[vchkpw] My First Experience with vHostAdmin
Hi, I was able to try out vHostAdmin on a Development environment. I was delighted to see it working quite well even in the infancy stage. I would note my experience below, but first let me jot down how I did (some others may get benefited and some others may be able to comment if I have done anything incorrectly): cd /home/devendra wget http://www.inter7.com/vhostadmin/vpopmail-5.5.3.tar.gz tar xzfv vpopmail-5.5.3.tar.gz cd vpopmail-5.5.3 ./configure \ --enable-roaming-users=n \ --enable-logging=p \ --enable-passwd=n \ --enable-clear-passwd=y \ --enable-auth-module=mysql \ --enable-many-domains=y \ --enable-auth-logging=y \ --enable-mysql-logging=y \ --enable-valias=y \ --enable-mysql-limits=n \ [EMAIL PROTECTED] \ --enable-ip-alias-domains=n \ --enable-incdir=/usr/local/mysql/include \ --enable-libdir=/usr/local/mysql/lib make Note: I did not do make install-strip as I wanted to get vpopmaild binary only. cp -P vpopmaild /home/vpopmail/bin chown vpopmail:vchkpw /home/vpopmail/bin/vpopmaild mkdir /var/log/qmail/vpopmaild chown -R qmaill /var/log/qmail/vpopmaild mkdir -p /var/qmail/supervise/vpopmaild/log chmod +t /var/qmail/supervise/vpopmaild vi /var/qmail/supervise/vpopmaild/run #!/bin/sh # Port: 89 /usr/local/bin/tcpserver -vHRD 0 89 /home/vpopmail/bin/vpopmaild 21 vi /var/qmail/supervise/vpopmaild/log/run #!/bin/sh # Keep 30 logs of max 10Mb each # # They will get rotated when they reach 10Mb in size, exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s1000 n30 /var/log/qmail/vpopmaild chmod 755 /var/qmail/supervise/vpopmaild/run chmod 755 /var/qmail/supervise/vpopmaild/log/run ln -s /var/qmail/supervise/vpopmaild /service cd /home/devendra wget http://www.inter7.com/vhostadmin/vhostadmin-cvs-1112134662.tar.gz Notes from: INSTALL DOC Unpackage into webserver document root Copy include/global.inc-dist to include/global.inc Edit include/global.inc, modify paths and hosts session_directory must be a directory readable and writable by the webserver vpopmaild must be running to log in cd /myserver/public_html/ tar xzfv /home/devendra/vhostadmin-cvs-1112134662.tar.gz mv vhostadmin-cvs-1112134662 vhostadmin chown -R intermsh:intermsh vhostadmin cd vhostadmin rm -rf BUGS CVS doc TODO cp include/global.inc-dist include/global.inc chown intermsh:intermsh include/global.inc chmod 755 include/global.inc vi include/global.inc -- did change the required settings. Note: I had to recompile my PHP for --enable-sockets, my php configure as: ./configure --with-mysql=/usr/local/mysql --with-apxs=/usr/local/apache/bin/apxs --enable-sockets My experience with vHostAdmin: I had to set the SA_ADMIN privileges manually for one account as even the new vmoduser did not support the -S switch: mysql use vpopmail; Database changed mysql update vpopmail set pw_gid=65536 where pw_name='postmaster' and pw_domain='qmail2.intermesh.net'; I had to modify str_replace lines in following three files as [Warning: Wrong parameter count for str_replace()]: modules/mail/users.php //$str = str_replace(v|, , trim($data), 1); $str = str_replace(v|, , trim($data)); modules/mail/domains.php //$str = str_replace(v|, , trim($data), 1); $str = str_replace(v|, , trim($data)); modules/mail/forwards.php //$str = str_replace(v|, , trim($data), 1); $str = str_replace(v|, , trim($data)); Go to Domain / Go to User / Go to Forwards does not support partial search. All the Mailing Lists show up in Forwards. Modify User is not having options to modify the Limits and Quota Thanks. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
[vchkpw] Logging of IP addresses via SPAMCONTROL patch.
Dr Erwin, I have already tried the newanalyse package on a development (Fedora) Server. It works, great. The qmFind did not compile (but works as raw perl script). One more question Dr Erwin, The SMTP log is more informative after your SpamControl Patch but it lacks the IP addresses in front of the entries. Have I missed something or its like that only. Here is a sample. @400041416592147f8924 Accept::SNDR::Relay_Client: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414165921589e0bc tcpserver: deny 3214 x.x.xxx:111.222.333.444:25 :218.20.230.246::63771 MAXCONNIP:5 @40004141659217e0a9cc Accept::ORIG::Local_Sender: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414165921e41b07c Accept::ORIG::Local_Sender: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414165cb2f16d51c tcpserver: status: 69/80 @4000414165cc0cfb055c Accept::RCPT::Rcpthosts_Rcptto: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414165cc181127dc tcpserver: status: 70/80 @4000414165f0227f90dc tcpserver: ok 5737 x.x.xxx:111.222.333.444:25 :61.11.87.37::2812 @4000414165f025019c24 tcpserver: ok 5736 x.x.xxx:111.222.333.444:25 :203.145.134.238:dvromafh:2447 @4000414165f026fdc5fc Reject::SNDR::Invalid_Relay: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414165f02792fd34 tcpserver: ok 5174 x.x.xxx:111.222.333.444:25 :61.1.220.108::1854 @4000414166381540b25c Reject::ORIG::No_DNSMX: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] Actually I get lot of illegal relay requests. I wished to block them via iptables. How do I identify the IP Addresses of such requests like: @4000414e5ded0688b8cc Reject::SNDR::Invalid_Relay: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414e5ded1ce82f44 Reject::SNDR::Invalid_Relay: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414e5ded33bb7dfc Reject::SNDR::Invalid_Relay: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414e5dee0f743704 Reject::SNDR::Invalid_Relay: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414e5dee25c65f3c Reject::SNDR::Invalid_Relay: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414e5def00b5dca4 Reject::SNDR::Invalid_Relay: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414e5def16fa7c04 Reject::SNDR::Invalid_Relay: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414e5def2de26bfc Reject::SNDR::Invalid_Relay: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] Thanks. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] Silly Qmail (Queue) Syndrome and Spamcontrol Patch
Hi Tom, Thanks. At 08/09/04 20:42 (), you wrote: On Sep 7, 2004, at 11:54 PM, Devendra Singh wrote: c) what Anti-Virus and Anti-Spam tools are you using AntiVirus is clamav-0.75.1 and AntiSpam is SpamAssassin-2.63 with patched version of qmail-scanner Qmail-Scanner-1.23st (st patch) from http://xoomer.virgilio.it/j.toribio/qmail-scanner/. This patched version of qmail-scanner has been used to selectively enable only 20% of the domains to have AntiVirus/AntiSpam enabled. I am also using the --sa-reject option to have spam messages with a score higher than sa-delete (score of 16 in my case) to be rejected before the smtp session is closed. I'd probably point the finger at qmail-scanner. It's a major resource hog and starts a perl instance every time a message comes in. I do agree, in fact I knew. Weighing Options. I use clamav and SpamAssassin as well, but use qscanq (google for it) and qmail-spamc (included with SpamAssassin) to block viruses and score spam on messages at the qmail-queue stage. Unfortunately, without patching, you won't be able to selectively enable it per domain or have an sa-reject option. I would look at qscanq as well as QMVC suggested by Dr Erwin. I would also look for any other options if possible. But, I need to enable / disable AntiVirus AntiSpam for Selective email-addresses (and domains). Also, Clients requirements have forced me to quarantine Spam above certain level and should be intimated to the sender (just in case its's a real sender). If we bounce the spam it will result into a double bounce mostly. Hence rejection is required. You could look at some of the patches Ken Jones of Inter7 has put together to add SpamAssassin integration to vdelivermail. This would offload the spam processing from qmail-smptd, and can be enabled on a per-domain basis. You could then replace qmail-scanner with qscanq to block viruses (for all domains) at the smtpd level. Where can I find those patches by Ken? Any URL please (I tried searching the archives). Some hints: - It might me worthwilhe to reduce the incoming-concurrency. Drop it to 30. Any