Re: [qmailtoaster] spamdyke
The message DENIED_RDNS_RESOLVE means the remote server has an rDNS name but the name does not resolve to an IP address. The full list of possible messages is listed here: http://www.spamdyke.org/documentation/README.html#LOG To deactivate this filter, remove the reject-unresolvable-rdns option from your spamdyke configuration file. -- Sam Clippinger Eric C. Broch wrote: Hello list, Spamdyke is rejecting many legitimate emails with the DENIED_RDNS_RESOLVE flag. When I do a reverse lookup ‘nslookup IP-Address’ on these senders there is indeed a reverse record. Has anyone encountered this behavior in spamdyke? If so, what is the cause? I don’t want disable this option as it blocks many erroneous IP’s and unwanted email nor do I want to add entries to files unnecessarily. Eric Eric C. Broch White Horse Technical Consulting - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] spamdyke
This looks like a DNS problem to me. If the spamdyke server can't find the MX record quickly enough, it will reject the message. By the time the remote server retries delivery, the MX record is cached by the spamdyke server's local DNS server and the message is allowed. spamdyke's DNS-based filters send temporary rejection codes (so the remote server will retry) for exactly this reason. Another possibility is that your primary and secondary DNS servers are out of sync and returning different results. In that case, spamdyke could be getting different responses each time it's filters run. If you compile spamdyke with excessive output and activate full logging, the log files will show which DNS servers are being queried and what responses are received. On Dec 31, 2008, at 8:59 PM, Eric C. Broch ebr...@whitehorsetc.com wrote: Eric S, Thanks. Here's the info: The DNS MX for domain1 has been active for 1.5 years! For domain0 1.5 days. Spamdyke version install with QTP: spamdyke 4.0.9+TLS+CONFIGTEST+DEBUG (C)2008 Sam Clippinger, samc (at) silence (dot) org Below is a copy of my spamdyke.conf: #dns-blacklist-entry=zombie.dnsbl.sorbs.net #dns-blacklist-entry=dul.dnsbl.sorbs.net #dns-blacklist-entry=bogons.cymru.com dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=bl.spamcop.net graylist-dir=/var/spamdyke/graylist graylist-level=always graylist-max-secs=2678400 graylist-min-secs=180 greeting-delay-secs=1 idle-timeout-secs=60 ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords ip-whitelist-file=/etc/spamdyke/whitelist_ip local-domains-file=/var/qmail/control/rcpthosts log-level=debug log-target=stderr max-recipients=50 #policy-url=http://my.policy.explanation.url/ rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients reject-empty-rdns #reject-ip-in-cc-rdns reject-missing-sender-mx reject-unresolvable-rdns sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders tls-certificate-file=/var/qmail/control/servercert.pem This is MX dig on domain0.com qmailtoaster of domain1.com Domain0.com is the one that yields MX errors in the smtp log for domain1.com: [domain0]# dig mx domain1.com ; DiG 9.3.4-P1 mx domain1.com ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 35358 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ; domain1.com. IN MX ;; ANSWER SECTION: domain1.com. 3600IN MX 0 xx.xxx.xx.xxx. ;; AUTHORITY SECTION: domain1.com. 3536IN NS ns55.domaincontrol.com. domain1.com. 3536IN NS ns56.domaincontrol.com. ;; Query time: 75 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Wed Dec 31 19:37:02 2008 ;; MSG SIZE rcvd: 115 Another question: What is the format, if any, for wildcards in the spamdyke 'whitelist_sender' file? I want to specify a whole domain. I don't see an answer on spamdyke help I tried these: domain1.com *...@domain1.com Eric C. Broch White Horse Technical Consulting - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] spamdyke smtp logging bugs
I've just released spamdyke 4.0.8, which should fix this issue. It's available from: http://www.spamdyke.org/ If you installed spamdyke using the QmailToaster Plus package, you should be able to use that package to upgrade. -- Sam Clippinger Sam Clippinger wrote: I don't see anything obviously wrong with your run file, but it certainly looks like two spamdyke log lines are overlapping for some reason. After going through some source code, I see this is a problem with the basic design of DJB's multilog program. When spamdyke prints logging output to stderr, it actually uses three function calls to do it. The first prints spamdyke[PID]:, the second prints the rest of the log text and the third prints a newline character. If two different spamdyke processes print messages at the same time, those three calls can become intermixed (a classic race condition). Because multilog only uses one pipe for input, it can't separate input from two different processes to keep the messages intact. It just prints what it sees which, in this case, is garbage. I'll update spamdyke to print its log messages using a single function call; that should work around this problem. This is just one more reason not to use multilog, I guess. Thanks for reporting this! -- Sam Clippinger Philip Nix Guru wrote: Yes the * were added manually sorry for the confusion # cat /var/qmail/supervise/smtp/run #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SPAMDYKE=/usr/local/bin/spamdyke SPAMDYKE_CONF=/etc/spamdyke/spamdyke.conf SMTPD=/var/qmail/bin/qmail-smtpd TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb HOSTNAME=`hostname` VCHKPW=/home/vpopmail/bin/vchkpw REQUIRE_AUTH=0 exec /usr/bin/softlimit -m 1200 \ /usr/bin/tcpserver -v -R -h -l $HOSTNAME -x $TCP_CDB -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ $SPAMDYKE --config-file $SPAMDYKE_CONF \ $SMTPD $VCHKPW /bin/true 21 -P Sam Clippinger wrote: It looks like spamdyke is being run multiple times for each connection -- the two spamdyke PIDs in the logs are different. What does your run file look like? I have no idea where the asterisks came from. Did you insert those manually to highlight the duplicated text? -- Sam Clippinger Philip Nix Guru wrote: Hello I was playing with a spamdyke-stats.pl script I saw, trying to update it to work with the qtoaster setup and I was getting some strange results .. so I checked the logs and found that that I had a few spamdyke[###]:spamdyke[] in my smtp log file example : (I converted TAI64N timestamps for better readings) 2008-11-03 23:51:28.405450500 spamdyke[26362]: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) 2008-11-03 23:51:28.446391500 *spamdyke[26365]: spamdyke[26362]*: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown)DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) 2008-11-03 23:51:28.488134500 *spamdyke[26365]: spamdyke[26362]*: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown)DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) 2008-11-03 23:51:28.536631500 *spamdyke[26365]: spamdyke[26362]*: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) It seems to happen when you have multiple emails reaching different users on the same domain - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org
Re: [qmailtoaster] spamdyke and tcpserver
I wouldn't add them unconditionally, because spamdyke will generate errors if it can't open a nonexistent file. What you're doing now is probably best. I'm not very familiar with QMT's admin tools -- how does /var/qmail/control/morercpthosts get created in the first place? Does one of the admin tools automatically create the file when /var/qmail/control/rcpthosts gets too big? -- Sam Clippinger Eric Shubert wrote: Sam Clippinger wrote: That's probably all that needs to happen. I don't have a copy of the QTP spamdyke configuration file handy, but it should also contain local-domains-file lines to load /var/qmail/control/rcpthosts and /var/qmail/control/morercpthosts if spamdyke is going to correctly handle relaying. The local-domains-file parameter is added by the script for each of rcpthosts and morercpthosts, but only when they exist. Would it perhaps be better to always add them whether they exist or not? -- Sam Clippinger Eric Shubert wrote: Looks like I missed this one, Philip. Thanks for pointing it out. From what I'm seeing, I simply need to add: access-file=/etc/tcprules.d/tcp.smtp to the configuration file. I'm not seeing anything that would change in the run.spamdyke file. I guess the parameter could be added to either place, but I'm trying to keep the configuration as cohesive as possible. Sam, does this look right to you? If so I'll get in in the next QT-Plus release. Philip wrote: Thx Sam for clearing up a few things In that case the spamdyke installation script used by qtp-plus should maybe add the |access-file| option and use the /etc/tcprules.d/tcp.smtp as parameters in the run.spamdyke file If ppl had local ips or other ips to prevent rbl checking or allowing relaying it has no effect anymore. Or those ips should be under some conditions added to the whitelist_ip file of spamdyke -P Sam Clippinger wrote: spamdyke cannot read CDB files but it can read the /etc/tcp.smtp file (text version) and use some of the values, mostly for controlling relaying. For example, if the incoming IP address matches a line that sets the RELAYCLIENT variable, spamdyke will allow the client to relay. See the documentation here: http://www.spamdyke.org/documentation/README.html#RELAYING However, setting a SPAMDYKE variable in /etc/tcp.smtp has no effect. spamdyke's configuration is set through its configuration file(s), not the environment. -- Sam Clippinger Philip Nix Guru wrote: Heheh Yes I am using the whitelist_ip file you can either enter x.y.z or x.y.z. for a c-class I was just curious about the tcp.smtp file :) I know that spamdyke cant use cdb files -P Eric Shubert wrote: Philip wrote: Hello I was wondering about how to disable spamdyke by ip range can we do something like : 1.2.3.:allow,RELAYCLIENT=,RBLSMTPD=,SPAMDYKE=,NOP0FCHECK=1 in tcp.smtp file or you better add your c-class or any subnet to the whitelist_ip file from spandyke ? Thx for the info I don't know of anything like the former. qmail (and thus spamdyke) doesn't necessarily use tcpserver, so I'd be surprised if this were available. I'd look toward the whitelist_ip file. I'm not sure how to specify and IP range there though. Check the documentation. I'm expect that Sam will chime in here and enlighten us further. ;) -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - QmailToaster hosted by: VR Hosted http://www.vr.org
Re: [qmailtoaster] spamdyke smtp logging bugs
It looks like spamdyke is being run multiple times for each connection -- the two spamdyke PIDs in the logs are different. What does your run file look like? I have no idea where the asterisks came from. Did you insert those manually to highlight the duplicated text? -- Sam Clippinger Philip Nix Guru wrote: Hello I was playing with a spamdyke-stats.pl script I saw, trying to update it to work with the qtoaster setup and I was getting some strange results .. so I checked the logs and found that that I had a few spamdyke[###]:spamdyke[] in my smtp log file example : (I converted TAI64N timestamps for better readings) 2008-11-03 23:51:28.405450500 spamdyke[26362]: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) 2008-11-03 23:51:28.446391500 *spamdyke[26365]: spamdyke[26362]*: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown)DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) 2008-11-03 23:51:28.488134500 *spamdyke[26365]: spamdyke[26362]*: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown)DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) 2008-11-03 23:51:28.536631500 *spamdyke[26365]: spamdyke[26362]*: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) It seems to happen when you have multiple emails reaching different users on the same domain - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamdyke and tcpserver
