Re: [vchkpw] Compile issues
Hi Brad, > gcc -g -O2 -Wall -o vchkpw vchkpw.o libvpopmail.a -L/root/mysql/lib/mysql >-lmysqlclient -lz -lnsl -lcrypt -lm > /usr/bin/ld: cannot find -lz That means that zlib ist missing. > What is the -lz all about (I am a long way from being any kind of programmer...) "-l" specifies a library which gcc should link against. After "-l" follows the name of that library, in your case "z". It means the file /usr/lib/libz.so, which doesn't seem to be installed on your system. On Debian, you should install the zlib1g[-dev] package. Regards, Jonas
Re: [vchkpw] SMTP-Auth doesnt work properly
Hi Sven, > the mailclient sends the auth-infos to the server > the server sais "no authentiacation method found" by MD5-cram > authentication You said you're using vpopmail 5.2.1, which only supports PLAIN and LOGIN as authentication types. The current development version supports CRAM-MD5 since 5.3.6; see http://www.inter7.com/vpopmail/ChangeLog > and when i take normal Auth and sends with wrong > passwort, he sais "authentication wrong" - ok, but i can always send > my email - with, without or with wrong authentication Maybe you're already authenticed by POP3/IMAP4 if you compiled vpopmail with --enable-roaming-users=y? Jonas
Re: [vchkpw] some bug vopmail/qmailadmin with plaintext enabled
Hi, > if we use vpopmail with plaintext passwords enabled and some user > changes his password to string which contains ':' symbol - qmailadmin > doesn't list users after that account. Yes, you're right. That's the problem with every single text "database" that uses a colon to separate fields. qmailadmin simply sees that line as a line that doesn't have the right number of fields. (The same problem occurs with vpopmail installations that don't have clear text passwords enabled at all.) Dear Inter7 developers: What about quoting a colon as "\:"? Yes, that would need coordinated changes both in vpopmail and qmailadmin, but the current behaviour is confusing. Jonas
Re: [vchkpw] vpopmail/qmail + non virtualdomain aliases/forwards
Hi Stratsimir, > The only solution I am aware of is to make > .qmail-abuse in every domain dir, > but then the postmaster users will be able to delete those forwards > using vpopmail frontend. Bloody workaround: After creating .qmail-abuse, do a "chown root.root .qmail-abuse". People will be able to see that address, but they can't delete it. > I've tried to put .qmail-abuse in /var/log/qmail/alias - it didn't > worked for me. It doesn't work in general because ~alias is only consulted if no matching user is found. Jonas
Re: [vchkpw] Prb: Domain with dash
Hi Federico, > ../vpopmail/bin/vadddomain new-domain.com passwd > ../vpopmail/bin/vadduser [EMAIL PROTECTED] usr_passwd You edited output. I'm sure your domain name isn't "new-domain.com". We can't help you debugging if you hide the real data from us. > When I try to send an email to [EMAIL PROTECTED], qmail-send program > answer in this way: > > <[EMAIL PROTECTED]>: > Sorry, I couldn't find any host named new-domain.com You didn't show us the full bounce. We don't know which host sent this answer. > Obviously the DNS MX record is correct and the /var/qmail/control files too. Obviously not; otherwise it would work. Please be more specific when asking questions. Which is the _real_ domain name? Which server is sending you the bounce? Jonas
Re: [vchkpw] Don't understand this ...
Hi J., > As i looked at my logfiles today, I saw the following: > > 12:43:52 localhost vpopmail[4285]: vchkpw: password fail > > for every eMail-Account. But fetching eMail works. And it is the right > password. Bug? * Turn on more logging through passing "--enable-logging=v" to ./configure when compiling vpopmail. It helps you with debugging. * Do a "tail -f" on your maillog. Then poll mail. Maybe the log lines about failures are not current; you didn't show a date when quoting from your log. Jonas
Re: [vchkpw] using valias
Hi Joshua, > We used qmail with fastforward before. We had an entry in > our /etc/aliases file like this: > > [EMAIL PROTECTED]: employee1, boss, supervisor > [EMAIL PROTECTED]: employee2, boss, supervisor > [EMAIL PROTECTED]: boss > [EMAIL PROTECTED]: supervisor > > Question: > > How do I duplicate this using valias? I did this using .qmail-employee1 > etc. > But I want to be able to do this using valias - how? Assuming you have created somecompany.com as a vpopmail domain: valias -i [EMAIL PROTECTED] [EMAIL PROTECTED] valias -i [EMAIL PROTECTED] [EMAIL PROTECTED] valias -i [EMAIL PROTECTED] [EMAIL PROTECTED] valias -i [EMAIL PROTECTED] [EMAIL PROTECTED] valias -i [EMAIL PROTECTED] [EMAIL PROTECTED] valias -i [EMAIL PROTECTED] [EMAIL PROTECTED] (Entering just "valias" would have shown usage information.) You don't need aliases for boss and supervisor. Just create them as vpopmail users, and they'll receive mail. Jonas
Re: [vchkpw] authdaemond
Hi Ajai, > Its been awhile since I setup qmail+vpopmail+courier but I recently had > to do this on a new server. IIRC, you could disable authdaemond and just > use vchkpw with courier. How do I specify this? Please read my personal installation instructions: http://jonaspasche.de/courier-imap-daemontools.txt It covers everything you need to run Courier-IMAP with vpopmail. Jonas
[vchkpw] list domain aliases
Hi out there, for those of you who need to figure out which alias domains point to a specific vpopmail domain, here's a little shell script: --- cut here --- #!/bin/sh if [ ! $1 ] ; then echo "Usage: $0 " exit fi grep -e "[^:]:$1:" /var/qmail/users/assign | \ awk -F : '{ print $1 }' | sed 's/^+//' | sed 's/-$//' --- stop cutting here --- I saved it as "vlistaliasdomains". Have fun with it; comments welcome. Jonas
Re: [vchkpw] qmail+vpopmail+virus scanner
Hi Anonymous, please use a real name when posting. Thanks. > Is there a way to use a filter on every user in a vpopmail-domain directory > without putting the filter in every .qmail-user file ? Not on a per-domain basis. You can use server-wide scanners like qmail-scanner (http://qmail-scanner.sf.net/) to do so. > Or maybe set vpopmail > in a way so than it includes the filter when creating a domain or user. Would require a patch. I'm not aware of a patch that does what you want. Feel free to create one. :) Jonas
Re: [vchkpw] Denying internet email access for some users
Hi Winan, > I have to deny some users to send / receive email to /from internet users .. So simply delete their accounts. If a user can neither receive nor send mail using his account, his account is completely useless. > according to the above tcp.smtp configuration .. my users are still can send > / receive email to / from internet users .. am I missing something? Yes, a clean concept of what you need. Relaying doesn't have anything to do with _receiving_ mail. Please be more specific when describing. Tell us what should work. Tell us what should be prohibited. Give examples, when they help clarifying your problem. Jonas
Re: [vchkpw] postmaster for virtual domains
Hi Dale, > What do I need to do in order to send the failure notices to the postmaster of the > domain that the message is failing on. Right now all failures go to the default >domain. That's not true. Failure messages go to the _sender_ of the message. In case of a _double_ bounce (= qmail couldn't deliver the bounce), a double bounce message is delivered to the system wide postmaster, which can be configured through /var/qmail/control/doublebounce(to|host). See the qmail documentation. > I want the failures for say virtualdomain1.com (ie: user is over quota) to go to the >postmaster of > virtualdomain1.com instead of [EMAIL PROTECTED] That's not possible without changing the vpopmail code. To give you a better understanding of the vpopmail system: qmail-local calls vdelivermail through .qmail-default. vdelivermail tries to find an account to deliver the mail to. If it works, it delivers the mail. If not, it exists with an error code. qmail-local sees that error code and sends back a bounce to the sender. It's simply that: Success means: success, failure means: bounce mail. Jonas
Re: [vchkpw] Can postmaster set user quota
Hi Manish, > But I am facing a problem that I want to give the rights of disk usage > per user to the domain postmaster. What's wrong with the vsetuserquota program? Jonas
Re: [vchkpw] install Problem vpopmail
Hi Roland, > I have a question to vpopmail. I want to use vpopmail to easy admin a > running qmail e-mail-server. > The ./configure script says one error. the > flag --enable-sqlincdir=/path/to/include/mysql can't find the MySQL Include > files. You did "./configure [...] --enable-sqlincdir=/path/to/include/mysql"..? Note that you have to adapt this path to reflect the real location of your include files. > But the include files are at that place. (I have MySQL not in the default) Obviously not, otherwise it would work. * Which vpopmail version are you using? * Show us your _full_ ./configure command. * Show us the _full_ error message. > How can I fix this error message? You'd better fix the problem, not the error message ;-)) Jonas
Re: [vchkpw] Duplicate Messages.
