[vchkpw] [vpopmail] handle 'postmaster' as non existing user (reject mails)
We only need this mailbox for »qmailadmin« to log in. Is it possible to treat this account as non existing? I've tried a domain-global '.qmail-postmaster' (... bounce-no-mailbox) and a '.qmail' (same content) inside the folder 'postmaster' but nothing worked. regards Lars
[vchkpw] .Qmail files
I am running dspam and am currently calling it from the .qmail-default file for each domain. Is there a way to modify the .qmail-default file when adding/modify a domain to add my dspam line to these files? If this is possible is there a way that I can add that line to ALL .qmail files that get created (in case they set a forward which then uses their own .qmail file and not the .qmail-default)? Thanks in advance! Roy Wills Operations manager Cameron Data Services, Inc. www.camerondata.com Office - 770-271-4538
Re: [vchkpw] [vpopmail] handle 'postmaster' as non existing user (reject mails)
Easiest thing to do is add a .qmail file in the postmaster directory stating '|/bin/true delete' to scrap the message [just sets it as deleted by default].Now I'd imagine the main frontline you'd want to investigate is chkuser.c if you use it. By line 567, it's got a user and domain split. Under case 10, it actually does the user check, so just have it test the user for 'postmaster' and return a failed 'user does not exist'.I'd point you to the RFCs that state that the postmaster must exist and should accept mail, but since you're asking, you probably don't really mind.-MLars Uhlmann [EMAIL PROTECTED] wrote: We only need this mailbox for �qmailadmin� to log in. Is it possible totreat this account as non existing? I've tried a domain-global'.qmail-postmaster' (... bounce-no-mailbox) and a '.qmail' (same content)inside the folder 'postmaster' but nothing worked.regards Lars
Re: [vchkpw] [vpopmail] handle 'postmaster' as non existing user (reject mails)
Lars Uhlmann wrote: We only need this mailbox for »qmailadmin« to log in. Is it possible to treat this account as non existing? I've tried a domain-global '.qmail-postmaster' (... bounce-no-mailbox) and a '.qmail' (same content) inside the folder 'postmaster' but nothing worked. regards Lars Create a .qmail-postmaster file with the same permissions and ownership and in the same directory as the .qmail-default file. Then put a single # character in the file. qmail-local treats a single # charater as delete the email. It is probably the most efficent way, since vdelivermail does not need to be envoked. I've been thinking of setting up all new domains with this way. Nobody really reads postmaster email. Ken Jones
Re: [vchkpw] [vpopmail] handle 'postmaster' as non existing user (reject mails)
On May 9, 2006, at 7:56 AM, Ken Jones wrote: Then put a single # character in the file. qmail-local treats a single # charater as delete the email. If you want to bounce it, put this in instead: |/var/qmail/bin/bouncesaying 'invalid account' You can change the 'invalid account' message to anything you'd like. You could even put something like 'if you really need to contact someone, email usenet at lars-uhlmann.de'. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Re: [vchkpw] [vpopmail] handle 'postmaster' as non existing user (reject mails)
At 16.47 09/05/2006, you wrote: Easiest thing to do is add a .qmail file in the postmaster directory stating '|/bin/true delete' to scrap the message [just sets it as deleted by default]. Now I'd imagine the main frontline you'd want to investigate is chkuser.c if you use it. By line 567, it's got a user and domain split. Under case 10, it actually does the user check, so just have it test the user for 'postmaster' and return a failed 'user does not exist'. It could be more easy to set the BOUNCE_FLAG on for each postmaster, and message will be rejected. Tonino
[vchkpw] Footer txt message
How I can insert footer txt message to all outgoing mail message? Thanks. D.