I'm not sure if this applies or not but it might solve your problem: http://www.spamdyke.org/documentation/FAQ.html#TROUBLE5 -- Sam Clippinger Philip Nix Guru wrote: From my testing adding those 2 lines in spamdyke.conf local-domains-file=/var/qmail/control/rcpthosts local-domains-file=/var/qmail/control/morercpthosts didnt change anything, all is still working fine on this busy test server But adding access-file=/etc/tcprules.d/tcp.smtp (using different tcp.smtp files for testing purpose) I dont have any mail parsed through spamassassin anymore, as soon as I remove that configuration it have activity again ... cant explain yet why :) Sam Clippinger wrote: I wouldn't add them unconditionally, because spamdyke will generate errors if it can't open a nonexistent file. What you're doing now is probably best. I'm not very familiar with QMT's admin tools -- how does /var/qmail/control/morercpthosts get created in the first place? Does one of the admin tools automatically create the file when /var/qmail/control/rcpthosts gets too big? -- Sam Clippinger Eric Shubert wrote: Sam Clippinger wrote: That's probably all that needs to happen. I don't have a copy of the QTP spamdyke configuration file handy, but it should also contain local-domains-file lines to load /var/qmail/control/rcpthosts and /var/qmail/control/morercpthosts if spamdyke is going to correctly handle relaying. The local-domains-file parameter is added by the script for each of rcpthosts and morercpthosts, but only when they exist. Would it perhaps be better to always add them whether they exist or not? -- Sam Clippinger Eric Shubert wrote: Looks like I missed this one, Philip. Thanks for pointing it out. From what I'm seeing, I simply need to add: access-file=/etc/tcprules.d/tcp.smtp to the configuration file. I'm not seeing anything that would change in the run.spamdyke file. I guess the parameter could be added to either place, but I'm trying to keep the configuration as cohesive as possible. Sam, does this look right to you? If so I'll get in in the next QT-Plus release. Philip wrote: Thx Sam for clearing up a few things In that case the spamdyke installation script used by qtp-plus should maybe add the |access-file| option and use the /etc/tcprules.d/tcp.smtp as parameters in the run.spamdyke file If ppl had local ips or other ips to prevent rbl checking or allowing relaying it has no effect anymore. Or those ips should be under some conditions added to the whitelist_ip file of spamdyke -P Sam Clippinger wrote: spamdyke cannot read CDB files but it can read the /etc/tcp.smtp file (text version) and use some of the values, mostly for controlling relaying. For example, if the incoming IP address matches a line that sets the RELAYCLIENT variable, spamdyke will allow the client to relay. See the documentation here: http://www.spamdyke.org/documentation/README.html#RELAYING However, setting a SPAMDYKE variable in /etc/tcp.smtp has no effect. spamdyke's configuration is set through its configuration file(s), not the environment. -- Sam Clippinger Philip Nix Guru wrote: Heheh Yes I am using the whitelist_ip file you can either enter x.y.z or x.y.z. for a c-class I was just curious about the tcp.smtp file :) I know that spamdyke cant use cdb files -P Eric Shubert wrote: Philip wrote: Hello I was wondering about how to disable spamdyke by ip range can we do something like : 1.2.3.:allow,RELAYCLIENT=,RBLSMTPD=,SPAMDYKE=,NOP0FCHECK=1 in tcp.smtp file or you better add your c-class or any subnet to the whitelist_ip file from spandyke ? Thx for the info I don't know of anything like the former. qmail (and thus spamdyke) doesn't necessarily use tcpserver, so I'd be surprised if this were available. I'd look toward the whitelist_ip file. I'm not sure how to specify and IP range there though. Check the documentation. I'm expect that Sam will chime in here and enlighten us further. ;) -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED
Re: [qmailtoaster] spamdyke smtp logging bugs
I don't see anything obviously wrong with your run file, but it certainly looks like two spamdyke log lines are overlapping for some reason. After going through some source code, I see this is a problem with the basic design of DJB's multilog program. When spamdyke prints logging output to stderr, it actually uses three function calls to do it. The first prints spamdyke[PID]:, the second prints the rest of the log text and the third prints a newline character. If two different spamdyke processes print messages at the same time, those three calls can become intermixed (a classic race condition). Because multilog only uses one pipe for input, it can't separate input from two different processes to keep the messages intact. It just prints what it sees which, in this case, is garbage. I'll update spamdyke to print its log messages using a single function call; that should work around this problem. This is just one more reason not to use multilog, I guess. Thanks for reporting this! -- Sam Clippinger Philip Nix Guru wrote: Yes the * were added manually sorry for the confusion # cat /var/qmail/supervise/smtp/run #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SPAMDYKE=/usr/local/bin/spamdyke SPAMDYKE_CONF=/etc/spamdyke/spamdyke.conf SMTPD=/var/qmail/bin/qmail-smtpd TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb HOSTNAME=`hostname` VCHKPW=/home/vpopmail/bin/vchkpw REQUIRE_AUTH=0 exec /usr/bin/softlimit -m 1200 \ /usr/bin/tcpserver -v -R -h -l $HOSTNAME -x $TCP_CDB -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ $SPAMDYKE --config-file $SPAMDYKE_CONF \ $SMTPD $VCHKPW /bin/true 21 -P Sam Clippinger wrote: It looks like spamdyke is being run multiple times for each connection -- the two spamdyke PIDs in the logs are different. What does your run file look like? I have no idea where the asterisks came from. Did you insert those manually to highlight the duplicated text? -- Sam Clippinger Philip Nix Guru wrote: Hello I was playing with a spamdyke-stats.pl script I saw, trying to update it to work with the qtoaster setup and I was getting some strange results .. so I checked the logs and found that that I had a few spamdyke[###]:spamdyke[] in my smtp log file example : (I converted TAI64N timestamps for better readings) 2008-11-03 23:51:28.405450500 spamdyke[26362]: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) 2008-11-03 23:51:28.446391500 *spamdyke[26365]: spamdyke[26362]*: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown)DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) 2008-11-03 23:51:28.488134500 *spamdyke[26365]: spamdyke[26362]*: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown)DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) 2008-11-03 23:51:28.536631500 *spamdyke[26365]: spamdyke[26362]*: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 86.2.231.197 origin_rdns: cpc2-hudd10-0-0-cust964.hudd.cable.ntl.com auth: (unknown) It seems to happen when you have multiple emails reaching different users on the same domain - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamdyke and tcpserver
spamdyke cannot read CDB files but it can read the /etc/tcp.smtp file (text version) and use some of the values, mostly for controlling relaying. For example, if the incoming IP address matches a line that sets the RELAYCLIENT variable, spamdyke will allow the client to relay. See the documentation here: http://www.spamdyke.org/documentation/README.html#RELAYING However, setting a SPAMDYKE variable in /etc/tcp.smtp has no effect. spamdyke's configuration is set through its configuration file(s), not the environment. -- Sam Clippinger Philip Nix Guru wrote: Heheh Yes I am using the whitelist_ip file you can either enter x.y.z or x.y.z. for a c-class I was just curious about the tcp.smtp file :) I know that spamdyke cant use cdb files -P Eric Shubert wrote: Philip wrote: Hello I was wondering about how to disable spamdyke by ip range can we do something like : 1.2.3.:allow,RELAYCLIENT=,RBLSMTPD=,SPAMDYKE=,NOP0FCHECK=1 in tcp.smtp file or you better add your c-class or any subnet to the whitelist_ip file from spandyke ? Thx for the info I don't know of anything like the former. qmail (and thus spamdyke) doesn't necessarily use tcpserver, so I'd be surprised if this were available. I'd look toward the whitelist_ip file. I'm not sure how to specify and IP range there though. Check the documentation. I'm expect that Sam will chime in here and enlighten us further. ;) -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamdyke and tcpserver
That's probably all that needs to happen. I don't have a copy of the QTP spamdyke configuration file handy, but it should also contain local-domains-file lines to load /var/qmail/control/rcpthosts and /var/qmail/control/morercpthosts if spamdyke is going to correctly handle relaying. -- Sam Clippinger Eric Shubert wrote: Looks like I missed this one, Philip. Thanks for pointing it out. From what I'm seeing, I simply need to add: access-file=/etc/tcprules.d/tcp.smtp to the configuration file. I'm not seeing anything that would change in the run.spamdyke file. I guess the parameter could be added to either place, but I'm trying to keep the configuration as cohesive as possible. Sam, does this look right to you? If so I'll get in in the next QT-Plus release. Philip wrote: Thx Sam for clearing up a few things In that case the spamdyke installation script used by qtp-plus should maybe add the |access-file| option and use the /etc/tcprules.d/tcp.smtp as parameters in the run.spamdyke file If ppl had local ips or other ips to prevent rbl checking or allowing relaying it has no effect anymore. Or those ips should be under some conditions added to the whitelist_ip file of spamdyke -P Sam Clippinger wrote: spamdyke cannot read CDB files but it can read the /etc/tcp.smtp file (text version) and use some of the values, mostly for controlling relaying. For example, if the incoming IP address matches a line that sets the RELAYCLIENT variable, spamdyke will allow the client to relay. See the documentation here: http://www.spamdyke.org/documentation/README.html#RELAYING However, setting a SPAMDYKE variable in /etc/tcp.smtp has no effect. spamdyke's configuration is set through its configuration file(s), not the environment. -- Sam Clippinger Philip Nix Guru wrote: Heheh Yes I am using the whitelist_ip file you can either enter x.y.z or x.y.z. for a c-class I was just curious about the tcp.smtp file :) I know that spamdyke cant use cdb files -P Eric Shubert wrote: Philip wrote: Hello I was wondering about how to disable spamdyke by ip range can we do something like : 1.2.3.:allow,RELAYCLIENT=,RBLSMTPD=,SPAMDYKE=,NOP0FCHECK=1 in tcp.smtp file or you better add your c-class or any subnet to the whitelist_ip file from spandyke ? Thx for the info I don't know of anything like the former. qmail (and thus spamdyke) doesn't necessarily use tcpserver, so I'd be surprised if this were available. I'd look toward the whitelist_ip file. I'm not sure how to specify and IP range there though. Check the documentation. I'm expect that Sam will chime in here and enlighten us further. ;) -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamdyks can't allowe whitelisted DENIED_RDNS_RESOLVE
Actually, if the error is DENIED_RDNS_RESOLVE, the remote server must have an rDNS name. The problem is that the name doesn't resolve to an IP address. Look in the log file and find the DENIED_RDNS_RESOLVE message. The entry will show the remote server's rDNS name (look for origin_rdns:). That is the name you should put in your whitelist_rdns file, not the sender's domain name. -- Sam Clippinger Eric Shubert wrote: The whitelist_rdns parameter matches the sender's rDNS *name*, not the domain. The rDNS name would typically be the fully qualified host name of the server. Since the rDNS fails to resolve, there's no name to match, so whitelist_rdns will never match RDNS_RESOLVE rejections. You can either use whitelist_ip as you have done, or you can use the whitelist-senders file, and use an entry such as: @domain_example.com wp wrote: Hi list I have a litle problem with spamdyke. I have in log some good mail adress rejectecd with DENIED_RDNS_RESOLVE I try put this domain to /etc/spamdyke/whitelist_rdns but it's still denied. But when i put IP to /etc/whitelist_ip everythink ok. I try put domain in two format to whitlist_rdns but stil not work : domain_example.com or .domain_example.com Thanks for any help Marek soryr for my english Ha! Your english is better than some High School graduates I've seen! - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to de-activate tls for an ip?
