Re: [toaster] Incoming messages from dynamic Ips
Júlio Manuel Olivares ha scritto: Seems a good option, but how can I disallow non-auth connections ? See CHKUSER_EXTRA_MUST_AUTH_VARIABLE. Ciao, Tonino On 6/12/09 5:27 AM, Rick Macdougall ri...@ummm-beer.com wrote: Run another instance on a different port (say 587 or 2500) and only allow authenticated users to use it. This is possible with the latest chkuser code. Regards, Rick -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it
Re: [toaster] Some e-mail doesn't delivered
Enrico Matteucci ha scritto: Dear Bill, thanks for your work. I have some qmail server installed buit with your toaster, sometime with simscan, sometime with qmail-scanner. All goes well, qmail works fine like vpopmail, clamav, spamassassin and other software, but sometime I get a strange problem. In particular I cannot receive mail from foreign mail server, but this happen with a very very low percentage, I think 1 on 1000 email or better, from 1 on 1000 SMTP server. Those are logs I got from /var/log/qmail/smtpd/current file @40004982b95313ffe174 CHKUSER accepted sender: from u...@domain.fr:: remote smtp-msa-out01.orange.fr:unknown:193.252.23.120 rcpt : sender accepted @40004982b9532af91f1c tcpserver: end 2840 status 0 @40004982b9532af92ad4 tcpserver: status: 2/20 @40004982b95d0963cd0c tcpserver: status: 3/20 So E-mail was really started from source mail server. In /var/log/maillog I have a log of all E-mail sent o received from foreign mail server, but this E-mail from this user never was delivered to anyone. I made some googling an I have read there is a patch that correct some wrong interpretation SMTP 5.x.x codes, but this doesn't resolve my problem. I have your toaster in Ubuntu 32 and 64 bit, Debian 4, Slackware 12, but always I get this little problem. Could anyone help me? Thank you. Enrico Are chkuser logs enabled also for domains with chkuser not enabled? Tonino -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it
Re: [toaster] Some e-mail doesn't delivered
Enrico Matteucci ha scritto: 2009/1/31 Tonix (Antonio Nati) Enrico Matteucci ha scritto: Dear Bill, thanks for your work. I have some qmail server installed buit with your toaster, sometime with simscan, sometime with qmail-scanner. All goes well, qmail works fine like vpopmail, clamav, spamassassin and other software, but sometime I get a strange problem. In particular I cannot receive mail from foreign mail server, but this happen with a very very low percentage, I think 1 on 1000 email or better, from 1 on 1000 SMTP server. Those are logs I got from /var/log/qmail/smtpd/current file @40004982b95313ffe174 CHKUSER accepted sender: from u...@domain.fr:: remote smtp-msa-out01.orange.fr:unknown:193.252.23.120 rcpt : sender accepted @40004982b9532af91f1c tcpserver: end 2840 status 0 @40004982b9532af92ad4 tcpserver: status: 2/20 @40004982b95d0963cd0c tcpserver: status: 3/20 So E-mail was really started from source mail server. In /var/log/maillog I have a log of all E-mail sent o received from foreign mail server, but this E-mail from this user never was delivered to anyone. I made some googling an I have read there is a patch that correct some wrong interpretation SMTP 5.x.x codes, but this doesn't resolve my problem. I have your toaster in Ubuntu 32 and 64 bit, Debian 4, Slackware 12, but always I get this little problem. Could anyone help me? Thank you. Enrico Are chkuser logs enabled also for domains with chkuser not enabled? Tonino Yes, logs (but not debug) are enabled like the Bill's toaster patch. My problem affect only some E-mail, I think only 1/1000 or something like this. Ciao, Enrico Two questions: * do you have last version of chkuser (2.0.9) installed? Version 2.0.9 logs (if requested) all recipients, also when belonging to domains not checked by chkuser (like local domains or domains out of rcpthosts). * Can you understand from the incoming IP if the sender is a spammer or not? Tonino - -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it
Re: [toaster] chkuser
Can you understand where messages are created? If they are created outside -email system, they should not be accepted. If they are generated inside the system, or coming from a trusted system (for which you don't apply chkuser), they are always accepted. Check carefully. Tonino d...@upnorthwebcreations.com ha scritto: They are vpopmail users. Thanks Doug Are vpopmail users or system users? Tonino d...@upnorthwebcreations.com ha scritto: What's happening is I'm getting a lot of rejected emails that say they came from my server from users that don't exist on my server. I've checked the system and everything seems to be OK and the emails I think have a forged return on them. I just want them to go to a junk directory or be deleted. I thought maybe chkuser might do this. Thanks Doug What d...@upnorthwebcreations.com ha scritto: I looked in the archives and found that there apparently is no way for chkuser to reject users that don't exist on my server? If this is correct is there anyway of deflecting them to a bit bucket. I have checked my server over and over again for relay and it is isn't but I'm getting all these emails that are bouncing off of other qmail servers stating the user does not exist coming back to a user that does not exist on my server? This is a new developement in the past few days that hasn't occured for over fice years that this server has been in service. IS something else possibly wrong? Thanks Doug Are you speaking about local domains or vpopmail domains? Local domains should not exist, unless you have particular reasons, and should be changed to be virtual (vpopmail) domains. Please give more details. Ciao, Tonino -- in...@zioni Interazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- in...@zioni Interazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it
Re: [toaster] chkuser
Are vpopmail users or system users? Tonino d...@upnorthwebcreations.com ha scritto: What's happening is I'm getting a lot of rejected emails that say they came from my server from users that don't exist on my server. I've checked the system and everything seems to be OK and the emails I think have a forged return on them. I just want them to go to a junk directory or be deleted. I thought maybe chkuser might do this. Thanks Doug What d...@upnorthwebcreations.com ha scritto: I looked in the archives and found that there apparently is no way for chkuser to reject users that don't exist on my server? If this is correct is there anyway of deflecting them to a bit bucket. I have checked my server over and over again for relay and it is isn't but I'm getting all these emails that are bouncing off of other qmail servers stating the user does not exist coming back to a user that does not exist on my server? This is a new developement in the past few days that hasn't occured for over fice years that this server has been in service. IS something else possibly wrong? Thanks Doug Are you speaking about local domains or vpopmail domains? Local domains should not exist, unless you have particular reasons, and should be changed to be virtual (vpopmail) domains. Please give more details. Ciao, Tonino -- in...@zioni Interazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it
Re: [toaster] More than one instance of qmail-send
I will work on this in future, because I'm interested too. I wish to have more queues, with different priorities and bandwith. So I'm studing how to make it, and I hope to have it nextly. Ciao, Tonino Bogdan ha scritto: Hello, I already have 4 instances of qmail-smtpd on my server, and I am asking myself if anybody had the curiosity of making more than one instance of qmail-send(and if that is possible).I am asking this question because at the moment I have only one mail server and I cannot experiment on it. Thanks, Bogdan -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] reject invalid sender with chkuser
Geri Anggara ha scritto: Dear All, Is it possible with chkuser, to reject email from outside with return-path contain domain listed in virtualdomains but the user does not exist ? Geri Anggara NOC IndoInternet Jakarta http://www.indo.net.id No, sorry. This feature is in the to-do list , but actually is not available. Tonino -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] Weird email not being delivered
Easy it may be a message refused because too big. qmail lacks logging these kind of events. Tonino Rick Macdougall ha scritto: Hi, I've got a strange problem where mail is sent to an existing user, gets scanned by simscan (v1.2) and the just vanishes. qmail-smtpd logs 2008-05-23 08:39:04.032932500 tcpserver: ok 20904 newmail.axess.com:216.162.64.120:25 mail.influencecommunication.ca:66.158.143.186::32881 2008-05-23 08:39:10.455106500 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote :mail.munged.ca:66.158.143.186 rcpt : sender accepted 2008-05-23 08:39:10.489383500 CHKUSER accepted rcpt: from [EMAIL PROTECTED]:: remote :mail.munged.ca:66.158.143.186 rcpt [EMAIL PROTECTED] : found existing recipient 2008-05-23 08:39:10.869307500 simscan:[1]:CLEAN (-2.00/5.00):0.3771s:=?iso-8859-1?B?UmV2dWUgZGUgUHJlc3NlIGR1IDIyIG1haSAyMDA4IDogUmVt?=:66.158.143.186:: And there is nothing in the /var/log/qmail/current for that time, the message just seems to vanish. Any ideas ? Regards, Rick -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] smtp authentication accepting same domain or mappings
Don't forget read/delivery receipts have a null () mail from. Tonino Satish Alwani ha scritto: Hi, I have a scenario where i have a submission port/ip, where users can relay through and doesnt do any RBL checks as such. However, what i have noticed is that if the user authenticates, he can then send a message with any from address. Is there a way to limit them such that at the very least the domain name used to authenticate is the same domain used for the from. I dont want to limit it to the exact same user, as many times offices use a mailer daemon/postmaster or something and use it as a relay for their office, which means 1 authentication for that whole office. Or perhaps a file that maps which domain is allowed to authenticate and send relays for like domain1.com:shupp.org domain2.com:shupp.org domain3.com:blah.com That means if your from address is domain1.com either domain1.com used for authentication or an account on shupp.org used for authentication will be accepted as relay for that address What do you guys think? Satish -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] mails wont send/receive until i restart the service
