Re: [qmailtoaster] Roundcube - Out of office / auto reply

2024-05-20 Thread Quinn Comendant 
> On May 20, 2024, at 09:59, Remo Mattei  wrote:
> 
> was just to talk to him in Italian :)

奈

Re: [qmailtoaster] Rocky 9 Migration

2024-02-23 Thread Quinn Comendant 



On 23 Feb 2024, at 9:10, Gary Bowling wrote:

LoadModule php5\_module modules/libphp5.so  



On my Rocky 9 box, this file does not exist and I cannot find that it 
is even suppose to exist. But I'm not sure how php is suppose to work 
on Apache without it.


Hi Gary,

Glad you worked it out, but just in case you're curious, the reason you 
can't find a `libphp5.so` or `libphp8.so` file is because with PHP 7 and 
8 the preferred way to execute php scripts is via PHP-FPM, and most 
distros will install PHP this way by default. PHP-FPM has much better 
performance and security, and most PHP apps will run fine without 
modification. The apache configuration to use PHP-FPM is somewhat 
different, as you discovered.


Quinn

Re: [qmailtoaster] Status of Domain Keys in QMT

2023-10-01 Thread Quinn Comendant 
Aha, that's why I was confused: I was conflating the two. I remember 
seeing that there was a working version of DKIM, but got confused by the 
Disabling_Domain_Keys wiki page. (Updating that page to mention 
“Domain Keys has been replaced by DKIM” with a link to the dkim.html 
page might help others who got lost like me).


Thanks Eric!

Regards,
Quinn

On 1 Oct 2023, at 15:08, Eric Broch wrote:

Domain Keys <https://en.wikipedia.org/wiki/DomainKeys> has been 
removed from Qmail Toaster in later versions under EL 7 and completely 
in EL 8/9.


DKIM is used instead. It is not a part of the sources but signing is 
done by a perl wrapper around qmail-remote. See here 
<https://qmailtoaster.org/dkim.html> .


DKIM checking can be done by either spamassassin or rspam and is not 
necessary in QT.



On 10/1/2023 12:18 PM, Quinn Comendant wrote:

Hi all,

What is the current status of Domain Keys in QMT? I've been following 
the advice given 
in<http://wiki.qmailtoaster.com/index.php/Disabling_Domain_Keys>  
(“Unfortunately, domain keys are broken in Toaster. It's 
recommended that you
disable them for the time being.”), but wonder if there has been 
movement to fix this? Anybody get DKIM working?


Also, I noticed during a recent upgrade the `qmail-queue` symlink was 
pointing to `qmail-dk` by default; I thought by default it would go 
to `qmail-queue.orig` (the page above writes, "This will be disabled 
in future releases anyway").


Regards,
Quinn

-
To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, 
e-mail:qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Status of Domain Keys in QMT

2023-10-01 Thread Quinn Comendant 
Hi all,

What is the current status of Domain Keys in QMT? I've been following the 
advice given in  
(“Unfortunately, domain keys are broken in Toaster. It's recommended that you 
disable them for the time being.”), but wonder if there has been movement to 
fix this? Anybody get DKIM working?

Also, I noticed during a recent upgrade the `qmail-queue` symlink was pointing 
to `qmail-dk` by default; I thought by default it would go to 
`qmail-queue.orig` (the page above writes, "This will be disabled in future 
releases anyway").

Regards,
Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] rocky 9 from centOS 7 suggestions?

2023-03-10 Thread Quinn Comendant 

On 10 Mar 2023, at 11:16, Gary Bowling wrote:

What's the status these days of a repository that "just works" for 
installing the toaster?


I'd love an update on this too. I'm planning an upgrade to Rocky 9 this 
year as well.


I'm a developer, so not afraid of scripts, but had assumed that QMT was 
now meant to be installable via a simple `yum install`. I have no idea 
where to find the “Eric's install script” mentioned by Finn. 﫣


Quinn

Re: [qmailtoaster] Outlook users get "unsupported encryption type" error after Windows update

2022-10-24 Thread Quinn Comendant 
Hi Andreas,

I've had some users report this as well. Previously, they were getting this 
same error when receiving mail; upgrading to Dovecot (from Courier) resolved 
that. Now the issue seems to also exist with qmail-smtp.

I'm not sure what is broken, because connections to port 587 support TLSv1.2 
with modern ciphers, and I get a decent score with www.immuniweb.com.

For the moment, I've simply offered an alternative SMTP server for users who 
are having trouble sending (which, for now, is limited to just a few people in 
one office).

Anyone have suggestions why some versions of Outlook on Windows can't establish 
encrypted connection to qmail-smtp?

Quinn

On 24 Oct 2022, at 6:12, Andreas wrote:

> Hi list,
>
> I have read the discussion and fix.
> I have installed dovecot--2.3.19.1-2.x86_64 and
> dovecot-mysql-2.3.19.1-2.x86_64
> on RockyLinux 8
>
> Since last update on Microsoft and Outlook they cannot send emails.
>
> In the log I dont see any error, on the client:
> Task "myuser@... - Sending: reported error (Ox800CCC1A) :
> 'Your server does not support the connection encryption type you have
> specified. Try changing the encryption method. Contact your mail server
> administrator or internet service provider (ISP) for additional assistance.'
>
>
> Do you have any advice how I could change the server settings?
>
> Andreas
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] UIDVALIDITY value changed during Courier-to-Dovecot migration

2022-10-19 Thread Quinn Comendant 

On 19 Oct 2022, at 0:41, Quinn Comendant wrote:
The so-called UIDVALIDITY value of the mailbox “INBOX” has 
changed. MailMate has to resynchronize the mailbox, that is, purge 
the local cache and refetch the messages of the mailbox.


I think this may have been caused by the mailboxes actually being 
different between the production and test servers:


1. I cloned my mail server `prod.example.com` to `test.example.com`.
2. I migrated Courier to Dovecot on `test.example.com`.
3. I added an account to my IMAP client to connect to `prod.example.com` 
and downloaded mail.
4. To simulate migration, I just edited my IMAP client settings to 
change `prod.example.com` to `test.example.com`, but in the meantime the 
Maildir contents on prod changed, causing the UIDVALIDITY to change.


Is that a likely explanation?

Quinn

[qmailtoaster] UIDVALIDITY value changed during Courier-to-Dovecot migration

2022-10-18 Thread Quinn Comendant 
I've done a test upgrade of a cloned server from Courier to Dovecot. So 
far, it's working well with most email clients, but when I reconfigure 
MailMate to connect to the new server, it gives me this error 
([screenshot](https://send.strangecode.com/f/screen-shot-2022-10-18-at-23-51-55.png)):


The so-called UIDVALIDITY value of the mailbox “INBOX” has 
changed. MailMate has to resynchronize the mailbox, that is, purge the 
local cache and refetch the messages of the mailbox.


I'm pretty sure I ran the 
[courier-dovecot-migrate.pl](https://raw.githubusercontent.com/dovecot/tools/main/courier-dovecot-migrate.pl) 
script successfully.


I'm connecting via IMAP, so I don't think the `pop3_uidl_format` config 
option comes into play here. Anyways, the [Dovecot migration 
guide](https://wiki1.dovecot.org/Migration/Courier) says: *“With the 
v1.1+ migration script you can use any pop3_uidl_format, because the 
UIDLs are stored directly in the dovecot-uidlist file.”*.


I just let MailMate resynchronize my test mailbox, and it worked fine 
after that (it only asked me to do it once). However, I would like to 
prevent any of our users having to resynchronize mailboxes, if possible.


Regards,
Quinn

Re: [qmailtoaster] Outlook users get "unsupported encryption type" error after Windows update

2022-10-17 Thread Quinn Comendant 

On 13 Oct 2022, at 12:12, Jeff Koch wrote:

I think this would indicate that our Dovecot IMAP supports TLSv1.2 and 
should work with the Outlook updates. Am I missing something?


FWIW, I applied [Janno Sannik's 
patch](https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg43073.html) 
to enable TLS 1.2 in Courier 4.1, after which testssl.sh reported that 
TLS 1.2 is working correctly. However, some of our users still reported 
errors using Outlook. So, the issue doesn't seem to be as simple as 
enabling TLS 1.2?


I'm currently working to replace Courier with Dovecot, since you 
mentioned the latest Dovecot version works for you.


Quinn

Re: [qmailtoaster] Outlook users get "unsupported encryption type" error after Windows update

2022-10-13 Thread Quinn Comendant 

On 13 Oct 2022, at 12:12, Jeff Koch wrote:

I think this would indicate that our Dovecot IMAP supports TLSv1.2 and 
should work with the Outlook updates.


Yes, looks like a successful TLS 1.2 connection.

When testing with openssl, I would add the `-tls1_2` option to force use 
of that protocol:


openssl s_client -connect example.com:993 -tls1_2

Also test submission on port 587 (and you can try testing smtp on port 
25, although most networks block outgoing port 25 so you might not get a 
valid result):


openssl s_client -connect example.com:587 -starttls smtp -tls1_2



Although, I like to use https://testssl.sh/ (`brew install testssl` on 
macOS) which gives easier to understand and more thorough results:


Test submission (with STARTTLS on port 587):

testssl.sh -t smtp mx.strangecode.com:587

Test imap (with SSL-only on port 993):

testssl.sh example.com:993

Quinn

Re: [qmailtoaster] Outlook users get "unsupported encryption type" error after Windows update

2022-10-13 Thread Quinn Comendant 
The Windows system update on October 11, 2021 included a change to 
disable TLS 1.0 and 1.1 by default.


- Windows blog post: [Plan for change: TLS 1.0 and TLS 1.1 soon to be 
disabled by 
default](https://blogs.windows.com/msedgedev/2020/03/31/tls-1-0-tls-1-1-schedule-update-edge-ie11/)
- Windows support article: [KB5017811—Manage Transport Layer Security 
(TLS) 1.0 and 1.1 after default behavior change on September 20, 
2022](https://support.microsoft.com/en-us/topic/kb5017811-manage-transport-layer-security-tls-1-0-and-1-1-after-default-behavior-change-on-september-20-2022-e95b1b47-9c7c-4d64-9baf-610604a64c3e)
- Blog post: [Windows 10: Beware of a possible TLS disaster on October 
2022 
patchday](https://borncity.com/win/2022/10/11/windows-10-achtung-vor-einem-mglichen-tls-desaster-zum-oktober-2022-patchday/)


Our QMT v1.3 system with this issue does support TLS 1.2 for smtp and 
submission, but Courier IMAP only supports up to TLS 1.0. Results via 
testssl.sh:


## smtp and submission

 SSLv2  not offered (OK)
 SSLv3  offered (NOT ok)
 TLS 1  offered (deprecated)
 TLS 1.1offered (deprecated)
 TLS 1.2offered (OK)
 TLS 1.3not offered and downgraded to a weaker protocol

## imap

 SSLv2  not offered (OK)
 SSLv3  not offered (OK)
 TLS 1  offered (deprecated)
 TLS 1.1not offered
 TLS 1.2not offered and downgraded to a weaker protocol
 TLS 1.3not offered and downgraded to a weaker protocol
 NPN/SPDY   not offered
 ALPN/HTTP2 not offered

Because the error should only occur when TLS 1.2 is not available, I 
think the `Ox800CCC1A` in Outlook occurs when doing an IMAP transaction.


[This 
thread](https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg43073.html) 
started by Janno Sannik a couple years ago contains some hints how to 
upgrade or replace Courier for better TLS support.


Quinn

[qmailtoaster] Outlook users get "unsupported encryption type" error after Windows update

2022-10-12 Thread Quinn Comendant 
Today we received several complaints from Outlook users who are unable 
to connect to QMT servers. They get this error:



Task "u...@example.com - Sending: reported error (Ox800CCC1A) :
'Your server does not support the connection encryption type you have
specified. Try changing the encryption method. Contact your mail 
server
administrator or internet service provider (ISP) for additional 
assistance.'


The error began after installing [Windows 10 servicing stack update - 
19042.1940, 19043.1940, and 
19044.1940](https://support.microsoft.com/en-us/topic/october-11-2022-kb5018410-os-builds-19042-2130-19043-2130-and-19044-2130-6390f057-28ca-43d3-92ce-f4b79a8378fd), 
and the problem was fixed by uninstalling the update.


Has anyone else experienced this, or know what the problem could be? I 
hope there is a config change I can make on QMT servers so that users 
will not need to uninstall the update.


Quinn

Re: [qmailtoaster] Best Config for new server

2022-01-20 Thread Quinn Comendant 
I will probably use Rocky when I rebuild my server, because it is one of the 
options on GCP, it has an EOL of June 2031.

Q

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Host email server on AWS cloud

2021-10-05 Thread Quinn Comendant 
Or don't send mail from AWS IP addresses at all; use a mail forwarding service 
such as MailChannels.

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Let's Encrypt "DST Root CA X3" expires today

2021-09-30 Thread Quinn Comendant 
On 30 Sep 2021 13:02:51, Quinn Comendant wrote:
> I have a RoundCube server that is now unable to connect to an IMAP 
> server (older qmailtoaster running couriertls). The error in the 
> imap4-ssl log is "sslv3 alert certificate expired".

