Re: [vchkpw] smtp auth with chkuser problems
I've had it running for a few hours, and have this: 1 CHKUSER rejected relaying 5 CHKUSER accepted any rcpt 28 CHKUSER relaying rcpt 362 CHKUSER accepted rcpt 1719 CHKUSER rejected rcpt 1758 CHKUSER accepted sender and... in my defines... neither of those two are enabled. version 2.0.9 for me. -james On 9 Jun 2009, at 23:31, Harm van Tilborg wrote: Hi James, What version of chkuser are you using? When I look at the 2.0.9 source, I see the following lines inside chkuser_settings.h: /* * the following line enables debugging of chkuser */ /* #define CHKUSER_DEBUG */ /* * The following line moves DEBUG output from STDOUT (default) to STDERR * Example of usage within sh: ./qmail-smtpd 2> /var/log/smtpd- debug.log */ /* #define CHKUSER_DEBUG_STDERR */ Did you perhaps uncomment one of these defines? That would explain the behaviour. You are indeed correct about how the output should be catched by multilog. What /do/ your logs provide (i.e. what's in / var/log/qmail/smtpd/current)? (Ow, and between your log's command `...n 10...' there's no need for a space in between) -- Kind regards, Harm van Tilborg http://zeroxcool.net James Cox wrote: hey Harm, Here's the run file for the log - exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s250 n 10 /var/log/qmail/smtpd and yeah- i figured that i'm pushing to stdout... which i expect the log/run should catch via the multilog. therefore i'm a bit confused as to how it's still getting into the smtp conversation. :) -james On 9 Jun 2009, at 23:15, Harm van Tilborg wrote: Hi James, You are copying stderr (file descriptor 2) to your stdout (that's what the terminating 2>&1 is for). However, this log is only saved if multilog is indeed catching it. Find in the directory where this `run' file was located the directory `log', and publish the content of the `run' file in that directory... James Cox wrote: On 9 Jun 2009, at 18:16, Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James Cox wrote: Anyone got any tips for how to skip those log lines? I've been looking at the chkuser_settings and i'm not confident i've seen anything immediately obvious. I'm also not convinced that these lines should ever exist in the smtp conversation anyhow... You are supposed to redirect stdout and stderr to another location. Either to /dev/null or to logfiles. Hmm - makes sense. This is how i'm running it, and not sure why i'm getting logs in the smtp conversation: env CHKUSER_START=DOMAIN \ /usr/local/bin/tcpserver -vHR -p -x /etc/tcp.smtp.cdb \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd \ -r sbl-xbl.spamhaus.org \ /var/qmail/bin/qmail-smtpd /var/qmail/vpopmail/bin/vchkpw /bin/ true 2>&1 since it's running under supervise, and is logged... -james !DSPAM:4a2ee3f232665271019884!
Re: [vchkpw] smtp auth with chkuser problems
Hi James, What version of chkuser are you using? When I look at the 2.0.9 source, I see the following lines inside chkuser_settings.h: /* * the following line enables debugging of chkuser */ /* #define CHKUSER_DEBUG */ /* * The following line moves DEBUG output from STDOUT (default) to STDERR * Example of usage within sh: ./qmail-smtpd 2> /var/log/smtpd-debug.log */ /* #define CHKUSER_DEBUG_STDERR */ Did you perhaps uncomment one of these defines? That would explain the behaviour. You are indeed correct about how the output should be catched by multilog. What /do/ your logs provide (i.e. what's in /var/log/qmail/smtpd/current)? (Ow, and between your log's command `...n 10...' there's no need for a space in between) -- Kind regards, Harm van Tilborg http://zeroxcool.net James Cox wrote: hey Harm, Here's the run file for the log - exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s250 n 10 /var/log/qmail/smtpd and yeah- i figured that i'm pushing to stdout... which i expect the log/run should catch via the multilog. therefore i'm a bit confused as to how it's still getting into the smtp conversation. :) -james On 9 Jun 2009, at 23:15, Harm van Tilborg wrote: Hi James, You are copying stderr (file descriptor 2) to your stdout (that's what the terminating 2>&1 is for). However, this log is only saved if multilog is indeed catching it. Find in the directory where this `run' file was located the directory `log', and publish the content of the `run' file in that directory... James Cox wrote: On 9 Jun 2009, at 18:16, Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James Cox wrote: Anyone got any tips for how to skip those log lines? I've been looking at the chkuser_settings and i'm not confident i've seen anything immediately obvious. I'm also not convinced that these lines should ever exist in the smtp conversation anyhow... You are supposed to redirect stdout and stderr to another location. Either to /dev/null or to logfiles. Hmm - makes sense. This is how i'm running it, and not sure why i'm getting logs in the smtp conversation: env CHKUSER_START=DOMAIN \ /usr/local/bin/tcpserver -vHR -p -x /etc/tcp.smtp.cdb \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd \ -r sbl-xbl.spamhaus.org \ /var/qmail/bin/qmail-smtpd /var/qmail/vpopmail/bin/vchkpw /bin/true 2>&1 since it's running under supervise, and is logged... -james !DSPAM:4a2ee2bc32666440818484!
