[toaster] moving to google groups
All, These discussion lists (both toaster@shupp.org and toaster- t...@shupp.org) are moving to a single Google Group: http://groups.google.com/group/qmail-toaster I've requested invitations be sent to you all, but that could take a day or two, and I'll likely shut down this list tomorrow. So feel free to sign up if you like. Cheers, Bill Shupp
Re: [toaster] adding pop3ds to an existing qmail rollout
On Jun 13, 2009, at 5:12 AM, Edvin Seferovic wrote: I am not sure what that has to do with pop3? J @Bill.. what is your opinion on dovecot? Will there be any new updates to the toaster in the near future? I've played with it a bit, but haven't had time to really test it. It definitely seems lighter weight. And last time I checked (a while ago), vpopmail was deprecated in courier imap. Probably would make sense to have dovecot be the default. Regards, Bill
Re: [toaster] updated toaster rollout
Would you like me to host the toaster if you cant keep it up? Question is, whose gonna maintain the updates. I dont have an immediate rollout - but i might redo this new one maybe in the upcoming week. We should also try and throw in ipv6 in there Satish Hey folks.. I'm out of the country and not able to respond in detail right now, but would like to note that while I haven't been maintaining this toaster in a while, I plan to move it to something like Source Forge, including browsing, downloading, scm management, etc, so that many folks can participate in its upkeep. I'll be back at the end of this month, and welcome any input people have. But I'd prefer to put it in the hands of several folks to maintain, rather than one or two people fork it. Cheers! Bill
Re: [toaster] restart clamd
On Feb 9, 2009, at 7:14 AM, Qmail List wrote: Hi, How do I restart clamd? Do I use svc -du /service/clamd or /etc/init.d/freshclam restart? The former. The latter is just for updating the db. Bill
Re: [toaster] blocking outgoing email
On Jan 9, 2009, at 6:47 AM, Jeff Koch wrote: Hi All: What's the easiest way to block a maildomain from using our smtp server? We have some customers that have infected PC's that are sending out spam. We want to force them to use their ISP's outgoing mailserver but still allow them to connect to pickup mail from their inbox. We have been blocking their IP's in /home/vpopmail/etc/tcp.smtp but since the IP's keep changing this is becoming tedious. Require authorization for those accounts, and then deny SMTP auth for those users. vmoduser -rs u...@domain Regards, Bill
Re: [toaster] Clam updates
On Dec 20, 2008, at 6:12 PM, John Harmon wrote: Bill (and others). I have 2 questions. 1. Bill, any plan to update your clam sometime soon? 2. If I install clam from an RPM (latest version), do I need to do anything to get it to work in conjunction with your toaster? I've been doing a poor job of keeping this toaster up to date over the past year or so. Since taking a full time job at Digg nearly a year ago, I've stopped even doing Qmail consulting, so I'm not building new toasters any more. I think it's time someone else took over updating the documentation and patches. Rick Widmer seemed to be going in that direction, but I'm not sure if he's interested in taking it on. A few people also offered bandwidth, which is appreciated. But I'd rather go with a scalable system like google code or the like, which easily tracks downloads, etc. That way we can also move away from locally managed subversion as well, and put ToasterDoc and BTS up on google code. I can continue to host the toaster and mailing lists, but over time it might make sense to move those as well. Someone willing to take this over should be: 1. Active in the qmail / vpopmail community 2. Comfortable patching qmail 3. Comfortable with PHP and Simplified DocBook 4. Have time to be responsive to bug fixes, feature requests, and manage translations for new releases Anyone interested? Cheers, Bill
Re: [toaster] Toaster update
On Oct 16, 2008, at 7:11 AM, Rick Widmer wrote: Bill: I've been doing an installation of the toaster on a 64 bit OpenSuSE system, and I've been updating a copy of the toaster as I go. You can see the work in progress here: http://www.rickwidmer.com/toaster/ Sure thing. The ToasterDoc code is available here: http://trac.merchbox.com/trac/toasterdoc/wiki The changes so far include: ChangeLog 0.9.3 - 10/07/2008 -- Rick Widmer * Replace courier imap with Dovecot I want to keep courier-imap as an optional install. * Upgrade to squirrelmail 1.4.16 * Added SuSE notes * Added option to use BSD standard UID and GID values * Separate qmail manpath instructions for Debian, SuSE and other * Added symlink for rcqmail from qmailctl for SuSE users * Separated stunnel runfiles into separate sections for easier use * Added an extra br / tag in each code block so there is a \n on the last line when you copy/paste them. * I've added a few more variables similar to you allowing them to set the source directory. These are the values I use for my server: $SourceDir = '/var/src'; $HomeDir = '/mail'; $SystemEmail = '[EMAIL PROTECTED]'; $DocRoot = '/srv/www/htdocs'; $CGIDir = '/srv/www/cgi-bin'; $WebUser = 'wwwrun'; $WebGroup= 'www'; $DataDir = '/srv/www/squirrelmail-data'; I am also considering a dropdown list for target operating system that would hide unrelated notes, and possibly set default values for the other variables. If you are willing, please send me a copy of the PHP source code and any required files, and I'll merge in my updates and send it back to you to review. See above. thanks, Rick p.s. I did try sending this private a couple days ago, but haven't heard anything from you yet. It would be nice to get this soon, as building the server and documenting it is part of my day job, and I get to bill them for the time. Yeah, sorry I haven't responded sooner. Digg is taking over all my free time. There are few changes in trunk that never got released, including a new translation (you can view trunk at http://shupp.org/toaster- beta). There are also several things I'd like to do, which I haven't had time to: * Take advantage of the public domain license and distribute patched djb software * Move software downloads to google code or the like to offload the bandwidth, and also get download statistics * Keep things more up to date! Cheers, Bill
Re: [toaster] complex passwords
On Sep 9, 2008, at 2:04 AM, Mark Walker wrote: Hi, Pls let me know how to enable complex passwords for my users using the toaster. Any way to integrate this with the Active directory environment so that users can have one password for email/network access. This is something that could be added to ToasterAdmin or QmailAdmin. But does not currently exist. Regards, Bill
Re: [toaster] just migrated from courier to dovecot
On Jun 13, 2008, at 5:48 AM, Alessio Cecchi wrote: Il Friday 13 June 2008 11:35:52 Maciej Sołtysiak ha scritto: Hi, just wanted to say that in my setup dovecot is visibly faster than courier-imap. (I'm using dovecot-1.1.rc9) I'm running courier on port 143 and dovecot on 10143 and I've been changing the port in roundcube webmail config to see which is faster and dovecot really is. Also for me dovecot is really much faster than courier. Seems to be snappier to me as well. I've got it running just fine with cdb and quota support enabled. While large mailboxes (and I've got a lot) still take some time to initially load, searches are much faster than courier as well. Anyone have daemontools scripts together already? Regards, Bill
Re: [toaster] authvchkpw module in courier-authlib-0.60.5
On May 23, 2008, at 11:59 AM, Maciej Sołtysiak wrote: Hi Bill, I was thinking of potentially doing an upgrade of authlib and imap and I downloaded courier-authlib-0.60.5.tar.bz2 and saw that authvchkpw module has been removed in version 0.60.4 due to being unmaintained. I didn't dare to install it of course, but do you have plans of creating patches for newer versions or just stick with the older one? Best regards, Maciej Interesting, Sam ignored my last bugfix that I sent him afaik. And vpopmail always seemed like an annoyance, even though Inter7 hosted all the courier stuff for years, and was an early proponent of courier- imap. Maybe it's time to move on. Regards, Bill
Re: [toaster] request feature
On May 18, 2008, at 4:58 AM, Nicola Percacciante wrote: Hi Bill, vpopmail has the options --enable-maildrop --enable-spamassassin, that i found very usefull and i use to make per-user spam settings. Do you improve ToasterAdmin with checkbox to enable/disable that features ? It's already in 0.0.3. Regards, Bill Shupp
Re: [toaster] How to reject messages by keywords ?
On May 17, 2008, at 7:05 PM, Eu wrote: I was wondering if there's a way to configure Sumscan to reject messages containing one or more keywords ? Look at the regex support. I believe it does that. Regards, Bill
Re: [toaster] vpopmaild bug ?
