Re: [vchkpw] Strange Error
François Wautier wrote: Hi, Duly noting the near absolute lack of interest in my previous email (Only Devendra Singh responded indicating he had the same problem), I decided to go and figure out things my way. Good job. I use CDB, and don't know enough about using MySQL with vpopmail to find something like that. Unless someone objects I plan to put this in HEAD, and suggest it go into the stable branch too. I like the fact that this patch separates hard errors from soft errors, checking first if it can open the database connection at all and aborting on failure. It works well with the changes in error handling that I am working on. I wish I understood the base problem better, I don't know if we are just covering up a database problem. You are sure you aren't running out of MySQL children at peak loads, right? Being on the border of having too many requests for the number of MySQL children allowed could cause what you are seeing. Even if that turns out to be your real problem I think this is a better way to handle opening the database. I have posted the patch on SourceFORGE. [967994] Rick
[vchkpw] -- 500 server error. Password not changed
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, My squirrelmail previously can change password without any problem. But today, when one of my user wants to change its password, there is error: - -- server error 500. Password not changed. What is causing this? The version is: vqadmin 2.3.2 vpopmail 5.4.0 squirrelmail 1.4.2 Thanks. - -- Fajar Priyanto | Reg'd Linux User #327841 | http://linux.arinet.org 15:06:42 up 6:53, Mandrake Linux release 9.2 (FiveStar) for i586 public key: https://www.arinet.org/fajar-pub.key -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAxCJMkp5CsIXuxqURAgQqAJwP602DbMHHUsOUiAd6R0cC5RiH/QCdHsVT dKBHa9CWvVhzxl+BdaONmGc= =y9GC -END PGP SIGNATURE-
Re: [vchkpw] -- 500 server error. Password not changed
Fajar Priyanto wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, My squirrelmail previously can change password without any problem. But today, when one of my user wants to change its password, there is error: - -- server error 500. Password not changed. What is causing this? The version is: vqadmin 2.3.2 vpopmail 5.4.0 squirrelmail 1.4.2 Which plugin do you use to change the password?
Re: [vchkpw] -- 500 server error. Password not changed
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 07 June 2004 03:42 pm, Patrick Donker wrote: Fajar Priyanto wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, My squirrelmail previously can change password without any problem. But today, when one of my user wants to change its password, there is error: - -- server error 500. Password not changed. What is causing this? The version is: vqadmin 2.3.2 vpopmail 5.4.0 squirrelmail 1.4.2 Which plugin do you use to change the password? I use change_pass-2.6-1.4.x.tar.gz It ran ok previously. I didn't do any change on the system, except that I change the user that runs httpd from apache.apache to nobody.nogroup. Is it related? - -- Fajar Priyanto | Reg'd Linux User #327841 | http://linux.arinet.org 15:48:09 up 7:34, Mandrake Linux release 9.2 (FiveStar) for i586 public key: https://www.arinet.org/fajar-pub.key -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAxCw/kp5CsIXuxqURAuT0AKCYJN8GSoLTi65Mjovbp5QSyXEHKwCeL5GN t3fEzH1UfKZhfy0D96oCO+E= =4+z1 -END PGP SIGNATURE-
Re: [vchkpw] -- 500 server error. Password not changed
Fajar Priyanto wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 07 June 2004 03:42 pm, Patrick Donker wrote: Fajar Priyanto wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, My squirrelmail previously can change password without any problem. But today, when one of my user wants to change its password, there is error: - -- server error 500. Password not changed. What is causing this? The version is: vqadmin 2.3.2 vpopmail 5.4.0 squirrelmail 1.4.2 Which plugin do you use to change the password? I use change_pass-2.6-1.4.x.tar.gz It ran ok previously. I didn't do any change on the system, except that I change the user that runs httpd from apache.apache to nobody.nogroup. Is it related? - -- Fajar Priyanto | Reg'd Linux User #327841 | http://linux.arinet.org 15:48:09 up 7:34, Mandrake Linux release 9.2 (FiveStar) for i586 public key: https://www.arinet.org/fajar-pub.key -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAxCw/kp5CsIXuxqURAuT0AKCYJN8GSoLTi65Mjovbp5QSyXEHKwCeL5GN t3fEzH1UfKZhfy0D96oCO+E= =4+z1 -END PGP SIGNATURE- The easiest way to rule that out is to undo your latest changes. If that is undoable for whatever reason, you should revise if there is a rights problem
