I'm really sorry I haven't been able to get to spamdyke issues lately, let me
see if I can catch up...
Did you ever get this issue resolved? The only thing that jumps out to me is
the way you've formatted your smtp-auth-command option -- you've got two
commands on a single line, which means
Hi Sam,
i wasn't able to resolve the issue, so i switched back to 4.3.1. I have
smtp-auth-command 1:1 in my spamdyke4.conf and it works, but i have
splitted it into 2 lines now.
Users mays authenticate with short or long username, so both versions
will work. Most use the short version.
I
Ok, problem must be spamdyke. I removed spamdyke from smtp_psa and
smtps_psa and auth works fine.
So, where is my misconfiguration?
Am 18.03.2014 08:25, schrieb Arne.Metzger:
Hi Folks,
no hints? I am still confused about this issue, since all worked perfect
sind monday...
Am 17.03.2014
Arne, maybe you can try to set
log-level=debug
an watch the mail-log for useful infos...
2014-03-18 10:02 GMT+01:00 Arne.Metzger mo...@foni.net:
Ok, problem must be spamdyke. I removed spamdyke from smtp_psa and
smtps_psa and auth works fine.
So, where is my misconfiguration?
Am
In the meantime i switched back to 4.3.1, which works like a charm!
Here is my config for 4.3.1 - what did i do wrong during update to 5.0.0?
log-level=verbose
local-domains-file=/var/qmail/control/rcpthosts
tls-certificate-file=/var/qmail/control/servercert.pem
max-recipients=20
Maybe this here, let me quote
http://www.spamdyke.org/documentation/Changelog.txt
NOT BACKWARDS COMPATIBLE: Renamed the option local-domains-file to
qmail-rcpthosts-file. The naming has always been confusing, since qmail
distinguishes between domains that should be accepted by
Hi,
my users can't send mails using smtp_auth
Mar 17 11:29:30 shjjv relaylock: /var/qmail/bin/relaylock: mail from
62.214.101.
xxx:20688 (xxx)
Mar 17 11:29:31 shjjv smtp_auth: smtp_auth: exit 3 at point 1
Mar 17 11:29:31 shjjv spamdyke[7307]: ERROR: authentication misuse (no
input giv
en or no
Here are my config files, i use two spamdyke-configs, on for tls and one
for non-tls
spamdyke5tls.conf
#general
log-level=verbose
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
tls-certificate-file=/var/qmail/control/servercert.pem
max-recipients=20
idle-timeout-secs=100
greeting-delay-secs=5
Thanks Lutz.
I'm sure that would work and I will definitely try it.
But I'd still not be able to do connection timeouts and rdns checks etc,
which ideally I'd like to do.
May be it's simple: spamdyke sits in front of all and does
authentification in
your case. Shouldn't it be possible to
But I was going to post about this too. I also would love the *option* to
enable filters even if there's authentication.
May be it's simple: spamdyke sits in front of all and does authentification
in your case. Shouldn't it be possible to insert the classic rblsmtpd between
spamdyke and den
Sam,
I agree, it would be excellent if the filters can be enabled with SMTP-AUTH.
On 09/04/13 08:58, Faris Raouf wrote:
I have a doubt:
If a user authenticates with SMTP auth. All filters are ignored?
If true, Why?
All filters other than the reply delay (earlytalker filter) are, as far as
Interesting ideas. To make it possible to disable authentication from specific
locations, I suppose the easiest way would be to make the smtp-auth-level
option valid in a configuration directory. Then you could create directories
using the IP ranges or rDNS names of those countries and
Hi,
I have a doubt:
If a user authenticates with SMTP auth. All filters are ignored?
If true, Why?
Thanks in advance.
--
Jorge R. Constenla
j...@rednetgroup.com
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
On 04/08/2013 01:04 PM, Jorge R Constenla wrote:
Hi,
I have a doubt:
If a user authenticates with SMTP auth. All filters are ignored?
Yes.
If true, Why?
Why not?
Many users submit from dynamic address locations, which are typically
blacklisted. If filters weren't bypassed, they would
What sort of restriction(s) would you like to see for authenticated
submissions? You might look into eMPF for these types of needs (policy
restrictions).
Really simpel: To be safe we in general don't allow clients to access if
the ip is listed at spamhaus sbl-xbl. This had good effects.