Yes? Oh, right... It looks like the remote server is simply disconnecting after it sees the greeting banner. However, an earlier post mentioned seeing the bare LF error from qmail, which means that the connections must have (previously) been reaching the point of sending message data. It's possible that the remote server is running some mail server software that just doesn't like spamdyke/qmail but that seems pretty unlikely. In this case, the connection /was/ failing after receiving at least some message data. After installing spamdyke, it's failing before it can even start sending data. Is that because spamdyke is consuming more memory or because it's generating more network/disk traffic to check the connection's reverse DNS and log the traffic? My first thought is to check the amount of memory being provided by the softlimit program. Try pushing that number to something very high to see if the symptoms change (start with something like 2 and be sure to restart qmail after making the change). After that, I'd try to think outside the box -- literally. In the past, I've seen strange problems like this caused by bad network cabling, flaky routers/switches and dodgy hardware firewalls. It's possible other connections are failing but going unnoticed because they're from non-critical sources. Also consider that you may have some bad RAM or a bad ethernet adapter in the server. Just my $0.02. -- Sam Clippinger Eric Shubert wrote: Sorry, PVA. I thought that was a different log. Sam ? P.V.Anthony wrote: Dear Eric Shubert, The full-log-dir option shows me that once my server says mail.mindmedia.com.sg, the remote server does not respond. The full-log-dir is as below, from the --- start - to --- end Really not sure what I am doing wrong. P.V.Anthony Eric Shubert wrote: What does spamdyke's full-log-dir option show you? P.V.Anthony wrote: Jake Vickers wrote: What does the smtp log show? Not sure if I replied to this thread or not, but I'm wondering if SENDER_NOCHECK=1 isn't needed. Just set SENDER_NOCHECK=1 and still the email does not want to come through. Here is the log-dir from spamdyke. Looks like the email server just do not like the remote server. P.V.Anthony -- start - 09/16/2008 12:59:59 STARTED: VERSION = 4.0.4+TLS+CONFIGTEST+DEBUG+EXCESSIVE, PID = 26849 09/16/2008 12:59:59 LOG OUTPUT EXCESSIVE(process_config_file()@configuration.c:3594): set configuration option tls-level from file /etc/spamdyke/spamdyke.conf, line 314: none^M EXCESSIVE(do_spamdyke()@spamdyke.c:2212): found remote IP address in environment variable TCPREMOTEIP: 203.123.11.18^M 09/16/2008 12:59:59 - Remote IP = 203.123.11.18 09/16/2008 12:59:59 CURRENT ENVIRONMENT PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin^M PWD=/home/qmail/supervise/smtp^M SHLVL=0^M PROTO=TCP^M TCPLOCALIP=210.193.7.130^M TCPLOCALPORT=25^M TCPLOCALHOST=mail.mindmedia.com.sg^M TCPREMOTEIP=203.123.11.18^M TCPREMOTEPORT=2850^M TCPREMOTEHOST=mail.hosting.com.sg^M SENDER_NOCHECK=1^M CHKUSER_RCPTLIMIT=100^M CHKUSER_WRONGRCPTLIMIT=5^M JGREYLIST=^M RBLSMTPD=^M QMAILQUEUE=/var/qmail/bin/simscan^M NOP0FCHECK=1^M 09/16/2008 12:59:59 CURRENT CONFIG config-file=/etc/spamdyke/spamdyke.conf^M filter-level=allow-all^M full-log-dir=/tmp/spamdyke^M log-level=excessive^M tls-level=none^M 09/16/2008 12:59:59 LOG OUTPUT EXCESSIVE(load_resolver_file()@search_fs.c:653): found nameserver at /etc/resolv.conf(1): 127.0.0.1^M EXCESSIVE(load_resolver_file()@search_fs.c:653): found nameserver at /etc/resolv.conf(2): 210.193.2.33^M EXCESSIVE(load_resolver_file()@search_fs.c:653): found nameserver at /etc/resolv.conf(3): 210.193.2.35^M 09/16/2008 12:59:59 CURRENT CONFIG config-file=/etc/spamdyke/spamdyke.conf^M dns-server-ip=210.193.2.33^M dns-server-ip=210.193.2.35^M dns-server-ip-primary=127.0.0.1^M filter-level=allow-all^M full-log-dir=/tmp/spamdyke^M log-level=excessive^M tls-level=none^M 09/16/2008 12:59:59 LOG OUTPUT EXCESSIVE(nihdns_parse_servers()@dns.c:333): found nameserver: 127.0.0.1:53^M EXCESSIVE(nihdns_parse_servers()@dns.c:379): found nameserver: 210.193.2.33:53^M EXCESSIVE(nihdns_parse_servers()@dns.c:379): found nameserver: 210.193.2.35:53^M EXCESSIVE(nihdns_query()@dns.c:752): sending 44 byte query (ID 109/129) for 18.11.123.203.in-addr.arpa(PTR) to DNS server 127.0.0.1:53 (attempt 1)^M EXCESSIVE(nihdns_query()@dns.c:752): sending 44 byte query (ID 110/129) for 18.11.123.203.in-addr.arpa(CNAME) to DNS server 127.0.0.1:53 (attempt 1)^M EXCESSIVE(nihdns_query()@dns.c:815): received DNS packet: 77 bytes, ID 109/129^M EXCESSIVE(nihdns_query()@dns.c:852): received DNS response: PTR^M EXCESSIVE(nihdns_ptr_lookup()@dns.c:1171): found PTR record for 18.11.123.203.in-addr.arpa (19 bytes): mail.hosting.com.sg^M 09/16/2008 12:59:59 - Remote rDNS = mail.hosting.com.sg 09/16/2008 12:59:59 LOG OUTPUT FILTER_ALLOW_ALL^M EXCESSIVE
Re: [qmailtoaster] How to de-activate tls for an ip?
