Re: [qmailtoaster] using (dot) .qmail instead of simscan

2006-11-18 Thread Matt Decker 

Just a follow up / FYI...

The following doesn't work in a few cases:

$(echo $RECIPIENT | sed -r 's/[^-]+-//') in place of [EMAIL PROTECTED] in your 
.qmail file

And the cases are:
1. If the domain actually has a dash in it (ie. some-domain.com) (note: 
as a hack I repeated the sed command which works for domains with a 
single dash but not domains with more than one dash)
2. If the domain has domain aliases (it will use whatever domain is in 
the recipient)


So I basically updated all my domains with the line above in everyone's 
.qmail file and then just went back and manually typed the account name 
for domains that fall into the two categories above.


So now I'm basically monitoring the server to see how it performs 
without using simscan for spam scanning and instead using the .qmail 
files to process scanning for spam.  Seems ok as far as I can see.  I 
guess time will tell.


Quinn Comendant wrote:

I too am confronting the issues with simscan not knowing the actual destination 
user account. I haven't setup SQL bayes (yet -- I hope to soon) but I am using 
per-user SQL user prefs.

I have been living with this limitation because blocking spam at the SMTP level is very important (IMHO) both for simply keeping 90% of incoming mail off the server, and also for informing senders that their messages were not received (instead of dropping them into a void). 


The solution I've been considering is to run two instances of spamassassin: one 
through simscan, with a global bayes db blocking messages scoring about XX (I'm 
using 8 actually), and a second instance executed after mail has entered the 
system (at the mail-delivery level) that uses per-user bayes and prefs. Yes, 
scanning some messages twice. The disadvantages of this I can think of are:

- more server load
- more complex administration
- bayes may not be trained as accurately because most mail will be ham 
(?)

The advantages:

+ SMTP-level blocking of most spam
+ per-user bayes and prefs
+ two layers of SA bayes filtering might catch more spam (?)

Maybe the simcan-level SA can run all the non-bayes tests, and use mailfilter 
to rewrite the  X-Spam-* headers as X-Spam-A-*, while the qmail-level SA can 
run nothing BUT the bayes tests and have its headers rewriten as to X-Spam-B-*, 
the add the scores together into X-Spam-Status. This would help server load by 
splitting the work between the two SAs, and you could see headers for each.

I'm sure a very clever (and simple, as opposed to the above) solution to this 
soon. DSPAM support might help!

Specific comments:

  
So I found a solution that works.  But I'm not sure if there are 
negative implications in doing this (i.e. Performance issues, dropped 
emails, etc).



The load on SA will be the same but I think the load on all the other qmail 
processes will increase.

  
2. Created a .qmail file in my account folder 
(/home/vpopmail/domains/somedomain.com/someuser/) that contains the 
following:



Be aware this file will be overwritten or deleted by QmailAdmin when the user 
edits any of their forwards/autoresponder settings!

It would be better to place the file at:
/home/vpopmail/domains/somedomain.com/.qmail-someuser

  
|/usr/bin/spamc -u [EMAIL PROTECTED] | /var/qmail/bin/preline 
/usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' 
/etc/mail/mailfilter



It sure would be easier if you could just have one global .qmail file. I'm not 
sure how to do that, but you could use $(echo $RECIPIENT | sed -r 's/[^-]+-//') 
in place of [EMAIL PROTECTED]

  
It seems to work great.  I just wonder once I put it into production 
with over 100 domains how well it will work.  I know I'll have to 
write some scripts to update everyone's .qmail file, but that is fine 
as long as I know it will work under a load.



Let us know how it works!

Quinn

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

  


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] using (dot) .qmail instead of simscan

2006-11-18 Thread Quinn Comendant 
This might work better then:

$(echo $RECIPIENT | sed -E s/^${HOST}-([EMAIL PROTECTED])+.*/[EMAIL 
PROTECTED]/)

This is assuming no usernames have a - in their username. 

Q


On Sat, 18 Nov 2006 13:14:28 -0600, Matt Decker wrote:
 The following doesn't work in a few cases:
 
 $(echo $RECIPIENT | sed -r 's/[^-]+-//') in place of 
 [EMAIL PROTECTED] in your .qmail file

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] using (dot) .qmail instead of simscan

2006-11-18 Thread Eric \Shubes\ 
Quinn Comendant wrote:
 This might work better then:
 
 $(echo $RECIPIENT | sed -E s/^${HOST}-([EMAIL PROTECTED])+.*/[EMAIL 
 PROTECTED]/)
 
 This is assuming no usernames have a - in their username. 
 
