Re: [qmailtoaster] Rspam
Ah, ok. So you don't use it via simscan for the whole server. I may just leave it out, that's the way I had my old server set up but was trying to improve things with my new Rocky 9 setup. Gary On 4/17/2024 10:24 AM, Eric Broch wrote: The rspam documentation is awful, in my opinion, however, it is drop in and can be used in .qmail files which is why I implemented it. I will not be much help on configuring it. On 4/17/2024 8:19 AM, Gary Bowling wrote: Looks like my new server's rspam started blocking mail from the list for some reason. I took rspam out of simcontrol for now... Eric, you probably see bounces from my server back to yours. In the past I didn't use rspam but it seems to still be a going concern with 3.8.4 being the latest version. What's the advice on rspam these days? If I'm going to run it I need to learn how to manage it, whitelist things, etc. Right now I have little knowledge of it. Thanks. -- Gary Bowling The Moderns album NEXT on your favorite streaming platform - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Rspam
Looks like my new server's rspam started blocking mail from the list for some reason. I took rspam out of simcontrol for now... Eric, you probably see bounces from my server back to yours. In the past I didn't use rspam but it seems to still be a going concern with 3.8.4 being the latest version. What's the advice on rspam these days? If I'm going to run it I need to learn how to manage it, whitelist things, etc. Right now I have little knowledge of it. Thanks. -- Gary Bowling The Moderns album NEXT on your favorite streaming platform - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Rocky9 - new mailserver setup - off topic
You just have to have certbot installed (dnf install cerbot) and then have the timer active. That takes care of running it on a schedule and then you just configure it in all the directories under /etc/letsencrypt/ Here's what mine looks like. [root@mail ~]# systemctl list-unit-files | grep certbot certbot-renew.service static - certbot-renew.timer enabled enabled [root@mail ~]# systemctl list-timers certbot-renew.timer NEXT LEFT LAST PASSED UNIT ACTIVATES Tue 2024-04-16 21:54:51 EDT 7h left Tue 2024-04-16 07:02:57 EDT 6h ago certbot-renew.timer certbot-renew.service Once you get that done, Then you just need to set up apache with the virtualhosts and run certbot and it will prompt you for the virtualhost you want to set up a cert for. As long as you have apache and DNS configure correctly, it will challenge verify your site and install the cert. Once you get the cert set up, if you have the certbot-renew.timer enabled, it will take care of renewing that cert and execute the thing you put in the pre,post,deploy directories. Gary On 4/16/2024 1:52 PM, Gary Bowling wrote: Yes, the script can go in those directories not in a cron. I don't believe you have to call --deploy-hook on the command line if the script is in those directories. Actually you don't call anything in the command line, it's all done as part of the certbot-renew.service and the certbot-renew.timer in systemd. That timer runs every day, but the cert won't renew unless it's within 30 days of expiring. Whenever it renews it will run whatever scripts are in those directories. Or at least that's my understanding, I haven't had my script in the "post" directory long enough yet to verify that it runs it, but that's my understanding. I just moved my script to there from a cron based on William's note. Gary On 4/16/2024 10:34 AM, Eric Broch wrote: I thought William S. had mentioned something about a Let's Encrypt hook instead of a cron job. From what I've been reading, one's script simply goes in /etc/letsencrypt/renewal-hooks/{pre,post,deploy] or something like that, true? Then I suppose one calls certbot renew --deploy-hook or something like that. The documentation seemed sparse, anyway... Pipe in William if you have something. On Tue, Apr 16, 2024 at 6:33 AM Gary Bowling <g...@gbco.us> wrote: I'll help edit it if someone else that is currently going through it wants to start it. Maybe set up a google doc and give some people edit access. Or give read only access and we can drop comments/suggestions back here for someone to edit. It's been a long time since I set it up from scratch, so I'm a bit rusty on that. It shouldn't be too hard to come up with something. I like to do everything "standard" via the RH/Rocky way of doing it. That way dnf updates work and I don't have as much maintenance. So I don't compile, customize anything unless I'm forced to. The only special part on my install is the script to "cat" the certs and create a servercert.pem. Especially with your new updates, if it works with ECDSA certs, then no need for that custom rsa 2048 config part. With that, it should just be installing httpd, certbot, and doing a standard config for the server name. The only complication being if you use different names.. e.g. webmail.domain.com and mail.domain.com or something. It's much simpler if you use the same name for both since letsencrypt queries back to the dns name you set up on apache to validate. If you don't use the same name, you either have to set up a dummy virtual
Re: [qmailtoaster] Re: Rocky9 - new mailserver setup - off topic
Yes, the script can go in those directories not in a cron. I don't believe you have to call --deploy-hook on the command line if the script is in those directories. Actually you don't call anything in the command line, it's all done as part of the certbot-renew.service and the certbot-renew.timer in systemd. That timer runs every day, but the cert won't renew unless it's within 30 days of expiring. Whenever it renews it will run whatever scripts are in those directories. Or at least that's my understanding, I haven't had my script in the "post" directory long enough yet to verify that it runs it, but that's my understanding. I just moved my script to there from a cron based on William's note. Gary On 4/16/2024 10:34 AM, Eric Broch wrote: I thought William S. had mentioned something about a Let's Encrypt hook instead of a cron job. From what I've been reading, one's script simply goes in /etc/letsencrypt/renewal-hooks/{pre,post,deploy] or something like that, true? Then I suppose one calls certbot renew --deploy-hook or something like that. The documentation seemed sparse, anyway... Pipe in William if you have something. On Tue, Apr 16, 2024 at 6:33 AM Gary Bowling <g...@gbco.us> wrote: I'll help edit it if someone else that is currently going through it wants to start it. Maybe set up a google doc and give some people edit access. Or give read only access and we can drop comments/suggestions back here for someone to edit. It's been a long time since I set it up from scratch, so I'm a bit rusty on that. It shouldn't be too hard to come up with something. I like to do everything "standard" via the RH/Rocky way of doing it. That way dnf updates work and I don't have as much maintenance. So I don't compile, customize anything unless I'm forced to. The only special part on my install is the script to "cat" the certs and create a servercert.pem. Especially with your new updates, if it works with ECDSA certs, then no need for that custom rsa 2048 config part. With that, it should just be installing httpd, certbot, and doing a standard config for the server name. The only complication being if you use different names.. e.g. webmail.domain.com and mail.domain.com or something. It's much simpler if you use the same name for both since letsencrypt queries back to the dns name you set up on apache to validate. If you don't use the same name, you either have to set up a dummy virtualhost in apache to do the challenge validation on that name, or you have to use another challenge method like DNS-01 to update your certs. Toaster doc should probably have examples of both. Here's a generic letsencrypt setup for Rocky 8/9 and apache. Needs some tweaks to do the challenge verification back to your roundcube apache virtualhost instead of the default /var/www/html/ query. Or if you have separate names you can use the /var/www/html/ for the dummy virtualhost to get your mail server certs, but you'll still need another one for the roundcube virtualhost. https://www.cyberciti.biz/faq/how-to-secure-apache-with-lets-encrypt-certificates-on-rhel-8/ Hope this helps.. Gary On 4/15/2024 1:33 PM, Eric Broch wrote: Anyone feel like doing a write-up and I'll put it on the wiki? On 4/15/2024 11:18 AM, Gary Bowling wrote: Ah, right. Actually it looks like I can just place my script that I currently run in my cron job in the /etc/letsencrypt/renewal-hooks/post/ directory and it will run as a "post renew" script. Thanks for that. Gary On 4/15/2024 1:04 PM, William Silverstein wrote: I would not use a
Re: [qmailtoaster] Re: Rocky9 - new mailserver setup - off topic
I'll help edit it if someone else that is currently going through it wants to start it. Maybe set up a google doc and give some people edit access. Or give read only access and we can drop comments/suggestions back here for someone to edit. It's been a long time since I set it up from scratch, so I'm a bit rusty on that. It shouldn't be too hard to come up with something. I like to do everything "standard" via the RH/Rocky way of doing it. That way dnf updates work and I don't have as much maintenance. So I don't compile, customize anything unless I'm forced to. The only special part on my install is the script to "cat" the certs and create a servercert.pem. Especially with your new updates, if it works with ECDSA certs, then no need for that custom rsa 2048 config part. With that, it should just be installing httpd, certbot, and doing a standard config for the server name. The only complication being if you use different names.. e.g. webmail.domain.com and mail.domain.com or something. It's much simpler if you use the same name for both since letsencrypt queries back to the dns name you set up on apache to validate. If you don't use the same name, you either have to set up a dummy virtualhost in apache to do the challenge validation on that name, or you have to use another challenge method like DNS-01 to update your certs. Toaster doc should probably have examples of both. Here's a generic letsencrypt setup for Rocky 8/9 and apache. Needs some tweaks to do the challenge verification back to your roundcube apache virtualhost instead of the default /var/www/html/ query. Or if you have separate names you can use the /var/www/html/ for the dummy virtualhost to get your mail server certs, but you'll still need another one for the roundcube virtualhost. https://www.cyberciti.biz/faq/how-to-secure-apache-with-lets-encrypt-certificates-on-rhel-8/ Hope this helps.. Gary On 4/15/2024 1:33 PM, Eric Broch wrote: Anyone feel like doing a write-up and I'll put it on the wiki? On 4/15/2024 11:18 AM, Gary Bowling wrote: Ah, right. Actually it looks like I can just place my script that I currently run in my cron job in the /etc/letsencrypt/renewal-hooks/post/ directory and it will run as a "post renew" script. Thanks for that. Gary On 4/15/2024 1:04 PM, William Silverstein wrote: I would not use a cron script. I use --deploy-hook option on the certbot-auto to handle it. On Mon, April 15, 2024 9:59 am, Gary Bowling wrote: Great. One question. Seems like everything on my server uses /var/qmail/control/servercert.pem for the cert. Dovecot and qmail all use that file. And I have a cron job that runs once a month to check for a new letsencrypt cert and if there is one it copies it over to servercert.pem to update my mail server. Is that the correct way to handle that? Or is that something that is left over from my old server that I moved over? Thanks, Gary On 4/15/2024 12:44 PM, Eric Broch wrote: Neither, /var/qmail/control/dh2048.pem /var/qmail/control/rsa2048.pem On 4/15/2024 10:33 AM, Gary Bowling wrote: Thanks, will still require rsa? On 4/15/2024 10:47 AM, Eric Broch wrote: My next iteration on EL9 will remove keysize it's deprecated, has been for a while. Should have the new code out within the week. SSL_CTX_set_tmp_rsa_callback · openssl/openssl · Discussion #23769 (github.com) On 4/15/2024 6:25 AM, Gary Bowling wrote: Hey Jeff, glad you're making progress. Be aware that when you g
Re: [qmailtoaster] Re: Rocky9 - new mailserver setup - off topic
Ah, right. Actually it looks like I can just place my script that I currently run in my cron job in the /etc/letsencrypt/renewal-hooks/post/ directory and it will run as a "post renew" script. Thanks for that. Gary On 4/15/2024 1:04 PM, William Silverstein wrote: I would not use a cron script. I use --deploy-hook option on the certbot-auto to handle it. On Mon, April 15, 2024 9:59 am, Gary Bowling wrote: Great. One question. Seems like everything on my server uses /var/qmail/control/servercert.pem for the cert. Dovecot and qmail all use that file. And I have a cron job that runs once a month to check for a new letsencrypt cert and if there is one it copies it over to servercert.pem to update my mail server. Is that the correct way to handle that? Or is that something that is left over from my old server that I moved over? Thanks, Gary On 4/15/2024 12:44 PM, Eric Broch wrote: Neither, /var/qmail/control/dh2048.pem /var/qmail/control/rsa2048.pem On 4/15/2024 10:33 AM, Gary Bowling wrote: Thanks, will still require rsa? On 4/15/2024 10:47 AM, Eric Broch wrote: My next iteration on EL9 will remove keysize it's deprecated, has been for a while. Should have the new code out within the week. SSL_CTX_set_tmp_rsa_callback · openssl/openssl · Discussion #23769 (github.com) On 4/15/2024 6:25 AM, Gary Bowling wrote: Hey Jeff, glad you're making progress. Be aware that when you get a new cert from Letsencrypt that the default now retrieves an ECDSA cert. Which is fine for apache, but doesn't work on qmail, or at least it didn't for me. To fix that you'll need to configure letsencrypt to give you an RSA 2048 cert. There are two ways to do that. If you want all your certs to be RSA 2048, you can add this to the /etc/letsencrypt/cli.ini file. key-type = rsa rsa-key-size = 2048 If you just want to do that for your keys you use in qmail, then you can put the above in the /etc/letsencrypt/renewal/domain.conf file. Where "domain" is the name of the cert you're renewing. Certbot creates the file so it should already be there. Gary On 4/14/2024 10:39 PM, Jeff Koch wrote: I may have resolved this. I did the Rocy9 distro install of apache and copied the mod_http2.so file over to our install of apache. Seems to work (no errors) but I won't know for sure until we setup Lets Encrypt SSL certbot tomorrow Jeff On 4/14/2024 3:11 PM, Jeff Koch wrote: Hi - we're setting up a new mailserver with Rocky 9 and the learning curve is slow as is usual with the first time with a new distro. Anyway because our various scripts look for apache at /usr/local/apache/ we've decided to compile our own binary with the latest apache and have run into trouble / errors related to 'nghttp2'. We did download, compile and install the latest nghttp2-1.61.0 from github. The configure and make went well and http1.1 works but apache generates the following error when we activate mod_http2  (Cannot load modules/mod_http2.so into server: /usr/local/apache2/modules/mod_http2.so: undefined symbol: nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation) If anyone on the list has compiled their own httpd 2.4.59 with Rocky 9 would you mind sharing the details ? Thanks, Jeff Koch - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Rocky9 - new mailserver setup - off topic
Great. One question. Seems like everything on my server uses /var/qmail/control/servercert.pem for the cert. Dovecot and qmail all use that file. And I have a cron job that runs once a month to check for a new letsencrypt cert and if there is one it copies it over to servercert.pem to update my mail server. Is that the correct way to handle that? Or is that something that is left over from my old server that I moved over? Thanks, Gary On 4/15/2024 12:44 PM, Eric Broch wrote: Neither, /var/qmail/control/dh2048.pem /var/qmail/control/rsa2048.pem On 4/15/2024 10:33 AM, Gary Bowling wrote: Thanks, will still require rsa? On 4/15/2024 10:47 AM, Eric Broch wrote: My next iteration on EL9 will remove keysize it's deprecated, has been for a while. Should have the new code out within the week. SSL_CTX_set_tmp_rsa_callback · openssl/openssl · Discussion #23769 (github.com) On 4/15/2024 6:25 AM, Gary Bowling wrote: Hey Jeff, glad you're making progress. Be aware that when you get a new cert from Letsencrypt that the default now retrieves an ECDSA cert. Which is fine for apache, but doesn't work on qmail, or at least it didn't for me. To fix that you'll need to configure letsencrypt to give you an RSA 2048 cert. There are two ways to do that. If you want all your certs to be RSA 2048, you can add this to the /etc/letsencrypt/cli.ini file. key-type = rsa rsa-key-size = 2048 If you just want to do that for your keys you use in qmail, then you can put the above in the /etc/letsencrypt/renewal/domain.conf file. Where "domain" is the name of the cert you're renewing. Certbot creates the file so it should already be there. Gary On 4/14/2024 10:39 PM, Jeff Koch wrote: I may have resolved this. I did the Rocy9 distro install of apache and copied the mod_http2.so file over to our install of apache. Seems to work (no errors) but I won't know for sure until we setup Lets Encrypt SSL certbot tomorrow Jeff On 4/14/2024 3:11 PM, Jeff Koch wrote: Hi - we're setting up a new mailserver with Rocky 9 and the learning curve is slow as is usual with the first time with a new distro. Anyway because our various scripts look for apache at /usr/local/apache/ we've decided to compile our own binary with the latest apache and have run into trouble / errors related to 'nghttp2'. We did download, compile and install the latest nghttp2-1.61.0 from github. The configure and make went well and http1.1 works but apache generates the following error when we activate mod_http2 (Cannot load modules/mod_http2.so into server: /usr/local/apache2/modules/mod_http2.so: undefined symbol: nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation) If anyone on the list has compiled their own httpd 2.4.59 with Rocky 9 would you mind sharing the details ? Thanks, Jeff Koch - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoas
Re: [qmailtoaster] Re: Rocky9 - new mailserver setup - off topic
Thanks, will still require rsa? On 4/15/2024 10:47 AM, Eric Broch wrote: My next iteration on EL9 will remove keysize it's deprecated, has been for a while. Should have the new code out within the week. SSL_CTX_set_tmp_rsa_callback · openssl/openssl · Discussion #23769 (github.com) On 4/15/2024 6:25 AM, Gary Bowling wrote: Hey Jeff, glad you're making progress. Be aware that when you get a new cert from Letsencrypt that the default now retrieves an ECDSA cert. Which is fine for apache, but doesn't work on qmail, or at least it didn't for me. To fix that you'll need to configure letsencrypt to give you an RSA 2048 cert. There are two ways to do that. If you want all your certs to be RSA 2048, you can add this to the /etc/letsencrypt/cli.ini file. key-type = rsa rsa-key-size = 2048 If you just want to do that for your keys you use in qmail, then you can put the above in the /etc/letsencrypt/renewal/domain.conf file. Where "domain" is the name of the cert you're renewing. Certbot creates the file so it should already be there. Gary On 4/14/2024 10:39 PM, Jeff Koch wrote: I may have resolved this. I did the Rocy9 distro install of apache and copied the mod_http2.so file over to our install of apache. Seems to work (no errors) but I won't know for sure until we setup Lets Encrypt SSL certbot tomorrow Jeff On 4/14/2024 3:11 PM, Jeff Koch wrote: Hi - we're setting up a new mailserver with Rocky 9 and the learning curve is slow as is usual with the first time with a new distro. Anyway because our various scripts look for apache at /usr/local/apache/ we've decided to compile our own binary with the latest apache and have run into trouble / errors related to 'nghttp2'. We did download, compile and install the latest nghttp2-1.61.0 from github. The configure and make went well and http1.1 works but apache generates the following error when we activate mod_http2 (Cannot load modules/mod_http2.so into server: /usr/local/apache2/modules/mod_http2.so: undefined symbol: nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation) If anyone on the list has compiled their own httpd 2.4.59 with Rocky 9 would you mind sharing the details ? Thanks, Jeff Koch - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Rocky9 - new mailserver setup - off topic
Hey Jeff, glad you're making progress. Be aware that when you get a new cert from Letsencrypt that the default now retrieves an ECDSA cert. Which is fine for apache, but doesn't work on qmail, or at least it didn't for me. To fix that you'll need to configure letsencrypt to give you an RSA 2048 cert. There are two ways to do that. If you want all your certs to be RSA 2048, you can add this to the /etc/letsencrypt/cli.ini file. key-type = rsa rsa-key-size = 2048 If you just want to do that for your keys you use in qmail, then you can put the above in the /etc/letsencrypt/renewal/domain.conf file. Where "domain" is the name of the cert you're renewing. Certbot creates the file so it should already be there. Gary On 4/14/2024 10:39 PM, Jeff Koch wrote: I may have resolved this. I did the Rocy9 distro install of apache and copied the mod_http2.so file over to our install of apache. Seems to work (no errors) but I won't know for sure until we setup Lets Encrypt SSL certbot tomorrow Jeff On 4/14/2024 3:11 PM, Jeff Koch wrote: Hi - we're setting up a new mailserver with Rocky 9 and the learning curve is slow as is usual with the first time with a new distro. Anyway because our various scripts look for apache at /usr/local/apache/ we've decided to compile our own binary with the latest apache and have run into trouble / errors related to 'nghttp2'. We did download, compile and install the latest nghttp2-1.61.0 from github. The configure and make went well and http1.1 works but apache generates the following error when we activate mod_http2 (Cannot load modules/mod_http2.so into server: /usr/local/apache2/modules/mod_http2.so: undefined symbol: nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation) If anyone on the list has compiled their own httpd 2.4.59 with Rocky 9 would you mind sharing the details ? Thanks, Jeff Koch - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Apache Config Q
When I go to the admin link for my server, https://mail.gbco.us/admin-toaster , it flips it to https://mail.gbco.usadmin-toaster/ and fails. The alias line in toaster.conf is Alias /admin-toaster /usr/share/toaster/htdocs/admin/ I've tried fiddling around with the leading and ending "/" a few times, but nothing seems to change the behavior. The other links work properly.. stats-toaster and qmailadmin being the only ones I use deliberately. Any ideas? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] DKIM