On May 6, 2008, at 7:36 AM, Lampa wrote: Hello, i know but my hack should solve this problem. In some way i have 5 vpopmaild connections but only one was active, others are death and not closed - causing 100% cpu usage. Try telnet to vpopmaild then login and terminate telnet, then watch your cpu load on machine with vpopmaild. Note that Net_Vpopmaild::__destruct() calls quit(). So it *should* always call it, even when exceptions are thrown. However, I do occasionally find stale vpopmaild processes running. So either I'm wrong in the above statement (although I've not been successfully proving that through testing Net_Vpopmaild), or it could be a vpopmaild problem. Regards, Bill
Re: [toaster] Urgent: preline: fatal: unable to run /usr/bin/maildrop: file does not exist
On May 1, 2008, at 12:21 PM, JP Maxwell / Gmail wrote: Hmm - ok, not sure. I did google mailfilter, but it didn't seem too helpful p courier- maildrop - Courier mail server - mail delivery agent i maildrop - mail delivery agent with filtering abilities I installed maildrop from the above list - I'm assuming I didn't want the courier-maildrop. Pardon my ignorance. Everything does seem to work by removing that line from the .qmail files - I'm actually just trying to learn what the problem was. man maildrop You're maildroprc was not migrated. Bill
Re: [toaster] Urgent: preline: fatal: unable to run /usr/bin/maildrop: file does not exist
On May 1, 2008, at 1:32 PM, JP Maxwell / Gmail wrote: Got it! So, if creating a new account on this system does not seem to go through maildrop - my guess is I don't need it anymore? Is that right? That depends. Why are did you need maildrop in the first place? Bill
Re: [toaster] Splitting the Toaster
On Apr 24, 2008, at 8:37 AM, Gary Bowling wrote: I have struggled lately with my server utilization and am now planning to upgrade my hardware. It occurs to me that the majority of my utilization problems are due to spam and virus checking and not general email. How difficult is it to split the spam and clam components off to a different server? Does someone have a cook book on how to set this up? It's not hard. I believe simscan let's you specify the spamc arguments (to talk to a remote spamd server). Regarding clamdscan, I use clamd-stream-client, and call it with a shell script. On the client system, I simply replace the clamdscan binary with my shell script (which calls clamd-stream-client to talk to the remote clamd server). No changes to the simscan setup needed for this. Regards, Bill
Re: [toaster] Splitting the Toaster
On Apr 24, 2008, at 10:22 AM, Harm van Tilborg wrote: Hi Bill, What exactly is the benefit of using clamd-stream-client? What we do is we have seperate boxes that receive e-mail (6 systems in total), which are announced as four different MX hosts. They all do spam (spamassassin) and virus (clam) scanning, and forward e-mail (if it contains no viruses, and a spam score lower then 15) to the MTA servers. If such MX servers (as we call it) fails, there are 5 servers left to replace this one. So concurrency is quite spread out. However, MTA servers are all single, we are still looking for a good solution to this... It just depends how you want to scale your infrastructure. By segregating scanning from smtp, you can put more horsepower behind the scanning segment, and less behind the smtp part. So I think it's more flexible. But it's also more complex than what you're doing. However, if you're using NFS for chkuser lookups, your method might be more taxing on the NFS box. Both solutions will likely work fine, though. Regards, Bill
Re: [toaster] Delivery Status Notification (Failure) - spammers
On Apr 24, 2008, at 12:59 PM, Andras Kende wrote: Hello, Can you tell me what is the best way to deal with Delivery Status Notification (Failure) notices if due to spammers faking sender from field? Enabling SPF can help. Regards, Bill
[toaster] ToasterAdmin 0.0.3
All, I just posted 0.0.3. From the ChangeLog: 0.0.3 - 4/21/2008 * Centralize form creation in ToasterAdmin_Form::factory() * Added edit account limits * Added Italian Translation (thanks Filip Majewski) * Force character set with bind_textdomain_charset() * Added Dutch translation (thanks Harm von Tilburg) * Added Portuguese BR translation (thanks Carlos Cesario) http://trac.merchbox.com/trac/toasteradmin Cheers, Bill
Re: [toaster] Toaster Admin
On Apr 15, 2008, at 8:46 AM, Qmail List wrote: Hi Bill, Vqadmin has the following functions. Will Toaster Admin inherit them? Is it possible to have an overall administrator which is able to access these features? Domains Add Domain Add Alias Domain Delete Domain View Domain List Domains Email Accounts Add Email Account Delete Email Account View Email Account Show Users Global Qmail Controls Qmail Control Files Current feature list is here: http://www.mail-archive.com/[EMAIL PROTECTED]/msg25962.html You have to grant sysadmin privileges from cli right now: vmoduser -S [EMAIL PROTECTED] Regards, Bill
Re: [toaster] ToasterAdmin 0.0.2
On Apr 14, 2008, at 12:06 PM, Lampa wrote: Hello, installed and works perfectly ;) Runnig qmail on other host than web (for qmailadmin must be apache installed on qmail machine) Is there some documentation (API) about vpopmaild? We must write own app for some managers, which wants everything in one window. So need to know how to comunicate with vpopmaild. There is README.vpopmaild. But your best bet is to check out the vpopmaild.c source. There's also some help from the help command. If you're developing in PHP, you can view the API docs for Net_Vpopmaild: http://pear.php.net/package/Net_Vpopmaild/docs/0.2.1/ Perhaps czech translation will be available soon. That would be great, thanks! Cheers, Bill
Re: [toaster] ToasterAdmin
On Apr 13, 2008, at 12:01 AM, Lampa wrote: Hello, is possible to see screenshots or demo to try it ? Screenshots are now on the wiki. There is also a 0.0.1 release, which includes the PEAR dependencies. Regards, Bill Shupp
Re: [toaster] ToasterAdmin
On Apr 13, 2008, at 8:03 AM, Jeff Koch wrote: Hi Bill - I looked all over your website and can't find the wiki - can I have a link please? http://trac.merchbox.com/trac/toasteradmin Regards, Bill
Re: [toaster] --enable-valias support in toasteradmin
On Apr 13, 2008, at 7:52 AM, aichains wrote: hi bill, thanks for your work! for some reason when i add a forward for a domain, i get a .qmail-FWDNAME in the domain's homedir rather than a line inserted in vpopmail.valias mysql table. is that the correct/intended behavior ? here is the configure line for my vpopmail (5.4.25) $ ./configure --prefix=/usr/local/vpopmail \ --enable-tcpserver-file=/var/qmail/control/cdb/public.rules \ --enable-file-sync --enable-qmail-ext --enable-auth-module=mysql \ --enable-logging=v --enable-mysql-limits --enable-mysql-replication \ --enable-valias --enable-onchange-script --disable-users-big-dir \ --no-create --no-recursion i think the --enable-valias bit is the issue im seeing... os is centos5, 32bit. This might be a vpopmaild issue. Using the cdb backend, I don't get these results. I'll have to setup a MySQL test environment to see if I can reproduce this. But this might not be for a few days. also, a feature i always wanted in qmailadmin was an account that could control all domains from one login...i thought the provisions for this were already built into vpopmail's bitmask permission schema (vmoduser -S)... You can't currently make that change in ToasterAdmin (but will be able to later). But in the meantime, you can grant it from the command line (vmoduser -S [EMAIL PROTECTED]), and then log into ToasterAdmin as [EMAIL PROTECTED] . Now [EMAIL PROTECTED] will be able to modify all domains. Regards, Bill
Re: [toaster] ToasterAdmin
