RE: [toaster] updating toaster?
I notice that the toaster has not been updated. Is there any other site has all the updates? Which particular updates are you looking for? Most things can be handled on a case by case basis, once you have the main toaster installation set up. Netqmail 1.06, simscan 1.4.0 had been released. Will shupp's toaster be updated to them soon? I successfully built a toaster using both Netqmail 1.06 and Simscan 1.4.0 There are no changes that require updates in the way the toaster is setup, the combined patch will apply and work in the same way for Netqmail 1.06 as for Netqmail 1.05 The setup steps have changed in Netqmail 1.06 since now the sources of the original Qmail do not require to be provided separately and have been merged into Netqmail. Just unpack Netqmail 1.06 and apply the combined patch. Regarding Simscan, it can be rebuilt and updated using the same configure parameters as are provided in the toaster, no changes there either. What combined patch are you using? I look into the changelog of 1.06, there isnt anything much on the patches it use. I would like to know if I need to patch like I did for 1.05 A little bit of history doesn't hurt so here goes: Netqmail is a patchset meant to fix the few bugs encountered in Qmail. It was initially provided as a patch that the end-user required to apply to the original Qmail sources due to license limitations. Qmail was forbidden to be redistributed in any other form than the original sources. It was the end-users responsibility if Qmail was patched and something broke. Since DJB released Qmail from it's license, making it public domain, the Netqmail package was changed into the current version with the patchset already applied. In this sense there is not much of a difference between the sources of Qmail 1.03 with the Netqmail 1.05 patch applied and Netqmail 1.06. Just unpack Netqmail 1.06 and apply Bill's combined patch. Regards, Toma Daniel, Technical Consultant / AXIGEN http://www.axigen.com Personal Website: http://www.tomadaniel.org Technical Website: http://qmail.tomadaniel.org
RE: [toaster] updating toaster?
I notice that the toaster has not been updated. Is there any other site has all the updates? Which particular updates are you looking for? Most things can be handled on a case by case basis, once you have the main toaster installation set up. Netqmail 1.06, simscan 1.4.0 had been released. Will shupp's toaster be updated to them soon? I successfully built a toaster using both Netqmail 1.06 and Simscan 1.4.0 There are no changes that require updates in the way the toaster is setup, the combined patch will apply and work in the same way for Netqmail 1.06 as for Netqmail 1.05 The setup steps have changed in Netqmail 1.06 since now the sources of the original Qmail do not require to be provided separately and have been merged into Netqmail. Just unpack Netqmail 1.06 and apply the combined patch. Regarding Simscan, it can be rebuilt and updated using the same configure parameters as are provided in the toaster, no changes there either. Regards, Toma Daniel, Technical Consultant / AXIGEN http://www.axigen.com Personal Website: http://www.tomadaniel.org Technical Website: http://qmail.tomadaniel.org
Re: [toaster] qmail-smtpd to require auth
On Wed, 2008-02-27 at 10:12 +0100, Alessio Cecchi wrote: Il Monday 25 February 2008 09:26:58 Lampa ha scritto: Hello, force auth with chkuser CHKUSER_MUSTAUTH=. Check your code source if it's enabled (supported). Hello, where i can find all available options that CHKUSER provides? Thanks Try here http://www.interazioni.it/opensource/chkuser/ Shane Is there a way i can enforce TLS also ?
Re: [toaster] Possible doc error ?
Bill Shupp wrote: On Feb 25, 2008, at 10:04 AM, Rick Macdougall wrote: Hi, One of my bussies was using the toaster to install a new server and came across this prereq. yum install gcc g++ gcc-g++ gdbm gdbm-devel openssl openssl-devel stunnel krb5-devel bzip2 bzip2-devel He really needed c++ and gcc=c++, not g++. Is this a typo ? The last time I checked, the RH rpm name was gcc-c++. But that was a while ago. Note that different distributions use different package names. What distribution are you using? Regards, Bill Hi, On your page it says gcc-g++, I believe it should say gcc-c++ It's a CentOS 5 install. Regards, Rick I couldn't find the gcc-g++ package on centos 4 and 5 also, gcc-c++ works fine though. It installs /usr/bin/g++ if you're concerned that it may not be available on the system.
Re: [toaster] Problems on Fedora 8
My google results say that it may be a clamav error not simscan. Take a look at the clamav log file. Please note that Fedora 7 and 8 i don't know for sure if earlier versions do that but these versions are shipped with a broken package of signature databases that prevents clamav to function properly and the log file is silent. The fix comprises of deleting the contents of /var/lib/clamav and running a freshclam to download updated signature databases. Further info: This appears to be a problem with simscan and is causing the mailserver to temporarily reject messages. At 10:23 PM 1/14/2008, you wrote: Hi: We have a new toaster install on Fedora 8 (32 bit). We are getting the following errors in the /var/log/qmail/smptd logs. @4000478c181b0dfd0c0c tcpserver: ok 21584 0:64.68.xx.xx:25 :64.68.xx.xx::51033 @4000478c181b10a9b964 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote xxx.com:unknown:64.68.xx.xx rcpt : sender accepted @4000478c181b10b29ebc CHKUSER accepted rcpt: from [EMAIL PROTECTED]:: remote .com:unknown:64.68.151.3 rcpt [EMAIL PROTECTED] : found existing recipient @4000478c181b1354c0dc ERROR: opt_parse: calloc failed @4000478c181b13550efc ERROR: Can't parse the command line @4000478c181b138db6e4 tcpserver: end 21584 status 0 This could be related to simscan but I'm not sure. Does anyone know what the problem/solution is? At 03:51 AM 12/28/2007, you wrote: Jeff Koch wrote: I'm having some trouble getting the Toaster setup on Fedora 8. The first problem is errors in installing daemontools. Here are the results when I run 'package/install'. I would appreciate any suggestions: /usr/include/bits/errno.h:25:26: error: linux/errno.h: No such file or directory In file included from /usr/include/bits/posix1_lim.h:153, from /usr/include/dirent.h:232, from /usr/include/sys/dir.h:24, from direntry.h:9, from envdir.c:5: /usr/include/bits/local_lim.h:36:26: error: linux/limits.h: No such file or directory make: *** [envdir.o] Error 1 You are probably missing the kernel headers. A 'yum install kernel-headers' should solve your problem. -T.J. Best Regards, Jeff Koch, Intersessions Best Regards, Jeff Koch, Intersessions
Re: [toaster] CHKUSER
Please check the respective machine for any malware. If the smtp authentication password is saved which in most cases is than a worm or virus can collect the saved password and send spam using your server as authorized relay. That was my assumption when i first saw that you specified IP_address_of_allowed_relay. If the respective address is in a private address than the assumption becomes certainty. Sorry to be a pest but, the IP address of origin is the correct address of an allowed relay. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_address_of_allowed_relay rcpt : sender accepted I hate to say it but if the user was stating mail from:legit_user but the reported IP is from IP_address_of_allowed_relay isn't the email coming form either the allowed relay or some one spoofing the allowed relay? Thanks Doug [EMAIL PROTECTED] ha scritto: I need a little help deciphering what's going on here. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_Address_of_allowed_relay rcpt : sender accepted I'm getting a ton of these in my log files but the user CHKUSER is reporting is not sending them. I tried commenting them out of my tcp.smtp file and resetting the tcp.smtp.cdb but I'm still getting the same log. The reported from user (in this case [EMAIL PROTECTED]) is simply the one declared at SMTP session with mail from:. Tonino Any help would be greatly appreciated. Thanks Doug -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] R: [toaster] Info for send mail
It's not the envelope, it's only the To: header modified, it's a filter bypass technique. Where is are you seeing this undisclosed recipient in the to field? In you client, or in your mail servers log files? On Tue, 2008-01-08 at 11:12 +0100, Info Neoblu wrote: -Messaggio originale- Da: Shane Chrisp [mailto:[EMAIL PROTECTED] Inviato: martedì 8 gennaio 2008 11.00 A: toaster@shupp.org Oggetto: Re: [toaster] Info for send mail That sounds like a problem with the mail client rather than the server. âUndisclosed Recipient:;â is pretty normal for mailouts from clients such as outlook express etc. This happens on different clients Outlook, Outlook Express, Thunderbird with different versions.
Re: [toaster] R: [toaster] Info for send mail
Sorry for the confusing message. Please be more detailed regarding the origin of the messages that have the To: header containing undisclosed recipients:; If the message originates from a mailing list this can be the answer for the unusual header. It's not the envelope, it's only the To: header modified, it's a filter bypass technique. Where is are you seeing this undisclosed recipient in the to field? In you client, or in your mail servers log files? On Tue, 2008-01-08 at 11:12 +0100, Info Neoblu wrote: -Messaggio originale- Da: Shane Chrisp [mailto:[EMAIL PROTECTED] Inviato: martedì 8 gennaio 2008 11.00 A: toaster@shupp.org Oggetto: Re: [toaster] Info for send mail That sounds like a problem with the mail client rather than the server. âUndisclosed Recipient:;â is pretty normal for mailouts from clients such as outlook express etc. This happens on different clients Outlook, Outlook Express, Thunderbird with different versions.
