[vchkpw] Help! Spam!
Hey folks: Looks like spam is being relayed through my big server. Not sure how they're doing it; I'm using SMTP-AUTH (0.4.2) it seems to work properly. Any clues would be appreciated I'm happy to show whatever files people want to see, but for now I'm going on the assumption that someone has gotten a password is authenticating. So, my question for this list is: is there a way to add an auth header to outgoing messages so I can see which account was used? Or is it logged somewhere by default? My apologies, I'm sure this is documented somewhere, but I'm not sure where my priority right now is closing this hole. Thanks, -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Re: [vchkpw] Help! Spam!
At 2:21 PM -0500 6/28/04, Jeremy Kitchen wrote: On Monday 28 June 2004 02:13 pm, Kit Halsted wrote: Hey folks: Looks like spam is being relayed through my big server. Not sure how they're doing it; I'm using SMTP-AUTH (0.4.2) it seems to work properly. Any clues would be appreciated I'm happy to show whatever files people want to see, but for now I'm going on the assumption that someone has gotten a password is authenticating. So, my question for this list is: is there a way to add an auth header to outgoing messages so I can see which account was used? Or is it logged somewhere by default? My apologies, I'm sure this is documented somewhere, but I'm not sure where my priority right now is closing this hole. if the server in question is the MX for kithalsted.com, it appears to be fine, It's the secondary for that domain, actually. so I'm assuming a weak password. stop qmail-send, look at the headers of one of the mails in the queue. it should have the username they authenticated with, and you should be able to look at that user and see if there's a weak password. I don't see it, am I just missing something? Either that, or you'll see invoked by uid XX where XX is a uid. grep XX /etc/passwd and see who is doing it. If it's the 'apache' or 'nobody' user (depending on your setup) then most likely it's a formmail script. Sample headers follow, uid 89 is vpopmail. athena:domains {153} less /var/qmail/queue/mess/0/343988 Received: (qmail 8349 invoked by uid 1028); 27 Jun 2004 20:24:12 - Received: from [EMAIL PROTECTED] by athena.interdyne.net by uid 89 with qmail-scanner-1.22 (clamdscan: 0.71. spamassassin: 2.63. Clear:RC:1(218.81.107.125):. Processed in 1.224261 secs); 27 Jun 2004 20:24:12 - Received: from unknown (HELO exhausted) ([EMAIL PROTECTED]) by athena.interdyne.net with SMTP; 27 Jun 2004 20:24:10 - From: Sue Fox[EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Do you want to p|1easure your partner every time? Mime-Version: 1.0 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit X-Qmail-Scanner-Message-ID: [EMAIL PROTECTED] htmlbody bfont color=#FF C1AL`IS LEV1`TRA al10ws men to achieve an ERECTION up to 36 h0urs after 1NGEST ... Thanks, -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Re: [vchkpw] Help! Spam!
Thanks so much, Jeremy! At 3:17 PM -0500 6/28/04, Jeremy Kitchen wrote: On Monday 28 June 2004 02:40 pm, Kit Halsted wrote: if the server in question is the MX for kithalsted.com, it appears to be fine, It's the secondary for that domain, actually. ok. Received: from unknown (HELO exhausted) ([EMAIL PROTECTED]) Ah, so I was looking at the wrong header? [EMAIL PROTECTED] ~ $ echo -n webmaster | mimencode d2VibWFzdGVy [EMAIL PROTECTED] ~ $ telnet athena.interdyne.net 25 Trying 64.147.96.42... Connected to athena.interdyne.net. Escape character is '^]'. 220 athena.interdyne.net ESMTP ehlo inter7.com 250-athena.interdyne.net 250-STARTTLS 250-PIPELINING 250-8BITMIME 250 AUTH LOGIN PLAIN CRAM-MD5 auth login 334 VXNlcm5hbWU6 d2VibWFzdGVy 334 UGFzc3dvcmQ6 d2VibWFzdGVy 235 ok, go ahead (#2.0.0) quit 221 athena.interdyne.net Connection closed by foreign host. I figured it would be webmaster. the user 'webmaster' has the password 'webmaster' which spammers will attempt, for sure, and they found it. That user sure as hell doesn't have that password anymore! athena:domains {167} telnet athena 25 Trying 64.147.96.42... Connected to athena. Escape character is '^]'. 220 athena.interdyne.net ESMTP ehlo bogus.com 250-athena.interdyne.net 250-STARTTLS 250-PIPELINING 250-8BITMIME 250 AUTH LOGIN PLAIN CRAM-MD5 auth login 334 VXNlcm5hbWU6 d2VibWFzdGVy 334 UGFzc3dvcmQ6 d2VibWFzdGVy 535 authentication failed (#5.7.1) Urgh. Now to attempt to implement some sort of password policy... Again, thanks much! -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
[vchkpw] SqWebMail Weirdness
Howdy folks: I'm having a bit of a problem here, one that will turn into a HUGE problem come Monday morning... I have a mail server running qmail (netqmail 1.05) + vpopmail (5.5.0) + SqWebMail (3.6.2). We're using it for a single client, they wanted their primary domain changed today. I thought it was as simple as changing the contents of /home/vpopmail/etc/defaultdomain, but there's a glitch: SqWebMail no longer sends from the correct address. It accepts the login (username only, no domain), but the address it shows is [EMAIL PROTECTED], not [EMAIL PROTECTED] Anybody know how to fix this? Thanks, -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Re: [vchkpw] error on pop3
No answers for you on that error, other than wondering why /home/vpopmail/bin/vchkpw is appended to your hostname, but I do have some comments about your very, very broken anti-spam system: You send replies to mail you think is spam. How much spam do you get that has a legitimate From: header? You send these replies from [EMAIL PROTECTED] Not a valid address. Last but not least, your system is marking perfectly legitimate mail I sent to this list as spam. Cheers, -Kit At 4:40 PM -0600 6/12/04, Remo Mattei wrote: Hello guys any suggestions on this error? [EMAIL PROTECTED] qmail-smtpd]# telnet localhost 110 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. +OK [EMAIL PROTECTED] user [EMAIL PROTECTED] +OK pass me -ERR this user has no $HOME/Maildir Connection closed by foreign host. Thanks, Remo Mattei Network Security Engineer cell 801-808-unix email [EMAIL PROTECTED] -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Re: [vchkpw] SqWebMail Weirdness
Thanks so much, Ken. Not sure how I missed that... Anyway, you're a lifesaver my other questions can now wait until Monday. -Kit At 5:54 PM -0500 6/12/04, Ken Jones wrote: ... Check /usr/local/share/sqwebmail/hostname ... -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
[vchkpw] New Server/Best Software?
