System Administrator* - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] QMT on CentOS 6 64bit - cannot send webmail - vchkpw[2671] segfault
Hi Edwin. Try to increase the softlimit in the /var/qmail/supervise/submission/run file. Mine is set to 1 ! Regards, Finn (I've just struggled with same issue after an update ) Den 26-01-2015 kl. 23:01 skrev Edwin C: Brand new install of QMT on CentOS 6.6 minimal 64 bit. Running on a dedicated server under VirtualBox 4 latest 4GB memory single core i7-2600 Using the instructions of Eric Shubert at https://github.com/QMailToaster/QMailToaster/wiki/RPM-Installation-Procedure After the install I had to turn on qmailtoaster # qmailctl start And turn on dovecot # service dovecot start I then had to add my domain manually # /home/vpopmail/bin/vadddomain mydomain mypassword because vqadmin does not work in adding a domain by the web interface at /admin-toaster/ then I tried my postmaster account at squirrelmail http://mydomain/webmail I try sending an email to somewhere On squirrelmail I get: ERROR: Message not sent. Server replied: Temporary authentication failure 454 oops, problem with child and I can't auth (#4.3.0) In /var/log/messages I have: Jan 27 05:43:43 qmtcentos6 kernel: vchkpw[2671]: segfault at 0 ip 7f8843e8c656 sp 7fff73453268 error 4 in libc-2.12.so[7f8843d55000+18a000] --- Question... how to fix this so this qmail toaster can send email? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Could anyone resolve this webmail issue
Hi Manikandan. A quick search using Google gave this : http://squirrelmail.org/wiki/MailServerIMAPProblem Have a look and see if something in here can help solve Your issue. Cheers /Finn Den 20-01-2015 kl. 12:27 skrev ChandranManikandan: Error: Connection Dropped by IMAP. QUERY Logout - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Forcing authentication (submission) for all users
Hi. You list Your domains (local as well as 'foreign' domains which You do NOT want to receive mail from) in the blacklist_senders file - (emails from outside with Your domains as senders is fake). Domains uses 'SEND' to transfer mail internally. I think this may be the answer to Your question - I hope ;-) Cheers, Finn Den 18-12-2014 kl. 17:48 skrev Dan McAllister: On 12/18/2014 10:08 AM, Peter Peltonen wrote: On 12/15/2014 3:33 PM, Peter Peltonen wrote: Hi, I would like to force all users using my toaster to send mail to authenticate. I've now managed to get Squirrelmail and Horde do that. But I would like to know how to do this also with other (web)servers that use the toaster as a smarthost? The other servers are running Postfix. The solution I posted above will not only force users to authenticate, but also force them to use either submission or smtp-ssl to send messages. The point to that is you can put all your most sophisticated spam-filtering on the port 25 interface, and worry less about the other 2. Another thing I remember that has been discussed in this list, but what I couldn't find by searching the archives, was that if all users authenticate, then one could blacklist all local domains in Spamdyke? Is that advice still valid (and why should one do it, I'm curious)? I do not know of any good reason to blacklist local domains -- in fact, not only do I not know what this would accomplish, I think it would break inter-domain messages. If someone else can recall the reason or desired affect of this, I'm all ears! :) Another thing I'm thinking is about local user accounts on the toaster server. How are those handled if localhost is not allowed to relay mail? Do they inject the mail to qmail directly without using smtp? Localhost should be allowed to relay mail -- that's how your typical web interface works (the open relay is set to 127.0.0.1 in the tcp.smtp setting). Personally, I don't even allow local admins to have shell accounts, unless they are experienced Linux user/admins. The dangers are just too many. Thus, the only place most of my users have an account is in vpopmail (and that is a mailbox account). Sorry I can't be of more help... the one hole I still am not comfortable with is that, once authenticated, a user can send as anyone. I wish there was a per-user setting that would allow me to override that, but I also wish my mailserver could read my mind and block all the messages I don't want to see... I don't think I'll get that anytime soon, either! :) Dan - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Need to update clamav toaster
Hi Eric. FYI I've been running latest clamav release for the past 10 days with nada problemos - runs smoothly as always. Cheers, Finn Den 22-11-2014 kl. 03:18 skrev Eric Shubert: You guys really know how to do things the hard way. I thought you were up to date with the new way of doing things: 1) Notify EricS that there's a new version if he doesn't already know 2) EricS builds the new rpms 3) Eager users install from /testing/ repo 4) EricS promotes them test /current/ 5) All users update safely I've done step 2 now, so in an hour (giving mirrors time to sync) you'll be able to: # yum --enablerepo=qmailtoaster-testing update clamav to pick up the latest version. Isn't that easier? ;) When a few people have reported running it for a few days with no problems, I'll promote it to current. Thanks. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: suggestions on a new install _ edited my hosts-- now squirlly
Hi. Remember to restart the box. /Finn Den 14-11-2014 kl. 16:07 skrev Eric Broch: Edit /etc/selinux/config as follows: # vi /etc/selinux/config change SELINUX=enforcing to SELINUX=disabled or SELINIX=permissive On 11/14/2014 7:30 AM, Jim Shupert wrote: On 11/14/2014 8:53 AM, Eric Broch wrote: On 11/14/2014 4:00 AM, Alex Kan wrote: Dear All, After the installation completed and add domain and users, when tried to login though the SquirrelMail, the screen display ERROR Error connection to IMAP server: localhost. 111 : Connection refused. Do I missed something in the installation ? Best regards, Alex Selinux? How can one tell that hoss is off? ( fyi - also i have my iptables off - but I am behind a nating FW , alex -- do you have any other FW ?) I have simular problem / problems ... some of it has been ironed out by errant dns but some remain ... I am thinking PHP ..something I ALSO can get to my login page but upon login ( with get Error connecting to IMAP server: localhost. 111 : Connection refused *Go to the login page http://168.215.62.221/webmail/src/login.php an unHappy squirrel * any thoughts? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] SpamAssassin
Hi Dan. Are You looking for this ? initiated from cron (not usable in latest Spamassassin due to new date format - logs now in maillog) script: /usr/share/qmt/scripts/Spamdyke-Stats-Report.pl? Regards, Finn Den 20-10-2014 kl. 23:48 skrev Dan McAllister: Question: Apparently I setup a system previously (some 3-4 years ago?) and didn't install (or bypassed) spamassassin. How do I know? My sa-stats is EMPTY! I recall the client specifically telling me to keep it off, but now he wants it on -- and I cannot remember how I disabled it. My simcontrol says :clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif My /etc/mail/spamassassin folder contents look right... sa-check-spamd has a response time of .425 seconds, so appears good. Any ideas? Thanks Dan McAllister IT4SOHO - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] spamassassin-3.4.0-2.qt is available in testing repo
Hi Eric. Updated nice and easy - been running fine for 12 hours now - all is well so far. Thanx Finn Den 20-09-2014 kl. 01:58 skrev Eric Shubert: I've fixed a few problems with the upgrading of this release (hence the -2), and I think it's ready for public consumption now. With this release, the configuration files are now in /etc/spamassassin/ instead of /etc/mail/spamassassin/. I've always thought that the /etc/mail/ directory was superfluous. Once maildrop is gone, so will be that directory. I've been running this release for over a week now, and it appears to be stable. There is one patch I needed to create so that bayes updates properly when spamd uses the -x setting (which qmt does). I'm a little disappointed that they haven't made a 3.4.1 release yet, as that bug had a fix submitted for it back in February. Anyhow, now that I've done our own custom patch for it, 3.4.1 will probably be out soon. Such is life. I won't be promoting this until I hear from a few of you out there that you've installed it successfully. That's what the testing repo is for. Once I hear of a few successes, I'll promote it to current/. To update your spamassassin using the testing repo: # yum --enablerepo=qmailtoaster-testing update spamassassin will do the trick. Note, I don't intend to roll a spamassassin-toaster (legacy) package for this or any further spamassassin releases. I think I mentioned this already. Thanks. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: how to restore the email backup
Hi. it's 2 scripts that came with qmail-toaster plus as I recall it (for centos 5.x) but they may be available somewhere - try https://github.com/QMailToaster/qmailtoaster-util I have a cron job that runs qtp-backup. Whenever You want to restore or move Your qmailtoaster to a new server You 'just' install qmailtoaster software and then run qtp-restore and You're almost up running. Cheers, Finn Den 18-08-2014 kl. 12:53 skrev Chandran Manikandan: Hi Finn, Just want to check with your regard backup. Do i need to download this script and run manually or run only this command qtp-backup. Please advice. On Fri, Aug 15, 2014 at 4:10 PM, Finn Buhelt f...@kirstineslund.dk mailto:f...@kirstineslund.dk wrote: Hi Chandran Manikandan. Do as Eric wrote : If your backup is from qtp-backup, you can run qt-restore to restore it. If you only have what's in the /home/vpopmail/domains/ directory, you'll need to manually create the domain(s) and accounts. Then you can restore the domains/. This is Your answer I think vadddomain and vadduser - restore from Your backup domains/ to new created domains/ In the future I recommend using qtp-backup / qtp-restore for qmail which makes it easy to move qmail to new locations. Regards, Finn -- -Eric 'shubes' Den 15-08-2014 kl. 09:12 skrev Chandran Manikandan: Hi Eric, Thanks . I did backup manually. Could you please help me to restore the accounts and emails manually. What are the steps followed and what are the commands should need to use in new server. On Thu, Aug 14, 2014 at 12:25 AM, Eric Shubert e...@shubes.net mailto:e...@shubes.net mailto:e...@shubes.net mailto:e...@shubes.net wrote: On 08/13/2014 03:07 AM, Chandran Manikandan wrote: Hi List, My live server hard disk is problem and could not boot the operating system. But i have Email backup with whole vpopmail folder. I was running centos 5.8(Hard disk problem) with qmail + dovecot migrated from courier imap. Now i was installed new centos 6.5 64 bit server and installed qmail + dovecot and related all packages. So how to restore all my email accounts and emails into this server. Could you help me anyone. -- *Thanks,* *Manikandan.C* *System Administrator* If your backup is from qtp-backup, you can run qt-restore to restore it. If you only have what's in the /home/vpopmail/domains/ directory, you'll need to manually create the domain(s) and accounts. Then you can restore the domains/. -- -Eric 'shubes' --__--__- To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@__qmailtoaster.com http://qmailtoaster.com mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-help@__qmailtoaster.com http://qmailtoaster.com mailto:qmailtoaster-list-h...@qmailtoaster.com mailto:qmailtoaster-list-h...@qmailtoaster.com -- *Thanks,* *Manikandan.C* *System Administrator* - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com mailto:qmailtoaster-list-h...@qmailtoaster.com -- *Thanks,* *Manikandan.C* *System Administrator* - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: how to restore the email backup
Hi Chandran Manikandan. Do as Eric wrote : If your backup is from qtp-backup, you can run qt-restore to restore it. If you only have what's in the /home/vpopmail/domains/ directory, you'll need to manually create the domain(s) and accounts. Then you can restore the domains/. This is Your answer I think vadddomain and vadduser - restore from Your backup domains/ to new created domains/ In the future I recommend using qtp-backup / qtp-restore for qmail which makes it easy to move qmail to new locations. Regards, Finn -- -Eric 'shubes' Den 15-08-2014 kl. 09:12 skrev Chandran Manikandan: Hi Eric, Thanks . I did backup manually. Could you please help me to restore the accounts and emails manually. What are the steps followed and what are the commands should need to use in new server. On Thu, Aug 14, 2014 at 12:25 AM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: On 08/13/2014 03:07 AM, Chandran Manikandan wrote: Hi List, My live server hard disk is problem and could not boot the operating system. But i have Email backup with whole vpopmail folder. I was running centos 5.8(Hard disk problem) with qmail + dovecot migrated from courier imap. Now i was installed new centos 6.5 64 bit server and installed qmail + dovecot and related all packages. So how to restore all my email accounts and emails into this server. Could you help me anyone. -- *Thanks,* *Manikandan.C* *System Administrator* If your backup is from qtp-backup, you can run qt-restore to restore it. If you only have what's in the /home/vpopmail/domains/ directory, you'll need to manually create the domain(s) and accounts. Then you can restore the domains/. -- -Eric 'shubes' --__--__- To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@__qmailtoaster.com mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-help@__qmailtoaster.com mailto:qmailtoaster-list-h...@qmailtoaster.com -- *Thanks,* *Manikandan.C* *System Administrator* - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Fail2Ban
Hi Dan. It's always a good idea to test the filters I have learned - due to differences in log entries - it is easy to check if Your filter will catch what You want. fail2ban-regex /path_to_log/logfile /path_to_filter/filter.conf Example: fail2ban-regex /var/log/maillog /etc/fail2ban/filter.d/vpopmail.conf will give You a overview of what happens when fail2ban runs the vpopmail.conf filter / Finn Den 07-08-2014 kl. 00:09 skrev Dan McAllister: I am curious -- has anyone looked into a fail2ban implementation for QMT One of my larger mail servers is being attacked (from China, currently, but when it started in Malaysia and I blocked all malaysian IPs, they just moved to another IP) with essentially a brute-force password guessing attack on users in one of the domains. They are using the SUBMISSION port to attempt logins, but I'd like to be able to ban SUBMISSION as well as IMAP/POP access (independently, or together) based on failed login attempts. (Ideally, same IP fail to login on any of those ports more than 5 times in a 5 minute period, and I'd like to simply tar-pit the entire IP address for 24 hours or so!) I'm (as amazing as it sounds) not all that familiar with fail2ban, but I've considered it several times and just never had the time to investigate. Assistance and experiences equally desired! :) Dan McAllister QMT DNS/Mirror Admin - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Fail2Ban
Hi Dan. I'm having same attempts - these days it escalates. They get a 'tcpserver: end 28341 status 256' in the submission log because of vpopmail refusal (I think) so I catch them in the maillog file. (Now I come to think of it one should catch all status 256's and ban them !) I using Fail2ban version 0.8.11 - the latest is 0.9.1 as I recall, but there has been some changes to the settings so I'm still planning to do some testing. Fail2ban is pretty straight forward to install - there is a lot of filters and actions implemented - making Your own filters is doable if You know regex (python based). (I'm also using fail2ban to 'protect' my webservers against attempts of different kinds) - it's not foolproof and the only safety precausion ofcourse but it blocks these irritating ressource demanding intrusion attempts effectively - when they change IP to another country - in my case - 3 strikes and You're out 172800 sec's in my setup no matter the IP address. I'm not an expert but let me know if You have questions and I will answer if I can. This is my entry in jail.conf for this specifically [vpopmail] enabled = true filter = vpopmail action = iptables-allports[name=vpopmail, protocol=tcp] sendmail-whois[name=vpopmail, lines=1, dest=x...@yy.com] logpath = /var/log/maillog maxretry = 3 findtime = 3600 bantime = 172800 This is my filter in filter.d/vpopmail.conf [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. # Values: TEXT # failregex = vchkpw-smtp: vpopmail user not found .*:HOST$ vchkpw-submission: vpopmail user not found .*:HOST$ vchkpw-pop3: vpopmail user not found .*:HOST$ # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex = This is one of the catches ;-) The IP 218.76.158.162 has just been banned by Fail2Ban after 3 attempts against vpopmail. Here are more information about 218.76.158.162: [Querying whois.apnic.net] [whois.apnic.net] % [whois.apnic.net] % Whois data copyright termshttp://www.apnic.net/db/dbcopyright.html % Information related to '218.76.144.0 - 218.76.159.255' inetnum:218.76.144.0 - 218.76.159.255 netname:CHINANET-HN-CZ country:CN descr: CHINANET-HN Chenzhou node network descr: hunan Telecom admin-c:CHC16-AP tech-c: CH636-AP status: ALLOCATED NON-PORTABLE changed:ipaddr...@hntelecom.net.cn 20050914 mnt-by: MAINT-CHINANET-HN mnt-lower: MAINT-CHINANET-HN-CZ source: APNIC role: CHINANET HUNAN address:No.1 TuanJie road,ChangSha,Hunan 410005 country:CN phone: +86 731 4792092 fax-no: +86 731 4792007 e-mail: abuse@2118.com.cn remarks:send spam reports to abuse@2118.com.cn remarks:and abuse reports to abuse@2118.com.cn remarks:Please include detailed information and remarks:times in UTC admin-c:CH632-AP tech-c: CS499-AP nic-hdl:CH636-AP mnt-by: MAINT-CHINANET-HN changed:ipaddr...@hntelecom.net.cn 20050816 changed:hm-chan...@apnic.net 2014 source: APNIC role: CHINANET HuNan Chenzhou address:No.10 Renming East road,Chenzhou Hunan 423000 country:CN phone: +86 735 2962319 fax-no: +86 735 2262119 e-mail: abuse...@2118.com.cn remarks:send spam reports to spam...@2118.com.cn remarks:and abuse reports to abuse...@2118.com.cn remarks:Please include detailed information and remarks:times in UTC admin-c:CZ347-AP tech-c: CZ347-AP nic-hdl:CHC16-AP notify: ipaddr...@hntelecom.net.cn mnt-by: MAINT-CHINANET-HN-CZ changed:ipaddr...@hntelecom.net.cn 20050818 source: APNIC changed:hm-chan...@apnic.net 2014 % This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3) Regards, Fail2Ban Cheers, Finn Den 07-08-2014 kl. 00:09 skrev Dan McAllister: I am curious -- has anyone looked into a fail2ban implementation for QMT One of my larger mail servers is being attacked (from China, currently, but when it started in Malaysia and I blocked all malaysian IPs, they just moved to another IP) with essentially a brute-force password guessing attack on users in one of the domains. They are using the SUBMISSION port to attempt logins, but I'd like to be able to ban SUBMISSION as well as IMAP/POP access (independently, or together) based on failed login attempts. (Ideally, same IP fail to login on any of those ports more than 5 times in a 5 minute period, and I'd like to simply tar-pit the entire IP address for 24 hours or so!) I'm (as amazing as it sounds) not all that familiar with fail2ban, but I've considered it several times and just never had the time to investigate. Assistance and
Re: [qmailtoaster] spamassassin, spamdyke updates available
Hi Eric. Just updated my QMT with the latest yum package - smooth and perfect! thanx /Finn BTW: wasn't daemontools the choice for qmail back then, in order to have automatic restarts if a process/daemon fell out ? Den 26-07-2014 kl. 18:23 skrev Eric Shubert: For yum packages only (not *-toaster legacy), these packages now log to the common syslog server, which puts them in /var/log/maillog with other mail related messages. Also, spamd now runs as a sys-v init service, like most other services. You can do service spamd status to check its status. At this point, the only remaining services that use supervise are as follows: # qmailctl stat send: up (pid 25554) 1035 seconds smtp: up (pid 2) 1035 seconds submission: up (pid 15588) 1542339 seconds send/log: up (pid 15590) 1542339 seconds smtp/log: up (pid 15594) 1542339 seconds submission/log: up (pid 15591) 1542339 seconds These are all part of the qmail package, which will also be converted, probably in its next release, either in part or in whole. I don't have a timeline on that quite yet. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Numerous copies of emails
Hi List (Eric). Have any of You any idea why I sometimes is getting numerous copies of some of the emails from the qmailtoaster-list ? Looking in my logfiles I don't see any specific issue other than normal entries though the from content in the CHKUSER log entry is different CHKUSER accepted rcpt: from qmailtoaster-list-return-16827-finn CHKUSER accepted rcpt: from qmailtoaster-list-return-16825-finn - it is as if the mails get submitted x times to me (can be 1 to 6 times) - today it started when I received the reply to Firewall by Me - up until then only one copy of each mail - and it is only happening when getting mails from qmailtoaster-list. Only change I can recall, I have updated clamd to the latest I'm runnig COS 6.5 and the latest and greatest QMT. Cheers, Finn - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Spamdyke-stats
Hi Eric.