Re: [vchkpw] [vpopmail] handle 'postmaster' as non existing user (reject mails)
Ken Jones [EMAIL PROTECTED] wrote:I've been thinking of setting up all new domains with thisway. Nobody really reads postmaster email.I do see the occasional person who does, but it's rare. I like the 'set the bounce flag' idea suggested in this thread. Postmaster should have the bounce message flag set, so that it's not even accepted by chkuser at the smtp level, as opposed to accepting the mail and then bouncing it.the code in chkuser is: if (user_passwd-pw_gid BOUNCE_MAIL), so it seems to take it into account.Personally I wouldn't worry about running vdelivermail. If it's set with a bounce_mail flag as in chkuser (which I'd guess most people use) then it'll never run vdelivermail anyway, and any locally inserted mail would have the extra vdelivermail execution- but that'll be rare if ever.-M
[vchkpw] Re: [vpopmail] handle 'postmaster' as non existing user (reject mails)
On Tue, 09 May 2006 10:47:30 -0400, Michael Krieger wrote: I'd point you to the RFCs that state that the postmaster must exist and should accept mail, but since you're asking, you probably don't really mind. You're right but I think RFC822 should be worked over. Problems with UBE and SPAM were 1982 not even theoretically existing. I'd like it better this way: I have several domains with the same MX RR(s). The domain the MX host(s) belong to has a case insensitiv 'postmaster' mailbox. It is filtered for SPAM/Viruses (rejected with a meaningful message) and checked once a day. Most if not all problems the appropriate clause in RFC822 is defined for are technical by nature. For all other concerns this account can help too. regards Lars
Re: [vchkpw] Corrupt return-path help? [OT]
Have the same thing with a message with a CTRL-Z in the from/reply-to line. it's fine as a local delivery, but since forwards even within the same domain go in [EMAIL PROTECTED] then it gets called with qmail-inject. From: "Eva Andrews" )^Z X-Mailer: The Bat! (v2.00.9) Business Reply-To: "Eva Andrews" )^Zqmail-inject:_fatal:_unable_to_parse_this_line:/From:_"Eva_Andrews"_)_/user_does_not_exist,_but_will_deliver_to_/home/vpopmail/domains/domain.ca/bob//system_error/I don't think this is directly linked to the previous malformed e-mail that had no Return-Path but instead had Return-Path: Received, as this has a ^Z in the mail from whereas the e-mail before seemed to have normal characters... unless it's all-round the use of qmail-inject as Jeremy suggests.-M
Re: [vchkpw] Corrupt return-path help? [OT]
On Tuesday 09 May 2006 12:44, Michael Krieger wrote: I don't think this is directly linked to the previous malformed e-mail that had no Return-Path but instead had Return-Path: Received, as this has a ^Z in the mail from whereas the e-mail before seemed to have normal characters... unless it's all-round the use of qmail-inject as Jeremy suggests. the problem is that vpopmail is using qmail-inject to forward messages. qmail-inject does not tolerate malformed messages. it's that simple. -Jeremy -- Jeremy Kitchen ++ [EMAIL PROTECTED] http://ipaction.org/ -- defend your rights to fair use pgpb0ZpTFax1W.pgp Description: PGP signature
[vchkpw] Crash in qmailadmin 1.2.10/vpopmail 5.4.16 adding first forward
Seems there's a crash in qmailadmin/vpopmail still when adding only the first forward in a domain. The second works fine, but deleting the first and recreating it even shows an internal server error.I'll have another look at the source, but I think there's still some bugs left to squash.-M
[vchkpw] Re: [vpopmail] handle 'postmaster' as non existing user (reject mails)
On Tue, 09 May 2006 17:18:15 +0200, tonix (Antonio Nati) wrote: Now I'd imagine the main frontline you'd want to investigate is chkuser.c if you use it. By line 567, it's got a user and domain split. Under case 10, it actually does the user check, so just have it test the user for 'postmaster' and return a failed 'user does not exist'. It could be more easy to set the BOUNCE_FLAG on for each postmaster, and message will be rejected. That's it! Shame on me. ;) $ vmoduser -v ,- | version: 5.4.10 | vmoduser: usage: [options] email_addr or domain (for each user in domain) | ... | the following options are bit flags in the gid int field ... | ... | -b ( bounce all mail ) | ... `- It was too easy to find out. ;) regards Lars
[vchkpw] Vpopmail With Only One Domain and POP Logins