Howdy Folks: I've just been asked to either set up a new server or add some services to an existing server. The current server runs netqmail 1.05 + SMTP-AUTH 0.42 vpopmail 5.4.2 on OpenBSD 3.5. The client's requirements are as follows: -Virus checking -Spam filtering -Quota limitations enforced -Web admin for changing passwords such -Webmail For ease of administration, the server will run OpenBSD 3.5 whether it goes on the current box or something else. I'm also quite inclined to stick with qmail/vpopmail for the same reasons. What I'm thinking of using consists of the following: ClamAV SpamAssassin SQWebMail QmailAdmin I'd love to hear from anybody who's using these together, I think I also need to patch qmail for Maildir++ (?) support? Does the patch for that interfere with the SMTP-AUTH patch? Thanks, -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Re: [vchkpw] strange behavior in from header.
Wanadoo is sort of a pet peeve of mine. I don't interact with them much, but every time I do it's a big headache. They don't seem to care much about standards only seem to be good at breaking things in interesting ways. In my experience, at least, they make AOL look competent. -Kit At 1:05 AM +0200 5/2/04, Sebastien FOUTREL wrote: I tried 2 times to send tests emails to my own email address @ one major ISP in France and received each time a bounced message with error 500 content rejected. Apart from the @IP the rest is correct. this is a copy of the bounced message : Hi. This is the qmail-send program at obelix.gaulois.biz. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: 193.252.22.82 failed after I sent the message. Remote host said: 550 Error: Message content rejected ... -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
[vchkpw] Move to new server
Hey: A little OT, but I'm looking for a last-minute sanity check before I move a whole bunch of domains from my old server to the shiny new box I've been prepping for weeks... Here is what I plan on doing: vadddomain each domain on the new server Stop qmail-smtpd on the old server Stop POP on the old server rsync domain directories from old-new Change DNS so new server responds on old servers name Does this sound like a good plan? Also, is there a way to move the queue over from the old machine to the new one? I think it's all spam bounces, but there may be a live message or 2 in there... Thanks, -Kit
Re: [vchkpw] Using qmail-smtp-auth with vchkpw
At 3:36 PM + 3/10/04, Roger Lipscombe wrote: Hi, I'm installing vpopmail on a new system, and I've got a question about SMTP AUTH. I want to allow selective relaying, and I can't use SMTP-after-POP (and frankly, it strikes me as a hack, anyway). It's pretty hackish, but better than nothing. I've always hated it, as Eudora is my MUA of choice Eudora likes to send before checking. I am REALLY happy to have SMTP-AUTH finally working! Thanks again to everyone who got it there! I'm using the qmail-smtp-auth patch listed here: http://www.qmail.org/netqmail/ Aaargh! Terminal just quit on me! I can't remember whether I'm using Bill Shupp's patch or the straight 0.4.2 patch, but they should be the same from the SMTP-AUTH perspective. I've installed qmail according to LWQ, which means that my qmail-smtpd service runs as qmaild.nofiles which, in turn, means that vchkpw cannot access the /home/vpopmail/domains directory. My /var/qmail/supervise/qmail-smtpd/run file is attached below. Mine's there now instead. Now, I've fixed it by making vchkpw setuid/setgid, as follows: # chmod u+s /home/vpopmail/bin/vchkpw # chmod g+s /home/vpopmail/bin/vchkpw My question: is this the right thing to do? I don't think so. Is there a better way to do this? AFAIK, you must run qmail-smtpd as the vpopmail user, see below for what works for me. HTH, -Kit athena:kit {32} less /var/qmail/supervise/qmail-smtpd/run #!/bin/sh # QMAILDUID=`id -u qmaild` # NOFILESGID=`id -g qmaild` VPOPUID=`id -u vpopmail` VPOPGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` LOCAL=`head -1 /var/qmail/control/me` if [ -z $VPOPUID -o -z $VPOPGID -o -z $MAXSMTPD -o -z $LOCAL ]; then echo VPOPUID, VPOPGID, MAXSMTPD, or LOCAL is unset in echo /var/qmail/supervise/qmail-smtpd/run exit 1 fi if [ ! -f /var/qmail/control/rcpthosts ]; then echo No /var/qmail/control/rcpthosts! echo Refusing to start SMTP listener because it'll create an open relay exit 1 fi exec /usr/local/bin/softlimit -m 2000 \ /usr/local/bin/tcpserver -v -R -l $LOCAL -x /home/vpopmail/etc/tcp.smtp.cd b -c $MAXSMTPD \ -u $VPOPUID -g $VPOPGID 0 smtp \ /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /usr/bin/true 21 (END) -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
[vchkpw] SMTP-AUTH Aaaaaargh!
Okay, I've been trying for years to get vchkpw/vpopmail to work with SMTP-AUTH CRAM-MD5. Thanks to recent development, it's apparently possible now. After beating my head against it for 2 hours this morning, I decided to turn to this list for help... Then, I solved my own damn problem by realizing I had changed some variables in a script in one place but not the other. D'oh! So, instead of asking for help, I thought I'd offer some: my functional run script for netqmail-1.05 with the 0.4.2 auth patch, running supervised on OpenBSD 3.4-current tested with Eudora 6. Here it is (watch the linewraps!): ---8---8---8--- #!/bin/sh # QMAILDUID=`id -u qmaild` # NOFILESGID=`id -g qmaild` VPOPUID=`id -u vpopmail` VPOPGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` LOCAL=`head -1 /var/qmail/control/me` if [ -z $VPOPUID -o -z $VPOPGID -o -z $MAXSMTPD -o -z $LOCAL ]; then echo VPOPUID, VPOPGID, MAXSMTPD, or LOCAL is unset in echo /var/qmail/supervise/qmail-smtpd/run exit 1 fi if [ ! -f /var/qmail/control/rcpthosts ]; then echo No /var/qmail/control/rcpthosts! echo Refusing to start SMTP listener because it'll create an open relay exit 1 fi exec /usr/local/bin/softlimit -m 2000 \ /usr/local/bin/tcpserver -v -R -l $LOCAL -x /home/vpopmail/etc/tcp.smtp.cd b -c $MAXSMTPD \ -u $VPOPUID -g $VPOPGID 0 smtp \ /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /usr/bin/true 21 ---8---8---8--- Hope this helps someone! -Kit -- Everybody knows me, Down at the local bar, I drink until I can't see, And I wonder where you are. -Reverend Horton Heat, Liquor, Beer, Wine
Re: [vchkpw] SMTP is too slow
I could be wrong here, but both of these sound like reverse-DNS problems to me. Check that reverse-DNS (IP to name, rather than name to IP) is correctly set up see if that doesn't make the problem go away. (Apologies if I'm wrong here, suffering from long-term sleep-dep...) HTH, -Kit At 3:35 PM + 7/9/03, Sérgio Manuel Rosa wrote: Hi Nasib, a personal question because I'm having kinda same problem. Do you have a DMZ? Do you have internal dns and public dns? I have a problem like yours but only from my internal net. Clients from the outer world dont have any problem, inside hosts have timeouts. Regards, SRosa Nasib Salim wrote: Dear all, I'm running Qmail with vpopmail and qmail-scanner. For the past 2 years there were no problem but recently the problem starts. SMTP Server is too slow to respond. it takes more than a minute for it to response. My DNS is working fine and there is no problem even resolving the mail server. I know the DNS is the source is this problem but seems its not. Please help! -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Re: [vchkpw] IMAP and OE issue
At 8:14 PM +0100 12/19/02, Marcin Soltysiak wrote: Hi all, I got problem with Outlook Express and qmail+vpopmail+courier-imap. Ocasionally it happens that new message is marked as Message is no longer available and then the on;ly way to read it is to get via other reader. Any hints? Umm, don't use OE? (Sorry, I just couldn't resist.) -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Re: [vchkpw] Re: SMTP-AUTH, yet again...
