Re: [toaster] chkuser
Can you understand where messages are created? If they are created outside -email system, they should not be accepted. If they are generated inside the system, or coming from a trusted system (for which you don't apply chkuser), they are always accepted. Check carefully. Tonino d...@upnorthwebcreations.com ha scritto: They are vpopmail users. Thanks Doug Are vpopmail users or system users? Tonino d...@upnorthwebcreations.com ha scritto: What's happening is I'm getting a lot of rejected emails that say they came from my server from users that don't exist on my server. I've checked the system and everything seems to be OK and the emails I think have a forged return on them. I just want them to go to a junk directory or be deleted. I thought maybe chkuser might do this. Thanks Doug What d...@upnorthwebcreations.com ha scritto: I looked in the archives and found that there apparently is no way for chkuser to reject users that don't exist on my server? If this is correct is there anyway of deflecting them to a bit bucket. I have checked my server over and over again for relay and it is isn't but I'm getting all these emails that are bouncing off of other qmail servers stating the user does not exist coming back to a user that does not exist on my server? This is a new developement in the past few days that hasn't occured for over fice years that this server has been in service. IS something else possibly wrong? Thanks Doug Are you speaking about local domains or vpopmail domains? Local domains should not exist, unless you have particular reasons, and should be changed to be virtual (vpopmail) domains. Please give more details. Ciao, Tonino -- in...@zioni Interazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- in...@zioni Interazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it
Re: [toaster] chkuser
What's happening is I'm getting a lot of rejected emails that say they came from my server from users that don't exist on my server. I've checked the system and everything seems to be OK and the emails I think have a forged return on them. I just want them to go to a junk directory or be deleted. I thought maybe chkuser might do this. Thanks Doug What d...@upnorthwebcreations.com ha scritto: I looked in the archives and found that there apparently is no way for chkuser to reject users that don't exist on my server? If this is correct is there anyway of deflecting them to a bit bucket. I have checked my server over and over again for relay and it is isn't but I'm getting all these emails that are bouncing off of other qmail servers stating the user does not exist coming back to a user that does not exist on my server? This is a new developement in the past few days that hasn't occured for over fice years that this server has been in service. IS something else possibly wrong? Thanks Doug Are you speaking about local domains or vpopmail domains? Local domains should not exist, unless you have particular reasons, and should be changed to be virtual (vpopmail) domains. Please give more details. Ciao, Tonino -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it
Re: [toaster] chkuser
Are vpopmail users or system users? Tonino d...@upnorthwebcreations.com ha scritto: What's happening is I'm getting a lot of rejected emails that say they came from my server from users that don't exist on my server. I've checked the system and everything seems to be OK and the emails I think have a forged return on them. I just want them to go to a junk directory or be deleted. I thought maybe chkuser might do this. Thanks Doug What d...@upnorthwebcreations.com ha scritto: I looked in the archives and found that there apparently is no way for chkuser to reject users that don't exist on my server? If this is correct is there anyway of deflecting them to a bit bucket. I have checked my server over and over again for relay and it is isn't but I'm getting all these emails that are bouncing off of other qmail servers stating the user does not exist coming back to a user that does not exist on my server? This is a new developement in the past few days that hasn't occured for over fice years that this server has been in service. IS something else possibly wrong? Thanks Doug Are you speaking about local domains or vpopmail domains? Local domains should not exist, unless you have particular reasons, and should be changed to be virtual (vpopmail) domains. Please give more details. Ciao, Tonino -- in...@zioni Interazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it
Re: [toaster] chkuser
They are vpopmail users. Thanks Doug Are vpopmail users or system users? Tonino d...@upnorthwebcreations.com ha scritto: What's happening is I'm getting a lot of rejected emails that say they came from my server from users that don't exist on my server. I've checked the system and everything seems to be OK and the emails I think have a forged return on them. I just want them to go to a junk directory or be deleted. I thought maybe chkuser might do this. Thanks Doug What d...@upnorthwebcreations.com ha scritto: I looked in the archives and found that there apparently is no way for chkuser to reject users that don't exist on my server? If this is correct is there anyway of deflecting them to a bit bucket. I have checked my server over and over again for relay and it is isn't but I'm getting all these emails that are bouncing off of other qmail servers stating the user does not exist coming back to a user that does not exist on my server? This is a new developement in the past few days that hasn't occured for over fice years that this server has been in service. IS something else possibly wrong? Thanks Doug Are you speaking about local domains or vpopmail domains? Local domains should not exist, unless you have particular reasons, and should be changed to be virtual (vpopmail) domains. Please give more details. Ciao, Tonino -- in...@zioni Interazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it
[toaster] chkuser problem on [EMAIL PROTECTED]
Hello, I found a problem on chkuser. Maybe there is a solution, that I don't know. If I sent e-mail from e.g. Gmail to [EMAIL PROTECTED] which domain.com hosted in my qmail, chkuser blocks it and says PERM_FAILURE: SMTP Error (state 13): 550 5.1.1 sorry, no mailbox here by that name (chkuser) But, If the e-mail sent to [EMAIL PROTECTED], where there is no user named default, then chkuser accepts the e-mail but then qmail bounce the e-mail back to sender. This make problem on spam mails, because all e-mails sent to [EMAIL PROTECTED] handled by qmail, and as you guest, bounce mails are double bounced. I examine the vpopmail directories and found .qmail-default file with this line | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox I guess this file created automatically. I have 1000 domains on qmail, there are lots of double bounce email on postmaster account. What can we do about this? Zeki Kubilay Akyol CEO - MCSE Radore Hosting Telekomünikasyon Hizm. San. ve Tic. Ltd. Şti. Microsoft Gold Certified Partner - Hosting Solutions Specialization [EMAIL PROTECTED] / www.rh.com.tr t : + 90 212 347 2 347
Re: [toaster] chkuser problem on [EMAIL PROTECTED]
Hi Zeki, this problem is already known. I have to add this check to chkuser since one year, but I had no time until now. I have a bunch of fixes/features to add, I will try to find spare time and fix them. Thanks, Tonino Kubilay Akyol (Radore Telekom) ha scritto: Hello, I found a problem on chkuser. Maybe there is a solution, that I don't know. If I sent e-mail from e.g. Gmail to [EMAIL PROTECTED] which domain.com hosted in my qmail, chkuser blocks it and says PERM_FAILURE: SMTP Error (state 13): 550 5.1.1 sorry, no mailbox here by that name (chkuser) But, If the e-mail sent to [EMAIL PROTECTED], where there is no user named default, then chkuser accepts the e-mail but then qmail bounce the e-mail back to sender. This make problem on spam mails, because all e-mails sent to [EMAIL PROTECTED] handled by qmail, and as you guest, bounce mails are double bounced. I examine the vpopmail directories and found .qmail-default file with this line | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox I guess this file created automatically. I have 1000 domains on qmail, there are lots of double bounce email on postmaster account. What can we do about this? Zeki Kubilay Akyol CEO - MCSE Radore Hosting Telekomünikasyon Hizm. San. ve Tic. Ltd. Şti. Microsoft Gold Certified Partner - Hosting Solutions Specialization [EMAIL PROTECTED] / www.rh.com.tr t : + 90 212 347 2 347 -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] CHKUSER error
Dennis Erickson wrote: Just built new toaster box - Here is the problem I am encountering when i attempt to send mail. from smtpd log CHKUSER rejected sender: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote MYPC:unknown:123.123.123.123 rcpt : invalid sender MX domain I am able to receive emails on the box no problem. Thanks Dennis [EMAIL PROTECTED]:[EMAIL PROTECTED]: is not a legal email address. Regards, Rick
Re: [toaster] CHKUSER
Please start a new thread! Roman Doug Smith napsal(a): Anyone tried jgreylist with qmail. http://qmail.jms1.net/scripts/jgreylist.shtml I'm getting really tired of all this spam! Thanx
[toaster] CHKUSER
I need a little help deciphering what's going on here. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_Address_of_allowed_relay rcpt : sender accepted I'm getting a ton of these in my log files but the user CHKUSER is reporting is not sending them. I tried commenting them out of my tcp.smtp file and resetting the tcp.smtp.cdb but I'm still getting the same log. Any help would be greatly appreciated. Thanks Doug
Re: [toaster] CHKUSER
Thanks for the reply. So, some one is just putting the mail from:legit_user.. in their email, there isn't much I can do about that is there? What I'm trying to get at is this is not an intrusion is it? Thanks Doug [EMAIL PROTECTED] ha scritto: I need a little help deciphering what's going on here. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_Address_of_allowed_relay rcpt : sender accepted I'm getting a ton of these in my log files but the user CHKUSER is reporting is not sending them. I tried commenting them out of my tcp.smtp file and resetting the tcp.smtp.cdb but I'm still getting the same log. The reported from user (in this case [EMAIL PROTECTED]) is simply the one declared at SMTP session with mail from:. Tonino Any help would be greatly appreciated. Thanks Doug -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] CHKUSER
[EMAIL PROTECTED] ha scritto: I need a little help deciphering what's going on here. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_Address_of_allowed_relay rcpt : sender accepted I'm getting a ton of these in my log files but the user CHKUSER is reporting is not sending them. I tried commenting them out of my tcp.smtp file and resetting the tcp.smtp.cdb but I'm still getting the same log. The reported from user (in this case [EMAIL PROTECTED]) is simply the one declared at SMTP session with mail from:. Tonino Any help would be greatly appreciated. Thanks Doug -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
RE: [toaster] CHKUSER
I have a chkuser question as well. I'm getting the following message related to some legitimate mail which my server needs to pass thru: @400047817ef31d2e7f44 CHKUSER rejected sender: from [EMAIL PROTECTED]:: remote k2smtpout04-01.prod.mesa1.secureserver.net:unknown:64.202.189.166 rcpt : invalid sender MX domain People at the subject domain seem unwilling - or unable - to make the DNS entry necessary to fix the problem. Regardless, if there's a way to whitelist a known/permitted domain, I suppose it wouldn't hurt to save on DNS overhead. I've tried simply putting an entry in my server's hosts file... I thought that would work but seem to be finding that the hosts file doesn't behave in the manner I thought it did. Bottom line, I still can't make the domain resolve/chkuser pass the mail. Any suggestions? Preferably one that doesn't require recompiling. I'm squeamish about doing that on a production server :) Thank-you in advance, Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, January 10, 2008 6:15 AM To: toaster@shupp.org Subject: [toaster] CHKUSER I need a little help deciphering what's going on here. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_Address_of_allowed_relay rcpt : sender accepted I'm getting a ton of these in my log files but the user CHKUSER is reporting is not sending them. I tried commenting them out of my tcp.smtp file and resetting the tcp.smtp.cdb but I'm still getting the same log. Any help would be greatly appreciated. Thanks Doug
