Re: [vchkpw] vdelivermail patch in order to handle maildrop filtering capabilities

2006-10-27 Thread Jérôme MOLLIER-PIERRET 


Rick

Inserting maildrop into .qmail-default is a fine implementation solution 
 but this patch provide thoses advantages :


- Maildrop handle correctly the maildir quota (and in you mailfilter 
sample you should handle the exit codde 77).  But for example, this 
configuration will nevers bounce the quota-warn and over-quota message ...


- Imagine you use and admin tool like qmailadmin, you'll have to patch 
it to modify permanently the behavior of .qmail-default of the domain.


This patch let you use you mailfterfile in very simple way handling all 
specific case maildrop do, and the implementation is in our mind 
cleanest ... for many raison.


Hoping this feature help.

Regards,

Jerome MOLLIER-PIERRET

Rick Romero a écrit :

On Thu, 2006-10-26 at 12:39 -0400, John Simpson wrote:

On 2006-10-26, at 0359, Jérôme MOLLIER-PIERRET wrote:

John Simpson a écrit :
also, what if a user (i.e. the owner of one specific mailbox)  
wants to create their own .mailfilter file, either directly or  
using some kind of web interface which gives them a set of options  
and writes a .mailfilter file based on their choices? i would  
search for /home/vpopmail/domains/.mailfilter-userid before the  
file names you're already checking for.
This case is not implemented in the patch, and therefore because it  
is not simple to handle .qmail-* style for maildrop. But it  
should be very easy to do this in maildrop style in the main or  
referal .mailfilter file.


For the web interface, i agree ... it would be very nice. But there  
is lot of job to do before :)))
that's what i was thinking- at some point in the future, somebody  
(maybe myself, if i ever get some free time) (yeah, right) will want  
to write a web interface which gives individual mailbox owners the  
ability to either edit their own .mailfilter file, or choose from a  
list of options which will cause the web back-end to create or modify  
a per-mailbox .mailfilter file, maybe using some kind of templates to  
support each available option.


Horde has a module that allows for mailfiler file modification, but I
haven't looked into it.  It uses FTP to put it in the user's mailbox.
Also, There's an FTP Server called Pure-FTPd that can auth against
MySQL, and use that home folder as the user's FTP folder (this I've used
to give my mail users an FTP option) - so something is out there to
implement.  I just don't trust my users with, IMHO essentially, shell
access.

i just don't like seeing patches which lock out future possibilities.  
flexibility is a good thing.


other than that, your patch looks like a good idea.


I don't know what everyone else is doing, but my .qmail-default looks
like this:
|maildrop  /home/vpopmail/domains/havokmon.com/mailfilter
| /usr/home/vpopmail/bin/vdelivermail
'' /usr/home/vpopmail/domains/havokmon.com/rick

And my mailfiler is essentially:
SHELL=/bin/sh
VHOME=`/usr/local/vpopmail/bin/vuserinfo -d [EMAIL PROTECTED]

if (/^X-Spam-Status: Yes*/)
{

 # Delete messages with a score of 10 or higher, filter all other
# spam messages into a spam folder
/^X-Spam-Status: yes, (hits|score)=![:digit:]+\.[:digit:]+!.*/
if ( $MATCH2 = 10.0 )
{
exception {
 EXITCODE = 99
 to  /dev/null
 exit
}
}
else
{

# then try delivering it to a Spam folder
exception {
  EXITCODE = 99
  to $VHOME/Maildir/.Spam/
  exit
}
}
}
exit


I forget exactly what option does it - it's either the EXITCODE with
exit, and or the exception{} blocks, but my .qmail-default is processeed
entirely.  


It took a bit of searching to get that to work - it was a few years
ago...

Rick

Re: [vchkpw] vdelivermail patch in order to handle maildrop filtering capabilities

2006-10-27 Thread Rick Romero 
On Fri, 2006-10-27 at 09:42 +0200, Jérôme MOLLIER-PIERRET wrote:
 Rick
 
 Inserting maildrop into .qmail-default is a fine implementation solution 
   but this patch provide thoses advantages :
 
 - Maildrop handle correctly the maildir quota (and in you mailfilter 
 sample you should handle the exit codde 77).  But for example, this 
 configuration will nevers bounce the quota-warn and over-quota message ...
 
