RE: [toaster] CHKUSER
I have a chkuser question as well. I'm getting the following message related to some legitimate mail which my server needs to pass thru: @400047817ef31d2e7f44 CHKUSER rejected sender: from [EMAIL PROTECTED]:: remote k2smtpout04-01.prod.mesa1.secureserver.net:unknown:64.202.189.166 rcpt : invalid sender MX domain People at the subject domain seem unwilling - or unable - to make the DNS entry necessary to fix the problem. Regardless, if there's a way to whitelist a known/permitted domain, I suppose it wouldn't hurt to save on DNS overhead. I've tried simply putting an entry in my server's hosts file... I thought that would work but seem to be finding that the hosts file doesn't behave in the manner I thought it did. Bottom line, I still can't make the domain resolve/chkuser pass the mail. Any suggestions? Preferably one that doesn't require recompiling. I'm squeamish about doing that on a production server :) Thank-you in advance, Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, January 10, 2008 6:15 AM To: toaster@shupp.org Subject: [toaster] CHKUSER I need a little help deciphering what's going on here. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_Address_of_allowed_relay rcpt : sender accepted I'm getting a ton of these in my log files but the user CHKUSER is reporting is not sending them. I tried commenting them out of my tcp.smtp file and resetting the tcp.smtp.cdb but I'm still getting the same log. Any help would be greatly appreciated. Thanks Doug
RE: [toaster] contents of /home/vpopmail/etc
Thanks very much Tom. Bill -Original Message- From: Tom Collins [mailto:[EMAIL PROTECTED] Sent: Thursday, September 13, 2007 4:04 PM To: toaster@shupp.org Subject: Re: [toaster] contents of /home/vpopmail/etc On Sep 13, 2007, at 3:21 PM, Bill D'Anjou wrote: I inadvertently deleted the contents of /home/vpopmail/etc. Should anything be in there besides tcp.smtp tcp.smtp.cdb? When you build and install vpopmail, it puts lib_deps and inc_deps in there, and there's a vlimits.default file that should go in there. You can probably find vlimits.default from the source tgz file. And lib_deps and inc_deps probably aren't necessary until you rebuild vpopmail. I don't even think they're necessary to build QmailAdmin or other code that links to libvpopmail. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
[toaster] contents of /home/vpopmail/etc
Dear all, I inadvertently deleted the contents of /home/vpopmail/etc. Should anything be in there besides tcp.smtp tcp.smtp.cdb? Thank-you, Bill
RE: [toaster] messages stuck in simscan
I had the same problem several months ago and posted a similar question here, is there a way to 'process' messages that are left behind in simscan's working directory? I didn't get a response and it's starting to look like you're not getting a resolution either. I ended up having to turn off spamd clamd scanning. Yes, more spam is getting thru now but having customers lose their e-mail due to my server issue(s) is not acceptable. I can't risk turning it back on until I'm certain it won't happen again. For me, the problem seemed to arise when we were under a spam attack. It appears as though simscan could not keep up under the load (or is spamassassin the problem?). Are there faster, more robust alternatives to consider? FYI, I am running greylisting which seems to hold up under any load considerably reduces the amount of spam ( viruses) that get thru. Bill D -Original Message- From: Alexey Amerik [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 04, 2007 3:52 PM To: toaster@shupp.org Subject: Re: [toaster] messages stuck in simscan It does not appear that the message makes it to clamd or spamd. On Apr 4, 2007, at 6:33 PM, Alexey Amerik wrote: 2007-04-04 18:26:44.830410500 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote wx-out-0506.google.com:unknown: 66.249.82.227 rcpt : sender accepted 2007-04-04 18:26:45.087796500 CHKUSER accepted rcpt: from [EMAIL PROTECTED]:: remote wx-out-0506.google.com:unknown: 66.249.82.227 rcpt [EMAIL PROTECTED] : found existing recipient 2007-04-04 18:26:45.155187500 simscan: cdb looking up 2007-04-04 18:26:45.155290500 simscan: cdb for found clam=yes,spam=yes,spam_passthru=yes,attach=.vbs:.lnk:.scr:.wsh:.hta:.p if 2007-04-04 18:26:45.155343500 simscan: pelookup clam = yes 2007-04-04 18:26:45.155365500 simscan: pelookup spam = yes 2007-04-04 18:26:45.155383500 simscan: pelookup spam_passthru = yes 2007-04-04 18:26:45.155406500 simscan: spampassthru = yes/1 2007-04-04 18:26:45.155423500 simscan: pelookup attach = .vbs:.lnk:.scr:.wsh:.hta:.pif 2007-04-04 18:26:45.155441500 simscan: attachment flag attach = .vbs:.lnk:.scr:.wsh:.hta:.pif 2007-04-04 18:26:45.155468500 simscan: .vbs is