Re: [toaster] CHKUSER
One of the checks enabled by default in CHKUSER tries to reject fake senders, so if the domain declared in the address does not have an MX entry it is obvious the sender is fake (100%). Are your users conscious they are using an address which does have not a DNS MX entry? sample.secureserver.net does not have an MX, so when checking for a legal sender, this address is rejected. Tell your users to use a not_exiting user in a exiting_MX_domain. So probably [EMAIL PROTECTED] (or [EMAIL PROTECTED]) where the domain does exist but the mailbox does not seems to be more safe. You can also exclude the check, but I suggest not to do (also because the most of receiving servers will make the same check) Tonino Bill D'Anjou ha scritto: I have a chkuser question as well. I'm getting the following message related to some legitimate mail which my server needs to pass thru: @400047817ef31d2e7f44 CHKUSER rejected sender: from [EMAIL PROTECTED]:: remote k2smtpout04-01.prod.mesa1.secureserver.net:unknown:64.202.189.166 rcpt : invalid sender MX domain People at the subject domain seem unwilling - or unable - to make the DNS entry necessary to fix the problem. Regardless, if there's a way to whitelist a known/permitted domain, I suppose it wouldn't hurt to save on DNS overhead. I've tried simply putting an entry in my server's hosts file... I thought that would work but seem to be finding that the hosts file doesn't behave in the manner I thought it did. Bottom line, I still can't make the domain resolve/chkuser pass the mail. Any suggestions? Preferably one that doesn't require recompiling. I'm squeamish about doing that on a production server :) Thank-you in advance, Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, January 10, 2008 6:15 AM To: toaster@shupp.org Subject: [toaster] CHKUSER I need a little help deciphering what's going on here. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_Address_of_allowed_relay rcpt : sender accepted I'm getting a ton of these in my log files but the user CHKUSER is reporting is not sending them. I tried commenting them out of my tcp.smtp file and resetting the tcp.smtp.cdb but I'm still getting the same log. Any help would be greatly appreciated. Thanks Doug -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [toaster] CHKUSER
Please check the respective machine for any malware. If the smtp authentication password is saved which in most cases is than a worm or virus can collect the saved password and send spam using your server as authorized relay. That was my assumption when i first saw that you specified IP_address_of_allowed_relay. If the respective address is in a private address than the assumption becomes certainty. Sorry to be a pest but, the IP address of origin is the correct address of an allowed relay. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_address_of_allowed_relay rcpt : sender accepted I hate to say it but if the user was stating mail from:legit_user but the reported IP is from IP_address_of_allowed_relay isn't the email coming form either the allowed relay or some one spoofing the allowed relay? Thanks Doug [EMAIL PROTECTED] ha scritto: I need a little help deciphering what's going on here. CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote DG93MCB1:unknown:IP_Address_of_allowed_relay rcpt : sender accepted I'm getting a ton of these in my log files but the user CHKUSER is reporting is not sending them. I tried commenting them out of my tcp.smtp file and resetting the tcp.smtp.cdb but I'm still getting the same log. The reported from user (in this case [EMAIL PROTECTED]) is simply the one declared at SMTP session with mail from:. Tonino Any help would be greatly appreciated. Thanks Doug -- [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
[toaster] chkuser and /etc/passwd
Does chkuser support checking for users in /etc/passwd? I installed Toaster v 0.9.2. chkuser works on virtual domains fine, however, local addresses are accepted by chkuser regardless of whether they're valid or not.
[toaster] CHKUSER Logging
Is there a way to have CHKUSER log the connections that are denied for invalid users? The log for SMTP is the /var/log/qmail/smtpd/ but it contains a great deal of information. Has anyone created a patch or implemented MYsql logging with this? tia nitch. The fish are biting. Get more visitors on your site using Yahoo! Search Marketing. http://searchmarketing.yahoo.com/arp/sponsoredsearch_v2.php
Re: [toaster] CHKUSER Logging
Nitchi DaMon lt;[EMAIL PROTECTED]gt; wrote:br / br / gt; br / gt; Is there a way to have CHKUSER log the connectionsbr / gt; that are denied for invalid users?br / gt; br / gt; The log for SMTP is the /var/log/qmail/smtpd/br / gt; br / gt; but it contains a great deal of information. Hasbr / gt; anyone created a patch or implemented MYsql loggingbr / gt; with this?br / gt; br / gt; br / gt; tiabr / gt; br / gt; nitch.br / gt; br /br /For me, Logcheck (a href=http://logcheck.org;http://logcheck.org//a) does a great job at separating stuff in my logs.nbsp; Here's an excerpt of what it parses out for qmail-smtp.nbsp; I get some more information from IMAPd and qmail-send.nbsp; These threshold amounts can be changed, I'm certain even the number it lists from each section could be as well but I haven't looked too much into it.nbsp; Thus far it works as I expect it to.br /br / pre - qmail-smtp Begin br /br / br / Connections from (Threshold of 1):br /211.237.173.234 - 5 Time(s)br / 194.150.155.44 - 5 Time(s)br /58.10.65.101 - 5 Time(s)br /...br / Blocked (Threshold of 1):br / 203.155.63.101 - 8 Time(s) By Blocked - seebr /a target=_blank href=http://www.spamcop.net/bl.shtml?203.155.63.101;http://www.spamcop.net/bl.shtml?203.155.63.101/abr / 124.120.133.201 - 7 Time(s) By Blocked - seebr /a target=_blank href=http://www.spamcop.net/bl.shtml?124.120.133.201;http://www.spamcop.net/bl.shtml?124.120.133.201/abr / 202.183.133.1 - 5 Time(s) By Blocked - seebr /a target=_blank href=http://www.spamcop.net/bl.shtml?202.183.133.1;http://www.spamcop.net/bl.shtml?202.183.133.1/abr / 204.212.126.159 - 5 Time(sbr /...br / Chkuser Rejects From (Threshold of 1):br / [EMAIL PROTECTED] - 8 Time(s)br / [EMAIL PROTECTED] - 6 Time(s)br / [EMAIL PROTECTED] - 4 Time(s)br / [EMAIL PROTECTED] - 4 Time(s)br /...br / Chkuser Rejects To (Threshold of 1):br / [EMAIL PROTECTED] - 6 Time(s)br / [EMAIL PROTECTED] - 5 Time(s)br / [EMAIL PROTECTED] - 5 Time(s)br / [EMAIL PROTECTED] - 4 Time(s)br /...br / Chkuser Rejects Remote (Threshold of 1):br / 222.121.186.98 - 20 Time(s)br / 203.121.80.2 - 19 Time(s)br / 122.4.34.18 - 17 Time(s)br / 122.50.186.60 - 17 Time(s)br /...br / Chkuser Rejects Reason (Threshold of 1):br / not existing recipient - 346 Time(s)br / br / Chkuser Accepts from (Threshold of 1):br /[EMAIL PROTECTED] - 2 Time(s)br / [EMAIL PROTECTED] - 2 Time(s)br / [EMAIL PROTECTED] - 2 Time(s)br / [EMAIL PROTECTED] - 1 Time(s)br / 125.137.14.83 - 14 Time(s)br /[EMAIL PROTECTED] - 5 Time(s)br /- 1 Time(s)br /...br / Chkuser Accepts to (Threshold of 1):br /[EMAIL PROTECTED] - 18 Time(s)br /br / Totals:br / Remote connections: 281br /Local connections: br / RBL blocked: 304br /Grand Total From: 584br / Percentage blocked: 52.055 %br / br / Chkuser Totals:br /Rejected: 346br / Accepted: 25/pre
Re: [toaster] CHKUSER Problem
At 03.41 17/01/2007, you wrote: Sam Laffere wrote: cat .qmail-default | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox If no mailbox for addressee, bounce #| /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter If no mailbox for addressee, send to mailfilter #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster If no mailbox for addressee, send to postmaster Either of the last two block chkuser from working because they direct ALL mail to non-existant mailboxes to a specific location. That means there are no non-existant mailboxes when those choices are selected. See http://www.interazioni.it/opensource/chkuser/documentation/faq/enabling.html#D4 * With standard settings, modify .qmail-default according to your needs, then add a comment line like # bounce-no-mailbox at beginning of file. chkuser will work if bounce-no-mailbox is found within leading 1023 characters. * As alternative, uncomment and change CHKUSER_BOUNCE_STRING within chkuser_settings.h, and set it to the wished string. Ciao, Tonino
[toaster] CHKUSER Problem
Sorry this is so long. Problem: 7 domains do not have invalid users blocked by CHKUSER, 14 domains work correctly. Details: Server set up with Shupp Toaster in early November 2006. Only variance is using maildrop and mailfilter to sort spam into folders. Summary: 21 domains were moved from previous vpopmail based mail server. There is no logic I can find as to why 7 of the domains do not block non-existing recipients at the qmail-smtpd point. The problem seems to be CHKUSER, but I am sure it is not a broken CHKUSER, but just something silly I am missing. The domains were moved a couple at a time from the old server, not in any order. I keep wondering if some little change happened after doing the first 14, and that somehow is affecting the 7 not working. I know that when I started moving the domains, I did a vadddomain for some of the first domains, but may not have done that for some of the later domains. My recollection is that I started out believing I needed to do that for each one. I know I am leaving out lots of details. I can readily provide any requested. I have looked through the archive, and can add the following: All files are owned vpopmail.vchkpw in all domains. All domains have the following in .qmail-default: | /usr/local/bin/maildrop /home/vpopmail/domains/domainname.net/mailfilter and all domains have mailfilter linked like this to the same file. mailfilter - ../mailfilter All permissions match between a working and a non-working domain. vqadmin says CatchAll: mailfilter for both of the following domains. If I click any option, it overwrites my .qmail-default. Thanks in Advance Sam I have chosen these two domains as the examples. tri.net --this domain works correctly midkan.com --this domain does not work Snips of files and tests using domains: A check of CHKUSER shows this: # /var/qmail/bin/qmail-smtpd 220 supermail.tri.net ESMTP mail from [EMAIL PROTECTED] CHKUSER accepted null sender: from :: remote :unknown:unknown rcpt : accepted null sender always 250 ok rcpt to: [EMAIL PROTECTED] CHKUSER rejected rcpt: from :: remote :unknown:unknown rcpt [EMAIL PROTECTED] : not existing recipient 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) rcpt to: [EMAIL PROTECTED] CHKUSER accepted rcpt: from :: remote :unknown:unknown rcpt [EMAIL PROTECTED] : found existing recipient 250 ok quit 221 supermail.tri.net /var/qmail/control/rcpthosts has this: midkan.com tri.net /var/qmail/control/virtualdomains has this: midkan.com:midkan.com tri.net:tri.net /var/qmail/users/assign has this: +midkan.com-:midkan.com:89:89:/home/vpopmail/domains/midkan.com:-:: +tri.net-:tri.net:89:89:/home/vpopmail/domains/tri.net:-::
Re: [toaster] CHKUSER Problem