FYI, spamdyke will fix the bare LFs in SMTP problem. Even if no filters are enabled, it quietly inserts carriage returns whenever it sees bare line feeds. Also, if spamdyke handles the TLS encryption (just give it access to your server certificate so it can decrypt the traffic), it can log all SMTP traffic, even the transmissions that are encrypted with TLS. That might simplify your troubleshooting efforts in the future. -- Sam Clippinger P.V.Anthony wrote: Hello Everyone, I think I found the problem. I turned off TLS and used recordio. This time I could see more stuff. It seems the problem was this thing about Bare LFs in SMTP. Here is the link, http://cr.yp.to/docs/smtplf.html Will have to check the wiki how to solve this. P.V.Anthony - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Authentication to bypass spam checks
To answer #1, spamdyke will definitely use Spamhaus' DNS RBLs. The default configuration of spamdyke (as installed by QTP) does not include Spamhaus, however. If you are using spamdyke version 3.1.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: check-dnsrbl=zen.spamhaus.org If you are using spamdyke version 4.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: dns-blacklist-entry=zen.spamhaus.org To add multiple DNS RBLs, simply repeat the line with different values. -- Sam Clippinger Anil Aliyan wrote: pretty smart question John, I also would like to hear the answer for it from the experts. - Original Message - From: Tek Support [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, August 08, 2008 8:37 AM Subject: Re: [qmailtoaster] Authentication to bypass spam checks Hi all, I have a few question. Before I learned of this port 587, my only option was to disable spamhaus. And all I did to disable it was to remove it from my /var/qmail/control/blacklists file. So, the other day I needed some addition reporting and I remembered the toaster plus, so I downloaded the Repo and ran the yum install for it. I then also decided to run the spamdyke filter. So, now that I've realized that port 587 is available for my users to send on, I went back to add the spamhaus. However, it's no longer in the /var/qmail/supervise/smtp/run file. It would appear that spamdyke has removed it. So I have 2 questions: 1) Are spamdyke and spamhaus compatible? Why would or why does spamdyke remove blacklist from the run file. Here are the before and after. ---Begin--- ---End--- 2) Since I've just found out that port 587 is available, and 587 does not run spamhaus the dynamic ip checker, then what is keeping a spammer from trying to use this 587? I mean I'm a little confused. If my port 25 won't allow any non-authenticated users to send smtp (presuming it's not an open relay), then why would I even need port 587? I understand the need to have 587 if I'm using spamhaus on port 25, and 25 is now blocked to my dynamic users (workers from home). So it seems a bit unnecessary to have both ports. And why couldn't a spammer start sending spam to my users on 587 - if it even works that way, which I'm not sure yet if it can? Qmailtoaster is a pretty popular thing, so someone, somewhere would certainly try port 587 in order to get around spamhaus wouldn't they? Thanks for your time on this, I'm not trying to be difficult, only trying to understand how and why. Thanks John - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] server acting strange
That spamdyke log message is not a problem. You can ignore it. http://www.spamdyke.org/documentation/FAQ.html#TROUBLE6 -- Sam Clippinger António Pedro Lima wrote: Well I checked for Max connections on mysql. Had nothing defined so I added: set-variable = max_connections=500 The problem remained… So I incresead the value… Same problem. Under Squirrelmail I get connection dropped by imap server. And I’m still looking on the logs for something strange. I found this: Jul 23 15:48:30 mail spamdyke[7315]: ERROR: unable to write 26 bytes to file descriptor 1: Broken pipe Best regards, António Pedro Lima *De:* Jake Vickers [mailto:[EMAIL PROTECTED] *Enviada:* quarta-feira, 23 de Julho de 2008 12:18 *Para:* qmailtoaster-list@qmailtoaster.com *Assunto:* Re: [qmailtoaster] server acting strange António Pedro Lima wrote: I’m getting frustrated with this. It’s getting more and more frequent that mail clients return the error: -ERR authentication failed Nothing was updated or modified on my QMT… So I really can’t tell what would make this happen… What is your load like? This may be caused if you are reaching your maximum number of connections for mysql. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] lol
The QMT list uses EZMLM, which sends every message from a different address (so it can more easily track bounces). Because of this, every message will be graylisted unless you explicitly whitelist the qmailtoaster.com domain. -- Sam Clippinger António Pedro Lima wrote: May 28 00:44:24 mail spamdyke[3723]: DENIED_GRAYLISTED from: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] to: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] origin_ip: 209.177.154.102 origin_rdns: www.qmailtoaster.com http://www.qmailtoaster.com auth: (unknown) ouch! greylisting the mailist? lol - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamdyke duplicates
Most likely, just increasing the idle timeout setting will fix this (idle-timeout-secs in the configuration file). All connections are subject to the timeouts, whether they are whitelisted or not. In the current version, timed-out connections still deliver their messages (which is why you've received hundreds of partial copies of the message). In the upcoming version (4.0.0), this has been changed so timed-out connections will not deliver anything. -- Sam Clippinger Kent Busbee wrote: I've installed spamdyke and it seems to be blocking a lot of spam. However, I have a few emails that keep timing out. One in particular I have gotten over 100 times. What do I need to tweek to get this message through. It is a newsletter which we need to be able to recieve. grip And yes it does come from an Exchange /grip Here is what I have already done: Added the domain to the whitelist_rdns (though there ip and rdns is fine) installed djbdns according to the install. rebooted and still no love (timeout in the logs). Kent Busbee Director of Technology Northlake Christian School - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Request for ideas
Whitelisting the sender address should prevent spamdyke from blocking the incoming messages. It's possible your machine is configured to check SORBS using some other mechanism however -- are you still using rblsmtpd? Is spamdyke logging any errors or messages about this sender? It might help if you posted your spamdyke configuration file and your /var/qmail/supervise/smtp/run file. -- Sam Clippinger Dan McAllister wrote: Greetings fellow QMail admins: I am having an issue that is not life-threatening (or even business-threatening), but annoying none-the-less. I have a client who recently moved her Linux Server to her semi-retirement apartment in anther state. Her Linux Server reports in daily with status and various scan results. However, since her move (basically, since the switch to a dynamic IP address), my server has been blocking those reports because SORBS (correctly) sees her system as being on a dynamic IP block. So, the question for the group is: Can I turn off spam blocking for a specific address, or better yet, whitelist a from address? I am using QMT, all latest updates (except latest ClamAV), and have added on SpamDyke. NOTE: I have already created the whitelist_sender file in my spamdyke control directory -- to no effect. Thanks in advance for all ideas! Dan Daniel McAllister, President IT4SOHO, LLC 224 - 13th Avenue N St. Petersburg, FL 33701 877-IT4SOHO: Toll Free 727-647-7646 In Pinellas 813-464-2093 In Hillsborough 727-507-9435 Fax Only When did you do your last backup? Ask me about unattended offsite backup solutions... to protect your business, not just your data! - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SpamDyke downside?
spamdyke has no flaws, I thought everyone knew that. :) Perhaps I should update the FAQ. To answer your questions: Once enabled, spamdyke's graylist filter will block anything that isn't explicitly whitelisted, including newsletters, mailing lists, etc. Some mailing lists (depending on the mailing list software) use tagged senders, which means that every message appears to come from a different sender. This is done so that bounced messages can be more easily matched with a specific mailing list and recipient. (Ezmlm and Yahoo lists both use tagged senders. Mailman does not. I'm not sure about Listserv and Majordomo.) For those kinds of lists, every message is graylisted. This isn't really a problem however, as the remote server will simply retry delivery and the message will be received. The QMT list uses tagged senders and I receive its messages just fine. Some users may complain about the (small) delay, however. I'll probably incorporate some heuristics in a future version of spamdyke to allow mailing lists with tagged senders to bypass graylisting (but it may be a while before that's done). Online ticket orders, receipts, password verifications and other automated messages should pass the graylist filter as long as they are being sent from a real mail server. In other words, as long as the remote server attempts to redeliver the message, it will be received. Graylisting works fine with all of the major email hosts and every mail server I've ever encountered. An SSL certificate is only needed for using TLS (an encryption protocol that allows email to be sent securely). Only one certificate can be installed on a server (one per domain is not possible) but you don't have to pay for it -- a self-signed certificate works just fine. The sender and recipient blacklists are just text files, so editing them is very easy. The graylist system uses a directory structure that contains files named after the senders and recipients. It's not as easy to edit manually (nor is it difficult) but you shouldn't ever need to. spamdyke has no mechanism for saving rejected messages. It works by rejecting the message before the remote server even sends it, so spamdyke never sees its content. For that reason, it is not possible to recover rejected messages. However, spamdyke does log the sender and recipient addresses for every message (accepted or rejected), along with the reason the message was rejected. This does make it possible to determine if a delivery was attempted and why it failed. Obviously, I've been using spamdyke for years now with no problems. spamdyke has an active mailing list (subscribe at www.spamdyke.org) with many helpful and responsive people. You should probably pose these questions there to see what they have to say. -- Sam Clippinger Kent Busbee wrote: I've heard so many good things about spamdyke, I am wondering what flaws it might have. From my understanding greylisting is the key to its success. -Will it block wanted newsletters, email lists, email subscriptions? Or will it greylist the first attempt and then deliver the next a day, week, or month later. -Will it unintentionally prevent things like online tickets orders, receipts from online orders, password verifications, etc. -Does it work well with the major online email systems accepting emails from gmail, yahoo, hotmail, etc. -Do you need an Certificate SSL for your site? For each site hosted? -Is it easy to tweek the lists? Move an address/domain from greylist to whitelist or blacklist? -If a message is lost/rejected/greylisted, is it possible to pull it back and deliver it? -What other problems/unexpected results did you get from installing? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] - Outgoing Authentication for ISP mail