Sure - inserted below
FYI
- I am receiving 3 copies of You're e-mail - escapading are we ?? ;-)
Cheers
Finn
spamdyke-stats
#!/usr/bin/perl -w
# This code was written by Felix Buenemann.
#
# It was posted to the spamdyke-users mailing list on Nov 4 2008.
#
# It has been modified by Brent Gardner:
# - removed commented-out code
# - fixed some indenting 'cause I have OCD :P
# - fixed a bug that prevented processing of Spamdyke info in Qmail logs
#
my $build = 2010022601;
use diagnostics;
use strict;
use Getopt::Long;
my $tldtop = 0;
my $detailed = 1;
my $syslog = 1;
GetOptions (
tld=i = \$tldtop,
detail! = \$detailed
) or exit 1;
# Usage: # cat /var/log/qmail/smtpd/current | ./this_file
my %status = ();# hash of status connections
my %origin = ();# hash of tld per status code
my %originsum = (); # hash of tld per status code sums
my %rblstat = (); # hash of DNSBL lists matched
my %rhsblstat = (); # hash of RHSBL lists matched
my %rdnsblstat = ();# hash of patterns in IP_IN_RDNS_BLACKLIST matched
my ($allow, $deny, $timeout, $error, $allowpercentage, $timeoutpercentage,
$errorpercentage, $spampercentage, $sum, $rblsum, $rhsblsum, $rdnsblsum);
sub percentage {
my $num = pop;
my $sum = pop;
return 0.00% unless $sum;
$num = $num/$sum*100.0;
return sprintf(%3d.%02d%%, $num, ($num - int($num))*100);
}
#print spamdyke-stats build $build\n\n;
while(){
if( substr($_,0,1) eq '@' ) {
# this gets rid of the leading 25-char timestamp and a space
#
$_ = substr $_,26;
# BG: this gets rid of all lines that don't start with
spamdyke[pid]:
#
next unless ( m/(^spamdyke\[[0-9]+\]: )(.*)/i );
# BG: this in conjunction with the previous line gets
rid of the leading spamdyke[pid]:
#
$_ = $2;
} else {
my ($hostname,$id,$line) = split / /, substr($_,16), 3;
next unless substr($id,0,9) eq 'spamdyke[';
$_ = $line;
}
if( m/^(ALLOWED|ERROR|TIMEOUT|((DENIED|FILTER)_[^ ]+))/ ) {
my $line = substr $_,length $1;
$_ = $1;
if( $detailed ) {
if( m/FILTER_RBL_MATCH/ ){
$line =~ m/rbl: (\S+)/;
$rblstat{$1}++;
$rblsum++;
}
elsif( m/FILTER_RHSBL_MATCH/ ){
$line =~ m/rhsbl: (\S+)/;
$rhsblstat{$1}++;
$rhsblsum++;
}
elsif( m/FILTER_IP_IN_RDNS_BLACKLIST/ ){
$line =~ m/keyword: (\S+)/;
$rdnsblstat{$1}++;
$rdnsblsum++;
}
}
next if m/^FILTER_/;
$status{$_}++;
if($tldtop and $line =~ m/ origin_rdns: ([^ ]+)/) {
my $rdns = $1;
$originsum{$_}++;
if($rdns =~ m/^\(unknown\)$/){
next;
} elsif($rdns =~ m/\.(com|net)$/){
$origin{$_}{$1}++;
} elsif($rdns =~
m/\.([a-z]{2,2}\.[a-z]{2,2})$/){ # co.uk
$origin{$_}{$1}++;
} elsif($rdns =~ m/\.([a-z]{2,})$/){ # de, ru, ...
$origin{$_}{$1}++
} else {
next;
}
}
}
}
$allow = 0;
$deny = 0;
$error = 0;
$timeout = 0;
foreach my $stat (sort keys %status){
if( $stat =~ m/ALLOWED/ ){
$allow = $status{$stat};
}
elsif( $stat =~ m/TIMEOUT/ ){
$timeout += $status{$stat};
}
elsif( $stat =~ m/ERROR/ ){
$error += $status{$stat};
}
else{
$deny += $status{$stat};
}
}
$sum = ($deny + $error + $timeout + $allow);
foreach my $key (sort { $status{$b} = $status{$a} || $a cmp $b; } keys
%status){
printf %8d %s $key\n, $status{$key}, percentage($sum,
$status{$key});
if(length %rblstat and $key eq DENIED_RBL_MATCH ){
print --- Breakdown ---\n;
foreach my $key (sort { $rblstat{$b} = $rblstat{$a} ||
$a cmp $b; } keys %rblstat){
printf %8d %s $key\n, $rblstat{$key},
percentage($rblsum,$rblstat{$key});
}
print -\n;
}
elsif(length %rhsblstat and $key eq DENIED_RHSBL_MATCH ){
[qmailtoaster] Spamdyke-stats
Hi Eric. Am I correct that Spamdyke-stats-report.pl needs to be altered to read the mighty maillog log file now in order to compile other than 0's in the report ? ;-) Cheers Finn - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Spamdyke-stats
= substr($Line,0,25);
# if the date in the timestamp is yesterday then it is copied to
# the temp file.
#
if ( tai2strftime($TimeStamp,%Y/%m/%d) eq $Yesterday ) {
print TempFileRaw $Line;
}
}
}
close SMTPLog;
}
Cheers,
Finn
Den 12-07-2014 18:34, Eric Shubert skrev:
On 07/12/2014 02:32 AM, Finn Buhelt wrote:
Hi Eric.
Am I correct that Spamdyke-stats-report.pl needs to be altered to read
the mighty maillog log file now in order to compile other than 0's in
the report ? ;-)
Cheers
Finn
-
I expect that you are. :)
I don't appear to have a copy of that script anywhere. Can you post your
copy (duly modified would be nice)? I'll then include it in the
qmailtoaster-util package.
I didnt' mean to ignore your post about F2B and logging, but I'll reply
here.
I expect you're correct that F2B configurations will also need to be
modified as well when logging changes are made. This will need to be
done by individual F2B users, as there's not yet a stock F2B package for
QMT. I'd like to include a F2B package with QMT at some point, but I
want to get logging changes done first, so logging is stable when F2B is
implemented.
My understanding of F2B at this point (I haven't used it yet) is that it
scans the pertinent log files. I think it'd be better implemented as a
service if that's possible, with a copy of whatever log messages are
pertinent being fed to it real-time. Perhaps that's the way it's done, I
don't know. In any case, I think it can be efficiently integrated into
the syslog process once that's established, and I hope to do so at some
point. F2B will be a nice 'stock' addition to QMT.
Thanks.
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] spamdyke logging switch
Hi Eric. Maybe You should put in a litle remark that users who uses fail2ban (like me ;-)) may have to make some changes to their jail.conf file, due to the changes of logging ? Cheers and thanks for all Your work to make QMT what it is. Finn Den 10-07-2014 00:22, Eric Shubert skrev: In the next release of spamdyke, the configuration will be such that log messages will go to syslog (/var/log/maillog). The release for this change is in the testing repo, but it requires a manual change to the spamdyke.conf file even with an updated package. So in preparation for this, you can make this change whenever you like. Updating the packing from the repo isn't necessary at this time. Simply remove (or comment out) the log-target=stderr line in the spamdyke.conf file. The default setting is syslog, which will become effective immediately. You don't need to restart anything when changes are made to spamdyke's configuration. I've found that having all the mail messages together in a single log file is really quite nice. This change is in preparation for implementing the ELK stack for log analysis, which might be available as soon as early next year. In the meantime, QMT services are being migrated to using syslog (stock) instead of multilog (daemontools). Note, this does not apply to legacy (*-toaster) hosts (there is no spamdyke-toaster package). Thanks. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] spamdyke logging switch
Hi Eric. Maybe You should put in a litle remark that users who uses fail2ban (like me ;-)) may have to make some changes to their jail.conf file, due to the changes of logging ? Cheers and thanks for all Your work to make QMT what it is. Finn Den 10-07-2014 00:22, Eric Shubert skrev: In the next release of spamdyke, the configuration will be such that log messages will go to syslog (/var/log/maillog). The release for this change is in the testing repo, but it requires a manual change to the spamdyke.conf file even with an updated package. So in preparation for this, you can make this change whenever you like. Updating the packing from the repo isn't necessary at this time. Simply remove (or comment out) the log-target=stderr line in the spamdyke.conf file. The default setting is syslog, which will become effective immediately. You don't need to restart anything when changes are made to spamdyke's configuration. I've found that having all the mail messages together in a single log file is really quite nice. This change is in preparation for implementing the ELK stack for log analysis, which might be available as soon as early next year. In the meantime, QMT services are being migrated to using syslog (stock) instead of multilog (daemontools). Note, this does not apply to legacy (*-toaster) hosts (there is no spamdyke-toaster package). Thanks. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] spamdyke logging switch
Hi Eric. Maybe You should put in a litle remark that users who uses fail2ban (like me ;-)) may have to make some changes to their jail.conf file, due to the changes of logging ? Cheers and thanks for all Your work to make QMT what it is. Finn Den 10-07-2014 00:22, Eric Shubert skrev: In the next release of spamdyke, the configuration will be such that log messages will go to syslog (/var/log/maillog). The release for this change is in the testing repo, but it requires a manual change to the spamdyke.conf file even with an updated package. So in preparation for this, you can make this change whenever you like. Updating the packing from the repo isn't necessary at this time. Simply remove (or comment out) the log-target=stderr line in the spamdyke.conf file. The default setting is syslog, which will become effective immediately. You don't need to restart anything when changes are made to spamdyke's configuration. I've found that having all the mail messages together in a single log file is really quite nice. This change is in preparation for implementing the ELK stack for log analysis, which might be available as soon as early next year. In the meantime, QMT services are being migrated to using syslog (stock) instead of multilog (daemontools). Note, this does not apply to legacy (*-toaster) hosts (there is no spamdyke-toaster package). Thanks. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Why am I getting 4 of everyones emails?
Hi Tony. The reason why I managed to submit more than one copy is that the mail to the qmaillist got stuck in the 'remote-queue' this happended after I updated clamav (cos6) - well firsthand it was rejected with a 'qq soft reject' which was entirely my own fault, but after fixing that detail i submitted my email to the list but did not receive it through the list so i did some digging and found it was stuck in the 'remote queue' so I checked user rights, cleaning up the queue,. submitting the mail again. Later I saw that e-mails received in the list was very much delayed before hitting my inbox so maybe Eric knows what is/was going on. (I also receives 3 - 4 of Your emails) Cheers, Finn Den 10-07-2014 13:55, Tony White skrev: Strange this... I got 4 of mine and Hasan and Finns but not of Dave nor Erics. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] supervise: fatal: unable to start log/run: file does not exist
Hi Diana. Sounds like an error I have seen a couple of times in my QMT running in KVM : a run files is missing (/var/qmail/supervise/'smtp|clamd|spamd|send|submission' /run - and /var/qmail/supervise/ 'smtp|clamd|spamd|send|submission' /log/run ) Check to make sure the run files are present This is my /var/qmail/supervise/spamd/log/run file #!/bin/sh LOGSIZE=`cat /var/qmail/control/logsize` LOGCOUNT=`cat /var/qmail/control/logcount` exec /usr/bin/setuidgid qmaill /usr/bin/multilog t s$LOGSIZE n$LOGCOUNT /var/log/qmail/spamd Hope it helps Regards, Finn Den 30-06-2014 17:59, Diana Calder skrev: I'm running Qmailtoaster utilities on CentOS6 VM on a XenServer. Data is stored on NFS. Over the weekend, the VM went into Read-Only file system due to a lag in communication. I had to manually run FSCK (there were errors and I told it to fix them) and reboot after restoring it to Read-Write mode. After doing so, I had errors from supervise. I managed to find information in the archives to let me fix the clamd/run error but the other one still persists and I have no idea what else I can do to fix it. I get a continuous stream of supervise: fatal: unable to start log/run: file does not exist. Running qmailctl stat results in the following: clamd: up (pid 12127) 6 seconds log: up (pid 12138) 1 seconds send: up (pid 8239) 1037 seconds smtp: up (pid 8245) 1037 seconds spamd: up (pid 11877) 96 seconds submission: up (pid 8244) 1037 seconds clamd/log: up (pid 8240) 1037 seconds send/log: up (pid 8277) 1032 seconds smtp/log: up (pid 8246) 1037 seconds spamd/log: up (pid 12139) 1 seconds submission/log: up (pid 8273) 1032 seconds Mail appears to be working okay inbound and outbound but the stream of error messages continues. I'm stumped. I really don't want to have to backup the database, rollback to an old snapshot, and restore the database but I might have to. I've tried starting up a copy of an old snapshot on another VM to check for differences but can't find anything obvious. Suggestions? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] /tmp/clamd.socket is in use by another process was Re: supervise: fatal: unable to start log/run: file does not exist
Hi Diana. I've also had this thing happening to my system - check if You have clamd starting in the init.d directory - my issue was that I happended to get clamd installed by another repo file which put the clamd startup script under /etc/init.d (and linked to which ever rcX.d You are using - so check that out (clamd will be handled by QMT /var/qmail/supervise...) Hope this can be helpfull? Cheers Finn Den 30-06-2014 22:42, Diana Calder skrev: Monday, June 30, 2014, 3:05:30 PM, Eric wrote: Unfortunately, the error message doesn't appear to say which log file it's having a problem with. I'm going to guess it's clamav, since that's being moved. I probably need to have the clamav package remove some leftover stuff. First, verify that clamav is logging to /var/log/maillog. If it's not, then I wonder which clamav package you have installed. It was installed by the qmailtoaster install script when the one for COS6 was still running from the testing repos. It is logging to /var/log/maillog. This should fix you up: # cd /var/qmail/supervise/clamd # mv log log.old Done. But... I'm guessing that'll take care of things. Nope, no such luck. Same error. However, once I removed log.old it cleared up the error when I did a qmailctl start - so, that's one problem solved. Unfortunately, now it's throwing an error: ERROR: LOCAL: Socket file /tmp/clamd.socket is in use by another process. Closing the main socket. Tried rebooting the VM and I spotted this in the bootup messages: Starting qmail-toaster: svscan. Starting sshd: [ OK ] Starting xinetd: [ OK ] Starting ntpd: [ OK ] Starting Clam AntiVirus Daemon: ERROR: LOCAL: Socket file /tmp/clamd.socket is in use by another process. Closing the main socket. [ OK ] Starting freshclam: [ OK ] Starting mysqld: [ OK ] Starting Dovecot Imap: [ OK ] Starting vusaged: started Starting httpd: [ OK ] Starting crond: [ OK ] Renamed /tmp/clamd.socket and started qmailctl - looked okay. Rebooted to check and the socket file in use error is back. So, is clamd trying to start twice? Once via svscan and once on its own? I did run a yum update when I first saw the errors, on the offchance that it would fix the problem - maybe something odd happened there? More testing... [root@qmail ~]# /etc/init.d/clamd stop ERROR: LOCAL: Socket file /tmp/clamd.socket is in use by another process. Closing the main socket. ERROR: LOCAL: Socket file /tmp/clamd.socket is in use by another process. Closing the main socket. [root@qmail ~]# /etc/init.d/clamd stop Stopping Clam AntiVirus Daemon: [ OK ] [root@qmail ~]# qmailctl stop Stopping qmail-toaster: svscan qmail logging. [root@qmail ~]# qmailctl start Starting qmail-toaster: svscan. [root@qmail ~]# ERROR: LOCAL: Socket file /tmp/clamd.socket is in use by another process. Closing the main socket. ERROR: LOCAL: Socket file /tmp/clamd.socket is in use by another process. Closing the main socket. qmailctl stop Stopping qmail-toaster: svscan qmail logging. [root@qmail ~]# /etc/init.d/clamd stop Stopping Clam AntiVirus Daemon: [ OK ] [root@qmail ~]# qmailctl start Starting qmail-toaster: svscan. [root@qmail ~]# ERROR: LOCAL: Socket file /tmp/clamd.socket is in use by another process. Closing the main socket. qmailctl stat clamd: up (pid 2678) 8 seconds send: up (pid 2562) 82 seconds smtp: up (pid 2569) 82 seconds spamd: up (pid 2571) 82 seconds submission: up (pid 2566) 82 seconds send/log: up (pid 2568) 82 seconds smtp/log: up (pid 2570) 82 seconds submission/log: up (pid 2567) 82 seconds So, clamd keeps starting and stopping and restarting. *sigh* Now what? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Just making sure You're out there.....
