[vchkpw] Re: [toaster] filtering outgoing emails
Title: Ingo Claro Jeff: i'm also interested in this feature. Have you found how to filter outgoing messages? for incoming messages I use maildrop regards, Ingo Claro F. Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 Certificado ISO 9001:2000 Jeff Koch escribi: Hi We are getting demands from large ISP's - Comcast, AOL, ATT - that we spam filter all outgoing email. We're using simscan to filter incoming email but I think that misses email generated by our customers and autoresponders. Can it be accomplished by modifying /home/vpopmail/etc/tcp.smtp ? How are other qmail users handling this? Thanks in advance. Jeff Koch
Re: [vchkpw] starttls crashes on vpopmail with mysql
Title: Ingo Claro
Jeremy:
ok, here is the trace, it was small:
select(1, [0], NULL, NULL, {1177, 147000}) = 1 (in [0], left {1172,
868000})
read(0, "starttls\r\n", 1024) = 10
brk(0) = 0x8407000
brk(0x8428000) = 0x8428000
open("control/clientca.pem", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("/dev/urandom", O_RDONLY) = 3
read(3, "\3364\355\233p\277\303\240\320\350|\24H\254[\0%k\22\251"...,
32) = 32
open("control/servercert.pem", O_RDONLY) = 4
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
looking it crashes while reading servercert.pem, so here it goes too.
The strange thing, as I mentioned earlier, is that with vpopmail
without mysql it works fine.
lrwxrwxrwx 1 root root 33 Jun 28 03:38 clientcert.pem -
/var/qmail/control/servercert.pem
-rw-r- 1 vpopmail qmail 1937 Jun 28 03:38 servercert.pem
also, after this I chmod +r servercert.pem and it crashes just the same.
-BEGIN RSA PRIVATE KEY-
MIICXwIBAAKBgQDX7okvoMHn0xNvcIVdf51bpYQJ6avDdQTlj+aC9Cgm66sYlIX2
C0vMLzu4UW/80YGiHq29MPZsYXQp3VywLnklR7RikLbl7tV9it9aAg917PZ92MzI
TMsBZhJFafXht1Pju7c9riJt3ONmpXCREwgtWWiycif3SnJ2TroMQHAfxQIDAQAB
AoGBAIoCdH4TcjuYJeDg+uxiZxGvPTAUwGphfWq3yW3DXXJax/Ui4Gf8mkp7meDZ
dAkTYpZao1K7W5SzyMoFKHuWiGhF2IF7zwNv7ZpkaVuuncdUMjZ344Ci0SN6HOle
1hMHVrQVdiTt1zZiBAxaVl8ybWrx16oE5TPdRzVE+yPZqze1AkEA7VhJQAJVoHv9
jI0Q32yBTmmfJR5UXQYqmwXImhxpWRtaTsjB/J/0jxqwVbR5v4dBZFYoB1+EkDw8
NxQe+n17KwJBAOjnY2F8JsBmQltnY4UDcnWBzDBg1mGxKFodYJVmmImUKRq6YoNr
rQge1fFzlcDvhDQtjI8UNDOzCt3DDM+ImM8CQQDIGOqIgG9YQbBdUoCrHHtXdEyr
qopNculwkMuywck/SoQ0b6S8Ks6v5zxKxUDvbESBJvHQZYMJZv8NIHWNkUTJAkEA
zD/wNdPtIBoN45799e6Z+FdGPL8QA0ib/Lt6skrxRuY6Tgha0KojatWwBjm5gSQM
Kr4vYGL1jMldpDGkEHTYnQJBANLb/ojt5wUFz1bBc7EJRpl5N2fSxP/LiST4S/B0
E/z0utRTCzknC7kIZxhfDIGmDu+gMnmrEaIHJx0y5rmwfIg=
-END RSA PRIVATE KEY-
-BEGIN CERTIFICATE-
MIIC1jCCAj+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBXMQswCQYDVQQGEwJjbDEN
MAsGA1UECBMEUi5NLjERMA8GA1UEBxMIU2FudGlhZ28xDjAMBgNVBAoTBVByaXNh
MRYwFAYDVQQDEw1zbXRwLnByaXNhLmNsMB4XDTA2MDYyODA3Mzg1NFoXDTA3MDYy
OTA3Mzg1NFowVzELMAkGA1UEBhMCY2wxDTALBgNVBAgTBFIuTS4xETAPBgNVBAcT
CFNhbnRpYWdvMQ4wDAYDVQQKEwVQcmlzYTEWMBQGA1UEAxMNc210cC5wcmlzYS5j
bDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1+6JL6DB59MTb3CFXX+dW6WE
Cemrw3UE5Y/mgvQoJuurGJSF9gtLzC87uFFv/NGBoh6tvTD2bGF0Kd1csC55JUe0
YpC25e7VfYrfWgIPdez2fdjMyEzLAWYSRWn14bdT47u3Pa4ibdzjZqVwkRMILVlo
snIn90pydk66DEBwH8UCAwEAAaOBsTCBrjAdBgNVHQ4EFgQURxSscSuDkpXZRwDr
Dc1O/D8NC8YwfwYDVR0jBHgwdoAURxSscSuDkpXZRwDrDc1O/D8NC8ahW6RZMFcx
CzAJBgNVBAYTAmNsMQ0wCwYDVQQIEwRSLk0uMREwDwYDVQQHEwhTYW50aWFnbzEO
MAwGA1UEChMFUHJpc2ExFjAUBgNVBAMTDXNtdHAucHJpc2EuY2yCAQAwDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBHchAtaVdxfHKNJdPryi19EGX8gvef
VI6p52smkk6yvHQeCRjEw11oM64tcwNgbDVmSFAIDvdSWgwwyFfK6fCy3bOUpyJy
P/+asw6H7GIzNii+L6aFsCuhNlzNR/ihd29gelpVmNV2xMrzl5wsoTUXGNLqN/UR
WgYIFLiBYDRFUw==
-END CERTIFICATE-
regards,
Ingo
Claro F.
