I am developing a giant ROBOT with fiber connections to seek out and
DESTROY all
HAXORS that are bad. BEWARE it has Claws!
On 9/25/2014 7:00 PM, Eric Shubert wrote:
On 09/25/2014 04:02 PM, SYS wrote:
Read more here :
https://access.redhat.com/articles/1200223
Dave M
Unless Mrblue is on a road trip somewhere accessing his mail... Then yes.
I would do a nslookup 72.189.129.134 and see who it belongs to.
mainly what country it is in.
On 8/26/2014 1:51 PM, Jim Shupert wrote:
Dan,
Thank you for the lesson on mail headers.
I very much need to know more about
Did you a solid...
Looks like hes in florida and its a Time warner cable ip
Results from DNSstuff.com
Origin AS Data RIR Data
*No Data Found!*
*Reverse* 72-189-129-134.res.bhn.net.
*Reverse-verified* No
*Country Code* US
*Country* United States
*Region*
If you are just wanting to drop that block from sending mail
three ways
#1 Firewall Iptables
#2 Spamdyke blacklist_ip
#3 Tcp rules
On 8/4/2014 1:41 AM, Linux wrote:
Hi,
Please guide, How to block range of IP's for incoming mail?
IP: 209.85.xxx.xxx
Thanks,
Ravi
--
Yep,
that was it.. working now..
I just have to watch and be sure no one gets duplicate messages because
I remember when I disabled was for duplicate messages
going to some inboxes
thanks
dave
On 6/20/2014 2:24 PM, Eric Shubert wrote:
On 06/20/2014 12:16 PM, David Milholen wrote:
Hi All
I took a look in my change logs to see what changes I made and why.
I have seen both of these cases more of the first mentioned than the
second.
I will monitor to see if any of these surface again.
The first is an easy fix but not so much of the second.
thanks
dave
On 6/21/2014 4:19 PM, Eric
Hi All,
It seems I have disabled my SA at the tcp level.
SA seems to be in tacked and running but nothing is being sent to it.
I have got some spam that is really irritating that with spamdyke and
all its
glory cannot stop it.
I have had SA disabled for a very long time but these new emails
I was speaking about the client not the server :)
On 9/15/2013 11:02 PM, ChandranManikandan wrote:
Hi Dave,
I have run only clamav in our server as well iptables and i have
allowed 143 and 993 ports.
On Mon, Sep 16, 2013 at 11:10 AM, David Milholen dmilho...@wletc.com
mailto:dmilho
smtp.panasiagroup.net
This host looks ok to me from what I can check.
--
David Milholen
Project Engineer
P:501-318-1300
On 1/14/2013 11:45 PM, Tony White wrote:
You might try putting the From: address into the spamdyke senders
blacklist.
/opt/spamdyke/etc/blacklist_senders
best wishes
Tony White
On 15/01/2013 16:33, PakOgah wrote:
On 01/15/13 11:22, David Milholen wrote:
Hello all,
Been a long time
On 1/15/2013 10:42 AM, Eric Shubert wrote:
On 01/14/2013 09:22 PM, David Milholen wrote:
Hello all,
Been a long time since I ve been here to ask a question.
I am getting spam from localhost but its not my localhost..
How do I block this using spamdyke?
SMTP LOG
@400050f4d8b10021a73c
to stop localhost with out breaking something..
thanks
Dave
--
David Milholen
Project Engineer
P:501-318-1300
are picked up on the fly, so there's nothing
to restart. Just be sure the directory exists, and has appropriate
permissions.
# ls -ld /var/log/spamdyke
drwxr-xr-x 2 vpopmail vchkpw 4096 Jul 25 12:24 /var/log/spamdyke
--
David Milholen
Project Engineer
P:501-318-1300
Just got my new server up running with atmailopen and it looks good.
Just trying to figure out why it is taking gmail and yahoo a while to
send a message to the server. I have checked all of the obvious down
to the last spf record.
Dave
--
David Milholen
Project Engineer
P:501-318-1300
will do the traditional SW raid.
On 5/16/2012 12:02 AM, Eric Shubert wrote:
FWIW, stay away from raid-5 if at all possible. Raid-1 is best,
raid-10 ok.
--
David Milholen
Project Engineer
P:501-318-1300
impact indeed. A 1TB drive typically resyncs in 6 hours or
so though (iirc), so it's tolerable so long as the re-sync is done
during off hours (presuming there are off hours).
--
David Milholen
Project Engineer
P:501-318-1300
will allow you to specify
the drive configuration. This is where you would defined the raid
partitions and arrays.