Not received anything from the list since June 1 - so this is just a - 'hello world' to make sure I am still on the list :-) (I know QMT is running smoothly thanks to many of You but there was a RC and nginx survey and then everything went quiet) Cheers Finn - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Roundcube Survey
Hi Eric. I am using Nginx for Roundcube and my webservers i generel - and also using nginx as proxy for apache (NAS). On my mailserver I am still using apache for qmailadmin. Cheers, Finn Den 28-05-2014 04:28, Eric Shubert skrev: For those using Roundcube, please be so gracious as to answer a couple questions. Do you use it with nginx? (I expect mostly no answers) If not, have you used nginx for anything else? Thank you for your participation. I'm contemplating adding Roundcube to the 'stock' QMT. It's been long overdue. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Character encoding issue with Squirrelmail + HTML messages
Moi Peter. Don't You think it You'd be better of asking the squirrelmail list these questions ? Cheers, Finn Den 14-04-2014 22:52, Peter Peltonen skrev: When a user receives an HTML multipart message (for example from outlook.com), I have noticed the following: * the non-HTML version of the message is displayed by default in Squirrelmail, and in this version umlauts are displayed incorrectly (as question marks) * if one opens the HTML attachment version of the message in Squirrelmail, the umlauts are displayed correctly * If one replies to the message, the quoted part is from the non-HTML message and therefore contains question marks instead of umlauts * If I view this message in Thunderbird instead, the HTML version is shown as default and when replying to the message umlauts show ok, but when I view the non-HTML version of the message also TB shows the characters as question marks Is anyone else experiencing these issues and do you have any suggestions how to fix at least the encoding issue when replying to a multipart message in Squirrelmail? Here is what the message source looks like in TB: Content-Type: multipart/alternative; boundary=_000_900f17668f4c4cbe93698f67c9e17a5bDB3PR05MB380eurprd05pro_ MIME-Version: 1.0 --_000_900f17668f4c4cbe93698f67c9e17a5bDB3PR05MB380eurprd05pro_ Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable koitin laittaa uudistin-meilin nyt k??ntym??n my?s siulle. Ilmoitteletko, t= oimiiko k??nt? =3D tuliko t?m? siulle perille. Regards, Peter - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: heartbleed bug
Hi. Just receved this very usefull information regarding the Heartbleed bug from the nginx maillist : http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed Regards, Finn Den 10-04-2014 23:10, Dave M skrev: Hell yes -Original Message- From: Eric Shubert Sent: Thursday, April 10, 2014 12:52 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: heartbleed bug Just a reminder, that COS5 hosts aren't susceptible to this bug. It was introduced in a version of openssl which is later than what COS5 uses. Are you now glad that you haven't yet upgraded? ;) - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] heartbleed bug
Hi list Will this affects QMT ? ( latest release uses openssl-1.01 which is hit) New security holes are always showing up. The latest one, the so-called http://heartbleed.com/Heartbleed Bug http://heartbleed.com/ in the OpenSSL https://www.openssl.org/ cryptographic library, is an especially bad one - taken from zdnet.com Regards, Finn
Re: [qmailtoaster] Re: fail2ban - now more than ever
Hi Eric. FYI - latest fail2ban release 0.9 is slightly different from the previous releases - the way it is setup has changed. Regards, Finn Den 03-04-2014 19:03, Eric Shubert skrev: On 04/03/2014 08:18 AM, Angus McIntyre wrote: If you haven't implemented fail2ban on your qmail toasters, think seriously about doing so. There are at least two botnet-based password-guessing campaigns currently ongoing. One is trying SMTP authentication against role accounts (e.g. 'admin@', 'info@') at known domains. It was this one that prompted initial recent discussion of fail2ban on this list. The other, which I think just started today, is trying to do POP3 authentication, using email addresses taken from mailing lists used by spammers. Because these lists are mostly nonsense, this will result in hundreds or thousands of attempts to authenticate against non-existent users, but I suppose they might eventually start hitting some existing addresses. Because of the stupidity of these attempts, I would think that they're very unlikely to succeed at most hosts. However, if left to run unchecked they will probably start to soak up noticeable amounts of resources. The spammers appear to be deploying increasingly large botnets, and each host will keep trying until banned. The instructions at: http://wiki.qmailtoaster.com/index.php/Fail2Ban for setting up fail2ban seem pretty good. This has been a public service announcement. Angus Indeed. :) I hope to incorporate f2b in the stock QMT at some point, probably sooner than later. The qt-firewall script needs a little work, and I may tackle them both together. The only drawback to doing f2b sooner is that logging is also going to change soon in a major way, so f2b will need to be tweaked a bit at that time. There probably won't be much to it. We'll see. Thanks Angus, and those who worked on the wiki page. It's very helpful. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: fail2ban - now more than ever
Haven't had the time to test it yet - but it is changed that much I think You'd better wait for rel. 0.9.x before including in stock QMT;-) (I know that may very well be the target keeping in mind all the other things You're tied up with. Cheers Finn Den 03-04-2014 19:39, Eric Shubert skrev: Thanks for the heads up, Finn. 0.8.7.1 appears to be the latest version for COS6 in epel repo. I'd be inclined to stick with that for the time being, or at least wait for 0.9.1. ;) Anything new that's cool in 0.9? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Help, I'm an open relay!!
Hi Kelly. Are You using the password plugin in Roundcube that allows users to change password ? Regards, Finn Den 03-04-2014 18:47, Kelly Cobean skrev: Ok, I'm gonna ask a real dumb question. When I ran squirrel mail and the old QmailRocks distro (yep, LONG time ago), I had a squirrelmail plugin to allow people to change passwords via the squirrel. Now I'm running QTP and Roundcube. I still have squirrelmail running, bu the password change results in a connection refused error. How the heck do users change their passwords in QTP? Do I have to do it for them using qmailadmin? Thanks. Kelly On 04/03/2014 11:42, Sebastian Grewe wrote: Have you checked for hijacked accounts? Looks like all mails are sent from a single account and IP. Most likely a guessed/leaked password. Cheers, Sebastian On 03.04.2014, at 14:30, Kelly Cobean kcob...@vipercrazy.com mailto:kcob...@vipercrazy.com wrote: I don't understand what's going on here, but somehow all of a sudden I am on the spamcop RBL. If I tail /var/log/qmail/smtp/current, I'm seeing a TON of emails getting relayed that are all .ru hosts and addresses. I've run every open relay test I could find and all of them say I'm good to go, but spamdyke says I'm accepting over 75000 emails a day and they're not hitting any of my inboxes. Can y'all help me diagnose and solve this? Here's a snippet of the current file: @4000533d52101655376c CHKUSER relaying rcpt: from fe...@782782.ru:kcob...@vipercrazy.com http://vipercrazy.com: remote 91.235.7.37:unknown:91.235.7.37 rcpt 1dawmydgeaa...@prosoft-m.ru mailto:1dawmydgeaa...@prosoft-m.ru : client allowed to relay @4000533d521016554324 policy_check: local kcob...@vipercrazy.com mailto:kcob...@vipercrazy.com - remote 1dawmydgeaa...@prosoft-m.ru mailto:1dawmydgeaa...@prosoft-m.ru (AUTHENTICATED SENDER) @4000533d52101655470c policy_check: policy allows transmission @4000533d52101703edfc CHKUSER accepted sender: from i...@3vlodke.ru:bi...@vipercrazy.com mailto:e...@vipercrazy.com: remote 91.235.7.37:unknown:91.235.7.37 rcpt : sender accepted @4000533d521108b8a88c CHKUSER relaying rcpt: from i...@3vlodke.ru:bi...@vipercrazy.com mailto:e...@vipercrazy.com: remote 91.235.7.37:unknown:91.235.7.37 rcpt inf...@dvugadn.kht.ru mailto:inf...@dvugadn.kht.ru : client allowed to relay @4000533d521108b8b444 policy_check: local bi...@vipercrazy.com mailto:bi...@vipercrazy.com - remote inf...@dvugadn.kht.ru mailto:inf...@dvugadn.kht.ru (AUTHENTICATED SENDER) @4000533d521108b8b444 policy_check: policy allows transmission @4000533d52112c20499c simscan:[13710]:RELAYCLIENT:1.1458s:-:91.235.7.37:fe...@782782.ru mailto:fe...@782782.ru:1dawmydgeaa...@prosoft-m.ru mailto:1dawmydgeaa...@prosoft-m.ru @4000533d52112cba283c spamdyke[13709]: ALLOWED from: fe...@782782.ru mailto:fe...@782782.ru to: 1dawmydgeaa...@prosoft-m.ru mailto:1dawmydgeaa...@prosoft-m.ru origin_ip: 91.235.7.37 origin_rdns: (unknown) auth: kcob...@vipercrazy.com mailto:kcob...@vipercrazy.com encryption: (none) reason: 250_ok_1396527623_qp_13732 @4000533d521139ada1f4 tcpserver: end 13709 status 0 @4000533d521139ada5dc tcpserver: status: 1/100 @4000533d5212129d193c simscan:[13718]:RELAYCLIENT:0.9592s:-:91.235.7.37:i...@3vlodke.ru:inf...@dvugadn.kht.ru http://dvugadn.kht.ru @4000533d52121316601c spamdyke[13717]: ALLOWED from: i...@3vlodke.ru mailto:i...@3vlodke.ru to: inf...@dvugadn.kht.ru mailto:inf...@dvugadn.kht.ru origin_ip: 91.235.7.37 origin_rdns: (unknown) auth: bi...@vipercrazy.com mailto:bi...@vipercrazy.com encryption: (none) reason: 250_ok_1396527624_qp_13752 @4000533d52121a62824c tcpserver: status: 2/100 @4000533d52121a628634 tcpserver: pid 13764 from 91.235.7.37 @4000533d52121a628634 tcpserver: ok 13764 www.novagunrunners.com http://www.novagunrunners.com:66.151.32.133:25 :91.235.7.37::64980 @4000533d5212201bdb34 tcpserver: end 13717 status 0 @4000533d5212201bdf1c tcpserver: status: 1/100 @4000533d521302016b8c tcpserver: status: 2/100 @4000533d521302017744 tcpserver: pid 13766 from 91.235.7.37 @4000533d521302017744 tcpserver: ok 13766 www.novagunrunners.com http://www.novagunrunners.com:66.151.32.133:25 :91.235.7.37::64990 @4000533d52132c0ba474 CHKUSER accepted sender: from pa...@143904.ru:kcob...@vipercrazy.com http://vipercrazy.com: remote 91.235.7.37:unknown:91.235.7.37 rcpt : sender accepted @4000533d52133ae2b6f4 CHKUSER relaying rcpt: from pa...@143904.ru:kcob...@vipercrazy.com http://vipercrazy.com: remote 91.235.7.37:unknown:91.235.7.37 rcpt 4-1696808-19797-20060901154637-v...@subscribe.ru mailto:4-1696808-19797-20060901154637-v...@subscribe.ru : client allowed to relay @4000533d52133ae2c2ac policy_check: local kcob...@vipercrazy.com mailto:kcob...@vipercrazy.com - remote 4-1696808-19797-20060901154637-v...@subscribe.ru mailto:4-1696808-19797-20060901154637-v...@subscribe.ru
Re: [qmailtoaster] Re: Clamav reinstall - help please
Hi Eric. I have checked my writings and logs on the server to help dig a bit: I did create the server - install Centos6.5 minimal - here I can see that yum-plugin-priorities-1.1.30-14.el6.noarch gets installed after a complete Centos yum update (before installing qmailtoaster). (properly because You listed that plugin in Your email dated 19 of dec.. and I have made a notice of it and installed it ) - qmailtoaster installed as described - installing fail2ban, logwatch and others - running a yum update and yum-plugin-security-1.1.30-17.el6_5.noarch gets updated So maybe it's because I have installed that plugin prior to installing Qmailtoaster and therefore it has not been initialized properly and even though I have been running updates regularly I have not had any conflict with qmailtoaster before Clamav gets updated by Epel, Repoforge and Qmailtoaster ! Will that do as an explanation ? Hopefully !! so You can relax and enjoy Your 'Youth' Kid... ;-) Cheers, Finn Den 14-03-2014 15:49, Eric Shubert skrev: We're going to need to do some digging on this one. I just did an initial install (through qt-bootstrap-2), and the priorities.conf file has the plugin enabled by default. (Maybe I'm not quite as old as I think I am!) So we need to figure out how this became disabled, and come up with a fix if possible. Thanks Finn. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Clamav reinstall - help please
Hi. I just issued a yum update and got clamav.x86_64-0.98.1-1.el6 from Epel repository installed. (I pressed 'y' not thinking). It is on my Centos 6.5 latest and greatest qmailtoaster test installation (which is (was) running just fine). So now I'm stuck with no clamd running ( my clamd/run and log/run files are gone and some other changes in locations of files) and I'm not able to re-install the proper clamav package from the almost current ;-) Centos6.5 release - what is the name of the package ? or what can I do to rectify the problem ? Regards Finn - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Clamav reinstall - help please
Hi Eric. No it's installed - Package yum-plugin-priorities-1.1.30-17.el6_5.noarch already installed and latest version. /Finn Den 13-03-2014 22:54, Eric Shubert skrev: On 03/13/2014 02:39 PM, Finn Buhelt wrote: Hi. I just issued a yum update and got clamav.x86_64-0.98.1-1.el6 from Epel repository installed. (I pressed 'y' not thinking). It is on my Centos 6.5 latest and greatest qmailtoaster test installation (which is (was) running just fine). So now I'm stuck with no clamd running ( my clamd/run and log/run files are gone and some other changes in locations of files) and I'm not able to re-install the proper clamav package from the almost current ;-) Centos6.5 release - what is the name of the package ? or what can I do to rectify the problem ? Regards Finn - I just tried yum check-update and didn't get clamav, and epel is enabled. I'm guessing that you missed installing yum-plugin-priorities. Yes? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Clamav reinstall - help please
Hi Dan. I get below line when issuing rpm - with or without --nodeps file /etc/logrotate.d/freshclam from install of clamav-0.98.1-0.qt.el6.x86_64 conflicts with file from package clamav-db-0.98.1-1.el6.x86_64 And MORE important my simscan is gone after uninstalling clamav /Finn Den 13-03-2014 22:53, Dan McAllister skrev: On 3/13/2014 5:39 PM, Finn Buhelt wrote: Hi. I just issued a yum update and got clamav.x86_64-0.98.1-1.el6 from Epel repository installed. (I pressed 'y' not thinking). It is on my Centos 6.5 latest and greatest qmailtoaster test installation (which is (was) running just fine). So now I'm stuck with no clamd running ( my clamd/run and log/run files are gone and some other changes in locations of files) and I'm not able to re-install the proper clamav package from the almost current ;-) Centos6.5 release - what is the name of the package ? or what can I do to rectify the problem ? Regards Finn - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com Finn You want to run yum to uninstall the clamav.x86_64-0.98.1-1.el6, then download the clamav-0.98.1-0.qt.el6.x86_64.rpm from one of the mirrors (e.g.: http://mirrors.qmailtoaster.com/testing/CentOS/6/x86_64/clamav-0.98.1-0.qt.el6.x86_64.rpm) and install it manually (rpm -i clamav-0.98.1-0.qt.el6.x86_64.rpm). If there are dependencies, you can re-run RPM with a --nodeps to make it re-install (depends on how you installed the QMT into your COS6 environment). Dan McAllister - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Clamav reinstall - help please
Hi again. I replaced qmailtoaster-nodist.repo with qmailtoaster-dist.repo (changed the enabled key accordingly) Then I issued yum install clamav and it almost succeeded ! Transaction Check Error: file /etc/logrotate.d/freshclam from install of clamav-0.98.1-0.qt.el6.x86_64 conflicts with file from package clamav-db-0.98.1-1.el6.x86_64 This also stops installation when trying to install simscan / clamav - so now I'm looking around to solve that litle puzzle /Finn Den 13-03-2014 23:15, Eric Shubert skrev: Hmmm. What's in your .repo files for QMT and epel? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Clamav reinstall - help please
Hi all. After running yum remove clamav-db yum install simscan (got the proper ones from qmailtoaster) changing tcp.smtp back to contain simscan) I think I'm up running again - at least clamd is back on line, clamav is updating. Thanks for Your help (I'll be back if further problems arise) /Finn Den 14-03-2014 00:05, Finn Buhelt skrev: Hi again. I replaced qmailtoaster-nodist.repo with qmailtoaster-dist.repo (changed the enabled key accordingly) Then I issued yum install clamav and it almost succeeded ! Transaction Check Error: file /etc/logrotate.d/freshclam from install of clamav-0.98.1-0.qt.el6.x86_64 conflicts with file from package clamav-db-0.98.1-1.el6.x86_64 This also stops installation when trying to install simscan / clamav - so now I'm looking around to solve that litle puzzle /Finn Den 13-03-2014 23:15, Eric Shubert skrev: Hmmm. What's in your .repo files for QMT and epel? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Clamav reinstall - help please
Hi Eric. I have found that my /etc/yum/pluginconf.f/priorities.conf was disabled (enabled = 0). Changing this to enable = 1 I do not get clamav udates from EPEL or rpmforge anymore but a notification that packages are excluded due to repository priority protections. I guess this is the functionality You want due to the prioritykey=7 in the qmailtoaster.repo ? Regards, Finn Den 13-03-2014 23:15, Eric Shubert skrev: Hmmm. What's in your .repo files for QMT and epel? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Clamav reinstall - help please
I have both. They are dated january 29 (only version# I can think of) and both seems to have okay symlinks qmailtoaster-dist.repo - ../../opt/qmailtoaster-release/etc/qmailtoaster-centos.repo qmailtoaster-nodist.repo - ../../opt/qmailtoaster-release/etc/qmailtoaster-nodist.repo /Finn Den 14-03-2014 00:29, Eric Shubert skrev: Which version of qmailtoaster-release do you have? Did your qmailtoaster-dist.repo symlink get removed somehow? It should point to /opt/qmailtoaster-release/etc/qmailtoaster-centos.repo. You should have both dist and nodist .repo symlinks. [root@tacs-mail ~]# ls -l /etc/yum.repos.d/ total 44 -rw-r--r--. 1 root root 1926 Nov 30 17:06 CentOS-Base.repo -rw-r--r--. 1 root root 638 Nov 30 17:06 CentOS-Debuginfo.repo -rw-r--r--. 1 root root 630 Nov 30 17:06 CentOS-Media.repo -rw-r--r--. 1 root root 4528 Nov 30 17:06 CentOS-Vault.repo -rw-r--r-- 1 root root 983 Feb 7 11:51 epel.repo -rw-r--r-- 1 root root 1056 Nov 4 2012 epel-testing.repo -rw-r--r-- 1 root root 739 Mar 20 2013 mirrors-rpmforge -rw-r--r-- 1 root root 717 Mar 20 2013 mirrors-rpmforge-extras -rw-r--r-- 1 root root 728 Mar 20 2013 mirrors-rpmforge-testing lrwxrwxrwx 1 root root 59 Dec 27 22:41 qmailtoaster-dist.repo - ../../opt/qmailtoaster-release/etc/qmailtoaster-centos.repo lrwxrwxrwx 1 root root 59 Dec 27 22:40 qmailtoaster-nodist.repo - ../../opt/qmailtoaster-release/etc/qmailtoaster-nodist.repo -rw-r--r-- 1 root root 1128 Mar 20 2013 rpmforge.repo [root@tacs-mail ~]# - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Clamav reinstall - help please
I can for sure say that I did not change it until now where I checked the repos and the settings. So - yes You need to enabled it - but be aware that it may confuse people if other repos are not prioritized properly and that yum then reports how many files are NOT updated due to different settings. Cheers, Finn Den 14-03-2014 00:42, Eric Shubert skrev: On 03/13/2014 04:32 PM, Finn Buhelt wrote: Hi Eric. I have found that my /etc/yum/pluginconf.f/priorities.conf was disabled (enabled = 0). Changing this to enable = 1 I do not get clamav udates from EPEL or rpmforge anymore but a notification that packages are excluded due to repository priority protections. I guess this is the functionality You want due to the prioritykey=7 in the qmailtoaster.repo ? Regards, Finn Den 13-03-2014 23:15, Eric Shubert skrev: Hmmm. What's in your .repo files for QMT and epel? - Bingo. That's the mechanism which is supposed to keep .qt. packages from colliding with other repos. Was priorities.conf disabled by default? I need to enable it in the script if that's the case. It's entirely possible that I missed that one. Might be something worth checking in the script regardless. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Clamav reinstall - help please
