Re: [qmailtoaster] How to upgrade Clamav 0.99

[Natalio Gatti]

Hello Eric. I am trying to install clamav 0.99 rpm on centos 6.7 64bit, but
it fails requesting libcurl 3:

[root@smtp ~]# rpm -Uvh --test clamav-toaster-0.99-1.4.12.x86_64.rpm
error: Failed dependencies:
libcurl.so.3()(64bit) is needed by clamav-toaster-0.99-1.4.12.x86_64

In CentOs 6 I have curl installed, and all its libraries:
[root@smtp ~]# rpm -qa | grep curl
curl-7.19.7-46.el6.x86_64
libcurl-7.19.7-46.el6.x86_64
python-pycurl-7.19.0-8.el6.x86_64
libcurl-devel-7.19.7-46.el6.x86_64

Am I missing some package?

Thanks,

On Fri, Dec 11, 2015 at 2:53 PM, Eric  wrote:

>
> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/6/testing/i386/clamav-0.99-0.qt.el6.i686.rpm
>
>
> On 12/11/2015 9:44 AM, Eric wrote:
>
> Yes, I'll have it (hopefully) by the end of day.
>
> On 12/10/2015 8:47 PM, Chandran Manikandan wrote:
>
> Hi Eric,
> Yes, I would like to get for Centos 6.
> I have tried above your link but no luck.
> Could you help me.
>
> On Wed, Dec 9, 2015 at 9:40 PM, Eric  wrote:
>
>> Hi Chandran,
>>
>> I have some 32bit binaries for CentOS 5
>> 
>>
>> # rpm -Uvh
>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/5/testing/i386/clamav-toaster-0.99-1.4.12.i386.rpm
>>
>> I have none for CentOS 6. Do you need some for CentOS 6?
>>
>> Eric
>>
>>
>> On 12/9/2015 1:14 AM, Chandran Manikandan wrote:
>>
>> Hi Eric,
>> Your below link is working and perfectly updated on 6.6 64 bit
>> How do i update on 32 bit.
>> I have tried from your ftp but no luck.
>> Could you help me.
>>
>> On Thu, Dec 3, 2015 at 11:57 PM, Philip Nix Guru < 
>> phi...@ows.ch> wrote:
>>
>>> Hello
>>> I found the issue, it kinda depends on the version of the OS
>>> --nomd5 was enough to installl
>>>
>>> Got still a  few legacy toasters :)
>>>
>>>
>>> On 12/03/2015 04:35 PM, Eric wrote:
>>>
>>> Phillip,
>>>
>>> And for unpacking the source itself...
>>>
>>> [ebroch@mail2 ~]$  tar -zxvf rpmbuild/SOURCES/clamav-0.99.tar.gz -C ./
>>>
>>> [ebroch@mail2 ~]$ ls -l
>>> total 4
>>> drwxrwxr-x 26 ebroch ebroch 4096 Nov 25 09:54 clamav-0.99
>>> drwxr-xr-x  5 ebroch ebroch   36 Aug  3 16:33 Maildir
>>> drwxr-xr-x  4 ebroch ebroch   32 Dec  3 08:15 rpmbuild
>>>
>>>
>>> Eric
>>>
>>> On 12/3/2015 8:19 AM, Eric wrote:
>>>
>>> Phillip,
>>>
>>> Hmmm.
>>>
>>> Here's my src file on my CentOS 7 server:
>>>
>>> [ebroch@mail2 ~]$ rpm -Uvh
>>> 
>>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/testing/SRPMS/clamav-0.99-0.qt.src.rpm
>>> Retrieving
>>> 
>>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/testing/SRPMS/clamav-0.99-0.qt.src.rpm
>>> Updating / installing...
>>>1:clamav-0.99-0.qt # [100%]
>>>
>>> [ebroch@mail2 ~]$ ls -l
>>> total 0
>>> drwxr-xr-x 5 ebroch ebroch 36 Aug  3 16:33 Maildir
>>> drwxr-xr-x 4 ebroch ebroch 32 Dec  3 08:15 rpmbuild
>>>
>>> [ebroch@mail2 ~]$ ls -l rpmbuild/*
>>> rpmbuild/SOURCES:
>>> total 15608
>>> -rw-r--r-- 1 ebroch ebroch 15968038 Dec  1 11:15 clamav-0.99.tar.gz
>>> -rw-rw-r-- 1 ebroch ebroch 2682 Nov 21  2014
>>> clamav-0.9x-qmailtoaster.patch
>>> -rw-rw-r-- 1 ebroch ebroch 1398 Jan 28  2015 clamd.init
>>> -rw-rw-r-- 1 ebroch ebroch 1469 Nov 21  2014 freshclam.init
>>>
>>> rpmbuild/SPECS:
>>> total 24
>>> -rw-rw-r-- 1 ebroch ebroch 22017 Dec  2 09:25 clamav.spec
>>>
>>>
>>> It unpacked fine as you can see above. On what machine did you unpack
>>> the source file?
>>>
>>> Eric
>>>
>>> On 12/3/2015 7:29 AM, Philip wrote:
>>>
>>> Hello Eri
>>> there is a problem with your src file
>>> error: unpacking of archive failed on file
>>> /usr/src/redhat/SOURCES/clamav-0.99.tar.gz;566051b7: cpio: MD5 sum
>>> mismatch
>>>
>>> On 12/03/2015 03:01 PM, Eric wrote:
>>>
>>> And on CentOS 7
>>>
>>> rpm -Uvh
>>>
>>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/testing/x86_64/clamav-0.99-0.qt.el7.x86_64.rpm
>>>
>>> or
>>>
>>> # yum --enablerepo=whtc-qmt-testing update
>>>
>>> if you have White Horse repo enable in your yum configuration.
>>>
>>>
>>> On 12/3/2015 6:56 AM, Eric wrote:
>>>
>>> rpm -Uvh
>>>
>>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/6/testing/x86_64/clamav-0.99-0.qt.el6.x86_64.rpm
>>>
>>> or
>>>
>>> # yum --enablerepo=whtc-qmt-testing update
>>>
>>> If you have White Horse repos in your yum configuration.
>>>
>>>
>>>
>>> On 12/3/2015 2:16 AM, NoriyukiHayashi wrote:
>>>
>>> Hi,
>>>
>>> U can download clamav-0.99.tar.gz.
>>> Then
>>> rpm -ivh clamav-0.98.7.qt.srm.
>>> Change spec file.
>>> ftp upload clamav-0.99.tar.gz
>>> Then
>>> rpmbiuld -ba --target x86_64 --define 'qt' clamav.spec
>>>
>>> U can make clamav-0.99.qt srpm
>>>
>>> If u can not do that.
>>> I will do that end of this week and upload web server that u can
>>> 

Re: [qmailtoaster] How to upgrade Clamav 0.99

[Natalio Gatti]

Sorry for this mail-storming. I finally solved the problem. I downloaded
the SRPM for centos5 and compiled it in my centos6.
Everything went OK.

Thanks anyway.

On Mon, Dec 14, 2015 at 11:02 AM, Natalio Gatti <nga...@gmail.com> wrote:

> Mmm, I think I found the problem.. and it is no good at all.
> I installed this Centos when there was no official packages for Centos6,
> so I used Centos5 rpms.
> I can see that there was a change in the naming scheme. In Centos5 it is
> clamav-toaster and in Centos6 it is just clamav.
> I was trying to install centos5 version and it requests libcurl(3). But if
> I wan to install Centos6 clamav, it complains about the change in naming
> scheme:
> [root@smtp clamav]# rpm -Uvh --test clamav-0.99-0.qt.el6.x86_64.rpm
> error: Failed dependencies:
> clamav-toaster is needed by (installed)
> simscan-toaster-1.4.0-1.4.0.x86_64
>
> Can I force the installation? Or it will break qmail?
>
> Thanks.
>
> On Mon, Dec 14, 2015 at 10:43 AM, Natalio Gatti <nga...@gmail.com> wrote:
>
>> Hello Eric. I am trying to install clamav 0.99 rpm on centos 6.7 64bit,
>> but it fails requesting libcurl 3:
>>
>> [root@smtp ~]# rpm -Uvh --test clamav-toaster-0.99-1.4.12.x86_64.rpm
>> error: Failed dependencies:
>> libcurl.so.3()(64bit) is needed by
>> clamav-toaster-0.99-1.4.12.x86_64
>>
>> In CentOs 6 I have curl installed, and all its libraries:
>> [root@smtp ~]# rpm -qa | grep curl
>> curl-7.19.7-46.el6.x86_64
>> libcurl-7.19.7-46.el6.x86_64
>> python-pycurl-7.19.0-8.el6.x86_64
>> libcurl-devel-7.19.7-46.el6.x86_64
>>
>> Am I missing some package?
>>
>> Thanks,
>>
>> On Fri, Dec 11, 2015 at 2:53 PM, Eric <ebr...@whitehorsetc.com> wrote:
>>
>>>
>>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/6/testing/i386/clamav-0.99-0.qt.el6.i686.rpm
>>>
>>>
>>> On 12/11/2015 9:44 AM, Eric wrote:
>>>
>>> Yes, I'll have it (hopefully) by the end of day.
>>>
>>> On 12/10/2015 8:47 PM, Chandran Manikandan wrote:
>>>
>>> Hi Eric,
>>> Yes, I would like to get for Centos 6.
>>> I have tried above your link but no luck.
>>> Could you help me.
>>>
>>> On Wed, Dec 9, 2015 at 9:40 PM, Eric <ebr...@whitehorsetc.com> wrote:
>>>
>>>> Hi Chandran,
>>>>
>>>> I have some 32bit binaries for CentOS 5
>>>> <ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/5/testing/i386/clamav-toaster-0.99-1.4.12.i386.rpm>
>>>>
>>>> # rpm -Uvh
>>>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/5/testing/i386/clamav-toaster-0.99-1.4.12.i386.rpm
>>>>
>>>> I have none for CentOS 6. Do you need some for CentOS 6?
>>>>
>>>> Eric
>>>>
>>>>
>>>> On 12/9/2015 1:14 AM, Chandran Manikandan wrote:
>>>>
>>>> Hi Eric,
>>>> Your below link is working and perfectly updated on 6.6 64 bit
>>>> How do i update on 32 bit.
>>>> I have tried from your ftp but no luck.
>>>> Could you help me.
>>>>
>>>> On Thu, Dec 3, 2015 at 11:57 PM, Philip Nix Guru < <phi...@ows.ch>
>>>> phi...@ows.ch> wrote:
>>>>
>>>>> Hello
>>>>> I found the issue, it kinda depends on the version of the OS
>>>>> --nomd5 was enough to installl
>>>>>
>>>>> Got still a  few legacy toasters :)
>>>>>
>>>>>
>>>>> On 12/03/2015 04:35 PM, Eric wrote:
>>>>>
>>>>> Phillip,
>>>>>
>>>>> And for unpacking the source itself...
>>>>>
>>>>> [ebroch@mail2 ~]$  tar -zxvf rpmbuild/SOURCES/clamav-0.99.tar.gz -C
>>>>> ./
>>>>>
>>>>> [ebroch@mail2 ~]$ ls -l
>>>>> total 4
>>>>> drwxrwxr-x 26 ebroch ebroch 4096 Nov 25 09:54 clamav-0.99
>>>>> drwxr-xr-x  5 ebroch ebroch   36 Aug  3 16:33 Maildir
>>>>> drwxr-xr-x  4 ebroch ebroch   32 Dec  3 08:15 rpmbuild
>>>>>
>>>>>
>>>>> Eric
>>>>>
>>>>> On 12/3/2015 8:19 AM, Eric wrote:
>>>>>
>>>>> Phillip,
>>>>>
>>>>> Hmmm.
>>>>>
>>>>> Here's my src file on my CentOS 7 server:
>>>>>
>>>>> [ebroch@mail2 ~]$ rpm -Uvh
>>>>> <ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/testing/SRPMS/clama

Re: [qmailtoaster] How to upgrade Clamav 0.99

[Natalio Gatti]

Mmm, I think I found the problem.. and it is no good at all.
I installed this Centos when there was no official packages for Centos6, so
I used Centos5 rpms.
I can see that there was a change in the naming scheme. In Centos5 it is
clamav-toaster and in Centos6 it is just clamav.
I was trying to install centos5 version and it requests libcurl(3). But if
I wan to install Centos6 clamav, it complains about the change in naming
scheme:
[root@smtp clamav]# rpm -Uvh --test clamav-0.99-0.qt.el6.x86_64.rpm
error: Failed dependencies:
clamav-toaster is needed by (installed)
simscan-toaster-1.4.0-1.4.0.x86_64

Can I force the installation? Or it will break qmail?

Thanks.

On Mon, Dec 14, 2015 at 10:43 AM, Natalio Gatti <nga...@gmail.com> wrote:

> Hello Eric. I am trying to install clamav 0.99 rpm on centos 6.7 64bit,
> but it fails requesting libcurl 3:
>
> [root@smtp ~]# rpm -Uvh --test clamav-toaster-0.99-1.4.12.x86_64.rpm
> error: Failed dependencies:
> libcurl.so.3()(64bit) is needed by
> clamav-toaster-0.99-1.4.12.x86_64
>
> In CentOs 6 I have curl installed, and all its libraries:
> [root@smtp ~]# rpm -qa | grep curl
> curl-7.19.7-46.el6.x86_64
> libcurl-7.19.7-46.el6.x86_64
> python-pycurl-7.19.0-8.el6.x86_64
> libcurl-devel-7.19.7-46.el6.x86_64
>
> Am I missing some package?
>
> Thanks,
>
> On Fri, Dec 11, 2015 at 2:53 PM, Eric <ebr...@whitehorsetc.com> wrote:
>
>>
>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/6/testing/i386/clamav-0.99-0.qt.el6.i686.rpm
>>
>>
>> On 12/11/2015 9:44 AM, Eric wrote:
>>
>> Yes, I'll have it (hopefully) by the end of day.
>>
>> On 12/10/2015 8:47 PM, Chandran Manikandan wrote:
>>
>> Hi Eric,
>> Yes, I would like to get for Centos 6.
>> I have tried above your link but no luck.
>> Could you help me.
>>
>> On Wed, Dec 9, 2015 at 9:40 PM, Eric <ebr...@whitehorsetc.com> wrote:
>>
>>> Hi Chandran,
>>>
>>> I have some 32bit binaries for CentOS 5
>>> <ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/5/testing/i386/clamav-toaster-0.99-1.4.12.i386.rpm>
>>>
>>> # rpm -Uvh
>>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/5/testing/i386/clamav-toaster-0.99-1.4.12.i386.rpm
>>>
>>> I have none for CentOS 6. Do you need some for CentOS 6?
>>>
>>> Eric
>>>
>>>
>>> On 12/9/2015 1:14 AM, Chandran Manikandan wrote:
>>>
>>> Hi Eric,
>>> Your below link is working and perfectly updated on 6.6 64 bit
>>> How do i update on 32 bit.
>>> I have tried from your ftp but no luck.
>>> Could you help me.
>>>
>>> On Thu, Dec 3, 2015 at 11:57 PM, Philip Nix Guru < <phi...@ows.ch>
>>> phi...@ows.ch> wrote:
>>>
>>>> Hello
>>>> I found the issue, it kinda depends on the version of the OS
>>>> --nomd5 was enough to installl
>>>>
>>>> Got still a  few legacy toasters :)
>>>>
>>>>
>>>> On 12/03/2015 04:35 PM, Eric wrote:
>>>>
>>>> Phillip,
>>>>
>>>> And for unpacking the source itself...
>>>>
>>>> [ebroch@mail2 ~]$  tar -zxvf rpmbuild/SOURCES/clamav-0.99.tar.gz -C ./
>>>>
>>>> [ebroch@mail2 ~]$ ls -l
>>>> total 4
>>>> drwxrwxr-x 26 ebroch ebroch 4096 Nov 25 09:54 clamav-0.99
>>>> drwxr-xr-x  5 ebroch ebroch   36 Aug  3 16:33 Maildir
>>>> drwxr-xr-x  4 ebroch ebroch   32 Dec  3 08:15 rpmbuild
>>>>
>>>>
>>>> Eric
>>>>
>>>> On 12/3/2015 8:19 AM, Eric wrote:
>>>>
>>>> Phillip,
>>>>
>>>> Hmmm.
>>>>
>>>> Here's my src file on my CentOS 7 server:
>>>>
>>>> [ebroch@mail2 ~]$ rpm -Uvh
>>>> <ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/testing/SRPMS/clamav-0.99-0.qt.src.rpm>
>>>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/testing/SRPMS/clamav-0.99-0.qt.src.rpm
>>>> Retrieving
>>>> <ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/testing/SRPMS/clamav-0.99-0.qt.src.rpm>
>>>> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/testing/SRPMS/clamav-0.99-0.qt.src.rpm
>>>> Updating / installing...
>>>>1:clamav-0.99-0.qt # [100%]
>>>>
>>>> [ebroch@mail2 ~]$ ls -l
>>>> total 0
>>>> drwxr-xr-x 5 ebroch ebroch 36 Aug  3 16:33 Maildir
>>>> drwxr-xr-x 4 ebroch ebroch 32 Dec  3 08:15 rpmbuild
>>>>
>

Re: [qmailtoaster] Re: qq soft reject (mail server temporarily rejected message (#4.3.0))

[Natalio Gatti]

What about memory limits?