Hi Matt: At 1:06 PM -0500 12/5/02, Matt Simerson wrote: Kit, you're reinventing the wheel! Thanks for getting in touch, but the attempt below is actually qmail with just the SMTP-AUTH patch. I figure if I can't get 1 patch working, my chances for the rest are pretty low. :} Yes, there are significant problems with simply merging together a bunch of the qmail patches. It took me quite some time to get all the patches I wanted to play nicely together. Now that it's done, feel free to use it: http://matt.simerson.net/computing/mail/toaster/. Pay particular attention to the Install Qmail (with a few hacks) section. IIRC, your stuff looked good when I was first setting this stuff up but I thought it was overkill for what I was doing. I'm doing more now, so maybe it's time to reevaluate that sentiment. Bill Shupp also has similar patches that I've also heard work well but are linux oriented where mine focuses on the FreeBSD platform. It wouldn't take too much effort to use my setup on Open/NetBSD but those are down the list for me, after making it work on Darwin. (Mac OS X) :) Cool. I'll look at it when I have a chance (waay too much going on right now!) let you know if I uncover any OpenBSD-specific issues. Thanks, -Kit Matt On Thursday, December 5, 2002, at 12:23 AM, Kit Halsted wrote: Thanks for the pointers, everybody... At 11:22 PM -0500 12/3/02, Kit Halsted wrote: ... Tried 0.31 tonight, no luck. Maybe my other patches are interfering? I'll try it at home as the only patch see how that goes. 2.) Try to run qmail-smtpd as root. Just for testing, but this avoids access denied to vpasswd.cdb and therefore excludes one possible culprit. Also no luck. Urgh. Just tried again on my home box, which starts qmail/vpopmail from rc.local instead daemontools. (OpenBSD 3.1, virgin qmail 1.03 + elysium.pl 0.31 auth patch only, vpopmail 5.2.1... D'oh!, okay, vpopmail 5.3.9 now.) I'm back to square one now with relay by IP only, but it sure did fail interestingly for a while. Below is what I was trying to do, I've since reverted back to a working setup so I can send receive. - From rc.local: /usr/local/bin/tcpserver -u 1001 -g 1000 -x /home/vpopmail/etc/tcp.smtp.cdb 0 25 \ /var/qmail/bin/qmail-smtpd yabox.kithalsted.com /home/vpopmail/bin/vchkpw /usr/b in/true \ 21 | /var/qmail/bin/splogger smtpd 3 ... /usr/local/bin/tcpserver -u 1001 -g 1000 -H -R 0 110 \ /var/qmail/bin/qmail-popup yabox.kithalsted.com \ /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir (Linewraps courtesy of less, the files are wrapped correctly.) - yabox# ls -al /var/qmail/bin/qmail-smtpd -rwxr-xr-x 1 vpopmail vchkpw 40960 Dec 4 20:54 /var/qmail/bin/qmail-smtpd yabox# ls -al /home/vpopmail/etc/tcp.smtp.cdb -rwxr-xr-x 1 vpopmail vchkpw 4359 Dec 4 22:09 /home/vpopmail/etc/tcp.smtp.cdb - Log entries corresponding to failed send/check from Eudora on my TiBook: yabox# tail /var/log/maillog Dec 4 23:36:51 yabox qmail: 1039063011.757314 end msg 889600 Dec 4 23:41:18 yabox qmail: 1039063278.163871 status: local 0/10 remote 0/20 Dec 4 23:41:18 yabox qmail: 1039063278.270637 new msg 889600 Dec 4 23:41:18 yabox qmail: 1039063278.270823 info msg 889600: bytes 230 from [EMAIL PROTECTED] qp 24677 uid 0 Dec 4 23:41:18 yabox qmail: 1039063278.328081 end msg 889600 Dec 4 23:41:36 yabox vpopmail[5686]: vchkpw-smtp: password fail [EMAIL PROTECTED]:208.36.84.242 Dec 4 23:41:36 yabox vpopmail[32015]: vchkpw-pop3: setgid 1001 failed errno 1 [EMAIL PROTECTED]:208.36.84.242 Dec 4 23:41:37 yabox vpopmail[26305]: vchkpw-pop3: setgid 1001 failed errno 1 [EMAIL PROTECTED]:208.36.84.242 Dec 4 23:41:56 yabox vpopmail[30076]: vchkpw-pop3: setgid 1001 failed errno 1 [EMAIL PROTECTED]:208.36.84.242 Dec 4 23:41:56 yabox vpopmail[18542]: vchkpw-pop3: setgid 1001 failed errno 1 [EMAIL PROTECTED]:208.36.84.242 - (Yes, uid 1001 is vpopmail gid 1000 is vchkpw.) -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
[vchkpw] Re: SMTP-AUTH, yet again...