On Apr 13, 2008, at 1:18 AM, Qmail List wrote: Screenshots are now on the wiki. There is also a 0.0.1 release, which includes the PEAR dependencies. I tried installing it. It says Connection refused. Any idea? Either config.xml is not configured to point to the right host/port, or vpopmaild is not running. See if you can connect manually via telnet. $ telnet localhost 89 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. +OK quit +OK Connection closed by foreign host. Regards, Bill
Re: [toaster] ToasterAdmin
On Apr 13, 2008, at 1:54 AM, Lampa wrote: How much is vpopmail 5.4.26 stable to use in real server. Any changes which are not in touch with vpopmaild ? Thank you. See the ChangeLog. The changes are not significant, but required by ToasterAdmin. Regards, Bill
Re: [toaster] ToasterAdmin
On Apr 13, 2008, at 8:56 AM, Qmail List wrote: Screenshots are now on the wiki. There is also a 0.0.1 release, which includes the PEAR dependencies. I tried installing it. It says Connection refused. Any idea? Either config.xml is not configured to point to the right host/port, or vpopmaild is not running. See if you can connect manually via telnet. Yes. Its working. I had forgotten to ln -s vpopmaild run script to / service Will mailing list be added? Yes, as noted many times before. :) I can't do it until vpopmaild supports it. Last time I check with Rick Widmer, he was planning to add the ezmlm support to vpopmaild. But I'm not sure if that's still the case. It'll get added eventually. Regards, Bill
[toaster] ToasterAdmin 0.0.2
All, I've just posted ToasterAdmin 0.0.2. The main change is a Turkish translation by Metin KAYA. (Within 8 hours of the release, no less! Thanks Metin!). Unless you need this translation, there's no reason to upgrade. http://trac.merchbox.com/trac/toasteradmin Cheers, Bill
Re: [toaster] ToasterAdmin 0.0.2
On Apr 13, 2008, at 12:06 PM, Harm van Tilborg wrote: Bill, You're doing great. I haven't tried it yet, but I will within two weeks. I will also make a Dutch translation for you (and for everyone else of course ;]). Excellent! I was however wondering if ToasterAdmin is fully compatible with everything generated by qmailadmin and vqadmin. I.e. the made limit files, vacation msgs, etc. etc. It should be, but it needs thorough testing. Regards, Bill
[toaster] ToasterAdmin
All, I've been a working on a vpopmail administration tool, ToasterAdmin, which is now ready for wider testing. So I'd like to encourage any brave folks with some extra time on their hands to give it a whirl. Before doing so, please note a few things: 1) This is alpha quality, do not try it in production. 2) Installation requires installing PEAR packages and checking out source from subversion. If you are not comfortable with this, you should wait until there are release packages available later. 3) There is no Mailing List support - that is pending ezmlm support in vpopmaild. 4) Requires vpopmaild to be running (there is an example run file on the wiki). That being said, feel free to try it: http://trac.merchbox.com/trac/toasteradmin Some highlights: 1) Written in OOP PHP 5, using PEAR and an MVC Framework. Should be easy to maintain. 2) Uses the the new Net_Vpopmaild PEAR package to communicate with a remote vpopmail system - ToasterAdmin doesn't need to run on your mail server. 3) Uses the Smarty template engine. 4) Will have internationalization (not all text is wrapped in gettext calls yet). 5) Intended as a hybrid replacement of QmailAdmin and VQAdmin. Cheers, Bill Shupp
Re: [toaster] Domainkeys
On Apr 3, 2008, at 11:36 AM, Dennis Erickson wrote: I found this is one of the archives and wanted to know if this is still current before I try any implementation. http://www.mail-archive.com/toaster@shupp.org/msg03892.html Wed, 26 Apr 2006 12:54:24 -0700 That post is very old. Building libdomainkeys and the qmail patch have been rolled into the toaster for a while now. Those directions are obsolete if you installed qmail via this toaster. Regards, Bill
Re: [toaster] IMAP Folders
On Mar 13, 2008, at 11:44 AM, Jeff Koch wrote: Hi: When we setup a new domain or new users to the mailserver with ./ vadddomain or ./vadduser we generally do not see the skelton IMAP folders getting created - i.e. sent, drafts, etc. When exactly do they get created and is there a way to force them to be created when an email acocunt is setup? It gets confusing to end users. Those are setup by any IMAP client. If you want to create a specific skeleton, you could wrap your creation scripts in a shell script that creates them and populates courierimapscribed file. You might want to note that there is no standard naming conventions of these folders. One client might default to recognizing sent, drafts, and trash, while another would use sent-maill, Drafts, and Trash. I've seen this a lot when switching between Mail.app, SquirrelMail, and IMP. Regards, Bill
Re: [toaster] Possible doc error ?
On Feb 25, 2008, at 10:04 AM, Rick Macdougall wrote: Hi, One of my bussies was using the toaster to install a new server and came across this prereq. yum install gcc g++ gcc-g++ gdbm gdbm-devel openssl openssl-devel stunnel krb5-devel bzip2 bzip2-devel He really needed c++ and gcc=c++, not g++. Is this a typo ? The last time I checked, the RH rpm name was gcc-c++. But that was a while ago. Note that different distributions use different package names. What distribution are you using? Regards, Bill
Re: [toaster] Installing Toaster on Fedora 8
Jeff Koch wrote: g++ gcc-g++ installed. Unless there's a typo Yum reports that g++ and gcc-g++ do not exist. Not all distributions use the same name, that's probably the issue. Does anyone have a list of which RPM distributions use which names? Regards, Bill
[toaster] qmail in public domain
It's official: http://cr.yp.to/qmail/dist.html And according to this article, all his software is in public domain: http://linux.slashdot.org/linux/07/11/30/0430201.shtml I haven't checked them all yet. Regards, Bill
Re: [toaster] qmail in public domain
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Dec 3, 2007, at 8:13 AM, Jason 'XenoPhage' Frisvold wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bill Shupp wrote: It's official: http://cr.yp.to/qmail/dist.html And according to this article, all his software is in public domain: http://linux.slashdot.org/linux/07/11/30/0430201.shtml I haven't checked them all yet. Awesome news.. So what are your plans in lieu of this? Any changes to your toaster as a result? I don't have any solid plans at the moment, as I'm pretty busy with other stuff right now. I'd love to have the time to maintain debian packages of the whole toaster suite. But the src install instructions are pretty handy to have, especially when working with some of the BSD variants and OS X. And as of now, I'm only aware of qmail being in the public domain. So there would be issues with the other related packages until that changes. But I suspect there will be different efforts. Some folks will maintain OS specific binary packages, some will stick with DBJ specific locations for their packages, etc. I'm sure the QmailToaster guys will switch over to binary rpms pretty quickly, as their system is pretty automated. Anyway, I'll be getting back to a toaster update soon, as it's a little out of date. But it may not be much different at the moment. I'm actually more interested in finishing up ToasterAdmin now that Net_Vpopmaild has been release through PEAR. Regards, Bill Shupp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) iD8DBQFHVNfWi7Tq+kmcqjURAiORAJ42njlU+29pWYKNMZYwhGnRh9F1nQCdHWU/ a/2BrCfUm9HbiCoIZpIKYbI= =6y1R -END PGP SIGNATURE-
Re: [toaster] qmail blacklist
On Nov 12, 2007, at 3:15 PM, Lampa wrote: Hello, which are current rbl sites for rblsmtpd ? I'm using -r sbl-xbl.spamhaus.org -r list.dsbl.org -r rbl-plus.mail-abuse.org -r cbl.abuseat.org. Or there is better way to drop spammers ? zen.spamhaus.org also includes public IPs, as well as sbl-xbl. I think that's important. However, you must have a dedicated incoming mx process, as your customers on public IPs would get denied. Regards, Bill
Re: [toaster] qmail in the public domain?