Gerente de Operaciones
[EMAIL PROTECTED]
(+56-2) 43 00 155
Certificado
ISO 9001:2000
Jeremy Kitchen escribi:
On Friday 30 June 2006 12:57, Ingo Claro wrote:
Jeremy:
I don't know how to make that, if you provide some basic instructions I
can do it. I must do that before or after the crash?
Note that i am also installing a RHEL 4 U3 and have the same problems.
Anything else I can test I'll be happy to provide.
I have another instalation in RHEL U1, with mysql but in the same
machine, so it uses socket instead of tcp. And is operates without
problems.
then you'll want to use strace, which should be installed. if it isn't,
install the strace package from your distribution.
after that.. telnet to your smtp server, then in another terminal find the pid
of the qmail-smtpd instance you're connected to...
strace -o /tmp/strace.out -p pid
make it crash
gzip and post on the web
send url to here.
-Jeremy
Re: [vchkpw] QMail transfer - changing Postmaster password
Austin Jorden escribió: OLD: /usr/qmail NEW: /var/qmail What do I do about this Jeremy? ln -s /var/qmail /usr/qmail :) - Austin Jorden - Original Message - From: Jeremy Kitchen [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: Monday, July 03, 2006 2:25 PM Subject: Re: [vchkpw] QMail transfer - changing Postmaster password
Re: [vchkpw] starttls crashes on vpopmail with mysql
Title: Ingo Claro
here goes the same, but for the RHEL4U3 machine:
select(1, [0], NULL, NULL, {1167, 816000}) = 1 (in [0], left {1163,
91})
read(0, "starttls\r\n", 1024) = 10
brk(0) = 0x984f000
brk(0x987) = 0x984f000
mmap2(NULL, 1048576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0xb7e88000
open("control/clientca.pem", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("/dev/urandom", O_RDONLY) = 3
read(3, "\361\250\352\276\200\244\265\tV\225f\35\0257\27\213d\370"...,
32) = 32
open("control/servercert.pem", O_RDONLY) = 4
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
regards,
Ingo
Claro F.
Gerente de Operaciones
[EMAIL PROTECTED]
(+56-2) 43 00 155
Certificado
ISO 9001:2000
Jeremy Kitchen escribi:
On Friday 30 June 2006 12:57, Ingo Claro wrote:
Jeremy:
I don't know how to make that, if you provide some basic instructions I
can do it. I must do that before or after the crash?
Note that i am also installing a RHEL 4 U3 and have the same problems.
Anything else I can test I'll be happy to provide.
I have another instalation in RHEL U1, with mysql but in the same
machine, so it uses socket instead of tcp. And is operates without
problems.
then you'll want to use strace, which should be installed. if it isn't,
install the strace package from your distribution.
after that.. telnet to your smtp server, then in another terminal find the pid
of the qmail-smtpd instance you're connected to...
strace -o /tmp/strace.out -p pid
make it crash
gzip and post on the web
send url to here.
-Jeremy
Re: [vchkpw] starttls crashes on vpopmail with mysql
Title: Ingo Claro
Jeremy:
I do this for every test:
1) in vpopmail src
1.1) make clean
1.2) ./configure xx
1.3) make
1.4) make install-strip
2) in qmail src
2.1) make clean
2.2) make
2.3) qmailctl stop
2.4) make setup check
2.5) qmailctl start
when I leave blank (./configure alone) starttls works fine
when I use = "--enable-auth-module=mysql" and a remote mysql, it
crashes.
regards,
Ingo
Claro F.
Gerente de Operaciones
[EMAIL PROTECTED]
(+56-2) 43 00 155
Certificado
ISO 9001:2000
Jeremy Kitchen escribi:
On Monday 03 July 2006 12:38, Ingo Claro wrote:
select(1, [0], NULL, NULL, {1177, 147000}) = 1 (in [0], left {1172,
868000}) read(0, "starttls\r\n", 1024) = 10
brk(0) = 0x8407000
brk(0x8428000) = 0x8428000
open("control/clientca.pem", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("/dev/urandom", O_RDONLY) = 3
read(3, "\3364\355\233p\277\303\240\320\350|\24H\254[\0%k\22\251"...,
32) = 32
open("control/servercert.pem", O_RDONLY) = 4
looking it crashes while reading servercert.pem, so here it goes too.