You should consider replacing rblsmtpd with spamdyke. It will filter incoming connections based on RBLs and much more (including graylisting). It also bypasses all filters for authenticated users. http://www.spamdyke.org/ -- Sam Clippinger David Campbell wrote: yes, it was an RBL error they got, but I am loving the RBL protection for antispam, is there anyway to allow authenticated users to bypass RBL checking? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spamdyke Errors
This is normal. The remote server disconnected before spamdyke had finished sending it all of qmail's output. spamdyke is just complaining that some data must be discarded. You can hide these messages by lowering your log-level setting. -- Sam Clippinger Ronnie Tartar wrote: I have been getting a lot of the following errors in my maillog from spamdyke. Jan 21 21:43:32 mail spamdyke[31530]: ERROR: unable to write 63 bytes to file descriptor 1: Broken pipe Is this normal behavior? Or is this something that I need to look further into? Thanks - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problems with SPAMDYKE
I've just released version 3.1.5, which fixes this bug. Thanks again for reporting it! http://www.spamdyke.org/ -- Sam Clippinger Sam Clippinger wrote: OK, I should be able to duplicate that setup to see if I can reproduce your error. It may be a little while before I have the time, however. In the meantime, can you try enabling TLS support in spamdyke to see if this error persists? Inside spamdyke, TLS passthrough is handled differently than TLS decoding. If this is a spamdyke bug, you may be able to work around it. Enabling TLS support will also allow all of spamdyke's filters to function, including graylisting. To enable TLS, you'll need to compile spamdyke with TLS support and use the tls-certificate-file directive in the configuration file. Your TLS certificate is probably located at: /var/qmail/control/servercert.pem -- Sam Clippinger Ronnie Tartar wrote: Yes, Spamdyke version 3.1.3 downloaded today. Tried default configure, then the --disable-tls, failed both ways. The remote machine is a centos5 64 bit, running the default sendmail sendmail-8.13.8-2.el5 courier-authlib-toaster-0.59.2-1.3.6 maildrop-toaster-2.0.3-1.3.5 libsrs2-toaster-1.0.18-1.3.3 ezmlm-cgi-toaster-0.53.324-1.3.3 ucspi-tcp-toaster-0.88-1.3.5 qmail-toaster-1.03-1.3.15 autorespond-toaster-2.0.4-1.3.3 isoqlog-toaster-2.1-1.3.4 clamav-toaster-0.92-1.3.16 vpopmail-toaster-5.4.17-1.3.4 qmail-pop3d-toaster-1.03-1.3.15 control-panel-toaster-0.5-1.3.4 qmailmrtg-toaster-4.2-1.3.3 vqadmin-toaster-2.3.4-1.3.3 ripmime-toaster-1.4.0.6-1.3.3 qmailadmin-toaster-1.2.11-1.3.4 spamassassin-toaster-3.2.3-1.3.12 libdomainkeys-toaster-0.68-1.3.3 ezmlm-toaster-0.53.324-1.3.3 squirrelmail-toaster-1.4.9a-1.3.6 daemontools-toaster-0.76-1.3.3 courier-imap-toaster-4.1.2-1.3.7 maildrop-toaster-devel-2.0.3-1.3.5 simscan-toaster-1.3.1-1.3.6 Are the packages, bone stock except for spambox being enabled and per use settings for spamassassin. - Original Message - From: Phil Leinhauser [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 09, 2008 4:09 PM Subject: Re: [qmailtoaster] Problems with SPAMDYKE Well Ronnie, you just can't get any better service than the author himself!! Looks like you're in good hands. Phil -Original message- From: Sam Clippinger [EMAIL PROTECTED] Date: Wed, 09 Jan 2008 16:43:29 -0500 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Problems with SPAMDYKE Looking at the configuration file you posted, it doesn't look like you're using spamdyke's TLS at all (so my previous comment about the TLS certificate doesn't apply). spamdyke should be passing the TLS traffic through, untouched, to qmail. Are you using the latest version of spamdyke? Can you post the OS and MTA versions of both your qmail server and the remote server? If this is a bug in spamdyke, I'd like to reproduce it and fix it. -- Sam Clippinger Ronnie Tartar wrote: Strange, those errors are on other machines. Not on the qmail toaster machine. I ran the configtest, no errors. - Original Message - From: Sam Clippinger [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 09, 2008 3:26 PM Subject: Re: [qmailtoaster] Problems with SPAMDYKE Most likely, spamdyke doesn't have permission to read your TLS certificate. Are you seeing any errors in the maillog on your qmail server? You can also try running spamdyke with the --config-test flag to check for configuration errors. -- Sam Clippinger Ronnie Tartar wrote: Having trouble from some places getting email to my server, they get tls errors? lnt.c:567: Jan 9 14:56:15 cp sendmail[32112]: ruleset=tls_server, arg1=SOFTWARE, relay=mx1.host2max.com, reject=403 4.7.0 TLS handshake failed Any ideas? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED
Re: [qmailtoaster] can't send test message to myself
Sorry, but I have to disagree with you. You are correct: getting your ISP to delegate rDNS control can be difficult. But ISPs are willing to do that for business class accounts. On my own servers, approximately 30% of all connections are rejected due to missing rDNS. I also filter connections whose rDNS names don't resolve to IP addresses -- that stops another 10%-30%. Interestingly, the very few servers I've whitelisted have failed the second test (unresolvable rDNS), not the first. I also use DNS RBLs, my own blacklists, rDNS name filtering (searching the rDNS name for the IP address) and graylisting to block more than 99.9% of all connections. My email address has been listed on public web pages and mailing list archives since 1997. Spammers know who I am. But thanks to the filtering I get, on average, 1 spam every day. Of course every mail server administrator has to decide their own policies but it's worth mentioning that most of the big mail providers (AOL, Yahoo!, etc) filter based on missing rDNS. That makes it easier to defend rDNS filtering if you get any complaints. -- Sam Clippinger Phil Leinhauser wrote: I have found that filtering mail that doesn't have PTR (Reverse) is not a good idea. Most service providers don't give you the delegation for the reverse so therefore you have to contact them to set it for you in their servers. This is mostly because most people just don't understand DNS forwards enough and reverse can be a bit more tricky. Just because you may have PTR records in your DNS server does not mean you have the delegation for that IP or range. In otherwords, it will only be effective for users on your own network, the Internet itself will not know about it. If you decide to block by no Rdns, you should expect problems getting mail from some of the medium to lower level legitimate post offices. In fact, I would bet better than half of the Qmail users here don't have their Rdns setup correctly and would be blocked by no Rdns filters. Phil -Original message- From: Eric \Shubes\ [EMAIL PROTECTED] Date: Tue, 15 Jan 2008 12:49:42 -0500 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] can't send test message to myself Cameron wrote: Could the strange hostname be causing the problem or is the PTR record? I think the PTR record is causing the problem. I'd get rid of it. a) I don't believe that you need a ptr record b) MX records *must* point to type A records, *not* PTR records. I'm not familiar with register.com's web pages, so it's hard for me to tell you specifically what's wrong. In general terms, you need a type A record for your host, and an MX record which points to that host's type A record. HTH -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problems with SPAMDYKE
I agree spamdyke should handle the TLS so all of its filters can be used (including graylisting). However, spamdyke can't filter outbound mail. Anything that's generated on your server (e.g. webmail users) will bypass spamdyke entirely. Anything that's sent through your server (e.g. your users' MUAs using your server as their SMTP host) will/should be whitelisted or authenticated. Granted, you _can_ setup spamdyke to filter mail generated by your users' MUAs but you won't like it -- you'll get a lot of angry phone calls. -- Sam Clippinger Dan McAllister wrote: Sam, et. al. I would say that to get the best results out of SPAMDYKE, you DEFINITELY want *IT* to handle the TLS. My reasoning is 2-fold: 1) I have an average of 15% of incoming SPAM that is attaching with TLS (I thought this was odd, but apparently not) 2) I require TLS for my outbound mail (from my clients) and THEY TOO can be sources of SPAM. I'd like SPAMDYKE to equally fight inbound AND outbound SPAM! Just my thoughts. They were free to you, so take them at their face value. Daniel McAllister, President IT4SOHO, LLC Take my advice... I won't be using it today! Sam Clippinger wrote: Actually, enabling TLS in spamdyke is the best solution. When spamdyke handles the TLS, the remote server can't tell the difference -- if it was using TLS before, it should continue to do so. However, because spamdyke decrypts the traffic, it can enable all of its filters (including graylisting, recipient blacklisting, etc). If spamdyke simply passes TLS traffic through without decrypting it, most of its filters cannot operate. -- Sam Clippinger Davide Bozzelli wrote: Sam Clippinger ha scritto: OK, I should be able to duplicate that setup to see if I can reproduce your error. It may be a little while before I have the time, however. In the meantime, can you try enabling TLS support in spamdyke to see if this error persists? Inside spamdyke, TLS passthrough is handled differently than TLS decoding. If this is a spamdyke bug, you may be able to work around it. Enabling TLS support will also allow all of spamdyke's filters to function, including graylisting. To enable TLS, you'll need to compile spamdyke with TLS support and use the tls-certificate-file directive in the configuration file. Your TLS certificate is probably located at: /var/qmail/control/servercert.pem -- Sam Clippinger I can confirm this bug, i've have the exact problems with a qmail patched with jms combined patch that sends mail to a qmailtoaster with spamdyke enabled without tls. By enabling tls in spamdyke the problem went down, but it's not the correct way of work, cause the source mta don't do any tls handshake. Have fun, Davide - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problems with SPAMDYKE
Actually, enabling TLS in spamdyke is the best solution. When spamdyke handles the TLS, the remote server can't tell the difference -- if it was using TLS before, it should continue to do so. However, because spamdyke decrypts the traffic, it can enable all of its filters (including graylisting, recipient blacklisting, etc). If spamdyke simply passes TLS traffic through without decrypting it, most of its filters cannot operate. -- Sam Clippinger Davide Bozzelli wrote: Sam Clippinger ha scritto: OK, I should be able to duplicate that setup to see if I can reproduce your error. It may be a little while before I have the time, however. In the meantime, can you try enabling TLS support in spamdyke to see if this error persists? Inside spamdyke, TLS passthrough is handled differently than TLS decoding. If this is a spamdyke bug, you may be able to work around it. Enabling TLS support will also allow all of spamdyke's filters to function, including graylisting. To enable TLS, you'll need to compile spamdyke with TLS support and use the tls-certificate-file directive in the configuration file. Your TLS certificate is probably located at: /var/qmail/control/servercert.pem -- Sam Clippinger I can confirm this bug, i've have the exact problems with a qmail patched with jms combined patch that sends mail to a qmailtoaster with spamdyke enabled without tls. By enabling tls in spamdyke the problem went down, but it's not the correct way of work, cause the source mta don't do any tls handshake. Have fun, Davide - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problems with SPAMDYKE
Most likely, spamdyke doesn't have permission to read your TLS certificate. Are you seeing any errors in the maillog on your qmail server? You can also try running spamdyke with the --config-test flag to check for configuration errors. -- Sam Clippinger Ronnie Tartar wrote: Having trouble from some places getting email to my server, they get tls errors? lnt.c:567: Jan 9 14:56:15 cp sendmail[32112]: ruleset=tls_server, arg1=SOFTWARE, relay=mx1.host2max.com, reject=403 4.7.0 TLS handshake failed Any ideas? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problems with SPAMDYKE
