Re: Re: Can I use qmail for this purpose? (newbie)
Jean-Christian Imbeault [EMAIL PROTECTED] wrote: [Mike Hodson [EMAIL PROTECTED] wrote] Another great resource is 'Life With Qmail' at www.lifewithqmail.org. Got that already. But as I found out it's Linux-centric. I'll be installing on OpenBSD and worse for me is that I don't know OpenBSD well at all. Life with qmail is *NOT* Linux-centric. I've used it myself to install qmail under OpenBSD, Solaris, IRIX, and Tru64-UNIX. I know others who've used it under FreeBSD and NetBSD. Yes, it's Linux-compatible. It would be stupid to produce documentation for any Unix software these days that isn't. As evidence of LWQ's non-Linux-centricity, I include these quotes: FreeBSD: includes GCC by default Then, using your favorite editor, remove all of the file except the lines you want. For example, here's what IDS would look like for FreeBSD after editing: On BSD systems (no /etc/inittab), put the following in /etc/rc.local and reboot the system: Note: Under Solaris, the normal id program won't work right in this script. Instead of id, use /usr/xpg4/bin/id, e.g.: -Dave
Re: deleting messages from the queue
eric [EMAIL PROTECTED] wrote: It's ridiculous because if qmail-[smtpd] could do the lookup and reject for invalid users, I would not have hardly any bounced messages. It's ridiculous because if pigs had wings, they could fly. Pigs don't have wings, and qmail-smtpd can't do the lookups. You either need to stop wishing your pig could fly or trade it for a bird. Yep. But getting them to change is gonna be darn near impossible. Do what I did: add them to badmailfrom. Again, getting them to change will be darn near impossible. But, the real point here is that I'm wondering if there is any way to change the default bounce message to something they will process. How would we know? Have you asked them what will work? Let me guess: they don't respond. ... PLUS, there is legitimate mail coming in from both of those servers for valid users. Doing it this way, I'd be blocking that as well. Set up a web page explaining that pm0.net is being blocked until they stop abusing your mail service. Send the prayer-chain granny the URL. -Dave
Re: deleting messages from the queue
Todd Underwood [EMAIL PROTECTED] wrote: dave, all, It's ridiculous because if pigs had wings, they could fly. Pigs don't have wings, and qmail-smtpd can't do the lookups. You either need to stop wishing your pig could fly or trade it for a bird. this comment has the obviously unintended and unfortunate side-effect of implying that qmail is a pig and other, less-well-written, MTAs are more like birds. :-) that can't be what you intended. Pigs are fairly intelligent[1], as anyone who knows farm animals will tell you. Birds, on the other hand, are notoriously dim (bird brain, for example). -Dave [1] They're also clean, contrary to popular impression. They do like to wallow in mud, but that's for comfort and protection from the Sun.
Re: Fix for qmail-remote process hanging on Linux (and possibly o ther s)
Jason Haar [EMAIL PROTECTED] wrote: It is absolutely necessary. Why can't you just run qmail-tcpok and send qmail-send an ALRM? -Dave
Re: Serialmail send problem
[EMAIL PROTECTED] wrote: I have installed qmail and serialmail and everything is working. Cool. Thanks for letting us know. My setup is as follows metta.lk __ | | -to the InterNet. |__| | modem dial-up to my Internet box | | __ | | _ local LAN col7.metta.lk |__| | several modems for user dial in When col7.metta.lk dial into metta.lk and send the mail it is going OK, but when the connection from metta.lk to the Internet is down then the mail is not going out of col7.metta.lk Oops, so you have a problem, after all. So why doesn't the mail leave col7? I would like metta.lk to first of all accept mail from col7.metta.lk and then for metta.lk to send the mail out to the Internet whenever possible. That's how things are designed to work. -Dave
Re: virtualdomains vs. VERP and Delivered-To
On Mon, 6 Aug 2001, Russell Nelson wrote: Charles M. Hannum writes: Uhhh, did you *read* my first piece of email? If I get a VERP address of `[EMAIL PROTECTED]', how pray tell is my mailing list software supposed to know that the mail was actually sent to `[EMAIL PROTECTED]'? A better question is: Why is the the envelope return path getting munged? Or: What does VERP have to do with Delivered-To? It's supposed to strip off the foo-owner-mycroft- prefix and the @netbsd.org suffix, and change the rightmost = into an @. Were you expecting me to write the script for you? Why strip mycroft-? -Dave
Re: Sporadic preprocessed queue backlog
Matt Hubbard [EMAIL PROTECTED] wrote: Fairly frequently throughout an average day, my preprocessed queue will begin to grow steadily and not get processed. In most cases, if this is ignored, it resumes processing eventually. Sometimes after 15 or so minutes, sometimes after a couple of hours, but at bad times, it can fail to clear out the preprocessed queue for days. I've checked the logs, and in no case is the concurrency peaked during this problem(in fact, local is usually low at 1/120 and remote usually at about 20 to 40/120), though I'm not sure if that would be related, anyway. Strange. The first thing I checked, of course, is the /var/qmail/queue/lock/trigger file, as noted in the archives. As far as I can tell, it looks correct. That would ahve been my first suggestion. Here is an example of my problem at 11:14am: qmail-qstat output: messages in queue: 228 messages in queue but not yet preprocessed: 63 trigger file at the time: prw--w--w-1 qmails qmail 63 Aug 6 11:14 trigger Notice 63 unpreprocessed messages and 63 bytes in trigger? Not a coinicidence. qmail-send isn't reading trigger. Is qmail-send still running? If so, strace it. What's it doing? The only piece I note is that trigger has a file size of 63 before and 0 afterwards. Is it normal for this pipe to increase/decrease in size, or is that normal behaviour for a pipe? That's normal pipe behaviour, but it's not normal for qmail-send to not read bytes soon after they're written. -Dave
Re: host file and qmail
[EMAIL PROTECTED] wrote: zmailer distributes mail in our internal network using host file. can qmail do the same? i dont like to but internal ip:s in dns. what would be the best solution to this problem? control/smtproutes -Dave
Re: qmail won't start
Marenbach, Peter [EMAIL PROTECTED] wrote: I just build and set up qmail for the first time (according to the installation description in Life with qmail) on a Solaris 5.8 box. I tried to start qmail by invoking qmail-start ./Mailbox splogger qmail and nothing at all did happen. No stderr/stdout no syslog, no processes running. Any ideas? Yeah, why didn't you follow LWQ? I mean, why use LWQ is you're not going to do what it tells you to do? No sane qmail installation document will tell you to run qmail-start manually.. -Dave
RE: SMTP+SSL
Per-fredrik Pollnow (EPK) [EMAIL PROTECTED] wrote: But how to you do when you are using stunnel + smtpd ? This is some of the tings I have tried: -- #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -R -l 0 -x /etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp /usr/local/sbin/stunnel -p /etc/pem/smtp.pem -N smtp -l/var/qmail/bin/qmail-smtpd 21 -- qmail-smtpd Add the -f stunnel option and remove the -- qmail-smtpd. AND -- #!/bin/sh exec /usr/local/sbin/stunnel -p /etc/pem/smtp.pem -d 465 -r 25 21 -- Add the -f stunnel option. Describe your testing procedure (which client are you using?) and provide a copy of any error messages you're getting. -Dave
Re: Stunnel + qmail-smtpd
Per-fredrik Pollnow (EPK) [EMAIL PROTECTED] wrote: I have been trying this in some desperate moments to get it to work(and some other things) :=) : #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -R -l 0 -x /etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp /usr/local/sbin/stunnel -p /etc/pem/smtp.pem -l /var/qmail/bin/qmail-smtpd 21 Try something like: #!/bin/sh exec /usr/local/sbin/stunnel -f -p /usr/local/etc/stunnel.pem -d 465 \ -r 25 21 It proxies the existing SMTP service, so you automatically get softlimit, a connection limit, and the qmail-smtpd processes running with the right UID/GID. The only problem is that it'll make connections look like they came from the local host, so selective relaying, et al, won't work. -Dave
Re: New ways for email DoS
Stathakopoulos Giorgos [EMAIL PROTECTED] wrote: Yesterday, I came up to a strange situation: I was receiving thousands of bounces to a lot of different usernames@mydomain. Since mydomain is in my rcpthosts/locals file, I was accepting these messages. But a lot of different usernames didn't exist so these messages were going to postmaster. My mailserver had a lot of traffic, its logfiles were very large and the mailbox of postmaster become unreadable. Is there any way to prevent my mail servers from these types of attack? No. -Dave
