Re: [vchkpw] Forward+Copyself bypasses quota ?
On Mar 3, 2005, at 7:53 PM, [EMAIL PROTECTED] wrote: It seems that if a user has a forward and a copy to self in his .qmail file as Qmailadmin makes it, he will get no warning on 90% full and the mail bypasses quota. It is delivered nicely in his mailbox. I can bounce the message with CHKUSER though (CHKUSER_MBXQUOTA). My vpopmail is 5.4.8 Can anyone verify? That's correct. It's fixed in a new vdelivermail that I will try very hard to get out the door soon. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Inter7 listed in SORBS and SpamHaus?
Jeremy Kitchen wrote: On Thursday 03 March 2005 11:57 am, Dave Goodrich wrote: http://www.rulesemporium.com/cgi-bin/uribl.cgi?domain0=64.119.194.44;bl0=0 Snipped from my spamassassin report. I found a message from Jeremy Kitchen my spam folder. Content analysis details: (5.0 points, 4.0 required) pts rule name description -- -- 0.1 FORGED_RCVD_HELO Received: contains a forged HELO probably due to the fact that our HELO is 'mail.inter7.com' but our reverse dns is adsl-68-78-194-78.dsl.rcfril.ameritech.net 5.0 URIBL_SBL Contains an URL listed in the SBL blocklist [URIs: inter7.com] the server that inter7.com's website is listed on spamhaus (not due to us, I assure you) Never had any doubt 8^) mostly just wanted to make anyone else aware they might need to check their spam folders if they think messages from vchkpw are missing. I whitelisted inter7, which I really was amiss it not doing earlier. Maillists about mail or programming in general do tend to trigger spam rules much more often than normal mail. DAve -- Dave Goodrich Systems Administrator http://www.tls.net Get rid of Unwanted Emails...get TLS Spam Blocker!
RE: [vchkpw] Inter7 listed in SORBS and SpamHaus?
Bill Wichers wrote: http://www.rulesemporium.com/cgi-bin/uribl.cgi?domain0=64.119.194.44;bl0=0 Snipped from my spamassassin report. I found a message from Jeremy Kitchen my spam folder. [snip] That's not inter7's IP, at least not the one the list comes from. My headers from your message show inter7 sent their message from 68.78.194.78, which is in an ameritech.net (now SBC) DSL block. SURBL doesn't look at where the message came from, it looks at URIs within the message body and scores based on a lookup of the URIs it finds. Where the message originated from is unimportant, the key is what URL is the message advertising, the score was based on Jeremy's signature. SURBL rocks. If could only have one anti-spam tool, it would be SURBL. http://www.surbl.org/ DAve -- Dave Goodrich Systems Administrator http://www.tls.net Get rid of Unwanted Emails...get TLS Spam Blocker!
Re: [vchkpw] OT: How to make Qmail bounce only headers
All i have found, is a way to trim the bounces at certain number of bytes. It would make much more sense to bounce only headers. If i put the limit in bytes, say 2048, it is theoretically possible that headers are longer than that. And if they are less, the bounce includes an arbitrary number of bytes from the mail that server no use. It would be much more elegant to say: "--- Below this line are the headers of the message." and return only the headers. But, alas, i havent found a patch like that. And im not a programmer. cheers. Kristofer I am using spamcontrol http://www.fehcom.de/qmail/spamcontrol.html It is ver powerfull collection patches. It has a bounce control very customizable and work with vpopmail. On Thursday 03 March 2005 07:58 am, [EMAIL PROTECTED] wrote: Hi, thi is slightly offtopic of course, but: can i bounce only the headers of a rejected message? Right now qmail+vpopmail bounces the whole thing. It seems kinda pointless to bounce several megabytes of mail jus to say "the user ... is over quota" cheers. Kristofer
[vchkpw] Forward+Copyself bypasses quota ?
Hi, It seems that if a user has a forward and a copy to self in his .qmail file as Qmailadmin makes it, he will get no warning on 90% full and the mail bypasses quota. It is delivered nicely in his mailbox. I can bounce the message with CHKUSER though (CHKUSER_MBXQUOTA). My vpopmail is 5.4.8 Can anyone verify? cheers, Kristofer
Re: [vchkpw] autoresponder supposed to cause message loss?