Sam Laffere wrote: Sorry this is so long. Problem: 7 domains do not have invalid users blocked by CHKUSER, 14 domains work correctly. Details: Server set up with Shupp Toaster in early November 2006. Only variance is using maildrop and mailfilter to sort spam into folders. Summary: 21 domains were moved from previous vpopmail based mail server. There is no logic I can find as to why 7 of the domains do not block non-existing recipients at the qmail-smtpd point. The problem seems to be CHKUSER, but I am sure it is not a broken CHKUSER, but just something silly I am missing. The domains were moved a couple at a time from the old server, not in any order. I keep wondering if some little change happened after doing the first 14, and that somehow is affecting the 7 not working. I know that when I started moving the domains, I did a vadddomain for some of the first domains, but may not have done that for some of the later domains. My recollection is that I started out believing I needed to do that for each one. I know I am leaving out lots of details. I can readily provide any requested. I have looked through the archive, and can add the following: All files are owned vpopmail.vchkpw in all domains. All domains have the following in .qmail-default: | /usr/local/bin/maildrop /home/vpopmail/domains/domainname.net/mailfilter and all domains have mailfilter linked like this to the same file. mailfilter - ../mailfilter All permissions match between a working and a non-working domain. vqadmin says CatchAll: mailfilter for both of the following domains. If I click any option, it overwrites my .qmail-default. Hi, Unless you modified the source of chkusr, it requires bounce-no-mailbox in the .qmail-default file. If that is not there, it lets all messages in, regardless of the user existing or not. Regards, Rick
Re: [toaster] CHKUSER Problem
Rick Macdougall wrote: Sam Laffere wrote: Sorry this is so long. Problem: 7 domains do not have invalid users blocked by CHKUSER, 14 domains work correctly. Details: Server set up with Shupp Toaster in early November 2006. Only variance is using maildrop and mailfilter to sort spam into folders. Summary: 21 domains were moved from previous vpopmail based mail server. There is no logic I can find as to why 7 of the domains do not block non-existing recipients at the qmail-smtpd point. The problem seems to be CHKUSER, but I am sure it is not a broken CHKUSER, but just something silly I am missing. The domains were moved a couple at a time from the old server, not in any order. I keep wondering if some little change happened after doing the first 14, and that somehow is affecting the 7 not working. I know that when I started moving the domains, I did a vadddomain for some of the first domains, but may not have done that for some of the later domains. My recollection is that I started out believing I needed to do that for each one. I know I am leaving out lots of details. I can readily provide any requested. I have looked through the archive, and can add the following: All files are owned vpopmail.vchkpw in all domains. All domains have the following in .qmail-default: | /usr/local/bin/maildrop /home/vpopmail/domains/domainname.net/mailfilter and all domains have mailfilter linked like this to the same file. mailfilter - ../mailfilter All permissions match between a working and a non-working domain. vqadmin says CatchAll: mailfilter for both of the following domains. If I click any option, it overwrites my .qmail-default. Hi, Unless you modified the source of chkusr, it requires bounce-no-mailbox in the .qmail-default file. If that is not there, it lets all messages in, regardless of the user existing or not. Regards, Rick Rick, Thanks for the reply. I don't believe I modified the chkusr source. Both domains are using the same mailfilter file due to the symbolic link. I forgot to mention that the 'domains' folder is mounted with NFS as follows: mounting info --- supermail:/home/vpopmail/domains# mount 10.0.2.2:/home/vpopmail/domains on /home/vpopmail/domains type nfs (rw,hard,intr,addr=10.0.2.2,addr=10.0.2.2) - As far as I can tell, everything is identical between the domains. I have pasted info below in case somebody sees something I don't see. I have just stated some of the files to confirm that they are identical, and still midkan.com fails to block. -midkan.com--- supermail:/home/vpopmail/domains/midkan.com# cat .qmail-default | /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster supermail:/home/vpopmail/domains# ls -al midkan.com/ total 100 -rw--- 1 vpopmail vchkpw 155 2007-01-02 14:12 .qmail-default lrwxrwxrwx 1 vpopmail vchkpw 13 2006-12-01 13:38 mailfilter - ../mailfilter --tri.net--- supermail:/home/vpopmail/domains/tri.net# cat .qmail-default | /usr/local/bin/maildrop /home/vpopmail/domains/tri.net/mailfilter #| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/tri.net/postmaster supermail:/home/vpopmail/domains/tri.net# ls -al total 332 -rw--- 1 vpopmail vchkpw 207 2007-01-15 17:09 .qmail-default lrwxrwxrwx 1 vpopmail vchkpw13 2006-11-29 16:09 mailfilter - ../mailfilter ---/home/vpopmail/domains/mailfilter--- These two lines are from mailfilter. This is what it defaults to when no account is found for a user during the delivery stage. Yes, right now all 'bounces' for all domains( the 7 non-working ones) are going to postmaster for tri.net. * I just reversed these lines so that 'bounce-no-mailbox' was the active line, and still the same response from CHKUSER. VPOP=| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/tri.net/postmaster #VPOP=| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox supermail:/home/vpopmail/domains# ls -al total 40780 -rw--- 1 vpopmail vchkpw 4524 2007-01-15 18:02 mailfilter
Re: [toaster] CHKUSER Problem
Sam Laffere wrote: Rick Macdougall wrote: Sam Laffere wrote: Sorry this is so long. Problem: 7 domains do not have invalid users blocked by CHKUSER, 14 domains work correctly. Details: Server set up with Shupp Toaster in early November 2006. Only variance is using maildrop and mailfilter to sort spam into folders. Problem is not fixed yet, but I just replaced the .qmail-default file, and the midkan.com domain is now rejecting using CHKUSER. All I did was edit the file back to : cat .qmail-default | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox #| /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster I will keep troubleshooting to try to figure this out, but I can at least tell it is related to this file somehow. Thanks for the help. Sam
Re: [toaster] CHKUSER Problem
Sam Laffere wrote: Sam Laffere wrote: Rick Macdougall wrote: Sam Laffere wrote: Sorry this is so long. Problem: 7 domains do not have invalid users blocked by CHKUSER, 14 domains work correctly. Details: Server set up with Shupp Toaster in early November 2006. Only variance is using maildrop and mailfilter to sort spam into folders. Problem is not fixed yet, but I just replaced the .qmail-default file, and the midkan.com domain is now rejecting using CHKUSER. All I did was edit the file back to : cat .qmail-default | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox #| /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster I will keep troubleshooting to try to figure this out, but I can at least tell it is related to this file somehow. Solution !! It seems the .qmail-default file needs to have the line #| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox somewhere in there before CHKUSER will really check. It can be remarked out, it does not need to be the last line. Both of these work. | /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster #| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox | /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter #| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster But the following does not. | /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster Thanks again for the help. Just goes to show what your brain discounts as insignificant may really turn out to be the key! Sam
Re: [toaster] CHKUSER Problem
Sam Laffere wrote: Rick Macdougall wrote: Sam Laffere wrote: Sorry this is so long. Problem: 7 domains do not have invalid users blocked by CHKUSER, 14 domains work correctly. Details: Server set up with Shupp Toaster in early November 2006. Only variance is using maildrop and mailfilter to sort spam into folders. Summary: 21 domains were moved from previous vpopmail based mail server. There is no logic I can find as to why 7 of the domains do not block non-existing recipients at the qmail-smtpd point. The problem seems to be CHKUSER, but I am sure it is not a broken CHKUSER, but just something silly I am missing. The domains were moved a couple at a time from the old server, not in any order. I keep wondering if some little change happened after doing the first 14, and that somehow is affecting the 7 not working. I know that when I started moving the domains, I did a vadddomain for some of the first domains, but may not have done that for some of the later domains. My recollection is that I started out believing I needed to do that for each one. I know I am leaving out lots of details. I can readily provide any requested. I have looked through the archive, and can add the following: All files are owned vpopmail.vchkpw in all domains. All domains have the following in .qmail-default: | /usr/local/bin/maildrop /home/vpopmail/domains/domainname.net/mailfilter and all domains have mailfilter linked like this to the same file. mailfilter - ../mailfilter All permissions match between a working and a non-working domain. vqadmin says CatchAll: mailfilter for both of the following domains. If I click any option, it overwrites my .qmail-default. Hi, Unless you modified the source of chkusr, it requires bounce-no-mailbox in the .qmail-default file. If that is not there, it lets all messages in, regardless of the user existing or not. Regards, Rick Rick, Thanks for the reply. I don't believe I modified the chkusr source. Both domains are using the same mailfilter file due to the symbolic link. I forgot to mention that the 'domains' folder is mounted with NFS as follows: mounting info --- supermail:/home/vpopmail/domains# mount 10.0.2.2:/home/vpopmail/domains on /home/vpopmail/domains type nfs (rw,hard,intr,addr=10.0.2.2,addr=10.0.2.2) - As far as I can tell, everything is identical between the domains. I have pasted info below in case somebody sees something I don't see. I have just stated some of the files to confirm that they are identical, and still midkan.com fails to block. -midkan.com--- supermail:/home/vpopmail/domains/midkan.com# cat .qmail-default | /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster supermail:/home/vpopmail/domains# ls -al midkan.com/ total 100 -rw--- 1 vpopmail vchkpw 155 2007-01-02 14:12 .qmail-default lrwxrwxrwx 1 vpopmail vchkpw 13 2006-12-01 13:38 mailfilter - ../mailfilter --tri.net--- supermail:/home/vpopmail/domains/tri.net# cat .qmail-default | /usr/local/bin/maildrop /home/vpopmail/domains/tri.net/mailfilter #| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox #| /home/vpopmail/bin/vdelivermail '' Hi, Make the #| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox the first line in the .qmail-default file and see if that doesn't fix it. It should. Regards, Rick
Re: [toaster] CHKUSER Problem
Sam Laffere wrote: Problem is not fixed yet, but I just replaced the .qmail-default file, and the midkan.com domain is now rejecting using CHKUSER. All I did was edit the file back to : cat .qmail-default | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox #| /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster I will keep troubleshooting to try to figure this out, but I can at least tell it is related to this file somehow. Solution !! It seems the .qmail-default file needs to have the line #| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox Actually it can just be #bounce-no-mailbox I wasn't sure if it had to be on the first line or not. Alternatively you can edit the chkusr source and change bounce-no-mailbox to mailfilter if that is easier. Regards, Rick
Re: [toaster] CHKUSER Problem
Sam Laffere wrote: cat .qmail-default | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox If no mailbox for addressee, bounce #| /usr/local/bin/maildrop /home/vpopmail/domains/midkan.com/mailfilter If no mailbox for addressee, send to mailfilter #| /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/midkan.com/postmaster If no mailbox for addressee, send to postmaster Either of the last two block chkuser from working because they direct ALL mail to non-existant mailboxes to a specific location. That means there are no non-existant mailboxes when those choices are selected.