Here's the result : qmailtoaster-release-2.0-1.qt.nodist.noarch / Den 14-03-2014 00:51, Eric Shubert skrev: That's probably the latest then. # rpm -q qmailtoaster-release The date on the symlinks is the date it was installed. There's no way to tell what the distro is going to be when the package is built (hence nodist), so the symlinks are created in the %post section of the rpm when the package is actually installed. That was the cleanest way I could think of to solve the problem of configuring appropriately for multiple distros. On 03/13/2014 04:42 PM, Finn Buhelt wrote: I have both. They are dated january 29 (only version# I can think of) and both seems to have okay symlinks qmailtoaster-dist.repo - ../../opt/qmailtoaster-release/etc/qmailtoaster-centos.repo qmailtoaster-nodist.repo - ../../opt/qmailtoaster-release/etc/qmailtoaster-nodist.repo /Finn Den 14-03-2014 00:29, Eric Shubert skrev: Which version of qmailtoaster-release do you have? Did your qmailtoaster-dist.repo symlink get removed somehow? It should point to /opt/qmailtoaster-release/etc/qmailtoaster-centos.repo. You should have both dist and nodist .repo symlinks. [root@tacs-mail ~]# ls -l /etc/yum.repos.d/ total 44 -rw-r--r--. 1 root root 1926 Nov 30 17:06 CentOS-Base.repo -rw-r--r--. 1 root root 638 Nov 30 17:06 CentOS-Debuginfo.repo -rw-r--r--. 1 root root 630 Nov 30 17:06 CentOS-Media.repo -rw-r--r--. 1 root root 4528 Nov 30 17:06 CentOS-Vault.repo -rw-r--r-- 1 root root 983 Feb 7 11:51 epel.repo -rw-r--r-- 1 root root 1056 Nov 4 2012 epel-testing.repo -rw-r--r-- 1 root root 739 Mar 20 2013 mirrors-rpmforge -rw-r--r-- 1 root root 717 Mar 20 2013 mirrors-rpmforge-extras -rw-r--r-- 1 root root 728 Mar 20 2013 mirrors-rpmforge-testing lrwxrwxrwx 1 root root 59 Dec 27 22:41 qmailtoaster-dist.repo - ../../opt/qmailtoaster-release/etc/qmailtoaster-centos.repo lrwxrwxrwx 1 root root 59 Dec 27 22:40 qmailtoaster-nodist.repo - ../../opt/qmailtoaster-release/etc/qmailtoaster-nodist.repo -rw-r--r-- 1 root root 1128 Mar 20 2013 rpmforge.repo [root@tacs-mail ~]# - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] More SPAM
Hi Scot. Nope You're not alone ! Remember to check /etc/spamdyke/spamdyke.conf to en/disable dns-blacklists, greylists ,time etc.., (advice will be to make use of a couple of these dns-blacklists) Regards, Finn Den 12-03-2014 10:41, Scot Needy skrev: Thanks for the feedback Eric, Are we the only two on this list ! “nudge” qmailtoaster-list Working on moving the qmt to a public address space. I just need to eat a little crow first. When I did my research and asked those questions it lead me to believe that the “last hop” of the TCP packet had little to do with the spam rules as they used mail headers. I still have a hard time swallowing that one. So I installed spamdyke using /usr/sbin/qtp-install-spamdyke thinking that would replace my spam engine but from the logs and your comment I’m guessing I need to uninstall spamassasin as I still see simscan in the logs from tcprules. [bash]# cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 Need to look at that one but spamdyke is properly installed and working. [bash]# ls -al /var/qmail/supervise/smtp/ total 24 drwx-T 4 qmaill qmail 4096 Mar 7 14:40 . drwxr-xr-x 12 qmaill qmail 4096 Jan 26 20:32 .. drwx-- 3 qmaill qmail 4096 Jan 26 20:32 log lrwxrwxrwx 1 root root12 Mar 7 14:40 run - run.spamdyke -rwxr-x--x 1 qmaill qmail 555 Jan 26 20:11 run.dist -rwxr-x--x 1 qmaill qmail 584 Mar 7 14:40 run.spamdyke drwx-- 2 qmaill qmail 4096 Mar 11 21:39 supervise [bash]# cat /var/qmail/supervise/smtp/run.spamdyke #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SPAMDYKE=/usr/local/bin/spamdyke SPAMDYKE_CONF=/etc/spamdyke/spamdyke.conf SMTPD=/var/qmail/bin/qmail-smtpd TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb HOSTNAME=`hostname` VCHKPW=/home/vpopmail/bin/vchkpw REQUIRE_AUTH=0 exec /usr/bin/softlimit -m 6400 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ $SPAMDYKE --config-file $SPAMDYKE_CONF \ $SMTPD $VCHKPW /bin/true 21 On Mar 12, 2014, at 1:50 AM, Eric Shubert e...@shubes.net wrote: Scot, You really need to get QMT on the perimeter so spamdyke can do its thing. This will give you the biggest bang for your buck. Plus, there's nothing else nearly as effective. I've said for quite some time that if I had to pick just one anti-spam software, it'd be spamdyke hands down. There's just nothing else that compares (even spamassassin). -- -Eric 'shubes' On 03/11/2014 08:56 PM, Scot Needy wrote: New dilemma in my fight against SPAM. I updated the simcontrol file to include additional attachments and shortly all mail was blocked but I’m not sure why What exactly is the function of spam_hits ? Block ALL mail after 12 hits ? Per hour per … ? Is simcontrol even in play anymore ? 03-11 18:05:44 policy_check: policy allows transmission 03-11 18:05:45 simscan:[2167]:ATTACH:0.5788s:msg.1394575545.33060.2168:10.189.254.17:…. 03-11 18:05:45 qmail-smtpd: qq hard reject (Your email was rejected because it contains a bad attachment: msg.1394575545.33060.2168): MAILFROM: 03-11 18:05:45 spamdyke[2166]: DENIED_OTHER from:……...: 554_Your_email_was_rejected_because_it_contains_a_bad_attachment:_msg.1394575545.33060.2168 03-11 18:05:45 tcpserver: end 2166 status 0 qq hard reject (Your email was rejected because it contains a bad attachment: addr.1394576063.667266.2282) qq hard reject (Your email was rejected because it contains a bad attachment: addr.1394583394.337275.4588) qq hard reject (Your email was rejected because it contains a bad attachment: addr.1394583630.231858.4647) qq hard reject (Your email was rejected because it contains a bad attachment: msg.1394575545.33060.2168) qq hard reject (Your email was rejected because it contains a bad attachment: msg.1394581657.995523.4160) qq hard reject (Your email was rejected because it contains a bad attachment: msg.1394583827.844655.4665) qq hard reject (Your email was rejected because it contains a bad attachment: textfile0) qq hard reject (Your email was rejected because it contains a bad attachment: textfile2) qq hard reject (Your email was rejected because it contains a bad attachment: textfile4)
Re: [qmailtoaster] How to rectify this outgoing email
Hi Manikandan.
I was asking if the user exists - do You have a user 'mani' that has a
mailaddress '@pan-asia.in' . The error messages tells You that mani is
not to be found at the domain pan-asia.in.
Do You have other users at the domain ? and can You send mails to them ?
e.g. postmas...@pan-asia.in ?
check /var/qmail/control/rcpthosts and virtualdomains that Your domain
is in here to be sure.
Regards
Finn
Den 08-03-2014 11:15, Chandran Manikandan skrev:
Yes Finn,
This user having this domain. That domain also our domains. But could
not send to this domain. Any rules are there in spamdyke config.
On Fri, Mar 7, 2014 at 6:39 PM, Finn Buhelt f...@kirstineslund.dk
mailto:f...@kirstineslund.dk wrote:
Hi.
It tells You that there is no user called m...@pan-asia.in
mailto:m...@pan-asia.in
Have You verified there is such a user and it is created properly
? (qmailadmin) You do not send to a domain but to a user in that
domain :-)
/Regards
Finn
Den 07-03-2014 11:03, Chandran Manikandan skrev:
Dear All,
I had successfully installed QMT on Centos 6 64 bit. I can send
and receive emails from any domain , but i could not send email
to this domain and got below bounce message. Could anyone help me
to rectify this bounce.
Hi. This is the qmail-send program atpan-asia.in http://pan-asia.in.
I'm afraid I wasn't able to deliver your message to the following
addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
m...@pan-asia.in
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40pan-asia.in:
Sorry, no mailbox here by that name. (#5.1.1)
--- Below this line is a copy of the message.
Return-Path: m...@parpl.com
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40parpl.com
Received: (qmail 5499 invoked by uid 89); 7 Mar 2014 09:44:59 -
Received: by simscan 1.4.0 ppid: 5449, pid: 5486, t: 0.0168s
scanners: attach: 1.4.0 clamav: 0.98.1/m:55/d:18542
Received: from unknown (HELO PAR1) (m...@parpl.com
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40parpl.com@192.168.1.40
http://192.168.1.40)
by mail with ESMTPA; 7 Mar 2014 09:44:59 -
From: Maniparpl m...@parpl.com
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40parpl.com
To: m...@panasiagroup.net
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40panasiagroup.net
Cc: m...@pan-asia.in
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40pan-asia.in
Subject: test
Date: Fri, 7 Mar 2014 17:44:51 +0800
Message-ID: 008401cf39e9$e6b5efc0$b421cf40$@parpl.com http://parpl.com
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary==_NextPart_000_0085_01CF3A2C.F4D956D0
X-Mailer: Microsoft Outlook 15.0
Thread-Index: Ac856eGOjrdao3FYS7ORaBY1ZSK/mw==
Content-Language: en-us
This is a multipart message in MIME format.
--=_NextPart_000_0085_01CF3A2C.F4D956D0
Content-Type: text/plain;
charset=us-ascii
Content-Transfer-Encoding: 7bit
test
--=_NextPart_000_0085_01CF3A2C.F4D956D0
Content-Type: text/html;
charset=us-ascii
Content-Transfer-Encoding: quoted-printable
html xmlns:v=3Durn:schemas-microsoft-com:vml =
xmlns:o=3Durn:schemas-microsoft-com:office:office =
xmlns:w=3Durn:schemas-microsoft-com:office:word =
xmlns:m=3Dhttp://schemas.microsoft.com/office/2004/12/omml; =
xmlns=3Dhttp://www.w3.org/TR/REC-html40;headmeta =
http-equiv=3DContent-Type content=3Dtext/html; =
charset=3Dus-asciimeta name=3DGenerator content=3DMicrosoft Word 15 =
(filtered medium)style!--
/* Font Definitions */
@font-face
{font-family:Latha;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Cambria Math;
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:Calibri,sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Calibri,sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:Calibri,sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--/style!--[if gte
Re: [qmailtoaster] How to rectify this outgoing email
Hi.
It tells You that there is no user called m...@pan-asia.in
Have You verified there is such a user and it is created properly ?
(qmailadmin) You do not send to a domain but to a user in that domain :-)
/Regards
Finn
Den 07-03-2014 11:03, Chandran Manikandan skrev:
Dear All,
I had successfully installed QMT on Centos 6 64 bit. I can send and
receive emails from any domain , but i could not send email to this
domain and got below bounce message. Could anyone help me to rectify
this bounce.
Hi. This is the qmail-send program atpan-asia.in http://pan-asia.in.
I'm afraid I wasn't able to deliver your message to the following
addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
m...@pan-asia.in
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40pan-asia.in:
Sorry, no mailbox here by that name. (#5.1.1)
--- Below this line is a copy of the message.
Return-Path: m...@parpl.com
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40parpl.com
Received: (qmail 5499 invoked by uid 89); 7 Mar 2014 09:44:59 -
Received: by simscan 1.4.0 ppid: 5449, pid: 5486, t: 0.0168s
scanners: attach: 1.4.0 clamav: 0.98.1/m:55/d:18542
Received: from unknown (HELO PAR1) (m...@parpl.com
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40parpl.com@192.168.1.40
http://192.168.1.40)
by mail with ESMTPA; 7 Mar 2014 09:44:59 -
From: Maniparpl m...@parpl.com
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40parpl.com
To: m...@panasiagroup.net
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40panasiagroup.net
Cc: m...@pan-asia.in
http://192.168.1.64/webmail/src/compose.php?send_to=mani%40pan-asia.in
Subject: test
Date: Fri, 7 Mar 2014 17:44:51 +0800
Message-ID: 008401cf39e9$e6b5efc0$b421cf40$@parpl.com http://parpl.com
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary==_NextPart_000_0085_01CF3A2C.F4D956D0
X-Mailer: Microsoft Outlook 15.0
Thread-Index: Ac856eGOjrdao3FYS7ORaBY1ZSK/mw==
Content-Language: en-us
This is a multipart message in MIME format.
--=_NextPart_000_0085_01CF3A2C.F4D956D0
Content-Type: text/plain;
charset=us-ascii
Content-Transfer-Encoding: 7bit
test
--=_NextPart_000_0085_01CF3A2C.F4D956D0
Content-Type: text/html;
charset=us-ascii
Content-Transfer-Encoding: quoted-printable
html xmlns:v=3Durn:schemas-microsoft-com:vml =
xmlns:o=3Durn:schemas-microsoft-com:office:office =
xmlns:w=3Durn:schemas-microsoft-com:office:word =
xmlns:m=3Dhttp://schemas.microsoft.com/office/2004/12/omml; =
xmlns=3Dhttp://www.w3.org/TR/REC-html40;headmeta =
http-equiv=3DContent-Type content=3Dtext/html; =
charset=3Dus-asciimeta name=3DGenerator content=3DMicrosoft Word 15 =
(filtered medium)style!--
/* Font Definitions */
@font-face
{font-family:Latha;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Cambria Math;
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:Calibri,sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Calibri,sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:Calibri,sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--/style!--[if gte mso 9]xml
o:shapedefaults v:ext=3Dedit spidmax=3D1026 /
/xml![endif]--!--[if gte mso 9]xml
o:shapelayout v:ext=3Dedit
o:idmap v:ext=3Dedit data=3D1 /
/o:shapelayout/xml![endif]--/headbody lang=3DEN-US =
link=3D#0563C1 vlink=3D#954F72div class=3DWordSection1p =
class=3DMsoNormaltesto:p/o:p/p/div/body/html
--=_NextPart_000_0085_01CF3A2C.F4D956D0--
--
*Thanks,*
*Manikandan.C*
*System Administrator*
Re: [qmailtoaster] Re: odd messages
Hi Eric Eric. I have same issue in my send log - big difference is though that I do have known mailadresses in between the (e.g. n...@mailaddr.dk) - only happens when sending outgoing mails - all outgoing mails. This seems to have been a known issue with qmail back in 2006 according to findings on the net - there was entry made in bugzilla then, but I cannot find it anymore. Regards, Finn Den 26-02-2014 02:07, Eric Shubert skrev: On 02/25/2014 04:04 PM, Eric Broch wrote: Hello list, I have messages in my 'send' log with the following format: 2014-02-25 15:36:30.091878500 new msg 2884020 2014-02-25 15:36:30.091879500 info msg 2884020: bytes 4379 from qp 21937 uid 7796 2014-02-25 15:36:30.095577500 starting delivery 8072: msg 2884020 to remote debbiet...@att.net 2014-02-25 15:36:30.095578500 status: local 0/10 remote 1/60 2014-02-25 15:36:31.196274500 delivery 8072: success: User_and_password_not_set,_continuing_without_authentication./debbiet...@att.net_204.127.208.75_accepted_message./Remote_host_said:_250_ok_;_id=20140225223629s0300l57ooe/ 2014-02-25 15:36:31.196278500 status: local 0/10 remote 0/60 2014-02-25 15:36:31.196279500 end msg 2884020 The odd part is from the 2nd line: 'from ' And corresponding message in my queue: messages in queue: 1 messages in queue but not yet preprocessed: 0 25 Feb 2014 22:31:05 GMT #2884150 2145 debbiet...@att.net bouncing done remote wildwestlady1...@msn.com remote sherry.fe...@sodexhousa.com done remote sherrylaw...@msn.com done remote buddecha...@yahoo.com done remote she...@whimsicalplace.com done remote shi...@zoominternet.net done remote shipshewanash...@aol.com done remote shm...@bellsouth.net done remote shopgenerati...@gmail.com Does anyone know what this means, that is, is my server being used as a relay somehow? Eric - Peculiar all right. I looked for ' from ' in my send log and found a few entries. Then I found corresponding double-bounce messages in my postmaster account. Turns out, they were submitted with authentication for an account that's hardly ever used (if at all). I changed the password (was pretty weak) and I expect things will be ok now. Generally speaking, I'd look for corresponding messages in the the smtp/submission queues to see how the message entered the host. Chances are there's a breach. Might be worth looking for ' from ' occasionally in the send logs to see what might be going on. Thanks EB! - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: odd messages
Just finalized some more tracing and look what I found in Qmail Wiki : I see a message in my smtp log that states User_and_password_not_set,_continuing_without_authentication. What is going on? That message is just the remote-auth patch saying that the destination did not have a username/password set in smtproutes, which is usually the intended behavior. This is a diagnosis tool for people who actually set artificial routes that require login/password. This is not an error message and can be safely ignored. So nothing to worry abot then ? Cheers, Finn Den 26-02-2014 11:23, Finn Buhelt skrev: Hi Eric Eric. I have same issue in my send log - big difference is though that I do have known mailadresses in between the (e.g. n...@mailaddr.dk) - only happens when sending outgoing mails - all outgoing mails. This seems to have been a known issue with qmail back in 2006 according to findings on the net - there was entry made in bugzilla then, but I cannot find it anymore. Regards, Finn Den 26-02-2014 02:07, Eric Shubert skrev: On 02/25/2014 04:04 PM, Eric Broch wrote: Hello list, I have messages in my 'send' log with the following format: 2014-02-25 15:36:30.091878500 new msg 2884020 2014-02-25 15:36:30.091879500 info msg 2884020: bytes 4379 from qp 21937 uid 7796 2014-02-25 15:36:30.095577500 starting delivery 8072: msg 2884020 to remote debbiet...@att.net 2014-02-25 15:36:30.095578500 status: local 0/10 remote 1/60 2014-02-25 15:36:31.196274500 delivery 8072: success: User_and_password_not_set,_continuing_without_authentication./debbiet...@att.net_204.127.208.75_accepted_message./Remote_host_said:_250_ok_;_id=20140225223629s0300l57ooe/ 2014-02-25 15:36:31.196278500 status: local 0/10 remote 0/60 2014-02-25 15:36:31.196279500 end msg 2884020 The odd part is from the 2nd line: 'from ' And corresponding message in my queue: messages in queue: 1 messages in queue but not yet preprocessed: 0 25 Feb 2014 22:31:05 GMT #2884150 2145 debbiet...@att.net bouncing done remote wildwestlady1...@msn.com remote sherry.fe...@sodexhousa.com done remote sherrylaw...@msn.com done remote buddecha...@yahoo.com done remote she...@whimsicalplace.com done remote shi...@zoominternet.net done remote shipshewanash...@aol.com done remote shm...@bellsouth.net done remote shopgenerati...@gmail.com Does anyone know what this means, that is, is my server being used as a relay somehow? Eric - Peculiar all right. I looked for ' from ' in my send log and found a few entries. Then I found corresponding double-bounce messages in my postmaster account. Turns out, they were submitted with authentication for an account that's hardly ever used (if at all). I changed the password (was pretty weak) and I expect things will be ok now. Generally speaking, I'd look for corresponding messages in the the smtp/submission queues to see how the message entered the host. Chances are there's a breach. Might be worth looking for ' from ' occasionally in the send logs to see what might be going on. Thanks EB! - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: hack attempts
Now it's my turn - 35 attacks from different ip's - every 4½ hour - love my fail2ban :-) 3 strikes and they're out. /Finn Den 20-02-2014 07:11, cj yother skrev: Is anyone else experiencing a rise in attempted account access over the past 24 hours? CJ - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Mail not going from one user
RC question: uncheck delivery check status in RC settings (compose new messages. /Finn Den 25-02-2014 13:40, Linux skrev: Hi All, One of my user is not able to send mails can receive. All other users can send and receive. See the following errors. Error when send from outlook: 553 5.7.1 sorry, that domain isn't in my list of allowed rcpthosts (chkuser) Error when send from RoundCube Webmail: SMTP Error: No support for Delivery Status Notification Regards, Vivek Patil system admin
Re: [qmailtoaster] re: hack attempts
Hi Angus. Don't forget Your webservers ? It's great to know : 3 strikes (or whatever You prefer) and they are out for x min, days or forever. Regards, Finn Den 20-02-2014 17:24, Angus McIntyre skrev: Dave M wrote: I installed long time ago from this guide and tweeked it for my needs. http://wiki.qmailtoaster.com/index.php/Fail2Ban sigh I should have searched, instead of eye-balling the contents list (and somehow missing that the guide was already there). I'll back out my changes and link to the existing guide. Sorry. Incidentally, if it's easy to do, I'd strongly recommend making a fail2ban install part of the stock qmailtoaster setup. With password-guessing attempts clearly on the rise, fail2ban can greatly reduce wear-and-tear on your mailserver. Angus - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Spamming via valid vpopmail account
Hi. Wouldn't it be possible to block port 25 outgoing and let fail2ban check submission logs ? Regards, Finn Den 16-02-2014 19:33, Dan McAllister skrev: Wicus' issues are not uncommon: An attacker gains a password (through guesswork or other means) of a user on your system, then proceeds to spam the hell out of the world from your system. Alternatively, some user gets a malware infection on their system that uses their mail program (usually Outlook) to spam the hell out of the world from your system. So how can you head it off? I am in the finishing stages of writing a script that, if I am not mistaken, will be obsoleted rather quickly. This script is designed to look through the send log file and essentially build a message log for each message: - who its from - who its addressed to - results of each send - when it is done (final act of removing it from the queue) The sticky wicket in this is that qmail uses the inode number of the message body in the queue as the tracking ID, thus the same numbers appear over and over. This is what breaks all other attempts to do this that I have encountered, and this is the biggest stumbling block that I can see so far. I hope to have this completed in the coming week or 2. How this applies, it that I already have a script that attempts (albeit with many instances missed currently) to count the number of failed messages from any single user in any given day. When that number reaches 50, I automatically change the password on the user account (thus, stopping their authentication) until I can investigate further. So that will help with DETECTION -- what about deterrence? Well, for one -- and I've talked about this before -- you can stop allowing users to AUTHENTICATE on port 25. Port 25 SHOULD be used SOLELY for inbound messages to your hosted (or relayed) domains. Thus, when you ran your telnet attempt and used a destination of a gmail address, your server should have (and did) refused the message. The problem is that we enable authentication on port 25 because we seem to think we should be running the same code for submission (port 587) and smtp-ssl (port 465). IMHO, THOSE ports should be the OPPOSITE of port 25: - Port 25 should allow anonymous connections (non authenticated)... ports 587 and 465 should not - Port 25 should NOT accept messages for non-local domains... ports 587 and 465 must - Port 25 must not require SSL or AUTH; ports 587 and 465 SHOULD (or, as I prefer -- allow it on 587, require it on 465). This STOPS spammers from connecting on your port 25 interface and sending all kinds of messages through an authenticated work around. Of course, it doesn't stop the same hacker from just switching to ports 587 or 465... but I haven't seen them use those ports YET. Just my thoughts Dan McAllister IT4SOHO Dan McAllister - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Spamming via valid vpopmail account