Thanks for the pointers, everybody... At 11:22 PM -0500 12/3/02, Kit Halsted wrote: ... Tried 0.31 tonight, no luck. Maybe my other patches are interfering? I'll try it at home as the only patch see how that goes. 2.) Try to run qmail-smtpd as root. Just for testing, but this avoids access denied to vpasswd.cdb and therefore excludes one possible culprit. Also no luck. Urgh. Just tried again on my home box, which starts qmail/vpopmail from rc.local instead daemontools. (OpenBSD 3.1, virgin qmail 1.03 + elysium.pl 0.31 auth patch only, vpopmail 5.2.1... D'oh!, okay, vpopmail 5.3.9 now.) I'm back to square one now with relay by IP only, but it sure did fail interestingly for a while. Below is what I was trying to do, I've since reverted back to a working setup so I can send receive. - From rc.local: /usr/local/bin/tcpserver -u 1001 -g 1000 -x /home/vpopmail/etc/tcp.smtp.cdb 0 25 \ /var/qmail/bin/qmail-smtpd yabox.kithalsted.com /home/vpopmail/bin/vchkpw /usr/b in/true \ 21 | /var/qmail/bin/splogger smtpd 3 ... /usr/local/bin/tcpserver -u 1001 -g 1000 -H -R 0 110 \ /var/qmail/bin/qmail-popup yabox.kithalsted.com \ /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir (Linewraps courtesy of less, the files are wrapped correctly.) - yabox# ls -al /var/qmail/bin/qmail-smtpd -rwxr-xr-x 1 vpopmail vchkpw 40960 Dec 4 20:54 /var/qmail/bin/qmail-smtpd yabox# ls -al /home/vpopmail/etc/tcp.smtp.cdb -rwxr-xr-x 1 vpopmail vchkpw 4359 Dec 4 22:09 /home/vpopmail/etc/tcp.smtp.cdb - Log entries corresponding to failed send/check from Eudora on my TiBook: yabox# tail /var/log/maillog Dec 4 23:36:51 yabox qmail: 1039063011.757314 end msg 889600 Dec 4 23:41:18 yabox qmail: 1039063278.163871 status: local 0/10 remote 0/20 Dec 4 23:41:18 yabox qmail: 1039063278.270637 new msg 889600 Dec 4 23:41:18 yabox qmail: 1039063278.270823 info msg 889600: bytes 230 from [EMAIL PROTECTED] qp 24677 uid 0 Dec 4 23:41:18 yabox qmail: 1039063278.328081 end msg 889600 Dec 4 23:41:36 yabox vpopmail[5686]: vchkpw-smtp: password fail [EMAIL PROTECTED]:208.36.84.242 Dec 4 23:41:36 yabox vpopmail[32015]: vchkpw-pop3: setgid 1001 failed errno 1 [EMAIL PROTECTED]:208.36.84.242 Dec 4 23:41:37 yabox vpopmail[26305]: vchkpw-pop3: setgid 1001 failed errno 1 [EMAIL PROTECTED]:208.36.84.242 Dec 4 23:41:56 yabox vpopmail[30076]: vchkpw-pop3: setgid 1001 failed errno 1 [EMAIL PROTECTED]:208.36.84.242 Dec 4 23:41:56 yabox vpopmail[18542]: vchkpw-pop3: setgid 1001 failed errno 1 [EMAIL PROTECTED]:208.36.84.242 - (Yes, uid 1001 is vpopmail gid 1000 is vchkpw.) -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
[vchkpw] SMTP-AUTH, yet again...
Good thing I stopped shaving my head, else I'd have no hair to pull out... Trying to get SMTP-AUTH working with qmail-1.03, the 0.30 patch from elysium.pl, daemontools, vpopmail 5.3.9 on OpenBSD 3.2. Tried lots of different stuff last night, nothing worked. Currently, my /service/qmail-smtpd/run file is as follows (aside from linewraps, which are correct in the actual file): - #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` LOCAL=`head -1 /var/qmail/control/me` if [ -z $QMAILDUID -o -z $NOFILESGID -o -z $MAXSMTPD -o -z $LOCAL ]; then echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in echo /var/qmail/supervise/qmail-smtpd/run exit 1 fi exec /usr/local/bin/softlimit -m 2000 \ /usr/local/bin/tcpserver -v -R -l $LOCAL -x \ /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd \ $LOCAL /home/vpopmail/bin/vchkpw /usr/bin/true 21 - Running with the file above, I get errors in the log like this: Dec 3 12:01:43 athena vpopmail[19117]: vchkpw-smtp: vpopmail user not found kit @interdyne.net:208.36.84.242 The user [EMAIL PROTECTED] is able to receive mail no problem. If I change the run script to use `id -u vpopmail` `id -g vpopmail` instead, attempts to auth fail with no logging. I've tried eliminating the variables just to make the script as simple as possible: - #!/bin/sh exec /usr/local/bin/softlimit -m 2000 \ /usr/local/bin/tcpserver -v -R -lmail.interdyne.net -x \ /home/vpopmail/etc/tcp.smtp.cdb -c 25 \ -u 89 -g 89 0 smtp /var/qmail/bin/qmail-smtpd \ mail.interdyne.net /home/vpopmail/bin/vchkpw /usr/bin/true 21 - (89:89 is vpopmail:vchkpw) I have no clue why this is not working there's a sizeable dent in my forehead that matches the edge of the desk. Anybody care to smack me with the clue-by-four here? Thanks, -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
RE: [vchkpw] Supervise startup script?
Thanks a ton, Clayton! -Kit At 8:43 AM -0800 11/29/02, Clayton Weise wrote: Yes. Here's mine: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` exec /usr/local/bin/softlimit -m 800 \ /usr/local/bin/tcpserver -Rv -x /var/vpopmail/etc/tcp.smtp.cdb \ -c 200 -u $QMAILDUID -g $NOFILESGID -lqmail.iswest.net 0 smtp \ /var/qmail/bin/qmail-smtpd qmail.iswest.net /var/vpopmail/bin/vchkpw /usr/bin/true 21 -Original Message- From: Kit Halsted [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 28, 2002 11:19 AM To: [EMAIL PROTECTED] Subject: [vchkpw] Supervise startup script? Apologies for such a lame request, but does anyone have a working startup script for qmail/vpopmail with SMTP-AUTH under daemontools for a BSD/non-rc.d system kicking around? My big mail/web/primary DNS server died (very thoroughly) yesterday I had to rebuild it differently from the way it was before due to the qmail port being removed from OpenBSD. OpenBSD 3.2/vpopmail 5.3.9/qmail 1.0.3 At least I finally got approval to put a RAID controller in. Maybe they'll even go for the backup system I wanted now... TiA -Kit, rebuilding the DNS web stuff now... -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
[vchkpw] Supervise startup script?