Oh, and totally agree that using drop ins is much better than patching. Gary On 3/23/2024 11:05 AM, Gary Bowling wrote: Thanks. Yes, spamassassin is working fine for the verification of inbound DKIM. Looks like that's part of the stock spamassassin install as long as you have the Mail::SpamAssassin::Plugin::DKIM plugin installed. On 3/23/2024 10:58 AM, Eric Broch wrote: Looks like there's an updated version of the script on Manuel's site, I'll put that on github In lieu of patching qmail...again...I thought using drop ins was preferable. That said, spamassassin can be used on the ingress side of your server to score dkim in messages. On 3/23/2024 8:23 AM, Gary Bowling wrote: hmm, not sure. Maybe a weekend thing. Glad to know it's still there though for future needs. On 3/23/2024 9:56 AM, ebroch wrote: Not sure why github is timing out on you but I can navigate right to the page Sent from my Galaxy Original message From: Gary Bowling Date: 2024-03-23 7:49 a.m. (GMT-07:00) To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] DKIM Ok, qmail-remote for use with DKIM signing outgoing messages is just a perl scrip written by Manuel Mausz way back in 2007 that just calls qmail-remote.orig. I'm not sure where the official toaster version is kept now, but you easily download it from here: https://manuel.mausz.at/coding/qmail-dkim/qmail-dkim-0.3.pl Change the name of your qmail-remote to qmail-remote.orig and change the name of the perl script to qmail-remote I just copied it from my old server. Now my DKIM signing is working correctly. On 3/23/2024 9:24 AM, Gary Bowling wrote: Oops, got a bit confused there between signing and verifying.. For signing, it looks like we are still using a modified qmail-remote. So back to my original question. Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Gary On 3/23/2024 8:31 AM, Gary Bowling wrote: Hmm, this line in the wiki says qmail-queue needs to be "link" which mine is not. 4. DKIM verification (no patch): Assumes 'QMAILQUEUE="/var/qmail/bin/simscan"' defined in /etc/tcprules.d/tcp.smtp && /var/qmail/bin/qmail-queue is a link. Note: Spamassassin has DKIM verification making this unnecessary. and it also says maybe we're now doing it in Spamassassin, but no instructions on how to do that. What IS the best way to do DKIM with an updated server??? Gary On 3/23/2024 8:24 AM, Gary Bowling wrote: I see, looks like we're using a combination of
Re: [qmailtoaster] DKIM
Thanks. Yes, spamassassin is working fine for the verification of inbound DKIM. Looks like that's part of the stock spamassassin install as long as you have the Mail::SpamAssassin::Plugin::DKIM plugin installed. On 3/23/2024 10:58 AM, Eric Broch wrote: Looks like there's an updated version of the script on Manuel's site, I'll put that on github In lieu of patching qmail...again...I thought using drop ins was preferable. That said, spamassassin can be used on the ingress side of your server to score dkim in messages. On 3/23/2024 8:23 AM, Gary Bowling wrote: hmm, not sure. Maybe a weekend thing. Glad to know it's still there though for future needs. On 3/23/2024 9:56 AM, ebroch wrote: Not sure why github is timing out on you but I can navigate right to the page Sent from my Galaxy Original message From: Gary Bowling Date: 2024-03-23 7:49 a.m. (GMT-07:00) To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] DKIM Ok, qmail-remote for use with DKIM signing outgoing messages is just a perl scrip written by Manuel Mausz way back in 2007 that just calls qmail-remote.orig. I'm not sure where the official toaster version is kept now, but you easily download it from here: https://manuel.mausz.at/coding/qmail-dkim/qmail-dkim-0.3.pl Change the name of your qmail-remote to qmail-remote.orig and change the name of the perl script to qmail-remote I just copied it from my old server. Now my DKIM signing is working correctly. On 3/23/2024 9:24 AM, Gary Bowling wrote: Oops, got a bit confused there between signing and verifying.. For signing, it looks like we are still using a modified qmail-remote. So back to my original question. Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Gary On 3/23/2024 8:31 AM, Gary Bowling wrote: Hmm, this line in the wiki says qmail-queue needs to be "link" which mine is not. 4. DKIM verification (no patch): Assumes 'QMAILQUEUE="/var/qmail/bin/simscan"' defined in /etc/tcprules.d/tcp.smtp && /var/qmail/bin/qmail-queue is a link. Note: Spamassassin has DKIM verification making this unnecessary. and it also says maybe we're now doing it in Spamassassin, but no instructions on how to do that. What IS the best way to do DKIM with an updated server??? Gary On 3/23/2024 8:24 AM, Gary Bowling wrote: I see, looks like we're using a combination of simscan and modifying /var/qmail/supervise/smtp/run to do DKIM now and not modifying qmail-remote. On 3/23/2024 7:57 AM, Gary Bowling wrote: Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmai
Re: [qmailtoaster] Certificate Error
Absolutely. I think I've got that already, as that's the way the default install works, but I should probably go do some tests just to make sure. Nothing like configuring a client and trying it to test it out. Gary On 3/23/2024 10:25 AM, Tonix wrote: Glad to hear. In any case any usage of submission port, both to local and external domains, should be done only by authenticated users. Tonino Il 23/03/2024 12:38, Gary Bowling ha scritto: Thanks, the error turned out to be solved by fixing up the /var/qmail/supervise/submission/run file to accept starttls and encrypted passwords. On 3/23/2024 4:20 AM, Tonix wrote: "However, when I try to send to external domains, I get the error that CHKUSER rejected relaying, saying "client not allowed to relay"". That means sending user is not authenticated. Probably your submission port accepts messages from anyone for local domains. Tonino Il 23 marzo 2024 00:35:38 CET, g...@gbco.us ha scritto: Ok, in my old server's /var/qmail/supervise/submission/run file, I had the following line. export REQUIRE_AUTH=1 In the new server, it had the following line. export SMTPAUTH="!" I'm not sure what the syntax on the new server line means. I changed the line to be like my old server and now sending mail through port 587, with starttls for local domains. However, when I try to send to external domains, I get the error that CHKUSER rejected relaying, saying "client not allowed to relay" Maybe I'm making progress, but don't know. Gary On 2024-03-22 19:30, g...@gbco.us wrote: Well, this is the way many of my clients are already configured... So I have to figure out a way to make it work, or go back to my old server. Not really an option to reconfigure all my clients. Thanks, Gary On 2024-03-22 19:26, Remo Mattei wrote: You need to use password not encrypted. Inviato da iPhone Il giorno 22 mar 2024, alle ore 15:30, g...@gbco.us ha scritto: I can send mail via the roundcube web mail. That's where this message is coming from. When sending mail from thunderbird, I have my smtp server set up in my client as Port 587 startTLS Encrypted Password This is the same as I had with a number of clients on my old server. When I try to send email, I get this error. Sending of the message failed. An error occurred while sending mail: Outgoing server (SMTP) error. The server responded: TLS no valid RSA private key: error:8002:system library::No such file or directory (#4.3.0). To create certificates on my new server. I retrieved certs from letencrypt and then did this. cp -p /var/qmail/control/servercert.pem /var/qmail/control/servercert.pem.lastmonth cat /etc/letsencrypt/live/mail.gbco.us/{cert,chain,fullchain,privkey}.pem > /var/qmail/control/servercert.pem chown vpopmail:qmail /var/qmail/control/servercert.pem chmod 640 /var/qmail/control/servercert.pem Any idea what's going on with this error? thanks, GaryTo unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] DKIM
hmm, not sure. Maybe a weekend thing. Glad to know it's still there though for future needs. On 3/23/2024 9:56 AM, ebroch wrote: Not sure why github is timing out on you but I can navigate right to the page Sent from my Galaxy Original message From: Gary Bowling Date: 2024-03-23 7:49 a.m. (GMT-07:00) To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] DKIM Ok, qmail-remote for use with DKIM signing outgoing messages is just a perl scrip written by Manuel Mausz way back in 2007 that just calls qmail-remote.orig. I'm not sure where the official toaster version is kept now, but you easily download it from here: https://manuel.mausz.at/coding/qmail-dkim/qmail-dkim-0.3.pl Change the name of your qmail-remote to qmail-remote.orig and change the name of the perl script to qmail-remote I just copied it from my old server. Now my DKIM signing is working correctly. On 3/23/2024 9:24 AM, Gary Bowling wrote: Oops, got a bit confused there between signing and verifying.. For signing, it looks like we are still using a modified qmail-remote. So back to my original question. Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Gary On 3/23/2024 8:31 AM, Gary Bowling wrote: Hmm, this line in the wiki says qmail-queue needs to be "link" which mine is not. 4. DKIM verification (no patch): Assumes 'QMAILQUEUE="/var/qmail/bin/simscan"' defined in /etc/tcprules.d/tcp.smtp && /var/qmail/bin/qmail-queue is a link. Note: Spamassassin has DKIM verification making this unnecessary. and it also says maybe we're now doing it in Spamassassin, but no instructions on how to do that. What IS the best way to do DKIM with an updated server??? Gary On 3/23/2024 8:24 AM, Gary Bowling wrote: I see, looks like we're using a combination of simscan and modifying /var/qmail/supervise/smtp/run to do DKIM now and not modifying qmail-remote. On 3/23/2024 7:57 AM, Gary Bowling wrote: Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Thanks, Gary -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To
Re: [qmailtoaster] DKIM
Ok, qmail-remote for use with DKIM signing outgoing messages is just a perl scrip written by Manuel Mausz way back in 2007 that just calls qmail-remote.orig. I'm not sure where the official toaster version is kept now, but you easily download it from here: https://manuel.mausz.at/coding/qmail-dkim/qmail-dkim-0.3.pl Change the name of your qmail-remote to qmail-remote.orig and change the name of the perl script to qmail-remote I just copied it from my old server. Now my DKIM signing is working correctly. On 3/23/2024 9:24 AM, Gary Bowling wrote: Oops, got a bit confused there between signing and verifying.. For signing, it looks like we are still using a modified qmail-remote. So back to my original question. Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Gary On 3/23/2024 8:31 AM, Gary Bowling wrote: Hmm, this line in the wiki says qmail-queue needs to be "link" which mine is not. 4. DKIM verification (no patch): Assumes 'QMAILQUEUE="/var/qmail/bin/simscan"' defined in /etc/tcprules.d/tcp.smtp && /var/qmail/bin/qmail-queue is a link. Note: Spamassassin has DKIM verification making this unnecessary. and it also says maybe we're now doing it in Spamassassin, but no instructions on how to do that. What IS the best way to do DKIM with an updated server??? Gary On 3/23/2024 8:24 AM, Gary Bowling wrote: I see, looks like we're using a combination of simscan and modifying /var/qmail/supervise/smtp/run to do DKIM now and not modifying qmail-remote. On 3/23/2024 7:57 AM, Gary Bowling wrote: Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Thanks, Gary -- ________ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] DKIM
Oops, got a bit confused there between signing and verifying.. For signing, it looks like we are still using a modified qmail-remote. So back to my original question. Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Gary On 3/23/2024 8:31 AM, Gary Bowling wrote: Hmm, this line in the wiki says qmail-queue needs to be "link" which mine is not. 4. DKIM verification (no patch): Assumes 'QMAILQUEUE="/var/qmail/bin/simscan"' defined in /etc/tcprules.d/tcp.smtp && /var/qmail/bin/qmail-queue is a link. Note: Spamassassin has DKIM verification making this unnecessary. and it also says maybe we're now doing it in Spamassassin, but no instructions on how to do that. What IS the best way to do DKIM with an updated server??? Gary On 3/23/2024 8:24 AM, Gary Bowling wrote: I see, looks like we're using a combination of simscan and modifying /var/qmail/supervise/smtp/run to do DKIM now and not modifying qmail-remote. On 3/23/2024 7:57 AM, Gary Bowling wrote: Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Thanks, Gary -- ________ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] DKIM
Hmm, this line in the wiki says qmail-queue needs to be "link" which mine is not. 4. DKIM verification (no patch): Assumes 'QMAILQUEUE="/var/qmail/bin/simscan"' defined in /etc/tcprules.d/tcp.smtp && /var/qmail/bin/qmail-queue is a link. Note: Spamassassin has DKIM verification making this unnecessary. and it also says maybe we're now doing it in Spamassassin, but no instructions on how to do that. What IS the best way to do DKIM with an updated server??? Gary On 3/23/2024 8:24 AM, Gary Bowling wrote: I see, looks like we're using a combination of simscan and modifying /var/qmail/supervise/smtp/run to do DKIM now and not modifying qmail-remote. On 3/23/2024 7:57 AM, Gary Bowling wrote: Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Thanks, Gary -- ________ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] DKIM
I see, looks like we're using a combination of simscan and modifying /var/qmail/supervise/smtp/run to do DKIM now and not modifying qmail-remote. On 3/23/2024 7:57 AM, Gary Bowling wrote: Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Thanks, Gary -- Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] DKIM
Where do we get the qmail-remote for DKIM these days? This page: http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster Shows to get it from here: wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote But that times out and doesn't work. Thanks, Gary -- Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Certificate Error
Thanks, the error turned out to be solved by fixing up the /var/qmail/supervise/submission/run file to accept starttls and encrypted passwords. On 3/23/2024 4:20 AM, Tonix wrote: "However, when I try to send to external domains, I get the error that CHKUSER rejected relaying, saying "client not allowed to relay"". That means sending user is not authenticated. Probably your submission port accepts messages from anyone for local domains. Tonino Il 23 marzo 2024 00:35:38 CET, g...@gbco.us ha scritto: Ok, in my old server's /var/qmail/supervise/submission/run file, I had the following line. export REQUIRE_AUTH=1 In the new server, it had the following line. export SMTPAUTH="!" I'm not sure what the syntax on the new server line means. I changed the line to be like my old server and now sending mail through port 587, with starttls for local domains. However, when I try to send to external domains, I get the error that CHKUSER rejected relaying, saying "client not allowed to relay" Maybe I'm making progress, but don't know. Gary On 2024-03-22 19:30, g...@gbco.us wrote: Well, this is the way many of my clients are already configured... So I have to figure out a way to make it work, or go back to my old server. Not really an option to reconfigure all my clients. Thanks, Gary On 2024-03-22 19:26, Remo Mattei wrote: You need to use password not encrypted. Inviato da iPhone Il giorno 22 mar 2024, alle ore 15:30, g...@gbco.us ha scritto: I can send mail via the roundcube web mail. That's where this message is coming from. When sending mail from thunderbird, I have my smtp server set up in my client as Port 587 startTLS Encrypted Password This is the same as I had with a number of clients on my old server. When I try to send email, I get this error. Sending of the message failed. An error occurred while sending mail: Outgoing server (SMTP) error. The server responded: TLS no valid RSA private key: error:8002:system library::No such file or directory (#4.3.0). To create certificates on my new server. I retrieved certs from letencrypt and then did this. cp -p /var/qmail/control/servercert.pem /var/qmail/control/servercert.pem.lastmonth cat /etc/letsencrypt/live/mail.gbco.us/{cert,chain,fullchain,privkey}.pem > /var/qmail/control/servercert.pem chown vpopmail:qmail /var/qmail/control/servercert.pem chmod 640 /var/qmail/control/servercert.pem Any idea what's going on with this error? thanks, GaryTo unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Certificate Error
Thanks Peter, good to know as it looks like they are going to ecdsa for the default. On 3/23/2024 3:18 AM, Peter Peterse wrote: Hi, Letsencrypt van generate rsa keys by using --key-type rsa The order in my servercert.pem is private key followed by the fullchain file. I'm using Almalinux 9 Regards, Peter g...@gbco.us schreef op 23 maart 2024 00:05:48 CET: It looks like letsencrypt is now using ecdsa by default. So I went back and copied my certs off my old server, probably not what I really want to do. But it did give me a different error. Now I'm getting this one. Sending of the message failed. The Outgoing server (SMTP) mail.gbco.us does not seem to support encrypted passwords. If you just set up the account, try changing the 'Authentication method' in 'Account settings | Outgoing server (SMTP)' to 'Normal password'. I thought I tested this before with the new server, but maybe I didn't test it correctly. Anyone got any ideas? On 2024-03-22 18:29, g...@gbco.us wrote: I can send mail via the roundcube web mail. That's where this message is coming from. When sending mail from thunderbird, I have my smtp server set up in my client as Port 587 startTLS Encrypted Password This is the same as I had with a number of clients on my old server. When I try to send email, I get this error. Sending of the message failed. An error occurred while sending mail: Outgoing server (SMTP) error. The server responded: TLS no valid RSA private key: error:8002:system library::No such file or directory (#4.3.0). To create certificates on my new server. I retrieved certs from letencrypt and then did this. cp -p /var/qmail/control/servercert.pem /var/qmail/control/servercert.pem.lastmonth cat /etc/letsencrypt/live/mail.gbco.us/{cert,chain,fullchain,privkey}.pem /var/qmail/control/servercert.pem chown vpopmail:qmail /var/qmail/control/servercert.pem chmod 640 /var/qmail/control/servercert.pem Any idea what's going on with this error? thanks, GaryTo unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Certificate Error
No that doesn't work. It only works if I have FORCETLS=1 and SMTPAUTH="!+cram" Thanks, Gary On 3/22/2024 9:05 PM, Eric Broch wrote: Try submission run file #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SMTPD="/var/qmail/bin/qmail-smtpd" TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" HOSTNAME=`hostname` VCHKPW="/home/vpopmail/bin/vchkpw" export FORCETLS=0 export SMTPAUTH="!" exec /usr/bin/softlimit -m 12800 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 587 \ $SMTPD $VCHKPW /bin/true 2>&1 Thunderbird: Port: 587 Connection Security: STARTTLS Authentication: Normal Password On 3/22/2024 6:34 PM, Gary Bowling wrote: Rocky 9.3. Gary On 3/22/2024 8:31 PM, Eric Broch wrote: What are you running EL 8 or 9? On 3/22/2024 6:28 PM, Gary Bowling wrote: Yea did that. I tried what Remo suggested, which was to change the client send config to: port 465 SSL/TLS Normal Password This should send mail through the /var/qmail/supervise/smtps/ config. That worked, which told me my certs were actually ok. So now I needed to figure out how to make "Port 587, startTLS, and Encrypted Password" work. Which goes through /var/qmail/supervise/submission I changed the run file in that directory by removing the line: export SMTPAUTH="!" and adding the lines export FORCETLS=1 export SMTPAUTH="!+cram" And now I can send mail through the submission port by configuring a client to "Port 587, startTLS, and Encrypted Password" and I can also send mail through "port 465, SSL/TLS, normal password" That allows me to not have to reconfigure the clients who have configurations on port 587. Eric - Do you see anything wrong with doing it that way? Thanks, Gary On 3/22/2024 8:08 PM, Eric Broch wrote: cat /etc/letsencrypt/live/mydomain.com/fullchain.pem /etc/letsencrypt/live/mydomain.com/privkey.pem > /var/qmail/control/servercert.pem On 3/22/2024 4:29 PM, g...@gbco.us wrote: I can send mail via the roundcube web mail. That's where this message is coming from. When sending mail from thunderbird, I have my smtp server set up in my client as Port 587 startTLS Encrypted Password This is the same as I had with a number of clients on my old server. When I try to send email, I get this error. Sending of the message failed. An error occurred while sending mail: Outgoing server (SMTP) error. The server responded: TLS no valid RSA private key: error:8002:system library::No such file or directory (#4.3.0). To create certificates on my new server. I retrieved certs from letencrypt and then did this. cp -p /var/qmail/control/servercert.pem /var/qmail/control/servercert.pem.lastmonth cat /etc/letsencrypt/live/mail.gbco.us/{cert,chain,fullchain,privkey}.pem > /var/qmail/control/servercert.pem chown vpopmail:qmail /var/qmail/control/servercert.pem chmod 640 /var/qmail/control/servercert.pem
Re: [qmailtoaster] Certificate Error
Rocky 9.3. Gary On 3/22/2024 8:31 PM, Eric Broch wrote: What are you running EL 8 or 9? On 3/22/2024 6:28 PM, Gary Bowling wrote: Yea did that. I tried what Remo suggested, which was to change the client send config to: port 465 SSL/TLS Normal Password This should send mail through the /var/qmail/supervise/smtps/ config. That worked, which told me my certs were actually ok. So now I needed to figure out how to make "Port 587, startTLS, and Encrypted Password" work. Which goes through /var/qmail/supervise/submission I changed the run file in that directory by removing the line: export SMTPAUTH="!" and adding the lines export FORCETLS=1 export SMTPAUTH="!+cram" And now I can send mail through the submission port by configuring a client to "Port 587, startTLS, and Encrypted Password" and I can also send mail through "port 465, SSL/TLS, normal password" That allows me to not have to reconfigure the clients who have configurations on port 587. Eric - Do you see anything wrong with doing it that way? Thanks, Gary On 3/22/2024 8:08 PM, Eric Broch wrote: cat /etc/letsencrypt/live/mydomain.com/fullchain.pem /etc/letsencrypt/live/mydomain.com/privkey.pem > /var/qmail/control/servercert.pem On 3/22/2024 4:29 PM, g...@gbco.us wrote: I can send mail via the roundcube web mail. That's where this message is coming from. When sending mail from thunderbird, I have my smtp server set up in my client as Port 587 startTLS Encrypted Password This is the same as I had with a number of clients on my old server. When I try to send email, I get this error. Sending of the message failed. An error occurred while sending mail: Outgoing server (SMTP) error. The server responded: TLS no valid RSA private key: error:8002:system library::No such file or directory (#4.3.0). To create certificates on my new server. I retrieved certs from letencrypt and then did this. cp -p /var/qmail/control/servercert.pem /var/qmail/control/servercert.pem.lastmonth cat /etc/letsencrypt/live/mail.gbco.us/{cert,chain,fullchain,privkey}.pem > /var/qmail/control/servercert.pem chown vpopmail:qmail /var/qmail/control/servercert.pem chmod 640 /var/qmail/control/servercert.pem Any idea what's going on with this error? thanks, Gary - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Certificate Error