Hi Bruce, > Can somebody explain why I have to create the .qmail files for the delivery? Yes, the qmail-send log. Please read it, or post the according log snippet if you're unsure how to interpret it. Jonas
Re: [vchkpw] why create user in mydomains/0/ folder
Hi Jasmine, please read first: http://jonaspasche.de/common-errors/bad-thread-start > Who know the reason and the solution? Could you tell me? Michael already gave you the reason why vpopmail created that "0" directory, but the solution to your problem is still pending. Please look into the qmail-send log to see what's happening when sending mail to that account. Post the according log snippet if you're unsure how to interpret. Jonas
Re: [vchkpw] ~/vpopmail/tcp.smtp.cdb doesn't get created
Hi Trevor, first of all, please read: http://jonaspasche.de/common-errors/bad-thread-start > I have an issue where in /home/vpopmail/etc/open-smtp gets created but > ~/vpopmail/etc/tcp.smtp.cdb doesn't get created at all. Please show us your full ./configure line. > drwxr-xr-x2 vpopmail vchkpw112 Feb 6 15:07 . > drwxr-xr-x8 root root 192 Feb 5 19:17 .. > -rw-r--r--1 root root 54 Feb 6 15:07 open-smtp > -rw-r--r--1 root root0 Feb 5 19:19 open-smtp.lock The configure script tries to find: 1) "$vpopmaildir"/etc/tcp.smtp 2) /etc/tcp.smtp 3) /etc/tcprules.d/qmail-smtpd As it didn't find 1), it took /etc/tcp.smtp which (I guess, but you can check it) exists. [...] > /usr/local/bin/tcpserver -v -R -l 0 -x /etc/tcp.smtp.cdb -c [...] So you're actively _using_ /etc/tcp.smtp.cdb, why are you waiting for ~vpopmail/tcp.smtp.cdb? > [trevor@linmail qmail-smtpd]$ cat ../qmail-pop3d/run > #!/bin/bash > exec /usr/local/bin/softlimit -m 200 \ > /usr/local/bin/tcpserver -v -R -H -l 0 0 110 > /var/qmail/bin/qmail-popup \ > FQDN /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir > -x /etc/tcp.smtp 2>&1 Who gave you that script? It's wrong. 1) "-x" is an argument for tcpserver. You entered it as an argument for qmail-pop3d. Remove it. 2) "-x" expects a cdb file (tcp.smtp.cdb), not a text file (tcp.smtp). 3) qmail-pop3d doesn't need that file at all. 4) "FQDN" should have been replaced with your fully-qualified hostname. > Though in the above scripts i am forcing updation of > /etc/tcp.smtp.cdb No, you don't. What makes you think you do? > While compiling i have even specified at the CLI the path to the > tcp.smtp.cdb filebut neither the /etc nor the ~/vpopmail/etc/*.cdb > files are getting created/updated. Again, don't tell us the interpretation of what you did; show us your full ./configure line. And fix your startup scripts. After that, we can go further. > Am in quite a fix..seems to be a very trivial issue but is really > nagging me as i have to push our organisations mail server into > production state. If you're in a hurry, http://qmail.org/top.html#paidsup lists some companies that do commercial support. Jonas
Re: [vchkpw] libmysqlclient not found
Hi Roland, > so far the installion worked. > I now want to add a new domain to vpopmail. > But I get an error message, that libmysqlclient file could not be found. > Original message: > [root@dc4 bin]# ./vadddomain mydomain.de > ./vadddomain: error while loading shared libraries: > libmysqlclient.so.10: cannot open shared object file: No such file or > directory > > The libmysqlclient file is in the path I gave to configure command. Obviously not, otherwise vadddomain wouldn't have said "No such file or directory". :-) Is the version number of the .so file correct? Use strace to see which file vadddomain is really looking for. Show us your full ./configure line as well as the output from "ls -l" within your lib directory which you specified at compile time. Jonas
RE: [vchkpw] libmysqlclient not found
Hi Roland, > yes, the libmysqlclient.so.10 exists and is in > /usr/local/mysql/current/lib/mysql Ok, compare that with your strace output (I grep'ped for libmysqlclient.so.10): > open("/lib/i686/mmx/libmysqlclient.so.10", O_RDONLY) = -1 ENOENT (No such > file or directory) > open("/lib/i686/libmysqlclient.so.10", O_RDONLY) = -1 ENOENT (No such file > or directory) > open("/lib/mmx/libmysqlclient.so.10", O_RDONLY) = -1 ENOENT (No such file or > directory) > open("/lib/libmysqlclient.so.10", O_RDONLY) = -1 ENOENT (No such file or > directory) > open("/usr/lib/i686/mmx/libmysqlclient.so.10", O_RDONLY) = -1 ENOENT (No > such file or directory) > open("/usr/lib/i686/libmysqlclient.so.10", O_RDONLY) = -1 ENOENT (No such > file or directory) > open("/usr/lib/mmx/libmysqlclient.so.10", O_RDONLY) = -1 ENOENT (No such > file or directory) > open("/usr/lib/libmysqlclient.so.10", O_RDONLY) = -1 ENOENT (No such file or > directory) As you see, "/usr/local/mysql/current/lib" is not checked for that file, so I suggest you put this directory into /etc/ld.so.conf and run ldconfig to update the list of shared objects. Use "ldconfig -v | grep libmysqlclient" to see if it's listed. Then try vadddomain again. Jonas
Re: [vchkpw] handled user
Hi made, > Just to the point. How many users can vpopmail handled? From the > manual i already read, i'm still confused about how vpopmail handled more > than 100 users on one virtual domain! would you give me some > reference or a clue for this one. Quoting from http://inter7.com/vpopmailfeatures.html: [...] * Support for 1 to 23 million virtual email domains using a "grow as it goes" balenced directory tree. * Support for 1 to 23 million email users per domain using the same balenced tree structure. [...] Jonas
Re: [vchkpw] Autoresponder + EZMLM?
Hi Duncan, > The "vacation" message never makes it to the list (I understand this is > normal) Yes, that's correct. I'm sure you don't want vacation messages distributed through the mailing list. :-) > and any postings to the list never make it to the person with > their "vacation" autoresponsder set up. That's bad, without question. > deferral: AUTORESPOND:_I_can't_handle_a_message_with_a_Mailing-List_header I often noticed the autoresponder doing stupid things. In case of "I can't handle a message with a Mailing-List header" I suggest it should exit silently with an error code of 0 instead of 100 because... * 100 prevents the message from being delivered to the final recipient * Nobody is interested in getting informed about a vacation message that hasn't been created Anyway, I wonder why your log notes this line as "deferral". Judging from the source (I have autoresponder 2.0.3) it exits with 100 which means "hard error" = "failure", while only 111 should generate deferrals. Hopefully somebody can bring some more light into this. I guess the autoresponder's exit codes need some additional review. Jonas
RE: [vchkpw] Duplicate Messages.
Hi Bruce, > (a) Before I created the file .qmail-lists > > Feb 10 12:40:20 radar mail: 1044898820.602392 new msg 103789 > Feb 10 12:40:20 radar mail: 1044898820.605824 info msg 103789: bytes 2455 > from <[EMAIL PROTECTED]> qp 2616 uid 500 > Feb 10 12:40:20 radar mail: 1044898820.734291 starting delivery 88: msg > 103789 to local [EMAIL PROTECTED] > Feb 10 12:40:20 radar mail: 1044898820.736996 status: local 1/10 remote 0/20 > Feb 10 12:40:22 radar mail: 1044898822.189478 delivery 88: success: > did_0+0+2/ > Feb 10 12:40:22 radar mail: 1044898822.248579 status: local 0/10 remote 0/20 > Feb 10 12:40:22 radar mail: 1044898822.532584 end msg 103789 Ok, please tell us the output of: grep bknonix.com /var/qmail/users/assign And the output of: ls -la And the output of: cat /.qmail-default Jonas
[vchkpw] Feature request: Usage of SSLREMOTEIP
Hi out there, I have a small feature request for vpopmail. Currently, I'm checking out if I could successfully use ucspi-ssl instead of ucspi-tcp for accepting network connections. Things are a lot easier with this tool, because you can simple set up your SSL certificates and replace "tcpserver" with "sslserver", and you're done. For those of you that are unfamiliar with ucspi-ssl yet: You can inform yourself on the following website. http://www.superscript.com/ucspi-ssl/intro.html The drawback is that tcpserver sets (besides others) the environment variable TCPREMOTEIP, which vchkpw uses for logging and for opening dynamic relays. sslserver from the ucspi-ssl package set SSLREMOTEIP instead, which causes vchkpw to stop logging IP addresses as well as its functionality for roaming users. What do you think: Should vpopmail read SSLREMOTEIP in addition to TCPREMOTEIP, using whatever of them is set? Does anyone know a workaround until either vpopmail reads SSLREMOTEIP or ucspi-ssl sets TCPREMOTEIP? Jonas
Re: [vchkpw] vpopmail newbie
Hi Paul, > vpopmail-5.3-16 on my Debian-box > ./configure with mysql sends me this error message: > > /usr/bin/ld: cannot find -lz > > any idea? Yes, the "z" library is missing. It's a standard compression library found on most systems. On Debian, you should install the zlib1g[-dev] package. Jonas
Re: [vchkpw] pop before smtp respect tcp.smtp.cdb???
Hi Jaime, > First, i installed "pop before smtp" because finally "smtp auth" don't work > for me!! That's your first question..? :) > Second, the file "tcp.smtp" be first transformed in tcp.smtp.cdb, the initial > configuration it's respected by vpopmail programs I don't understand that question. vchkpw adds authenticated users to ~vpopmail/etc/open-smtp, and tcp.smtp.cdb is compiled from both tcp.smtp and open-smtp. > Because in the begining i need add a " :allow,RBLSMTPD="" " to verify in > blacklist a email (i have instaled qmail-scaner-queue and spamassassin) but > put this "RBLSMTPD" in the begin help to smtp do not accept mail and save > process Sorry, I tried my best to understand what you said, but can you please describe your problem again in more detail and in more proper english? I know, we're a lot of non-native speakers on the list, but I simply didn't get your question. > I need back up all my mail, from and to my domains, preferences order by > domain (in a dir of a domain or a account of then).. Any suggestion??? Yes, read the archives. > I probe compile "qmail-auditor" but fail, i try patch qmail with another > (dont' remenber name now), but this patch it's not compatible with another > off my patch, i tested ".qmail" but only forward the "FROM" i need the "TO" > also... so.. Sorry..? Eh? You don't expect us to answer on questions on patches you don't remember that aren't compatible with patches you don't remember, don't you? > PD: And REMEMBER set /control/rcpthosts, last saturday i have SPAMMED over 1 > million spam email, luck i have close my output and this save me... anybody > need email's to SPAM??? No, thanks. Jonas
Re: [vchkpw] Hello! how I can do the aliasing works with vpopmial?
Hi Anton, > I've tryed making alias by using the qmail manual instructions... > making .qmail-info in ~alias dir ot qmail it was working until I didn't > get vpopmail installed... This is because the domain you're referring to changed from being "local" to "virtual". > how can I make [EMAIL PROTECTED] to be redirected(aliases) to > [EMAIL PROTECTED] ? If lozenetz.net is in /home/vpopmail/domains, simply do: echo "[EMAIL PROTECTED]" > \ /home/vpopmail/domains/lozenetz.net/.qmail-info Or use qmailadmin to make that task even more simple. > I've tryed to put &[EMAIL PROTECTED] in the domain lozenetz.net > .qmail-default file but nothing happened... Don't; the .qmail-default file delivers mail to your virtual POP accounts. They will break if you replace the vdelivermail call with a forwarding rule. Jonas
Re: [vchkpw] authentication of default and virtual domain users
Hi Zafar, > i am using qmail on redhat linux.i have one default domain of linux and > other 2 domain as virtual domains through vpopmail. Do you mean that the first domain is local (instead of virtual), or that you defined it as the default domain in vpopmail? > qmail-pop3d authenticatet the only virtual domain users. Yes, because it uses vchkpw, the _virtual_ password checker. If you want to retrieve mail from system accounts that don't belong to virtual domains, recompile vpopmail with "--enable-passwd=y". > Before installing vpopmail and configuring virtual domains ,it work the > default domain users. Before installing vpopmail, you used another password checker than vchkpw. Doesn't it sound logical that using a different password checker leads to different results? > MAXPOP3D=`head -1 /var/qmail/control/concurrencypop3` > if [ -z "$MAXPOP3D" ]; then > echo MAXPOP3D is unset in > echo $0 > exit 1 > fi > exec /usr/local/bin/softlimit -m 200 \ > /usr/local/bin/tcpserver -v -R -H -l 0 -x /etc/tcp.pop3.cdb -c > "$MAXPOP3D" \ >0 110 /var/qmail/bin/qmail-popup FQDN /home/vpopmail/bin/vchkpw \ > /var/qmail/bin/qmail-pop3d Maildir 2>&1 You should replace FQDN with your fully-qualified hostname. > so how can i authenticte both users through pop3 and also with courier-imap > too. You should ask the latter on the Courier-IMAP list. Courier-IMAP supports "stacking" of authentication modules, so you simply have to use vchkpw along with a generic /etc/passwd (/etc/shadow) checker. Jonas
Re: [vchkpw] Domain based relay.