The strange thing, as I mentioned earlier, is that with vpopmail without
mysql it works fine.
strange. I would say try doing a 'make clean' on your qmail source directory,
recompiling and reinstalling with new binaries and give that a try. If that
doesn't work... I don't know :(
lrwxrwxrwx 1 root root33 Jun 28 03:38 clientcert.pem -
/var/qmail/control/servercert.pem
-rw-r- 1 vpopmail qmail 1937 Jun 28 03:38 servercert.pem
-BEGIN RSA PRIVATE KEY-
eek!
don't ever post this publicly! You should go right now and generate a new
keypair and destroy this one. Otherwise people may be able to use this to
forge communications from your company. Private keys are exactly what they
sound: private. The public key is fine to distribute publicly, use in
marketing material, print 1 million copies of it and post them throughout
moscow, whatever.. but the private key *must* remain private.
On a lighter note, providing it did help with one thing.. the private key is
not encrypted, so it's not bombing out while trying to find a passphrase ;)
-Jeremy
Re: [vchkpw] starttls crashes on vpopmail with mysql
Title: Ingo Claro
I just tried this with vpopmail 5.4.16 and Mysql (client and devel)
5.0.22 and have the same problems.
any insight in what is causing the problem?
Ingo
Claro F.
Gerente de Operaciones
[EMAIL PROTECTED]
(+56-2) 43 00 155
Certificado
ISO 9001:2000
Ingo Claro escribi:
Hello list:
I can't starttls if I use vpopmail with mysql in another server.
[EMAIL PROTECTED] bin]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 smtp.prisa.cl ESMTP
starttls
Connection closed by foreign host.
i'm using vpopmail with mysql and that causes it, if i don't use mysql
i get no problems.
anyone has seen this behaviour? please help!
I use this config for vpopmail:
./configure --enable-auth-module=mysql
the mysql is in another server, the file
/home/vpopmail/etc/vpopmail.mysql has this:
192.168.1.22|3306|vpopmail|vpopmail|vpopmail
(this server has ip: 192.168.1.21)
I add domain without problems. The tables and data are created in the
database.
I'm using Bill Shupp toaster, but this seems more like a vpopmail issue.
I'm using vpopmail-5.4.13
More info:
fresh install in a centos 4.3 machine.
doing the command in command mode:
[EMAIL PROTECTED] bin]# ./qmail-smtpd
220 smtp.prisa.cl ESMTP
starttls
Segmentation fault
[EMAIL PROTECTED] control]# ll /var/qmail/control
total 56
lrwxrwxrwx 1 root root 33 Jun 28 03:38 clientcert.pem -
/var/qmail/control/servercert.pem
-rw-r--r-- 1 root root 4 Jun 28 04:27 concurrencyincoming
-rw-r--r-- 1 root root 11 Jun 28 03:12 defaultdelivery
-rw-r--r-- 1 root root 9 Jun 28 03:11 defaultdomain
-rw-r- 1 vpopmail qmail 245 Jun 28 03:39 dh1024.pem
-rw-r- 1 vpopmail qmail 156 Jun 28 03:39 dh512.pem
-rw-r--r-- 1 root root 15 Jun 28 03:11 locals
-rw-r--r-- 1 root root 14 Jun 28 03:11 me
-rw-r--r-- 1 root root 9 Jun 28 03:11 plusdomain
-rw-r--r-- 1 root root 15 Jun 28 03:11 rcpthosts
-rw-r- 1 vpopmail qmail 493 Jun 28 03:39 rsa512.pem
-rw-r- 1 vpopmail qmail 1937 Jun 28 03:38 servercert.pem
-rw-r--r-- 1 root root 2 Jun 28 03:10 spfbehavior
-rw-r--r-- 1 root root 751 Jun 28 03:42 tlsclientciphers
-rw-r--r-- 1 root root 751 Jun 28 03:42 tlsserverciphers
[EMAIL PROTECTED] control]# rpm -qa | grep -i ssl
perl-Crypt-SSLeay-0.51-5
openssl-0.9.7a-43.8
pyOpenSSL-0.6-1.p23
xmlsec1-openssl-1.2.6-3
openssl-devel-0.9.7a-43.8
MySQL-devel-standard-5.0.21-1.rhel4
MySQL-client-standard-5.0.21-1.rhel4
[EMAIL PROTECTED] bin]# ldd /var/qmail/bin/qmail-smtpd
libssl.so.4 = /lib/libssl.so.4 (0x00101000)
libcrypto.so.4 = /lib/libcrypto.so.4 (0x00cc3000)
libresolv.so.2 = /lib/libresolv.so.2 (0x00c0b000)
libm.so.6 = /lib/tls/libm.so.6 (0x00b94000)
libcrypt.so.1 = /lib/libcrypt.so.1 (0x00bdb000)
libc.so.6 = /lib/tls/libc.so.6 (0x00a62000)
libgssapi_krb5.so.2 = /usr/lib/libgssapi_krb5.so.2
(0x00dae000)
libkrb5.so.3 = /usr/lib/libkrb5.so.3 (0x00c5c000)
libcom_err.so.2 = /lib/libcom_err.so.2 (0x00bb9000)
libk5crypto.so.3 = /usr/lib/libk5crypto.so.3 (0x00dc4000)
libdl.so.2 = /lib/libdl.so.2 (0x00b8e000)
libz.so.1 = /usr/lib/libz.so.1 (0x00bc9000)
/lib/ld-linux.so.2 (0x00a49000)
lrwxrwxrwx 1 root root 16 Apr 20 00:18 libssl.so.4 -
libssl.so.0.9.7a
lrwxrwxrwx 1 root root 19 Apr 20 00:18 libcrypto.so.4 -
libcrypto.so.0.9.7a
lrwxrwxrwx 1 root root 17 Apr 20 00:17 libcrypt.so.1 -
libcrypt-2.3.4.so
run file:
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
exec /usr/local/bin/softlimit -m 800 \
/usr/local/bin/tcpserver -v -H -R -l "$LOCAL" \
-x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
/usr/local/bin/recordio /var/qmail/bin/qmail-smtpd \
/home/vpopmail/bin/vchkpw /bin/true 21
regards,
--
Ingo Claro
Ingo
Claro F.
