SV: [qmailtoaster] Seeking Mirror Volunteers
I can also provide a mirror in norway, B/R Ole Johansen -Opprinnelig melding- Fra: Bharath Chari [mailto:qmailtoas...@arachnis.com] Sendt: 24. februar 2013 05:20 Til: qmailtoaster-list@qmailtoaster.com; mirr...@qmailtoaster.com Emne: Re: [qmailtoaster] Seeking Mirror Volunteers On Sunday 24 February 2013 12:20 AM, Eric Shubert wrote: We presently have only 5 mirror sites for the rpm packages, and could use several more. Being a mirror is pretty trivial. You don't necessarily even need another host to do it. If you're running a stock QMT, you only need to modify your apache configuration to include a mirror?.qmailtoaster.com domain, and then install an rsync script that runs hourly to keep your mirror up to date. We'll provide the mirror name and rsync script, and help with any configuration difficulties you may have. The bandwidth required isn't much at all (the more mirrors we have the less it will be), and storage is only about 50M (750M if you want to include all the archives). If you'd like to host a mirror (a great way to give back to the community), please subscribe to the mirr...@qmailtoaster.com list and we'll help to get you going. Thanks to everyone for their participation. Hi Eric, I can definitely add one more mirror in Germany. You can add 46.4.110.53 to your list and send me the details. Bharath - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Backup and restore to a new server.
Hello, I am going to backup, transferbackup to a new server and restore user accounts and their emails. Anything I should have some heads up for? Using q.plus Best Regards Ole
RE: [qmailtoaster] #4.0.0 smtp; 421 Refused. You have no reverse DNS entry
If you are a private customer of Lyse, you should ask promission to have dedicated services as email server. Is like that at Tele2 where i work. You may read the TOS for fiber based broadband, check if it says something there. Anyway a static IP adress assigned is recommended if Lyse do not have rdns on their IP-blocks Example: Hello Lyse. Can you setup rdns for my IP adress, like this? 2.141.234.84.IN-ADDR.ARPA IN PTR epost-boksen.jforce.no Thanks and god jul. Yourname/customer number -Original Message- From: Kjetil Paulsen [mailto:kjetil.paul...@gmail.com] Sent: 19. november 2009 14:48 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] #4.0.0 smtp; 421 Refused. You have no reverse DNS entry so the way forward is to contact Lyse.no to set my PTR record to 2.141.234.84.IN-ADDR.ARPA IN PTR jforce.no and mail servers sending to olerud.no (where the error reported occured) will not get this error? I have my doubts though if this will be easy since I don't think Lyse will accept that I'm running a mail server :/ On Thu, Nov 19, 2009 at 2:41 PM, ole.johan...@cryonix.no wrote: Yep, and forget you domains etc regarding rdns. You should only request rdns for your ip (iprange if you have) B/R Ole Tele2 Norge Bit confused here, since I have multiple domains pointing to the same IP I'm wondering how to go about this. My domain names are registered with domeneshop.no and is where I configure the dns settings for my domains.. Looking at the ptr records explained I see that I should have something like this for example: 2.141.234.84.IN-ADDR.ARPA IN PTR jforce.no for all my domains.. right? and this is something I should contact Lyse.no about since they own the ip? or is this something I can fix by contacting my domain registrar? thx, /K On Thu, Nov 19, 2009 at 1:44 PM, ole.johan...@cryonix.no wrote: RDNS can be only setup by your internet provider. When this has been setup properly, you will have a PTR records hostname pointing to your ip adress. B/R Ole J On Thu, Nov 19, 2009 at 10:31 AM, Kjetil Paulsen kjetil.paul...@gmail.comwrote: Hi I'm getting this from peple trying to send emails to my domains (dvfilsrv.dv.local #4.0.0 smtp;421 Refused. You have no reverse DNS entry.) - I've tried to read up on this and discussions on forums are refering to a PTR record that has to be set, however I can't find this setting in tools provided by domain registrar.. Mxtoolbox also reports 220 blue.jforce.no - Welcome to Qmail Toaster Ver. 1.2 SMTP Server ESMTP Not an open relay. 0 seconds - Good on Connection time 2.059 seconds - Good on Transaction time OK - 84.234.141.2 resolves to Warning - Reverse DNS does not match SMTP Banner Session Transcript: HELO please-read-policy.mxtoolbox.com 250 blue.jforce.no - Welcome to Qmail Toaster Ver. 1.2 SMTP Server [172 ms] MAIL FROM: supert...@mxtoolbox.com 250 ok [468 ms] RCPT TO: t...@example.com 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser) [1248 ms] QUIT 221 blue.jforce.no - Welcome to Qmail Toaster Ver. 1.2 SMTP Server [172 ms] When I do a reverse lookup I get this: ptr:84.234.141.2 ptr Type IP Address Domain Name TTL PTR 84.234.141.2 2.84-234-141.customer.lyse.net 24 hrs This will not change I guess since I've got a static IP from Lyse.no... So I guess the question is, where do I put this information so that email servers stops complaining? is it as easy as changing the banner? Kjeitil, maybe you are merging two problems here: Outgoing emails and incoming emails. If your server is refusing incoming emails complaining about missing rDNS, you should check the IP address of the sending server. If your server can't send emails to the world, then, you should modify your rDNS. You should talk to Lyse.net and ask for a rDNS. They are the authority for the rDNS zone. Natalio. thx /K - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today!