Natalio. 
--Mensaje original--
De: Eric Shubert
Para: qmailtoaster-list@qmailtoaster.com
Responder a: qmailtoaster-list@qmailtoaster.com
Asunto: [qmailtoaster] Re: qq soft reject (mail server temporarily rejected 
message (#4.3.0))
Enviado: 14 de ago de 2012 00:10

On 08/13/2012 06:55 PM, Tony White wrote:
 Hello all,
Sorry to disturb but I have a single client getting this error when
 sending
 photographs. He does know how big they 2.1MB are in total but it is only
 this client getting the error.
My limit on attachments is 8MB per email so this should not be the
 issue.
 I have looked at the logs for the dates an no issues are in them for the
 client.
Does anyone have any ideas please?


Do you see him submitting (and retrieving I suppose) email otherwise?
Which port is he trying to submit to?
Do you have any eMPF policies?
Which client is the client submitting with?
Have you checked the clamav log?
Soft rejects are sometimes indicative of a scan/queue problems.
What is the file type/extension? Is it one that simscan is blocking?
So many questions. ;)

-- 
-Eric 'shubes'




-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Mail Certificates

[Natalio Gatti]

I need to buy a digital certificate for my qmail server. In the wiki there
is a link to  DiscountWebCerts.
Do you still recomend them? Is there any other server?
And one more question: Those cheap RapidSSL certificates are fully
compatible with outlook?

Thanks,

Natalio.

Re: [qmailtoaster] Mail Certificates

[Natalio Gatti]

Nice and cheap!
Thanks.

On Mon, Jun 18, 2012 at 9:44 AM, Jens Galsgaard j...@gitservice.dk wrote:

 Personally I use Godaddy, you can get SSL certs for $12.99 with the
 cjcssl12t2 promo code.

  Venlig hilsen,
 Jens Galsgaard

 *Gitservice.dk *

 ** **


 --
 *Fra: *Natalio Gatti nga...@gmail.com
 *Til: *qmailtoaster-list@qmailtoaster.com
 *Sendt: *mandag, 18. juni 2012 14:42:53
 *Emne: *[qmailtoaster] Mail Certificates


 I need to buy a digital certificate for my qmail server. In the wiki there
 is a link to  DiscountWebCerts.
 Do you still recomend them? Is there any other server?
 And one more question: Those cheap RapidSSL certificates are fully
 compatible with outlook?

 Thanks,

 Natalio.

Re: [qmailtoaster] Re: Mail Certificates

[Natalio Gatti]

Amit, which payment methods do you accept?

On Mon, Jun 18, 2012 at 12:03 PM, Eric Shubert e...@shubes.net wrote:

 Personally, I'd pay a little more for a cert from a QMT community member
 than one from the likes of GD. I'm sure the customer service would be much
 better! :)

 Please feel free to update the wiki appropriately with your information.

 Thanks Amit.

 --
 -Eric 'shubes'


 On 06/18/2012 07:26 AM, Amit wrote:

 Hi Everyone,

 I’m reseller for various SSL service provide like Verisign , GeoTrust,
 Thwate and Rapid SSL.

 So if required I can provide SSL certificates to all qmailtoaster users
 on a good price.

 RAPID SSL certificate @ $11.95 for 1 year.

 If required email me personally. And please don’t treat this email as a
 marketing email, it is just to help community members to get certificate
 on some good and reasonable price.

 *Amit Dalia**

 *

 *From:*Natalio Gatti [mailto:nga...@gmail.com]
 *Sent:* Monday, June 18, 2012 6:40 PM
 *To:* 
 qmailtoaster-list@**qmailtoaster.comqmailtoaster-list@qmailtoaster.com
 *Subject:* Re: [qmailtoaster] Mail Certificates


 Nice and cheap!

 Thanks.

 On Mon, Jun 18, 2012 at 9:44 AM, Jens Galsgaard j...@gitservice.dk
 mailto:j...@gitservice.dk wrote:

 Personally I use Godaddy, you can get SSL certs for $12.99 with the
 *cjcssl12t2* promo code.

 Venlig hilsen,
 Jens Galsgaard

 *Gitservice.dk *

 --**--**
 

 *Fra: *Natalio Gatti nga...@gmail.com mailto:nga...@gmail.com
 *Til: 
 *qmailtoaster-list@**qmailtoaster.comqmailtoaster-list@qmailtoaster.com
 mailto:qmailtoaster-list@**qmailtoaster.comqmailtoaster-list@qmailtoaster.com
 
 *Sendt: *mandag, 18. juni 2012 14:42:53
 *Emne: *[qmailtoaster] Mail Certificates




 I need to buy a digital certificate for my qmail server. In the wiki
 there is a link to DiscountWebCerts.

 Do you still recomend them? Is there any other server?

 And one more question: Those cheap RapidSSL certificates are fully
 compatible with outlook?

 Thanks,

 Natalio.




 --**--**-
 To unsubscribe, e-mail: 
 qmailtoaster-list-unsubscribe@**qmailtoaster.comqmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: 
 qmailtoaster-list-help@**qmailtoaster.comqmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Help request to comunity on tech issue.

[Natalio Gatti]

Here we (I) go.
You have two options to change your outbound IP address via iptables in the
same box where QMT is running.
1) using src-nat and cron
2) using src-nat and NTH option

*Option 1)*
Simple iptables rule, 5-minute rotation via cron tasks. You will need one
script for each IP address on your system, created as alias on the same
interface. Assuming you have 2 IP (1.1.1.1 and 2.2.2.2) the content of each
script shoud be:
Script 1:
  /sbin/iptables -t nat -D POSTROUTING -p tcp --dport 25 -j
SNAT --to-source 2.2.2.2
  /sbin/iptables -t nat -A POSTROUTING -p tcp --dport 25 -j
SNAT --to-source 1.1.1.1
Script 2:
  /sbin/iptables -t nat -D POSTROUTING -p tcp --dport 25 -j
SNAT --to-source 1.1.1.1
  /sbin/iptables -t nat -A POSTROUTING -p tcp --dport 25 -j
SNAT --to-source 2.2.2.2

Now you have to create two tasks in your cron, each running every 10
minutes. One running at minutes 5's (5, 15, 25, 35, 45, 55) an the other at
0's (0, 10, 20, 30, 40, 50) of every hour.

This scripts will rotate your outbound IP every 5 minutes. If you have more
IP's well, you can imagine

I have not verified what happens with the connections already established
when you change there src-nat. I think that those connections will remain
using the assigned IP address. You should verify this, becouse otherwise,
you will have problems.

*Option 2)*
Iptables has an option to select connections according to his order. That
option is called nth and I don't remember if it is compiled by default on
CentOs. So you will need to download iptables source code and recompile it
(including the kernel)
If you have the NTH option, you don't need cron, and let iptables do the
job. For example:

iptables -t nat -A POSTROUTING -m nth --counter 7 --every 2 --packet 0 -j
SNAT --to-source 1.1.1.1
iptables -t nat -A POSTROUTING -m nth --counter 7 --every 2 --packet 1 -j
SNAT --to-source 2.2.2.2

*
*
*DISCLAIMER*: I have not tested any of the alternatives. I have not
verified if the commands have the correct syntax. I'm not responsible if
your linux box implode and create a black hole.



On Mon, May 28, 2012 at 4:23 PM, F. Mendez fmende...@terra.com wrote:

   Hi all.

 Any news about this?



  *From:* Alberto López Navarro | HazteOir.org a...@hazteoir.org
 *Sent:* Wednesday, May 23, 2012 4:36 PM
 *To:* qmailtoaster-list@qmailtoaster.com
 *Subject:* Re: [qmailtoaster] Re: Help request to comunity on tech issue.

 I think the bottleneck must be somewhere else. I'm administering a qmail
 based mass e-mail system, and we're sending a bulletin to 250.000 members,
 which takes 6-7 hours, with a single server (a run-of-the-mill Dell PE850).
 I first had it configured with DKIM but had to turn it off because it was a
 resource hog. Also, I don't think having a single IP is a problem, I would
 rather check whether your ISP is capping your bandwidth.

 Regs,
 Alberto

 2012/5/23 Eric Shubert e...@shubes.net

 On 05/23/2012 12:31 PM, F. Mendez wrote:

 Hi Eric,

 350 per hour is a very low limit. We work as with the lowest standard at
 this matter, offering same or less than big hostings like hostgator.


 Perhaps our language isn't consistent. Are you referring to 350 per hour
 per domain, or per user? (I'm referring to per user, which I still think is
 high, unless your clients are doing email marketing).


 Cluster is: 5 servers, one IP per server, MX priority from 0 to 40 each.


 That's nice to know, but MX won't have anything to do with outbound
 messages.


 All are balanced to reach no more than 8k emails an hour each.


 Inbound or outbound, or both?
 I'd be interested to know how you manage to throttle this.


 No VM, real boxes working.


 Given your setup, you might configure a round robin for outbound, as I
 mentioned previously in reply to CJ's post. This isn't ideal performance
 wise, as each messages would be queued in 2 hosts, but I think it would
 work adequately. Also, you'll need to be sure that DNS caching doesn't
 interfere with round robin rotation (I'd test that first before committing
 to this approach).

 Otherwise, you might assign multiple addresses to one (or more) hosts,
 and come up with a way to alternate between addresses. One way would be to
 modify the qmail-remote program. It might be possible to periodically
 modify the routing table to achieve the same result, but I'm not sure about
 that.

 There are likely other ways as well. Personally, I like the round robin
 solution because of its simplicity. You would need to have all of the
 submissions come into one server, and relays go out from the others. I
 don't think that a host could perform both roles, although a submission or
 relay server could continue to function as an incoming (MX) host as well.

 --
 -Eric 'shubes'



 Regards.

 -Mensaje original- From: Eric Shubert
 Sent: Tuesday, May 22, 2012 8:14 PM
 To: qmailtoaster-list@**qmailtoaster.comqmailtoaster-list@qmailtoaster.com
 Subject: [qmailtoaster] 

Re: [qmailtoaster] Help request to comunity on tech issue.

[Natalio Gatti]

On Tue, May 22, 2012 at 9:10 PM, F. Mendez fmende...@terra.com wrote:

   Thanks a lot Natalio.

 I saw some time ago, a patch, for qmail 1.03 to change outbound ip
 depending on the domain asociate to it.

 But what we need is a rotation of a list of Ips each time it needs to send.




I didn't forget about you! I'm a little busy. Tonight I will post some
examples and alternatives to source-nat.

Re: [qmailtoaster] Help request to comunity on tech issue.

[Natalio Gatti]

Sorry for the lack of answer. Yes, I have some expertise in iptables and
firewalling in general.
One thing you should need is multiple IPs on each server. Then, via
iptables and cron you can change your source ip address every minute or so.
Give me some time and I can post examples.

On Mon, May 21, 2012 at 7:07 PM, fmende...@terra.com wrote:


 Hello Natalio,

 do you have a precise example on how to implement this?


 Thanks.


 On lun 21/05/12 4:35 PM , Natalio Gatti nga...@gmail.com sent:

 I can only think in one solution. Via iptables and src-nat. Not so-random,
 but you can change your outbound IP address every minute. And AFAIK, once a
 connection has been established, the nat table mantains the translation.

 On Mon, May 21, 2012 at 5:42 PM, fmende...@terra.com wrote:

 Hello everyone


 I am the owner of a growing hosting enterprise in my country (Perú), and
 we are facing big rise on our client number.

 As an efect of this we are seeying a rise in mail outbound in our
 servers. Even thoug we put limits to hourly sending, having more than 9k
 clients, all delivering through the same cluster, it lacks of efectiveness
 because each server in cluster uses only one ip for sending tasks. We are
 now seeying blocking issues because of the many clents generated traffic.

 We talked to some people at godaddy and hostgator, as we know they use a
 cluster system that includes on each server a list of IPs that rotates in a
 random fashion, so even with high demand quality service on mail delivery
 from client accounts is always achieved.

 I would like to ask for some guidance and help to this comunity on how
 can we could implement such solution to rotate in a random or other way the
 IPs for sending clients mails.

 I hope you people can see my situation and can help me with this. We used
 to work with exim, but since we changed to QMT it was the best desition we
 ever made on this matters. Now we need to push it to a next level.



 Thanks a lot.

Re: [qmailtoaster] Call for participation - Mirors

[Natalio Gatti]

Hey! don't forget South America!
Count me in. I'm in Argentina. Send me your requirements.

On Tue, May 22, 2012 at 2:52 PM, Sérgio Rosa sergior...@awd.pt wrote:

 Hi Dan,
 If you need a DNS @Portugal, count me in.

 Sérgio Rosa
 No dia 22 de Mai de 2012 18:06, Dan McAllister q...@it4soho.com
 escreveu:

  Greetings all...

 As most of you know, we have a group of servers that volunteers provide
 that act as our mirror servers.

 My project plan calls for 8-10 mirrors spread throughout the globe, and
 currently we have volunteers in:
   mirror2 - Europe - AG
   mirror3 - Europe - UK
   mirror4 - USA - East
   mirror5 - USA - West
   mirror7 - USA - West
   mirror8 - Europe - DK
   mirror9 - USA - West

 If you count, you'll see that we have currently 7 mirrors, and NONE are
 in Africa, Asia, or Australia.
 I do have a volunteer from Africa, but they're not setup yet...
 but I'm also anticipating losing one of the US - West servers in the next
 2 months.

 As a result, I'm requesting additional volunteers to act as mirror
 servers --
 *particularly from those of you in Asia, Australia, or the Eastern
 US/Canada*

 Thanks in advance -- I know I'll get volunteers -- this is indeed a
 AWESOME project to be a part of!

 Best Regards,


 Dan McAllister

 --

 IT4SOHO, LLC
 PO Box 507
 St. Petersburg, FL 33731-0507

 CALL TOLL FREE:
   877-IT4SOHO

 We have support plans for QMail!

Re: [qmailtoaster] Help request to comunity on tech issue.

[Natalio Gatti]

I can only think in one solution. Via iptables and src-nat. Not so-random,
but you can change your outbound IP address every minute. And AFAIK, once a
connection has been established, the nat table mantains the translation.

On Mon, May 21, 2012 at 5:42 PM, fmende...@terra.com wrote:

 Hello everyone


 I am the owner of a growing hosting enterprise in my country (Perú), and
 we are facing big rise on our client number.

 As an efect of this we are seeying a rise in mail outbound in our servers.
 Even thoug we put limits to hourly sending, having more than 9k clients,
 all delivering through the same cluster, it lacks of efectiveness because
 each server in cluster uses only one ip for sending tasks. We are now
 seeying blocking issues because of the many clents generated traffic.

 We talked to some people at godaddy and hostgator, as we know they use a
 cluster system that includes on each server a list of IPs that rotates in a
 random fashion, so even with high demand quality service on mail delivery
 from client accounts is always achieved.

 I would like to ask for some guidance and help to this comunity on how can
 we could implement such solution to rotate in a random or other way the IPs
 for sending clients mails.

 I hope you people can see my situation and can help me with this. We used
 to work with exim, but since we changed to QMT it was the best desition we
 ever made on this matters. Now we need to push it to a next level.