I'm migrating a client's mail server to a qmail+vpopmail setup following the directions at http://www.shupp.org/toaster . They had a qmail+system-level-account setup before. My question: since this is the only domain that will be on the box, is there a way to allow the users to login as just their login name as opposed to complete email address? This would make the migration tons easier since I wouldn't have to go to every user's machine (over a hundred) and walk them through changing the client settings. If they could still be able to login as 'sallysue' instead of '[EMAIL PROTECTED]' there wouldn't need to be any changes on their end. Thanks! -ken schweigert
Re: [vchkpw] Crash in qmailadmin 1.2.10/vpopmail 5.4.16 adding first forward
Ken- a segfault patch against 5.4.16 is attached.Since mydir is static (and hence survives the function call), if max_names is null (which happens if there are no aliases on the domain), then mydir has been closed, but mydir is not set to NULL. Hence when it does a second itteration of the function as qmailadmin will, it will segfault since it's not null, yet is closed.See attached,I also attached my patch from earlier regarding forcing at least read/write permissions on the lock file, as I'm finding qmailadmin is creating them with no permissions (likely relating to a umask or something Debian related, so it's always best to force the permissions of the lock file).-MMichael Krieger [EMAIL PROTECTED] wrote: Seems there's a crash in qmailadmin/vpopmail still when adding only the first forward in a domain. The second works fine, but deleting the first and recreating it even shows an internal server error.I'll have another look at the source, but I think there's still some bugs left to squash.-M vpalias.segfault.crash.20060509.patch.gz Description: 3308966721-vpalias.segfault.crash.20060509.patch.gz vpopmail-5.4.16-lockperm.patch.gz Description: 3462119702-vpopmail-5.4.16-lockperm.patch.gz
Re: [vchkpw] Vpopmail With Only One Domain and POP Logins
You're looking for vipmap and the --enable-ip-alias-domain configure option: # --enable-ip-alias-domains # Enable mapping of default domain via reverse ip lookup table.See README.ipaliasdomains for more information in the vpopmail distribution.You want to add a record (vipmap -h for details) for your primary domain name to your IP address that they'll use to connect (or for each IP address) on your server.-MKen Schweigert [EMAIL PROTECTED] wrote: I'm migrating a client's mail server to a qmail+vpopmail setupfollowing the directions at http://www.shupp.org/toaster . They had aqmail+system-level-account setup before.My question: since this is the only domain that will be on the box,is there a way to allow the users to login as just their login name asopposed to complete email address? This would make the migration tonseasier since I wouldn't have to go to every user's machine (over ahundred) and walk them through changing the client settings. If theycould still be able to login as 'sallysue' instead of'[EMAIL PROTECTED]' there wouldn't need to be any changes on theirend.Thanks!-ken schweigert
Re: [vchkpw] Vpopmail With Only One Domain and POP Logins
On Tuesday 09 May 2006 14:01, Michael Krieger wrote: You're looking for vipmap and the --enable-ip-alias-domain configure option: # --enable-ip-alias-domains # Enable mapping of default domain via reverse ip lookup table. See README.ipaliasdomains for more information in the vpopmail distribution. You want to add a record (vipmap -h for details) for your primary domain name to your IP address that they'll use to connect (or for each IP address) on your server. way overkill for one domain. echo domain ~vpopmail/etc/defaultdomain -Jeremy -- Jeremy Kitchen ++ [EMAIL PROTECTED] http://ipaction.org/ -- defend your rights to fair use pgpWiE3ZAxrJC.pgp Description: PGP signature
Re: [vchkpw] Vpopmail With Only One Domain and POP Logins
Ken Schweigert wrote: I'm migrating a client's mail server to a qmail+vpopmail setup following the directions at http://www.shupp.org/toaster . They had a qmail+system-level-account setup before. My question: since this is the only domain that will be on the box, is there a way to allow the users to login as just their login name as opposed to complete email address? This would make the migration tons easier since I wouldn't have to go to every user's machine (over a hundred) and walk them through changing the client settings. If they could still be able to login as 'sallysue' instead of '[EMAIL PROTECTED]' there wouldn't need to be any changes on their end. Put the domain name in ~vpopmail/etc/defaultdomain. See the file UPGRADE.