I was able to solve this by updating the `ca-certificates` package on the 
server running RoundCube. `ca-certificates` version 2021.2.50–72 removes DST 
Root CA X3. https://access.redhat.com/errata/RHBA-2021:3649

Quinn

[qmailtoaster] Let's Encrypt "DST Root CA X3" expires today

2021-09-30 Thread Quinn Comendant 
Hello all,

The Let's Encrypt "DST Root CA X3" root certificate expired today, September 
30, 2021. 
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

For most users, this isn't an issue because the newer "ISRG Root X1" 
certificate is trusted on all new devices. Users with very old devices such as 
iOS < 10 will see certificate expiration errors.

You might want to check your server logs to see if there are "certificate 
expired" errors.

I'm having the following problem, and still searching for the solution:

I have a RoundCube server that is now unable to connect to an IMAP server 
(older qmailtoaster running couriertls). The error in the imap4-ssl log is 
"sslv3 alert certificate expired".

I'm unsure if this error is generated by the server, or the client. 

Courier is not using the "DST Root CA X3" certificate. I checked the file 
defined by `TLS_CERTFILE=/var/qmail/control/servercert.pem` and the 
certificates start with the "ISRG Root X1" certificate.

I'm guessing RoundCube isn't configured to trust this "ISRG Root X1" 
certificate, but I don't know where to find the configuration which tells 
RoundCube which certificates to trust, still searching…

Regards,
Quinn

Re: [qmailtoaster] dot-qmail files

2021-09-24 Thread Quinn Comendant 
You can find .qmail documentation at `man dot-qmail`.

I'd like to see your scripts, if you'd like to share.

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] 15 years later: Remote Code Execution in qmail (CVE-2005-1513)

2020-05-25 Thread Quinn Comendant 
Hi Chris,

Thanks for the analysis. My understanding is the same.

I think the main concern is regarding memory limits placed on qmail-local. I 
don't know how to apply softlimits there.

Quinn


On 26 May 2020 08:17:08, Chris wrote:
> I built my QMT a couple of years ago on CentOS 7, and spot checking I 
> see that softlimits are already applied in the following supervise 
> startup scripts:
> 
> /var/qmail/supervise/smtp/run
> /var/qmail/supervise/submission/run
> /var/qmail/supervise/smtps/run
> 
> Additionally, I have a reasonable value in 
> /var/qmail/control/databytes (I'm 99% certain that QMT sets a value 
> here by default.)
> 
> So, as far as I can tell, the RCE issues are already mitigated in 
> relatively recent QMT installs.  
> 
> If I am reading the CVE correctly, all of the RCE vulnerabilities can 
> be mitigated by having a reasonable value in 
> /var/qmail/control/databytes
> 
> Have you checked your deployed systems?
> 
> I need to dig into how qmail-local is being called, so I can figure 
> out whether it has softlimits yet, but I need to get my kids to 
> school.  :)
> 
> -Chris
> 
> On Tue, May 26, 2020 at 6:07 AM Quinn Comendant 
>  wrote:
>> Hello all,
>> 
>> I just came across this security bulletin that affects qmail:
>> https://www.qualys.com/2020/05/19/cve-2005-1513/remote-code-execution-qmail.txt
>> 
>> “TLDR: In 2005, three vulnerabilities were discovered in qmail but were
>> never fixed because they were believed to be unexploitable in a default
>> installation. We recently re-discovered these vulnerabilities and were
>> able to exploit one of them remotely in a default installation.”
>> 
>> If I understand correctly, it can be mitigated by:
>> 
>> - using softlimit to restrict process memory limit, even on qmail-local
>> - configure databytes to limit email message size.
>> 
>> or by applying the patches included in the article linked above. 
>> 
>> Is this patch something that should be included in QMT?
>> 
>> How to add soft limit to qmail-local?
>> 
>> Quinn

[qmailtoaster] 15 years later: Remote Code Execution in qmail (CVE-2005-1513)

2020-05-25 Thread Quinn Comendant 
Hello all,

I just came across this security bulletin that affects qmail:
https://www.qualys.com/2020/05/19/cve-2005-1513/remote-code-execution-qmail.txt

“TLDR: In 2005, three vulnerabilities were discovered in qmail but were
never fixed because they were believed to be unexploitable in a default
installation. We recently re-discovered these vulnerabilities and were
able to exploit one of them remotely in a default installation.”

If I understand correctly, it can be mitigated by:

- using softlimit to restrict process memory limit, even on qmail-local
- configure databytes to limit email message size.

or by applying the patches included in the article linked above. 

Is this patch something that should be included in QMT?

How to add soft limit to qmail-local?

Quinn

Re: [qmailtoaster] Does not support TLS

2018-06-15 Thread Quinn Comendant 
On Fri, 15 Jun 2018 10:47:55 +0700, Quinn Comendant wrote:
> And it's true, here's the capabilities shows in a SMTP connection:
> […]

Correction: it's indicated as available by the "STARTTLS" tag. ¯\_(ツ)_/¯

And indeed, now it seems to be working, I'm getting "Supports TLS". It must 
have been a glitch at mxtoolbox.com, although I tested over the course of a few 
days.

Thanks for confirming that it works correctly. :)

> If you have spamdkye installed it might have a delay. In 
> '/etc/spamdyke/spamdyke.conf' see 'greeting-delay-secs=XXX'. It's a 
> feature to mitigate spammers.

Oh, yes, I have greeting-delay-secs=5. :)

Thanks Eric!

Quinn

Re: [qmailtoaster] Does not support TLS

2018-06-14 Thread Quinn Comendant 
Another issue it reported is "SMTP Transaction Time: 15.174 seconds - Not good 
on Transaction Time". Is that an intentional delay due for "tar pitting"?

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Does not support TLS

2018-06-14 Thread Quinn Comendant 
I tested a server with mxtoolbox.com, and it gave an error that the server 
"Does not support TLS":

"Your SMTP email server does advertise support for TLS.  After connecting 
to your mail server we issue an EHLO command to introduce ourselves and to 
request that your server announce which commands and protocols it supports. 
Your server's response did not include "250-STARTTLS" indicating TLS support"

And it's true, here's the capabilities shows in a SMTP connection:

EHLO strangecode.com
250-mx.strangecode.com - Strangecode mail server
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 104857600
250 AUTH LOGIN PLAIN

Is this normal for a QMT?

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Discrepancy between vpopmail ↔︎ assign/vdominfo

2018-06-06 Thread Quinn Comendant 
On Tue, 5 Jun 2018 22:18:23 -0600, Eric Broch wrote:
> How do you manage vpopmail, by CLI, VQAdmin, qmailAdmin?

Always by CLI tools from /home/vpopmail/bin/*

Q


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Discrepancy between vpopmail ↔︎ assign/vdominfo

2018-06-05 Thread Quinn Comendant 
There is a QMT server with 136 domains. It has 136 domains in its vpopmail DB 
and 136 domains under /home/vpopmail/domains. 

However, the /var/qmail/users/assign file has 157 distinct domains, and 
vdominfo reports 155 domains. The /home/vpopmail/bin/* tools are used 
exclusively for managing accounts. There are 20 dirs specified in ./assign that 
don't exist on disk – these domains are defunct.

Somehow these got out of sync. 

It's clear I should just remove them from ./assign — right?

Is there awareness of a bug that causes this to happen?

Quinn


> mysql vpopmail -e 'select count(distinct pw_domain) from vpopmail'
136

> vpopbull -Vn 2>/dev/null | grep postmaster@ | wc -l
136

> find /home/vpopmail/domains -name Maildir -path **/postmaster/Maildir | wc -l
136

> cut -d: -f5 < /var/qmail/users/assign | sort | uniq | wc -l
157

> vdominfo | grep ^dir | sort | uniq | wc -l
155

> for l in $(< /var/qmail/users/assign); do d=$(cut -d: -f5 <<<$l); sudo test 
> -d $d || echo $d; done | wc -l
20

Re: [qmailtoaster] Too many /tmp/clamav-*.tmp [SOLVED]

2018-05-25 Thread Quinn Comendant 
On Thu, 24 May 2018 16:12:35 -0600, Eric Broch wrote:
> I think you should update ClamAV on your system. I while back there 
> was an issue with older ClamAV versions leaving orphaned file handles 
> on the system in the /tmp directory. The newer versions will resolve 
> this issue.

That's a good suggestion.

But I think I found the actual problem. /etc/clamd.conf had this setting:

LeaveTemporaryFiles yes

This should be set to "no". I must have changed this and forgotten. 

Quinn

Re: [qmailtoaster] Too many /tmp/clamav-*.tmp

2018-05-24 Thread Quinn Comendant 
On Thu, 24 May 2018 08:33:40 -0600, Eric Broch wrote:
> Is this issue resolved if you remove the call to the wrapper script?

Ok, I tried this, and it the number of tmp dirs is still increasing. I'll let 
it run like this for awhile to see if it improves. 

> Also, can you enable 'SIMSCAN_DEBUG=3' in tcp.smtp

Oh, that is a great tip! I've added SIMSCAN_DEBUG="3" to tcp.smtp. With the 
wrapper script still disabled, the debug output is, e.g.:

simscan: cdb looking up
simscan: cdb for  found clam=yes,spam=yes,spam_hits=4.9
simscan: pelookup clam = yes
simscan: pelookup spam = yes
simscan: pelookup spam_hits = 4.9
simscan: Per Domain Hits set to : 4.90
simscan: starting: work dir: /var/qmail/simscan/1527176945.140401.11605
simscan: pelookup: called with 
bounce-mc.us17_88783205.253539-hello=example@mail207.atl221.asdf.net
simscan: pelookup: domain is mail207.atl221.asdf.net
simscan: cdb looking up mail207.atl221.asdf.net
simscan: pelookup: local part is 
bounce-mc.us17_88783205.253539-hello=example.com
simscan: lpart: local part is **
simscan: lpart: local part is *bounce-*
simscan: lpart: local part is *bounce-mc.us17_88783205.253539-*
simscan: cdb looking up bou...@mail207.atl221.asdf.net
simscan: cdb looking up bounce-mc.us17_88783205.253...@mail207.atl221.asdf.net
simscan: cdb looking up 
bounce-mc.us17_88783205.253539-hello=example@mail207.atl221.asdf.net
simscan: pelookup: called with he...@example.com
simscan: pelookup: domain is example.com
simscan: cdb looking up example.com
simscan: pelookup: local part is hello
simscan: lpart: local part is **
simscan: cdb looking up he...@example.com
simscan: calling clamdscan
simscan: clamdscan: /var/qmail/simscan/1527176945.140401.11605: OK
simscan: clamdscan:
simscan: clamdscan: --- SCAN SUMMARY ---
simscan: clamdscan: Infected files: 0
simscan: clamdscan: Time: 0.093 sec (0 m 0 s)
simscan: cdb looking up version clamav
simscan: runned_scanners is  clamav: 0.98/m:58/d:24599
simscan: found 0.98/m:58/d:24599
simscan: normal clamdscan return code: 0
simscan: calling spamc
simscan: calling /usr/bin/spamc  spamc -u he...@example.com
simscan: cdb looking up version spam
simscan: runned_scanners is  clamav: 0.98/m:58/d:24599 spam: 3.3.2
simscan: found 3.3.2
simscan:[11565]:CLEAN 
(-1.10/4.90):1.4312s:=?utf-8?Q?=CE=A4=CE=9F=CE=92=CE=99=CE=92=CE=9B=CE=99=CE=9F=20#01=20=E2=80=93=20Video=2C=20=CE=AC=CF=81=CE=B8=CF=81=CE=B1=2C=20=CE=B2=CE=B9=CE=B2=CE=BB=CE=AF=CE=B1=20=28=CE=A7=CE=A1=CE=9F=CE=9D=CE=9F=CE=A3=2C=20=CE=9D=CE=95=CE=A6=CE=95=CE=9B=CE=97=29?=:198.2.139.207:bounce-mc.us17_88783205.253539-hello=example@mail207.atl221.asdf.net:he...@example.com
simscan: done, execing qmail-queue
simscan: qmail-queue exited 0

Q

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] wiki spam

2016-02-09 Thread Quinn Comendant 

I found this at
http://wiki.qmailtoaster.com/index.php?title=FAQs (see attached).

Q


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] email addresses beginning with a hyphen

2015-01-26 Thread Quinn Comendant 
We had a problem where users were receiving the output from `spam --help` as a 
message to their inbox. I discovered this was caused when a message was 
delivered to -u...@example.com (notice initial dash), which was passed to 
spamc as:

\_ /usr/bin/spamdyke --config-file /etc/spamdyke.conf […]
   \_ /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true
   \_ /var/qmail/bin/simscan
   \_ spamc -u -u...@example.com

It doesn't matter if the email address is provided as a quoted argument. Here's 
a test from the command line:

  {q@oak/0 ~} cat test.eml | spamc -u '-u...@example.com'
  Error in argument 3, char 2: argument required for option u
  SpamAssassin Client version 3.3.2
  compiled with SSL support (OpenSSL 1.0.1e-fips 11 Feb 2013)
  Usage: spamc [options] [-e command [args]]  message
  […]

An email address starting with a hyphen is valid according to RFCs, but in 
researching this I found many mail systems (e.g., Postfix) reject these 
addresses because of the danger of command-line-argument injection. It's also 
annoying for users of qmail + simscan + spamc + using a catchall, who receive 
the spamc usage message instead of the intended message.