 Thanks a lot.

Re: [qmailtoaster] Re: CentOS 6 install update?

[Natalio Gatti]

Check my installation notes:
http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg31759.html


I've been using QT and QTP since July/2011 without any problems. These
notes were taking over a Centos 6.0. I don't know if the current Centos 6.2
involve more patches.

COS6 provides more up to date packeges, such as PHP. It was a brand-new
server, and I thought that installing COS5 was going a step backward. This
is my personal opinion, I prefer to fight installing QT over a
non-officially supported (yet) COS6, than fight installing numerous
packages (php, mysql, perl) non-officially supported by COS5.

Something I really loved is that COS6 minimal installation is really
minimal! (Just be carefull, becouse It does not include scp, telnet or ftp
clients, nor the traceroute command).

Saluuti,
Natalio.

On Wed, Mar 21, 2012 at 1:18 PM, Chris Hillman 
chill...@clearwater-research.com wrote:

 On 03/21/2012 9:59 AM, e...@shubes.net wrote:
  No updates. COS5 won't reach EOL until 3/31/2017, and is quite stable.
  That is the recommended platform at this time.
 
 Is there some sort of urgency about COS6 that I'm missing? There's
 nothing in it that I'm aware of which QMT can leverage in any way. I'm all
 ears if someone would
  care to fill me in.
 
  --
  -Eric 'shubes'

 I'm trying to use CentOS 6 on all of my new servers. Upgrading major
 releases tends to be painful, so if I can start on CentOS 6 I will. I'm
 building a new QTP this week and was hoping to use CentOS 6. It's not that
 it's urgent, I'd just like to be able to run it there.

Re: [qmailtoaster] Re: Future Distros - RHEL/CentOS ONLY

[Natalio Gatti]

+1 to RHEL/CentOS.
I started some with RH9, and then migrato to Fedora Core 1. That was one of
my biggest mistakes. In two years Fedora reach Core 5. That's when I
decided to move to CentOS. Happy since that day.


On Tue, Feb 14, 2012 at 11:20 AM, Khan Mohamed Ashraf kmash...@gmail.comwrote:



 On Tue, Feb 14, 2012 at 6:26 PM, Eric Shubert e...@shubes.net wrote:

 On 02/13/2012 10:58 PM, Khan Mohamed Ashraf wrote:

 What about Ubuntu server, would the team consider getting qmailtoaster
 to work with it? If not why?


 At some point, perhaps either debian or ubuntu server. In either case
 we'd be applying the When in Rome principle, and use debian packages and
 distribution management methods (apt-get etc). At this point, I think I'd
 favor debian over ubuntu though, as debian will be using systemd (like
 RHEL), whereas ubuntu appears to be sticking with upstart, at least for the
 time being. That could all change by the time we get there though, which I
 don't anticipate to be any time this year.
  --
 -Eric 'shubes'


 Thanks. That was illuminative.

 Ashraf

 --**--**
 -
 Qmailtoaster is sponsored by Vickers Consulting Group (
 www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!
 --**--**
 -
Please visit qmailtoaster.com for the latest news, updates, and
 packages.
 To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@**
 qmailtoaster.com qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-help@**
 qmailtoaster.com qmailtoaster-list-h...@qmailtoaster.com





 --
 Khan Md.

Re: [qmailtoaster] Re: Migrating to new server

[Natalio Gatti]

Glad to see that it helped.
I used that procedure in a similar migration. It is not the best method,
but it allowed me to migrate one account at a time. It was an exchange
2003, wich includes the SMTP Connector. I thought that exchange 2010 did
not include one.
Best of lucks in the microsoft world...

On Tue, Feb 7, 2012 at 6:35 PM, John Raley j...@fmcfinance.net wrote:

  Natalio, thanks for the pointers. Your method is the one I used. On the
 Exchange side this is what I did :

 Added an internal domain (domain.local) for a secondary email address.
 Added the email domain on Exchange as an Internal Relay and configured an
 SMTP Connector to the Qmail server. This way Exchange 2010 will forward any
 email it receives that it does not have a mailbox for to the Qmailtoaster
 server. 

 ** **

 One fun fact I found out the hard way, do not remove mailboxes in
 Exchange! This will delete AD accounts with it. That is what I get for
 testing in a production environment. 

 ** **

 *From:* Natalio Gatti [mailto:nga...@gmail.com]
 *Sent:* Monday, February 06, 2012 2:47 PM
 *To:* qmailtoaster-list@qmailtoaster.com
 *Subject:* Re: [qmailtoaster] Re: Migrating to new server

 ** **

 ** **

 On Mon, Feb 6, 2012 at 4:53 PM, Eric Shubert e...@shubes.net wrote:

 On 02/06/2012 12:03 PM, John Raley wrote:

 How did you manage this?

 I have a UTM device in front of both servers. It does call-out to verify
 the
 account exists. I am guessing when the Qmail server says the account
 doesn't
 exist, it move to the next email server.

 ** **

 Just some ideas: 

 1) Create a second domain in exchange, as an alias domain. Every exchange
 user will have two addresses (user@domain and user@secondarydomain).

 2) Create an smtproute in your qmail box to forward all secondarydomain to
 your exchange box

 3) Create forwards for the accounts you already have migrated, so as to
 forward the migrated user mail to the secondary domain.

 ** **

 This could solve one problem. All users in the qmail box can send mails to
 users in exchange box. Maybe you could do something similar to the reverse
 problem. I do not know if you are going to need a SMTP Connector in your
 exhchange box.

 ** **

 Salutti, 

 ** **

 Natalio.

Re: [qmailtoaster] Re: Migrating to new server

[Natalio Gatti]

On Mon, Feb 6, 2012 at 4:53 PM, Eric Shubert e...@shubes.net wrote:

 On 02/06/2012 12:03 PM, John Raley wrote:

 How did you manage this?

 I have a UTM device in front of both servers. It does call-out to verify
 the
 account exists. I am guessing when the Qmail server says the account
 doesn't
 exist, it move to the next email server.


 Just some ideas:
1) Create a second domain in exchange, as an alias domain. Every exchange
user will have two addresses (user@domain and user@secondarydomain).
2) Create an smtproute in your qmail box to forward all secondarydomain to
your exchange box
3) Create forwards for the accounts you already have migrated, so as to
forward the migrated user mail to the secondary domain.

This could solve one problem. All users in the qmail box can send mails to
users in exchange box. Maybe you could do something similar to the reverse
problem. I do not know if you are going to need a SMTP Connector in your
exhchange box.

Salutti,

Natalio.

Re: [qmailtoaster] Mail Filter on QmailToaster Domain Level

[Natalio Gatti]

You have to use eMPF. It is already included in QMT:

http://www.inter7.com/?page=empf

Salutti,

Natalio.

On Tue, Jan 3, 2012 at 5:41 AM, Malvin Rito
mr...@mail.altcladding.com.phwrote:

 Hi List,

 Can someone assist me on how do I block or filter specific email address
 to a certain email account on my QmailToaster Server? I tried it already on
 my SquirrelMail mail Filter but it seems does not work.

 Regards,
 Malvin

 --**--**
 -
 Qmailtoaster is sponsored by Vickers Consulting Group (
 www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!
 --**--**
 -
Please visit qmailtoaster.com for the latest news, updates, and
 packages.
 To unsubscribe, e-mail: qmailtoaster-list-unsubscribe@**
 qmailtoaster.com qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-help@**
 qmailtoaster.com qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Centos 6 x64 Installation Notes

[Natalio Gatti]

No, I have not installed it in 32 bits hardware.

On 7/26/2011 7:04 AM, User Qmail wrote:

 Have you tried on the usual 32 bits? I wish to upgrade my centos 5.6 to
 centos 6.



 On Tue, Jul 26, 2011 at 8:35 AM, Natalio Gatti nga...@gmail.com wrote:

 I have just finished the installation of QT in a Centos 6 x64 box. I just
 wanted to my installation notes. It is not intended to be a Howto or a Step
 by Step instructions. Maybe they are usefull for someone else:

  *Centos 6 x64 Install Notes - Centos Minimal Installation*

[qmailtoaster] Centos 6 x64 Installation Notes

[Natalio Gatti]

I have just finished the installation of QT in a Centos 6 x64 box. I just
wanted to my installation notes. It is not intended to be a Howto or a Step
by Step instructions. Maybe they are usefull for someone else:

*Centos 6 x64 Install Notes - Centos Minimal Installation*

Dependencies Notes:

   - No installed: automake17 and compat-libgcc
   - Package compat-libf2c replaced by compat-libf2c-34
   - Package compat-libsdc++-33 replaced by compat-libstdc++-33
   - Centos 6 does not include sendmail, instead it includes postfix by
   default
   - When postfix is removed, it also removes crontabs and mrtg which I
   added later
   - When postfix is removed, it does not remove the user postfix with UID
   89 which conflicts with vpopmail UID

Command executed:

   - yum install make compat-libf2c-34 compat-libstdc++-33 aspell
   - yum remove postfix
   - userdel postfix

Perl Dependencies Notes:

   - Install rpmforge manually:
  - rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
  - rpm -Uvh
  
http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm


   - Install qtp
   - Run qtp-dependencies
   - Install perl SPF package manually:
  - yum install perl-Mail-SPF-Query

Make Symbolic Link becouse centos 6 change the default rpmbuild directory

   - ln -s /root/rpmbuild/ /usr/src/redhat

QmailToaster Installation Notes:

   - Execute install script cnt5064-install-script.sh until installation of
   qmailadmin-toaster
   - Install mrtg and crontabs via yum
  - yum install mrtg crontabs
   - Continue with installation script

Salutti,

Natalio.

Re: [qmailtoaster] horde password change configuration

[Natalio Gatti]

rajesh:
I'm forwarding you a mail from Rodrigo Monteiro with some instructions and
an attached file. I used this vpopmail.php file in the past to enable the
password change feature in horde.
Please, be advised that this file is old (year 2006), so maybe is not
compatible any more. I don't know if horde has made changes to it.
Good luck!

Natalio.

-- Forwarded message --
From: Rodrigo Monteiro
Date: Tue, Mar 28, 2006 at 7:35 AM
Subject: Re: Password H3 with vpopmail and multiple domains in its own
tables
To: Natalio Gatti nga...@gmail.com


Hi Natalio,

You have to save the vpopmail.php in the passwd/lib/Drivers/. Don't
forget to backup the old one. And in the passwd/config/backends.php:
'encryption' = 'crypt-md5', 'domain'  = 'multiple.com',
'multiple_domains'  = true, 'use_clear_passwd' = true,
'show_encryption' = false
Let me know if you have any problems...
regards,
Rodrigo.



--
Rodrigo Monteiro
Free as in Freedom, not free as in free beer
Linux User # 403730
attachment: vpopmail.php
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: pop attack on server

[Natalio Gatti]

I'm using OSSEC http://www.ossec.net
Very nice and complete IDS/Log analysis package. Easy to install and manage.

On Thu, Oct 28, 2010 at 8:49 PM, Eric Shubert e...@shubes.net wrote:

 On 10/28/2010 04:02 PM, David Milholen wrote:

  Hi everyone,
 I had an interesting day. Starting getting those calls about email
 clients asking for password. Red flag says mail server way too busy
 I investigate and find that vchkpw is taking all of the process load. I
 look at the number of connections and there were about 50 from one place
 in Bulgaria. The only way to drop that way to add a drop rule into the
 gateway.

 What is everyone using to stop this kind of force attack on the pop side?

 --Dave
 --

 David Milholen
 Project Engineer
 P:501-318-1300


 I know that some people here use fail2ban. Sounds like it would have
 thwarted this attack, if they were all from the same IP. I haven't gotten
 around to installing it myself. We should have a fail2ban page on the wiki,
 but I don't think anyone's written one yet. Search the archives, and you'll
 find references. Here's one from the spamdyke list:
 http://www.spamdyke.org/mailman/private/spamdyke-users/2010q3/002961.html
 (you must be a spamdyke list subscriber to view)

 --
 -Eric 'shubes'



 -
 Qmailtoaster is sponsored by Vickers Consulting Group (
 www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!

 -
Please visit qmailtoaster.com for the latest news, updates, and
 packages.
 To unsubscribe, e-mail:
 qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
 qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: limt number of outgoing emails

[Natalio Gatti]

Just to expand a bit on my situation.

  Further investigation showed that the compromised account belonging to a
 host on our network with a public IP was compromised with a trojan on the
 machine. This trojan I suppose was running a small server watching email
 traffic and sniffing passwords.
  Once compromised I do believe the master server where the trojan came from
 executed the attack. I did not see but only one IP using the account for
 this purpose. Not Say that the master(hacker) could wake more bots to be
 used in the attack.

 A little more control over the queue would be nice. For now I have
 implemented nagios to watch the concurrency level and warn me when it goes
 above a certain level.


I had similar problems, but mails were sent via webmail (I'm using Horde).
I'm installing a captcha to stop bots using my webmail interface. With the
script I posted some mails ago, I'm monitoring the queue every minute, so as
to detect a compromised account. But these are all temporal solutions until
a real solution could be implemented, like an accounting module to qmail,
which can limit the numbers of mails being sent from an IP or an
authenticated user.
Googling a bit I found an accounting module for qmail, but I could't test
it:
http://www.gplhost.com/old_stuff/index.php?rub=softwaressousrub=mysqmail
Has Anyone used it?

Natalio.

Re: [qmailtoaster] Re: limt number of outgoing emails

[Natalio Gatti]

On Fri, Oct 1, 2010 at 10:42 PM, Eric Shubert e...@shubes.net wrote:

 Natalio Gatti wrote:

 Here is a small script that monitors queue size and send an email in case
 it grows over certain limit:
 **
 #/bin/sh
 email=m...@domain
 Max_Size=15
 cola=`tail -50 /var/log/qmail/send/current | grep status | tail -1 | cut
 -d ' ' -f 6 | cut -d '/' -f 1`
 if test $cola -gt $Max_Size
 then
 /opt/qmailtoaster-plus/bin/qmqtool -l  /tmp/cola_saliente
 cat /tmp/cola_saliente | mail -sCOLA SALIENTE CON $cola MENSAJES $Email
 fi
 **

 I'm using it in 2 servers and it permits to detect when an abused account
 is used to send spam.
 Hope it helps.
 Salutti,

 Natalio.


 That's nice, Natalio. However, what it appears that you're using to trigger
 the message is the number of messages being sent at once. Wouldn't it be
 simpler to use the qmailctl queue command (instead of the send log) to
 determine exactly how many messages are in the queue? I think that would
 give a more meaningful reading.

 Yes Eric, I'm monitoring the number of mails beeing sent at once. I thought
that it was the easiest way. I really didn't analyze it very much. If you
think that controlling the queue size is a better way, I can modify the
script.


 I do like it though. Perhaps we can work this into QTP somehow, at least
 for the short term.

 No problem if you want to add it to QTP.



Natalio.

[qmailtoaster] Limiting number of open files

[Natalio Gatti]

Hello List. I'm having a problem in a fresh install of qmail-toaster
over Centos 5.4
I'm using qmail-toaster on a VPS (Virtual Private Server). The server
function as a mail server for 2 mail accounts with normal traffic,
using imap.
The VPS limit the number of open files to 6000. Without qmail-toaster
running, the server has 1000-1500 files open, and when I start
qmail-toaster it jumps to 6000 reaching the max limit and generating
errors. Is it a normal behaviour? Is there a way to control the opened
files?
Thanks,
Natalio.

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Limiting number of open files

[Natalio Gatti]

It seems that the major open-files consumer is spamdyke. I have
disabled pop3, pop3-ssl and imap, but there is no noticeable change.
I'll test disabling spamdyke and see the result.


On Thu, Jul 22, 2010 at 2:29 PM, Eric Shubert e...@shubes.net wrote:
 Natalio Gatti wrote:

 Hello List. I'm having a problem in a fresh install of qmail-toaster
 over Centos 5.4
 I'm using qmail-toaster on a VPS (Virtual Private Server). The server
 function as a mail server for 2 mail accounts with normal traffic,
 using imap.
 The VPS limit the number of open files to 6000. Without qmail-toaster
 running, the server has 1000-1500 files open, and when I start
 qmail-toaster it jumps to 6000 reaching the max limit and generating
 errors. Is it a normal behaviour? Is there a way to control the opened
 files?
 Thanks,
 Natalio.