--
David Milholen
Project Engineer
P:501-318-1300
I am looking to spice up the webmail on our internal qmail box.
What is every one using for their qmail-toaster box and which is easier
to install?
Thanks
Dave
--
David Milholen
Project Engineer
P:501-318-1300
I am trying to do a yum update on a new install of QMT-ISO5-1.2 that I
got from Jakes site.
Only thing is when I do. The server will not boot the new kernel .
It boots into Grub and a prompt and thats it.
The server is running Hardware Raid.
Any ideas ?
Thanks
Dave
--
David Milholen
Project
that Mail Queue list? I'm thinking
it should be in the stock QMT.
--
David Milholen
Project Engineer
P:501-318-1300
Ok,
I just read that post.. I kinda thought so.
I will start doing trial runs with Q-control.
I thought i had to purchase q-control to use the full version?
Dave
On 5/8/2012 9:54 AM, Eric Shubert wrote:
On 05/08/2012 05:32 AM, David Milholen wrote:
Hello all,
I have recently installed a new
end of
script headers: toaster.vqadmin, referer:
http://mx2.wletc.com/mail/vqadmin/toaster.vqadmin
What did I break to cause vqadmin to die. Is there another domain
manager out there?
thanks
Dave
--
David Milholen
Project Engineer
P:501-318-1300
over I
will do the restore again.
Thanks
Dave
--
David Milholen
Project Engineer
P:501-318-1300
) be removed.
That's all I have on this at the moment. Any thoughts?
shubes ducks
--
David Milholen
Project Engineer
P:501-318-1300
the qmailtoaster-plus
package first, then use qtp-newmodel to build and install the
packages. It's pretty simple that way.
--
David Milholen
Project Engineer
P:501-318-1300
customers do not have a clue on how
spam happens or occurs so it is left to us to deal with and educate the
clueless.
--
David Milholen
Project Engineer
P:501-318-1300
a long day :)
Thanks
Dave
--
David Milholen
Project Engineer
P:501-318-1300
, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
--
David Milholen
Project Engineer
P:501-318-1300
To All,
what is everyone using for queue management?
I recently had a multiple attack of compromised and just spam fill
my queue up and I needed to delete them.
I used qmHandle but I was very clunky with the syntax.
thanks
--
David Milholen
Hi all,
Is there a way to report how much mail is sent by each account?
thanks
--
David Milholen
Project Engineer
P:501-318-1300
="">
Have at it. I've added a link to this page under the
Configuration- Security section. It's a start (albeit not much
of one).
--
David Milholen
Project Engineer
P:501-318-1300
--
David Milholen
Project Engineer
P:501-318-1300
a variety of addresses.
fail2ban will do essentially this automatically and for whatever
addresses attacks may come from. fail2ban is much better solution
imo.
--
David Milholen
Project Engineer
P:501-318-1300
Looks like qm cannot find a file its looking for.IE 10585809
--Dave
--
David Milholen
Project Engineer
P:501-318-1300
Hi all,
I get these in my qmail send logs
How do I fix these
2010-12-15 21:23:15.166466500 warning: unable to stat
mess/8/10585942
There are about 20 of them.
--thanks
Dave
--
David Milholen
Project Engineer
Sweet,
that will be my Christmas and birthday present rolled in one :)
Videos + ISO = Happiness
--Dave
On 12/11/2010 6:28 PM, Jake Vickers wrote:
On 12/04/2010 10:02 PM, David Milholen wrote:
Will we ever see a new release
wrote:
Hi
David,
I do not think it is not very expensive to buy Jakes
CentOS5 32 or 64 bit isos. $20USD if I remember.
Best thing I ever did for myself.
On 05/12/2010 2:02 PM, David Milholen wrote
Will we ever see a new release in centos 5.x just like the original
iso that has cent4.x on it?
Also, latest release of QMT :)
Be a nice package under the tree :) wink
--Dave
--
David Milholen
Project Engineer
P:501-318-1300
though, take a look at the
"Delivered To:"
header. This is the address that badmailfrom will filter.
Is that perhaps the problem you're having?
-
?
If so how did you come to that conclusion and what would the
remedy be?
On 29/11/2010 12:17 PM, David Milholen wrote:
If you want you could drop the
host(95.45.226.126) in Tcp.rules.
I would:)
I did a Dns
.
Thanks.
On 19/11/2010 12:26 PM, Eric Shubert wrote:
You can easily disable greylisting and
still get a large benefit from the rest of spamdyke's filters.
--
David Milholen
Project Engineer
ation (yet), but respectable growth.