It looks like a wrong property on a qmail queue file. Check here around in the mailing list, about setting right privilege and ownership on files used for queueing messages. Check files you have and what's raccomended in the most documentation. Regards, Tonino Newbie Qmail ha scritto: Hi i am running qmail 1.03 in a debian os, till few days back the qmail was running pretty well, but now the problem started , all the mails will be getting queued until i restart the service.so as a temporary measure i had kept a crontab entry to restart the service by 5 mins once but during this i could see some of the mails are getting connection denied, delivery status failure. crontab entries are 0-55/5 * * * * env LANG=C /usr/bin/mrtg /etc/qmail.mrtg.cfg /dev/null 00 22 * * * /usr/local/bin/freshclam /dev/null 21 0 4 * * * sa-update /etc/init.d/spamd restart */5 * * * * /usr/bin/qmailctl restart pls help me Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] chkuser problem on [EMAIL PROTECTED]
Hi Zeki, this problem is already known. I have to add this check to chkuser since one year, but I had no time until now. I have a bunch of fixes/features to add, I will try to find spare time and fix them. Thanks, Tonino Kubilay Akyol (Radore Telekom) ha scritto: Hello, I found a problem on chkuser. Maybe there is a solution, that I don't know. If I sent e-mail from e.g. Gmail to [EMAIL PROTECTED] which domain.com hosted in my qmail, chkuser blocks it and says PERM_FAILURE: SMTP Error (state 13): 550 5.1.1 sorry, no mailbox here by that name (chkuser) But, If the e-mail sent to [EMAIL PROTECTED], where there is no user named default, then chkuser accepts the e-mail but then qmail bounce the e-mail back to sender. This make problem on spam mails, because all e-mails sent to [EMAIL PROTECTED] handled by qmail, and as you guest, bounce mails are double bounced. I examine the vpopmail directories and found .qmail-default file with this line | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox I guess this file created automatically. I have 1000 domains on qmail, there are lots of double bounce email on postmaster account. What can we do about this? Zeki Kubilay Akyol CEO - MCSE Radore Hosting Telekomünikasyon Hizm. San. ve Tic. Ltd. Şti. Microsoft Gold Certified Partner - Hosting Solutions Specialization [EMAIL PROTECTED] / www.rh.com.tr t : + 90 212 347 2 347 -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] qmail-smtpd to require auth
Alessio Cecchi ha scritto: Il Monday 25 February 2008 09:26:58 Lampa ha scritto: Hello, force auth with chkuser CHKUSER_MUSTAUTH=. Check your code source if it's enabled (supported). Hello, where i can find all available options that CHKUSER provides? http://www.interazioni.it/opensource/chkuser/documentation/chkuser_settings.html Ciao, Tonino Thanks -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] Howto: Bounce addresses on an alias domain...
Joey Novak ha scritto: Hey Guys, We have a domain that has an alias, and a customer has requested that we bounce all mail sent to his accounts alias on the other domain. i.e. domaina.com http://domaina.com is an alias for domainb.com http://domainb.com. The customer wants [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] to come through, but all messages sent to [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] to go to trash or be bounced. Is this possible? If you use chkuser, you can make: vmoduser -b [EMAIL PROTECTED], and it's mail will be bounced at SMTP level. Tonino I don't touch our qmail install very often, so my qmail admin skills are pretty rusty (read, falling off the hinges rusty...) Thanks! Joey -- -Joey C) 803-409-9969 W) 757-233-0834 -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] CHKUSER
[EMAIL PROTECTED] ha scritto: I need a little help deciphering what's going on here. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_Address_of_allowed_relay rcpt : sender accepted I'm getting a ton of these in my log files but the user CHKUSER is reporting is not sending them. I tried commenting them out of my tcp.smtp file and resetting the tcp.smtp.cdb but I'm still getting the same log. The reported from user (in this case [EMAIL PROTECTED]) is simply the one declared at SMTP session with mail from:. Tonino Any help would be greatly appreciated. Thanks Doug -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] CHKUSER
One of the checks enabled by default in CHKUSER tries to reject fake senders, so if the domain declared in the address does not have an MX entry it is obvious the sender is fake (100%). Are your users conscious they are using an address which does have not a DNS MX entry? sample.secureserver.net does not have an MX, so when checking for a legal sender, this address is rejected. Tell your users to use a not_exiting user in a exiting_MX_domain. So probably [EMAIL PROTECTED] (or [EMAIL PROTECTED]) where the domain does exist but the mailbox does not seems to be more safe. You can also exclude the check, but I suggest not to do (also because the most of receiving servers will make the same check) Tonino Bill D'Anjou ha scritto: I have a chkuser question as well. I'm getting the following message related to some legitimate mail which my server needs to pass thru: @400047817ef31d2e7f44 CHKUSER rejected sender: from [EMAIL PROTECTED]:: remote k2smtpout04-01.prod.mesa1.secureserver.net:unknown:64.202.189.166 rcpt : invalid sender MX domain People at the subject domain seem unwilling - or unable - to make the DNS entry necessary to fix the problem. Regardless, if there's a way to whitelist a known/permitted domain, I suppose it wouldn't hurt to save on DNS overhead. I've tried simply putting an entry in my server's hosts file... I thought that would work but seem to be finding that the hosts file doesn't behave in the manner I thought it did. Bottom line, I still can't make the domain resolve/chkuser pass the mail. Any suggestions? Preferably one that doesn't require recompiling. I'm squeamish about doing that on a production server :) Thank-you in advance, Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, January 10, 2008 6:15 AM To: toaster@shupp.org Subject: [toaster] CHKUSER I need a little help deciphering what's going on here. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_Address_of_allowed_relay rcpt : sender accepted I'm getting a ton of these in my log files but the user CHKUSER is reporting is not sending them. I tried commenting them out of my tcp.smtp file and resetting the tcp.smtp.cdb but I'm still getting the same log. Any help would be greatly appreciated. Thanks Doug -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] smtp auth
Satish Alwani ha scritto: Hi, I have the qmail-toaster-0.8.3.patch, I am currently running 2 instances of qmail-smtpd (on 2 different ips). 1 is for the users to send the email from, 1 is for the MX record where their domain can get emails. What I would like to do is the smtp used as relay, should ONLY accept emails if they are authenticated. i.e. Even if the user wants to send an email to the same domain, it shouldnt accept it, unless authenticated. The other smtp server will be as is where the public incoming emails would go to. For this as I understand I can set it with tcp.smtp. Currently I am sharing the same tcp.smtp.cdb across both qmail-smtpd instances. I will be willing to manage 2 cdb files for this ofcourse. I tried to follow : http://www.mail-archive.com/toaster@shupp.org/msg04780.html and enabled CHKUSER_MUSTAUTH= on my ip (and yes i ran qmailctl cdb to update). However, I am still able to send emails to any domain I have on the box. Can someone help me with this please. Regards, Satish Alwani Did you also enable the option within chkuser_settings.h and recompile? Tonino -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] auth only
Lampa ha scritto: Hello, i know but i need auth all users eg forced smtp authentication. No authenticated users should be dropped connection. chkuser within Bill's toaster can force auth. Not authenticated users will be denied sending. Tonino 2007/11/28, Qmail List [EMAIL PROTECTED]: is possible to turn on (via some variable) requirements of auth ? Eg. users with no user/passwd cannot send email. Bill's toaster has smtp-auth built in -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] auth only
Lampa ha scritto: Hello, using older version of chkuser and toaster, option is not available :( Upgrade chkuser to 2.0.9. It's easy. Tonino 2007/11/28, Rick Macdougall [EMAIL PROTECTED]: Lampa wrote: Hello, i know but i need auth all users eg forced smtp authentication. No authenticated users should be dropped connection. 2007/11/28, Qmail List [EMAIL PROTECTED]: is possible to turn on (via some variable) requirements of auth ? Eg. users with no user/passwd cannot send email. Bill's toaster has smtp-auth built in There is an option in the chkuser patch to do exactly that. Look for AUTH in the chkusr_settings.h file. Regards, Rick -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] auth only
Lampa ha scritto:
Hello,
i know it's easy i just looked in code, but i think that is not good
for me. Maybe i'm wrong but must auth works only for not relaying.
Messages for domains listed in rcpthosts will be accepted without auth
and that is what i don't want. All users which will be using this
server must auth regardless rcpthost/morercpt. It's only my theory
based in short look in code, specialy this piece:
#if defined CHKUSER_EXTRA_MUSTAUTH_VARIABLE
if (env_get (CHKUSER_EXTRA_MUSTAUTH_VARIABLE)) {
if (relayclient) {
mustauth_value = 0;
} else {
mustauth_value = 1;
}
}
#endif
relayclient is set via variable (i will not set this variable) or when
accepting message for domain in rcptlist.