The solution I found for qmail is just to block incoming (and outgoing) mail 
containing an envelope recipient starting with a dash by adding the following 
to /var/qmail/control/badmailto:

^-

That's it. 

Here's an earlier thread I started on the spamassassin list when I first 
discovered the problem: http://goo.gl/6vq6ps

-- 
Quinn Comendant
Strangecode, LLC
http://www.strangecode.com/
+1 530 636 2633 office
@com and @strangecode

[qmailtoaster] forwarding submission mail to alternate host

2014-11-25 Thread Quinn Comendant 
We have a customer who wants to use a Barracuda encryption service so they can 
be HIPAA compliant. They have requested that outgoing mail their office submits 
to our server on port 587 be forwarded to a barracuda network. I know qmail's 
`smtproutes` allows incoming mail for a domain to be routed to another host, 
but this requires the reverse of that: mail originating from a domain to be 
routed to another host. Is there an equivalent `submissionroutes` configuration?

Thanks,
Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] sslv3_alert_handshake_failure due to limited cipher-set in tlsserverciphers

2014-11-21 Thread Quinn Comendant 
I've been using a limited (hardened) set of SSL ciphers in tlsserverciphers, 
but have noticed today that there have been 13 delivery failures from our 
server in the past twenty days:


TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake_failure;_connected_to_174.127.104.86./

(This error corresponds to a delivery attempt to nob...@chicodesigns.com—the 
address doesn't go anywhere, so you're welcome to try it.)

I've been using the cipher set generated by `openssl ciphers 
'MEDIUM:HIGH:!SSLv2:!MD5:!RC4:!3DES'`. I changed this to all default ciphers 
listed by `openssl ciphers  /var/qmail/control/tlsserverciphers` and the 
message to the nobody@ address succeeds.

So—the question is, is it really worth using safer/stronger ciphers if mail 
deliverability suffers? Thirteen failures out of about 40,000 messages sent is 
a small amount, but this was an important client I was unable to send mail to, 
so I noticed personally. 

What are the risks of running the full cipher set? I can answer this myself: 
exposing risk to man-in-the-middle attacks, etc… So it certainly is a weighted 
concern. What d'y'all think?

Quinn

Re: [qmailtoaster] Re: shellshock and qmail

2014-11-04 Thread Quinn Comendant 
On Thu, 30 Oct 2014 19:09:44 -0700, Eric Shubert wrote:
 Not surprised that you missed it Quinn, but there was a post here on 
 9/25 about it. ;) Pretty serious vulnerability, but easily remedied.

Ok, glad it was brought up. I didn't see a match for shellshock in the QMT 
list archives. 

Q

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] shellshock and qmail

2014-10-30 Thread Quinn Comendant 
It hasn't been mentioned on this list yet so I thought I would bring it up: 
qmail exposes environment variables in a way that a vulnerable bash is 
susceptible to CVE-2014-6271  (aka shellshock).

If you have a patched bash, don't worry. If you haven't patched for this, do. 
This post includes a full explanation plus proof of exploit:

http://www.gossamer-threads.com/lists/qmail/users/138578

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Is spamdyke 5 production ready?

2014-10-27 Thread Quinn Comendant 
Is spamdyke 5 production ready? I notice the qtp-install-spamdyke script uses 
the 4.x branch.

BTW, in that script, I noticed these lines are wrapped, causing the comments to 
be left out of the generated conf files:

echo # These are words which will reject the sender
  $CONF_DIR/blacklist_keywords
echo # when matched in an rDNS name along with an IP address.
 $CONF_DIR/blacklist_keywords

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Disable SSLv3, POODLE: SSLv3 vulnerability

2014-10-24 Thread Quinn Comendant 
On Wed, 22 Oct 2014 20:01:54 +0300, Catalin Leanca wrote:
 For me , that command works.
 I also modified IMAPDSSLSTART=NO and IMAP_TLS_REQUIRED=1

Ok, so I've set those variable too, and still not working. Sorry to bother, but 
would you mind comparing your /etc/courier/imapd-ssl file with mine: 
https://cloudup.com/chc4iKGrrQD

When I run:
openssl s_client -state -nbio -connect oak2.strangecode.com:993

I get:
CONNECTED(0003)
turning on non blocking io
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A
write R BLOCK
SSL_connect:error in SSLv2/v3 read server hello A
read:errno=54

I'm using:
courier-imap-toaster-4.1.2-1.3.10.x86_64
courier-authlib-toaster-0.59.2-1.3.10.x86_64

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Disable SSLv3, POODLE: SSLv3 vulnerability

2014-10-24 Thread Quinn Comendant 
On Fri, 24 Oct 2014 13:53:24 +0545, Quinn Comendant wrote:
 On Wed, 22 Oct 2014 20:01:54 +0300, Catalin Leanca wrote:
 For me , that command works.
 I also modified IMAPDSSLSTART=NO and IMAP_TLS_REQUIRED=1

Also, isn't it a little confusing that courier is accepting connections on port 
993 at all if IMAPDSSLSTART=NO?

Q

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Disable SSLv3, POODLE: SSLv3 vulnerability

2014-10-24 Thread Quinn Comendant 
On Fri, 24 Oct 2014 14:09:46 +0545, Quinn Comendant wrote:
 On Fri, 24 Oct 2014 13:53:24 +0545, Quinn Comendant wrote:
 On Wed, 22 Oct 2014 20:01:54 +0300, Catalin Leanca wrote:
 For me , that command works.
 I also modified IMAPDSSLSTART=NO and IMAP_TLS_REQUIRED=1
 
 Also, isn't it a little confusing that courier is accepting 
 connections on port 993 at all if IMAPDSSLSTART=NO?

According to [1], port 993 should go away when IMAPSSLSTART=NO, but on my test 
rig it's still up and accepting connections:

{q@oak2/0} sudo netstat -ln | grep 993
tcp0  0 0.0.0.0:993 0.0.0.0:*   
LISTEN  

As as per my previous message openssl gets as far as beginning ssl 
negotiations. 

Another issue, the IMAP server isn't reporting the STARTTLS capability even 
though I have IMAPDSTARTTLS=YES:

[q@haywire/0] telnet oak2.strangecode.com 143
Trying 98.129.217.97...
Connected to oak2.strangecode.com.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT 
THREAD=REFERENCES SORT QUOTA IDLE] Courier-IMAP ready. Copyright 1998-2005 
Double Precision, Inc.  See COPYING for distribution information.


Quinn


[1] 
http://blog.edseek.com/~jasonb/articles/exim4_courier/courierimap.html#noimap2

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: How to fix DNS for Received: from unknown

2014-10-22 Thread Quinn Comendant 
On Tue, 21 Oct 2014 18:50:11 -0700, Eric Shubert wrote:
 Personally, I think that's information that doesn't need to be in the 
 message header (along with the authenticated user's account id, but 
 that's another matter).

Apparently, that info is important for SA. Here's my discussion on the SA users 
list that elicited this: http://goo.gl/icChJU (I think that
getting the DNS fixed so RBL tests work will take care of that).

I'm happy to hear its configurable. I'm going to change my config so the header 
is written and see if SA scoring improves.

 I'd like to see spamdyke add its own header at some point, at which 
 time I'm sure it will be there. Sam's very thorough about these 
 things. ;)

Is spamdyke packaged with QMT nowadays? I'm not using it.

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Disable SSLv3, POODLE: SSLv3 vulnerability

2014-10-22 Thread Quinn Comendant 
On Tue, 21 Oct 2014 19:02:09 -0700, Eric Shubert wrote:
 In order to disable SSL in dovecot, you could either block the SSL 
 ports (993, 995) in the firewall, or change /etc/dovecot/toaster.conf 
 file by adding :!SSLv3 to the list of ciphers:
 ssl_cipher_list = ALL:!LOW:!SSLv2:!SSLv3:!EXP:!aNULL:DES-CBC3-SHA

Reconsider disabling SSLv3 ciphers! In OpenSSL they're used by TLSv1.0 and 
TLSv1.1. The TLSv1.1 protocol didn't introduce any new ciphers, it uses SSLv3 
ciphers. If you do this—as far as I've read, I didn't try—TLS for clients that 
don't support at least version 1.2 will stop working.

https://security.stackexchange.com/questions/70832/why-doesnt-the-tls-protocol-work-without-the-sslv3-ciphersuites

The correct action is to disable the SSLv3 protocol itself, if possible. 
Limiting connections to clients capable of = TLSv1.2 might be fine, but I do 
know how many support that; maybe most?

Quinn

Re: [qmailtoaster] Re: Disable SSLv3, POODLE: SSLv3 vulnerability

2014-10-22 Thread Quinn Comendant 
On Fri, 17 Oct 2014 10:52:12 +0300, Catalin Leanca wrote:
 I managed to disable SSLv3 in /etc/courier/imapd-ssl and 
 /etc/courier/pop3-ssl
 Changed TLS_PROTOCOL=SSLv3 to TLS_PROTOCOL=TLS1

Catalin (and others): have you succeeded in disabling SSLv3 in courier? When I 
try this configuration, I am unable to connect even with a TLS-compatible 
client, not even the openssl itself:

openssl s_client -state -nbio -connect mail.example.com:993

I get this output:

CONNECTED(0003)
turning on non blocking io
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A
write R BLOCK
SSL_connect:error in SSLv2/v3 read server hello A
read:errno=54

According to the openssl documentation, this error usually results from the 
connection not being able to auto-negotiate a suitable ssl version to use. So, 
I force a TLS connection using -tls1:

openssl s_client -state -nbio -connect oak2.strangecode.com:993 -tls1

And then I get a successful connection with the openssl client. The problem is 
the real IMAP client I use (Gyazmail) doesn't connect (thought it does support 
TLS). Perhaps it is trying SSLv3 first, and fails to negotiate to TLS?

I read also some Courier versions have this problem, some not [1]. I'd 
appreciate if you could run the above openssl command (without -tls1) and let 
me know if it connects for you or not.

BTW, if you want to test that your server refuses SSLv3 connections, run the 
openssl client with '-ssl3'.

Quinn

[1] http://sourceforge.net/p/courier/mailman/message/17185523/

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Disable SSLv3, POODLE: SSLv3 vulnerability

2014-10-21 Thread Quinn Comendant 
On Fri, 17 Oct 2014 10:52:12 +0300, Catalin Leanca wrote:
 But how about SMTP ? How to disable SSLv3 over 587 submission port ?

I couldn't find the answer with 10 minutes of googling, but I did find this 
(UNTESTED!):

How to take down SSLv3 in your network using iptables firewall:
https://blog.g3rt.nl/take-down-sslv3-using-iptables.html

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Disable SSLv3, POODLE: SSLv3 vulnerability

2014-10-21 Thread Quinn Comendant 
On Tue, 21 Oct 2014 23:27:35 +0545, Quinn Comendant wrote:
 On Fri, 17 Oct 2014 10:52:12 +0300, Catalin Leanca wrote:
 But how about SMTP ? How to disable SSLv3 over 587 submission port ?

Here's a comprehensive list of how to disable SSLv3 in everything *except* 
qmail:

http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566

Perhaps if anybody does discover how they can update this answer.

Q

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] How to fix DNS for Received: from unknown

2014-10-20 Thread Quinn Comendant 
Hi Guys

I've been discussing on the us...@spamassassin.apache.org list about a minor 
issue I'm having with SA, and it was noted by a couple people that the headers 
of incoming mail indicates qmail is not doing DNS lookups correctly. 
Specifically, it seems qmail is not recording the reverse dns of the host from 
which it received the mail, and is instead using Received: from unknown … for 
all incoming messages. DNS works on the command line, if I query using `host` 
or `dig` so I don't think it is a problem with our network's DNS. Does qmail 
need something special to be able to do dns lookups? This has never been a 
problem for us but apparently this is affecting spamassassin's functionality.

Example received headers:

Here's one from gmail:

Received: from unknown (HELO mail-pd0-f175.google.com) (209.85.192.175)
  by oak.strangecode.com with (AES128-SHA encrypted) SMTP; 19 Oct 2014 05:42:33 
-

And testing this IP from the command line on our mail server:

{q@oak/0 ~} host 209.85.192.175
175.192.85.209.in-addr.arpa domain name pointer mail-pd0-f175.google.com.
{q@oak/0 ~} host mail-pd0-f175.google.com
mail-pd0-f175.google.com has address 209.85.192.175


Here's one from Rackspace (our host):

Received: from unknown (HELO smtp1-ext.ord1.corp.rackspace.com) (173.203.4.141)
  by oak.strangecode.com with (DHE-RSA-AES256-SHA encrypted) SMTP; 20 Oct 2014 
17:42:11 -

And from the command line:

{q@oak/0 ~} host 173.203.4.141
141.4.203.173.in-addr.arpa domain name pointer 
smtp1-ext.ord1.corp.rackspace.com.
{q@oak/0 ~} host smtp1-ext.ord1.corp.rackspace.com
smtp1-ext.ord1.corp.rackspace.com has address 173.203.4.141

Thanks!
Quinn

Re: [qmailtoaster] Re: user and group for vpopmail

2014-10-12 Thread Quinn Comendant 
Hi Eric

On Sat, 11 Oct 2014 08:41:43 -0700, Eric Shubert wrote:
 Recommended solution?
 