- Original Message - From: "Tom Collins" <[EMAIL PROTECTED]> > On Nov 23, 2004, at 11:01 AM, David Hubbard wrote: > > In a vpopmail 5.4.6 site with autoresponder 2.0.4, > > the behavior we're seeing is that when a user > > sets a vacation message, vpopmail sets up the autoresponder > > with a 3 messages per day limit. The .qmail file it > > creates for that person has autoresponder on the first > > line and then the Maildir delivery statement on the > > second. What we're seeing is that after the messages > > from a given address exceed three, the autoresopnder > > no longer mails, as expected, but the messages are no > > longer delivered to the Maildir either, and the sender > > is not notified. > David, > > The newly released QmailAdmin 1.2.5 corrects this problem. When > creating a vacation responder, it will put the Maildir delivery first > in the .qmail file, and then call autorespond. I dont think that changing the order of the .qmail file is sufficient, because looking at the autorespond.c there are situations where the incoming mail will be bounced back to sender. (For example if the sender is a mailing list). The bouncing behaviour is correct for when autorespond.c is running as an autoresponder, but it not correct for when it is running as a vacation responder. I have opened a ticket on qmailadmin sourceforge site regarding this issue (1156347). What I believe is required is : * we make a copy the autoresponder.c and call it vacation.c * Edit vacation.c and tweak the exit codes appropriately (Jeremy Kitchen has already posted about this - look at the patches section ticket 808962) * Modify qmailadmin so that when writing .qmail files for robots we call autorespond binary, and when writing .qmail files for vacation we call the vacation binary. Michael.
Re: [vchkpw] How to get local mail?
On Mar 3, 2005, at 2:20 PM, Dave Goodrich wrote: I have several scripts that output data from my mail servers and I just add a .qmail-? file to /var/qmail/alias. I had an odd situation where this wasn't working for the output of some cron jobs. Instead of a .qmail-fred in ~alias, I had to put the forwarding address in ~fred/.qmail. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] Spamassin configuration
> How many messages come into a server for multiple recipients in the > same domain? I guess if someone was mailing multiple people at the > same company, it would happen. But with most mailing lists using > custom bounce messages for each recipient, they wouldn't be affected. > > How about the spammers who email 100's of random usernames in a domain, > hoping to hit valid addresses? The 4xx response would at least slow > them down (and even stop them if their spam programs don't retry 4xx > responses). We actually see a fair amount of messages come in for multiple valid users under one domain. They're usually messages of the style "meeting at lunch" and similar things, sent from some office manager to several staffers. These are sometimes sent from home accounts (users don't have the best email practices...). Maybe it would be best to defer the messages after some number of recipients? Something like accepting the first 5 or 10, the 4xx responses for anything after that? I think I've only ever seen maybe two or three *valid* messages with hundreds of recipients -- most of the valid messages with multiple recipients seem to have less than about 10 recipients. -Bill * Waveform Technology UNIX Systems Administrator
Re: [vchkpw] How to get local mail?
Alejandro Aguilar Sierra wrote: Hello: After years of using vpopmail I feel this question a bit stupid, but there should be a better way to do it. I have configured vpopmail to use only virtual accounts. How do I do to get internal local mail in the operators accounts? Or I can redirect those mails (comming usually from internal applications) to virtual e-mail account? I have several scripts that output data from my mail servers and I just add a .qmail-? file to /var/qmail/alias. For example I have [EMAIL PROTECTED] in the following, /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon and [EMAIL PROTECTED] in, /var/qmail/alias/.qmail-nagios /var/qmail/alias/.qmail-mrtg Works for me. DAve -- Dave Goodrich Systems Administrator http://www.tls.net Get rid of Unwanted Emails...get TLS Spam Blocker!
Re: [vchkpw] Inter7 listed in SORBS and SpamHaus?
On Thursday 03 March 2005 11:57 am, Dave Goodrich wrote: > http://www.rulesemporium.com/cgi-bin/uribl.cgi?domain0=64.119.194.44;bl0=0 > > Snipped from my spamassassin report. I found a message from Jeremy > Kitchen my spam folder. > > Content analysis details: (5.0 points, 4.0 required) > > pts rule name description > -- > -- > 0.1 FORGED_RCVD_HELO Received: contains a forged HELO probably due to the fact that our HELO is 'mail.inter7.com' but our reverse dns is adsl-68-78-194-78.dsl.rcfril.ameritech.net > 5.0 URIBL_SBL Contains an URL listed in the SBL blocklist > [URIs: inter7.com] the server that inter7.com's website is listed on spamhaus (not due to us, I assure you) -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] pgpEKS7zEPPH8.pgp Description: PGP signature
Re: [vchkpw] Inter7 listed in SORBS and SpamHaus?