Re: [vchkpw] Corrupt return-path help? [OT]
On May 9, 2006, at 12:57 PM, Jeremy Kitchen wrote: the problem is that vpopmail is using qmail-inject to forward messages. qmail-inject does not tolerate malformed messages. it's that simple. Any volunteers to review the code in vdelivermail.c and modify it to use qmail-queue instead of qmail-inject? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Re: [vchkpw] Crash in qmailadmin 1.2.10/vpopmail 5.4.16 adding first forward
On May 9, 2006, at 1:58 PM, Michael Krieger wrote: Ken- a segfault patch against 5.4.16 is attached. Since mydir is static (and hence survives the function call), if max_names is null (which happens if there are no aliases on the domain), then mydir has been closed, but mydir is not set to NULL. Hence when it does a second itteration of the function as qmailadmin will, it will segfault since it's not null, yet is closed. See attached, I also attached my patch from earlier regarding forcing at least read/write permissions on the lock file, as I'm finding qmailadmin is creating them with no permissions (likely relating to a umask or something Debian related, so it's always best to force the permissions of the lock file). I'll make sure these get into 5.4.17, and will consider a quick release after a week or so for any remaining bugs to be uncovered. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Re: [vchkpw] Vpopmail With Only One Domain and POP Logins
Ken Schweigert wrote: I'm migrating a client's mail server to a qmail+vpopmail setup following the directions at http://www.shupp.org/toaster . They had a qmail+system-level-account setup before. My question: since this is the only domain that will be on the box, is there a way to allow the users to login as just their login name as opposed to complete email address? This would make the migration tons easier since I wouldn't have to go to every user's machine (over a hundred) and walk them through changing the client settings. If they could still be able to login as 'sallysue' instead of '[EMAIL PROTECTED]' there wouldn't need to be any changes on their end. Thanks! -ken schweigert Hi, ~vpopmail/etc/defaultdomain Place the domain in question in that file. Regards, Rick
[vchkpw] maildir size w/ vpopmaild
I am developing an administration interface for vpopmail, and would like to know if any has succeeded to retrieve the current disk usage for a certain user or domain through vpopmaild. I know it's not possible through a regular command, but can one make read_file execute a shell script located on the vpopmaild server and return the results as if it had read a plain text file? This shouldn't be hard to achieve with a small patch to the vpopmaild source, but I'm not a secure C coder so I won't make an attempt on doing this myself and think I could use this on our primary server ;-) Regards -- Kim Christensen
Re: [vchkpw] Corrupt return-path help? [OT]
On May 9, 2006, at 12:57 PM, Jeremy Kitchen wrote: the problem is that vpopmail is using qmail-inject to forward messages. qmail-inject does not tolerate malformed messages. it's that simple. Any volunteers to review the code in vdelivermail.c and modify it to use qmail-queue instead of qmail-inject? Well, I just took a quick look at vdelivermail.c, and it may be simple to do. Unfortunately I don't have a system where I can really test it, but I'm willing to look at the code changes. It will also require a change to the configure system, which I have no real experience with, but short term you can specify qmail-queue for the qmail-inject path to take care of it. I'll see if I can whip up some code as a starting point and post it here shortly. Josh -- Joshua Megerman SJGames MIB #5273 - OGRE AI Testing Division You can't win; You can't break even; You can't even quit the game. - Layman's translation of the Laws of Thermodynamics [EMAIL PROTECTED]
Re: [vchkpw] vdelivermail qmail-queue ALPHA patch
On May 9, 2006, at 12:57 PM, Jeremy Kitchen wrote:
the problem is that vpopmail is using qmail-inject to forward messages.
qmail-inject does not tolerate malformed messages.
it's that simple.
Any volunteers to review the code in vdelivermail.c and modify it to
use qmail-queue instead of qmail-inject?
OK, here's a quick stab at a basic patch - I modified qmail_inject_open to
open qmail-queue appropriately (no args), and changed deliver_mail to talk
to it. I THINK :)
There's no bounds checking and so forth in here, there are a few places
where there really needs to be some extra code to make sure that the data
acquired is valid, but it's designed to be proof-of-concept. It compiles,
but that's all I can guarantee.
Use at your own risk, yada yada... Feel free to modify it as needed, I
have no ego attached to this code :)
OK, so I can't stand writing sloppy code :) Here's an updated version of
the patch that handles things a little better (albeit in a slightly more
complicated manner), and cleans up a couple remaining stragglers of the
changeover.