Apologies for such a lame request, but does anyone have a working startup script for qmail/vpopmail with SMTP-AUTH under daemontools for a BSD/non-rc.d system kicking around? My big mail/web/primary DNS server died (very thoroughly) yesterday I had to rebuild it differently from the way it was before due to the qmail port being removed from OpenBSD. OpenBSD 3.2/vpopmail 5.3.9/qmail 1.0.3 At least I finally got approval to put a RAID controller in. Maybe they'll even go for the backup system I wanted now... TiA -Kit, rebuilding the DNS web stuff now... -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Re: [vchkpw] Re: smtp-auth
At 1:46 PM -0200 10/24/02, Paulo Henrique Baptista de Oliveira wrote: Hi John, version 5.2.1 no extra compile option. TIA, Paulo Henrique Somebody flame me if I'm wrong, but IIRC vpopmail 5.2.1 will not work with SMTP-AUTH Eudora. Eudora requires CRAM-MD5, so vpopmail 5.3.6 looks like the minimum version for your requirements. (5.3.9 is up on the dev page, 5.3.11 is the most current that I know of, 5.3.6 is probably long gone.) HTH, -Kit Quoting John Johnson ([EMAIL PROTECTED]): Paulo Henrique Baptista de Oliveira writes: Hi all, I installed qmail smtp-remote-auth patch. It works well for outlook client but with eudora it fails. What I can do to fix this? TIA, Paulo Henrique What version of vpopmail are you running and what are your compile options? -John -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
[vchkpw] Auto-add vusers to LDAP DB?
Howdy folks: Looks like my boss may be getting a Big New Client with new requirements for email. Big New Client wants a global address book the ability to add delete users on their own. No problem, I say, I'll set up LDAP qmailadmin. Then it hits me: I have no idea how I can automatically sync the new users into the LDAP db. So, my first question for this list: is anybody doing anything like this? My current setup is as follows: OpenBSD 3.0-stable, soon to be 3.2-stable. qmail 1.03 vpopmail 5.2.1 Second question: does anybody know if qmailadmin will continue to work with Apache running in a chrooted environment? Thanks, -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Re: [vchkpw] SMTP-AUTH, Stable?
Long day... At 9:44 AM -0500 9/10/02, Ken Jones wrote: On Monday 09 September 2002 09:01 pm, Kit Halsted wrote: One of my clients has been running a server with the relaymailfrom hack for years. I've been telling them for as long as I've been working with them that they would get blacklisted if they didn't switch to SMTP-AUTH. Well, they got listed now I have to implement SMTP-AUTH. I know that CRAM-MD5 issues are fixed as of 5.3.6 (Woohoo! Thanks, Bill!), I know that 5.3.8 seems stable from what I've seen on this list, but I'm still nervous deploying dev software on a production box. So, question #1 is: will there be a new stable version soon? I think it's about time we release a new production version. The development version 5.3.8 doesn't seem to have any problems. We are running it in production. Cool, I'll just go with 5.3.8 hope you don't change version numbers when you start calling it the production version. ;) I would also appreciate it if anyone has time to critique my upgrade plans: Back up /var/qmail /home/vpopmail Grab fresh qmail source Patch with elysium.pl SMTP-AUTH patch make setup check #This is non-destructive as far as existing control files, etc., no? Install vpopmail 5.3.8 over existing 5.2. That works. Recompile any programs that link the vpopmail library too. Apologies for the ongoing questions, but what programs are those? I don't think I'm running any that won't be rebuilt by installing the new version, but I may just be hugely ignorant here. (Just running vpopmail, no web admin stuff, no imap.) Thanks again, Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Re: pop3 session would freeze
I was once asked to fix a Eudora Internet Mail Server installation that was freezing POP clients. Every client in the office froze while trying to download mail. Turned out that they were all on a mailing list someone had sent a mail to that list with a blank body. They were also all using M$ LookOut Express, which chokes on messages with blank bodies in some circumstances. After wiping out the offending message, everything was okay again. So, as others have said, don't use M$ software. :) To see if this is the problem, do this from your mail server: - %telnet localhost 110 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. +OK [EMAIL PROTECTED] user [EMAIL PROTECTED] +OK pass password +OK list +OK 1 2784 2 1690 3 1353 4 1871 . - You can then use the retr command to look at the offending message, i.e. retr 4 if message #4 is causing the problem. To remove a problematic message, use the dele command, i.e. dele 4. When you're done, type quit to exit the POP session. HTH, -Kit At 7:47 PM +0300 9/26/01, Ufuk M. Fakioglu wrote: Hi, I am using qmail 1.03 + vpopmail 4.9.8 on Solaris 2.7 and MS Outlook Express as pop3 client. While retrieving messages, without any obvious reason, the pop3 session would first freeze and then Outlook would display an error message saying that it cannot communicate with the pop3 server for 60 seconds. The message counter on the client side would start to increase and then suddenly stop at some arbitrary mesage like receiving messages 14 of 25 and freeze like that. Any suggestions will be dearly appreciated. Regards, Ufuk -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
RE: SMTP-AUTH with vpopmail
