No security issues, just disabling MX check for
recipients affect your relay users.
This MX check IMHO__only__pretend__ to help YOUR
users don't make mistakes in domain part of the email address of the recipient,
when sending OUTSIDE your mailbox.
The real effect is that temporary DNS
Thanks, but I talk about some mechanism that can send a mail with copy to all the dominions and mailboxes.Gracias,, pero yo me refiero a algun mecanismo que pueda enviar un correo con copia a todos los dominios y buzones.
ArielEl día 7/11/06, [EMAIL PROTECTED] [EMAIL PROTECTED] escribió:
List, I
Hi all,
I was wanting to limit the number of concurrent connections from a
particular IP...I ended up searching a lot and came up on the tcpserver
limit patch http://linux.voyager.hr/ucspi-tcp/ I managed to patch it
into toaster presently on my test box. My testing shows that it seems
Great!
I checked tcpblocker that does something similar (
http://www.inter7.com/?page=tcpblocker ) but it involves a cronjob and logs
(and a little change in source code to work with currrent toaster).
The approach of this patch seem really better.
Could you contribute your conf?
Or better
I just came across this neat tip in the clamav faqs:
What does WARNING: DNS record is older than 3 hours mean?
freshclam attempts to detect potential problems with DNS caches and
switches to the old mode if something looks suspicious. If this message
appears seldomly, you can safely
Bill Kwok wrote:
Dear all,
Recently, some of my users, all of them are roaming
users,complaint that they can't send email through our qmail server.
The bounce back message is similar to this:
Subject: RE:
Sent: 11/7/2006 11:44 PM
The following recipient(s) could not be
Bill Kwok wrote:
Dear all,
Recently, some of my users, all of them are roaming users, complaint
that they can't send email through our qmail server. The bounce back
message is similar to this:
Subject: RE:
Sent: 11/7/2006 11:44 PM
The following recipient(s)
FWIW, one of the items on the 'future enhancements' list for qtp-newmodel is
to allow (easy) tailoring of chkuser. Thanks for the tip, Quinn, I think
that'll come in handy!
Quinn Comendant wrote:
Ok, that was easy enough. Actually instead of modifying the sleep length, I
found it more
Quinn Comendant wrote:
Is there an easy way to disable CHKUSER_RCPT_MX or do I need to recompile
chkuser?
It seems this one should be disabled by default. It is pretty annoying to be
sending an email to a couple dozen people and not be able to send because one
domain is wrong -- then
It is not spamcop but, in his
case,list.dsbl.org is the one that needs to be
excluded.
I was asking same thing couple
weeks ago, but no real life solution yet. Lookfor "How to skip RBL check
after successful SMTP AUTH"
Solution is that roaming user
first has to be authenticated via SMTP.
A better and straightforward solution for this kind of stuff is enabling
submission port (http://www.ietf.org/rfc/rfc2476.txt).
That won't let spammers or wrong doers pass, and your relay users won't be
blocked by a RBL anymore.
IMHO this is the simplest and safest way.
It Support @ 011 Computers Inc. wrote:
It is not spamcop but, in his case, list.dsbl.org
http://list.dsbl.org/ is the one that needs to be excluded.
I was asking same thing couple weeks ago, but no real life solution yet.
Look for How to skip RBL check after successful SMTP AUTH
IOW, set up an additional SMTP process which doesn't use RBLs and listens on
whatever port, and have the roaming (or all) users use the whatever port?
Do we have a wiki TNT for that?
David Sánchez Martín wrote:
A better and straightforward solution for this kind of stuff is enabling
submission
Another SMTP listening on submission port is not enough.
It must not accept non authenticated mails (and probably force to be tls),
because a spammer can easily bypass the RBL checks on 25 and send his crap
over the submission port.
Unfortunately AFAIK there's no way with current qmail-smtpd
On this day, 08-November-2006 11:15 PM, Eric Shubes wrote:
IOW, set up an additional SMTP process which doesn't use RBLs and listens on
whatever port, and have the roaming (or all) users use the whatever port?
This is what I am doing currently and the roaming users like it.