Re: [toaster] Installing Toaster on Fedora 8
You need to apply the errno patch which is required on redhat systems. Excerpt from the toaster instructions: patch -p1 /var/src/netqmail-1.05/other-patches/daemontools-0.76.errno.patch package/install Jeff Koch wrote: I'm having some trouble getting the Toaster setup on Fedora 8. The first problem is errors in installing daemontools. Here are the results when I run 'package/install'. I would appreciate any suggestions: /usr/include/bits/errno.h:25:26: error: linux/errno.h: No such file or directory In file included from /usr/include/bits/posix1_lim.h:153, from /usr/include/dirent.h:232, from /usr/include/sys/dir.h:24, from direntry.h:9, from envdir.c:5: /usr/include/bits/local_lim.h:36:26: error: linux/limits.h: No such file or directory make: *** [envdir.o] Error 1 You are probably missing the kernel headers. A 'yum install kernel-headers' should solve your problem. -T.J.
Re: [toaster] Installing Toaster on Fedora 8
Fedora 7 and Centos 4 do not have the mentioned packages. They both have a gcc-c++ package which i think is the one that has the C compiler. Jeff Koch wrote: g++ gcc-g++ installed. Unless there's a typo Yum reports that g++ and gcc-g++ do not exist. Not all distributions use the same name, that's probably the issue. Does anyone have a list of which RPM distributions use which names? Regards, Bill
[toaster] Forwards handling
Hello list ! Is there a way i can control forwarder addresses that the users set ? Here is the encountered scenario: Users set a forward for the mailbox on my server to a remote yahoo address. This causes for all spam that they receive to be also sent to the yahoo servers which, in turn, will start to consider my server as a spamming one and keep deferring messages for large periods of times. This behavior disturbs other user's communications when yahoo addresses are involved since the legitimate messages are deferred for large periods of time also. My question is, if a limit on the forwarded e-mail addresses can be set to only local addresses. This is a preferred behavior unlike disabling forwards altogether. Thank you in advance for your answers and clarifications in case i mis understood the situation encountered.
Re: [toaster] Can I edit /command/svscanboot ??
You can edit /etc/inittab and put your commands there, before svscanboot is ran. Hello! I neet to delete one file, before run svc services (qmail, etc..) at boot. Can I edit /command/svscanboot and insert this command here? Is there another solution? Thanks! Sim
Re: [toaster] old toaster -- need to renew/update IMAP SLL Cert
As far as i know Courier imap generates the certificates when the service is starting if it's unable to find them. It uses the settings from the file imapd.cnf On my system that file is found in the /usr/lib/courier-imap/etc directory. Hello, I have an older Shupp Toaster installed (a few years old) , and I need to update the SMTP/IMAP SSL certs. Can someone please provide a few step-by-step instructions to re-generate a valid cert? thanks. -Hank
Re: [toaster] qmail in public domain
I don't see much difference between then and now, it's the same thing. Giving Qmail to the public domain, in my opinion, is a bad move. Now x, y and z versions of Qmail will start to pop-up each and everyone of them with their installation methods and alterations to the original code. I don't also see a very big deal out of this because noone stoped you before to make yourself binary packages with your qmail if you needed a rapid deployment solution. As long as you did not redistributed those binary packages. I would rather see a new version of qmail with some feature updates and bug fixes. -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Dec 3, 2007, at 8:13 AM, Jason 'XenoPhage' Frisvold wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bill Shupp wrote: It's official: http://cr.yp.to/qmail/dist.html And according to this article, all his software is in public domain: http://linux.slashdot.org/linux/07/11/30/0430201.shtml I haven't checked them all yet. Awesome news.. So what are your plans in lieu of this? Any changes to your toaster as a result? I don't have any solid plans at the moment, as I'm pretty busy with other stuff right now. I'd love to have the time to maintain debian packages of the whole toaster suite. But the src install instructions are pretty handy to have, especially when working with some of the BSD variants and OS X. And as of now, I'm only aware of qmail being in the public domain. So there would be issues with the other related packages until that changes. But I suspect there will be different efforts. Some folks will maintain OS specific binary packages, some will stick with DBJ specific locations for their packages, etc. I'm sure the QmailToaster guys will switch over to binary rpms pretty quickly, as their system is pretty automated. Anyway, I'll be getting back to a toaster update soon, as it's a little out of date. But it may not be much different at the moment. I'm actually more interested in finishing up ToasterAdmin now that Net_Vpopmaild has been release through PEAR. Regards, Bill Shupp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) iD8DBQFHVNfWi7Tq+kmcqjURAiORAJ42njlU+29pWYKNMZYwhGnRh9F1nQCdHWU/ a/2BrCfUm9HbiCoIZpIKYbI= =6y1R -END PGP SIGNATURE-
Re: [toaster] qmail in public domain
Maybe i didn't expressed myself clearly enough :) A patch is a patch not a binary distributed package on which you do not have any control, and if you need to change something you need go back to compiling from sources which we already do anyway. A toaster will continue to exist beyond the binary qmail versions released since a toaster is in essence a collection of multiple tools that work together to compose the modern mail service that we are all used to these days. One more personal conclusion: The fact that i know so much today regarding how qmail works and e-mail in general is because i needed to build it from sources instead of rpm -ivh qmail ;) Daniel, you are really messed all the things up: [EMAIL PROTECTED] wrote: I don't see much difference between then and now, it's the same thing. Giving Qmail to the public domain, in my opinion, is a bad move. Now x, y and z versions of Qmail will start to pop-up each and everyone of them with their installation methods and alterations to the original code. Yup. Actually, they already do. Someone call them patches. someone 'toasters'. I guess that Shupp is one of the X Y or Z's :) I don't also see a very big deal out of this because noone stoped you before to make yourself binary packages with your qmail if you needed a rapid deployment solution. [note this:] As long as you did not redistributed those binary packages. or source packages. or anything modified. I would rather see a new version of qmail with some feature updates and bug fixes. yeah, that's the first step. Actually, releasing qmail in such a way does give a way to people or groups like Bill or the people ho do use his toaster to make source OR binary bundles instead of installing dev packages like crazy. Boris Pavlov
Re: [toaster] ssl/tsl question
only if you make a patch for this functionality Hello, i need run 2 instances of qmail-smtpd on 4 different ip addreses (that's not problem). Problem is how to put different ssl certificates on this connections. Is there some env variable (or something simple and similar) that will tell qmail-smtp which cert should be loaded (i don't want use different instalations of qmail, using one with different ip, one queue, one control files) Thank you. -- Lampa
RE: [toaster] domainkeys ???
@ Sim Do not setup domainkeys, as long as the verifier and the signer binaries are not called you do not have to worry about anything. @ Aron As long as you follow other instructions on setting up qmail and give no details about what you've allready done to setup domainkeys we cannot help you. Please give more details on what you have done to setup domainkeys. Sorry to hijack your thread, im ripping my hair out trying to get this domain key signing to work. There are currently no instructions in the toaster on implementing qmail-dk. Check out the man qmail-dk man page for implementation information, it's all there. iv gone to the man page and followed the instruction there... rename qmail-queue to qmail-queue.orig and then set that in the tcp file, I also tried to get it to produce an error. The man say that if you leave the % sign out and dont have a folder then it should error, I did this and my email still went through. I really need some help to implement domains keys signing please, can anyone help. Cheers Aron Palmer - Domains Administrator - Conetix Premier Web Solution Provider PO BOX 742 Ipswich Queensland Australia 4305 B 1300 789 260 1300 789 261 INT+(617) 345 46700 +(617) 0732817439 [EMAIL PROTECTED] http://www.conetix.com.au DISCLAIMER Communications through Conetix e-mail systems may be monitored to secure effective system operation and for other lawful purposes. This communication is to be treated as confidential and the content may not be used or disclosed except for the purpose for which it has been sent. No liability is accepted for damage caused in the transmission of this email.If you have reason to believe that you are not the intended recipient of this communication, please contact sender immediately. -Original Message- From: Sim [mailto:[EMAIL PROTECTED] Sent: Monday, November 05, 2007 9:37 PM To: toaster@shupp.org Subject: Re: [toaster] domainkeys ??? Hi ! Can I remove libdomainkeys from your Patch? This is no important for me ! I'm trying to install new Qmail without this patch... Your last Toaster work very well.. without that patch. Thanks! Sim 2007/6/26, Bill Shupp [EMAIL PROTECTED]: Michael D Schleif wrote: At the bottom of this page: http://www.shupp.org/toaster/?page=qmail there is the last section, headed thusly: Now let's compile libdomainkeys, we'll need that later: I do NOT see where this is later used. What am I missing? qmail-toaster-0.9.1.patch requires the libdomainkeys library. This patch is applied to netqmail during vpopmail installation (libvpopmail is also required by the patch). There are currently no instructions in the toaster on implementing qmail-dk. Check out the man qmail-dk man page for implementation information, it's all there. Regards, Bill No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.21/1109 - Release Date: 11/4/2007 11:05 AM No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.22/ - Release Date: 11/5/2007 4:36 AM
RE: [toaster] Regarding Domin Key issues
As far as i know gmail does not have DomainKeys implemented :D
I see that a recommendation to use a yahoo account has led you to use
gmail account, maybe i should use the reverse psychology thing ;))
Thanks for replying.