[toaster] chkuser not activated at the default toaster installation?
Hi i install my Mailserver after the toaster-documentation. But chkuser is patched but don't working, must i set any controlfile or uncomment define to activate the chkuser-patch? regards, Jens -- » Website : http://www.atomix.de/ » Kontakt : [EMAIL PROTECTED] » Telefon : 0179/136 10 16
Re: [toaster] chkuser not activated at the default toaster installation?
Jens Gassmann wrote: Hi i install my Mailserver after the toaster-documentation. But chkuser is patched but don't working, must i set any controlfile or uncomment define to activate the chkuser-patch? Make sure your test is not from an ip with RELAYCLIENT set, or after SMTP-AUTH has been performed. Regards, Bill
Re: [toaster] chkuser not activated at the default toaster installation?
Hi, i found the problem - my old installation use as qmail-default | /vpopmail/bin/vdelivermail '' delete and not | /vpopmail/bin/vdelivermail '' bounce-no-mailbox so chkuser wasn't activated :-( Jens Gassmann wrote: Hi i install my Mailserver after the toaster-documentation. But chkuser is patched but don't working, must i set any controlfile or uncomment define to activate the chkuser-patch? regards, Jens -- » Website : http://www.atomix.de/ » Kontakt : [EMAIL PROTECTED] » Telefon : 0179/136 10 16
Re: [toaster] chkuser
tonix (Antonio Nati) wrote: At 05.14 09/02/2006, you wrote: Is there a way to close a connection after 3 or 4 invalid mailboxes are reached on a single connection? When spammers hit my production server I see multiple emails in the log account that if they could be blocked after 3 or 4 invalid address are reached. It's all already inside the box. Check carefully toaster documentation or look in http://www.interazioni.it/opensource/chkuser/documentation/chkuser_settings.html#Tarpitting for more info on chkuser settings. Ciao, Tonino Thanks Dennis According to your documents all I should have to do is change out the CHKUSER_WRONGRCPTLIMIT to lets say 4 then recompile? #define CHKUSER_WRONGRCPT_LIMIT_VARIABLE CHKUSER_WRONGRCPTLIMIT This is the definition of the variable; you have to recompile and install after this change. Then, you must declare (in tcp.smtp or in the running script) the variable CHKUSER_WRONGRCPTLIMIT with the value you want (zero means infinite). Ciao, Tonino Dennis -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- La tua posta elettronica senza virus su UfficioPostale.IT Your virus free electronic mail on UfficioPostale.IT
Re: [toaster] chkuser
At 05.14 09/02/2006, you wrote: Is there a way to close a connection after 3 or 4 invalid mailboxes are reached on a single connection? When spammers hit my production server I see multiple emails in the log account that if they could be blocked after 3 or 4 invalid address are reached. It's all already inside the box. Check carefully toaster documentation or look in http://www.interazioni.it/opensource/chkuser/documentation/chkuser_settings.html#Tarpitting for more info on chkuser settings. Ciao, Tonino Thanks Dennis
Re: [toaster] chkuser
tonix (Antonio Nati) wrote: At 05.14 09/02/2006, you wrote: Is there a way to close a connection after 3 or 4 invalid mailboxes are reached on a single connection? When spammers hit my production server I see multiple emails in the log account that if they could be blocked after 3 or 4 invalid address are reached. It's all already inside the box. Check carefully toaster documentation or look in http://www.interazioni.it/opensource/chkuser/documentation/chkuser_settings.html#Tarpitting for more info on chkuser settings. Ciao, Tonino Thanks Dennis According to your documents all I should have to do is change out the CHKUSER_WRONGRCPTLIMIT to lets say 4 then recompile? #define CHKUSER_WRONGRCPT_LIMIT_VARIABLE CHKUSER_WRONGRCPTLIMIT Dennis
[toaster] chkuser
Is there a way to close a connection after 3 or 4 invalid mailboxes are reached on a single connection? When spammers hit my production server I see multiple emails in the log account that if they could be blocked after 3 or 4 invalid address are reached. Thanks Dennis
[toaster] chkuser accepting mail for unknown users
I have installed the toaster version 0.8 on a RHEL 3 AS Server. The problem I am having deals with chkuser. It is accepting mail for any recipient. I telnet to port 25 and do this: telnet localhost 25Trying 127.0.0.1...Connected to students (127.0.0.1).Escape character is '^]'.220 students.csi.edu ESMTPmail from [EMAIL PROTECTED]250 okrcpt to:[EMAIL PROTECTED]250 ok The qmail-smtp log shows this: CHKUSER accepted rcpt: from :: remote :unknown:127.0.0.1 rcpt [EMAIL PROTECTED] : found existing recipient There is no user [EMAIL PROTECTED]. I thought that the mail should get rejected if there is not a valid recipient. I am not surewhat the problem might be, or how to fix it. Thanks for the help. Dan
Re: [toaster] chkuser accepting mail for unknown users
I found my problem. I didnt setthe CatchAll:Bounce in qmailadmin. [EMAIL PROTECTED] 9/9/2005 9:38 AM I have installed the toaster version 0.8 on a RHEL 3 AS Server. The problem I am having deals with chkuser. It is accepting mail for any recipient. I telnet to port 25 and do this: telnet localhost 25Trying 127.0.0.1...Connected to students (127.0.0.1).Escape character is '^]'.220 students.csi.edu ESMTPmail from [EMAIL PROTECTED]250 okrcpt to:[EMAIL PROTECTED]250 ok The qmail-smtp log shows this: CHKUSER accepted rcpt: from :: remote :unknown:127.0.0.1 rcpt [EMAIL PROTECTED] : found existing recipient There is no user [EMAIL PROTECTED]. I thought that the mail should get rejected if there is not a valid recipient. I am not surewhat the problem might be, or how to fix it. Thanks for the help. Dan
Re: [toaster] chkuser problem
That sounds interesting Would you mind sharing you code changes to the rest of us please? Kim Hi, I've installed Bill's toaster to Dual opteron, GENTOO linux, 64bit environment. Everything without problem (jut needed to change 2 lines of his code ;-) Roman Carlos J. Muentes napsal(a): Wow, I had the same exact problem with SLES9 64-bit edition, but with courier-authlib! I did the same thing, uninstalled the 64-bit version, and installed the 32-bit vesion and all problems went away just like that. I found articles of others having the same issues with the 64-bit version of SLES, so I assume courier-authlib, as well as other lib's/bin's are having issues with compiling on 64-bith architectures. I also had issues with konqueror in the 64-bit version crashing for unknown reasons, that also went away with an install of the 32-bit version.