 -

 On a few QMTs I just checked, lsof shows 3700-5200. Pretty much stock,
 except for dovecot instead of courier.

 You might need to disable services you don't need (pop3, pop3ssl, and
 associated logs), and throttle others back a bit (concurrencyincoming).

 lsof will show which services are using each open file. QMT does need a lot
 of open files, but my numbers indicate that you should be able to make it
 work for just 2 accounts with no problem.

 --
 -Eric 'shubes'


 -
 Qmailtoaster is sponsored by Vickers Consulting Group
 (www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
     If you need professional help with your setup, contact them today!
 -
    Please visit qmailtoaster.com for the latest news, updates, and packages.
         To unsubscribe, e-mail:
 qmailtoaster-list-unsubscr...@qmailtoaster.com
    For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com




-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Limiting number of open files

[Natalio Gatti]

I had 4.0.10. I'm updating now to 4.1.0 and see what happens.

On Thu, Jul 22, 2010 at 6:42 PM, Eric Shubert e...@shubes.net wrote:
 Which version of spamdyke?

 Do you have any defunct spamdyke processes? There was a problem with
 spamdyke leaving defunct processes from TLS sessions, which has been fixed
 in the latest version (4.1.0).

 spamdyke doesn't have any files open when there are no smtp sessions active.
 I'm seeing 24 files for spamdyke per session.

 HTH.

 --
 -Eric 'shubes'

 Natalio Gatti wrote:

 It seems that the major open-files consumer is spamdyke. I have
 disabled pop3, pop3-ssl and imap, but there is no noticeable change.
 I'll test disabling spamdyke and see the result.


 On Thu, Jul 22, 2010 at 2:29 PM, Eric Shubert e...@shubes.net wrote:

 Natalio Gatti wrote:

 Hello List. I'm having a problem in a fresh install of qmail-toaster
 over Centos 5.4
 I'm using qmail-toaster on a VPS (Virtual Private Server). The server
 function as a mail server for 2 mail accounts with normal traffic,
 using imap.
 The VPS limit the number of open files to 6000. Without qmail-toaster
 running, the server has 1000-1500 files open, and when I start
 qmail-toaster it jumps to 6000 reaching the max limit and generating
 errors. Is it a normal behaviour? Is there a way to control the opened
 files?
 Thanks,
 Natalio.



 -

 On a few QMTs I just checked, lsof shows 3700-5200. Pretty much stock,
 except for dovecot instead of courier.

 You might need to disable services you don't need (pop3, pop3ssl, and
 associated logs), and throttle others back a bit (concurrencyincoming).

 lsof will show which services are using each open file. QMT does need a
 lot
 of open files, but my numbers indicate that you should be able to make it
 work for just 2 accounts with no problem.

 --
 -Eric 'shubes'



 -
 Qmailtoaster is sponsored by Vickers Consulting Group
 (www.vickersconsulting.com)
  Vickers Consulting Group offers Qmailtoaster support and installations.
    If you need professional help with your setup, contact them today!

 -
   Please visit qmailtoaster.com for the latest news, updates, and
 packages.
        To unsubscribe, e-mail:
 qmailtoaster-list-unsubscr...@qmailtoaster.com
   For additional commands, e-mail:
 qmailtoaster-list-h...@qmailtoaster.com





 -
 Qmailtoaster is sponsored by Vickers Consulting Group
 (www.vickersconsulting.com)
    Vickers Consulting Group offers Qmailtoaster support and installations.
      If you need professional help with your setup, contact them today!


 -
 Qmailtoaster is sponsored by Vickers Consulting Group
 (www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
     If you need professional help with your setup, contact them today!
 -
    Please visit qmailtoaster.com for the latest news, updates, and packages.
         To unsubscribe, e-mail:
 qmailtoaster-list-unsubscr...@qmailtoaster.com
    For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com




-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Attack?

[Natalio Gatti]

On Mon, Jun 28, 2010 at 7:52 AM, Rafael Andrade raf...@riosulense.com.brwrote:

 Thank you for reply.

 My problems continues... take a look.

 *[r...@net ~]# qmailctl queue | head*
 messages in queue: 6182
 messages in queue but not yet preprocessed: 0

 *[r...@net ~]# qmHandle -m2465807 *

 --
 MESSAGE NUMBER 2465807
 --
 Received: (qmail 21700 invoked by uid 48); 28 Jun 2010 04:32:52 -
 Date: 28 Jun 2010 04:32:52 -
 Message-ID: 20100628043252.21698.qm...@mail.metalservice.ind.br
 To: bireli...@yahoo.com.br

 Subject: Atualização do seu aparelho Itoken versão Final sem erros
 MIME-Version: 1.0
 Content-type: text/html; charset=iso-8859-1

 From: Itau Informa Todos erros corrigidos 
 comunicacaodigi...@itau-unibanco.com.br


mmm, It seems that a process is sending mails. In the headers there is no
information about an smtp connection. Maybe a php application with bugs
running int the same server?  Can you check User ID 48 in your /etc/passwd?

Re: [qmailtoaster] Attack?

[Natalio Gatti]

On Mon, Jun 28, 2010 at 9:48 AM, Rafael Andrade raf...@riosulense.com.brwrote:

 [r...@net ~]# cat /etc/passwd  | grep -i 48
 apache:x:48:48:Apache:/var/www:/sbin/nologin

 The UserID indicates that apache is sending those mails. Check your php
applications.




 Natalio Gatti escreveu:



 On Mon, Jun 28, 2010 at 7:52 AM, Rafael Andrade 
 raf...@riosulense.com.brmailto:
 raf...@riosulense.com.br wrote:

Thank you for reply.

My problems continues... take a look.

*[r...@net ~]# qmailctl queue | head*
messages in queue: 6182
messages in queue but not yet preprocessed: 0

*[r...@net ~]# qmHandle -m2465807 *

--
MESSAGE NUMBER 2465807
--
Received: (qmail 21700 invoked by uid 48); 28 Jun 2010 04:32:52 -
Date: 28 Jun 2010 04:32:52 -
Message-ID: 20100628043252.21698.qm...@mail.metalservice.ind.br
mailto:20100628043252.21698.qm...@mail.metalservice.ind.br
To: bireli...@yahoo.com.br mailto:bireli...@yahoo.com.br


Subject: Atualização do seu aparelho Itoken versão Final sem erros
MIME-Version: 1.0
Content-type: text/html; charset=iso-8859-1

From: Itau Informa Todos erros corrigidos
comunicacaodigi...@itau-unibanco.com.br
mailto:comunicacaodigi...@itau-unibanco.com.br



 mmm, It seems that a process is sending mails. In the headers there is no
 information about an smtp connection. Maybe a php application with bugs
 running int the same server?  Can you check User ID 48 in your /etc/passwd?



 -
 Qmailtoaster is sponsored by Vickers Consulting Group (
 www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!

 -
Please visit qmailtoaster.com for the latest news, updates, and
 packages.
 To unsubscribe, e-mail:
 qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
 qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Attack?

[Natalio Gatti]

On Wed, Jun 23, 2010 at 4:27 PM, Rafael Andrade raf...@riosulense.com.brwrote:

 My last msg, i will send a new thread
 qmHandle -l

 2450210 (20, R)
  Return-path: anonym...@metalservice.ind.br
  From: Itau Informa Todos erros corrigidos 
 comunicacaodigi...@itau-unibanco.com.br
  To: pappen@terra.com.br
  Subject: Atualização do seu aparelho Itoken versão Final sem erros
  Date: 23 Jun 2010 17:56:45 -
  Size: 1785 bytes


I had a similar problem. The best way to obtain information is to see the
headers of the spam mail. You can see them with qmqtool or qmHandle.
In that header you can see if the mails are using an authenticated account.

Re: [qmailtoaster] qmail-smtpd: qq soft reject (unable to exec qq (#4.3.0

[Natalio Gatti]

Which clamav version do you have? If it is older than 0.94 you have to
upgrade.

On Tue, Apr 27, 2010 at 4:20 AM, Hamza Sani Abubakar Usman 
hamza_s...@hotmail.com wrote:

 Dear Friends,

 My Qmail toaster was working fine since last 1 year but now before a two
 day ago I have received any complaints regarding, e-mail not receiving at
 their e-mail addresses. then check server logs and found the following error
 highlighted below:

 @40004bd68d4c16eb64bc CHKUSER accepted rcpt: from
 hamza.s...@gmail.com:: remote 
 mail-gy0-f176.google.com:unknown:209.85.160.176
 rcpt hamzas...@dtlinks.net : found existing recipient
 @40004bd68d4c16ec7dfc spamdyke[3885]: ALLOWED from:
 hamza.s...@gmail.com to: hamzas...@dtlinks.net origin_ip: 209.85.160.176
 origin_rdns: mail-gy0-f176.google.com auth: (unknown)
 @40004bd68d4d09b86164 qmail-smtpd: qq soft reject (unable to exec qq
 (#4.3.0)): MAILFROMhamza.s...@gmail.com 
 RCPTTO:hamzas...@dtlinks.netrcptto%3ahamzas...@dtlinks.net
 @40004bd68d4d20ed0614 tcpserver: end 3885 status 0
 @40004bd68d4d20ed5fec tcpserver: status: 0/100


 Please help me to resolve this issues i dont know whats this error mean.

 Thanks in Advance

 https://signup.live.com/signup.aspx?id=60969
 --
 Hotmail: Free, trusted and rich email service. Get it 
 now.https://signup.live.com/signup.aspx?id=60969

[qmailtoaster] Denying access to authenticated connections

[Natalio Gatti]

Hi List.
I'm having a big spam problem. It seems that my users DB have been
compromised, and I'm receiving authenticated connections from outside, that
are used to send tons of spam. I have managed to identify some users and
changed there pwd. But as soon as I stop one user, they start to use
another.
Is there a way to forbid auth sessions on port 25? My clients use submission
port to send there messages.
I'm thinking to create to tcprules (one for port 25 and one for port 587).
But I don't know how to match auth sessions inside tcprules.

[qmailtoaster] Re: Denying access to authenticated connections

[Natalio Gatti]

On Mon, Apr 26, 2010 at 10:26 AM, Natalio Gatti nga...@gmail.com wrote:

 Hi List.
 I'm having a big spam problem. It seems that my users DB have been
 compromised, and I'm receiving authenticated connections from outside, that
 are used to send tons of spam. I have managed to identify some users and
 changed there pwd. But as soon as I stop one user, they start to use
 another.
 Is there a way to forbid auth sessions on port 25? My clients use
 submission port to send there messages.
 I'm thinking to create to tcprules (one for port 25 and one for port 587).
 But I don't know how to match auth sessions inside tcprules.



I have read tcprules documentation and it does not seems to be able to
accomplish what I need.
I was thinking on an other way to stop these messages, so I started to look
at how these messages looks-like:
1) They are all coming from outside
2) They are all authenticated connection
3) They have forged and fifferents froms
4) They have different content
5) The have different destinations

So, I was thinking to attack point 3. Is there a way to control or compare
from-address with authenticated-address?

Pd: I have found that some users answer a mail asking for there user/pwd!
Social Engineering was the way to obtain my DB!!!

Re: [qmailtoaster] Re: Denying access to authenticated connections

[Natalio Gatti]

On Mon, Apr 26, 2010 at 12:46 PM, Eric Shubert e...@shubes.net wrote:

 Natalio Gatti wrote:

 On Mon, Apr 26, 2010 at 10:26 AM, Natalio Gatti nga...@gmail.com mailto:
 nga...@gmail.com wrote:

Hi List.
I'm having a big spam problem. It seems that my users DB have been
compromised, and I'm receiving authenticated connections from
outside, that are used to send tons of spam. I have managed to
identify some users and changed there pwd. But as soon as I stop one
user, they start to use another.
Is there a way to forbid auth sessions on port 25? My clients use
submission port to send there messages.
I'm thinking to create to tcprules (one for port 25 and one for port
587). But I don't know how to match auth sessions inside tcprules.


 I have read tcprules documentation and it does not seems to be able to
 accomplish what I need.
 I was thinking on an other way to stop these messages, so I started to
 look at how these messages looks-like:
 1) They are all coming from outside
 2) They are all authenticated connection
 3) They have forged and fifferents froms
 4) They have different content
 5) The have different destinations
  So, I was thinking to attack point 3. Is there a way to control or
 compare from-address with authenticated-address?
  Pd: I have found that some users answer a mail asking for there user/pwd!
 Social Engineering was the way to obtain my DB!!!



Hi Eric. Thanks for your quick response.


 I think I would simply change the passwords as you find they've been
 compromised. Either that or undertake a project to change all passwords.

I have changed some of them. At least the ones which appear in the smtp log.
But I do not know if the attacker could capture more.


 Are you using spamdyke? If so, since all your users are authenticating, you
 should blacklist your own domain(s) in the blacklist_senders file. This
 seems counter intuitive, but it works since authenticated sessions bypass
 all filters. This will keep outsiders from forging your domain, which should
 help control phishing emails that solicit passwords.

 Yes, I have spamdyke working. I did not notice that spamdyke is only
configured in the smtp process. It is a nice tip. I'll see how can I tweak
it.


 You might also consider installing sane-security rules for clamav (see
 qtp-install-sanesecurity script in QTP). That helps to reject some phishing
 spams, although I don't know that it'll catch the ones that have bitten you
 previously.

A little user education wouldn't hurt either. A well written email might
 suffice.

 Of course. My users were warned about this kindo of emails. But you can
always find someone who did not pay attention...


 --

Re: [qmailtoaster] Re: Denying access to authenticated connections

[Natalio Gatti]

On Mon, Apr 26, 2010 at 12:59 PM, South Computers
i...@southcomputers.comwrote:

  Eric Shubert wrote:

 Natalio Gatti wrote:

 On Mon, Apr 26, 2010 at 10:26 AM, Natalio Gatti nga...@gmail.commailto:
 nga...@gmail.com wrote:

Hi List.
I'm having a big spam problem. It seems that my users DB have been
compromised, and I'm receiving authenticated connections from
outside, that are used to send tons of spam. I have managed to
identify some users and changed there pwd. But as soon as I stop one
user, they start to use another.
Is there a way to forbid auth sessions on port 25? My clients use
submission port to send there messages.
I'm thinking to create to tcprules (one for port 25 and one for port
587). But I don't know how to match auth sessions inside tcprules.

 I have read tcprules documentation and it does not seems to be able to
 accomplish what I need.
 I was thinking on an other way to stop these messages, so I started to
 look at how these messages looks-like:
 1) They are all coming from outside
 2) They are all authenticated connection
 3) They have forged and fifferents froms
 4) They have different content
 5) The have different destinations
  So, I was thinking to attack point 3. Is there a way to control or
 compare from-address with authenticated-address?
  Pd: I have found that some users answer a mail asking for there
 user/pwd! Social Engineering was the way to obtain my DB!!!


 I think I would simply change the passwords as you find they've been
 compromised. Either that or undertake a project to change all passwords.

 Are you using spamdyke? If so, since all your users are authenticating,
 you should blacklist your own domain(s) in the blacklist_senders file. This
 seems counter intuitive, but it works since authenticated sessions bypass
 all filters. This will keep outsiders from forging your domain, which should
 help control phishing emails that solicit passwords.

 You might also consider installing sane-security rules for clamav (see
 qtp-install-sanesecurity script in QTP). That helps to reject some phishing
 spams, although I don't know that it'll catch the ones that have bitten you
 previously.

 A little user education wouldn't hurt either. A well written email might
 suffice.



 Also, are they coming from a specific region? China, Korea, or? Block the
 whole country with hosts.deny or iptables if so. Also, I would change the
 password the admin for vqadmin if using it. Perhaps they got access to it
 and printed out all the usernames/passwords?


I'll see if I can nail them down to a specific area. Thanks.

Re: [qmailtoaster] Re: Passwords easy

[Natalio Gatti]

On Fri, Jan 8, 2010 at 1:01 PM, Eric Shubert e...@shubes.net wrote:

 Anderson Alves de Albuquerque wrote:



  How can I deny that users choose easy password?


  Is thare some cracker program that I can test actually passwords?