 I'd simply chgrp -R /home/vpopmail/domains/* vchkpw after the rsync.

That's what I did. I also had to change the group IDs in 
`/var/qmail/users/assign` and rehash the cdb:

sudo perl -pi.bak -e 's/7919:7919/89:89/' /var/qmail/users/assign
sudo qmail-newu

 Sure is. It's in the same repo as everything else. You'll see SRPMS 
 directories in the current/ and testing/ branches. There's also an 
 archive/rpms directory on some of the mirrors, which contains all 
 rpms back to Jan'06. If you go to 
 http://mirrors.qmailtoaster.com/archive you may or may not find it. 

On http://mirrors.qmailtoaster.com/archive, Gateway Timeout: can't connect to 
remote host, but I was able to connect to mirror1.qmailtoaster.com, and found 
the src.rpm from Jan 2006. In there, indeed, vpopmail was also running as group 
vchkpw.

I don't know why then, I have two mail servers running QMT in which the 
vpopmail user is assigned to vpopmail group:

{q@pine/0 ~} groups vpopmail
vpopmail : vpopmail

{q@oak/0 ~} groups vpopmail
vpopmail : vpopmail

The new server is using the correct group:
{q@oak2/0 ~} groups vpopmail
vpopmail : vchkpw

It's a puzzle I don't care to solve now, since it's working well after changing 
the permissions as above.

Thanks guys,

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: user and group for vpopmail

2014-10-12 Thread Quinn Comendant 
On Sat, 11 Oct 2014 23:35:35 -0700, Eric Shubert wrote:
 Did you use the --numeric-ids flag on rsync? Without it, user and 
 group ids can get changed from one host to another, depend on what 
 number is assigned to which name(s).

No, because I wanted files to retain same username ownership, regardless of 
their ids (since the ids are different between old and new servers). Otherwise 
files which arrive would have an owner of 7919, which is a nonexistent user. 
But I've learned this could be a problem because inside the 
`/var/qmail/users/assign` file Maildir paths are specified with a numeric ID 
(but as I noted previously, I've updated that file to the new uids). 

Are there any other files in QMT which use user ids rather than user names? I 
grep'ed /var/qmail for 7919 and `/var/qmail/users/assign` was the only file 
which contained this. 

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] user and group for vpopmail

2014-10-10 Thread Quinn Comendant 
I'm migrating a qmailtoaster installed in 2006 to a new server. I've come to an 
issue where the vpopmail-toaster package creates user vpopmail with group 
vchkpw:

{q@oak2/0 bin} groups vpopmail
vpopmail : vchkpw

However, on the old server, the vpopmail user was setup with group vpopmail:

{q@oak/0 ~} groups vpopmail
vpopmail : vpopmail

This is a problem because on the new server the vpopmail group was never 
created, and so rsync'ed data doesn't result in having the correct group when 
it arrives.

Was this a design change at one point, and what was the reason for it? 
Recommended solution?

Also, is there an official source code repository for QMT? I tried to find the 
history of the vpopmail-toaster.spec to see when this change was introduced but 
didn't see any.

Thanks!

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: IRC

2014-10-10 Thread Quinn Comendant 
On Sun, 20 Jun 2010 18:49:04 -0700 Scott Hughes wrote:
 So far no luck. I can find bots, but none yet that log. I'm sure I'd 
 have to find a way to transfer the logs to some type of searchable 
 format, but one step at a time.

FWIW, there are plenty of free logging bot services, e.g., https://botbot.me/ 
looks really nice.

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Migration of qmail

2014-01-31 Thread Quinn Comendant 
On Fri, 31 Jan 2014 08:13:01 -0700, Dave M wrote:
 remionder Centos 6, not 100% yet

Is there a list of things that don't work on centos 6? If it's not 100%, is it 
90%? 95%?

-- 
Quinn Comendant
Strangecode, LLC
http://www.strangecode.com/
+1 530 624 4410 mobile
+1 530 636 2633 office
@qc and @strangecode


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Disabling Domain Keys

2014-01-15 Thread Quinn Comendant 
Hi all,

What is the current status of Domain Keys in QMT? I've been following the 
advice given in http://wiki.qmailtoaster.com/index.php/Disabling_Domain_Keys, 
but wonder if there has been movement to fix this?

Also, I noticed during a recent upgrade the `qmail-queue` symlink was pointing 
to `qmail-dk` by default; I thought by default it would go to 
`qmail-queue.orig` (the page above writes, This will be disabled in future 
releases anyway).

Thanks,

-- 
Quinn Comendant
Strangecode, LLC
http://www.strangecode.com/
+1 530 624 4410 mobile
+1 530 636 2633 office
@qc and @strangecode


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] valias vs aliases in .qmail

2014-01-08 Thread Quinn Comendant 
After 7 years using qmailtoaster I only just realized some unexpected behavior 
with `valias` versus aliases in .qmail files. I thought I'd mention this here 
in case others also weren't aware of this, or if I'm wrong y'all can call me 
crazy.

I discovered if you use `valias` to create a virtual alias of an existing local 
mail account (as opposed to a new line in a .qmail file for the user with 
`destinat...@addre.ss`), the valias takes precedence, and no mail will be 
delivered locally. In other words it seems the user .qmail files or the domain 
default .qmail file are ignored completely.

Instead, if you modify a .qmail file to add `destinat...@addre.ss` in addition 
to the local mail delivery rule (preferably through vqadmin, which modifies the 
.qmail file for you) the forwarding will happen as expected: mail will be 
delivered to the local mail account, and to the forwarded destination.

Does this ring true?

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: valias vs aliases in .qmail

2014-01-08 Thread Quinn Comendant 
On Wed, 08 Jan 2014 11:17:11 -0700, Eric Shubert wrote:
 Instead, if you modify a .qmail file to add `destinat...@addre.ss` 
 in addition to the local mail delivery rule (preferably through 
 vqadmin, which modifies the .qmail file for you)

Whoops I meant preferably through qmailadmin.

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: valias vs aliases in .qmail

2014-01-08 Thread Quinn Comendant 
On Wed, 08 Jan 2014 11:17:11 -0700, Eric Shubert wrote:
 Instead, if you modify a .qmail file to add `destinat...@addre.ss` 
 in addition to the local mail delivery rule (preferably through 
 vqadmin, which modifies the .qmail file for you)

Whoops I meant preferably through qmailadmin.

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: valias vs aliases in .qmail

2014-01-08 Thread Quinn Comendant 
On Wed, 08 Jan 2014 11:17:11 -0700, Eric Shubert wrote:
 I'm not positive about this. My understanding is that forwards are
 now stored in the database instead of using .qmail files. Are you
 sure that vqadmin modifies the .qmail file for the account?

It does create them. I just tested:

 1. Created test account t...@strangecode.com
 2. Check if there is a .qmail file: there isn't
 3. Add forward via qmailadmin
 4. Check if there is a .qmail file: yes! it created 
/home/vpopmail/domains/0/strangecode.com/test/.qmail

 Again, my understanding is that account .qmail files
 are still effective though, as they're used for catchall and maildrop
 (spambox) purposes.

I think .qmail files are fine. It results in a mixed jumble of configs, but as 
long as it works consistently and is documented we can rely on it to work.

This is a good point to refresh our memory that there are .qmail files in 
multiple locations:

* …DOMAIN/.qmail-LOCAL
* …DOMAIN/LOCAL/.qmail.
* …DOMAIN/.qmail for the default .qmail file for the domain
* /home/USERNAME/.qmail for real unix user accounts also have

Quinn

Re: [qmailtoaster] Re: Can I disable CRAM-MD5 authentication for submission service?

2013-12-08 Thread Quinn Comendant 
On Wed, 11 Sep 2013 15:07:31 +0200, Johannes Weberhofer wrote:
 Eric,
 this line in the spec will remove CRAM-MD5 completely:

 %{__perl} -pi -e s|\#define CRAM_MD5||g qmail-smtpd.c

 Johannes

In the .spec file included with qmail-toaster-1.03-1.3.22.src.rpm there is 
already something that indicates that CRAM-MD5 is being removed, however the 
action line is attempting to remove #define AUTHCRAM which doesn't exist 
anywhere in qmail-smtpd.c, before or after patches are applied:

# Remove CRAM-MD5 because qmail-remote-auth doesn't like it

#---
%{__perl} -pi -e s|\#define AUTHCRAM||g qmail-smtpd.c

If, as it appears, the .spec is set to remove CRAM-MD5 by default, it isn't 
working. The line Johannes suggested earlier *does* work correctly to remove 
CRAM-MD5. Can someone comment on this?

Thanks!

--
Quinn Comendant
Strangecode, LLC
http://www.strangecode.com/
+1 530 624 4410 mobile
+1 530 636 2633 office
@qc and @strangecode

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Can I disable CRAM-MD5 authentication for submission service?

2013-09-12 Thread Quinn Comendant 
On Wed, 11 Sep 2013 15:07:31 +0200, Johannes Weberhofer wrote:
 this line in the spec will remove CRAM-MD5 completely:
 
 %{__perl} -pi -e s|\#define CRAM_MD5||g qmail-smtpd.c

I'd like to do this as well to remove the dependence on pw_clear_passwd. It's 
really this easy? And the clients that were using CRAM MD5 before will then use 
the alternative available option(s) during the smtp/submission transaction?

I look forward to seeing this as a full howto  up on the wiki. ;)

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] a dns patch maybe

2013-09-02 Thread Quinn Comendant 
This may be related to the DNS 'ANY' query canonicalization issue I reported a 
few weeks ago:
http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35790.html

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] DNS Best Practices for QMT

2013-09-02 Thread Quinn Comendant 
This is great Dan. Is this up on the wiki yet? Thanks!

Quinn

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] QMT and the DNS 'ANY' query canonicalization issue

2013-07-22 Thread Quinn Comendant 
Rackspace has corroborated our findings with the va.gov DNS misconfiguration 
(their response pasted below). Which brings me back to my question: is there a 
way to make qmail more resilient to these kind of DNS issues?

Quinn

- Forwarded message from supp...@rackspace.com, 21 Jul 2013 07:46:23 -
Greetings Quinn,

From my investigation, this seems to be an issue with IPv6 contained in the DNS 
record and the va.gov nameservers themself.

From your server and all other machines I've tested on, I can get the IPv6  
records:

[root@oak ~]# lsmod|grep ipv6
ipv6  437985  38 cnic,ib_sdp,ib_ipoib,rdma_cm,ib_addr
xfrm_nalgo 4  1 ipv6


[root@oak ~]# dig va.gov 

;  DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6  va.gov 
;; global options:  printcmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 8335
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;va.gov.IN  

;; ANSWER SECTION:
va.gov. 60  IN  2610:d8:1000:28::28:221

;; Query time: 6 msec
;; SERVER: 72.3.128.240#53(72.3.128.240)
;; WHEN: Sun Jul 21 23:40:21 2013
;; MSG SIZE  rcvd: 52


Which precludes there being any DNS connectivity issues on our network.

It seems the DNS response from the nameservers are inconsistent even for 
external services querying the DNS; you can check by using the following:

http://pingability.com/zoneinfo.jsp?domain=va.gov

http://leafdns.com/index.cgi?testid=B91E5367

Notice that the glue records for MX are mismatched and/or missing, which would 
indicate a reason for SMTP/mail issues and the va.gov domain.

So the problem essentially lies with the DNS zone for va.gov and any one of the 
4 nameservers not answering correctly under varying requester conditions.

I will leave this ticket should you have any further insight on the issue.

If you have additional questions or require further support, please don't 
hesitate to ask!

Best regards,
Chris N. 
Linux Administrator
Rackspace Managed Support // US (800) 961-4454

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] QMT and the DNS 'ANY' query canonicalization issue

2013-07-21 Thread Quinn Comendant 
Hi all,

We've been experiencing 
CNAME_lookup_failed_temporarily._(#4.4.3)/I'm_not_going_to_try_again errors 
when sending mail to @va.gov addresses. Since QMT includes the Big DNS Patch, a 
DNS packet buffer overrun isn't the issue. I wonder if we might be experiencing 
the other DNS issue described at http://fanf.livejournal.com/10.html by 
Tony Finch:

  Originally qmail made a CNAME query in order to look up the canonical 
version of a domain, but this caused interop problems with BIND 4. This was 
replaced with an ANY query, which had fewer interop problems but is still 
wrong. Both of these queries are wrong because they don't trigger alias 
processing, so if there is a CNAME chain the response will not actually yield 
the canonical name. Because of this qmail has code that makes a series of 
queries to follow CNAME chains. If instead qmail made the correct query, an MX 
query (or A - it doesn't matter which), the response will include all the CNAME 
RRs that qmail wants to know about, and it would not need its inefficient CNAME 
chain handling code.

Does anybody have experience enough to say if this might be the case? Is there 
a patch suitable for QMT that corrects this? Or is there another workaround?