Gerente de Operaciones
[EMAIL PROTECTED]
(+56-2) 43 00 155
Certificado
ISO 9001:2000
Re: [vchkpw] starttls crashes on vpopmail with mysql
Title: Ingo Claro Jeremy: there is nothing in the logs, it just crushes, note that I execute qmail-smtpd directly and it crashes: [EMAIL PROTECTED] bin]# ./qmail-smtpd 220 smtp.prisa.cl ESMTP starttls Segmentation fault I'll try increasing the solftlimit. regards, Ingo Claro F. Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 Certificado ISO 9001:2000 Jeremy Kitchen escribi: On Thursday 29 June 2006 16:00, Ingo Claro wrote: Hello list: I can't starttls if I use vpopmail with mysql in another server. [EMAIL PROTECTED] bin]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 smtp.prisa.cl ESMTP starttls Connection closed by foreign host. $5 says it's a softlimit issue. What Do Your Logs Say? If they say anything about "out of memory" try raising your softlimit. The openssl and mysql client libraries add a lot of fat to the runtime footprint, so more memory is required to run them. -Jeremy
Re: [vchkpw] starttls crashes on vpopmail with mysql
Title: Ingo Claro ok, I tried with 18MB, still crashes... :( at least i won $5 :) atte, Ingo Claro F. Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 Certificado ISO 9001:2000 Ingo Claro escribi: Jeremy: there is nothing in the logs, it just crushes, note that I execute qmail-smtpd directly and it crashes: [EMAIL PROTECTED] bin]# ./qmail-smtpd 220 smtp.prisa.cl ESMTP starttls Segmentation fault I'll try increasing the solftlimit. regards, Ingo Claro Ingo Claro F. Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 Certificado ISO 9001:2000 Jeremy Kitchen escribi: On Thursday 29 June 2006 16:00, Ingo Claro wrote: Hello list: I can't starttls if I use vpopmail with mysql in another server. [EMAIL PROTECTED] bin]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 smtp.prisa.cl ESMTP starttls Connection closed by foreign host. $5 says it's a softlimit issue. What Do Your Logs Say? If they say anything about "out of memory" try raising your softlimit. The openssl and mysql client libraries add a lot of fat to the runtime footprint, so more memory is required to run them. -Jeremy
Re: [vchkpw] starttls crashes on vpopmail with mysql
Title: Ingo Claro Jeremy: I don't know how to make that, if you provide some basic instructions I can do it. I must do that before or after the crash? Note that i am also installing a RHEL 4 U3 and have the same problems. Anything else I can test I'll be happy to provide. I have another instalation in RHEL U1, with mysql but in the same machine, so it uses socket instead of tcp. And is operates without problems. regards, Ingo Claro F. Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 Certificado ISO 9001:2000 Jeremy Kitchen escribi: On Friday 30 June 2006 10:17, Ingo Claro wrote: Jeremy: there is nothing in the logs, it just crushes, note that I execute qmail-smtpd directly and it crashes: [EMAIL PROTECTED] bin]# ./qmail-smtpd 220 smtp.prisa.cl ESMTP starttls Segmentation fault that's not good. telnet to your server, find the pid of your qmail-smtpd process then attach a strace/truss/ktrace/whatever to it and post the output up on the internet somewhere, then send us the URL for it. (please don't post the log to the mailing list directly as they are generally quite large) -Jeremy
[vchkpw] starttls crashes on vpopmail with mysql