RE: [qmailtoaster] fail2ban query
Hello, Works like a dream here. What is your OS, version Error messages? B/R Ole J _ From: Vidyadhar [mailto:vidyadha...@gmail.com] Sent: 30. oktober 2009 11:41 To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] fail2ban query Hi list, Do anybody here have successfully implemented fail2ban for vpopmail. I tried by following this way: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg23954.html but not working. Can anybody help me out to resolve the same. Regards, Vidyadhar
RE: [qmailtoaster] fail2ban query
I think i need to see your conf files for fail2ban. You may send it directly to my email address. _ From: Vidyadhar [mailto:vidyadha...@gmail.com] Sent: 30. oktober 2009 12:28 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] fail2ban query Hi OS : CentOS:5.3 Enabled log of fail2ban. 2009-10-18 04:02:07,988 fail2ban.filter : INFO Log rotation detected for /var/log/maillog 2009-10-18 04:02:07,990 fail2ban.filter : INFO Log rotation detected for /var/log/maillog 2009-10-18 04:04:09,985 fail2ban.filter : INFO Log rotation detected for /var/log/maillog 2009-10-18 04:04:09,987 fail2ban.filter : INFO Log rotation detected for /var/log/maillog 2009-10-19 07:17:03,728 fail2ban.actions: WARNING [vpopmail] Ban 41.219.219.61 2009-10-19 07:17:03,732 fail2ban.actions.action: ERROR iptables -n -L INPUT | grep -q fail2ban-pop3 returned 100 2009-10-19 07:17:03,732 fail2ban.actions.action: ERROR Invariant check failed. Trying to restore a sane environment 2009-10-19 07:17:03,743 fail2ban.actions.action: ERROR iptables -N fail2ban-pop3 iptables -A fail2ban-pop3 -j RETURN iptables -I INPUT -p tcp] sendmailwhois[name --dport pop3 -j fail2ban-pop3 returned 200 2009-10-19 07:17:03,748 fail2ban.actions.action: ERROR iptables -n -L INPUT | grep -q fail2ban-pop3 returned 100 2009-10-19 07:17:03,748 fail2ban.actions.action: CRITICAL Unable to restore environment 2009-10-19 07:17:04,749 fail2ban.actions: WARNING [vpopmail] 41.219.219.61 already banned 2009-10-19 07:17:05,749 fail2ban.actions: WARNING [vpopmail] 41.219.219.61 already banned 2009-10-20 09:47:18,938 fail2ban.comm : WARNING Invalid command: ['restart'] 2009-10-20 09:47:24,053 fail2ban.jail : INFO Jail 'qmail-iptables' stopped 2009-10-20 09:47:25,035 fail2ban.actions: WARNING [vpopmail] Unban 41.219.219.61 2009-10-20 09:47:25,039 fail2ban.actions.action: ERROR iptables -n -L INPUT | grep -q fail2ban-pop3 returned 100 2009-10-20 09:47:25,039 fail2ban.actions.action: ERROR Invariant check failed. Trying to restore a sane environment 2009-10-20 09:47:25,048 fail2ban.actions.action: ERROR iptables -N fail2ban-pop3 iptables -A fail2ban-pop3 -j RETURN iptables -I INPUT -p tcp] sendmailwhois[name --dport pop3 -j fail2ban-pop3 returned 200 2009-10-20 09:47:25,052 fail2ban.actions.action: ERROR iptables -n -L INPUT | grep -q fail2ban-pop3 returned 100 When i checked the entries in iptables it was not showing the 41.219.219.61 ip Regards, Vidyadhar On Fri, Oct 30, 2009 at 4:35 PM, Ole N.Johansen ole.johan...@cryonix.no wrote: Hello, Works like a dream here. What is your OS, version Error messages? B/R Ole J _ From: Vidyadhar [mailto:vidyadha...@gmail.com] Sent: 30. oktober 2009 11:41 To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] fail2ban query Hi list, Do anybody here have successfully implemented fail2ban for vpopmail. I tried by following this way: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg23954.html but not working. Can anybody help me out to resolve the same. Regards, Vidyadhar
RE: [qmailtoaster] Tap file not working
To tap an individual email address and send a copy to arch...@example.com add a line like: u...@domain.com:arch...@example.com No . (dot) in front of the individual email address Ole J _ From: amit IKF [mailto:a...@ikf.co.in] Sent: 26. oktober 2009 09:28 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Tap file not working Hi Jake, I have created a taps file in /var/qmail/control. Entry in taps file is mentioned below: .ad...@mydomain.com:a...@mydomain.com but none of the mails of ad...@mydomain.com are getting delivered to a...@mydomain.com email id. Regards, Amit On Mon, Oct 19, 2009 at 9:41 PM, Jake Vickers j...@qmailtoaster.com wrote: amit IKF wrote: Hi Jake, What more details you need kindly let me know? Regards, Amit On Fri, Oct 16, 2009 at 6:20 PM, Jake Vickers j...@qmailtoaster.com wrote: amit IKF wrote: Hi Everyone, I think my TAP file is not working properly. There are around 25 emails list in tap file. And out of this 25 I have found some email ids are not getting tapped. Regards, Amit This is not enough information to even begin to guess at an issue. What do you mean not working correctly? Explain in detail. What do the logs show? What does your tap file look like?