Yea did that. I tried what Remo suggested, which was to change the client send config to: port 465 SSL/TLS Normal Password This should send mail through the /var/qmail/supervise/smtps/ config. That worked, which told me my certs were actually ok. So now I needed to figure out how to make "Port 587, startTLS, and Encrypted Password" work. Which goes through /var/qmail/supervise/submission I changed the run file in that directory by removing the line: export SMTPAUTH="!" and adding the lines export FORCETLS=1 export SMTPAUTH="!+cram" And now I can send mail through the submission port by configuring a client to "Port 587, startTLS, and Encrypted Password" and I can also send mail through "port 465, SSL/TLS, normal password" That allows me to not have to reconfigure the clients who have configurations on port 587. Eric - Do you see anything wrong with doing it that way? Thanks, Gary On 3/22/2024 8:08 PM, Eric Broch wrote: cat /etc/letsencrypt/live/mydomain.com/fullchain.pem /etc/letsencrypt/live/mydomain.com/privkey.pem > /var/qmail/control/servercert.pem On 3/22/2024 4:29 PM, g...@gbco.us wrote: I can send mail via the roundcube web mail. That's where this message is coming from. When sending mail from thunderbird, I have my smtp server set up in my client as Port 587 startTLS Encrypted Password This is the same as I had with a number of clients on my old server. When I try to send email, I get this error. Sending of the message failed. An error occurred while sending mail: Outgoing server (SMTP) error. The server responded: TLS no valid RSA private key: error:8002:system library::No such file or directory (#4.3.0). To create certificates on my new server. I retrieved certs from letencrypt and then did this. cp -p /var/qmail/control/servercert.pem /var/qmail/control/servercert.pem.lastmonth cat /etc/letsencrypt/live/mail.gbco.us/{cert,chain,fullchain,privkey}.pem > /var/qmail/control/servercert.pem chown vpopmail:qmail /var/qmail/control/servercert.pem chmod 640 /var/qmail/control/servercert.pem Any idea what's going on with this error? thanks, Gary - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Question on /etc/sysconfig/spamassassin
Thanks Philip, that looks exactly like what I need. No "per user" settings via the -c, and no razor home dirs via -H, and the default clamd user is clamscan. Thanks. On 3/22/2024 1:45 PM, Philip Nix Guru wrote: Hello On my system I am using this SPAMDOPTIONS="-m10 -x -u clamscan" the user depends on how it is installed I did have the issuse with the #org SPAMDOPTIONS="-c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog'" errors and right accesses Regards -P On 3/22/24 18:30, Gary Bowling wrote: Also, in /etc/sysconfig/spamassassin the options are set as follows: # Options to spamd SPAMDOPTIONS="-c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog'" There was a thread about this back in 2022, but there really wasn't any conclusion on that thread. Razor is not installed or configured in the installation. What should those SPAMDOPTIONS really be? -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Question on /etc/sysconfig/spamassassin
Also, in /etc/sysconfig/spamassassin the options are set as follows: # Options to spamd SPAMDOPTIONS="-c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog'" There was a thread about this back in 2022, but there really wasn't any conclusion on that thread. Razor is not installed or configured in the installation. What should those SPAMDOPTIONS really be? -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Spamdyke and Spamcop - blacklisting
Yes, I'm an old guy, so I know it's been around since the 90s. But not in as widespread use by "companies" as it is today. Many companies in the 90s had onsite microsoft mail servers, or sun/unix/linux mail servers and a lot of the shared hosting was used by individuals and casual users, and spammers. These days many of the small businesses my clients work with outsource their mail to hosted exchange or google. I realize a lot of spam originates from all the various MS domains and from gmail, but I cannot afford to completely block any of those servers. It kills my clients as they don't get emails from their customers and partners. g On 3/22/2024 10:58 AM, William Silverstein wrote: On Fri, March 22, 2024 4:40 am, Gary Bowling wrote: In the spamdyke config, the default is to use spamcop for blacklisting. I've had a lot of trouble recently with spamcop. They keep adding the outlook.com servers to their database. Which means every company that uses Microsoft office 365 for mail gets blocked. This has caused me a lot of problems as there are a lot of companies in the US that use office365 for mail hosting. I am wondering if in these days we should be blacklisting server ip addresses. So many users are on shared services that blocking entire servers by ip seems like a bad idea. They also block entire ip ranges from hosting providers. Shared hosting has been around since the 1990s. That was part of the idea behind blacklisting. That by blocking IP ranges, it would encourage providers to stop spam because it would cause harm to more than just the spamming customer. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Spamassassin
Thanks Eric, yes coming out of the repo is a better way to go. I guess that's not started by the supervise scripts any more? Looks like it's a standard systemd startup now. Getting ready to cut over to my new server this weekend, so trying to clean up all the little things. G On 3/22/2024 10:55 AM, ebroch wrote: I'm in the process updating the wiki page so some of the information on that page may be obsolete. SpamAssassin with our toaster is no longer compiled by me but comes straight from the repositories. Sent from my Galaxy Original message From: Gary Bowling Date: 2024-03-22 8:39 a.m. (GMT-07:00) To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Spamassassin I found it. My old server used /etc/spamassassin/ My new server uses /etc/mail/spamassassin/ Therefore I need to pull out the custom items I've added to /etc/spamassassin/local.cf and move those to /etc/mail/spamassassin/local.cf I'm still not sure about spamcop in spamdyke.conf. On 3/22/2024 10:23 AM, Gary Bowling wrote: This page, http://wiki.qmailtoaster.org/index.php?title=Spamassassin says that it's using /etc/mail/spamassassin/ for the configuration. However, that page also says, "The SpamAssassin daemon is started by the /var/qmail/supervise/spamd/run script." and on the new install I don't even have this directory, yet spamd is running.. I really do try to go find information in the wiki and web sites before posting here, but so much of what's out there is so out of date, it's hard to trust anything it says. Gary On 3/22/2024 10:13 AM, Gary Bowling wrote: While I was poking around looking at spam things.. There is a directory /etc/spamassassin/ contains what looks to be a full spamassassin configuration. And there is a directory /etc/mail/spamassassin/ which also looks to contain a full spamassassin configuration. Which directory does the server and spamd use? I think it's using /etc/spamassassin/ However, the other directory, /etc/mail/spamassassin/ looks to be the directory that gets installed and updated along with a "dnf update" Thanks -- ________ Gary Bowling The Moderns on Spotify <https://distrokid.com/hyperfollow/themoderns/bbrs> - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Spamassassin
I found it. My old server used /etc/spamassassin/ My new server uses /etc/mail/spamassassin/ Therefore I need to pull out the custom items I've added to /etc/spamassassin/local.cf and move those to /etc/mail/spamassassin/local.cf I'm still not sure about spamcop in spamdyke.conf. On 3/22/2024 10:23 AM, Gary Bowling wrote: This page, http://wiki.qmailtoaster.org/index.php?title=Spamassassin says that it's using /etc/mail/spamassassin/ for the configuration. However, that page also says, "The SpamAssassin daemon is started by the /var/qmail/supervise/spamd/run script." and on the new install I don't even have this directory, yet spamd is running.. I really do try to go find information in the wiki and web sites before posting here, but so much of what's out there is so out of date, it's hard to trust anything it says. Gary On 3/22/2024 10:13 AM, Gary Bowling wrote: While I was poking around looking at spam things.. There is a directory /etc/spamassassin/ contains what looks to be a full spamassassin configuration. And there is a directory /etc/mail/spamassassin/ which also looks to contain a full spamassassin configuration. Which directory does the server and spamd use? I think it's using /etc/spamassassin/ However, the other directory, /etc/mail/spamassassin/ looks to be the directory that gets installed and updated along with a "dnf update" Thanks -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Spamassassin
This page, http://wiki.qmailtoaster.org/index.php?title=Spamassassin says that it's using /etc/mail/spamassassin/ for the configuration. However, that page also says, "The SpamAssassin daemon is started by the /var/qmail/supervise/spamd/run script." and on the new install I don't even have this directory, yet spamd is running.. I really do try to go find information in the wiki and web sites before posting here, but so much of what's out there is so out of date, it's hard to trust anything it says. Gary On 3/22/2024 10:13 AM, Gary Bowling wrote: While I was poking around looking at spam things.. There is a directory /etc/spamassassin/ contains what looks to be a full spamassassin configuration. And there is a directory /etc/mail/spamassassin/ which also looks to contain a full spamassassin configuration. Which directory does the server and spamd use? I think it's using /etc/spamassassin/ However, the other directory, /etc/mail/spamassassin/ looks to be the directory that gets installed and updated along with a "dnf update" Thanks -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Spamassassin
While I was poking around looking at spam things.. There is a directory /etc/spamassassin/ contains what looks to be a full spamassassin configuration. And there is a directory /etc/mail/spamassassin/ which also looks to contain a full spamassassin configuration. Which directory does the server and spamd use? I think it's using /etc/spamassassin/ However, the other directory, /etc/mail/spamassassin/ looks to be the directory that gets installed and updated along with a "dnf update" Thanks -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Spamdyke and Spamcop
In the spamdyke config, the default is to use spamcop for blacklisting. I've had a lot of trouble recently with spamcop. They keep adding the outlook.com servers to their database. Which means every company that uses Microsoft office 365 for mail gets blocked. This has caused me a lot of problems as there are a lot of companies in the US that use office365 for mail hosting. I am wondering if in these days we should be blacklisting server ip addresses. So many users are on shared services that blocking entire servers by ip seems like a bad idea. They also block entire ip ranges from hosting providers. I'm thinking of removing all the blacklisting services in spamdyke. How do you guys handle this? Thanks, Gary - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Rocky 9 Migration - Moving Squirrelmail abooks to Roundcube
Thanks Eric, that did work! gb On 2/23/2024 11:37 PM, Eric Broch wrote: This might work GitHub - WebuddhaInc/squirrelmail-to-roundcube: Migrate SquirrelMail Address Book to Roundcube Contacts On 2/23/2024 4:39 PM, Gary Bowling wrote: Anyone have a script for moving Squirrelmail address books to the Roundcube database? Thanks, gb -- Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Rocky 9 Migration - Moving Squirrelmail abooks to Roundcube
Anyone have a script for moving Squirrelmail address books to the Roundcube database? Thanks, gb -- Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Rocky 9 Migration
Yea, it was really an accident. Your migration plans don't migrate web configs. But on my server I have many virtualhosts for different clients. Many of my clients originally wanted their web mail on their own domain, not on a single shared domain. To handle this I have a bunch of virtualhosts with configurations that accomplish that. For my specific migration I needed to move those configs, so an rsync of the /etc/httpd/conf.d/ directory was done. After I did that, I moved all those into a different directory to concentrate on just making the server work with only the one domain, but that also copied the php.conf. This is I like about the new apache php-fpm implementation. In the past the only files in conf.d were essentially user files and these types of files were in conf.modules.d. I guess once php wasn't a module, they felt it should go in the conf.d dir. gb On 2/23/2024 4:44 PM, Eric Broch wrote: I'm not sure why you would migrate php.conf? This is not a part of the qmt migration. On 2/23/2024 2:39 PM, Gary Bowling wrote: Yes, and very importantly for apache, you to have to match the "php files" and send them to a handler in a conf file with the FilesMatch and SetHandler directives. That's actually the piece that got overwritten when I sync'd over my configs from my old Centos 7 box and caused things not to work. Since I was unaware of the new way that was done in the Apache config files, it took me a while to track it down. Since my php.conf file was from an old box, it had the php5_module listed in it. Not knowing that was no longer used, I had to go down the rabbit hole to figure it out. Now that I beat my head against the wall for a couple of days, it seems everyone knows all this :) Everyone but me, haha. I think everyone was just enjoying the show and laughing at me, but that's ok I was laughing at myself as well. gb On 2/23/2024 2:51 PM, Quinn Comendant wrote: On 23 Feb 2024, at 9:10, Gary Bowling wrote: LoadModule php5_module modules/libphp5.so On my Rocky 9 box, this file does not exist and I cannot find that it is even suppose to exist. But I'm not sure how php is suppose to work on Apache without it. Hi Gary, Glad you worked it out, but just in case you're curious, the reason you can't find a libphp5.so or libphp8.so file is because with PHP 7 and 8 the preferred way to execute php scripts is via PHP-FPM, and most distros will install PHP this way by default. PHP-FPM has much better performance and security, and most PHP apps will run fine without modification. The apache configuration to use PHP-FPM is somewhat different, as you discovered. Quinn - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Rocky 9 Migration
Yes, and very importantly for apache, you to have to match the "php files" and send them to a handler in a conf file with the FilesMatch and SetHandler directives. That's actually the piece that got overwritten when I sync'd over my configs from my old Centos 7 box and caused things not to work. Since I was unaware of the new way that was done in the Apache config files, it took me a while to track it down. Since my php.conf file was from an old box, it had the php5_module listed in it. Not knowing that was no longer used, I had to go down the rabbit hole to figure it out. Now that I beat my head against the wall for a couple of days, it seems everyone knows all this :) Everyone but me, haha. I think everyone was just enjoying the show and laughing at me, but that's ok I was laughing at myself as well. gb On 2/23/2024 2:51 PM, Quinn Comendant wrote: On 23 Feb 2024, at 9:10, Gary Bowling wrote: LoadModule php5_module modules/libphp5.so On my Rocky 9 box, this file does not exist and I cannot find that it is even suppose to exist. But I'm not sure how php is suppose to work on Apache without it. Hi Gary, Glad you worked it out, but just in case you're curious, the reason you can't find a libphp5.so or libphp8.so file is because with PHP 7 and 8 the preferred way to execute php scripts is via PHP-FPM, and most distros will install PHP this way by default. PHP-FPM has much better performance and security, and most PHP apps will run fine without modification. The apache configuration to use PHP-FPM is somewhat different, as you discovered. Quinn - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Rocky 9 Migration continued - Systemd
Now that I have my web interfaces working, my next question is these messages I get in the log files. Over and over again I get these because of qmail and vusaged being installed in /etc/rc.d/init.d/ Is there anyway to stop these? Feb 23 17:08:33 45-33-74-192 systemd-sysv-generator: SysV service '/etc/rc.d/init.d/vusaged' lacks a native systemd unit file. Automatically generating a unit file for compatibility. Please update package to include a native systemd unit file, in order to make it more safe and robust. Feb 23 17:08:33 45-33-74-192 systemd-sysv-generator: SysV service '/etc/rc.d/init.d/qmail' lacks a native systemd unit file. Automatically generating a unit file for compatibility. Please update package to include a native systemd unit file, in order to make it more safe and robust. Thanks, gb -- Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Rocky 9 Migration
Hahaha, Just as I was about to do this... I found the problem. Thanks to Philip, who replied offline with a copy of his php.conf file. I was going down the right path trying to figure out why php wasn't working, including asking questions about the php.conf file and the modules it called. Turns out my php.conf file was coped over from my old server as part of the migration process. So Philip provided me a copy of this php.conf file, which looked very different to mine. I moved mine over to a backup file and re-installed the original php.conf which comes from the rpm php-fpm. Now everything is working.. gb On 2/23/2024 12:06 PM, Gary Bowling wrote: I usually like to work through these type of things to learn what is going on. I generally learn a few things in the process. However, I'm just about stumped on this one. I'm going to take a lunch break and when I come back, I think I'm going to do the following. - Remove httpd, php, php-fpm and all the associated dependencies. Then go through and delete all the directories as the remove process won't do that. Things like /etc/httpd, /etc/php.d, etc. etc. etc. - I probably also need to go through the toaster directories to remove things like admin.pass, etc. I want a clean start just like it was a new install. - Then I'm going to edit qt-install to remove everything but the web install pieces. I already have a working mail server and mysql server. I've tested it with both imap and pop3 and all seems well. So no need to go through all that again. I just want to do the parts of qt-install that have to do with web things. - Then I'll run the new script and start with a fresh web setup and NOT copy my files from my old server. I think it may be the copying of files from my old server that got me into this situation. There are many years of tweaks and pieces in there and I'm not sure what all it overwrote when I installed the first time. Thanks, gb On 2/23/2024 11:55 AM, Gary Bowling wrote: Here you go Eric.. The 96.46.15.70 address was added as that's my home IP where I'm working from. RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1 96.46.15.70" ScriptAlias /mail/ /usr/share/toaster/cgi-bin/ Alias /admin-toaster /usr/share/toaster/htdocs/admin/ Alias /stats-toaster/ /usr/share/toaster/htdocs/mrtg/ Alias /images-toaster/ /usr/share/toaster/htdocs/images/ Alias /scripts/ /usr/share/toaster/htdocs/scripts/ Alias /qmailadmin /usr/share/qmailadmin/ AddHandler cgi-script .cgi AddHandler cgi-script qmailadmin DirectoryIndex index.cgi qmailadmin index.html Options +Indexes +FollowSymLinks +ExecCGI Require ip ${aclnet} Options -Indexes +FollowSymLinks +MultiViews AllowOverride All Require ip ${aclnet} AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} AllowOverride All AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} AllowOverride All Options ExecCGI AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd require valid-user Require ip ${aclnet} AllowOverride All Options ExecCGI Require ip ${aclnet} On 2/23/2024 11:43 AM, Eric Broch wrote: Gary
Re: [qmailtoaster] Rocky 9 Migration
I usually like to work through these type of things to learn what is going on. I generally learn a few things in the process. However, I'm just about stumped on this one. I'm going to take a lunch break and when I come back, I think I'm going to do the following. - Remove httpd, php, php-fpm and all the associated dependencies. Then go through and delete all the directories as the remove process won't do that. Things like /etc/httpd, /etc/php.d, etc. etc. etc. - I probably also need to go through the toaster directories to remove things like admin.pass, etc. I want a clean start just like it was a new install. - Then I'm going to edit qt-install to remove everything but the web install pieces. I already have a working mail server and mysql server. I've tested it with both imap and pop3 and all seems well. So no need to go through all that again. I just want to do the parts of qt-install that have to do with web things. - Then I'll run the new script and start with a fresh web setup and NOT copy my files from my old server. I think it may be the copying of files from my old server that got me into this situation. There are many years of tweaks and pieces in there and I'm not sure what all it overwrote when I installed the first time. Thanks, gb On 2/23/2024 11:55 AM, Gary Bowling wrote: Here you go Eric.. The 96.46.15.70 address was added as that's my home IP where I'm working from. RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1 96.46.15.70" ScriptAlias /mail/ /usr/share/toaster/cgi-bin/ Alias /admin-toaster /usr/share/toaster/htdocs/admin/ Alias /stats-toaster/ /usr/share/toaster/htdocs/mrtg/ Alias /images-toaster/ /usr/share/toaster/htdocs/images/ Alias /scripts/ /usr/share/toaster/htdocs/scripts/ Alias /qmailadmin /usr/share/qmailadmin/ AddHandler cgi-script .cgi AddHandler cgi-script qmailadmin DirectoryIndex index.cgi qmailadmin index.html Options +Indexes +FollowSymLinks +ExecCGI Require ip ${aclnet} Options -Indexes +FollowSymLinks +MultiViews AllowOverride All Require ip ${aclnet} AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} AllowOverride All AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} AllowOverride All Options ExecCGI AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd require valid-user Require ip ${aclnet} AllowOverride All Options ExecCGI Require ip ${aclnet} On 2/23/2024 11:43 AM, Eric Broch wrote: Gary, can you dump /etc/httpd/conf/toaster.conf and post the output to the list? I'm particularly interested in the following line 'Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1"' Eric On 2/23/2024 9:39 AM, Gary Bowling wrote: Thanks Eric gb On 2/23/2024 11:08 AM, Eric Broch wrote: My Box: # find / -name "*libphp*" # Nothing. And yet, my toaster-admin works. On 2/23/2024 8:33 AM, Gary Bowling wrote: Yes I know that. But in past version, it was required to properly serve out a php file. Without it the php file just gets served as a text file and not executed as