figures less than 80 would cause lot many Servers not to get smtp connect to our Server during peak time of 0100 to 0500 hrs EDT. Maybe not. You need to determine whether a lower concurrency will reduce the amount of time spent on each message and ultimately allow more connections per hour. Once you start hitting virtual memory, all of the current connections will get bogged down. Take a look at how many messages are processed per hour at 100, and then at 80. If the queue is growing and messages aren't getting delivered, there's not much benefit to queueing the message instead of just not accepting the connection. I am experimenting on it. However, I have got sigh of relief (probably for the time being), by adding sbl-xbl.spamhaus.org to rblsmtpd (I was already using bl.spamcop.net). This has reduced the SMTPD threads a bit. Dr Erwin, May I request Dr Erwin to get reply on my reply to his reply in this thread. I have already tried the newanalyse package on a development (Fedora) Server. It works, great. The qmFind did not compile. One more question Dr Erwin, The SMTP log is more informative after your SpamControl Patch but it lacks the IP addresses in front of the entries. Have I missed something or its like that only. Here is a sample. @400041416592147f8924 Accept::SNDR::Relay_Client: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414165921589e0bc tcpserver: deny 3214 x.x.xxx:111.222.333.444:25 :218.20.230.246::63771 MAXCONNIP:5 @40004141659217e0a9cc Accept::ORIG::Local_Sender: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414165921e41b07c Accept::ORIG::Local_Sender: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414165cb2f16d51c tcpserver: status: 69/80 @4000414165cc0cfb055c Accept::RCPT::Rcpthosts_Rcptto: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414165cc181127dc tcpserver: status: 70/80 @4000414165f0227f90dc tcpserver: ok 5737 x.x.xxx:111.222.333.444:25 :61.11.87.37::2812 @4000414165f025019c24 tcpserver: ok 5736 x.x.xxx:111.222.333.444:25 :203.145.134.238:dvromafh:2447 @4000414165f026fdc5fc Reject::SNDR::Invalid_Relay: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] @4000414165f02792fd34 tcpserver: ok 5174 x.x.xxx:111.222.333.444:25 :61.1.220.108::1854 @4000414166381540b25c Reject::ORIG::No_DNSMX: MailFrom: [EMAIL PROTECTED] RcptTo: [EMAIL PROTECTED] Thanks. Devendra Singh
Re: [vchkpw] Silly Qmail (Queue) Syndrome and Spamcontrol Patch
and understand this point as I have tested that myself. But, reducing the concurrencyincoming too much would refuse smtp connects to lot many Mail Servers and even clients using SMTP-Authentication. - Most of load originates presumably from I/0. You should try everything to reduce it. In particular, use SPAMCONTROLs badmimetype filter in the first place. Thanks, I am already using the badmimmetype filter, it does its job marvelously. BTW, I am also using LOCALMFCHECK, MFDNSCHECK, MAXRECIPIENTS=20, MAXCONNIP=5. However, if you use the qmail-queue extension and lets say qmail-scanner, this wont help much (for reasons I will explain in SPAMCONTROL 2.3). I would be eagerly waiting for the reasoning you would provide. Use my QMVC instead. I would study it. Thanks. regards. --eh. PS: Very interesting discussion. I am very glad. Once again thanks a lot. Devendra Singh attachment: msg-day.pngattachment: Local-n-Remote-concurrency-day.pngattachment: Smtp-Concurrency-day.png
[vchkpw] Silly Qmail (Queue) Syndrome and Spamcontrol Patch
Dear Erwin, Sorry for question not really related to Vpopmail. It seems that I am hit by Silly Qmail (Queue) Syndrome. I am using the Spamcontrol Patch v2.2.12 along with vpopmail-5.4.6, but have not used the experimental bigtodo. Wished to apply the bigtodo. I would like to get clarified that whether you bigtodo is based on ext_todo patch or big-todo patch or both. I had not initially compiled the bigtodo thinking that it is experimental. What do you suggest. Thanks. Devendra Singh
Re: [vchkpw] Silly Qmail (Queue) Syndrome and Spamcontrol Patch
0.00 0.00 0.00 0.00 0.000.00 0.00 0.00 Device:rrqm/s wrqm/s r/s w/s rsec/s wsec/srkB/swkB/s avgrq-sz avgqu-sz await svctm %util /dev/hda20.00 0.00 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 I am getting more and more convinced that ext-todo might be a possible solution in this situation. What do you feel ! Devendra Singh attachment: queue-size-day.png
Re: [vchkpw] SMTP Authenticated user is able to anyone in rcpthos ts
At 10/06/04 19:11 (), you wrote: On Wed, 2004-06-09 at 00:13, Devendra Singh wrote: At 08/06/04 11:41 (), Tom Collins wrote: On Jun 7, 2004, at 9:28 PM, Devendra Singh wrote: I would like to re-frame my Subject: SMTP Authenticated user is able to impersonate anyone in rcpthosts. You could re-frame it even more. Authenticated SMTP users can use any FROM address and submit mail for any host. Some clients may have multiple from addresses going through a single authenticated session. Limiting them to the address they authenticated as may be too strict. Including it in the Received header is probably a more useful option. Dear Tom, Thanks, that you understood. (Sorry, the issue is not related to Vpopmail, but may be of interest to most). Including the authenticated ID in the Received header is good, but still it would not be able to stop the menace of Spamming from your own users (who is going to monitor the logs of mails sent by users). Also, in the days of virus outbreak and users having password saved in their outlook express, the feature can be saviour. BTW, Shouguan Lin had pointed to a link http://night.rdslink.ro/dudu/qmail/http://night.rdslink.ro/dudu/qmail/http://night.rdslink.ro/dudu/qmail/ with features o Added my own patch, that checks whether the 'mail from' value is different from the username used for SMTP AUTH, thus preventing source address spoofing. Useful for ISP's that only relay mails from authenticated users. o The 'mail from' verification is now configurable through a knob defined in /var/qmail/control/spoofcheck or in the environment variable $SPOOFCHECK But, this is part of unified patch which is difficult situation for me. It's my request to Dr Erwin Hoffmann through this list that if he adds the feature into his authentication patch which is also included into the Vpopmail contrib, we all would get benefited. This is problematic for ISP customers whose ISPs block outbound port 25, therefor forcing relaying through their servers, but who also have a vanity domain or similar provided by a third party. ISPs would then be disallowing any form of sending mail with that From: field, which is pretty bogus. Many of these so-called anti-spam measures are approaching throwing not just the baby out with the bathwater, but the entire tub. Why don't I reiterate the question Jeremy Kitchen so accurately asked, What problem are you solving?. Forged From fields server a legitimate purpose, just like doing the same in the To field can (think BCC mailing lists with Undisclosed Recipients in the To). Yes, spammers abuse this, as do virus writers. I definitely recommend this functionality be made optional, hard to turn on, and as unadvertised as possible. Those few people who know they'd benefit and not suffer can then find it, and those people who think they'd benefit but wouldn't realize the consequences wouldn't clobber their users. Nick Harring Webley Systems Any AntiSpamming measure onto SMTP Authenticatted mail sending has to be optional like all other such means. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