Thanks thanks thanks,
Quinn


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] QMT and the DNS 'ANY' query canonicalization issue

2013-07-21 Thread Quinn Comendant 
Hi all,

We've been experiencing 
CNAME_lookup_failed_temporarily._(#4.4.3)/I'm_not_going_to_try_again errors 
when sending mail to @va.gov addresses. Since QMT includes the Big DNS Patch, a 
DNS packet buffer overrun isn't the issue. I wonder if we might be experiencing 
the other DNS issue described at http://fanf.livejournal.com/10.html by 
Tony Finch:

  Originally qmail made a CNAME query in order to look up the canonical 
version of a domain, but this caused interop problems with BIND 4. This was 
replaced with an ANY query, which had fewer interop problems but is still 
wrong. Both of these queries are wrong because they don't trigger alias 
processing, so if there is a CNAME chain the response will not actually yield 
the canonical name. Because of this qmail has code that makes a series of 
queries to follow CNAME chains. If instead qmail made the correct query, an MX 
query (or A - it doesn't matter which), the response will include all the CNAME 
RRs that qmail wants to know about, and it would not need its inefficient CNAME 
chain handling code.

Does anybody have experience enough to say if this might be the case? Is there 
a patch suitable for QMT that corrects this? Or is there another workaround?

Thanks thanks thanks,
Quinn


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] QMT and the DNS 'ANY' query canonicalization issue

2013-07-21 Thread Quinn Comendant 
Thanks Alex

I can confirm the ANY query failure now; it was working earlier today – it must 
be an intermittent problem with their DNS. I've emailed the address listed in 
the SOA.

It it still useful for qmail to make DNS ANY queries, or can they be disabled 
as recommended at http://fanf.livejournal.com/10.html?

Quinn

[qmailtoaster] Re: Mail Certificates

2012-12-21 Thread Quinn Comendant 
Natalio Gatti ngatti at gmail.com writes:
 I need to buy a digital certificate for my qmail server. In the wiki there
 is a link to DiscountWebCerts. 
 Do you still recomend them? Is there any other server?
 
 And one more question: Those cheap RapidSSL certificates are fully 
 compatible with outlook?

RapidSSL certificates will work, but you must include their intermediate 
certificate, available at: http://is.gd/2FLSRz

Also important, you must include the keys and certificates in your 
/var/qmail/control/servercert.pem file in the correct order:

  1. The private key
  2. The primary certificate
  3. The intermediate and root certificate from the RapidSSL_CA_bundle.pem

Gmail now requires CA-signed certificates for SSL when importing messages 
over POP3 into a gmail account, so having a real SSL cert will be relevant 
for people on this list.

Quinn


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] commercial ESP for forwarded SMTP?

2011-09-12 Thread Quinn Comendant 
We'll be deploying a mail server on a Rackspace cloud server, and they 
suggested that because their offering is 'utility computing' the IP addresses 
included are dirty (in a blacklist kind of way) and we should use a commercial 
ESP such as SendGrid, PostMark, CritSend, CloudSMTP, or the like.

Has anybody done research in this field? Any favorites?

We'll just be forwarding our outgoing SMTP traffic to their service for its 
quality of deliverability. I doubt we'll use any of reporting features, or even 
SPF/DKIM.

Quinn

-- 
Strangecode, LLC
http://www.strangecode.com/
+1 530 636 2633

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: spamc -h received in message body

2011-06-14 Thread Quinn Comendant 
Eric

I've posted the raw email here:
http://pastie.textmate.org/private/68bokw2tmauf2soczq

I agree: the catch-all is not the problem; it is something to do with the way 
simscan is passing the message to clamc that an email addressed to 
--local@domain is interpreted as an invalid argument. This brings up the worry 
that the sender of the message might be able to modify the parameters passed to 
clamc in dangerous ways? (Running the message through spamc manually `spamc -R 
 spam.eml` doesn't cause any errors.)

Actually, I can't intentionally cause this to make an error if I send a test 
message to `--chico.volunt...@client-domain.org.` The email address is 
interpreted normally and the email delivers fine. So it may not be only that 
`--` precedes the local part of the email address, but something else is at 
play.

Hmmm.

Quinn

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] spamc -h received in message body

2011-06-11 Thread Quinn Comendant 
On Sat, 21 May 2011 19:37:19 -0700, Quinn Comendant wrote:
 We have a client on our mail server who occasionally and randomly 
 receives emails which contain nothing other than the output from 
 `spamc --help`

I found the cause of this problem. The client was using a catch-all address, 
and was receiving mail addressed to --usern...@client-domain.org (with double 
dashes in front). It seems CHKUSER should filter for such bogus addresses; is 
it valid? I'll suggest that the client disable the catch-all and setup 
specific, valid aliases for the domain.

Quinn

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] spamc -h received in message body

2011-05-21 Thread Quinn Comendant 
Anybody seen this before?

We have a client on our mail server who occasionally and randomly receives 
emails which contain nothing other than the output from `spamc --help` (see 
output at http://pastie.textmate.org/private/6gb0ymmqpyw7mee39sespg). 
Nothing* in our log files match up with the arrival of these messages, and the 
client claims they don't coincide with any action on their part. They're able 
to receive and send message normally. These messages only occur about once 
every couple days. 

*There is one thing, but it doesn't occur at the same time as the headers of 
the message received:
  2011-05-20 08:25:55.827900500 [13887] warn: auto-whitelist: open of 
auto-whitelist file failed: child processing timeout at /usr/bin/spamd line 
1262.

Quinn

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Mirror

2010-04-16 Thread Quinn Comendant 
Here's a copy of all the latest QMT rpms on our CDN. Jake, feel free to link to 
these for a few days if you need to relieve www.qmailtoster.com of its burden.

http://cdn.one.strangecode.com/qmt/autorespond-toaster-2.0.4-1.3.6.src.rpm
http://cdn.one.strangecode.com/qmt/clamav-toaster-0.96.0-1.3.35.src.rpm
http://cdn.one.strangecode.com/qmt/control-panel-toaster-0.5-1.3.7.src.rpm
http://cdn.one.strangecode.com/qmt/courier-authlib-toaster-0.59.2-1.3.10.src.rpm
http://cdn.one.strangecode.com/qmt/courier-imap-toaster-4.1.2-1.3.10.src.rpm
http://cdn.one.strangecode.com/qmt/daemontools-toaster-0.76-1.3.6.src.rpm
http://cdn.one.strangecode.com/qmt/djbdns-1.05-1.0.6.src.rpm
http://cdn.one.strangecode.com/qmt/ezmlm-toaster-0.53.324-1.3.6.src.rpm
http://cdn.one.strangecode.com/qmt/isoqlog-toaster-2.1-1.3.7.src.rpm
http://cdn.one.strangecode.com/qmt/libdomainkeys-toaster-0.68-1.3.6.src.rpm
http://cdn.one.strangecode.com/qmt/libsrs2-toaster-1.0.18-1.3.6.src.rpm
http://cdn.one.strangecode.com/qmt/maildrop-toaster-2.0.3-1.3.8.src.rpm
http://cdn.one.strangecode.com/qmt/qmailadmin-toaster-1.2.12-1.3.8.src.rpm
http://cdn.one.strangecode.com/qmt/qmailmrtg-toaster-4.2-1.3.6.src.rpm
http://cdn.one.strangecode.com/qmt/qmail-toaster-1.03-1.3.20.src.rpm
http://cdn.one.strangecode.com/qmt/ripmime-toaster-1.4.0.6-1.3.6.src.rpm
http://cdn.one.strangecode.com/qmt/simscan-toaster-1.4.0-1.3.8.src.rpm
http://cdn.one.strangecode.com/qmt/spamassassin-toaster-3.2.5-1.3.17.src.rpm
http://cdn.one.strangecode.com/qmt/squirrelmail-toaster-1.4.20-1.3.17.src.rpm
http://cdn.one.strangecode.com/qmt/ucspi-tcp-toaster-0.88-1.3.9.src.rpm
http://cdn.one.strangecode.com/qmt/vpopmail-toaster-5.4.17-1.3.7.src.rpm
http://cdn.one.strangecode.com/qmt/vqadmin-toaster-2.3.4-1.3.6.src.rpm
http://cdn.one.strangecode.com/qmt/zlib-1.2.3-1.0.3.src.rpm

Quinn

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] clamav 0.94 end-of-life today

2010-04-15 Thread Quinn Comendant 
Just a reminder to everybody that ClamAV 0.94.x is no longer supported by 
signature file updates after 15 Apr 2010. 
http://www.clamav.net/lang/en/2009/10/05/eol-clamav-094/

If you haven't yet upgraded to 0.95.x you need to do so now to process 
signature updates provided through freshclam. Today's daily.cvd will break 
0.94.x functionality, giving these errors in the clamd log file:

2010-04-15 17:39:17.689861500 LibClamAV Warning: 
***
2010-04-15 17:39:17.689865500 LibClamAV Warning: ***  This version of the 
ClamAV engine is outdated. ***
2010-04-15 17:39:17.689872500 LibClamAV Warning: *** DON'T PANIC! Read 
http://www.clamav.net/support/faq ***
2010-04-15 17:39:17.689874500 LibClamAV Warning: 
***
2010-04-15 17:39:18.297274500 LibClamAV Error: cli_hex2str(): Malformed 
hexstring: This ClamAV version has reached End of Life! Please upgrade to 
version 0.95 or later. For more information see  www.clamav.net/eol-clamav-094 
and www.clamav.net/download (length: 169)
2010-04-15 17:39:18.297278500 LibClamAV Error: Problem parsing database at line 
742
2010-04-15 17:39:18.301314500 LibClamAV Error: Can't load 
/tmp/clamav-57f6aafd0f6af059076857b8b2e9ef3b/daily.ndb: Malformed database
2010-04-15 17:39:18.304476500 LibClamAV Error: Can't load 
/usr/share/clamav/daily.cvd: Malformed database
2010-04-15 17:39:18.304538500 ERROR: Malformed database

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] vpopmail persistant mysql connections

2008-09-17 Thread Quinn Comendant 
Does vpopmail use persistent mysql connections? To reduce mysql memory usage, 
I'd like there to be fewer sleeping vpopmail db connections:

| Id   | User | Host  | db | Command | Time | State | Info  
   |
| 394  | vpopmail | localhost | vpopmail   | Sleep   | 10   |   |   
   |
| 1014 | vpopmail | localhost | vpopmail   | Sleep   | 120  |   |   
   |
| 1421 | vpopmail | localhost | vpopmail   | Sleep   | 132  |   |   
   |
| 122  | vpopmail | localhost | vpopmail   | Sleep   | 180  |   |   
   |
| 2003 | vpopmail | localhost | vpopmail   | Sleep   | 24   |   |   
   |
| 1013 | vpopmail | localhost | vpopmail   | Sleep   | 240  |   |   
   |
| 137  | vpopmail | localhost | vpopmail   | Sleep   | 242  |   |   
   |
| 895  | vpopmail | localhost | vpopmail   | Sleep   | 264  |   |   
   |
| 865  | vpopmail | localhost | vpopmail   | Sleep   | 266  |   |   
   |
| 737  | vpopmail | localhost | vpopmail   | Sleep   | 269  |   |   
   |
| 709  | vpopmail | localhost | vpopmail   | Sleep   | 299  |   |   
   |
| 700  | vpopmail | localhost | vpopmail   | Sleep   | 300  |   |   
   |
| 581  | vpopmail | localhost | vpopmail   | Sleep   | 310  |   |   
   |
| 24   | vpopmail | localhost | vpopmail   | Sleep   | 442  |   |   
   |
| 386  | vpopmail | localhost | vpopmail   | Sleep   | 60   |   |   
   |
| 12   | vpopmail | localhost | vpopmail   | Sleep   | 69   |   |   
   |
| 1401 | zero | localhost | zero   | Sleep   | 149  |   |   
   |

Any ideas?

Quinn

-- 
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 554 9555

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] bypassing virtualdomains

2008-09-16 Thread Quinn Comendant 
On Fri, 12 Sep 2008 10:26:13 -0400, Dan McAllister wrote:
 I've had to deal with this... and if you have control of BOTH ends 
 (old server and new) it's much easier...

I almost never have access to the old server. Any other ideas?

Quinn

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] bypassing virtualdomains

2008-09-11 Thread Quinn Comendant 
Hi all,

Is there a way to have qmail-send check actual MX records for a domain before 
deciding if it is local or not (instead of by (more)rcpthosts and 
virtualdomains)?

An issue comes up occasionally when a domain is added on our server which is 
currently hosted somewhere else (i.e. it's a migration) and the DNS isn't 
updated for awhile until the client is prepared to finalize the migration. The 
problem is, until MX records are switched, they expect mail to be delivered to 
their existing mail server (i.e. not us) however messages that are sent from 
our server are delivered locally because the domain exists in (more)rcpthosts 
and virtualdomains. Any users who send mail to their domain is not received (or 
more likely, is bounced because the user has not added any mail accounts for 
the domain).

Solutions I've thought of:

- Ask people to use a different SMTP server when sending messages to the domain 
until DNS is migrated (i.e. smtp.gmail.com). PROBLEM: we can't possible insist 
the hundreds of mail users on our system do this.