> http://www.rulesemporium.com/cgi-bin/uribl.cgi?domain0=64.119.194.44;bl0=0 > > Snipped from my spamassassin report. I found a message from Jeremy > Kitchen my spam folder. [snip] That's not inter7's IP, at least not the one the list comes from. My headers from your message show inter7 sent their message from 68.78.194.78, which is in an ameritech.net (now SBC) DSL block. The IP you list most certainly *is* listed, but ARIN says it's Iway broadband: [EMAIL PROTECTED] ~]$whois 64.119.194.44 [Querying whois.arin.net] [whois.arin.net] OrgName:iWay Broadband, Inc. OrgID: IWBB Address:6885 Flanders Drive Address:Suite G City: San Diego StateProv: CA PostalCode: 92121 Country:US Maybe there is some forging going on? Or possibly you got a misdirected bounce from somewhere? I see a spam score of -1.9 or so for this list, and no blacklist listings. -Bill * Waveform Technology UNIX Systems Administrator
Re: [vchkpw] Spamassin configuration
On Mar 3, 2005, at 8:54 AM, Nick Harring wrote: No, it wouldn't require this. It would require that you edit the recipient list prior to queueing. There's nothing 'ugly' that I can see about that process. I think Nick's method would work for those who want to block anything that scores as spam but not modify message headers. For others, like myself, who want to block at 10+ but tag as spam anything with 5+, it will not work. In my case, each user would need their own, custom copy of the email with the headers (and possible rewritten message) based on their personal scoring configuration. I kind of like my original idea though, but would want to collect some stats before implementing it. My idea is pretty simple -- for non-relay hosts, after the first RCPT TO is accepted, reply to all additional RCPT TO requests with a 4xx result. How many messages come into a server for multiple recipients in the same domain? I guess if someone was mailing multiple people at the same company, it would happen. But with most mailing lists using custom bounce messages for each recipient, they wouldn't be affected. How about the spammers who email 100's of random usernames in a domain, hoping to hit valid addresses? The 4xx response would at least slow them down (and even stop them if their spam programs don't retry 4xx responses). The biggest downside I can see is if someone sends a large email (say with a file attached) to multiple people in one domain, then sending server will have to push it through multiple times. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
[vchkpw] How to get local mail?
Hello: After years of using vpopmail I feel this question a bit stupid, but there should be a better way to do it. I have configured vpopmail to use only virtual accounts. How do I do to get internal local mail in the operators accounts? Or I can redirect those mails (comming usually from internal applications) to virtual e-mail account? Thanks for any hint. Alejandro
[vchkpw] Inter7 listed in SORBS and SpamHaus?
http://www.rulesemporium.com/cgi-bin/uribl.cgi?domain0=64.119.194.44;bl0=0 Snipped from my spamassassin report. I found a message from Jeremy Kitchen my spam folder. Content analysis details: (5.0 points, 4.0 required) pts rule name description -- -- 0.1 FORGED_RCVD_HELO Received: contains a forged HELO 5.0 URIBL_SBL Contains an URL listed in the SBL blocklist [URIs: inter7.com] -- Dave Goodrich Systems Administrator http://www.tls.net Get rid of Unwanted Emails...get TLS Spam Blocker!