Title: Ingo Claro Hello list: I can't starttls if I use vpopmail with mysql in another server. [EMAIL PROTECTED] bin]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 smtp.prisa.cl ESMTP starttls Connection closed by foreign host. i'm using vpopmail with mysql and that causes it, if i don't use mysql i get no problems. anyone has seen this behaviour? please help! I use this config for vpopmail: ./configure --enable-auth-module=mysql the mysql is in another server, the file /home/vpopmail/etc/vpopmail.mysql has this: 192.168.1.22|3306|vpopmail|vpopmail|vpopmail (this server has ip: 192.168.1.21) I add domain without problems. The tables and data are created in the database. I'm using Bill Shupp toaster, but this seems more like a vpopmail issue. I'm using vpopmail-5.4.13 More info: fresh install in a centos 4.3 machine. doing the command in command mode: [EMAIL PROTECTED] bin]# ./qmail-smtpd 220 smtp.prisa.cl ESMTP starttls Segmentation fault [EMAIL PROTECTED] control]# ll /var/qmail/control total 56 lrwxrwxrwx 1 root root 33 Jun 28 03:38 clientcert.pem - /var/qmail/control/servercert.pem -rw-r--r-- 1 root root 4 Jun 28 04:27 concurrencyincoming -rw-r--r-- 1 root root 11 Jun 28 03:12 defaultdelivery -rw-r--r-- 1 root root 9 Jun 28 03:11 defaultdomain -rw-r- 1 vpopmail qmail 245 Jun 28 03:39 dh1024.pem -rw-r- 1 vpopmail qmail 156 Jun 28 03:39 dh512.pem -rw-r--r-- 1 root root 15 Jun 28 03:11 locals -rw-r--r-- 1 root root 14 Jun 28 03:11 me -rw-r--r-- 1 root root 9 Jun 28 03:11 plusdomain -rw-r--r-- 1 root root 15 Jun 28 03:11 rcpthosts -rw-r- 1 vpopmail qmail 493 Jun 28 03:39 rsa512.pem -rw-r- 1 vpopmail qmail 1937 Jun 28 03:38 servercert.pem -rw-r--r-- 1 root root 2 Jun 28 03:10 spfbehavior -rw-r--r-- 1 root root 751 Jun 28 03:42 tlsclientciphers -rw-r--r-- 1 root root 751 Jun 28 03:42 tlsserverciphers [EMAIL PROTECTED] control]# rpm -qa | grep -i ssl perl-Crypt-SSLeay-0.51-5 openssl-0.9.7a-43.8 pyOpenSSL-0.6-1.p23 xmlsec1-openssl-1.2.6-3 openssl-devel-0.9.7a-43.8 MySQL-devel-standard-5.0.21-1.rhel4 MySQL-client-standard-5.0.21-1.rhel4 [EMAIL PROTECTED] bin]# ldd /var/qmail/bin/qmail-smtpd libssl.so.4 = /lib/libssl.so.4 (0x00101000) libcrypto.so.4 = /lib/libcrypto.so.4 (0x00cc3000) libresolv.so.2 = /lib/libresolv.so.2 (0x00c0b000) libm.so.6 = /lib/tls/libm.so.6 (0x00b94000) libcrypt.so.1 = /lib/libcrypt.so.1 (0x00bdb000) libc.so.6 = /lib/tls/libc.so.6 (0x00a62000) libgssapi_krb5.so.2 = /usr/lib/libgssapi_krb5.so.2 (0x00dae000) libkrb5.so.3 = /usr/lib/libkrb5.so.3 (0x00c5c000) libcom_err.so.2 = /lib/libcom_err.so.2 (0x00bb9000) libk5crypto.so.3 = /usr/lib/libk5crypto.so.3 (0x00dc4000) libdl.so.2 = /lib/libdl.so.2 (0x00b8e000) libz.so.1 = /usr/lib/libz.so.1 (0x00bc9000) /lib/ld-linux.so.2 (0x00a49000) lrwxrwxrwx 1 root root 16 Apr 20 00:18 libssl.so.4 - libssl.so.0.9.7a lrwxrwxrwx 1 root root 19 Apr 20 00:18 libcrypto.so.4 - libcrypto.so.0.9.7a lrwxrwxrwx 1 root root 17 Apr 20 00:17 libcrypt.so.1 - libcrypt-2.3.4.so run file: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` LOCAL=`head -1 /var/qmail/control/me` exec /usr/local/bin/softlimit -m 800 \ /usr/local/bin/tcpserver -v -H -R -l "$LOCAL" \ -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ /usr/local/bin/recordio /var/qmail/bin/qmail-smtpd \ /home/vpopmail/bin/vchkpw /bin/true 21 regards, -- Ingo Claro F. Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 Certificado ISO 9001:2000
Re: [vchkpw] Unwanted Local Delivery
Title: Ingo Claro
to get only the domains that don't matches you should do:
host -t MX $i | egrep
"mail1.thiscouldbeme.com|mail2.thiscouldbemetoo.com" /dev/null
21 || echo $i
regards,
Ingo
Claro F.
Gerente de Operaciones
[EMAIL PROTECTED]
(+56-2) 43 00 155
Certificado
ISO 9001:2000
Michael Krieger escribi:
for i in `cat /var/qmail/control/{more,}rcpthosts`; do
host -t MX $i | egrep
"mail1.thiscouldbeme.com|mail2.thiscouldbemetoo.com" 21 ||
echo $i
done
Done- will echo everything that does not include your _expression_ in its
MX record. If it has no matches, grep exits 1 and will trigger the
echo. If it matches at least one, then you're set. You can make more
complex expressions or do more tests if you'd like.
-M
Tom Collins [EMAIL PROTECTED] wrote:
On May 19, 2006, at 12:46 AM, Andy BIERLAIR wrote:
How can I force vpopmail/qmail to deliver it to the right MX
instead
to a
local zombie domain?
You can't.
You possibly need to write an auditing program that goes through the
domains in your rcpthosts and morercpthosts and makes a list of domains
that don't list you as an MX.