Maybe i'm wrong
Not maybe :-).
RELAYCLIENT is set only when set via variable or user is authenticated.
In no other case it is SET.
Tonino
In short i SMTPAUTHUSER must be filled before RCPT TO:, if not
connection should be dropped with 550 SMTP AUTH required or similar
error (530 Authentication required)
Thank you.
2007/11/28, tonix (Antonio Nati) [EMAIL PROTECTED]:
Lampa ha scritto:
Hello,
using older version of chkuser and toaster, option is not available :(
Upgrade chkuser to 2.0.9. It's easy.
Tonino
2007/11/28, Rick Macdougall [EMAIL PROTECTED]:
Lampa wrote:
Hello,
i know but i need auth all users eg forced smtp authentication. No
authenticated users should be dropped connection.
2007/11/28, Qmail List [EMAIL PROTECTED]:
is possible to turn on (via some variable) requirements of auth ? Eg.
users with no user/passwd cannot send email.
Bill's toaster has smtp-auth built in
There is an option in the chkuser patch to do exactly that.
Look for AUTH in the chkusr_settings.h file.
Regards,
Rick
--
[EMAIL PROTECTED] Interazioni di Antonio Nati
http://www.interazioni.it [EMAIL PROTECTED]
--
[EMAIL PROTECTED]Interazioni di Antonio Nati
http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] qmail-smtpd-auth-secure integration?
Ingo Claro ha scritto: tonix (Antonio Nati) wrote: Ingo Claro ha scritto: Hello list: has anyone integrared this patch: http://www.camscape.ro/opensource/qmail-smtpd-auth-secure.htm chkuser already has such feature, enabled by *CHKUSER_EXTRA_MUSTAUTH_VARIABLE.* How much is different what you point from this feature? Tonino: this part: Further more it only allows messages which have the same MAIL FROM: and SMTP AUTH user to avoid sender misrepresentation. What about NULL senders? Is allowed? A read receipt has a null sender address. Tonino -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] qmail-smtpd-auth-secure integration?
Ingo Claro ha scritto:
tonix (Antonio Nati) wrote:
Ingo Claro ha scritto:
tonix (Antonio Nati) wrote:
Ingo Claro ha scritto:
Hello list:
has anyone integrared this patch:
http://www.camscape.ro/opensource/qmail-smtpd-auth-secure.htm
chkuser already has such feature, enabled by
*CHKUSER_EXTRA_MUSTAUTH_VARIABLE.*
How much is different what you point from this feature?
Tonino:
this part:
Further more it only allows messages which have the same MAIL FROM:
and SMTP AUTH user to avoid sender misrepresentation.
What about NULL senders? Is allowed? A read receipt has a null sender
address.
good point, I didn't knew that. I looked at the code and this is the
check:
if (authd strcmp(addr.s,user.s)) { err_authmismatch(); return; }
so it doesn't consider the null senders (unless thay are sent without
auth )
I think the patch is a good idea, but don't know for the moment how to
fix the null sender part.
This is the reason for which I did not put this check inside chkuser. If
you stop NULL sender, you block user's normal activity when sending
receipts. If you don't, checking is unuseful for smart users. Not
speaking about using reply to: different from return to: different
from mail from.
Anyway, as auth is always putting the real authenticated sender inside
mail headers, so, personally, I don't see this as a huge problem.
Regards,
Tonino
regards,
Ingo.-
--
[EMAIL PROTECTED]Interazioni di Antonio Nati
http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] qmail-smtpd-auth-secure integration?
Ingo Claro ha scritto: Hello list: has anyone integrared this patch: http://www.camscape.ro/opensource/qmail-smtpd-auth-secure.htm chkuser already has such feature, enabled by *CHKUSER_EXTRA_MUSTAUTH_VARIABLE.* How much is different what you point from this feature? Tonino ** with this toaster? regards, Ingo.- -- -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] qmail-smtpd-auth-secure integration?
If you set RELAYCLIENT then everything is accepted. RELAYCLIENT must be set only by auth code. If RELAYCLIENT is set, then chkuser will let the message flow. :allow, CHKUSER_MUSTAUTH= This feature can work despite (with/without) any other chkuser feature. I use it both for submission port and for authenticated relay server on port 25. Tonino Edvin Seferovic ha scritto: Is this supported in Bills toaster? I need a submission only port without greylisting etc... only for authenticated users. I assume I would need to copy qmail-smtpd run scripts and chance tcp.smtp to something like :allow, RELAYCLIENT=,CHKUSER_MUSTAUTH ?? Do I need something else ? Regards, E:S *From:* tonix (Antonio Nati) [mailto:[EMAIL PROTECTED] *Sent:* Dienstag, 13. November 2007 22:23 *To:* toaster@shupp.org *Subject:* Re: [toaster] qmail-smtpd-auth-secure integration? Ingo Claro ha scritto: Hello list: has anyone integrared this patch: http://www.camscape.ro/opensource/qmail-smtpd-auth-secure.htm chkuser already has such feature, enabled by *CHKUSER_EXTRA_MUSTAUTH_VARIABLE.* How much is different what you point from this feature? Tonino with this toaster? regards, Ingo.- -- -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] __ NOD32 2655 (20071113) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] help - smtp problem
At 02.14 14/09/2007, you wrote: Thanks Tonino, It looks hotmail accept my mail. But it never arrives... I try other hotmail accounts. Seems to have same problem... When I replied email to a hotmail address, it works. Here is the log message: @400046e9cbab25aeacd4 new msg 80582 @400046e9cbab25aec444 info msg 80582: bytes 1618 from [EMAIL PROTECTED] qp 7833 uid 508 @400046e9cbab2d41fdac starting delivery 2555: msg 80582 to remote [EMAIL PROTECTED] @400046e9cbab2d421134 status: local 0/10 remote 2/20 @400046e9cbad28da03f4 delivery 2555: success: 65.54.244.104_accepted_message./Remote_host_said:_250__ [EMAIL PROTECTED]_Queued_mail_for_delivery/ @400046e9cbad2961587c status: local 0/10 remote 1/20 @400046e9cbad29616c04 end msg 80582 But when I create new email to a hotmail address, it doesn't work. Here is the log message: @400046e9cc301b7cc034 new msg 80582 @400046e9cc301b7cd3bc info msg 80582: bytes 603 from [EMAIL PROTECTED] qp 7851 uid 508 @400046e9cc30238d6ecc starting delivery 2559: msg 80582 to remote [EMAIL PROTECTED] @400046e9cc30238d8254 status: local 0/10 remote 2/20 @400046e9cc32006c6bdc delivery 2559: success: 65.54.245.104_accepted_message./Remote_host_said:_250__ [EMAIL PROTECTED]_Queued_mail_for_delivery/ @400046e9cc32006c8734 status: local 0/10 remote 1/20 @400046e9cc32006c96d4 end msg 80582 I read the same success sequence in both cases. It looks like something you cannot control, as they accept your message and queue it for later delivery. Tonino Kenneth tonix (Antonio Nati) wrote: At 23.20 13/09/2007, you wrote: kenneth chan wrote: Thanks Rick, I did check and my IP is not listed. Actually I can send to some domains like the shupp.org. I think some other domains may have implemented policy to block my domain automatically. Do I need to check my server? or others? Which is the reason HOTMAIL is refusing the email? Do you have any log of outgoing messages? Tonino
Re: [toaster] help - smtp problem
At 02.14 14/09/2007, you wrote: Thanks Tonino, It looks hotmail accept my mail. But it never arrives... I try other hotmail accounts. Seems to have same problem... When I replied email to a hotmail address, it works. Here is the log message: @400046e9cbab25aeacd4 new msg 80582 @400046e9cbab25aec444 info msg 80582: bytes 1618 from [EMAIL PROTECTED] qp 7833 uid 508 @400046e9cbab2d41fdac starting delivery 2555: msg 80582 to remote [EMAIL PROTECTED] @400046e9cbab2d421134 status: local 0/10 remote 2/20 @400046e9cbad28da03f4 delivery 2555: success: 65.54.244.104_accepted_message./Remote_host_said:_250__ [EMAIL PROTECTED]_Queued_mail_for_delivery/ @400046e9cbad2961587c status: local 0/10 remote 1/20 @400046e9cbad29616c04 end msg 80582 But when I create new email to a hotmail address, it doesn't work. Here is the log message: @400046e9cc301b7cc034 new msg 80582 @400046e9cc301b7cd3bc info msg 80582: bytes 603 from [EMAIL PROTECTED] qp 7851 uid 508 @400046e9cc30238d6ecc starting delivery 2559: msg 80582 to remote [EMAIL PROTECTED] @400046e9cc30238d8254 status: local 0/10 remote 2/20 @400046e9cc32006c6bdc delivery 2559: success: 65.54.245.104_accepted_message./Remote_host_said:_250__ [EMAIL PROTECTED]_Queued_mail_for_delivery/ @400046e9cc32006c8734 status: local 0/10 remote 1/20 @400046e9cc32006c96d4 end msg 80582 I read the same success sequence in both cases. It looks like something you cannot control, as they accept your message and queue it for later delivery. Tonino Kenneth tonix (Antonio Nati) wrote: At 23.20 13/09/2007, you wrote: kenneth chan wrote: Thanks Rick, I did check and my IP is not listed. Actually I can send to some domains like the shupp.org. I think some other domains may have implemented policy to block my domain automatically. Do I need to check my server? or others? Which is the reason HOTMAIL is refusing the email? Do you have any log of outgoing messages? Tonino
[toaster] SPF question
We are receiving a lot of fake e-mails from banks, and we are facing this SPF problem: Most of banks are using SPF, so e-mails should be rejected, but they are accepted because senders are using a forged From address, and a real Return-Path. So, it looks like SPF is checking about the Return-Path domain, and not for the From domain. Should the check be changed, or enforced on both domains? Tonino
[toaster] SPF question