 Q
 
 
 On Sat, 18 Nov 2006 13:14:28 -0600, Matt Decker wrote:
 The following doesn't work in a few cases:

 $(echo $RECIPIENT | sed -r 's/[^-]+-//') in place of 
 [EMAIL PROTECTED] in your .qmail file

Will someone write up a TNT (Tips'N'Tricks) item for this on the wiki?

-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] using (dot) .qmail instead of simscan

2006-11-14 Thread Matt Decker 



Quinn Comendant wrote:

I too am confronting the issues with simscan not knowing the actual destination 
user account. I haven't setup SQL bayes (yet -- I hope to soon) but I am using 
per-user SQL user prefs.

I have been living with this limitation because blocking spam at the SMTP level is very important (IMHO) both for simply keeping 90% of incoming mail off the server, and also for informing senders that their messages were not received (instead of dropping them into a void). 


The solution I've been considering is to run two instances of spamassassin: one 
through simscan, with a global bayes db blocking messages scoring about XX (I'm 
using 8 actually), and a second instance executed after mail has entered the 
system (at the mail-delivery level) that uses per-user bayes and prefs. Yes, 
scanning some messages twice. The disadvantages of this I can think of are:

- more server load
- more complex administration
- bayes may not be trained as accurately because most mail will be ham 
(?)

The advantages:

+ SMTP-level blocking of most spam
+ per-user bayes and prefs
+ two layers of SA bayes filtering might catch more spam (?)

Maybe the simcan-level SA can run all the non-bayes tests, and use mailfilter 
to rewrite the  X-Spam-* headers as X-Spam-A-*, while the qmail-level SA can 
run nothing BUT the bayes tests and have its headers rewriten as to X-Spam-B-*, 
the add the scores together into X-Spam-Status. This would help server load by 
splitting the work between the two SAs, and you could see headers for each.

I'm sure a very clever (and simple, as opposed to the above) solution to this 
soon. DSPAM support might help!

Specific comments:

  
So I found a solution that works.  But I'm not sure if there are 
negative implications in doing this (i.e. Performance issues, dropped 
emails, etc).



The load on SA will be the same but I think the load on all the other qmail 
processes will increase.

  
2. Created a .qmail file in my account folder 
(/home/vpopmail/domains/somedomain.com/someuser/) that contains the 
following:



Be aware this file will be overwritten or deleted by QmailAdmin when the user 
edits any of their forwards/autoresponder settings!

It would be better to place the file at:
/home/vpopmail/domains/somedomain.com/.qmail-someuser

  
I tried your suggestion above and it didn't work for me.  Do I need to 
modify the statement below to work in this file?   I modified my 
mailfilter script to point to the correct mail folder for delivery (it 
uses `pwd` to get the current folder, so it won't work right unless you 
append the username  to the end of the path) which didn't work either.  
Just asking if .qmail-someuser should have a different format than the 
one below.  Any clue?


|/usr/bin/spamc -u [EMAIL PROTECTED] | /var/qmail/bin/preline 
/usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' 
/etc/mail/mailfilter



It sure would be easier if you could just have one global .qmail file. I'm not 
sure how to do that, but you could use $(echo $RECIPIENT | sed -r 's/[^-]+-//') 
in place of [EMAIL PROTECTED]

  
It seems to work great.  I just wonder once I put it into production 
with over 100 domains how well it will work.  I know I'll have to 
write some scripts to update everyone's .qmail file, but that is fine 
as long as I know it will work under a load.



Let us know how it works!

Quinn

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

  


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] using (dot) .qmail instead of simscan

2006-11-14 Thread Matt Decker 



Jake Vickers wrote:

Matt Decker wrote:
I'm migrating my qmail toaster from a site wide spamassassin setup to 
a per user (MySQL based) setup.  The problem I had with this was that 
simscan doesn't know the final main account delivery email address 
for forwards and domain aliases.  This is also a problem when email 
has multiple recipients because it doesn't know which address to use 
when calling for the userprefs AND bayes in MySQL.  The end result is 
that if you use bayes in this setup and someone has several alias 
accounts, those alias accounts will end up in bayes as well instead 
of everything just going into one main email address/account.  Also 
whitelisting via userprefs will only work when mail is sent to the 
main email address and not aliases.