Re: [qmailtoaster] Rocky 9 Migration
Here you go Eric.. The 96.46.15.70 address was added as that's my home IP where I'm working from. RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1 96.46.15.70" ScriptAlias /mail/ /usr/share/toaster/cgi-bin/ Alias /admin-toaster /usr/share/toaster/htdocs/admin/ Alias /stats-toaster/ /usr/share/toaster/htdocs/mrtg/ Alias /images-toaster/ /usr/share/toaster/htdocs/images/ Alias /scripts/ /usr/share/toaster/htdocs/scripts/ Alias /qmailadmin /usr/share/qmailadmin/ AddHandler cgi-script .cgi AddHandler cgi-script qmailadmin DirectoryIndex index.cgi qmailadmin index.html Options +Indexes +FollowSymLinks +ExecCGI Require ip ${aclnet} Options -Indexes +FollowSymLinks +MultiViews AllowOverride All Require ip ${aclnet} AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} AllowOverride All AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} AllowOverride All Options ExecCGI AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd require valid-user Require ip ${aclnet} AllowOverride All Options ExecCGI Require ip ${aclnet} On 2/23/2024 11:43 AM, Eric Broch wrote: Gary, can you dump /etc/httpd/conf/toaster.conf and post the output to the list? I'm particularly interested in the following line 'Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1"' Eric On 2/23/2024 9:39 AM, Gary Bowling wrote: Thanks Eric gb On 2/23/2024 11:08 AM, Eric Broch wrote: My Box: # find / -name "*libphp*" # Nothing. And yet, my toaster-admin works. On 2/23/2024 8:33 AM, Gary Bowling wrote: Yes I know that. But in past version, it was required to properly serve out a php file. Without it the php file just gets served as a text file and not executed as php code. I discovered my server was not executing index.php. After adding a DirectoryIndex index.php statement in my server, it now just serves out the index.php from the roundcube directory as a text file. In troubleshooting why it was not being executed and was instead being served out as a text file, I found there was not libphp file. Which, in past versions was provided by the php rpm package. If I go to my old Centos 7 box and list files in the php rpm, it provides the file /etc/httpd/modules/libphp5.so and that gets loaded in apache to execute php code. But in Rocky 9, there is no libphp module in the php rpm, and there is not a libphp file in my modules directory and I cannot find that Rocky 9 even contains a libphp file. So I'm trying to find out how Rocky 9 executes php code instead of serving it up as a text file. Since roundcube is working for you guys, you either have a libphp file that is getting loaded, or Rocky 9 handles that in an entirely different way. If it handles it in a different way, I need to learn how that works so I can resolve that issue. Thanks, gb On 2/23/2024 10:14 AM, Remo Mattei wrote: The Apache statement is if ava
Re: [qmailtoaster] Rocky 9 Migration
Yes I know that. But in past version, it was required to properly serve out a php file. Without it the php file just gets served as a text file and not executed as php code. I discovered my server was not executing index.php. After adding a DirectoryIndex index.php statement in my server, it now just serves out the index.php from the roundcube directory as a text file. In troubleshooting why it was not being executed and was instead being served out as a text file, I found there was not libphp file. Which, in past versions was provided by the php rpm package. If I go to my old Centos 7 box and list files in the php rpm, it provides the file /etc/httpd/modules/libphp5.so and that gets loaded in apache to execute php code. But in Rocky 9, there is no libphp module in the php rpm, and there is not a libphp file in my modules directory and I cannot find that Rocky 9 even contains a libphp file. So I'm trying to find out how Rocky 9 executes php code instead of serving it up as a text file. Since roundcube is working for you guys, you either have a libphp file that is getting loaded, or Rocky 9 handles that in an entirely different way. If it handles it in a different way, I need to learn how that works so I can resolve that issue. Thanks, gb On 2/23/2024 10:14 AM, Remo Mattei wrote: The Apache statement is if available load it. I will check not sure I do. -- Sent from iPhone On venerdì, feb 23, 2024 at 07:11, Gary Bowling <g...@gbco.us> wrote: Question. On your Rocky 9 boxes, do you have a libphp5.so module? Listed in the /etc/httpd/conf.d/php.conf file as. LoadModule php5_module modules/libphp5.so On my Rocky 9 box, this file does not exist and I cannot find that it is even suppose to exist. But I'm not sure how php is suppose to work on Apache without it. Maybe they have changed the way that works. In previous versions, like Centos 7, it was included in the php rpm that was installed. Thanks, gb On 2/22/2024 11:17 PM, Remo Mattei wrote: Here is my list of php php-common-8.0.30-1.el9_2.x86_64 php-pdo-8.0.30-1.el9_2.x86_64 php-fpm-8.0.30-1.el9_2.x86_64 php-process-8.0.30-1.el9_2.x86_64 php-ldap-8.0.30-1.el9_2.x86_64 php-mbstring-8.0.30-1.el9_2.x86_64 php-xml-8.0.30-1.el9_2.x86_64 php-pecl-zip-1.19.2-6.el9.x86_64 php-enchant-8.0.30-1.el9_2.x86_64 php-intl-8.0.30-1.el9_2.x86_64 php-gd-8.0.30-1.el9_2.x86_64 php-mysqlnd-8.0.30-1.el9_2.x86_64 php-cli-8.0.30-1.el9_2.x86_64 php-opcache-8.0.30-1.el9_2.x86_64 php-8.0.30-1.el9_2.x86_64 On Feb 22, 2024, at 19:58, Gary Bowling wrote: So in doing some more troubleshooting, it didn't seem like php was working correctly. In poking around I do not find a libphp.so file. I assume since it's php 8.0.3 it would be libphp8.so module? That should come from the php install, so I did this to see all the files installed by php. # rpm -ql php (contains no files) And it says it contains NO FILES! What's up with that?? So I did this. dnf reinstall php Last metadata expiration check: 0:46:39 ago on Fri 23 Feb 2024 03:03:37 AM UTC. Dependencies re
Re: [qmailtoaster] Rocky 9 Migration
Question. On your Rocky 9 boxes, do you have a libphp5.so module? Listed in the /etc/httpd/conf.d/php.conf file as. LoadModule php5_module modules/libphp5.so On my Rocky 9 box, this file does not exist and I cannot find that it is even suppose to exist. But I'm not sure how php is suppose to work on Apache without it. Maybe they have changed the way that works. In previous versions, like Centos 7, it was included in the php rpm that was installed. Thanks, gb On 2/22/2024 11:17 PM, Remo Mattei wrote: Here is my list of php php-common-8.0.30-1.el9_2.x86_64 php-pdo-8.0.30-1.el9_2.x86_64 php-fpm-8.0.30-1.el9_2.x86_64 php-process-8.0.30-1.el9_2.x86_64 php-ldap-8.0.30-1.el9_2.x86_64 php-mbstring-8.0.30-1.el9_2.x86_64 php-xml-8.0.30-1.el9_2.x86_64 php-pecl-zip-1.19.2-6.el9.x86_64 php-enchant-8.0.30-1.el9_2.x86_64 php-intl-8.0.30-1.el9_2.x86_64 php-gd-8.0.30-1.el9_2.x86_64 php-mysqlnd-8.0.30-1.el9_2.x86_64 php-cli-8.0.30-1.el9_2.x86_64 php-opcache-8.0.30-1.el9_2.x86_64 php-8.0.30-1.el9_2.x86_64 On Feb 22, 2024, at 19:58, Gary Bowling wrote: So in doing some more troubleshooting, it didn't seem like php was working correctly. In poking around I do not find a libphp.so file. I assume since it's php 8.0.3 it would be libphp8.so module? That should come from the php install, so I did this to see all the files installed by php. # rpm -ql php (contains no files) And it says it contains NO FILES! What's up with that?? So I did this. dnf reinstall php Last metadata expiration check: 0:46:39 ago on Fri 23 Feb 2024 03:03:37 AM UTC. Dependencies resolved. == Package Architecture Version Repository Size == Reinstalling: php x86_64 8.0.30-1.el9_2 appstream 7.7 k Transaction Summary == Total download size: 7.7 k Installed size: 0 Is this ok [y/N]: y Downloading Packages: php-8.0.30-1.el9_2.x86_64.rpm 56 kB/s | 7.7 kB 00:00 -- Total 26 kB/s | 7.7 kB 00:00 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Reinstalling : php-8.0.30-1.el9_2.x86_64 1/2 Cleanup : php-8.0.30-1.el9_2.x86_64 2/2 Verifying : php-8.0.30-1.el9_2.x86_64 1/2 Verifying : php
Re: [qmailtoaster] Rocky 9 Migration
So in doing some more troubleshooting, it didn't seem like php was working correctly. In poking around I do not find a libphp.so file. I assume since it's php 8.0.3 it would be libphp8.so module? That should come from the php install, so I did this to see all the files installed by php. # rpm -ql php (contains no files) And it says it contains NO FILES! What's up with that?? So I did this. dnf reinstall php Last metadata expiration check: 0:46:39 ago on Fri 23 Feb 2024 03:03:37 AM UTC. Dependencies resolved. == Package Architecture Version Repository Size == Reinstalling: php x86_64 8.0.30-1.el9_2 appstream 7.7 k Transaction Summary == Total download size: 7.7 k Installed size: 0 Is this ok [y/N]: y Downloading Packages: php-8.0.30-1.el9_2.x86_64.rpm 56 kB/s | 7.7 kB 00:00 -- Total 26 kB/s | 7.7 kB 00:00 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Reinstalling : php-8.0.30-1.el9_2.x86_64 1/2 Cleanup : php-8.0.30-1.el9_2.x86_64 2/2 Verifying : php-8.0.30-1.el9_2.x86_64 1/2 Verifying : php-8.0.30-1.el9_2.x86_64 2/2 Reinstalled: php-8.0.30-1.el9_2.x86_64 Complete! To get a new clean install of php.. But even after doing this, I still get this. rpm -ql php (contains no files) So it appears that my php install is broken and even a reinstall doesn't fix it. I'm not sure what's up with that. Maybe the repository that my box is using has problems? Have you ever seen that problem? gb On 2/22/2024 10:45 PM, Remo Mattei wrote: Hi Gary, I have the default di don’t change anything on that file On Feb 22, 2024, at 18:59, Gary Bowling wrote: Thanks. I suspect some of my issues might be from migrating everything over from my old server which is clearly a lot different. What do your virtualhost configs for your domain look like in /etc/httpd/conf.d/ It seems my only problems are with web things. So it has to be either a php issue or an httpd config issue. There is very little done with php, just a few things in php.ini. There is a lot more done in httpd conf files, with various directives and virtualhosts. Although not really much for qmailadmin Thanks, gb On 2/22/2024 8:43 PM, Eric Broch wrote: I did
Re: [qmailtoaster] Rocky 9 Migration
Thanks. I suspect some of my issues might be from migrating everything over from my old server which is clearly a lot different. What do your virtualhost configs for your domain look like in /etc/httpd/conf.d/ It seems my only problems are with web things. So it has to be either a php issue or an httpd config issue. There is very little done with php, just a few things in php.ini. There is a lot more done in httpd conf files, with various directives and virtualhosts. Although not really much for qmailadmin Thanks, gb On 2/22/2024 8:43 PM, Eric Broch wrote: I did another fresh install of Rocky9/QMT and I can't seem to duplicate the problem you're having. On 2/22/2024 12:48 PM, Eric Broch wrote: Mine as well. It'd be nice to see some errors in the httpd log. On 2/22/2024 11:15 AM, Gary Bowling wrote: Thanks. So Eric, my version is 8.0.3 as I stated previously. php -v PHP 8.0.30 (cli) (built: Aug 3 2023 17:13:08) ( NTS gcc x86_64 ) Copyright (c) The PHP Group Zend Engine v4.0.30, Copyright (c) Zend Technologies with Zend OPcache v8.0.30, Copyright (c), by Zend Technologies Thanks, gb On 2/22/2024 1:11 PM, Remo Mattei wrote: Gary, Yes default is php 8.0.3 I just upgraded afterwards to 8.3 you are fine on the default installation php. Sorry for the confusion. Remo On Feb 22, 2024, at 10:05, Gary Bowling wrote: Not sure what you're saying Remo. My version is 8.0.3, and from your command it looks like yours is as well. I didn't upgrade to anything, just installed Rocky 9. Maybe you meant 8.0.3 instead of 8.3. gb On 2/22/2024 12:52 PM, Remo Mattei wrote: I just upgraded to 8.3 myself seems you can do that no problem but keep 8 there Gary. Remo On Feb 22, 2024, at 09:50, Gary Bowling wrote: php -v PHP 8.0.30 (cli) (built: Aug 3 2023 17:13:08) ( NTS gcc x86_64 ) Copyright (c) The PHP Group Zend Engine v4.0.30, Copyright (c) Zend Technologies with Zend OPcache v8.0.30, Copyright (c), by Zend Technologies On 2/22/2024 12:31 PM, Eric Broch wrote: Odd! Everything works fine on my Rocky9/qmt host. What version of php are you running? # php -v On 2/22/2024 10:21 AM, Gary Bowling wrote: Thanks Eric. Yep, just to not send
Re: [qmailtoaster] Rocky 9 Migration
Thanks. So Eric, my version is 8.0.3 as I stated previously. php -v PHP 8.0.30 (cli) (built: Aug 3 2023 17:13:08) ( NTS gcc x86_64 ) Copyright (c) The PHP Group Zend Engine v4.0.30, Copyright (c) Zend Technologies with Zend OPcache v8.0.30, Copyright (c), by Zend Technologies Thanks, gb On 2/22/2024 1:11 PM, Remo Mattei wrote: Gary, Yes default is php 8.0.3 I just upgraded afterwards to 8.3 you are fine on the default installation php. Sorry for the confusion. Remo On Feb 22, 2024, at 10:05, Gary Bowling wrote: Not sure what you're saying Remo. My version is 8.0.3, and from your command it looks like yours is as well. I didn't upgrade to anything, just installed Rocky 9. Maybe you meant 8.0.3 instead of 8.3. gb On 2/22/2024 12:52 PM, Remo Mattei wrote: I just upgraded to 8.3 myself seems you can do that no problem but keep 8 there Gary. Remo On Feb 22, 2024, at 09:50, Gary Bowling wrote: php -v PHP 8.0.30 (cli) (built: Aug 3 2023 17:13:08) ( NTS gcc x86_64 ) Copyright (c) The PHP Group Zend Engine v4.0.30, Copyright (c) Zend Technologies with Zend OPcache v8.0.30, Copyright (c), by Zend Technologies On 2/22/2024 12:31 PM, Eric Broch wrote: Odd! Everything works fine on my Rocky9/qmt host. What version of php are you running? # php -v On 2/22/2024 10:21 AM, Gary Bowling wrote: Thanks Eric. Yep, just to not send a huge logfile. After having everything stopped for two hrs, I started everything and went to the server/admin-toaster and got the screen from below. It looks like a 401 response, which indicates a lack of authentication credentials. And I'm not sure why. Probably something to do with me copying over the admin.pass or admin.htpasswd from my old server. That was part of the migration page. Here's the httpd/error.log from that. [Thu Feb 22 17:12:23.702465 2024] [suexec:notice] [pid 121153:tid 121153] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Feb 22 17:12:23.714703 2024] [so:warn] [pid 121153:tid 121153] AH01574: module proxy_ajp_module is already loaded, skipping [Thu Feb 22 17:12:23.719266 2024] [lbmethod_heartbeat:notice] [pid 121153:tid 121153] AH02282: No slotmem from mod_heartmonitor [Thu Feb 22 17:12:23.722704 2024] [mpm_event:notice] [pid 121153:tid 121153] AH00489: Apache/2.4.57 (Rocky
Re: [qmailtoaster] Rocky 9 Migration
Not sure what you're saying Remo. My version is 8.0.3, and from your command it looks like yours is as well. I didn't upgrade to anything, just installed Rocky 9. Maybe you meant 8.0.3 instead of 8.3. gb On 2/22/2024 12:52 PM, Remo Mattei wrote: I just upgraded to 8.3 myself seems you can do that no problem but keep 8 there Gary. Remo On Feb 22, 2024, at 09:50, Gary Bowling wrote: php -v PHP 8.0.30 (cli) (built: Aug 3 2023 17:13:08) ( NTS gcc x86_64 ) Copyright (c) The PHP Group Zend Engine v4.0.30, Copyright (c) Zend Technologies with Zend OPcache v8.0.30, Copyright (c), by Zend Technologies On 2/22/2024 12:31 PM, Eric Broch wrote: Odd! Everything works fine on my Rocky9/qmt host. What version of php are you running? # php -v On 2/22/2024 10:21 AM, Gary Bowling wrote: Thanks Eric. Yep, just to not send a huge logfile. After having everything stopped for two hrs, I started everything and went to the server/admin-toaster and got the screen from below. It looks like a 401 response, which indicates a lack of authentication credentials. And I'm not sure why. Probably something to do with me copying over the admin.pass or admin.htpasswd from my old server. That was part of the migration page. Here's the httpd/error.log from that. [Thu Feb 22 17:12:23.702465 2024] [suexec:notice] [pid 121153:tid 121153] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Feb 22 17:12:23.714703 2024] [so:warn] [pid 121153:tid 121153] AH01574: module proxy_ajp_module is already loaded, skipping [Thu Feb 22 17:12:23.719266 2024] [lbmethod_heartbeat:notice] [pid 121153:tid 121153] AH02282: No slotmem from mod_heartmonitor [Thu Feb 22 17:12:23.722704 2024] [mpm_event:notice] [pid 121153:tid 121153] AH00489: Apache/2.4.57 (Rocky Linux) OpenSSL/3.0.7 configured -- resuming normal operations [Thu Feb 22 17:12:23.722720 2024] [core:notice] [pid 121153:tid 121153] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND' And here's the httpd/access.log 96.46.15.70 - - [22/Feb/2024:17:12:41 +] "GET /admin-toaster HTTP/1.1" 401 381 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122. 0.0.0 Safari/537.36" 96.46.15.70 - admin [22/Feb/2024:17:12:41 +] "GET /admin-toaster HTTP/1.1" 301 244 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ 122.0.0.0 Safari/537.36" On 2/22/2024 10:45 AM, Eric Broch wrote: Can you check the httpd logs? On 2/22/2024 8:12 AM, Gary Bowling wrote: Another issue. When I log in to admin-toaster, it properly asks for my password and accepts it,
Re: [qmailtoaster] Rocky 9 Migration
'error' => $session_error, // Return 401 only on failed logins (#7010) 'http_code' => empty($session_error) && !empty($error_message) ? 401 : 200 ]); $RCMAIL->set_task($plugin['task']); if ($plugin['http_code'] == 401) { header('HTTP/1.0 401 Unauthorized'); } $RCMAIL->output->send($plugin['task']); } else { // CSRF prevention $RCMAIL->request_security_check(); // check access to disabled actions $disabled_actions = (array) $RCMAIL->config->get('disabled_actions'); if (in_array($RCMAIL->task . '.' . ($RCMAIL->action ?: 'index'), $disabled_actions)) { rcube::raise_error(['code' => 404, 'message' => "Action disabled"], true, true); } } $RCMAIL->action_handler(); On 2/20/2024 9:02 PM, Gary Bowling wrote: Ah, thanks Eric! Unfortunately I didn't find that page earlier. But but I cobbled together a few sql queries, so I... - exported each domain to an xml file - then did a bit of scripting on each domains xml file to add the pw_domain field, which is the same for every record in each file. - then used the "load xml local infile..." sql command to load each of the files into the vpopmail table. It seems to have all worked. I can now use ./vuserinfo and get correct entries. The other tables, valias, lastauth, dir_control, all seem to be the same. So I think I'm on to the next challenge. The script you showed on that page would have been a little easier, but no worries, it wasn't to difficult. Which reminds me, I need to go back and set Global Local_infiles=0 as I had to change that to export/import local files. Although I'm not sure that hurts anything. Thanks, gb On 2/20/2024 5:04 PM, Eric Broch wrote: did you migrate the database? Many domain's conversion - QMT (qmailtoaster.org) On 2/20/2024 9:37 AM, Gary Bowling wrote: Thanks Eric. Continuing through the "migration" page. After going through everything moving configs and my database, then restarting. Toaststat says everything is ok. So I tried a simple run of ~vpopmail/bin/vuserinfo g...@gbco.us just to query an account. I get this error mysql: sql error[3]: Table 'vpopmail.vpopmail' doesn't exist Logging into the db and checking, indeed I do not have a vpopmail.vpopmail table. I have all the domain tables, etc. So I went back to my old server (the one this email is coming from) and it also does not have a vpopmail.vpopmail table. I'm sure it has something to do with how old my existing server is. But how do I resolve this? Thanks, gb On 2/20/2024 10:00 AM, Eric Broch wrote: It's all good and there's nothing to do. On 2/20/2024 7:11 AM, Gary Bowling wrote: Another question on my migration. On the qmailtoaster.com site, under the RHEL9 derivative install heading. There is the qmail1.03-3.3.8 header and underneath it is a link for "patches applied" I'm confused if that means. It implies that those patches are already applied and there is no need to do them. But the link takes you to the page for the patch like it's something we should apply. I'm pretty sure it's all good and there is nothing to do, just wanted to make sure. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Rocky 9 Migration
Ah, thanks Eric! Unfortunately I didn't find that page earlier. But but I cobbled together a few sql queries, so I... - exported each domain to an xml file - then did a bit of scripting on each domains xml file to add the pw_domain field, which is the same for every record in each file. - then used the "load xml local infile..." sql command to load each of the files into the vpopmail table. It seems to have all worked. I can now use ./vuserinfo and get correct entries. The other tables, valias, lastauth, dir_control, all seem to be the same. So I think I'm on to the next challenge. The script you showed on that page would have been a little easier, but no worries, it wasn't to difficult. Which reminds me, I need to go back and set Global Local_infiles=0 as I had to change that to export/import local files. Although I'm not sure that hurts anything. Thanks, gb On 2/20/2024 5:04 PM, Eric Broch wrote: did you migrate the database? Many domain's conversion - QMT (qmailtoaster.org) On 2/20/2024 9:37 AM, Gary Bowling wrote: Thanks Eric. Continuing through the "migration" page. After going through everything moving configs and my database, then restarting. Toaststat says everything is ok. So I tried a simple run of ~vpopmail/bin/vuserinfo g...@gbco.us just to query an account. I get this error mysql: sql error[3]: Table 'vpopmail.vpopmail' doesn't exist Logging into the db and checking, indeed I do not have a vpopmail.vpopmail table. I have all the domain tables, etc. So I went back to my old server (the one this email is coming from) and it also does not have a vpopmail.vpopmail table. I'm sure it has something to do with how old my existing server is. But how do I resolve this? Thanks, gb On 2/20/2024 10:00 AM, Eric Broch wrote: It's all good and there's nothing to do. On 2/20/2024 7:11 AM, Gary Bowling wrote: Another question on my migration. On the qmailtoaster.com site, under the RHEL9 derivative install heading. There is the qmail1.03-3.3.8 header and underneath it is a link for "patches applied" I'm confused if that means. It implies that those patches are already applied and there is no need to do them. But the link takes you to the page for the patch like it's something we should apply. I'm pretty sure it's all good and there is nothing to do, just wanted to make sure. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Rocky 9 Migration