Re: [vchkpw] Spamassin configuration
On Thursday 03 March 2005 10:54 am, Nick Harring wrote: > I attempted to use the archive of the simscan list, and found one > discussion which ended with the abrupt declaration from you that it > couldn't be done. Perhaps you could point me at a thread where there's > real discussion of this? I will find this for you. > Also, would it be more effective if I simply submitted a simscan patch > which implemented the functionality I'm talking about, to show it can be > done (or to learn it can't) rather than discussing how it could? sure. It won't get added to simscan (unless you've thought of some way to do it that I have not, that isn't mind-numbingly stupid), but feel free to submit a patch. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] pgpB3ORmVmvJZ.pgp Description: PGP signature
Re: [vchkpw] spamassassin development was spamassassin configuration
Dave Goodrich wrote: Ken Jones wrote: "Charles J. Boening" <[EMAIL PROTECTED]> said I also think spamc options should be stored in the same place. Currently the spamc options can be set on the configure line. We thought that would be a good place since the spamc options are site wide. I think all the user preference options are stored in each user_prefs directory. So you would have one set of args to spamc? Something like /usr/local/bin/spamc -s 25000 -f -d 10.0.240.253 -p 1783 -u [EMAIL PROTECTED] This is how we currently do it, with the users prefs stored in SQL so users can adjust their own score, set whitelists and blacklists, etc. vdelivermail would call spamc. Personally, I don't think we should offer the ability to call Spamassassin directly. It's just not as efficient. I think when people talked about calling spamassassin they meant calling spamc to talk to spamassassin. At least, that's how the development code works now. Maybe the spamc functionality could be compiled right into vdelivermail so no forking is necessary. That would be slick! Depends on how much of a moving target spamc code is. If it just is a socket write/read type of thing then it might be a good idea. Anyone feel like reviewing spamc.c? spamc has been pretty stable since 2.63. I've run spamc on my toasters unchanged after two upgrades to spamd on my backend without a problem. spamc has the option of using tcp instead of sockets. This was our choice as it allows connecting to either a local spamd or a remote spamd. If I knew C better I'd review it, but I wouldn't trust my judgment. I can see where having spamc built in would be nice, but it could get complicated quickly. I'm moving more in favor of just letting vdelivermail check for spam headers and deliver appropriately. Given a conf line in the domain limits file you could set what spam headers to look for. (This would allow for changes to SpamAssassin's header format. The headers have changed, and many people customise them, *they* would be your moving target.) By making the spam headers a user definable string, you also allow spam tools other than SpamAssassin to be used. The more I think about this the more I like it. By limiting vdelivermail to only filtering on delivery, and allowing a user defined string in the domain limits file, there are many possibilities. Using a simple "string" equals action format you could filter as such, # spam caught by MailScanner on a mail gateway "X-TLS.net-MailScanner-SpamCheck: spam" .SPAM # spam caught by spamc on a local machine "X-Spam-Status: yes" .SPAM # virus caught by MailScanner on a AV gateway "X-TLS.net-MailScanner: Infected" [EMAIL PROTECTED] Call what ever spam filter you like in your dot-qmail file, or using a smtp level scanner like qscan, or even having the scanning happen on another server altogether. As long as you can define what the headers will look like you can filter/forward as you like. DAve -- Dave Goodrich Systems Administrator http://www.tls.net Get rid of Unwanted Emails...get TLS Spam Blocker!
RE: [vchkpw] spamassassin development was spamassassin configuration
> > vdelivermail would call spamc. > > Personally, I don't think we should offer the ability to call > > Spamassassin directly. It's just not as efficient. > I think when people talked about calling spamassassin they > meant calling spamc to talk to spamassassin. At least, that's > how the development code works now. If it can be done, I'd say put the spamc options as a line in the domainlimits file. It would be more flexible that way. That way it's domain specific and not system specific. Charlie > -Original Message- > From: Ken Jones [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 03, 2005 7:19 AM > To: vchkpw@inter7.com > Subject: [vchkpw] spamassassin development was spamassassin > configuration > > > "Charles J. Boening" <[EMAIL PROTECTED]> said So let me see if I can > > summarize where this might be going. A lot has been talked > about on > > this topic. > > > > Use the pw_uid/pw_gid to check and see if a user wants their mail > > filtered. I'd also suggest setting another bit for > delivery. So we'd > > have a bit that says scan for spam > That code is already in the