I sent to my gmail account and this is what I get.
Delivered-To: [EMAIL PROTECTED]
Received: by 10.114.169.2 with SMTP id r2cs71183wae;
Sun, 28 Oct 2007 19:52:10 -0700 (PDT)
Received: by 10.114.78.1 with SMTP id a1mr2741890wab.1193626330122;
Sun, 28 Oct 2007 19:52:10 -0700 (PDT)
Return-Path: [EMAIL PROTECTED]
Received: from smtp.conetix.com.au (smtp.conetix.com.au [202.74.69.12])
by mx.google.com with ESMTP id
n22si2851985pof.2007.10.28.19.52.06;
Sun, 28 Oct 2007 19:52:10 -0700 (PDT)
Received-SPF: pass (google.com: domain of [EMAIL PROTECTED] designates
202.74.69.12 as permitted sender) client-ip=202.74.69.12;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
[EMAIL PROTECTED] designates 202.74.69.12 as permitted sender)
[EMAIL PROTECTED]
Message-Id: [EMAIL PROTECTED]
Received: (qmail 32182 invoked by uid 89); 29 Oct 2007 02:53:58 -
Received: from unknown (HELO hw4) (202.74.65.54)
by 0 with SMTP; 29 Oct 2007 02:53:58 -
Date: Mon, 29 Oct 2007 11:52:07 +1000
From: [EMAIL PROTECTED]
Subject: domain key test
To: [EMAIL PROTECTED],
[EMAIL PROTECTED]
X-Priority: 3
Iv also tried to follow this site
http://www.sangprabv.web.id/articles/article.php?aid=Mg==.. But I dont
use
simscan so I didnt follow that bit..
Cheers
Aron Palmer - Domains Administrator - Conetix Premier Web Solution
Provider
PO BOX 742 Ipswich Queensland Australia 4305
B 1300 789 260 1300 789 261
INT+(617) 345 46700 +(617) 0732817439 [EMAIL PROTECTED]
http://www.conetix.com.au
DISCLAIMER
Communications through Conetix e-mail systems may be monitored to secure
effective system operation and for other lawful purposes. This
communication
is to be treated as confidential and the content may not be used or
disclosed except for the purpose for which it has been sent. No liability
is
accepted for damage caused in the transmission of this email.If you have
reason to believe that you are not the intended recipient of this
communication, please contact sender immediately.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, October 29, 2007 1:55 PM
To: toaster@shupp.org
Subject: Re: [toaster] Regarding Domin Key issues
Hello, you must take into consideration that the DomainKeys headers are
added by the verifier module.
From the headers provided it does not look that the receiving end has done
any DomainKeys validation. If the receiving server does not have
DomainKeys implemented it means that those headers will not be present as
proof of the verification process.
Try to send a test message to a known yahoo account and see what is
appended to the headers.
HI.
I have followed your excellent qmail setup, and its working great. Now
im
trying to get domain keys to work. According to a part in the setup
instruction one of the patches has the domain keys support included in
it.
So iv followed these instruction to get the key setup.
mkdir -p /etc/domainkeys/example.com/
cd /etc/domainkeys/example.com/
/usr/local/ssl/bin/openssl genrsa -out rsa.private 768
/usr/local/ssl/bin/openssl rsa -in rsa.private -out rsa.public -pubout
-outform PEM
mv rsa.private default
chown -R qmailq /etc/domainkeys
chmod 0600 default
grep -v ^- rsa.public | perl -e 'while(){chop;$l.=$_;}print t=y;
p=$l;\n;'
*** replacing example.com with my domain name.
and I have entered the TXT records into our zone files.
when I go to this site and run a check on the records I get a valid
response
HYPERLINK
http://domainkeys.sourceforge.net/cgi-bin/check_policy?domain=conetix.com.a
uSubmit=Submithttp://domainkeys.sourceforge.net/cgi-bin/check_policy?domai
n=conetix.com.auSubmit=Submit
HYPERLINK
http://domainkeys.sourceforge.net/cgi-bin/check_selector?selector=default._
domainkey.conetix.com.auSubmit=Submithttp://domainkeys.sourceforge.net/cgi
-bin/check_selector?selector=default._domainkey.conetix.com.auSubmit=Submit
but when I send a test email to myself I dont see anywhere where it
says
domainkey.. so what am I doing wrong.
From - Fri Oct 26 10:52:34 2007
X-Account-Key: account2
X-UIDL: UID6282-1149040028
X-Mozilla-Status: 0001
X-Mozilla-Status2:
X-Mozilla-Keys:
Return-Path: HYPERLINK mailto:[EMAIL PROTECTED][EMAIL PROTECTED]
Received: from smtp.conetix.com.au (smtp.conetix.com.au [202.74.69.12])
by mail34.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id
l9Q0qeV8017850
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256
verify=FAIL)
for HYPERLINK
mailto:[EMAIL
Re: [toaster] Mail refused with temporary errors
As suggested earlier please check that you don't have a stale socket for clamd, this usually happens after an unclean shutdown. Check the log of clamav as it will complain about the stale socket if this is the case. Delete the stale socket and restart the clamav service. The error is usually received when messages from remote clients are attempted to be delivered, but from the localhost (webmail) are sent without problems. On 09/10/2007 Marcus Williams wrote: I though that the simscan directory should have drws--x--x (4711). The makefile sets it to that anyway. ... and then I remembered setuid dirs under linux are ignored. So I'm still no closer. Thanks Marcus
Re: [toaster] x64 problem - upgrade
Looks like you're missing a step here... This an excerpt from the toaster site: # add qmail toaster patch now that vpopmail is installed cd /var/src/netqmail-1.05/netqmail-1.05 bunzip2 -c ../../tar/qmail-toaster-0.9.1.patch.bz2 | patch -p0this is missing make clean make qmailctl stop make setup check From your output it does not result that you've patched the netqmail sources with the qmail-toaster patches bundle which includes the smtp-auth patch also. The behavior of your server it's normal regarding the SMTP issue. It does not advertise login mechanisms because, without the smtp-auth patch, you do not require a password to send mail through your server. Hm strange, I downloaded new stable vpopmail and compilation of courier works. I only had to run this in Courier-imap compilation: env COURIERAUTHCONFIG=/usr/local/bin/courierauthconfig ./configure instead of simple ./configure. Bill, maybe this cheat could be added to toaster page. After I upgraded vpopmail I also did this: # /add qmail toaster patch now that vpopmail is installed/ cd /var/src/netqmail-1.05/netqmail-1.05 make clean make qmailctl stop make setup check Strange is that following two commands outputs make: *** No rule to make target `cert'. Stop. (I don't know if it is important or nope.) make cert # /enter your company's information/ make tmprsadh # /NOTE: This may take a LONG time/ smtp auth problem still remains, much bigger pain than courier :) Roman Roman BÄlonohý napsal(a): Hello I thought I would never have problem with toaster, damn I have now :-) Friend's new Core2duo server, 64bit, nocona arch. I think this comp is somehow crazy configured (gentoo) because I use several toasters on several 64bit gentoo machines without problem. Pop3 works ok. But there is a problem with smtp. Users can't send e-mails (that domain isn't in a list of my allowed recipient list) Maybe a problem with authorization for smtp? Another strange problem is that I can't compile courier, check the error, looks like it's somehow related (MAYBE) to that smtp auth. Especially check bold line, what should I recompile with -fPIC? Vpopmail I guess? And if so, how to add there that -fPIC please? Compiling authmysqllib.c Linking libauthmysql.la Linking libauthcustom.la Compiling authvchkpw.c authvchkpw.c: In function 'auth_vchkpw_changepass': authvchkpw.c:186: warning: passing argument 1 of 'parse_email' discards qualifiers from pointer target type Compiling preauthvchkpw.c preauthvchkpw.c: In function 'auth_vchkpw_pre': preauthvchkpw.c:67: warning: passing argument 1 of 'parse_email' discards qualifiers from pointer target type preauthvchkpw.c:141: warning: passing argument 3 of 'vset_lastauth' discards qualifiers from pointer target type Linking libauthvchkpw.la */usr/lib/gcc/x86_64-pc-linux-gnu/4.1.2/../../../../x86_64-pc-linux-gnu/bin/ld: /home/vpopmail/lib/libvpopmail.a(vpopmail.o): relocation R_X86_64_32S against `a local symbol' can not be used when making a shared object; recompile with -fPIC */home/vpopmail/lib/libvpopmail.a: could not read symbols: Bad value collect2: ld returned 1 exit status make[2]: *** [libauthvchkpw.la] Error 1 make[2]: Leaving directory `/var/src/courier-authlib-0.59.1' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/src/courier-authlib-0.59.1' make: *** [all] Error 2 I compared processes on my machine with working toaster and this one. This bad machine doesn't have started smtp childs with vchkpw processes, it's like: root 8190 0.0 0.0 10080 1436 ?Ss Sep10 0:00 /bin/sh /command/svscanboot root 8203 0.0 0.0 2664 392 ?SSep10 0:00 \_ svscan /service root 8205 0.0 0.0 2492 340 ?SSep10 0:00 | \_ supervise qmail-smtpd vpopmail 15520 0.0 0.0 3732 572 ?S14:01 0:00 | | \_ /usr/local/bin/tcpserver -v -H -R -l 0 -x /home/vpopmail/etc/tcp.smtp.cdb -c 20 -u 89 -g 89 0 s root 8206 0.0 0.0 2492 340 ?SSep10 0:00 | \_ supervise log qmaill8216 0.0 0.0 2640 404 ?SSep10 0:00 | | \_ /usr/local/bin/multilog t /var/log/qmail/smtpd root 8207 0.0 0.0 2496 340 ?SSep10 0:00 | \_ supervise clear Good machine: root 3877 0.0 0.0 1404 144 ?SMay28 0:00 | \_ supervise qmail-smtpd vpopmail 12570 0.0 0.0 1604 452 ?SAug30 0:43 | | \_ /usr/local/bin/tcpserver -v -H -R -l 0 -x /home/vpopmail/etc/tcp.smtp.cdb -c 20 -u 89 -g 89 0 s vpopmail 6059 0.0 0.1 3176 984 ?S14:10 0:00 | | \_ /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true vpopmail 6247 0.0 0.1 3176 980 ?S14:12 0:00 | | \_ /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true Roman