Hmmm... I'm trying to run the patch from Krzysztof Dabrowski, along with his MD5 password utility. Are you guys both running Mrs. Brisby's patch? Most importantly for me, is anyone successfully using CRAM-MD5 SMTP-AUTH with vpopmail? Eudora doesn't do LOGIN or PLAIN I'll start using Lookout when M$ starts designing for simplicity security. At 7:03 PM -0600 9/20/01, Tren Blackburn wrote: Or you can just add the qmaild user to the vchkpw group (which is what I did) This works just fine for me it seems, but I'm guessing it'll only work for sites that have ALL virtual domains under the vchkpw user, otherwise, you'll have to run the qmail-smtpd program as root. I've been running the new qmail-smtpd as user vpopmail. All of my domains are virtual, I don't like the idea of shell passwords being sent in the clear. Thanks, -Kit Regards, Tren. -Original Message- From: Chris Bolt [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 4:45 PM To: [EMAIL PROTECTED] Subject: RE: SMTP-AUTH with vpopmail Sorry if I'm flogging a dead horse, but I can't seem to get this running. Can anyone walk me through the steps required to use the SMTP-AUTH patch with an existing qmail/vpopmail installation? Or do I need to reinstall everything from scratch? Running OpenBSD 2.9-stable if it matters. I use Mrs. Brisby's drop-in replacement for qmail-smtpd.c with SMTP AUTH support. It doesn't support CRAM-MD5 authentication but none of the clients my users use support that anyways. http://www.nimh.org/dl/qmail-smtpd.c Then just add ~vpopmail/bin/vchkpw /bin/true to the end of the script you use to launch qmail-smtpd. You do need to recompile qmail-smtpd but not vpopmail. If you have vpopmail 4.9.10, you'll need to make qmail-smtpd run as root but I don't know about newer versions. -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
SMTP-AUTH with vpopmail
Sorry if I'm flogging a dead horse, but I can't seem to get this running. Can anyone walk me through the steps required to use the SMTP-AUTH patch with an existing qmail/vpopmail installation? Or do I need to reinstall everything from scratch? Running OpenBSD 2.9-stable if it matters. Thanks, -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
[Smtpauth] Stupid Question
Hey, maybe I can compound my error by sending this to the wrong list... Below is a message I sent to the qmail-smtp-auth list. I'm having trouble setting up smtp-auth with vpopmail my brain is mush. Any help would be greatly appreciated, I'd like to get this server and another one just like it locked down. Thanks, -Kit - Hello, let me introduce myself to this list by looking like an idiot... I just attempted to install smtp-auth on a running qmail system by patching the qmail-1.03 source, installing qmail into a new directory, copying the patched qmail-smtpd into /var/qmail/bin. Should work, but it doesn't. I'm sure it's because I'm failing to grasp something simple, but I've been scatter-brained distracted ever since the view out my window changed so abruptly last week. I'm running OpenBSD 2.9, -stable as 06-23-01, along with qmail 1.03 vpopmail 4.9.8. I have no default domain, all domains are virtual. Here are all of the relevant files, permissions, etc. I can think of: - yabox# less inetd.conf snip smtp stream tcp nowait vpopmail /var/qmail/bin/tcp-env tcp-env /var/qmail/bin/qm ail-smtpd yabox.kithalsted.com /bin/cmd5checkpw /usr/bin/true snip The above is all on one line; OpenBSD didn't like the \ in the sample. True lives in /usr/bin on OpenBSD. - yabox# ls -al /etc/poppasswd -r 1 vpopmail wheel 13 Sep 17 21:13 /etc/poppasswd I tried this with a new user, md5user, created specifically for cmd5passwd as well. - yabox# ls -al /home/vpopmail total 194 drwxr-xr-x 11 vpopmail vchkpw 512 Apr 3 14:07 . drwxr-xr-x 6 root wheel 512 Sep 17 20:20 .. -rw-r--r-- 1 vpopmail vchkpw 769 Apr 3 13:39 .cshrc -rw-r--r-- 1 vpopmail vchkpw 318 Apr 3 13:39 .login -rw-r--r-- 1 vpopmail vchkpw 105 Apr 3 13:39 .mailrc -rw-r--r-- 1 vpopmail vchkpw 201 Apr 3 13:39 .profile -rw--- 1 vpopmail vchkpw 65 Apr 3 13:39 .rhosts drwx-- 5 vpopmail vchkpw 512 Apr 3 13:39 Maildir drwxr-xr-x 2 vpopmail vchkpw 512 Apr 3 14:07 bin drwxr-xr-x 4 vpopmail vchkpw 512 Apr 3 14:07 doc drwx-- 3 vpopmail vchkpw 512 Apr 22 19:19 domains drwxr-xr-x 2 vpopmail vchkpw 512 Apr 3 14:05 etc drwxr-xr-x 2 vpopmail vchkpw 512 Apr 3 14:07 include drwxr-xr-x 2 vpopmail vchkpw 512 Apr 3 14:07 lib drwx-- 2 vpopmail vchkpw 512 Apr 4 17:05 users drwxr-xr-x 5 vpopmail vchkpw2560 Apr 3 14:06 vpopmail-4.9.8-1 -rw-r--r-- 1 vpopmail vchkpw 167779 Apr 3 14:03 vpopmail-4.9.8-1.tar.gz yabox# ls -al /home/vpopmail/domains total 4 drwx-- 3 vpopmail vchkpw 512 Apr 22 19:19 . drwxr-xr-x 11 vpopmail vchkpw 512 Apr 3 14:07 .. -rw--- 1 vpopmail vpopmail43 Apr 22 19:19 .dir-control drwx-- 9 vpopmail vpopmail 1024 May 10 01:00 kithalsted.com - Can anybody spare a clue? Thanks, -Kit -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus ___ Smtpauth mailing list [EMAIL PROTECTED] http://list.elysium.pl/mailman/listinfo/smtpauth
Re: [Smtpauth] Stupid Question
At 3:51 PM -0400 9/18/01, Brandon Ramirez wrote: I'm not positive on this, but it's probably because you're running a binary of qmail-smtpd that belongs in one directory in another. My qmail w/ SMTP-AUTH patch was installed in /var/qmail. Therefore I use /var/qmail/bin/qmail-smtpd. Try keeping it in a separate directory and using the new version. Thanks, but I don't think that's it. The original conf-qmail file pointed to a work directory rather than /var/qmail, my original qmail-smtpd works fine. I guess I'm going to leave this as-is for a while; I was relying on docs on the web to figure this out the brain-donor admins at my ISP have decided that blocking port 80 is a good thing to do in the face of the nimda worm... Thanks, -Kit - Original Message - From: Kit Halsted [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, September 18, 2001 3:43 PM Subject: [Smtpauth] Stupid Question Hey, maybe I can compound my error by sending this to the wrong list... Below is a message I sent to the qmail-smtp-auth list. I'm having trouble setting up smtp-auth with vpopmail my brain is mush. Any help would be greatly appreciated, I'd like to get this server and another one just like it locked down. Thanks, -Kit - Hello, let me introduce myself to this list by looking like an idiot... I just attempted to install smtp-auth on a running qmail system by patching the qmail-1.03 source, installing qmail into a new directory, copying the patched qmail-smtpd into /var/qmail/bin. Should work, but it doesn't. I'm sure it's because I'm failing to grasp something simple, but I've been scatter-brained distracted ever since the view out my window changed so abruptly last week. I'm running OpenBSD 2.9, -stable as 06-23-01, along with qmail 1.03 vpopmail 4.9.8. I have no default domain, all domains are virtual. snip -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -Benjamin Franklin ...qui desiderat pacem, praeparet bellum (...if you would have peace, be prepared for war) -Flavius Vegetius Renatus