development branch and well tested. > > > and a bit that says deliver to domain default spam folder (.SPAM or > > whatever) or not. > Sounds good. > > > This would handle both > > the problem of if the user wants their mail scanned and the > > disposition of the scanned mail. > Yep. > > > The user's only options for tagged spam are to > > deliver to inbox so they can filter or deliver to a > predetermined spam > > container that the domain administrator specifies. > I agree. > > > vdelivermail would pull the delivery location for spam from > it's command > > line or from the domain limits file. > I'd rather put it in the domain limits file. Either option > would effect an > entire domain and we already have the domain limits method. > It's a good > place to add new options. > > > I also think spamc options should > > be stored in the same place. > Currently the spamc options can be set on the configure line. > We thought that would be a good place since the spamc options > are site wide. I think all the user preference options are stored > in each user_prefs directory. > > > vdelivermail would call spamc. > > Personally, I don't think we should offer the ability to call > > Spamassassin directly. It's just not as efficient. > I think when people talked about calling spamassassin they > meant calling spamc to talk to spamassassin. At least, that's > how the development code works now. > > > Maybe the spamc > > functionality could be compiled right into vdelivermail so > no forking is > > necessary. That would be slick! > Depends on how much of a moving target spamc code is. If it just > is a socket write/read type of thing then it might be a good idea. > Anyone feel like reviewing spamc.c? > > > Sound about right? Have I missed anything? > Nice summary! > > New configure options? > --enable-spamassassin > enables both spamc and spamfolder processing > this is already in the development branch > > --enable-spamdir = "relative directory for spam folder" > to override the default spam directory location > > Ken Jones > >
Re: [vchkpw] OT: How to make Qmail bounce only headers
Hi Kristofer I am using spamcontrol http://www.fehcom.de/qmail/spamcontrol.html It is ver powerfull collection patches. It has a bounce control very customizable and work with vpopmail. On Thursday 03 March 2005 07:58 am, [EMAIL PROTECTED] wrote: > Hi, > > thi is slightly offtopic of course, but: > > can i bounce only the headers of a rejected message? Right now > qmail+vpopmail bounces the whole thing. It seems kinda pointless to > bounce several megabytes of mail jus to say "the user ... is over quota" > > cheers. > Kristofer -- Juan Enciso Condeña Área de Operaciones Qnet Soluciones Tecnológicas Av. Paseo de la República 4675 - Lima 34 Telf: (511) 241-4122 Anexo 2244 Fax: (511) 446-8135 www.qnet.com.pe
Re: [vchkpw] spamassassin development was spamassassin configuration
Ken Jones wrote: "Charles J. Boening" <[EMAIL PROTECTED]> said I also think spamc options should be stored in the same place. Currently the spamc options can be set on the configure line. We thought that would be a good place since the spamc options are site wide. I think all the user preference options are stored in each user_prefs directory. So you would have one set of args to spamc? Something like /usr/local/bin/spamc -s 25000 -f -d 10.0.240.253 -p 1783 -u [EMAIL PROTECTED] This is how we currently do it, with the users prefs stored in SQL so users can adjust their own score, set whitelists and blacklists, etc. vdelivermail would call spamc. Personally, I don't think we should offer the ability to call Spamassassin directly. It's just not as efficient. I think when people talked about calling spamassassin they meant calling spamc to talk to spamassassin. At least, that's how the development code works now. Maybe the spamc functionality could be compiled right into vdelivermail so no forking is necessary. That would be slick! Depends on how much of a moving target spamc code is. If it just is a socket write/read type of thing then it might be a good idea. Anyone feel like reviewing spamc.c? spamc has been pretty stable since 2.63. I've run spamc on my toasters unchanged after two upgrades to spamd on my backend without a problem. spamc has the option of using tcp instead of sockets. This was our choice as it allows connecting to either a local spamd or a remote spamd. If I knew C better I'd review it, but I wouldn't trust my judgment. I can see where having spamc built in would be nice, but it could get complicated quickly. I'm moving more in favor of just letting vdelivermail check for spam headers and deliver appropriately. Given a conf line in the domain limits file you could set what spam headers to look for. (This would allow for changes to SpamAssassin's header format. The headers have changed, and many people customise them, *they* would be your moving target.) By making the spam headers a user definable string, you also allow spam tools other than SpamAssassin to be used. DAve -- Dave Goodrich Systems Administrator http://www.tls.net Get rid of Unwanted Emails...get TLS Spam Blocker!