Hi Alfredo, > How can I deny certain vpopmail domains from sending e-mails to an > external network. Judging from the docs: "vmoduser -r ". Jonas
Re: [vchkpw] add domain based on a system user
Hi Manish, > I have installed qmail+qmailadmin+sqwebmail and assigned OS quota to a > user test.Then, I have added a domain using option > -u user (sets the uid/gid based on a user in /etc/passwd) > > #./vadddomain -u test xyz.com > > the command works well and the domain is added into the > /home/test/domains directory. But when I login in to > qmailadmin/sqwebmail it shows "Invalid Login". The qmailadmin and sqwebmail binaries are setuid vpopmail and setgid vchkpw by default. You have to issue: chown root.root /path/to/qmailadmin chmod ug+s /path/to/qmailadmin (The same for sqwebmail.) Jonas
Re: [vchkpw] Authentication problem
Hi Zafar, > i am using qmail on redhat linux.i have one default domain of linux and > other 2 domain as virtual domains through vpopmail. > [...] You asked exactly the same question under the subject "authentication of default and virtual domain users" a couple of days ago, and I posted an answer, which you didn't comment. Please don't double-post the same question, especially not if somebody already answered it. If my answer didn't solve your problem, tell us what exactly happened. Jonas
Re: [vchkpw] Feature request: Usage of SSLREMOTEIP
Hi Anders, > > Does anyone know a workaround until either vpopmail reads SSLREMOTEIP > > or ucspi-ssl sets TCPREMOTEIP? > > How about something like (untested): > "(env TCPREMOTEIP=$SSLREMOTEIP /home/vpopmail/bin/vchkpw)" > in your startup script instead of just "/home/vpopmail/bin/vchkpw" ? I tested it, but it doesn't work that way. I have now patched sslserver to set TCPREMOTEIP instead, according to Charles' idea, which works fine. Thanks for your support! Jonas
Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?
Hi Ben, > Apologies if this is already answered elsewhere -- I didn't see it. What > should the file permissions and ownership be for the tcprules tcp.smtp file > in order to enable vpopmail pop-before-smtp roaming user support? In other > words, for qmail/vpopmail to temporarily add an IP address for > pop-before-stmp temp-relay support, what setup do I need? vpopmail doesn't need to write to tcp.smtp (as you can see, the file never changes, even not without roaming users). tcp.smtp only contains _static_ rules for allowing/disallowing connections and relaying. vpopmail saves relaying information in ~vpopmail/etc/open-smtp, and it creates tcp.smtp.cdb (which is used by tcpserver) from both tcp.smtp and open-smtp. In short, you need: - read permissions on tcp.smtp - write permissions on tcp.smtp.cdb Judge for yourself if relaying data is sensible or not, to decide if you want these files to be group- or world-readable, or not. Jonas
Re: [vchkpw] Problem....
Hi Bill, > Unfortunately it is in the file rcpthosts. > > Any other ideas ?? Yes - please provide proper error reports. In your case, at least the full target address, the output of "qmail-showctl", and the full error message. No part of qmail says exactly "relay denied", so please be specific, or we don't understand exactly what your problem is about. Thanks, Jonas
Re: [vchkpw] smtp filter proxy
Hi Jesse, > I'd like to insert an SMTP filter proxy between tcpserver and qmail > (or, in my case: rblsmtpd) that reads a file or cdb containing > all of the domains in my rcpthosts file, and REJECTS messages that are > addressed FROM one of those domains UNLESS the RELAYCLIENT > environment variable is set (which would mean that it's legitimate > email from one of my customers). Unlike rblsmtp, you'll have to let the SMTP session take place, because you wouldn't have the envelope sender address. Thus, you need a filter between qmail-smtpd and qmail-queue. A generic filter is already available: http://untroubled.org/qmail-qfilter/ It's easy to implement, and there are a some simple examples in the source tarball that show how you'd be able to write a filter that fits your needs in any programming language you want. > The idea seems relatively simple, and I can't immediately think of any > problems with it. Let's say, I am [EMAIL PROTECTED] As I'm currently at home, I'm using my local qmail server to relay mail to the outside. Though I don't use the wingnet.net mail server, I have an identity called [EMAIL PROTECTED] configured in my mail client. If I send some mail to your server (that is expected to be configured in the way you said), it would not accept a mail from me to [EMAIL PROTECTED], because I'm using wingnet.net (one of your domains) as my From address, but I haven't authorized myself to relay, because I don't relay through your server - I simply send a mail to you. > And Implementing it would greatly reduce > spam with forged headers claiming to be from one of my customers. No, even if you patch your mailserver, I'm still able to send out mail appearing to be from [EMAIL PROTECTED] or [EMAIL PROTECTED] That's simply not under your control. Your idea has the following conclusions: 1) A wingnet.net user that isn't authorized to relay is able to send mail to any local domain on your server, using any envelope sender address he wants (but none from your domains!) 2) A wingnet.net user that is authorized to relay is able to send mail to any user in the world, using any envelope sender address he wants. 3) An outside user is authorized to send mail to you as long as he doesn't use one of your domains that are managed by your server. 4) You do not prohibit anybody in the world to send mail to anybody in the world using one of your domains in his envelope sender address. I think, your idea simply isn't the right approach to your problem, which I still don't completely understand. Please describe more appropriatly what type of messages from whom to who you want to disallow. Jonas
Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?
Hi Jesse, > I'm a little confused about this myself... > Does 'open-smtp' not get created if you have mysql support enabled? No; IP adresses that are allowed to relay are written into the "relay" table. Jonas
RE: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?
Hi Jesse, > His ~vpopmail/etc/open-smtp a file I should have manually created at > some point in time (touch open-smtp)? No. As you use the MySQL backend, there is no need for that file. You should have mentioned in your first post that you're using MySQL as a backend. Rule of thumb: If you did anything other besides a plain "./configure" when compiling qmail, let us know your configure line if you post a question, or tell us about ("I have compiled vpopmail with roaming users support and the MySQL backend"); it prevents unneccessary confusion. > Where I'm also > lost, then, is that my /etc/tcp.smtp and /etc/tcp.smtp.cdb files are both > owned by root:root at present (this seems incorrect to me) and are both > chmod 644. The tcp.smtp.cdb file has to writable to the user that handles the POP3 session for the authenticed user. In many cases, this is vpopmail.vchkpw, but it might be another user if you created domains with the "-u " argument. Try "chown vpopmail.vchkpw /etc/tcp.smtp.cdb" first and see if it works. Jonas
Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?
Hi Jesse, > I may just be mouthing off again, but I gather from the last paragraph in > INSTALL that vpopmail may not even bother with vpopmail/etc/tc.smtp and > open-smtp anymore. vpopmail never writes to tcp.smtp. It need read access to that file when building tcp.smtp.cdb. vpopmail writes open-smtp if you have configured it for roaming users, but without MySQL support. vpopmail writes tcp.smtp.cdb, if you have configured it for roaming users, independent of wheter you have enabled MySQL support or not. > I think the default may be to assume that since you're > using MySQL, you should use Matt Simerson's tcpserver-mysql patch. The relay > table is certainly populated in my database, but the vpopmail/etc/tcp.smtp.cdb > is NOT generated. I bet on write permissions. > Personally, I don't have any qualms about vpopmail defaulting to MySQL > based tcpserver relay control when I'm using MySQL. It actually doesn't. > However, I strongly > disagree with the INSTALL wording if that's the case! It makes it sound > like Matt's patch is only "suggested", but it honestly seems to be REQUIRED > when mysql support is enabled in vpopmail. The INSTALL file is right. Don't blame it just because your setup didn't work. You simply didn't care about the permissions on tcp.smtp.cdb - it's obvious that vpopmail can't write to that file if it's only writable by root while you don't have vchkpw running as root. Jonas
[vchkpw] vpopmail and tcpserver-mysql (was: Re: [vchkpw] tcp.smtp fileperms/owns for -enable-roaming-users?)
Hi again, > > However, I strongly > > disagree with the INSTALL wording if that's the case! It makes it sound > > like Matt's patch is only "suggested", but it honestly seems to be REQUIRED > > when mysql support is enabled in vpopmail. > > The INSTALL file is right. Short note; quoting the INSTALL file: --- begin --- 13. For sites using the mysql module and --enable-roaming-users=y it is highly suggested to use Matt Simersons tcpserver-mysql patch. This removes the need for vpopmail to compile a tcp.smtp.cdb file for each pop authentication. Instead, tcpserver looks directly into the vpopmail mysql table of IP's. --- end --- It is correct that the tcpserver-mysql patch removes the need for vpopmail to compile a tcp.smtp.cdb file for each pop authentication. That's true, the _need_ for that functionality is removed - but not the functionality itself! vpopmail still compiles a tcp.smtp.cdb file, so the tcpserver-mysql patch doesn't mean anything to vpopmail. As vpopmail doesn't know of you're using the tcpserver-mysql patch, it has no way to know that it doesn't have to update tcp.smtp.cdb. I don't think there's a big performance hit using the tcpserver-mysql patch, as reading from a cdb file is already extremely fast. Thus, the benefit isn't in tcpserver itself; but it's the _possibility_ to remove the time-consuming tcp.smtp.cdb rebuild functionality from the vpopmail code. If you don't do that (manually), the tcpserver-mysql patch doesn't mean anything better to you compared to a working cdb setup without it. To make that patch really usable, vpopmail needs a way to know that it doesn't have to update tcp.smtp.cdb, maybe a ./configure parameter like "--i-use-the-tcpserver-mysql-patch-and-thus-do-not-need-cdb-updates". In some situations (like yours, Jesse), the tcpserver-mysql patch seems to act as a "fix", but it actually is a different thing. Your problems have been with file permissions, not with vpopmail requiring a patch that's marked as optional/suggested. It only looks like a fix because its totally different approach doesn't depend on file permissions. And, while we're at it... the newest README.mysql file tells us to... #define MYSQL_UPDATE_SERVER "localhost" #define MYSQL_UPDATE_USER "root" #define MYSQL_UPDATE_PASSWD "secret" #define MYSQL_READ_SERVER "localhost" #define MYSQL_READ_USER "root" #define MYSQL_READ_PASSWD "secret" >From a security perspective, it should be preferred to use a dedicated MySQL user instead of "root"; this would highly reduce the danger that a possibly table-corrupting vpopmail bug would have on MySQL data. Yes, it's the user's choice, and MySQL administrators should already know that, but IMHO the README.mysql file should set a good example here. Jonas
Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?