[vchkpw] vlimit not working
Hi, I am running vpopmail 5.3.30 with qmail 1.03 and qmailadmin 1.0.29 I already set the .qmailadmin-limits to a particular domain with the setting below but I still can send email via the mail server, why? disable_external_relay disable_smtp And, I had configure vpopmail with --enable-roaming-users=y Regards, ro0ot
Re: [vchkpw] -- 500 server error. Password not changed
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 07 June 2004 03:53 pm, Patrick Donker wrote: The easiest way to rule that out is to undo your latest changes. If that is undoable for whatever reason, you should revise if there is a rights problem I didn't know what happen, but when I restart the imap server, all is OK again. I can change the password again. Thanks guys. - -- Fajar Priyanto | Reg'd Linux User #327841 | http://linux.arinet.org 16:53:09 up 8:39, Mandrake Linux release 9.2 (FiveStar) for i586 public key: https://www.arinet.org/fajar-pub.key -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAxDs5kp5CsIXuxqURAk0lAKClfRNz/0fO1rpGp0+MlW/lxqBg1gCgpHgs VbpcSjQa0FgdSj999fqct0s= =yPFH -END PGP SIGNATURE-
Re: [vchkpw] Strange Error
Rick, François Wautier wrote: Hi, Duly noting the near absolute lack of interest in my previous email (Only Devendra Singh responded indicating he had the same problem), I decided to go and figure out things my way. Good job. I use CDB, and don't know enough about using MySQL with vpopmail to find something like that. Unless someone objects I plan to put this in HEAD, and suggest it go into the stable branch too. I like the fact that this patch separates hard errors from soft errors, checking first if it can open the database connection at all and aborting on failure. It works well with the changes in error handling that I am working on. I thought it made sense too. I wish I understood the base problem better, I don't know if we are just covering up a database problem. Could be... but is unlikely. You are sure you aren't running out of MySQL children at peak loads, right? Being on the border of having too many requests for the number of MySQL children allowed could cause what you are seeing. I don't really have any load to speak of. And if the problem was that, I think the client would not connect, not report Lost connection to MySQL server during query. I would also get more complains from the websites not being able to get the data. In any case, my simplistic patch does handle that type of problem better. Cheers, François Even if that turns out to be your real problem I think this is a better way to handle opening the database. I have posted the patch on SourceFORGE. [967994] Rick
[vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
Hi, I am using Erwin Hoffmann's qmail-smtpd-auth-0.4.2. I have noticed that once authenticated a user can use [EMAIL PROTECTED] (where server.com is a domain listed in rcpthosts) in the FROM header. Is there any remedy. __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
On Monday 07 June 2004 08:08 am, Devendra Singh wrote: Hi, I am using Erwin Hoffmann's qmail-smtpd-auth-0.4.2. I have noticed that once authenticated a user can use [EMAIL PROTECTED] (where server.com is a domain listed in rcpthosts) in the FROM header. even an unauthenticated user can do this. How do you think this mailing list post will have my From: header, but an envelope sender of vchkpw-return-somenumber[EMAIL PROTECTED] Is there any remedy. What Problem Are You Trying To Solve? -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
[vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
Hi, I tried to upgrade the Vpopmail software but something is not work correctly. We used the MySQL AUTH Module. If I read from the UPGRADE documentation, I read: --- Upgrading to 5.4 from 5.3.x or 5.2.x is straight forward. We dont have enabled many-domain, so we have a problem. By default, the option enabled-many-domain is now enabled. It's ok when I specified --enabled-many-domain = n. I can do a vdominfo query. But when I try vuserinfo, this is the error: [EMAIL PROTECTED]:/home/vpopmail/bin# ~vpopmail/bin/vuserinfo [EMAIL PROTECTED] vmysql: sql error[3]: Table 'vpopmail.test.com' doesn't exist no such user [EMAIL PROTECTED] This is my ./configure options: --enable-clear-passwd=y \ --enable-valias=y \ --enable-mysql-logging=y \ --enable-sqwebmail-pass=y \ --enable-domains-dir=domains \ --enable-auth-module=mysql \ --enable-incdir=/usr/local/mysql/include/ \ --enable-libdir=/usr/local/mysql/lib/ \ --enable-many-domains=n \ --disable-users-big-dir I tried with and without --disable-users-big-dir, same result. We used mysql 4.0.20, new upgraded ;). Thanks for Help. Martin _ MSN Search, le moteur de recherche qui pense comme vous ! http://fr.ca.search.msn.com/