Josh
--
Joshua Megerman
SJGames MIB #5273 - OGRE AI Testing Division
You can't win; You can't break even; You can't even quit the game.
- Layman's translation of the Laws of Thermodynamics
[EMAIL PROTECTED]--- vdelivermail.c.orig 2006-05-09 17:35:00.0 -0400
+++ vdelivermail.c 2006-05-09 18:33:26.0 -0400
@@ -72,6 +72,7 @@
#define BUFF_SIZE 300
int fdm;
+int fde;
#define EXIT_BOUNCE 100
#define EXIT_DEFER 111
@@ -304,33 +305,41 @@
}
#endif
-/* Forks off qmail-inject. Returns PID of child, or 0 for failure. */
-pid_t qmail_inject_open(char *address)
+/* Forks off qmail-queue. Returns PID of child, or 0 for failure. */
+pid_t qmail_queue_open()
{
int pim[2];
+ int pie[2];
+
pid_t pid;
- static char *binqqargs[4];
+ static char *binqqargs[2];
if ( pipe(pim) == -1) return 0;
+if ( pipe(pie) == -1) return 0;
switch(pid=vfork()){
case -1:
close(pim[0]);
close(pim[1]);
+close(pie[0]);
+close(pie[1]);
printf (Unable to fork: %d., errno);
return 0;
case 0:
close(pim[1]);
+close(pie[1]);
if (vfd_move(0,pim[0]) == -1 ) _exit(-1);
+if (vfd_move(1,pie[0]) == -1 ) _exit(-1);
binqqargs[0] = QMAILINJECT;
-binqqargs[1] = --;
-binqqargs[2] = (*address == '' ? address[1] : address[0]);
+binqqargs[1] = 0;
execv(*binqqargs, binqqargs);
-printf (Unable to launch qmail-inject.);
+printf (Unable to launch qmail-queue.);
exit (EXIT_DEFER);/* child's exit caught later */
}
fdm = pim[1];
+fde = pie[1];
close(pim[0]);
+close(pie[0]);
return(pid);
}
@@ -628,10 +637,18 @@
char *dtline;
char *atpos;
int dtlen;
+ char *sender = 0;
+ char keychar[3] = FT;
+ char *envptrs[6] = { keychar, sender, keychar+2, keychar+1, address, keychar+2 };
+ int envlens[6] = { 1, 0, 1, 1, 0, 1 }; // sender and address get initialized later
+ int writestr;
if (*address=='') ++address; /* will this case ever happen? */
- inject_pid = qmail_inject_open(address);
- if (inject_pid == 0) vexiterr (EXIT_DEFER, system error, can't open qmail-inject);
+ envptrs[4] = address;
+ envlens[4] = strlen(address) + 1;
+
+ inject_pid = qmail_queue_open();
+ if (inject_pid == 0) vexiterr (EXIT_DEFER, system error, can't open qmail-queue);
/* use the DTLINE variable, but skip past the dash in
* [EMAIL PROTECTED]
@@ -665,13 +682,33 @@
}
if (fdcopy (fdm, 0, DeliveredTo, strlen(DeliveredTo)) != 0) {
- printf (write to qmail-inject failed: %d\n, errno);
+ printf (write to qmail-queue failed: %d\n, errno);
close(fdm);
+ close(fde);
waitpid(inject_pid,child,0);
vexiterr (EXIT_DEFER, system error);
}
+ if (!(sender = getenv(SENDER))) {
+ printf (unable to acquire SENDER from environment\n);
+ close(fdm);
+ close(fde);
+ vexiterr (EXIT_DEFER, system error);
+ }
+ envptrs[1] = sender;
+ envlens[1] = strlen(sender) + 1;
+
+ for (writestr = 0; writestr 6; writestr++) {
+if ((write(fde, (void *)envptrs[writestr], envlens[writestr])) != envlens[writestr]) {
+printf (write to qmail-queue failed: %d\n, errno);
+close(fdm);
+close(fde);
+vexiterr (EXIT_DEFER, system error);
+}
+ }
+
close(fdm);
+ close(fde);
waitpid(inject_pid,child,0);
if (wait_exitcode(child) == 0) return;
vexiterr (EXIT_DEFER, system error);