At 09/06/04 14:03 (), you wrote: Hi Devendra, At 18:38 07.06.04 +0530, you wrote: Hi, I am using Erwin Hoffmann's qmail-smtpd-auth-0.4.2. Thanks for using it. I have noticed that once authenticated a user can use [EMAIL PROTECTED] (where server.com is a domain listed in rcpthosts) in the FROM header. Is there any remedy. Yes, thats possible. You can prevent it partially with my SPAMCONTROL patch for Qmail. It includes SMTP Autentication (with some nice logging). In addition you may want to set the environment variable LOCALMFCHEK. For a relayclient (in particular in case of an SMTP authenticated session), you may inforce that the domain part of the Mail From: in the SMTP envelope corresponds with your list of rcpthosts or some arbitary name provided thru the variable LOCALMFCHECK. See: http://www.fehcom.de/qmail/spamcontrol/README_spamcontrol.html section 8.1. A more general discussion about SMTP Authentication can be found at: http://www.fehcom.de/qmail/smptauth.html Thanks Erwin, I am already using the following into the /etc/tcp.smtp :allow,LOCALMFCHECK=,MFDNSCHECK=,BADMIMETYPE=,MAXRECIPIENTS=20 As you have rightly said LOCALMFCHECK does prevent it partially with my SPAMCONTROL. If you try to notice what Shouguan Lin had pointed http://night.rdslink.ro/dudu/qmail/ with features o Added my own patch, that checks whether the 'mail from' value is different from the username used for SMTP AUTH, thus preventing source address spoofing. Useful for ISP's that only relay mails from authenticated users. o The 'mail from' verification is now configurable through a knob defined in /var/qmail/control/spoofcheck or in the environment variable $SPOOFCHECK Dr Erwin, You whole Spamcontrol Patch is so good that I have been using it in entirety since quite some time with remarkable results. I am sure that you may be able to add the functionality to stop own spamming clients. Thanks. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
At 08/06/04 11:41 (), Tom Collins wrote: On Jun 7, 2004, at 9:28 PM, Devendra Singh wrote: I would like to re-frame my Subject: SMTP Authenticated user is able to impersonate anyone in rcpthosts. You could re-frame it even more. Authenticated SMTP users can use any FROM address and submit mail for any host. Some clients may have multiple from addresses going through a single authenticated session. Limiting them to the address they authenticated as may be too strict. Including it in the Received header is probably a more useful option. Dear Tom, Thanks, that you understood. (Sorry, the issue is not related to Vpopmail, but may be of interest to most). Including the authenticated ID in the Received header is good, but still it would not be able to stop the menace of Spamming from your own users (who is going to monitor the logs of mails sent by users). Also, in the days of virus outbreak and users having password saved in their outlook express, the feature can be saviour. BTW, Shouguan Lin had pointed to a link http://night.rdslink.ro/dudu/qmail/http://night.rdslink.ro/dudu/qmail/ with features o Added my own patch, that checks whether the 'mail from' value is different from the username used for SMTP AUTH, thus preventing source address spoofing. Useful for ISP's that only relay mails from authenticated users. o The 'mail from' verification is now configurable through a knob defined in /var/qmail/control/spoofcheck or in the environment variable $SPOOFCHECK But, this is part of unified patch which is difficult situation for me. It's my request to Dr Erwin Hoffmann through this list that if he adds the feature into his authentication patch which is also included into the Vpopmail contrib, we all would get benefited. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
[vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
Hi, I am using Erwin Hoffmann's qmail-smtpd-auth-0.4.2. I have noticed that once authenticated a user can use [EMAIL PROTECTED] (where server.com is a domain listed in rcpthosts) in the FROM header. Is there any remedy. __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
At 07/06/04 20:05 (), you wrote: On Monday 07 June 2004 08:08 am, Devendra Singh wrote: Hi, I am using Erwin Hoffmann's qmail-smtpd-auth-0.4.2. I have noticed that once authenticated a user can use [EMAIL PROTECTED] (where server.com is a domain listed in rcpthosts) in the FROM header. even an unauthenticated user can do this. How do you think this mailing list post will have my From: header, but an envelope sender of vchkpw-return-somenumber[EMAIL PROTECTED] Is there any remedy. What Problem Are You Trying To Solve? -Jeremy Sorry Jeremy, Perhaps I was unable to explain the problem properly. Suppose a Server is hosting the following domains: abc.com xyz.com test.com Now, the user [EMAIL PROTECTED] has been enabled for SMTP (not POP-Before SMTP but SMTP-AUTH using Erwin's Patch). If the user [EMAIL PROTECTED] tries to send an email as [EMAIL PROTECTED] in FROM headers, its denied. But, if he impersonates (for say spamming) in FROM headers as [EMAIL PROTECTED] or even [EMAIL PROTECTED] his outgoing mail would go through. Isn't this a case to worry? The example that you have talked about is totally unrelated to the above explained situation. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
At 07/06/04 21:27 (), you wrote: On Monday 07 June 2004 10:17 am, Devendra Singh wrote: Sorry Jeremy, Perhaps I was unable to explain the problem properly. Suppose a Server is hosting the following domains: abc.com xyz.com test.com ok. Now, the user [EMAIL PROTECTED] has been enabled for SMTP (not POP-Before SMTP but SMTP-AUTH using Erwin's Patch). If the user [EMAIL PROTECTED] tries to send an email as [EMAIL PROTECTED] in FROM headers, its denied. no, it's not, unless you've got some funky stuff set up, in which case, you'll have to provide more details. But, if he impersonates (for say spamming) in FROM headers as [EMAIL PROTECTED] or even [EMAIL PROTECTED] his outgoing mail would go through. Isn't this a case to worry? well, if you see it happening, that's why insert deity here created userdel. The example that you have talked about is totally unrelated to the above explained situation. no, it's entirely the same concept. Why let an unauthenticated user use any combination of envelope sender/header information but restrict authenticated users. Doesn't make much sense to me. -Jeremy Jeremy, Again I am misunderstood. But, Shouguan Lin has understood the point. I would like to re-frame my Subject: SMTP Authenticated user is able to impersonate anyone in rcpthosts. The SMTP-AUTH Patch by Erwin Hoffmann (from http://www.fehcom.de) qmail-smtpd-auth-0.4.2 recommended by latest Vpopmail has the functionality as discussed earlier. Dr Erwin are you listening?? The unauthenticated users can easily be prevented to use any combination of envelope sender/header information by using Split Horizon Check, which I am already using. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] Strange Error
At 25/05/04 18:44 (), François Wautier wrote: Hi, I am new to this list. I recently installed on a Gentoo linux qmail 1.03 (r13) vpopmail 5.4.0 maildrop 1.5.3 qmail-scanner 1.16 ( With some modifs) Everything was working well until today. Today, I took my local domain and made it a virtual domain on my hosts. Things are mostly working, but every now and then I get the following error message @400040b3436602b4f094 delivery 2035: success: vmysql:_sql_error[1]:_Can't_create_database_'vpopmail'._Database_exists/vmysql:_sql_error[3]: _No_Database_Selected/could_not_create_limits_table_CREATE_TABLE_limits_(_d The whole SQL query.. _No_Database_Selected/user_does_not_exist,but_will_deliver_to_/var/vpopmail/domains/mydomain/mycatchall/ Because I have a catchall account, the emails get delivered there instead of the correct mailbox. I can see that the Delivered-To header is set to the correct user. I can't seem to find a pattern in the occurrence of the problem The only thing is that I get the feeling it is related to the use of aliases ( .qmaol-myalias) but I am not sure. Has anyone experienced the same problem? Has anyone found a solution? Thanks François Wautier I too see this problem from time to time on two different Servers. But, to date I have not been able to understand the Problem. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
[vchkpw] maildirsize is not getting updated for local mail delivery
Hi, It seems that the Maildir/maildirsize file does not get updated for local delivery of mails. __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] Re: How to avoid rblsmtpd for smtp authenticated users