Re: [toaster] Qmail Failover Server issues
Fail-over is not done with a qmail patch ;) You should look into heartbeat and other high availability solutions. In-house we've set up a server to act as a secondary MX record to the domains we host mail. The server then forwards these messages to the actual mail server the domain is hosted. The goal is that, in the event a server dies, mail is still collected and gathered, waiting to be delivered to the proper server. The setup of qmail follows the toaster guide. Because the actual mail servers are working fine - the server is getting nothing but spam and junk emails, filling the queue is growing to huge sizes over 117K in messages! Spamassassin is barely able to keep up with the load, and I'm sure clamav isn't far behind. We've been pruning the queue of messages using qmHandle, but we need something that handles things on its own. We've also set the queue lifetime to be 12 hours. Some ideas we've been comtemplation to fix the issue: - another failover server set up the same way that handles 1/2 the domains secondary MX records. - some qmail patch that reject the mail if the actual server is still online and operational - keep failover server offline until needed Any suggestions on this are appreciated. Thanks. James G Sr. Systems Administrator Cavecreek Systems Administration Team http://www.cavecreek.net http://www.cavecreek.net/ 24-hour technical support: [EMAIL PROTECTED] 480.449.7750 We welcome feedback on your customer service experience. Please send a message to [EMAIL PROTECTED]
RE: [toaster] toaster RAID setup
RAID 5 ? Fast ? Oh come on ! The performance of any RAID array is very low comparing to a BUSY mail server if data integrity is an important aspect. I'd recommend only the Raid 10 which does a strip over two mirrors. Meaning you have 4 drives, they each are in a RAID 1 array and the two RAID 1 arrays are part of a RAID 0 array. That is some performance oriented array. The simple RAID 5 is slow when it comes to writing many small files. If you can afford it you may think of the RAID 50 array that basically requires a minimum of 6 harddrives. For a busy server you could try to put the queue in a ramdisk if you have say a 4G of RAM machine or even more. LVM is the recommended way if you need to increase the filesystem available space without blowing away your installation. EXT 3 supports on-line filesystem growing and shrinking so you will only need to stop the machine to put in the physical drive in it. I only worked with some intel based hw controllers but maybe there are controllers that support adding harddrives without stopping the machine. It is recommended to use a controller with a battery backup if you intend to use write caching (which will boost performance by the way). You should also look into tune2fs for fine tuning the filesystem, check for inode size information. Mounting the partition were you store the queue with the noatime flag is also helpful. Hope this was helpful. And please remember what this mailist is about ;) Rob - thanks. Anyone care to comment on the 3ware SATA RAID cards? At 03:29 PM 9/6/2007, you wrote: Over time I've used a few different scenarios and found all of them to work just fine. We've used the Dell CERC RAID controllers (Adaptec), and the regular branded Adaptec RAID controllers. I normally create a giant RAID 5 array out of all of my disks then just create a /boot, /, and swap partition. I do make sure I have the swap partition set to at least 2048M because files that are in and out of the tmp directory or queue directories seem to work better if you have a bigger swap. If you're wondering why I didn't manually create each individual partition, it's because of future space requirements. I might sacrifice a tiny bit of performance by breaking up the root directories into partitions, but I would rather do that than run out of disk space on one partition and have to blow away my installation completely just to resize one partition. If you're just looking for the reliability of RAID and not necessarily the performance increase of it, I'd make sure you stick to a hardware RAID 1 setup. If you have a little extra cash and room in your server, it's always better to have a RAID 5 over a RAID 1 and get some SATAII drives. I've ran into several circumstances where a RAID 1 array has failed and I still get corrupt data. I've never ran into that with a RAID 5 setup. For performance and reliability, I'd go either with the Adaptec 2251800-R or the Adaptec 2220300-R cards. The storage manager is extremely easy to work with and it even does alerting if you have it setup correctly. Ryan -Original Message- From: Jeff Koch [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 2:32 PM To: toaster@shupp.org Subject: RE: [toaster] toaster RAID setup Hi Ryan: How do you have the file systems setup on the SATA RAID machine. Do you have the entire toaster on the RAID 5 array? (i.e. the qmail queue as well as the /home/vpopmail/domain directories). Which SATA RAID card are you using and do you have write caching enabled. In our case we're not really looking for a speed increase - mainly just reliability - so we though RAID 1 mirroring would help. At 01:26 PM 9/6/2007, you wrote: I've run a SATA setup in one location for about 3 years now and a SAS setup for about a year now. We've run RAID 5 on both setups and the servers have over 1000 domains each. I've never seen any performance hits on the systems at all. It seems like the only thing that helps performance of either of the systems were the type of CPU's I had. The newer machine with 2 x dual core XEON CPU's seems to process anything you throw at it with no issues at all. The entire toaster install only took 15 minutes on that machine. Ryan -Original Message- From: Jeff Koch [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 11:49 AM To: toaster@shupp.org Subject: [toaster] toaster RAID setup Has anyone successfully setup Bill's toaster with SATA RAID? A year or two ago we setup a toaster with a two drive 3ware IDE RAID mirroring setup and the performance was awful. Maybe it was because we didn't have write caching enabled on the RAID controller or should have tweaked the kernel settings. I looked at Bill's proposed setup for an ISP but we're just trying to do this for a single server setup. The only solution we've been able to come up with in the past is to have a single small drive for booting, /var/qmail and /var/logs
Re: [toaster] SpamAssassin not learning enough ham
I use a plugin for squirrelmail that ads spam buttons. I also found a patch that modifies the behavior of that plugin to make it send the messages over to spamc to learn. In this way i managed to develop a very effective spam bayes database. I do not have much confidence in the auto-learn function because, in the past, it used to make big mistakes and it messed up the bayes database. The problem with training SA manually is to have a easy way to do that and i think this is better then letting SA decide what's spam and what not without letting the user train it. My 2 cents over this matter :) I'd like to ask this list before I jump into the regular SA list, but has anyone else had the experience where the server learns way more spam than ham? For example, yesterday my server learned 6533 spam but only 111 ham. As a result, I'm getting a lot of ham with a BAYES_99 score. I've been manually training SA with those messages, but it's not a long-term solution. I recently upgraded from 3.0.x to 3.2.2, and I'm in the process of upgrading to 3.2.3. Has anyone run into this before? Any good solutions? Right now, I'm considering raising bayes_auto_learn_threshold_nonspam from 0.1 to 1.0 (or even 1.5 or 2.0) so it starts learning more spam. I may need to continue with my manual training for awhile though -- I came across an old bug report and it appears that SA won't learn something as ham if it triggered BAYES_99. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [toaster] Control Files
You don't do it like this First post what you did to find the cause of your problem. What recent events happened (if any) before the server stopped sending mails ? What's the error message you receive ? That error code isn't enough, at least for me it's not. Check readproctitle and see what messages you get there. You can check the readproctitle process with the 'ps aux' command. Check the logs and post the part with the delivery here. Check to see what e-mail does not get sent: from a remote client or directly from the server ? (try from webmail) Hi List, I found error 4.3.0 as the cause why my qmail can not send. What I want to know is which files is read during the smtp phase? Regards Willy -- Ketik REG JP ke 5454 (Telkomsel) en lo pade bisa menangin nonton Fall Out Boy di Jepang GRATIS (TIKET n AKOMODASI n VISA). Buruan cuma 1 bulan periodenya!! FYI ketik REG RAMAL ke 888 (Esia) bisa bikin kamu lebih mengerti hidup ini, gak percaya? Mo jalan-jalan ke ROMA n GRATIS (TIKET n AKOMODASI n VISA) pula? Hari genee?? Cukup ketik REG ROMA kirim ke 9899 (INDOSAT) ACHTUNG!!! jangan ngaku anak rock kalo gak kenal ROLLING STONES, n jgn lewatin konser gilanya di Jerman. Mo nonton? Gak punya duit beli tiket, akomodasi n visa? Ketik REG JER n lo kirim dah ke 9899 (XL)