Looking at the configuration file you posted, it doesn't look like you're using spamdyke's TLS at all (so my previous comment about the TLS certificate doesn't apply). spamdyke should be passing the TLS traffic through, untouched, to qmail. Are you using the latest version of spamdyke? Can you post the OS and MTA versions of both your qmail server and the remote server? If this is a bug in spamdyke, I'd like to reproduce it and fix it. -- Sam Clippinger Ronnie Tartar wrote: Strange, those errors are on other machines. Not on the qmail toaster machine. I ran the configtest, no errors. - Original Message - From: Sam Clippinger [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 09, 2008 3:26 PM Subject: Re: [qmailtoaster] Problems with SPAMDYKE Most likely, spamdyke doesn't have permission to read your TLS certificate. Are you seeing any errors in the maillog on your qmail server? You can also try running spamdyke with the --config-test flag to check for configuration errors. -- Sam Clippinger Ronnie Tartar wrote: Having trouble from some places getting email to my server, they get tls errors? lnt.c:567: Jan 9 14:56:15 cp sendmail[32112]: ruleset=tls_server, arg1=SOFTWARE, relay=mx1.host2max.com, reject=403 4.7.0 TLS handshake failed Any ideas? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problems with SPAMDYKE
OK, I should be able to duplicate that setup to see if I can reproduce your error. It may be a little while before I have the time, however. In the meantime, can you try enabling TLS support in spamdyke to see if this error persists? Inside spamdyke, TLS passthrough is handled differently than TLS decoding. If this is a spamdyke bug, you may be able to work around it. Enabling TLS support will also allow all of spamdyke's filters to function, including graylisting. To enable TLS, you'll need to compile spamdyke with TLS support and use the tls-certificate-file directive in the configuration file. Your TLS certificate is probably located at: /var/qmail/control/servercert.pem -- Sam Clippinger Ronnie Tartar wrote: Yes, Spamdyke version 3.1.3 downloaded today. Tried default configure, then the --disable-tls, failed both ways. The remote machine is a centos5 64 bit, running the default sendmail sendmail-8.13.8-2.el5 courier-authlib-toaster-0.59.2-1.3.6 maildrop-toaster-2.0.3-1.3.5 libsrs2-toaster-1.0.18-1.3.3 ezmlm-cgi-toaster-0.53.324-1.3.3 ucspi-tcp-toaster-0.88-1.3.5 qmail-toaster-1.03-1.3.15 autorespond-toaster-2.0.4-1.3.3 isoqlog-toaster-2.1-1.3.4 clamav-toaster-0.92-1.3.16 vpopmail-toaster-5.4.17-1.3.4 qmail-pop3d-toaster-1.03-1.3.15 control-panel-toaster-0.5-1.3.4 qmailmrtg-toaster-4.2-1.3.3 vqadmin-toaster-2.3.4-1.3.3 ripmime-toaster-1.4.0.6-1.3.3 qmailadmin-toaster-1.2.11-1.3.4 spamassassin-toaster-3.2.3-1.3.12 libdomainkeys-toaster-0.68-1.3.3 ezmlm-toaster-0.53.324-1.3.3 squirrelmail-toaster-1.4.9a-1.3.6 daemontools-toaster-0.76-1.3.3 courier-imap-toaster-4.1.2-1.3.7 maildrop-toaster-devel-2.0.3-1.3.5 simscan-toaster-1.3.1-1.3.6 Are the packages, bone stock except for spambox being enabled and per use settings for spamassassin. - Original Message - From: Phil Leinhauser [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 09, 2008 4:09 PM Subject: Re: [qmailtoaster] Problems with SPAMDYKE Well Ronnie, you just can't get any better service than the author himself!! Looks like you're in good hands. Phil -Original message- From: Sam Clippinger [EMAIL PROTECTED] Date: Wed, 09 Jan 2008 16:43:29 -0500 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Problems with SPAMDYKE Looking at the configuration file you posted, it doesn't look like you're using spamdyke's TLS at all (so my previous comment about the TLS certificate doesn't apply). spamdyke should be passing the TLS traffic through, untouched, to qmail. Are you using the latest version of spamdyke? Can you post the OS and MTA versions of both your qmail server and the remote server? If this is a bug in spamdyke, I'd like to reproduce it and fix it. -- Sam Clippinger Ronnie Tartar wrote: Strange, those errors are on other machines. Not on the qmail toaster machine. I ran the configtest, no errors. - Original Message - From: Sam Clippinger [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 09, 2008 3:26 PM Subject: Re: [qmailtoaster] Problems with SPAMDYKE Most likely, spamdyke doesn't have permission to read your TLS certificate. Are you seeing any errors in the maillog on your qmail server? You can also try running spamdyke with the --config-test flag to check for configuration errors. -- Sam Clippinger Ronnie Tartar wrote: Having trouble from some places getting email to my server, they get tls errors? lnt.c:567: Jan 9 14:56:15 cp sendmail[32112]: ruleset=tls_server, arg1=SOFTWARE, relay=mx1.host2max.com, reject=403 4.7.0 TLS handshake failed Any ideas? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org
Re: [qmailtoaster] SpamHaus Issues
Another solution is to use spamdyke for the RBL checks. It will bypass the RBL filters (and all its other filters) for authenticated senders. -- Sam Clippinger Davide Bozzelli wrote: Ronnie Tartar ha scritto: I am having problems with a friend running qmail toaster, only with outlook express from remote location. He can send no problem through webmail. Looks like cfl.rr.com which he is on is listed on spamhaus, the qmail server is rejecting him even though he is authenticating to send his email out. Is there a way to disable spamhaus checking on outgoing email or once people have authenticated? Regards The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was '[EMAIL PROTECTED]'. Subject 'test', Account: 'RH IPG', Server: 'mail.internetpartnergroup.com', Protocol: SMTP, Server Response: '451 http://www.spamhaus.org/query/bl?ip=72.188.170.205', Port: 25, Secure(SSL): No, Server Error: 451, Error Number: 0x800CCC79 - Port 25 is preferred for inbound mails only. You have another smtp service running on port 587 with the rbl service turned off. So, in order to send outgoing messages from dynamic ips without problems you should use this service. Have fun, Davide - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Hello all
The message is indicating the remote server is attempting to negotiate a TLS session with your server and failing. The problem is in the initial SSL handshake; apparently the remote server is requesting an encryption algorithm your server's OpenSSL library doesn't support. Can you connect to your server with a MUA (e.g. Thunderbird) and use TLS to test if TLS works at all? If you're using spamdyke to perform the TLS, try running it with the config-test option to test your certificate and private key for consistency. -- Sam Clippinger Kyle Quillen wrote: I am trying to setup a qmailtoaster server with spamdyke and am running into a small issue when trying to receive from a qmailtoaster server that does not have spamdyke here is the message that I get back. TLS connect failed: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol; connected to 74.218.24.12. I'm not going to try again; this message has been in the queue too long. Any ideas what would cause this? Thanks Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Whitelisting only for one domain
Ooops -- disregard my entire response. I selected the wrong folder and thought you were asking about spamdyke. Sorry about that. :) -- Sam Clippinger Sam Clippinger wrote: At this point, no, it's not possible. I'm working now to add support for more complex configurations that will allow exactly what you're asking for. Between the recent holiday and my day job, I haven't been able to spend as much time on it as I would like. Hopefully that will change soon. -- Sam Clippinger Guillermo Villasana wrote: Hi guys, I need to whitelist some domains for only one of my domains... I know if I whitelist in /etc/mail/spamassasin/local.cf whitelist from domain1.com whitelist from domain2.com etc. it will whitelist for all my domains, but I only need this to be done in one. Can it be done? Thanks Terius - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] email multiplicated
The delay must be coming from outside your server. If both the sender and recipient are on the same server, perhaps the delay is being caused by the sender's mail client. -- Sam Clippinger Sergio Minini {NETKEY} wrote: Sam, Thanks for your replies. I was wondering where should I look in my server for this behaviour. Both the recipient and sender accounts are on the same box, so I dont understand why the delay. Thanks! sergio -Original Message- From: Sam Clippinger [mailto:[EMAIL PROTECTED] Limiting the attachment size in qmail won't solve this particular problem, because the timeout occurs before the attachment is delivered. It occurs before the remote server even begins to send the attachment. I don't understand why the remote server doesn't prepare the attachment before it starts delivery but some servers just don't. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] email multiplicated
It looks like you're using spamdyke. Some remote servers have a tendency to pause in the middle of a delivery in order to prepare attachments. Large attachments take longer, so the connection can timeout. Try increasing spamdyke's idle timeout to a higher value. In the configuration file, look for the idle-timeout-secs directive. On the command line, look for the -T flag. -- Sam Clippinger Sergio Minini {NETKEY} wrote: Hey there guys. I am having this problem now that I am getting two emails from this sender (also on my host) several (LOTS of!) times. One is a 1mb e-mail and another a 6mb e-mail that's a failure notice with the attached file converted to text (why?!). This user reports that every message he sends, is delivered tens of times to the recipients. Here is an excerpt from the /var/log/maillog. The only bad thing I can tell is the TIMEOUT for unknown reasons. Nov 21 13:18:50 mailhostel spamdyke[27354]: ALLOWED from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] Nov 21 13:21:37 mailhostel spamdyke[27354]: TIMEOUT from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] reason: (unknown) Nov 21 13:22:12 mailhostel spamdyke[27994]: ALLOWED from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] Nov 21 13:24:57 mailhostel spamdyke[27994]: TIMEOUT from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] reason: (unknown) Nov 21 13:27:41 mailhostel spamdyke[29145]: ALLOWED from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] Nov 21 13:30:29 mailhostel spamdyke[29145]: TIMEOUT from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] reason: (unknown) Searching the list archive, I found that someone recalled problems with the .qmail files and deleting recreating the user account. I did so, and I still has this problem, not sure now b/c the message was sent before I did so. However the user dir and Maildir does not have a qmail file, as none of the users of that domain and most of the mails accounts, so that should be fine. I should add, that this box is a non-QMT installation, but I would really appreciate your comments and help on this one, that's getting really annoying! Help much appreciated. Regards, Sergio --- Sergio Minini NetKey Solutions ( 4742.1101 http://www.netkey.com.ar http://www.netkey.com.ar/ http://www.totemsoft.com.ar http://www.totemsoft.com.ar/ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] email multiplicated