[qmailtoaster] Spamming- mail from user - to user
Hello list. Got a growing problem for several valid accounts. What can I do to prevent this? (SPF reject would be a bad choice?) Ole J. Running latest QT/QTP on Centos with paranoia-status:) Like this: Recipient: us...@dot.com Sender: us...@dot.com The IP adresse is not local or official ip address on this box. An example for technique sending SPAM message: Received: from unknown (HELO dslb-088-064-213-032.pools.arcor-ip.net) (88.64.213.32) by my.server.tld with SMTP; 26 Sep 2009 05:29:39 - Received-SPF: softfail (my.server.tld: transitioning SPF record at server.tld does not designate 88.64.213.32 as permitted sender) From: Dana Woodyard us...@dot.com To: us...@dot.com Result: user1 get the spam email. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Off Topic | Spammers
Hello list. Just wonder if it any point to send abuse email of Spammers to hostmaster? I get a lot of attempts and inbound emails about the usual stuff. Pills, lottery etc. I see 3-4 regular visitors F.ex this one: canonical name host89-233-dynamic.56-82-r.retail.telecomitalia.it. aliases addresses 82.56.233.89 Received: from unknown (HELO host89-233-dynamic.56-82-r.retail.telecomitalia.it) (82.56.233.89) by my.email.server.tld with SMTP; 3 Sep 2009 10:53:56 - Received-SPF: neutral (my.email.server.tld: 82.56.233.89 is neither permitted nor denied by SPF record at bluehost.com) Just an another thought :) Ole J - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Off Topic | Spammers
I run loose lists on the server because i have clients who recieve alot of emails from fare east .. (lots of blackholed networks there) I am not a member of spamcop either. But the question was, is it any point to send abuse email to the hostmaster for origin of the spammer's network? From Spamdyke. dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=bl.spamcop.net -Original Message- From: Aleksander Podsiadly [mailto:a...@westside.kielce.pl] Sent: 3. september 2009 13:45 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Off Topic | Spammers W dniu 03.09.2009 13:36, Aleksander Podsiadly pisze: Use zen.spamhause.org RBL http://www.spamhaus.org/zen/index.lasso Oh, IP:82.56.233.89 isn't listed. :| You can send spam to http://members.spamcop.net/ -- Pozdrawiam / Regards, Aleksander Podsiadly mail: a...@westside.kielce.pl jid: a...@jabber.westside.kielce.pl ICQ: 201121279 gg: 9150578 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Fail2ban - Qmail Vpopmail - conf and regex seems to be ok :)
Hello friends, Just let you know. My previous email about using Fail2ban with qmail and vpopmail, more specific to ban email adr. Harvesting / hammering pop3 , seems to be working. Cheers! B/R Ole J Message from Fail2ban: [Fail2Ban] pop3: banned 72.3.226.134 Hi, The IP 72.3.226.134 has just been banned by Fail2Ban after 3 attempts against pop3. Here are more information about 72.3.226.134: (.) Checking IP table chain pop3: Chain fail2ban-pop3 (1 references) target prot opt source destination DROP all -- 72.3.226.134 0.0.0.0/0 RETURN all -- 0.0.0.0/00.0.0.0/0 Checking logfile maillog: Aug 31 13:57:18 FQDN vpopmail[11798]: vchkpw-pop3: vpopmail user not found julia@:72.3.226.134 Aug 31 13:57:19 FQDN vpopmail[11803]: vchkpw-pop3: vpopmail user not found audio@:72.3.226.134 Aug 31 13:57:20 FQDN vpopmail[11807]: vchkpw-pop3: vpopmail user not found josh@:72.3.226.134 Aug 31 13:57:21 FQDN vpopmail[11811]: vchkpw-pop3: vpopmail user not found alex@:72.3.226.134
RE: [qmailtoaster] re: harvesting
Eric, I will do that, just have to test the configuration out first. -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: 29. august 2009 00:51 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] re: harvesting Not stupid really. I don't know of one. Would someone care to create a wiki page about fail2ban on a toaster? Or perhaps write an install script for it that could be included in QTP? Ole N.Johansen wrote: Hello again, Sounds pretty stupid but is there a script to test email harvesting - I have to check my fail2ban addition.. Perhaps I got it right, but no one tries to hammer my vpopmail .. Ole J *From:* Constantin IOAJA [mailto:io...@cartel-alfa.ro] *Sent:* 28. august 2009 21:40 *To:* qmailtoaster-list@qmailtoaster.com *Subject:* Re: [qmailtoaster] re: harvesting Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch *OSSEChttp://www.ossec.net/ OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Regards Constantin * - *E-mail Notification* == OSSEC HIDS Notification. 2009 Aug 28 14:09:22 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:09:20 mail vpopmail[5529]: vchkpw-pop3: vpopmail user not found test@:62.20.103.103 mailto:test@:62.20.103.103 Aug 28 14:09:20 mail vpopmail[5526]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 .. Aug 28 14:09:17 mail vpopmail[5501]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 Aug 28 14:09:16 mail vpopmail[5497]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 mailto:support@:62.20.103.103 --- OSSEC HIDS Notification. 2009 Aug 28 14:19:56 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:19:55 mail vpopmail[6175]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 mailto:demo@:62.20.103.103 Aug 28 14:19:55 mail vpopmail[6169]: vchkpw-pop3: vpopmail user not found backup@:62.20.103.103 mailto:backup@:62.20.103.103 . Aug 28 14:19:53 mail vpopmail[6147]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 mailto:demo@:62.20.103.103 Aug 28 14:19:53 mail vpopmail[6144]: vchkpw-pop3: vpopmail user not found news@:62.20.103.103 mailto:news@:62.20.103.103 --- *active-responses.log* Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251458396.242407 9952 -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster
[qmailtoaster] Fail2Ban - Qmail Vpopmail [centos]
Install fail2ban: wget http://sourceforge.net/projects/fail2ban/files/fail2ban-stable/fail2ban-0.8. 3/fail2ban-0.8.3.tar.bz2/download tar -xjvf fail2ban-0.8.3.tar.bz2 cd fail2ban-0.8.3 python setup.py install vi /etc/fail2ban/jail.conf Enable only the sections you need and do them one at a time. I have enabled SSH, ProFTP, Qmail* and Vpopmail* (* add sections as described below) Set your local networks and any other networks you consider 'safe'. You certainly don't want to block your own clients! ## example:: ignoreip = 127.0.0.1 192.245.12.0/24 207.182.32.0/19 204.27.149.0/24 Also change bantime, findtime, maxretry time as it suits you. If bantime = -1 is the same as never expire the IP ban. * additional sections for jail.conf [vpopmail] enabled = true port = pop3 filter = vpopmail action = iptables[name=pop3, port=pop3, protocol=tcp] sendmailwhois[name=pop3,dest=y...@email.domain, sender=em...@adr] logpath = /var/log/maillog maxretry = 3 bantime = -1 [qmail-iptables] enabled = true filter = qmail action = iptables[name=QMAIL, port=smtp, protocol=tcp] sendmail-whois[name=QMAIL, dest=y...@email.domain] logpath = /var/log/maillog maxretry = 3 bantime = -1 Save and close the jail.conf file. vi /etc/fail2ban/filter.d/vpopmail.conf (create new file) Paste this into the file: # Fail2Ban configuration file # # Author: Christoph Haas # Modified by: Ole Johansen - CDS # # $Revision: 510 $ # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named host. The tag HOST can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?Phost\S+) # Values: TEXT # failregex = vchkpw-pop3: vpopmail user not found .*@:HOST # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex = Save and close the file. Start the fail2ban by type: fail2ban-client start New chains to the iptables are created. Use iptables -L -n ,to show entries in the iptables I have not tested the changes, so I would like to get some feedback on this. B/R Ole J
RE: [qmailtoaster] re: harvesting
Hello again, Sounds pretty stupid but is there a script to test email harvesting - I have to check my fail2ban addition.. Perhaps I got it right, but no one tries to hammer my vpopmail .. Ole J _ From: Constantin IOAJA [mailto:io...@cartel-alfa.ro] Sent: 28. august 2009 21:40 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] re: harvesting Maxwell Smart wrote: Greetings fellow Qmailers, I am trying to find a way to block harvesters. I am using Fail2ban, but must not have it set up correctly to block the harvesters after 3 attempts. If anyone can shed some light on how to set this up it would be greatly appreciated. Here is my vpopmail logwatch OSSEChttp://www.ossec.net/ OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Regards Constantin - E-mail Notification == OSSEC HIDS Notification. 2009 Aug 28 14:09:22 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:09:20 mail vpopmail[5529]: vchkpw-pop3: vpopmail user not found test@:62.20.103.103 Aug 28 14:09:20 mail vpopmail[5526]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 .. Aug 28 14:09:17 mail vpopmail[5501]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 Aug 28 14:09:16 mail vpopmail[5497]: vchkpw-pop3: vpopmail user not found support@:62.20.103.103 --- OSSEC HIDS Notification. 2009 Aug 28 14:19:56 Received From: mail-/var/log/maillog Rule: 9952 fired (level 10) - POP3 brute force (email harvesting). Portion of the log(s): Aug 28 14:19:55 mail vpopmail[6175]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 Aug 28 14:19:55 mail vpopmail[6169]: vchkpw-pop3: vpopmail user not found backup@:62.20.103.103 . Aug 28 14:19:53 mail vpopmail[6147]: vchkpw-pop3: vpopmail user not found demo@:62.20.103.103 Aug 28 14:19:53 mail vpopmail[6144]: vchkpw-pop3: vpopmail user not found news@:62.20.103.103 --- active-responses.log Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:09:22 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:52 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251457762.234301 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/host-deny.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:19:56 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh add - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/host-deny.sh delete - 62.20.103.103 1251458396.242407 9952 Fri Aug 28 14:30:26 EEST 2009 /var/ossec/active-response/bin/firewall-drop.sh delete - 62.20.103.103 1251458396.242407 9952
RE: [qmailtoaster] Email tagged as SPAM - automatically move to spam folder
Just to mention it, i just upgraded the kernel to 2.6.18-128.4.1.el5xen Centos 5.3 no problems booting it. Autoboots in 3 seconds as default, I have not touched the grubloader. But I still have the same problem installing this sandbox stuff. I managed to upgrade rest of the QMT, so it is latest now, except sandbox.. No spam folder in squirrelmail. Error log building aufs: local.mk:14: could not find kernel config file. internal auto-config may fail make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: too many arguments make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: too many arguments make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: -ge: unary operator expected make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: -ge: unary operator expected make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: -ge: unary operator expected make CONFIG_AUFS=m AUFS_EXTRA_CFLAGS=-I /opt/qmailtoaster-plus/src/aufs/include -DCONFIG_AUFS_BRANCH_MAX_127 -DCONFIG_AUFS_RR_SQUASHFS -DCONFIG_AUFS_DEBU$ make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. make: *** [clean] Error 2 local.mk:14: could not find kernel