Hi Jesse, > First off, I didn't write the text you just replied to. That was written by the > other gentleman. You're absolutely right; my further posting should have been started with "Hi Benjamin". :-) > -- begin -- > 4. How do I allow roaming users to use our smtp server without opening >the machine up to everyone on the internet? > >Your startup script for the qmail smtp server must use the >tcpserver -x file command similar to this startup line. > > env - PATH="/var/qmail/bin:/usr/local/bin" \ > tcpserver -H -R -x /path/to/vpopmail/etc/tcp.smtp.cdb \ > -c20 -u504 -g503 0 smtp \ > /var/qmail/bin/qmail-smtpd 2>&1 > /dev/null & > -- end -- > > > This clearly implies that the tcp.smtp.cdb file is to be created by > vpopmail (or clearopensmtp) in the /path/to/vpopmail/etc/ directory. I agree that it can be understood that way. However, most users (at least the users that used "Life with qmail" to install qmail) have the tcp.smtp.cdb in /etc, and the line you quoted simply is confusing and should have included "/path/to/whereever/you/have/tcp.smtp.cdb". The trick is within the configure script. It reads: --- begin --- [...] tcpserver_file="" for f in "$vpopmaildir"/etc/tcp.smtp /etc/tcp.smtp /etc/tcprules.d/qmail-smtpd do if test -f $f then tcpserver_file=$f break fi done [...] --- end --- So it looks (in exactly in that order) for: 1) "$vpopmaildir"/etc/tcp.smtp 2) /etc/tcp.smtp 3) /etc/tcprules.d/qmail-smtpd Remember, we're at _compile_ time. When doing a fresh install, there isn't a tcp.smtp file in 1) in nearly all cases, but in 2). That's why vpopmail then adapts itself to use /etc/tcp.smtp and writes to /etc/tcp.smtp.cdb and not to ~vpopmail/etc/tcp.smtp.cdb. If you already have a vpopmail installation and a tcp.smtp in ~vpopmail/etc/, and then do a new ./configure (after "make clean"), vpopmail will find the file in location 1), where it has write access without hassles. > vpopmail clearly has write access. Yet a .cdb file was not created. vpopmail tried to create/update the .cdb file in /etc, which couldn't work without a permission change. > I even copied my /etc/tcp.smtp file here and ran clearopensmtp. > No .cdb file. As the location of the file is set at _compile_ time, moving files around at _run_ time doesn't affect anything. > So, I ask again: Does vpopmail now neglect to build a .cdb file when > --enable-roaming-users=y and --with-mysql are specified at > configure time? No. > Or is the FAQ incorrect, and vpopmail now tries to build the .cdb in > my /etc directory? It does. The FAQ suggests a path corresponding to location 1), while on most systems location 2) has been automatically chosen. That's in fact confusing and should be updated to make it clearer that the location depends on the compile time setting. However, ./configure is kind enough to tell you which location it uses: # ./configure --enable-roaming-users [...] vpopmail 5.2.1 Current settings --- vpopmail directory = /home/vpopmail uid = 89 gid = 89 ip alias = OFF --enable-ip-alias-domains=n (default) address extentions = OFF --enable-qmail-ext=n (default) roaming users = ON --enable-roaming-users=y tcpserver file = /etc/tcp.smtp <<< LOOK HERE open_smtp file = /home/vpopmail/etc/open-smtp user quota = OFF --enable-defaultquota=NOQUOTA default table optimization = many domains --enable-many-domains=y default auth module = cdb default system passwords = OFF --enable-passwd=n default file locking = ON --enable-file-locking=y default file sync = OFF --enable-file-sync=n default disable vdelivermail fsync auth logging = ON --enable-auth-logging=y default mysql logging = OFF --enable-mysql-logging=n default clear passwd = ON --enable-clear-passwd=y (default) valias processing = OFF --enable-valias=n pop syslog = show only failure attempts --enable-logging=e default default domain = --enable-default-domain= auth inc = -Icdb auth lib = The "default" setting is still ~vpopmail/etc/tcp.smtp, but it's obvious that vpopmail cannot use that file if it doesn't exist (yet) - which is the reason it chose the second location (/etc/) as the alternative. Jonas
Re: [vchkpw] smtp filter proxy
Hi Jesse, > Will qmail-queue give me access to the RELAYCLIENT environment variable? It should, as it's a subsequent process of tcpserver -> qmail-smtpd. You should ask the author of the QMAILQUEUE patch; we're on the vpopmail list, and this is a non-issue here. > I'm talking about spam in my users inboxes. I don't see how your approach means anything for spam reaching your user's inboxes. > > 4) You do not prohibit anybody in the world to send mail to anybody in > > the world using one of your domains in his envelope sender address. > > Not sure what you mean by this. You said in your first post: "Implementing it would greatly reduce spam with forged headers claiming to be from one of my customers." Let's say I'm a spammer and send mail appearing to be from [EMAIL PROTECTED] That's clearly a spam mail "with forged headers claiming to be from one of [your] customers". If you patch your mail server, it doesn't mean that I couldn't continue doing so. It simply changes nothing. The spam in your customer's inboxes rarely comes from addresses that are forged to use a domain of you. Reading your original post, your filtering rule is based on the question if the sender is allowed to relay, and if he is using one of your domains as the sender address. But the spam that goes into the inboxes of your customers is _not_ coming from these domains, and the originator is _not_ allowed to relay. So I simply don't get what kind of mail you want to eliminate. The filtering rule you offered doesn't stop spam to your inboxes in any way, and prohibits that I cannot send mail to accounts on your server when using one of your domains in the sender address, but not using your SMTP server to relay - yes, you can extend your tcp.smtp to allow it, but I simply don't see a reason why you forbid me to send mails to you the way I described! > I'd like to note here that I see three possibilities for implementing > this functionality: Let's have a look at that part if we I or some other list members have clearly understood what you want, and why. It still sounds like the wrong approach using a wrong technique to a wrong problem. :) Anyway, it's a non-issue on the vpopmail list and should be taken over to the qmail list. Jonas
Re: [vchkpw] vpopmail 5.3.19
Hi Kari, > CS> Personally, I think your billing system should be taking care of > CS> the > CS> removal/suspension of accounts... > > How would you do it with vpopmail? System accounts are a different > story. He was talking about "accounts", not "system accounts". It could have meant "vpopmail accounts", or anything else. Anyway, as pointed out a couple of times now: * Nobody seems to need a user expiry feature in vpopmail * Everybody that understands what you want suggests to use a cron job that deletes accounts that are obviously unused * There are already working solutions actively in use that do it exactly that way * Nobody seems to be willing to develop that feature * You don't want or don't be able to do it yourself Finally, this is Unix. You have a billing software that knows when an account expires. You have vdeluser that deletes a user. What's missing is the link between them, and that's a cron job as described above. We can tell you the right direction, but we cannot do your very own job. Following the Unix philosophy, we let every single tool do it's job, and get powerful solutions by combining these tools. Don't expect us do put bloat into the vpopmail code if a feature can be implemented easier and even more logical and elegant outside of vpopmail. If you still really want that feature to be added to vpopmail, pay a programmer to develop a patch for you. Please stop this thread now; it's all said. Jonas
Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?
Hi Jesse, > It seems to me that the whole ./configure autodetect of tcp.smtp is > hokey. I think it would make more sense to specify in the > INSTALL docs and in the configure script that there is a DEFAULT > location for tcp.smtp. The configure script does that, if you run "./configure --help". > Clearly /etc doesn't work real well because > of the default permissions, so I'd suggest "~vpopmail/etc". That _is_ the default location; it just doesn't get used in most cases because of a clumsy check, as I mentioned before. > Then, allow that default to be explicitly overridden by a configure > option like "--path-to-tcp-smtp=blah". That's already the case; again issue "./configure --help", or read the FAQ entry #8. > We could keep the current configure behavior and just make sure that > we document it in install, but I think trying to explain the > configure behavior would really confuse some people. Has my elaboration been confusing? ;-) IMHO, it's just the problem that users don't know about that "three location" thing without reading the configure script, thus expecting tcp.smtp file in the wrong place. > What do you think? I really wonder that this question hasn't come up earlier. ;-) Jonas
Re: [vchkpw] smtp filter proxy
Hi Jesse, > If I don't allow email to come into my network with forged FROM > headers(or even forged envelope sender headers if they're relevent) Here's already an error in your idea - you can't reliably see if a sender address is forged, and therefore: > how would that NOT prevent the spam from reaching my user's inboxes?? You can't identify these with your filtering rule. You cleary said that your filtering rule applies to mail that uses one of your domains (or these of your customers) as the From address. Thus your definition of a forged sender is: "Every mail with a sender address using one of my domains, but not relayed through our mail server". That might a more or less proper check (personally, I'd say: less), but doesn't match the vast majority of mails with forged sender addresses: Take 10,000 spam mails you collected in your users inboxes. How many of them have a (forged) sender that uses one of your domains in their From address? I'd really wonder if this is more than, let's say, one, unless your spam situation is _totally_ different than mine and probably most others. The spam mails I get (and I get a lot; thankfully SpamAssassin helps me pre-sorting them into a different IMAP folder) are from forged hotmail.com, yahoo.com or aol.com addresses in most cases. As long as Hotmail, Yahoo and AOL aren't your customers, your filtering rule would match nearly nothing. Summary: I think your filtering rule has nearly no effects on spam catching, _and_ it has drawbacks to your customers that want to use another mail relay than yours. I'd prefer not to use it. Jonas
Re: [vchkpw] smtp filter proxy
Hi Jesse, > > > If I don't allow email to come into my network with forged FROM > > > headers(or even forged envelope sender headers if they're relevent) > > > > Here's already an error in your idea - you can't reliably see if a > > sender address is forged, and therefore: > > But I can. It's simple: > > (If the user is NOT on one of my network IPs, OR, if the user has not > POPed before sending SMTP, ) AND the incoming email contains one of my > internal domains in the FROM (envelope or header), then it's bogus. > > Is there a problem with that? No. Have you read my posting completely? Just quoting myself: JP> You cleary said that your filtering rule applies to mail that uses one JP> of your domains (or these of your customers) as the From address. Thus JP> your definition of a forged sender is: "Every mail with a sender address JP> using one of my domains, but not relayed through our mail server". That JP> might a more or less proper check (personally, I'd say: less), but JP> doesn't match the vast majority of mails with forged sender addresses: It's just that - the test isn't really stupid, it just doesn't match nearly any mail because spam mails don't have one of your domains as their forged From address in nearly all cases. IMHO, it simply isn't worth the work, but feel free to implement it anyway. Let it write a log to see how many spam mails it really catches, and don't forget to check it for regular mail blocked by this rule, thus causing trouble for your customers. Jonas
Re: [vchkpw] no_mailbox_here_by_that_name
Hi Ihsan, > I am just installed a qmail+ vpopmail , and the server was running > nicely for a couple of days. But today , It started to give the > following "no_mailbox_here_by_that_name" error. > [...] > @40003e6c896f0f9d5e2c starting delivery 1: msg 81 to local [EMAIL PROTECTED] Did you perhaps put the domain in the "locals" file today? This line clearly shows that qmail doesn't interpret this domain as virtual (it would have said [EMAIL PROTECTED] in that case). > /var/qmail/control/locals file seems to be EMTPTY now. Is this the > normal situation? Yes. > After the regeneration of the domain in question, my message format > looks like the one below. As expected; see above. Jonas
Re: [vchkpw] no_mailbox_here_by_that_name
Hi Ihsan, please send answers to the list instead to me. Thanks. > I probably put the domain-name into this file and got stucked. As I > understood from my experiences ("no time to read at the moment,because my > Exchange Server has crashed.."), the /var/qmail/control/locals file should > contain NOTHİNG if we use vpopmail with qmail. Is that right.? Yes. Here's an excerpt of the qmail-send man page: qmail-send handles virtualdomains after locals: if a domain is listed in locals, virtualdomains does not apply. This implicitly means that a domain should always be _either_ in "locals" _or_ in "virtualdomains". Jonas
RE: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?