- Comment out the domain in the (more)rcpthosts and virtualdomains control 
files. PROBLEM: when the DNS is finally switched for the domain, we'll most 
likely forget to un-comment the configuration.

Any other ideas?

Quinn

-- 
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 554 9555

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] ezmlm lists and valias

2008-04-09 Thread Quinn Comendant 
Hmmm. This should work but it doesn't.

I have a ezmlm list at [EMAIL PROTECTED] I wanted to create an alias to this 
address so incoming messages are forwarded to a mailbox that is posted to a 
blog.

Adding the alias using valias doesn't work:

vpopmailselect * from valias where domain = 'hoodwink.us'; 
+-+-++
| alias   | domain  | valias_line|
+-+-++
| relevance   | hoodwink.us | [EMAIL PROTECTED] |
+-+-++

But adding this line to /home/vpopmail/domains/0/hoodwink.us/relevance/editor 
does work:

[EMAIL PROTECTED]

How do ezmlm list addresses process valias versus .qmail files differently?

Quinn

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Communication Error: Cannot read data from socket

2008-03-04 Thread Quinn Comendant 
On Mon, 3 Mar 2008 21:34:01 -0800, Quinn Comendant wrote:
   Communication Error: Cannot read data from socket (Resource 
 temporarily unavailable)

Two more bits of information:

1. Often the message *does* go through, even through my mail client says 
sending failed.

2. If I restart qmail, and try sending the message, it works that time.

Quinn

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Communication Error: Cannot read data from socket

2008-03-04 Thread Quinn Comendant 
On Tue, 04 Mar 2008 16:37:15 -0700, Eric Shubert wrote:
 I used to see this problem (at least I think it's the same one) too. I
 haven't seen it since I upgrade to the current packages, most notably
 clamav. I'd upgrade all of them and see if the problem doesn't go away.

I'll try that and report back.

Thx, Q

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] vpopmail over-quota phantoms

2008-03-04 Thread Quinn Comendant 
This week we've received a flood of clients complaining about vpopmail's Your 
mailbox on the server is now more than 90% full messages, when they were 
nowhere near over quota. There have been about 3-people-a-day for the past week 
noting this, and each time I check the `vuserinfo` command and also `du -sk 
/path/to/Maildir` both report usage well below quota (although the two numbers 
*are* often different, WTF?).

In each case, I check the domain-quota too, compared with `du -sk 
/path/to/domain` and the user's domain is always well under quota too (space 
and files).

This may be explained that the users received a few BIG emails they 
subsequently downloaded and removed from the server before I could analyze 
their usage. But with such a wave of complaints and none before now I'm 
paranoid something is wrong with the Courier-Vpopmail quota reporting.

Has anybody noticed this before? Are vpopmail quotas buggy? Am I paranoid?

Quinn

-- 
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 554 9555

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Communication Error: Cannot read data from socket

2008-03-03 Thread Quinn Comendant 
I've started getting this error when sending mail to my QT over port 587:

Communication Error: Cannot read data from socket (Resource temporarily 
unavailable)

Message sending just stalls for 60 seconds or so. It happens to me a few times 
a week, and sometimes I can't send mail at all, but I'll try the next day with 
success. The server was running a year error-free before this started happening 
a couple months ago. Anybody have an idea where to start troubleshooting?

The submission log shows this:

2008-03-03 23:27:30.170773500 tcpserver: status: 4/100
2008-03-03 23:27:30.170936500 tcpserver: pid 8172 from 76.231.248.67
2008-03-03 23:27:30.171041500 tcpserver: ok 8172 
mx.strangecode.com:72.32.88.155:587 :76.231.248.67::53261
2008-03-03 23:27:31.019259500 CHKUSER accepted sender: from [EMAIL 
PROTECTED]:[EMAIL PROTECTED]: remote [192.168.2.2]:unknown:76.231.248.67 
rcpt  : sender accepted
2008-03-03 23:27:31.095999500 CHKUSER accepted rcpt: from [EMAIL 
PROTECTED]:[EMAIL PROTECTED]: remote [192.168.2.2]:unknown:76.231.248.67 
rcpt [EMAIL PROTECTED] : found existing recipient


[EMAIL PROTECTED]/1 ~]$rpm -qa | grep toaster
daemontools-toaster-0.76-1.3.2
courier-imap-toaster-4.1.2-1.3.6
qmailadmin-toaster-1.2.9-1.3.3
ucspi-tcp-toaster-0.88-1.3.4
ripmime-toaster-1.4.0.6-1.3.2
control-panel-toaster-0.5-1.3.3
isoqlog-toaster-2.1-1.3.3
qmailmrtg-toaster-4.2-1.3.2
libsrs2-toaster-1.0.18-1.3.2
ezmlm-toaster-0.53.324-1.3.2
maildrop-toaster-2.0.3-1.3.4
libdomainkeys-toaster-0.68-1.3.2
qmail-pop3d-toaster-1.03-1.3.14
vpopmail-toaster-5.4.13-1.3.3
clamav-toaster-0.90.1-1.3.11
qmail-toaster-1.03-1.3.14
autorespond-toaster-2.0.4-1.3.2
maildrop-toaster-devel-2.0.3-1.3.4
simscan-toaster-1.3.1-1.3.5
courier-authlib-toaster-0.59-1.3.4
ezmlm-cgi-toaster-0.53.324-1.3.2
spamassassin-toaster-3.1.8-1.3.7


Cheers!
Quinn

-- 
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 554 9555

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Communication Error: Cannot read data from socket

2008-03-03 Thread Quinn Comendant 
I've started getting this error when sending mail to my QT over port 587:

Communication Error: Cannot read data from socket (Resource temporarily 
unavailable)

Message sending just stalls for 60 seconds or so. It happens to me a few times 
a week, and sometimes I can't send mail at all, but I'll try the next day with 
success. The server was running a year error-free before this started happening 
a couple months ago. Anybody have an idea where to start troubleshooting?

The submission log shows this:

2008-03-03 23:27:30.170773500 tcpserver: status: 4/100
2008-03-03 23:27:30.170936500 tcpserver: pid 8172 from 76.231.248.67
2008-03-03 23:27:30.171041500 tcpserver: ok 8172 
mx.strangecode.com:72.32.88.155:587 :76.231.248.67::53261
2008-03-03 23:27:31.019259500 CHKUSER accepted sender: from [EMAIL 
PROTECTED]:[EMAIL PROTECTED]: remote [192.168.2.2]:unknown:76.231.248.67 
rcpt  : sender accepted
2008-03-03 23:27:31.095999500 CHKUSER accepted rcpt: from [EMAIL 
PROTECTED]:[EMAIL PROTECTED]: remote [192.168.2.2]:unknown:76.231.248.67 
rcpt [EMAIL PROTECTED] : found existing recipient


[EMAIL PROTECTED]/1 ~]$rpm -qa | grep toaster
daemontools-toaster-0.76-1.3.2
courier-imap-toaster-4.1.2-1.3.6
qmailadmin-toaster-1.2.9-1.3.3
ucspi-tcp-toaster-0.88-1.3.4
ripmime-toaster-1.4.0.6-1.3.2
control-panel-toaster-0.5-1.3.3
isoqlog-toaster-2.1-1.3.3
qmailmrtg-toaster-4.2-1.3.2
libsrs2-toaster-1.0.18-1.3.2
ezmlm-toaster-0.53.324-1.3.2
maildrop-toaster-2.0.3-1.3.4
libdomainkeys-toaster-0.68-1.3.2
qmail-pop3d-toaster-1.03-1.3.14
vpopmail-toaster-5.4.13-1.3.3
clamav-toaster-0.90.1-1.3.11
qmail-toaster-1.03-1.3.14
autorespond-toaster-2.0.4-1.3.2
maildrop-toaster-devel-2.0.3-1.3.4
simscan-toaster-1.3.1-1.3.5
courier-authlib-toaster-0.59-1.3.4
ezmlm-cgi-toaster-0.53.324-1.3.2
spamassassin-toaster-3.1.8-1.3.7


Cheers!
Quinn

-- 
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 554 9555

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [qmailtoaster] DSpam

2007-12-07 Thread Quinn Comendant 
On Thu, 15 Nov 2007 11:54:11 -0500, Kyle Quillen wrote:
 I would love to be able to have users forward spam messages.

This can be done using SA too, via sa-learn injection. Just create two aliases:

sudo valias -i '|sa-learn --spam --no-sync  /var/log/sa-learn-spam.log 21' 
[EMAIL PROTECTED];
sudo valias -i '|sa-learn --ham --no-sync  /var/log/sa-learn-ham.log 21' 
[EMAIL PROTECTED];

Then put this into cron to run nightly by user root:

qmail-spam stop  sudo -H -u vpopmail sa-learn --force-expire  qmail-spam 
start;


Quinn

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Fwd: smtp port 587

2007-07-19 Thread Quinn Comendant 
I wonder if anybody can comment on a client's request (below). Is there a 
setting for MSP 587 timeout?

Quinn

- Begin forwarded message -
Subject: smtp port 587
Date: Wed, 18 Jul 2007 14:22:08 -0700

I am having problems using thunderbird, port 587, tls.
It works on most connections, but not with this sat connection.
(high latency, low upload speed, direcway 7000)
Is there anyway to maybe tweak the timeout time on the smtp server, or 
something else that may help me out?
I cannot email any attachments, but text only emails go out smooth.
thanks
-pablo


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Fwd: QmailToaster: Update patches included in qmail toaster page : Task closed

2007-04-05 Thread Quinn Comendant 
On Wed, 4 Apr 2007 12:36:13 -0700, Erik A. Espinoza wrote:
 rpm -q --changelog qmail-toaster
 
 So far only bigdns and linefeed have been added.

I know, but...

http://www.google.com/search?q=qmail-smtpd-linefeed.patch

No matches. What is this patch?

Q

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 554 9555


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Fwd: QmailToaster: Update patches included in qmail toaster page : Task closed

2007-04-04 Thread Quinn Comendant 
- Begin forwarded message -
 FS#23 - Update patches included in qmail toaster page
 User who did this - Erik A. Espinoza (espinoza)
 
 Reason for closing: Won't fix
 Additional comments about closing: Wiki's can be edited by anyone. 
 Feel free to take care of this.

I would but I have no idea what patches were applied. I assume you do know. 
What are they?

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 554 9555


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] UPDATED PACKAGES: simscan-toaster, isoqlog-toaster, clamav-toaster, spamassassin-toaster, qmail-toaster

2007-03-28 Thread Quinn Comendant 
On Wed, 7 Mar 2007 12:05:19 -0800, Erik A. Espinoza wrote:
 qmail-toaster (added bigdns patch, linefeed patch)

Which is the linefeed patch? Add details to:
http://wiki.qmailtoaster.com/index.php/Patches_included_with_QmailToaster

 spamassassin-toaster (Upgraded to 3.1.8, Marked
 local.cf/v310.pre/v312.pre as configs)

The spamassassin spec file need to be changed to use %config(noreplace) rather 
than just %config (the addition of which doesn't really do anything useful on 
its own).

  %config(noreplace) %attr(0644,root,root) 
%{_sysconfdir}/mail/spamassassin/local.cf
  %config(noreplace) %attr(0644,root,root) 
%{_sysconfdir}/mail/spamassassin/v310.pre
  %config(noreplace) %attr(0644,root,root) 
%{_sysconfdir}/mail/spamassassin/v312.pre

 isoqlog-toaster (Fix ownership of cron.sh to root:root)

Thanks. I've also noticed these permissions peculiarities. They're not 
vulnerabilities, but just not standard:

* daemontools-toaster-0.76-1.3.2
  drw-r--r--  2 root root  4096 Mar 25 18:20 
/usr/share/doc/daemontools-toaster-0.76
  (Directory should be drwxr-xr-x)
  
* ezmlm-cgi-toaster-0.53.324-1.3.1
  -rwsr-sr-x  1 root root 57933 Oct  4 19:26 
/usr/share/toaster/cgi-bin/ezmlm.cgi
  (Suid executable should not have root user:group -- should be 
vpopmail:vchkpw?)
  