config file. internal auto-config may fail make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: too many arguments make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: too many arguments make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: -ge: unary operator expected make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: -ge: unary operator expected make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: -ge: unary operator expected fs/aufs make CONFIG_AUFS=m AUFS_EXTRA_CFLAGS=-I /opt/qmailtoaster-plus/src/aufs/include -DCONFIG_AUFS_BRANCH_MAX_127 -DCONFIG_AUFS_RR_SQUASHFS -DCONFIG_AUFS_DEBU$ make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. make: *** [fs/aufs/aufs.ko] Error 2 -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: 24. august 2009 20:43 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Email tagged as SPAM - automatically move to spam folder Very strange. Perhaps there's something else going on with that hard drive that we're not seeing. Any other partitions on it? Was there ever any other boot loader on it? Are/can you seeing the grub boot menu when it boots? What does it list? I might try reinstalling grub in the mbr, but only after I thought there was some reason it might fix something. This definitely sounds like a grub misconfiguration issue. (duh) Maxwell Smart wrote: The /boot/grub/grub.conf file reads the same. The other 2 are both symlinks as expected. It has been rebooted and is still loading the old kernel. I also removed the lines in the grub.conf file referring to the -92 kernel and it still boots to the -92 kernel. [r...@mail ~]# rpm -qa kernel kernel-2.6.18-128.1.10.el5 kernel-2.6.18-92.1.13.el5 kernel-2.6.18-128.2.1.el5 kernel-2.6.18-128.4.1.el5 kernel-2.6.18-92.1.22.el5 Eric Shubert wrote: Maxwell Smart wrote: Eric, Everything worked as expected. Glad to hear it. However, I have a second mail server that I just updated and wanted to install all of the latest updates. It required I update the kernel. I updated the kernel, but it still boots to the previous kernel. How do I change the default kernel that it boots to? This will allow me to update the simscan and install the Spamdyke making both of my servers identical. I know it's late, but theses look all the same to me. How do I know which one is default=0? Default=0 is the first one listed correct? Correct. Grub is consistently relative to zero. uname -a output Linux mail.area510.net 2.6.18-92.1.13.el5 #1 SMP Wed Sep 24 19:33:52 EDT 2008 i686 athlon i386 GNU/Linux grub.conf #boot=/dev/hda default=0 timeout=5 splashimage=(hd0,0)/boot/grub/splash.xpm.gz hiddenmenu title CentOS (2.6.18-128.4.1.el5) root (hd0,0) kernel /boot/vmlinuz-2.6.18-128.4.1.el5 ro root=LABEL=/ initrd /boot/initrd-2.6.18-128.4.1.el5.img title CentOS (2.6.18-128.2.1.el5) root (hd0,0) kernel /boot/vmlinuz-2.6.18-128.2.1.el5 ro root=LABEL=/ initrd /boot/initrd-2.6.18-128.2.1.el5.img title CentOS (2.6.18-128.1.10.el5) root (hd0,0) kernel /boot/vmlinuz-2.6.18-128.1.10.el5 ro root=LABEL=/ initrd
RE: [qmailtoaster] Email tagged as SPAM - automatically move to spam folder
Not sure what you are trying to tell me here.. -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: 24. august 2009 22:28 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Email tagged as SPAM - automatically move to spam folder Is that the right package? Is there a different devel package for the xen kernel? Ole N.Johansen wrote: Yes, Installed Packages Name : kernel-devel Arch : i686 Version: 2.6.18 Release: 128.4.1.el5 Size : 15 M Repo : installed Summary: Development package for building kernel modules to match the kernel. Also rebooted the box just incase, same error -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: 24. august 2009 21:38 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Email tagged as SPAM - automatically move to spam folder Have you installed the -devel package for your running kernel as Justice suggested? Ole N.Johansen wrote: Just to mention it, i just upgraded the kernel to 2.6.18-128.4.1.el5xen Centos 5.3 no problems booting it. Autoboots in 3 seconds as default, I have not touched the grubloader. But I still have the same problem installing this sandbox stuff. I managed to upgrade rest of the QMT, so it is latest now, except sandbox.. No spam folder in squirrelmail. Error log building aufs: local.mk:14: could not find kernel config file. internal auto-config may fail make: *** /lib/modules/2.6.18-128.4.1.el5xen/build: No such file or directory. Stop. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Email tagged as SPAM - automatically move to spam folder
Thanks guys. But i still have a hard time to actual get the QMT upgraded to new qtp model. See thread Centos 5.3 and qtp new model _ From: Jake Vickers [mailto:j...@qmailtoaster.com] Sent: 23. august 2009 06:03 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Email tagged as SPAM - automatically move to spam folder Ole N.Johansen wrote: Hello, Is there any possibilities to make spamassassin/qmail to automatical move all incoming emails who is tagged as SPAM to spam folder in Squirrelmail/Horde? Tips and pinpoints are welcome :-) B/R Ole J These instructions are the on the wiki: http://wiki.qmailtoaster.com/index.php/FAQs#I_upgraded_my_QmailToaster_to_th e_latest_and_I_no_longer_have_the_.22Spam_Detection.22_box_in_Qmailadmin. I also covered this in a couple videos. I specifically know I talked about it in this one: http://video.qmailtoaster.com/video/how-to-filter-mail-on-server.html You can view all of the videos at http://video.qmailtoaster.com
RE: [qmailtoaster] Centos 5.3 and qtp new model