RE: [vchkpw] Spamassin configuration
> > > > Simscan isn't replacing qmail-smtpd, so this isn't strictly an smtp > > limitation. Perhaps I'm just not getting it, but why wouldn't the > > following work: > > Email comes in for users A, B and C. A and B have an SA threshold of 5, > > C has a threshold of 9. The message scores at 7. Delete A and B from the > > recipient list when queueing the message, and tell qmail-smtpd to accept > > the message since at least one recipient will be receiving the message. > > Since the other two users consider it spam, they don't really care what > > the remote side thinks. Other scenarios are just as easy to work through > > in a way that'd work. > > that would require queueing multiple messages from the same SMTP > conversation. > > what happens if on the 49th recipient of a 50 recipient message, the > queueing > fails? Your 'solution' is ugly, and simply will not work. > No, it wouldn't require this. It would require that you edit the recipient list prior to queueing. There's nothing 'ugly' that I can see about that process. > > yes, and again this has all been discussed on the simscan mailing list. > Please read the several threads there, paying close attention to my posts. > I > cover most of these issues in detail. > > -Jeremy I attempted to use the archive of the simscan list, and found one discussion which ended with the abrupt declaration from you that it couldn't be done. Perhaps you could point me at a thread where there's real discussion of this? Also, would it be more effective if I simply submitted a simscan patch which implemented the functionality I'm talking about, to show it can be done (or to learn it can't) rather than discussing how it could? Nick Harring Sr. System Administrator Parus Interactive
Re: [vchkpw] spamassassin development was spamassassin configuration
>> This would handle both >> the problem of if the user wants their mail scanned and the disposition >> of the scanned mail. > Yep. If using SQL settings for Spamassassin, the user could also whitelist all senders to avoid spam processing. >> I also think spamc options should >> be stored in the same place. > Currently the spamc options can be set on the configure line. > We thought that would be a good place since the spamc options > are site wide. I think all the user preference options are stored > in each user_prefs directory. User prefs can also be in SQL, which is more flexible for larger sites. There's a lot of info on this here: http://wiki.apache.org/spamassassin/UsingSQL >> Maybe the spamc >> functionality could be compiled right into vdelivermail so no forking is >> necessary. That would be slick! > Depends on how much of a moving target spamc code is. If it just > is a socket write/read type of thing then it might be a good idea. > Anyone feel like reviewing spamc.c? My experience with Spamassassin is that it changes rather a lot. The last time I upgraded it I had to rewrite a lot of the config due to changes in syntax and directives. I'm not sure of the innards of the code itself though... > New configure options? > --enable-spamassassin > enables both spamc and spamfolder processing > this is already in the development branch I'd like to see the ability to enable spamfolder processing without calling spamc directly, since we have front-end machines to offload the spam processing and have a seperate server that handles delivery to the individual maildirs. Were you planning on just filtering based on the spam/ham output from spamc, or by using the headers spamassassin inserts in the message, or maybe some combination? -Bill * Waveform Technology UNIX Systems Administrator
Re: [vchkpw] Spamassin configuration
On Thursday 03 March 2005 08:59 am, Nick Harring wrote: > > > > > I don't think vdelivermail or vpopmail in general should be > > calling > > > > > > spamc/spamassassin. Let that be handled elsewhere. Let's stick > > to > > > > > > delivering mail and deciding where it goes. > > > > > > > > However, lets remember that if spam is only scanned at the MTA > > level, > > > > > SpamAssassin user preferences will not function if the e-mail is > > > > addressed to more than one sender. Scanning in vdelivermail, at > > the > > > > MDA > > > > > > > level, does not have this restriction. For that reason I still > > think > > > > > there is value in scanning in vdelivermail. > > > > > > Obviously this is a current limitation in simscan > > > > no, it's a limitation in how SMTP works. This has been discussed on > > the > > > simscan mailing list several times, please read my posts there. > > Simscan isn't replacing qmail-smtpd, so this isn't strictly an smtp > limitation. Perhaps I'm just not getting it, but why wouldn't the > following work: > Email comes in for users A, B and C. A and B have an SA threshold of 5, > C has a threshold of 9. The message scores at 7. Delete A and B from the > recipient list when queueing the message, and tell qmail-smtpd to accept > the message since at least one recipient will be receiving the message. > Since the other two users consider it spam, they don't really care what > the remote side thinks. Other scenarios are just as easy to work through > in a way that'd work. that would require queueing multiple messages from the same SMTP conversation. what happens if on the 49th recipient of a 50 recipient message, the queueing fails? Your 'solution' is ugly, and simply will not work. > I know people think that it makes some huge difference in their spam > receipt levels whether they reject spam during smtp or not, however I've > not seen anybody actually try and prove it, so until then I'm skeptical. > > I would really like to be able to use this solution, but using server > defaults or the first users preferences are just flat out wrong ways of > handling email. unfortunately, when scanning at the SMTP level, that's all you have. If you want per-user filtering preferences, scan at delivery time. Simple as that. > They're not only wrong conceptually, but are a huge > breach of the users trust. They setup custom settings with the > understanding those settings would be used. yes, and again this has all been discussed on the simscan mailing list. Please read the several threads there, paying close attention to my posts. I cover most of these issues in detail. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] pgpDM9LOiJNEU.pgp Description: PGP signature