* control-panel-toaster-0.5-1.3.3
  drwxr-x---  2 apache apache 4096 Mar 25 18:10 /usr/share/toaster/htdocs/admin
  drwxr-x---  2 apache apache 4096 Mar 25 18:10 /usr/share/toaster/htdocs/images
  drwxr-x---  2 apache apache 4096 Mar 25 19:15 /usr/share/toaster/include
  (Directories should be drwxr-xr-x)
  
* isoqlog-toaster-2.1-1.3.3
  drw-r--r--  2 apache apache  4096 Mar 25 18:11 
/usr/share/toaster/isoqlog/htmltemp/images
  drw-r--r--  2 apache apache  4096 Mar 25 18:11 
/usr/share/toaster/isoqlog/htmltemp/library
  dr--r--r--  2 root   root4096 Mar 25 18:11 /usr/share/doc/isoqlog/tr
  (Directories should be drwxr-xr-x)
  -r--r--r--  1 root   root 244 Mar 25 17:34 /usr/share/doc/isoqlog/AUTHORS
  -r--r--r--  1 root   root3150 Mar 25 17:34 
/usr/share/doc/isoqlog/ChangeLog
  -r--r--r--  1 root   root1887 Mar 25 17:34 /usr/share/doc/isoqlog/COPYING
  -r--r--r--  1 root   root3152 Mar 25 17:34 
/usr/share/doc/isoqlog/EnderUNIX
  -r--r--r--  1 root   root 324 Mar 25 17:34 /usr/share/doc/isoqlog/FAQ
  -r--r--r--  1 root   root1613 Mar 25 17:34 /usr/share/doc/isoqlog/INSTALL
  -r--r--r--  1 root   root   0 Mar 25 17:34 /usr/share/doc/isoqlog/NEWS
  -r--r--r--  1 root   root1679 Mar 25 17:34 /usr/share/doc/isoqlog/README
  -r--r--r--  1 root   root 219 Mar 25 17:34 /usr/share/doc/isoqlog/TODO
  -r--r--r--  1 root   root1671 Mar 25 17:34 
/usr/share/doc/isoqlog/tr/BENIOKU
  -r--r--r--  1 root   root3675 Mar 25 17:34 
/usr/share/doc/isoqlog/tr/DEGISIKLIKLER
  -r--r--r--  1 root   root   2 Mar 25 17:34 
/usr/share/doc/isoqlog/tr/HABERLER
  -r--r--r--  1 root   root1887 Mar 25 17:34 
/usr/share/doc/isoqlog/tr/KOPYALAMA
  -r--r--r--  1 root   root1596 Mar 25 17:34 
/usr/share/doc/isoqlog/tr/KURULUM
  -r--r--r--  1 root   root 247 Mar 25 17:34 
/usr/share/doc/isoqlog/tr/YAZARLAR
  -r--r--r--  1 root   root  60 Mar 25 17:34 
/usr/share/doc/isoqlog/README.Turkish
  (Documentation files should be -rw-r--r--)
  
* clamav-toaster-0.90.1-1.3.11
  -rw-r-   1 root   root  3259 Jan 29 03:06 /etc/freshclam.conf
  (Should be readable by user clamav? Perhaps -rw-r--r--?)
  
* ucspi-tcp-toaster-0.88-1.3.4
  drw-r--r--  2 root root  4096 Mar 25 18:20 
/usr/share/doc/ucspi-tcp-toaster-0.88
  (Directory should be drwxr-xr-x)
  

Oh, and another thing. ezmlm-toaster needs -q added to %setup to be 
consistent with the other packages.

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 554 9555


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Apache-writable file executed as root (isoqlog cron.sh)

2007-02-21 Thread Quinn Comendant 
All

I found a possibly severe permissions issue. I've added this as a bug to the 
bug tracker as ticket #6 but should be corrected asap on existing QT 
installations.

The isoqlog cron script is installed writable by apache:

-rwxr-xr-x  1 apache apache 467 Jan 28 23:26 
/usr/share/toaster/isoqlog/bin/cron.sh

But executed with root privileges by the entries added to /etc/crontab during 
installation.

This is a serious privilege escalation vulnerability than can be exploited by 
any flaws in apache or apache-run scripts.

SOLUTIONS

1. For currently installed systems, change permissions of the cron.sh file to:

chown root:root /usr/share/toaster/isoqlog/bin/cron.sh;
chmod 755 /usr/share/toaster/isoqlog/bin/cron.sh;

2. Update isoqlog-toaster.spec to install isoqdir as:

%attr(0755,root,root) %{isoqdir}/bin/*

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Fwd: [qmailadmin] Patch for autorespond

2007-02-14 Thread Quinn Comendant 
FYI: a patch for autorespond to prevent spam from getting a reply. I would 
recommend adding this to the toaster.

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410


- Begin forwarded message -
Subject: [qmailadmin] Patch for autorespond
Date: Wed, 14 Feb 2007 15:14:50 +0100
From: Simone Lazzaris [EMAIL PROTECTED]
Reply-To: qmailadmin@inter7.com
To: qmailadmin@inter7.com
X-Spam-Status: No, score=-2.4 required=3.2 tests=BAYES_00,DK_POLICY_SIGNSOME, 
SARE_SUB_OBFU_Q1 autolearn=no version=3.1.7

Hi anybody/everybody

I've patched autorespond (v2.0.4, but the patch also apply to 2.0.5) to detect 
spam messages tagged by spamassassin; this to avoid to respond to spam 
messages. Patch is:

--- autorespond-2.0.4-orig/autorespond.c2003-08-25 18:11:58.0 
+0200
+++ autorespond-2.0.4/autorespond.c 2007-02-14 14:53:00.0 +0100
@@ -640,7 +640,8 @@
}
if ( inspect_headers(precedence, junk ) != (char *)NULL ||
 inspect_headers(precedence, bulk ) != (char *)NULL ||
-inspect_headers(precedence, list ) != (char *)NULL )
+inspect_headers(precedence, list ) != (char *)NULL ||
+inspect_headers(X-Spam-Status, Yes ) != (char *)NULL )
{
fprintf(stderr,AUTORESPOND: Junk mail received.\n);
_exit(100);



It would be nice to have this integrated in autorespond.

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Heavy qmail queue pls help !!!

2007-01-31 Thread Quinn Comendant 
On Tue, 30 Jan 2007 02:33:24 +0300, Alexey Loukianov wrote:
 AFAIK, it chooses the LAST available interface on the system (the 
 last one ifconfig shows). This behavior is something I dislike and 
 I'm thinking about implementing a patch allowing manual selection of 
 outgoing IP/port pair to send a message from for qmail-rspawn.

We use iptables to set the source IP address for outgoing smtp traffic. It has 
happened before that we needed to change IP address if one becomes blacklisted.

iptables -t nat -A POSTROUTING -p tcp -m --dport 25 -j SNAT --to-source 
xxx.xxx.xxx.xxx

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Spamassassin has problem in scanning

2007-01-31 Thread Quinn Comendant 
On Tue, 30 Jan 2007 13:31:43 -0800, Erik Espinoza wrote:
 Updated rules, catches more of the stock spam and what not.
 
 It's nice. Read up at http://saupdates.openprotect.com/

I think ashok means he installed OpenProtect's software package (a collection 
of programs that replaces simscan/spamassassin/clamav): 
http://www.openprotect.com/doc.html#download

This is different than OpenProtect's SpamAssassin sa-update channel, which I 
too use and is very nice, and is very compatible with all of QT's architecture 
(although I agree it shouldn't be configured by default in the QT).

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] UPDATE qmail-toaster-1.03-1.3.13.src.rpm URGENT

2007-01-31 Thread Quinn Comendant 
On Wed, 31 Jan 2007 15:13:46 +0100, Jean-Paul van de Plasse wrote:
 Or to manualy change the run script by changing the line 
 REQUIRE_AUTH=1
 to
 export REQUIRE_AUTH=1

The smtp/run script maybe also has this but as it only has:

REQUIRE_AUTH=0

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] setting noreplace more in *-toaster.specs

2007-01-30 Thread Quinn Comendant 
On Mon, 29 Jan 2007 10:07:08 -0700, Eric Shubes wrote:
 Erik Espinoza wrote:
 I put all of my custom conifg in myconfig.cf. It's easier that way,
 just a thought.

This can be trouble if the other .cf and .pre files happen to appear (from 
upgrading, etc) and your config values are supersceeded by the same config in 
another file. They're loaded alphabetically, .pre files first, then .cf files.

 And a very good one. I didn't realize that SA looks for all .cf files.

And .pre files.

 While I think that creating a local.pre file might be preferable, [...]

Except a .pre file should not contain any config values that depends on the a 
plugin being already loaded. .pre files contain things to load first, .cf files 
contain config for things already loaded.

Q

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] overquota.msg typo again

2007-01-28 Thread Quinn Comendant 
Typo in /home/vpopmail/domains/.overquota.msg:

This user has exceeded there mail quota.

there = their

I've reported this before...but?

It seems we could use a system for managing bugs tasks and issues. It could be 
as easy as adding an ISSUES page to the wiki, although it could become 
unmanageable quickly if there are more than a few items. I'd be more inclined 
to setup and use web-based issue-tracking software such as Trac 
www.edgewall.com/trac. We use that constantly here at Strangecode and it is 
awesome. Or even a hosted system like bugzilla.

Whichever system is used it is essential of course that it *is* used 
consistently. If y'all think Trac is an aTractive option I'm happy to assist in 
installing or even hosting it on our servers (eg: trac.qmailtoaster.com).

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Re: Development Package: qmail-toaster-1.03-1.3.8.src.rpm

2007-01-28 Thread Quinn Comendant 
On Wed, 8 Nov 2006 22:37:45 -0800, Erik Espinoza wrote:
 I will add support for qmailmrtg to monitor the submission logs once
 this feature makes it to stable.
 
 Thanks,
 Erik

Just a reminder... ;P

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] setting noreplace more in *-toaster.specs

2007-01-26 Thread Quinn Comendant 
On Thu, 25 Jan 2007 19:22:30 -0700, Eric Shubes wrote:
 %{qdir}/supervise/spamd/run
 
 I don't think of this as a configuration file. [...]

It's not really a configuration file but because it is something that might 
be fine-tuned there is a strong advantage to adding the %config(noreplace) flag 
in the rpm spec. By doing so we only ensure that upgrades will not overwrite 
this file if it is changed. The drawback is that if this file *is* modified as 
in a new version, the new copy will not be installed immediately, instead it 
will be installed in the same location with a .rpmnew extension (and a message 
printed to screen during install). The user will then need to compare their 
modified file (run) with the .rpmnew file (run.rpmnew). But this gives them the 
chance to merge the upgrade changes with their own modifications.

 As recently discussed on the
 this list, I think it'd be good if the toaster had
 /var/qmail/control/supervise/${service}/concurrent (or some such) control
 files where tailoring of tcpserver parameters would be specified. These
 control files, when present, should then be specified as %config(noreplace).
 In the case of spamd, the -L switch should be tailorable. So there might be
 a /var/qmail/control/supervise/spamd/switches file, which would contain
 -L, and the corresponding run file would include in the exec command line
 if the switches file exists.

I think that's really too much complexity and it makes it harder for everybody. 
How many control files would be needed to customize spamd the way I'm running 
it, which is:

exec /usr/bin/spamd -q -x -u vpopmail -s stderr -P -m 15 --min-spare=2 
--max-spare=5 --max-conn-per-child=50 --timeout-child=20 --timeout-tcp=20 21

 %{_sysconfdir}/mail/spamassassin/v310.pre
 %{_sysconfdir}/mail/spamassassin/v312.pre
 
 I'm not so sure about these two.

These too are definitely config files (the .pre extension simply means they are 
loaded before other .cf files). 7 lines are different in mine than those 
distributed (i.e. I've enabled 7 plugins). A normal spamassassin upgrade with 
never overwrite files in /etc/mail/spamassassin, so we shouldn't either.

 The wiki instructions for SURBL say to
 modify v310.pre to add the loading of URIDNSBL. Couldn't this be included in
 the stock toaster without changing its behavior (given the -L switch)? I
 think this would be desirable to have in the stock toaster.

I'm not sure if URIDNSBL is enabled by -L. But then again, there are so many 
different permutations I think the best option is simply providing stock 
spamassassin configuration files and assume the installing sysadmin will know 
what he needs (or ask the spamassassin list for advice).

 Is there a local type of configuration file where non-stock plugins
 could/should be loaded so that the v31?.pre files aren't normally modified?
 These files seem to me to be ones that might change with upgrades, so
 shouldn't be modified to tailor the configuration.

The naming scheme of the .pre files gives it away. If additional features are 
released in a future version of spamassassin a new plugin config file will be 
included as v3XX.pre (indicating the version it was released with).

 FWIW, if you use qtp-newmodel to do the upgrade, your former configuration
 files are be backed up in /usr/src/qtp-upgrade/backups/. This includes the
 mail/spamassassin files, but not the run files. If the run files need to be
 included in this process, let me know and I'll add them.

I run a backup script daily with a the following save set:

/etc/clamd.conf
/etc/courier
/etc/freshclam.conf
/etc/httpd/conf.d/toaster.conf
/etc/isoqlog/isoqlog.conf
/etc/mail/spamassassin
/etc/tcprules.d
/home/vpopmail/.spamassassin
/home/vpopmail/domains/.overquota.msg
/home/vpopmail/domains/.procmailrc-template
/home/vpopmail/domains/.qmail-user-template
/home/vpopmail/domains/.quotawarn.msg
/home/vpopmail/etc
/usr/share/clamav
/usr/share/qmailadmin/html
/usr/share/qmailadmin/images
/usr/share/qmailadmin/lang
/usr/share/toaster/include/admin.htpasswd
/usr/share/toaster/mrtg/qmailmrtg.cfg
/var/qmail/alias
/var/qmail/control
/var/qmail/supervise/authlib/run
/var/qmail/supervise/clamd/run
/var/qmail/supervise/imap4-ssl/run
/var/qmail/supervise/imap4/run
/var/qmail/supervise/pop3-ssl/run
/var/qmail/supervise/pop3/run
/var/qmail/supervise/send/run
/var/qmail/supervise/smtp/run
/var/qmail/supervise/spamd/run
/var/qmail/users

What do you think Erik?

