Eric Shubert wrote:
On a general note, I believe several people here have implemented f2b on
QMT. You should find discussions and perhaps some other configurations
in the list archives. It'd be nice if people would share their
configurations here (even if they've done so before).
A while
Diana Calder wrote:
I have an odd problem with one user account. When trying to login to
Squirrelmail, the login will hang for several seconds then result in:
ERROR: Connection dropped by IMAP server.
[ ... snip ... ]
A possible symptom or secondary issue is that the problem account is
If memory serves correctly, MTAs like qmail do not read the 'To' and 'Cc'
headers at all. The 'To' and 'Cc' fields are written by the MUA (i.e. the
email client) and constitute part of the message text delivered to the
server by the DATA command. The server doesn't look inside that text at
all.
Dan McAllister wrote:
Ok, I know STOCK QMT comes with mlm -- but I also recall others talking
about other list management tools for QMT
I have a client that wants to use a mail list (tens of thousands of
entries, he says -- I've warned him of the blacklist risk!)
What are our other
Dan McAllister wrote:
On a separate note, one of my older QMT systems has suddenly stopped
being able to send mail to *me.com* (Apple)... the error says its a TLS
failure.
TLS connect failed: error:100AE081:elliptic curve
routines:EC_GROUP_new_by_curve_name:unknown groupZConnected
On Jul 12, 2014, at 12:52 PM, Eric Shubert e...@shubes.net wrote:
On 07/11/2014 11:18 AM, Angus McIntyre wrote:
Attempts to send messages to a user at 'me.com' (whose mail exchanger is
at Apple's 'icloud.com') have been failing consistently with the error:
TLS connect failed: error:14077410
Attempts to send messages to a user at 'me.com' (whose mail exchanger is
at Apple's 'icloud.com') have been failing consistently with the error:
TLS connect failed: error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure; connected to 17.158.8.113.
Does anyone
Eric Shubert wrote:
P.S. Anyone else using DSPAM?
I set up DSPAM and have it running, but I haven't had much luck with it.
I have a vague memory of seeing someone claim that you could train DSPAM
using only 'spam' samples (no 'ham'), so I fed it my entire spam archive
for the month, with only a
. That might explain why
DSPAM struggled more when I tried to train it.
Angus
Cheers,
Sebastian
On 11.07.2014, at 20:15, Angus McIntyre an...@pobox.com wrote:
Eric Shubert wrote:
P.S. Anyone else using DSPAM?
I set up DSPAM and have it running, but I haven't had much luck with it.
I have
Eric Broch wrote:
On 5/29/2014 2:59 PM, Eric Shubert wrote:
On 05/29/2014 12:01 PM, Edwin Casimero wrote:
What my users demand is a company wide address book.
Have you implemented this on QMT?
If so, would you care to explain how you did it?
And, calendering.
Sounds like what you need is
Eric Shubert wrote:
I'm not necessarily against providing horde .qt. packages, but someone
else will need to step up to help make that happen. Note, it's possible
that I'll change my tune once I become more familiar with it. ;)
Horde has the reputation of being horrifying to install and
On May 28, 2014, at 3:17 AM, Erik Wramner erik.wram...@codemint.com wrote:
Personally I would prefer to stick with Apache or (ideally) to make the
package work with both depending on which one is available. Nginx is great,
but most shops I work with use Apache and know it well. It works and
Tonix - Antonio Nati wrote:
About deleting all email for not existing users, I consider it a bad
service to customers, as they have legitimate raports with business
partners, and if someone writes to the wrong address it is correct and
ethical to report them back that address is wrong, so
Dan McAllister wrote:
I'm very much not a fan of re-assigning well-known-ports to other
locations (like FTP or SSH).
Most of us admins have static IPs where we work, if not where we live.
If you try to SSH into any of my servers (other than just 1 that is not
especially public), you'll be
If you haven't implemented fail2ban on your qmail toasters, think seriously
about doing so.
There are at least two botnet-based password-guessing campaigns currently
ongoing. One is trying SMTP authentication against role accounts (e.g.
'admin@', 'info@') at known domains. It was this one that
Eric Broch wrote:
I've installed f2b on my home and a clients email server. One problem
that manifested itself was the inability to use FTP, from anywhere
outside my network firewall. Before turning on f2b and the QTP firewall
script (firewall.sh) those 'outside' could access my ftp site.
Eric Shubert wrote:
You probably should also change the listen_port so you're not using
standard ports at all. Same rationale as not using ssh on port 22. I
generally don't believe in security by obscurity, but at least it keeps
the script kiddies at bay.
Sadly, not for long. I get periodic
What's the current thinking on qmail-dk?
I've been debugging a case where some emails that I was expecting didn't
arrive, and I eventually traced it to:
@4000533200332362fb9c qmail-smtpd: qq hard reject (qmail-dk: Cannot
sign message due to invalid message syntax. (#5.3.0)):
On Mar 20, 2014, at 6:34 PM, Eric Broch ebr...@whitehorsetc.com wrote:
Your welcome. Since November, I've created a much easier automated install
here. Be sure to look at the Readme file. And, as always, check the script.