Hi Ben, > In my setup, I see the tcp.smtp.cdb file getting updated regularly, seeming > to indicate perhaps that the pop-before-smtp may actually be working. Is > there anyway to verify the contents of the cdb file to see if it actually > matches with the current relay table contents? To check if a IP address is listed: TCPREMOTEIP= tcprulescheck tcp.smtp.cdb Example for an IP that's allowed to relay: $ TCPREMOTEIP=62.226.202.17 tcprulescheck /etc/tcp.smtp.cdb rule 62.226.202.17: set environment variable RELAYCLIENT= set environment variable RBLSMTPD= allow connection Or use cdbdump from the cdb package to dump the whole .cdb file: http://cr.yp.to/cdb/cdbmake.html Jonas
Re: [vchkpw] IP alias Domain based for IP destination
Hi Juan, > Each domain has setup these options: > in the server 1: > --enable-default-domain=domain1.com in the server mail.domain1.com > and in the server 2: > --enable-default-domain=domain2.com in the server mail.domain2.com > > I would like have these two domains into a single computer, but I don't > control over the pool's of IP of my clients. That means, the IP address of domain1.com or domain2.com can suddenly change without notice, or what? I don't understand this. > For this reason I can't use the option --enable-ip-alias-domain. Are there any reasons against the setup of ~vpopmail1 and ~vpopmail2 with two differently compiled vpopmail installations? You will need two qmail-pop3d services then, each using either ~vpopmail1/bin/vchkpw or ~vpopmail2/bin/vchkpw. > Is possible change the vpopmail's source in order make this setup? I don't see the need to. Jonas
Re: [vchkpw] Vpopmail has broken non-virtual users/domain
Hi Anonymous, > I get a response start with -ERR, the authentication failed. But > when I try using my virtual user it went thru' > > How can I configure my non-virtual user and domain able to get > authenicated and receieve the mail?? ./configure --enable-passwd=y Jonas
Re: [vchkpw] can not get any mail
Hi Scott, > if you are saying i need to kill qmail-send. No; Rick told you to send a HUP. Anyway, you need to send a HUP to _qmail-smtpd_, not qmail-send, as the rcpthosts file is read by qmail-smtpd, not qmail-send. vpopmail normally does this automatically, but obviously did not in your case. > okay, i tried killall and it > did not kill it. i killed it with -9 and it restarted again a couple of > seconds later. That's what supervise is for. > durring that time i sent 2 more messages to > [EMAIL PROTECTED] and they are not showing up in the log > (/var/log/qmail/current) and i didnt recieve them or get any bounced > messages. Enter "/var/qmail/bin/qmail-qstat" and see if they're in the "unprocessed" state. > > more info from /var/qmail/control: This can be achieved easier with "qmail-showctl". > > it seems like it recieves the message, and doesnt > > know where to put it, and then just gives up. You have logs, so there's no need to "it seems like". Your test mail comes from the same domain that makes trouble, so qmail cannot send a bounce and will deliver it to the postmaster. If the postmaster address points to this address, too, you'll have a triple bounce, and qmail will discard it as it doesn't find a valid address to deliver the mail or a bounce message. > I did also notice that it > says > > uid 500 for one and 510 for the other. I have checked and rechecked the > > vpopmail and vchkpw uid and gid and they are all set to 89. i dont know > > where it is getting that uid of 500 and 510. The first message is generated by UID 500, which is propably the qmail-smtpd user. The second message is generated by UID, which is probably the qmail-queue user. Check your /etc/passwd to be sure. Jonas
Re: [vchkpw] POP before SMTP
Hi Andrew, > Hello, I have a qmail + vpopmail setup with --enable-roaming-users=y. Users > are able to authenticate and receive mail, and their IP is added to > open-smtp. Is tcp.smtp.cdb regenerated successfully? Use cdbdump from Dan's "cdb" package to find out: http://cr.yp.to/cdb/cdbmake.html > The problem is that it will authenticate a person and then allow > them SMTP access iff they are on 65.243.94.* (our class c, the server's > address is 65.243.94.6), but if they are coming from some other address, > then although POP authentication works, they are not allowed to use SMTP. Are you using an additional relaying technique besides static relaying (tcp.smtp) and roaming users, e.g. SMTP AUTH? Are you sure that messages from these hosts are actually to be _relayed_ instead of being locally delivered? Jonas
Re: [vchkpw] /var/log/messages activity
Hi Mark, > I am getting these three messages logged to var/log/messages every second > or two... > Can someone point me in the right direction? Its a fairly new situation. > What have I done? Regular messages always sound like cron jobs or runwhen jobs. Did you use ps to find out which process is actually executed? Jonas
Re: [vchkpw] autoresponder problems
Hi John, > My autoresponder for a client just will not work. It seems set up > okay - within the user's directory but a response will not go out. > The qmail log says "AUTORESPOND Stopping_on_mail_from []" I have > tried reinstalling the auto reponder but no go. COuld this be an smtp > daemon problem on my qmail server? Please start analyzing this problem giving us the _full_ qmail-send log for that delivery. Jonas
Re: [vchkpw] vpopmail : forwarding a catch-all to an externaladdress
Hi Jan, > I've asked this same question before, but I haven't received an > answer/solution yet. > The following problem occurs when a catch-all should be forwarded to an > external address : The email is only delivered locally to the catch-all > account. Where does it actually get delivered, as there isn't a "i-am-a-test" account in reality? > [EMAIL PROTECTED]:/var/vpopmail/domains/groenen.nl# ls -la > total 352 > drwx--5 vpopmail vchkpw 4096 Feb 27 21:53 ./ > drwx-- 13630 vpopmail vchkpw 331776 Mar 13 14:02 ../ > -rw---1 vpopmail vchkpw 58 Jul 23 2002 .qmail-default > -rw---1 vpopmail vchkpw 71 Feb 27 21:53 .qmail-postmaster > drwx--3 vpopmail vchkpw 4096 Aug 4 2002 kantoor/ > drwx--3 vpopmail vchkpw 4096 Dec 4 2001 postmaster/ > drwx--3 vpopmail vchkpw 4096 Jul 25 2002 vakantie/ There are two files missing: vpasswd and vpasswd.cdb. Probably this is the reason for a strange behaviour of vdelivermail (which should be use better error-catching, if this is really the case). I'd suggest deleting and recreating the three users, or restoring vpasswd[.cdb] from a recent backup. Jonas
Re: [vchkpw] -ERR authorization failed
Hi Scott, > Just installed qmail and vpopmail and i cant seem to auth correctly. "Can't seem"? Either you can, or you cannot. Obviously you cannot. > Ive looked at logs that i think would help but they have not info as > of why this is not working You couldn't have been unclearer... ;-) Which log did you check? What did the log exactly say (copy+paste, don't interpret)? Did you activate verbose logging when compiling vpopmail? If not, do it, at least for now to help you debugging. Jonas
Re: [vchkpw] POP before SMTP
Hi Andrew, please always respond to the list, not personally to me. Maybe someone can bring some light into your situation after reading it, so I'm completely quoting it: > Thank you for getting back so quickly. It appears that I was wrong, and > roaming users is working well. The problem is that we use Telia (going > through Megapop dialups) for our users who want access in other cities. I > was testing roaming users on the Telia dialups, and for some reason even > though the cdb is being regenerated correctly, and their IPs are entered in, > relay access is still denied to them. I cannot trust that part. Did the POP connection really originate from the same IP addresse as the SMTP connection? How did you check if the IP address has been in tcp.smtp.cdb? > I had a couple friends try going > through Comcast and Bellsouth, and after they authenticate with vpopmail, > their address is added to open-smtp, added into > /home/vpopmail/etc/tcp.smtp.cdb, and they can relay. I'm still not sure why > Telia gives different results than Bellsouth or Comcast (I don't believe > Telia uses transparent relaying, or anything else wierd), but if I can't > figure it out I'll probably recompile with --enable-roaming-users=n, and > switch to SMTP AUTH. No need to switch; you can use both techniques at once, thus allowing clients to use whichever they want. Jonas
Re: [vchkpw] roaming users, configure not working
Hi Payal, > I configured vpopmail-5.2 with, You should start with 5.2.1, which is the latest stable. > # /home/vpopmail/bin/clearopensmtp > vpopmail not configure with --enable-roaming-users=y * Have you started with clean source, either freshly unpacked or a "make clean" before? * Check the date of the clearopensmtp binary - is it current? * Is /home/vpopmail really the home of your vpopmail user? If it changed in the between, all newly created files have been installed into that new location. > Also should the tcpserver file be /etc/tcp.smtp or > /home/vpopmail/etc/tcp.smtp ? Both locations will work fine, but vpopmail will need root access if you want to use the /etc location. > And address extensions=OFF as shown above, will it mean I won't be able to use > .qmail-payal-linux kind of addresses? No; these addresses will be handled by qmail itself _before_ vpopmail drops in (through being called out of .qmail-default) and work in either case. Jonas
Re: [vchkpw] Small patch
Hi Maurice, > I created a small patch for a situation I ran into. Thanks, but that's useless until you tell us to which file it should be applied ;-) You should use the unified diff format (diff -u) in general; it automatically includes the filenames in its output. Jonas
Re: [vchkpw] accept selected mails
Hi Payal, > I am using vpopmail + qmail on a test system. Now for user > [EMAIL PROTECTED] I want to accept mails only from email addresses given in file > accept_only.dat. The rest of the mails from any other email address > should be dropped/deleted without any notice. > > Can someone please give on hints on writing such a script? man dot-qmail man qmail-command Should be a simple two-liner .qmail file; the first line with an "|if" expression that checks $SENDER against your file and exits with an appropriate exit code, and a forward rule to a defined Maildir in the second line. Jonas
Re: [vchkpw] roaming users, configure not working
Hi Payal, > On a previously installed vpopmail system, how do I know which > parameters were passed to ./configure ? I have the directory in which > the tar file was untarred into. Then look into the config.status file. > > > Also should the tcpserver file be /etc/tcp.smtp or > > > /home/vpopmail/etc/tcp.smtp ? > > > > Both locations will work fine, but vpopmail will need root access if you > > want to use the /etc location. > > What exactly do I do for giving vpopmail root access? chown root ~vpopmail/bin/vchkpw chmod u+s ~vpopmail/bin/vchkpw However, I'd only suggest to do this if you have your domains managed under different user id's (in fact, then you'll _need_ these modifications); if you're going with all domains under the vpopmail id, you'll go better with ~vpopmail/etc/tcp.smtp. > > > And address extensions=OFF as shown above, will it mean I won't be able to use > > > .qmail-payal-linux kind of addresses? > > > > No; these addresses will be handled by qmail itself _before_ vpopmail > > drops in (through being called out of .qmail-default) and work in either > > case. > > Then what is the use of qmail-ext parameter for ./configure ? See the ChangeLog (this option appeared in 4.10.12): - added new configure option --enable-qmail-ext. This was the default in old installations. Now there is an option to turn it off. --enable-qmail-ext=y (default) will deliver mail for [EMAIL PROTECTED] to [EMAIL PROTECTED] --enable-qmail-ext=n will NOT deliver mail for [EMAIL PROTECTED] to [EMAIL PROTECTED] It will only deliver it to [EMAIL PROTECTED] Jonas
Re: [vchkpw] accept selected mails
Hi Payal, > Thanks for the reply. Yes, I know about .qmail files but the problem how > to *drop* unwanted mails. As I said: Read the man pages. >From the qmail-command man page: [...] EXIT CODES command's exit codes are interpreted as follows: 0 means that the delivery was successful; 99 means that the deliv ery was successful, but that qmail-local should ignore all further delivery instructions; [...] Doesn't "ignore all further delivery instructions" sound like something you need? :) $ cat .qmail-yourfilter |here-is-a-script-that-exits-99-if-the-sender-is-invalid &[EMAIL PROTECTED] > Also should i just check the From: field or is there anything else I > should check for (against the database, maybe using egrep) That entirely depends on what you want to do. Jonas
Re: [vchkpw] Forwarding....