We are receiving a lot of fake e-mails from banks, and we are facing this SPF problem: Most of banks are using SPF, so e-mails should be rejected, but they are accepted because senders are using a forged From address, and a real Return-Path. So, it looks like SPF is checking about the Return-Path domain, and not for the From domain. Should the check be changed, or enforced on both domains? Tonino
Re: [toaster] checkuser problem
My answer to your previous was not correct. You have #define CHKUSER_RCPT_MX commented, so chkuser is not checking the destination domain (conditions: domain is not local and RELAYCLIENT is set). Ciao, Tonino At 08.20 10/05/2007, you wrote: Hello, no settings found in whole source. here is my chkuser_settings.h file. I'm ussing qmail-toaster-0.8.3. Thank you. --- Lampa 2007/5/9, tonix (Antonio Nati) [EMAIL PROTECTED]: At 23.32 09/05/2007, you wrote: Hello, i found weird behaviour if checkuser with smtp auth If user is autheticated, there is not checked if dest domain is valid (maybe if recips exists) - eg possible to send email to invalid domain. trying to send email to [EMAIL PROTECTED]' (yes at end is ') - is not valid email, i know but tell this to some non technical people ;) non auth user @4000464239dd28198a84 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt : sender accepted @4000464239dd28c98164 CHKUSER rejected relaying: from [EMAIL PROTECTED]:: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt [EMAIL PROTECTED]' : client not allowed to relay auth user @40004642390d107ee0a4 CHKUSER accepted sender: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt : sender accepted @40004642390d113305d4 CHKUSER relaying rcpt: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt [EMAIL PROTECTED]' : client allowed to relay from log, non auth user cannot send email to bad domain but auth can. Maybe i have wrong settings of checkuser. Yes, probably you have disabled chkuser for authenticated users. Check is there is any option like CHKUSER_DISABLE_VARIABLE enabled. Ciao, Tonino Thank you for your help. --- Lampa Content-Type: application/octet-stream; name=chkuser_settings.h X-Attachment-Id: f_f1itxvhn Content-Disposition: attachment; filename=chkuser_settings.h
Re: [toaster] checkuser problem
My answer to your previous was not correct. You have #define CHKUSER_RCPT_MX commented, so chkuser is not checking the destination domain (conditions: domain is not local and RELAYCLIENT is set). Ciao, Tonino At 08.20 10/05/2007, you wrote: Hello, no settings found in whole source. here is my chkuser_settings.h file. I'm ussing qmail-toaster-0.8.3. Thank you. --- Lampa 2007/5/9, tonix (Antonio Nati) [EMAIL PROTECTED]: At 23.32 09/05/2007, you wrote: Hello, i found weird behaviour if checkuser with smtp auth If user is autheticated, there is not checked if dest domain is valid (maybe if recips exists) - eg possible to send email to invalid domain. trying to send email to [EMAIL PROTECTED]' (yes at end is ') - is not valid email, i know but tell this to some non technical people ;) non auth user @4000464239dd28198a84 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt : sender accepted @4000464239dd28c98164 CHKUSER rejected relaying: from [EMAIL PROTECTED]:: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt [EMAIL PROTECTED]' : client not allowed to relay auth user @40004642390d107ee0a4 CHKUSER accepted sender: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt : sender accepted @40004642390d113305d4 CHKUSER relaying rcpt: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt [EMAIL PROTECTED]' : client allowed to relay from log, non auth user cannot send email to bad domain but auth can. Maybe i have wrong settings of checkuser. Yes, probably you have disabled chkuser for authenticated users. Check is there is any option like CHKUSER_DISABLE_VARIABLE enabled. Ciao, Tonino Thank you for your help. --- Lampa Content-Type: application/octet-stream; name=chkuser_settings.h X-Attachment-Id: f_f1itxvhn Content-Disposition: attachment; filename=chkuser_settings.h
Re: [toaster] checkuser problem
At 23.32 09/05/2007, you wrote: Hello, i found weird behaviour if checkuser with smtp auth If user is autheticated, there is not checked if dest domain is valid (maybe if recips exists) - eg possible to send email to invalid domain. trying to send email to [EMAIL PROTECTED]' (yes at end is ') - is not valid email, i know but tell this to some non technical people ;) non auth user @4000464239dd28198a84 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt : sender accepted @4000464239dd28c98164 CHKUSER rejected relaying: from [EMAIL PROTECTED]:: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt [EMAIL PROTECTED]' : client not allowed to relay auth user @40004642390d107ee0a4 CHKUSER accepted sender: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt : sender accepted @40004642390d113305d4 CHKUSER relaying rcpt: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt [EMAIL PROTECTED]' : client allowed to relay from log, non auth user cannot send email to bad domain but auth can. Maybe i have wrong settings of checkuser. Yes, probably you have disabled chkuser for authenticated users. Check is there is any option like CHKUSER_DISABLE_VARIABLE enabled. Ciao, Tonino Thank you for your help. --- Lampa
Re: [toaster] checkuser problem
At 23.32 09/05/2007, you wrote: Hello, i found weird behaviour if checkuser with smtp auth If user is autheticated, there is not checked if dest domain is valid (maybe if recips exists) - eg possible to send email to invalid domain. trying to send email to [EMAIL PROTECTED]' (yes at end is ') - is not valid email, i know but tell this to some non technical people ;) non auth user @4000464239dd28198a84 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt : sender accepted @4000464239dd28c98164 CHKUSER rejected relaying: from [EMAIL PROTECTED]:: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt [EMAIL PROTECTED]' : client not allowed to relay auth user @40004642390d107ee0a4 CHKUSER accepted sender: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt : sender accepted @40004642390d113305d4 CHKUSER relaying rcpt: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote xxx:unknown:xxx.xxx.xxx.xxx rcpt [EMAIL PROTECTED]' : client allowed to relay from log, non auth user cannot send email to bad domain but auth can. Maybe i have wrong settings of checkuser. Yes, probably you have disabled chkuser for authenticated users. Check is there is any option like CHKUSER_DISABLE_VARIABLE enabled. Ciao, Tonino Thank you for your help. --- Lampa
Re: [toaster] Quota problem
At 14.18 26/03/2007, you wrote: I know this is not toaster related but i think there are people here that may be of help. I have a huge problem. I'm responsible for mail service of 35-40 clients each of them with a virtual domain. I searched the qmailadmin mailing list in hopes of an answer but i couldn't find any. The problem is, i cannot offer access to the qmailadmin interface to my clients because, by default, qmailadmin does not offer quota limits management per domain. What i need to do is set a quota for the entire domain and after that the client can manage his mail accounts how he pleases. So, if a client has access to qmailadmin he can create a mailbox of say 5gb although the hosting contract was signed for 2Gb. At the moment i use a system quota method but i realized that this is not the correct way to do it although vpopmail allows it, other programs like maildrop and spamassassin have problems with the permissions mangling necessary to do system quota. On the qmailadmin list i've read some threads about different patches regarding the same problem i have but all the referrences pointed to unavailable locations and outdated resources. I also found out about the Antonio Nati's approach, the domain pool, but his links were also outdated. I have a more recent version of the pooled quota patch, actually working on my systems. Pooled quota works this way, basically. If enabled for the domain, you give a quota to postmaster, and each mailbox quota is subtracted from postmaster quota when you create a new email. All changes of quota are added/subtracted to postmaster's quota. If you want I may send it to you, and if someone find it interesting, I cand send again to qmailadmin team (the last time pooled quota was rejected because they preferred to include the fallimentary domain quota patch). Ciao, Tonino
Re: [toaster] Quota problem
At 15.10 26/03/2007, you wrote: I saw your description on the qmailadmin list and i thought that was exactly what i was looking for and i was disapointed that the link you posted was not available. I will be gratefull if you can send me the patch to try it out and see if it matches my need although i think it will. qmailadmin version: 1.2.9 Complete tar can be downloaded from : http://www.interazioni.it/opensource/qmailadmin/download/archives/qmailadmin-pooled-public.tar.bz2 Compile instructions: Add these qualifier to .configure, using your preferred VPOPMAIL flags: ./configure CFLAGS=-DQUOTA_FLAG=V_USER0 -DUNPOOLED_QUOTA_FLAG=V_USER1 Within my_configure.sh you may find my example of configuration. Set the V_USER1 flag (or your preferred flag) on postmasters which are enabled to use pooled quota. Set the V_USER0 flag (or your preferred flag) on postmasters which are enabled to use quota without any limit. I feel it should be easy to make a diff againt a clean 1.2.9 and apply the difference on a newer qmailadmin version (I can be interested too). This version should also resolve the problem of 2GB limit, as I've updated all 32 bit variables, and currently I have customers with more than 2GB quota. Let me know! Ciao, Tonino Thanks for the help !