At 13/04/04 20:27 (), Peter Palmreuther wrote: Hello Devendra, On Monday, April 12, 2004 at 12:42:53 PM you wrote (at least in part): Is it possible to not to do rblsmtpd look-up for smtp-authenticated users? No, because rblsmtpd looks up the IP before SMTP-AUTH is (or can be) done. -- Best regards Peter Palmreuther Thanks for the info Peter. But, it's a difficult situation for me. Lot's of users from the dynamic pool have their IP at times listed in RBLs. Huh... Probably, under the pressure of our own clients I would have to disable RBL look-ups. Devendra Singh
[vchkpw] How to avoid rblsmtpd for smtp authenticated users
Hi, Is it possible to not to do rblsmtpd look-up for smtp-authenticated users? Thanks. __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] Re: Blackholing a sender
At 02/04/04 21:38 (), Peter Palmreuther wrote: Hello Devendra, On Friday, April 2, 2004 at 7:26:47 AM you wrote (at least in part): This gives me a clue that perhaps we should be able to do it using qmail-scanner-queue.pl code. Let me try it out. If anyone else too can give some pointer on this angle do let us know. qmail_requeue() seems to be the function that does pass the mail to qmail-queue after qmail-scanner has processed it. So before AV- and spam-check simply check for $sender (or $env_returnpath, or whatever the variable is named at the location you introduce the check) and instead of init_scanners call a the requeue with different recipient ($env_recips or the like). The new recipient should be a local/virtualdomain recipient address that has a blackholed delivery: a dot-qmail file containing only one line: ,- [ .qmail-blackhole ] | # `- HTH -- Best regards Peter Palmreuther Thanks, Peter for the nice pin pointed clue. I would try out this clue as soon as I am free from the other imp stuffs. A bit difficult for me, not a perl programmer. But, I was able to blackhole as follows: In the file /var/spool/qmailscan/quarantine-attachments.txt [EMAIL PROTECTED] Tab Virus-MAILFROM: Tab You are Banned. Now, in /var/qmail/bin/qmail-scanner-queue.pl add You are Banned to the silent_viruses_array as my @silent_viruses_array=('klez','bugbear','hybris','yaha','braid','nimda','tanatos','sobig','winevar','You are Banned'); This would delete the mail and would not intimate the sender. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] Blackholing a sender
At 01/04/04 22:43 (), Ron Guerin wrote: On Tue, 2004-03-30 at 09:07, Devendra Singh wrote: I have a peculiar requirement of just trashing a particular Mail From: to any of the virtual domains hosted on a Server. In that case even I do not want to bounce the mail just trash (/dev/null) it. Since you haven't gotten an answer yet that does what you want, I'll throw this thought out. It's probably more trouble to you than it's worth just for this, but here goes... My setup uses Maildrop. Under this scenario, I got rid of most of my .qmail files, and thus all mail is handled by .qmail-default, which calls Maildrop. In my Maildrop script, I can silently blackhole a specific sender without any bounce whatsoever. Given that I use one master mailfilter for the entire server (with includes to customize it per-domain and per-user), I can therefore blackhole any sender from the entire server by doing so in the system-wide filter script. - Ron I had a doubt that someone would definitely suggest MailDrop Script. Yes, I know that it can be achieved using maildrop. But, you know that maildrop mailfilter can be enabled / disabled for some users using qmailadmin interface. That means, for some pop accounts the maildrop mailfilter would not be used. Also, for pure forwards the mailfilter would not get executed. That means, you have to achieve it doing the setting of maildrop into the .qmail files manually for each account. Tedious to maintain !! Devendra Singh
Re: [vchkpw] Re: Blackholing a sender
At 02/04/04 00:25 (), Peter Palmreuther wrote: Hello Devendra, On Thursday, April 1, 2004 at 8:29:02 AM you wrote (at least in part): [blackholing a sender] I wished not to give the sender any clue as why his mail is disappearing -- blackholed. Write your own qmail-queue replacement that filters for sender and drops mails from the notorious. All other mail is than passed to qmail-queue as usual. This way you don't have to fiddle with qmail sources, you only have to have a QMAILQUEUE-patched qmail. If this sender is worth the work ... additionally other might benefit from your work, maybe there are other people that like to really blackhole some senders instead of simply rejecting their messages. -- Thanks Peter, This gives me a clue that perhaps we should be able to do it using qmail-scanner-queue.pl code. Let me try it out. If anyone else too can give some pointer on this angle do let us know. Devendra Singh
Re: [vchkpw] Re: Blackholing a sender
At 31/03/04 20:34 (), you wrote: Hello Devendra, On Wednesday, March 31, 2004 at 6:52:31 AM you wrote (at least in part): I have a peculiar requirement of just trashing a particular Mail From: to any of the virtual domains hosted on a Server. echo SENDERADDRESS /var/qmail/control/badmailfrom Thanks for your solution. But, the badmailfrom would give a bounce from qmail-smtpd (MTA). No, it'd give a 5xx code from your qmail-smtpd and the bounce is created by somebody else. Your system does /NOT/ bounce the message, it just rejects it. If the other side bounces is not within your responsibility. I just wanted to blackhole it, without sending any intimation even if it violates any RFC. Than you have two options: 1) hacking qmail source to read a dev-null list and deliver all mails with sender address on this list to /dev/null (i.e. to drop the message) 2) manipulate all dot-qmail files that could be involved in a delivery and check if the message came from $BAD_SENDER. If so exit(99) from this check and no further delivery instructions in this dot-qmail file will be processed. Quite a lot of work to do, and you'd have to take care of all new created dot-qmail files in your setup. -- Best regards Peter Palmreuther COBOL: Crappy Obsolete Butthead Oriented Language. My God !, Lot of work to do, fiddling with the source would be my last resort. In the meanwhile I tried the BLACKHOLED Sender for the notorious option of http://www.fehcom.de/qmail/spamcontrol.html. But, this option too sends back a bounce after a couple of days. The deferral is generated from the sending server not my server. I wished not to give the sender any clue as why his mail is disappearing -- blackholed. I would wait for more comments from fellow list members. Thanks. Devendra Singh
Re: [vchkpw] Re: Blackholing a sender
At 31/03/04 22:01 (), David H. Wolfskill wrote: On Wed, Mar 31, 2004 at 10:22:31AM +0530, Devendra Singh wrote: Thanks for your solution. But, the badmailfrom would give a bounce from qmail-smtpd (MTA). I just wanted to blackhole it, without sending any intimation even if it violates any RFC. Any other pointers !!! Why not alias it to /dev/null? Peace, david (who is much more familiar with sendmail than with qmail) -- David H. Wolfskill [EMAIL PROTECTED] That's my wish too. But, I think we are able to alias a TO: but not FROM:. Devendra Singh
[vchkpw] Blackholing a sender
Hi List Members, I have a peculiar requirement of just trashing a particular Mail From: to any of the virtual domains hosted on a Server. In that case even I do not want to bounce the mail just trash (/dev/null) it. Any pointers, please !! __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] Re: Blackholing a sender
At 30/03/04 20:39 (), you wrote: Hello Devendra, On Tuesday, March 30, 2004 at 4:07:31 PM you wrote (at least in part): I have a peculiar requirement of just trashing a particular Mail From: to any of the virtual domains hosted on a Server. echo SENDERADDRESS /var/qmail/control/badmailfrom In that case even I do not want to bounce the mail just trash (/dev/null) it. using badmailfrom is like /dev/null'ing for you. You'll neither see the bounce nor does your qmail have to handle it (even if it can't be delivered). That the absolutely easiest and cleanest solution for that problem. -- Best regards Peter Palmreuther He who laughs last uses OS/2. Dear Peter, Thanks for your solution. But, the badmailfrom would give a bounce from qmail-smtpd (MTA). I just wanted to blackhole it, without sending any intimation even if it violates any RFC. Any other pointers !!! Devendra Singh
[vchkpw] Strange Errors in send log vmysql:_sql_error[1] .....