[vchkpw] spamassassin development was spamassassin configuration
> "Charles J. Boening" <[EMAIL PROTECTED]> said > So let me see if I can summarize where this might be going. A lot has > been talked about on this topic. > > Use the pw_uid/pw_gid to check and see if a user wants their mail > filtered. I'd also suggest setting another bit for delivery. So we'd > have a bit that says scan for spam That code is already in the development branch and well tested. > and a bit that says deliver to domain > default spam folder (.SPAM or whatever) or not. Sounds good. > This would handle both > the problem of if the user wants their mail scanned and the disposition > of the scanned mail. Yep. > The user's only options for tagged spam are to > deliver to inbox so they can filter or deliver to a predetermined spam > container that the domain administrator specifies. I agree. > vdelivermail would pull the delivery location for spam from it's command > line or from the domain limits file. I'd rather put it in the domain limits file. Either option would effect an entire domain and we already have the domain limits method. It's a good place to add new options. > I also think spamc options should > be stored in the same place. Currently the spamc options can be set on the configure line. We thought that would be a good place since the spamc options are site wide. I think all the user preference options are stored in each user_prefs directory. > vdelivermail would call spamc. > Personally, I don't think we should offer the ability to call > Spamassassin directly. It's just not as efficient. I think when people talked about calling spamassassin they meant calling spamc to talk to spamassassin. At least, that's how the development code works now. > Maybe the spamc > functionality could be compiled right into vdelivermail so no forking is > necessary. That would be slick! Depends on how much of a moving target spamc code is. If it just is a socket write/read type of thing then it might be a good idea. Anyone feel like reviewing spamc.c? > Sound about right? Have I missed anything? Nice summary! New configure options? --enable-spamassassin enables both spamc and spamfolder processing this is already in the development branch --enable-spamdir = "relative directory for spam folder" to override the default spam directory location Ken Jones
RE: [vchkpw] Spamassin configuration
> > > > I don't think vdelivermail or vpopmail in general should be calling > > > > spamc/spamassassin. Let that be handled elsewhere. Let's stick to > > > > delivering mail and deciding where it goes. > > > > > > However, lets remember that if spam is only scanned at the MTA level, > > > SpamAssassin user preferences will not function if the e-mail is > > > addressed to more than one sender. Scanning in vdelivermail, at the > > > > MDA > > > > > level, does not have this restriction. For that reason I still think > > > there is value in scanning in vdelivermail. > > > Obviously this is a current limitation in simscan > > no, it's a limitation in how SMTP works. This has been discussed on the > simscan mailing list several times, please read my posts there. > Simscan isn't replacing qmail-smtpd, so this isn't strictly an smtp limitation. Perhaps I'm just not getting it, but why wouldn't the following work: Email comes in for users A, B and C. A and B have an SA threshold of 5, C has a threshold of 9. The message scores at 7. Delete A and B from the recipient list when queueing the message, and tell qmail-smtpd to accept the message since at least one recipient will be receiving the message. Since the other two users consider it spam, they don't really care what the remote side thinks. Other scenarios are just as easy to work through in a way that'd work. I know people think that it makes some huge difference in their spam receipt levels whether they reject spam during smtp or not, however I've not seen anybody actually try and prove it, so until then I'm skeptical. I would really like to be able to use this solution, but using server defaults or the first users preferences are just flat out wrong ways of handling email. They're not only wrong conceptually, but are a huge breach of the users trust. They setup custom settings with the understanding those settings would be used. Nick Harring Sr. System Administrator Parus Interactive
Re: [vchkpw] OT: How to make Qmail bounce only headers
On 3/3/2005 1:58 PM +0100, [EMAIL PROTECTED] wrote: Hi, thi is slightly offtopic of course, but: can i bounce only the headers of a rejected message? Right now qmail+vpopmail bounces the whole thing. It seems kinda pointless to bounce several megabytes of mail jus to say "the user ... is over quota" http://www.google.com/search?q=qmail+bounce+trim Niek -- Use plain text: http://www.geoapps.com/nomime.shtml Learn to quote:http://www.netmeister.org/news/learn2quote2.html Avoid disclaimers: http://www.goldmark.org/jeff/stupid-disclaimers
[vchkpw] OT: How to make Qmail bounce only headers
Hi, thi is slightly offtopic of course, but: can i bounce only the headers of a rejected message? Right now qmail+vpopmail bounces the whole thing. It seems kinda pointless to bounce several megabytes of mail jus to say "the user ... is over quota" cheers. Kristofer