Re: [toaster] chkuser problem
Are you sure MySQL is reachable from the second server? Did you check if MySQL accounts work from the secondary server? MySQL has a particular way to handle users, check it. If problem persist, disable chkuser on secondary server and test if problem still exists. Tonino Adam Woodbeck wrote: I'm experiencing the weirdest problem with a second mail server I just set up. I've set up several toasters following Bill's instructions and many FreeBSD toasters following Matt Simerson's instructions all without any trouble. But the toaster I set up today is driving me nuts. I'm setting up a second mail server that will share load with our current mail server. They both connect to the same MySQL database for vpopmail authentication and spamassassin settings. Over NFS, both servers are sharing the same ~vpopmail/domains directory, /var/qmail/control directory, and /var/qmail/users directory. The primary mail server has no problems at all sending and receiving email. The second mail server will not accept any email for any local email accounts because chkuser reports not existing recipient. I've verified that vpopmail recognizes the email accounts I'm trying to send to (~vpopmail/bin/vuserinfo email_address returns the expected output with no errors). I've checked the ownership and permissions of every directory involved (especially the ~vpopmail/domains/ directory) and everything looks good (the primary mail server is successfully using these shared directories over NFS right now so permissions should be good). I've made sure that the UIDs and GIDs of all qmail users and the vpopmail user match on both servers. The only difference in the two servers is that the server I'm having trouble with is a 64-bit system (running SLES 9). I'm at my whit's end. Would anyone please suggest what I should try next to figure out why chkuser denies delivery attempt with the message 511 sorry, no mailbox here by that name (#5.1.1 - chkuser). I greatly appreciate the help. Sincerely, Adam Woodbeck I should mention that I did not change any chkuser settings before building and installing the toaster. Adam -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- La tua posta elettronica senza virus su UfficioPostale.IT Your virus free electronic mail on UfficioPostale.IT
Re: [toaster] chkuser problem
Hello Tonino, Thank you for the reply. Yes, I'm able to manually connect to the MySQL server from the secondary mail server as the vpopmail user and run queries on the vpopmail.vpopmail table. I'll disable chkuser and see if I am still unable to send email to local users through the secondary mail server. Adam On Tuesday 06 September 2005 06:56, Tonix wrote: Are you sure MySQL is reachable from the second server? Did you check if MySQL accounts work from the secondary server? MySQL has a particular way to handle users, check it. If problem persist, disable chkuser on secondary server and test if problem still exists. Tonino
Re: [toaster] chkuser problem
Ok. I fixed the problem. I uninstalled the 64-bit version of Suse Enterprise Linux 9 and installed the 32-bit version (the server is running an AMD Opteron). I then went through the install process of Bill's toaster and everything worked just fine. Chkuser works now as it should. Can anyone think of a reason chkuser would not work on a 64-bit OS? Everything else seems to compile and work just fine on the 64-bit version of SLES 9. Adam Adam Woodbeck wrote: Hello Tonino, I disabled chkuser and I was able to send email just fine to local users through the secondary mail server. It certainly appears as though there is something wrong with chkuser on the secondary mail server. I may start over from scratch again since the secondary server is not in production yet. Adam On Tuesday 06 September 2005 06:56, Tonix wrote: Are you sure MySQL is reachable from the second server? Did you check if MySQL accounts work from the secondary server? MySQL has a particular way to handle users, check it. If problem persist, disable chkuser on secondary server and test if problem still exists. Tonino
Re: [toaster] chkuser problem
Wow, I had the same exact problem with SLES9 64-bit edition, but with courier-authlib! I did the same thing, uninstalled the 64-bit version, and installed the 32-bit vesion and all problems went away just like that. I found articles of others having the same issues with the 64-bit version of SLES, so I assume courier-authlib, as well as other lib's/bin's are having issues with compiling on 64-bith architectures. I also had issues with konqueror in the 64-bit version crashing for unknown reasons, that also went away with an install of the 32-bit version. Adam Woodbeck wrote: Ok. I fixed the problem. I uninstalled the 64-bit version of Suse Enterprise Linux 9 and installed the 32-bit version (the server is running an AMD Opteron). I then went through the install process of Bill's toaster and everything worked just fine. Chkuser works now as it should. Can anyone think of a reason chkuser would not work on a 64-bit OS? Everything else seems to compile and work just fine on the 64-bit version of SLES 9. Adam Adam Woodbeck wrote: Hello Tonino, I disabled chkuser and I was able to send email just fine to local users through the secondary mail server. It certainly appears as though there is something wrong with chkuser on the secondary mail server. I may start over from scratch again since the secondary server is not in production yet. Adam On Tuesday 06 September 2005 06:56, Tonix wrote: Are you sure MySQL is reachable from the second server? Did you check if MySQL accounts work from the secondary server? MySQL has a particular way to handle users, check it. If problem persist, disable chkuser on secondary server and test if problem still exists. Tonino -- __ Carlos J. Muentes http://www.rockwithme.org - Rock With Me Guitar Stuff, Programming stuff, Family Stuff - all in one place
Re: [toaster] chkuser problem
On Sep 6, 2005, at 12:47 PM, Carlos J. Muentes wrote: Wow, I had the same exact problem with SLES9 64-bit edition, but with courier-authlib! I did the same thing, uninstalled the 64-bit version, and installed the 32-bit vesion and all problems went away just like that. I found articles of others having the same issues with the 64-bit version of SLES, so I assume courier-authlib, as well as other lib's/bin's are having issues with compiling on 64-bith architectures. I also had issues with konqueror in the 64-bit version crashing for unknown reasons, that also went away with an install of the 32-bit version. In the currently-unreleased 5.4.13 version of vpopmail, I added a patch from Jory A. Pratt to compile libvpopmail with the -fPIC compiler flag. He said it was related to AMD64 compiles and problems with linking to courier. Here are links to the two CVS changes for that patch: http://sourceforge.net/mailarchive/forum.php? thread_id=8106414forum_id=35252 http://sourceforge.net/mailarchive/forum.php? thread_id=8106413forum_id=35252 I don't know anything about 64-bit, or what the -fPIC option does, but you might want to try it and see if that helps. -Tom
Re: [toaster] chkuser problem
Tom Collins wrote: On Sep 6, 2005, at 12:47 PM, Carlos J. Muentes wrote: Wow, I had the same exact problem with SLES9 64-bit edition, but with courier-authlib! I did the same thing, uninstalled the 64-bit version, and installed the 32-bit vesion and all problems went away just like that. I found articles of others having the same issues with the 64-bit version of SLES, so I assume courier-authlib, as well as other lib's/bin's are having issues with compiling on 64-bith architectures. I also had issues with konqueror in the 64-bit version crashing for unknown reasons, that also went away with an install of the 32-bit version. In the currently-unreleased 5.4.13 version of vpopmail, I added a patch from Jory A. Pratt to compile libvpopmail with the -fPIC compiler flag. He said it was related to AMD64 compiles and problems with linking to courier. Here are links to the two CVS changes for that patch: http://sourceforge.net/mailarchive/forum.php? thread_id=8106414forum_id=35252 http://sourceforge.net/mailarchive/forum.php? thread_id=8106413forum_id=35252 I don't know anything about 64-bit, or what the -fPIC option does, but you might want to try it and see if that helps. man gcc shows this: -fPIC If supported for the target machine, emit position-independent code, suitable for dynamic linking and avoiding any limit on the size of the global offset table. This option makes a difference on the m68k, m88k, and the SPARC. Position-independent code requires special support, and therefore works only on certain machines. I've never hears of it either. Can anyone see if it solves the chkuser problem? Regards, Bill
[toaster] chkuser problem
I'm experiencing the weirdest problem with a second mail server I just set up. I've set up several toasters following Bill's instructions and many FreeBSD toasters following Matt Simerson's instructions all without any trouble. But the toaster I set up today is driving me nuts. I'm setting up a second mail server that will share load with our current mail server. They both connect to the same MySQL database for vpopmail authentication and spamassassin settings. Over NFS, both servers are sharing the same ~vpopmail/domains directory, /var/qmail/control directory, and /var/qmail/users directory. The primary mail server has no problems at all sending and receiving email. The second mail server will not accept any email for any local email accounts because chkuser reports not existing recipient. I've verified that vpopmail recognizes the email accounts I'm trying to send to (~vpopmail/bin/vuserinfo email_address returns the expected output with no errors). I've checked the ownership and permissions of every directory involved (especially the ~vpopmail/domains/ directory) and everything looks good (the primary mail server is successfully using these shared directories over NFS right now so permissions should be good). I've made sure that the UIDs and GIDs of all qmail users and the vpopmail user match on both servers. The only difference in the two servers is that the server I'm having trouble with is a 64-bit system (running SLES 9). I'm at my whit's end. Would anyone please suggest what I should try next to figure out why chkuser denies delivery attempt with the message 511 sorry, no mailbox here by that name (#5.1.1 - chkuser). I greatly appreciate the help. Sincerely, Adam Woodbeck
Re: [toaster] chkuser problem
Adam Woodbeck wrote: I'm experiencing the weirdest problem with a second mail server I just set up. I've set up several toasters following Bill's instructions and many FreeBSD toasters following Matt Simerson's instructions all without any trouble. But the toaster I set up today is driving me nuts. I'm setting up a second mail server that will share load with our current mail server. They both connect to the same MySQL database for vpopmail authentication and spamassassin settings. Over NFS, both servers are sharing the same ~vpopmail/domains directory, /var/qmail/control directory, and /var/qmail/users directory. The primary mail server has no problems at all sending and receiving email. The second mail server will not accept any email for any local email accounts because chkuser reports not existing recipient. I've verified that vpopmail recognizes the email accounts I'm trying to send to (~vpopmail/bin/vuserinfo email_address returns the expected output with no errors). I've checked the ownership and permissions of every directory involved (especially the ~vpopmail/domains/ directory) and everything looks good (the primary mail server is successfully using these shared directories over NFS right now so permissions should be good). I've made sure that the UIDs and GIDs of all qmail users and the vpopmail user match on both servers. The only difference in the two servers is that the server I'm having trouble with is a 64-bit system (running SLES 9). I'm at my whit's end. Would anyone please suggest what I should try next to figure out why chkuser denies delivery attempt with the message 511 sorry, no mailbox here by that name (#5.1.1 - chkuser). I greatly appreciate the help. Sincerely, Adam Woodbeck I should mention that I did not change any chkuser settings before building and installing the toaster. Adam
RE: [toaster] Chkuser problem??
I believe this is a permission problem. You can try to do this: With root, run qmail-smtpd and you should get something like this: 220 ESMTP MAIL FROM:[EMAIL PROTECTED] 250 ok RCPT TO:[EMAIL PROTECTED] CHKUSER rejected rcpt: from [EMAIL PROTECTED]:: remote :unknown:unknown rcpt [EMAIL PROTECTED] : not existing recipient 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) If you can get the above result by running qmail-smtpd as root, then user privilege is the problem. To my understanding, if the user running qmail-smtpd has no privilege to read the vpopmail files, the chkuser result will always be permissive. Kelvin Wu -Original Message- From: tonix (Antonio Nati) [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 27, 2005 11:09 PM To: toaster@shupp.org Subject: Re: [toaster] Chkuser problem?? Check all other chkuser #define and see their behaviour. Then check if you have any VARIABLE that influences chkuser. Last attempt, put chkuser debugging to work and see what happens. (some doubts about previous question... slx:~ # vuserinfo [EMAIL PROTECTED] no such user [EMAIL PROTECTED] Is yapost.com local [inside rcpthosts]?) Tonino At 15.05 27/07/2005, you wrote: At 06.42 27/07/2005, you wrote: If chkuser is not enabled than it return a positive answer (found) to any query. Check if chkuser is enabled and check using qmailadmin if bouncing is enabled. Tonino chkuser is enabled and I have checked qmailadmin, catchall is bounced. So is there any problem? or should I reinstall vpopmail and qmail again? Thanks a lot. Regards, qing
RE: [toaster] Chkuser problem??
I believe this is a permission problem. You can try to do this: With root, run qmail-smtpd and you should get something like this: 220 ESMTP MAIL FROM:[EMAIL PROTECTED] 250 ok RCPT TO:[EMAIL PROTECTED] CHKUSER rejected rcpt: from [EMAIL PROTECTED]:: remote :unknown:unknown rcpt [EMAIL PROTECTED] : not existing recipient 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) If you can get the above result by running qmail-smtpd as root, then user privilege is the problem. To my understanding, if the user running qmail-smtpd has no privilege to read the vpopmail files, the chkuser result will always be permissive. Kelvin Wu Thanks for all of your help. I have fixed the problem now. I just deleted .qmail-janet and .qmail-janet-default in the domain directory, then it works fine now. I have no idea why vdelolduser did not remove that two files when purpged the user. Regards, qing
Re: [toaster] Chkuser problem??
At 06.42 27/07/2005, you wrote: Dear all, I found a strange problem in my server. Chkuser seems not work porperly. Here is the information: 2005-07-27 13:07:31.616557500 CHKUSER accepted rcpt: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote www.ezrs.com:unknown:202.130.120.114 rcpt [EMAIL PROTECTED] : found existing recipient slx:~ # vuserinfo [EMAIL PROTECTED] no such user [EMAIL PROTECTED] [EMAIL PROTECTED] does not exist but chkuser let the message pass through. How can I fix the problem? Thanks a lot. If chkuser is not enabled than it return a positive answer (found) to any query. Check if chkuser is enabled and check using qmailadmin if bouncing is enabled. Tonino Regards, qing.