On Nov 12, 2007, at 3:34 PM, Alessio Cecchi wrote: http://www.gossamer-threads.com/lists/qmail/users/133813 We expect a new version of qmail, like qmail-1.06 ? That's the rumor, which has been confirmed by Russell Nelson. However, http://cr.yp.to/qmail/dist.html has not been updated to reflect it. Regards, Bill Shupp
Re: [toaster] Applying John Simpsons validrcptto patch
On Nov 3, 2007, at 9:34 AM, Rick Widmer wrote: Tom Collins wrote: On Nov 1, 2007, at 4:50 PM, Bill Shupp wrote: What does this patch do that chkuser doesn't already do? Validrcptto uses ONCHANGE to monitor actions that add or delete accounts on the mail server. The valid address list is stored in a .cdb file that is easy to copy to other servers in a cluster. Earlier versions used cron to scan the user list periodically. Chkuser links to vchkpw and valias_some kind of get to determine if an address is valid. This should be much faster, but only works on the local machine. Maybe there could be a version that works with vpopmaild, but still I think validrcptto is a better choice for clusters. In the clusters I build, I always have NFS mounts of the mail spool on the smtp boxes for just this reason. chkuser works fine if it has access to local files, and there's no syncing needed. Regards, Bill
Re: [toaster] Applying John Simpsons validrcptto patch
On Nov 1, 2007, at 8:08 AM, Sasa Ebach wrote: Hey, I am trying to apply John Simpsons validrcptto[1] patch[2] to the netqmail source, but I am getting errors. # patch ../netqmail-1.05-validrcptto.cdb.2.patch patching file Makefile Hunk #1 FAILED at 1535. Hunk #2 FAILED at 1553. 2 out of 2 hunks FAILED -- saving rejects to file Makefile.rej patching file qmail-smtpd.c Hunk #1 FAILED at 23. Hunk #2 succeeded at 291 with fuzz 2 (offset 230 lines). Hunk #3 FAILED at 331. Hunk #4 FAILED at 355. Hunk #5 succeeded at 475 (offset 252 lines). Hunk #6 FAILED at 590. Hunk #7 FAILED at 753. 5 out of 7 hunks FAILED -- saving rejects to file qmail-smtpd.c.rej I am applying this patch after I applied the toaster patches. Which is probably why it won't work. I am wondering if anybody else has done this successfully? Are these two patches mutually exclusive? [1] http://qmail.jms1.net/patches/validrcptto.cdb.shtml [2] http://qmail.jms1.net/patches/netqmail-1.05-validrcptto.cdb. 2.patch What does this patch do that chkuser doesn't already do? Bill
Re: [toaster] Qmail Failover Server issues
On Sep 12, 2007, at 8:06 AM, James Gorz wrote: In-house we've set up a server to act as a secondary MX record to the domains we host mail. The server then forwards these messages to the actual mail server the domain is hosted. The goal is that, in the event a server dies, mail is still collected and gathered, waiting to be delivered to the proper server. The setup of qmail follows the toaster guide. Because the actual mail servers are working fine - the server is getting nothing but spam and junk emails, filling the queue is growing to huge sizes over 117K in messages! Spamassassin is barely able to keep up with the load, and I'm sure clamav isn't far behind. We've been pruning the queue of messages using qmHandle, but we need something that handles things on its own. We've also set the queue lifetime to be 12 hours. Some ideas we've been comtemplation to fix the issue: - another failover server set up the same way that handles 1/2 the domains secondary MX records. - some qmail patch that reject the mail if the actual server is still online and operational - keep failover server offline until needed Any suggestions on this are appreciated. Thanks. I put greylisting on all backup MX boxes. It weeds out a lot of the junk. Make sure it has a lot of RBLs setup too, especially dialup/ public lists, which can block a lot of bot nets. Bill
Re: [toaster] Need some advice on webmail clients
On Sep 7, 2007, at 12:14 PM, Jose wrote: Hello, I'm looking for some advice about webmail clients. I'm still using sqwebmail because it's very lighter and accesses maildirs directly. Now I'm gonna move to a new server, and I'm looking for a new webmail client for my toaster. With more than 20,000 users accessing daily the webmail, I'm afraid the system gets very slow with a php-based client such Squirrelmail or Imp. Another solution is Openwebmail, a perl webclient that accesses maildirs directly (with a patch). So, what do you recommend ? Horde/Imp, Squirrelmail or should I sacrifice some beauty functions and use sqwebmail or openwebmail instead ? I doubt you will find better performance than SqWebmail. All IMAP clients pale in comparison. But last time I checked, SqWebmail *still* didn't have a search feature, and some of the HTML is hard coded. Two things that made it less appealing. I've also found it ignores my do not archive settings, and always archives my sent mail. Anyway, IMP is more feature filled, looks very nice, but is a bit sluggish. SquirrelMail has a really easy to use plugin architecture, uses its own imap functions (not the imap extension), so it's more appealing to work with in some regards. That's what I use currently. You might also have a look at RoundCube. Itt uses AJAX nicely to have more of desktop feel to it, and the skin looks like Thunderbird. Looks very promising. But for performance, it's still IMAP and if you have a really really big mailbox like mine, it can be sluggish. Regards, Bill
Re: [toaster] Blackberry integration
On Sep 5, 2007, at 10:43 PM, Mark wrote: Hello, Kindly let me know if it is possible to integrate blackberry with the toaster and if yes how to do it. Please treat as urgent. The toaster works with any IMAP/POP client. Regards, Bill
Re: [toaster] Bill Shupps Qmailtoaster + Domainkeys installation howto with TSL 3.05
On Aug 29, 2007, at 8:03 PM, [EMAIL PROTECTED] wrote: Hi, I have edited the title. Many thanks also. Thanks!
Re: [toaster] SMTP AUTH and authenticated sender
On Aug 3, 2007, at 5:28 AM, Muhammad Mukmin Pattikraton wrote: On 8/3/07, Bill Shupp [EMAIL PROTECTED] wrote: On Aug 2, 2007, at 8:54 PM, Muhammad Mukmin Pattikraton wrote: Hello, I know when someone has authenticated via SMTP AUTH mechanism, he or she can send email with whatever sender address. My question, is there a way to restrict the sender address with the address that being used to authenticate ? Or at least restrict the domain. Any help would be appreciated. Thank you. /var/qmail/control/badmailto man -M /var/qmail/man qmail-smtpd Regards, Bill Ok, I've read the documentation about badmailto but (please correct me if i'm wrong) it's used to reject email with recipient address' listed in it. My problem is ... Let's say Mr. Foo has an account [EMAIL PROTECTED] in Mail System A with SMTP AUTH verification and vpopmail. When Mr. Foo has succeeded to authenticate with [EMAIL PROTECTED] and password *** , I want him can only send email with sender address [EMAIL PROTECTED] And when he tries to use sender address [EMAIL PROTECTED] when he had authenticated with [EMAIL PROTECTED], the system will reject to relay so he could not fake the sender address. Is that possible to do that ? Any help would be appreciated. Thank you. Sorry, I misread your query. I'm not aware of how to do what you need. However, the authenticated user will be embedded in the headers. So it's not completely forged. Bill
Re: [toaster] SMTP AUTH and authenticated sender
On Aug 2, 2007, at 8:54 PM, Muhammad Mukmin Pattikraton wrote: Hello, I know when someone has authenticated via SMTP AUTH mechanism, he or she can send email with whatever sender address. My question, is there a way to restrict the sender address with the address that being used to authenticate ? Or at least restrict the domain. Any help would be appreciated. Thank you. /var/qmail/control/badmailto man -M /var/qmail/man qmail-smtpd Regards, Bill
Re: [toaster] Problem with Outgoing mail
Kris, Please do not put the toaster list address in in both to and cc: From: [EMAIL PROTECTED] To: toaster@shupp.org, Jussi Siponen [EMAIL PROTECTED] Cc: toaster@shupp.org toaster@shupp.org It just creates duplicates for everyone. Regards, Bill
Re: [toaster] Spam scores required
[EMAIL PROTECTED] wrote: Hi Bill, nice to write to you ;-) Unfortunately yes: It was created by configure, which was generated by GNU Autoconf 2.59. Invocation command line was $ ./configure --enable-user=clamav --enable-clamav=y --enable-spam=y --enable-spam-passthru=y --enable-per-domain=y --enable-ripmime --enable-attach=y --enable-received=y --enable-custom-smtp-reject=y --enable-spam-hits=6 --enable-quarantinedir=/var/qmail/quarantine Should I disable anything? Make sure your custom simcontrol entry is *above* any default entry. If it's below it, the default will override your custom entry. Rules are read from the top down, just like tcp.smtp. Regards, Bill
Re: [toaster] simscan error message
Joey Novak wrote: I get that error message on our mail servers to, and have been for a long time... Yeah, I believe it's a simscan issue, and it's nothing to worry about. Just ignore it. Bill
Re: [toaster] Problem with ezmlm and alias domain
Martin Pittelkow wrote: Hi, for all who encounter the same problem: I have a domain domain.tld and a domain alias.tld aliased to domain.tld. I added a mailing list [EMAIL PROTECTED]. My problem: When I send a mail to [EMAIL PROTECTED] (i.e. the aliased domain which should have the mailing list, too), I get an error: ezmlm-reject: fatal: List address must be in To: or Cc: (#5.7.0) Add the option -T after ezmlm-reject in the file /listname/editor - this will fix the problem. While it may solve your problem, I wouldn't do it. Requiring the list name to be in the to or cc headers is pretty important in securing the list IMO. Regards, Bill
Re: [toaster] Problem with ezmlm and alias domain
Martin Pittelkow wrote: Hi there, I have a domain domain.tld and a domain alias.tld aliased to domain.tld. I added a mailing list [EMAIL PROTECTED]. My problem: When I send a mail to [EMAIL PROTECTED] (i.e. the aliased domain which should have the mailing list, too), I get an error: ezmlm-reject: fatal: List address must be in To: or Cc: (#5.7.0) Any hint how to fix this? I don't believe ezmlm works with aliased domains. Check out www.ezmlm.org, though, that's the main source for ezmlm-idx lists. Bill
Re: [toaster] Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)
[EMAIL PROTECTED] wrote: Hi List, Does anybody experienced problem Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)? I have tried googling and found some answers but none work with my toaster. Many thanks for any reply and response. It means exactly what is says... Sorry, I [qmail-remote] wasn't able to establish an SMTP connection [to the remote mail server]. This means one of the following: a) The server is down/not accepting connections b) There is network trouble between your mail server and the remote mail server Nothing more, nothing less. Bill