Re: [toaster] Regarding problem in Spamassasin installation
Check the logs of the build... I also had problems installing spamassassin from CPAN. Try downloading the tar.gz from the spamassassin website. You only need to issue the following commands: perl Makefile.pl make make install If it has any dependencies it will notify you before you give the 'make install' command. Hi All, This is my first time installation of spamassasin. It started fairly and it was going smoothly with out an errors. But at the end i got some errors. Any clues where I am mistaken? or do i need to install any packages before I proceed to instal spamassasin. t/whitelist_to..ok t/zz_cleanupok Failed TestStat Wstat Total Fail List of Failed --- t/spamc_optC.t94 2 4 6 8 t/spamc_optL.t 16 16 1-16 t/spamd_allow_user_rules.t51 4 t/spamd_plugin.t 63 2 4 6 23 tests skipped. Failed 4/129 test scripts. 24/1924 subtests failed. Files=129, Tests=1924, 1013 wallclock secs (159.48 cusr + 13.97 csys = 173.45 CP U) Failed 4/129 test programs. 24/1924 subtests failed. make: *** [test_dynamic] Error 255 /usr/bin/make test -- NOT OK Running make install make test had returned bad status, won't install without force cpan install Mail::SpamAssassin cpan cpan Thanks and Advance, Kris. -- This mail sent through Toaster-Horde (http://qmailtoaster.clikka.com/)
RE: [toaster] Quota Questions
I'm noticing that, as my quota I set doesn't do anything :) Qmailadmin says theres a 1GB quota though. I guess that vsetuserquota is for show. -Jim -Original Message- From: Rick Macdougall [mailto:[EMAIL PROTECTED] Sent: Friday, June 15, 2007 11:04 AM To: toaster@shupp.org Subject: Re: [toaster] Quota Questions James Gorz wrote: We are setting up quotas on our qmail toaster installation. I had a few concerns I hope can be answered. First off, if we set a per domain quota, can the domain's quota be overwritten with qmailadmin's web interface? I believe that the postmaster account would only be able to set quotas on each mailbox within the domain. Has anyone ran into issues with this? Secondly, I just wanted some feedback as to what a reasonable quota would be for each domain. We're currently thinking about 1GB per domain. Most domains we have are well under that, but there are a few wild domains that are over the 1GB mark. Any feedback would be appreciated. Thanks. -Jim There are no domain quota's in vpopmail. There was, but it was broken and it was removed. Trying to implement it correctly is a touch thing to do since it could mean reading thousands of users to update the total. You could use system quota's and run qmail-smtpd as root though. Regards, Rick Per domain quota is not available at this moment although i've seen at an isp a modified version of qmailadmin that didn't allowed you to change quotas. Antonio Nati made a patch to qmailadmin 1.2.9 that allows you to control this. He helped me out too with this... you can see the original thread along with the link to the patch here http://www.mail-archive.com/toaster@shupp.org/msg04258.html
[toaster] Problem sending consecutive messages
Hello ! I've been trying to send two consecutive mails from a webserver using sendmail to my qmail toaster. The problem is that the qmail toaster accepts the first mail but the second is rejected with service unavailable. In the logs i could not find any information regarding the problem it's having with the second message except the service unavailable error. This is very frustating since i wrote the php script that sends the mail and is the same function that sends the first mail only the second mail that must receive a report with what e-mail has been sent from that form receives this error from my qmail toaster. From what i could think off it's a spam abuse protection mechanism and i think this can be controlled trough a qmail control file, am i right ? Thanks in advance for your help !
RE: [toaster] Need advice/instructions for toaster update
Rick wrote: ... It's that easy IF you remember that upgrading vpopmail requires upgrading/recompiling things that use vpopmail.so courier and qmail with the chkuser patch come to mind). Also, always read the UPGRADE document for the program you are upgrading. ... Always read the UPGRADE document if it exists. ... Correct. I guess someone with a wack of free time could write an UPGRADE document for the toaster but most of us already do read it for the individual packages we are upgrading. Regards, Rick Rick, thanks a lot for your answer. I'm fully aware that I should ALWAYS read the update instructions of every single package and that not doing so is MY fault. Also I knew that this would be the first answer to my request :-) I guess I could come up with excuses like I've got to read tons of manuals and docs every day and most of the stuff is either of no interest or doesn't come to the point or I don't understand a single word or As for ClamAV: the update instructions are clearly arranged, explizit but short and easy to understand. So, even my usual excuses wouldn't fit here :-) Bill's qmail toaster IS a great piece of work, no doubt about that, and i really thank Bill and all contributers for their work. When our old qmail system (installed by a guy who left the company) crashed because of a total HD failure, I was able to setup a fresh and far better (!) system with Bill's toaster within 2-3 hours. I just wish that upgrading would be that easy as well, or at least explained in more detail. Not as a substitution for reading the before mentioned upgrade instructions of the packages (see, I've learned my lesson). Besides, reading the ChangeLog of the toaster is one thing, understanding the - maybe implicit - connections between addition/changes of patches and other packages is another. Regards, Guenter Well, because it's so easy to setup why don't you do it from te beginning with the new toaster ?
Re: Re[4]: [toaster] Transfer mail accounts from one server to another
For centos i'm a good advocate since i'm using it for some time and i hadn't had any major problems with anything. Bill's Toaster works fine on all of the machines i'm taking care of and i use centos 4.4 on all of them. It doesn't matter if you change to a mysql setup... if you need to migrate the server you will have the same issue with the logins. If it's not a busy server (meaning logins per second) you don't need to change the cdb setup to mysql and make things more complicated. I advise you to try to workout the problem since you will stumble on it some other time. I needed to migrate a server and i had 40 domains on it, starting from scratch was not an option :) Try using the vqadmin script to add a new dummy domain. I will try to start all over once again I am installing this on CentOS 4.4 2.6.9-42.0.10.ELsmp. Is it a good distribution to use in the long run? OR Is ubuntu a good choice for toaster ? Thanks all for all the help offered so far. I will get back to you all after the installation. Is Vpopmail with MySql a better choice than cdb ? Again thank you very much. --- [EMAIL PROTECTED] wrote: On Mon, 30 Apr 2007, Neil wrote: As requested, [EMAIL PROTECTED] ~]# grep vpopmail /etc/passwd vpopmail:x:89:89::/home/vpopmail:/bin/bash . [EMAIL PROTECTED] ~]# ls -al ~vpopmail/domains total 24 drwx-- 3 vpopmail vchkpw 4096 Apr 30 11:41 . drwx-- 8 vpopmail vchkpw 4096 Apr 24 08:53 .. -rw--- 1 vpopmail vchkpw34 Apr 28 15:57 .dir-control drwx-- 81 vpopmail vchkpw 12288 Apr 26 10:55 kn.ae more /var/qmail/users/assign +kn.ae-:kn.ae:89:89:/home/vpopmail/domains/kn.ae:-:: . Hello, What about cdb files? Did you re-generate it in the destination server? ls -l /home/vpopmail/domains/kn.ae/vpopmail* ?? ls -l /var/qmail/users/ ?? regards, __Abel. That's why i advised on creating a dummy domain to recreate the .cdb files. It worked for me but i have a mysql setup don't know if it behaves the same way. 'qmailctl cdb' was no good. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [toaster] Transfer mail accounts from one server to another
Dear All, I need to transfer all my users around 500+ users from an old server using cdb to another server using the same toaster setup. I went thro the mailing list and tried all the steps viz; 1. did tar -cpf on old server. 2. extracted the tar archive to target server. 3. copied the /var/qmail/control ..rctphosts, virtual domains, etc + assign files to the new server 4. when I try to check the accounts using qmailadmin I cannot log in. Same case with squirrelmail. 5. Please tell me where/what I am doing wrong. I checked all the uid, gid and they are the same on both the servers 6. It is really cumbersome to create all the accounts in the new server. 7. Will a mysql setup be more efficient for transferring users in the future? Besides it also provides cluster support. Awaiting eagerly for your replies. Regards, Mark __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com After a similar server migration i had the same problem... I noticed that the rcpthosts.cdb file was not rebuilt. I managed to solve this by creating a new, fake, virtualdomain like test.com or something and after that all the logins were working ok. Well, in my case, i changed the paths to the domains directory, that's how i noticed that the .cdb files are not rebuilt.