--
David Milholen
Project Engineer
P:501-318-1300
to be a lot of folks wanting to ditch Exchange. The
FOSS community will do well to providing a strong alternative in
that area.
--
David Milholen
Project Engineer
P:501-318-1300
on the streams for
anti-piracy.
--Dave
On 10/31/2010 9:41 AM, Eric Shubert wrote:
Sounds
good to me. I think you're lucky to have an attacker who's
persistent and will help you to test things out. ;)
--
David Milholen
and see what happens. I am redirecting him straight
to the test machine which imitates my production machine.
--Dave
On 10/28/2010 6:49 PM, Eric Shubert wrote:
On
10/28/2010 04:02 PM, David Milholen wrote:
Hi everyone,
I had an interesting day
onnections and there were about 50
from one place in Bulgaria. The only way to drop that way to add a
drop rule into the gateway.
What is everyone using to stop this kind of force attack on the pop
side?
--Dave
--
David Milholen
Project Engineer
P:501-318-1300
higher if you have spamassassin on with no spamdyke.
--
David Milholen
Project Engineer
P:501-318-1300
is becoming to loaded.
I love the qmail plugin I got for cacti and with Thold in place all
is well.
--Dave
--
David Milholen
Project Engineer
P:501-318-1300
--
David Milholen
Project Engineer
P:501-318-1300
On 10/5/2010 10:11 AM, Eric Shubert wrote:
Eric Shubert wrote:
Mike Tirpak wrote:
I'm doing to fresh install of centos 5.5 and qmailtoaster. Followed
the wiki page up to installing perl dependencies. Installed
qmailtoaster-plus with no problems, but I can't run
qtp-dependencies command.
On 10/2/2010 1:24 PM, Eric Shubert wrote:
Tonix (Antonio Nati) wrote:
Il 01/10/2010 21:04, Eric Shubert ha scritto:
Tonix (Antonio Nati) wrote:
There are too many sides to examine.
I have a pretty clear picture of what I have in mind. Perhaps I
haven't communicated it well, or am not
On 10/3/2010 12:51 PM, Natalio Gatti wrote:
Just to expand a bit on my situation.
Further investigation showed that the compromised account
belonging to a host on our network with a public IP was
compromised with a trojan on the machine. This trojan I suppose
was running a
On 9/27/2010 1:23 AM, Jake Vickers wrote:
On 09/26/2010 08:09 PM, David Milholen wrote:
On 9/22/2010 5:47 PM, Jake Vickers wrote:
On 09/22/2010 06:31 PM, David Milholen wrote:
Ok, So why will qcontrol only show one domain or is this version
the teaser?
It only shows the latest domain
On 9/22/2010 5:47 PM, Jake Vickers wrote:
On 09/22/2010 06:31 PM, David Milholen wrote:
Ok, So why will qcontrol only show one domain or is this version the
teaser?
It only shows the latest domain entry.
--Dave
QControlPE (Personal Edition, the free one) only allows you to
administer
On 9/22/2010 11:05 AM, Eric Shubert wrote:
David Milholen wrote:
I am trying to get a single server up and running using cent5.5 and
the latest QMT packages.
I followed eveything to a T using the Wiki and Docs.
I have the server up and all seems ok except when I migrate from my
older
On 8/17/2010 10:31 AM, David Milholen wrote:
On 08/16/2010 08:57 AM, Jake Vickers wrote:
On 08/16/2010 09:45 AM, David Milholen wrote:
On 08/15/2010 10:38 AM, Jake Vickers wrote
On 08/16/2010 08:57 AM, Jake Vickers wrote:
On 08/16/2010 09:45 AM, David Milholen wrote:
On 08/15/2010 10:38 AM, Jake Vickers wrote:
On
08/15/2010 12:10 AM, David Milholen wrote:
On 8/14/2010 10:56 PM, Jake Vickers
wrote:
On 08/14/2010 11:42 PM, David
On 08/15/2010 10:38 AM, Jake Vickers wrote:
On
08/15/2010 12:10 AM, David Milholen wrote:
On 8/14/2010 10:56 PM, Jake Vickers wrote:
On 08/14/2010 11:42 PM, David Milholen
wrote:
I dont like answering my self but just
wanted to post an update on this.
I
I dont like answering my self but just wanted to post an update on this.
I retried the backup/restore and all seemed to be restored perfectly
this time.
Accept vqadmin is broke when viewing domains. It will only see one which
is the most recent one
I submitted.
The other domains have been
On 8/14/2010 10:56 PM, Jake Vickers wrote:
On 08/14/2010 11:42 PM, David Milholen wrote:
I dont like answering my self but just wanted to post an update on
this.