Re: [toaster] simscan core dumping on me
Sasa Ebach wrote: Hi, first: great tutorial. Thank you for all this hard work. Thanks, glad you find it useful. Now. For some reason I cannot get simscan to work und Debian Etch. Here is my info: I compiled simsan with: ./configure \ --enable-user=clamav \ --enable-clamav=y \ --enable-spam=y \ --enable-spam-passthru=y \ --enable-per-domain=y \ --enable-regex=y \ --enable-ripmime \ --enable-attach=y \ --enable-received=y But when I call it, it dumps on me. Here is a transcript. simscan segfaults when you call it from the command line (for me on Sarge, anyway). It probably shouldn't. But it does work fine when called properly from qmail-smtpd. Does it not for you? Bill
Re: [toaster] setting up smtp-auth
Kubilay Akyol (Radore Telekom) wrote: Hello, How will I add a MX2 configuration to toaster? As far as I know it Works work ETRN commands? ETRN is not supported as far as I know. Any examples? Just setup another qmail installation (no vpopmail). Sync over the rcpthosts, and morercpthosts* files on a periodic basis (daily or hourly), and add the new MX as a lower priority MX host. It's really as simple as that. You probably want to increase spam defenses on the secondary MX, since it'll be more of a target. I personally use greylistsing on all secondary MX boxes. Regards, Bill Shupp
Re: [toaster] setting up smtp-auth
Bill Shupp wrote: Kubilay Akyol (Radore Telekom) wrote: Hello, How will I add a MX2 configuration to toaster? As far as I know it Works work ETRN commands? ETRN is not supported as far as I know. There is this patch, but I've never used it: http://world.std.com/~pacman/qmail-etrn.diff Bill
Re: [toaster] setting up smtp-auth
Hank wrote: Hello, I installed the shupp toaster on a RHEL 3 server a couple of years ago, and haven't really touched it since. I now need to enable smtp-auth and disable regular (non-auth) smtp connections (don't worry, they had been restricted by two firewalls only to allowed IPs). I've searched the web and the history of this list looking for a real quick how to to do this (enable/configure one, disable the other). I have the following reply when telnetting to the server: ehlo test 250-..net 250-STARTTLS 250-PIPELINING 250-8BITMIME 250-SIZE 0 250 AUTH LOGIN PLAIN CRAM-MD5 So it's installed... I just don't know how to configure it. Any help or pointers would be most appreciated. Have you tried it and it failed? Looks like it's already setup to me. Bill
Re: [toaster] domainkeys ???
Michael D Schleif wrote: At the bottom of this page: http://www.shupp.org/toaster/?page=qmail there is the last section, headed thusly: Now let's compile libdomainkeys, we'll need that later: I do NOT see where this is later used. What am I missing? qmail-toaster-0.9.1.patch requires the libdomainkeys library. This patch is applied to netqmail during vpopmail installation (libvpopmail is also required by the patch). There are currently no instructions in the toaster on implementing qmail-dk. Check out the man qmail-dk man page for implementation information, it's all there. Regards, Bill
Re: [toaster] simscan-1.3.1.shupp2: spam_hits NOT working ???
Bill Shupp wrote: Michael D Schleif wrote: We did NOT change spamassassin. Other than --enable-spam-hits=6 -- which nullifies --enable-spam-passthru=y , doesn't it? -- I do NOT find any clues in your config. What else ought I to investigate? I'm seeing the same problem. I have not had time yet to track it down, but will report back when I do. Ok, I simply had not configured it with spam-hits when I upgraded (look for unimplemented flag spam_hits = ... when debugging). I now have simscan 1.3.1shupp2 compiled thusly: ./configure --enable-user=clamav \ --enable-spam-hits=10 \ --enable-clamav=y \ --enable-spam=y \ --enable-spam-passthru=y \ --enable-per-domain=y \ --enable-ripmime \ --enable-attach=y \ --enable-custom-smtp-reject=y \ --enable-received=y Debug now shows this: simscan:[15929]:SPAM REJECT (38.10/10.00):... Which means 10 is overriding 5 in local.cf. And a spam_hits=3 override is working as expected: simscan:[16535]:SPAM REJECT (23.70/3.00): ... Regards, Bill Shupp
Re: [toaster] simscan-1.3.1.shupp2: spam_hits NOT working ???
Michael D Schleif wrote: We did NOT change spamassassin. Other than --enable-spam-hits=6 -- which nullifies --enable-spam-passthru=y , doesn't it? -- I do NOT find any clues in your config. What else ought I to investigate? I'm seeing the same problem. I have not had time yet to track it down, but will report back when I do. Regards, Bill
Re: [toaster] sub domain mail routing
Mark wrote: Dear all, I have 5 domains say sub1.domain.com with user1 ...sub5.domain.com with user5 in it. All mails will be received by mail.domian.com and if it is for user1 it needs to be routed to mail.sub1.domain.com. Please let me know if this is possible. Thanks Sounds like you want sub1.domain.com to be the default domain, so that the client can just use user1 instead of [EMAIL PROTECTED]. If so I believe you can just put sub1.domain.com in ~vpopmail/etc/defaultdomain. I don't recall if there's still a configure option required for this. There used to be, but that might not be the case anymore. Regards, Bill
Re: [toaster] courier issues?
John wrote: I spoke too soon, during the make, I get: Compiling authdaemon.c authdaemon.c:1: error: bad value (generic) for -mtune= switch make[2]: *** [authdaemon.lo] Error 1 make[2]: Leaving directory `/var/src/courier-authlib-0.59.1' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/src/courier-authlib-0.59.1' make: *** [all] Error 2 Any ideas? None. You might try the courier users list. Regards, Bill
Re: [toaster] SMTP timeout sending mail
J.T. Johnston wrote: In the last few days I have been having extremely long waits when sending emails. It is now to the point that most mail clients timeout before the server responds. I have connected via telnet on port 25 and noticed that I connect but have a wait of 1 to 2 minutes before the '220 - mail.mydomain.com Welcome to Qmail Toaster...' line comes up. The last time I had a problem with email similar to this, the DNS servers that I use had changed (I'm not using DNS caching). Now, it appears that DNS lookups are very quick (pinging google.com returns an address immediately receiving email is not a problem). Any suggestions? Your rsa/dh temporary keys might not be readable, or are missing, causing them to be created on the fly. Try running /var/qmail/bin/update_tmprsadh. Regards, Bill
Re: [toaster] simscan: connect error 2
Noel Sanchez wrote: Hi All, I am using the latest toaster version and getting this error, is it normal? and i noticed email with this error doesn't go through. I read mail archive said this error was fix with the version of 1.3x. Really need help on this. Thanks in Advance. I had a siliar problem and followed this advice and found a fix: http://osdir.com/ml/mail.qmail.simscan/2007-01/msg2.html It appears that it's related to the new p0f passive finger printing with poor mans greylisting for unknown windows senders feature. Can anyone attest to how useful this is? I've not looked at it closely yet. Regards, Bill
Re: [toaster] Simscan 1.3.1.shupp2
Shane Chrisp wrote: On Mon, 2007-05-07 at 13:58 +0800, Shane Chrisp wrote: Well I can confirm that raising the score to 10 as below fixed the issue. It would appear that if SA marks the message as spam, then simscan would bounce it regardless of the score in the simcontrol file. Im using a score of 10 as none of the domains are using a score higher than this, but you would probably be able to set the required_hits to 100 if you wanted to. Spamd: 2007-05-07 21:08:06.336703500 [678] info: spamd: clean message (8.6/10.0) for clamav:89 in 6.9 seconds, 18645 bytes. simscan: 2007-05-07 21:08:06.448404500 simscan:[2406]:SPAM REJECT (8.60/5.50):9.3654s:Any idea:... Shane I thought spam_hits was to be used with spam_passthru. So you would not rely on rejecting spam via spam_assassin's threshold, but only spam_hits in simcontrol. So that the point of spam_hits is so you can allow spam in under a certain threshold, say for going through an optional spam folder, rather than SMTP rejection. This is the only way that I've used spam_hits in the past rather than just turning off passthru. Regards, Bill
Re: [toaster] French Translation
laety Boop wrote: I am going to work on a french translation. If someone is intersting to help for this job please contact me. Laety, I don't believe anyone is working on a French translation yet, so that would be great if you could do one. The original English file can always be downloaded here: http://trac.merchbox.com/trac/toasterdoc/browser/trunk/locale/en/LC_MESSAGES/messages.po?format=raw And you can browse other translation files for reference in the Trac browser starting here: http://trac.merchbox.com/trac/toasterdoc/browser/trunk/locale/ I recommend you join the [EMAIL PROTECTED] mailing list, as all translation efforts are coordinated there. Thanks! Bill Shupp
Re: [toaster] Stunnel v4 + pop3ds problem
laety Boop wrote: Hi Rick ! Thank you for your answer. I used the Bill's toaster pop3d.run.v4 as he told to do with stunnel v4. Does someone has any idea ? The problem is that stunnel is for some reason defaulting to /etc/stunnel/stunnel.pem, it's not honoring your cert entry in stunnel.conf. I don't know why that is, though. Your run and conf files look correct. Perhaps there's a debug or verbose argument to stunnel. You could also sym-link the pem file to see if that works as a test. Regards, Bill
Re: [toaster] openssl-0.9.8e problem and solution
Maciej Sołtysiak wrote:
Hi,
I am using Bill's toaster and found on one of my debian servers that
after an upgrade to openssl-0.9.8e
I stopped received mail. I checked the logs of sending mail servers and
found stuff like:
deferral:
TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake_failure;_connected_to_1.2.3.4
Quick googling brought me to this:
http://www.thegillis.net/content/view/41/31/
and I found that the solution suggested works with this setup too. You
just:
--- netqmail-1.05-orig/qmail-smtpd.cFri Apr 6 18:08:05 2007
+++ netqmail-1.05/qmail-smtpd.cSat Apr 7 09:04:21 2007
@@ -1173,7 +1173,7 @@
ciphers = env_get(TLSCIPHERS);
if (!ciphers) {
-if (control_readfile(saciphers, control/tlsserverciphers) == -1)
+if (control_readfile(saciphers, control/tlsserverciphers, 0) == -1)
{ SSL_free(myssl); die_control(); }
if (saciphers.len) { /* convert all '\0's except the last one to ':' */
int i;
http://www.thegillis.net/examples/qmail/netqmail-fix.patch
Yes, this was reported to me, and was fixed in 0.9.1 of the
qmail-toaster patch, as well as my smtp-auth/tls cumulative patch.