Slow to connect
My vpopmail server is very slow to connect right now. I have customers calling the office bitching I can see it when I try to check my mail. Unfortunately, I'm clueless as to how to troubleshoot it, much less fix it. Using ssh to connect to the box works instantly. Telnetting to port 110 from my box at home shows where the delay is: - yabox# telnet athena.interdyne.net 110 Trying 64.124.170.170... Connected to athena.interdyne.net. Escape character is '^]'. user [EMAIL PROTECTED] #It sits there for ~60 seconds, then proceeds normally. pass +OK list +OK . quit +OK Connection closed by foreign host. - My log tells me nothing; lots of messages went through for local (virtual) domains and for remote (secondary MX) domains, some messages did not go through for remote domains due to transient failures, but nothing to indicate why authentication should take so long. Top/ps showed between 1 10 instances of tcpserver -H -R 0 110... running while the problem was going on. I'm stumped here. This has happened twice before, but both other times the logs told me that a message was rejected for a secondary domain due to size restrictions. Even assuming that that was the problem today, I don't know what to do about it, since the databytes control file doesn't do anything until a message has been written to disk. Can anyone point me to better troubleshooting methods or an explanation for what's happening? Thanks, -Kit
SMTP-AUTH
Is anybody using qmail-smtpd-auth http://members.elysium.pl/brush/qmail-smtpd-auth/ with vpopmail? There's documentation there for use with vpopmail, but it mentions v3.4.11k, which sounds a lot older than the 4.9.8 I'm running. I'm curious as to whether anyone is using SMTP-AUTH with a recent vpopmail whether it was hard to set up, as I'm looking at migrating a live server to it. Thanks, -Kit
Re: SMTP-AUTH
Thank you, Bill Ken. Now to figure out how to run smtp as vpopmail... -Kit At 6:04 PM -0500 7/31/01, Ken Jones wrote: Bill Shupp wrote: on 7/31/01 4:54 PM, Kit Halsted at [EMAIL PROTECTED] spake: Is anybody using qmail-smtpd-auth http://members.elysium.pl/brush/qmail-smtpd-auth/ with vpopmail? There's documentation there for use with vpopmail, but it mentions v3.4.11k, which sounds a lot older than the 4.9.8 I'm running. I'm curious as to whether anyone is using SMTP-AUTH with a recent vpopmail whether it was hard to set up, as I'm looking at migrating a live server to it. I tried it out a while back. Here's what I found, to the best of my recollection: 1. Don't worry about the vpopmail patch, it doesn't work anymore and you don't need it. 2. You have to run your smtp server as someone that can authenticate with vpopmail (root or vpopmail) 3. If you use multiple /etc/passwd users with vpopmail for system quotas, I'm pretty sure you need to run it as root. Perhaps someone can verify the above, but I think that's what I had to do to get it running. Although I never put it in production. Cheers, Bill Shupp Hey Bill :) I can verify that the latest devel works with smtp auth. I tested it last week. The only requirement is: 1) run smtp as either root (if you have non vpopmail mailboxes) or as vpopmail (if all mail accounts are under vpopmail) Ken
Re: vpopmail and iMacs
At 10:16 PM +1200 7/5/01, Gordon Smith wrote: Has anyone experienced problems with iMac users authenticating? I'm on a PowerBook G4, but many of my users are on iMacs. No problems here. Seems to be a machine fault rather than mail client. Can you explain why you think that? Users with IE 5.02 report errors while retrieving mail ( -20003) - server unexpectedly terminated session. There's your problem, they're using a web browser instead of a POP client. ;) Seriously, I assume you mean OE 5.02. I can't remember versions or specifics right now, but I know some versions of OE puke on messages with empty bodies.Any chance that's what's happening here? I once had to telnet into every account at a small office that used OE in order to delete an empty message that had been sent to all the users on the system. They were getting a similar message from OE blaming the Eudora mail server until I showed them what was happening. I'd rather not tcpdump pop3 on the mail server (approx 6k users) if I can help it. I'd try a different mail client before troubleshooting on the server. I'm running latest development vpopmail (upgraded in case that was the problem). Any ideas would be appreciated I think I'm running 4.9.8 on both of my qmail servers, it's whatever was stable a few months back, but I'm thinking this isn't a vpopmail thing. I was a Mac guy long before I was *n*x guy, let me know if you need more help nailing this one. HTH, -Kit
RE: Mail Bomb
At 10:25 PM -0600 4/23/01, Chris Bolt wrote: I don't know why it's being forwarded to itself but it is, somehow. Two things: You don't need to vadduser, you can create .qmail-testgroup in the domain directory. You can also supply the full path to [EMAIL PROTECTED]'s maildir instead of a forwarder, which may prevent any loops from happening. Ah, thanks. That works, though I'd still like to get to the bottom of this. The problem is happening on my personal server, but my personal server runs the same setup as my work server, I'd be in bad shape if this was happening there. I installed ezmlm couldn't get it working, so I removed the files directories it created for me; I'm not ready to place the blame for that on anything but my lack of understanding as of yet. Is there a particular place the directory has to live when using ezmlm with vpopmail? Could you post the headers of one of the later messages? Perhaps the Delivered-To or Received: headers could provide some information. Return-Path: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: (qmail 21922 invoked by uid 1001); 22 Apr 2001 23:11:39 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 10159 invoked by uid 1001); 22 Apr 2001 23:11:37 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 17981 invoked by uid 1001); 22 Apr 2001 23:11:35 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 31440 invoked by uid 1001); 22 Apr 2001 23:11:33 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 25434 invoked