Re: Converted
[EMAIL PROTECTED] wrote: Hello list, my name is Jon and I am a new convert to qmail and just wanted to introduce myself. I hope to get up to speed and be able to contribute to this list soon. Welcome, Jon. -Dave
Re: question about local mail and fqdns
Dahnke, Eric [EMAIL PROTECTED] wrote: ... On the numerous development and production web servers it is always nice to put qmail on them and I configure it with the ./config-fast nextsource.com because receiving mailers want a fqdn when they receive messages from these hosts. But the eternal problem is that messages to our own domain; to root, or postmaster, or [EMAIL PROTECTED] will never leave the system because qmail treats them as local. Why don't you just empty control/locals? Do I HAVE to register all the development servers as fqdns and configure via ./config-fast dev1.nextsource.com ? No, but you could. And why would you use config-fast? And if I do this are messages to *@nextsource.com no longer treated as local? Yes. -Dave
Re: Stopping server relays
Greg White [EMAIL PROTECTED] wrote: You really have to try to make qmail relay. Possible sources of relay: 1. control/rcpthosts empty. 2. RELAYCLIENT set for all/wrong addresses in /etc/tcp.smtp[.cdb] (or wherever you keep that file) if using tcpserver 3. RELAYCLIENT set for all addresses in /etc/hosts.allow if using inetd. 4. An insecure .cgi script on your machine (not possible if not running a cgi-capable webserver on your mail host), and RELAYCLIENT set for localhost. One more that's bitten me in the past is a catch-all that forwards to a smart host. Since the message is coming from a trusted host, the smart host honors the relay request. E.g., spammer sends message to host A addressed to victim%hostc@hosta. Host A, running qmail, has no victim%hostc user or alias, but does have a ~alias/.qmail-default that forwards undeliverable mail to a Sendmail or PMDF smart host, host B. Host B receives the message addressed to victim%hostc@hostb. It trusts host A, and implements the percent hack, so it relays the message to victim@hostc. The fix is to check for funny chars in addresses (%!@) before forwarding to the smart host. -Dave
Re: Procmail
Xavier Pegenaute [EMAIL PROTECTED] wrote: Please, i need that Qmail exec procmail for every user in mine system, this procmail is a little different than normal procmail, this one, zip all messages and store the messages in his own folder ... A better solution to your problem, which is How do I keep a copy of all messages is contained in the FAQ: http://cr.yp.to/qmail/faq/admin.html#copies You can make your special procmail the default delivery method, but users can override that with their .qmail files. And, yes, you can prevent users from using .qmail files using qmail-users, as Charles suggested, but why not just do it right and not have to worry about diddling with qmail-users? You want your users to be able to create .qmail files, don't you? -Dave
Re: disallowing certain remote recipients
Joshua Nichols [EMAIL PROTECTED] wrote: I have a box (lwq + qmail-verh basically) that runs a number of opt in lists. Recently, a user sent a bunch of UCE, and though that problem has been solved, I'd like to be able to enforce the request of those who complained and asked to never receive another email from us. Because I anticipate other users breaking their TOS at some point in the future, I'd like to be able to block certain outbound addresses at the qmail-send or qmail-remote level. Ideally, I would have a control file that listed addresses and wildcards that this box would refuse to send mail to. That is, if [EMAIL PROTECTED] requests that our service not allow sending to his domain, I could put that restriction on the box, regardless of whether [EMAIL PROTECTED] subscribes to one of these lists, or is added against her will or whatnot. Use control/virtualdomains. Say aol.com and [EMAIL PROTECTED] ask you to not send them mail. Add the following to virtualdomains: aol.com:alias-devnull [EMAIL PROTECTED]:alias-devnull Then create ~alias/.qmail-devnull-default containing: # If you want to throw the mail away, or: |echo mail to this address is blocked locally by request; exit 100 If you want to generate a bounce message. -Dave
Re: Multiple recipients to single box on local machine
Martin Edlman [EMAIL PROTECTED] wrote: I have a maillist running on one server (majordomo/sendmail) and a domain mailbox for domain.com on another server (qmail). There are three addresses from domain.com subscribed to the list (eg. [EMAIL PROTECTED], [EMAIL PROTECTED] and [EMAIL PROTECTED]). When someone posts an e-mail to the list, sendmail sends it to the qmail with all three recipients specified in one mail. What qmail does is that it delivers the mail to the domain mailbox three times. Of course I'd like to have it only once there. Is there any chance that local delivery will work as expected? One of the beauties of qmail is that it does what you tell it to do: no more, no less. If you send a message to three recipients that share a mailbox, of course qmail will deliver three copies that differ only in the Delivered-To header field. If you want to accept only one copy, you can put a duplicate filter on the mailbox, e.g. using Russ Nelson's eliminate-dups script (http://www.qmail.org/eliminate-dups) or a procmail recipe like: # Use a 10Kb cache of Message IDs received to avoid duplicate messages :0 Whc: .msgid.lock | formail -D 10240 .msgid.cache # Save probable duplicates for inspection :0 a: spool/dupes -Dave
Re: multiple qmail-send
Daniel BODEA [EMAIL PROTECTED] wrote: Can there be, in the normal flow of qmail, multiple instances of qmail-send running at the same time (?) because multithreaded it's not, and I haven't seen any locking mechanisms for the ressources qmail-send accesses directly. one queue == one qmail-send You can have multiple qmail-send's on system *only* if you have multiple queues. -Dave
Re: Remote DoS
[EMAIL PROTECTED] wrote: We we're attacked this weekend and attackers were able to crash SMTP without affecting any others services in the machine. What does crash SMTP mean? -Dave
Re: remote relay, multiple forwarding
Charles Cazabon [EMAIL PROTECTED] wrote: This is the way to do it. What you could do is make a domain virtual, and create a couple of .qmail files to handle it. In virtual domains, do defaultdomain:alias-defaultdomain then have ~alias/.qmail-defaultdomain-jim, which forwards to two addresses, and ~alias.qmail-defaultdomain-default, which just contains |forward $DEFAULT@otherdomain where otherdomain is an alias that will get the mail to the right MTA, either through an MX record, or an entry in smtproutes. Better yet, make a virtual user. Put: jim@defaultdomain:alias-defaultdomain in control/virtualdomains and create ~alias/.qmail-defaultdomain-jim as above. No need for ~alias/.qmail-defaultdomain-default. -Dave
Re: autoresponce...cjk
Constantine Koulis [EMAIL PROTECTED] wrote: In order to activate the AUTORESPONCE do i have to install any EXTRA package? You don't *have* to install anything else, but it's not trivial to write a good autoresponder, and Bruce Guenter's qmail-autoresponder is nice. -Dave
Re: forwarding problem
GARGIULO Eduardo INGDESI [EMAIL PROTECTED] wrote: I have a problem with some messages that are not forwarded and I don't know why. I have the following configuration: echo admin ~alias/.qmail-root echo admin ~alias/.qmail-postmaster echo admin ~alias/.qmail-mailer-daemon cat ~admin/.qmail [EMAIL PROTECTED] ./Mailbox Some error messages (for an address not in rcpthost) are delivered to postmaster and stored in ~admin/Mailbox but not forwarded to [EMAIL PROTECTED] How can I fix it? messages to admin, postmaster, root and mailer-daemon are forwarded and stored ok. What Do The Logs Say? (tm) -Dave
Re: Small LDAP support for qmail
Henning Brauer [EMAIL PROTECTED] wrote: I'm not aware of another patch for qmail doing ldap lookups - maybe qmail-ldap ist just to good to start coding another one ;-)) There's a PAM LDAP module, but I don't know much about it. Theoretically, it wouldn't require any qmail patching and would work with everything, not just qmail. -Dave
Re: Qmail error messages.
Grant [EMAIL PROTECTED] wrote: Is there documentation for each qmail error message? No. i.e Unable_to_open_/var/qmail/boxes/Mailbox.user:_access_denied._(#4.2.1) That one's pretty descriptive, isn't it? The user running qmail-local can't open that file, probably due to file or directory permissions. Note that you have to look at the permissions on every directory in the path. E.g.: ls -ld / /var /var/qmail /var/qmail/boxes /var/qmail/boxes/Mailbox.user Could a FAQ for each qmail error message be written up? Certainly. Would that be a useful addition to LWQ? That would be great. It's been planned for LWQ since the beginning (see Appendix F), but I haven't had the time/gumption to write it up. -Dave
Re: how can I unsubscri...