Regards,
Bill Shupp
Re: [toaster] tls smtp problem
Lampa wrote: Hello, i 've little problem some smtp server(remote) can sent to my smtp server (local) emails. here is errror mesage from remote server: Reporting-MTA: dns; xxx.xxx.xx Arrival-Date: Fri, 27 Apr 2007 12:52:03 +0200 Content-Type: text/plain Final-Recipient: RFC822; [EMAIL PROTECTED] Action: delayed Status: 4.7.0 Remote-MTA: DNS; yyy.yyy.yy Diagnostic-Code: SMTP; 403 4.7.0 TLS handshake failed. Try manually filling the ciphers files: openssl ciphers /var/qmail/control/tlsclientciphers openssl ciphers /var/qmail/control/tlsserverciphers I don't know why some systems need that. If that fails, try using openssl to connect manually: openssl s_client -crlf -starttls smtp -connection server:port Regards, Bill
Re: [toaster] mail lost after maildrop
Maciej Sołtysiak wrote:
{
`/usr/local/bin/maildirmake -f spam Maildir`
`echo INBOX.spam Maildir/courierimapsubscribed`
Are you sure that's the path to maildirmake? It's usually in
/var/qmail/bin. Also, what does /var/log/qmail/current show during
delivery? success? If so, then you need to add some debugging to your
mailfiler, like
echo got to this part..
to $VHOME
etc ...
Regards,
Bill
Re: [toaster] Bill's Linux Qmail Toaster 0.9.2
Qmail List wrote: ... is up. Here's the change log: * Upgrade tmda-cgi to 0.16.3 * Added Romanian translation - tnx Daniel Toma * Upgrade toaster patch to 0.9.1 (updated tls patch) * Make language selection static (from table of contents page) * Update simscan tar ball with updated configure script (should fix problem locating the clamavdb directory) Hi Bill, The package simscan is located at http://shupp.org/software/simscan-1.3.1.shupp2.tgz and in tgz format. this is fixed, thanks for pointing it out. Bill
[toaster] Bill's Linux Qmail Toaster 0.9.2
... is up. Here's the change log: * Upgrade tmda-cgi to 0.16.3 * Added Romanian translation - tnx Daniel Toma * Upgrade toaster patch to 0.9.1 (updated tls patch) * Make language selection static (from table of contents page) * Update simscan tar ball with updated configure script (should fix problem locating the clamavdb directory) Cheers, Bill
Re: [toaster] bash error?
Qmail List wrote: Hi, echo [EMAIL PROTECTED] .qmail-mailer-daemon ;\ echo [EMAIL PROTECTED] .qmail-root ) -bash: : command not found -bash: : command not found What command is missing here? The opening parentheses. Bill
[toaster] 0.9.1 version
I upgraded the toaster version to 0.9.1 to reflect a few changes: 1) Upgrade to ClamAV 0.90.2 2) New Spanish translation - tnx Abel Lucano and also Ingo Carlo! 3) One fix, an updated courier-authlib patch Cheers, Bill Shupp
Re: [toaster] messages stuck in simscan
Alexey Amerik wrote: Problem fixed! The problem was related to severely crippled downstream because of a switch misconfiguration that resulted in packet collisions, and very poor performance. it is my guess that simscan simply gave up waiting on downloading of messages with fairly large attachments . Thank you everyone. This makes sense. Duplicate messages in my experience are related to smtp latency - whether it's overloaded scanners, dns problems, or as in your case, network problems. The sending MTA just resends if the termination of the DATA command does not respond quickly enough. The only question now is how do I deal with those messages that are still stuck in /var/qmail/simcan? There is about 12mb of undelivered messages in that location. I dont think simscan tries to redeliver. If they are still there, then it's pretty likely that the messages were retried anyway. Perhaps someone will have a method for getting them into the queue. But if I were you, I'd just archive it, and remove it from /var/qmail/simscan. Regards, Bill
[toaster] Re: Hi Bill!