It's hard to say what the correct value should be -- you may simply have to use trial-and-error until the remote server is able to deliver the message. Personally, if it were me, I would increase the timeout to 5 minutes (or maybe even disable it) until the messages were all delivered succssfully from the remote server(s). Hopefully someone else here can provide some advice for removing the messages from the qmail queue. I've never found a reliable tool for doing that. -- Sam Clippinger Sergio Minini wrote: Thanks for your answer. I changed the -T from 60 to 100. would it be enough? I used qmFind -s [EMAIL PROTECTED] /var/log/qmail/qmail-send/current and found out that so far I got this email 104 times!! E-Mail no. 104 with Msg-No: 8175703 Del-Id: 136 QP-Id: 697 U-Id: 89 - From: [EMAIL PROTECTED] - To: [EMAIL PROTECTED] @40004744b54502ebac4c new msg 8175703 @40004744b54502ebc3bc info msg 8175703 bytes 1984950 from [EMAIL PROTECTED] qp 697 uid 89 @40004744b5450401df0c starting delivery 136 msg 8175703 to local [EMAIL PROTECTED] @40004744b545165ca5c4 delivery 136 success did_1+0+0/ @40004744b545165cd4a4 end msg 8175703 How can i certainly kill it??? I used /var/qmail/tools/qmqtool -l and got Messages in local queue: 0 Messages in remote queue: 0. So its either done with this mesg or else I am checking the wrong place. How can I check the contents of the queue and flush it? I also have in that dir qmHandle (which also list 0 msgs in queue) Thanks for any tips you can share! sergio --- Sergio Minini NetKey Solutions T/F: 4742-1101 http://www.netkey.com.ar -Original Message- From: Sam Clippinger [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Date: Wed, 21 Nov 2007 17:15:24 -0600 Subject: Re: [qmailtoaster] email multiplicated It looks like you're using spamdyke. Some remote servers have a tendency to pause in the middle of a delivery in order to prepare attachments. Large attachments take longer, so the connection can timeout. Try increasing spamdyke's idle timeout to a higher value. In the configuration file, look for the idle-timeout-secs directive. On the command line, look for the -T flag. -- Sam Clippinger Sergio Minini {NETKEY} wrote: Hey there guys. I am having this problem now that I am getting two emails from this sender (also on my host) several (LOTS of!) times. One is a 1mb e-mail and another a 6mb e-mail that's a failure notice with the attached file converted to text (why?!). This user reports that every message he sends, is delivered tens of times to the recipients. Here is an excerpt from the /var/log/maillog. The only bad thing I can tell is the TIMEOUT for unknown reasons. Nov 21 13:18:50 mailhostel spamdyke[27354]: ALLOWED from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] Nov 21 13:21:37 mailhostel spamdyke[27354]: TIMEOUT from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] reason: (unknown) Nov 21 13:22:12 mailhostel spamdyke[27994]: ALLOWED from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] Nov 21 13:24:57 mailhostel spamdyke[27994]: TIMEOUT from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] reason: (unknown) Nov 21 13:27:41 mailhostel spamdyke[29145]: ALLOWED from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] Nov 21 13:30:29 mailhostel spamdyke[29145]: TIMEOUT from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 201.235.24.105 origin_rdns : 105-24-235-201.fibertel.com.ar auth: [EMAIL PROTECTED] reason: (unknown) Searching the list archive, I found that someone recalled problems with the .qmail files and deleting recreating the user account. I did so, and I still has this problem, not sure now b/c the message was sent before I did so. However the user dir and Maildir does not have a qmail file, as none of the users of that domain and most of the mails accounts, so that should be fine. I should add, that this box is a non-QMT installation, but I would really appreciate your comments and help on this one, that's getting really annoying! Help much appreciated. Regards, Sergio --- Sergio Minini NetKey Solutions ( 4742.1101 http://www.netkey.com.ar http://www.netkey.com.ar/ http://www.totemsoft.com.ar http://www.totemsoft.com.ar/ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL
Re: [qmailtoaster] email multiplicated
In spamdyke, authentication does not bypass the timeout filter. In theory, even authenticated users can have bad network connections or badly written mail server software. Limiting the attachment size in qmail won't solve this particular problem, because the timeout occurs before the attachment is delivered. It occurs before the remote server even begins to send the attachment. I don't understand why the remote server doesn't prepare the attachment before it starts delivery but some servers just don't. -- Sam Clippinger Sergio Minini wrote: Sam, I keep wondering why they get the timeout, b/c they are authenticated users and should go over spamdyke checks. I put the -T from 60 to 100. Should i set it to zero? Is there a way to limit attachment size in Qmail? thanks! -Original Message- From: Sam Clippinger [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Date: Wed, 21 Nov 2007 17:15:24 -0600 Subject: Re: [qmailtoaster] email multiplicated It looks like you're using spamdyke. Some remote servers have a tendency to pause in the middle of a delivery in order to prepare attachments. Large attachments take longer, so the connection can timeout. Try increasing spamdyke's idle timeout to a higher value. In the configuration file, look for the idle-timeout-secs directive. On the command line, look for the -T flag. -- Sam Clippinger - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] qmail in the public domain (WAS Re: Qmailtoaster on Fedora 8)
Is this official? DJB hasn't updated his site yet: http://cr.yp.to/qmail/dist.html -- Sam Clippinger Erik A. Espinoza wrote: As the Qmail code has been released as public domain now, it shall be possible for full binary distributions! E - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] qmail in the public domain (WAS Re: Qmailtoaster on Fedora 8)
Right -- I've seen that. I've also seen posts from Russ Nelson saying that DJB has promised, in email to him (Russ), to release qmail to the public domain. But neither of those sources seem to be very official, so I was wondering if there was anything else to go by. -- Sam Clippinger Erik A. Espinoza wrote: http://cr.yp.to/talks/2007.11.02/slides.pdf Page 11 EE On Nov 16, 2007 12:13 PM, Sam Clippinger [EMAIL PROTECTED] wrote: Is this official? DJB hasn't updated his site yet: http://cr.yp.to/qmail/dist.html -- Sam Clippinger Erik A. Espinoza wrote: As the Qmail code has been released as public domain now, it shall be possible for full binary distributions! E - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] graylisting
There is a sample script for deleting old spamdyke graylist files in the spamdyke FAQ. It works on Linux -- you may need to adjust it slightly if you're using a different OS. As for deleting folders for nonexistent users... I'm open to suggestions. I want to eventually extend spamdyke to reject email to invalid addresses but I have a problem. How can you tell if an address is invalid? I haven't studied this question closely yet, so I don't have a good answer. -- Sam Clippinger Sergio Minini {NETKEY} wrote: Hi list. Anyone has a script (or knows how to make one?) to clean all the empty graylisting files that spamdyke creates? And what about the non-existant-accounts dirs? Thanks! Sergio PS: spamdyke rules! anyone knows if there is something like that for Mdaemon?? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamdyke policy template
The fastest way to test would probably be to blacklist a (bogus) recipient address (with recipient-blacklist-file) and send a message to that address from another server. You should get an immediate bounce message. I'm glad you like spamdyke -- it's made a world of difference for my own mailbox and it's been very well received by the qmail community. Some time ago, Erik mentioned he was considering adding spamdyke to the next version of QT, so hopefully everyone here will be able to use it soon. -- Sam Clippinger Sergio Minini {NETKEY} wrote: I added the policy-url and a webpage based in your suggestion. Is there a way to test it and see what it looks like in a rejected mail? I ran --config-test and everything seems OK. Thanks Sergio - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamdyke policy template
I added something exactly like this to rblsmtpd (before I gave up trying to patch that code and started spamdyke instead). I found that, overall, it didn't really help very much. It just made the URL more intimidating, so the recipient was less likely to click it. I could use the enhanced URLs in my web server logs to see who had clicked a rejection link but I realized I didn't really care -- I wasn't going to whitelist them without being asked and there's a contact form on my policy page for exactly that purpose. Adding something like this would be very simple and I can do it if people want it. It would need to be simple to use -- the configuration file is already complicated enough. :) -- Sam Clippinger Davide Bozzelli wrote: Sam Clippinger ha scritto: On my server, I created a page that apologizes for blocking their email (since obviously a human is reading a rejection message and clicked the link). The page also lists (and explains) all of the spamdyke rejection messages, found here: http://www.spamdyke.org/documentation/README.html#SMTP_ERROR There are links to AOL's rDNS tools: http://www.postmaster.aol.com/tools/rdns.html Since I use SORBS, there is a link to the SORBS database test page: http://www.sorbs.net/lookup.shtml The bottom of the page is a contact form so the person can ask to be whitelisted (since they can't send email to ask). I monitor hits to my policy page (and I don't want others using my policy URL on their own servers), so I'd rather not provide a link here. I'll probably include a sample policy page in the next version of spamdyke. -- Sam Clippinger I suggest to add in the code some mechanism to append to the policy url also the deny msg, for example something like ?error=DENY_RBL_MATCH, so the policy url will be: http://www.policy.url/?error=DENY_RBL_MATCH . In this way the page which explain the policy could be make in such a way i could display ONLY the error regarding the block. Other lifting on loggin messages could be the logging of the rbl server which cause the block in the maillog . Have fun, Davide - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] getting wierd blank emails from account on my toaster
Are you using spamdyke? I received several reports of this behavior with remote servers running Microsoft Windows. The latest version (3.0.1) fixes this problem. -- Sam Clippinger dnk wrote: The only x's I put in was over the one IP address. Other than that, it is as is sent. dnk On 10/2/07, *Jake Vickers* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: dnk wrote: ok, I got access to one of the emails with the original headers, and it had: *Return-Path:* [EMAIL PROTECTED] https://smtp.polymetmining.com/webmail/src/compose.php?send_to=JSwanson%40veitusa.com *Delivered-To:* [EMAIL PROTECTED] https://smtp.polymetmining.com/webmail/src/compose.php?send_to=jtieberg%40polymetmining.com *Received:* (qmail 31841 invoked by uid 89); 2 Oct 2007 13:44:32 - *Received:* by simscan 1.3.1 ppid: 31799, pid: 31803, t: 61.3814s scanners: attach: 1.3.1 clamav: 0.90.1-exp/m:42/d:2691 spam: 3.1.8 *X-Spam-Checker-Version:* SpamAssassin 3.1.8 (2007-02-13) on smtp.domainreceiver.com *X-Spam-Level:* *X-Spam-Status:* No, score=4.2 required=5.0 tests=MISSING_HB_SEP,MISSING_HEADERS, MISSING_SUBJECT,TO_CC_NONE,UPPERCASE_25_50 autolearn=no version=3.1.8 *Received:* from unknown (HELO veit?fs5.domainsender.com) (xxx.xxx.xxx.xxx) by smtp.domainreceiver.com http://smtp.domainreceiver.com with SMTP; 2 Oct 2007 13:43:30 - *Received-SPF:* none (smtp.domainreceiver.com: domain at domainsender.com does not designate permitted sender hosts) XX Produced By Microsoft Exchange V6.0.6603.0*XX urn:*content-classes:message X 1.0X text/plain; charset=utf-8 XX base64 Veit mtng*X Mon, 1 Oct 2007 09:*16:23 -0500 XXX [EMAIL PROTECTED]X X Veit mtngX AcgENaV7YEgjAZ7UScyuPxY9DEidIQ==X Sender Name sender@ https://smtp.polymetmining.com/webmail/src/compose.php?send_to=JSwanson%40veitusa.com domainsender.com https://smtp.polymetmining.com/webmail/src/compose.php?send_to=JSwanson%40veitusa.com XXX receiver@ https://smtp.polymetmining.com/webmail/src/compose.php?send_to=jtieberg%40polymetmining.com domainreceiver https://smtp.polymetmining.com/webmail/src/compose.php?send_to=jtieberg%40polymetmining.com.com https://smtp.polymetmining.com/webmail/src/compose.php?send_to=jtieberg%40polymetmining.com But I am not sure why I am getting it. Would this be due to my server or theirs? Looks like their Exchange machine is sending out junk to me, at least from what I can see in the header. Did it send you the in the headers, or did you put those in? But if you looks at the spam rules, it is missing all kinds of header info, so I would assume the message was missing or garbled anyway. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spam Dyke