Re: [toaster] Transfer mail accounts from one server to another
Thanks for the reply. I tried to create a dummy domain but still same problem persists. any other pointers ? Thanks, N --- [EMAIL PROTECTED] wrote: Dear All, I need to transfer all my users around 500+ users from an old server using cdb to another server using the same toaster setup. I went thro the mailing list and tried all the steps viz; 1. did tar -cpf on old server. 2. extracted the tar archive to target server. 3. copied the /var/qmail/control ..rctphosts, virtual domains, etc + assign files to the new server 4. when I try to check the accounts using qmailadmin I cannot log in. Same case with squirrelmail. 5. Please tell me where/what I am doing wrong. I checked all the uid, gid and they are the same on both the servers 6. It is really cumbersome to create all the accounts in the new server. 7. Will a mysql setup be more efficient for transferring users in the future? Besides it also provides cluster support. Awaiting eagerly for your replies. Regards, Mark __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com After a similar server migration i had the same problem... I noticed that the rcpthosts.cdb file was not rebuilt. I managed to solve this by creating a new, fake, virtualdomain like test.com or something and after that all the logins were working ok. Well, in my case, i changed the paths to the domains directory, that's how i noticed that the .cdb files are not rebuilt. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com As usual you should check the logs and see what errors come up when you try to login. I can't come up with something else.
Re: [toaster] probl when installing
List When installing authlib 0.59.1 at the point where iit compiles authvchkpw.c, I got the following. Compiling authvchkpw.c authvchkpw.c: In function 'auth_vchkpw': authvchkpw.c:86: warning: implicit declaration of function 'auth_vchkpw_login' authvchkpw.c: At top level: authvchkpw.c:103: error: static declaration of 'auth_vchkpw_login' follows non-static declaration authvchkpw.c:86: error: previous implicit declaration of 'auth_vchkpw_login' was here authvchkpw.c: In function 'auth_vchkpw_changepass': authvchkpw.c:184: warning: passing argument 1 of 'parse_email' discards qualifiers from pointer target type make[2]: *** [authvchkpw.lo] Error 1 make[2]: Leaving directory `/var/src/courier-authlib-0.59.1' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/src/courier-authlib-0.59.1' make: *** [all] Error 2 Actually I dont know hoow to fix such implicit declaration. Thanks for the help Helio Nunes I've hit the same issue, do not apply the cram auth patch and all should be fine. You can rebuild courier-authlib again when Bill fixes this.
Re: [toaster] updated toaster patch
Bill Shupp wrote: I'll test signing later when I have some time to set it up. Signing works just fine as well: DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=merchbox.com; b=qx+1bc1baPy6zBt2CYUIXMpTpoN3307dqQIzJ/8F++3h5hf+xpj92dGGqchxq79S6w733qBSTRN1qv0OGNMtphJ3XGmmy3tKxiUNLc7JntDei26sT13xQxCgQNNZIp2A ; In my outbound qmail-smtpd run file, I have this: export QMAILQUEUE=/var/qmail/bin/qmail-dk export DKQUEUE=/var/qmail/bin/simscan export DKSIGN=/var/qmail/control/domainkeys/%/default Regards, Bill Well, it seems that i got it working at last :) So, the patch works ok on a fedora core 5 system with all the toaster options (tmda also). If you need to perform some tests i can provide you with a shell to the test machine i installed the toaster on.
[toaster] Quota problem
I know this is not toaster related but i think there are people here that may be of help. I have a huge problem. I'm responsible for mail service of 35-40 clients each of them with a virtual domain. I searched the qmailadmin mailing list in hopes of an answer but i couldn't find any. The problem is, i cannot offer access to the qmailadmin interface to my clients because, by default, qmailadmin does not offer quota limits management per domain. What i need to do is set a quota for the entire domain and after that the client can manage his mail accounts how he pleases. So, if a client has access to qmailadmin he can create a mailbox of say 5gb although the hosting contract was signed for 2Gb. At the moment i use a system quota method but i realized that this is not the correct way to do it although vpopmail allows it, other programs like maildrop and spamassassin have problems with the permissions mangling necessary to do system quota. On the qmailadmin list i've read some threads about different patches regarding the same problem i have but all the referrences pointed to unavailable locations and outdated resources. I also found out about the Antonio Nati's approach, the domain pool, but his links were also outdated.
Re: [toaster] Quota problem
At 14.18 26/03/2007, you wrote: I know this is not toaster related but i think there are people here that may be of help. I have a huge problem. I'm responsible for mail service of 35-40 clients each of them with a virtual domain. I searched the qmailadmin mailing list in hopes of an answer but i couldn't find any. The problem is, i cannot offer access to the qmailadmin interface to my clients because, by default, qmailadmin does not offer quota limits management per domain. What i need to do is set a quota for the entire domain and after that the client can manage his mail accounts how he pleases. So, if a client has access to qmailadmin he can create a mailbox of say 5gb although the hosting contract was signed for 2Gb. At the moment i use a system quota method but i realized that this is not the correct way to do it although vpopmail allows it, other programs like maildrop and spamassassin have problems with the permissions mangling necessary to do system quota. On the qmailadmin list i've read some threads about different patches regarding the same problem i have but all the referrences pointed to unavailable locations and outdated resources. I also found out about the Antonio Nati's approach, the domain pool, but his links were also outdated. I have a more recent version of the pooled quota patch, actually working on my systems. Pooled quota works this way, basically. If enabled for the domain, you give a quota to postmaster, and each mailbox quota is subtracted from postmaster quota when you create a new email. All changes of quota are added/subtracted to postmaster's quota. If you want I may send it to you, and if someone find it interesting, I cand send again to qmailadmin team (the last time pooled quota was rejected because they preferred to include the fallimentary domain quota patch). Ciao, Tonino I saw your description on the qmailadmin list and i thought that was exactly what i was looking for and i was disapointed that the link you posted was not available. I will be gratefull if you can send me the patch to try it out and see if it matches my need although i think it will. Thanks for the help !
Re: [toaster] updated toaster patch
is there possible to have also remote smtp auth patch in you Toaster? On Thu, 2007-03-22 at 12:36 -0700, Bill Shupp wrote: All, I've got a new toaster patch that I could use help testing: http://shupp.org/patches/qmail-toaster-0.9.0rc2.patch.bz2 Below are the patches included. Please help test if you can. I have it running on my personal system at the moment. NOTE: This version supports DomainKeys, and requires libdomainkeys, which you can get here: http://sourceforge.net/projects/domainkeys/ Once installed, see the qmail-dk man page for info on how to use it. Regards, Bill smtp-auth patch v. 0.5.8 by Erwin Hoffmann http://www.fehcom.de/qmail/smtpauth.html TLS patch by Frederik Vermeulen [EMAIL PROTECTED]. Here's the original patch with documentation at the top: http://inoa.net/qmail-tls/netqmail-1.05-tls-20060104.patch oversize dns patch by Christopher K. Davis. http://www.ckdhr.com/ckd/qmail-103.patch qregex 20060423 originally by by Andrew St. Jean. http://www.arda.homeunix.net/store/qmail/ adds pattern matching in the badhelo, badmailfrom, badmailfromnorelay, badmailto, and badmailtonorelay control files. Pattern matching is case insensitive and logs are generated when a match is found. reread concurrency version 2 by Jul http://js.hu/package/qmail/index.html Reread concurrencylocal and concurrencyremote when qmail-send is given the HUP signal. Big Concurrency patch by Johannes Erdfelt http://qmail.org/big-concurrency.patch netqmail-maildir++.patch by me. Here's the link to the original patch: http://shupp.org/patches/netqmail-maildir++.patch This adds maildirquota support to qmail-pop3d and qmail-local. chkuser 2.0.9 by Antonio Nati http://www.interazioni.it/opensource/chkuser/ NOTE: This requires vpopmail to already be compiled. You may need to edit the Makefile for paths, etc. Dale Woolridge, James Law, and Moto Kawasaki's Spam Throttle 2.02 http://spamthrottle.qmail.ca/ SPF rc5 by [EMAIL PROTECTED] http://www.saout.de/misc/spf/ qmail-queue-custom-error.patch by ? https://no-way.org/software?search=0 SURBL Support for qmail-smtpd by Pieter Droogendijk original qmail patch: http://www.surbl.org/qmail/011_surbl Documentation: http://www.surbl.org/qmail/surbl.txt DomainKeys patch by Russell Nelson http://qmail.org/qmail-1.03-dk-0.54.patch Requires libdomainkeys-0.68 to be compiled, and located in ../../libdomainkeys-0.68 to work as is. I'm in process of testing the new patch... First problem: libdomainkeys does not compile on fedora core5 (test os) i modified makefile accordingly to openssl include files location but still refuses to make the damn libs. As a workaround there is a rpm package available (at pbone.net) which installs without problems. I'll keep you posted of other issues i encounter.