Sim wrote: Hi Bill, I have some questions for you: 1) At http://www.shupp.org/toaster/?page=ucspi-tcp , in see this for detail , you haven't insert old link: http://marc.theaimsgroup.com/?l=qmailm=111725518121864w=2 I fixed it in trunk, thanks for pointing this out. 2) Have you removed mfcheck ? I haven't see turn on mfcheck in new description Yes. It was removed a while ago, I believe. chkuser handles this functionality now. 3) In Ucspi I use also this patch, very useful: ucspi-rss.diff ucspi-tcp-0.88-periplimit.7.patch recordio.patch Thanks, I'm aware of some, but have not had time to evaluate them. 4) I'm also using Multivac and TNef in my Qmail setup. I don't know about Multivac. How are you using TNEF? That was required by qsqanq, but not simscan (1.2, haven't checked 1.3 yet). 5) Have you changed gmake to make in Imap description? Yes. Virtually all Linux distros use GNU make by default. It's really only FreeBSD that uses an alternative make (that I use regularly, anyway, I'm sure others do as well). So I defaulted back to make in this release. 6) What is simscan-1.3.1.shupp1 ? Which patch you have put in? Detection of clamav database files (configure.in). The default configure script is not 0.90 friendly. I did a full tar ball because patching of configure.in usually results in autoconf/automake being called, and I didn't want that to be a requirement. 7) I'm not using TMDA. Have you also valuted DSPAM? I don't use TMDA either. I've installed DSAPM, but have not given it a full evaluation. Please keep questions on the toaster list so they can be answered once and go in the archives. Regards, Bill
Re: [toaster] probl when installing
helionunes wrote: List When installing authlib 0.59.1 at the point where iit compiles authvchkpw.c, I got the following. Compiling authvchkpw.c authvchkpw.c: In function 'auth_vchkpw': authvchkpw.c:86: warning: implicit declaration of function 'auth_vchkpw_login' authvchkpw.c: At top level: authvchkpw.c:103: error: static declaration of 'auth_vchkpw_login' follows non-static declaration authvchkpw.c:86: error: previous implicit declaration of 'auth_vchkpw_login' was here authvchkpw.c: In function 'auth_vchkpw_changepass': authvchkpw.c:184: warning: passing argument 1 of 'parse_email' discards qualifiers from pointer target type make[2]: *** [authvchkpw.lo] Error 1 make[2]: Leaving directory `/var/src/courier-authlib-0.59.1' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/src/courier-authlib-0.59.1' make: *** [all] Error 2 Actually I dont know hoow to fix such implicit declaration. What distribution are you using, and what version of gcc? Regards, Bill
Re: [toaster] simscan trapped messages
Alexey Amerik wrote: Also, when running lsof | grep simscan I see this: simscan 32051clamav4w REG9,0194561287089 /var/qmail/simscan/1175712108.796650.32051/msg.1175712108.796650.32051 . . . for lots and lots of my attachments. also, for some reason spamd is running at high load: 5179 vpopmail 25 0 2271m 1.2g 4872 R 92.4 82.2 77:10.50 spamd however there is nothing in the logs to suggest a problem! Thanks. Make sure simscan is patched with this: http://shupp.org/patches/ripmime.txt 1.3x does not require it, it's been added. Regards, Bill
Re: [toaster] messages stuck in simscan
Alexey Amerik wrote: Also Im spamd logs with debug enabled I see this: @400046141a6c3a9a673c [4489] dbg: prefork: child 23924: entering state 1 @400046141a6c3a9c4b9c [4489] dbg: prefork: new lowest idle kid: 23924 @400046141a6c3a9d3dcc [4489] dbg: prefork: child reports idle @400046141a6c3a9eeb7c [4489] info: prefork: child states: II @400046141a6c3aa41f84 [23924] dbg: prefork: sysread(6) not ready, wait max 300 secs @400046141af03a75feec [23925] dbg: prefork: periodic ping from spamd parent @400046141af03a76165c [23925] dbg: prefork: sysread(8) not ready, wait max 300 secs @400046141af03a7625fc [23924] dbg: prefork: periodic ping from spamd parent @400046141af03a76359c [23924] dbg: prefork: sysread(6) not ready, wait max 300 secs Is spamd working at all? Can you send test messages through it successfully? Or does it just get overwhelmed and the simscan queue backs up? Regards, Bill
Re: [toaster] messages stuck in simscan
Alexey Amerik wrote: Yes, it is working according to the message headers: *X-Spam-Checker-Version: * SpamAssassin 3.1.8 (2007-02-13) on mail.tournament1.com *X-Spam-Level:** * *X-Spam-Status: * No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.8 But it doesnt like attachments!? Try sending one of the offending attachments through, and see what debug messages show. You need to identify exactly what's breaking. Bill
Re: [toaster] New Toaster, 0.9.0 published
Simone Marzona wrote: WANTED: Translators! for wich languages? Any! There have been offers so far for: Spanish German Italian Romanian Regards, Bill
Re: [toaster] New Toaster, 0.9.0 published
Bill Shupp wrote: For anyone curious about the DocBook rendering classes (using XSLT) created for this release, you can view them via Trac here: http://trac.merchbox.com/toasterdoc Woops, that URL should have been: http://trac.merchbox.com/trac/toasterdoc Regards, Bill
Re: [toaster] FuzzyOCR
[EMAIL PROTECTED] wrote: Bill, Wondering if you have considered a section for fuzzyocr. I have been getting a lot of gif spam lately (stock quote crap), and I have been looking at implementing this. It hasn't been real clear cut for me, so I was hoping you would take the reigns on this. If you decide not to go that direction, do you have any good install instructions that you could recommend? I was googling it and found some stuff, but was hoping for something a little more precise (like your toaster instructions). OR, if you have another way to combat this partiular spam I would love to hear it. I have not looked into FuzzyOCR yet, but it looks interesting. I will when I get time. Regards, Bill
Re: [toaster] FuzzyOCR
Maciej Sołtysiak wrote: Hi, I tried it and it seems to work, and if you do something wrong it won't break your system, so it's safe to try it out. I am using an svn of the version 3.x.y A good thing is to analyze the FuzzyOcr.log to look for missing programs/plugins etc. And permissions too, as always. Best Regards, Maciej I got it working pretty quickly using this: http://fuzzyocr.own-hero.net/wiki/DebianSarge So far, so good. Bill
Re: [toaster] BCC Header
Sim wrote: Hi! How to show bcc/to header for email in default mailbox? In this case I can't detect the really recipient! Very thanks BCC headers are not recorded, except likely in the sent box of the sender. Hence the word Blind in Blind Carbon Copy. Bill
Re: [toaster] BCC Header
Sim wrote: BCC headers are not recorded, except likely in the sent box of the sender. Hence the word Blind in Blind Carbon Copy. Bill Hi Bill! This is my example: I have a default mailbox with catch-all. My Exchange server download this catch-all mailbox and delivery the mail to singolar users. In this case (BCC) it can't detect really recipient because there aren't any Delivered-To header information. Is there a solution to force insert of this or similar header? Not that I'm aware of. You might try hacking vdelivermail to see if it can accomplish what you want. Regards, Bill
Re: [toaster] Quota problem
tonix (Antonio Nati) wrote: This version should also resolve the problem of 2GB limit, as I've updated all 32 bit variables, and currently I have customers with more than 2GB quota. Do you have patches for other Maildir++ programs? Like courier-imap, and maildrop? And also my patch for qmail-local (based on deliverquota)? Last I heard, the courier author was not planning to fix the 2GB limit in the maildirquota code, but that might not be true anymore. Thanks, Bill
Re: [toaster] updated toaster patch
Bill Shupp wrote: I'll test signing later when I have some time to set it up. Signing works just fine as well: DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=merchbox.com; b=qx+1bc1baPy6zBt2CYUIXMpTpoN3307dqQIzJ/8F++3h5hf+xpj92dGGqchxq79S6w733qBSTRN1qv0OGNMtphJ3XGmmy3tKxiUNLc7JntDei26sT13xQxCgQNNZIp2A ; In my outbound qmail-smtpd run file, I have this: export QMAILQUEUE=/var/qmail/bin/qmail-dk export DKQUEUE=/var/qmail/bin/simscan export DKSIGN=/var/qmail/control/domainkeys/%/default Regards, Bill
Re: [toaster] updated toaster patch
[EMAIL PROTECTED] wrote: I'm in process of testing the new patch... First problem: libdomainkeys does not compile on fedora core5 (test os) i modified makefile accordingly to openssl include files location but still refuses to make the damn libs. As a workaround there is a rpm package available (at pbone.net) which installs without problems. I'll keep you posted of other issues i encounter. Oh, yeah, the Makefile is broken. Use this diff: http://shupp.org/patches/libdomainkeys.diff That'll fix it. But system packages would be a fine substitute, you'll just have to edit the Makefile and I think qmail-dk.c to point to the right place. Regards, Bill
Re: [toaster] updated toaster patch
Tom Collins wrote: On Mar 22, 2007, at 11:16 PM, Simone Marzona wrote: is there possible to have also remote smtp auth patch in you Toaster? On Thu, 2007-03-22 at 12:36 -0700, Bill Shupp wrote: snip smtp-auth patch v. 0.5.8 by Erwin Hoffmann http://www.fehcom.de/qmail/smtpauth.html What's wrong with Erwin's SMTP AUTH patch? Pretty much everyone using vpopmail uses it... 0.5x doesn't do remote auth. 0.6x does. I personally don't use it, and could not apply the patch to qmail-remote.c quickly alongside the TLS code. So I have not yet included it. If someone else needs this, and can supply me with a working patch to go on top of my 0.9x toaster patch, I'll be happy to include it. Regards, Bill
Re: [toaster] problem with IMAP_MOVE_EXPUNGE_TO_TRASH and SSL
Daniel wrote: Hello there I am using courier IMAP and IMAP-SSL and I was wandering why IMAP_MOVE_EXPUNGE_TO_TRASH=1 doesn't work when I connect via SSL. when I delete a email on my inbox, it simple zaps the emails when it should move it to the trash. when I connect to the regular imapd, it works as expected... do I need to set it again on the imapd-ssl config file ? That's what I would try next. But imapd-ssl inherits settings from imapd, so I doubt that would fix it. If that fails, you might try the courier-users list. I've never dealt with that issue. Bill
[toaster] updated toaster patch
All, I've got a new toaster patch that I could use help testing: http://shupp.org/patches/qmail-toaster-0.9.0rc2.patch.bz2 Below are the patches included. Please help test if you can. I have it running on my personal system at the moment. NOTE: This version supports DomainKeys, and requires libdomainkeys, which you can get here: http://sourceforge.net/projects/domainkeys/ Once installed, see the qmail-dk man page for info on how to use it. Regards, Bill smtp-auth patch v. 0.5.8 by Erwin Hoffmann http://www.fehcom.de/qmail/smtpauth.html TLS patch by Frederik Vermeulen [EMAIL PROTECTED]. Here's the original patch with documentation at the top: http://inoa.net/qmail-tls/netqmail-1.05-tls-20060104.patch oversize dns patch by Christopher K. Davis. http://www.ckdhr.com/ckd/qmail-103.patch qregex 20060423 originally by by Andrew St. Jean. http://www.arda.homeunix.net/store/qmail/ adds pattern matching in the badhelo, badmailfrom, badmailfromnorelay, badmailto, and badmailtonorelay control files. Pattern matching is case insensitive and logs are generated when a match is found. reread concurrency version 2 by Jul http://js.hu/package/qmail/index.html Reread concurrencylocal and concurrencyremote when qmail-send is given the HUP signal. Big Concurrency patch by Johannes Erdfelt http://qmail.org/big-concurrency.patch netqmail-maildir++.patch by me. Here's the link to the original patch: http://shupp.org/patches/netqmail-maildir++.patch This adds maildirquota support to qmail-pop3d and qmail-local. chkuser 2.0.9 by Antonio Nati http://www.interazioni.it/opensource/chkuser/ NOTE: This requires vpopmail to already be compiled. You may need to edit the Makefile for paths, etc. Dale Woolridge, James Law, and Moto Kawasaki's Spam Throttle 2.02 http://spamthrottle.qmail.ca/ SPF rc5 by [EMAIL PROTECTED] http://www.saout.de/misc/spf/ qmail-queue-custom-error.patch by ? https://no-way.org/software?search=0 SURBL Support for qmail-smtpd by Pieter Droogendijk original qmail patch: http://www.surbl.org/qmail/011_surbl Documentation: http://www.surbl.org/qmail/surbl.txt DomainKeys patch by Russell Nelson http://qmail.org/qmail-1.03-dk-0.54.patch Requires libdomainkeys-0.68 to be compiled, and located in ../../libdomainkeys-0.68 to work as is.