Charles Cazabon [EMAIL PROTECTED] wrote: From the archives: From: Lukasz Gogolewski [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: hi,how to unsubcribe? Message-Id: [EMAIL PROTECTED] Sigh. This has become such a FAQ that I'm reposting the detailed instructions: First, ask your Internet Provider to mail you an Unsubscribing Kit. Then follow these directions. FYI, Lukasz didn't write that, and wasn't the first person to post it on the qmail list. See: http://www.ornl.gov/its/archives/mailing-lists/qmail/1997/02/msg00174.html http://www.ornl.gov/its/archives/mailing-lists/qmail/2000/05/msg00665.html http://www.ornl.gov/its/archives/mailing-lists/qmail/2001/05/msg01379.html I have no idea who the original author is. -Dave
Re: Request for advice (qmail-remote)
Greg Elliott [EMAIL PROTECTED] wrote: b) The script would look at the domain of the intended recipient and if it matched maildomain.com (for example) it would then look at the username being sent to. A small(ish) text file would be kept on the mail server with a list of usernames. If the username was found in the list, then the script would modify the recipient's email address to [EMAIL PROTECTED] and place the message back into the qmail-queue (or qmail-inject if that is better). If no match is found then the message would be handed onto qmail-remote.real for normal processing. [The effect would be to 'hijack' (for legitimate reasons) mail for a subset of an upstream domain, and deliver it locally. (Attempting to cut down on WAN traffic)]. It sounds like you're trying to reinvent qmail-style virtual users. For example, if you want to hijack mail sent locally to your Hotmail account, say [EMAIL PROTECTED], and your local username is greg, you could put the following in control/virtualdomains: [EMAIL PROTECTED]:greg-hotmail Then populate ~greg/.qmail-hotmail-default to direct the mail to the appropriate mailbox. -Dave
Re: Monitoring MX spools -- is it possible?
David U. [EMAIL PROTECTED] wrote: I would like the ability to give all clients backup mail service for 7 days and no more then say 10 megs -- whichever comes first. Since I am just accepting mail in my rcpthosts and not delivering it locally to a Maildir, how can I enforce such quotas? You could scan the queue and tally up the space used by each MX. Wouldn't it be easier to queue to a maildir spool and run maildirsmtp periodically? -Dave
Re: Monitoring MX spools -- is it possible?
[Please don't CC me.] David U. [EMAIL PROTECTED] wrote: At 11:38 AM 7/11/2001 -0400, Dave Sill wrote: David U. [EMAIL PROTECTED] wrote: I would like the ability to give all clients backup mail service for 7 days and no more then say 10 megs -- whichever comes first. Since I am just accepting mail in my rcpthosts and not delivering it locally to a Maildir, how can I enforce such quotas? You could scan the queue and tally up the space used by each MX. Wouldn't it be easier to queue to a maildir spool and run maildirsmtp periodically? Yes, I thought about running a cronjob through the queue to both watch message size totals AND message date (to check for week old mail). Could you explain what you mean by a maildir spool and maildirsmtp? I am going to try to look up info right now, but I haven't heard of maildirsmtp. You could deliver the MX's mail to a maildir and use maildirsmtp from serialmail to send the messages to them when they're back up. Do you think the first method (cronjob) is the easiest method? No. The maildir spool + maildirsmtp cron job would be easier. No coding required. Determining the age and size of the spool is trivial. I was thinking of even going through the qmail source, creating a control file called maybe mxhosts and then parsing the config from there and having qmail create a seperate hashed queue for MX forward bound mail. It would be nice if I could _not_ do this and find an easier solution. ;-) Yeah. :-) -Dave
Re: Mailing from One connection
Dave Sill [EMAIL PROTECTED] wrote: -Dave That's bizarre. What I actually sent was: http://www.lifewithqmail.org/lwq.html#multi-rcpt -Dave -Dave
RE: cannot start: hath the daemon spawn no fire?
[EMAIL PROTECTED] wrote: cannot start: hath the daemon spawn no fire? That means qmail-send was unable to talk to qmail-lspawn, qmail-rspawn, or qmail-clean, which means that qmail-start wasn't able to start them or they died immediately. -Dave
Re: custom bounce text
[EMAIL PROTECTED] wrote: The qmail-ldap patch contains support for a control/custombouncetext. $ cat custombouncetext This is a test, your message bounced. SSH Communications Security This will produce bounces like so: - Hi. This is the qmail-send program at ssh.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. This is a test, your message bounced. SSH Communications Security [EMAIL PROTECTED]: Sorry, no mailbox here by that name. (#5.1.1) --- Note that that bounce message is not QSMBF-compliant. -Dave
Re: Wrong Server Name in Qmail Header?
A A [EMAIL PROTECTED] wrote: Whenever my qmail server sends someone an email, the following line appears in the header: Received: from mail.mydomain.com (old_name.mydomain.com [216.216.216.216] (may be forged)) However, recently I changed my server name from old_name.mydomain.com to new_name.mydomain.com. Is there anything I can do to let qmail recognize the new server name? Is my only option a recompile or is there a file I can edit? grep old_name /var/qmail/control/* Then change all occurrences of old_name to new_name and restart qmail. -Dave
Re: Why conf-split prime?
Ian Lance Taylor [EMAIL PROTECTED] wrote: Suppose the input numbers are 2 4 6 8 10 12. Suppose the hash size is 8. Then the buckets are 2 4 6 0 2 4. Note the bad distribution. Suppose the hash size is 7. Then the buckers are 2 4 6 1 3 5. Note the good distribution. OK, thanks, that finally clicked. Now you know why I'm not a mathematician or computer scientist. :-) -Dave
Re: Why conf-split prime?
Jost Krieger [EMAIL PROTECTED] wrote: I think we are spreading urban legends here. AFAIK, the primality is for double hashing in conflict resolution. Nothing of that kind is going on here. You're right. The hashing used here is a simple modulo. From fmtqfn.c: i = fmt_ulong(s,id % auto_split); len += i; if (s) s += i; I can't see that primality would do anything special here. However, the default, 23, is prime, and in his only message to the list on the topic of conf-split, DJB suggested a value of 401, also prime, for a queue with 10 entries: http://www.ornl.gov/its/archives/mailing-lists/qmail/1997/07/msg00295.html Why would DJB use primes if they weren't necessary? He uses round numbers elsewhere (concurrencies, for example), so I don't think he just likes them. So...anyone who still thinks conf-split must/should be prime... Could you explain why? -Dave
Re: qmail-local's environment settings?
Williams, Paul (OTS-EDH) [EMAIL PROTECTED] wrote: Does anyone have a list of the environment variables qmail-local sets up and what they map to? http://www.lifewithqmail.org/lwq.html#environment-variables -Dave
Re: I'm not root, can I use qmail?
Chris Johnson [EMAIL PROTECTED] wrote: You'll never be able to install and run qmail without root access because it requires installing qmail-queue setuid, and it requires running various other programs as users other than yourself. As a regular, non-root user, you can't create a setuid program and you can't run programs as other users. Some minor hackery of the qmail code (e.g., setuid()) and properly setting conf-users and conf-qmail should do the trick. I haven't tried it, though. However, I'd be suprised if running an MTA on a nonstandard port didn't violate the ISP's Terms of Service. -Dave
Re: Why conf-split prime?