Hi Eric. You can have Fail2ban check Your logs for bad entries that happens within a given period of time and then ban the IP address (Ip tables). Let Fail2ban check on the LAN ip address that is submitting the email in the submit log and then take action when Your tresholds are triggered - maybe not ban the ip adress (LAN) - send an email to sysadmin or lift the ban after 10 min. Regards, Finn Den 16-02-2014 21:03, Eric Shubert skrev: I don't see how fail2ban would be of any help with this. Can you elaborate? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] CentOS 5.4 not login using any user
Hi . Not sure this has to do with QMT ? QMT does not alter any user/passwords on Your server this sounds as a Linux issue. Try NixCraft pages and see if there is something usefull (there is a lot) Regards, Finn Den 10-02-2014 15:28, Linux skrev: selinux is disabled. *From:*Rvaught [mailto:rvau...@libertycasting.com] *Sent:* Monday, February 10, 2014 7:56 PM *To:* qmailtoaster-list@qmailtoaster.com *Subject:* RE: [qmailtoaster] CentOS 5.4 not login using any user Try booting with SELinux disabled . *From:*Linux [mailto:li...@ikf.co.in] *Sent:* Monday, February 10, 2014 9:00 AM *To:* qmailtoaster-list@qmailtoaster.com *Subject:* [qmailtoaster] CentOS 5.4 not login using any user Hi all, I have a QMT server on centos 5.4, when I am trying to login it from any user it shows authentication wrong. I logged it into single user mod and changed the root password and start runlevel 3, but facing same. Same in runlevel 5. I tried it also using SSH but not able to login, even from root user also. Can anybody suggest me what to do. Regards, Vivek Patil system admin
Re: [qmailtoaster] Re: Migration of qmail
Sorry for breaking in here, but honest Vivek Patil, how on earth will Eric know how You did install both You're Qmail servers ? Is qmail running ? Can You locate qmailctl ? What is Your logs saying ? It seems to me that You may have to learn some more sysadmin stuff running on Linux, and that is fine, we all ned too, but Eric is busy doing the latest and greatest Qmt ready for all of us (I hope ;-)) so he needs to focus on that task - the sooner the new stuff is finish the better for all of us and You will be able to install the latest QMT without issues. At least give more info so someone can help You or stay with the excellent running Cent 5 package. Regards, Finn PS not meant to offend anyone Den 08-02-2014 13:50, Linux skrev: Eric, I have install QMT on different two different server First at 6 Feb Second is 8 feb When I install first, I can use qmailctl commend Bu today, when I try to use qmailctl then it give commend not found. And got lot of commends as follows, qmail-clean qmail-lspawnqmail-popup qmail-qmtpd qmail-reload qmail-send qmail-tcpok qmail-getpw qmail-newmrhqmail-pw2u qmail-qread qmail-remote qmail-showctl qmail-tcpto qmail-injectqmail-newu qmail-qmqpc qmail-qstat qmail-rhconfig qmail-smtpd qmail-todo qmail-local qmail-pop3d qmail-qmqpd qmail-queue qmail-rspawn qmail-start Regards, Vivek Patil system admin -Original Message- From: Eric Shubert [mailto:e...@shubes.net] Sent: Friday, February 07, 2014 11:12 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: Migration of qmail I don't know the status of qcontrol. It's not part of the stock set of packages. Jake will possibly chime in on this, but I'm not sure how often he gets back to this list. I'm guessing you probably don't need qcontrol any more, since vqadmin has been fixed. Is there some feature of qcontrol you find missing in vqadmin? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Migration of qmail
Hi. We're lucky that Jake, Eric and others has been doing a lot of work for the community so All You do is run qtp-backup, move/copy the backup file to the new server (put it under /root ) and run qtp-restore (cann't recall if You have to untar the backupfile first). qtp-restore is part of the plus package so You may copy it from Your current server to the new server (/usr/sbin/qtp-restore) This will be it: Remember to have dovecot, httpd started and check if Iptables needs to be changed - it may block so maybe take iptables from current server and use that (best way to verify is to disable iptables shortly) /Finn Den 06-02-2014 13:42, Linux skrev: Eric and Finn, Thanks to you. It really very easy to install Qmail as compared to wiki page. Now small help, I want to migrate ( backup and restore ) my old Qmail on new installed server. Can you tell me the simple steps to do the same. Regards, Vivek Patil system admin *From:*Finn Buhelt [mailto:f...@kirstineslund.dk] *Sent:* Wednesday, February 05, 2014 10:14 PM *To:* qmailtoaster-list@qmailtoaster.com *Subject:* Re: [qmailtoaster] Re: Migration of qmail Hi. Also remember to change in the repos (etc/yum.repos.d/qmailtoaster-nodist.repo) The setting : enabled from 1 to 0 in the [qmailtoaster-current] and from 0 to 1 in the [qmailtoaster-testing]. Then run the qt-bootstrap-2 again Cheers Finn Den 05-02-2014 15:03, Eric Broch skrev: *Change: http://mirrors.qmailtoaster.com/current/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm *To: *http://mirrors.qmailtoaster.com/testing/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm in qt-bootstrap-2 If I remember correctly *On 2/5/2014 2:10 AM, Linux wrote: Eric, I got the following error, See the bolded lines. #sh qt-bootstrap-2 qt-bootstrap-2 - qt-bootstrap-2 - installing yum-priorities (plugin) ... Loaded plugins: fastestmirror, priorities, refresh-packagekit Loading mirror speeds from cached hostfile * atomic: www7.atomicorp.com * base: centos.aol.in * epel: epel.mirror.srv.co.ge * extras: centos.aol.in * qmailtoaster-current: mirror3.qmailtoaster.com * qmailtoaster-current-nodist: mirror3.qmailtoaster.com * rpmforge: mirror.nl.leaseweb.net * updates: centos.aol.in 1758 packages excluded due to repository priority protections Setting up Install Process Package yum-plugin-priorities-1.1.30-14.el6.noarch already installed and latest version Nothing to do qt-bootstrap-2 - installing qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm (repo) ... *Retrieving http://mirrors.qmailtoaster.com/current/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm* *curl: (22) The requested URL returned error: 404 Not Found* *error: skipping http://mirrors.qmailtoaster.com/current/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm - transfer failed* qt-bootstrap-2 - installing qmailtoaster-util (scripts) ... Loaded plugins: fastestmirror, priorities, refresh-packagekit Loading mirror speeds from cached hostfile * atomic: www7.atomicorp.com * base: centos.aol.in * epel: epel.mirror.srv.co.ge * extras: centos.aol.in * qmailtoaster-current: mirror3.qmailtoaster.com * qmailtoaster-current-nodist: mirror3.qmailtoaster.com * rpmforge: mirror.nl.leaseweb.net * updates: centos.aol.in 1758 packages excluded due to repository priority protections Setting up Install Process No package *qmailtoaster-util* available. Error: Nothing to do qt-bootstrap-2 - completed Regards, Vivek Patil system admin -Original Message- From: Eric Shubert [mailto:e...@shubes.net] Sent: Wednesday, February 05, 2014 11:20 AM To: qmailtoaster-list@qmailtoaster.com mailto:qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: Migration of qmail Those scripts are obsolete now. See here: https://github.com/QMailToaster/qmailtoaster-util/blob/master/README.install If you need help, please post to the devel list, given that this is still in testing repo. We haven't finished development on the installation scripts and documentation yet but there's enough there to get the job done. Thanks. -- -Eric 'shubes' On 02/04/2014 09:59 PM, Linux wrote: Eric, I started the QMT installation on CentOS 6.4, and done the following steps, mkdir -p /usr/src/qtms-install cd /usr/src/qtms-install wget http://www.qmailtoaster.com
Re: [qmailtoaster] Re: Migration of qmail
Hi. Also remember to change in the repos (etc/yum.repos.d/qmailtoaster-nodist.repo) The setting : enabled from 1 to 0 in the [qmailtoaster-current] and from 0 to 1 in the [qmailtoaster-testing]. Then run the qt-bootstrap-2 again Cheers Finn Den 05-02-2014 15:03, Eric Broch skrev: *Change: http://mirrors.qmailtoaster.com/current/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm *To: **http://mirrors.qmailtoaster.com/testing/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm in qt-bootstrap-2 If I remember correctly **On 2/5/2014 2:10 AM, Linux wrote: Eric, I got the following error, See the bolded lines. #sh qt-bootstrap-2 qt-bootstrap-2 - qt-bootstrap-2 - installing yum-priorities (plugin) ... Loaded plugins: fastestmirror, priorities, refresh-packagekit Loading mirror speeds from cached hostfile * atomic: www7.atomicorp.com * base: centos.aol.in * epel: epel.mirror.srv.co.ge * extras: centos.aol.in * qmailtoaster-current: mirror3.qmailtoaster.com * qmailtoaster-current-nodist: mirror3.qmailtoaster.com * rpmforge: mirror.nl.leaseweb.net * updates: centos.aol.in 1758 packages excluded due to repository priority protections Setting up Install Process Package yum-plugin-priorities-1.1.30-14.el6.noarch already installed and latest version Nothing to do qt-bootstrap-2 - installing qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm (repo) ... *Retrieving http://mirrors.qmailtoaster.com/current/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm* *curl: (22) The requested URL returned error: 404 Not Found* *error: skipping http://mirrors.qmailtoaster.com/current/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm - transfer failed* qt-bootstrap-2 - installing qmailtoaster-util (scripts) ... Loaded plugins: fastestmirror, priorities, refresh-packagekit Loading mirror speeds from cached hostfile * atomic: www7.atomicorp.com * base: centos.aol.in * epel: epel.mirror.srv.co.ge * extras: centos.aol.in * qmailtoaster-current: mirror3.qmailtoaster.com * qmailtoaster-current-nodist: mirror3.qmailtoaster.com * rpmforge: mirror.nl.leaseweb.net * updates: centos.aol.in 1758 packages excluded due to repository priority protections Setting up Install Process No package *qmailtoaster-util* available. Error: Nothing to do qt-bootstrap-2 - completed Regards, Vivek Patil system admin -Original Message- From: Eric Shubert [mailto:e...@shubes.net] Sent: Wednesday, February 05, 2014 11:20 AM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: Migration of qmail Those scripts are obsolete now. See here: https://github.com/QMailToaster/qmailtoaster-util/blob/master/README.install If you need help, please post to the devel list, given that this is still in testing repo. We haven't finished development on the installation scripts and documentation yet but there's enough there to get the job done. Thanks. -- -Eric 'shubes' On 02/04/2014 09:59 PM, Linux wrote: Eric, I started the QMT installation on CentOS 6.4, and done the following steps, mkdir -p /usr/src/qtms-install cd /usr/src/qtms-install wget http://www.qmailtoaster.com/centos/cnt5064/cnt5064-deps.sh sh cnt5064-deps.sh rpm -Uvh http://qtp.qmailtoaster.com/trac/downloads/1 yum install qmailtoaster-plus qtp-dependencies wget http://www.qmailtoaster.com/centos/cnt5064/cnt5064-perl.sh sh cnt5064-perl.sh *GOT AN ERROR AT THIS STEP AS FOLLOW** Can't locate CPAN.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at -e line 1. BEGIN failed--compilation aborted at -e line 1. Can't locate CPAN.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at -e line 1. BEGIN failed--compilation aborted at -e line 1. Can't locate CPAN.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at -e line 1. BEGIN failed--compilation aborted at -e line 1. Can't locate CPAN.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at -e line 1. BEGIN failed--compilation aborted at -e line 1. Can't locate CPAN.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at -e line 1. BEGIN failed--compilation aborted at -e line 1. Can't locate CPAN.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5
Re: [qmailtoaster] How to make more than one domain into one server
Hi Manikadan. If I understand You correctly it's not only qmail You want to have more domains ? Properly You may need to add some virtuel hosts if You're running Apache (Virtuel host section) or setup servers(add them as *.conf files) in Nginx. Then You register Your domain and point the domain to You're IP address just like the 1'st You have - the webserver will receive the request (same port ) for one of Your domains and handle it according to Your setup in the configuration. Everything is described at the proper webserver forums / homepages - really no big deal to setup - the qmail part will be almost as easy - go to qmailtoasters excellent wiki's written by all the many skilled users of this great software now maintained by Eric 'Schubes' and his fantastic crew. Regards, Finn Den 17-07-2013 06:05, ChandranManikandan skrev: Hi All, Currently am using Centos 5.7 with qmailtoaster. I have use one domain with this server and dns host from another provider. I want to register one more domain and all emails need to be configure with the same server. Can you please help me how to do that more than one domain configure in single server as well smtp and squirrelmail. -- */Thanks Best Regards, Manikandan.C /*
Re: [qmailtoaster] Just checking
Thanks Eric - I'm feeling much better/safer already ;-) (Just wondered if something had happend to my subscription - usually an update for Clamav gives a lot of e-mails). Regards Finn Den 28-04-2013 02:36, Eric Broch skrev: On 4/27/2013 5:05 PM, Finn Buhelt wrote: Hi qmail list. I have not received any mail from the list in 6 days - last mail was dated april 22 - so I'm just checking if You're still there ?! Cheers, Finn - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com I'm still here Eric B. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Just checking
No no don't get me wrong - usually many writes to the list about what to do when a new release is announced (in the log) - is it safe not to upgrade ? what do I do now ? and all that kind so I just wondered since no messages from the list had appeared in many days - through the years I know You're always on Your toes answering questions, updating and making new releases so no hidden agenda in my writing =-O Regards, Finn PS - make it a week and spend the 'or so' on the Centos6 release :-) . Den 28-04-2013 17:16, Eric Shubert skrev: On 04/27/2013 11:39 PM, Finn Buhelt wrote: (Just wondered if something had happend to my subscription - usually an update for Clamav gives a lot of e-mails). Is that a hint? ;) I noticed this, but have been very busy. There was a little confusion about the signature for the release too, so I don't feel too bad about letting the dust settle a little before toasterizing it. I hope to have it available in a week or so. If things go well today, I might get it out sooner. Of course, if someone would like to put together the srpm for it, I'll gladly use it. (another hint?) ;) - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Just checking
Hi qmail list. I have not received any mail from the list in 6 days - last mail was dated april 22 - so I'm just checking if You're still there ?! Cheers, Finn - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: New build
Hi Dave. Have a look at this link http://www.monshouwer.eu/download/3rd_party/ You'll find what You need there (repo's if You want) Regards, Finn Den 01-11-2012 16:23, Dave skrev: Tried, yum install pdns-resolver Setting up Install Process No package pdns-resolver available. Do we need to add a separate repo Dave *From:*Nikolay Mitev [mailto:mite...@gmail.com] *Sent:* Thursday, November 01, 2012 12:30 AM *To:* qmailtoaster-list@qmailtoaster.com *Subject:* Re: [qmailtoaster] Re: New build Hi Eric, Thanks for the recommendation. I wish success to your team in the development of QMT. Best regards, Nikolay On Thu, Nov 1, 2012 at 2:59 AM, Edwin Casimero ecasim...@gmail.com mailto:ecasim...@gmail.com wrote: On Thursday, 01 November, 2012 07:23 AM, Eric Shubert wrote: The djbdns source package has been removed from the stock package list. It never really was fully supported, and isn't really necessary. If anyone is using it and prefers to keep doing so, there's nothing really wrong with that. The simplest and probably most efficient way to have a resolver on your qmt host (which we do recommend doing) is: # yum install pdns-resolver PowerDNS is modern, robust, actively maintained and widely used DNS software. It is efficient and reliable. Please accept our apologies that all of the documentation and scripts aren't yet up to date as we move forward. Interesting. I will try powerdns. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com mailto:qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmail log parsing
Moi Peter. It's not entirely what You're after but gives a nice view of what happens on a daily basis if You're using spamdyke (all the rejected mails, why they're rejected and also the ones allowed thru). /usr/share/qmt/scripts/Spamdyke-Stats-Report.pl I've put it in my crontab. Try it out Regards, Finn Buhelt Den 05-03-2012 11:59, Peter Peltonen skrev: For my web servers running Sendmail, Logwatch reports stats about sent messages every night. Here is an example: ### Bytes Transferred: 106548 Messages Sent: 48 Total recipients: 48 Top relays (recipients/connections - min 10 rcpts, max 50 lines): 24/24: localhost.localdomain [127.0.0.1] 22/22: apache@localhost ### I would like to generate such stats for Qmailtoaster as well. Including it in Logwatch would be great, but just to get started, using qmlog with a cron job should be sufficient. so the question is: how do I with qmlog find out: - total number of messages sent by my toaster today - total number of messages received today ? Best, Peter - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmail log parsing
Moi Peter. Sorry - forgot to tell where to get the stuff: http://wiki.qmailtoaster.com/index.php/Spamdyke Cheers, Finn B. Den 05-03-2012 11:59, Peter Peltonen skrev: For my web servers running Sendmail, Logwatch reports stats about sent messages every night. Here is an example: ### Bytes Transferred: 106548 Messages Sent: 48 Total recipients: 48 Top relays (recipients/connections - min 10 rcpts, max 50 lines): 24/24: localhost.localdomain [127.0.0.1] 22/22: apache@localhost ### I would like to generate such stats for Qmailtoaster as well. Including it in Logwatch would be great, but just to get started, using qmlog with a cron job should be sufficient. so the question is: how do I with qmlog find out: - total number of messages sent by my toaster today - total number of messages received today ? Best, Peter - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: qmail log parsing
I can check my outgoing by counting in /submission - everything outbound is going out that route. Ofcourse there's all the internal sends, (from my domain to my other domain hosted and managed on same box) that only are in /send and may require some deeper digging on how to get (e.g. check against /var/qmail/control/virtueldomains). Hope it helps Finn B. Den 05-03-2012 23:42, Peter Peltonen skrev: On Mon, Mar 5, 2012 at 8:20 PM, Eric Shuberte...@shubes.net wrote: What is actually inclduded in those stats, incoming SMTP probably yes, but how about outgoing? Where is that logged anyway in Qmail? send log But in send there are also entries for messages that clearly are received ones? I see there messages from remote addresses to my local ones... So *all* deliveries, both ingoing and outgoing, are logged there, right? Would this give me the number of messages sent outside from my toaster: qmlog -nl send |grep delivery |grep to remote |wc -l ? Best, Peter - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: qmail log parsing