I retried the backup/restore and all seemed to be restored perfectly
this time.
Accept vqadmin is broke when viewing domains
On 08/11/2010 02:53 PM, David Milholen wrote:
Ok,
I am trying to migrate from an older dying machine to a newer machine
till I can get the old one repaired and updated.
Here is what I am having trouble with..
The qtp-restore which is V2.11 is having issues copying all of the
accounts
On 08/12/2010 10:16 AM, Eric Shubert wrote:
David
Milholen wrote:
On 08/11/2010 02:53 PM, David Milholen wrote:
Ok,
I am trying to migrate from an older dying machine to a newer machine
till I can get the old one repaired and updated.
Here is what I am having
is beefy-er also.
I am having trouble understanding why the backup is broken?
I cant seem to pin it down to HHD or just some script issue.
Any help would be great..
--Thanks
-Dave
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
things I
have done to close down open DNS, but I am sure there is something I am
missing to possibly tighten it up some more.
--Thanks
--Dave
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
=dnsbl.njabl.org
#dns-blacklist-entry=bl.spamcop.net
#dns-blacklist-entry=dnsbl.kempt.net
#dns-blacklist-entry=dnsbl.sorbs.net
Any better ideas on cleaning this up would be great:)
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
I don't know what you mean by your first sentence. What does
Authentication have to do with RBLs, and why do you feel stuck using
them?
Personally, I use only zen.spamhaus.org and bl.spamcop.net. Have you
searched your logs to see if the others are effective? Eg:
# qmlog -lc
Hi All,
I am sure some have seen this before in their smtp logs.
@40004c54490126e69094 CHKUSER relaying rcpt: from
keithra...@gmail.com:: remote *User:unknown:63.147.8.197* rcpt
zara-har...@hotmail.com : client allowed to relay
@40004c54490126ec513c spamdyke[1982]: ALLOWED from:
down 'no auth'.
I do not allow open relay from anyone outside of the subnets I list on
the server. Only allow for those on listed subnets.
What is the best way to lock this down?
--Thanks
Dave
On 7/31/2010 9:17 PM, Eric Shubert wrote:
Jake Vickers wrote:
On 07/31/2010 01:35 PM, David
Shubert wrote:
Jake Vickers wrote:
On 07/31/2010 01:35 PM, David Milholen wrote:
Hi All,
I am sure some have seen this before in their smtp logs.
@40004c54490126e69094 CHKUSER relaying rcpt: from
keithra...@gmail.com:: remote *User:unknown:63.147.8.197* rcpt
zara-har...@hotmail.com
Ok I have drawn a blank on how to do this.
My catchall account is getting filled up daily with mail that has no
valid recipient for it.
I do not want to just delete all using qmailadmin.
Is there a way to tell chkuser or spamdyke to just drop this mail?
--Thanks
--
David Milholen
Project
On 07/21/2010 09:29 AM, Tonix (Antonio Nati) wrote:
David Milholen ha scritto:
Ok I have drawn a blank on how to do this.
My catchall account is getting filled up daily with mail that has no
valid recipient for it.
I do not want to just delete all using qmailadmin.
Is there a way
On 07/21/2010 10:47 AM, Jake Vickers wrote:
On 07/21/2010 11:32 AM, David Milholen wrote:
On 07/21/2010 09:29 AM, Tonix (Antonio Nati) wrote:
David Milholen ha scritto:
Ok I have drawn a blank on how to do this.
My catchall account is getting filled up
[15651]: TIMEOUT from:
oqocegogel1...@satlynx.net to: 44b2a950.4000...@wletc.com origin_ip:
217.159.121.90 origin_rdns: host-217-159-121-90.satlynx.net auth:
(unknown) reason: TIMEOUT
Thanks,
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
notes on what I have done with the lists help to
make this a very streamline server.
I wish we had a wiki that would have all the tweaks on security in one
place and another for performance.
My notes are divided this way.
--Thanks
--Dave
On 7/10/2010 7:33 PM, Eric Shubert wrote:
David
On 7/11/2010 10:41 AM, Jake Vickers wrote:
On 07/10/2010 07:44 PM, David Milholen wrote:
Hi All,
Jake this may be your territory but anyways I am wanting to add a
small virtual drive for doing my clam scans.
Not sure where I should begin.
Thanks
I actually had done a video
On 7/12/2010 8:51 PM, Eric Shubert wrote:
David Milholen wrote:
Eric,
I did exactly what you said and I do remember this type of setup
doing work with the cacti project..
Been a while since I have had to pay attention to Hardware like
drives and memory.