RE: [toaster] Chkuser problem??
Believe me when I say I am _far_ from understanding this stuff. Do you have a Catch All account enabled? Where did the message end up? Deion Mule Christopher --Mule was here!-- --Republican Team Leader And Proud Of It!-- http://www.gopteamleader.com/about.asp Original Message Follows From: [EMAIL PROTECTED] Reply-To: toaster@shupp.org To: toaster@shupp.org Subject: [toaster] Chkuser problem?? Date: Wed, 27 Jul 2005 13:42:57 +0800 (HKT) Dear all, I found a strange problem in my server. Chkuser seems not work porperly. Here is the information: 2005-07-27 13:07:31.616557500 CHKUSER accepted rcpt: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote www.ezrs.com:unknown:202.130.120.114 rcpt [EMAIL PROTECTED] : found existing recipient slx:~ # vuserinfo [EMAIL PROTECTED] no such user [EMAIL PROTECTED] [EMAIL PROTECTED] does not exist but chkuser let the message pass through. How can I fix the problem? Thanks a lot. Regards, qing.
Re: [toaster] Chkuser problem??
At 06.42 27/07/2005, you wrote: If chkuser is not enabled than it return a positive answer (found) to any query. Check if chkuser is enabled and check using qmailadmin if bouncing is enabled. Tonino chkuser is enabled and I have checked qmailadmin, catchall is bounced. So is there any problem? or should I reinstall vpopmail and qmail again? Thanks a lot. Regards, qing
RE: [toaster] Chkuser problem??
Believe me when I say I am _far_ from understanding this stuff. Do you have a Catch All account enabled? Where did the message end up? Deion Mule Christopher Catch All is bounced. The message is still in the queue. Any suggestion? Thanks a lot. Regards, qing
[toaster] Chkuser problem??
Dear all, I found a strange problem in my server. Chkuser seems not work porperly. Here is the information: 2005-07-27 13:07:31.616557500 CHKUSER accepted rcpt: from [EMAIL PROTECTED]:[EMAIL PROTECTED]: remote www.ezrs.com:unknown:202.130.120.114 rcpt [EMAIL PROTECTED] : found existing recipient slx:~ # vuserinfo [EMAIL PROTECTED] no such user [EMAIL PROTECTED] [EMAIL PROTECTED] does not exist but chkuser let the message pass through. How can I fix the problem? Thanks a lot. Regards, qing.
[toaster] chkuser and tmda
I have chkuser installed, as per Shupp toaster, but it appears to be preventing TMDA confirms from being delivered, is there anything I can do? Here is the gist of the error message, edited to protect etc: [EMAIL PROTECTED]: 1.2.3.4 does not like recipient. Remote host said: 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) Giving up on 1.2.3.4. chkuser_settings.h is stock CHKUSER_EZMLM_DASH looks like it should cover, but it doesn't apparently ;-( Any help would be greatly appreciated -- - Bob Hutchinson Midwales dot com -
[toaster] CHKUSER messages appearing in log
Just a quick one - I noticed after upgrading to the 0.7.2 toaster (on RedHat 9), that I'm now getting CHKUSER lines in /var/log/qmail/current like so: CHKUSER accepted rcpt: from [EMAIL PROTECTED]:: remote [EMAIL PROTECTED]:unknown:12.345.678.90 rcpt [EMAIL PROTECTED] : found existing recipient ...this is good! Just wondered, is this something that has been added in toaster 0.7.2, or was I just doing something wrong before (with 0.6 / RH9)? Thanks, David.
Re: [toaster] CHKUSER messages appearing in log
David wrote: Just a quick one - I noticed after upgrading to the 0.7.2 toaster (on RedHat 9), that I'm now getting CHKUSER lines in /var/log/qmail/current like so: CHKUSER accepted rcpt: from [EMAIL PROTECTED]:: remote [EMAIL PROTECTED]:unknown:12.345.678.90 rcpt [EMAIL PROTECTED] : found existing recipient ...this is good! Just wondered, is this something that has been added in toaster 0.7.2, or was I just doing something wrong before (with 0.6 / RH9)? This is new to chkuser 2.0 series, which is new to the later 0.7 toaster patches. I believe this is part of the debugging option, which is on by default. Meaning, you can turn it off if you don't want to see it. Regards, Bill
Re: [toaster] chkuser patch
Yes, you will find in the smtpd log file lines like this: 550 sorry, no mailbox here by that name (#5.1.1 - chkusr) On Mon, 2004-07-26 at 07:04, Jeff Koch wrote: Hi: Does anyone know if there is any logging of connections rejected by the chkuser patch? Best Regards, Jeff Koch, Intersessions
RE: [toaster] chkuser patch - logging
You can log extra information to the log file like this. Note that this is overkill for most, but I like it cause it shows a lot more info without the need to go back and forth between the send and smtpd logs. #!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s500 \ '-* * *' '-* * *' '+* * HELO *' '+* * MAIL *' '+* * RCPT *' '+* * 5*' '+* * 4*' /var/log/qmail/smtpd Regards Shane -Original Message- From: Jeff Koch [mailto:[EMAIL PROTECTED] Sent: Monday, 26 July 2004 9:14 PM To: [EMAIL PROTECTED] Subject: Re: [toaster] chkuser patch - logging Hi David: Thanks but is there something I need to turn on. We have the chkuser patch working on three mailservers ( I know because of the rejection replies to test messages) but there are no entries in the /var/log/qmail/smtpd logs. At 02:49 AM 7/26/2004, you wrote: Yes, you will find in the smtpd log file lines like this: 550 sorry, no mailbox here by that name (#5.1.1 - chkusr) On Mon, 2004-07-26 at 07:04, Jeff Koch wrote: Hi: Does anyone know if there is any logging of connections rejected by the chkuser patch? Best Regards, Jeff Koch, Intersessions Best Regards, Jeff Koch, Intersessions
Re: [toaster] chkuser patch - logging
I didn't realize before. Yes, probably I have that information because I'm using recordio inside the qmail-smtpd run script. Here's an excerpt of qmail-smtpd run: /usr/bin/recordio /usr/local/bin/rblsmtpd -b -r sbl.spamhaus.org -r relays.ordb.org \ /usr/bin/relay-ctrl-check /var/qmail/bin/qmail-smtpd Just place the recordio call before qmail-smtpd's call. But you know, with recordio you're gonna log lot of information... On Mon, 2004-07-26 at 15:14, Jeff Koch wrote: Hi David: Thanks but is there something I need to turn on. We have the chkuser patch working on three mailservers ( I know because of the rejection replies to test messages) but there are no entries in the /var/log/qmail/smtpd logs. At 02:49 AM 7/26/2004, you wrote: Yes, you will find in the smtpd log file lines like this: 550 sorry, no mailbox here by that name (#5.1.1 - chkusr) On Mon, 2004-07-26 at 07:04, Jeff Koch wrote: Hi: Does anyone know if there is any logging of connections rejected by the chkuser patch? Best Regards, Jeff Koch, Intersessions Best Regards, Jeff Koch, Intersessions
RE: [toaster] chkuser patch - logging
Hi Shane: Thanks - what exactly is this code doing? At 09:18 AM 7/26/2004, you wrote: You can log extra information to the log file like this. Note that this is overkill for most, but I like it cause it shows a lot more info without the need to go back and forth between the send and smtpd logs. #!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s500 \ '-* * *' '-* * *' '+* * HELO *' '+* * MAIL *' '+* * RCPT *' '+* * 5*' '+* * 4*' /var/log/qmail/smtpd Regards Shane -Original Message- From: Jeff Koch [mailto:[EMAIL PROTECTED] Sent: Monday, 26 July 2004 9:14 PM To: [EMAIL PROTECTED] Subject: Re: [toaster] chkuser patch - logging Hi David: Thanks but is there something I need to turn on. We have the chkuser patch working on three mailservers ( I know because of the rejection replies to test messages) but there are no entries in the /var/log/qmail/smtpd logs. At 02:49 AM 7/26/2004, you wrote: Yes, you will find in the smtpd log file lines like this: 550 sorry, no mailbox here by that name (#5.1.1 - chkusr) On Mon, 2004-07-26 at 07:04, Jeff Koch wrote: Hi: Does anyone know if there is any logging of connections rejected by the chkuser patch? Best Regards, Jeff Koch, Intersessions Best Regards, Jeff Koch, Intersessions Best Regards, Jeff Koch, Intersessions
[toaster] chkuser patch
Hi: Does anyone know if there is any logging of connections rejected by the chkuser patch? Best Regards, Jeff Koch, Intersessions
[toaster] Chkuser - Mysql -Gateway
Hello people, I have two server for a big domain. One of them is a SMTP-MX-ANTIVIRUS it receive all incoming and outgoiing mail, check for virus and forward messages to another machine (by a smtproute), a POP server which I use netqmail+qmail-toaster+vpopmail 5.4.2+Mysql and users' homedirs. I want to user chkuser-mysql in my SMTP-MX-ANTIVIR to deny incoming SMTP for unknown virtual domain users before forwarding message to antivirus and pop server to reduce antivirus working. I have replicated my vpopmail database from POP server to SMTP server yet, and create a fake /home/vpopmail/domains/mydomain.com.br/.qmail-default (with bounce-no-mailbox) but chkuser still doesn work. What does the chkuser patch are looking for? It works with my POP server without any problem, perhaps virtualdomains is needed? How can I use chkuser against a replicated mysql-vpopmail-db if I don want to deliver messages locally (I want to use smtproute)? My control files at SMTP gateways are : locals : empty virtualdomains : empty rcpthosts : localhost and mydomain.com.br Thanks in advance, Mário Viana ISP Network Admin
Re: [toaster] Chkuser - Mysql -Gateway
Mario Viana wrote: I want to user chkuser-mysql in my SMTP-MX-ANTIVIR to deny incoming SMTP for unknown virtual domain users before forwarding message to antivirus and pop server to reduce antivirus working. I have replicated my vpopmail database from POP server to SMTP server yet, and create a fake /home/vpopmail/domains/mydomain.com.br/.qmail-default (with bounce-no-mailbox) but chkuser still doesn work. What does the chkuser patch are looking for? It works with my POP server without any problem, perhaps virtualdomains is needed? How can I use chkuser /var/qmail/control/ and /var/qmail/users/* must be also replicated in order to get chkusr patch working correctly ;) Or maybe you want to modify source to fetch virtual domains from textfile. -- Eero
Re: [toaster] chkuser patch ldap
Is it support to reject unknow user like chkuser patch? - Original Message - From: Jeronimo Zucco [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, May 10, 2004 6:07 PM Subject: Re: [toaster] chkuser patch ldap Use qmail-ldap: http://www.nrg4u.com -- Jeronimo Zucco [EMAIL PROTECTED] PGP Public Key: www.riscozero.inf.br/pgp/jczucco.pgp --- Risco Zero - Suporte, Conectividade e Segurança da Informação Ltda. Av. Julio de Castilhos, 81/702 - B. Lourdes - Caxias do Sul - RS Fone/Fax: (54) 3028.5005 - [EMAIL PROTECTED] --- On Sunday 09 May 2004 22:53, Jimmy wrote: Hi, Is there any chkuser patch for ldap backend of vpopmail ? Regards, Jimmy.