Hi Eric. I'm not sure You're right. My intra-doamins 'sends' are not listed in the submission log. Isn't Qmail checking up on intradelivery before actually delivering ? (it's been so many years since I knew these things so bare over with me if I'm totally wrong ) Cheers, Finn B. Den 06-03-2012 00:39, Eric Shubert skrev: On 03/05/2012 04:04 PM, Finn Buhelt wrote: I can check my outgoing by counting in /submission - everything outbound is going out that route. Ofcourse there's all the internal sends, (from my domain to my other domain hosted and managed on same box) that only are in /send and may require some deeper digging on how to get (e.g. check against /var/qmail/control/virtueldomains). Hope it helps Finn B. I believe that the submission log would give you all of the sent messages, both inter- and intra-domain. Local messages still come in via the submission port (so long as that's the way your clients are all configured). If you need to count the submissions coming in on port 25, you could check the spamdyke messages' auth: value for something other than (unknown). - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: dovecot installation questions
Hi Eric. Just to wrap up my troubles regarding my 2 test/backupmailservers I've found the issue. The password was missing/wrong in /home/vpopmail/etc/vpopmail.mysql So after installing and re-installing many times - on 2 computers I am running Dovecot 2.0.18 just as fine as my production version 2.0.10. Thanks, Finn B Den 14-02-2012 20:47, Eric Shubert skrev: Just wanted to double check the versions against what I built dovecot 2.0.17 with, and it's 5.4.17 for vpopmail, so that's ok. Thanks for the details. Everything sounds kosher to me. Let's see what Rajesh comes up with, and we'll take it from there. Thanks for testing! - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] dovecot installation questions
Hi Rajesh. Just wonder if You managed to fix this issue ? I have same error installing on a testsystem Regards, Finn B Den 23-01-2012 16:38, Rajesh M skrev: hi i installed dovecot version 1 on one of my qmailtoaster boxes a few months ago and it worked successfully. now i have a new box and tried to install dovecot version 2 using qmailtoaster rpm http://wiki.qmailtoaster.com/index.php/Replacing_Courier_IMAP_with_Dovecot_IMAP i followed the instructions as per the above but with default installation i am a quite confused because there are so many config files the config files are all different and i am not sure which options to use i am getting error as such telnet xxx.xxx.xxx.xxx 143 or port 110 gives error as below [root@ns1 conf.d]# tail -f /var/log/dovecot.log Jan 23 20:57:38 auth: Fatal: vpopmail: vauth_open() failed Jan 23 20:57:38 master: Error: service(auth): command startup failed, throttling my questions 1) is there some place to get detailed instructions on the installation or if anybody is already using the standard installation successfully then can you please post your config file and installation instructions 2) how better is dovecot pop3 and pop3 compared to normal pop3 of qmailtoaster, are there any known issues ? my qmail pop3 is working quite nicely but if dovecot is better then i could try that. thanks for all your help. rajesh - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: dovecot installation questions
Hey Eric. SORRY - for the lack of info's. (Dovcot 2.0.17 and Vpopmail-Toaster 5.4.17) I have installed Qmailtoaster off the shelve from qmailtoaster.org (doing exactly as Jake in his video - just to be sure)- and Dovecot 2.0.17 just like prescribed in the Wiki. Though I have been around some installations since the initial one ranging from Dovecot-2.0.10 to 2.2.x, - Rpm's, Yum's and compiling myself - same result whenever I try to connect to port 110 or 995 (error message as below in Rajesh' mail) - cannot start AUTH manually either. As You may recall (:-) ) I answered Your email regarding Dovecot some time ago because I have been running Qmailtoaster and Dovecot quite some time now on my production system - back from Dovecot 1.0.7x and currently I'm running Dovecot-2.0.10 on Prod and it runs perfectly. Now, as a test, I have installed Centos 6.2 with KVM and installed Centos 5.7 in a Virtuel machine and it is in here I have the issue. Mysql is running, I have used the Dovecot.conf from the Install and from my production system, I have qtp-restored all my settings from my current production system - nothing changes the error at all. (qmailtoaster runs fine) Don't spend much of Your precious time on this now, but Your thoughts is appreciated Cheers, Finn Den 14-02-2012 18:58, Eric Shubert skrev: Hey Finn, Which versions are you running? (of vpopmail and dovecot in particular) On 02/14/2012 09:20 AM, Finn Buhelt wrote: Hi Rajesh. Just wonder if You managed to fix this issue ? I have same error installing on a testsystem Regards, Finn B Den 23-01-2012 16:38, Rajesh M skrev: hi i installed dovecot version 1 on one of my qmailtoaster boxes a few months ago and it worked successfully. now i have a new box and tried to install dovecot version 2 using qmailtoaster rpm http://wiki.qmailtoaster.com/index.php/Replacing_Courier_IMAP_with_Dovecot_IMAP i followed the instructions as per the above but with default installation i am a quite confused because there are so many config files the config files are all different and i am not sure which options to use i am getting error as such telnet xxx.xxx.xxx.xxx 143 or port 110 gives error as below [root@ns1 conf.d]# tail -f /var/log/dovecot.log Jan 23 20:57:38 auth: Fatal: vpopmail: vauth_open() failed Jan 23 20:57:38 master: Error: service(auth): command startup failed, throttling my questions 1) is there some place to get detailed instructions on the installation or if anybody is already using the standard installation successfully then can you please post your config file and installation instructions 2) how better is dovecot pop3 and pop3 compared to normal pop3 of qmailtoaster, are there any known issues ? my qmail pop3 is working quite nicely but if dovecot is better then i could try that. thanks for all your help. rajesh - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: FW: Error in POP3 over SSL
Hi Eric. I have been using Dovecot for pop3 for some time now (since version 1.2 X in 2009 - currently I'm running version 2.0.10) - no problems. I recall somebody wrote a 'how to', that took You through the changes from qmail-pop3 and IMAP to dovecot . If I'm not wrong it was Amit and Aleksander Podsiadly who wrote the notes I did use back in 2009. Regards, Finn B. Centos 5.7 (64) Current version Qmailtoaster using Power-Dns as cache Intel Atom D510 / 4Gb / 250 Gb SSH Den 25-01-2012 19:58, Eric Shubert skrev: As another option, you might try using dovecot for pop3/pop3s services instead of qmail-pop3. I haven't yet done so myself (mostly imap users here), but I seem to recall someone here saying that they're using it w/out any problem. If anyone is using dovecot for pop3, would you chime in here please? This certainly needs to be put though its paces before we get to the point of having a stock dovecot package for QMT, which is something fairly high up on my list. ;) - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Regex for fail2ban - SMTP DDos
Hi. Just out of the head I think it's tricky because fail2ban needs a known timestamp to check against, and I cannot recall fail2ban having this timestamp listed as valid. But as said -just out of the head. Regards, Finn On 06-05-2011 08:10, Délsio Cabá wrote: Hi all I am getting a lot of DDOS on smtp connection logs: @40004dc390330ffb50f4 CHKUSER accepted sender: from r...@mydomain.com:: remote demagnify:unknown:173.212.197.14 rcpt : sender accepted @40004dc390340c9e201c CHKUSER rejected rcpt: from r...@mydomain.com:: remote demagnify:unknown:173.212.197.14 rcpt m...@zicel.ru mailto:m...@zicel.ru : invalid rcpt MX domain .. @40004dc3905511aba4bc CHKUSER accepted sender: from r...@ns.mozdesigners.com:: remote byte:unknown:173.212.197.14 rcpt : sender accepted @40004dc390562cb394a4 CHKUSER rejected relaying: from r...@ns.mozdesigners.com:: remote byte:unknown:173.212.197.14 rcpt mad...@usc.es mailto:mad...@usc.es : client not allowed to relay I need to block this using fail2ban but the regex is quite complex. I have tried this: HOST\ rcpt \S+ : client not allowed to relay$ But it doesn't seam to be working as expected: fail2ban-regex /var/log/qmail/smtp/current HOST\ rcpt \S+ : client not allowed to relay ... Date template hits: 0 hit(s): MONTH Day Hour:Minute:Second 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second 0 hit(s): Year/Month/Day Hour:Minute:Second 0 hit(s): Day/Month/Year Hour:Minute:Second 0 hit(s): Day/MONTH/Year:Hour:Minute:Second 0 hit(s): Month/Day/Year:Hour:Minute:Second 0 hit(s): Year-Month-Day Hour:Minute:Second 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond] 0 hit(s): Day-Month-Year Hour:Minute:Second 1184 hit(s): TAI64N 0 hit(s): Epoch 0 hit(s): ISO 8601 0 hit(s): Hour:Minute:Second 0 hit(s): Month/Day/Year@Hour:Minute:Second Any help would be very appreciated Thanks!
Re: [qmailtoaster] Re: CentOS 5.6
Hi Eric. I have been running 5.6 live for at while now - no problemo ;-) qtp-whatami v0.3.7 Sat Apr 16 20:02:54 CEST 2011 DISTRO=CentOS OSVER=5.6 QTARCH=x86_64 QTKERN=2.6.18-238.9.1.el5 BUILD_DIST=cnt5064 BUILD_DIR=/usr/src/redhat This machine's OS is supported and has been tested /Finn On 16-04-2011 19:38, Eric Shubert wrote: Anyone else running a live QMT on 5.6 yet? I'm about take the plunge in production. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: qtp-restore script error...
Hi. Isn't it because You need to install qmail-toaster first ? I think I recall I had to install qmail-toaster first when I moved my server some years ago - then run qtp-restore. Regards, Finn On 31-03-2011 13:37, Bilgehan Poyraz (Telcoset) wrote: Same problem again.all files in the root.but getting same result.do you have any idea? Bu mesaj benim HTC’im ile gönderilmistir. From: Amit a...@ikf.co.in Sent: 31 Mart 2011 Persembe 13:22 To: qmailtoaster-list@qmailtoaster.com qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Re: qtp-restore script error... First extract all files from backup tar.gz file on root. Make sure all the files should be on root and not inside any folder on root. Once this is done re-run command “qtp-restore”. Amit Dalia Join Us: From: Bilgehan Poyraz (Telcoset) [mailto:bilgehan.poy...@telcoset.com.tr] Sent: Thursday, March 31, 2011 2:48 PM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Re: qtp-restore script error... Everybody, Do you have any idea? Bilgehan From: Bilgehan Poyraz (Telcoset) Sent: Thursday, March 31, 2011 9:03 AM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Re: qtp-restore script error... Dear Eric, Thank you for reply.I was logged-on root user.However did not look owner and user rights. But when the script ran, it's deleting control directory. :( I look the permissions, drwxr-xr-x 28 root root 4096 Mar 31 07:10 / drwxr-xr-x 11 root qmail 4096 Mar 31 05:28 qmail What I can do? Bilgehan From: Eric Shubert [e...@shubes.net] Sent: Wednesday, March 30, 2011 11:49 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: qtp-restore script error... Permissions problem perhaps? Do the named files exist? What's their ownership/permissions? # ls -l /var/qmail/control/log* -rw-r--r-- 1 root qmail 4 Apr 14 2010 /var/qmail/control/logcount -rw-r--r-- 1 root qmail 8 Apr 14 2010 /var/qmail/control/logsize # What are the permissions of higher directories? # ls -ld /var/qmail /var/qmail/control drwxr-xr-x 12 root qmail 4096 Feb 23 15:12 /var/qmail drwxr-xr-x 3 root qmail 4096 Mar 30 01:01 /var/qmail/control # -- -Eric 'shubes' On 03/30/2011 12:35 PM, Bilgehan Poyraz (Telcoset) wrote: Dear all, I installed new qmailtoaster server on CentOS 5.5 in the customer.And ran qtp-backup script, backed-up all information from old server. Then copied "201103301904-backup.tar.gz" file in the new serves "/" (root) directory. when I run the qtp-restore script got the below error.Restore operation is unsuccessful. Have you idea for this situation? Bilgehan This is the qtp-restore script written by Jake Vickersj...@v2gnu.com. It comes with no
Re: [qmailtoaster] Fail2ban and Qmailtoaster
Hi Peter. I have extended vpopmail.conf with this : failregex = vchkpw-pop3: vpopmail user not found .*:HOST$ vchkpw-smtp: vpopmail user not found .*:HOST$ vchkpw-submission: vpopmail user not found .*:HOST$ (I know it may be written in one line but this makes it more 'readable' ;-) ) Regards, Finn On 12-03-2011 09:50, Peter Peterse wrote: wou good of me. I read a few message back and see that you can use failregex = vchkpw-pop3: vpopmail user not found .*:HOST$ Where I find .*@:HOST$ I can't remember. Peter Op 12-3-2011 9:36, Peter schreef: Hello List, I think (hope) that I have a better filter for vpopmail-fail It checks also on u...@example.com # Fail2Ban configuration file for vpopmail # # Author: Lawrence Sheed # # $Revision: 1.0 $ # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. # Values: TEXT # failregex = vchkpw-pop3: vpopmail user not found .*@.*:HOST$ # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex = happy banning. Peter - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Fail2ban and Qmailtoaster
Hi Peter. Depends where Your logfiles are - You can scan more than one logfile per 'jail' as well as You can do multiline scans in the filter definition (the one below). I'm doing this vpopmail.conf filter in maillog logfile only (I do catch many vchkpw-smtp attempts) - I have my dovecot.log file checked by another conf file (and some apache checks as well). Cheers, Finn On 12-03-2011 15:33, Toma Bogdan wrote: On 3/12/2011 4:26 PM, Finn Buhelt (kirstineslund) wrote: Hi Peter. I have extended vpopmail.conf with this : failregex = vchkpw-pop3: vpopmail user not found .*:HOST$ vchkpw-smtp: vpopmail user not found .*:HOST$ vchkpw-submission: vpopmail user not found .*:HOST$ you can do this if you add more log path`s in vpopmail.conf , pop3 regex will be found in /pop3/logfile ... etc - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Fail2ban and Qmailtoaster
Hi Eric S. I'm catching Imap attempts in my dovecot.log file - I have a dovecot.conf filter in fail2ban that catches faulty attempts + a squirrelmail filter. Below is a not yet very readable dovecot-imap.conf filter - When time permits I will try to make it more readable and / or make some comments so I will be able to myself remember what it does (ol' man I am). failregex = (?:pop3|imap)-login: Info: (?:Authentication failure|Aborted login \ (auth failed|Disconnected \(auth failed).*rip=(?Phost\S*),.* (?:imap|pop3)-login: Info: Disconnected: user=.*, method=(?:LOGIN| PLAIN|(?:CRAM|DIGEST)-MD5), rip=(?Phost\S*), lip (?:imap|pop3)-login: Info: Aborted login.*user=.*, .*rip=(?Phost \S*),.* (?:imap|pop3)-login: Info: Disconnected: user=.*, method=(?:LOGIN| PLAIN|(?:CRAM|DIGEST)), rip=(?Phost\S*), lip Regards, Finn On 12-03-2011 15:32, Eric Shubert wrote: That looks fine indeed, Finn. I'm fond of readability. :) What about IMAP? I know it's not used as much as the others, but it could be an attractive target to some evil-doers. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SMTP attack
Hi. HOST matches either the Ip address or the hostname Cheers Finn On 08-03-2011 09:04, Digital Instruments wrote: Nice, that's great! :) Just a little question: I don't get this HOST (I've also read the wiki but it's not clear) can you do an example, please? Thanks, Cheers! Il 05/03/2011 23:26, Sergio M ha scritto: Eric Shubert escribió: Timing is good on this. :) http://wiki.qmailtoaster.com/index.php?title=Fail2Banaction=edit Have at it. I've added a link to this page under the Configuration- Security section. It's a start (albeit not much of one). Hey guys, I created a basic article, but have trouble with formatting. Can anyone take a look at it? this is how I meant it to look ;-) == '''Basic fail2ban installation and setup''' == fail2ban homepage: http://www.fail2ban.org. Please check [0] and [1] for more details. == 1. Installation. == Enable the EPEL repos [1] and then 'yum install fail2ban' == 2. Setup: == To work with Qmail/vpopmail, a filter and jail should be defined. '''a.''' # mcedit /etc/fail2ban/filter.d/vpopmail-fail.conf [Definition] #Looks for failed password logins to SMTP failregex = vchkpw-smtp: password fail ([^)]*) [^@]*@[^:]*:HOST ignoreregex = '''b.''' # mcedit /etc/fail2ban/jail.conf (add this) [vpopmail-fail] enabled = true filter = vpopmail-fail action = iptables[name=SMTP, port=smtp, protocol=tcp] logpath = /var/log/maillog maxretry = 1 bantime = 604800 findtime = 3600 '''c. Test the filter file:''' # fail2ban-regex /var/log/maillog /etc/fail2ban/filter.d/vpopmail-fail.conf Returns something like this, with n matches for the regex or 0 if no matches: Failregex |- Regular expressions: | [1] vchkpw-smtp: password fail ([^)]*) [^@]*@[^:]*:HOST | `- Number of matches: [1] 123 match(es) '''d. Reload config:''' # fail2ban-client stop/start '''e. Check the status of a jail:''' # fail2ban-client status vpopmail-fail Status for the jail: vpopmail-fail |- filter | |- File list:/var/log/maillog | |- Currently failed: 7 | `- Total failed: 225 `- action |- Currently banned: 109 | `- IP list: 200.207.49.13 84.79.73.123 187.35.209.243 (...) 187.6.106.201 187.63.80.134 187.52.195.234 187.4.200.17 `- Total banned: 109 '''NOTE:''' Once its starts running and the logs have matching strings, it will create iptables rules dropping that IP. But... when fail2ban reload and/or iptables restart and/or rebooting and/or the weekly logrotate, those rules are gone. bye bye! So... what to do? - Before changes, do a '# service iptables save' and it will write them to a file, and after any change do '# service iptables restart' to make it load the saved set of rules; - Tune fail2ban to write IPs to /etc/fail2ban/ip.deny [3]. == 3.A little basic admin stuff == '''a. Check banned IPs:''' - by fail2ban:# fail2ban-client status vpopmail-fail - current iptables rules: # iptables -L -nv - To see IPs that fail2ban is saving for the next reload: # cat /etc/fail2ban/ip.deny '''b. How to unblock an IP:''' 1) Delete it from the current iptables rules: # iptables -D fail2ban-SMTP -s 11.22.33.44 -j DROP 2) remove it from /etc/fail2ban/ip.deny (maybe listed several times). 3) remove it from /etc/sysconfig/iptables (maybe listed several times). == 4. References: == [0] http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg30514.html [1] http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg30551.html [2] http://fedoraproject.org/wiki/EPEL/FAQ#howtouse [3] http://n8wood.wordpress.com/2009/06/22/fail2ban-permanent-ssh-bans/ Nessun virus nel messaggio. Controllato da AVG - www.avg.com http://www.avg.com Versione: 10.0.1204 / Database dei virus: 1435/3480 - Data di rilascio: 03/03/2011 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: dovecot upgrade
Hi Eric S. Sorry ;-) but dovecot 2.0.11 was released yesterday - (I know you're doing 2.0.10) BTW there's a nice nix startup script on the Dovecot wiki2 - works fine with 2.0.11 (and all 2.x.x) Regards, Finn On 07-03-2011 15:37, Eric Shubert wrote: The wiki instructions were done in a way that's more djb-like, using daemontools. The service script is more *nix-like (System-V init scripts), which is much more commonly used. The Linux community is presently moving away from both of these methods, and using the Upstart software instead. This is a big improvement, and has been embraced by both RHEL (v6) and Debian (and possibly others). I expect that Upstart will become the standard linux way of doing boot and runlevel processing across all distros. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: dovecot upgrade
Hi Eric B. What OS are You using ? (sniffing around there seems to be many libraries that needs to be updated in Centos5.5 (both 32 64 bit) if Dovecot 2.X will compile) Regards, Finn On 03-03-2011 20:01, Eric Broch wrote: On 3/3/2011 11:39 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric B. I am a bit suprised - You started out some 12 hours ago telling that You did not know how to do this upgrade !! And now You're on top of it and has the most dovecot 'tuned' toaster seen on this site 8-) . Great work and thanks for the help. /Finn On 03-03-2011 18:53, Eric Broch wrote: On 3/3/2011 9:33 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric. I think You're okay doing the change in dovecot.conf but I have inserted the text from dovecot.org below just in case * *Just like with dovecot user, dovenull doesn't need a password, home directory or anything else (but it's good to give it its own private dovenull group)* I'm sure You know the site but in case others need it - here's the link to the page http://wiki2.dovecot.org/Upgrading/2.0 Regards, Finn On 03-03-2011 17:17, Eric Broch wrote: On 3/3/2011 8:54 AM, Eric Shubert wrote: On 03/03/2011 08:36 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric. What about the 'dovenull' user that is required now or have You changed the default_login_user ? Regards, Finn Finn, Nice to have you chiming in here, thanks. You're running Dovecot v2 I take it? 2.0.9, or earlier? Are you subscribed on the qmailtoaster-devel list? Please do if you're not already. Thanks. Finn, Thanks, no I did not do either. But, since you reminded my I added 'default_login_user = dovecot' to dovecot.conf file Can you tell me what parameters are necessary when creating 'dovenull' user? Eric - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com or better yet... useradd -M -d /nohome -s /bin/false -c 'Dovenull user' dovenull Eric I was in fear and trepidation the whole way, Finn. ;-) Anyhow, thanks! And, I couldn't have done anything without the Linux community and all the great folks who write software for this OS. What a Godsend!!! But the real test, for me, will be moving into a production environment.