--IPiIw4QAe+ Content-Type: text/plain; charset=us-ascii Content-Description: message body text Content-Transfer-Encoding: 7bit Charles Cazabon [EMAIL PROTECTED] wrote: Dave Sill [EMAIL PROTECTED] wrote: You're right. The hashing used here is a simple modulo. [...] I can't see that primality would do anything special here. It does -- a large series of random numbers, modulo some number I, will result in an even distribution of results if and only if I is prime. If I isn't prime, the results are skewed noticeably towards the low end. Hmm. On first reading that, I didn't believe it. I couldn't imagine how the primality of the divisor could magically guarantee an even distribution. The first thing I did was Google for hash prime modulo even distribution. That turns up many repetitions of Charles' assertion, without proof or explanation. I did find one clue, though, at: http://www.cs.rpi.edu/courses/spring01/cs2/wksht22/wksht22.html Which says: Research has shown that you get a more even distribution of hash values, and thus fewer collisions, if you choose your table size to be a prime number. Being a ``Profile, don't speculate'' kind of guy, I decided to write a little program to test modulo hashes, which is attached to this message for your entertainment. The result is that I can't see any effect of primality of the hash table size on distribution. For example: $ ./hash 16 size=16, reps=1, seed=0 0: 6250114 1: 6250151 2: 6249941 3: 6249981 4: 6249971 5: 6250134 6: 6250221 7: 6250195 8: 6249542 9: 6249840 10: 6250200 11: 6249700 12: 6250055 13: 6250101 14: 6249832 15: 6250022 mean=625.00, variance=36840.00 stddev=191.937485 (0.003071%) The table size, 16, is about as non-prime as you can get, but the distribution is quite even. Repeating with a table size of 17 shows no improvement: $ ./hash 17 size=17, reps=1, seed=0 0: 5882787 1: 5880754 2: 5883273 3: 5880598 4: 5881230 5: 5880577 6: 5885196 7: 5878233 8: 5874942 9: 5887715 10: 5881680 11: 5889068 12: 5888613 13: 5879609 14: 5882129 15: 5882443 16: 5881153 mean=5882352.00, variance=13348593.00 stddev=3653.572754 (0.062111%) So, I'm not sure exactly what was determined in the research mentioned above, but it looks to me like everyone's heard the conclusion so many times that they just accept it. I suspect it's only applicable when the integers being hashed are fairly close to the size of the table. -Dave --IPiIw4QAe+ Content-Type: application/octet-stream Content-Description: modulo hash tester Content-Disposition: attachment; filename=hash.c Content-Transfer-Encoding: base64 I2luY2x1ZGUgPHN0ZGlvLmg+CiNpbmNsdWRlIDxzdGRsaWIuaD4KI2luY2x1ZGUgPG1hdGgu aD4KCm1haW4oaW50IGFyZ2MsIGNoYXIgKiphcmd2KQp7CiAgaW50IGhhc2hbMTAwMDBdLCBp OwogIGludCBzaXplPTE2LCByZXBzPTEwMDAwMDAwMCwgc2VlZD0wOwogIGxvbmcgajsKICBm bG9hdCBtZWFuLCB2YXJpYW5jZT0wLCBzdGRkZXY7CgogIGlmIChhcmdjID49IDIpIHsKICAg IHNzY2FuZiAoYXJndlsxXSwgIiVkIiwgJnNpemUpOwogICAgaWYgKHNpemUgPiAxMDAwMCkK ICAgICAgZXhpdCAoMSk7CiAgfQogIGlmIChhcmdjID49IDMpCiAgICBzc2NhbmYgKGFyZ3Zb Ml0sICIlZCIsICZyZXBzKTsKICBpZiAoYXJnYyA+PSA0KQogICAgc3NjYW5mIChhcmd2WzNd LCAiJWQiLCAmc2VlZCk7CiAgbWVhbj1yZXBzL3NpemU7CiAgcHJpbnRmICgic2l6ZT0lZCwg cmVwcz0lZCwgc2VlZD0lZFxuIiwgc2l6ZSwgcmVwcywgc2VlZCk7CiAgZm9yIChpPTA7IGk8 c2l6ZTsgaSsrKSB7CiAgICBoYXNoW2ldPTA7CiAgfQogIHNyYW5kNDggKHNlZWQpOwogIGZv ciAoaT0wOyBpPHJlcHM7IGkrKykgewogICAgaj1scmFuZDQ4KCk7CiAgICBoYXNoW2olc2l6 ZV0rKzsKICB9CiAgZm9yIChpPTA7IGk8c2l6ZTsgaSsrKSB7CiAgICBwcmludGYgKCIlZDog JWRcbiIsIGksIGhhc2hbaV0pOwogICAgdmFyaWFuY2UgKz0gcG93KGhhc2hbaV0gLSBtZWFu LCAyLjApOwogIH0KICB2YXJpYW5jZSAvPSAoZmxvYXQpc2l6ZS0xOwogIHN0ZGRldj1zcXJ0 KHZhcmlhbmNlKTsKICBwcmludGYgKCJtZWFuPSVmLCB2YXJpYW5jZT0lZlxuIiwgbWVhbiwg dmFyaWFuY2UpOwogIHByaW50ZiAoInN0ZGRldj0lZiAoJWYlKVxuIiwgc3RkZGV2LCBzdGRk ZXYvbWVhbioxMDApOwp9Cg== --IPiIw4QAe+--
Re: Why conf-split prime?
Dave Sill [EMAIL PROTECTED] wrote:
--IPiIw4QAe+
Content-Type: text/plain; charset=us-ascii
Content-Description: message body text
Content-Transfer-Encoding: 7bit
etc.
Argh. Forgot about my Emacs' broken MIME. Here's the program:
#include stdio.h
#include stdlib.h
#include math.h
main(int argc, char **argv)
{
int hash[1], i;
int size=16, reps=1, seed=0;
long j;
float mean, variance=0, stddev;
if (argc = 2) {
sscanf (argv[1], %d, size);
if (size 1)
exit (1);
}
if (argc = 3)
sscanf (argv[2], %d, reps);
if (argc = 4)
sscanf (argv[3], %d, seed);
mean=reps/size;
printf (size=%d, reps=%d, seed=%d\n, size, reps, seed);
for (i=0; isize; i++) {
hash[i]=0;
}
srand48 (seed);
for (i=0; ireps; i++) {
j=lrand48();
hash[j%size]++;
}
for (i=0; isize; i++) {
printf (%d: %d\n, i, hash[i]);
variance += pow(hash[i] - mean, 2.0);
}
variance /= (float)size-1;
stddev=sqrt(variance);
printf (mean=%f, variance=%f\n, mean, variance);
printf (stddev=%f (%f%)\n, stddev, stddev/mean*100);
}
-Dave
Re: Why conf-split prime?
Ian Lance Taylor [EMAIL PROTECTED] wrote: If the input numbers are truly random, then a modulos hash will distribute well whether or not the hash size is prime. However, if the input numbers are not truly random, then a modulos hash may pick out some regularity in the input, and preferentially hash to a given set of buckets. If the input numbers are not fairly random, then a modulo hash is not a choice. For a trivial example, if the numbers tend to be even, then an even modulos hash will tend toward using the even numbered buckets. Which, unfortunately, wouldn't be helped by a prime table size. A prime modulos hash minimizes the types of regularity which will lead to a poor hash distribution. Exactly how does a prime modulus help? Can you give an example? Unix file system inode numbers are not truly random. Therefore, it's wise to choose a prime conf-split. I'm still not convinced. Has anyone ever seen a problem with a non-prime conf-split that was significantly helped by switching to a prime conf-split? -Dave
Re: Why conf-split prime?
Dave Sill [EMAIL PROTECTED] wrote: If the input numbers are not fairly random, then a modulo hash is not a choice. Not a *good* choice. Unix file system inode numbers are not truly random. Therefore, it's wise to choose a prime conf-split. BTW, I modified my modhash program to read numbers from stdin, fed it lists of real, live inode numbers, and guess what? It still makes no difference whether you use a prime hash or not. -Dave
Re: GHOSTS AND ASSHOLES
Russell Nelson [EMAIL PROTECTED] wrote: Once, just once I'd like to see people mis-spel my name as Rusell. Just once. Why does anybody think that a trailing 'L' is optiona? Blame Randal Schwartz...or his parents. Or maybe this guy: http://www.absolutearts.com/portfolios/r/russram/ -Dave
Re: failure on control/locals
Erik Logan [EMAIL PROTECTED] wrote: Sorry. Although I'm listed as a best-preference MX or A for that host, it isn't in my control/locals file, so I don't treat it as local. (#5.4.6) my control/locals file has my domain in it. I see at least three possibilities: 1) you're wrong, it's not in control/locals 2) you haven't restarted or HUP'd qmail-send since adding it 3) you're the victim of some bizarre OS/compiler bug If anyone has any suggestions I would appreciate it. If you ever declassify your domain name, you could post the output of qmail-showctl. Also, send qmail-send HUP just to be sure. -Dave
Re: login length...
Daniel Fenert [EMAIL PROTECTED] wrote: Is there some strict login length defined in qmail? I'm using qmail+mysql patches, and i'm transfering domains from M$ Exchange (which dies ones a week :) and have user with 33 character login... I don't know diddly about qmail+mysql patches, but the stock qmail-getpw has a limit of 32 characters on account names. -Dave
Re: mail routing and sanity
[EMAIL PROTECTED] wrote: put in $QMAILDIR/control/smtproutes myhost.com:notes.myhost.com make sure for the rest it is only in control/rcpthosts and SIGHUP qmail-send. No, smtproutes is a qmail-remote control file. HUP'ing qmail-send won't help. He'll need to completely restart qmail. -Dave
Re: tcprules
Jon [EMAIL PROTECTED] wrote: I have 20 IP's on my server. Is there a way of saying : Only assign QMAILQUEUE=/var/qmail/bin/qmail-qftest if the incoming email is being sent to my IP address A.B.C.D. Because out of all the 20 IP's I have, I only want to filter mail coming though the ip A.B.C.D. A.B.C.D:allow,QMAILQUEUE=/var/qmail/bin/qmail-qftest -Dave
Re: .qmail-everybody?