If you want to test your passwords, you can use brutus, is a password
cracker for telnet/ftp/pop3. It runs on windows. Becarefull, if you are
using fail2ban or ossec, you could be banned.

Re: [qmailtoaster] Re: question

[Natalio Gatti]

, eMPF does not allow to control message size.

On Fri, Dec 11, 2009 at 5:14 PM, Eric Shubert e...@shubes.net wrote:
 eMPF perhaps?

 Noel Rivera (Border Less) wrote:

 Yes I want only 6 Mb per mail, but I want only to apply to 1 of my 7
 domains


 hi

 i assume that you are referring to 6 mb size per email

 yes this is possible by using databytes file under
 /var/qmail/control/databytes

 more info here

 http://wiki.qmailtoaster.com/index.php/Attachment_size_limitations


 rajesh


 Hello List I have a server with 7 diferents domains, and I have to limit
 the
 received and send mail to 6 Mb In one of this 7 domains, Is this
 possible?



 Thanks for your Help




 --
 -Eric 'shubes'


 -
 Qmailtoaster is sponsored by Vickers Consulting Group
 (www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
     If you need professional help with your setup, contact them today!
 -
    Please visit qmailtoaster.com for the latest news, updates, and packages.
         To unsubscribe, e-mail:
 qmailtoaster-list-unsubscr...@qmailtoaster.com
    For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com




-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] problems with yahoo

[Natalio Gatti]

On Thu, Dec 10, 2009 at 5:25 PM, Ariel lauchafernan...@gmail.com wrote:
 hello, list, from some time now I have serious problems with the emails that
 come from my server to yahoo, these are the output queue, and some bounce
 back saying that time has expired. According to Yahoo, not a bug as it says
 later intenet, but the Verada is no longer to do this not to happen. Someone
 has the same problem. I change the server ip, enable domankeys, and several
 other things but the problem persists

  hola,, lista,, desde hace ya un tiempo tengo serios problemas con los
 correos que salen de mi servidor hacia yahoo, estos quedan el cola de
 salida, y algunos rebotan diciendo que expiro el tiempo. Segun yahoo , no es
 un error ya que dice intenet mas tarde,, pero la verada es que ya no se que
 hacer para que no pase esto. Alguien tiene el mismo problema. Ya cambie la
 ip del servidor, habilite domankeys, y varias cosas mas pero el problema
 persiste


Ariel:
english
If you are going to use an automatic translator, please, write
correctly in your native language (intenet, verada).
spanish
Cuando uses un traductor automático, por favor, no cometas errores de
tipeo (intenet, verada).

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Webmail Interface

[Natalio Gatti]

I always use horde groupware webmail edition. It is easy to install,
configure and use.
The next time I have to install it I will create a step-by-step guide
to include in the wiki.
And I remember to use some sort of hack to enable user password-change
inside horde.

Natalio.

On Thu, Dec 3, 2009 at 5:13 AM, PakOgah pako...@pala.bo-tak.info wrote:
 updated the wiki with webmail clients list
 http://wiki.qmailtoaster.com/index.php/Webmail_Client
 but still underdevelopment, later I'll add another info and some comments by
 milist members

 PakOgah wrote:

 Right then.. I'll update the wiki.. please wait
 one thing that make me still hesitant to use other webmail than squirrel
 is the option to change user password within webmail.
 once there is small utility (php) to change user email password outside
 the webmail for user itself I wont mind replacing squirrelmail

 Eric Shubert wrote:

 I believe that Nutsmail has a bit of a problem with their licensing. I'd
 suggest googling for the details before using it.

 Maxwell Smart wrote:

 I installed the outlook theme as described by Andreas, but it doesn't
 quite look like the screenshot in Sourceforge.  I also have 34 themes in 
 the
 them folder by default, so I had to make it [35].
 Nutsmail looks like the cleanest, most modern looking option to me, but
 that's just my .02



 Jake Vickers wrote:

 Sales wrote:

 What other webmail interfaces are people using?  I have had
 squirrelmail running for several years on a toaster, but am building a 
 new
 toaster and want a new interface.  I think the final straw was my 65 year
 old mother telling me it looked dated and that she didn’t like using it.
  Roundcube looks promising, but am wondering just how far along it is, 
 Horde
 looks like a pain, and then there are a myriad of others.  I wish SM 
 would
 change the look, because it works well - something a little more 
 Outlookish
 would be great, but I don’t think they ever plan that.  Just need some
 hints, and something that is easy to install and maintain.



 Roundcube has had several major security flaws in the past that allowed
 persistent crackers to obtain shell access on a server.  I do not 
 recommend
 it anymore as I have lost trust in the code base at this point. Mine is 
 not
 the only opinion, but if you do go with it I would recommend trolling 
 their
 forums every other day to keep up on vulnerabilities.
 There are some skins for Squirrelmail that others have suggested. I've
 personally used Nutsmail (nustmail.com) with it and it worked well.
 Horde is a little bit of setup, and I think it's interface is kludgy,
 but it does provide a little more functionality.
 eGroupware is a little cleaner and provides a lot of extra
 functionality, but I have not set it up for Qmail yet myself.
 Someone else sent me a link a while back for another one that was perl
 based that looked different, but I did not test it out much.
 How about we keep this thread going and add links to the reply, so we
 have one lone list of webmail apps to try out. I'll start it:

 http://roundcube.net
 http://nutsmail.com
 http://sourceforge.net/projects/squirreloutlook/
 http://www.egroupware.org/
 http://www.horde.org/






 -
 Qmailtoaster is sponsored by Vickers Consulting Group
 (www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
     If you need professional help with your setup, contact them today!
 -
    Please visit qmailtoaster.com for the latest news, updates, and packages.
         To unsubscribe, e-mail:
 qmailtoaster-list-unsubscr...@qmailtoaster.com
    For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com




-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] #4.0.0 smtp;421 Refused. You have no reverse DNS entry

[Natalio Gatti]

On Thu, Nov 19, 2009 at 10:31 AM, Kjetil Paulsen
kjetil.paul...@gmail.comwrote:

 Hi

 I'm getting this from peple trying to send emails to my domains
 (dvfilsrv.dv.local #4.0.0 smtp;421 Refused. You have no reverse DNS
 entry.) - I've tried to read up on this and discussions on forums are
 refering to a PTR record that has to be set, however I can't find this
 setting in tools provided by domain registrar..

 Mxtoolbox also reports
 220 blue.jforce.no - Welcome to Qmail Toaster Ver. 1.2 SMTP Server ESMTP

 Not an open relay.
  0 seconds - Good on Connection time
  2.059 seconds - Good on Transaction time
  OK - 84.234.141.2 resolves to
  Warning - Reverse DNS does not match SMTP Banner

 Session Transcript:
 HELO please-read-policy.mxtoolbox.com
 250 blue.jforce.no - Welcome to Qmail Toaster Ver. 1.2 SMTP Server [172
 ms]
 MAIL FROM: supert...@mxtoolbox.com
 250 ok [468 ms]
 RCPT TO: t...@example.com
 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 -
 chkuser) [1248 ms]
 QUIT
 221 blue.jforce.no - Welcome to Qmail Toaster Ver. 1.2 SMTP Server [172
 ms]


 When I do a reverse lookup I get this:
 ptr:84.234.141.2ptr

 TypeIP Address  Domain Name TTL
 PTR 84.234.141.22.84-234-141.customer.lyse.net  24 hrs

 This will not change I guess since I've got a static IP from Lyse.no...

 So I guess the question is, where do I put this information so that
 email servers stops complaining? is it as easy as changing the banner?


Kjeitil, maybe you are merging two problems here: Outgoing emails and
incoming emails.
If your server is refusing incoming emails complaining about missing rDNS,
you should check the IP address of the sending server.
If your server can't send emails to the world, then, you should modify your
rDNS. You should talk to Lyse.net and ask for a rDNS. They are the authority
for the rDNS zone.
Natalio.



 thx
 /K


 -
 Qmailtoaster is sponsored by Vickers Consulting Group (
 www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!

 -
 Please visit qmailtoaster.com for the latest news, updates, and
 packages.

  To unsubscribe, e-mail:
 qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail:
 qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] #4.0.0 smtp; 421 Refused. You have no reverse DNS entry

[Natalio Gatti]

On Thu, Nov 19, 2009 at 11:48 AM, Kjetil Paulsen
kjetil.paul...@gmail.comwrote:

 so the way forward is to contact Lyse.no to set my PTR record to
 2.141.234.84.IN-ADDR.ARPA IN PTR jforce.no
 and mail servers sending to olerud.no (where the error reported
 occured) will not get this error?


It does not matter if the rDNS does not resolve to olerud.no. The important
thing is that it does not resolve to a dynamic hostname.


 I have my doubts though if this will be easy since I don't think Lyse
 will accept that I'm running a mail server :/


They should not complain about it. You are paying for a public IP.
If you have some sort of control panel, maybe the option to assign a rDNS is
right there!

Re: [qmailtoaster] Virus problem

[Natalio Gatti]

  Maybe I didn'y explain myself. The infected user sends spam using my mail
 server.

 Maybe your server is hacked. :(
 You should check logs, directories with write permission for all. There are
 many dictionary attacks on ports ssh and pop3. Check ssh daemon (if you're
 hacked you probably have sshd2), try to find strange directories or
 binaries. There is possibility that someone has weak password and it was
 guessed by attacker.
 OSSEC can help you to protect your server, tripwire is good solution to
 protect your files.

It has happened before (in other server), but this is not the case. Ssh is
restricted only to a group of IPs. Smtp connections come from the natted IP.

[qmailtoaster] Virus problem

[Natalio Gatti]

Hi List.
I'm having an intermitten virus problem. From time to time a user gets
infected with a virus/worm that send tons of spam through the server. All
users are behind a NAT, so I can't know exactly which user/PC is the source
of the problem.
How can I minimize this problem?

Natalio

Re: [qmailtoaster] Virus problem

[Natalio Gatti]

On Wed, Jul 29, 2009 at 3:28 PM, Aleksander Podsiadly 
a...@westside.kielce.pl wrote:

 W dniu 29.07.2009 19:46, Natalio Gatti pisze:

 Hi List.
 I'm having an intermitten virus problem. From time to time a user gets
 infected with a virus/worm that send tons of spam through the server. All
 users are behind a NAT, so I can't know exactly which user/PC is the source
 of the problem.
 How can I minimize this problem?

 Natalio

 Look at topic ,,how to control infected users'' and my post:

 http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg23261.html

 --
 Pozdrawiam / Regards,
 Aleksander Podsiadły


I saw your post, but using a proxy does not seem to be a solution for me. I
already scan mails with clamav and spamassassin. I don't see which other
benefits brings up to use that proxy.
The spam sent by the infected machine does not contains virus.

Re: [qmailtoaster] Virus problem

[Natalio Gatti]

2009/7/29 RICARDO BARROS ricardo.barros...@gmail.com

  Block and log  with iptables.

From my server point of view, I see a single IP address (rememeber that the
clients are behind NAT), so I can not control number of simultaneous
connectios.

Re: [qmailtoaster] Virus problem

[Natalio Gatti]

On Wed, Jul 29, 2009 at 4:16 PM, Vincent Deschênes
vdesche...@stelvio.comwrote:

  Requires authentication for your clients to send message and apply spam
 protection to message coming from inside your network as if there were
 coming from the internet.

 Your spam protection will not filter your authenticated sessions but will
 filter the message sent by the virus (if the virus does not have access to
 the credentials to authenticate.)

Mmm, that's a nice idea. I hope that the virus does not use authentication
to send the spam.

  VD



 *From:* Natalio Gatti [mailto:nga...@gmail.com]
 *Sent:* Wednesday, July 29, 2009 1:46 PM
 *To:* qmailtoaster-list@qmailtoaster.com
 *Subject:* [qmailtoaster] Virus problem



 Hi List.

 I'm having an intermitten virus problem. From time to time a user gets
 infected with a virus/worm that send tons of spam through the server. All
 users are behind a NAT, so I can't know exactly which user/PC is the source
 of the problem.

 How can I minimize this problem?



 Natalio

Re: [qmailtoaster] Virus problem

[Natalio Gatti]

On Wed, Jul 29, 2009 at 4:50 PM, Aleksander Podsiadly 
a...@westside.kielce.pl wrote:

 W dniu 29.07.2009 20:39, Natalio Gatti pisze:



 I saw your post, but using a proxy does not seem to be a solution for me. I
 already scan mails with clamav and spamassassin. I don't see which other
 benefits brings up to use that proxy.
 The spam sent by the infected machine does not contains virus.

 You scan only emails sent via you mail server. You don't scan emails sent
 directly to random IP's or via external mail servers, and that is the
 problem. SMTP-proxy and proper port 25 redirection can help you.
 For example:
 iptables -t nat -A PREROUTING -i $I_DEV -p tcp --dport 25 -s $MY_INTRANET
 --dst ! $E_IP -j DNAT --to $I_IP:9199
 I_DEV - intranet eth device
 E_IP - external server IP
 I_IP - internal (intranet) server IP
 MY_INTRANET - IP/mask of intranet

Maybe I didn'y explain myself. The infected user sends spam using my mail
server.

Re: [qmailtoaster] empF patch

[Natalio Gatti]

-Mensagem original-

Hi,

I've been running the patch in QMT since late 2005 without any
problems up to the date.

--

 I've been using this patch since December 2007 without any problems in a
basic QMT system with less than 100 accounts.
It requires some minor tweaks to the webmail (in my case horde), which are
well documented in the wiki.
Some months ago, I (also) requested to include it in QMT.

Re: [qmailtoaster] block email sent to a specific address

[Natalio Gatti]

You can use badmailfrom/badmailto files to accomplish that.

On Mon, Dec 15, 2008 at 5:23 PM, Josh Hopkins 
josh.hopk...@schoolimprovement.com wrote:

  Is there a way to have all emails sent to a specific address go to
 /dev/null or just have them go to a tar pit?  I am using the toaster as a
 relay for my exchange server.  I would guess that I would have to use
 spamassassin to do this.   Any ideas.

[qmailtoaster] smtproutes and special characters

[Natalio Gatti]

I need to configure a smart host with smtp authentication. The problem is
that the username includes a slash / and it seems that smtproutes does not
take it right. I tried with the tipical \ / and // but nothing happend.
Has anyone know how to escape this special characters?

Salutti,
Natalio.

Re: [qmailtoaster] clamav 0.94.1 availability

[Natalio Gatti]

On Sat, Nov 8, 2008 at 7:07 PM, Erik A. Espinoza [EMAIL PROTECTED]wrote:

 Tonight. QA'ing the package still.



Can I update it directly? or do I need to remove previous clamav prior to
compile?

Natalio

Re: [qmailtoaster] clamav 0.94.1 availability

[Natalio Gatti]

On Tue, Nov 18, 2008 at 12:07 PM, Steve Huff [EMAIL PROTECTED] wrote:


 On Nov 18, 2008, at 7:57 AM, Eric Shubert wrote:

 If you use qtp-newmodel you shouldn't need to be concerned about this. ;)

 According to qtp-remove-pkgs script,
 # only packages = the specific version will be removed
 remove_older=\
 clamav-toaster-0.92.1-1.3.17 \
 

 I believe it'd be ok to update it directly. I hope we find out soon if
 that's not the case (so I can modify the qtp-remove-pkgs script
 appropriately).



 i can confirm that updating with qtp-newmodel was successful for me (CentOS
 5 i386); i would be awfully surprised if manually building and installing
 the RPM produced different results.

 -steve


 Confirmed: I updated via rpm -Uvh ... and everything is working as
expected.
Eric Shubert: I use qtp-newmodel only to do massive updates. In this case
(clamav package only), I just need to execute two commands.

Natalio.

Re: [qmailtoaster] xen.spamhaus.com

[Natalio Gatti]

On Tue, Oct 14, 2008 at 4:26 PM, Jake Vickers [EMAIL PROTECTED] wrote:

  Kyle Quillen wrote:


 Hello all,

 Running into a small issue.  I have alot of users that being blocked by
 spamhaus and when i take spamhaus off of my bls then they can work.  My
 question is I know that xen is very good at blocking spam but it is also
 blocking my users is there a way that I can put a list of ips that will not
 be looked at by xen.  I have spamdyke installed and have put the ips that I
 want to allow in the whitelist_ip but that does not seem to be helping


 Are you using th blacklist in your /var/qmail/control/blacklists file or in
 Spamdyke?  If you're using it in Spandyke, there is no reason to use it in
 the blacklists file. Spamdyke will use the blacklist, but only if the user
 does not authenticate.