Re: [qmailtoaster] Re: dovecot upgrade
Hi Eric B. Thanks for the reply - I will fire up my testbox later tonight and then see what happens. Cheers, Finn On 04-03-2011 14:55, Eric Broch wrote: Hey Finn, My test system is running CentOS 5.5. I didn't seem to have any problems compiling. The compile (make) did not error out. It is also up to date. I did 'make' dovecot-2.0.9 again to examine the output and found no errors, just warnings. Here's what I did on my test machine... # cd /my/dovecot/dir/dovecot-2.0.9 # make clean # make These are the warnings I got when I ran 'make.' *** Warning: Linking the shared library lib02_imap_acl_plugin.la against the loadable module *** lib01_acl_plugin.so is not portable! *** Warning: Linking the shared library lib21_fts_squat_plugin.la against the loadable module *** lib20_fts_plugin.so is not portable! *** Warning: Linking the shared library lib20_mail_log_plugin.la against the loadable module *** lib15_notify_plugin.so is not portable! *** Warning: Linking the shared library lib11_imap_quota_plugin.la against the loadable module *** lib10_quota_plugin.so is not portable! *** Warning: Linking the shared library lib11_trash_plugin.la against the loadable module *** lib10_quota_plugin.so is not portable! *** Warning: Linking the shared library lib30_imap_zlib_plugin.la against the loadable module *** lib20_zlib_plugin.so is not portable! I have the complete output in a text file. If your interested in seeing it. Eric On 3/4/2011 3:56 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric B. What OS are You using ? (sniffing around there seems to be many libraries that needs to be updated in Centos5.5 (both 32 64 bit) if Dovecot 2.X will compile) Regards, Finn On 03-03-2011 20:01, Eric Broch wrote: On 3/3/2011 11:39 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric B. I am a bit suprised - You started out some 12 hours ago telling that You did not know how to do this upgrade !! And now You're on top of it and has the most dovecot 'tuned' toaster seen on this site 8-) . Great work and thanks for the help. /Finn On 03-03-2011 18:53, Eric Broch wrote: On 3/3/2011 9:33 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric. I think You're okay doing the change in dovecot.conf but I have inserted the text from dovecot.org below just in case * *Just like with dovecot user, dovenull doesn't need a password, home directory or anything else (but it's good to give it its own private dovenull group)* I'm sure You know the site but in case others need it - here's the link to the page http://wiki2.dovecot.org/Upgrading/2.0 Regards, Finn On 03-03-2011 17:17, Eric Broch wrote: On 3/3/2011 8:54 AM, Eric Shubert wrote: On 03/03/2011 08:36 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric. What about the 'dovenull' user that is required now or have You changed the default_login_user ? Regards, Finn Finn, Nice to have you chiming in here, thanks. You're running Dovecot v2 I take it? 2.0.9, or earlier? Are you subscribed on the qmailtoaster-devel list? Please do if you're not already. Thanks. Finn, Thanks, no I did not do either. But, since you reminded my I added 'default_login_user = dovecot' to dovecot.conf file Can you tell me what parameters are necessary when creating 'dovenull' user? Eric - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com or better yet... useradd -M -d /nohome -s /bin/false -c 'Dovenull user' dovenull Eric I was in fear and trepidation the whole way, Finn. ;-) Anyhow, thanks! And, I couldn't have done anything without the Linux community and all the great folks who write software for this OS. What a Godsend!!! But the real test, for me, will be moving into a production environment.
Re: [qmailtoaster] Re: dovecot upgrade
Hi Nigel. Currently I start dovecot at system boot (init) - if it fails during the day I'm not sure I want it restarted until I have checked why. Regards, Finn On 04-03-2011 16:57, Nigel Reed wrote: Do you guys have a supervise script for Dovecot you can share with me? I'm sure it's pretty simple but if there's a standard one being battered around, I'd like to use it. Thanks, Nigel *From:* Finn Buhelt (kirstineslund) f...@kirstineslund.dk *To:* qmailtoaster-list@qmailtoaster.com *Sent:* Fri, March 4, 2011 8:34:53 AM *Subject:* Re: [qmailtoaster] Re: dovecot upgrade Hi Eric B. Thanks for the reply - I will fire up my testbox later tonight and then see what happens. Cheers, Finn On 04-03-2011 14:55, Eric Broch wrote: Hey Finn, My test system is running CentOS 5.5. I didn't seem to have any problems compiling. The compile (make) did not error out. It is also up to date. I did 'make' dovecot-2.0.9 again to examine the output and found no errors, just warnings. Here's what I did on my test machine... # cd /my/dovecot/dir/dovecot-2.0.9 # make clean # make These are the warnings I got when I ran 'make.' *** Warning: Linking the shared library lib02_imap_acl_plugin.la http://lib02_imap_acl_plugin.la against the loadable module *** lib01_acl_plugin.so http://lib01_acl_plugin.so is not portable! *** Warning: Linking the shared library lib21_fts_squat_plugin.la http://lib21_fts_squat_plugin.la against the loadable module *** lib20_fts_plugin.so http://lib20_fts_plugin.so is not portable! *** Warning: Linking the shared library lib20_mail_log_plugin.la http://lib20_mail_log_plugin.la against the loadable module *** lib15_notify_plugin.so http://lib15_notify_plugin.so is not portable! *** Warning: Linking the shared library lib11_imap_quota_plugin.la http://lib11_imap_quota_plugin.la against the loadable module *** lib10_quota_plugin.so http://lib10_quota_plugin.so is not portable! *** Warning: Linking the shared library lib11_trash_plugin.la http://lib11_trash_plugin.la against the loadable module *** lib10_quota_plugin.so is not portable! *** Warning: Linking the shared library lib30_imap_zlib_plugin.la http://lib30_imap_zlib_plugin.la against the loadable module *** lib20_zlib_plugin.so http://lib20_zlib_plugin.so is not portable! I have the complete output in a text file. If your interested in seeing it. Eric On 3/4/2011 3:56 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric B. What OS are You using ? (sniffing around there seems to be many libraries that needs to be updated in Centos5.5 (both 32 64 bit) if Dovecot 2.X will compile) Regards, Finn On 03-03-2011 20:01, Eric Broch wrote: On 3/3/2011 11:39 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric B. I am a bit suprised - You started out some 12 hours ago telling that You did not know how to do this upgrade !! And now You're on top of it and has the most dovecot 'tuned' toaster seen on this site 8-) . Great work and thanks for the help. /Finn On 03-03-2011 18:53, Eric Broch wrote: On 3/3/2011 9:33 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric. I think You're okay doing the change in dovecot.conf but I have inserted the text from dovecot.org http://dovecot.org below just in case * *Just like with dovecot user, dovenull doesn't need a password, home directory or anything else (but it's good to give it its own private dovenull group)* I'm sure You know the site but in case others need it - here's the link to the page http://wiki2.dovecot.org/Upgrading/2.0 Regards, Finn On 03-03-2011 17:17, Eric Broch wrote: On 3/3/2011 8:54 AM, Eric Shubert wrote: On 03/03/2011 08:36 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric. What about the 'dovenull' user that is required now or have You changed the default_login_user ? Regards, Finn Finn, Nice to have you chiming in here, thanks. You're running Dovecot v2 I take it? 2.0.9, or earlier? Are you subscribed on the qmailtoaster-devel list? Please do if you're not already. Thanks. Finn, Thanks, no I did not do either. But, since you reminded my I added 'default_login_user = dovecot' to dovecot.conf file Can you tell me what parameters are necessary when creating 'dovenull' user? Eric - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visitqmailtoaster.com http://qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: dovecot upgrade
Hi Eric B.
I'll give You my init.d/dovecot ! (rel 1.2.10) the logging is done by
dovecot (set log path in dovecot.conf)
Remember to make changes according to Your paths in the init file
#!/bin/bash
#
# /etc/rc.d/init.d/dovecot
#
# Starts the dovecot daemon
#
# chkconfig: - 65 35
# description: Dovecot Imap Server
# processname: dovecot
# config: /etc/dovecot.conf
# config: /etc/sysconfig/dovecot
# pidfile: /var/run/dovecot/master.pid
### BEGIN INIT INFO
# Provides: dovecot
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# Should-Start: $remote_fs
# Should-Stop: $remote_fs
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: start and stop Dovecot Imap server
# Description: Dovecot is an IMAP server for Linux/UNIX-like systems,
# written with security primarily in mind. It also contains
# a small POP3 server.
### END INIT INFO
# Source function library.
. /etc/init.d/functions
if [ -f /etc/sysconfig/dovecot -a $UID -eq 0 ]; then
. /etc/sysconfig/dovecot
fi
RETVAL=0
prog=Dovecot Imap
exec=/usr/sbin/dovecot
config=/etc/dovecot.conf
pidfile=/var/run/dovecot/master.pid
lockfile=/var/lock/subsys/dovecot
start() {
[ $UID -eq 0 ] || exit 4
[ -x $exec ] || exit 5
[ -f $config ] || exit 6
echo -n $Starting $prog:
daemon --pidfile $pidfile $exec $OPTIONS
RETVAL=$?
[ $RETVAL -eq 0 ] touch $lockfile
echo
}
stop() {
[ $UID -eq 0 ] || exit 4
echo -n $Stopping $prog:
killproc -p $pidfile $exec
RETVAL=$?
[ $RETVAL -eq 0 ] rm -f $lockfile
echo
}
reload() {
[ $UID -eq 0 ] || exit 4
echo -n $Reloading $prog:
killproc -p $pidfile $exec -HUP
RETVAL=$?
echo
}
#
# See how we were called.
#
case $1 in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
force-reload|restart)
stop
sleep 1
start
RETVAL=$?
;;
condrestart|try-restart)
if [ -f $lockfile ]; then
stop
sleep 3
start
fi
;;
status)
status -p $pidfile $exec
RETVAL=$?
;;
*)
echo $Usage: $0
{condrestart|try-restart|start|stop|restart|reload|forc
e-reload|status}
RETVAL=2
[ $1 = 'usage' ] RETVAL=0
esac
exit $RETVAL
Cheers
Finn
On 04-03-2011 19:28, Eric Broch wrote:
On 3/4/2011 10:55 AM, Eric Shubert wrote:
I had a little difficulty with keeping dovecot up at first. It's very
sensitive to time, and I'm running VMs. I think I got the time
situation under control, but I keep this script running as a cron job
every minute just in case:
[root@tacs-mail ~]# cat /usr/local/bin/monitor_dovecot
#!/bin/sh
# check if dovecot's running, and start it if it's not
# shubes - 20090206 - created
service dovecot status/dev/null 21 || \
service dovecot start/dev/null 21
[root@tacs-mail ~]#
As you can see, I'm not using supervise for dovecot. I'm not sure
there's really a good reason to do so. (when in Rome...)
Eric,
So, you create the file /etc/rc.d/init.d/dovecot, add it as a service
using 'chkconfig --add dovecot' and start it at boot-time using
'chkconfig dovecot on' ?
If so, what does you /etc/rc.d/init.d/dovecot file look like? And, as a
consequence, I suppose, I would remove /var/qmail/supervise/dovecot/run
How do you implement the logging mechanism, through qmailctl and
/var/qmail/supervise/dovecot/log/run ?
Eric B.
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: dovecot upgrade
Hi Eric.
What about the 'dovenull' user that is required now or have You changed
the default_login_user ?
Regards,
Finn
On 03-03-2011 06:15, Eric Broch wrote:
On 3/2/2011 8:37 PM, Eric Broch wrote:
On 3/2/2011 7:48 PM, Eric Shubert wrote:
On 03/02/2011 06:34 PM, Eric Broch wrote:
Hello list,
I'm trying to implement shared folders in dovecot and have received some
help on the dovecot mailing list. I've been told that I should upgrade
to the most recent version of dovecot. Has anyone on the
qmailtoaster-list upgraded to dovecot v2? If so, as I'm used to working
with RPM installs not port-like installs and upgrades, what procedure
does one use to upgrade. Would I have to uninstall the old version? Is
there an option, like with RPMs, to upgrade to the new version? Should I
even consider upgrading at this point since the upgrade on the toaster
wiki suggests install of dovecot v-1.2.3. Any help or suggestions would
be greatly appreciated.
Eric
-
Which version are you running presently?
Funny you should post this now. I'm trying (haven't started really) to
get my QMTs upgraded from 1.0.10 to 1.2.x this week. Hope to have the
rpms done tomorrow and implement over the weekend. I plan on putting
the rpms in the QTP repo, for CentOS5, so you should be able to use
yum to install the package once I get that done (if you're running
COS5 32-bit). I might build the 64-bit rpm if someone really wants it.
My understanding is that v1.2.x supports shared folders with ACLs. I
use shared folders just fine with v1.0.10, but there's no access
controls.
Dovecot v2 not quite as stable as 1.2, but I expect that there are
some who are running it in production. If someone here is running v2,
please chime in.
Thanks, Eric.
I'm running dovecot-1.2.3 currently per the QMT wiki page replacing
courier. On the wiki dovecot is installed using the configure, make,
make install procedure after downloading the tar.gz file.
I've asked questions about implementing ACLs for my installed version
(v1.2.3) of dovecot on the dovecot mailing list and answers are scarce.
Those who have responded recommend I upgrade to v2. I see nothing in the
dovecot documentation suggesting that what I want to do is not possible
with the v1.2.3. I just can't seem to get any answers, though.
I have a test server on which I am willing to try this but want to do it
correctly. I'm not familiar with upgrading using any method other than
'yum update' and 'rpm -Uvh.' If anyone knows the procedure for upgrading
using 'make' commands, I'm all ears.
There is this wiki upgrade document:
http://wiki2.dovecot.org/Upgrading/2.0, but there is no procedure in it
for working with tar.gz installs and upgrades.
Eric
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Hello list,
After playing around on my test server I installed dovecot v2.0.9.
This was my procedure:
(Stop Qmailtoaster)
1) qmailctl stop
(Uninstall dovecot v1.2.3)
2) cd /my/dovecot/dir/dovecot-1.2.3
3) sudo make uninstall
(Install dovecot v2.0.9)
4) cd /my/dovecot/dir
5) wget http://dovecot.org/releases/2.0/dovecot-2.0.9.tar.gz
6) tar -zxvf dovecot-2.0.9.tar.gz
7) cd dovecot-2.0.9
8) ./configure --with-vpopmail --with-ssl=openssl
9) make
10) sudo make install
(Create the v2.0.9 configuration file from v1.2.3 configuration file and
put it in v2 directory)
11) cp /usr/local/etc/dovecot.conf /usr/local/etc/dovecot/dovecot.conf
12) cd /usr/local/etc/dovecot
13) doveconf -n dovecot-2.conf (Create v2 compatible file)
14) cp dovecot-2.conf dovecot.conf (Rename v2 compatible file)
(Edit v2 file)
15) Removed the following setting from dovecot.conf (IMAP will not work
with this setting)
service auth {
user = vpopmail
}
15) qmailctl start
All seems to be working correctly.