David Gartner [EMAIL PROTECTED] wrote: | /usr/bin/perlscript username That causes a loop: the second line forwards a copy to the same .qmail file. Is there anyway I can remove these .qmail files and run it on a global level with one file? The defaultdelivery parameter to qmail-start will be used *if* no .qmail file is found (or it's empty). If this perl filter has to be mandatory, you'll have to prevent users from creating their own .qmail files. -Dave
Re: mail routing and sanity
Chris Johnson [EMAIL PROTECTED] wrote: Actually, he won't need to do anything. smtproutes is read by every invocation of qmail-remote. You're right, of course. Sorry, that was a brain fart. Momentary qmail-rspawn/qmail-remote confusion. -Dave
Re: long delays when sending mail
James Melliar [EMAIL PROTECTED] wrote: I have a fairly standard Linux (Mandrake 8) server with Qmail on a LAN serving 10 Win 98 PCs. What is very odd is that when windows clients, using a mixture of outlook express Outlook 2000, send mail the SMTP connection times out after 60 seconds. If the click the wait option the mail gets sent without any problems. You can't swing a dead cat in the archives of this list without hiting the answer to that one... -Dave
Re: ReiserFs and qmail
Charles Cazabon [EMAIL PROTECTED] wrote: The problem comes from the fact that Linux does not adhere to BSD semantics regarding the sync() system call. BSD semantics state that if you sync a file, it's data and it's metadata are synced to disc. Linux, on the other hand, syncs only the data. To sync the metadata, you have to sync() the directory the file resides in. This depends upon the filesystem. E2fs behaves that way, but XFS and ReiserFS don't. But the real problem with ReiserFS (and XFS) and qmail is that Dan assumes that link() is synchronous. That might be true for FFS filesystems, especially under BSD, but it's not true for ReiserFS and XFS. The ReiserFS people have a patch available from: http://www.jedi.claranet.fr/qmail-link-sync.patch Which adds sync's after link's. It should be used with XFS filesystems, too. But, looking at the patch, I see that it doesn't fsync() after the mess link is created in qmail-queue.c. Hmm... Looks like he changed something in that area, then undid it: - if (link(pidfn,messfn) == -1) die(64); + if (link(pidfn,messfn) == -1) die(64); I wonder why... -Dave
Re: QMail XFS
Brano Vislocky [EMAIL PROTECTED] wrote: someone was tested qmail with SGI's XFS on Linux? Are there some possible problems ( as with ReiserFS ) ? As I mentioned in the concurrent ReiserFS thread, XFS requires the same link sync patch that ReiserFS requires: http://www.jedi.claranet.fr/qmail-link-sync.patch -Dave
Re: Forwarding Question...
Jeffrey Austin Collop [EMAIL PROTECTED] wrote: @40003b2f84460273a1d4 delivery 134: deferral: Home_directory_is_sticky:_user_is_editing_his_.qmail_file._ (#4.2.1)/ @40003b2f84a202a82724 delivery 135: deferral: Home_directory_is_sticky:_user_is_editing_his_.qmail_file._ (#4.2.1)/ @40003b2f84a202a97714 delivery 136: deferral: Home_directory_is_sticky:_user_is_editing_his_.qmail_file._ (#4.2.1)/ Hmm... It's just a hunch, but is the sticky bit set on /var/qmail/alias? -Dave
Re: LWQ/svscan question
Charles Cazabon [EMAIL PROTECTED] wrote: Dave can probably give a more detailed answer to this, but you don't symbolicly link the directories into /service until you're ready to run them. That's not how LWQ's qmailctl works. The links in /service are permanent. And even then, svscan won't start them until you do a svc -u (or -o) /service/servicename . Sure it will, unless there's a down file. In short, stop worrying, I think :). Definitely. -Dave
Re: [Q] qmail and supervise
Bernhard Graf [EMAIL PROTECTED] wrote: Gerrit Pape wrote svscan should be started at boot time and never stopped until shutdown. That ensures your services are always running with the same (known and wanted) environment and limits. But I don't want to bypass run levels. Would you approve creating a 'down' file in the service directories and running 'svc -u / svc -d' in init.d scripts on each service? That's a nice idea, but it doesn't work. svscan started via inittab isn't started until *after* the init.d scripts are run. I only tested this on Red Hat 7.1, but I suspect its widespread. -Dave
Re: how may i discard msgs
Deslions Nicolas [EMAIL PROTECTED] wrote: i'm currently receiving a lot of virus generated messages the To: looks like : SMTP:[EMAIL PROTECTED] i've tried to discard those messages using some .qmail alias files like .qmail-SMTP-default , .qmail-SMTP:[EMAIL PROTECTED] etc etc but none seems to work. The default break character is a dash (-), so none of the extension .qmail files you're trying will work. Any idea ? Sure, try the qmail-users facility: http://www.lifewithqmail.org/lwq.html#qmail-users A wildcard entry like: +smtp:alias:aliasuid:aliasgid:/var/qmail/alias::-smtp-: Should direct mail to smtpanything@yourdomain to /var/qmail/alias/.qmail-smtp-default. -Dave
Re: [Q] qmail and supervise
Charles Cazabon [EMAIL PROTECTED] wrote: I could be mistaken, but I believe this behaviour depends on the order of the various lines in inittab -- if you put svscan before the stuff called in the standard runlevels, it should work. Hmm, that could be it. If so, it's unfortunate that DJB's daemontools installation instructions specifically say to put the SV entry at the end of the file. -Dave
RE: how may i discard msgs
Deslions Nicolas [EMAIL PROTECTED] wrote: Thanks but it doesn't seems to work i think the problem maybe comes from the : character... It works. I just tested it. Did you remember to substitute the correct UID and GID in the assign entry? I suggested: +smtp:alias:aliasuid:aliasgid:/var/qmail/alias::-smtp-: You should have replaced aliasuid and aliasgid with the uid of user alias and the gid of group nofiles. The assign file must be ended with a line containing only a ., and you also have to run qmail-newu. E.g.: # cat assign +smtp:alias:49492:31314:/var/qmail/alias::-smtp-: . # /var/qmail/bin/qmail-newu # -Dave
Re: restart without rebooting
Chris Johnson [EMAIL PROTECTED] wrote: HUPing only makes qmail reread locals and virtualdomains. (And there is no process called qmail, so killall -HUP qmail won't do anything on any system.) Except possibly on Solaris: NAME killall - kill all active processes SYNOPSIS /usr/sbin/killall [ signal ] DESCRIPTION killall is used by shutdown(1M) to kill all active processes not directly related to the shutdown procedure. killall terminates all processes with open files so that the mounted file systems will be unbusied and can be unmounted. killall sends signal (see kill(1)) to the active processes. If no signal is specified, a default of 15 is used. The killall command can be run only by the super-user. (I haven't tried it to see what it does with unexpected options and an invalid signal name.) -Dave
Re: multilog logs rblsmtpd into /var/log/qmail/smtpd instead of smtp traffic
[EMAIL PROTECTED] wrote: - #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/tcpserver -R -x /etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd \ -rdialups.mail-abuse.org \ -rrelays.mail-abuse.org \ -rblackholes.mail-abuse.org \ /var/qmail/bin/qmail-smtpd 21 - and i end up with a /var/log/qmail/smtpd/current logs that look like this: - @40003b298b7937101f6c rblsmtpd: 143.233.208.2 pid 9823: 451 Blackholed - see URL:http://mail-abuse.org/cgi-bin/lookup?143.233.208.2 @40003b299a4d1d350724 rblsmtpd: 143.233.208.2 pid 11657: 451 Blackholed - see URL:http://mail-abuse.org/cgi-bin/lookup?143.233.208.2 @40003b29a92c2b4cd8b4 rblsmtpd: 143.233.208.2 pid 13118: 451 Blackholed - see URL:http://mail-abuse.org/cgi-bin/lookup?143.233.208.2 - is there a way to get multilog to grab both smtp and rbl generated info? qmail-smtpd doesn't do any logging, but if you add -v to tcpserver, it'll log connections. -Dave
Re: yet more trouble with daemontools and supervise
Stephen Bosch [EMAIL PROTECTED] wrote: So, is Charles right? He knows a thing or two about qmail... Does this indicate somebody is reattempting delivery? Looks like it to me. No supervise directory... Further evidence that supervise isn't running. *rattles head* So... okay... where is supervise invoked again? I need to eat something... In all versions of LWQ, supervise is started by svscan. In older versions, svscan was run from the qmail script on /var/qmail/supervise. In the current LWQ, it's run at boot by init or rc.local on /service. If the top level service directory has the sticky bit set--which you've verified--svscan will also start a supervise for the service's log/run script. You might try doing: qmail stop cd /var/qmail/supervise env - PATH=$PATH svscan To see if svscan is giving any errors. You could also insert strace/truss/trace/par--whatever your system call tracing utility is called--into the svscan invocation in the qmail script, e.g.: env - PATH=$PATH strace -o /var/log/svscan.log svscan But making sense of the output might not be easy. Your suggestion to migrate to the new LWQ setup is looking more appealing by the minute. I don't remember suggesting that, but it's not a bad idea. -Dave
IMAP benchmarks
I haven't seen it mentioned here, but Sam Varshavchik (Courier's author) benchmarked UW-IMAP and Courier-IMAP: http://www.courier-mta.org/mbox-vs-maildir/ This pretty much debunks the claims that maildirs don't scale. -Dave
Re: warning: trouble opening remote
Russell Nelson [EMAIL PROTECTED] wrote:
If you're running qmail configured as per
http://www.lifewithqmail.org, then the following commands will fix the
problem:
svc -dx /service/qmail
setlock /service/qmail/supervise/lock sh -c
'/var/qmail/queue/*/0/{348381,348335,348013}'
For LWQ, the service is /service/qmail-send, and I think that should
be ... sh -c 'rm /var/
-Dave
Re: yet more trouble with daemontools and supervise
Stephen Bosch [EMAIL PROTECTED] wrote: Dave Sill wrote: Logging via splogger (syslog). Which is deprecated in LWQ, now, correct? Yes. Sure that's qmail-smtpd/log/run? Looks more like qmail-smtpd/run. D'oh! #!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd OK, now refresh my memory...what was the problem? And is that command all on one line? -Dave
Re: URGENT: Qmail-remote gone nuts