RE: [vchkpw] Vpopmail MySQL
Jeremy: Your answers are always very helpful. I had almost given up using mysql backend on a master server. Now I am going to try again. I will keep posted. Thanks again. Kirti -Original Message- From: Jeremy Kitchen [mailto:[EMAIL PROTECTED] Sent: Sunday, June 06, 2004 11:36 PM To: [EMAIL PROTECTED] Subject: Re: [vchkpw] Vpopmail MySQL On Sunday 06 June 2004 08:37 pm, Kirti S. Bajwa wrote: Hello: I had posted a similar question couple of days ago. I have done quite a bit research actual installation and would like to post the following question for somebody's help and/or recommendation: I have setup a MAIL server with RH9, qmail, mysql, vpopmail, etc. I have tested vpopmail by adding a domain it works. I also have setup a DATA server with RH9 Master MySQL. My goal is to keep all MySQL data on the DATA server. MAIL server RADIUS servers go to the DATA server for MySQL records. Latency is not a problem because all these servers are connected on a private (192.168.237.X) network. right, a relatively common configuration. I've done multiple mysql-replicated setups (this isn't replication, but vpopmail is configured very similarly. After I tested the MAIL server, I tried for it to create a domain on DATA server vpopmail database. On the MAIL server I changed the /home/vpopmail/etc/vpopmail.mysql from: localhost|0|vpopmailuser|vpoppasswd|vpopmail -to- 192.167.237.16|0|vpopmailuser|vpoppasswd|vpopmail ok. make sure your mysql server is listening on TCP port 3306 (which is the default) and that you can connect to it from the 'MAIL' server. Telnet should suffice. Once you've determined you can connect to it, make sure you are able to perform operations on the database using the 'mysql' command line interface (from the MAIL server). where 192.167.237.16 is the IP address of the DATA server. I also have tried various other techniques but nothing seem to work. When I try adding a domain, I get error message: various other techniques of doing what? I don't see how this is difficult, to be honest. vmysql: sql error[c]: MYSQL server has gone away (and slew of other similar error messages) and those other error messages are? Usually 'mysql server has gone away' means that the password didn't work. Therefore, my question is: (1) Has anybody tried setting up vpopmail with MySQL backend data being on server (but on the same LAN/network)? yes. (2) Is it even possible? yes. (3) If not possible, how can I move the user data to the backend MySQL DATA server so other servers (such as RADIUS for authentication) can use it? well, if it wasn't possible (which it is) you're asking how to do the impossible I don't see how you could expect a solution to an impossible question :) I have spent about two weeks on this project. Your help is highly appreciated. setting up vpopmail with mysql backend shouldn't take more than about 3 minutes. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
At 07/06/04 20:05 (), you wrote: On Monday 07 June 2004 08:08 am, Devendra Singh wrote: Hi, I am using Erwin Hoffmann's qmail-smtpd-auth-0.4.2. I have noticed that once authenticated a user can use [EMAIL PROTECTED] (where server.com is a domain listed in rcpthosts) in the FROM header. even an unauthenticated user can do this. How do you think this mailing list post will have my From: header, but an envelope sender of vchkpw-return-somenumber[EMAIL PROTECTED] Is there any remedy. What Problem Are You Trying To Solve? -Jeremy Sorry Jeremy, Perhaps I was unable to explain the problem properly. Suppose a Server is hosting the following domains: abc.com xyz.com test.com Now, the user [EMAIL PROTECTED] has been enabled for SMTP (not POP-Before SMTP but SMTP-AUTH using Erwin's Patch). If the user [EMAIL PROTECTED] tries to send an email as [EMAIL PROTECTED] in FROM headers, its denied. But, if he impersonates (for say spamming) in FROM headers as [EMAIL PROTECTED] or even [EMAIL PROTECTED] his outgoing mail would go through. Isn't this a case to worry? The example that you have talked about is totally unrelated to the above explained situation. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