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Re: [vchkpw] Re: ezmlm warning
Happened to me too. [EMAIL PROTECTED]: 209.76.75.195 does not like recipient. Remote host said: 550 cannot message [EMAIL PROTECTED] (#5.0.0 denied by policy) Giving up on 209.76.75.195. DAve escribió: I recieved this message this morning, seems odd. My email is not hosted at navpoint. Can anyone shed some light on this? DAve [EMAIL PROTECTED] wrote: Hi! This is the ezmlm program. I'm managing the vchkpw@inter7.com mailing list. I'm working for my owner, who can be reached at [EMAIL PROTECTED] Messages to you from the vchkpw mailing list seem to have been bouncing. I've attached a copy of the first bounce message I received. If this message bounces too, I will send you a probe. If the probe bounces, I will remove your address from the vchkpw mailing list, without further notice. I've kept a list of which messages from the vchkpw mailing list have bounced from your address. Here are the message numbers: 31047 --- Enclosed is a copy of the bounce message I received. Return-Path: Received: (qmail 32392 invoked for bounce); 16 Jan 2006 21:43:20 - Date: 16 Jan 2006 21:43:20 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the qmail-send program at teal.navpoint.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: 209.76.75.195 does not like recipient. Remote host said: 550 cannot message [EMAIL PROTECTED] (#5.0.0 denied by policy) Giving up on 209.76.75.195.
RE: [vchkpw] How to run multiple qmail-queue
John: i'm not suggesting to have a qmail for each domain, i agree that would be a nightmare... you can have just a qmail for premium domains and a qmail for regular domains. Manish: is that what you want? regards, Ingo Claro Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 -Mensaje original- De: John Simpson [mailto:[EMAIL PROTECTED] Enviado el: Domingo, 30 de Octubre de 2005 7:24 Para: vchkpw@inter7.com Asunto: Re: [vchkpw] How to run multiple qmail-queue On 2005-10-29, at 1623, Ingo Claro wrote: but if you install many qmails in different directories (/var/qmail, /var/qmail2, ...) you can have multiple queues. i understand that. i also understand (from direct experience) that it's an administrative nightmare, and it's a lot more work than he needs to do in order to solve the underlying problem. the point of my original answer was that setting up multiple queues is not the best solution for the problem that he's having. a much better solution is to raise the concurrencyremote value, which will create more delivery slots, making it less likely that any one domain's messages would exhaust all of the delivery slots before the normal tcpto mechanism decides to blacklist the non-responsive IP address for an hour (which is why all of the other domains' mail is stopping on his server.) but you seem to be an expert on this. rather than trying to sell me on the idea (you won't, because i don't really care- it's not my server) why don't you answer the original question? explain to him, in terms he will understand, how to successfully get two or more copies of qmail running on the same machine. i'm sure he's waiting for somebody to do just that, and i'm not going to do it because i don't think it's the right solution for his problem. this way handling different priority queues depending on the domain... for example domain1 and domain2 goes to qmail2 and all the rest to qmail3. out of curiosity, how would you set the relative priority of each instance of qmail-send in relation to the others? what makes one queue move faster than the others? and if the idea is to have a separate queue for each domain in order to prevent one domain's mail from interfering with another domain's deliveries, what is your answer for an ISP whose mail server handles mail for thousands of domains- would you have them set up a separate instance of qmail for each domain, so that each domain would have their own queue? -- | John M. Simpson - KG4ZOW - Programmer At Large | | http://www.jms1.net/ [EMAIL PROTECTED] | -- | Mac OS X proves that it's easier to make UNIX | | pretty than it is to make Windows secure. | --
RE: [vchkpw] How to run multiple qmail-queue
but if you install many qmails in different directories (/var/qmail, /var/qmail2, ...) you can have multiple queues. the qmail listening on port 25 with smtp routes to the others qmails (running in other ports) can distribute the mails, this way handling different priority queues depending on the domain... for example domain1 and domain2 goes to qmail2 and all the rest to qmail3. you need the change also concorrencylocal and concurrency remote for parallel dispatching. regards, Ingo Claro Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 -Mensaje original- De: John Simpson [mailto:[EMAIL PROTECTED] Enviado el: Sábado, 29 de Octubre de 2005 7:28 Para: vchkpw@inter7.com Asunto: Re: [vchkpw] How to run multiple qmail-queue On 2005-10-28, at 0800, Ingo Claro wrote: Your could have many instances of qmail running in different ports. and with smtproutes deliver some domains to the qmails... no. you can have many instances of qmail-smtpd running on different IP addresses and/or ports, but it's still just the one instance of qmail. there can be only one qmail-send process (which is what i understood the original question to be about when he said qmail- queue- i followed his terminology so he would understand what i was saying, meaning to correct him at the end but i forgot.) for the record, qmail-queue is the program called by qmail-smtpd, qmail-queue, qmail-qmtpd, qmail-qmqpd, and (if you have the mess822 package installed) qmail-ofmipd program. it handles adding messages to the queue. what the original question was asking about, as near as i could