attachment number 0 2007-04-04 18:26:45.155486500 simscan: .lnk is attachment number 1 2007-04-04 18:26:45.155503500 simscan: .scr is attachment number 2 2007-04-04 18:26:45.155521500 simscan: .wsh is attachment number 3 2007-04-04 18:26:45.155538500 simscan: .hta is attachment number 4 2007-04-04 18:26:45.15500 simscan: .pif is attachment number 5 2007-04-04 18:26:45.155590500 simscan: starting: work dir: /var/ qmail/simscan/1175725605.155567.6415 thats the last message I see in smtpd/current log, turning to pid list, I see this clamav6415 0.0 0.0 1696 444 ?S18:26 0:00 /var/qmail/bin/simscan total other simscan pid's: clamav 31820 0.0 0.0 1696 444 ?S18:04 0:00 /var/ qmail/bin/simscan clamav 32614 0.0 0.0 1696 444 ?S18:08 0:00 /var/ qmail/bin/simscan clamav 501 0.0 0.0 1696 444 ?S18:09 0:00 /var/ qmail/bin/simscan clamav 708 0.0 0.0 1696 444 ?S18:09 0:00 /var/ qmail/bin/simscan clamav1469 0.0 0.0 1696 444 ?S18:12 0:00 /var/ qmail/bin/simscan clamav4938 0.0 0.0 1696 444 ?S18:22 0:00 /var/ qmail/bin/simscan clamav6415 0.0 0.0 1696 444 ?S18:26 0:00 /var/ qmail/bin/simscan clamav7000 0.0 0.0 1696 444 ?S18:28 0:00 /var/ qmail/bin/simscan clamav7352 0.0 0.0 1696 444 ?S18:29 0:00 /var/ qmail/bin/simscan
RE: [toaster] Greylisting
Just curious why Debian isn't one of your preferred distro's Bill -Original Message- From: Rick Macdougall [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 16, 2007 3:03 PM To: toaster@shupp.org Subject: Re: [toaster] Greylisting Nitchi DaMon wrote: dumb question... what are most everyone here running for the OS? I've been using redhat for years now and migrated into the Fedora Core. But I'm open to suggestions. I prefer Slackware, but I also look after CentOS and FreeBSD machines. Probably about 50 or 60 in all. Regards, Rick
RE: [toaster] updates
I'm experimenting with the greylisting patch... while the install seems to have gone fine, greylisting doesn't seem to be active (I'm not seeing an initial delivery delay). I'm clueless on how to debug this. Appreciate some input. Thanks, BD -Original Message- From: Bill Shupp [mailto:[EMAIL PROTECTED] Sent: Saturday, April 23, 2005 5:08 PM To: toaster@shupp.org Subject: Re: [toaster] updates Rick Macdougall wrote: As to Maciej question, yes quite a few people use the greylist patch. We do with about 200 domains, and my personal spam has dropped from 200 a day to 4 or 5 a week. There are problems with 1 - Old NT exchange servers (some banks still use them), you need to white list them, no fix except to get them to upgrade (good luck). 2 - Mail Max, apparently a mail server for Windows, not sure if there is a fix yet, we've whitelisted where we need too. 3 - Old Novell groupwise servers, again we white list where needed. All of them bounce emails when giving a 421 soft error instead of retrying. The majority of our clients and myself can live with that, we've only had one exception in 200 domains, and we just allow all email through for that domain. This is really useful info, thanks for sharing it. I should probably make a more comprehensive page for the greylisting stuff, it seems to generate a lot of questions. Or better yet, perhaps I should figure out how to setup the wiki I installed like 2 weeks ago. I'm in the process of re-writing the greylist patch to allow per user whitelisting (local users) I'd be interested to see if that increases the per connection overhead on a busy system. as well as adding that option to my php SA user interface. After that it will be up to the user if they want to use greylisting or not. Is this user interface publicly available? Regards, Bill
[toaster] Paranoid tcpserver
Could someone provide an example or two of how to modify this file so that tcpserver runs in paranoid mode - and returns an error message to servers with bad (reverse) DNS. Thank-you. #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 800 \ /usr/local/bin/tcpserver -v -H -R -l 0 \ -x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ /var/qmail/bin/qmail-smtpd \ /home/vpopmail/bin/vchkpw /bin/true 21
[toaster] patch without vpopmail
A great document! Very helpful for a newbie like me. Just a couple questions I want to setup a box that will only run qmail the optional items (spamassassin, etc). I'm assuming the patch that's included with the toaster won't apply in such an installation. What do I need to do differently? Also, I'd appreciate some direction on running qmail in paranoid mode (checking forward/reverse DNS). Lastly, I've grown accustomed to running tail -f /var/log/maillog to see sort of realtime mail activity. I noticed after completing this toaster install, stuff gets logged elsewhere. What's the nearest equivalent to what I'm accustomed to seeing? Thank-you for any/all assistance.