[vchkpw] Block a mail for a user
I have qmail + vpopmail installed in my server and i want to block a mail from an external domain ([EMAIL PROTECTED]) only for the user [EMAIL PROTECTED] How can i do this ? TUNET www.tunet.tn
Re: [vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
On Monday 07 June 2004 10:17 am, Devendra Singh wrote: Sorry Jeremy, Perhaps I was unable to explain the problem properly. Suppose a Server is hosting the following domains: abc.com xyz.com test.com ok. Now, the user [EMAIL PROTECTED] has been enabled for SMTP (not POP-Before SMTP but SMTP-AUTH using Erwin's Patch). If the user [EMAIL PROTECTED] tries to send an email as [EMAIL PROTECTED] in FROM headers, its denied. no, it's not, unless you've got some funky stuff set up, in which case, you'll have to provide more details. But, if he impersonates (for say spamming) in FROM headers as [EMAIL PROTECTED] or even [EMAIL PROTECTED] his outgoing mail would go through. Isn't this a case to worry? well, if you see it happening, that's why insert deity here created userdel. The example that you have talked about is totally unrelated to the above explained situation. no, it's entirely the same concept. Why let an unauthenticated user use any combination of envelope sender/header information but restrict authenticated users. Doesn't make much sense to me. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
On Monday 07 June 2004 10:13 am, Martin Leduc wrote: Hi, I tried to upgrade the Vpopmail software but something is not work correctly. We used the MySQL AUTH Module. If I read from the UPGRADE documentation, I read: --- Upgrading to 5.4 from 5.3.x or 5.2.x is straight forward. We dont have enabled many-domain, so we have a problem. right. By default, the option enabled-many-domain is now enabled. as it should be. [snip confusing problem with simple workaround-ish solution] I would *highly* recommend going into your old source directory (hopefully you kept it around) and use 'vconvert' to pull your existing data from mysql into vpasswd files. Then, using the new binaries you have, use vconvert again to put the existing data back into the database in the structure it needs (I would highly recommend --enable-many-domains) That's the easiest way out of this mess for you, and shouldn't take but a minute or two. You don't even have to replace any binaries or anything, just run it where it stands. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] Block a mail for a user
On Monday 07 June 2004 10:37 am, [EMAIL PROTECTED] wrote: I have qmail + vpopmail installed in my server and i want to block a mail from an external domain ([EMAIL PROTECTED]) only for the user [EMAIL PROTECTED] How can i do this ? cat EOF `~vpopmail/bin/vuserinfo -d [EMAIL PROTECTED]/.qmail |bouncesaying no mail from you ifaddr from : [EMAIL PROTECTED] ./Maildir/ EOF the ifaddr program is from the qtools package http://www.superscript.com/qtools/ifaddr.html bouncesaying is from the qmail package. hope this helps. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
Thank you, thats working :) Now I need to make a pre-production test. I would like to copy my vpopmail/domains dir and my Database to my DEVEL server. Did I need other files? Like in the Qmail config? Martin From: Jeremy Kitchen [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL Date: Mon, 7 Jun 2004 11:00:59 -0500 On Monday 07 June 2004 10:13 am, Martin Leduc wrote: Hi, I tried to upgrade the Vpopmail software but something is not work correctly. We used the MySQL AUTH Module. If I read from the UPGRADE documentation, I read: --- Upgrading to 5.4 from 5.3.x or 5.2.x is straight forward. We dont have enabled many-domain, so we have a problem. right. By default, the option enabled-many-domain is now enabled. as it should be. [snip confusing problem with simple workaround-ish solution] I would *highly* recommend going into your old source directory (hopefully you kept it around) and use 'vconvert' to pull your existing data from mysql into vpasswd files. Then, using the new binaries you have, use vconvert again to put the existing data back into the database in the structure it needs (I would highly recommend --enable-many-domains) That's the easiest way out of this mess for you, and shouldn't take but a minute or two. You don't even have to replace any binaries or anything, just run it where it stands. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail _ MSN Search, le moteur de recherche qui pense comme vous ! http://fr.ca.search.msn.com/