Re: [vchkpw] smtp auth with chkuser problems
hey Harm, Here's the run file for the log - exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s250 n 10 /var/log/qmail/smtpd and yeah- i figured that i'm pushing to stdout... which i expect the log/run should catch via the multilog. therefore i'm a bit confused as to how it's still getting into the smtp conversation. :) -james On 9 Jun 2009, at 23:15, Harm van Tilborg wrote: Hi James, You are copying stderr (file descriptor 2) to your stdout (that's what the terminating 2>&1 is for). However, this log is only saved if multilog is indeed catching it. Find in the directory where this `run' file was located the directory `log', and publish the content of the `run' file in that directory... James Cox wrote: On 9 Jun 2009, at 18:16, Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James Cox wrote: Anyone got any tips for how to skip those log lines? I've been looking at the chkuser_settings and i'm not confident i've seen anything immediately obvious. I'm also not convinced that these lines should ever exist in the smtp conversation anyhow... You are supposed to redirect stdout and stderr to another location. Either to /dev/null or to logfiles. Hmm - makes sense. This is how i'm running it, and not sure why i'm getting logs in the smtp conversation: env CHKUSER_START=DOMAIN \ /usr/local/bin/tcpserver -vHR -p -x /etc/tcp.smtp.cdb \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd \ -r sbl-xbl.spamhaus.org \ /var/qmail/bin/qmail-smtpd /var/qmail/vpopmail/bin/vchkpw /bin/ true 2>&1 since it's running under supervise, and is logged... -james !DSPAM:4a2edfda32661019412068!
Re: [vchkpw] smtp auth with chkuser problems
Hi James, You are copying stderr (file descriptor 2) to your stdout (that's what the terminating 2>&1 is for). However, this log is only saved if multilog is indeed catching it. Find in the directory where this `run' file was located the directory `log', and publish the content of the `run' file in that directory... -- Kind regards, Harm van Tilborg http://zeroxcool.net James Cox wrote: On 9 Jun 2009, at 18:16, Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James Cox wrote: Anyone got any tips for how to skip those log lines? I've been looking at the chkuser_settings and i'm not confident i've seen anything immediately obvious. I'm also not convinced that these lines should ever exist in the smtp conversation anyhow... You are supposed to redirect stdout and stderr to another location. Either to /dev/null or to logfiles. Hmm - makes sense. This is how i'm running it, and not sure why i'm getting logs in the smtp conversation: env CHKUSER_START=DOMAIN \ /usr/local/bin/tcpserver -vHR -p -x /etc/tcp.smtp.cdb \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd \ -r sbl-xbl.spamhaus.org \ /var/qmail/bin/qmail-smtpd /var/qmail/vpopmail/bin/vchkpw /bin/true 2>&1 since it's running under supervise, and is logged... -james !DSPAM:4a2edf0532661060516316!
Re: [vchkpw] smtp auth with chkuser problems
On 9 Jun 2009, at 18:16, Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James Cox wrote: Anyone got any tips for how to skip those log lines? I've been looking at the chkuser_settings and i'm not confident i've seen anything immediately obvious. I'm also not convinced that these lines should ever exist in the smtp conversation anyhow... You are supposed to redirect stdout and stderr to another location. Either to /dev/null or to logfiles. Hmm - makes sense. This is how i'm running it, and not sure why i'm getting logs in the smtp conversation: env CHKUSER_START=DOMAIN \ /usr/local/bin/tcpserver -vHR -p -x /etc/tcp.smtp.cdb \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd \ -r sbl-xbl.spamhaus.org \ /var/qmail/bin/qmail-smtpd /var/qmail/vpopmail/bin/vchkpw /bin/true 2>&1 since it's running under supervise, and is logged... -james !DSPAM:4a2ebb8432661324210016!
Re: [vchkpw] smtp auth with chkuser problems
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James Cox wrote: > Anyone got any tips for how to skip those log lines? I've been looking > at the chkuser_settings and i'm not confident i've seen anything > immediately obvious. I'm also not convinced that these lines should ever > exist in the smtp conversation anyhow... You are supposed to redirect stdout and stderr to another location. Either to /dev/null or to logfiles. - -- /* Matt BrookingsGnuPG Key D9414F70 Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoumQMACgkQ6QgvSNlBT3DcbwCfWLgzTdwb5V0vUmBJB8yVxXM9 g+cAn1xmhT0ENg/sf8Xn1kbtAZMQYewg =8SBM -END PGP SIGNATURE-
[vchkpw] smtp auth with chkuser problems
Hey, Here's an (edited) example of a smtp conversation, with a netqmail install with smtp auth and chkuser patches: 220 mail.23i.net ESMTP EHLO imaj.es 250-mail.23i.net 250-AUTH LOGIN CRAM-MD5 PLAIN 250-AUTH=LOGIN CRAM-MD5 PLAIN 250-PIPELINING 250 8BITMIME AUTH LOGIN 334 VXNlcm5hbWU6 334 UGFzc3dvcmQ6 235 ok, go ahead (#2.0.0) MAIL FROM: ja...@imaj.es CHKUSER accepted sender: from remote rcpt <> : accepted any sender always 250 ok RCPT TO: ima...@gmail.com CHKUSER relaying rcpt: from remote rcpt : client allowed to relay 250 ok DATA 354 go ahead sdfsdfsdf .. 250 ok 1244567136 qp 7815 Now this is fine- except the two CHKUSER log lines screw up various clients (specifically Outlook and Thunderbird) who essentially blow up and refuse to respond. Anyone got any tips for how to skip those log lines? I've been looking at the chkuser_settings and i'm not confident i've seen anything immediately obvious. I'm also not convinced that these lines should ever exist in the smtp conversation anyhow... thanks, james !DSPAM:4a2e976832668643747827!