Re: [toaster] Quota problem
At 18.00 26/03/2007, you wrote: tonix (Antonio Nati) wrote: This version should also resolve the problem of 2GB limit, as I've updated all 32 bit variables, and currently I have customers with more than 2GB quota. Do you have patches for other Maildir++ programs? Like courier-imap, and maildrop? And also my patch for qmail-local (based on deliverquota)? Last I heard, the courier author was not planning to fix the 2GB limit in the maildirquota code, but that might not be true anymore. Sorry, I only modified qmailadmin. Tonino Thanks, Bill
Re: [toaster] CRLF - LF - Exchange
At 15.05 09/03/2007, you wrote:
Ahmet YAZICI wrote:
Hello All,
One of my client has local MS Exchange server and sometimes they
can't send email to real email server installed qmail.
Beaceuse of that, i've disabled straynewline function in
qmail-smtpd.c . Now it's working.. but i'm not sure if i break something
Is it legal to disable straynewline or is there any solution for
this problem?
Thanks
We use fixcrio prior to qmail-smtpd in our run files and have never
had any problems since.
exec /usr/local/bin/softlimit -m 200 \
/usr/local/bin/tcpserver -v -P -R -h -l ecluster6.tls.net -x
/var/qmail/control/tcp.smtp.cdb -c $MAXSMTPD \
-u $QMAILDUID -g $NOFILESGID 10.0.241.136 25 \
/usr/local/bin/fixcrio /var/qmail/bin/qmail-smtpd 21
I suggest patching qmail-smtpd.c (from
http://www.arctic.org/~dean/patches/qmail-0.95-liberal-lf.patch) and
have a permanent solution (faster than running an additional program
only for cr/lf):
--- qmail-smtpd.c Wed Dec 1 22:48:04 2004
+++ prova-smtpd.c Fri Jun 24 16:37:33 2005
@@ -363,17 +363,17 @@
}
switch(state) {
case 0:
-if (ch == '\n') straynewline();
+if (ch == '\n') { state = 1; break; }
if (ch == '\r') { state = 4; continue; }
break;
case 1: /* \r\n */
-if (ch == '\n') straynewline();
if (ch == '.') { state = 2; continue; }
if (ch == '\r') { state = 4; continue; }
+if (ch == '\n') state = 0;
state = 0;
break;
case 2: /* \r\n + . */
-if (ch == '\n') straynewline();
+if (ch == '\n') return;
if (ch == '\r') { state = 3; continue; }
state = 0;
break;
Tonino
http://search.yahoo.com/search?p=straynewline+fixcrio
http://cr.yp.to/ucspi-tcp/fixcrio.html
DAve
--
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?
Maybe they forgot who made that choice possible.
[toaster] Is clamav 0.90.1 solving previous problems?
Did anyone with problems on clamav 0.90.0 test new 0.90.1 and verified if it solves previous problems? Thanks, Tonino
Re: [toaster] AOL port 587
At 02.20 26/02/2007, you wrote: Speedbone wrote: Hi list, sorry if I´m wrong here, but I´m using Bills toaster and I´m obviously to dump to get this aol port working. Could anyone please give me a clue? I assume you mean you mean you want an alternate SMTP port running for outbound mail. You need to create another smtpd process, and instead of using port smtp in the run script, use 587. You could name the supervise and log directories qmail-smtpd-587, and then also add that to your qmailctl script's list of processes so that it controls it. In the next 2.0.9 chkuser version there is the possibility to accept only authenticated senders, so this will help setting up a submission port (this port should only be used for client - server sending, while port 25 should finally be used only for server - server dialogue). Tonino Regards, Bill
Re: [toaster] clamav 0.90 patches up
I had to go back at 0.88.x as CPU usage becomes extremely high and clamd hangs. Anyone has the same problem? Tonino At 19.39 14/02/2007, you wrote: I've posted patches for for clamav 0.90 for use with the standard toaster install: http://shupp.org/patches/clamav-0.90-conf.patch http://shupp.org/patches/clamav-0.90-freshclamconf.patch http://shupp.org/patches/clamav-0.90-stderr.patch Thanks to Dave Watson and Stephan Seitz, both of whom submitted updated 0.90 versions of the stderr patch. I've installed these patches on my system, and they are working as expected. Has anyone tried out the new experimental anti-phishing features yet? The Toaster documentation has not yet been updated with these patch versions, but that'll happen this week. I'm just about done porting it to DocBook format, with embedded gettext support for easy translation maintenance. I'll be releasing the DocBook files, PHP wrapper classes, and related scripts for anyone that finds them useful. Regards, Bill
Re: [toaster] clamav 0.90 patches up
At 18.10 18/02/2007, you wrote: I had to go back at 0.88.x as CPU usage becomes extremely high and clamd hangs. Anyone has the same problem? I use FreeBSD. Clamav docs say on FreeBSD and Solaris 0.90 has serious problems. Tonino Tonino At 19.39 14/02/2007, you wrote: I've posted patches for for clamav 0.90 for use with the standard toaster install: http://shupp.org/patches/clamav-0.90-conf.patch http://shupp.org/patches/clamav-0.90-freshclamconf.patch http://shupp.org/patches/clamav-0.90-stderr.patch Thanks to Dave Watson and Stephan Seitz, both of whom submitted updated 0.90 versions of the stderr patch. I've installed these patches on my system, and they are working as expected. Has anyone tried out the new experimental anti-phishing features yet? The Toaster documentation has not yet been updated with these patch versions, but that'll happen this week. I'm just about done porting it to DocBook format, with embedded gettext support for easy translation maintenance. I'll be releasing the DocBook files, PHP wrapper classes, and related scripts for anyone that finds them useful. Regards, Bill
Re: [toaster] CHKUSER Problem
At 03.41 17/01/2007, you wrote: Sam Laffere wrote: cat .qmail-default | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox If no mailbox for addressee, bounce #| /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter If no mailbox for addressee, send to mailfilter #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster If no mailbox for addressee, send to postmaster Either of the last two block chkuser from working because they direct ALL mail to non-existant mailboxes to a specific location. That means there are no non-existant mailboxes when those choices are selected. See http://www.interazioni.it/opensource/chkuser/documentation/faq/enabling.html#D4 * With standard settings, modify .qmail-default according to your needs, then add a comment line like # bounce-no-mailbox at beginning of file. chkuser will work if bounce-no-mailbox is found within leading 1023 characters. * As alternative, uncomment and change CHKUSER_BOUNCE_STRING within chkuser_settings.h, and set it to the wished string. Ciao, Tonino
Re: [toaster] testing
At 23.08 13/05/2006, you wrote: Maxwell wrote: Check. Internet's working. Sorry folks.. that was a failed test. I turned off notifications for non-subscribers on all my ezmlm lists. Those messages just go into the bit-bucket now. Tonino - it would be cool to add a subscriber check to chkuser. Say, look for ezmlm-sub in the .qmail-toaster file, and if it exists, grab the 3 list arguments and actually run ezmlm-sub on them. If it's not a subscriber, reject the message. What do you think? I feel it ok. Let me think about, I will have shortly a mantainance version of chkuser, with various changes here suggested until now, and after a version with new features. Right binary for checking list subscribers should be ezmlm-issubn, right? Probably only toaster@shupp.org should be controlled, as all [EMAIL PROTECTED] may be considered as service addresses. Ciao, Tonino Cheers, Bill
Re: [toaster] Authentication problem