tell, was qmail-send. this is the program which manages the messages in the queue, once they've been added. this process handles scheduling all deliveries, either to a mailbox (i.e. a local delivery) or to another mail server (i.e. a remote delivery.) by default, qmail-send will not schedule more than 20 remote deliveries at the same time. if you need to have more outbound deliveries happen at once, you can create or change the /var/qmail/ control/concurrencyremote file. this file should contain the number of remote deliveries you want to see at once. there is an upper limit of 120 on this value, if you need it higher you will need to edit the source code and re-compile qmail. -- | John M. Simpson - KG4ZOW - Programmer At Large | | http://www.jms1.net/ [EMAIL PROTECTED] | -- | Mac OS X proves that it's easier to make UNIX | | pretty than it is to make Windows secure. | --
RE: [vchkpw] How to run multiple qmail-queue
Your could have many instances of qmail running in different ports. and with smtproutes deliver some domains to the qmails... Ingo Claro Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 -Mensaje original- De: John Simpson [mailto:[EMAIL PROTECTED] Enviado el: Viernes, 28 de Octubre de 2005 3:15 Para: vchkpw@inter7.com Asunto: Re: [vchkpw] How to run multiple qmail-queue On 2005-10-27, at 0404, Manish Jain wrote: I have installed netqmail+vpopmail+qmailadmin on RHEL 3.0 I have configured multile domains on the server. And using smtproutes in /var/qmail/control to route the mails of different domains to the clients mailsrevers in remote. I am facing problem, when one PPP link goes down to a customer all the incoming mails from the internet stucks in the qmail-queue as qmail not able to make smtp connection to the client server. In this case mail delivery to all other domain servers get delayed. To resolve the problem I want to run multiple qmai-queue for each domain so that one domain get unaffected from the another's queue. qmail was designed to have exactly one qmail-queue process running at a time. if you want to change this you will have to make some fairly major changes to qmail-queue itself. instead of trying to have two qmail-queue processes, you need to run more qmail-remote processes. raise your concurrencyremote value. read man qmail-queue if you don't know how this works (and add MANPATH /var/qmail/man to your /etc/man.config file if man qmail- queue doesn't work.) -- | John M. Simpson - KG4ZOW - Programmer At Large | | http://www.jms1.net/ [EMAIL PROTECTED] | -- | Mac OS X proves that it's easier to make UNIX | | pretty than it is to make Windows secure. | --
RE: [vchkpw] How expensive is reloading the tcp.smtp.cdb?
John: what do you mean by delete.net domain ? you have a bogus virtualdomain to catch spammers? regards, Ingo Claro Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 -Mensaje original- De: John Simpson [mailto:[EMAIL PROTECTED] Enviado el: Viernes, 28 de Octubre de 2005 3:09 Para: vchkpw@inter7.com Asunto: Re: [vchkpw] How expensive is reloading the tcp.smtp.cdb? On 2005-10-26, at 1805, ISP Lists wrote: Related to my earlier post, how expensive is it - resource-wise - to reload a tcp.smtp file of 100-1000 lines? if it's anything like mine, with currently 56,270 lines and more added every time some spammer sends a message to an email address in the delete.net domain, it takes almost no time at all. best of all, nothing has to be restarted afterward- while the processing is happening, any tcpserver processes will continue to use the old file as the new one is built... and when the processing is done, the new one is renamed over the old one, so there is no danger of any tcpserver process ever trying to use a halfway done file. If I have processing that is updating tcp.smtp every 5-10 minutes and I choose to reload the cdb from that tcp.smtp, is that a bad idea? i do this every one minute- i have a cron job which generates the text file, diffs it against the prior version, and rebuilds the cdb file only if the text file has changed. the overall procedure has no noticeable impact on the system- and the perl scripts which generate the text file eat ten times the CPU and memory that the tcprules command (which actually builds the cdb file) does. The qmailctl cdb command runs very fast for me now, but I don't have any idea what impact it has on any smtpd instances having to restart or re-read. Anyone know? no impact at all. nothing ever has to restart or re-read. qmail-smtpd doesn't know what a tcp.smtp file is, tcpserver does... and tcpserver re-opens the file for every incoming connection, so whatever the current file is at the time tcpserver calls open(), that's the file it reads. if tcprules happens to do the rename while tcpserver has the file open, it retains its existing handle on the old file (which now has no name pointing to it) until it calls close () after checking the remote IP address. nice thing about renaming a file... it's atomic, meaning that it happens all at once- there is no possible way for tcpserver to open the file in the middle of the rename() call... either it happens before rename() or after rename(). -- | John M. Simpson - KG4ZOW - Programmer At Large | | http://www.jms1.net/ [EMAIL PROTECTED] | -- | Mac OS X proves that it's easier to make UNIX | | pretty than it is to make Windows secure. | --
[vchkpw] validate from
Hello list gurus: How can I do that with smtp auth qmail validates that the from must be the same that the auth user? the idea is to avoid some user [EMAIL PROTECTED] can impersonate another user and send mails with another from: [EMAIL PROTECTED], I only want to admit him to send emails with from: [EMAIL PROTECTED], being domain.com a local domain. is that possible? regards, Ingo.