Hmm. That seems to be an FTP link. I tried logging on as 'guest', but
On Nov 18, 2013, at 10:32 AM, Eric Broch ebr...@whitehorsetc.com wrote:
I've been working on getting DSPAM deployed and have implemented it on my own
(CentOS 5) email server with great results.
Eric, many belated thanks for this detailed write-up.
Using this, plus the John M. Simpson page
On Feb 22, 2014, at 12:18 PM, Eric Shubert e...@shubes.net wrote:
It's not a terrible idea though. I wonder if fail2ban could be configured to
count DENIED_RDNS messages for each IP address, and if there were more than a
certain number of failed attempts in a given time period, then block
cj yother wrote:
Is anyone else experiencing a rise in attempted account access over the
past 24 hours?
Over the past week or so, I've seen very large numbers of
password-guessing attempts: other hosts trying to authenticate against
SMTP. They seem to try 'admin@', 'info@', 'support@',
Dan McAllister wrote:
Angus -- would you mind sharing with the group how you implemented the
fail2ban on your system. It should probably go into the WIKI (if its not
already there -- too lazy to check just now).
I added a write-up of the things that have worked for me at:
Dave M wrote:
I installed long time ago from this guide
and tweeked it for my needs.
http://wiki.qmailtoaster.com/index.php/Fail2Ban
sigh
I should have searched, instead of eye-balling the contents list (and
somehow missing that the guide was already there).
I'll back out my changes and
On Feb 20, 2014, at 11:27 AM, cj yother c...@yother.com wrote:
I see you all are experiencing basically what I am. I have Fail2Ban
installed with e mail notifications and that's what brought it to my
attention. I usually see 3 or 4 attempts a day and over the past few days
it's been 30
On Jan 18, 2014, at 11:08 AM, Eric Shubert e...@shubes.net wrote:
The latest clamav (0.98.1, released this past Tuesday) is available for QMT.
It can be upgraded via traditional methods (qtp-newmodel) ...
As always, please post here if you have any problem with it. I've installed
it on a
System Admin wrote:
Hi Angus,
Care to share
I banned a bunch of Chinese class C's
I think these were the networks I ended up banning because they had so
many grinders running on them. Not all are Chinese: the 195.x are Czech,
the 62.x are Polish, and the 193.x are in Latvia, so consider
Eric Shubert wrote:
I honestly don't understand fail2ban in any detail. I wonder though, if
perhaps it's set up such that if someone's authentication fails, then it
changes iptables such that nobody can attempt to authenticate any more
(like blocking port 587 for any address). That'd be
Tim Whitaker wrote:
Are you running Spamdyke?
No I don't believe so, but I can look into installing it.
Spamdyke is definitely worth having. It will reject a large amount of spam
at the earliest possible point, through things like graylisting and rDNS
checks. This means that the spam doesn't
Tony White wrote:
I only recently opened up a Yahoo email account for testing.
It seems that email came from there! Can anyone suggest
how it got to you folks?
Yahoo! accounts have been generating a lot of this kind of spam lately.
Yahoo! have claimed to have fixed the exploit that allows
Eric Shubert wrote:
I'd very much like to see a throttle put on qmail-remote which would
allow a per-user interval to be specified. When abuse occurs, the send
queue would grow noticably, which could easily be monitored.
Can you run Spamassassin on outgoing mails? If a user account suddenly
Michael Maness wrote:
My qmail toaster has been installed and running for 6+ years and now gmail
and ATT have blacklisted my server from sending email to their domains.
They claim blacklisting due to abuse, I've looked at the logs through
ISOQLOG and everything appears to be normal.
You may
Eric Shubert wrote:
Why wouldn't you use the native mail program on an Ipad?
I use a native mail program on any mobile device. (K-9 mail on android)
The Apple Mail client will pull stuff only from your top-level inbox.
I use procmail to sort some kinds of traffic - mailing lists, for example
Cecil Yother, Jr. wrote:
I am seeing a pronounced increase in attacks on one of my servers. Is
anyone else experiencing this too?
If by attacks you mean grinders attempting to guess SMTP usernames and
passwords, yes. Over the last few months, they seem to be getting faster,
and over the last
Eric Broch wrote:
... I'm getting the following error after the fact and don't know
what it means.
/usr/share/toaster/isoqlog/bin/cron.sh: line 20: 12280 Segmentation
fault $ISOQLOG /dev/null 2 /dev/null
I see those occasionally during the course of normal operations.
My guess has been
Mike Tirpak wrote:
On 04/10/2012 14:19, Mike Tirpak wrote:
I upgraded clamav a couple of days ago and everything went fine.
Clamav would catch everything with a virus attached inside a zip
file. Over the past two days, I've gotten two emails that have zip
files with viruses inside them. Is
Eric Shubert wrote:
On 10/01/2012 08:49 AM, Tony White wrote:
Hi all,
Can someone enlighten me please?
I have a client that would like to have their
new email address like this...
fredma...@mydomain.com
Will the ampersand cause any issues please?