The ACL options I was trying to get working under v1.2.3 are now working
in v2.0.9
Eric
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news,
Re: [qmailtoaster] Re: dovecot upgrade
Hi Eric. I have been running 1.2.10 for some time now, but have looked at 2.0.8 for a while without installing yet (now I will go to 2.0.9) but as an ol' habit I'm always looking around to see what may have changed and the dovenull is on the top of the 'changes from 1.2 - 2X' list at the dovecot.org page ;-) I'm not subscribed and will do shortly. BTW - theres also a guide on dovecot.org to include dovecot into fail2ban :-) if needed Regards, Finn On 03-03-2011 16:54, Eric Shubert wrote: On 03/03/2011 08:36 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric. What about the 'dovenull' user that is required now or have You changed the default_login_user ? Regards, Finn Finn, Nice to have you chiming in here, thanks. You're running Dovecot v2 I take it? 2.0.9, or earlier? Are you subscribed on the qmailtoaster-devel list? Please do if you're not already. Thanks. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: dovecot upgrade
Hi Eric. I think You're okay doing the change in dovecot.conf but I have inserted the text from dovecot.org below just in case * *Just like with dovecot user, dovenull doesn't need a password, home directory or anything else (but it's good to give it its own private dovenull group)* I'm sure You know the site but in case others need it - here's the link to the page http://wiki2.dovecot.org/Upgrading/2.0 Regards, Finn On 03-03-2011 17:17, Eric Broch wrote: On 3/3/2011 8:54 AM, Eric Shubert wrote: On 03/03/2011 08:36 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric. What about the 'dovenull' user that is required now or have You changed the default_login_user ? Regards, Finn Finn, Nice to have you chiming in here, thanks. You're running Dovecot v2 I take it? 2.0.9, or earlier? Are you subscribed on the qmailtoaster-devel list? Please do if you're not already. Thanks. Finn, Thanks, no I did not do either. But, since you reminded my I added 'default_login_user = dovecot' to dovecot.conf file Can you tell me what parameters are necessary when creating 'dovenull' user? Eric - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: dovecot upgrade
Hi Eric B. I am a bit suprised - You started out some 12 hours ago telling that You did not know how to do this upgrade !! And now You're on top of it and has the most dovecot 'tuned' toaster seen on this site 8-) . Great work and thanks for the help. /Finn On 03-03-2011 18:53, Eric Broch wrote: On 3/3/2011 9:33 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric. I think You're okay doing the change in dovecot.conf but I have inserted the text from dovecot.org below just in case * *Just like with dovecot user, dovenull doesn't need a password, home directory or anything else (but it's good to give it its own private dovenull group)* I'm sure You know the site but in case others need it - here's the link to the page http://wiki2.dovecot.org/Upgrading/2.0 Regards, Finn On 03-03-2011 17:17, Eric Broch wrote: On 3/3/2011 8:54 AM, Eric Shubert wrote: On 03/03/2011 08:36 AM, Finn Buhelt (kirstineslund) wrote: Hi Eric. What about the 'dovenull' user that is required now or have You changed the default_login_user ? Regards, Finn Finn, Nice to have you chiming in here, thanks. You're running Dovecot v2 I take it? 2.0.9, or earlier? Are you subscribed on the qmailtoaster-devel list? Please do if you're not already. Thanks. Finn, Thanks, no I did not do either. But, since you reminded my I added 'default_login_user = dovecot' to dovecot.conf file Can you tell me what parameters are necessary when creating 'dovenull' user? Eric - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com or better yet... useradd -M -d /nohome -s /bin/false -c 'Dovenull user' dovenull Eric
Re: [qmailtoaster] Re: SMTP attack
Hi all. I installed and is using fail2ban after Eric wrote about it long time ago. It works perfectly and is doing a nice job blocking different attemps on my server. (Iptables drop ip) I am using dovecot and is having fail2ban checking the dovecot log for bad password attempts (amongst other checks) - works great. If You download the fail2ban package (and compile it) there is a qmail.conf script implemented, it may need some tweaking to match Your needs but it's not that hard - You can try Your 'selfmade' conf files on Your logfiles to make sure they work as You planned. It also uses iptables. I can only recommend using this tool, it keeps an 'eye' on things constantly - ofcourse there is people out there that makes an effort in trying to bypass fail2ban so never think You're 100% safe. Regards, Finn On 02-03-2011 06:05, Tony White wrote: Trouble is Fail2Ban requires the shorewall firewall! At least if you use the rpm's. On 02/03/2011 3:58 PM, Maxwell Smart wrote: I actually use OSSECHIDS for this type of attack. I use fail2ban for ftp and ssh. Ole is the chap that knows fail2ban for Qmail. You can install it now using yum install fail2ban instead of compiling. On 03/01/2011 06:40 PM, Eric Shubert wrote: If CJ got it working, then I expect that just about anyone can do it. ;) JK CJ. Would you care to create a page on the wiki for this? - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] SMTP attack
Hi Sergio. If I am reading Your logfile correct You should try to replace *vchkpw-pop3: vpopmail user not found* with *vchkpw-smtp: password fail *and leave everything else. Change this in the filter.d directory and remember to reload fail2ban ( fail2ban-client reload on the CLI) Regards, Finn On 02-03-2011 04:09, Sergio M wrote: South Computers escribió: Sounds like they may have gotten hit with a virus or pissed someone off. I would block the domain from relaying inform the customer, possibly make them change their email account passwords if it's not a large organization. Ask them to relay through their provider if possible for the time being. Fail2ban would be the best solution for the time being as previously mentioned. The passwords are all wrong. they are all like: mail vpopmail[31082]: vchkpw-smtp: password fail (pass: 'edos1kd9') eduardos...@domain.com:201.82.74.70 The domain is blocked in spamdyke, unless they authenticate and bypass the filters, so that is covered. But the smtp sessions are used nevertheless. I installed fail2ban (from the repos mentioned in fail2ban.org) but cannot make it work with the smtpd. I tried with http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg23951.html but i think it has a conf file missing and the vpopmail is for pop3. I also tried with http://notes.benv.junerules.com/all/software/qmail-spamdyke-and-fail2ban/#more-539 but cannot make it work with the RBL_MATCH filter. Any tips from satisfied fail2ban users? Thanks! Sergio - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] SMTP attack
Hi Sergio. Try to remove the @ sign and give it a go ! Regards Finn On 02-03-2011 13:27, Sergio M wrote: Finn Buhelt (kirstineslund) escribió: Hi Sergio. If I am reading Your logfile correct You should try to replace *vchkpw-pop3: vpopmail user not found* with *vchkpw-smtp: password fail *and leave everything else. Change this in the filter.d directory and remember to reload fail2ban ( fail2ban-client reload on the CLI) Regards, Finn That didnt't work. I tested with fail2ban-regex: Failregex |- Regular expressions: | [1] vchkpw-smtp: password fail .*@:HOST | `- Number of matches: [1] 0 match(es) But thanks for the tip Finn. -Sergio - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] SMTP attack
Hi Sergio. 1.There is a *.conf file somewhere on the net that checks fail2ban's own logfile and to a certain extend prevent this from happening.(sorry cann't remember where but will do some investigation and let You kow if I'm successfull) 2. iptables -D name-of-the-banned -s IP -j DROP should do the trick /Finn On 02-03-2011 13:42, Sergio M wrote: Finn Buhelt (kirstineslund) escribió: Hi Sergio. If I am reading Your logfile correct You should try to replace *vchkpw-pop3: vpopmail user not found* with *vchkpw-smtp: password fail *and leave everything else. Change this in the filter.d directory and remember to reload fail2ban ( fail2ban-client reload on the CLI) Regards, Finn This one got lots of hits in the regex text: # cat /etc/fail2ban/filter.d/vpopmail-fail.conf [Definition] failregex = vchkpw-smtp: password fail ([^)]*) [^@]*@[^:]*:HOST ignoreregex = (i took it from the spanish site I posted before) I could also use some other set of rules for qmail. The default one does not get any hits. About fail2ban 1. Everytime I reload it I loose the whole set of banned IPs? Same with rebooting? Can I make them persist? 2. How can I unban a single IP without restarting fail2ban? Thanks! -Sergio - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] SMTP attack
Hi again Sergio. FYI fail2ban unbans the IP after X minutes (X is set i the jail.conf either globally or per 'filter.conf') /Finn On 02-03-2011 13:42, Sergio M wrote: Finn Buhelt (kirstineslund) escribió: Hi Sergio. If I am reading Your logfile correct You should try to replace *vchkpw-pop3: vpopmail user not found* with *vchkpw-smtp: password fail *and leave everything else. Change this in the filter.d directory and remember to reload fail2ban ( fail2ban-client reload on the CLI) Regards, Finn This one got lots of hits in the regex text: # cat /etc/fail2ban/filter.d/vpopmail-fail.conf [Definition] failregex = vchkpw-smtp: password fail ([^)]*) [^@]*@[^:]*:HOST ignoreregex = (i took it from the spanish site I posted before) I could also use some other set of rules for qmail. The default one does not get any hits. About fail2ban 1. Everytime I reload it I loose the whole set of banned IPs? Same with rebooting? Can I make them persist? 2. How can I unban a single IP without restarting fail2ban? Thanks! -Sergio - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] SMTP attack
Hi Sergio. Yep You're right I think that was the one I was thinking on. I too, think the second one looks very promising - I'll have a closer look at eh script later on. Also as You write it's possible to save iptables before reloading fail2ban - good point - REMEMBER that fail2ban as default reloads once a week as I recall it, it's set in the logrotate.d Regards, Finn On 02-03-2011 17:33, Sergio M wrote: Finn Buhelt (kirstineslund) escribió: Hi Sergio. 1.There is a *.conf file somewhere on the net that checks fail2ban's own logfile and to a certain extend prevent this from happening.(sorry cann't remember where but will do some investigation and let You kow if I'm successfull) Finn, I think this is what you said: http://whyscream.net/wiki/index.php/Fail2ban_monitoring_Fail2ban What do you think about this one? Maybe I like it better http://n8wood.wordpress.com/2009/06/22/fail2ban-permanent-ssh-bans/ And to keep the bans upon reloads, if you do a service iptables save and then service iptables restart, it just load them again after the fail2ban-client flushd the iptables rules. Thanks. Sergio - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Fail2ban and vpopmail
Hi Sergio. Sounds like You're having a script that sends mail ! Do You by any chance have a webserver with e-mail forms that can have been compromised ? Regards, Finn On 02-03-2011 18:22, Sergio M wrote: Eric Shubert escribió: You should see: 03-02 10:09:37 tcpserver: status: 0/25 right after you start qmail. If it doesn't drop to 0 when you start it, then something's wrong. Please check the status message which corresponds to the start of qmail. If it's not 0/25, please post several lines before and after from your log. I don't know about using htop to look for qmail processes. Perhaps you've missed something. I would try: # ps -ef | grep qmail to see what processes are running that are qmail related, in place of your step 4 above. I'm sorry, its starts at 0/25 and then goes up straight to 25/25. What's more annoying is that it just stays frozen for several minutes. (ie from 10:22 to 10:26 in the excerpt that i posted earlier) - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] help -- smtp forward--
Hi Guys. Why have You gone to scramble mode ?:-) Regards, Finn On 26-02-2011 12:34, Ariel wrote: gracias,, muchachos,, ya que estamos en español? alguien conoce alguna utilidad web o algo para hacer mas facil la administracion de qmail, sobre todo el manejo de logs,, que para mi es muy engorroso. Gracias 2011/2/25 Carlos Herrera Polo carlos.herrerap...@gmail.com mailto:carlos.herrerap...@gmail.com Excelente, antes existia una lista de qmail en castellano pero murio 2011/2/25, Noel Rivera (Border Less) nriv...@borderless.com.mx mailto:nriv...@borderless.com.mx: Yo también hablo español, por si alguien necesita ayuda Saludos. borderless_small Borderless Consulting Group SA de CV. Noel Alban Rivera Rivera Jefe de Redes y Telecomunicaciones Tel. (915) 633-61-04 Nextel 62*142650*2 P Por favor considera el medio ambiente antes de imprimir este e-mail. -- CONFIDENTIALITY NOTICE: This e-mail message including attachments, if any, is intended only for the person or entity to which it is addressed and may contain confidential and /or privileged material. Any review, use, disclosure or distribution of such confidential information without the written authorization of Borderless Consulting Group is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. By receiving this e-mail you acknowledge that any breach by you and/or your representatives of the above provisions may entitle Borderless Consulting Group to seek for damages. AVISO DE CONFIDENCIALIDAD: Este correo electrónico, incluyendo en su caso, los archivos adjuntos al mismo, pueden contener información de carácter confidencial y/o privilegiada, y se envían a la atención única y exclusivamente de la persona y/o entidad a quien va dirigido. La copia, revisión, uso, revelación y/o distribución de dicha información confidencial sin la autorización por escrito de Borderless Consulting Group está prohibida. Si usted no es el destinatario a quien se dirige el presente correo, favor de contactar al remitente respondiendo al presente correo y eliminar el correo original incluyendo sus archivos, así como cualesquiera copia del mismo. Mediante la recepción del presente correo usted reconoce y acepta que en caso de incumplimiento de su parte y/o de sus representantes a los términos antes mencionados, Borderless Consulting Group tendrá derecho a los daños y perjuicios que esto le cause. From: Ariel [mailto:lauchafernan...@gmail.com mailto:lauchafernan...@gmail.com] Sent: Friday, February 25, 2011 6:03 PM To: qmailtoaster-list@qmailtoaster.com mailto:qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: help -- smtp forward-- gracias,, al fin alguien español 2011/2/25 Carlos Herrera Polo carlos.herrerap...@gmail.com mailto:carlos.herrerap...@gmail.com Ariel, armando una ruta en smtproutes soluciona tu problema 2011/2/25 Eric Shubert e...@shubes.net mailto:e...@shubes.net On 02/25/2011 09:18 AM, Ariel wrote: List, I need your help urgently. Tenqo qmail running on a single domain, but I need all outgoing mail from that domain, it can be sent by another server. since I'm tieneindo blacklisting problems. if one can not rule need to forward all outgoing mail to another smtp qmail different. Lista,, necesito su ayuda, de forma urgente. Tenqo qmail funcionando con un solo dominio, pero necesito que todo el correo saliente de ese dominio, lo pueda enviar por otro servidor. ya que estoy tieneindo problemas de listas negras. si no se puede por dominio necesito reenviar todo el correo saliente del qmail por otro smtp diferente. This problem is encountered when QMT is on a dynamic IP address (and some other situations as well). I use the SendLabs SMTP service (formerly known as Mailhop Outbound) from http://dyndns.com/. It's affordable, but the number of emails you can send per day is limited. This service is extremely reliable. Once you have purchased the service, you simply need to add this line to your /var/qmail/control/smtproutes file: :outbound.mailhop.org:2525 http://outbound.mailhop.org:2525 username
Re: [qmailtoaster] DKIM and DomainKeys and the Toaster
Hi Dan. I've been looking through logfiles without stumbling into any issues regarding Domainkeys. I have also been using Domainkeys for some time now without any (known to me) issues. What have You found - let me know and I will check my system. Regards, Finn On 18-02-2011 03:39, Dan McAllister wrote: Greeting QMT and QTP affectionados... I endeavored to help PV Anthony resolve his SpamDyke issues a little bit ago and discovered to my dismay that my DomainKeys system was rejecting messages for no good reason -- ESPECIALLY if the sending domain had NO DomainKeys DNS entries! Needless to say, this is problematic, so I've temporarily suspended checking for DomainKeys Has anyone else experienced this recently? (I've used DomainKeys for quite some time without reason to suspect it was problematic! Was I just blind to the issues all this time??) Thanks in advance to any who choose to discuss this... Dan IT4SOHO - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Error while restarting qmail
Hi Eric.
Yes, I have removed courier-authlib-toaster and courier-imap-toaster when I
installed Dovecot some months ago - no problemo - I think Amit was the
contributor of the way to install.
Regards,
Finn
- Original Message -
From: Eric Shubert e...@shubes.net
To: qmailtoaster-list@qmailtoaster.com
Sent: Wednesday, June 23, 2010 12:04 AM
Subject: [qmailtoaster] Re: Error while restarting qmail
That's the safe way. ;)
Has anyone who is running dovecot IMAP and POP3 remove the
courier-authlib-toaster package? Would someone like to try it to see if
anything breaks? (Please don't try this on a production host)
--
-Eric 'shubes'
Amit Dalia wrote:
Hi Eric,
I'm using Dovecot. And I prefer touch /var/qmail/supervise/authlib/down.
Regards,
Amit
At Wednesday, 23-06-2010 on 1:56 Eric Shubert wrote:
Which did you choose to do?
Amit Dalia wrote:
Thanks Eric,
That solved the problem.
Regards,
Amit
At Wednesday, 23-06-2010 on 1:19 Eric Shubert wrote:
Oops - I had a typo. It's envconv, not envconf.
That's part of several scripts:
# find /var/qmail/supervise -name run -exec grep -H envconv {} \;
/var/qmail/supervise/pop3-ssl/run:cat /etc/courier/pop3d-ssl |
/usr/bin/envconv
/var/qmail/supervise/imap4-ssl/run:cat /etc/courier/imapd-ssl |
/usr/bin/envconv
/var/qmail/supervise/imap4/run:cat /etc/courier/imapd |
/usr/bin/envconv
/var/qmail/supervise/authlib/run:cat
/etc/courier/authlib/authdaemonrc |
/usr/bin/envconv
# rpm -qf `which envconv`
courier-imap-toaster-4.1.2-1.3.10
You've removed courier I take it. I hope you're running dovecot.
;)
If you're running dovecot for pop3 (as well as imap), I'm
guessing that
you're getting this from the authlib daemon. As long as you're
running
dovecot for everything pop3, pop3-ssl, imap4, and imap4-ssl, I
don't
think you need the authlib daemon running. You can either
# touch /var/qmail/supervise/authlib/down
or
# yum remove courier-authlib-toaster
Let us know if that's all right.
--
-Eric 'shubes'
Amit Dalia wrote:
Hi Eric,
The command you mentioned doesn't give any output. Also I
noticed
if I
do qmailctl restart it doesn't give any error. But if I
manually stop
and then start qmail it gives the same error.
Regards,
Amit
At Wednesday, 23-06-2010 on 0:56 Eric Shubert wrote:
Amit Dalia wrote:
Hi Everyone,
I'm getting below error when I'm restarting qmail.
./run: line 4: /usr/bin/envconv: No such file or directory
Qmail is working fine.
Regards,
Amit
Which run file is it coming from?
# find /var/qmail/supervise -name run -exec grep -H envconf {}
\;
Please post the contents of that file
--
-Eric 'shubes'
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and
installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and
packages.
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
--
-Eric 'shubes'
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and
installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and
packages.
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and