[toaster] chkuser-mysql patch problem
Hi all, I've just upgraded (again) my qmail installation, in an attempt to cut out spam trying random email addresses to my domains, using chkuser-0.6.mysql.patch. I've followed the whole instalation procedure, compiled successfully qmail with the patches. The problem I found is, when using inside .qmail-default, maildrop, the mails are delivered but is not triggered the chkuser patch. And if I use inside .qmail-default, vdelivermail, all mails are rejected, with 550 sorry, no mailbox here by that name (#5.1.1 - chkusr) . Now, looking at mysql access logs, vdelivermail is not looking at mysql to see whether the user exists or not, therefore all emails (included the ones to valid users) are rejected. Has anyone tried this patch and had similar problem? Thanks for your help.
Re: [toaster] chkuser-mysql patch problem
We use the patch with mysql and it works fine. Make sure that you have vpopmail compiled with mysql-auth support. chkuser is a patch to qmail so that it rejects the smtp connection if the email address does not have a valid user name. At 03:38 AM 4/22/2004, you wrote: Hi all, I've just upgraded (again) my qmail installation, in an attempt to cut out spam trying random email addresses to my domains, using chkuser-0.6.mysql.patch. I've followed the whole instalation procedure, compiled successfully qmail with the patches. The problem I found is, when using inside .qmail-default, maildrop, the mails are delivered but is not triggered the chkuser patch. And if I use inside .qmail-default, vdelivermail, all mails are rejected, with 550 sorry, no mailbox here by that name (#5.1.1 - chkusr) . Now, looking at mysql access logs, vdelivermail is not looking at mysql to see whether the user exists or not, therefore all emails (included the ones to valid users) are rejected. Has anyone tried this patch and had similar problem? Thanks for your help. Best Regards, Jeff Koch, Intersessions
Re: [toaster] chkuser-mysql patch problem
On Thu, 2004-04-22 at 14:53, Jeff Koch wrote: We use the patch with mysql and it works fine. Make sure that you have vpopmail compiled with mysql-auth support. chkuser is a patch to qmail so that it rejects the smtp connection if the email address does not have a valid user name. Yes, vpopmail is compiled with it (I've been using mysql support for a long time already, nonetheless I recompiled it again, but yes , --enable-auth-module=mysql was in config.log). Vpopmail works fine, everything works except vdelivermail at .qmail-defaut. If I use maildrop instead in .qmail-default, and in the maildroprc file vdelivermail then works just fine. So I have no idea why vdelivermail refuses to call mysql in .qmail-default. This is my non-working .qmail-default: | /Appz2/VPopMail/bin/vdelivermail '' bounce-no-mailbox And this is the one, in another domain which does (but no chkuser is triggered): |/usr/bin/maildrop -w 90 ,in the /etc/maildroprc script, here's the line calling vdelivermail: VPOP=| /Appz2/VPopMail/bin/vdelivermail '' bounce-no-mailbox This domain calling maildrop then vdelivermail works (but chkuser doesn't). At 03:38 AM 4/22/2004, you wrote: Hi all, I've just upgraded (again) my qmail installation, in an attempt to cut out spam trying random email addresses to my domains, using chkuser-0.6.mysql.patch. I've followed the whole instalation procedure, compiled successfully qmail with the patches. The problem I found is, when using inside .qmail-default, maildrop, the mails are delivered but is not triggered the chkuser patch. And if I use inside .qmail-default, vdelivermail, all mails are rejected, with 550 sorry, no mailbox here by that name (#5.1.1 - chkusr) . Now, looking at mysql access logs, vdelivermail is not looking at mysql to see whether the user exists or not, therefore all emails (included the ones to valid users) are rejected. Has anyone tried this patch and had similar problem? Thanks for your help. Best Regards, Jeff Koch, Intersessions
Re: [toaster] chkuser-mysql patch problem
Your .qmail-default does not look like a standard toaster install to me. The plain jane toaster with chkuser-mysql support should say: | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox At 09:59 AM 4/22/2004, you wrote: On Thu, 2004-04-22 at 14:53, Jeff Koch wrote: We use the patch with mysql and it works fine. Make sure that you have vpopmail compiled with mysql-auth support. chkuser is a patch to qmail so that it rejects the smtp connection if the email address does not have a valid user name. Yes, vpopmail is compiled with it (I've been using mysql support for a long time already, nonetheless I recompiled it again, but yes , --enable-auth-module=mysql was in config.log). Vpopmail works fine, everything works except vdelivermail at .qmail-defaut. If I use maildrop instead in .qmail-default, and in the maildroprc file vdelivermail then works just fine. So I have no idea why vdelivermail refuses to call mysql in .qmail-default. This is my non-working .qmail-default: | /Appz2/VPopMail/bin/vdelivermail '' bounce-no-mailbox And this is the one, in another domain which does (but no chkuser is triggered): |/usr/bin/maildrop -w 90 ,in the /etc/maildroprc script, here's the line calling vdelivermail: VPOP=| /Appz2/VPopMail/bin/vdelivermail '' bounce-no-mailbox This domain calling maildrop then vdelivermail works (but chkuser doesn't). At 03:38 AM 4/22/2004, you wrote: Hi all, I've just upgraded (again) my qmail installation, in an attempt to cut out spam trying random email addresses to my domains, using chkuser-0.6.mysql.patch. I've followed the whole instalation procedure, compiled successfully qmail with the patches. The problem I found is, when using inside .qmail-default, maildrop, the mails are delivered but is not triggered the chkuser patch. And if I use inside .qmail-default, vdelivermail, all mails are rejected, with 550 sorry, no mailbox here by that name (#5.1.1 - chkusr) . Now, looking at mysql access logs, vdelivermail is not looking at mysql to see whether the user exists or not, therefore all emails (included the ones to valid users) are rejected. Has anyone tried this patch and had similar problem? Thanks for your help. Best Regards, Jeff Koch, Intersessions Best Regards, Jeff Koch, Intersessions
Re: [toaster] chkuser-mysql patch problem
On Thu, 2004-04-22 at 17:11, Jeff Koch wrote: Your .qmail-default does not look like a standard toaster install to me. The plain jane toaster with chkuser-mysql support should say: | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox No, I followed the install but obviously changed folders to fit my current installation. I didn't install all the DJB's tools mentioned in the guide, since I already had them. | /Appz2/VPopMail/bin/vdelivermail '' bounce-no-mailbox In what folder the vpopmail user lies doesn't change anything. As long as you call the binaries properly, at their real location. For example: it's important to notice to change the brand new created conf-vpopmail once applied the chkuser patch. conf-mysql as well. Bill's document for his toaster is completely fine. It just doens't fit already running installations. But it doesn't have to. Nonetheless, it's a very good idea having that large patch with all that funcionalities together. That's why I used it to upgrade. It's a great work. I don't think my problem lies on the way I installed it, maybe there's something wrong in the patch. At 09:59 AM 4/22/2004, you wrote: On Thu, 2004-04-22 at 14:53, Jeff Koch wrote: We use the patch with mysql and it works fine. Make sure that you have vpopmail compiled with mysql-auth support. chkuser is a patch to qmail so that it rejects the smtp connection if the email address does not have a valid user name. Yes, vpopmail is compiled with it (I've been using mysql support for a long time already, nonetheless I recompiled it again, but yes , --enable-auth-module=mysql was in config.log). Vpopmail works fine, everything works except vdelivermail at .qmail-defaut. If I use maildrop instead in .qmail-default, and in the maildroprc file vdelivermail then works just fine. So I have no idea why vdelivermail refuses to call mysql in .qmail-default. This is my non-working .qmail-default: | /Appz2/VPopMail/bin/vdelivermail '' bounce-no-mailbox And this is the one, in another domain which does (but no chkuser is triggered): |/usr/bin/maildrop -w 90 ,in the /etc/maildroprc script, here's the line calling vdelivermail: VPOP=| /Appz2/VPopMail/bin/vdelivermail '' bounce-no-mailbox This domain calling maildrop then vdelivermail works (but chkuser doesn't). At 03:38 AM 4/22/2004, you wrote: Hi all, I've just upgraded (again) my qmail installation, in an attempt to cut out spam trying random email addresses to my domains, using chkuser-0.6.mysql.patch. I've followed the whole instalation procedure, compiled successfully qmail with the patches. The problem I found is, when using inside .qmail-default, maildrop, the mails are delivered but is not triggered the chkuser patch. And if I use inside .qmail-default, vdelivermail, all mails are rejected, with 550 sorry, no mailbox here by that name (#5.1.1 - chkusr) . Now, looking at mysql access logs, vdelivermail is not looking at mysql to see whether the user exists or not, therefore all emails (included the ones to valid users) are rejected. Has anyone tried this patch and had similar problem? Thanks for your help. Best Regards, Jeff Koch, Intersessions Best Regards, Jeff Koch, Intersessions
Re: [toaster] Chkuser does not work with forwards/alias
Stig Martin Fiskaa wrote: Hello people, I've installed qmail several times before, but this time with chkuser, and I'm getting problems with forwards and aliases : [EMAIL PROTECTED]: host mail.projure.no[64.246.44.44] said: 533 sorry, your envelope recipient has been denied (#5.7.1) (in reply to RCPT TO command) check /var/qmail/control/badmailto. That errormessage comes when to is listed in that file. -- Eero
Re[2]: [toaster] Chkuser does not work with forwards/alias
Hello Eero, Tuesday, February 24, 2004, 3:10:42 PM, you wrote: I've installed qmail several times before, but this time with chkuser, and I'm getting problems with forwards and aliases : [EMAIL PROTECTED]: host mail.projure.no[64.246.44.44] said: 533 sorry, your envelope recipient has been denied (#5.7.1) (in reply to RCPT TO command) EV check /var/qmail/control/badmailto. That errormessage comes when to is EV listed in that file. Hum this is how the badmailto looked before, which worked fine without chkuser: [EMAIL PROTECTED] !@ # must not contain invalid characters, brakets or multiple @'s [\W\D!%#:\*\^] [\(\)] [\{\}] @.*@ [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] @somethingstupid.com [EMAIL PROTECTED] [EMAIL PROTECTED] I removed the first lines until [EMAIL PROTECTED], and now it seems to work fine:-) Thanks! -- Best regards, Stigmailto:[EMAIL PROTECTED]
[toaster] chkuser patch and tmda
This is from the website the patch came from.. I am not shure how I would add this to make the chkuser patch work any help please ? -John TMDA TMDA needs the straight check of user existance to be widened, allowing any address like [EMAIL PROTECTED] to be considered valid. This is an extension of the patch, that allows this behaviour. user_passwd = vauth_getpw (user.s, domain.s); + if (user_passwd == NULL) { + count = 0; + while ((count (user.len -1)) (user_passwd == NULL)) { + count += byte_chr(user.s[count], user.len - count,'-'); + if (count user.len) { + if (!stralloc_copyb (alias_name, user.s, count)) die_nomem(); + if (!stralloc_0 (alias_name)) die_nomem(); + user_passwd = vauth_getpw (alias_name.s, domain.s); + ++count; + } +} + } if (user_passwd != NULL) { This code makes a recursive search, starting from left, and looking for each '-' character, until a valid user is found or string is ended. Be aware to change the '-' constant to whatever you need for your TMDA system.