Hi Bill, > So what I would like to know is about setting a forwarder for a particular > user of a domain. > > There does not seem to be a reference in the documentation; however, I > could be blind and stupid. Forwardings are handled by qmail-local before vpopmail drops in. They're well documented by "Life with qmail": http://lifewithqmail.org/lwq.html#dot-qmail-files http://lifewithqmail.org/lwq.html#extension-addresses http://lifewithqmail.org/lwq.html#aliases > the .qmail-default file seems to alude to this via the empty set, ie: > > | /home/vpopmail/bin/vdelivermail '' delete No. > is then > > | /home/vpopmail/bin/vdelivermail [EMAIL PROTECTED] [EMAIL PROTECTED] > > The correct syntax to forward ??? No. Uh-oh, never start fiddling around with such trials. This is Unix; you need to read the documentation to solve problems. If things are not in the docs, we're here to help. :) Jonas
Re: [vchkpw] quotas
Hi Payal, > Now I added 2 domains test1 and test2? Do these domains have a default > quota? No. > If no, how do I add that? You don't have a thing like a "domain quota" with the current stable version, only quota values on every single account. > Also can I have domain test1 with say 40Mb quota and domain test2 with > 70Mb quota? How to achieve that? For now, give each domain a different system user (vadddomain -u ...), and give that user a quota. For later, watch the development; domain quota support is coming (but not stable yet). Jonas
Re: [vchkpw] Ownership question about VPOPMAIL
Hi Al, > [EMAIL PROTECTED] vpopmail]# ll domains > total 3 > drwx--5 530 7798 1024 fév 23 15:21 mydomain1.com > drwx--3 530 7798 1024 fév 23 15:12 mydomain2.com > drwx--3 530 7798 1024 fév 23 15:12 mydomain3.com > [EMAIL PROTECTED] vpopmail]# > > My mail server works fine with qmail however I don't know why > vadddomain/vadduser use 530:7798 Did you transfer the vpopmail binaries from another machine? Or did your local UIDs change, but you did not update the vpopmail status? If you're unsure, recompile to let vpopmail find out it's UIDs again, and it will tell you these UIDs at the end of the ./configure run. Jonas
RE: [vchkpw] Ownership question about VPOPMAIL
Hi Al, > I've installed vpopmail-5.0-1.i386.rpm There is no official RPM of that name, and 5.0 isn't the latest stable version. Download the sources of 5.2.1 and try again. > My concern is that vpopmail will always set those user:group when using > vadddomain/vadduser even if it works fine. I was wondering if we could force > him to use vpopmail:vchkpw for the domains directory. vpopmail sets the _numerical_ UID that it got for vpopmail/vchkpw at compile time. A binary RPM is likely to have different UIDs than your system, if either you or the RPM cooker doesn't use the "default" IDs of 89/89. > I think that I may > have a problem later on this issue if this isn't properly setup now and > obviously because I don't know where those user:group are issued from. Simply throw away the RPM, get the actual sources, and start again. Jonas
Re: [vchkpw] Re: Probably a simple problem
Hi Cory, > If you compiled vpopmail with --enable-learn-passwords=y then you could > create a list of your users in a file: > > ls /home/ | tr '\s' '\n' > /tmp/users As vpopmail supports MD5 passwords, you can also take the crypted passwords from /etc/shadow and feed them into the vpasswd file with "vmoduser -e [EMAIL PROTECTED]". Jonas
Re: [vchkpw] qmail-smtpd-auth against vpopmail mysql userdb
Hi Sam, > is there a simple way to induce my qmail-smtpd (patched with the > qmail-smtpd-auth patch from > http://members.elysium.pl/brush/qmail-smtpd-auth/) to use the vpopmail > mysql db as "justice". You can use vchkpw as the password checking backend for qmail-smtpd-auth, independent of wheter MySQL is used as the storage backend or not. qmail-smtpd-auth doesn't care for it; it only presents a checkpassword-compatible interface. Jonas
Re: [vchkpw] virtual domain problem
Hi Arthur, > -default domain is (which is also the hostname of > the mail server) > -another virtual domain > -another virtual domain You don't own neither domain1.com nor domain2.com. We cannot help you if you hide the real data from our eyes. http://homepages.tesco.net/~J.deBoynePollard/FGA/dont-obscure-your-dns-data.html Jonas
Re: [vchkpw] qmail-smtpd-auth against vpopmail mysql userdb
Hi Sam, > Well i've tried to use vchkpw as the pw checking backend for > qmail-smtpd-auth. But at the moment it's not possible to gain access to > send mail trough the smtp server. > The server is invoked via tcpsever, and runs under the correct user: > /usr/local/bin/tcpserver -v -R -l mail.moritzi.ch -x /etc/tcp.smtp.cdb > -c 20 -u 7797 -g 2109 0 smtp /var/qmail/bin/qmail-smtpd mail.moritzi.ch > /export/opt/vpopmail/bin/vchkpw /bin/true > > Tho logs doesn't show up with any useful informations. So what exactly do they say? Did you compile vpopmail with verbose error logging? > Is there any possibility to check an useracount with vchkpw via the > shell, just to be shure that it does what it should do? http://qmail.org/top.html#checkpassword Check out the hints by Mark Delany right at the top of the section. > Are there any other suggestions? Not at the moment, until we see exact error messages from the logs. Which client are you using? Which SMTP AUTH technique are you using - PLAIN, LOGIN or CRAM-MD5? Jonas
Re: [vchkpw] Strange problems with adding a new domain
Hi hondaman, I'm sorry, but your posting did not qualify in nearly any point that is important for us to help you with your problem. - You did not include your vpopmail version and ./configure line. - You did not tell us your real domain names. - You did not tell us the output of qmail-showctl. - You did not post the according entries from the qmail-send log. Please read: http://www.qcc.ca/~charlesc/writings/12-steps-to-qmail-list-bliss.html Even if we're not the qmail list, these 12 steps give you a helpful kick into the right direction on how to post a question successfully. Thanks, Jonas
Re: [vchkpw] *.domain
Hi Raboo, > how do you like add in vpopmail? > *.domain??? > > if i want to get the mail for all the subdomains of a domain There is no such option in vpopmail. Jonas
RE: [vchkpw] Strange problems with adding a new domain
Hi hondaman, please read: http://jonaspasche.de/common-errors/unnecessary-cc > 1. I don't know my /configure line. I installed it about 5 months ago. > Version 5.2.1 If you still have the source tree in place, look into config.status. > 4. under /var/qmail/supervise/qmail-send/log there is no log, but a run > file and supervise directory. Which would you like to see? Look into /var/log/qmail, if you installed following "Life with qmail". Jonas
RE: [vchkpw] Strange problems with adding a new domain
Hi hondaman, PLEASE READ: http://jonaspasche.de/common-errors/unnecessary-cc > While file would you like to see the output of in /var/log/qmail? There > are several files there. The full delivery log for the delivery that did not work as expected, which can be found in the "current" file. Jonas
RE: [vchkpw] Strange problems with adding a new domain
Hi hondaman, > Ok here is the last line, from an email I just sent. I doubt you want > to whole log, its pages and pages and pages. > > @40003e7672e0089620b4 new msg 79202 > @40003e7672e00896343c info msg 79202: bytes 1404 from > <[EMAIL PROTECTED]> qp 15120 uid 506 > @40003e7672e00a02dbcc starting delivery 7940: msg 79202 to local > [EMAIL PROTECTED] > @40003e7672e00a02f33c status: local 1/10 remote 0/20 > @40003e7672e00bbbda54 delivery 7940: success: did_0+0+1/ > @40003e7672e00bbe89d4 status: local 0/10 remote 0/20 > @40003e7672e00bbf54f4 end msg 79202 This is the delivery log for a single successful delivery. I'm sure this is not what you wanted to know. Here's what I suggest: Do a "tail -f current | tai64nlocal". Then send a mail to the account that's not working or whatever. Watch the logs. Then interpret them, as they're the key to understand what's happening on your system. If you're unsure about how to interpret, post them here unedited, and let us judge from the facts. Jonas
Re: [vchkpw] Spamassassin Integration Problem
Hi Jeff, > The problem we have is that spamassassin commands in .qmail-default are > only analyzing emails that are addressed to one of the real pop accounts - > it is not analyzing emails addressed to an alias for either a local or > remote email account. These aliases are handled by qmail-local _before_ vpopmail pops in. qmail-local checks for .qmail- for a given address, and only if it doesn't find it, it calls .qmail-default which is then executing your filter and delivering mails to POP accounts. I'd suggest to use qmail-scanner to filter all mails on a per-server basis. Actually, it's not filtering, only marking for further inspection. I then have the following in my .qmail files: |condredirect [EMAIL PROTECTED] 822field X-Spam-Flag > /dev/null &[EMAIL PROTECTED] Jonas
Re: [vchkpw] Spam Assassin implementation
Hi John, > Somebody else had set this up a while ago - I think it is working but > I'm not sure if it is affecting other mail deliveries. Oh well, it is... > Basically I have spam assassin installed and I have a .qmail-default > in every domain folder on my server. It looks like this: > > | /var/qmail/bin/preline -d /var/qmail/bin/bouncesaying \ > "[message to bounce back if not SPAM]" > | /home/vpopmail/bin/vdelivermail ' ' bounce-no-mailbox The first line simply bounces _everything_ back to the sender, telling him it is spam. You don't actually call any SpamAssassin program in your .qmail-default file - how do you expect SpamAssassin to be actually used in your setup? ;-) > Does this look like it should work okay with spam assassin? Definitely not. > I notice others .qmil-default files look a little different. Theirs might be hopefully working ;-) Personally, I'd prefer qmail-scanner to mark all messages with a spam analysis header, and then use dot-qmail filtering to sort them out later. Try out this, if your mail server supports qmail-scanner with SpamAssassin integration. You'll need the 822mess package from DJB to get the "822field" program. $ cat .qmail-default | bouncesaying "I don't want your spam" 822field X-Spam-Flag > /dev/null | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox It's 822field in this case that checks for the presence of the X-Spam-Flag header. If it's present, it bounces the message back to the sender. If not, it continues with the next delivery instruction. Please be aware that qmailadmin occasionally rewrites .qmail-default, causing your manual filtering rules to disappear! Jonas
Re: [vchkpw] aliases