Or, you can use submission port (587). It only accepts authenticated users
and does not use blacklists.

Natalio

[qmailtoaster] Disabling IMAP/webmail access

[Natalio Gatti]

I´m managing a qmail-toaster server, and I need to block IMAP access to some
users, but not webmail. The webmail soft and qmail service are running in
the same hardware.

Looking at vpopmail's parameters, there are some flags to apply this kind of
filters:

[EMAIL PROTECTED] ~]# /home/vpopmail/bin/vmoduser
vmoduser: usage: [options] email_addr or domain (for each user in domain)
(...)
the following options are bit flags in the gid int field
 -x ( clear all flags )
 -d ( don't allow user to change password )
 -p ( disable POP access )
 -s ( disable SMTP AUTH access )
 -w ( disable webmail [IMAP from localhost*] access )
( * full list of webmail server IPs in vchkpw.c )
 -i ( disable non-webmail IMAP access )
 -b ( bounce all mail )
(...)

But, guess what! they don't work as expected. If I set the w flag, nothing
happens, the user is able to access webmail as well as IMAP.
If I set the i flag, the user can´t access webmail nor IMAP.
I check the vchkpw.c file in the sources, and it defines clearly
127.0.0.1as a webmail server.

I don´t want anyone to start coding or patching to solve my problem, I just
wanted to know if someone has implemented this kind of filter successfuly.

Salutti,

Natalio.

Re: [qmailtoaster] Disabling IMAP/webmail access

[Natalio Gatti]

Yep, I checked it, and webmail uses 127.0.0.1 to connect to the imap
service.

On Fri, Oct 10, 2008 at 11:09 AM, Martin Waschbuesch
[EMAIL PROTECTED]wrote:

 Hi there,

 Did you check that the webmail soft is really using localhost to connect or
 perhaps it has been configured to use the FQDN and is therefore treated as
 coming from outside?

 You probably have, it's just that reading your post I wondered as you had
 not mentioned it.

 Martin

 --
 What a fool believes he sees, no wise man has the power to reason away...

 Doobie Brothers


 Zitat von Natalio Gatti [EMAIL PROTECTED]:

  I´m managing a qmail-toaster server, and I need to block IMAP access to
 some
 users, but not webmail. The webmail soft and qmail service are running in
 the same hardware.

 Looking at vpopmail's parameters, there are some flags to apply this kind
 of
 filters:

 [EMAIL PROTECTED] ~]# /home/vpopmail/bin/vmoduser
 vmoduser: usage: [options] email_addr or domain (for each user in domain)
 (...)
 the following options are bit flags in the gid int field
 -x ( clear all flags )
 -d ( don't allow user to change password )
 -p ( disable POP access )
 -s ( disable SMTP AUTH access )
 -w ( disable webmail [IMAP from localhost*] access )
( * full list of webmail server IPs in vchkpw.c )
 -i ( disable non-webmail IMAP access )
 -b ( bounce all mail )
 (...)

 But, guess what! they don't work as expected. If I set the w flag,
 nothing
 happens, the user is able to access webmail as well as IMAP.
 If I set the i flag, the user can´t access webmail nor IMAP.
 I check the vchkpw.c file in the sources, and it defines clearly
 127.0.0.1as a webmail server.

 I don´t want anyone to start coding or patching to solve my problem, I
 just
 wanted to know if someone has implemented this kind of filter successfuly.

 Salutti,

 Natalio.




 
 This message was sent using IMP, the Internet Messaging Program.

 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] eMPF patch

[Natalio Gatti]

On Tue, Sep 23, 2008 at 12:18 AM, Ho Ho [EMAIL PROTECTED] wrote:

 Thanks AM. I search it for a long time on mail-archive by using empf and
 I cannot find it.
 I saw on wiki that you have a patch for 1.3.15 and no need for me to
 compile.

 So I searched it on mail-archive and I cannot find it.

 The patch is locate at a mail talking about vqadmin.

 I think it would be better to make a like directly on the wiki or consider
 to include it on new version of qmailtoaster download script.


You can always edit the wiki and add the information that is missing.

Natalio.

Re: [qmailtoaster] enable simscan to local users

[Natalio Gatti]

On Tue, Sep 23, 2008 at 9:09 AM, nightduke [EMAIL PROTECTED] wrote:

 cat tcp.smtp

 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1

 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1

 Can i add to the line 127 QMAILQUEUE=/var/qmail/bin/simscan?


Yes, you can add it. Just be carefull about the syntax. Remember to separate
each parameter with commas ( , )

Natalio.

Re: [qmailtoaster] enable simscan to local users

[Natalio Gatti]

On Tue, Sep 23, 2008 at 9:59 AM, nightduke [EMAIL PROTECTED] wrote:

 Hi i have enabled it, i do tcp.smtp reload, i restart qmail, i send an
 email on horde to a local email and the antivirus dosen't found
 virus...


Did you run service qmail cdb ?

Re: [qmailtoaster] enable simscan to local users

[Natalio Gatti]

On Tue, Sep 23, 2008 at 10:02 AM, nightduke [EMAIL PROTECTED] wrote:

 service qmail cdb
 Usage: Qmail
 {start|stop|restart|condrestart|reload|status|fullstatus|graceful|help|configtest}

 That's is what appears when i do qmailctl cdb or service qmail cdb.

 Nightduke


mmm, that´s strange. It should reload your tcp, simscan and badmime
databases. Maybe I'm not running the latest version. Do you?

Re: [qmailtoaster] spamdyke greylisting

[Natalio Gatti]

On Wed, Sep 17, 2008 at 6:42 PM, Kisakye Alex [EMAIL PROTECTED] wrote:

  Hello list,

 Is there any reason why the qtp-install-spamdyke is still using version 3.x
 and not version 4.x of spamdyke?

 Is version 4.x not yet ready for qt?



 Thanks

 ALex


Eric reply this int this same thread! It will be ready at the end of the
month.

Natalio.

Re: [qmailtoaster] QControl

[Natalio Gatti]

And the cost is.?

Natalio.

On Tue, Sep 16, 2008 at 10:44 AM, Jake Vickers [EMAIL PROTECTED] wrote:

 We are nearing the final stages of QControl.  QControl is a replacement for
 VqAdmin, written from scratch.

 I hope to have a final release on October 1st.  You can view information
 about the package at http://qcontrol.v2gnu.com

 There is a working demo that you can try out on the site, using the code
 base uploaded last evening.  The demo is fully functional.  The demo system
 is a full CentQMT-5 installation. Port 25 is blocked for outgoing for
 obvious reasons, but the system is otherwise a full install.
 The package was developed on a CentQMT-5 machine, and is currently being
 tested on production machines using Cent 4.2, Cent 4.6, and Fedora Core 4
 all using QMT packages that are either current or have been released within
 the last 12 months.

 There are a few code-cleanup items that need to be completed, as well as a
 couple features that need to be added.  Suggestions are welcome to the
 address provided on the site.

 The site is a VMware image, and the image is reverted every night at
 11:01pm EDT giving it a clean slate for new users.


 -
QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] QControl

[Natalio Gatti]

Sorry, it wasn't meant to be sarcastic. I really wanted to know the cost.

On Tue, Sep 16, 2008 at 10:50 AM, Natalio Gatti [EMAIL PROTECTED] wrote:

 And the cost is.?

 Natalio.

[qmailtoaster] spamdyke greylisting

[Natalio Gatti]

Hello list, I'm installing spamdyke in a qmailtoaster server.
I'm curious about the greylisting feature, and wanted to know which is the
preferred option for graylist-level.

BTW, I installed the latest version (4.0.4), and took configuration file
from QTP. There are some changes in the configuration file in the new
version, that needs to be updated in the QTP script:
the option check-dnsrbl is no longer used, now it is used
dns-blacklist-entry
log-level now is configured with one of: none, error, info, verbose or
debug
log-target now is configured with one of: syslog or stderr
and the option ip-in-rdns-keyword-file is replaced with
ip-in-rdns-keyword-blacklist-file

Salutti,

Natalio

Re: [qmailtoaster] spamdyke greylisting

[Natalio Gatti]

On Tue, Sep 16, 2008 at 12:46 PM, Eric Shubert [EMAIL PROTECTED] wrote:

 Natalio Gatti wrote:
  Hello list, I'm installing spamdyke in a qmailtoaster server.
  I'm curious about the greylisting feature, and wanted to know which is
  the preferred option for |graylist-level.
  |
  BTW, I installed the latest version (4.0.4), and took configuration file
  from QTP. There are some changes in the configuration file in the new
  version, that needs to be updated in the QTP script:
  the option check-dnsrbl is no longer used, now it is used
  dns-blacklist-entry
  log-level now is configured with one of: none, error, info, verbose or
  debug
  log-target now is configured with one of: syslog or stderr
  and the option ip-in-rdns-keyword-file is replaced with
  ip-in-rdns-keyword-blacklist-file
 
  Salutti,
 
  Natalio

 Hey Natalio,
 QTP uses greylist-level=always

 FWIW, qtp-install-spamdyke for v4 will be available with the next QTP
 release (scheduled for the end of this month). For those of you who can't
 wait that long or who want to try it out before it's officially released,
 you can download it for a limited time at
 http://qtp.v2gnu.com/svn/bin/qtp-install-spamdyke. It will install v4
 and/or
 upgrade from v3. Note, it will not carry forward any customized settings
 from v3 though.


Thanks Eric.  My version (latest) of QTP does not include
greylist-level=always in spamdyke.conf, maybe it was configurated by
default.
The default value in version 4.0.4 is none, so I wasn't using it.

Re: [qmailtoaster] spamdyke greylisting

[Natalio Gatti]

On Tue, Sep 16, 2008 at 12:59 PM, Eric Shubert [EMAIL PROTECTED] wrote:

 Natalio Gatti wrote:
 
 
  On Tue, Sep 16, 2008 at 12:46 PM, Eric Shubert [EMAIL PROTECTED]
  mailto:[EMAIL PROTECTED] wrote:
 
  Natalio Gatti wrote:
   Hello list, I'm installing spamdyke in a qmailtoaster server.
   I'm curious about the greylisting feature, and wanted to know which
 is
   the preferred option for |graylist-level.
   |
   BTW, I installed the latest version (4.0.4), and took
  configuration file
   from QTP. There are some changes in the configuration file in the
 new
   version, that needs to be updated in the QTP script:
   the option check-dnsrbl is no longer used, now it is used
   dns-blacklist-entry
   log-level now is configured with one of: none, error, info,
  verbose or
   debug
   log-target now is configured with one of: syslog or stderr
   and the option ip-in-rdns-keyword-file is replaced with
   ip-in-rdns-keyword-blacklist-file
  
   Salutti,
  
   Natalio
 
  Hey Natalio,
  QTP uses greylist-level=always
 
  FWIW, qtp-install-spamdyke for v4 will be available with the next QTP
  release (scheduled for the end of this month). For those of you who
  can't
  wait that long or who want to try it out before it's officially
  released,
  you can download it for a limited time at
  http://qtp.v2gnu.com/svn/bin/qtp-install-spamdyke. It will install
  v4 and/or
  upgrade from v3. Note, it will not carry forward any customized
 settings
  from v3 though.
 
 
  Thanks Eric.  My version (latest) of QTP does not include
  greylist-level=always in spamdyke.conf, maybe it was configurated by
  default.
  The default value in version 4.0.4 is none, so I wasn't using it.
 

 greylist-level is new w/ v4. The latest QTP is still on spamdyke v3, so it
 wouldn't be there. (just to clarify)

 Even if you don't run the new script, you can read through it to see what
 options it uses. See the b65_create_conf_file(){ function.


Yep,  that's what I did. Thanks again.

Re: [qmailtoaster] spamdyke greylisting

[Natalio Gatti]

On Tue, Sep 16, 2008 at 1:15 PM, Eric Shubert [EMAIL PROTECTED] wrote:

 Natalio Gatti wrote:
 
  On Tue, Sep 16, 2008 at 12:59 PM, Eric Shubert [EMAIL PROTECTED]
  mailto:[EMAIL PROTECTED] wrote:
 
  Natalio Gatti wrote:
  
  
   On Tue, Sep 16, 2008 at 12:46 PM, Eric Shubert [EMAIL PROTECTED]
  mailto:[EMAIL PROTECTED]
   mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote:
  
   Natalio Gatti wrote:
Hello list, I'm installing spamdyke in a qmailtoaster server.
I'm curious about the greylisting feature, and wanted to
  know which is
the preferred option for |graylist-level.
|
BTW, I installed the latest version (4.0.4), and took
   configuration file
from QTP. There are some changes in the configuration file
  in the new
version, that needs to be updated in the QTP script:
the option check-dnsrbl is no longer used, now it is used
dns-blacklist-entry
log-level now is configured with one of: none, error, info,
   verbose or
debug
log-target now is configured with one of: syslog or stderr
and the option ip-in-rdns-keyword-file is replaced with
ip-in-rdns-keyword-blacklist-file
   
Salutti,
   
Natalio
  
   Hey Natalio,
   QTP uses greylist-level=always
  
   FWIW, qtp-install-spamdyke for v4 will be available with the
  next QTP
   release (scheduled for the end of this month). For those of
  you who
   can't
   wait that long or who want to try it out before it's officially
   released,
   you can download it for a limited time at
   http://qtp.v2gnu.com/svn/bin/qtp-install-spamdyke. It will
 install
   v4 and/or
   upgrade from v3. Note, it will not carry forward any
  customized settings
   from v3 though.
  
  
   Thanks Eric.  My version (latest) of QTP does not include
   greylist-level=always in spamdyke.conf, maybe it was configurated
 by
   default.
   The default value in version 4.0.4 is none, so I wasn't using it.
  
 
  greylist-level is new w/ v4. The latest QTP is still on spamdyke v3,
  so it
  wouldn't be there. (just to clarify)
 
  Even if you don't run the new script, you can read through it to see
  what
  options it uses. See the b65_create_conf_file(){ function.
 
 
  Yep,  that's what I did. Thanks again.
 

 Now that I think of it, the script creates the greylist directories for
 you.
 If you have many domains and they're all using greylisting, you might want
 to use the option which creates the directories automatically for you
 (always-create IIRC). Check the documentation.


Yes, I could see that. I run the script modifying the version to 4.x. So it
compiled spamdyke, created all directories and  config files. Then, I
modified config file by hand to include the new options. Now it is working
fine with greylisting enabled. I'm monitoring log files to assure a correct
delivery.

Re: [qmailtoaster] How to de-activate tls for an ip?

[Natalio Gatti]

What about a packet capture to see what is going on? You can follow the smtp
session and see why is getting status 256.

Natalio.

On Thu, Sep 11, 2008 at 1:11 PM, P.V.Anthony [EMAIL PROTECTED]wrote:

 Hi,

 Currently we are having a problem receiving emails for a company's email
 server.

 When we send emails to them, they get them. When they send to us, we do
 not get them.

 We have bypassed rbl and greylist. Tried increasing the softlimit to
 32,000,00 and that did not work.

 In the smtp logs, we get a status 256.

 I have an email account with my isp, if they send to that, I get the
 email. Wondering what is wrong with my server.

 Could it be TLS? How do I bypass TLS just for one incoming server?

 Using simscan with clamav. Can I bypass simscan and clamav by removing
 the QMAILQUEUE=/var/qmail/bin/simscan.

 Tried using recordio for the qmail-smtpd logs but nothing there too.

 Is there anything else I can bypass or do? Need to narrow this down.

 P.V.Anthony



 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Email permision: View/receive only

[Natalio Gatti]

It can be implemented via the eMPF patch.
Check the wiki for information.

Natalio

On Sun, Aug 17, 2008 at 10:55 PM, Truong Duc Luong [EMAIL PROTECTED]
 wrote:

  Hi list,



 I need to create the permission that some one only receive email and cannot
 send/reply the email (received only email). Can qmail do this? How I can do?



 Thank you very much!