 - Imagine you use and admin tool like qmailadmin, you'll have to patch 
 it to modify permanently the behavior of .qmail-default of the domain.

Ahhh That's what I was missing - I wasn't sure what wasn't covered by
what I was doing.  Thanks. :)

Rick

[vchkpw] Qmail smtp oddity with vpopmail and chkuser

2006-10-27 Thread DAve 

Good morning,

I have been upgrading one of my toasters and ran into a problem. It 
seems that my MailScanner server keeps timing out trying to connect to 
this one toaster. Checking it via telnet from the MailScanner server 
shows this to be true, under an odd circumstance.


This works,
bash-2.05b# telnet 10.0.241.135 25
Trying 10.0.241.135...
Connected to ecluster5.
Escape character is '^]'.
220 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! ESMTP
helo avhost1
250 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED!
mail from [EMAIL PROTECTED]
250 ok

This does not,
bash-2.05b# telnet 10.0.241.135 25
Trying 10.0.241.135...
Connected to ecluster5.
Escape character is '^]'.
220 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! ESMTP
helo avhost1
250 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED!
mail from: [EMAIL PROTECTED]
## At this point qmail-smtpd just sits and never responds 250 ok

The only difference is the colon after the mail from command. No colon 
and qmail-smtpd responds, a colon and it does not, ever. I narrowed it 
down to stock qmail works, and qmail + chkuser does not. It seems to 
make no difference which vpopmail I use. This is very odd to me because 
this configuration has passed millions of messages in the past two 
years. I see no reason why it should fail to respond to an incoming 
connection incorrectly now.


The *two* differences between my working configurations and this one is 
FreeBSD version, and my other installs also carried these patches,


5.4.10-spamc-to-maildrop.patch
5.4.10-spamc.patch

Both of which we no longer need. Any head slaps, finger pointing, clue 
bats appreciated.


DAve



Install information follows.


I am running the following versions,
FreeBSD 6.2
qmail-1.03 (conf-split = 97)
qmail-0.0.0.0.patch
qmail-103.patch
qmail-maildir++.patch
vpopmail-5.4.10 and/or vpopmail-5.4.17
chkuser-2.0.8b-release

===
vpopmail configured as follows,
./configure --enable-tcpserver-file=/shared/qmail/control 
--enable-learn-passwords --enable-vpopuser=vpopmail 
--enable-vpopgroup=vchkpw --enable-qmail-ext 
--enable-incdir=/usr/local/include/mysql 
--enable-libdir=/usr/local/lib/mysql --enable-clear-password 
--enable-auth-module=mysql --enable-valias --enable-spamassassin