Hi Payal, > I don't remember how I missed this command. I searched for almost a day > in the directory. > > But still I am unable to figure how to use it. Can you give an example? Well... :-) # valias must supply alias email address valias: usage: [options] email_address options: -v ( display the vpopmail version number ) -s ( show aliases, can use just domain ) -d ( delete alias ) -i alias_line (insert alias line) Isn't that enough? valias isn't _that_ complex... Jonas
Re: [vchkpw] :: Courier Imap Auth Problem ::
Hi Jerome, > I am attaching also the strace from the authdaemond.plain as I think that it > could be useful. Simply compile Courier-IMAP --without-authdaemon, and it will work fine. Jonas
Re: [vchkpw] :: Courier Imap Auth Problem ::
Hi Jerome, > Hey Jonas it seems to work well now. Good! > Anyway where was the problem? Some timeout between the courier auth > module and the corresponding daemon (imap,pop3) ?? I don't know. It's just common knowledge for long-time mailing list participators that Couriers authdaemon is simply crap. Maybe there are reasons listed somewhere; I don't know, check the archives. Jonas
Re: [vchkpw] aliases
Hi Payal, > If I have a domain payal.com, I want that whenever a mail is being sent > to either [EMAIL PROTECTED] or [EMAIL PROTECTED], it should land at (or do as > specified in .qmail-ext file) of [EMAIL PROTECTED] So create "foo" as a POP account, and let "bar" point to it, too. > Is this how we use aliases? Yes. > Is this an example of alias? Yes. > Now I tried valias like this, > # valias [EMAIL PROTECTED] [EMAIL PROTECTED] > > But this does not work at all. Yes, because you did not follow the instructions correctly. valias -i [EMAIL PROTECTED] [EMAIL PROTECTED] \__/ \___/ \ \ \ This is the name of the alias. \ This is what you want to insert (-i) into it. You cannot miss "-i"; please read the output of valias exactly. Jonas
Re: [vchkpw] Change the default quota
Hi Luqman, > how do i change default quota in vpopmail ? Recompile. It's hard coded at compile time. Jonas
Re: [vchkpw] Re: Change the default quota
Hi Luqman, > but is it OK to do 'make install' ? > i already have a virtual domain, and many account Yes. It only installs the binaries and doesn't change your virtual host configuration. Jonas
Re: [vchkpw] Re: Change the default quota
Hi Anders, > I have to wonder, will make install do a recursive chown and chgrp? Yes. > If > so, it would be a bad idea to use 'make install' if you use system > quotas. Only if you still keep your user-managed domains under ~vpopmail/domains. Yes, you're right; haven't thought about it because I let my users manage their domains themselves through ~/domains/, thus vpopmail isn't chown'ing their dirs. Jonas
Re: [vchkpw] Compile erro
Hi Thiago, > I'm trying to install Vpopmail 5.3.6 with MySQL support on a Red Hat 8.0 > > When i do 'make' i got the following error: > > vauth.c:25:19: mysql.h: No such file or directory You're simply missing the mysql-devel package which includes the appropriate header files. ftp://rpmfind.net/linux/redhat/updates/8.0/en/os/i386/mysql-devel-3.23.54a-4.i386.rpm Jonas
Re: [vchkpw] Authentication problems
Hi Neil, > I am experiencing a strange problem and I have been told that it may be > a known bug with vpopmail. The environment is Qmail + Vpopmail + > Courier-Imap + SquirrelMail. Everything appears to be working fine (I > can log in through Outlook client and SquirrelMail) until I switch to a > new user (on the same box). Once I do this, the original user can't log > in anymore. Did you compile Courier-IMAP with --without-authdaemon? If not, try to do so. authdaemon isn't really compatible with vpopmail. > I've also asked this question > on the courier-imap list and they indicated it was a known vpopmail bug. I don't know wheter it's a vpopmail bug or a Courier-IMAP bug. Simply don't use authdaemon; it doesn't work. Jonas
Re: [vchkpw] Domain quotas
Hi Rick, > Is it possible to set a quota for an entire domain using vpopmail? One of the top ten questions on the list. You didn't check the archives, didn't you? :) In short: For the stable version of vpopmail, there is no domain quota support, but you can create the domain under a dedicated system user and use system quotas for that user. In the latest development version of vpopmail, experimental domain quota support is included. Jonas
Re: [vchkpw] Domain quotas
Hi Ajaj, > But since all email files are "owned" by the vpopmail user that doesn't > give you much flexibility if you want to implement quotas on a > per-domain or per-user basis. That's why Brian suggested to create each domain under its own system user. It's easy, and it _works_. Personally, I'm really bored by that domain quota question because it just came up the 10,000th time on the list. System quotas work fine and are a much cleaner solution than the fifth Maildir extension that's not used by every single tool that uses vpopmail (vdelivermail, qmail-pop3d, Courier-IMAP, sqwebmail, blahblahblah...). If there are ways to circumvent domain quota settings, it's better to throw them away at all. It's good practice to set limits _outside_ the programs that should be limited. If you want to limit the memory of a process, you use "softlimit -m " around it instead of telling the process "I know, you can use as much memory as you need, but please, use only bytes". The same should apply to quota settings. However, that's my very personal opinion; feel free to discuss this issue until its bloody end ;-) Jonas
Re: [vchkpw] vadddomain path problem
Hi Ryan, > I am having a peculiar problem with the vadddomain command. Are you really having a _problem_, meaning, the domain doesn't work? > When i run this to add a domain: (vadddomain testing.com), it goes > through the password prompt and when complete returns no errors. > However, it seems to be adding a 0 (zero) to the end of the path. For > example, when adding domain testing.com, the path is > /vpopmail/domains/0/testing.com, where it normally is > /vpopmail/domains/testing.com. That's not a bug, but the first occurence of the "balanced tree" feature of vpopmail that applies both to the number of domains and to the number of users in a given domain. As the feature page tells you, vpopmail supports up to 23 million domains. At some point, it simply starts to organize its domains into subdirectories for faster access. It shouldn't lead to any actual problems. Jonas
Re: [vchkpw] When I updated user's quota, maildirsize file is notwith correct quota
Hi baby_moon, > A user's quota is 1M, and some mails are in its Inbox, and I was checked > its directory, the maildirsize file is there. > When I changed this user's quota to 3M, after a mail come in, the > quota's total number is same as before. Who knows how to solve this > problem? It's not a problem; you're simply mixing things up. The maildirsize file doesn't show the quota setting of a user, but the _actual size_ of the Maildir, so changing the quota doesn't affect the maildirsize file in any way. The quota setting of each user is saved in the vpasswd file. Jonas
problem with signal_process
hi ken, on some systems i can see that qmail isn't restarted properly after adding new domains with vadddomain (or any other program that modifies files in /var/qmail/control), so the new domains didn't work until a manual restart. i guess that the problem is in vpopmail.c in signal_process(). i'm not a c expert, but it seems like that you parse the output of "ps" and look for lines that contain "qmail-send", get the pid and restart this process. this doesn't work if there are more than one process containing that string which is normally the case because the qmail logging process has this string in it, either. because signal_process() seems to restart the _last_ process it has found, my logging is restarted, but not qmail-send. it works fine on a system where supervise happily started qmail-send _after_ the qmail-send-logging. am i right with this suggestion? any fixes would be greatly appreciated. regards, jonas.
problems compiling qmailadmin 0.42
list.c:573: undefined reference to `lowerit' mailinglist.o: In function `dellistusernow': /usr/local/src/qmailadmin-0.42/mailinglist.c:676: undefined reference to `lowerit' mailinglist.o:/usr/local/src/qmailadmin-0.42/mailinglist.c:706: more undefined references to `lowerit' follow user.o: In function `show_user_lines': /usr/local/src/qmailadmin-0.42/user.c:87: undefined reference to `vauth_getall' /usr/local/src/qmailadmin-0.42/user.c:94: undefined reference to `vauth_getall' /usr/local/src/qmailadmin-0.42/user.c:125: undefined reference to `vauth_getall' /usr/local/src/qmailadmin-0.42/user.c:130: undefined reference to `vauth_getall' /usr/local/src/qmailadmin-0.42/user.c:175: undefined reference to `vauth_getall' user.o: In function `addusernow': /usr/local/src/qmailadmin-0.42/user.c:332: undefined reference to `vadduser' user.o: In function `modusergo': /usr/local/src/qmailadmin-0.42/user.c:378: undefined reference to `vpasswd' /usr/local/src/qmailadmin-0.42/user.c:381: undefined reference to `vauth_getpw' /usr/local/src/qmailadmin-0.42/user.c:383: undefined reference to `vauth_setpw' user.o: In function `delusergo': /usr/local/src/qmailadmin-0.42/user.c:493: undefined reference to `vdeluser' user.o: In function `count_users': /usr/local/src/qmailadmin-0.42/user.c:545: undefined reference to `vauth_getall' util.o: In function `check_email_addr': /usr/local/src/qmailadmin-0.42/util.c:90: undefined reference to `lowerit' util.o: In function `fixup_local_name': /usr/local/src/qmailadmin-0.42/util.c:123: undefined reference to `lowerit' template.o: In function `send_template': /usr/local/src/qmailadmin-0.42/template.c:338: undefined reference to `vauth_get all' /usr/local/src/qmailadmin-0.42/template.c:342: undefined reference to `vauth_get all' command.o: In function `setdefaultaccount': /usr/local/src/qmailadmin-0.42/command.c:209: undefined reference to `vauth_getpw' collect2: ld returned 1 exit status make[2]: *** [qmailadmin] Error 1 make[2]: Leaving directory `/usr/local/src/qmailadmin-0.42' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/local/src/qmailadmin-0.42' make: *** [all-recursive-am] Error 2 HELP! what am i doing wrong? i have no further idea... :-( thanks for any helpful hints. bye, jonas ___ Jonas Pasche webagentur Domke GmbH System Administration Rheinstr. 3 tel +49 6151 17742-44 D-64283 Darmstadt fax +49 6151 293173 http://www.domke.de ___
RE: smtp-auth / vpopmail