At 11.53 01/05/2006, you wrote: Hello ! I have a problem and it seems that some people have it also but no one has an answer for it. I've searched thru courierusers mailinglist and thru vpopmail mailing list but i can't find a solution to this matter... Here it goes.. I have a fedora core 5 os and vpopmail 5.4.13 with the cumulative patch made by Bill Shupp, all works ok but the imap authentication service... it seems like when the server is not used or it is used rarely (nightime) it has the habit of refusing authentications of valid users because the mysql server has gone away message ! courier-auth daemon opens mySQL connections only when it starts up. It does not try to reconnect if the previous connection is closed (max connections reached or the server has been stopped/restarted). So, in a normal working environment, if you stop and restart mysql, courier authlib uses the broken connection, without trying to reconnect. It looks like we should develop a mysql watcher, that takes care to monitor mysql and restart it and all products like courier-auth. Tonino The weird thing is, after i made some reading, it does not happen in the 8 hour interval wich is the timeout for mysql it happens randomly and when it does i discovered that restarting the courier-authlib daemon temporarely fixes the problem until next time... So, i made an hourly cronjob that restarts the courier-authlib as a quickdirty fix until i find where's the real problem but it seems that this does not work as well in the morning i still find that imap refuses authentication... Can some one help me with this, i'm not a complete noob but this is really over my head and i would really appreciate some help or some indications of what to read in order to understand what's going on. This what the logs say for today, sorry for the large message Max connections in mysql is set to 250 via my.cnf [EMAIL PROTECTED] log]# cat maillog | grep Apr 28 12 Apr 28 12:04:20 ns1 imapd: Connection, ip=[:::127.0.0.1] Apr 28 12:04:20 ns1 authdaemond: received auth request, service=imap, authtype=login Apr 28 12:04:20 ns1 authdaemond: authvchkpw: trying this module Apr 28 12:04:20 ns1 authdaemond: authvchkpw: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:04:20 ns1 authdaemond: password matches successfully Apr 28 12:04:20 ns1 authdaemond: Authenticated: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:04:20 ns1 imapd: LOGIN, [EMAIL PROTECTED], ip=[:::127.0.0.1], protocol=IMAP Apr 28 12:04:20 ns1 imapd: LOGOUT, [EMAIL PROTECTED], ip=[:::127.0.0.1], headers=0, body=0, time=0 Apr 28 12:13:36 ns1 imapd: Connection, ip=[:::127.0.0.1] Apr 28 12:13:36 ns1 authdaemond: received auth request, service=imap, authtype=login Apr 28 12:13:36 ns1 authdaemond: authvchkpw: trying this module Apr 28 12:13:36 ns1 authdaemond: authvchkpw: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:13:36 ns1 authdaemond: password matches successfully Apr 28 12:13:36 ns1 authdaemond: Authenticated: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:13:36 ns1 imapd: LOGIN, [EMAIL PROTECTED], ip=[:::127.0.0.1], protocol=IMAP Apr 28 12:13:36 ns1 imapd: LOGOUT, [EMAIL PROTECTED], ip=[:::127.0.0.1], headers=0, body=0, time=0 Apr 28 12:13:36 ns1 imapd: Connection, ip=[:::127.0.0.1] Apr 28 12:13:36 ns1 authdaemond: received auth request, service=imap, authtype=login Apr 28 12:13:36 ns1 authdaemond: authvchkpw: trying this module Apr 28 12:13:36 ns1 authdaemond: authvchkpw: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:13:36 ns1 authdaemond: password matches successfully Apr 28 12:13:36 ns1 authdaemond: Authenticated: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:13:36 ns1 imapd: LOGIN, [EMAIL PROTECTED], ip=[:::127.0.0.1], protocol=IMAP Apr 28 12:13:37 ns1 imapd: LOGOUT, [EMAIL PROTECTED], ip=[:::127.0.0.1], headers=10506, body=0, time=1 Apr 28 12:14:52 ns1 imapd:
Re: [toaster] Toaster 0.8.7 Update
At 00.39 11/04/2006, you wrote: tonix (Antonio Nati) wrote: Bill, actually there could be two alternative solutions: 1) select an alternative file that always exists in the directory (surviving to last ezmlm-idx changes) 2) enable CHKUSER_ENABLE_ALIAS_DEFAULT : that should enable rcpt acceptance if .qmail-list-default does exists. In the first case, following line in case 11 in chkuser.c must be changed: if (!stralloc_cats (tmp_path, /mailinglist)) DIE_NOMEM(); In the second case, no intervent should be done (if .qmail-list-default still exists :-) ). Any comment is welcome. Would the CHKUSER_ENABLE_ALIAS_DEFAULT affect the .qmail-default file in the domain directory? Or is that only for other .qmail files? It always looks for something like .qmail-alias-default. .qmail-default should never be used because of this define. I think /editor is always present, perhaps that's a better solution. Ok, you may modify this line, I'll put it in next chkuser release. - if (!stralloc_cats (tmp_path,/mailinglist)) DIE_NOMEM(); + if (!stralloc_cats (tmp_path,/editor)) DIE_NOMEM(); Thanks, Tonino Regards Bill
Re: [toaster] Toaster 0.8.7 Update
At 21.34 10/04/2006, you wrote: Bill Shupp wrote: Yup, it appears in IDX version 486, ( http://ezmlm.org/ChangeLog), they moved the mailinglist file, which chkuser uses to determine that this is a mailing list. So now it appears missing, and chkuser thinks this is not a mailing list. In the short term, you could touch the mailinglist file the list directory to make it work. Tonino, how do you want to go about this? By default, a new list created by qmailadmin does not setup the trunk/lang directory, where the ChangeLog says the mailinglist file appear. Bill, actually there could be two alternative solutions: 1) select an alternative file that always exists in the directory (surviving to last ezmlm-idx changes) 2) enable CHKUSER_ENABLE_ALIAS_DEFAULT : that should enable rcpt acceptance if .qmail-list-default does exists. In the first case, following line in case 11 in chkuser.c must be changed: if (!stralloc_cats (tmp_path, /mailinglist)) DIE_NOMEM(); In the second case, no intervent should be done (if .qmail-list-default still exists :-) ). Any comment is welcome. Tonino Regards, Bill I have downgraded ezmlm-idx back to 0.443, I recommend anyone that upgrade to downgrade as well, as I did see some problems with old lists. I'll have to take a closer look before upgrading to 5.0.2 again. Sorry for the inconvenience. Regards, Bill
Re: [toaster] chkuser
At 05.14 09/02/2006, you wrote: Is there a way to close a connection after 3 or 4 invalid mailboxes are reached on a single connection? When spammers hit my production server I see multiple emails in the log account that if they could be blocked after 3 or 4 invalid address are reached. It's all already inside the box. Check carefully toaster documentation or look in http://www.interazioni.it/opensource/chkuser/documentation/chkuser_settings.html#Tarpitting for more info on chkuser settings. Ciao, Tonino Thanks Dennis
Re: [toaster] Run chkuser before greylisting
At 15.59 02/01/2006, you wrote: Dear list, Is that possible to run chkuser first and then greylisting? I found that my domains are forged by spamers. There are a lot of bounced messages which make my servers too busy to take record for greylisting. My idea is that if the user is non-exist, just bounce the message at smtp level, then greylisting won't keep the record in the database. It should be able to keep the greylisting database small. Any idea?? Thanks a lot. I'm just thinking to add such feature to chkuser, but I need some time to do the job (also because I'ld like to add other features around, greylisting would be a consequence of these other features). Tonino Regards, Mick
RE: [toaster] HELP !!! vpopmail - relaying info in mysql
Edvin, delete chkuser.o, make qmail again and install it. Tonino At 17.57 25/10/2005, you wrote: Hi, how do I recompile chuser ? Ive followed the process described on the toaster page... so I compiled vpopmail with my options, then applied toasters patch to qmail, recompiled it and installed it. No mention of ckuser at all L sorry, for my basic questions, but I hope to get this solved really soon. Thank you very much. Regards, Edvin Seferovic From: Bruno Negrao [ mailto:[EMAIL PROTECTED]] Sent: Dienstag, 25. Oktober 2005 18:19 To: toaster@shupp.org Subject: Re: [toaster] HELP !!! vpopmail - relaying info in mysql Did you remember to recompile ckuser after you recompiled vpopmail? You have to this. - Original Message - From: Seferovic Edvin To: toaster@shupp.org Sent: Tuesday, October 25, 2005 12:25 PM Subject: [toaster] HELP !!! vpopmail - relaying info in mysql Hi gurus, I need help.. yes again ! I have configured my vpopmail with options enable-roaming-users and enable-auth-module=mysql. Since I need roaming users ( POP-before-SMTP ) and I have already my old tables with users etc I would like to use those options... but when trying to relay messages I get a failure message that I am not allowed to relay messages. Why isnt chkuser reading my mysql table instead of tcp.cdb file L Is this possible to configure ( Ive had it configured last year ). Regards, Edvin Seferovic
Re: [toaster] patched qmail fails to compile