All true. You can subscribe to the spamdyke mailing list here: http://spamdyke.org/mailman/listinfo/spamdyke-users -- Sam Clippinger Joseph Lundgren wrote: Yup. I’m using it solely for the logging capabilities that it adds, so I can’t really commentate authoritatively on its effectiveness. That being said, spamdyke is planned for inclusion in an upcoming version of the qmailtoaster distribution, so people on the list have found it to be of appreciable value. The developer is even a member of this list! Installation instructions can be found here: http://www.spamdyke.org/documentation/INSTALL.txt Sincerely, -- Joseph Lundgren Systems Engineer Peak Internet, LLC [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] *From:* Kyle Quillen [mailto:[EMAIL PROTECTED] *Sent:* Monday, July 30, 2007 12:50 PM *To:* qmailtoaster-list@qmailtoaster.com *Subject:* [qmailtoaster] Spam Dyke Hey guys, Any one using this? How effective is it? Any pointers if I try to install it? Thanks Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] my battle against spam
Wow -- that's amazing. Is it possible to reduce the size by specifying IP ranges instead of individual IPs? It might also be more efficient to run a (private) DNS RBL server instead of using a file-based solution. -- Sam Clippinger Alexandre Shima wrote: Hello, I'm having problems with the black list file size. My file is really big, 240k+ IP entries, and SpamDyke 2.3.1 cannot handle it. I'll upgrade to the new version and check if there is a difference. Thank you. Alexandre - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] my battle against spam
I don't use any blog/CMS software -- just vi. It's enough for now. Apples to apples, for general purposes, compiled languages (C/C++) are faster than scripted languages (perl/python). However, apples to apples comparisons are almost nearly impossible. For example, perl has many optimized built-in string manipulation operators that C doesn't provide. If I try to duplicate that functionality in C, I'll have to write it from scratch and my implementation probably won't be as fast. And of course it's possible to write bad code in any language. Automatically expiring graylist entries is covered the FAQ. My recommendation is to do that work from a nightly cron job, not from spamdyke itself. spamdyke's job should be as simple and fast as possible -- do you really want it scanning your entire graylist folder and expiring entries every time it runs? -- Sam Clippinger PakOgah wrote: Sam Clippinger wrote: A few developments on the spamdyke front: I've added a spamdyke page to the QT wiki, though it doesn't currently have anything but a link to the spamdyke site. For now, I'd appreciate it if people would edit the page to add comments about the type of content they'd like to see there. I don't just want to republish the documentation I've already written. Great, meanwhile I will read the faq, manual, install again. I will ask again. spamdyke has a shiny new website at www.spamdyke.org. can I know what cms/blog software you use? :) I just released version 2.6.3, which fixed a couple of serious bugs that can prevent mail delivery. If you're using spamdyke, please upgrade. no currently I am using qmail-greyd found on EE's blog http://www.kabewm.com/?p=19 so simple for just greylisting. but I would to use spamdyke. some said C++ compiled program is faster than python/perl script can you give a simple how to using spamdyke for greylisting.. Lastly, spamdyke now has its own mailing list so we don't have to drag this one off topic any more. You can sign up at www.spamdyke.org. already subscribe, but if I have questions regarding spamdyke and qmailtoaster, can I ask them on this milis? Thanks to everyone for the support and encouragement! -- Sam Clippinger I hv suggestion, how about spamdyke has a feature auto-delete/auto-expire the host like qmail-gred has MY GRAYLIST FOLDERS ARE GETTING HUGE -- MANY, MANY ENTRIES. IS THIS A PROBLEM? CAN SPAMDYKE AUTOMATICALLY DELETE THE OLD ONES? thx before... this software is a must complement for qmailtoaster, can't wait spamdyke integration on the next qmailtoaster release - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] my battle against spam
A few developments on the spamdyke front: I've added a spamdyke page to the QT wiki, though it doesn't currently have anything but a link to the spamdyke site. For now, I'd appreciate it if people would edit the page to add comments about the type of content they'd like to see there. I don't just want to republish the documentation I've already written. spamdyke has a shiny new website at www.spamdyke.org. I just released version 2.6.3, which fixed a couple of serious bugs that can prevent mail delivery. If you're using spamdyke, please upgrade. Lastly, spamdyke now has its own mailing list so we don't have to drag this one off topic any more. You can sign up at www.spamdyke.org. Thanks to everyone for the support and encouragement! -- Sam Clippinger Erik A. Espinoza wrote: Hey Sam, We can use the QmailToaster wiki for this. All you'd need then is a mailing list. Or you can write into the qmailwiki project. No need to setup a full wiki for a small package. Erik On 6/18/07, Helmut Fritz [EMAIL PROTECTED] wrote: Sam, I am guessing you are the dev for spamdyke? I would be glad to start a mail list for the community. I could throw up a wiki as well. I have the servers and the disk space and the bandwidth. Feel free to e-mail me off list if you want to discuss. -Original Message- From: Sam Clippinger [mailto:[EMAIL PROTECTED] Sent: Monday, June 18, 2007 8:49 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] my battle against spam That is a valid concern, though I try to respond to every spamdyke email I get. There's no wiki, mailing list, forum, blog at this point only because no one has set one up -- spamdyke is just too new. I'd be happy to participate in any of those things but I just don't have the time to administer them. If anyone feels like starting one, let me know. :) -- Sam Clippinger PakOgah wrote: If spamdyke fixes qmail's dubious logging, I think it's worth rolling into the toaster immediately! :) Yup it sure look good and have a lot of nice features but when I check the website there aren't any type of support like forum, milist or wiki? only the coder email address, I am not sure if I have a problem will get quick answer from him. Yes, I hv read those long manual, but then I am still need a personal guide. like this milist or openspf's milis... - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.472 / Virus Database: 269.9.0/853 - Release Date: 6/18/2007 3:02 PM - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] my battle against spam
That is a valid concern, though I try to respond to every spamdyke email I get. There's no wiki, mailing list, forum, blog at this point only because no one has set one up -- spamdyke is just too new. I'd be happy to participate in any of those things but I just don't have the time to administer them. If anyone feels like starting one, let me know. :) -- Sam Clippinger PakOgah wrote: If spamdyke fixes qmail's dubious logging, I think it's worth rolling into the toaster immediately! :) Yup it sure look good and have a lot of nice features but when I check the website there aren't any type of support like forum, milist or wiki? only the coder email address, I am not sure if I have a problem will get quick answer from him. Yes, I hv read those long manual, but then I am still need a personal guide. like this milist or openspf's milis... - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] my battle against spam
Great! Thanks for the offers -- I'll email you guys off list to coordinate details. -- Sam Clippinger Erik A. Espinoza wrote: Hey Sam, We can use the QmailToaster wiki for this. All you'd need then is a mailing list. Or you can write into the qmailwiki project. No need to setup a full wiki for a small package. Erik On 6/18/07, Helmut Fritz [EMAIL PROTECTED] wrote: Sam, I am guessing you are the dev for spamdyke? I would be glad to start a mail list for the community. I could throw up a wiki as well. I have the servers and the disk space and the bandwidth. Feel free to e-mail me off list if you want to discuss. -Original Message- From: Sam Clippinger [mailto:[EMAIL PROTECTED] Sent: Monday, June 18, 2007 8:49 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] my battle against spam That is a valid concern, though I try to respond to every spamdyke email I get. There's no wiki, mailing list, forum, blog at this point only because no one has set one up -- spamdyke is just too new. I'd be happy to participate in any of those things but I just don't have the time to administer them. If anyone feels like starting one, let me know. :) -- Sam Clippinger PakOgah wrote: If spamdyke fixes qmail's dubious logging, I think it's worth rolling into the toaster immediately! :) Yup it sure look good and have a lot of nice features but when I check the website there aren't any type of support like forum, milist or wiki? only the coder email address, I am not sure if I have a problem will get quick answer from him. Yes, I hv read those long manual, but then I am still need a personal guide. like this milist or openspf's milis... - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.472 / Virus Database: 269.9.0/853 - Release Date: 6/18/2007 3:02 PM - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] my battle against spam
Regarding question 2, blacklisting a specific From address is usually a waste of time because most spammers use a different fake From address for each spam message. However, if they're not doing that to you, great! Block it! May I humbly recommend spamdyke? http://freesoftware.silence.org/spamdyke/ -- Sam Clippinger Jim Shupert, Jr. wrote: Friends, In my ongoing battle againt spam - I have a few questions. I already do some Bayesian Statistical Scoring with a spam notspam accounts As described in http://wiki.qmailtoaster.com/index.php/SpamAssassin and I am rather certain this is working - based on the repeat offenders that seem to now be tagged ***SPAM*** 2 Qs ((( 1 I find on the wiki this rules_du_jour . This is a script and configuration for adding/updating additional SpamAssassin rule sets from various web sites, primarily http://www.rulesemporium.com http://www.rulesemporium.com/. It has been preconfigured for QmailToaster by Jake. It can be run from qtp-menu or the CLI. In order to run it as a daily cron job, you can do the following: # cp -p /opt/qmailtoaster-plus/etc/cron.daily/rules_du_jour /etc/cron.daily/. *am I to understand that i could cron the above and that will give my antiSpam more smarts?* (((2 I was wondering if there was a local blacklist file... local to my server ( back when I was doing postfix I had a reject.domain hash that i employed ) basically a list of spammers - or does that sort of solution slow every mail transaction down and waste bandwidth? Is any value to Blacklisting this horrible source of spam [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] in some conf on my machine so that noone in my domain would get 2000dealpeaks.com mail and if so is it a good solution? thanks jim - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]