Hi, I have noticed strange errors in the send log from time to time: 2004-03-26 01:03:13.204788500 delivery 230967: success: did_0+0+1/ 2004-03-26 01:03:13.204789500 status: local 9/20 remote 2/20 2004-03-26 01:03:13.204790500 delivery 230970: success: vmysql:_sql_error[1]:_Can't_create_database_'vpopmail'._Database_exists/vmysql:_sql_error[3]:_No_Database_Selected/did_0+0+1/ 2004-03-26 01:03:13.204807500 status: local 8/20 remote 2/20 2004-03-26 01:03:13.204808500 delivery 230961: success: did_0+0+1/ I am using vpopmail-5.4.0-rc1. Anyone have any clues about the occurrence of this error? Thanks __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
[vchkpw] vpopmail 5.4.2 - make error `DOMAINS_DIR' undeclared (first use in this function)
`while' vpopmail.c:3116: parse error before `' vpopmail.c:3120: `j' undeclared here (not in a function) vpopmail.c:3120: warning: type defaults to `int' in declaration of `email' vpopmail.c:3120: warning: data definition has no type or storage class vpopmail.c:3122: parse error before `return' vpopmail.c:3120: storage size of `email' isn't known make[2]: *** [vpopmail.o] Error 1 make[2]: Leaving directory `/usr/local/src/vpopmail-5.4.2' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/local/src/vpopmail-5.4.2' make: *** [all] Error 2 __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
[vchkpw] vpopmail 5.4.2 - make error `DOMAINS_DIR' undeclared (first use in this function)
`while' vpopmail.c:3116: parse error before `' vpopmail.c:3120: `j' undeclared here (not in a function) vpopmail.c:3120: warning: type defaults to `int' in declaration of `email' vpopmail.c:3120: warning: data definition has no type or storage class vpopmail.c:3122: parse error before `return' vpopmail.c:3120: storage size of `email' isn't known make[2]: *** [vpopmail.o] Error 1 make[2]: Leaving directory `/usr/local/src/vpopmail-5.4.2' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/local/src/vpopmail-5.4.2' make: *** [all] Error 2 __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] Re: Problem with qmail-scanner
At 06/02/04 18:38 (), Peter Palmreuther wrote: Hello Devendra, On Friday, February 6, 2004 at 11:34:34 AM you wrote (at least in part): [QMAILUEUE RELAYCLIENT] In my Case I am using smtp-auth patch from http://www.fehcom.de/qmail/smtpauth.html Don't know which version you're using, as I don't know when this site first listed 0.4.2. If you're using 0.31 it does not set RELAYCLIENT for authenticated users, 0.4.2 should do set it. and it is calling spamassassin for the authenticated users sending out mails. Perhaps the RELAYCLIENT is not set for authenticated users. Quite easy to check: 'strings /var/qmail/bin/qmail-smtpd |less' and search for 'RELAYCLIENT='. -- Best regards Peter Palmreuther How do you tell when you run out of invisible ink? Dear Peter, Thanks for the clue. I tried searching the string 'RELAYCLIENT=' into /var/qmail/bin/qmail-smtpd. I was able to find a 'RELAYCLIENT' but not RELAYCLIENT=. I was using the Spamcontrol patch spamcontrol-209_tgz.bin instead of the latest spamcontrol-225_tgz.bin. I think this should solve the issue. I would try it out ASAP. Thanks. Devendra Singh
Re: [vchkpw] Re: Problem with qmail-scanner
At 03/02/04 22:20 (), Peter Palmreuther wrote: Hello Andrea, On Tuesday, February 3, 2004 at 4:06:55 PM you wrote (at least in part): An easier solution should be to add the following to your qmail-smtpd/run file: export QMAIL_QUEUE=/var/qmail/bin/qmail-scanner-queue And then restart qmail-smtpd. First: Make the above 'QMAILQUEUE=...', without the underscore. In this case, I apply the qmail-scanner-queue for the emails from LAN or loopback (127.). I wouldn't, better I could not would that. Insert 127.:allow,RELAYCLIENT=,QMAILQUEUE=/var/qmail/bin/qmail-queue 129.168.1.:allow,RELAYCLIENT=,QMAILQUEUE=/var/qmail/bin/qmail-queue to your 'tcp.smtp' file that is merged with 'open-smtp' (the 127. should already be there, so simply modify it). Ain't that hard, isn't it? Mine patch works only with open-smtp connections, not at all. What what are most of your connections? foreigners from out there and open-smtp users? And don't you want exactly their mails to be run through qmail-scanner? So create a few rules for the exceptions (connections from 127. and LAN) and hit the rest by a 'export QMAILQUEUE' DEFAULT. Why is better the qmail-smtpd/run change? The I patch vpopmail as little as necessary to achieve something I can do without patching. Simply because it is easily preserved across vpopmail updates, while the other one requires repatching every time a new vpopmail is released (and requires the original author to adjust the patch maybe every time a new version is released). -- Best regards Peter Palmreuther This message is already too long - no tagline pleasack! In my Case I am using smtp-auth patch from http://www.fehcom.de/qmail/smtpauth.html and it is calling spamassassin for the authenticated users sending out mails. Perhaps the RELAYCLIENT is not set for authenticated users. Is anyone has clues to stop passing the control to spamc in case of authenticated users. I am using: QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl export QMAILQUEUE in /var/qmail/supervise/qmail-smtpd/run script. Devendra Singh
[vchkpw] Lotus style email addresses having slashes.
Hi, I am trying to migrate some users of a particular domain earlier hosted on sendmail to qmail / vpopmail. They have strange format of email addresses viz., abcd/[EMAIL PROTECTED]. On the sendmail system this was achieved using email.fwd entry to deliver to a passwd user's popbox. I am unable to migrate this kind of address format to qmail server. I am afraid to ask the client to change their mail-id. For information, this company uses Lotus-Notes within their office. Is there any solution / pointer / precedents. Thanks. __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] disable_external_relay [PATCH]
Dear Tonino, Thanks a lot for the info. In my case the password is stored in MySQL. A further hunt provided me the following: The following options are bit flags in the gid int field (pw_gid) with the int values stored. -u ( set no dialup flag ) -- 64 -d ( set no password changing flag ) -- 1 -p ( set no pop access flag ) -- 2 -s ( set no smtp access flag ) -- 2048 -w ( set no web mail access flag ) -- 4 -i ( set no imap access flag ) -- 8 -b ( set bounce mail flag )-- 16 -r ( set no external relay flag ) -- 32 -a ( grant qmailadmin administrator privileges)-- 4096 -0 ( set V_USER0 flag )-- 128 -1 ( set V_USER1 flag )-- 256 -2 ( set V_USER2 flag )-- 512 -3 ( set V_USER3 flag )-- 1024 For Multiple settings the flags' values are added. Devendra Singh At 05/12/03 14:38 (), tonix (Antonio Nati) wrote: vmoduser store this flag within the user record (either in .cdb or MysQl or LDAP, depending on your configuration). It's in the gid field. Tonino At 05/12/2003 05/12/2003 +0530, Devendra Singh wrote: Dear Tonino, Earlier when I had put the disable_smtp into .qmailadmin-limits, it still allowed to relay the users. When I did use the vmoduser to set the disable_smtp flag, it worked. But, where did the vmoduser store this flag info. I could not locate it. May some expert out there listening, may guide us. Devendra Singh At 05/12/03 13:48 (), tonix (Antonio Nati) wrote: Devendra, I'm still with an old version, and my domain limits are in .qmailadmin-limits, within the domain directory. I don't know if this is still valid for new version. Give a look at your Changelog and README files (andpost the result). Ciao, Tonino At 05/12/2003 05/12/2003 +0530, Devendra Singh wrote: Dear Tonino / Tom, In between the whole expert discussion the user level curious question BTW, where is this user's limits info stored in case of non-mysql limits? got lost. Please, let us know. Devendra Singh At 04/12/03 14:32 (), tonix (Antonio Nati) wrote: Tom, thanks for your clear explanation. However, don't you think that kind of things should be discussed in the general list instead of development list? I feel that development list should deal with implementation, how to develop, how to improve code, while functionalities should be discussed with end-users (or production users), that are interested in functionalities, and don't care about implementation. I'm really amazed when I discover a changed feature and see that it's been done by developers without talking with end-users. Ciao, Tonino At 03/12/2003 03/12/2003 -0700, you wrote: On Wednesday, December 3, 2003, at 10:05 AM, tonix (Antonio Nati) wrote: Tom, sorry if I may be out of logic, just a fast look at the patch. Here's how it works. pw_gid is the user's limits. if the user has V_OVERRIDE set, that's all they get. otherwise, the domain limits are IN ADDITION to the user's limits. For example: If domain limit says no IMAP and user limit says no SMTP; user doesn't have access to IMAP or SMTP. Change domain limit from no IMAP to no POP. Now user limit becomes no POP or SMTP. We discussed this on the development list. Perhaps we need to explain it better in the documentation. Is it correct to keep using user flags if override is off? Yes. +if ((! (pw-pw_gid V_OVERRIDE)) if user not overriding domain limits + (vget_limits (domain, limits) == 0)) { +pw-pw_flags = pw-pw_gid | vlimits_get_flag_mask (limits); using mixed limits from user and domain. Correct. Would it be more direct to use only domain limits in such a case? No. If you do it that way, you can't impose additional limits on a single user in the domain (or, for example, add qmailadmin admin access). +} else pw-pw_flags = pw-pw_gid; else use user limits. Correct. If V_OVERRIDE is set, or the limit lookup fails, it just uses the user limits. At 03/12/2003 03/12/2003 -0700, you wrote: Here's the patch to fix the domain limits problem. It's in CVS now, and will be in the next release (which I'll make by the end of the week). Hopefully the email gateways won't totally screw the file up... [snip] Thanks for including an entire copy of the patch in your response. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03 [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.548 / Virus Database: 341 - Release Date: 05/12/03 --- Outgoing mail is certified