I see the new versions were not compiled with --disable-many-domains. That looks like it was discussed in the list way back in 2011. Back then, when that decision was made, there much have been a convenient way to migrate from one db structure to the other? Remo, Yes, but there are complications to doing that. I have many domains, many users, different quotas, aliases, etc. The command you sent. Once you get the list of users for i in $(cat lista); do vadduser -r -q NOQUOTA $i...@domain.com ; done Thanks,gb On 2/20/2024 12:23 PM, Remo Mattei wrote: Hi Gary, Did you recall my email? I said create the domain on the new server, then run the shell to create every user with password then sync from old to new on all emails and you would have been set. The script may have been changed Eric will know more about that but how I migrate which is a little longer does not depend on the old mysql. I had issue in the past so I just do that my own way and no issues at all. Remo On Feb 20, 2024, at 09:20, Gary Bowling wrote: hmm, looks like the db structure changed since my old install?? Is that correct? I created a new test domain in vpopmail with vadddomain which worked, then added a new user to that dummy domain. When I look at the db, it now has a vpopmail table that has the following structure. mysql> select * from vpopmail; ++---++++++-+-+ | pw_name | pw_domain | pw_passwd | pw_uid | pw_gid | pw_gecos | pw_dir | pw_shell | pw_clear_passwd | My old server has a separate table for every domain, then the structure for each domain has this structure. select * from gbco_us; +++++-+---++--+ | pw_name | pw_passwd | pw_uid | pw_gid | pw_gecos | pw_dir | pw_shell | pw_clear_passwd | +++++-+---++--+ The difference being the field "pw_domain" So I guess the new structure has all the domains in the same table? If it does, then I need to figure out how to migrate my old db to the new format. Thanks, gb On 2/20/2024 11:37 AM, Gary Bowling wrote: Thanks Eric. Continuing through the "migration" page. After going through everything moving configs and my database, then restarting. Toaststat says everything is ok. So I tried a simple run of ~vpopmail/bin/vuserinfo g...@gbco.us just to query an account. I get this error mysql: sql error[3]: Table 'vpopmail.vpopmail' doesn't exist Logging into the db and checking, indeed I do not have a vpopmail.vpopmail table. I have all the domain tables, etc. So I went back to my old server (the one this email is coming from) and it also does not have a vpopmail.vpopmail table. I'm sure it has something to do with how old my existing server i
Re: [qmailtoaster] Rocky 9 Migration
hmm, looks like the db structure changed since my old install?? Is that correct? I created a new test domain in vpopmail with vadddomain which worked, then added a new user to that dummy domain. When I look at the db, it now has a vpopmail table that has the following structure. mysql> select * from vpopmail; ++---++++++-+-+ | pw_name | pw_domain | pw_passwd | pw_uid | pw_gid | pw_gecos | pw_dir | pw_shell | pw_clear_passwd | My old server has a separate table for every domain, then the structure for each domain has this structure. select * from gbco_us; +++++-+---++--+ | pw_name | pw_passwd | pw_uid | pw_gid | pw_gecos | pw_dir | pw_shell | pw_clear_passwd | +++++-+---++--+ The difference being the field "pw_domain" So I guess the new structure has all the domains in the same table? If it does, then I need to figure out how to migrate my old db to the new format. Thanks, gb On 2/20/2024 11:37 AM, Gary Bowling wrote: Thanks Eric. Continuing through the "migration" page. After going through everything moving configs and my database, then restarting. Toaststat says everything is ok. So I tried a simple run of ~vpopmail/bin/vuserinfo g...@gbco.us just to query an account. I get this error mysql: sql error[3]: Table 'vpopmail.vpopmail' doesn't exist Logging into the db and checking, indeed I do not have a vpopmail.vpopmail table. I have all the domain tables, etc. So I went back to my old server (the one this email is coming from) and it also does not have a vpopmail.vpopmail table. I'm sure it has something to do with how old my existing server is. But how do I resolve this? Thanks, gb On 2/20/2024 10:00 AM, Eric Broch wrote: It's all good and there's nothing to do. On 2/20/2024 7:11 AM, Gary Bowling wrote: Another question on my migration. On the qmailtoaster.com site, under the RHEL9 derivative install heading. There is the qmail1.03-3.3.8 header and underneath it is a link for "patches applied" I'm confused if that means. It implies that those patches are already applied and there is no need to do them. But the link takes you to the page for the patch like it's something we should apply. I'm pretty sure it's all good and there is nothing to do, just wanted to make sure. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Rocky 9 Migration
Thanks Eric. Continuing through the "migration" page. After going through everything moving configs and my database, then restarting. Toaststat says everything is ok. So I tried a simple run of ~vpopmail/bin/vuserinfo g...@gbco.us just to query an account. I get this error mysql: sql error[3]: Table 'vpopmail.vpopmail' doesn't exist Logging into the db and checking, indeed I do not have a vpopmail.vpopmail table. I have all the domain tables, etc. So I went back to my old server (the one this email is coming from) and it also does not have a vpopmail.vpopmail table. I'm sure it has something to do with how old my existing server is. But how do I resolve this? Thanks, gb On 2/20/2024 10:00 AM, Eric Broch wrote: It's all good and there's nothing to do. On 2/20/2024 7:11 AM, Gary Bowling wrote: Another question on my migration. On the qmailtoaster.com site, under the RHEL9 derivative install heading. There is the qmail1.03-3.3.8 header and underneath it is a link for "patches applied" I'm confused if that means. It implies that those patches are already applied and there is no need to do them. But the link takes you to the page for the patch like it's something we should apply. I'm pretty sure it's all good and there is nothing to do, just wanted to make sure. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Rocky 9 Migration
Another question on my migration. On the qmailtoaster.com site, under the RHEL9 derivative install heading. There is the qmail1.03-3.3.8 header and underneath it is a link for "patches applied" I'm confused if that means. It implies that those patches are already applied and there is no need to do them. But the link takes you to the page for the patch like it's something we should apply. I'm pretty sure it's all good and there is nothing to do, just wanted to make sure. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] New Rocky Install
Another question.. What is this question for when the script runs? I'm not sure what it's for or how to answer it. Enter a valid remote email account to which QMT will send mail via Submission & SMTPS: Thanks, gb On 2/19/2024 9:36 AM, Eric Broch wrote: Not sure what went wrong...did a search... Can't connect to local MySQL server through socket '/var/mysql/mysql.sock' (38) - Stack Overflow On 2/19/2024 6:55 AM, Gary Bowling wrote: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] New Rocky Install
Ok, now everything goes good with the script until I get down to this section where I get this error. Feb 19 00:33:17 dspam[11283]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) Then the script stops and gives me lines 1-39/38 (END) If I quit out of that, it continues on and seems like it might be ok. Just making sure the "Can't connect to local MySQL" isn't a problem and/or how to resolve it? Thanks, gb On 2/19/2024 8:03 AM, Gary Bowling wrote: Answering my own note.. haha. I see that I was wrong, both mysql and maria are supported by the OS. I don't think there is anything in my old maria db files that would not be compatible with mysql, so I'll remove maria and clean up things and let the script install mysql. Thanks, gb On 2/19/2024 7:55 AM, Gary Bowling wrote: Ok, thanks. Isn't maria the supported db by the OS? I thought I was using maria because it got regular security updates via the standard OS repos and mysql no longer did. I think my password failure was due to having maria installed already. So the best approach would be to remove maria and clean up a few other things, then run the script again letting it do it's thing? Thanks for the help Eric and Remo. gb On 2/19/2024 12:02 AM, Eric Broch wrote: When the script asks for a password enter the password you plan to use and the script will set your entry as the admin password for the MySQL install. I used to give option for either Maria or MySQL install in CentOS 8; it became burdensome to keep two sets of packages so I settled on MySQL. All the packages are compiled with MySQL support, not Maria, on Rocky/Alma/Springdale 9. On 2/18/2024 5:39 PM, Gary Bowling wrote: Per the previous question about Rocky.. I'm in the process of doing a Rocky 9 install right now! So yes, I believe it's the way to go, although I'm not an expert. My problem right now is... I ran qt_install per the instructions. After a while, it pops up asking for a mysql password. I didn't know what to put in, tried the root password, it failed and now the script continues on. But there are errors because I wasn't able to put in the right password. So two questions. 1. What should the mysql password be? 2. When it finishes, what should I do? I guess I could run it again, it's not operational yet, so maybe running again and putting in the right mysql password would get me back on track. Please advise.. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] New Rocky Install
Answering my own note.. haha. I see that I was wrong, both mysql and maria are supported by the OS. I don't think there is anything in my old maria db files that would not be compatible with mysql, so I'll remove maria and clean up things and let the script install mysql. Thanks, gb On 2/19/2024 7:55 AM, Gary Bowling wrote: Ok, thanks. Isn't maria the supported db by the OS? I thought I was using maria because it got regular security updates via the standard OS repos and mysql no longer did. I think my password failure was due to having maria installed already. So the best approach would be to remove maria and clean up a few other things, then run the script again letting it do it's thing? Thanks for the help Eric and Remo. gb On 2/19/2024 12:02 AM, Eric Broch wrote: When the script asks for a password enter the password you plan to use and the script will set your entry as the admin password for the MySQL install. I used to give option for either Maria or MySQL install in CentOS 8; it became burdensome to keep two sets of packages so I settled on MySQL. All the packages are compiled with MySQL support, not Maria, on Rocky/Alma/Springdale 9. On 2/18/2024 5:39 PM, Gary Bowling wrote: Per the previous question about Rocky.. I'm in the process of doing a Rocky 9 install right now! So yes, I believe it's the way to go, although I'm not an expert. My problem right now is... I ran qt_install per the instructions. After a while, it pops up asking for a mysql password. I didn't know what to put in, tried the root password, it failed and now the script continues on. But there are errors because I wasn't able to put in the right password. So two questions. 1. What should the mysql password be? 2. When it finishes, what should I do? I guess I could run it again, it's not operational yet, so maybe running again and putting in the right mysql password would get me back on track. Please advise.. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] New Rocky Install
Ok, thanks. Isn't maria the supported db by the OS? I thought I was using maria because it got regular security updates via the standard OS repos and mysql no longer did. I think my password failure was due to having maria installed already. So the best approach would be to remove maria and clean up a few other things, then run the script again letting it do it's thing? Thanks for the help Eric and Remo. gb On 2/19/2024 12:02 AM, Eric Broch wrote: When the script asks for a password enter the password you plan to use and the script will set your entry as the admin password for the MySQL install. I used to give option for either Maria or MySQL install in CentOS 8; it became burdensome to keep two sets of packages so I settled on MySQL. All the packages are compiled with MySQL support, not Maria, on Rocky/Alma/Springdale 9. On 2/18/2024 5:39 PM, Gary Bowling wrote: Per the previous question about Rocky.. I'm in the process of doing a Rocky 9 install right now! So yes, I believe it's the way to go, although I'm not an expert. My problem right now is... I ran qt_install per the instructions. After a while, it pops up asking for a mysql password. I didn't know what to put in, tried the root password, it failed and now the script continues on. But there are errors because I wasn't able to put in the right password. So two questions. 1. What should the mysql password be? 2. When it finishes, what should I do? I guess I could run it again, it's not operational yet, so maybe running again and putting in the right mysql password would get me back on track. Please advise.. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] New Rocky Install
How do I get around this? yum install vpopmail Last metadata expiration check: 0:07:00 ago on Mon 19 Feb 2024 02:42:24 AM UTC. Error: Problem: problem with installed package mariadb-server-3:10.5.22-1.el9_2.x86_64 - package mariadb-server-3:10.5.22-1.el9_2.x86_64 from @System conflicts with mysql-server provided by mysql-server-8.0.32-1.el9_2.x86_64 from appstream - package mysql-server-8.0.32-1.el9_2.x86_64 from appstream conflicts with mariadb-server provided by mariadb-server-3:10.5.22-1.el9_2.x86_64 from @System - package mysql-server-8.0.32-1.el9_2.x86_64 from appstream conflicts with mariadb-server provided by mariadb-server-3:10.5.22-1.el9_2.x86_64 from appstream - package mariadb-server-3:10.5.22-1.el9_2.x86_64 from appstream conflicts with mysql-server provided by mysql-server-8.0.32-1.el9_2.x86_64 from appstream - package vpopmail-5.4.33-5.qt.el9.x86_64 from qmt-testing requires mysql-server, but none of the providers can be installed - conflicting requests Thanks, gb On 2/18/2024 8:59 PM, Remo Mattei wrote: Gary nah!! Remo On Sunday, Feb 18, 2024 at 17:51, Gary Bowling <g...@gbco.us> wrote: Yea, but you're a lot smarter than I am! haha. gb On 2/18/2024 8:38 PM, Remo Mattei wrote: Hi I do not think so I just build two new qmail rocky9 using the script no issue whatsoever to migrate I had to do a little manic here and there not too bad so run the fresh install then migrate your users all good. -- Sent from iPhone On domenica, feb 18, 2024 at 17:26, Gary Bowling <g...@gbco.us> wrote: Thanks, yea I understand. It's just the script calls and tries to install mysql. In your migration a while back, Eric had said that what he would do is follow the migration steps on the web site. Which runs qt_install first. qt_install seems a bit out of date to me. I guess I just need to go through qt_install line by line and manually and make some changes for my environment. Thanks, I'll work on it some more... gb On 2/18/2024 8:19 PM, Remo Mattei wrote: You can use Maria or MySQL on the new one just dump and import should be just fine. -- Sent from iPhone On domenica, feb 18, 2024 at 16:52, Gary Bowling <g...@gbco.us> wrote: AH, I also see that the qt_install tries to install mysql-server. My old toaster already has mariadb installed. I'm trying to install a new Rocky 9 and migrate my old Ce
Re: [qmailtoaster] New Rocky Install
Yea, but you're a lot smarter than I am! haha. gb On 2/18/2024 8:38 PM, Remo Mattei wrote: Hi I do not think so I just build two new qmail rocky9 using the script no issue whatsoever to migrate I had to do a little manic here and there not too bad so run the fresh install then migrate your users all good. -- Sent from iPhone On domenica, feb 18, 2024 at 17:26, Gary Bowling <g...@gbco.us> wrote: Thanks, yea I understand. It's just the script calls and tries to install mysql. In your migration a while back, Eric had said that what he would do is follow the migration steps on the web site. Which runs qt_install first. qt_install seems a bit out of date to me. I guess I just need to go through qt_install line by line and manually and make some changes for my environment. Thanks, I'll work on it some more... gb On 2/18/2024 8:19 PM, Remo Mattei wrote: You can use Maria or MySQL on the new one just dump and import should be just fine. -- Sent from iPhone On domenica, feb 18, 2024 at 16:52, Gary Bowling <g...@gbco.us> wrote: AH, I also see that the qt_install tries to install mysql-server. My old toaster already has mariadb installed. I'm trying to install a new Rocky 9 and migrate my old Centos 7 server over. I'm running the qt_install that was specified in the RHEL9 derivative section on this page.. http://www.qmailtoaster.com/index.html Which was the first step in the migration section listed here. http://www.qmailtoaster.com/migrate.html I have my old server running and will install this one and make sure it's all ok prior to cutting over. So I have some time. Any help would be appreciated. Thanks, gb On 2/18/2024 7:39 PM, Gary Bowling wrote: Per the previous question about Rocky.. I'm in the process of doing a Rocky 9 install right now! So yes, I believe it's the way to go, although I'm not an expert. My problem right now is... I ran qt_install per the instructions. After a while, it pops up asking for a mysql password. I didn't know what to put in, tried the root password, it failed and now the script continues on. But there are errors because I wasn't able to put in the right password. So two questions. 1. What should the mysql password be? 2. When it finishes, what should I do? I guess I could run it again, it's not operational yet, so maybe running again and putting in the right mysql password would get me back on track. P
Re: [qmailtoaster] New Rocky Install
Thanks, yea I understand. It's just the script calls and tries to install mysql. In your migration a while back, Eric had said that what he would do is follow the migration steps on the web site. Which runs qt_install first. qt_install seems a bit out of date to me. I guess I just need to go through qt_install line by line and manually and make some changes for my environment. Thanks, I'll work on it some more... gb On 2/18/2024 8:19 PM, Remo Mattei wrote: You can use Maria or MySQL on the new one just dump and import should be just fine. -- Sent from iPhone On domenica, feb 18, 2024 at 16:52, Gary Bowling <g...@gbco.us> wrote: AH, I also see that the qt_install tries to install mysql-server. My old toaster already has mariadb installed. I'm trying to install a new Rocky 9 and migrate my old Centos 7 server over. I'm running the qt_install that was specified in the RHEL9 derivative section on this page.. http://www.qmailtoaster.com/index.html Which was the first step in the migration section listed here. http://www.qmailtoaster.com/migrate.html I have my old server running and will install this one and make sure it's all ok prior to cutting over. So I have some time. Any help would be appreciated. Thanks, gb On 2/18/2024 7:39 PM, Gary Bowling wrote: Per the previous question about Rocky.. I'm in the process of doing a Rocky 9 install right now! So yes, I believe it's the way to go, although I'm not an expert. My problem right now is... I ran qt_install per the instructions. After a while, it pops up asking for a mysql password. I didn't know what to put in, tried the root password, it failed and now the script continues on. But there are errors because I wasn't able to put in the right password. So two questions. 1. What should the mysql password be? 2. When it finishes, what should I do? I guess I could run it again, it's not operational yet, so maybe running again and putting in the right mysql password would get me back on track. Please advise.. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] New Rocky Install
AH, I also see that the qt_install tries to install mysql-server. My old toaster already has mariadb installed. I'm trying to install a new Rocky 9 and migrate my old Centos 7 server over. I'm running the qt_install that was specified in the RHEL9 derivative section on this page.. http://www.qmailtoaster.com/index.html Which was the first step in the migration section listed here. http://www.qmailtoaster.com/migrate.html I have my old server running and will install this one and make sure it's all ok prior to cutting over. So I have some time. Any help would be appreciated. Thanks, gb On 2/18/2024 7:39 PM, Gary Bowling wrote: Per the previous question about Rocky.. I'm in the process of doing a Rocky 9 install right now! So yes, I believe it's the way to go, although I'm not an expert. My problem right now is... I ran qt_install per the instructions. After a while, it pops up asking for a mysql password. I didn't know what to put in, tried the root password, it failed and now the script continues on. But there are errors because I wasn't able to put in the right password. So two questions. 1. What should the mysql password be? 2. When it finishes, what should I do? I guess I could run it again, it's not operational yet, so maybe running again and putting in the right mysql password would get me back on track. Please advise.. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] New Rocky Install