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
On Monday 07 June 2004 11:33 am, Martin Leduc wrote: Thank you, thats working :) great. Now I need to make a pre-production test. ok. I would like to copy my vpopmail/domains dir and my Database to my DEVEL server. ok. Did I need other files? Like in the Qmail config? the users/ and control/ directories for qmail. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] vlimit not working
On Monday 07 June 2004 4:24 am, ro0ot wrote: Hi, I am running vpopmail 5.3.30 with qmail 1.03 and qmailadmin 1.0.29 I already set the .qmailadmin-limits to a particular domain with the setting below but I still can send email via the mail server, why? disable_external_relay disable_smtp And, I had configure vpopmail with --enable-roaming-users=y Regards, ro0ot You might want to upgrade to the lasted production version 5.4.4 Ken Jones
Re: [vchkpw] vlimit not working
On Jun 7, 2004, at 10:30 AM, Ken Jones wrote: On Monday 07 June 2004 4:24 am, ro0ot wrote: I am running vpopmail 5.3.30 with qmail 1.03 and qmailadmin 1.0.29 I already set the .qmailadmin-limits to a particular domain with the setting below but I still can send email via the mail server, why? You might want to upgrade to the lasted production version 5.4.4 Ken Jones You will definitely want to upgrade. I just checked the ChangeLog, and in the release after 5.3.30 I added a fix to Correctly apply domain limits to user accounts. Take a look at the ChangeLog yourself -- there were probably 100+ changes made between 5.3.30 and the final 5.4.0 release. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
Can you tel me quickly what is the difference between enabled-many-domain=y and =n? it's only the one table per domain when no is enabled ? Best Regards Martin From: Jeremy Kitchen [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL Date: Mon, 7 Jun 2004 11:40:00 -0500 On Monday 07 June 2004 11:33 am, Martin Leduc wrote: Thank you, thats working :) great. Now I need to make a pre-production test. ok. I would like to copy my vpopmail/domains dir and my Database to my DEVEL server. ok. Did I need other files? Like in the Qmail config? the users/ and control/ directories for qmail. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail _ MSN Search, le moteur de recherche qui pense comme vous ! http://fr.ca.search.msn.com/
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
On Monday 07 June 2004 01:39 pm, Martin Leduc wrote: Can you tel me quickly what is the difference between enabled-many-domain=y and =n? as far as I know it only affects sql (mysql only?) backends, as with --enable-many-domains=y (default) it uses one table with all of the information, and with it =n it uses one table per domain. Someone who has actually dug through the code (Tom?, Michael?, Ken?) might be able to give you a more definite example, but from my experience that's the main difference. I think --enable-large-site (or similar) is what enables/disables the directory hashing, but don't quote me on that. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
On Monday 07 June 2004 2:01 pm, Jeremy Kitchen wrote: On Monday 07 June 2004 01:39 pm, Martin Leduc wrote: Can you tel me quickly what is the difference between enabled-many-domain=y and =n? as far as I know it only affects sql (mysql only?) backends, as with --enable-many-domains=y (default) it uses one table with all of the information, and with it =n it uses one table per domain. Someone who has actually dug through the code (Tom?, Michael?, Ken?) might be able to give you a more definite example, but from my experience that's the main difference. I think --enable-large-site (or similar) is what enables/disables the directory hashing, but don't quote me on that. As an ex-database admin, I wrote the many-domains=no option as an optimization to the database schema to save disk space. Consider hosting one domain with 1 million email accounts. The pw_domain(64 char) field is redundant (only one domain). So we would be wasting 64MB of space in the database. So instead the table is named after the domain. On the other hand, consider hosting 700 domains. Mysql would have to access 700 tables. Mysql uses file descriptors for each table. In production, we saw mysql opening and closing file descriptors as it tried to share it's available file descriptors across sql queries, which seriously impacted performance. On this type of system, it we got better performance by putting all the data into one table. The end result after performance testing was the single table setup was the best for all servers, except for the case where there are 1 (or a few) domains with many-many email accounts. Hence we made many domains the default option. Ken Jones