Re: [vchkpw] disable_external_relay [PATCH]
Dear Tonino, Earlier when I had put the disable_smtp into .qmailadmin-limits, it still allowed to relay the users. When I did use the vmoduser to set the disable_smtp flag, it worked. But, where did the vmoduser store this flag info. I could not locate it. May some expert out there listening, may guide us. Devendra Singh At 05/12/03 13:48 (), tonix (Antonio Nati) wrote: Devendra, I'm still with an old version, and my domain limits are in .qmailadmin-limits, within the domain directory. I don't know if this is still valid for new version. Give a look at your Changelog and README files (andpost the result). Ciao, Tonino At 05/12/2003 05/12/2003 +0530, Devendra Singh wrote: Dear Tonino / Tom, In between the whole expert discussion the user level curious question BTW, where is this user's limits info stored in case of non-mysql limits? got lost. Please, let us know. Devendra Singh At 04/12/03 14:32 (), tonix (Antonio Nati) wrote: Tom, thanks for your clear explanation. However, don't you think that kind of things should be discussed in the general list instead of development list? I feel that development list should deal with implementation, how to develop, how to improve code, while functionalities should be discussed with end-users (or production users), that are interested in functionalities, and don't care about implementation. I'm really amazed when I discover a changed feature and see that it's been done by developers without talking with end-users. Ciao, Tonino At 03/12/2003 03/12/2003 -0700, you wrote: On Wednesday, December 3, 2003, at 10:05 AM, tonix (Antonio Nati) wrote: Tom, sorry if I may be out of logic, just a fast look at the patch. Here's how it works. pw_gid is the user's limits. if the user has V_OVERRIDE set, that's all they get. otherwise, the domain limits are IN ADDITION to the user's limits. For example: If domain limit says no IMAP and user limit says no SMTP; user doesn't have access to IMAP or SMTP. Change domain limit from no IMAP to no POP. Now user limit becomes no POP or SMTP. We discussed this on the development list. Perhaps we need to explain it better in the documentation. Is it correct to keep using user flags if override is off? Yes. +if ((! (pw-pw_gid V_OVERRIDE)) if user not overriding domain limits + (vget_limits (domain, limits) == 0)) { +pw-pw_flags = pw-pw_gid | vlimits_get_flag_mask (limits); using mixed limits from user and domain. Correct. Would it be more direct to use only domain limits in such a case? No. If you do it that way, you can't impose additional limits on a single user in the domain (or, for example, add qmailadmin admin access). +} else pw-pw_flags = pw-pw_gid; else use user limits. Correct. If V_OVERRIDE is set, or the limit lookup fails, it just uses the user limits. At 03/12/2003 03/12/2003 -0700, you wrote: Here's the patch to fix the domain limits problem. It's in CVS now, and will be in the next release (which I'll make by the end of the week). Hopefully the email gateways won't totally screw the file up... [snip] Thanks for including an entire copy of the patch in your response. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03
Re: [vchkpw] disable_external_relay [PATCH]
Dear Tonino / Tom, In between the whole expert discussion the user level curious question BTW, where is this user's limits info stored in case of non-mysql limits? got lost. Please, let us know. Devendra Singh At 04/12/03 14:32 (), tonix (Antonio Nati) wrote: Tom, thanks for your clear explanation. However, don't you think that kind of things should be discussed in the general list instead of development list? I feel that development list should deal with implementation, how to develop, how to improve code, while functionalities should be discussed with end-users (or production users), that are interested in functionalities, and don't care about implementation. I'm really amazed when I discover a changed feature and see that it's been done by developers without talking with end-users. Ciao, Tonino At 03/12/2003 03/12/2003 -0700, you wrote: On Wednesday, December 3, 2003, at 10:05 AM, tonix (Antonio Nati) wrote: Tom, sorry if I may be out of logic, just a fast look at the patch. Here's how it works. pw_gid is the user's limits. if the user has V_OVERRIDE set, that's all they get. otherwise, the domain limits are IN ADDITION to the user's limits. For example: If domain limit says no IMAP and user limit says no SMTP; user doesn't have access to IMAP or SMTP. Change domain limit from no IMAP to no POP. Now user limit becomes no POP or SMTP. We discussed this on the development list. Perhaps we need to explain it better in the documentation. Is it correct to keep using user flags if override is off? Yes. +if ((! (pw-pw_gid V_OVERRIDE)) if user not overriding domain limits + (vget_limits (domain, limits) == 0)) { +pw-pw_flags = pw-pw_gid | vlimits_get_flag_mask (limits); using mixed limits from user and domain. Correct. Would it be more direct to use only domain limits in such a case? No. If you do it that way, you can't impose additional limits on a single user in the domain (or, for example, add qmailadmin admin access). +} else pw-pw_flags = pw-pw_gid; else use user limits. Correct. If V_OVERRIDE is set, or the limit lookup fails, it just uses the user limits. At 03/12/2003 03/12/2003 -0700, you wrote: Here's the patch to fix the domain limits problem. It's in CVS now, and will be in the next release (which I'll make by the end of the week). Hopefully the email gateways won't totally screw the file up... [snip] Thanks for including an entire copy of the patch in your response. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03
Re: [vchkpw] disable_external_relay
Dear Tom, I am using SMTP AUTH. Devendra Singh At 02/12/03 20:50 (), Tom Collins wrote: On Tuesday, December 2, 2003, at 07:12 AM, Devendra Singh wrote: Use disable_smtp in the .qmailadmin-limits file to disable SMTP access for the domain. The current version of vpopmail (5.3.30) supports this flag. I upgraded to vpopmail-5.3.30, qmailadmin-1.0.29. Recompiled Courier-Imap-1.7.3. But, I am still not able to disable the SMTP. What might be wrong? Are you using SMTP AUTH or roaming users (aka POP before SMTP)? -- Tom Collins - [EMAIL PROTECTED] --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03
Re: [vchkpw] Removing the CatchAll Account column from Email Accounts Page
Dear Tom, Thanks a Tonne. Sorry for the posting to wrong list. Devendra Singh At 02/12/03 21:03 (), Tom Collins wrote: On Tuesday, December 2, 2003, at 02:40 AM, Devendra Singh wrote: Is it possible to remove the CatchAll Account column from Email Accounts Page of qmailadmin v5.3.30? This is a question for the qmailadmin list at [EMAIL PROTECTED], but here's your answer. Edit show_users.html to remove that column. You'll probably want to leave it in place, but without a header. Edit user.c and go to about line 202. Comment everything in this section: if (bounced==0 strncmp(pw-pw_name,TmpBuf3,sizeof(TmpBuf3)) == 0) { ... } else if (AdminType==DOMAIN_ADMIN) { ... } else { ... } Replace it with: fprintf(actout, td /td\n); Re-compile and re-install qmailadmin and you (should be) all set. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03
Re: [vchkpw] disable_external_relay
Dear Tonino, 1. I have put the .qmailadmin-limits into the /home/vpopmail/domains/0/del4.intermesh.net with following rights: -rw---1 vpopmail vchkpw126 Dec 2 18:59 .qmailadmin-limits and contains: maxpopaccounts: 10 maxaliases: 0 maxforwards: 10 maxautoresponders: 0 maxmailinglists: 0 default_quota: 41943040 disable_smtp 2. It's not a Open Relay Server. Checked with http://members.iinet.net.au/~remmie/relay/ and with http://spamlart.homeunix.org/ (Server referenced above is a test Server) Devendra Singh At 02/12/03 20:35 (), tonix (Antonio Nati) wrote: Devendra, 1) did you set this flag up? 2) Are you sure you are not an open relay? Tonino At 02/12/2003 02/12/2003 +0530, you wrote: At 24/11/03 21:46 (), Tom Collins wrote: On Monday, November 24, 2003, at 03:37 AM, tonix (Antonio Nati) wrote: No,it works only for pop-before-SMTP. I suggested to use it also for SMTP relay, but it wqas preferred to add a dedicated bit for SMTP relaying. Use disable_smtp in the .qmailadmin-limits file to disable SMTP access for the domain. The current version of vpopmail (5.3.30) supports this flag. I upgraded to vpopmail-5.3.30, qmailadmin-1.0.29. Recompiled Courier-Imap-1.7.3. But, I am still not able to disable the SMTP. What might be wrong? Devendra Singh --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03
Re: [vchkpw] disable_external_relay
Dear Tonino, Thanks. It worked. I am delighted. BTW, where is this info stored in case of non-mysql limits? Devendra Singh At 03/12/03 15:04 (), tonix (Antonio Nati) wrote: Devendra, you must set/modify that flag for users already existing. If you run vuserinfo [EMAIL PROTECTED], you'll see if flag is active. If not, enable it (with vmoduser). Ciao, Tonino At 03/12/2003 03/12/2003 +0530, Devendra Singh wrote: Dear Tonino, 1. I have put the .qmailadmin-limits into the /home/vpopmail/domains/0/del4.intermesh.net with following rights: -rw---1 vpopmail vchkpw126 Dec 2 18:59 .qmailadmin-limits and contains: maxpopaccounts: 10 maxaliases: 0 maxforwards: 10 maxautoresponders: 0 maxmailinglists: 0 default_quota: 41943040 disable_smtp 2. It's not a Open Relay Server. Checked with http://members.iinet.net.au/~remmie/relay/ and with http://spamlart.homeunix.org/ (Server referenced above is a test Server) Devendra Singh At 02/12/03 20:35 (), tonix (Antonio Nati) wrote: Devendra, 1) did you set this flag up? 2) Are you sure you are not an open relay? Tonino At 02/12/2003 02/12/2003 +0530, you wrote: At 24/11/03 21:46 (), Tom Collins wrote: On Monday, November 24, 2003, at 03:37 AM, tonix (Antonio Nati) wrote: No,it works only for pop-before-SMTP. I suggested to use it also for SMTP relay, but it wqas preferred to add a dedicated bit for SMTP relaying. Use disable_smtp in the .qmailadmin-limits file to disable SMTP access for the domain. The current version of vpopmail (5.3.30) supports this flag. I upgraded to vpopmail-5.3.30, qmailadmin-1.0.29. Recompiled Courier-Imap-1.7.3. But, I am still not able to disable the SMTP. What might be wrong? Devendra Singh --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03