On 04/08/2013 01:40 PM, Lutz Petersen wrote:
What sort of restriction(s) would you like to see for authenticated
submissions? You might look into eMPF for these types of needs (policy
restrictions).
Really simpel: To be safe we in general don't allow clients to access if
the ip is listed
On 03/21/2012 08:29 PM, Sam Clippinger wrote:
I would be interested to know if giving the access-file option fixes this
problem, even when the file does not contain the RELAYCLIENT value for the
matching IP. It shouldn't change anything, but it would be good to know.
Yes, adding the option
On 03/20/2012 03:00 PM, Eric Shubert wrote:
I did a little testing, and this appears to be just a bug in the
config-test. With these settings, cram-md5 is not advertised, and
authentication does work.
After a little more testing, I discovered that qmail-smtpd (w/chkuser)
is rejecting
Yes, this is the same setup. Here are my configuration settings:
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=always
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=5
idle-timeout-secs=180
Actually, spamdyke will set RELAYCLIENT before qmail-smtpd is started if (1)
RELAYCLIENT was not already set, (2) local-domains-file is given AND (3)
relay-level is normal or greater. qmail-smtpd is always started as soon as
the connection begins (the greeting banner comes from qmail, not
Hi,
Spamdyke will disable all of its filters for authenticated connections. Why?
Would be great if some filter are enable after authenticated. Like
max-recipients, ip-blacklist, etc..
There is any way to do that ?
Best regards
--
Jorge R. Constenla
j...@rednetgroup.com
Director General
What are the permissions on the copy you made in /bin? On my server,
vchkpw is owned by root and is marked setuid. You might need to do the
same thing.
-- Sam Clippinger
Kulkarni Shantanu wrote:
* Sam Clippinger s...@silence.org [090929 08:53]:
The script you posted did not include any
Sam Clippinger, you are right, but I think some clarification is needed.
It would be wonderfull if `id -g name` gave the id of the group with the name
'name',
but that is not how id works. name is a user and 'id -g' will always give the
id of
the principal group associated with name. Usually
* Sam Clippinger s...@silence.org [090929 08:53]:
The script you posted did not include any details about which user is
running tcpserver, but it looks like that user does not have permission
qmaild.
to run /home/vpopmail/bin/vchkpw. If that file's mode is 711, take a
look at the
I think the problem is the argument to the smtp-auth-command
parameter. Because there is a space between vchkpw and /bin/true,
spamdyke doesn't know they should both be part of the
smtp-auth-command. When an incoming connection starts, spamdyke runs
the /bin/true executable instead of
The group permissions on your TLS certificate aren't working because
your script explicitly sets the group to nobody when tcpserver
starts. Entries in /etc/groups only affects interactive logins, not
daemon processes like tcpserver. Try changing your script from this:
-g `id -g nobody`
To
* Sam Clippinger s...@silence.org [090928 22:13]:
I think the problem is the argument to the smtp-auth-command
parameter. Because there is a space between vchkpw and /bin/true,
spamdyke doesn't know they should both be part of the
smtp-auth-command. When an incoming connection starts,
The script you posted did not include any details about which user is
running tcpserver, but it looks like that user does not have permission
to run /home/vpopmail/bin/vchkpw. If that file's mode is 711, take a
look at the permissions on the folders /home/vpopmail/bin,
/home/vpopmail and
The group permissions on your TLS certificate aren't working because
your script explicitly sets the group to nobody when tcpserver
starts. Entries in /etc/groups only affects interactive logins, not
daemon processes like tcpserver. Try changing your script from this:
-g `id -g nobody`
* David Bo Jensen d...@elektronik.dk [090926 08:12]:
What is
ls -la /home/vpopmail/bin/vchkpw
-rwx--x--x 1 vpopmail vchkpw 190656 Nov 24 2007 /home/vpopmail/bin/vchkpw
and what is the user for the tcpserver?
qmaild
You have no configuration file for spamdyke, and I have learned that
* David Bo Jensen d...@elektronik.dk [090926 08:12]:
What is
ls -la /home/vpopmail/bin/vchkpw
-rwx--x--x 1 vpopmail vchkpw 190656 Nov 24 2007
/home/vpopmail/bin/vchkpw
and what is the user for the tcpserver?
qmaild
I don't know /home/vpopmail/bin/vchkpw. But it is possible that you
hello,
i am trying smtp auth with spamdyke first time. previously i had used dr.
hoffman's smtp auth patch on few other servers, but frankly i am a bit
old-fashioned, preferring pop-before-smtp over smtp-auth.
i have netqmail-1.05 (lwq style) install with john simpson's validrcptto.cdb
path
and
are not specified in your case.