I can definitely see a difference
On 7/12/2010 8:28 PM, Eric Shubert wrote:
If all of your submissions come from authenticated connections (which
they should), you can blacklist your own domain. I know this sounds
counter-intuitive, but since all of your domains authenticate, the
only rejections will be those who claim to
Hi All,
Jake this may be your territory but anyways I am wanting to add a
small virtual drive for doing my clam scans.
Not sure where I should begin.
Thanks
---Dave
-
Qmailtoaster is sponsored by Vickers
taking notes so if I have to build out again I will not have
to rely on my brain LOL
--Dave
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
well.
I am all ears to any suggestions on help for a fix.
If I can just get a good backup I can blow the old one away and
replace the drives.
--Thanks
Dave
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
On 6/22/2010 5:10 PM, Eric Shubert wrote:
David Milholen wrote:
When I run qtp-backup I do not get an email saying its completed and
I also do not see the postmaster account and some of the other
accounts on any of my domains.
When a restore is complete the domains argue about not having
On 6/17/2010 8:48 PM, Scott Hughes wrote:
On 6/17/10 3:31 PM, Jake Vickers wrote:
The QTP website is at least partially back online. More to follow as
I get some time.
Jake,
Thanks for taking the time to get that site back up. Call me a geek,
but I enjoy going over the QMT website(s)
updates.
I have 4 blow away servers to test these caveats on before I mess with
the production machine again.
Thanks
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
On 6/4/2010 5:12 PM, Eric Shubert wrote:
David Milholen wrote:
I am having a little trouble with the backup script not backing up
all the accounts in one of my oldest domains.
One of the accounts is the postmaster account. So when I do a
restore I have to manually copy the account over
On 05/27/2010 01:16 PM, Eric Shubert wrote:
David
Milholen wrote:
Hey All,
I was trying to do a qtp-restore on a nice new machine with centos 5.4
and the latest toaster packages from a centos 4.8.
Everything went well except when I tried to login as the postmaster for
one my
Hey All,
I was trying to do a qtp-restore on a nice new machine with centos 5.4
and the latest toaster packages from a centos 4.8.
Everything went well except when I tried to login as the postmaster for
one my domains using qmailadmin this is what I got.
file permission error
.
Thanks
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
Steve Huff wrote:
On May 17, 2010, at 4:51 PM, David Milholen wrote:
I know there something a while back on email for blackberrys and othe pda type phones.
I am not seeing any current smtp connections from some phones using verizon,
The sender is getting a 5.7.1 error message
Eric Shubert wrote:
David
Milholen wrote:
I was reading about the possibly of using a
ram drive to do all of the scanning for clam and spamAssassin.
How much trouble is it to do this and does this present any known
issues.
I also think Jake has a video tut on this but have
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
Jake,
Thanks for the update. Ill just wait a bit till things calm down.
I still have my patients .
--Dave
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
did
wrong when I did the cert.
--dave
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
I am seeing some of this also..
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
Hello All,
Just polling anyone to see if they may have an old script they are
using or just laying around that I can get to provide a report for
showing only over-quota accounts or accounts that are 90%.
--Dave
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
Hello All,
I am querying the list to help me find my security hole in my server.
This is after I had placed this ip in the spamdyke blacklist_ip file
I even added the email addy to the blacklist_senders list
Maybe I was impatient and the system was playing catchup.
Let me also add I do not allow
Eric Shubert wrote:
David
Milholen wrote:
Hello All,
I am querying the list to help me find my security hole in my server.
This is after I had placed this ip in the spamdyke blacklist_ip file
I even added the email addy to the blacklist_senders list
Maybe I
Eric Shubert wrote:
David
Milholen wrote:
Hello All,
I am querying the list to help me find my security hole in my server.
This is after I had placed this ip in the spamdyke blacklist_ip file
I even added the email addy to the blacklist_senders list
Maybe I
Eric Shubert wrote:
David
Milholen wrote:
Eric Shubert wrote:
David Milholen wrote:
Hello All,
I am querying the list to help me find my security hole in my server.
This is after I had placed this ip in the spamdyke blacklist_ip file
Allowed: 5886
Denied : 28924
Sum: 34810
% Spam : 83.09%
Path to this script: /usr/share/qmt/Spamdyke-Stats-Report.pl
--
David Milholen
Project Engineer
501-318-1300
Wireless Etc
Eric Shubert wrote:
David
Milholen wrote:
I know that I am a little late in posting
this because its been around for a bit.
I just wanted to show off how well spamdyke is working for us.
This report contains statistical information about messages that were
rejected
1 - 100 of 189 matches
Mail list logo