This makes bayes and userprefs in a per user MySQL environment 
unusable with simscan.


So I found a solution that works.  But I'm not sure if there are 
negative implications in doing this (i.e. Performance issues, dropped 
emails, etc).


I changed the following to get a per user MySQL Spamassassin setup 
working correctly:
1. I disabled spam scanning via simcontrol file 
(/var/qmail/control/simcontrol - spam=no)
2. Created a .qmail file in my account folder 
(/home/vpopmail/domains/somedomain.com/someuser/) that contains the 
following:
|/usr/bin/spamc -u [EMAIL PROTECTED] | /var/qmail/bin/preline 
/usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' 
/etc/mail/mailfilter


So it feeds the message through the spamc client and then into the 
mailfilter script which puts my spam in my spam folder.


It seems to work great.  I just wonder once I put it into production 
with over 100 domains how well it will work.  I know I'll have to 
write some scripts to update everyone's .qmail file, but that is fine 
as long as I know it will work under a load.


Any thoughts or advice?
The mailfilter script is now back into the main distribution. You just 
have to turn it on by compiling maildrop-toaster and 
qmailadmin-toaster (it will give each user the Spam detection check 
box in QMail-Admin they can turn on/off:
rpmbuild --rebuild --with cnt40 --define 'spambox 1' 
qmailadmin-toaster-*.src.rpm
Might make things a little easier for you, since the user can select 
the check box which will in turn edit the .qmail file file and create 
a box called Spam.


Whenever someone updates their password their folder location is 
appended to the .qmail file which causes them to get double emails.  Is 
this corrected in the new version?  I basically worked around this by 
creating my own password change PHP script. 





-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] using (dot) .qmail instead of simscan

2006-11-14 Thread Quinn Comendant 
It should work the same as the normal .qmail file.

Try something simple, just to be sure the file works. Create a .qmail-username 
file with the following for testing:

[EMAIL PROTECTED]

Send an email to username and see if the message is forwarded.

Also try fixing the perms on this file:

chown vpopmail:vchkpw .qmail-username
chmod 600 .qmail-username

Q


On Tue, 14 Nov 2006 08:24:19 -0600, Matt Decker wrote:
 I tried your suggestion above and it didn't work for me.  Do I need 
 to modify the statement below to work in this file?   I modified my 
 mailfilter script to point to the correct mail folder for delivery 
 (it uses `pwd` to get the current folder, so it won't work right 
 unless you append the username  to the end of the path) which didn't 
 work either.  Just asking if .qmail-someuser should have a different 
 format than the one below.  Any clue?
 
 |/usr/bin/spamc -u [EMAIL PROTECTED] | /var/qmail/bin/preline 
 /usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' 
 /etc/mail/mailfilter

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] using (dot) .qmail instead of simscan

2006-11-14 Thread Quinn Comendant 
The current version of qmailadmin doesn't do this for me. What version are you 
running? Have you customized the install at all via qmailadmin-toaster.spec?

Quinn


On Tue, 14 Nov 2006 08:16:03 -0600, Matt Decker wrote:
 Whenever someone updates their password their folder location is 
 appended to the .qmail file which causes them to get double emails.  
 Is this corrected in the new version?  I basically worked around this 
 by creating my own password change PHP script. 

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] using (dot) .qmail instead of simscan

2006-11-13 Thread Jake Vickers 

Matt Decker wrote:
I'm migrating my qmail toaster from a site wide spamassassin setup to 
a per user (MySQL based) setup.  The problem I had with this was that 
simscan doesn't know the final main account delivery email address for 
forwards and domain aliases.  This is also a problem when email has 
multiple recipients because it doesn't know which address to use when 
calling for the userprefs AND bayes in MySQL.  The end result is that 
if you use bayes in this setup and someone has several alias accounts, 
those alias accounts will end up in bayes as well instead of 
everything just going into one main email address/account.  Also 
whitelisting via userprefs will only work when mail is sent to the 
main email address and not aliases.