=
chkuser_settings.h
#define CHKUSER_VPOPMAIL
#define CHKUSER_STARTING_VARIABLE CHKUSER_START
#define CHKUSER_ENABLE_UIDGID
#define CHKUSER_DOMAIN_WANTED
#define CHKUSER_ENABLE_USERS
#define CHKUSER_ENABLE_ALIAS
#define CHKUSER_EZMLM_DASH '-'
#define CHKUSER_BOUNCE_STRING bounce-no-mailbox
#define CHKUSER_ENABLE_LOGGING
#define CHKUSER_SENDER_NOCHECK_VARIABLE RELAYCLIENT
#define CHKUSER_MIN_DOMAIN_LEN 4
#define CHKUSER_LOG_VALID_SENDER
#define CHKUSER_RCPT_LIMIT_VARIABLE CHKUSER_RCPTLIMIT
#define CHKUSER_WRONGRCPT_LIMIT_VARIABLE CHKUSER_WRONGRCPTLIMIT
#define CHKUSER_MBXQUOTA_VARIABLE CHKUSER_MBXQUOTA
#define CHKUSER_ERROR_DELAY 1000
#define CHKUSER_RCPT_DELAY_ANYERROR
#define CHKUSER_SENDER_DELAY_ANYERROR
#define CHKUSER_NORCPT_STRING 511 sorry, no mailbox here by that name 
(#5.1.1 - chkuser)\r\n
#define CHKUSER_RESOURCE_STRING 430 system temporary unavailable, try 
again later (#4.3.0 - chkuser)\r\n
#define CHKUSER_MBXFULL_STRING 522 sorry, recipient mailbox is full 
(#5.2.2 - chkuser)\r\n
#define CHKUSER_MAXRCPT_STRING 571 sorry, reached maximum number of 
recipients for one session (#5.7.1 - chkuser)\r\n
#define CHKUSER_MAXWRONGRCPT_STRING 571 sorry, you are violating our 
security policies (#5.1.1 - chkuser)\r\n
#define CHKUSER_DOMAINMISSING_STRING 511 sorry, you must specify a 
domain (#5.1.1 - chkuser)\r\n
#define CHKUSER_RCPTFORMAT_STRING 511 sorry, recipient address has 
invalid format (#5.1.1 - chkuser)\r\n
#define CHKUSER_RCPTMX_STRING 511 sorry, can't find a valid MX for rcpt 
domain (#5.1.1 - chkuser)\r\n
#define CHKUSER_SENDERFORMAT_STRING 571 sorry, sender address has 
invalid format (#5.7.1 - chkuser)\r\n
#define CHKUSER_SENDERMX_STRING 511 sorry, can't find a valid MX for 
sender domain (#5.1.1 - chkuser)\r\n
#define CHKUSER_INTRUSIONTHRESHOLD_STRING 571 sorry, you are violating 
our security policies (#5.7.1 - chkuser)\r\n
#define CHKUSER_NORELAY_STRING 553 sorry, that domain isn't in my list 
of allowed rcpthosts (#5.5.3 - chkuser)\r\n

#define CHKUSER_ENABLE_EZMLM_LISTS
#define CHKUSER_IDENTIFY_REMOTE_VARIABLE CHKUSER_IDENTIFY
#define CHKUSER_USERS_DASH '-'
#define CHKUSER_RCPTMX_TMP_STRING 451 DNS temporary failure (#4.5.1 - 
chkuser)\r\n
#define CHKUSER_SENDERMX_TMP_STRING 451 DNS temporary failure (#4.5.1 - 
chkuser)\r\n

#define CHKUSER_MAILMAN_STRING mailman
#define CHKUSER_MAILMAN_DASH '-'
#define CHKUSER_DB_CLEANUP
#define CHKUSER_RCPT_FORMAT
#define CHKUSER_SENDER_FORMAT
#define CHKUSER_ERROR_DELAY_INCREASE 300

===
bash-2.05b# cat /service/qmail-smtpd/run
#!/bin/sh

QMAILDUID=`id -u

Re: [vchkpw] Qmail smtp oddity with vpopmail and chkuser

2006-10-27 Thread Tom Collins 

On Oct 27, 2006, at 7:06 AM, DAve wrote:

mail from: [EMAIL PROTECTED]
## At this point qmail-smtpd just sits and never responds 250 ok

The only difference is the colon after the mail from command. No  
colon and qmail-smtpd responds, a colon and it does not, ever. I  
narrowed it down to stock qmail works, and qmail + chkuser does  
not. It seems to make no difference which vpopmail I use. This is  
very odd to me because this configuration has passed millions of  
messages in the past two years. I see no reason why it should fail  
to respond to an incoming connection incorrectly now.


Just as an FYI, RFC821 says you need angle brackets around the email  
address (and no space after the colon).


Regardless, qmail-smtpd should come back.  I just tried your test on  
my system (Shupp Toaster) and it came back fine.


--
Tom Collins  -  [EMAIL PROTECTED]
Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/
QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/

[vchkpw] phpbb authenticating to vpopmail/mysql

2006-10-27 Thread Matt Cornell 
I just finished working up this phpbb installation that authenticates (and updates the password) from amy vpopmail-mysql backend. Although I have taken more then my fair share of knowledge from open sources it's only lately that I am getting ready to give back. I thought I would ask first before I cleaned and wrote it up for the general public - is anyone even remotely interested in something like this? 
Sorry if this is too off-topic or whatever - I figured this crowd would have better initial input then a phpbb crowd. - matt