[vchkpw] Removing the CatchAll Account column from Email Accounts Page
Hi List Members, Is it possible to remove the CatchAll Account column from Email Accounts Page of qmailadmin v5.3.30? How to do it? Thanks for the pointer in advance. __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India Voice : +91-120-2543945, 2543946, 2543947 Fax: +91-120-2543943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __ --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03
Re: [vchkpw] disable_external_relay
At 24/11/03 21:46 (), Tom Collins wrote: On Monday, November 24, 2003, at 03:37 AM, tonix (Antonio Nati) wrote: No,it works only for pop-before-SMTP. I suggested to use it also for SMTP relay, but it wqas preferred to add a dedicated bit for SMTP relaying. Use disable_smtp in the .qmailadmin-limits file to disable SMTP access for the domain. The current version of vpopmail (5.3.30) supports this flag. I upgraded to vpopmail-5.3.30, qmailadmin-1.0.29. Recompiled Courier-Imap-1.7.3. But, I am still not able to disable the SMTP. What might be wrong? Devendra Singh --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03
Re: [vchkpw] disable_external_relay
At 24/11/03 21:46 (), Tom Collins wrote: On Monday, November 24, 2003, at 03:37 AM, tonix (Antonio Nati) wrote: No,it works only for pop-before-SMTP. I suggested to use it also for SMTP relay, but it wqas preferred to add a dedicated bit for SMTP relaying. Use disable_smtp in the .qmailadmin-limits file to disable SMTP access for the domain. The current version of vpopmail (5.3.30) supports this flag. Dear Tom, Thanks for the info. Do you suggest to upgrade to vpopmail v5.3.30 and qmailadmin v1.0.29. Would it change my existing mysql tables w/o any hickups? Any precautions while upgrading? Suppose I change any configure options while upgrading, would it create any problem? (Sorry, asking too much). Currently, I am using vpopmail v5.3.20 and qmailadmin v1.0.24. Spam tagging is being done by Spamassissin v2.55 and qmail-scanner v1.16. Vpopmail is configured as: ./configure \ --enable-roaming-users=n \ --enable-default-domain=xxx..xxx \ [EMAIL PROTECTED] \ --enable-logging=p \ --enable-defaultquota=20971520S \ --enable-ip-alias-domains=n \ --enable-passwd=n \ --enable-clear-passwd=y \ --enable-domain-quotas=n \ --enable-mysql=y \ --enable-incdir=/usr/include/mysql \ --enable-libdir=/usr/lib/mysql \ --enable-many-domains=y \ --enable-auth-logging=y \ --enable-mysql-logging=y \ --enable-valias=y \ --enable-mysql-limits=n QmailAdmin is configured as: ./configure \ --enable-htmldir=/home3/indiamart/public_html/ \ --enable-cgibindir=/usr/local/apache/cgi-bin/ \ --enable-imagedir=/home3/indiamart/public_html/qmailadmin_images \ --enable-imageurl=/qmailadmin_images \ --enable-maxusersperpage=12 \ --enable-maxaliasesperpage=12 \ --enable-modify-quota=n \ --enable-help=y \ --enable-modify-spam=y \ --enable-spam-command=|/var/qmail/bin/preline /usr/local/bin/maildrop /home/vpopmail/etc/mailfilter __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India Voice : +91-120-2543945, 2543946, 2543947 Fax: +91-120-2543943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __ --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03
[vchkpw] disable_external_relay
Dear List Members, What does disable_external_relay do in the .qmailadmin-limits file? Can it be used to disable SMTP Relay even if I am using SMTP Authentication instead of POP-Before-SMTP? The install.txt says: *** quote *** You may disable these services: a) POP Access b) IMAP Access c) Roaming Users (External Relaying) d) Webmail Access e) Dialup Access f) Password Changing The syntax of the .qmailadmin-limits file for disabling the above services, respectively, is: disable_pop disable_imap disable_external_relay disable_webmail disable_dialup disable_password_changing *** unquote *** __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India Voice : +91-120-2543945, 2543946, 2543947 Fax: +91-120-2543943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __ --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.528 / Virus Database: 324 - Release Date: 16/10/03
Re: [vchkpw] vpopmail virus scanning - but per domain
At 01/08/03 08:40 (+0200), Kosztik Istvan wrote: hi! I know, may it asked many times :))) I would like to do virus scanning per virtual domain. is there any solution of this? Üdv, Kosztik You may like to try qmail-scanner-1.16-domainscan.diff from http://www.no-way.org/software to add per-match qmail-scanner. I have used it and found good. Devendra Singh --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.506 / Virus Database: 303 - Release Date: 01/08/03
RE: [vchkpw] ETRN / serialmail-AUTOTURN with vpopmail - How to ?
At 05/08/03 13:07 (-0700), Clayton Weise wrote: I think what needs to be understood here is that vpopmail, qmail, and autoturn (serialmail) are not really all related. The only common bond they share is qmail itself. qmail is the mail server that runs the show, and all it's doing is delivering emails. It decides how to, based on it's control files. In this case, we're talking about the rcpthosts (and possibly morercpthosts) and virtualdomains control files. As well as the /var/qmail/users/assign file, which gets compiled into the /var/qmail/users/cdb file. Here's the breakdown of how delivery works with qmail and where autoturn or vpopmail come into play. It should help you to better diagnose where your problem is coming from. SMTP connection opens up to your server for a domain you handle, let's say, example.com . qmail-smtpd answers the smtp connection and email for example.com. It checks if example.com is in rcpthosts, if it is, it accepts relay for it. It then checks the smtproutes file for an artificial smtp route, and then the virtualdomains file. In the virtualdomains file you have something that looks like this (if you're using vpopmail): example.com:example.com Seems simple enough. The first part is the FQDN itself, the second part is the user that it belongs to. This user is defined in the /var/qmail/users/assign file, but qmail actually reads the cdb file. You build the cdb file with the /var/qmail/bin/qmail-newu program. Inside your assign file you have something that looks like this: +example.com-:example.com:89:89:/home/vpopmail/domains/example.com:-:: The + in the begging signifies a catch-all account for the domain. qmail then looks in /home/vpopmail/domains/example.com for a .qmail-default file. If it finds one, it delivers to whatever that file instructs. This typically will contain the following: | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox That command pipes it over to vdelivermail, which delivers the email..and voila we have email. Ok.. now where do we fit in serialmail? Well, in the virtualdomains file, instead of assigning the domain to the example.com user in the assign file, we'll give it to autoturn so your virtualdomains file will look like this instead: example.com:autoturn-1.2.3.4 Notice how we've assigned it to autoturn, but a specific autoturn user (1.2.3.4). 1.2.3.4 would be the IP address of the mail server that you're holding email for. This MUST be a static IP address. Inside your assign file, you have a line that looks like this for autoturn: +autoturn-:qmaild:82:81:/var/qmail/autoturn:-:: That tells qmail that the autoturn user also is a catch-all user, and that it lives in /var/qmail/autoturn. qmail then takes the email destined for example.com and tries to deliver it to /var/qmail/autoturn. Inside this folder, you'd create a .qmail-1:2:3:4 file that looks like this (note they are colons and not periods in the file name): ./1.2.3.4/ This tells qmail that anything destined for the autoturn-1.2.3.4 user (aka, anything for example.com) should be delivered to /var/qmail/autoturn/./1.2.3.4/ The 1.2.3.4 directory is created with the /var/qmail/bin/maildirmake program. Just type: /var/qmail/bin/maildirmake /var/qmail/autoturn/1.2.3.4 Then chown it as the qmaild user by doing: chown -R qmaild:nofiles /var/qmail/autoturn/1.2.3.4 Hope that helps to clear things up. -Clayton -Original Message- From: Evren Yurtesen [mailto:[EMAIL PROTECTED] Sent: Monday, August 04, 2003 10:31 PM To: Devendra Singh Cc: [EMAIL PROTECTED] Subject: Re: [vchkpw] ETRN / serialmail-AUTOTURN with vpopmail - How to ? I think you should explain what you did and where you failed and what is going wrong etc. Now you cant expect us to write you a manual for this only for you. At least nobody would do that for free only for one person's benefit. Then again after all that work, you might say that you still do not understand etc. So it is a difficult situation for all of us. We do not know your exact problem. We can not tell you how to fix it. We can guide you but you must go through the door yourself :) Here is my qmail-smtpd run file which was working when I used serialmail if it is any help. This was the most difficult part for me. --- exec /usr/local/bin/tcpserver -p -R -x /usr/local/vpopmail/etc/tcp.smtp.cdb \ -u82 -g81 -v -c100 0 smtp \ sh -c ' /var/qmail/bin/qmail-smtpd cd /var/qmail/autoturn exec setlock -nx $TCPREMOTEIP/seriallock \ maildirsmtp $TCPREMOTEIP autoturn-$TCPREMOTEIP- $TCPREMOTEIP AutoTURN ' \ `hostname --fqdn` /usr/local/vpopmail/bin/vchkpw /usr/bin/true 21 --- On Tue, 5 Aug 2003, Devendra Singh wrote: At 04/08/03 06:27 (+0300), you wrote: Yes you can use serialmail for some domains and for some not please just read the readme files which
Re: [vchkpw] ETRN / serialmail-AUTOTURN with vpopmail - How to ?