Qmail will handle it ok ... You
Eric Broch wrote:
On 8/20/2012 8:40 AM, Christian Ferrati wrote:
There is a way to set qmail-spamassin to automatically move all
incoming Email renamed as ***SPAM*** to a spam folder?
I have the users I consult use the email client--Thunderbird, etc...--to
move all mail marked as spam
The release of the new toaster (thank you, Eric) has made me eager to
upgrade to the latest and greatest.
But ... I have upgraded a couple of packages (ssh, php) past their
expected/approved version for CentOS 5. As a result, when I try to
install, I get:
Missing Dependency: php-common =
Eric Shubert wrote:
Is there some sort of urgency about COS6 that I'm missing? There's
nothing in it that I'm aware of which QMT can leverage in any way. I'm
all ears if someone would care to fill me in.
The interest in CentOS 6 is presumably not that it provides new features
that QMT can
On Feb 24, 2012, at 2:38 PM, Eric Shubert wrote:
I think I understand better now. I think it's in the local delivery part
where the message is passed to mailman that's kicking the error.
Let me double check the spec for that config option, and rebuild the binary.
Then we'll know for sure.
I'm trying to get Mailman working with qmailtoaster on CentOS 5.7, in
order to support some existing mailman groups.
I'm following the instructions given at:
http://wiki.qmailtoaster.com/index.php/Mailman
including downloading the patched version of Mailman from the qtp-CentOS
repository.
Eric Shubert wrote:
On 02/24/2012 07:33 AM, Angus McIntyre wrote:
I'm trying to get Mailman working with qmailtoaster on CentOS 5.7, in
order to support some existing mailman groups.
Good for you, Angus. I hope I'm not the only one using mailman w/ QMT,
but you might be the first to do
Eric Shubert wrote:
I've been wanting for some time now to get a team of people together to
address webmail for QMT. The horde toaster project stalled because of me
(sorry for that).
My recollection of horde is that it's a horror to install and administer,
but I may be behind the times.
Johannes Weberhofer wrote:
I have seen problems like that after replacing the server by a new one:
When I falsely copied over the complete /home/vpopmail and /var/qmail
directories from the old systems, I overwrote the newly compiled binaries
on the target systems...
Am 15.02.12 16:38,
Eric Shubert wrote:
On 02/16/2012 05:28 AM, Angus McIntyre wrote:
It seems to me that these three causes/solutions all belong in the
Troubleshooting section of the wiki. Should I create a wiki login and
add them ...
Please do this yourself if you will Angus. As you're the person who
I have a qmailtoaster install running on a 64-bit CentOS 5.7.
As far as I can tell, almost all of it works correctly - mail is flowing
in and out successfully.
However, when I try to submit a message on port 587, the connection
closes. The log shows:
2012-02-14 22:26:16.919911500 tcpserver: ok
of the reasons qmailtoaster will be distributed in rpm
packages
Regards
On 15 February 2012 05:32, Angus McIntyre an...@pobox.com wrote:
I have a qmailtoaster install running on a 64-bit CentOS 5.7.
As far as I can tell, almost all of it works correctly - mail is flowing
in and out successfully
Délsio Cabá wrote:
Try to upgade gcc and recompite it again
gcc seems to be the latest approved version for CentOS. QMT was built with
that version.
I'm also having trouble with POP. The logs don't show any problems (except
for a 'status 256' response) but no mail is transferred.
When I
that I think I'm almost at the end
of the things-that-can-go-wrong (many of which were the product of my own
boneheadedness), I really appreciate all the hard work you guys put in to
save me from all the things that could go wrong but didn't.
Thanks again,
Angus
Angus McIntyre wrote:
Délsio
Eric Shubert wrote:
... Authenticated users on port 25 bypass
all of spamdyke's filters, so my guess at this point is that one (or
more) of your users' login credentials have been compromised. Have a
look at your smtp log, and see if you can determine which account(s) is
being authenticated
Dan McAllister wrote:
If you want bleeding edge support for packages, you shouldn't be
running CentOS because that runs counter to the very principles of that
Linux Distribution.
So I have discovered.
Yes, the fault is mine because I didn't read the label on the tin that
said Just do it our
I'm trying to build qmailtoaster on a CentOS 5.7 build, and the
vpopmail-toaster build is failing.
The exact command that's breaking it is:
gcc -g -O2 -Wall -o vchkpw vchkpw.o md5.o hmac_md5.o libvpopmail.a
-L/usr/lib64/mysql -lmysqlclient -lz -lm -lcrypt
which throws lots of undefined
I'm trying to build qmailtoaster on a CentOS 6 box, and I've made reasonable
progress so far (I'll post my install notes when done, in the hope that they
may help someone).
However, I've run up against a blocker that I don't know how to solve.
Using the install script, the build of 'vpopmail'
Reading the list archives, it looks as if QMT on CentOS 6 is more or less
at the It won't work but you're welcome to try stage.
Can anyone tell me exactly which parts of QMT are broken? Most of the
messages I've seen suggest that it's primarily down to issues with current
versions of PHP which,
101 - 155 of 155 matches
Mail list logo