- Original Message -
From: Kulkarni Shantanu djbw...@shantanukulkarni.org
To: spamdyke-users@spamdyke.org
Sent: Friday, September 25, 2009 6:54 PM
Subject: [spamdyke-users] smtp auth
hello,
i am trying smtp auth with spamdyke first time. previously i had used dr
, 20 Jun 2009 01:15:58 +0200
An: spamdyke-users@spamdyke.org
Betreff: [spamdyke-users] smtp-auth problem with Eudora and spamdyke
Hi all,
Ok i'm running a linuxbox with a fedora core 5 and qmailrocks installation
plus some add one like clamd sanesecurity (nothing about auth).
i've just installed
Hello again,
my cram-md5 authentication problem drives me nuts. It seems as if my
server supports cram-md5 and has no errors with it. If i telnet into my
server, *without* spamdyke enabled and use cram-md5 i can successfully send
emails, if i enable spamdyke the logfile outputs a authentication
If CRAM-MD5 works correctly without spamdyke, you could be looking at
some kind of permission or environmental problem. Have you tried
running spamdyke's config-test feature to see if it can shed some
light (it will test your authentication commands to see if CRAM-MD5 is
supported)? Be sure
Last night i tried to figure out the issue with The Bat and my server.
The Bat tries to autenticate with cram-md5, even if it is set to plain.
My version of Qmail (installed by plesk on debian) seems to have issues with
cram-md5, but i couldn't figure fully out why.
I will recompile QMail and add
Clippinger
Gesendet: Montag, 19. Mai 2008 05:27
An: spamdyke users
Betreff: Re: [spamdyke-users] SMTP auth and spamhaus issues with The
Bat
I don't understand either. Could you enable full logging in spamdyke
(with full-log-dir) and send a log file from one of these connections
to me
] *Im Auftrag von *nightduke
*Gesendet:* Montag, 19. Mai 2008 13:50
*An:* spamdyke users
*Betreff:* Re: [spamdyke-users] SMTP auth and spamhaus issues with The
Bat
Stefan can you paste your spamdyke.conf
Have you seen the log? An error appears out of memory.
Do you have a lot of spam
nightduke wrote:
http://www.mail-archive.com/spamdyke-users@spamdyke.org/msg00978.html
Try this at your smtp_psa
Can you paste a more detailed log?
Could you please stop sending HTML to the list as well as start
removing unnecessary citations, so eventually your 3 line
post wouldn't take
In this web site explains how to test smtp auth.
http://qmail.jms1.net/test-auth.shtml
Regards.
Nightduke
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
I just ran into a DENIED_RBL_MATCH issue with The Bat
(http://ritlabs.com/) users. The user uses the latest version of The Bat
with SMTP Auth and no SSL Authentifications on and gets denied due the
spamhaus listing .
I guess it is the same issue as with thunderbird, which uses a wrong
Please check
http://www.mail-archive.com/spamdyke-users@spamdyke.org/msg00460.html
and
http://www.mail-archive.com/spamdyke-users@spamdyke.org/msg01114.html
Nightduke
2008/5/18, Stefan Pausch [EMAIL PROTECTED]:
I just ran into a DENIED_RBL_MATCH issue with The Bat
(http://ritlabs.com/)
I use Thunderbird myself and I've never had any problems. I'm not sure
what you mean by wrong authentication type.
Could you enable full logging and send me a log from a connection that
authenticates and is still blocked?
-- Sam Clippinger
Stefan Pausch wrote:
I just ran into a
:[EMAIL PROTECTED] Im Auftrag von nightduke
Gesendet: Sonntag, 18. Mai 2008 18:20
An: spamdyke users
Betreff: Re: [spamdyke-users] SMTP auth and spamhaus issues with The Bat
Please check
http://www.mail-archive.com/spamdyke-users@spamdyke.org/msg00460.html
and
http://www.mail-archive.com
An: spamdyke users
Betreff: Re: [spamdyke-users] SMTP auth and spamhaus issues with The
Bat
I use Thunderbird myself and I've never had any problems. I'm not sure
what you mean by wrong authentication type.