At 04/08/03 06:27 (+0300), you wrote: Yes you can use serialmail for some domains and for some not please just read the readme files which come with serialmail. they have all the elaboration you need. I have made an excellent working setup from the readme file in a few hours only. There was even a working example if I remember right. Evren Dear vpopmail experts, I did read the Readme and Install many times. But could not understand how to mix and match the Serialmail with vpopmail. I am not a qmail / vpopmail guru. If anyone has done this before, please help me out. But I was able to configure VODMR (ATRN) and tested it working. Thanks in anticipation. Devendra Singh --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.506 / Virus Database: 303 - Release Date: 01/08/03
Re: [vchkpw] ETRN / serialmail-AUTOTURN with vpopmail - How to ?
Date: Fri, 1 Aug 2003 14:00:00 +0300 (WET) From: Evren Yurtesen [EMAIL PROTECTED] To: Devendra Singh [EMAIL PROTECTED] cc: [EMAIL PROTECTED], Sunil Soni [EMAIL PROTECTED] X-Filtered-With: RenAttach 1.1.1 (www.pc-tools.net) - goodlist filter Subject: Re: [vchkpw] ETRN / serialmail-AUTOTURN with vpopmail - How to ? you shouldnt have a domain in vpopmail when you use serialmail... so you can delete the lines. qmail will queue all the email which come to a domain into the autoturn directory you give to it, the client should have a static ip address which will connect to qmail-smtp, when the client connects, serialmail knows this client from the autoturn directory and will push all the emails from that clients autoturn directory to the client. etc. This approach has the drawback of queing mails for users which do not exist. Evren On Fri, 1 Aug 2003, Devendra Singh wrote: Hi ! I have Installed qmail 1.03+vpopmail 5.3.20+mysql with SMTP-AUTH patch with several Virtual Domains. I have also Installed serialmail. But, How do I invoke the serialmail for one domain. The AUTOTURN documentation says to put the line: +autoturn-:qmaild:7770:2108:/var/qmail/autoturn:-:: into the file /var/qmail/users/assign and asks to run qmail-pw2u but I already have following into the file /var/qmail/users/assign +del3.intermesh.net-:del3.intermesh.net:89:89:/home/vpopmail/domains/del3.intermesh.net:-:: +del4.intermesh.net-:del4.intermesh.net:89:89:/home/vpopmail/domains/del4.intermesh.net:-:: . How do I make the serialmail functional for the del4.intermesh.net (remember that I also have functional SMTP-AUTH Patch) ? My existing /var/qmail/supervise/qmail-smtpd/run is as below Does that mean that i have to remove all entries from the /var/qmail/users/assign ? Would I be able to use autoturn for some domains and normal pop3 / imap for others ? If anyone could elaborate a further more ! What's your opinion about an alternative called vodmr from http://romana.now.ie/vodmr ? --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.506 / Virus Database: 303 - Release Date: 01/08/03
[vchkpw] ETRN / serialmail-AUTOTURN with vpopmail - How to ?
Hi ! I have Installed qmail 1.03+vpopmail 5.3.20+mysql with SMTP-AUTH patch with several Virtual Domains. I have also Installed serialmail. But, How do I invoke the serialmail for one domain. The AUTOTURN documentation says to put the line: +autoturn-:qmaild:7770:2108:/var/qmail/autoturn:-:: into the file /var/qmail/users/assign and asks to run qmail-pw2u but I already have following into the file /var/qmail/users/assign +del3.intermesh.net-:del3.intermesh.net:89:89:/home/vpopmail/domains/del3.intermesh.net:-:: +del4.intermesh.net-:del4.intermesh.net:89:89:/home/vpopmail/domains/del4.intermesh.net:-:: . How do I make the serialmail functional for the del4.intermesh.net (remember that I also have functional SMTP-AUTH Patch) ? My existing /var/qmail/supervise/qmail-smtpd/run is as below #!/bin/sh # when QMAILQUEUE is set, all mail will be sent to the nominated script echo 'Starting qmail-smtpd...' QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl export QMAILQUEUE QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` VPOPMAILUID=`id -u vpopmail` VPOPMAILGUID=`id -g vpopmail` # softlimit needs to be set at something large such as 1500 # to allow virusscanning software to run successfully exec /usr/local/bin/softlimit -m 1500 \ /usr/local/bin/tcpserver -H -l0\ -v -x /etc/tcp.smtp.cdb \ -c 512 -R -u $VPOPMAILUID -g $VPOPMAILGUID 0 smtp \ /usr/local/bin/rblsmtpd -b -C \ -r 'relays.ordb.org:Your message was rejected because the mail server you use is configured to allow OPEN RELAY - More detailed information regarding this problem is available from http://www.ordb.org/lookup/?%IP%http://www.ordb.org/lookup/?%IP% - Please forward this error through to your email server support staff for easy resolution.' \ -r 'inputs.relays.osirusoft.com:Your message was rejected because the mail server you use is either configured to allow OPEN RELAY - More information regarding this problems is available at http://relays.osirusoft.com/cgi-bin/rbcheck.cgi?addr=%IP%http://relays.osirusoft.com/cgi-bin/rbcheck.cgi?addr=%IP% - Please forward this error to your email server support staff for resolution.' \ -r 'proxies.relays.monkeys.com:Your message was rejected because the message was sent from an OPEN PROXY - More information regarding this problems is available at http://www.monkeys.com/upl/listed-ip-0.cgi?ip=%IP%http://www.monkeys.com/upl/listed-ip-0.cgi?ip=%IP% - Please forward this error to your email server support staff for resolution.' \ /var/qmail/bin/qmail-smtpd del3.intermesh.net /home/vpopmail/bin/vchkpw /bin/true I am posting this to the list with lot of head scratching, in anticipation. Thanks in advance ! __ Devendra Singh IndiaMART InterMESH Limited B-1, Sector 8, Noida, UP - 201301, India Voice : +91-120-2543945, 2543946, 2543947 Fax: +91-120-2543943 Mobile: +91-9818342483 http://www.indiamart.com http://www.indiangiftsportal.com __ --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.484 / Virus Database: 282 - Release Date: 27/05/03