Per the previous question about Rocky.. I'm in the process of doing a Rocky 9 install right now! So yes, I believe it's the way to go, although I'm not an expert. My problem right now is... I ran qt_install per the instructions. After a while, it pops up asking for a mysql password. I didn't know what to put in, tried the root password, it failed and now the script continues on. But there are errors because I wasn't able to put in the right password. So two questions. 1. What should the mysql password be? 2. When it finishes, what should I do? I guess I could run it again, it's not operational yet, so maybe running again and putting in the right mysql password would get me back on track. Please advise.. Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] SELINUX
What is everyone doing with selinux on new Rocky 9 builds? In the past, I've always disabled selinux. But maybe for some added security it's time to do something different. I've learned a bit about selinux and am using it successfully in my new web servers. But it comes with some things already set up for nginx and standard web directories. It will be a bit trickier with a "toaster." Thanks, gb -- The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Hello migration from centos 7 to rocky 9
Thanks Remo, I'll be doing this later this year as "7" goes out of maintenance. Thanks. On 1/13/2024 3:52 PM, Remo Mattei wrote: I was looking at that and I think the certs are missing. I want to replace the old box with the new box but same DNS, IP, DKIM etc.. I will take care of that but just want to share this since other may do the same thing. Remo On Jan 13, 2024, at 11:50, Remo Mattei wrote: Thanks -- Sent from iPhone On sabato, gen 13, 2024 at 11:22, Eric Brochwrote: I'd do this http://www.qmailtoaster.com/migrate.html On 1/13/2024 12:19 PM, Remo Mattei wrote: Hello guys any suggestions on this migration? I have done several in the past but maybe there is a new way now. Thanks, Remo - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] rocky 9 from centOS 7 suggestions?
Awesome! On 3/10/2023 3:18 PM, Qmail wrote: Hi Eric. Yes it works /Finn Den 10-03-2023 kl. 19:52 skrev Eric Broch: Doesn't the script work on qmailtoaster.org ?! 1. Vpopmail Many-Domain MySQL backend 2. Minimal Install RHEL9 DerivativeSprindale Alma Rocky 3. QMT Install 1. # curl -o /usr/local/bin/qt_install \ https://raw.githubusercontent.com/qmtoaster/scripts/master/qt_install_cos9.sh 2. # chmod 755 /usr/local/bin/qt_install 3. #qt_install 4. #toaststat 5. #conntest 6. Scanners On 3/10/2023 11:45 AM, Quinn Comendant wrote: On 10 Mar 2023, at 11:16, Gary Bowling wrote: What's the status these days of a repository that "just works" for installing the toaster? I'd love an update on this too. I'm planning an upgrade to Rocky 9 this year as well. I'm a developer, so not afraid of scripts, but had assumed that QMT was now meant to be installable via a simple |yum install|. I have no idea where to find the “Eric's install script” mentioned by Finn. Quinn - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] rocky 9 from centOS 7 suggestions?
What's the status these days of a repository that "just works" for installing the toaster? I know at one time, (maybe even for my current CentOS7 install?), all I did was set up the repository and do a yum install. That was the original idea, to create a server where people didn't have to be developers to easily install and maintain a system. I do understand that's a lot of work for whoever is creating/maintaining it, but it sure was nice! Gary On 3/9/2023 10:40 PM, Remo wrote: Hello anyone planning to build a rocky 9 and migrate the domains from centOS 7 any suggestions? Tips? — Ciao, Remo - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Cert Error
I tried it again and didn't get that error. I guess all is good, weird. Gary On 2/26/2023 10:13 PM, Gary Bowling wrote: base/7/x86_64 CentOS-7 - Base 10,065+7 epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,734+13 extras/7/x86_64 CentOS-7 - Extras 515 qmt-current QMT Current Repos 55 updates/7/x86_64 CentOS-7 - Updates 4,705+1 repolist: 29,074 Gary On 2/26/2023 10:07 PM, Remo Mattei wrote: What does yum repolist give you? -- Mandato da iPhone On domenica, feb 26, 2023 at 18:57, Gary Bowling <g...@gbco.us> wrote: Tried to do a yum update on my mail server this evening. Got the following. Could not retrieve mirrorlist https://www.qmailtoaster.org/qmt-mirrorlist-current error was 14: curl#60 - "Peer's Certificate has expired." Thanks, Gary -- Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Cert Error
base/7/x86_64 CentOS-7 - Base 10,065+7 epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,734+13 extras/7/x86_64 CentOS-7 - Extras 515 qmt-current QMT Current Repos 55 updates/7/x86_64 CentOS-7 - Updates 4,705+1 repolist: 29,074 Gary On 2/26/2023 10:07 PM, Remo Mattei wrote: What does yum repolist give you? -- Mandato da iPhone On domenica, feb 26, 2023 at 18:57, Gary Bowling <g...@gbco.us> wrote: Tried to do a yum update on my mail server this evening. Got the following. Could not retrieve mirrorlist https://www.qmailtoaster.org/qmt-mirrorlist-current error was 14: curl#60 - "Peer's Certificate has expired." Thanks, Gary -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Cert Error
Tried to do a yum update on my mail server this evening. Got the following. Could not retrieve mirrorlist https://www.qmailtoaster.org/qmt-mirrorlist-current error was 14: curl#60 - "Peer's Certificate has expired." Thanks, Gary -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Spamdyke RDNS Whitelist
So it's the same as for addresses. Ok, I'll give that a try. Thanks as always! Gary On 1/5/2023 3:15 PM, Eric Broch wrote: I think it would be @domain1.com @domain2.com @domain3.com On 1/5/2023 12:41 PM, Gary Bowling wrote: I thought the syntax for whitelisting RDNS via a file was to make a file with entries as follows: .domain1.com .domain2.com .domain3.com and that would whitelist anything ending in those. So it would whitelist and machine whose name is mail1.domain1.com, mail2.domain1.com as well as just domain1.com However, either that's not working right or I have something else configure incorrectly. Can someone verify the whitelist file syntax? I looked through the spamdyke documentation but I don't see any examples. All I see is the syntax @domain1.com, but I thought that was only for the files with senders and the like. E.g. a whitelist for email address syntax. Any help would be appreciated. Gary -- Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Spamdyke RDNS Whitelist
I thought the syntax for whitelisting RDNS via a file was to make a file with entries as follows: .domain1.com .domain2.com .domain3.com and that would whitelist anything ending in those. So it would whitelist and machine whose name is mail1.domain1.com, mail2.domain1.com as well as just domain1.com However, either that's not working right or I have something else configure incorrectly. Can someone verify the whitelist file syntax? I looked through the spamdyke documentation but I don't see any examples. All I see is the syntax @domain1.com, but I thought that was only for the files with senders and the like. E.g. a whitelist for email address syntax. Any help would be appreciated. Gary -- Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Client Error Message
Haha, these things happen!! G On 7/7/2022 9:48 AM, Qmail wrote: well just as I hit the send button for my previous email to the list, I got a new email in my inbox from my crowdin account - but the content in the new email was the content of the just sended email - crap - sorry Damned.. /Finn Den 07-07-2022 kl. 15:36 skrev Qmail: Well I have not seen this 'no space' warning but I had 2 emails that suddenly was empty or filled with lines from another email. I was able to read them when they arrived in my inbox (at midnight), but this morning they were messed up - I did try to 'show sourcecode' - but blank - completely empty. Both emails were POP'ed - no problems with IMAP accounts so far (I'm on 102.0.1 both Thunderbird and Firefox for that matter). I say it looks like a pc/Tb issue /Finn Den 07-07-2022 kl. 15:22 skrev Eric Broch: After some thought I wonder , 1) if this is a problem writing the message back to the server, or 2) From 'Tools -> Account Settings -> Synchronization & Storage -> Disk Space' a problem writing back to the P.C. Might be moot if 102.0.1 fixes it. Any ideas? On 7/7/2022 7:13 AM, Qmail wrote: Hi Gary. There's a TB ver 102.0.1 currently which should fix some of the issues. I have had emails in my inbox that suddenly was empty - only to and from was okay rest of the email - empty or filled with stuff from another (old) email. BACKUP BACKUP Your data since there's no way back from ver 102 /Finn Den 07-07-2022 kl. 15:05 skrev Gary Bowling: Thanks for that Finn, so maybe I have two problems. Hopefully they'll get the TB issue resolved soon. I will have to say that TB has had a number of changes over the past year that I'm not fond of and overall operation doesn't seem as good as it used to be. Not sure what's going on over there, but it's not a good direction in my opinion. G On 7/7/2022 8:55 AM, Qmail wrote: Hi Gary. I know You got a solution from Eric, but on the Mozilla forum many complains about TB ver 102.0 claiming 'missing space for new emails' (amongst other issues for the new release). Chers, Finn Den 06-07-2022 kl. 20:55 skrev Gary Bowling: For some reason, over the past few days, I've been getting this error from my email client, Thunderbird ver 102.0 windows 64 bit client. I've been using Thunderbird for years, nothing in the settings, setup, or anything has been changed in years. I have never seen this issue and am trying to figure out if it's a server issue or a client issue. On my local machine, I have two drives with 39G and 48G free space respectively. On the server I have 63G free space. So the "disk space" error doesn't make sense to me. Anyone ever see this or have any experience with it? Thanks, G -- - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail:
Re: [qmailtoaster] Client Error Message
I believe those settings are for IMAP and I'm using POP, so that's not the problem. I'm a bit odd, I actually like POP better as the mail is backed up on your PC by default. And sync'ing it between multiple computers is easy as I have it set to keep 14 days of email on the server. So every other PC, as long as you fire it up within 14 days gets all the email. G On 7/7/2022 9:22 AM, Eric Broch wrote: After some thought I wonder , 1) if this is a problem writing the message back to the server, or 2) From 'Tools -> Account Settings -> Synchronization & Storage -> Disk Space' a problem writing back to the P.C. Might be moot if 102.0.1 fixes it. Any ideas? On 7/7/2022 7:13 AM, Qmail wrote: Hi Gary. There's a TB ver 102.0.1 currently which should fix some of the issues. I have had emails in my inbox that suddenly was empty - only to and from was okay rest of the email - empty or filled with stuff from another (old) email. BACKUP BACKUP Your data since there's no way back from ver 102 /Finn Den 07-07-2022 kl. 15:05 skrev Gary Bowling: Thanks for that Finn, so maybe I have two problems. Hopefully they'll get the TB issue resolved soon. I will have to say that TB has had a number of changes over the past year that I'm not fond of and overall operation doesn't seem as good as it used to be. Not sure what's going on over there, but it's not a good direction in my opinion. G On 7/7/2022 8:55 AM, Qmail wrote: Hi Gary. I know You got a solution from Eric, but on the Mozilla forum many complains about TB ver 102.0 claiming 'missing space for new emails' (amongst other issues for the new release). Chers, Finn Den 06-07-2022 kl. 20:55 skrev Gary Bowling: For some reason, over the past few days, I've been getting this error from my email client, Thunderbird ver 102.0 windows 64 bit client. I've been using Thunderbird for years, nothing in the settings, setup, or anything has been changed in years. I have never seen this issue and am trying to figure out if it's a server issue or a client issue. On my local machine, I have two drives with 39G and 48G free space respectively. On the server I have 63G free space. So the "disk space" error doesn't make sense to me. Anyone ever see this or have any experience with it? Thanks, G -- - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Client Error Message
Thanks Eric. No, it doesn't happen every time, it only happens once in a while and seems to be better since I fixed the DNS issue. So I may have had both issues contributing. I also had it duplicate messages, basically re-downloading all the email from the server that was already downloaded once (POP mail). So yes, maybe I'll either downgrade or go download the 102.0.1 version. Thanks, G On 7/7/2022 9:12 AM, Eric Broch wrote: I'd downgrade if at all possible: "Thunderbird version 102.0.1 is only offered as direct download from thunderbird.net and not as an upgrade from Thunderbird version 91 or earlier. A future release will provide updates from earlier versions." https://www.thunderbird.net/en-US/thunderbird/102.0.1/releasenotes/ At least until this is fixed. Does it happen every time you send mail? On 7/7/2022 7:05 AM, Gary Bowling wrote: Thanks for that Finn, so maybe I have two problems. Hopefully they'll get the TB issue resolved soon. I will have to say that TB has had a number of changes over the past year that I'm not fond of and overall operation doesn't seem as good as it used to be. Not sure what's going on over there, but it's not a good direction in my opinion. G On 7/7/2022 8:55 AM, Qmail wrote: Hi Gary. I know You got a solution from Eric, but on the Mozilla forum many complains about TB ver 102.0 claiming 'missing space for new emails' (amongst other issues for the new release). Chers, Finn Den 06-07-2022 kl. 20:55 skrev Gary Bowling: For some reason, over the past few days, I've been getting this error from my email client, Thunderbird ver 102.0 windows 64 bit client. I've been using Thunderbird for years, nothing in the settings, setup, or anything has been changed in years. I have never seen this issue and am trying to figure out if it's a server issue or a client issue. On my local machine, I have two drives with 39G and 48G free space respectively. On the server I have 63G free space. So the "disk space" error doesn't make sense to me. Anyone ever see this or have any experience with it? Thanks, G -- - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Client Error Message
Thanks for that Finn, so maybe I have two problems. Hopefully they'll get the TB issue resolved soon. I will have to say that TB has had a number of changes over the past year that I'm not fond of and overall operation doesn't seem as good as it used to be. Not sure what's going on over there, but it's not a good direction in my opinion. G On 7/7/2022 8:55 AM, Qmail wrote: Hi Gary. I know You got a solution from Eric, but on the Mozilla forum many complains about TB ver 102.0 claiming 'missing space for new emails' (amongst other issues for the new release). Chers, Finn Den 06-07-2022 kl. 20:55 skrev Gary Bowling: For some reason, over the past few days, I've been getting this error from my email client, Thunderbird ver 102.0 windows 64 bit client. I've been using Thunderbird for years, nothing in the settings, setup, or anything has been changed in years. I have never seen this issue and am trying to figure out if it's a server issue or a client issue. On my local machine, I have two drives with 39G and 48G free space respectively. On the server I have 63G free space. So the "disk space" error doesn't make sense to me. Anyone ever see this or have any experience with it? Thanks, G -- - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Client Error Message
Ah, thanks for that Eric!! Turns out, my router, which picks up DNS servers via DHCP, found another DNS server today. Instead of two servers from my ISP, I now have three. In doing "dig's" on each of the servers, it seems the new 3rd one doesn't resolve correctly. I have sent a support note to my ISP and temporarily set the servers manually in my router, eliminating the "bad" one. Thanks, G On 7/6/2022 6:48 PM, Eric Broch wrote: I see this error message every once in a while when my dns settings are messed up and the client cannot connect to the server. On 7/6/2022 12:55 PM, Gary Bowling wrote: For some reason, over the past few days, I've been getting this error from my email client, Thunderbird ver 102.0 windows 64 bit client. I've been using Thunderbird for years, nothing in the settings, setup, or anything has been changed in years. I have never seen this issue and am trying to figure out if it's a server issue or a client issue. On my local machine, I have two drives with 39G and 48G free space respectively. On the server I have 63G free space. So the "disk space" error doesn't make sense to me. Anyone ever see this or have any experience with it? Thanks, G --
[qmailtoaster] Client Error Message
For some reason, over the past few days, I've been getting this error from my email client, Thunderbird ver 102.0 windows 64 bit client. I've been using Thunderbird for years, nothing in the settings, setup, or anything has been changed in years. I have never seen this issue and am trying to figure out if it's a server issue or a client issue. On my local machine, I have two drives with 39G and 48G free space respectively. On the server I have 63G free space. So the "disk space" error doesn't make sense to me. Anyone ever see this or have any experience with it? Thanks, G --
[qmailtoaster] Spamdyke RDNS Question
In my maillog I get messages like this. The user/domain/ip have been changed, but they are all valid: spamdyke[10162]: DENIED_RDNS_RESOLVE from: fromu...@domain.com to: tou...@otherdomain.com origin_ip: 162.xxx.sss.yyy origin_rdns: server.domain.com auth: (unknown) encryption: TLS reason: (empty) These messages get rejected by my server. My understanding is the messages are getting rejected by spamdyke due to un-resolvable reverse dns (DENIED_RDNS_RESOLVE). However, further down in the same log message it lists "origin_rdns: server.domain.com" which IS the valid reverse dns of the domain that sent the message. So how can it be rejected by reverse DNS but then show the proper reverse DNS?? What am I missing here? Thanks, GB -- - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Spamdyke RDNS Question
Thanks, that's what I did. There clearly is something I don't understand about how denying reverse DNS works. I whitelisted the IP and not the domain. My logic is. Someone from anywhere could try to fake the "domain" so whitelisting that might expose the server. The IP address belongs to Comcast Business and is likely to never belong to anyone else. So even thought that IP might eventually belong to someone else, it's not likely to belong to a bad actor. Gary On 7/16/2021 11:42 AM, Eric Broch wrote: whitelist it in spamdyke On 7/16/2021 8:28 AM, Gary Bowling wrote: I have an issue with mail getting rejected from a specific domain. It's getting rejected due to Spamdyke and RDNS. Here's the line out of the log. Jul 16 09:02:41 vm1 spamdyke[32358]: DENIED_RDNS_RESOLVE from: ***@**nd.com to: ***@**ion.com origin_ip: 50.**.**.98 origin_rdns: 50-**-**-98-static.**.comcastbusiness.net auth: (unknown) encryption: (none) reason: (empty) From looking at the log. It says spamdyke is blocking it due to RNDS not resolving. But then on the same line it shows the "origin_rdns" and it looks like a valid reverse dns to me. Why is this getting blocked? Gary - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Spamdyke RDNS Question
I have an issue with mail getting rejected from a specific domain. It's getting rejected due to Spamdyke and RDNS. Here's the line out of the log. Jul 16 09:02:41 vm1 spamdyke[32358]: DENIED_RDNS_RESOLVE from: ***@**nd.com to: ***@**ion.com origin_ip: 50.**.**.98 origin_rdns: 50-**-**-98-static.**.comcastbusiness.net auth: (unknown) encryption: (none) reason: (empty) From looking at the log. It says spamdyke is blocking it due to RNDS not resolving. But then on the same line it shows the "origin_rdns" and it looks like a valid reverse dns to me. Why is this getting blocked? Gary - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Clamav-Freshclam Not starting after update
Another point, I guess if we leave the cron in place. It looks to me like we can just disable the clamav-freshclam.service. Is that correct? Thanks, Gary On 7/11/2021 4:03 PM, Gary Bowling wrote: Thanks, Gary On 7/11/2021 4:01 PM, Eric Broch wrote: If the service is running, updates are happening, but if the clamav developers are doing away with freshclam daemon, which seems likely, option 2 seems to be the way to go. On 7/11/2021 1:55 PM, Gary Bowling wrote: Thanks Eric. So I kinda of like having the service show up in toaststat as it's an easy way to check things. Which would encourage me to take option 1. However, is the "new" way of doing it, to do it in cron? If it is, then that's probably better as it makes my box more "standard." I'm not sure having the service show up in toaststat really means anything anyway, it just says the service is running. Not that the db is actually getting updated. Thanks, Gary On 7/11/2021 2:51 PM, Eric Broch wrote: Freshclam doesn't start because databases are now updated by cron job '/etc/cron.d/clamav-update' in 'freshclam.service' file. If cron job file exists freshclam daemon is not necessary. Pick one of two options: 1) vi /usr/lib/systemd/system/clamav-freshclam.service replace ConditionPathExists=!/etc/cron.d/clamav-update with #ConditionPathExists=!/etc/cron.d/clamav-update vi /etc/cron.d/clamav-update replace 0 */3 * * * root /usr/share/clamav/freshclam-sleep > /dev/null with #0 */3 * * * root /usr/share/clamav/freshclam-sleep > /dev/null or 2) vi /usr/bin/toaststat replace for sv in clamd@scan clamav-freshclam spamassassin ... ... ... with for sv in clamd@scan spamassassin ... ... ... On 7/11/2021 11:11 AM, Gary Bowling wrote: I see where Chandran had this same issue a few weeks ago. What did you do to resolve it? Thanks, Gary On 7/11/2021 1:03 PM, Gary Bowling wrote: Running a toaster on CentOS 7, with everything updated every couple of months. Just did an update on my server. The update took me from clamav-update-0.103.2-1.el7.x86_64 > clamav-update-0.103.2-2.el7.x86_64 All the other clamav packages are also updated from/to the same version, clamav, clamav-lib, clamav-filesystem. After a reboot, toastat gives me systemd service: clamav-freshclam: [ FAILED ] Then I took a look at. systemctl status clamav-freshclam â clamav-freshclam.service - ClamAV virus database updater Loaded: loaded (/usr/lib/systemd/system/clamav-freshclam.service; enabled; vendor preset: disabled) Active: inactive (dead) Condition: start condition failed at Sun 2021-07-11 12:48:21 EDT; 7min ago ConditionPathExists=!/etc/cron.d/clamav-update was not met Docs: man:freshclam(1) man:freshclam.conf(5) https://www.clamav.net/documents The /var/log/clamav/freshclam.log just has this one line. Sun Jul 11 12:29:07 2021 -> Update process terminated Any suggestions as to how to resolve this?