Niles Rowland [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: So I got rid of the support forward and now support seems to be reiceving mail fine -- but how I do clear my queue when qmail-qstat reports: messages in queue: 5046 messages in queue but not yet preprocessed: 0 Delete the queue and rebuild it. Yeah, he probably won't lose any important messages... A good tool for that is queue-fix. No, queue-fix fixes corrupt queues. To delete and rebuild, you should rm -rf /var/qmail/queue and make setup check from the qmail source directory. But that will, of course, throw out *everything* in the queue, which might not be disirable. -Dave
Re: URGENT: Qmail-remote gone nuts
Guillermo Villasana Cardoza [EMAIL PROTECTED] wrote: actually queue-fix will do the job right... I know I have done it. I didn't mean to imply that it wouldn't work, just that it's preferable to use the rm/make method since it's definitive and doesn't require downloading/installing a third-party utility. For example, if you've installed the big-todo patch, you'll need to install the associated patch for queue-fix or it'll contruct an incompatible queue. It's easier and safer to let qmail rebuild the queue. -Dave
RE: URGENT: Qmail-remote gone nuts
David U. [EMAIL PROTECTED] wrote: now I just want to know why [EMAIL PROTECTED] forwarded to [EMAIL PROTECTED] 6000 times (until /var filled I assume) instead of just once. this is all via localhost, no other machines involved. I'd look at the logs, from the beginning of the incident. -Dave
Re: yet more trouble with daemontools and supervise
Stephen Bosch [EMAIL PROTECTED] wrote: Well, my logs are filling up with garbage Garbage or log entries? Sample, please? (and I get that silly file does not exist error when I run qmail stat) Sample? -Dave
Re: yet more trouble with daemontools and supervise
Stephen Bosch [EMAIL PROTECTED] wrote: my /var/log/maillog fills up with stuff like this: Jun 12 14:09:12 hotcube qmail: 992376552.411296 end msg 1005715 Jun 12 14:09:12 hotcube qmail: 992376552.507199 new msg 1005716 Jun 12 14:09:12 hotcube qmail: 992376552.507323 info msg 1005716: bytes 266 from [EMAIL PROTECTED] qp 27390 uid 502 Jun 12 14:09:12 hotcube qmail: 992376552.573170 end msg 1005716 Jun 12 14:09:12 hotcube qmail: 992376552.660653 new msg 1005715 Jun 12 14:09:12 hotcube qmail: 992376552.660776 info msg 1005715: bytes 266 from [EMAIL PROTECTED] qp 27403 uid 502 Jun 12 14:09:12 hotcube qmail: 992376552.732709 end msg 1005715 and so on, and so on, and so on. It goes back months like this (I would never have noticed it had it not been for some other issues I was working on). Is this normal? My other qmail installations don't do that. It's normal for qmail-send to log its actions. It's not normal to see messages end without a delivery being logged, or for no status: messages to be logged. It's not normal to have a qmail-send/log service when you're logging via splogger/syslog. [root@hotcube qmail]# /etc/rc.d/init.d/qmail stat qmail-send: up (pid 27564) qmail-smtpd: up (pid 27566) qmail-send/log: unable to open supervise/ok: file does not exist qmail-smtpd/log: unable to open supervise/ok: file does not exist That means supervise isn't running for the log services. Okay. So I checked for sticky bits on the appropriate directories: [root@hotcube supervise]# ls -ld /var/qmail/supervise/* 927870 drwxr-xr-t4 root qmail1024 Sep 1 2000 /var/qmail/supervise/qmail-send/ 712830 drwxr-xr-t4 root qmail1024 Dec 18 10:27 /var/qmail/supervise/qmail-smtpd/ Were they set when the services were started? qmail-smtpd/log: 733311 -rwxr-xr-x1 root qmail 94 Sep 1 2000 run* No supervise directory... Further evidence that supervise isn't running. -Dave
Re: bad gid being passed?
Amanda [EMAIL PROTECTED] wrote: I reassigned the alias user to its right group, How did you determine which GID is right? You *must* use the GID that was in place when qmail was compiled. Changing it requires recompiling qmail. I attempted to reconfigure/reinstall qmail with no success: the alias user is now appearing in the right group, but somewhere the gid 401 is still being passed when trying to send messages to the mailing list. The 401 was probably compiled into the qmail binaries. In frustration at this point, I removed the install directories of both Mailman and qmail, removed their source directories, removed the original tarballs, removed their users and groups redownloaded both programs, and started again. And I'm still getting the same error. Okay, so I know I missed something in the process of reinstalling or reconfiguring qmail. The question is, what did I forget to remove or change? Any ideas on how to fix this problem would be greatly appreciated. Which installation intructions are following? Did you test qmail after installing it? Did it work? -Dave
Re: yet more trouble with daemontools and supervise
Frank Tegtmeyer [EMAIL PROTECTED] wrote: Stephen Bosch [EMAIL PROTECTED] writes: qmail-send/log: unable to open supervise/ok: file does not exist There is no need for qmail-send/log. Sure there is, if you want the logging supervised. qmail-send starts up the logger by itself as given on it's command line. See /var/qmail/rc. This is the old-fashioned way to log. -Dave
Re: Nat problem
Maciej Bogucki [EMAIL PROTECTED] wrote: In sendmail I can change this in sendmail.cf file. qmail isn't Sendmail. You could (1) modify the source to not include that info, or (2) filter messages to strip that info, e.g. using qmail-qfilter. -Dave
Re: queue processing problem
Shawn Estes [EMAIL PROTECTED] wrote: First off, Im using concurrency patch and big-todo patch (from qmail.org) with qmail-1.03. I've configured the conf-spawn to 400. We are an ISP so we are not doing any kind of mailing lists, all messages coming through our system are seperate messages sent by different customers. We process about 15,000 different messages an hour. We have a server running FreeBSD 4.3, with 256MB RAM, 9GB Seagate Barracuda 7200 (this is the disk holding the queue), Quantum Fireball is holding the homedirs of the users. This is kind of broken up into a few different problems. 1) qmail-qstat is showing that the not yet preprocessed messages are growing, and very seldom is that number decreasing. 2) qmail-remote is being spawned way under the current remote concurrency limit (175) I have very seldom seen this number reach above 30. Both suggest that qmail-send is having trouble keeping up. qmail-send is responsible for processing messages placed in the queue and for scheduling remote deliveries through qmail-rspawn. The question to answer is why qmail-send isn't keeping up. Perhaps disk I/O is the bottleneck. Or maybe the CPU is maxed out--though that's unlikely. What else is the system doing? Is there any idle CPU? Another possibility is that it's just too busy. You could split the load somewhat by installing another instance of qmail, e.g. in /var/qmail2, and let one instance handle locally injected messages while the other handles SMTP injected messages. Since qmail-send is single-threaded, it might be not able to keep qmail-rspawn busy if it keeps seeing new messages that need processing. Splitting the load like this would mean fewer interruptions for the qmail-send handling locally injected messages. su-2.05# ps -ax | grep qmail-remote | wc -l 30 su-2.05# ps -ax | grep qmail-smtpd | wc -l 111 That's a fairly high number of incoming SMTP connections. Excerpt from /var/log/qmail/current: Too small to be useful, and lacking timestamps. 3) Messages are staying in the queue and are not being delivered the way they should be. Note: Messages are going out, just very slowly. The logs are showing deliveries local and remote. There are no error messages in the log. (A test message sent to a local user takes approximately 30-45 minutes, roughly the same amount of time for a remote user) Same problem as 1 and 2. Here's what I've done so far: 1) Checked the Trigger file to make sure it has the correct permissions: Good. 2) Checked ulimit and kern max files. OK. 3) Ran the qmail-send run file by itself and the messages in the queue went through very quickly. (5000 messages in about 15 minutes or so) A lot better then they are with everything running. Confirms my qmail-send is being interrupted hypothesis, I think. 4) Verified my run scripts with LWQ. The run scripts have softlimits that are increased from LWQ, could this be my problem? No, but I wonder why you want such high limits. They're for your own protection. -Dave
Re: yet more trouble with daemontools and supervise
Stephen Bosch [EMAIL PROTECTED] wrote: Okay, here is what I have in /var/qmail/rc: #!/bin/sh # Using splogger to send the log through syslog. # Using procmail to deliver messages to /var/spool/mail/$USER by default. exec env - PATH=/var/qmail/bin:$PATH \ qmail-start '|preline procmail' splogger qmail Logging via splogger (syslog). The run file for qmail-smtpd/log contains: #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -R -H -v -p -x /etc/tcp.smtp.cdb \ -u $QMAILDUID -g $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21 Sure that's qmail-smtpd/log/run? Looks more like qmail-smtpd/run. -Dave
Re: Using qmail-queue
Jon [EMAIL PROTECTED] wrote: My company runs quite a large opt-in newsletter (around 60,000 members, growing by about a 1000 every few days), up to a few months ago we sent the newsletter by using qmail-inject for every email address on the list (which was slow). So we started to use the qmail-queue directly (using the info on the man page for it) so we give qmail-queue the message file with all the headers, and also the list of email addresses. Work well, and super fast :-) But last week one of our bosses found that Hotmail has a bulk mail folder so all incoming email to Hotmail users which does not have there email address in the To: field of the email, goes into this folder. And because we use qmail-queue, all the emails sent has the same To: fieild (we use the email address for our site)and therefore all our newsletters go into there bulk folder. You're sending bulk mail, which Hotmail is correctly identifying as bulk mail--but you want to trick it into thinking your mail is not bulk. If this is an opt-in newsletter, why do you care that Hotmail identifies it as bulk? -Dave
Re: New Broadcast Message!!!