I am at the point trying to install stuff manually. Just saw the change Eric said and done so, but it result in this error: local.mk:14: could not find kernel config file. internal auto-config may fail make: *** /lib/modules/2.6.18-8.1.3.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: too many arguments make: *** /lib/modules/2.6.18-8.1.3.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: too many arguments make: *** /lib/modules/2.6.18-8.1.3.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: -ge: unary operator expected make: *** /lib/modules/2.6.18-8.1.3.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: -ge: unary operator expected make: *** /lib/modules/2.6.18-8.1.3.el5xen/build: No such file or directory. Stop. /bin/sh: line 0: test: -ge: unary operator expected . make CONFIG_AUFS=m AUFS_EXTRA_CFLAGS=-I /opt/qmailtoaster-plus/src/aufs/include -DCONFIG_AUFS_BRANCH_MAX_127 -DCONFIG_AUFS_RR_SQUASHFS -DCONFIG_AUFS_DEBUG -DC$ make: *** /lib/modules/2.6.18-8.1.3.el5xen/build: No such file or directory. Stop. make: *** [fs/aufs/aufs.ko] Error 2 .. The error list is a bit longer , but I copy paste the errors. Ole -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: 22. august 2009 01:12 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Centos 5.3 and qtp new model Hmmm. I have perl-Mail-SPF-2.006-1.el5.rf perl-Mail-SPF-Query-1.999.1-2.el5.rf I wonder why your yum is trying to install perl-Mail-SPF-Query-1.999.1-1.2.el5.rf I show the conflicting files as being owned by perl-Mail-SPF, so I think I'd simply remove perl-Mail-SPF-Query from the list in qtp-newmodel and try again. I honestly don't know what the deal is witht this. You might do some googling for us to see what you can find out. ;) Ole N.Johansen wrote: Same error after yum clean all.. yum clean all Loading installonlyn plugin Cleaning up Everything Transaction Summary = Install 18 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 1.2 M Downloading Packages: (1/1): perl-TimeDate-1.16 100% |=| 32 kB00:00 Running Transaction Test Finished Transaction Test Transaction Check Error: file /usr/bin/spfquery conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf file /usr/share/man/man1/spfquery.1.gz conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf Error Summary - qtp-newmodel - installation of dependent packages failed, exiting -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: 22. august 2009 00:01 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Centos 5.3 and qtp new model The perl-Mail-SPF-Query package it's complaining about isn't the latest. # yum clean all then rerun. Ole N.Johansen wrote: rpm -qf /usr/bin/spfquery file /usr/bin/spfquery is not owned by any package rpm -qf /usr/share/man/man1/spfquery.1.gz error: file /usr/share/man/man1/spfquery.1.gz: No such file or directory rpm -qa | grep perl-Mail-SPF-Query (nothing shows up) -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: 21. august 2009 23:16 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Centos 5.3 and qtp new model Please show results of: # rpm -qf /usr/bin/spfquery # rpm -qf /usr/share/man/man1/spfquery.1.gz # rpm -qa | grep perl-Mail-SPF-Query Ole N.Johansen wrote: Hello, Get this problem: Transaction Check Error: file /usr/bin/spfquery conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf file /usr/share/man/man1/spfquery.1.gz conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf Error Summary - qtp-newmodel - installation of dependent packages failed, exiting I am running Centos 5.3 - upgraded from 5.2x by yum, anyone with an idea to svolve this? Thanks B/R Ole J -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list
RE: [qmailtoaster] Centos 5.3 and qtp new model
I am attempting manually install files need. Any one who can point me to how to get the module perl(version) ? -Original Message- From: Ole N.Johansen [mailto:ole.johan...@cryonix.no] Sent: 22. august 2009 00:54 To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Centos 5.3 and qtp new model Same error after yum clean all.. yum clean all Loading installonlyn plugin Cleaning up Everything Transaction Summary = Install 18 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 1.2 M Downloading Packages: (1/1): perl-TimeDate-1.16 100% |=| 32 kB00:00 Running Transaction Test Finished Transaction Test Transaction Check Error: file /usr/bin/spfquery conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf file /usr/share/man/man1/spfquery.1.gz conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf Error Summary - qtp-newmodel - installation of dependent packages failed, exiting -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: 22. august 2009 00:01 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Centos 5.3 and qtp new model The perl-Mail-SPF-Query package it's complaining about isn't the latest. # yum clean all then rerun. Ole N.Johansen wrote: rpm -qf /usr/bin/spfquery file /usr/bin/spfquery is not owned by any package rpm -qf /usr/share/man/man1/spfquery.1.gz error: file /usr/share/man/man1/spfquery.1.gz: No such file or directory rpm -qa | grep perl-Mail-SPF-Query (nothing shows up) -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: 21. august 2009 23:16 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Centos 5.3 and qtp new model Please show results of: # rpm -qf /usr/bin/spfquery # rpm -qf /usr/share/man/man1/spfquery.1.gz # rpm -qa | grep perl-Mail-SPF-Query Ole N.Johansen wrote: Hello, Get this problem: Transaction Check Error: file /usr/bin/spfquery conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf file /usr/share/man/man1/spfquery.1.gz conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf Error Summary - qtp-newmodel - installation of dependent packages failed, exiting I am running Centos 5.3 - upgraded from 5.2x by yum, anyone with an idea to svolve this? Thanks B/R Ole J -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Centos 5.3 and qtp new model