Re: [qmailtoaster] Clamav-Freshclam Not starting after update
Thanks, Gary On 7/11/2021 4:01 PM, Eric Broch wrote: If the service is running, updates are happening, but if the clamav developers are doing away with freshclam daemon, which seems likely, option 2 seems to be the way to go. On 7/11/2021 1:55 PM, Gary Bowling wrote: Thanks Eric. So I kinda of like having the service show up in toaststat as it's an easy way to check things. Which would encourage me to take option 1. However, is the "new" way of doing it, to do it in cron? If it is, then that's probably better as it makes my box more "standard." I'm not sure having the service show up in toaststat really means anything anyway, it just says the service is running. Not that the db is actually getting updated. Thanks, Gary On 7/11/2021 2:51 PM, Eric Broch wrote: Freshclam doesn't start because databases are now updated by cron job '/etc/cron.d/clamav-update' in 'freshclam.service' file. If cron job file exists freshclam daemon is not necessary. Pick one of two options: 1) vi /usr/lib/systemd/system/clamav-freshclam.service replace ConditionPathExists=!/etc/cron.d/clamav-update with #ConditionPathExists=!/etc/cron.d/clamav-update vi /etc/cron.d/clamav-update replace 0 */3 * * * root /usr/share/clamav/freshclam-sleep > /dev/null with #0 */3 * * * root /usr/share/clamav/freshclam-sleep > /dev/null or 2) vi /usr/bin/toaststat replace for sv in clamd@scan clamav-freshclam spamassassin ... ... ... with for sv in clamd@scan spamassassin ... ... ... On 7/11/2021 11:11 AM, Gary Bowling wrote: I see where Chandran had this same issue a few weeks ago. What did you do to resolve it? Thanks, Gary On 7/11/2021 1:03 PM, Gary Bowling wrote: Running a toaster on CentOS 7, with everything updated every couple of months. Just did an update on my server. The update took me from clamav-update-0.103.2-1.el7.x86_64 > clamav-update-0.103.2-2.el7.x86_64 All the other clamav packages are also updated from/to the same version, clamav, clamav-lib, clamav-filesystem. After a reboot, toastat gives me systemd service: clamav-freshclam: [ FAILED ] Then I took a look at. systemctl status clamav-freshclam â clamav-freshclam.service - ClamAV virus database updater Loaded: loaded (/usr/lib/systemd/system/clamav-freshclam.service; enabled; vendor preset: disabled) Active: inactive (dead) Condition: start condition failed at Sun 2021-07-11 12:48:21 EDT; 7min ago ConditionPathExists=!/etc/cron.d/clamav-update was not met Docs: man:freshclam(1) man:freshclam.conf(5) https://www.clamav.net/documents The /var/log/clamav/freshclam.log just has this one line. Sun Jul 11 12:29:07 2021 -> Update process terminated Any suggestions as to how to resolve this? Thanks, Gary -
Re: [qmailtoaster] Clamav-Freshclam Not starting after update
Thanks Eric. So I kinda of like having the service show up in toaststat as it's an easy way to check things. Which would encourage me to take option 1. However, is the "new" way of doing it, to do it in cron? If it is, then that's probably better as it makes my box more "standard." I'm not sure having the service show up in toaststat really means anything anyway, it just says the service is running. Not that the db is actually getting updated. Thanks, Gary On 7/11/2021 2:51 PM, Eric Broch wrote: Freshclam doesn't start because databases are now updated by cron job '/etc/cron.d/clamav-update' in 'freshclam.service' file. If cron job file exists freshclam daemon is not necessary. Pick one of two options: 1) vi /usr/lib/systemd/system/clamav-freshclam.service replace ConditionPathExists=!/etc/cron.d/clamav-update with #ConditionPathExists=!/etc/cron.d/clamav-update vi /etc/cron.d/clamav-update replace 0 */3 * * * root /usr/share/clamav/freshclam-sleep > /dev/null with #0 */3 * * * root /usr/share/clamav/freshclam-sleep > /dev/null or 2) vi /usr/bin/toaststat replace for sv in clamd@scan clamav-freshclam spamassassin ... ... ... with for sv in clamd@scan spamassassin ... ... ... On 7/11/2021 11:11 AM, Gary Bowling wrote: I see where Chandran had this same issue a few weeks ago. What did you do to resolve it? Thanks, Gary On 7/11/2021 1:03 PM, Gary Bowling wrote: Running a toaster on CentOS 7, with everything updated every couple of months. Just did an update on my server. The update took me from clamav-update-0.103.2-1.el7.x86_64 > clamav-update-0.103.2-2.el7.x86_64 All the other clamav packages are also updated from/to the same version, clamav, clamav-lib, clamav-filesystem. After a reboot, toastat gives me systemd service: clamav-freshclam: [ FAILED ] Then I took a look at. systemctl status clamav-freshclam â clamav-freshclam.service - ClamAV virus database updater Loaded: loaded (/usr/lib/systemd/system/clamav-freshclam.service; enabled; vendor preset: disabled) Active: inactive (dead) Condition: start condition failed at Sun 2021-07-11 12:48:21 EDT; 7min ago ConditionPathExists=!/etc/cron.d/clamav-update was not met Docs: man:freshclam(1) man:freshclam.conf(5) https://www.clamav.net/documents The /var/log/clamav/freshclam.log just has this one line. Sun Jul 11 12:29:07 2021 -> Update process terminated Any suggestions as to how to resolve this? Thanks, Gary - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Clamav-Freshclam Not starting after update
I see where Chandran had this same issue a few weeks ago. What did you do to resolve it? Thanks, Gary On 7/11/2021 1:03 PM, Gary Bowling wrote: Running a toaster on CentOS 7, with everything updated every couple of months. Just did an update on my server. The update took me from clamav-update-0.103.2-1.el7.x86_64 > clamav-update-0.103.2-2.el7.x86_64 All the other clamav packages are also updated from/to the same version, clamav, clamav-lib, clamav-filesystem. After a reboot, toastat gives me systemd service: clamav-freshclam: [ FAILED ] Then I took a look at. systemctl status clamav-freshclam â clamav-freshclam.service - ClamAV virus database updater Loaded: loaded (/usr/lib/systemd/system/clamav-freshclam.service; enabled; vendor preset: disabled) Active: inactive (dead) Condition: start condition failed at Sun 2021-07-11 12:48:21 EDT; 7min ago ConditionPathExists=!/etc/cron.d/clamav-update was not met Docs: man:freshclam(1) man:freshclam.conf(5) https://www.clamav.net/documents The /var/log/clamav/freshclam.log just has this one line. Sun Jul 11 12:29:07 2021 -> Update process terminated Any suggestions as to how to resolve this? Thanks, Gary - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Clamav-Freshclam Not starting after update
Running a toaster on CentOS 7, with everything updated every couple of months. Just did an update on my server. The update took me from clamav-update-0.103.2-1.el7.x86_64 > clamav-update-0.103.2-2.el7.x86_64 All the other clamav packages are also updated from/to the same version, clamav, clamav-lib, clamav-filesystem. After a reboot, toastat gives me systemd service: clamav-freshclam: [ FAILED ] Then I took a look at. systemctl status clamav-freshclam â clamav-freshclam.service - ClamAV virus database updater Loaded: loaded (/usr/lib/systemd/system/clamav-freshclam.service; enabled; vendor preset: disabled) Active: inactive (dead) Condition: start condition failed at Sun 2021-07-11 12:48:21 EDT; 7min ago ConditionPathExists=!/etc/cron.d/clamav-update was not met Docs: man:freshclam(1) man:freshclam.conf(5) https://www.clamav.net/documents The /var/log/clamav/freshclam.log just has this one line. Sun Jul 11 12:29:07 2021 -> Update process terminated Any suggestions as to how to resolve this? Thanks, Gary - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Server Specs
You can literally get something that will do that for $5/month from linode.com. Reliable service and great prices. I have one from there that hosts about 4 domains and about 1000 users for $20/month! And I've never had a problem. I would still recommend Centos 7 at this point, but you'll have to change in a few years. The landscape is changing and we'll see what wins out by the EOL of 7, which is June 2024. gabo On 4/30/2021 7:21 PM, Scott Hughes wrote: I am looking to host a very small email domain (5-10 boxes max - all low usage). What is the best sized server and Linux flavor to use for this? I’m putting it on a vServer so I don’t want to pay for a lot of extra RAM and hard drive space that I don’t need. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Future of qmailtoaster on CentOS?
I'm almost embarrassed to say that I'm running mine on a $25/month server. I have about 1000 users over 7 domains. Here's a price list from Linode, but you can also customize it. https://www.linode.com/pricing/ gary On 12/11/2020 10:21 AM, Eric Broch wrote: What's the cost? On 12/11/2020 8:14 AM, Gary Bowling wrote: Yes, they give you an OS, with the amount of MEM/disk/processors/etc that you configure and purchase. Once you get that, you can log in with SSH and set up anything you like. There is also a console app from your account in case you have trouble getting in via SSH. It's really a nice service and I've been very happy with it. Since your machine sits on top of a big architecture you never have to worry about hardware failures, hardware upgrades, etc. You can add storage, RAM, processors, etc to an existing machine at any time. I was skeptical at first of running email on a virtual, but I've been using mine for about 3 years now and it's really been a good service. I would never go back to a real machine, all the hardware headaches are gone. gary On 12/11/2020 10:01 AM, Eric Broch wrote: Do they allow you to control the repos from which you update? If so there should not be problem if Rocky is done by then. On 12/11/2020 7:45 AM, Gary Bowling wrote: One issue I have is that my toaster is hosted on a virtual machine at Linode. Others may use virtual solutions as well. These services offer virtual machines of several popular flavors, but you have to use whatever they offer. Linode offers servers in Centos, Alpine, Arch, Debian, Fedora, Gentoo, Slackware, Ubuntu, and OpenSUSE. To use their service, you choose a platform/OS and specs. It's built for you in their data center, then you log in and configure/install what you want. So for Linode there is no Rocky-linux or FreeBSD. Not to say that Rocky won't be supported in the future. If it takes hold and many of the CentOS customers move that direction, I'm sure it will. It's just something to keep in mind and consider as this is moved forward. gary On 12/11/2020 8:52 AM, Eric Broch wrote: This looks like good news: https://github.com/rocky-linux On another note: IBM bought/acquired Red Hat. On 12/10/2020 8:35 AM, Eric Broch wrote: Fellow QMT enthusiasts: I became concerned about the future of CentOS a week or so ago (not a premonition just my natural paranoia) prior to their announcement two days back and visited centos.org to relieve my fears. I was confident at that point that having gotten QMT/CentOS 8 ready I was good to go for ~10 years. My confidence MAY have been hasty. I'm still not sure what drawbacks 'stream' is going to bring, if any, and like Angus am apprehensive. It's supposed to be an intermediate environment between Fedora and RHEL. In my opinion, to release CentOS 8 and then move it from downstream to upstream after people have already migrated is short-sighted at the very least, and its name Community Enterprise OS (8) is now a misnomer. Living in somewhat of a cocoon, I was completely unaware that RH "joined" CentOS. I've heard some say that we've been freeloading off CentOS for years and now it's time to pay up. Never mind that a free kernel is used and we actually test the software and report bugs. That said, I have REALLY enj
Re: [qmailtoaster] Future of qmailtoaster on CentOS?
Yes, they give you an OS, with the amount of MEM/disk/processors/etc that you configure and purchase. Once you get that, you can log in with SSH and set up anything you like. There is also a console app from your account in case you have trouble getting in via SSH. It's really a nice service and I've been very happy with it. Since your machine sits on top of a big architecture you never have to worry about hardware failures, hardware upgrades, etc. You can add storage, RAM, processors, etc to an existing machine at any time. I was skeptical at first of running email on a virtual, but I've been using mine for about 3 years now and it's really been a good service. I would never go back to a real machine, all the hardware headaches are gone. gary On 12/11/2020 10:01 AM, Eric Broch wrote: Do they allow you to control the repos from which you update? If so there should not be problem if Rocky is done by then. On 12/11/2020 7:45 AM, Gary Bowling wrote: One issue I have is that my toaster is hosted on a virtual machine at Linode. Others may use virtual solutions as well. These services offer virtual machines of several popular flavors, but you have to use whatever they offer. Linode offers servers in Centos, Alpine, Arch, Debian, Fedora, Gentoo, Slackware, Ubuntu, and OpenSUSE. To use their service, you choose a platform/OS and specs. It's built for you in their data center, then you log in and configure/install what you want. So for Linode there is no Rocky-linux or FreeBSD. Not to say that Rocky won't be supported in the future. If it takes hold and many of the CentOS customers move that direction, I'm sure it will. It's just something to keep in mind and consider as this is moved forward. gary On 12/11/2020 8:52 AM, Eric Broch wrote: This looks like good news: https://github.com/rocky-linux On another note: IBM bought/acquired Red Hat. On 12/10/2020 8:35 AM, Eric Broch wrote: Fellow QMT enthusiasts: I became concerned about the future of CentOS a week or so ago (not a premonition just my natural paranoia) prior to their announcement two days back and visited centos.org to relieve my fears. I was confident at that point that having gotten QMT/CentOS 8 ready I was good to go for ~10 years. My confidence MAY have been hasty. I'm still not sure what drawbacks 'stream' is going to bring, if any, and like Angus am apprehensive. It's supposed to be an intermediate environment between Fedora and RHEL. In my opinion, to release CentOS 8 and then move it from downstream to upstream after people have already migrated is short-sighted at the very least, and its name Community Enterprise OS (8) is now a misnomer. Living in somewhat of a cocoon, I was completely unaware that RH "joined" CentOS. I've heard some say that we've been freeloading off CentOS for years and now it's time to pay up. Never mind that a free kernel is used and we actually test the software and report bugs. That said, I have REALLY enjoyed using CentOS since the beginning. That said, having a look at the old spec files from *-toaster designation days when we built the QMT for specific platforms, Fedora, was among them along with Suse, Mandrake, so, at the beginning QMT was used in a non-Enterprise environment. Anyway... Personally, I'm interested in both Debian and FreeBSD and would like to go back halfway to multi-platform builds while keeping the current QMT/CentOS 8 offering. This would mitigate the problems, if there are any, we are seeing now (hopefully). I guess it just depends on when (or if) the mega-corps buy up all of the Linux distributions and hang us all out to dry. Given the Felliniesque nature of the world today nothing would surprise
Re: [qmailtoaster] Future of qmailtoaster on CentOS?