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
On Monday 07 June 2004 02:20 pm, Ken Jones wrote: On Monday 07 June 2004 2:01 pm, Jeremy Kitchen wrote: On Monday 07 June 2004 01:39 pm, Martin Leduc wrote: Can you tel me quickly what is the difference between enabled-many-domain=y and =n? as far as I know it only affects sql (mysql only?) backends, as with --enable-many-domains=y (default) it uses one table with all of the information, and with it =n it uses one table per domain. Someone who has actually dug through the code (Tom?, Michael?, Ken?) might be able to give you a more definite example, but from my experience that's the main difference. I think --enable-large-site (or similar) is what enables/disables the directory hashing, but don't quote me on that. As an ex-database admin, I wrote the many-domains=no option as an optimization to the database schema to save disk space. Consider hosting one domain with 1 million email accounts. The pw_domain(64 char) field is redundant (only one domain). So we would be wasting 64MB of space in the database. So instead the table is named after the domain. I was about to ask you this but you ran off before I could.. so I'll just post for discussion purposes. Isn't this what the varchar field is for? -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
On Monday 07 June 2004 02:22 pm, Jeremy Kitchen wrote: As an ex-database admin, I wrote the many-domains=no option as an optimization to the database schema to save disk space. Consider hosting one domain with 1 million email accounts. The pw_domain(64 char) field is redundant (only one domain). So we would be wasting 64MB of space in the database. So instead the table is named after the domain. I was about to ask you this but you ran off before I could.. so I'll just post for discussion purposes. Isn't this what the varchar field is for? or rather, field TYPE. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
RE: [vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
The unified qmail patches include a patch to verify the FROM address with authenticated user. The patch is located at http://night.rdslink.ro/dudu/qmail/. Check README for 2004_05_02. Hope it helps. Shouguan Lin -Original Message- From: Devendra Singh [mailto:[EMAIL PROTECTED] Sent: Monday, June 07, 2004 6:08 AM To: VpopMail Mailing List Subject: [vchkpw] SMTP Authenticated user is able to anyone in rcpthosts Hi, I am using Erwin Hoffmann's qmail-smtpd-auth-0.4.2. I have noticed that once authenticated a user can use [EMAIL PROTECTED] (where server.com is a domain listed in rcpthosts) in the FROM header. Is there any remedy. __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
Jeremy Kitchen wrote: On Monday 07 June 2004 02:22 pm, Jeremy Kitchen wrote: As an ex-database admin, I wrote the many-domains=no option as an optimization to the database schema to save disk space. Consider hosting one domain with 1 million email accounts. The pw_domain(64 char) field is redundant (only one domain). So we would be wasting 64MB of space in the database. So instead the table is named after the domain. I was about to ask you this but you ran off before I could.. so I'll just post for discussion purposes. Isn't this what the varchar field is for? Yes it is, but the current database layout uses char fields. Still if you have one domain with 1 million accounts, you have at least 4MB of duplicated domain names, if the domain name is a.au, better than the 64MB the current char field would use, but not as good as 0 bytes if the table is named for the domain and you don't store the domain name at all. It is interesting in theory, but there probably aren't many sites like this. It does bring up an interesting question... would it be a good idea to change from char to varchar for all the fields? It should give a substantial reduction in database size, and I don't think it will be that much slower. Someone _should_ be able to do an alter table and find out if anything breaks... Rick p.s. It does bring up a real question - does anyone actually use separate tables for each domain anymore? It would be nice if we could remove the option some day. (It causes a number of four state ifdef structures that are kind of messy.)