Re: [qmailtoaster] Failed to connect to the server

[Natalio Gatti]

On Thu, Aug 7, 2008 at 10:02 AM, Ariel [EMAIL PROTECTED] wrote:

 Gracias,, por tu contestacion,, seguramente debe ser el RBL que esta
 rechazando las conexiones.
 Voy a buscar como deshabiliarlo cuando no tenga servicio de internet.


If you want to disable rbl checks for your local IPs, you have to include
RBLSMTPD= in your /etc/tcprules file (for your local IPs).


Natalio.

Re: [qmailtoaster] CHKUSER rejected sender: temporary DNS problem

[Natalio Gatti]

Well, it seems that the problem was solved using a local nameserver in
caching mode. So maybe it was a remote-dns problem.

Thanks.

On Thu, Jul 24, 2008 at 1:14 PM, Eric Shubert [EMAIL PROTECTED] wrote:

 Very good thought, Tim.

 Tim Mancour wrote:
  Perhaps your freshclam updates coincide with the issue?
 
  
  *From:* Natalio Gatti [mailto:[EMAIL PROTECTED]
  *Sent:* Wednesday, July 23, 2008 6:25 PM
  *To:* qmailtoaster-list@qmailtoaster.com
  *Subject:* Re: [qmailtoaster] CHKUSER rejected sender: temporary DNS
 problem
 
  I'm using port 25, but I have the private IP's whitlisted via tcprules
  (RBLSMTPD=).
  I pay closer attention and could determinate that when the problem
  occurs, for a short period of time (less than 5 minutes) no one can send
  mails.
  I´m waiting for the next occurence to run top, free, and vmstat. Maybe
  is a process consuming cpu and/or ram, but it is really strange, becouse
  it is not the tipical short-of-hardware problem.
 
  On Wed, Jul 23, 2008 at 6:30 PM, Eric Shubert [EMAIL PROTECTED]
  mailto:[EMAIL PROTECTED] wrote:
 
  Which port are you using? Is it possible that you're using port 25
  and one
  of your RBLs is sluggish? If you're using port 587, I don't rightly
  know.
 
  Natalio Gatti wrote:
   I'm having a problem that is becoming more and more often (and
  annoying).
   When some users (including me) wants to send an email, they get an
   answer from my qmailtoaster server saying:
   temporary DNS problem
  
   When I check the logs, it says:
  
   @40004887336107b0c5dc CHKUSER rejected sender: from
   [EMAIL PROTECTED]:: remote
  Giorianueva:unknown:192.168.10.150 http://192.168.10.150
   http://192.168.10.150 rcpt  : temporary DNS problem
  
   It seems that is not interpreting the rcpt part. I'm using
 outlook
   2003 and XP.
  
   DNS is properly configured, and I have a bind running in
 caching-only
   mode on the qmailtoaster server.
  
   BTW, my qt is (only important packages are listed):
   [EMAIL PROTECTED] smtp]# rpm -qa | grep toaster
   vpopmail-toaster-5.4.17-1.3.4
   qmail-pop3d-toaster-1.03-1.3.15
   qmailmrtg-toaster-4.2-1.3.3
   simscan-toaster-1.3.1-1.3.6
   clamav-toaster-0.93.1-1.3.19
   qmail-toaster-1.03-1.3.15
   courier-authlib-toaster-0.59.2-1.3.6
   spamassassin-toaster-3.1.8-1.3.8
   daemontools-toaster-0.76-1.3.3
   courier-imap-toaster-4.1.2-1.3.7
  
   How can I debug this error?
 
 
  --
  -Eric 'shubes'
 


 --
 -Eric 'shubes'

 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] how to control local infected users?

[Natalio Gatti]

Hello,
Yesterday, a local user was infected by a virus, and it start sending
thousands (100.000 aprox) of spam mails (it converted in a sort of
open-relay). Each mail only include 4 or 5 recipients.
My qmail-toaster accepted them, becouse the user was using smtp-auth, and
the user didn´t violate my chkusers policies.
How can I control such behaviour?

Natalio.

Re: [qmailtoaster] how to control local infected users?

[Natalio Gatti]

On Thu, Jul 31, 2008 at 10:23 AM, Jake Vickers [EMAIL PROTECTED] wrote:

 Natalio Gatti wrote:

 Hello,
 Yesterday, a local user was infected by a virus, and it start sending
 thousands (100.000 aprox) of spam mails (it converted in a sort of
 open-relay). Each mail only include 4 or 5 recipients.
 My qmail-toaster accepted them, becouse the user was using smtp-auth, and
 the user didn´t violate my chkusers policies.
 How can I control such behaviour?



 There isn't really way to control this. If they're flooding the system you
 could use a firewall rule to block them if they send mroe than x number of
 emails in a 60 second span, but ultimately they will still have the virus
 and need to be cleaned.


Of course!  The machine is already cleaned. But i just wanted to know which
preventive measures should I include to avoid future floodings.

Firewall via iptables was the first option, but this clients comes from a
NATted network, so is difficult to isolate him. I was thinking something
like controlling particular useres in chkuser.

[qmailtoaster] CHKUSER rejected sender: temporary DNS problem

[Natalio Gatti]

I'm having a problem that is becoming more and more often (and annoying).
When some users (including me) wants to send an email, they get an answer
from my qmailtoaster server saying:
temporary DNS problem

When I check the logs, it says:

@40004887336107b0c5dc CHKUSER rejected sender: from
[EMAIL PROTECTED]:: remote Giorianueva:unknown:192.168.10.150 rcpt 
: temporary DNS problem

It seems that is not interpreting the rcpt part. I'm using outlook 2003
and XP.

DNS is properly configured, and I have a bind running in caching-only mode
on the qmailtoaster server.

BTW, my qt is (only important packages are listed):
[EMAIL PROTECTED] smtp]# rpm -qa | grep toaster
vpopmail-toaster-5.4.17-1.3.4
qmail-pop3d-toaster-1.03-1.3.15
qmailmrtg-toaster-4.2-1.3.3
simscan-toaster-1.3.1-1.3.6
clamav-toaster-0.93.1-1.3.19
qmail-toaster-1.03-1.3.15
courier-authlib-toaster-0.59.2-1.3.6
spamassassin-toaster-3.1.8-1.3.8
daemontools-toaster-0.76-1.3.3
courier-imap-toaster-4.1.2-1.3.7

How can I debug this error?

Re: [qmailtoaster] CHKUSER rejected sender: temporary DNS problem

[Natalio Gatti]

I'm using port 25, but I have the private IP's whitlisted via tcprules
(RBLSMTPD=).
I pay closer attention and could determinate that when the problem occurs,
for a short period of time (less than 5 minutes) no one can send mails.
I´m waiting for the next occurence to run top, free, and vmstat. Maybe is a
process consuming cpu and/or ram, but it is really strange, becouse it is
not the tipical short-of-hardware problem.

On Wed, Jul 23, 2008 at 6:30 PM, Eric Shubert [EMAIL PROTECTED] wrote:

 Which port are you using? Is it possible that you're using port 25 and one
 of your RBLs is sluggish? If you're using port 587, I don't rightly know.

 Natalio Gatti wrote:
  I'm having a problem that is becoming more and more often (and annoying).
  When some users (including me) wants to send an email, they get an
  answer from my qmailtoaster server saying:
  temporary DNS problem
 
  When I check the logs, it says:
 
  @40004887336107b0c5dc CHKUSER rejected sender: from
  [EMAIL PROTECTED]:: remote Giorianueva:unknown:192.168.10.150
  http://192.168.10.150 rcpt  : temporary DNS problem
 
  It seems that is not interpreting the rcpt part. I'm using outlook
  2003 and XP.
 
  DNS is properly configured, and I have a bind running in caching-only
  mode on the qmailtoaster server.
 
  BTW, my qt is (only important packages are listed):
  [EMAIL PROTECTED] smtp]# rpm -qa | grep toaster
  vpopmail-toaster-5.4.17-1.3.4
  qmail-pop3d-toaster-1.03-1.3.15
  qmailmrtg-toaster-4.2-1.3.3
  simscan-toaster-1.3.1-1.3.6
  clamav-toaster-0.93.1-1.3.19
  qmail-toaster-1.03-1.3.15
  courier-authlib-toaster-0.59.2-1.3.6
  spamassassin-toaster-3.1.8-1.3.8
  daemontools-toaster-0.76-1.3.3
  courier-imap-toaster-4.1.2-1.3.7
 
  How can I debug this error?


 --
 -Eric 'shubes'

 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] adding exchange like features on top of a toaster

[Natalio Gatti]

I solved the problem of global address book via LDAP. It is not the best
solution, but it allows outlook and other clients to search and use a global
address book.
Didn´t need shared calendars, so that´s a challenge!

On Tue, Jun 3, 2008 at 1:51 AM, dnk [EMAIL PROTECTED] wrote:

 Yeah, my problem is that they want integration into the email clients. That
 is why I was considering more like an LDAP server for the GAL, and a CalDav
 server for the calendars.

 Although your project looks really interesting, for bringing in a nice tie
 in for the toaster!

 d



 On 2-Jun-08, at 8:28 PM, PakOgah wrote:

  dnk wrote:

 Recently I have joined a new company that is using the toaster (although
 i was using them at my old job as well), and they have started pushing to
 get exchange like features. Now I love the toaster, and would prefer to
 stick with it. I was wondering if anyone else has crossed this bridge and
 could recommend a combo of software that can play nice with a toaster? I can
 go with something like scalix, but I am just really hoping to stick with the
 toaster and add on some other features through other software.

 The two big features would be shared calendering, and a global address
 book. We have a mashup of outlook 2003, 2007 and apple mail/ ical clients.

 I have been researching some of the caldav servers (but from first look,
 none look overly great - granted not a lot of research in it yet.) and could
 learn to use LDAP for the address book.


  For global address book, I have successfully made it although it's very
 basic, but at least it can  provide all address in my domain.
 see my email here
 http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg14851.html
 if that can help you I'll put it on wiki

 and for shared calendar, todolist and folders
 you can try this..
 http://www.squirrelmail.org/plugin_view.php?id=105
 http://www.squirrelmail.org/plugin_view.php?id=154
 http://www.squirrelmail.org/plugin_view.php?id=215

 I love toaster too.. but I have had enough time to play it, can you back
 to milist if have have successfully implement those 3 squirrel plugins?
 thanks

 ps: do not use them with squirreloutlook as it not up to date and may have
 bugs / security issue.

 but then scalix / zimbra (webmail) interface and features are really
 fascinating.

 -
   QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



 -
QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Can Qmail Be Configure In Such Way??

[Natalio Gatti]

You can do it installing the empf patch:
http://wiki.qmailtoaster.com/index.php/Installing_EMPF_patch

Salutti,

Natalio

On Mon, May 19, 2008 at 1:38 PM, Gabriel Lai [EMAIL PROTECTED] wrote:

 Hi all,

 Can qmail be configured in such way:

 [EMAIL PROTECTED] - can send externally and internally
 [EMAIL PROTECTED] - only can send internally (within domain.com)

 Please advice

 thanks

Re: [qmailtoaster] how to add empf on qmailtoaster

[Natalio Gatti]

There is an article in the wiki:
http://wiki.qmailtoaster.com/index.php/Installing_EMPF_patch

Salutti,
Natalio.

On Thu, Apr 17, 2008 at 8:11 AM, Rafael Andrade [EMAIL PROTECTED]
wrote:

  i cant add empf rules in qmailtoaster, i read all site of empf, but i`m
 stuck and i dont know how to add.


 somebody can help me?
 can send me one step by step or something.


 Thanks so much 4 all..

 --
 Abra sua conta no Yahoo! 
 Mailhttp://br.rd.yahoo.com/mail/taglines/mail/*http://br.mail.yahoo.com/,
 o único sem limite de espaço para armazenamento!

Re: [qmailtoaster] qtp-backup issue - ftp not working

[Natalio Gatti]

Do you have qtp installed? You should set your parameters in
/opt/qtp/config/qtp-config

Natalio.


On Mon, Apr 14, 2008 at 1:54 AM, Robert S Galloway
[EMAIL PROTECTED] wrote:
 Hey guys,

  I'm running the latest version of QTP and running the qtp-backup script.
 The backup SEEMS to be running just fine (I haven't unpacked one to look
 yet), but it is not e-mailing, deleting the old backup or running the FTP
 piece. The script is the stock script with my info added at the top. My host
 is CentOS 5 32-bit. I'm running the script as root.

  I do not get any output except Backup is complete and located in:
 /backup/qmailbkup.

  The script has the email, ftp and remove variables set to y.

  Thanks, Robert

  -
 QmailToaster hosted by: VR Hosted http://www.vr.org
  -
  To unsubscribe, e-mail: [EMAIL PROTECTED]
  For additional commands, e-mail: [EMAIL PROTECTED]



-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] qmail admin page missing controls

[Natalio Gatti]

On Fri, Apr 4, 2008 at 11:16 AM, My (Alan) Nguyen
[EMAIL PROTECTED] wrote:




 HI, I've set up my new qmailToaster following the instructions in the manual
 but for some reason the qmail administration page is missing any actions.
 This would be the page where you can login as an administrator through the
 web gui for the specific domains and maintain users, mailing lists and what
 not. Only thing I can appear to do is refresh the main menu or logout.

Did you create the domains via vqadmin? If so, you have to modify some
values (number of accounts, mailing lists, etc).

Vqadmin is no longer updated and it has some problems, and you shouldn't use it.

Natalio

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] mail alias not working

[Natalio Gatti]

On Fri, Apr 4, 2008 at 2:09 PM, My (Alan) Nguyen
[EMAIL PROTECTED] wrote:
 Sending from remote, locally it works but if I send it from say gmail,
  or yahoo it doesn't get to the aliased domain.

DNS for the alias domain is ok?

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] spam filter restrictions results impossible sending emails

[Natalio Gatti]

On Mon, Mar 10, 2008 at 7:00 AM, Istvan Köpe [EMAIL PROTECTED] wrote:
 Hi,

  Every Monday I'm sending a newsletter to a couple of thousands of mail
  addresses. During the weekend I modified in simcontrol spam_hits from 12
  to 5. As a result Outlook was unable to send the newsletter. Unable
  means no error message, just sending/processing forever. In that list of
  email addresses are many invalid addresses too, which generate 256
  errors, which are time-out-s, but correct me if I'm wrong and I also
  seen simscan: connect error 2 errors. But even if there are error, it
  worked before and I don't see the connection between the spam_hits
  parameter. In the Linux world I know that there is no such thing as,
  something works today, but it doesn't work after a while, like in case
  of Windows.
  So there are two possibilities: or Qmailtoaster was not configured
  well(less probable, because is to simple to configure), or the spam_hits
  parameter affected qmailtoaster's functionality.

  What do you think?

  Istvan

check your spamd log to see if spamassassin is flagging your mail as
spam: /var/log/qmail/spamd/current

Natalio.

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Weird stuff happening on admin-toaster page

[Natalio Gatti]

On Tue, Feb 26, 2008 at 9:09 PM, Richard Starkie
[EMAIL PROTECTED] wrote:
 Upgrade apparently complete - no change :(


Did you try reinstalling vqadmin-toaster, qmailadmin-toaster,
qmailmrtg-toaster and control-panel-toaster ?
They should fix your problem

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] I want block one user to order msg outside of my domain

[Natalio Gatti]

You can use the eMPF patch. Read instructions on
http://wiki.qmailtoaster.com/index.php/Installing_EMPF_patch

Natalio.

On Wed, Feb 27, 2008 at 10:34 AM, Randraa [EMAIL PROTECTED] wrote:


  How  I can block an user for not ordering messages outside of my domain,
 just send emails internal.

 example:
 [EMAIL PROTECTED] can send for [EMAIL PROTECTED]

 But One user just can send emails to:
 [EMAIL PROTECTED] for others [EMAIL PROTECTED]

 Thanks so much.


 Randraa

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] I want block an user to don't order email outside of him domain

[Natalio Gatti]

On Wed, Feb 27, 2008 at 4:16 PM, Randraa [EMAIL PROTECTED] wrote:



  How  I can block an user for not ordering messages outside of my domain,
 just send emails internal.

 example:
 [EMAIL PROTECTED] can send for [EMAIL PROTECTED]

 But One user just can send emails to:
 [EMAIL PROTECTED] for others [EMAIL PROTECTED]

As I replied in your previous mail, you can use the eMPF patch.