RE: [vchkpw] vpopmail and mysql problem
you use mysql 4.1, have you enabled use old passwords? maybe its that. regards, ingo -Mensaje original- De: Wes Hegge [mailto:[EMAIL PROTECTED] Enviado el: Lunes, 03 de Octubre de 2005 20:45 Para: vchkpw@inter7.com Asunto: Re: [vchkpw] vpopmail and mysql problem On Mon, 2005-10-03 at 20:02 -0400, Rick Macdougall wrote: Wes Hegge wrote: On Mon, 2005-10-03 at 12:22 -0500, Ken Jones wrote: Wes Hegge wrote: Hello everyone, Hopefully someone can help me with this problem I am having. I spent all day yesterday looking for an answer. I found some that were close but still no luck. Here is the error I am getting: vmysql: error creating table 'dir_control': MySQL server has gone away vmysql: sql error[b]: MySQL server has gone away vmysql: error creating table 'signalblast_com': MySQL server has gone away Error. Failed while attempting to add domain to auth backend vmysql: error creating table 'dir_control': MySQL server has gone away vmysql: error creating table 'dir_control': MySQL server has gone away vmysql: sql error[b]: MySQL server has gone away vmysql: error creating table 'dir_control': MySQL server has gone away vmysql: sql error[e]: MySQL server has gone away Warning: Failed to delete dir_control for signalblast.com Error: no auth connection I am installing this on a Debian Sarge install: Linux version 2.4.27-2-386 ([EMAIL PROTECTED]) (gcc version 3.3.5 (Debian 1:3.3.5-12)) #1 Mon May 16 16:47:51 JST 2005 I have installed mysql-standard-4.1.14-pc-linux-gnu-i686 and then made a symbolic link for mysql pointing to the above directory. Qmail, daemontools, and tcuspi is installed. Here is my vpopmail.mysql: localhost|0|vpopmailuser|vpoppasswd|vpopmail I can connect and make a test table using the above user and password. I cannot figure out what the problem is. Any help would be greatly appreciated. make sure the vpopmailuser has permission to create tables in the vpopmail database. Ken Jones I have checked this. I mentioned this just above, by creating a test table. Is qmail-smtpd running as the vpopmail user ? Does it have the permissions to read the vpopmail.mysql file in vpopmail/etc ? Sorry, did not get this before your other email. But as I have said, qmail-smtpd is not part of the problem at this time. But just to be sure I 'chmod 644 vpopmail.mysql'. Still the same problem. Regards, Rick -- Wes Hegge Technical Engineer SignalBlast.Com, Inc. p: (815) 397-1700 e: [EMAIL PROTECTED]
RE: [vchkpw] Mail system configuration recommendations
Bill hoy do you pass the mails from the MX servers to the mailstore server? you mount the unit with nfs, or you do it with smtproutes? note that you can configure in vpopmail a mysql read server and a mysql write server, so it would be pretty easy so set up replication servers in mysql and use that. with round robin dns you could scale out more replication servers if in need. how many users/domains are you handling? Ingo. -Mensaje original- De: Bill Wichers [mailto:[EMAIL PROTECTED] Enviado el: Martes, 04 de Octubre de 2005 17:27 Para: vchkpw@inter7.com Asunto: [vchkpw] Mail system configuration recommendations I'm probably going to have to scale our mail system (not really just a mail server anymore :-) a bunch in the coming months, and am looking to get any advice from others that are running largish mail systems. Right now I have several inbound MX boxes that do spam/virus filtering and accept mail from the outside world. They all deliver to one beefy server with a big RAID that stores the mail (we call it the mailstore server), and handles POP3/IMAP connections from users. There is a seperate webmail server running squirrelmail, and another server with a fast RAID 10 that does all the outbound SMTP and takes messages in from users and bounces from the other servers. The whole thing is qmail/vpopmail based, with spamassassin and clamav on the inbound MXes. Right now we're planning on splitting out the MySQL stuff (right now that runs on the mailstore server) onto 2 or more MySQL-only servers since they handle a lot of queries for vpopmail (MySQL backend), squirrelmail (user prefs), and spamassassin (user prefs). We'd like to be able to scale the system with minimal use of hardware load balancers due to cost. Most of the examples I see out there use a big server running NFS and several smaller servers that handle user queries for POP/IMAP/etc., but it seems like that would have some issues keeping sessions with authentication, and most of the examples are out of date. Our inbound works great -- we can just add more MX servers, but I'm concerned about the POP3 and IMAP connections, and possibly the outbound SMTP if we need more than one server. Does anyone have some expierience to share or maybe a link to some newer example info? -Bill * Waveform Technology Systems Engineer
RE: [vchkpw] Mail system configuration recommendations
Bill: I think that you can have a round mysql replication, the master (all are masters and slaves) that initiates the update in the bin log discards the update when it gets back to it, you can give it a try. i'm looking for a qmtp solution myself, please tell me if you find some info on how to configure it. regards, ingo -Mensaje original- De: Bill Wichers [mailto:[EMAIL PROTECTED] Enviado el: Martes, 04 de Octubre de 2005 18:12 Para: vchkpw@inter7.com Asunto: RE: [vchkpw] Mail system configuration recommendations hoy do you pass the mails from the MX servers to the mailstore server? you mount the unit with nfs, or you do it with smtproutes? smtproutes. I've been thinking about changing it from smtp to qmtp too, since qmtp seems to be made for this kind of thing, but I haven't had the time. note that you can configure in vpopmail a mysql read server and a mysql write server, so it would be pretty easy so set up replication servers in mysql and use that. with round robin dns you could scale out more replication servers if in need. Yeah, that's what we were thinking on the MySQL side of things... A few replicated MySQL servers with lots of RAM and RAID. We use round robin DNS to split load between our inbound MX servers, but I don't think that would work for authenticated services like IMAP and POP3. That's my big concern with scaling. how many users/domains are you handling? Right now maybe 1500-2000 or so users, and about 1.5 million messages/day. This amount of load is handled pretty well by our current setup, but I expect in the coming year to be well over 10k users and probably 6 times the message volume, maybe more. We're rolling out a new fiber Internet access product that includes email service for buisness, and I expect a lot of new load from that. -Bill * Waveform Technology Systems Engineer