P.V.Anthony
P.V.Anthony wrote:
On this day, 08-November-2006 11:15 PM, Eric Shubes wrote:
IOW, set up an additional SMTP process which doesn't use RBLs and
listens on
whatever port, and have the roaming (or all) users use the whatever
port?
This is what I am doing currently and the roaming users like
Jake Vickers wrote:
P.V.Anthony wrote:
On this day, 08-November-2006 11:15 PM, Eric Shubes wrote:
IOW, set up an additional SMTP process which doesn't use RBLs and
listens on
whatever port, and have the roaming (or all) users use the whatever
port?
This is what I am doing currently and
Eric Shubes wrote:
Also, after looking at rfc2476, I see that port 587 (not 'whatever') is the
standard port for submissions.
Thanks for looking that up for us. I'd never thought of RFC2476
+
-
QmailToaster hosted
CanopyAdmin wrote:
Eric Shubes wrote:
Also, after looking at rfc2476, I see that port 587 (not 'whatever')
is the
standard port for submissions.
Thanks for looking that up for us. I'd never thought of RFC2476
+
Thanks to David, he sent the link! ;)
--
-Eric 'shubes'
Not at all, but you must know that with the qmail-smtpd distributed with
the toaster is not possible to accept _ONLY_ authenticated (and TLS as an
option)
If you configure a smtpd server on 587 with current qmail-smtd and
disabling RBL you let spammers pass over your RBL checks!
Someone has a
[EMAIL PROTECTED] wrote:
Not at all, but you must know that with the qmail-smtpd distributed with
the toaster is not possible to accept _ONLY_ authenticated (and TLS as an
option)
When RELAYCLIENT is not set everyone must authenticate, no? Otherwise I
think it'd be an open relay.
If you
I made a small patch to have the REQUIRE_AUTH functionality.
If wanted I can add the REQUIRE_TLS part also..
(I used parts of http://qmail.jms1.net/patches/combined-6c5.shtml btw )
To enable it just add
export REQUIRE_AUTH=1
to the run script for your submission smtpd
Jean-Paul
- Original
That's good news! See http://www.inter7.com/index.php?page=simscan
Bad news is it's not production yet. New test version was released 2 days
ago, if anyone's eager to jump in.
Toaster is presently using simscan 1.2, while the inter7 web page appears to
say that 1.1 is production. I wonder what
Sweet, I was just talking with Nick about implementing this component
of that patch in QmailToaster.
Erik
On 11/8/06, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote:
I made a small patch to have the REQUIRE_AUTH functionality.
If wanted I can add the REQUIRE_TLS part also..
(I used parts of
[EMAIL PROTECTED] wrote:
Not at all, but you must know that with the qmail-smtpd distributed with
the toaster is not possible to accept _ONLY_ authenticated (and TLS as
an
option)
When RELAYCLIENT is not set everyone must authenticate, no? Otherwise I
think it'd be an open relay.
Nope,
Great news!
Could you contribute a lil' howto in the wiki or to the list. (saying
something like patched against, this this and this file and not this
:-P)
This would be great!
;-)
I made a small patch to have the REQUIRE_AUTH functionality.
If wanted I can add the REQUIRE_TLS part also..
Sure, I kinda expected someone who can change the rpm's would pick it up as
it really is a small thing.
Anyways, the only file you need to patch is qmail-smtpd.c
I attached a new patch, since the previous one failed on a silly newline.
Making this work requires the following steps:
Save the
I'll have this patched and on the site later this week.
Erik
On 11/8/06, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote:
Sure, I kinda expected someone who can change the rpm's would pick it up as
it really is a small thing.
Anyways, the only file you need to patch is qmail-smtpd.c
I attached
[EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote:
Not at all, but you must know that with the qmail-smtpd distributed with
the toaster is not possible to accept _ONLY_ authenticated (and TLS as
an
option)
When RELAYCLIENT is not set everyone must authenticate, no? Otherwise I
think it'd be
Btw, if there are any other outstanding patches or things I am happy to pick
them up.