hi there, i'm using authenticated smtp for over a year now, and it works great. what you should now is that there are three different authentication types: PLAIN, LOGIN and CRAM-MD5. here is a nice table on what clients and other mailservers are supporting authenticated smtp: http://members.elysium.pl/brush/smtp-auth/index.html the author even has a patch for qmail that implements all three authentication types, while using cmd5checkpwd (i guess) as an alternative to djb's original checkpassword. like checkpassword it authenticates system users (/etc/passwd & /etc/shadow). if you want vpopmail authentication, you have to use the vchkpw program which doesn't support CRAM-MD5... so there's no real CRAM-MD5 authentication possible for vpopmail users yet. ken - i'm not an md5 expert and don't now exactly how that works, but maybe this would be a nice feature to implement in vchkpw. personally, i'm happy with just the LOGIN mechanism because m$ outlook express supports it, and this is the most used client that really has problems with pop-before-smtp because it always does smtp-before-pop. both pop-before-smtp and authenticated smtp can be used together, so you don't have to choose - just use both. CRAM-MD5 authentication would be best because no cleartext passwords would be transferred over the net. but users already do so with pop3 and imap, so i personally would prefer using stunnel to use smtp/pop/imap-over-ssl, then you don't need to care for cleartext passwords as the complete communication would be encrypted. i'm using the following patch to qmail-smtpd.c: http://www.cuni.cz/~vhor/qmail/smtpauth-en.html this patch is based on the patch of mrs. brisby, but it features also a workaround for buggy netscape clients and servers (they want to use authenticated smtp even if there is no need to). for installation help look here (at the bottom): http://www.nimh.org/code.shtml unfortunately, the author included a "security patch" that eliminates all non-alphanumeric characters in usernames what breaks vpopmail as it uses at least "%" and "." in its usernames. look for these lines: /* vhor */ for(i=0;imailto:[EMAIL PROTECTED] Telefax: +49 (0)6151 293173 http://www.domke.de _
Re: smtp-auth / vpopmail
hi there, >[EMAIL PROTECTED] (Ondøej Surý) writes: > >Jonas Pasche <[EMAIL PROTECTED]> writes: > > > as chris bolt correctly stated, vchkpw has to be suid, but suid vpopmail > > unfortunately is not enough; it has to be suid root (ken jones told me that > > long time ago), > >This is *not* true! I have vchkpw running suid vpopmail.vchkpw just fine. ok, with my old vpopmail version that didn't work; it worked just with suid root. obviously this isn't a problem with newer versions. thanks for that correction. but take care, if you create domains under different user id's (vadddomain -u/-i/-g) vchkpw _really_ has to be suid root. bye, jon. _____ Jonas Pasche, RHCERheinstr. 3 webagentur Domke GmbH 64283 Darmstadt Systemadministration / Systementwicklung Germany Hotline: 0700 46637243 (24 Pf./Min.) mailto:[EMAIL PROTECTED] Telefax: +49 (0)6151 293173 http://www.domke.de _
Re: changing virtual domain name
Hi Ken, well, that's working, but we can discuss if this is really "painless" ;-) I guessed that Lu meant something like... /home/vpopmail/bin/vmovdomain olddomain.tld newdomain.tld I'd write a small Perl script for this, but maybe you'd consider adding such a command to the bunch of other commands (like vadddomain or vdeldomain). Bye, Jonas At 09:34 04.06.01, you wrote: >Lu writes: > >>Is there any way to painlessly rename a virtual domain name without >>deleting and re-creating ? > >Rename the directory >mv /home/vpopmail/domains/"old name" /home/vpopmail/domains/"new name" >Then edit these files and change the name: >/var/qmail/control/rcpthosts >/var/qmail/control/virtualdomains >/var/qmail/users/assign >Once you edit the assign file run >/var/qmail/bin/qmail-newu >Then send qmail-send a HUP signal. >On GNU/Linux: killall -HUP qmail-send >If you are using any of the database modules, >like mysql, you will need to update the table. >Ken Jones _ Jonas Pasche, RHCERheinstr. 3 webagentur Domke GmbH 64283 Darmstadt Systemadministration / Systementwicklung Germany Hotline: 0700 46637243 (24 Pf./Min.) mailto:[EMAIL PROTECTED] Telefax: +49 (0)6151 293173 http://www.domke.de _
Re: changing virtual domain name
Ok folks, here it is: http://jonaspasche.de/vmovdomain-2001-06-19.tar.gz Usage: vmovdomain Ken: Please don't put it to the contrib folder yet as this is nearly untested code. All: If you need to rename a domain I'd be happy if you check this tool and report success, failure, questions or comments to me. Don't forget to backup your qmail configuration files before using. Bye, Jonas At 14:23 19.06.01, you wrote: >Go ahead and contribute it...maybe Ken will include (if it works well) it >in the contrib folder of future vpopmail releases. > >B Rgds >Sumith >On Tue, Jun 19, 2001 at 01:43:55PM +0200, Jonas Pasche wrote: > > Hi Ken, > > > > well, that's working, but we can discuss if this is really "painless" ;-) > > > > I guessed that Lu meant something like... > > > > /home/vpopmail/bin/vmovdomain olddomain.tld newdomain.tld > > > > I'd write a small Perl script for this, but maybe you'd consider adding > > such a command to the bunch of other commands (like vadddomain or > vdeldomain). > > > > Bye, Jonas > > > > > > At 09:34 04.06.01, you wrote: > > >Lu writes: > > > > > >>Is there any way to painlessly rename a virtual domain name without > > >>deleting and re-creating ? > > > > > >Rename the directory > > >mv /home/vpopmail/domains/"old name" /home/vpopmail/domains/"new name" > > >Then edit these files and change the name: > > >/var/qmail/control/rcpthosts > > >/var/qmail/control/virtualdomains > > >/var/qmail/users/assign > > >Once you edit the assign file run > > >/var/qmail/bin/qmail-newu > > >Then send qmail-send a HUP signal. > > >On GNU/Linux: killall -HUP qmail-send > > >If you are using any of the database modules, > > >like mysql, you will need to update the table. > > >Ken Jones > > > > _ > > Jonas Pasche, RHCERheinstr. 3 > > webagentur Domke GmbH 64283 Darmstadt > > Systemadministration / Systementwicklung Germany > > > > Hotline: 0700 46637243 (24 Pf./Min.) mailto:[EMAIL PROTECTED] > > Telefax: +49 (0)6151 293173 http://www.domke.de > > _ > > > > _ Jonas Pasche, RHCERheinstr. 3 webagentur Domke GmbH 64283 Darmstadt Systemadministration / Systementwicklung Germany Hotline: 0700 46637243 (24 Pf./Min.) mailto:[EMAIL PROTECTED] Telefax: +49 (0)6151 293173 http://www.domke.de _
Re: Passing catchall to an external account
Hi Alex, At 18:56 19.06.01, Alex Hathaway wrote: >Is there a way to specify a forward as a catchall? No problem, just edit your .qmail-default file: | /home/vpopmail/bin/vdelivermail '' [EMAIL PROTECTED] Bye, Jonas _____ Jonas Pasche, RHCERheinstr. 3 webagentur Domke GmbH 64283 Darmstadt Systemadministration / Systementwicklung Germany Hotline: 0700 46637243 (24 Pf./Min.) mailto:[EMAIL PROTECTED] Telefax: +49 (0)6151 293173 http://www.domke.de _
RE: Passing catchall to an external account
Hi, At 07:29 21.06.01, you wrote: >It is a shame that qmailadmin doesn't support this. Well, I wouldn't call this a "shame". From my point of view, especially catch-all and postmaster accounts should be _working_, which can be best guaranteed if the server manages these accounts for itself instead of giving the authority away to another server, which is obviously another point for e-mails to fail. Most of our customers have a small business, and they have a single dialup line and a bad e-mail address (@aol.com, @hotmail.com...). Especially these addresses are likely to fail or to be handled very slow. Why should the user rely on such services while he has the opportunity to use a fast and working server based on qmail/vpopmail? Get me right, I don't say that it is bad to have the _possibility_ to have a catch-all forwarded to an external address. I just say that this is not as professional as letting the server manage all e-mail accounts itself. Bye, Jonas _________ Jonas Pasche, RHCERheinstr. 3 webagentur Domke GmbH 64283 Darmstadt Systemadministration / Systementwicklung Germany Hotline: 0700 46637243 (24 Pf./Min.) mailto:[EMAIL PROTECTED] Telefax: +49 (0)6151 293173 http://www.domke.de _
Re: message encryption
Hi, At 19:30 21.06.01, you wrote: >anyone who can tell me how i encryp the message in the maildir(vpopmail) Can you please describe more accurate what you want to do? Why do you want to encrypt the message, who should encrypt it, who should be able to decrypt it..? Encrypting/decrypting normally isn't the duty of the mail server but of the mail client that sends the mail out. Why should you encrypt a mail on the server after it has been sent unencrypted through the net... Bye, Jonas _____ Jonas Pasche, RHCERheinstr. 3 webagentur Domke GmbH 64283 Darmstadt Systemadministration / Systementwicklung Germany Hotline: 0700 46637243 (24 Pf./Min.) mailto:[EMAIL PROTECTED] Telefax: +49 (0)6151 293173 http://www.domke.de _
Re: Relay problems
hi paul, >The part of the run file you refer to looks like >/usr/local/bin/tcpserver -H -R -x /home/vpopmail/etc/tcp.smtp.cdb > >Looks fine to me? > >When people authorize, it does not update the tcp.smtp file it updates the open-smtp file (that normally lives in ~vpopmail/etc/). it does _not_ update the tcp.smtp file (this file contains static relay ip addresses such as localhost or your own external ip address). tcp.smtp.cdb is generated out of both. bye, jonas _____ Jonas Pasche, RHCERheinstr. 3 webagentur Domke GmbH 64283 Darmstadt Systemadministration / Systementwicklung Germany Hotline: 0700 46637243 (24 Pf./Min.) mailto:[EMAIL PROTECTED] Telefax: +49 (0)6151 293173 http://www.domke.de _
Re: Relay problems
hi paul, can you please provide your ./configure line for vpopmail to the list? bye, jonas At 14:22 26.06.01, Paul - Zenith Tech Inc wrote: >Hi Jonas, > >Even though I have checked mail on the server successfully, the open-smtp >file is not updated > >Paul > > >- Original Message - >From: "Jonas Pasche" <[EMAIL PROTECTED]> >To: "Paul - Zenith Tech Inc" <[EMAIL PROTECTED]> >Cc: <[EMAIL PROTECTED]> >Sent: Tuesday, June 26, 2001 1:18 PM >Subject: Re: Relay problems > > > > hi paul, > > > > >The part of the run file you refer to looks like > > >/usr/local/bin/tcpserver -H -R -x /home/vpopmail/etc/tcp.smtp.cdb > > > > > >Looks fine to me? > > > > > >When people authorize, it does not update the tcp.smtp file > > > > it updates the open-smtp file (that normally lives in ~vpopmail/etc/). it > > does _not_ update the tcp.smtp file (this file contains static relay ip > > addresses such as localhost or your own external ip address). tcp.smtp.cdb > > is generated out of both. > > > > bye, jonas > > > > _ > > Jonas Pasche, RHCERheinstr. 3 > > webagentur Domke GmbH 64283 Darmstadt > > Systemadministration / Systementwicklung Germany > > > > Hotline: 0700 46637243 (24 Pf./Min.) mailto:[EMAIL PROTECTED] > > Telefax: +49 (0)6151 293173 http://www.domke.de > > _ > > > > _ Jonas Pasche, RHCERheinstr. 3 webagentur Domke GmbH 64283 Darmstadt Systemadministration / Systementwicklung Germany Hotline: 0700 46637243 (24 Pf./Min.) mailto:[EMAIL PROTECTED] Telefax: +49 (0)6151 293173 http://www.domke.de _