At 04.14 20/09/2005, you wrote: Hi Bill. Thanks so much for your very detailed guide. I've managed to get qMail and vpopmail installed a few other times, but I've always had trouble getting SMTP AUTH going, so I'm giving your instructions a shot. Everything in your guide goes smoothly up to and including the install of vpopmail. At this stage in the process : (Note, I've got my sources in /usr/local/src instead of /var/src.) # add qmail toaster patch now that vpopmail is installed cd /usr/local/src/netqmail-1.05/netqmail-1.05 bunzip2 -c ../../tar/qmail-toaster-0.8.patch.bz2 | patch -p0 make clean make qmailctl stop make setup check I get the following errors from 'make setup check'... ./compile chkuser.c chkuser.c:37:22: vpopmail.h: No such file or directory Do you have vpopmail installed in standard location /home/vpopmail)? If not, you have to change the following line within Makefile with the correct value: VPOPMAIL_HOME=/home/vpopmail Tonino chkuser.c:38:19: vauth.h: No such file or directory chkuser.c:39:29: vpopmail_config.h: No such file or directory chkuser.c: In function `realrcpt': chkuser.c:682: warning: comparison between pointer and integer chkuser.c:803: warning: assignment makes pointer from integer without a cast chkuser.c:824: error: dereferencing pointer to incomplete type chkuser.c:824: error: `BOUNCE_MAIL' undeclared (first use in this function) chkuser.c:824: error: (Each undeclared identifier is reported only once chkuser.c:824: error: for each function it appears in.) chkuser.c:829: error: dereferencing pointer to incomplete type chkuser.c:830: error: dereferencing pointer to incomplete type chkuser.c:834: error: dereferencing pointer to incomplete type make: *** [chkuser.o] Error 1 What could be causing this error? Any insight you can provide would be just wonderful. thanks, alex
Re: [toaster] patched qmail fails to compile
At 17.00 20/09/2005, you wrote: Alex Dean wrote: Yes, that's correct. Mine is installed in /var/vpopmail. The Makefile had a warning don't edit this file, use conf* instead. conf-cc had a line referencing /home/vpopmail, which I edited to my location, and it has now compiled correctly. Tonino, I used to use conf-vpopmail for this very reason - so conf-cc and Makefile could use `head -1 conf-vpopmail` instead of having the info hard-coded. Perhaps we should go back to that? Hi Bill, I forgot you have this usage. This is better then hardcoding in Makefile (but I dream someone rewrites qmail's Makefile and creates a powerful configure program). Regards, Tonino Regards, Bill
Re: [toaster] patched qmail fails to compile
At 17.55 20/09/2005, you wrote: tonix (Antonio Nati) wrote: At 17.00 20/09/2005, you wrote: Alex Dean wrote: Yes, that's correct. Mine is installed in /var/vpopmail. The Makefile had a warning don't edit this file, use conf* instead. conf-cc had a line referencing /home/vpopmail, which I edited to my location, and it has now compiled correctly. Tonino, I used to use conf-vpopmail for this very reason - so conf-cc and Makefile could use `head -1 conf-vpopmail` instead of having the info hard-coded. Perhaps we should go back to that? Hi Bill, I forgot you have this usage. This is better then hardcoding in Makefile (but I dream someone rewrites qmail's Makefile and creates a powerful configure program). Regards, Tonino I did edit the vpopmail path in both Makefile and conf-cc. It sounds like this is the correct thing to do? (Sounds like the current toaster doesn't use the conf-vpopmail file you mention?) It worked, and that's good, but I don't want muck with things more than necessary so let me know if I've got this wrong. Follow Shupp instructions, so change only in conf-vpopmail. Tonino thanks, alex
Re: [toaster] dictionary attacks
At 16.36 14/09/2005, you wrote: On Wed, 2005-09-14 at 08:25 -0700, Tom Collins wrote: On Sep 14, 2005, at 8:04 AM, Jeff Koch wrote: I think what I am really asking is what is the mechanism for the way 'catch-all delete' works versus 'catch-all bounce' so I can determine which will have a lower load on the server. Since you're using chkusr, I don't think there's a difference. The chkusr patch will reject messages to unknown recipients at the SMTP level whenever the catchall is set to delete or bounce. Since messages for non-existent users won't be getting through, the delete/bounce option will never be used. Which is related to my original reply. Only thing im not sure about is how the latest version of chkuser interacts with vpopmail with all the new features Tonix has added in. Deleting messages for wrong recipients is up to you, depending on your business needs and preferences. Obviously, stopping messages at smtp level help saving bandwidth and CPU (as those messages will no be processed bu additional SA, clamav, etc.), at the potential (maniacal) risk that someone could know which are your real users. I only ask what happens to honest senders, if none is going to notify them about wrong deliveries. About chkuser, it has some small solutions inside, that not solve the problem, just help to limit some attacks. I've set up my system to refuse messages with more than 50 total recipients and more that 3 wrong recipients, with tarpitting delays (1 second growing for each error) on each error. That help me, though I see much more could be done. Logs say stupid massive senders are stopped, while smart are delayed a lot. Tonino Shane
Re: [toaster] dictionary attacks
This is not a chkuser question. If all il setup correctly, chkuser will not do any action is domain has catchall enabled, so email will be delivered to catchall account. Tonino At 17.10 14/09/2005, you wrote: Perhaps this should be a separate question but since its related to chkusr I though I would ask: If I set Catch All Bounce on my domain what happens if: 1. Account doesn't exist but forward is for that e-mail address and it point to valid e-mail. 2. If mail robot setup for let's say [EMAIL PROTECTED] but the account newsletter doesn't exist? Thanks in advance. --- ... the only easy day was yesterday
Re: [toaster] dictionary attacks
Sorry for previous mistyping. This is not a chkuser question. If all is setup correctly, chkuser will not do any action if domain has catchall enabled, so email will be delivered to catchall account. Tonino At 19.14 14/09/2005, you wrote: This is not a chkuser question. If all il setup correctly, chkuser will not do any action is domain has catchall enabled, so email will be delivered to catchall account. Tonino At 17.10 14/09/2005, you wrote: Perhaps this should be a separate question but since its related to chkusr I though I would ask: If I set Catch All Bounce on my domain what happens if: 1. Account doesn't exist but forward is for that e-mail address and it point to valid e-mail. 2. If mail robot setup for let's say [EMAIL PROTECTED] but the account newsletter doesn't exist? Thanks in advance. --- ... the only easy day was yesterday
Re: [toaster] Strange problem with CHKUSR
At 16.21 13/09/2005, you wrote: Listmembers: I have a domain that is exhibiting really strange behaviour. I recently cleaned out a couple of accounts in this domain, but for some reason CHKUSR insists that the local recipients still exist. Thus spam coming in for these users is still accepted into the queue and the messages are stuck there because in reality they cannot be delivered: @40004326bd7c122ce694 starting delivery 110252: msg 552988 to local [EMAIL PROTECTED] @40004326bd7c1966b174 delivery 110252: deferral: maildirmake:_File_exists//usr/local/bin/maildrop:_Unable_to_cre ate_a_dot-lock./ Where should I look to find out why CHKUSR is allowing this address when vuserinfo correctly claims the user doesn't exist. I can't find the user in my vpopmail MySQL database either. Did you check alial/valias/mailing lists? Tonino -- Greetings, Maurice
Re: [toaster] Chkuser problem??
At 06.42 27/07/2005, you wrote: Dear all, I found a strange problem in my server. Chkuser seems not work porperly. Here is the information: 2005-07-27 13:07:31.616557500 CHKUSER accepted rcpt: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote www.ezrs.com:unknown:202.130.120.114 rcpt [EMAIL PROTECTED] : found existing recipient slx:~ # vuserinfo [EMAIL PROTECTED] no such user [EMAIL PROTECTED] [EMAIL PROTECTED] does not exist but chkuser let the message pass through. How can I fix the problem? Thanks a lot. If chkuser is not enabled than it return a positive answer (found) to any query. Check if chkuser is enabled and check using qmailadmin if bouncing is enabled. Tonino Regards, qing.