[toaster] chkuser patch problems
Hi all, I'm trying to get the chkuser patch installed on my qmail system. Currently installed are the following : qmail-1.03 (with the 0.5 toaster patch) (ucspi-tcp and daemontools too) vpopmail 5.3.20 (compiled with --enable-roaming-users=y --enable-logging=y --enable-default-domain=emcs.net --enable-mysql=y --enable-mysql-replication=y --enable-defaultquota=50M) courier-imap 1.7.0 I've extracted the qmail archive, patched with the 0.5 patch, and then the chkuser patch. I modified the conf-vpopmail file to reflect the actual home directory of vpopmail, and then run make. The errors are listed below (large snippet)... Any idea how to fix this? Does the chkuser patch not work with mysql? Am I missing something here? Any and all help is much appreciated! Thanks! /usr2/vpopmail/lib/libvpopmail.a(vauth.o): In function `vauth_open_update': /usr/local/src/vpopmail-5.3.20/vauth.c:105: undefined reference to `mysql_init' /usr/local/src/vpopmail-5.3.20/vauth.c:108: undefined reference to `mysql_real_connect' /usr/local/src/vpopmail-5.3.20/vauth.c:112: undefined reference to `mysql_error' /usr/local/src/vpopmail-5.3.20/vauth.c:118: undefined reference to `mysql_real_connect' /usr/local/src/vpopmail-5.3.20/vauth.c:123: undefined reference to `mysql_error' /usr/local/src/vpopmail-5.3.20/vauth.c:132: undefined reference to `mysql_query' /usr/local/src/vpopmail-5.3.20/vauth.c:137: undefined reference to `mysql_error' /usr/local/src/vpopmail-5.3.20/vauth.c:140: undefined reference to `mysql_store_result' /usr/local/src/vpopmail-5.3.20/vauth.c:141: undefined reference to `mysql_free_result' /usr/local/src/vpopmail-5.3.20/vauth.c:144: undefined reference to `mysql_select_db' /usr2/vpopmail/lib/libvpopmail.a(vauth.o): In function `vauth_open_read': /usr/local/src/vpopmail-5.3.20/vauth.c:163: undefined reference to `mysql_init' /usr/local/src/vpopmail-5.3.20/vauth.c:164: undefined reference to `mysql_real_connect' /usr/local/src/vpopmail-5.3.20/vauth.c:169: undefined reference to `mysql_real_connect' /usr2/vpopmail/lib/libvpopmail.a(vauth.o): In function `vauth_open_read_getall': /usr/local/src/vpopmail-5.3.20/vauth.c:195: undefined reference to `mysql_init' /usr/local/src/vpopmail-5.3.20/vauth.c:196: undefined reference to `mysql_real_connect' /usr/local/src/vpopmail-5.3.20/vauth.c:201: undefined reference to `mysql_real_connect' /usr2/vpopmail/lib/libvpopmail.a(vauth.o): In function `vauth_adddomain': /usr/local/src/vpopmail-5.3.20/vauth.c:231: undefined reference to `mysql_query' /usr/local/src/vpopmail-5.3.20/vauth.c:236: undefined reference to `mysql_store_result' /usr/local/src/vpopmail-5.3.20/vauth.c:237: undefined reference to `mysql_free_result' /usr2/vpopmail/lib/libvpopmail.a(vauth.o): In function `vauth_adduser': /usr/local/src/vpopmail-5.3.20/vauth.c:310: undefined reference to `mysql_query' /usr/local/src/vpopmail-5.3.20/vauth.c:311: undefined reference to `mysql_error' /usr/local/src/vpopmail-5.3.20/vauth.c:314: undefined reference to `mysql_store_result' /usr/local/src/vpopmail-5.3.20/vauth.c:315: undefined reference to `mysql_free_result' /usr2/vpopmail/lib/libvpopmail.a(vauth.o): In function `vauth_getpw': /usr/local/src/vpopmail-5.3.20/vauth.c:364: undefined reference to `mysql_query' /usr/local/src/vpopmail-5.3.20/vauth.c:365: undefined reference to `mysql_error' /usr/local/src/vpopmail-5.3.20/vauth.c:369: undefined reference to `mysql_store_result' /usr/local/src/vpopmail-5.3.20/vauth.c:374: undefined reference to `mysql_num_rows' /usr/local/src/vpopmail-5.3.20/vauth.c:393: undefined reference to `mysql_fetch_row' /usr/local/src/vpopmail-5.3.20/vauth.c:408: undefined reference to `mysql_free_result' /usr/local/src/vpopmail-5.3.20/vauth.c:405: undefined reference to `mysql_free_result' /usr2/vpopmail/lib/libvpopmail.a(vauth.o): In function `vauth_deldomain': /usr/local/src/vpopmail-5.3.20/vauth.c:429: undefined reference to `mysql_query' /usr/local/src/vpopmail-5.3.20/vauth.c:432: undefined reference to `mysql_store_result' /usr/local/src/vpopmail-5.3.20/vauth.c:433: undefined reference to `mysql_free_result' /usr/local/src/vpopmail-5.3.20/vauth.c:442: undefined reference to `mysql_query' /usr/local/src/vpopmail-5.3.20/vauth.c:445: undefined reference to `mysql_store_result' /usr/local/src/vpopmail-5.3.20/vauth.c:446: undefined reference to `mysql_free_result' /usr2/vpopmail/lib/libvpopmail.a(vauth.o): In function `vauth_deluser': /usr/local/src/vpopmail-5.3.20/vauth.c:477: undefined reference to `mysql_query' /usr/local/src/vpopmail-5.3.20/vauth.c:480: undefined reference to `mysql_store_result' /usr/local/src/vpopmail-5.3.20/vauth.c:481: undefined reference to `mysql_free_result' /usr/local/src/vpopmail-5.3.20/vauth.c:487: undefined reference to `mysql_query' /usr/local/src/vpopmail-5.3.20/vauth.c:490: undefined reference to `mysql_store_result' /usr/local/src/vpopmail-5.3.20/vauth.c:491: undefined reference to `mysql_free_result' /usr2/vpopmail/lib/libvpopmail.a(vauth.o): In
[toaster] chkuser patch
FYI: I've posted a version of the vpopmail chkuser patch that applies to qmail on top of my new 0.5 toaster patch. Both are available on www.shupp.org. For those of you unfamiliar with the chkuser patch, it adds support to qmail-smtpd for checking that a vpopmail user actually exists before accepting a message. This is nice for domains that don't have a catch all account, and generate a lot of triple bounce messages from forged senders. Cheers, Bill
Re: [toaster] chkuser patch
FYI: I've posted a version of the vpopmail chkuser patch that applies to qmail on top of my new 0.5 toaster patch. Both are available on www.shupp.org. Does this patch fix up the TLS error which i previously encounter?
Re: [toaster] chkuser patch
On Sunday, March 16, 2003, at 07:37 PM, Nicholas Chua wrote: FYI: I've posted a version of the vpopmail chkuser patch that applies to qmail on top of my new 0.5 toaster patch. Both are available on www.shupp.org. Does this patch fix up the TLS error which i previously encounter? It should. I have not seen the error since applying the 0.5 patch a few weeks ago. While I never pinpointed the cause of the problem, this version uses the SMTP-AUTH/TLS integration patch on qmail.org, rather than my integration (based on Matt Simerson's). One thing I have noticed, though, is that using recordio breaks TLS. Regards, Bill Shupp
Re: [toaster] chkuser patch
Does this patch fix up the TLS error which i previously encounter? It should. I have not seen the error since applying the 0.5 patch a few weeks ago. While I never pinpointed the cause of the problem, this version uses the SMTP-AUTH/TLS integration patch on qmail.org, rather than my integration (based on Matt Simerson's). One thing I have noticed, though, is that using recordio breaks TLS. Ohhh.. I removed recordio and did stunnel -c -v 2 -n smtp -r mydomain.net:25 -f -D 7 and finally i get the correct result. -- 2003.03.17 12:36:44 LOG7[29725:1024]: SSL state (connect): before/connect initialization 2003.03.17 12:36:44 LOG7[29725:1024]: SSL state (connect): SSLv3 write client hello A 2003.03.17 12:36:44 LOG7[29725:1024]: SSL state (connect): SSLv3 read server hello A 2003.03.17 12:36:44 LOG4[29725:1024]: VERIFY ERROR: depth=0, error=self signed certificate: /C=SG/ST=Singapore/L=LionCity/O=NetCom Media/OU=NOC/CN=mydomain.net/[EMAIL PROTECTED] 2003.03.17 12:36:44 LOG7[29725:1024]: SSL alert (write): fatal: bad certificate 2003.03.17 12:36:44 LOG3[29725:1024]: SSL_connect: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed 2003.03.17 12:36:44 LOG7[29725:1024]: mydaomin.net.25 finished (0 left) Finally. Being waiting for this for so long. I will try the patch with the recordio and see what happens. Anyway, its time for me to upgrade all the patches, vpopmail, qmailadmin, sqwebmail etc. Thanks Bill. regards