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
On Monday 07 June 2004 03:08 pm, Rick Widmer wrote: Jeremy Kitchen wrote: On Monday 07 June 2004 02:22 pm, Jeremy Kitchen wrote: As an ex-database admin, I wrote the many-domains=no option as an optimization to the database schema to save disk space. Consider hosting one domain with 1 million email accounts. The pw_domain(64 char) field is redundant (only one domain). So we would be wasting 64MB of space in the database. So instead the table is named after the domain. I was about to ask you this but you ran off before I could.. so I'll just post for discussion purposes. Isn't this what the varchar field is for? Yes it is, but the current database layout uses char fields. Still if you have one domain with 1 million accounts, you have at least 4MB of duplicated domain names, if the domain name is a.au, better than the 64MB the current char field would use, but not as good as 0 bytes if the table is named for the domain and you don't store the domain name at all. It is interesting in theory, but there probably aren't many sites like this. ahh good point. My thought is though, if you have a million users, 4 megs of extra 'wasted' space (even 64 megs) is trivial. I think people with a million users are more concerned about speed than fretting over a few megs of lost space :) It does bring up an interesting question... would it be a good idea to change from char to varchar for all the fields? It should give a substantial reduction in database size, and I don't think it will be that much slower. Someone _should_ be able to do an alter table and find out if anything breaks... yea, I don't think that would break anything. Unfortunately I don't have a machine to try that on (other than a few production servers but I'm sure they'd shoot me if I broke them *grins*) p.s. It does bring up a real question - does anyone actually use separate tables for each domain anymore? It would be nice if we could remove the option some day. (It causes a number of four state ifdef structures that are kind of messy.) I know when I set up mysql backends I leave it at the default, I would assume that most people also do (unless they really know what they're doing, in which case they probably need the single table anyways for performance reasons) -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] Upgrading from 5.2.1 to 5.4.0 with MySQL
On Monday 07 June 2004 3:08 pm, Rick Widmer wrote: Jeremy Kitchen wrote: On Monday 07 June 2004 02:22 pm, Jeremy Kitchen wrote: As an ex-database admin, I wrote the many-domains=no option as an optimization to the database schema to save disk space. Consider hosting one domain with 1 million email accounts. The pw_domain(64 char) field is redundant (only one domain). So we would be wasting 64MB of space in the database. So instead the table is named after the domain. I was about to ask you this but you ran off before I could.. so I'll just post for discussion purposes. Isn't this what the varchar field is for? Yes it is, but the current database layout uses char fields. Still if you have one domain with 1 million accounts, you have at least 4MB of duplicated domain names, if the domain name is a.au, better than the 64MB the current char field would use, but not as good as 0 bytes if the table is named for the domain and you don't store the domain name at all. It is interesting in theory, but there probably aren't many sites like this. It does bring up an interesting question... would it be a good idea to change from char to varchar for all the fields? Standard database design says to *never* use varchars. And if you do use them, you better have a darn good reason. It's easy to spot a newbie doing database design, all fields are varchars. Varchars make it very difficult for the SQL engine to optimize disk to memory paging. Which in practice means no optimization for tables