This makes bayes and userprefs in a per user MySQL environment 
unusable with simscan.


So I found a solution that works.  But I'm not sure if there are 
negative implications in doing this (i.e. Performance issues, dropped 
emails, etc).


I changed the following to get a per user MySQL Spamassassin setup 
working correctly:
1. I disabled spam scanning via simcontrol file 
(/var/qmail/control/simcontrol - spam=no)
2. Created a .qmail file in my account folder 
(/home/vpopmail/domains/somedomain.com/someuser/) that contains the 
following:
|/usr/bin/spamc -u [EMAIL PROTECTED] | /var/qmail/bin/preline 
/usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' 
/etc/mail/mailfilter


So it feeds the message through the spamc client and then into the 
mailfilter script which puts my spam in my spam folder.


It seems to work great.  I just wonder once I put it into production 
with over 100 domains how well it will work.  I know I'll have to 
write some scripts to update everyone's .qmail file, but that is fine 
as long as I know it will work under a load.


Any thoughts or advice?
The mailfilter script is now back into the main distribution. You just 
have to turn it on by compiling maildrop-toaster and qmailadmin-toaster 
(it will give each user the Spam detection check box in QMail-Admin 
they can turn on/off:
rpmbuild --rebuild --with cnt40 --define 'spambox 1' 
qmailadmin-toaster-*.src.rpm
Might make things a little easier for you, since the user can select the 
check box which will in turn edit the .qmail file file and create a box 
called Spam.


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] using (dot) .qmail instead of simscan

2006-11-12 Thread Quinn Comendant 
I too am confronting the issues with simscan not knowing the actual destination 
user account. I haven't setup SQL bayes (yet -- I hope to soon) but I am using 
per-user SQL user prefs.

I have been living with this limitation because blocking spam at the SMTP level 
is very important (IMHO) both for simply keeping 90% of incoming mail off the 
server, and also for informing senders that their messages were not received 
(instead of dropping them into a void). 

The solution I've been considering is to run two instances of spamassassin: one 
through simscan, with a global bayes db blocking messages scoring about XX (I'm 
using 8 actually), and a second instance executed after mail has entered the 
system (at the mail-delivery level) that uses per-user bayes and prefs. Yes, 
scanning some messages twice. The disadvantages of this I can think of are:

- more server load
- more complex administration
- bayes may not be trained as accurately because most mail will be ham 
(?)

The advantages:

+ SMTP-level blocking of most spam
+ per-user bayes and prefs
+ two layers of SA bayes filtering might catch more spam (?)

Maybe the simcan-level SA can run all the non-bayes tests, and use mailfilter 
to rewrite the  X-Spam-* headers as X-Spam-A-*, while the qmail-level SA can 
run nothing BUT the bayes tests and have its headers rewriten as to X-Spam-B-*, 
the add the scores together into X-Spam-Status. This would help server load by 
splitting the work between the two SAs, and you could see headers for each.

I'm sure a very clever (and simple, as opposed to the above) solution to this 
soon. DSPAM support might help!

Specific comments:

 So I found a solution that works.  But I'm not sure if there are 
 negative implications in doing this (i.e. Performance issues, dropped 
 emails, etc).

The load on SA will be the same but I think the load on all the other qmail 
processes will increase.

 2. Created a .qmail file in my account folder 
 (/home/vpopmail/domains/somedomain.com/someuser/) that contains the 
 following:

Be aware this file will be overwritten or deleted by QmailAdmin when the user 
edits any of their forwards/autoresponder settings!

It would be better to place the file at:
/home/vpopmail/domains/somedomain.com/.qmail-someuser

 |/usr/bin/spamc -u [EMAIL PROTECTED] | /var/qmail/bin/preline 
 /usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' 
 /etc/mail/mailfilter

It sure would be easier if you could just have one global .qmail file. I'm not 
sure how to do that, but you could use $(echo $RECIPIENT | sed -r 's/[^-]+-//') 
in place of [EMAIL PROTECTED]

 It seems to work great.  I just wonder once I put it into production 
 with over 100 domains how well it will work.  I know I'll have to 
 write some scripts to update everyone's .qmail file, but that is fine 
 as long as I know it will work under a load.

Let us know how it works!

Quinn

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]