[toaster] spam throttle
Is anyone using feature successfully? If so, how have you dealt with the lack of garbage collection? (The directories/files it creates can fill up all available inodes on a system). I'm asking because I'm considering removing it from the toaster patch, I don't use it anymore. Regards, Bill
Re: [toaster] spam throttle
Ingo Claro wrote: Bill: i'm using it, and have a cron that deletes the directory every night: 0 4 * * * rm -rf /var/qmail/spam/* Well, that'll certainly work. What settings are you using, and have you found it to help reduce mail abuse? Thanks, Bill
Re: [toaster] Receiving SPAM via secondary MXes
Claas Langbehn wrote: Hello guys 'n' girls, I am receiving a lot of spam from my secondary MXes. I can even say that 99.9% of the mails I receive from my MXes is SPAM. As long as I am deleting mails to not existing users, it's okay. But when I am bouncing the mails, I am probably getting bounces back again. Which is the best way to deal with those bounces? Tighten security on the backup MX machines. Use more RBLs, and try greylisting. That's what I do. Regards, Bill
Re: [toaster] Simscan 1.3.1 and ClamAV 0.90.1
[EMAIL PROTECTED] wrote: Hello list ! I'm trying to install the toaster with the latest available packages and i'm stuck at installing simscan. The problem seems to be that simscam requires the path to the clamav databases in order to configure the program before making it. The path found is in /usr/local/share/clamav but the file daily.cvd no longer bares that name !!! Instead freshclam created a directory called daily.inc. Does anybody had the same problem ? Maybe i've done something wrong and i don't realise it. Please advise. I just modified the configure.in script, I believe, then ran autoconf. I don't have a diff handy, though. I'll probably include a patch to handle this with the next toaster version. Bill
Re: [toaster] qmail-smtpd exiting with status 256
Tom Collins wrote: I'm seeing something that I don't think I've seen before, and I'm wondering if there's something wrong on my server. If I check /var/log/qmail/smtpd/current, I'm seeing some processes exiting with a status 256 after chkuser but before I see any logging from simscan. I don't have logs that go back more than a few days, so I can't look up whether I've always had messages like that or not. It's concerning me because a customer is expecting legitimate email, and it's getting the 256 response. I'm going to try to figure out how to use recordio and try to log a session to see if qmail-smtpd sends anything back to the sender that would help with troubleshooting. Is anyone else seeing status 256 in their logs? Seen it in the past and know the cause? I can't recall seeing that exit status, and don't see it in the man page. I assume you have simscan debugging turned on? (SIMSCAN_DEBUG=9 environment). It could be something in the qmail-queue chain. Regarding recordio, just put it at the front of your chain, i.e. just before rblsmtpd. Also, I use this multilog expression to grab just the 4x and 5x errors, which may or not be useful here: multilog t '-* * *' '-* * *' '+* * 5*' '* 4*' /var/log/qmail/smtpd-mx Anything interesting corresponding in your clamd or spamd logs? Bill
Re: [toaster] clamav-0.90.1 ???
Michael D Schleif wrote: We want to upgrade our clamav. We have found patches for 0.90.0: http://www.mail-archive.com/toaster@shupp.org/msg04112.html We cannot find: clamav-0.90.0. Are the above referenced patches ALSO OK for clamav-0.90.1 ??? What do you think? Don't use the stderr patch, it's no longer needed. Also, make sure you comment out the LogFile directive. Other than that, the conf patches should be ok. I'll update them to not use the LogFile directive anymore. Bill
Re: [toaster] Spam scanning and tmda-cgi not working
[EMAIL PROTECTED] wrote: I forgot about tmda-cgi... I can't login to the damn applet ! Anything i use it just says wrong password. If i view the source i see the following message: Having difficulties logging in? Here's some details of why you couldn't: Username [EMAIL PROTECTED] not found in system. str='dir' I guess it's the same problem as with simscan and spamassassin. Is it possible that i posted a trivial question ? If it's so please warn me and maybe give some reading tips at least. I still can't get it to work and this spam business starts to annoy me. If you are using unique users for domains (to have system based domain quotas) I believe you'll need to run vpopmail related services as user root instead of vpopmail. This would include anything that touches the files, pop, imap, smtp auth, etc. Regards, Bill
Re: [toaster] Toaster setup Squirrelmail suggestions
Maciej Sołtysiak wrote: Hi everyone, I have 3 suggestions regarding the setup of squirrelmail in Bill's toaster. One is to let sq now that we're running courier-imap ./conf.pl press 2 press a type 'courier' pree R to return This is already the case: go to Server Settings (2) and change the Server Software from other to courier (a) Two is to enable serverside (ie. imap) sort and search instead of PHPs to speed up displaying of messages. I have about 1500 messages and it takes some time after they show up if these options are not enabled, and if they are, it's a snap. So, being in the main menu: press 4 press 10 press y press 11 press y press R to return This is a good idea. Mine is already set this way, but it should be in the toaster. Three is to enable lossy encoding. I always thought that option sounds bad but It is required if you expect people to respond in other charsets than iso-8859-1. Eg. if this option is not enabled and a user receives a UTF-8 encoded message, then when replying to it, he (the user) will see that those UTF-8 characters are being badly encoded. This fixes it (and of course introduces the possibility that unknown characters will be converted to question marks) and my users have all the stuff showing right now. The same can be achieved by finding and setting these 3 options in config.php: $imap_server_type = 'courier'; $allow_thread_sort= true; $allow_server_sort= true; I'll experiment with this one. I know for example that Thunderbird frequently asks about encoding, so it must be pretty prevalent. Thanks! Bill
Re: [toaster] Spam scanning and tmda-cgi not working
[EMAIL PROTECTED] wrote: I'm running as root the pop3, pop3-ssl, smtp and imap servers... The mail delivery works without problems. Spam/virus scanning i decided to implement when several clients including myself have become very annoyed by it. But now i can't manage to setup mail scanning because the damn logs do not output anything. You can set SIMSCAN_DEBUG in your smtp environment, that'll turn on simscan's debugging at least. I tried today with maildrop and .qmail files and busted my head for nothing. Maildrop complains in the qmail's logs that it cannot open the mailfilter file and all emails that i should receive remain in the queue. maildrop with no arguments should default to use /etc/maildroprc, but you might try specifying a path to your filter file (full path) if it's having trouble finding it. I'll try this week-end again and try to log all my progress so i can repeat the process. The big problem is that not many people have tried this sort of setup and i can't find resources on the net to try to debug the thing. Maybe we can include this in the toaster if i succeed ? Sure thing. Regards, Bill