One issue I have is that my toaster is hosted on a virtual machine at Linode. Others may use virtual solutions as well. These services offer virtual machines of several popular flavors, but you have to use whatever they offer. Linode offers servers in Centos, Alpine, Arch, Debian, Fedora, Gentoo, Slackware, Ubuntu, and OpenSUSE. To use their service, you choose a platform/OS and specs. It's built for you in their data center, then you log in and configure/install what you want. So for Linode there is no Rocky-linux or FreeBSD. Not to say that Rocky won't be supported in the future. If it takes hold and many of the CentOS customers move that direction, I'm sure it will. It's just something to keep in mind and consider as this is moved forward. gary On 12/11/2020 8:52 AM, Eric Broch wrote: This looks like good news: https://github.com/rocky-linux On another note: IBM bought/acquired Red Hat. On 12/10/2020 8:35 AM, Eric Broch wrote: Fellow QMT enthusiasts: I became concerned about the future of CentOS a week or so ago (not a premonition just my natural paranoia) prior to their announcement two days back and visited centos.org to relieve my fears. I was confident at that point that having gotten QMT/CentOS 8 ready I was good to go for ~10 years. My confidence MAY have been hasty. I'm still not sure what drawbacks 'stream' is going to bring, if any, and like Angus am apprehensive. It's supposed to be an intermediate environment between Fedora and RHEL. In my opinion, to release CentOS 8 and then move it from downstream to upstream after people have already migrated is short-sighted at the very least, and its name Community Enterprise OS (8) is now a misnomer. Living in somewhat of a cocoon, I was completely unaware that RH "joined" CentOS. I've heard some say that we've been freeloading off CentOS for years and now it's time to pay up. Never mind that a free kernel is used and we actually test the software and report bugs. That said, I have REALLY enjoyed using CentOS since the beginning. That said, having a look at the old spec files from *-toaster designation days when we built the QMT for specific platforms, Fedora, was among them along with Suse, Mandrake, so, at the beginning QMT was used in a non-Enterprise environment. Anyway... Personally, I'm interested in both Debian and FreeBSD and would like to go back halfway to multi-platform builds while keeping the current QMT/CentOS 8 offering. This would mitigate the problems, if there are any, we are seeing now (hopefully). I guess it just depends on when (or if) the mega-corps buy up all of the Linux distributions and hang us all out to dry. Given the Felliniesque nature of the world today nothing would surprise me anymore. One advantage of having a ports like mail server is the ability, if one is inclined to dig a little beyond binary installs, to make changes on the fly without having to wait for packages from the repo. I've tried to install FreeBSD, although somewhat half-heartedly, on Proxmox serveral times with no success. If anyone has any hints I'm all ears...just my 2 cents. So, if anyone is working on installing QMT on another platform please keep us apprised of your successes. If you feel like writing it up, I'll post it to the web site. I'll be looking into converting to *.deb packages (like rpm's, binary ease of install) in some way (I tried using alien...on the website) which can be used on Ubuntu and Debian Linux. Back to work for me... Eric B. On 12/9/2020 7:31 PM, Tony White wrote: Hi all, Anyone interested in BSD either Free or Open? I am starting to work on building a FreeBSD version of this for myself. Would like to know if anyone else is interested. best wishes Tony White On 10/12/20 6:49 am, Unai Rodriguez wrote: Debian! -- unai On Wed, Dec 9, 2020, at 8:20 PM, Boheme wrote: I’ve been meaning to learn to compile all the source for Ubuntu
Re: [qmailtoaster] Future of qmailtoaster on CentOS?
Maybe it's time to move to a new distribution, looks like we have at least until 2024 to do it. Maybe arch linux? Or is there something similar to the original CentOS project? Gary On 12/9/2020 11:29 AM, Jeff Koch wrote: Sorry - I was looking at the RHEL life-cycle dates - but looking at the correct dates perhaps it's better to stay with CentOS 7 Jeff On 12/9/2020 11:07 AM, Eric Broch wrote: I thought that it said that CentOS 7 would be support through 2024 and 8 through 2021? On 12/9/2020 8:11 AM, Jeff Koch wrote: It appears CentOS 8 will continue to be support through 2024 - but this is concerning news - Jeff On 12/9/2020 7:20 AM, Eric Broch wrote: https://www.change.org/p/centos-governing-board-do-not-destroy-centos-by-using-it-as-a-rhel-upstream On 12/9/2020 4:50 AM, Angus McIntyre wrote: Does anyone have any thoughts on the likely future of qmailtoaster given the new plans for CentOS? (See https://centos.org/distro-faq/ for more details) I'd never actually heard of CentOS Stream before today, but having just painfully built a working toaster on top of CentOS 8, I'm a little apprehensive about the impact of the proposed changes. Comments? Angus - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Close to quota message or scam
Yes, this is why I would like to get the quota graph working in squirrelmail again. This was the easy place for customers to see if they actually had a quota problem if they got these scam messages. Gary On 12/4/2020 9:58 AM, Angus McIntyre wrote: "Valued Customer" is such an obvious giveaway that I wouldn't bother looking any further. It's a very common phrase in scams of all kinds. Your message is a scam and it almost certainly came from outside your system. Incidentally, on the subject of quota messages, I did see an interesting case the other day. Mail was bouncing from one user and the bounce messages claimed that the message couldn't be delivered because the user was over their quota. I knew this couldn't be the case, because I don't have quotas and in fact the user in question was 'virtual': a non-existent user who was being processed by the catch-all and delivered directly to a mailbox (a sub-mailbox of another user who was having no trouble receiving mail). I finally tracked it down to a dovecot file -- 'dovecot-uidlist', if I remember correctly -- that had the wrong ownership. It was owned by root instead of vpopmail, so dovecot couldn't read it and was bouncing mail with that spurious 'over quota' message. This doesn't relate to your case -- which sounds like simple phishing -- but I thought I'd share it just for general enlightenment. If you get weird quota-related bounces, remember to check ownership and permissions. Angus Jeff Koch wrote on 12/4/20 9:41 AM: One of our QT7 mailserver accounts got an email addressed to a non-existent account that was picked up by his catch-all with the subject 'Mail quota warning - You are close to your quota' He's using about 0% of his quota which I confirmed by manually checking the space used by his account. The header on this email says almost nothing except the email came from Mailer-Daemon and it's addressed to 'Valued Customer:;' I've seen over-quota messages but never a warning message. Is there anything in QT7 that could be generating such a message. Thanks, Jeff Koch - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Squirrelmail quota
Up until a recent update, I have always had a quota graphic in the upper left corner in squirrelmail. But with the recent updates, I no longer have this feature. I went to the squirrelmail plugins page and found the "check quota" plugin is the current plugin to do this. Reinstalled it and removed everything else relating to quota. From looking at the squirrelmail config, I have the following listed. Plugins Installed Plugins 1. delete_move_next 2. squirrelspell 3. newmail 4. squirrel_logger 5. check_quota 6. compatibility So it clearly shows that I have check_quota installed. but I still don't get a graph on my mail page. I don't get any errors or any indication of what might be wrong. Anyone else have quota display working in squirrelmail? Thanks, Gary -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Alternative email filtering (Eset?)
I don't know anything about eset. But, if I were looking for a paid alternative for virus, I would look at relay services. A relay service that provides virus scanning makes things very simple and once configured makes your email server administration the same as it is now. Your server just sends outbound mail to the relay and inbound traffic is routed to the relay and then forwarded to your server (your dns mx records point to the relay service). This also makes it the relay companies responsibility to keep you off blacklists and to resolve any issues with blacklists. I haven't done a search for relay companies, but I've thought about it. It would remove all the things that are a hassle about running a mail server, which is spam/viruses/blacklists/etc and place that responsibility on someone else. Just my 2 cents. Gary On 10/5/2020 8:39 AM, Janno Sannik wrote: Has anyone tried/using alternative (maybe paid) service for virus scanning? I'm thinking of getting Eset file server or email for linux package. I'm really getting some viruses and Trojans going past clamav just to be hit on the head with eset workstation security. File security is around 155usd first buy and 80usd /yearly for the updates next year. So was thinking to get the file server client and run the CLI to play ball with qmail. Sample here: https://forum.eset.com/topic/23639-is-there-any-working-cli-scanner-for-linux/ Has anybody done that or how hard would be to add ESET to the pipeline? For me it does not seem too hard and I can make the legwork, but would rather get some input before going forward with it. Regards, Janno - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Non-Secure Protocols
Good to know Eric. I'm about to do the same. Gary On 9/22/2020 11:02 AM, Eric Broch wrote: I have all un-secure protocols turned off and always have. On 9/22/2020 8:59 AM, Gary Bowling wrote: Question for others using the toaster. Are you still supporting non-secure protocols? Such as pop3 on port 110 or imap on port 143? My concern is this. If you have non-secure protocols configured on your phone, tablet, laptop, etc. And you travel to a hotel or other establishment with wifi. It is a rather trivial matter for other people on that wifi to steal your password. If you have these protocols open, all it takes is for one user to configure their phone/tablet/laptop to use them to get your server easily hacked. Causing you to get on blacklists and create all sorts of grief for you. Due to this, I am contemplating removing these protocols from my server, forcing all users to configure everything with secure protocols. What is everyone else doing? Thanks, Gary PS - I realize there are other security issues with servers and mail, just trying to address the wide open holes! - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Non-Secure Protocols
Question for others using the toaster. Are you still supporting non-secure protocols? Such as pop3 on port 110 or imap on port 143? My concern is this. If you have non-secure protocols configured on your phone, tablet, laptop, etc. And you travel to a hotel or other establishment with wifi. It is a rather trivial matter for other people on that wifi to steal your password. If you have these protocols open, all it takes is for one user to configure their phone/tablet/laptop to use them to get your server easily hacked. Causing you to get on blacklists and create all sorts of grief for you. Due to this, I am contemplating removing these protocols from my server, forcing all users to configure everything with secure protocols. What is everyone else doing? Thanks, Gary PS - I realize there are other security issues with servers and mail, just trying to address the wide open holes! - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Freshclam error
Since updating clamav, I'm getting these emails. Subject: Cron /usr/share/clamav/freshclam-sleep ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log). ERROR: initialize: libfreshclam init failed. ERROR: Initialization error! But freshclam seems to be working, toaststat says everything is good, no problems with email, and the freshclam.log file is showing incremental updates/attempts. Thanks, Gary -- Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Clam AV - Epel
Found the script and ran it. Appears to have cleaned up a few things and created the log directories/files. So thanks for that. I assume that's a "one time run" thing and now it's all set to just yum update for the future? Gary On 8/10/2020 9:01 PM, Gary Bowling wrote: No, didn't know about that. Guess I need to go back and read the list :) Do I need to run it? Gary On 8/10/2020 8:54 PM, Eric Broch wrote: Did you use the script I put on github? On 8/10/2020 6:26 PM, Gary Bowling wrote: Thanks Eric, that worked a charm. However, the update busted httpd. Turns out the httpd.conf file had this at the end. Include /etc/httpd/conf/squirrelmail.conf But that file no longer exists. Since it does exist in /etc/httpd/conf.d/ which gets loaded as well, I commented it out in the httpd.conf file. Seems to work and squirrelmail seems to be ok. All is well. Thanks! Gary On 8/10/2020 8:05 PM, Eric Broch wrote: add --disablerepo=qmt-current On 8/10/2020 5:57 PM, Gary Bowling wrote: Just tried "yum updating" my server. I recall some notes back and forth about updating clamav since we're moving to the epel version. Just want to make sure I don't screw something up. Below is what I got when I tried to update. I think what I need to do is remove the old clamav, clamav-lib, clamav-filesystem and then install them again via epel? Or should I just do a "yum update --skip-broken" ? Thanks in advance for the advice. Error: Package: clamav-0.102.3-1.el7.x86_64 (@epel) Requires: clamav-lib = 0.102.3-1.el7 Removing: clamav-lib-0.102.3-1.el7.x86_64 (@epel) clamav-lib = 0.102.3-1.el7 Updated By: clamav-lib-0.102.4-1.el7.x86_64 (epel) clamav-lib = 0.102.4-1.el7 Error: Package: clamav-0.102.3-1.el7.x86_64 (@epel) Requires: clamav-filesystem = 0.102.3-1.el7 Removing: clamav-filesystem-0.102.3-1.el7.noarch (@epel) clamav-filesystem = 0.102.3-1.el7 Updated By: clamav-filesystem-0.102.4-1.el7.noarch (epel) clamav-filesystem = 0.102.4-1.el7 Error: clamav-filesystem conflicts with clamav-0.102.3-1.el7.x86_64 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest -- ________ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Clam AV - Epel
No, didn't know about that. Guess I need to go back and read the list :) Do I need to run it? Gary On 8/10/2020 8:54 PM, Eric Broch wrote: Did you use the script I put on github? On 8/10/2020 6:26 PM, Gary Bowling wrote: Thanks Eric, that worked a charm. However, the update busted httpd. Turns out the httpd.conf file had this at the end. Include /etc/httpd/conf/squirrelmail.conf But that file no longer exists. Since it does exist in /etc/httpd/conf.d/ which gets loaded as well, I commented it out in the httpd.conf file. Seems to work and squirrelmail seems to be ok. All is well. Thanks! Gary On 8/10/2020 8:05 PM, Eric Broch wrote: add --disablerepo=qmt-current On 8/10/2020 5:57 PM, Gary Bowling wrote: Just tried "yum updating" my server. I recall some notes back and forth about updating clamav since we're moving to the epel version. Just want to make sure I don't screw something up. Below is what I got when I tried to update. I think what I need to do is remove the old clamav, clamav-lib, clamav-filesystem and then install them again via epel? Or should I just do a "yum update --skip-broken" ? Thanks in advance for the advice. Error: Package: clamav-0.102.3-1.el7.x86_64 (@epel) Requires: clamav-lib = 0.102.3-1.el7 Removing: clamav-lib-0.102.3-1.el7.x86_64 (@epel) clamav-lib = 0.102.3-1.el7 Updated By: clamav-lib-0.102.4-1.el7.x86_64 (epel) clamav-lib = 0.102.4-1.el7 Error: Package: clamav-0.102.3-1.el7.x86_64 (@epel) Requires: clamav-filesystem = 0.102.3-1.el7 Removing: clamav-filesystem-0.102.3-1.el7.noarch (@epel) clamav-filesystem = 0.102.3-1.el7 Updated By: clamav-filesystem-0.102.4-1.el7.noarch (epel) clamav-filesystem = 0.102.4-1.el7 Error: clamav-filesystem conflicts with clamav-0.102.3-1.el7.x86_64 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Clam AV - Epel
Yes Remo, not a clamav thing. Just something that happened when I updated my machine. Just added it in case anyone else had the same problem. I also have now found that "mailman" was also enabled when I updated my machine. I started getting kicked back messages in the postmaster mailbox that were addressed to "mail...@mail.gbco.us" I've never used mailman for anything, so not sure how that got enabled. Was easy to take care of with a systemctl stop mailman and a systemctl disable mailman. Thanks, Gary On 8/10/2020 8:49 PM, r...@mattei.org wrote: That should not depend on clamav Remo Il giorno 10 ago 2020, alle ore 17:26, Gary Bowling ha scritto: Thanks Eric, that worked a charm. However, the update busted httpd. Turns out the httpd.conf file had this at the end. Include /etc/httpd/conf/squirrelmail.conf But that file no longer exists. Since it does exist in /etc/httpd/conf.d/ which gets loaded as well, I commented it out in the httpd.conf file. Seems to work and squirrelmail seems to be ok. All is well. Thanks! Gary On 8/10/2020 8:05 PM, Eric Broch wrote: add --disablerepo=qmt-current On 8/10/2020 5:57 PM, Gary Bowling wrote: Just tried "yum updating" my server. I recall some notes back and forth about updating clamav since we're moving to the epel version. Just want to make sure I don't screw something up. Below is what I got when I tried to update. I think what I need to do is remove the old clamav, clamav-lib, clamav-filesystem and then install them again via epel? Or should I just do a "yum update --skip-broken" ? Thanks in advance for the advice. Error: Package: clamav-0.102.3-1.el7.x86_64 (@epel) Requires: clamav-lib = 0.102.3-1.el7 Removing: clamav-lib-0.102.3-1.el7.x86_64 (@epel) clamav-lib = 0.102.3-1.el7 Updated By: clamav-lib-0.102.4-1.el7.x86_64 (epel) clamav-lib = 0.102.4-1.el7 Error: Package: clamav-0.102.3-1.el7.x86_64 (@epel) Requires: clamav-filesystem = 0.102.3-1.el7 Removing: clamav-filesystem-0.102.3-1.el7.noarch (@epel) clamav-filesystem = 0.102.3-1.el7 Updated By: clamav-filesystem-0.102.4-1.el7.noarch (epel) clamav-filesystem = 0.102.4-1.el7 Error: clamav-filesystem conflicts with clamav-0.102.3-1.el7.x86_64 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest -- ________ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Clam AV - Epel
Thanks Eric, that worked a charm. However, the update busted httpd. Turns out the httpd.conf file had this at the end. Include /etc/httpd/conf/squirrelmail.conf But that file no longer exists. Since it does exist in /etc/httpd/conf.d/ which gets loaded as well, I commented it out in the httpd.conf file. Seems to work and squirrelmail seems to be ok. All is well. Thanks! Gary On 8/10/2020 8:05 PM, Eric Broch wrote: add --disablerepo=qmt-current On 8/10/2020 5:57 PM, Gary Bowling wrote: Just tried "yum updating" my server. I recall some notes back and forth about updating clamav since we're moving to the epel version. Just want to make sure I don't screw something up. Below is what I got when I tried to update. I think what I need to do is remove the old clamav, clamav-lib, clamav-filesystem and then install them again via epel? Or should I just do a "yum update --skip-broken" ? Thanks in advance for the advice. Error: Package: clamav-0.102.3-1.el7.x86_64 (@epel) Requires: clamav-lib = 0.102.3-1.el7 Removing: clamav-lib-0.102.3-1.el7.x86_64 (@epel) clamav-lib = 0.102.3-1.el7 Updated By: clamav-lib-0.102.4-1.el7.x86_64 (epel) clamav-lib = 0.102.4-1.el7 Error: Package: clamav-0.102.3-1.el7.x86_64 (@epel) Requires: clamav-filesystem = 0.102.3-1.el7 Removing: clamav-filesystem-0.102.3-1.el7.noarch (@epel) clamav-filesystem = 0.102.3-1.el7 Updated By: clamav-filesystem-0.102.4-1.el7.noarch (epel) clamav-filesystem = 0.102.4-1.el7 Error: clamav-filesystem conflicts with clamav-0.102.3-1.el7.x86_64 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest -- ____ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Clam AV - Epel
Just tried "yum updating" my server. I recall some notes back and forth about updating clamav since we're moving to the epel version. Just want to make sure I don't screw something up. Below is what I got when I tried to update. I think what I need to do is remove the old clamav, clamav-lib, clamav-filesystem and then install them again via epel? Or should I just do a "yum update --skip-broken" ? Thanks in advance for the advice. Error: Package: clamav-0.102.3-1.el7.x86_64 (@epel) Requires: clamav-lib = 0.102.3-1.el7 Removing: clamav-lib-0.102.3-1.el7.x86_64 (@epel) clamav-lib = 0.102.3-1.el7 Updated By: clamav-lib-0.102.4-1.el7.x86_64 (epel) clamav-lib = 0.102.4-1.el7 Error: Package: clamav-0.102.3-1.el7.x86_64 (@epel) Requires: clamav-filesystem = 0.102.3-1.el7 Removing: clamav-filesystem-0.102.3-1.el7.noarch (@epel) clamav-filesystem = 0.102.3-1.el7 Updated By: clamav-filesystem-0.102.4-1.el7.noarch (epel) clamav-filesystem = 0.102.4-1.el7 Error: clamav-filesystem conflicts with clamav-0.102.3-1.el7.x86_64 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest -- ________ Gary Bowling The Moderns on Spotify - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com