Could you enable full logging and send me a log from a connection that
authenticates
PROTECTED] [mailto:spamdyke-users-
[EMAIL PROTECTED] Im Auftrag von Sam Clippinger
Gesendet: Sonntag, 18. Mai 2008 18:28
An: spamdyke users
Betreff: Re: [spamdyke-users] SMTP auth and spamhaus issues with
The
Bat
I use Thunderbird myself and I've never had any problems. I'm not
sure
what
, 18. Mai 2008 22:20
An: spamdyke users
Betreff: Re: [spamdyke-users] SMTP auth and spamhaus issues with The
Bat
My best guess is that your qmail is advertising an encrypted
authentication protocol (probably CRAM-MD5) that it doesn't actually
support, perhaps because your passwords
Hi,
May sound like a daft question but thought I'd ask anyway, im thinking of
installing spamdyke into my qmailtoaster installation for many reasons but
one pressing issue in particular. We have a problem with our firewall and I
cant add any rules to it until our security guys fix it which
Actually, port 587 is what QT refers to as the submission port. I'm
not entirely sure why it was created (or who created it), but QT doesn't
check DNS RBLs for connections received on that port. In all other
ways, it is the same as port 25.
SMTPS (SMTP over SSL) uses port 465 by default.
Let's see...
1: I'm not sure why this is. Are you using tcpserver or xinetd? Can
you post the script that's starting spamdyke?
2: Check your permissions. DJB's checkpassword requires root
permissions to run correctly, so you may need to mark the binary setuid
root. spamdyke's config-test
On Dec 14, 2007 12:59 PM, Sam Clippinger [EMAIL PROTECTED] wrote:
Let's see...
1: I'm not sure why this is. Are you using tcpserver or xinetd? Can
you post the script that's starting spamdyke?
tcpserver
Here it´s my /var/qmail/supervise/qmail-smtpd/run
---
Finally i fixed with some help of Sam Clippinger my problem with spamdyke and
smtp-auth...i was unable to use lotus notes and outlook autentication... with
spamdyke.Let me show how i can i fixed...
cat smtp_psa
service smtp
{
socket_type = stream
protocol
In order for spamdyke to correctly handle relaying, it needs three
things: smtp-auth-command, access-file and local-domains-file. It looks
like you're missing the local-domains-file directive. Try adding this
to your spamdyke config:
local-domains-file=/var/qmail/control/rcpthosts
You shouldn't need to add anything special to the access file. As long
as the remote IP address is allowed to send mail at all (i.e. it matches
an :allow line), that should be enough.
Try as I might, I can't reproduce what you're seeing. Here's what I
tried, using spamdyke 3.0.1 (the IP
I had nothing in my access file.
It appears to work in this case when :allow is in the access-file. The
documentation isn't too clear on this, although I would *SWEAR* that I
tried this beforehand. Perhaps I was adding -x to the tcpserver command,
I know I did throw that in for kicks at one
Hi,
because I'm using cvm-vmailmgr as qmail-smtpd replacement I'm not sure
if I can drop the smtp-auth-command, the changelog says:
This means spamdyke will always disable its filters for
authenticated users even if it can't check the authentication itself.
In my spamdyke logs i never see
I use Plesk and QMAIL. Plesk's qmail has an SMTP AUTH.
But i can't run spamdyke with auth.
/var/qmail/bin/passwordcheck -u mailaddress [EMAIL PROTECTED] -p password
/var/qmail/bin/smtp_auth /var/qmail/bin/true
Beginning unencrypted password test.
Sending data to child process:
With the latest version of spamdyke, the smtp-auth-command flag is
unnecessary. If qmail already provides SMTP AUTH, spamdyke will honor
the authentications automatically.
Try these starting arguments:
-Rt0 /usr/local/bin/spamdyke -x dnsbl-1.uceprotect.net -x
dnsbl-2.uceprotect.net -x
I discovered SpamDyke 2.6.3 today and it seems amazing - exactly what I'm
looking for! I mainly plan to use SpamDyke for its SMTP AUTH capabilities. I
have it compiled and installed, and using the util passwordcheck, I have
been able to verify that plain text auth is working. MD5 is not, but I
60 matches
Mail list logo