with varchars. When each row is a fixed length, the engine can calculate how many rows will fit in a memory block. Then it can do one disk read per memory block (this is the optimization). With varchar fields the engine needs to read in a section of disk into a temporary memory buffer. Then parse the varchar lengths to calculate row lengths, one row at a time. The end result is more disk reads. And disk I/O is the bottleneck in databases. So it all boils down to significant performance improvements of fixed lenght rows over variable lenght rows. It should give a substantial reduction in database size, and I don't think it will be that much slower. Someone _should_ be able to do an alter table and find out if anything breaks... Rick p.s. It does bring up a real question - does anyone actually use separate tables for each domain anymore? It would be nice if we could remove the option some day. (It causes a number of four state ifdef structures that are kind of messy.) I know what you mean. I kinda wish I never wrote the two versions. But removing it would break backward compatibility. Ken
[vchkpw] Re: (was: Upgrading from 5.2.1 to 5.4.0 with MySQL)
On Monday 07 June 2004 03:34 pm, Ken Jones wrote: p.s. It does bring up a real question - does anyone actually use separate tables for each domain anymore? It would be nice if we could remove the option some day. (It causes a number of four state ifdef structures that are kind of messy.) I know what you mean. I kinda wish I never wrote the two versions. But removing it would break backward compatibility. would it be possible to deprecate it in the 5.4 and 5.5 trees, obsolete it in 5.6, and remove it entirely from 5.7? I could write up a nice document on how to switch between the two methods, it's relatively easy to do. In fact, I'll probably do it anyways. :) -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] SMTP Authenticated user is able to anyone in rcpthosts
At 07/06/04 21:27 (), you wrote: On Monday 07 June 2004 10:17 am, Devendra Singh wrote: Sorry Jeremy, Perhaps I was unable to explain the problem properly. Suppose a Server is hosting the following domains: abc.com xyz.com test.com ok. Now, the user [EMAIL PROTECTED] has been enabled for SMTP (not POP-Before SMTP but SMTP-AUTH using Erwin's Patch). If the user [EMAIL PROTECTED] tries to send an email as [EMAIL PROTECTED] in FROM headers, its denied. no, it's not, unless you've got some funky stuff set up, in which case, you'll have to provide more details. But, if he impersonates (for say spamming) in FROM headers as [EMAIL PROTECTED] or even [EMAIL PROTECTED] his outgoing mail would go through. Isn't this a case to worry? well, if you see it happening, that's why insert deity here created userdel. The example that you have talked about is totally unrelated to the above explained situation. no, it's entirely the same concept. Why let an unauthenticated user use any combination of envelope sender/header information but restrict authenticated users. Doesn't make much sense to me. -Jeremy Jeremy, Again I am misunderstood. But, Shouguan Lin has understood the point. I would like to re-frame my Subject: SMTP Authenticated user is able to impersonate anyone in rcpthosts. The SMTP-AUTH Patch by Erwin Hoffmann (from http://www.fehcom.de) qmail-smtpd-auth-0.4.2 recommended by latest Vpopmail has the functionality as discussed earlier. Dr Erwin are you listening?? The unauthenticated users can easily be prevented to use any combination of envelope sender/header information by using Split Horizon Check, which I am already using. Devendra Singh __ Devendra Singh IndiaMART InterMESH Limited (Global Gateway to Indian Market Place) B-1, Sector 8, Noida, UP - 201301, India EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342 Fax: +91-120-2424943 http://www.indiamart.com http://www.indiangiftsportal.com http://www.indiantravelportal.com __