Q

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Fwd: [simscan] attachment filename scanning bug report

2007-01-25 Thread Quinn Comendant 

On Wed, 24 Jan 2007 11:43:30 +0200, Peter Peltonen wrote:
 On 1/22/07, Quinn Comendant [EMAIL PROTECTED] wrote:
 FYI: I found an issue with simscan this morning that y'all should be 
 aware of. Read below...
 
 Has this bug been confirmed?

I don't know. I emailed my bug report to the simscan list but there wasn't a 
single reply.

Quinn

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] couriertls couriersslcache error

2007-01-25 Thread Quinn Comendant 
On Sat, 20 Jan 2007 13:27:14 +0200, Peter Peltonen wrote:
 On 1/6/07, Quinn Comendant [EMAIL PROTECTED] wrote:
 I discovered I could solve the issue by changing the TLS_CACHEFILE 
 value in /etc/courier/{pop3d-ssl,imap4-ssl} from:
 
 In your experience, what is the impact of using Courier's TLS CACHE on
 performance? Can you notice some improvement?

I didn't notice anything, but the documentation recommends using it.

Quinn


-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] setting noreplace more in *-toaster.specs

2007-01-25 Thread Quinn Comendant 
Can we set the %config(noreplace) specification for a few more files? 
Specifically, I found after upgrading spamassassin that my local.cf and run 
files were hosed:

%{qdir}/supervise/spamd/run
%{_sysconfdir}/mail/spamassassin/local.cf
%{_sysconfdir}/mail/spamassassin/v310.pre
%{_sysconfdir}/mail/spamassassin/v312.pre

I'm not sure what other files might also need to be saved... I just thought I'd 
ask if you thought this would be a good idea for the group. If so I'm happy to 
go through all the spec files and suggest which files I think should have 
config status.

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] recent changes and changelogs

2007-01-22 Thread Quinn Comendant 


On Mon, 22 Jan 2007 15:31:18 -0500, Jake Vickers wrote:
 Not sure how to do this on the wiki I guess I could write a 
 script that would download the qmail-toaster package and grab the 
 release notes (out of the SPEC file I imagine would be the best) then 
 (for simplicity) spit that back out to a text file that could be a 
 link on the wiki for the latest release notes;

This is the built in rpm command for listing the changelog of a rpm:
rpm -qp --changelog x-toaster-yyy-zzz.src.rpm  
site/changelogs/x-toaster.txt

otherwise we get into 
 injecting mysql tables and what-not into the wiki's tables to update 
 the info If we go this route (putting it on the wiki) can anyone 
 else think of an easy way to do it?

If you want to keep the changelog within the wiki (instead of just linking to a 
text file) the best way to do it would be to use a mediawiki extension. And I'm 
happy to write it if you want to go this route. URLs would be, for example:

http://wiki.qmailtoaster.com/index.php/Special:ChangeLogs?f=simscan-toaster

It would load the changelogs from text files that are generated from the RPMs 
every 5 mins so they're always recent.

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] recent changes and changelogs

2007-01-22 Thread Quinn Comendant 
On Mon, 22 Jan 2007 13:25:05 -0700, Eric Shubes wrote:
 The main site (1.3.10) contains the latest DomainKey patches (more than just
 logging).

Yes, but what ARE the patches? ;P That's exactly my point.

 And Alexey mentioned once he would add a feature to disable 
 DomainKeys in the right way -- did this ever get added? On the 
 main site?
 
 I don't know of any specific feature for this, but to disable incoming
 checking, user DKVERIFY=, and to disable signing use DKSIGN=%

I understood that disabling domainkeys with DKVERIFY= does not *completely* 
disable domainkeys, and thus we needed to change the qmail-queue symlink to 
qmail-queue.orig. Alexey mentioned in this email that he would consider fixing 
qmail-dk to make it possible to disable domainkeys in a Right Way:

http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg09465.html

Quinn


-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] recent changes and changelogs

2007-01-22 Thread Quinn Comendant 
On Tue, 23 Jan 2007 00:40:08 +0300, Alexey Loukianov wrote:
 Jake, hang on for a minute. Changelogs are basically the product of 
 development process itself, so they must be kept in track accordingly.
 That's why I think that first we should discuss it with Erik and 
 Nick, and only then made any changes and decisions concerning where 
 to store (and where to get from) changelogs.

I agree. The *best* solution is of course for the developer to rewrite the 
changelogs into a normal-human-readable format on the website, and keep it 
up-to-date, in an easy-to-find location.

Quinn

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Fwd: [simscan] attachment filename scanning bug report

2007-01-22 Thread Quinn Comendant 
FYI: I found an issue with simscan this morning that y'all should be aware of. 
Read below...

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410


- Begin forwarded message -
Subject: [simscan] attachment filename scanning bug report
Date: Mon, 22 Jan 2007 13:38:16 -0800
From: Quinn Comendant [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]


I found a problem with simscan's attachment scanning: the filename matching is 
overly sensitive. I'm using version 1.2 but the problem should exist in all 
recent versions. Here's an example running on simscan with a cdb including 
attach=.exe:.bat:.pif:.src:

My email contains two attachments, the filename of one is:

Content-Disposition: attachment;
filename=C A Blum TeachVenture Recruiting Invoice 016 11-30-06.doc

Simscan thinks this filename matches the attachment extension .src, and so 
the email is rejected.

Problem #1: Filenames with spaces are not handled properly. This filename is 
processed only as C. (See debug output below.)

Problem #2: The entire attachment extension is not matched, regardless of a 
dot. If the specified extension is .src then only .src should match, not 
c, rc, or src.

Proposed solution: Use a more specific string matching function instead of this:
if ( str_rstr(mydirent-d_name,bk_attachments[i]) == 0 ) {
(I'm not well versed in C, so I'm not sure what would be used.)


[EMAIL PROTECTED]/1 ~]$QMAILQUEUE=/var/qmail/bin/simscan SIMSCAN_DEBUG=5 
/var/qmail/bin/qmail-inject [EMAIL PROTECTED]  teachventure-attach.eml 
simscan: cdb looking up 
simscan: cdb for  found clam=yes,spam=yes,spam_hits=8,attach=.exe:.bat:.pif:.src
simscan: pelookup clam = yes
simscan: pelookup spam = yes
simscan: pelookup spam_hits = 8
simscan: Per Domain Hits set to : 8.00
simscan: pelookup attach = .exe:.bat:.pif:.src
simscan: attachment flag attach = .exe:.bat:.pif:.src
simscan: add_attach called with .exe:.bat:.pif:.src
simscan: .exe is attachment number 0
simscan: .bat is attachment number 1
simscan: .pif is attachment number 2
simscan: .src is attachment number 3
simscan: starting: work dir: /var/qmail/simscan/1169498396.417942.30775
simscan: pelookup: called with [EMAIL PROTECTED]
simscan: pelookup: domain is gmail.com
simscan: cdb looking up gmail.com
simscan: pelookup: local part is beausmith
simscan: lpart: local part is **
simscan: cdb looking up [EMAIL PROTECTED]
simscan: pelookup: called with [EMAIL PROTECTED]
simscan: pelookup: domain is hoodwink.us
simscan: cdb looking up hoodwink.us
simscan: pelookup: local part is q
simscan: lpart: local part is **
simscan: cdb looking up [EMAIL PROTECTED]
simscan: checking attachment textfile0 against .exe
simscan: checking attachment textfile0 against .bat
simscan: checking attachment textfile0 against .pif
simscan: checking attachment textfile0 against .src
simscan: checking attachment C against .exe
simscan: checking attachment c against .bat
simscan: checking attachment c against .pif
simscan: checking attachment c against .src
simscan:[30774]:ATTACH:0.0108s:c:(null):[EMAIL PROTECTED]:[EMAIL PROTECTED]
simscan: exit error code: 82
qmail-inject: fatal: Your email was rejected because it contains a bad 
attachment: c


Cheers!
Quinn


-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Consolodating emails on multiple lists

2007-01-22 Thread Quinn Comendant 
On Tue, 23 Jan 2007 00:08:27 +0300, Alexey Loukianov wrote:
 AFAIK, that's it. Qmail will not sort/uniq the recipients of the 
 message, it will simply forward it, resulting in dupes. If you need 
 another behavior, you will have either to write a custom patch for 
 ezmlm, implementing sublists feature, or to find/create another 
 mailing list software with the sublists feature.

It is true, if multiple email addresses resolve to the same user qmail will 
deliver multiple emails. I discovered the same thing (People frequently CC mail 
to quinn@, support@, and hello@ and I receive 3 mails). 

My solution is to use a procmail and formail trick:

1. To use procmail with a qmailtoaster user you need to create a domain-level 
qmail file that will pipe the message correctly to procmail. Here, be sure to 
replace username with actual local user, and example.com with domain, and 
ensure path is correct, as well as ensure the ownership is chown 
vpopmail:vchkpw. The file should exist at: 

/home/vpopmail/domains/0/example.com/.qmail-username

and contains (all on one line!):

| preline procmail -p -m 
/home/vpopmail/domains/0/example.com/username/.procmailrc | 
/home/vpopmail/bin/vdelivermail '' bounce-no-mailbox


2. Create the procmailrc file at:

/home/vpopmail/domains/0/example.com/username/.procmailrc

3. Containing one of the following rules. First, one for testing -- this will 
move duplicate messages into a folder called duplicates:

:0 Whc: msgid.lock
| formail -D 8192 ./msgid.cache
:0 a:
.duplicates/

And this one will just delete the messages:

:0 Wh: msgid.lock
| formail -D 8192 ./msgid.cache

Duplicate emails will then be deleted. This trick would not work system-wide of 
course - it needs to be installed for each user. 

See my tool for assisting in the use of procmail scripts here:
http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg08919.html

Quinn

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] POP3 password scanning

2007-01-22 Thread Quinn Comendant 
I found 8000+ entries in my logs like this:

2007-01-21 09:51:25.570281500 tcpserver: status: 200/200
2007-01-21 09:51:25.570410500 tcpserver: pid 28241 from 24.220.50.36
2007-01-21 09:51:25.571261500 tcpserver: ok 28241 
two.strangecode.com:72.3.142.43:110 
host-36-50-220-24.midco.net:24.220.50.36::41979
2007-01-21 09:51:25.571839500 tcpserver: end 28241 status 256
2007-01-21 09:51:25.571842500 tcpserver: status: 199/200

There was a robot running on 24.220.50.36 scanning all usernames looking for 
valid user/pass pairs. I thought  good solution to this would be to add a 
configuration to fail2ban (we use it for stopping ssh scanning) which will 
block the IP with iptables if it detects too many failed password attempts.

So I looked for the log file to use as a detection point for the multiple 
failed passwords. But then I found a paradox. In my /var/log/maillog are many 
entries like this:

Jan 21 08:31:02 mx vpopmail[11387]: vchkpw-pop3: password fail (pass: 
'257a2117dc3b42e16ef3263877ad6aaf') [EMAIL PROTECTED]:86.142.39.161
Jan 21 08:31:02 mx vpopmail[11389]: vchkpw-pop3: (PLAIN) login success [EMAIL 
PROTECTED]:86.142.39.161
Jan 21 08:31:17 mx vpopmail[11399]: vchkpw-pop3: password fail (pass: 
'7f6b74c8646dc5b228d488ccce2e1559') [EMAIL PROTECTED]:67.161.162.12
Jan 21 08:31:17 mx vpopmail[11401]: vchkpw-pop3: (PLAIN) login success [EMAIL 
PROTECTED]:67.161.162.12
Jan 21 08:32:16 mx vpopmail[11481]: vchkpw-pop3: password fail (pass: 
'da50101dd890e149154f01aa3c5c1e1a') [EMAIL PROTECTED]:212.186.68.140
Jan 21 08:32:17 mx vpopmail[11486]: vchkpw-pop3: (PLAIN) login success [EMAIL 
PROTECTED]:212.186.68.140

These are md5-digest (I think) password failures, followed by plaintext 
password success. These are all honest valid users, and it is normal. I think 
they all use a POP3 client (maybe Apple Mail) that first tries md5-digest, and 
if it doesn't work, uses plaintext. The paradox is that fail2ban must scan the 
logs for password failures to detect which IP address to block. But because of 
these honest password failures there is no way to detect the difference 
between a robot trying wrong password, and a helpful POP3 client trying a 
wrong auth method.

Any ideas how to detect the IP of a pop3 scanning robot?

Quinn


-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Consolodating emails on multiple lists

2007-01-22 Thread Quinn Comendant 
On Tue, 23 Jan 2007 02:30:34 +0300, Alexey Loukianov wrote:
 I'm not sure procmail will be able to filter out such almost dupes, 
 but in any case James will be forced to modify each user separately 
 to filter out dupes, which is not the easiest thing to deploy and 
 administer.

The formail -D trick works because it uses the Message-ID, which is added 
(usually) by the originating mail program. I did a quick test: I created two 
test email lists, each with the two same subscribers. I sent an email to both 
lists (CCed). The user with the formail -D config received only one copy of the 
mailings, and the user with no procmail received both mailings.

Is there any case when mailing list or MTA software will change the Message-ID 
of an email?

Quinn

-
Strangecode :: Internet Consultancy
http://www.strangecode.com/
+1 530 624 4410


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

  1   2   3   >