[toaster] problem with IMAP_MOVE_EXPUNGE_TO_TRASH and SSL
Hello there I am using courier IMAP and IMAP-SSL and I was wandering why IMAP_MOVE_EXPUNGE_TO_TRASH=1 doesn't work when I connect via SSL. when I delete a email on my inbox, it simple zaps the emails when it should move it to the trash. when I connect to the regular imapd, it works as expected... do I need to set it again on the imapd-ssl config file ? thanks in advance Daniel
Re: [toaster] problem with IMAP_MOVE_EXPUNGE_TO_TRASH and SSL
ok thanks for the quick response ! Daniel Bill Shupp wrote: Daniel wrote: Hello there I am using courier IMAP and IMAP-SSL and I was wandering why IMAP_MOVE_EXPUNGE_TO_TRASH=1 doesn't work when I connect via SSL. when I delete a email on my inbox, it simple zaps the emails when it should move it to the trash. when I connect to the regular imapd, it works as expected... do I need to set it again on the imapd-ssl config file ? That's what I would try next. But imapd-ssl inherits settings from imapd, so I doubt that would fix it. If that fails, you might try the courier-users list. I've never dealt with that issue. Bill
[toaster] Simscan ripmime error
Hello list ! Well after figuring out that qmailctl cdb does not recompile tcp.smtp.cdb and it does not activate simscan :) I'm stuck in another step on using the new simscan 1.3.1... I have activated debug logging and the issue is that simscan stops at ripmime with the cryptic message : ripmime error; I've checked the simscan sources and it uses --disable-bounce just like in Bill's patch everything seems to be ok but this. And oh, the mesage does not arrive in my inbox at all.
Re: [toaster] problem with IMAP_MOVE_EXPUNGE_TO_TRASH and SSL
Just to keep it documented : the problem was that I was using supervise (daemontools) to startup and manage courier imap. and the scripts that I was using weren't reading both imapd and imapd-ssl config files for the imapd-ssl app... but I corrected that and all is fine now.
[toaster] Simscan 1.3.1 and ClamAV 0.90.1
Hello list ! I'm trying to install the toaster with the latest available packages and i'm stuck at installing simscan. The problem seems to be that simscam requires the path to the clamav databases in order to configure the program before making it. The path found is in /usr/local/share/clamav but the file daily.cvd no longer bares that name !!! Instead freshclam created a directory called daily.inc. Does anybody had the same problem ? Maybe i've done something wrong and i don't realise it. Please advise. Thanks !
Re: [toaster] Spam scanning and tmda-cgi not working
[EMAIL PROTECTED] wrote: I forgot about tmda-cgi... I can't login to the damn applet ! Anything i use it just says wrong password. If i view the source i see the following message: Having difficulties logging in? Here's some details of why you couldn't: Username [EMAIL PROTECTED] not found in system. str='dir' I guess it's the same problem as with simscan and spamassassin. Is it possible that i posted a trivial question ? If it's so please warn me and maybe give some reading tips at least. I still can't get it to work and this spam business starts to annoy me. If you are using unique users for domains (to have system based domain quotas) I believe you'll need to run vpopmail related services as user root instead of vpopmail. This would include anything that touches the files, pop, imap, smtp auth, etc. Regards, Bill I'm running as root the pop3, pop3-ssl, smtp and imap servers... The mail delivery works without problems. Spam/virus scanning i decided to implement when several clients including myself have become very annoyed by it. But now i can't manage to setup mail scanning because the damn logs do not output anything. I tried today with maildrop and .qmail files and busted my head for nothing. Maildrop complains in the qmail's logs that it cannot open the mailfilter file and all emails that i should receive remain in the queue. I'll try this week-end again and try to log all my progress so i can repeat the process. The big problem is that not many people have tried this sort of setup and i can't find resources on the net to try to debug the thing. Maybe we can include this in the toaster if i succeed ?
Re: [toaster] Spam scanning and tmda-cgi not working
Hello list ! First of all thank you Bill and others who contributed to making this toaster the most complete and working toaster on the net. I know the toaster does not offer the setup i made and maybe it will be included in a future toaster update. What i have, i used the toaster instructions but i needed per domain quotas since my manager wanted to offer the possibility, for the clients, to administer by themselves the mail accounts and mailbox sizes through qmailadmin. I found out about the mysterious vadddomain -u parameter that allows you to assign a system user with a vpopmail virtual domain. This allows you to have a way to control the quota for the entire domain not just a mailbox using the system quota for the assigned user. That way i was able to accomplish the required task. Now for the problem. This kind of setup implies some permissions juggling to get it working since many programs that handle the e-mail need to access files that are owned by some respective user. Okay the problem is that spamassassin is not working because e-mail does not get tagged, i presume clamav also does not work. Both services are starting but logs are not created and i can't see what's wrong. In /var/qmail/simscan i can't see any temporary files created. Maybe it's a simscan permissions issue i can't pinpoint where exactly is the problem or what files i need to modify in order to get it working. Maybe someone can help me with some instructions about how to debug this ? I forgot about tmda-cgi... I can't login to the damn applet ! Anything i use it just says wrong password. If i view the source i see the following message: Having difficulties logging in? Here's some details of why you couldn't: Username [EMAIL PROTECTED] not found in system. str='dir' I guess it's the same problem as with simscan and spamassassin. Is it possible that i posted a trivial question ? If it's so please warn me and maybe give some reading tips at least. I still can't get it to work and this spam business starts to annoy me.
[toaster] Spam scanning and tmda-cgi not working
Hello list ! First of all thank you Bill and others who contributed to making this toaster the most complete and working toaster on the net. I know the toaster does not offer the setup i made and maybe it will be included in a future toaster update. What i have, i used the toaster instructions but i needed per domain quotas since my manager wanted to offer the possibility, for the clients, to administer by themselves the mail accounts and mailbox sizes through qmailadmin. I found out about the mysterious vadddomain -u parameter that allows you to assign a system user with a vpopmail virtual domain. This allows you to have a way to control the quota for the entire domain not just a mailbox using the system quota for the assigned user. That way i was able to accomplish the required task. Now for the problem. This kind of setup implies some permissions juggling to get it working since many programs that handle the e-mail need to access files that are owned by some respective user. Okay the problem is that spamassassin is not working because e-mail does not get tagged, i presume clamav also does not work. Both services are starting but logs are not created and i can't see what's wrong. In /var/qmail/simscan i can't see any temporary files created. Maybe it's a simscan permissions issue i can't pinpoint where exactly is the problem or what files i need to modify in order to get it working. Maybe someone can help me with some instructions about how to debug this ?