Check http://wiki.qmailtoaster.com/index.php/Installing_EMPF_patch

Salutti,

Natalio.

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Some basic config questions

[Natalio Gatti]

Sergio:

On Feb 20, 2008 11:00 AM, Sergio Minini {NETKEY} [EMAIL PROTECTED] wrote:


 Hi List,
 I was wondering if there is a way to limit the size of attachments that my
 users/remote senders can send through this box.

You can limit the size of attachments via
/var/qmail/control/databytes. You can set there the max amount of
bytes you'll accept. Be carefull with this value, becouse it counts
the complete mail. You should increment it in a 50% aprox. from your
max attachment size.


 And how about limiting the number of recipients for each message?
 What is less hard on the server: sending a mail to 50 rcpts or 5 mails to 10
 each?

You can control it modifying chkuser settings in tcprules file. There you have:
CHKUSER_RCPTLIMIT: max number of recipients accepted
CHKUSER_WRONGRCPTLIMIT: max number of WRONG recipients accepted


 Thanks! Sergio

 PS: This kind of config would be great if we could make it from the new Web
 UI.

 
 Sergio Minini :: NetKey Solutions :: ( 4742.1101 :: http://www.netkey.com.ar


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Some basic config questions

[Natalio Gatti]

On Feb 20, 2008 12:38 PM, Sergio Minini {NETKEY} [EMAIL PROTECTED] wrote:
 Thanks Natalio,
 Where can I find this tcprules file?
in
/etc/tcprules.d/tcp.smtp

After modifying it, you have to run service qmail cdb.
You can also control some other paremeters (such as relaying, rbls,
domainkeys, etc.) per IP.




   And how about limiting the number of recipients for each
  message? What
   is less hard on the server: sending a mail to 50 rcpts or 5
  mails to
   10 each?
 
  You can control it modifying chkuser settings in tcprules
  file. There you have:
  CHKUSER_RCPTLIMIT: max number of recipients accepted
  CHKUSER_WRONGRCPTLIMIT: max number of WRONG recipients accepted
 

Salutti,

Natalio

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Some basic config questions

[Natalio Gatti]

For further info:

http://wiki.qmailtoaster.com/index.php/Tcp.smtp

Natalio.


On Feb 20, 2008 2:24 PM, Sergio Minini {NETKEY} [EMAIL PROTECTED] wrote:
 Thanks!


  -Original Message-
  From: Natalio Gatti [mailto:[EMAIL PROTECTED]
  Sent: Wednesday, February 20, 2008 1:01 PM
  To: qmailtoaster-list@qmailtoaster.com
  Subject: Re: [qmailtoaster] Some basic config questions
 
 
  On Feb 20, 2008 12:38 PM, Sergio Minini {NETKEY}
  [EMAIL PROTECTED] wrote:
   Thanks Natalio,
   Where can I find this tcprules file?
  in
  /etc/tcprules.d/tcp.smtp
 
  After modifying it, you have to run service qmail cdb.
  You can also control some other paremeters (such as relaying,
  rbls, domainkeys, etc.) per IP.



 -
  QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] error update clamav

[Natalio Gatti]

Becouse you don't have the latest clamav package. It is still in
devel. As soon as it became stable will be published. Or you can
update it via devel.qmailtoaster.com (thanks to Erik!)

Salutti,

Natalio.

On Thu, Feb 14, 2008 at 10:38 PM,  [EMAIL PROTECTED] wrote:
 Friends, why this happening this error, helps


  [ Space_p0:root ] freshclam
  ClamAV update process started at Thu Feb 14 23:08:24 2008
  WARNING: Your ClamAV installation is OUTDATED!
  WARNING: Local version: 0.92 Recommended version: 0.92.1
  DON'T PANIC! Read http://www.clamav.net/support/faq
  main.inc is up to date (version: 45, sigs: 169676, f-level: 21, builder:
  sven)
  daily.inc is up to date (version: 5822, sigs: 43549, f-level: 21, builder:
  ccordes)
  [ Space_p0:root ] rpm -qa | grep clamav
  clamav-toaster-0.92-1.3.16
  [ Space_p0:root ]



  -
  QmailToaster hosted by: VR Hosted http://www.vr.org
  -
  To unsubscribe, e-mail: [EMAIL PROTECTED]
  For additional commands, e-mail: [EMAIL PROTECTED]



-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] 3 simple Qs

[Natalio Gatti]

Jim:

On Thu, Feb 14, 2008 at 4:28 PM, Jim Shupert, Jr. [EMAIL PROTECTED] wrote:


 so My q is is there a BEST way to delete ?- is one way better than the
 other?

Both ways are equally effective.


 also - I do not have quotas on my users - are there any long term problems
 with that?

The only problem you can face is more users with big inbox.

 and I do not have a catch all account - so should I ?
mm, I don't use it, I discard those mails.

Salutti,
Natalio.

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] SpamHaus Issues

[Natalio Gatti]

  Is
 there a way to disable spamhaus checking on outgoing email or once people
 have authenticated?


 You can use  the submission port. Configure your client to use port 587
and smtp auth.

Natalio

Re: [qmailtoaster] Restrict Access

[Natalio Gatti]

[
On Dec 5, 2007 4:04 PM, Eduardo [EMAIL PROTECTED] wrote:

 somebody knows if and possible to restrict access to the qmailtoaster for
 the ip address


 Eduardo


If I understand correctly, you can deny connections by IP using tcprules.
Add a line in /etc/tcprules.d/tcp.smtp (before the one that starts with
:allow), with:

IP.TO.BLOCK:deny

Ej:
192.168.1.1:deny


Natalio.

Re: [qmailtoaster] One-Off Or Group Updates Only?

[Natalio Gatti]

On Nov 30, 2007 1:22 PM, [EMAIL PROTECTED] wrote:

 Greetings,

 Just a quick question for the update wizards:

 Is is possible to (on CentOS 4.x):

 rpm -Uvh clamav-toaster-x.x.x.rpm

 to upgrade an individual toaster package?

 Or must I install the QTP package and update everything at once via
 qtp-newmodel?


If you have an actual qmail-toaster, you only need to install
clamav-toaster.x.x.x.rpm, and then rebuild and reinstall simscan.
If you have an older qmail-toaster, maybe you'll need to do a full upgrade.

Natalio

Re: [qmailtoaster] One-Off Or Group Updates Only?

[Natalio Gatti]

  If you have an actual qmail-toaster, you only need to install
  clamav-toaster.x.x.x.rpm, and then rebuild and reinstall simscan.

 This particular toaster install dates to June of 2006.

Which version?

As for rebuilding simscan, do you mean rebuilding a source RPM, then
 reinstalling the resulting binary?

 Or did the original RPM install from last year create a source directory
 somewhere where I can manually do a make clean; configure; make install,
 etc., etc.)?


I recommend you to run a new rpmbuild and then install the new binary.

Natalio

Re: [qmailtoaster] Why Is Clamd Swelling Up?

[Natalio Gatti]

 It's an all the time thing (at least at the moment). I've killed it a
 restarted it a couple of times this morning. But once it runs for a
 a while it gets right back up there.

 For example, here's a snapshot of current resource usage:

 PID   USER  PR  NI %CPUTIME+  %MEM  VIRT  RES  SHR S COMMAND
 32085 clamav16   0  197  99:10.65  1.1 99292  43m  932 S clamd


Which clamav version are you using? I have similar problems with
clamav-0.90.1.
They dissappear when I installed 0.91.2 (look in devel.qmailtoaster.com)

Re: [qmailtoaster] Why Is Clamd Swelling Up?

[Natalio Gatti]

On Nov 29, 2007 2:37 PM, [EMAIL PROTECTED] wrote:

 On Thu, 29 Nov 2007, Natalio Gatti wrote:

  Which clamav version are you using? I have similar problems with
  clamav-0.90.1.
  They dissappear when I installed 0.91.2 (look in devel.qmailtoaster.com)

 Looks like it's:

 clamav-toaster-0.88.3-1.3.2

 --Duncan


 So, you should update your clamav. Remember to recompile  reinstall
simscan after you install the new clamav.

Natalio.

Re: [qmailtoaster] qmailtoaster-plus-0.2.14-1.3.17 is out!

[Natalio Gatti]

Besides roundcube (i'm not using it) I have succesfully installed QTP in a
Fedora 7 system.
I have to modify qtp-whatami to include F7 support, and add some perl
dependencies to run sa-update correctly.
I'm not at the office now, as soon as I get there I'll send those
dependencies.

Natalio.

Re: [qmailtoaster] qmailtoaster-plus-0.2.14-1.3.17 is out!

[Natalio Gatti]

On Nov 26, 2007 8:31 PM, Jake Vickers [EMAIL PROTECTED] wrote:

 Natalio Gatti wrote:
  Besides roundcube (i'm not using it) I have succesfully installed QTP
  in a Fedora 7 system.
  I have to modify qtp-whatami to include F7 support, and add some perl
  dependencies to run sa-update correctly.
  I'm not at the office now, as soon as I get there I'll send those
  dependencies.
 

 Thanks. I'd like the Fedora 7 qtp-whatami stuff as well. I only work on
 Cent/RHEL and Debian now, so not much time to test other distros.


Dependencies missing for Fedora 7 distro:
perl-IO-Zlib
perl-Compress-Zlib

I didn't test all the packages, just whatami, sa-update and rbl configs.
I'll send the whatami stuff later (i'm not at the office yet).

Natalio.

Re: [qmailtoaster] empf patch (Off Topic)

[Natalio Gatti]

I'm sending this mail to let everyone know that the recompilation was
succesfull. I could disable the auth-requirement and now users without
authentication are included in the policy.
I know it is a risk becouse it is easy to forge the sender email, but that's
something i could live with until I reconfigure all clients to use
smtp-auth.

Is it okey if I introduce this information on the qmail-wiki? Or is it
completely off-topic?

Natalio.

On Nov 19, 2007 7:25 PM, Natalio Gatti [EMAIL PROTECTED] wrote:


 A M:
 Thanks! You're right, with authentication enabled everything works fine. I
 have to give a shot to the compile option, becouse I have 200 clients
 configured without smtp-auth (they are users inside a company).
 I'll post the results of the recompilation.

 Natalio.


 On Nov 19, 2007 12:53 PM, A M [EMAIL PROTECTED] wrote:

  Hi,
 
  Natalio I've replied in the empf list... dindn't see this one.
 
  check it
 
  As for information:
 
  The policy patch by default enforces auth in every smtp, so only
  authenticated users can send email.
 
  This can be change in the conf file for the policies prior to compile
  but IS NOT recomended has it may invalidate the policy check routine.
 
  AM


 
  2007/11/18, Natalio Gatti  [EMAIL PROTECTED]:
 
   I'm sending this mail to this list becouse it seems that a couple of
   qToaster's have implemented the empf patch successfully.
   Yesterday I test an installation of the empf patch provided by A M. I
   could patch, build and install the new qmail-toaster rpm correctly.
   I created a file named policy in /var/qmail/control
   If the file is empty, everything is OK. I can send  receive mail
   correctla, and for evry mail I can see a log that says:
  
   2007-11-17 05:47:15.505799500 policy_check: local [EMAIL PROTECTED] -
   local [EMAIL PROTECTED] (UNAUTHENTICATED SENDER)
   2007-11-17 05:47:15.505804500 policy_check: policy allows transmission
  
  
   Whenever I put something in that file, all mail is denied. I try the
   most simple policy (allow-all):
  
   [EMAIL PROTECTED] cat /var/qmail/control/policy
   test.com:LREI,
  
   And all mail is rejected with the following log:
   2007-11-18 06:00:35.245414500 policy_check: local [EMAIL PROTECTED] -
   local [EMAIL PROTECTED] (UNAUTHENTICATED SENDER)
   2007-11-18 06:00:35.245688500 policy_check: sender not authenticated
  
   A M, or any of the others who have implemented the empf patch: Am I
   doing something wrong? Is the policy incorrect?
  
   Natalio.
 
 
 
 
  --
  AM
  agmsoft(at)gmail.com

Re: [qmailtoaster] empf patch (Off Topic)

[Natalio Gatti]

On Nov 22, 2007 2:49 PM, Jake Vickers [EMAIL PROTECTED] wrote:

  Natalio Gatti wrote:

 I'm sending this mail to let everyone know that the recompilation was
 succesfull. I could disable the auth-requirement and now users without
 authentication are included in the policy.
 I know it is a risk becouse it is easy to forge the sender email, but
 that's something i could live with until I reconfigure all clients to use
 smtp-auth.

 Is it okey if I introduce this information on the qmail-wiki? Or is it
 completely off-topic?


 If it involves Qmailtoaster, it's not really off-topic.  I say go ahead
 and add it to the wiki under it's own topic (maybe under under tips or
 something). I'm sure someone in the future will ask


Ok, it's done.
I´m not a native-english-speaker, so i hope everyone can understand it.

Natalio.

Re: [qmailtoaster] empf patch (Off Topic)

[Natalio Gatti]

A M:
Thanks! You're right, with authentication enabled everything works fine. I
have to give a shot to the compile option, becouse I have 200 clients
configured without smtp-auth (they are users inside a company).
I'll post the results of the recompilation.

Natalio.

On Nov 19, 2007 12:53 PM, A M [EMAIL PROTECTED] wrote:

 Hi,

 Natalio I've replied in the empf list... dindn't see this one.

 check it

 As for information:

 The policy patch by default enforces auth in every smtp, so only
 authenticated users can send email.

 This can be change in the conf file for the policies prior to compile but
 IS NOT recomended has it may invalidate the policy check routine.

 AM



 2007/11/18, Natalio Gatti  [EMAIL PROTECTED]:

  I'm sending this mail to this list becouse it seems that a couple of
  qToaster's have implemented the empf patch successfully.
  Yesterday I test an installation of the empf patch provided by A M. I
  could patch, build and install the new qmail-toaster rpm correctly.
  I created a file named policy in /var/qmail/control
  If the file is empty, everything is OK. I can send  receive mail
  correctla, and for evry mail I can see a log that says:
 
  2007-11-17 05:47:15.505799500 policy_check: local [EMAIL PROTECTED] - local
  [EMAIL PROTECTED] (UNAUTHENTICATED SENDER)
  2007-11-17 05:47:15.505804500 policy_check: policy allows transmission
 
  Whenever I put something in that file, all mail is denied. I try the
  most simple policy (allow-all):
 
  [EMAIL PROTECTED] cat /var/qmail/control/policy
  test.com:LREI,
 
  And all mail is rejected with the following log:
  2007-11-18 06:00:35.245414500 policy_check: local [EMAIL PROTECTED] - local
  [EMAIL PROTECTED] (UNAUTHENTICATED SENDER)
  2007-11-18 06:00:35.245688500 policy_check: sender not authenticated
 
  A M, or any of the others who have implemented the empf patch: Am I
  doing something wrong? Is the policy incorrect?
 
  Natalio.




 --
 AM
 agmsoft(at)gmail.com

[qmailtoaster] empf patch (Off Topic)

[Natalio Gatti]

I'm sending this mail to this list becouse it seems that a couple of
qToaster's have implemented the empf patch successfully.
Yesterday I test an installation of the empf patch provided by A M. I could
patch, build and install the new qmail-toaster rpm correctly.
I created a file named policy in /var/qmail/control
If the file is empty, everything is OK. I can send  receive mail correctla,
and for evry mail I can see a log that says:

2007-11-17 05:47:15.505799500 policy_check: local [EMAIL PROTECTED] - local
[EMAIL PROTECTED] (UNAUTHENTICATED SENDER)
2007-11-17 05:47:15.505804500 policy_check: policy allows transmission

Whenever I put something in that file, all mail is denied. I try the most
simple policy (allow-all):

[EMAIL PROTECTED] cat /var/qmail/control/policy
test.com:LREI,

And all mail is rejected with the following log:
2007-11-18 06:00:35.245414500 policy_check: local [EMAIL PROTECTED] - local
[EMAIL PROTECTED] (UNAUTHENTICATED SENDER)
2007-11-18 06:00:35.245688500 policy_check: sender not authenticated

A M, or any of the others who have implemented the empf patch: Am I doing
something wrong? Is the policy incorrect?

Natalio.