Kirti S. Bajwa [EMAIL PROTECTED] wrote:
Our company has a mail server. It has RH 6.2 and Qmail 1.3 and very much
else. This server serves to about 200 email addresses. We need to install a
patch which will require the system to be re-booted. Therefore, we would
like to send an email message to all the emails addresses on our company's
mail server, informing them of coming re-boot. Any suggestion??
It's already been suggested that you create a mailing list containing
all users. Is that unacceptable for some reason?
Here's a quick and dirty method:
$ awk -F: '{print $1}' /etc/passwd ~/.qmail-all-users
$ #optional: edit ~/.qmail-all-users, remove system accounts
$ cat msg MSG
From: kbajwa
To: kbajwa-all-users
Subject: Reboot
blah blah blah
MSG
$ /var/qmail/bin/qmail-inject msg
$
-Dave
RE: New Broadcast Message!!!
Kirti S. Bajwa [EMAIL PROTECTED] wrote: ... It does not matter when the updates are done, the management still would like to inform people, several times, before the system is re-booted. Just say good service. Any suggestions. Tap, tap, tap. Is this thing on? You've received several suggestions. You've not responded to any of them. You keep acting like you've never seen them. I'm done trying, Kirti. -Dave
Re: Qmail-remote stopped up?
Troy Settle [EMAIL PROTECTED] wrote: For the last several months, I've been having some severe problems with qmail-remote. I've rebuilt from fresh sources and updated my system (FreeBSD 4.2-STABLE) several times. Nothing seems to help. You can see what I'm seeing at http://home.psknet.com/troy/qmail-remote.txt. Do you have any qmail patches installed? -Dave
RE: better methods to install qmail on linux ( Redhat 6.2 or 7.0)
Joshua Nichols [EMAIL PROTECTED] wrote: what is the space for / what is the space for /boot what is the space for /home what is the space for /usr what is the space for /var what is the space for /swap what is the space for /tmp How 20th century... If you use Red Hat, it will try to set up appropriate server partitions for you, but it will fail: /usr will be WAY too big /home will probably be too big /var will be WAY too small to accommodate any serious volume of qmail traffic Disk space is cheaper than dirt these days. I recommend: /boot20MB /var 300MB min, 800MB better, more for servers /2GB or more (include /usr and /tmp) /homewhatever you need swap 500MB or more On some systems I go with /boot, /, and swap only. I *hate* running out of space in, say, /var, when /home has gigabytes free... -Dave
Re: best patches to be apply for QMAIL
hari_bhr [EMAIL PROTECTED] wrote: i would like to know , what are the patches to be patch with this. for more secure and with out any holes could some one guide me what are the patches to be apply Any patches you apply are more likely to decrease security than improve it. (No offense intended to patch authors, but DJB's record speaks for itself.) -Dave
Re: better methods to install qmail on linux ( Redhat 6.2 or 7.0)
Kalle Kivimaa [EMAIL PROTECTED] wrote: In a mail server this fails when you get a mail which is larger than the available size on /var. Thus, have AT LEAST 4GB for /var, then you SHOULD be safe. Same goes with /home if you deliver mail locally. You really have users sending multigigabyte messages? Yow. -Dave
Re: qmail-remote (cry wolf?)
J=F6rgen Persson [EMAIL PROTECTED] wrote: There's been 4 similar reports of qmail-remote not behaving properly t= o this list during the last month.=20 http://www.ornl.gov/its/archives/mailing-lists/qmail/2001/05/msg00558.= html http://www.ornl.gov/its/archives/mailing-lists/qmail/2001/05/msg01332.= html http://www.ornl.gov/its/archives/mailing-lists/qmail/2001/06/msg00283.= html http://www.ornl.gov/its/archives/mailing-lists/qmail/2001/06/msg00426.= html We still haven't been able to help any of them... This doesn't look like a coincidence to me since two of the reports concerned the same recipient server (outblaze.com). Unfortunately it seems related to network programming, which I know very little about. Any other thoughts about this=3F Three of the four are running Red Hat 6.2. That could simply be because 75% of qmail systems are running RH 6.2, though. :-) No word on which qmail patches, if any, were installed on these systems. -Dave
LWQ Updated
I finally found a few spare moments to update LWQ. Sigh. Sorry it took so long. There are lots of minor changes, of course, but also a few bigger ones: 1) Services go under /service 2) qmail script is now qmailctl 3) Improved qmail-pop3d installation instructions 4) Links to two more translations: Polish and Russian. Thanks for your support. Comments are welcome, as always. -Dave
Re: mail queue getting bigger
Cary [EMAIL PROTECTED] wrote: What do I need to change so it does run? When I restart the system, qmail-send and qmail-stmp both show up with as being managed by supervise, Says who? What Do The Logs Say? (tm) but you and Charles both say it is not running. If it was running, messages in the queue would be preprocessed. What gives? You've botched the startup configuration somehow: typo in a script or omitted one or more steps. Also, according to Life with qmail, a properly configured qmail system should have four daemons running, yet I obviously had only two. Where do the other two processes begin running? qmail-start starts qmail-send, qmail-lspawn, q-rspawn, and qmail-clean. Once I get getmail to work delivering mail to my Maildir mailbox, I won't need to accept mail via SMTP for the summer, no. BUT I will need/want to use SMTP when I get back to school in the fall, and have an IP address from which I would want to send/recieve mail (i.e. cary@[150.x.x.x]). Is rcpthosts the correct place to put this address, or will it automaticly be used (it is assigned by DHCP)? You'll need to install either a POP3 or IMAP server, and you'll probably want to set up one of the relay-after-pop mechanisms to grant the dynamic IP address relay access. -Dave
Re: qmail is slow
[EMAIL PROTECTED] wrote: Well, when the Qmail of Central Server send a list (for example) about 45.000 email subscribers, the Mail Relay's servers send about of 20 email at the same time. Its very slowly! But, when the Central Server finish, the qmail of Mail Relay send 500 mails at the same time. Why? Because qmail-send is single-threaded, and must split its attention between processing new messages and passing processed messages to qmail-rspawn. How can I do for the Qmail process send/receive have the same priority? I need the qmail send a constant of 500 mails. Any idea? Don't pass the deliveries off to relays. In doing so, you're taking one message with 45000 recipients and making it 45000 messages with one recipient. You might also want to set up a second qmail installation on the central server to do nothing but handle messages injected via SMTP. That will allow the qmail-send sending the ezmlm messages to go full speed by offloading bounce messages delivery to another qmail-send process. -Dave
Re: Same domain in two machines and forwarding messages between
Sebastian Wain [EMAIL PROTECTED] wrote: I have one domain domain.com and two machines (AAA and BBB), AAA receives mail to [EMAIL PROTECTED] and depending on the user forward it to [EMAIL PROTECTED] in BBB. See: http://www.faqts.com/knowledge_base/view.phtml/aid/1832/fid/205 -Dave
RE: qmail is slow
Joshua Nichols [EMAIL PROTECTED] wrote: This brings up an interesting question. If I'm sending a message to 100k people, but I need a unique unsubscribe link at the end, can qmail be convinced that it's only one message, and 100k recipients? Not stock qmail, but Russ Nelson has such a critter. It ain't cheap, though. -Dave
Re: Limiting bandwidth usage
Karsten W. Rohrbach [EMAIL PROTECTED] wrote: qmail indirectly contains instrumentation for that. it is called remote concurreny. The key word there is indirectly. If you need direct control, concurrencyremote won't provide it. In some applications, lowering concurrencyremote might be good enough. -Dave
Re: Features
GARGIULO Eduardo INGDESI [EMAIL PROTECTED] wrote: I'm new to the list and new to qmail. Welcome. I had allways used sendmail, but I had heared that qmail is better (more secure and reliable) than sendmail. Where can I find documentation about advantages of qmail over sendmail http://www.lifewithqmail.org/lwq.html#features http://www.lifewithqmail.org/lwq.html#comparison and install/configure docs of qmail? http://www.lifewithqmail.org/lwq.html#installation thanks, and sorry for my english .. http://www.lifewithqmail.org/lwq.html#lwq-translations There's also a Russian translation at: http://reanand.terrashare.com/qmail/lwq.htm -Dave
Oops,I guess Sendmail wasn't secure after all...