Hello, Get this problem: Transaction Check Error: file /usr/bin/spfquery conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf file /usr/share/man/man1/spfquery.1.gz conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf Error Summary - qtp-newmodel - installation of dependent packages failed, exiting I am running Centos 5.3 - upgraded from 5.2x by yum, anyone with an idea to svolve this? Thanks B/R Ole J
RE: [qmailtoaster] Centos 5.3 and qtp new model
rpm -qf /usr/bin/spfquery file /usr/bin/spfquery is not owned by any package rpm -qf /usr/share/man/man1/spfquery.1.gz error: file /usr/share/man/man1/spfquery.1.gz: No such file or directory rpm -qa | grep perl-Mail-SPF-Query (nothing shows up) -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: 21. august 2009 23:16 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Centos 5.3 and qtp new model Please show results of: # rpm -qf /usr/bin/spfquery # rpm -qf /usr/share/man/man1/spfquery.1.gz # rpm -qa | grep perl-Mail-SPF-Query Ole N.Johansen wrote: Hello, Get this problem: Transaction Check Error: file /usr/bin/spfquery conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf file /usr/share/man/man1/spfquery.1.gz conflicts between attempted installs of perl-Mail-SPF-2.006-1.el5.rf and perl-Mail-SPF-Query-1.999.1-1.2.el5.rf Error Summary - qtp-newmodel - installation of dependent packages failed, exiting I am running Centos 5.3 - upgraded from 5.2x by yum, anyone with an idea to svolve this? Thanks B/R Ole J -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Firewall.sh
Hello List, I need som help regarding iptables/firewall.sh I have multiple virtual ipadresses, all official ip addresses. ( 5 ip adr total) I need to add those into the iptables and make the iptables to work as usual, open for ssh, ftp, http, https, imap, pop3, smtp, submission, port 1, port 2, port 3 Yes I have googled it and just getting more confused. I have tested abit but just keep locking up my connectivity to the centos box. Thanks for input. Best Regards Ole J
RE: [qmailtoaster] Firewall.sh
Thanks, I figured it out with the help of Eric. Just added a few more variables and it works good. Ole _ From: Aleksander Podsiadly [mailto:a...@westside.kielce.pl] Sent: 31. juli 2009 19:16 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Firewall.sh W dniu 31.07.2009 10:14, Ole N.Johansen pisze: Hello List, I need som help regarding iptables/firewall.sh I have multiple virtual ipadresses, all official ip addresses. ( 5 ip adr total) I need to add those into the iptables and make the iptables to work as usual, open for ssh, ftp, http, https, imap, pop3, smtp, submission, port 1, port 2, port 3 Yes I have googled it and just getting more confused. I have tested abit but just keep locking up my connectivity to the centos box. Thanks for input. Best Regards Ole J http://lartc.org/ -- Pozdrawiam / Regards, Aleksander Podsiadły mail: a...@westside.kielce.pl jid: a...@jabber.westside.kielce.pl ICQ: 201121279 gg: 9150578
RE: [qmailtoaster] error 5.5.3
Use submission port 587 _ From: Sysadmin [mailto:sysad...@tricubemedia.com] Sent: 6. januar 2009 23:35 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] error 5.5.3 Yes to all, The clients are varied, Outlook express, Outlook, Macintosh Mail, Microsoft Entourage ( OSX ) All have smtp authentication set to User name Password ssl is not enabled. I do remember that some ISP`s block port 25, Can qmail be set with an additional port eg: 225 I also run a Communigate test server, and have enabled port 225 , as a test and it works for ISP`s that block port 25. Thanks madmac
Re: [qmailtoaster] slow pop login
Hello, I got the same problem, hw/sw: fujitsu-siemens xeon server. 2x250gb hw raid-1 1GB ram Centos 5 installed as QT advises QT installed successfully with djbdnscache everything works except 60seconds+++ for login via pop3 ( telnet LAN-IP 110 ) If i do telnet localhost 110, it answer as it should. Iptables and Selinux is disabled. But POP3 with SSL works as it should. Ideas? B/R Ole Johansen On Mon, April 30, 2007 15:28, Firdaus Tjahyadi wrote: Dear All i'v been upgrade my qmailtoaster rpm -qa | grep toaster vpopmail-toaster-5.4.17-1.3.4mdk control-panel-toaster-0.5-1.3.4mdk vqadmin-toaster-2.3.4-1.3.3mdk qmail-pop3d-toaster-1.03-1.3.15mdk autorespond-toaster-2.0.4-1.3.3mdk maildrop-toaster-2.0.3-1.3.5mdk send-emails-toaster-0.5-1.3.2mdk qmailtoaster-plus-0.2.2-1.3.4 daemontools-toaster-0.76-1.3.3mdk libsrs2-toaster-1.0.18-1.3.3mdk ezmlm-cgi-toaster-0.53.324-1.3.3mdk maildrop-toaster-devel-2.0.3-1.3.5mdk spamassassin-toaster-3.1.8-1.3.8mdk clamav-toaster-0.90.1-1.3.13mdk ucspi-tcp-toaster-0.88-1.3.5mdk courier-imap-toaster-4.1.2-1.3.7mdk libdomainkeys-toaster-0.68-1.3.3mdk qmailadmin-toaster-1.2.11-1.3.4mdk isoqlog-toaster-2.1-1.3.4mdk ripmime-toaster-1.4.0.6-1.3.3mdk qmail-toaster-1.03-1.3.15mdk courier-authlib-toaster-0.59.2-1.3.6mdk qmailmrtg-toaster-4.2-1.3.3mdk simscan-toaster-1.3.1-1.3.6mdk ezmlm-toaster-0.53.324-1.3.3mdk squirrelmail-toaster-1.4.9a-1.3.6mdk but after i upgrade i have my pop login is very slow it need 60s to login telnet mail.dic.co.id 110 Trying 203.130.226.18... Connected to mail.dic.co.id (203.130.226.18). Escape character is '^]'. +OK [EMAIL PROTECTED] quit +OK Connection closed by foreign host. i have set caching nameserver what should i do to solve this problem ? thanks regards -- Mvh Ole N.Johansen System Administrator Cryonix Data Systems [EMAIL PROTECTED] | SKYPE-cryonix.no | Cell nbr.+47 95102821 ] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] slow pop login