[toaster] Bare LF acceptance
After six years, I've found another sender who use bare LF at the end of messages, and I've been forced to modify qmail-smtpd because the sender is a big company. I've found the patch made by Dean Gaudet in http://www.arctic.org/~dean/patches/qmail-0.95-liberal-lf.patch, and it has solved all my problems. It could be nice if you could include this patch in your toaster, as it would improve qmail acceptance features without compromising anything important. I agree with Dean's words: qmail by default violates the be liberal in what you accept rule when receiving mail via smtp. It enforces strict \r\n behaviour... which is exactly what the standard dictates. But I'm not interested in my mailer telling other admins to fix their setup, because I know they won't. Ciao, Tonino
Re: [toaster] chkusr - custom error message
At 07.38 25/05/2005, you wrote: I am wondering if there is something which can be done to make chkusr behave more flexible while processing local-to-local sending. Simscan makes it really nice however error message says that first of the scanned attachments is bad and email processing is stopped. I believe chkusr can behave the same way. That's why the question for chkusr is: 1. Can bad e-mail be shown in error pop-up message while sending e-mail locally? (not confusing if there is single receipient) error pop up in not handled by qmail-smtpd. 2. Can chkusr behave the same way for local messages as during remote.smtp - local.smtp delivery. (message is accepted during smtp session and error message is sent back to sender). The best I can do (in version 2.0.9, but I cannot promise any date), is to add an extended error, including recipient in error message. 511 sorry, no mailbox here by that name (#5.1.1 - chkuser)\r\n could become 511 sorry, [EMAIL PROTECTED] not existing here (#5.1.1 - chkuser)\r\n Ciao, Tonino -- Kind regards, Tom Kania
Re: [toaster] chkusr - custom error message
Hi Kania, it depends a lot on which client you're using. Eudora has a good handling of rejected users. chkuser (qmail-smtpd) tells exactly which is the wrong recipient, but some e-mail clients do not handle it. Anyway, I feel chkuser should mainly be used on MX systems, and not on relay systems, just to avoid this problem and give a clear error to all clients. Tonino At 19.05 24/05/2005, you wrote: Hello, As you probably know there is possibility to patch simscan to give custom error messages while forbidden attachment is being sent. I am wondering if something similar can be done to make qmail inform sender why his e-mail (set to 20-30 receipients _locally_) was rejected. Currently, error message appears during sending and error pop-up window is shown (for example in windows mail clients). This might be confusing because error message tells only that there is someone among receipients that doesn't exist. (or more than one) Is there any patch/possibility to make qmail tell sender which e-mail addresses are bad? I will repeat that this option would be really nice when sending locally because smtp server responds immediately while message is being sent (during smtp session). If not, is there anything that can be done to make e-mails sent locally act the same way they were sent by remote smtp server? (error message is sent back to sender with pernament failure code instead of rejecting local delivery with unclear information) p.s. I am sorry for typing errors. -- Kind regards, Tomasz Kania
RE: [toaster] .qmail-list-accept-default
If you enabled ezmlm mailing lists, you don't need to have alias default enabled. Can you post me privately your settings? Tonino At 10.28 09/03/2005, you wrote: thanx for reply. strange story. the problem was: chkuser_settings.h CHKUSER_ENABLE_ALIAS_DEFAULT -Original Message- From: tonix (Antonio Nati) [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 08, 2005 6:37 PM To: toaster@shupp.org Subject: RE: [toaster] .qmail-list-accept-default Speaking about ezmlm lists, chkuser checks for the existance (i.e. opens for reading) of the following file: ../vpopmail/domains/yourdomain/yourlist/mailinglist Check this file. This looks like the unique point where there could be a permission problem (as you told that with user qmaild all works nicely). Tonino At 16.20 08/03/2005, you wrote: it is: drwx-- 3 vpopmail vchkpw 4096 2005-03-03 09:49 list actually when i create .qmail-example-default file i cant send message to [EMAIL PROTECTED] (the same error) i think its not ezmlm or dir's permission problem -Original Message- From: tonix (Antonio Nati) [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 08, 2005 5:05 PM To: toaster@shupp.org Subject: Re: [toaster] .qmail-list-accept-default Which are the permission/owner of the list directory? vpopmail should be the owner of that directory (and of the content). Tonino At 15.40 08/03/2005, you wrote: hello all just installed toaster (http://shupp.org/toaster/#prerequisites) setup went without errors... everything works ok, except: qmail-smtpd runs under user vpopmail. now trying to setup ezmlm list. when im sending confirmation message i allways get: '[EMAIL PROTECTED]' on 2005.03.08 15:51 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) smtpd log: 005-03-04 12:33:14.040663500 CHKUSER rejected rcpt: from [EMAIL PROTECTED]:: remote unknown:192.168.1.10 rcpt [EMAIL PROTECTED] : not existing recipient .qmail-list-accept-default exists in domain directory with same permissions as .qmail-default -rw--- 1 vpopmail vchkpw 55 2005-03-02 21:13 .qmail-default -rw--- 1 vpopmail vchkpw9 2004-09-08 13:24 .qmail-list-accept-default seems qmail doesnt read .qmail-list-accept-default file. tried to run qmail-smtpd under user qmaild everything works ok. but i need run smtpd under vpopmail... where the problem is?
Re: [toaster] .qmail-list-accept-default
Which are the permission/owner of the list directory? vpopmail should be the owner of that directory (and of the content). Tonino At 15.40 08/03/2005, you wrote: hello all just installed toaster (http://shupp.org/toaster/#prerequisites) setup went without errors... everything works ok, except: qmail-smtpd runs under user vpopmail. now trying to setup ezmlm list. when im sending confirmation message i allways get: '[EMAIL PROTECTED]' on 2005.03.08 15:51 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) smtpd log: 005-03-04 12:33:14.040663500 CHKUSER rejected rcpt: from [EMAIL PROTECTED]:: remote unknown:192.168.1.10 rcpt [EMAIL PROTECTED] : not existing recipient .qmail-list-accept-default exists in domain directory with same permissions as .qmail-default -rw--- 1 vpopmail vchkpw 55 2005-03-02 21:13 .qmail-default -rw--- 1 vpopmail vchkpw9 2004-09-08 13:24 .qmail-list-accept-default seems qmail doesnt read .qmail-list-accept-default file. tried to run qmail-smtpd under user qmaild everything works ok. but i need run smtpd under vpopmail... where the problem is?
RE: [toaster] .qmail-list-accept-default
Speaking about ezmlm lists, chkuser checks for the existance (i.e. opens for reading) of the following file: ../vpopmail/domains/yourdomain/yourlist/mailinglist Check this file. This looks like the unique point where there could be a permission problem (as you told that with user qmaild all works nicely). Tonino At 16.20 08/03/2005, you wrote: it is: drwx-- 3 vpopmail vchkpw 4096 2005-03-03 09:49 list actually when i create .qmail-example-default file i cant send message to [EMAIL PROTECTED] (the same error) i think its not ezmlm or dir's permission problem -Original Message- From: tonix (Antonio Nati) [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 08, 2005 5:05 PM To: toaster@shupp.org Subject: Re: [toaster] .qmail-list-accept-default Which are the permission/owner of the list directory? vpopmail should be the owner of that directory (and of the content). Tonino At 15.40 08/03/2005, you wrote: hello all just installed toaster (http://shupp.org/toaster/#prerequisites) setup went without errors... everything works ok, except: qmail-smtpd runs under user vpopmail. now trying to setup ezmlm list. when im sending confirmation message i allways get: '[EMAIL PROTECTED]' on 2005.03.08 15:51 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) smtpd log: 005-03-04 12:33:14.040663500 CHKUSER rejected rcpt: from [EMAIL PROTECTED]:: remote unknown:192.168.1.10 rcpt [EMAIL PROTECTED] : not existing recipient .qmail-list-accept-default exists in domain directory with same permissions as .qmail-default -rw--- 1 vpopmail vchkpw 55 2005-03-02 21:13 .qmail-default -rw--- 1 vpopmail vchkpw9 2004-09-08 13:24 .qmail-list-accept-default seems qmail doesnt read .qmail-list-accept-default file. tried to run qmail-smtpd under user qmaild everything works ok. but i need run smtpd under vpopmail... where the problem is?
Re: [toaster] chkusr question
Shane, chkuser uses vpopmail APIs for the most of checking, using its own code only when APIs are not available (ezmlm mailing lists, .qmail-default aliases, etc). So chkuser can use whatever DB vpopmail is using. New users in MySQL tables should be cought by vpopmail calls, I don't see any problem on that. Cheers, Tonino At 18.03 08/03/2005, you wrote: Tonix, When using chkusr with mysql support, does it check the vpopmail table for the user or rather does it query for the existence of the user via the API somehow? The reason i ask is that in the older versions of vpopmail you could add a user directly to the vpopmail table and if the account hadnt been created on disk when the first email arrived, it would provision it. Makes life simpler for admin only having to make the billing system talk to the DB. cheers Shane
Re: [toaster] CHKUSR setting
In next chkuser version I may do this process automatic, changing it in this way (you may change this within chkuser_settings.h just now): #if defined QMAIL_EXT #define CHKUSER_ENABLE_USERS_EXTENSIONS #endif Is there any other options (#define) I may change automatically? Any suggestion is welcome. Tonino At 17.44 07/03/2005, you wrote: It seems that the following define in chkuser_settings.h is not defined, and is really useful. While it is not the default at this time (I believe it used to be- either in the toaster patch or in vpopmail), it may be wise to draw attention to this. If you use --enable-qmail-ext for anything but an ezmlm mailing list, be sure to change this define. Is there maybe a way to do it based on the '#define QMAIL_EXT 1' in ~vpopmail/include/vpopmail_config.h to save us this trouble if we configured vpopmail in this way? /* * Uncomment this to enable user extension on names (i.e. TMDA) * (for mailing lists this is done without checking this define) * This define substitutes #define CHKUSER_ENABLE_EXTENSIONS */ #define CHKUSER_ENABLE_USERS_EXTENSIONS -M _ Take charge with a pop-up guard built on patented Microsoft® SmartScreen Technology http://join.msn.com/?pgmarket=en-capage=byoa/premxAPID=1994DI=1034SU=http://hotmail.com/encaHL=Market_MSNIS_Taglines Start enjoying all the benefits of MSN® Premium right now and get the first two months FREE*.