Re: [toaster] Problem w/ authdaemon
I installed Bill Shupp's toaster, things work great. Problem is. You login to Squirrelmail, it works fine for a while. If you click around eventually you'll logout and cannot login again. You then see that authdaemon is unable to login to MySQL anymore and shows authdaemond: vmysql: sql error[3]: MySQL server has gone away I am using vpopmail though with MySQL (which works perfectly fine by itself, this problem seems isolated to courier-authdaemon) Thoughts? What more data can I provide to help explain this better? I have the same issue and some people say it's vpopmails fault others courier-authlibs or improperly configured mysql... try to see if your mysql isn't maxed out with connections (default max connections is 100) if you restart the courier-authlib daemon it will work again... as a temporary workaround you can set a cronjob to restart the courier-authlib daemon at specific time intervals, i've set mine to do it hourly ;) - This email was sent using SquirrelMail. Webmail for nuts! http://squirrelmail.org/
Re: [toaster] Authentication problem
Take a look at mysql vars 'interactive_timeout' and 'wait_timeout'. May be setting these to for example approx. 24h will fix your problem (time window longer then your longest qmail period of nothing to do). It's probably not the number of connections. -- Peter Walther [EMAIL PROTECTED] wrote: At 11.53 01/05/2006, you wrote: Hello ! I have a problem and it seems that some people have it also but no one has an answer for it. I've searched thru courierusers mailinglist and thru vpopmail mailing list but i can't find a solution to this matter... Here it goes.. I have a fedora core 5 os and vpopmail 5.4.13 with the cumulative patch made by Bill Shupp, all works ok but the imap authentication service... it seems like when the server is not used or it is used rarely (nightime) it has the habit of refusing authentications of valid users because the mysql server has gone away message ! courier-auth daemon opens mySQL connections only when it starts up. It does not try to reconnect if the previous connection is closed (max connections reached or the server has been stopped/restarted). So, in a normal working environment, if you stop and restart mysql, courier authlib uses the broken connection, without trying to reconnect. It looks like we should develop a mysql watcher, that takes care to monitor mysql and restart it and all products like courier-auth. Tonino The weird thing is, after i made some reading, it does not happen in the 8 hour interval wich is the timeout for mysql it happens randomly and when it does i discovered that restarting the courier-authlib daemon temporarely fixes the problem until next time... So, i made an hourly cronjob that restarts the courier-authlib as a quickdirty fix until i find where's the real problem but it seems that this does not work as well in the morning i still find that imap refuses authentication... Can some one help me with this, i'm not a complete noob but this is really over my head and i would really appreciate some help or some indications of what to read in order to understand what's going on. This what the logs say for today, sorry for the large message Max connections in mysql is set to 250 via my.cnf LOGS TRUNCATED DUE TO MESSAGE SIZE PLEASE SEE FIRST POST [EMAIL PROTECTED] log]# I think it's a simple mistake made by me since i don't find many people having this issue :( - This email was sent using SquirrelMail. Webmail for nuts! http://squirrelmail.org/ I figured that myself from what others have said about this issue but it acts weird since in my case i think it's not the mysql server being over flooded with connections at 2 pm although my logs are from 12 am :) In the end i managed to get the cronjob working (was not working because of a bad syntax) and is restarting the courier-authlib daemon hourly, let's see if that fixes the bloody thing :) - This email was sent using SquirrelMail. Webmail for nuts! http://squirrelmail.org/ on my other server those timeouts are identical to this server but this doesn't happen ! the hourly cronjob restarting the courier-authlib daemon is doing a great job at the moment... no more failed logins says the log :) - This email was sent using SquirrelMail. Webmail for nuts! http://squirrelmail.org/
[toaster] Authentication problem
Hello ! I have a problem and it seems that some people have it also but no one has an answer for it. I've searched thru courierusers mailinglist and thru vpopmail mailing list but i can't find a solution to this matter... Here it goes.. I have a fedora core 5 os and vpopmail 5.4.13 with the cumulative patch made by Bill Shupp, all works ok but the imap authentication service... it seems like when the server is not used or it is used rarely (nightime) it has the habit of refusing authentications of valid users because the mysql server has gone away message ! The weird thing is, after i made some reading, it does not happen in the 8 hour interval wich is the timeout for mysql it happens randomly and when it does i discovered that restarting the courier-authlib daemon temporarely fixes the problem until next time... So, i made an hourly cronjob that restarts the courier-authlib as a quickdirty fix until i find where's the real problem but it seems that this does not work as well in the morning i still find that imap refuses authentication... Can some one help me with this, i'm not a complete noob but this is really over my head and i would really appreciate some help or some indications of what to read in order to understand what's going on. This what the logs say for today, sorry for the large message Max connections in mysql is set to 250 via my.cnf [EMAIL PROTECTED] log]# cat maillog | grep Apr 28 12 Apr 28 12:04:20 ns1 imapd: Connection, ip=[:::127.0.0.1] Apr 28 12:04:20 ns1 authdaemond: received auth request, service=imap, authtype=login Apr 28 12:04:20 ns1 authdaemond: authvchkpw: trying this module Apr 28 12:04:20 ns1 authdaemond: authvchkpw: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:04:20 ns1 authdaemond: password matches successfully Apr 28 12:04:20 ns1 authdaemond: Authenticated: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:04:20 ns1 imapd: LOGIN, [EMAIL PROTECTED], ip=[:::127.0.0.1], protocol=IMAP Apr 28 12:04:20 ns1 imapd: LOGOUT, [EMAIL PROTECTED], ip=[:::127.0.0.1], headers=0, body=0, time=0 Apr 28 12:13:36 ns1 imapd: Connection, ip=[:::127.0.0.1] Apr 28 12:13:36 ns1 authdaemond: received auth request, service=imap, authtype=login Apr 28 12:13:36 ns1 authdaemond: authvchkpw: trying this module Apr 28 12:13:36 ns1 authdaemond: authvchkpw: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:13:36 ns1 authdaemond: password matches successfully Apr 28 12:13:36 ns1 authdaemond: Authenticated: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:13:36 ns1 imapd: LOGIN, [EMAIL PROTECTED], ip=[:::127.0.0.1], protocol=IMAP Apr 28 12:13:36 ns1 imapd: LOGOUT, [EMAIL PROTECTED], ip=[:::127.0.0.1], headers=0, body=0, time=0 Apr 28 12:13:36 ns1 imapd: Connection, ip=[:::127.0.0.1] Apr 28 12:13:36 ns1 authdaemond: received auth request, service=imap, authtype=login Apr 28 12:13:36 ns1 authdaemond: authvchkpw: trying this module Apr 28 12:13:36 ns1 authdaemond: authvchkpw: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:13:36 ns1 authdaemond: password matches successfully Apr 28 12:13:36 ns1 authdaemond: Authenticated: sysusername=null, sysuserid=514, sysgroupid=506, homedir=/home/vpopmail/domains/clients_domain.com/hotel, [EMAIL PROTECTED], fullname=hotel, maildir=null, quota=null, options=disablewebmail=0,disablepop3=0,disableimap=0 Apr 28 12:13:36 ns1 imapd: LOGIN, [EMAIL PROTECTED], ip=[:::127.0.0.1], protocol=IMAP Apr 28 12:13:37 ns1 imapd: LOGOUT, [EMAIL PROTECTED], ip=[:::127.0.0.1], headers=10506, body=0, time=1 Apr 28 12:14:52 ns1 imapd: Connection, ip=[:::127.0.0.1] Apr 28 12:14:52 ns1 authdaemond: received auth request, service=imap, authtype=login Apr 28 12:14:52 ns1 imapd: LOGIN FAILED, [EMAIL PROTECTED], ip=[:::127.0.0.1] Apr 28 12:14:52 ns1 authdaemond: authvchkpw: trying this module Apr 28 12:14:52 ns1 authdaemond: vmysql: sql error[3]: MySQL server has gone away Apr 28 12:14:52 ns1 authdaemond: vchkpw: user does not exist Apr 28 12:14:52 ns1 authdaemond: authvchkpw: REJECT - try next module Apr 28 12:14:52 ns1 authdaemond: FAIL, all modules
Re: [toaster] Authentication problem
At 11.53 01/05/2006, you wrote: Hello ! I have a problem and it seems that some people have it also but no one has an answer for it. I've searched thru courierusers mailinglist and thru vpopmail mailing list but i can't find a solution to this matter... Here it goes.. I have a fedora core 5 os and vpopmail 5.4.13 with the cumulative patch made by Bill Shupp, all works ok but the imap authentication service... it seems like when the server is not used or it is used rarely (nightime) it has the habit of refusing authentications of valid users because the mysql server has gone away message ! courier-auth daemon opens mySQL connections only when it starts up. It does not try to reconnect if the previous connection is closed (max connections reached or the server has been stopped/restarted). So, in a normal working environment, if you stop and restart mysql, courier authlib uses the broken connection, without trying to reconnect. It looks like we should develop a mysql watcher, that takes care to monitor mysql and restart it and all products like courier-auth. Tonino The weird thing is, after i made some reading, it does not happen in the 8 hour interval wich is the timeout for mysql it happens randomly and when it does i discovered that restarting the courier-authlib daemon temporarely fixes the problem until next time... So, i made an hourly cronjob that restarts the courier-authlib as a quickdirty fix until i find where's the real problem but it seems that this does not work as well in the morning i still find that imap refuses authentication... Can some one help me with this, i'm not a complete noob but this is really over my head and i would really appreciate some help or some indications of what to read in order to understand what's going on. This what the logs say for today, sorry for the large message Max connections in mysql is set to 250 via my.cnf LOGS TRUNCATED DUE TO MESSAGE SIZE PLEASE SEE FIRST POST [EMAIL PROTECTED] log]# I think it's a simple mistake made by me since i don't find many people having this issue :( - This email was sent using SquirrelMail. Webmail for nuts! http://squirrelmail.org/ I figured that myself from what others have said about this issue but it acts weird since in my case i think it's not the mysql server being over flooded with connections at 2 pm although my logs are from 12 am :) In the end i managed to get the cronjob working (was not working because of a bad syntax) and is restarting the courier-authlib daemon hourly, let's see if that fixes the bloody thing :) - This email was sent using SquirrelMail. Webmail for nuts! http://squirrelmail.org/
[toaster] Problem with forward an .qmail file
Hi all, I´m having a lot of problems when I create a .qmail or .qmail-[e-mail] file to forward all the messages sent to a email account. When I send a message to this account, local queue shows a message but this isn’t processed. After that there are a qmail-local process and two vdelivermail processes running. If I send a new message to this account always occur the same and then the email server can’t process any message. Does anyone know how can I resolve it? Thanks! Regards, Daniel.
[toaster] Spam - the unending battle.
Ok, I know this subject has been covered many a time, but what Im really after is a solution thatll kill the mail at the server, and works with the toaster. I have about 10 mail servers running toaster configurations, and Id love a solution that kills e-mail at a certain point before it arrived in mailboxes. I dont want it tagged, I want it killed. (Maybe with logging ). Thats killed, destroyed, maimed murdered, you name it I want it multilated and gone!!! Do you think I hate spam?? Anyways, any ideas of a good solution for killing spam would be most welcome, and one that works with the pop toaster. Cheers, Daniel