From: Gregory Neil Shapiro [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: sendmail 8.11.4 and 8.12.0.Beta10 available Sendmail, Inc., and the Sendmail Consortium announce the availability of sendmail 8.11.4 and 8.12.0.Beta10. 8.11.4 revamps signal handling within the MTA in order to reduce the likelihood of a race condition that can lead to heap corruption as described in Michal Zalewski's advisory. The problems discussed in the advisory are not currently known to be exploitable but we recommend upgrading to 8.11.4 in case a method is found to exploit the signal handling race condition. 8.11.4 also fixes other bugs found since the release of 8.11.3. 8.12.0.Beta10 includes the changes in signal handling from 8.11.4. Moreover, there is a significant change compared to earlier beta versions: by default sendmail is installed as a set-group-id binary; a set-user-id root binary will be only installed if the proper target is selected (see sendmail/SECURITY). Beta10 fixes also a few bugs, especially possible core dumps during queue runs and in a milter application (using smfi_chgheader), possible rejection of messages due to an uninitialized variable, and omitting queue runs if queue groups are used and the total number of queue runners is restricted to less than the sum of the individual queue runners. Also from bugtraq: From: [EMAIL PROTECTED] (Michal Zalewski) Subject: Unsafe Signal Handling in Sendmail RAZOR advisory: Unsafe Signal Handling in Sendmail Issue Date: May 28, 2001 Contact: Michal Zalewski [EMAIL PROTECTED] Topic: Sendmail signal handlers used for dealing with specific signals are vulnerable to numerous race conditions. Affected Systems: Any systems running sendmail (tested on sendmail 8.11.0, 8.12.0-Beta5) Details: Sendmail signal handlers used for dealing with specific signals (SIGINT, SIGTERM, etc) are vulnerable to numerous race conditions, including handler re-entry, interrupting non-reentrant libc functions and entering them again from the handler (see References for more details on this family of vulnerabilities). This set of vulnerabilities exist because of unsafe library function calls from signal handlers (malloc, free, syslog, operations on global buffers, etc). ... References: For more information on signal delivery race conditions, please refer to RAZOR whitepaper at: http://razor.bindview.com/publish/papers/signals.txt Anyone want to takes bets on whether qmail has unsafe signal handlers? -Dave
Re: mail queue getting bigger
Cary [EMAIL PROTECTED] wrote:
However, when I try to check the mail that was sent, it has not been
delivered. I use bin/qmail-qstat to look a the queue, and it is growing
bigger and bigger:
---results of bin/qmail-qstat---
messages in queue: 138
messages in queue but not yet preprocessed: 138
---
qmail-send isn't running.
root4755 0.0 1.6 892 520 ?? I12:25PM 0:00.13 \
/usr/local/bin/tcpserver -v -p -x /etc/tcp.smtp.cdb -c cat /var/qmail
You have a typo in your qmail-smtpd/run file. I suspect you used
single quotes (') where you should have used back quotes (`).
I would have expected qmail-inject to deliver the message as soon as
possible.
qmail-inject queues messages, it doesn't deliver them.
me: My name is localhost.
The host name is localhost?
rcpthosts:
You don't want to accept mail via SMTP?
concurencyincomming: I have no idea what this file does.
concurrencyimcoming is misspelled.
-Dave
Re: Please tele me every sub-directory meaning in /var/qmail/queue/ .
george [EMAIL PROTECTED] wrote: It have some sub-directory in /ar/qmail/queue directory .But I don't know every directory content and meaning . Anyone can tele me? See: http://www.lifewithqmail.org/lwq.html#file-structure -Dave
Re: Forwarding some mail recipients to other machine.
[EMAIL PROTECTED] wrote: How about if I have 500 local mailbox ? Do I need to create .qmail-domain-users file for each one of them ? And route the rest to other machine . Any better solution and how ? The qmail-users mechanism. See: http://www.lifewithqmail.org/lwq.html#qmail-users -Dave
Re: OT? Please help me help someone else...
[EMAIL PROTECTED] wrote: In a weak moment I promised a charity that I would look into how difficult it would be for them to have their own web based email system. I guess this shouldn't be too hard but as I'm not at all technical I'm hoping you people can help me tell them what they need in terms of software. It may not be too hard, but it won't be easy. Or quick. Or maintenance free. There's no such thing as a free web-based e-mail system. There's going to be a substantial investment of time, money, or both--even if free software is used exclusively. And we haven't even considered h/w costs. 4) Cheap! I told them that it could most likely be done entirely with open source software. Cheap is relative. A turnkey commercial implementation of such a system might cost hundreds of thousands of dollars. A cheap homebrewed version might only cost tens of thousands. Would qmail be a good base for this system? Sure. Which front end do you suggest? I haven't evaluated them, and I don't even know which would meet your needs. -Dave
Re: Return receipts on an SMTP relay machine...
[EMAIL PROTECTED] wrote: After a mail had been relayed to the internet, sendmail sent a receipt back to the sender. I can't get qmail to do that. Hmm. So Sendmail on your relay sent a message to the sender of each message it relayed informing them of the fact that it'd relayed the message? And you found this desirable? What if every relay on the net starting doing that? You'd often get 4-5 relay notifications for each message you send. What's the point? I have read qreceipt's man page, but that only seems to apply to users on the local machine. This machine only has root and a couple of daemon users. Yes, qreceipt allows users to confirm final delivery to senders who request confirmation. That's much more reasonable than what you're asking for. I realize that I have to patch qreceipt to recognize Outlooks SMTP tag for receipts, but how do I do that? If you really want to do that, I think you'll have to hack qmail-scanner[1] or implement a custom filter[2]. -Dave Footnotes: [1] http://qmail-scanner.sourceforge.net/ [2] http://www.faqts.com/knowledge_base/view.phtml/aid/2142/fid/206
RE: SMTP doesn't respond
Mark Douglas [EMAIL PROTECTED] wrote: QMAILDUID=`/usr/xpg4/bin/id -u qmaild` NOFILESGID=`/usr/xpg4/bin/id -g qmaild` You're using Solaris? -Dave
Re: Vpopmail+qmail pop3 has lost it's mind!
Henning Brauer [EMAIL PROTECTED] wrote: You want to sync the clocks... qmail-pop3d won't list messages from the future. Somebody refresh my memory... Why does it care? -Dave
Re: Domain aliases
Ahmad Ridha [EMAIL PROTECTED] wrote: Petter Sundl=F6f writes: So, mailing to [EMAIL PROTECTED] should be the same as [EMAIL PROTECTED] The same goes for petter.sundlof -- an alias on findus.dhs.org; [EMAIL PROTECTED] should be the same as= [EMAIL PROTECTED] I want it to be global, that it apply for all users.=20 Just put useless.dhs.org and findus.dhs.org in /var/qmail/control/loca= ls.=20 And rcpthosts. -Dave
Re: problem with local mailboxes
Kelly Shutt [EMAIL PROTECTED] wrote: for those of you that were asking, i'm running slackware 7.1 and i've installed qmail according to the life with qmail document... minus the init.d config files, I don't use init.d, I just added /usr/local/sbin/qmail start to my rc.local file. I used the IDS file to add users and such, OK so far... and for my rc file I used the included file binm1, I think this may be where my problem is, Yep. I'm not sure which rc file applies to my machine, since i'm not sure what the default mail delivery is for sendmail in slack, but with this one qmail appears to be functioning properly except for not finding the mailboxes. You could look at the sendmail.cf that comes with Slackware to see what local delivery agent it's using. Or you could just use procmail (/var/qmail/boot/proc). As I have said, qmail was configured exactly like the life with qmail document. I don't think exactly means what you think it means. -Dave
Re: TCPSERVER status 256
Nathaniel L. Keeling III [EMAIL PROTECTED] wrote: How can I verify if this is a bare line problem or not? Use recordio to record the complete SMTP dialogue. See the faq. My rc file contains 'qmail-start '|dot-forward .forward ./Maildir/' and nothing is showing up in the qmail-send log file. That's not nothing to do with your SMTP problems. If you're not running qmail using svscan, a la Life with qmail, you probably should splogger qmail to the end of your qmail-start command. -Dave
Re: limiting databytes per user
Charles Cazabon [EMAIL PROTECTED] wrote: If you want to change DATABYTES on a per-user basis using tcpserver's tcprules files, you're going to have to be able to map user IDs to IP addresses. There's no way around that. tcprules supports matching hostnames as well as IP addresses. -Dave