It is before the greeting. I see when i remote ssh into the box from another computer it is taking some time to get logged in. I am doing a little bit of tcpdumping to see if i can figure whats wrong. I have tried everything you mention i think, i will double check. Thanks for your ideas/comments On Mon, April 30, 2007 23:16, Joseph Lundgren wrote: Ole, Where does the stall occur? Before the server sends its greeting, or afterwards? If the stall happens before the server sends its greeting, your problem is likely to be DNS. The server attempts to perform a reverse DNS lookup on the IP address you are connecting from. If your DNS is misconfigured, it will cause this step to go (VERY) slowly. telnet mail.domain.tld 110 Trying xxx.xxx.xxx.xxx... Connected to mail.domain.tld. Escape character is '^]'. +OK [EMAIL PROTECTED] server greeting user [EMAIL PROTECTED] +OK pass 12345 -ERR authorization failed Connection closed by foreign host. Generally, your '/etc/resolv.conf' file should have your localhost IP address (or 0.0.0.0, you choose) as the first line, followed by your forwarders, like so (where xxx.xxx.xxx.xxx are the IP addresses of other nameservers). nameserver 127.0.0.1 nameserver xxx.xxx.xxx.xxx nameserver xxx.xxx.xxx.xxx I always modify the '/etc/hosts' file as well, to put the FQDN of the server on a line with its own IP address (not localhost's IP address), like so: # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost xxx.xxx.xxx.xxx mail.domain.tld mail If the stall happens after you submit your username and password, the problem lies elsewhere. Where --- I don't know. Sincerely, -- Joseph Lundgren Systems Engineer Peak Internet, LLC [EMAIL PROTECTED] -Original Message- From: Ole N.Johansen [mailto:[EMAIL PROTECTED] Sent: Monday, April 30, 2007 8:23 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] slow pop login Hello, I got the same problem, hw/sw: fujitsu-siemens xeon server. 2x250gb hw raid-1 1GB ram Centos 5 installed as QT advises QT installed successfully with djbdnscache everything works except 60seconds+++ for login via pop3 ( telnet LAN-IP 110 ) If i do telnet localhost 110, it answer as it should. Iptables and Selinux is disabled. But POP3 with SSL works as it should. Ideas? B/R Ole Johansen On Mon, April 30, 2007 15:28, Firdaus Tjahyadi wrote: Dear All i'v been upgrade my qmailtoaster rpm -qa | grep toaster vpopmail-toaster-5.4.17-1.3.4mdk control-panel-toaster-0.5-1.3.4mdk vqadmin-toaster-2.3.4-1.3.3mdk qmail-pop3d-toaster-1.03-1.3.15mdk autorespond-toaster-2.0.4-1.3.3mdk maildrop-toaster-2.0.3-1.3.5mdk send-emails-toaster-0.5-1.3.2mdk qmailtoaster-plus-0.2.2-1.3.4 daemontools-toaster-0.76-1.3.3mdk libsrs2-toaster-1.0.18-1.3.3mdk ezmlm-cgi-toaster-0.53.324-1.3.3mdk maildrop-toaster-devel-2.0.3-1.3.5mdk spamassassin-toaster-3.1.8-1.3.8mdk clamav-toaster-0.90.1-1.3.13mdk ucspi-tcp-toaster-0.88-1.3.5mdk courier-imap-toaster-4.1.2-1.3.7mdk libdomainkeys-toaster-0.68-1.3.3mdk qmailadmin-toaster-1.2.11-1.3.4mdk isoqlog-toaster-2.1-1.3.4mdk ripmime-toaster-1.4.0.6-1.3.3mdk qmail-toaster-1.03-1.3.15mdk courier-authlib-toaster-0.59.2-1.3.6mdk qmailmrtg-toaster-4.2-1.3.3mdk simscan-toaster-1.3.1-1.3.6mdk ezmlm-toaster-0.53.324-1.3.3mdk squirrelmail-toaster-1.4.9a-1.3.6mdk but after i upgrade i have my pop login is very slow it need 60s to login telnet mail.dic.co.id 110 Trying 203.130.226.18... Connected to mail.dic.co.id (203.130.226.18). Escape character is '^]'. +OK [EMAIL PROTECTED] quit +OK Connection closed by foreign host. i have set caching nameserver what should i do to solve this problem ? thanks regards -- Mvh Ole N.Johansen System Administrator Cryonix Data Systems [EMAIL PROTECTED] | SKYPE-cryonix.no | Cell nbr.+47 95102821 ] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mvh Ole N.Johansen System Administrator Cryonix Data Systems [EMAIL PROTECTED] | SKYPE-cryonix.no | Cell nbr.+47 95102821 ] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED
Re: [qmailtoaster] Need help with spam
Hello, I got the same problem whateverthis spam is. It has been sent as plain text message only. Thanks for any ideas, B/R Ole J Copy of content: --- Symbol: MXXR Current price: Around $0.018 Short Term Target:$0.10 Long Term Target: $0.45 Results from MXXR's latest drilling will be announced very soon. Excitement is building, and the inside word is that the results will exceed expectations! In order to benefit from this lucrative opportunity you need to get in now, before the big news release. There's still time, but not much. The news could be out as early as Tuesday, November 13th. THIS is the one you've been waiting for! Do yourself a favor and make that big score! - On Tue, November 14, 2006 00:56, Jake Vickers wrote: Ryan Gibbons wrote: My server (not just my domain) is getting hit hard with spam related to stock quotes. It is plan text, no links no html, and of course the envlope changes each time. I have go through with sa-learn and try to mark them individually but they are still getting through, some are even being learned as ham b/c they are generated a score of over -3, (*note to self, I might want to bump that up) and very few are being marked anything lower then 3. On overage, it is coming across as zero. Thunderbird sees it has spam, so it is possible to catch these, I just don't know enough about spamassassin to create a rule set to catch it. I use rules de jour and moderate RBL block list. Anybody have any hits, If you want to see the message, let me know and I can put it up here. Look on the rulesemporium website for the stock list, which plugs into Rules du Jour. That should catch them for you. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]