Maybe it would be nice/productive if there was a todo/task/assignment list
thing online.
Jean-Paul
- Original Message -
From: Erik Espinoza [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
SRS is the only biggy that we need. Unfortunately there are no SRS
patches for Qmail, the support would have to be ported over from
H-Sphere.
Erik
On 11/8/06, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote:
Btw, if there are any other outstanding patches or things I am happy to pick
them up.
Nice work guys! I really look forward to this patch being included in the RPMs.
I had this problem with two clients today in fact. I had to disable the
list.dsbl.org in order for them to send mail from their comcast network.
Thanks!
Q
On Wed, 8 Nov 2006 14:39:57 -0800, Erik Espinoza wrote:
what is srs?
Erik Espinoza wrote:
SRS is the only biggy that we need. Unfortunately there are no SRS
patches for Qmail, the support would have to be ported over from
H-Sphere.
Erik
On 11/8/06, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote:
Btw, if there are any other outstanding patches
http://www.openspf.org/srs.html
From the site:
SRS: Sender Rewriting Scheme
SPF breaks email forwarding.
This is how to fix it.
More Info: http://www.openspf.org/srspng.html
On 11/8/06, Guillermo Villasana [EMAIL PROTECTED] wrote:
what is srs?
Erik Espinoza wrote:
SRS is the only biggy
Have to read and learn about this thing first then,
but smaller items/requests are more then welcome ;)
Jean-Paul
- Original Message -
From: Erik Espinoza [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wednesday, November 08, 2006 11:48 PM
Subject: Re: [qmailtoaster]
Eric
how do I enable attachment blocking specified in control files. My users
keep getting .pif files attached to some of the messages.
Do i have to recompile simscan?
Crispin.
That's good news! See http://www.inter7.com/index.php?page=simscan
Bad news is it's not production yet. New test
Hey Crispin,
Do you have simscan-toaster 1.2 (and above) and ripmime installed?
Erik
On 11/8/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Eric
how do I enable attachment blocking specified in control files. My users
keep getting .pif files attached to some of the messages.
Do i have to
Thank you all. I always want to create a second SMTP port for users to submit email, so that they won't be blocked byISP. So far I can only achieve this by using my firewall's VIP mapping. It will be great if qmailtoaster comes with this setting by default.
Anyway, I will try Jean-Paul's method
Yes
simscan-toaster-1.2-1.3.1
ripmime-toaster-1.4.0.6-1.3.1
Crispin
Hey Crispin,
Do you have simscan-toaster 1.2 (and above) and ripmime installed?
Erik
On 11/8/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Eric
how do I enable attachment blocking specified in control files. My users
You should be able to look at simcontrol to add .pif just like .mp3 is there.
On 11/8/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Yes
simscan-toaster-1.2-1.3.1
ripmime-toaster-1.4.0.6-1.3.1
Crispin
Hey Crispin,
Do you have simscan-toaster 1.2 (and above) and ripmime installed?
Erik
Greetings,
I have released an updated qmail-toaster package, available at
http://devel.qmailtoaster.com/ for download.
This package includes 2 minor changes and should be safe for all:
- Added REQUIRE_AUTH patch to qmail-toaster (Thanks to Jean-Paul van de Plasse)
- Enabled Submission port 587
I will add support for qmailmrtg to monitor the submission logs once
this feature makes it to stable.
Thanks,
Erik
On 11/8/06, Erik Espinoza [EMAIL PROTECTED] wrote:
Greetings,
I have released an updated qmail-toaster package, available at
http://devel.qmailtoaster.com/ for download.
This
The following is the contents of simcontrol
:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif:.exe
.pif is there, I added .exe at the end of the line. Still some of my users
get .pif files as attachment.
crispin
You should be able to look at simcontrol to add .pif just like .mp3 is
Might be a bug with the current version of simscan. I'll attempt to
replicate this with a few of my virtual machines (Thanks Lightspeed
Wireless). Can you give me a few examples of filenames that have made
it through?
I'll also see if I can test out simscan 1.4 later this week.
Thanks,
Erik
On
44 matches
Mail list logo