by uid 1001); 22 Apr 2001 23:11:32 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 12203 invoked by uid 1001); 22 Apr 2001 23:11:30 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 29833 invoked by uid 1001); 22 Apr 2001 23:11:29 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 876 invoked from network); 22 Apr 2001 23:11:28 - Received: from w098.z064002075.nyc-ny.dsl.cnc.net (HELO ?10.0.1.12?) (64.2.75.98) by mail.kithalsted.com with SMTP; 22 Apr 2001 23:11:28 - Mime-Version: 1.0 Message-Id: p04320405b70913140010@[10.0.1.12] X-Mailer: Eudora for Macintosh! Date: Sun, 22 Apr 2001 19:00:58 -0400 To: [EMAIL PROTECTED] From: Kit Halsted [EMAIL PROTECTED] Subject: test .qmail group Content-Type: text/plain; charset=us-ascii ; format=flowed x-flowedtest /x-flowed Thanks, -Kit -Original Message- From: Kit Halsted [mailto:[EMAIL PROTECTED]] Sent: Monday, April 23, 2001 12:47 PM To: [EMAIL PROTECTED] Subject: RE: Mail Bomb At 1:04 AM -0600 4/23/01, Chris Bolt wrote: Logs? And why didn't you just use ezmlm? I don't have ezmlm installed, I didn't really think it was worthwhile for 6 users or so. Here's a small chunk of logfile from the test message I sent: Apr 22 19:11:28 yabox qmail: 987981088.433470 new msg 889608 Apr 22 19:11:28 yabox qmail: 987981088.434715 info msg 889608: bytes 516 from k [EMAIL PROTECTED] qp 876 uid 2850 Apr 22 19:11:28 yabox qmail: 987981088.446427 starting delivery 76: msg 889608 t o local [EMAIL PROTECTED] Apr 22 19:11:28 yabox qmail: 987981088.448392 status: local 1/10 remote 0/20 Apr 22 19:11:28 yabox qmail: 987981088.717678 new msg 889609 Apr 22 19:11:28 yabox qmail: 987981088.727411 info msg 889609: bytes 627 from k [EMAIL PROTECTED] qp 12343 uid 1001 Apr 22 19:11:28 yabox qmail: 987981088.743928 starting delivery 77: msg 889609 t o local [EMAIL PROTECTED] Apr 22 19:11:28 yabox qmail: 987981088.746177 status: local 2/10 remote 0/20 Apr 22 19:11:28 yabox qmail: 987981088.803890 delivery 77: success: did_0+0+1/ Apr 22 19:11:28 yabox qmail: 987981088.819627 status: local 1/10 remote 0/20 Apr 22 19:11:28 yabox qmail: 987981088.821432 end msg 889609 Apr 22 19:11:29 yabox qmail: 987981089.061270 new msg 889610 Apr 22 19:11:29 yabox qmail: 987981089.062297 info msg 889610: bytes 627 from k [EMAIL PROTECTED] qp 16741 uid 1001 Apr 22 19:11:29 yabox qmail: 987981089.143986 starting delivery 78: msg 889610 t o remote [EMAIL PROTECTED] Apr 22 19:11:29 yabox qmail: 987981089.145720 status: local 1/10 remote 1/20 Apr 22 19:11:29 yabox qmail: 987981089.188166 new msg 889609 Apr 22 19:11:29 yabox qmail: 987981089.189370 info msg 889609: bytes 626 from k [EMAIL PROTECTED] qp 9295 uid 1001 Apr 22 19:11:29 yabox qmail: 987981089.332014 starting delivery 79: msg 889609 t o remote [EMAIL PROTECTED] Apr 22 19:11:29 yabox qmail: 987981089.333721 status: local 1/10 remote 2/20 Apr 22 19:11:29 yabox qmail: 987981089.783989 new msg 889611 Apr 22 19:11:29 yabox qmail: 987981089.785207 info msg 889611: bytes 627 from k [EMAIL PROTECTED] qp 15196 uid 1001 Apr 22 19:11:29 yabox qmail: 987981089.904753 starting delivery 80: msg 889611 t o remote [EMAIL PROTECTED] Apr 22 19:11:29 yabox qmail: 987981089.906240 status: local 1/10 remote 3/20 Apr 22 19:11:29 yabox qmail: 987981089.907911 delivery 76: success: did_0+0+1/ Apr 22 19:11:29 yabox qmail: 987981089.910667 status: local 0/10 remote 3/20 Apr 22 19:11:29 yabox qmail: 987981089.913438 end msg 889608 Apr 22 19:11:30 yabox qmail
RE: Mail Bomb
At 1:47 PM -0700 4/24/01, Dan Phoenix wrote: It would seem quite obvious to me that there are problem delivering the mail to that account. SInce you are the domain it keeps looping because it only knows to deliver to itself. I'm not following you. There are no general problems delivering mail to [EMAIL PROTECTED]. How do you mean I am the domain? -Kit On Mon, 23 Apr 2001, Chris Bolt wrote: Date: Mon, 23 Apr 2001 22:25:58 -0600 From: Chris Bolt [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: RE: Mail Bomb I don't know why it's being forwarded to itself but it is, somehow. Two things: You don't need to vadduser, you can create .qmail-testgroup in the domain directory. You can also supply the full path to [EMAIL PROTECTED]'s maildir instead of a forwarder, which may prevent any loops from happening. Could you post the headers of one of the later messages? Perhaps the Delivered-To or Received: headers could provide some information. -Original Message- From: Kit Halsted [mailto:[EMAIL PROTECTED]] Sent: Monday, April 23, 2001 12:47 PM To: [EMAIL PROTECTED] Subject: RE: Mail Bomb At 1:04 AM -0600 4/23/01, Chris Bolt wrote: Logs? And why didn't you just use ezmlm? I don't have ezmlm installed, I didn't really think it was worthwhile for 6 users or so. snip
RE: Mail Bomb
: 987981091.264972 status: local 0/10 remote 5/20 Apr 22 19:11:31 yabox qmail: 987981091.441239 new msg 889614 Apr 22 19:11:31 yabox qmail: 987981091.442458 info msg 889614: bytes 738 from k [EMAIL PROTECTED] qp 12203 uid 1001 Apr 22 19:11:31 yabox qmail: 987981091.473731 starting delivery 86: msg 889614 t o local [EMAIL PROTECTED] Apr 22 19:11:31 yabox qmail: 987981091.475909 status: local 1/10 remote 5/20 Apr 22 19:11:31 yabox qmail: 987981091.532262 delivery 80: success: 63.216.77.14 2_accepted_message./Remote_host_said:_250_CB9849F7_Message_accepted,_transient_i dentifier_was_1363/ Apr 22 19:11:31 yabox qmail: 987981091.536438 status: local 1/10 remote 4/20 Apr 22 19:11:31 yabox qmail: 987981091.537690 end msg 889611 Apr 22 19:11:31 yabox qmail: 987981091.613266 new msg 889611 Apr 22 19:11:31 yabox qmail: 987981091.614693 info msg 889611: bytes 849 from k [EMAIL PROTECTED] qp 18498 uid 1001 Apr 22 19:11:31 yabox qmail: 987981091.756476 starting delivery 87: msg 889611 t o local [EMAIL PROTECTED] Apr 22 19:11:31 yabox qmail: 987981091.758671 status: local 2/10 remote 4/20 Apr 22 19:11:31 yabox qmail: 987981091.763953 new msg 889612 Apr 22 19:11:31 yabox qmail: 987981091.764993 info msg 889612: bytes 849 from k [EMAIL PROTECTED] qp 21907 uid 1001 Apr 22 19:11:31 yabox qmail: 987981091.907450 starting delivery 88: msg 889612 t o remote [EMAIL PROTECTED] Apr 22 19:11:31 yabox qmail: 987981091.909147 status: local 2/10 remote 5/20 Apr 22 19:11:31 yabox qmail: 987981091.913186 delivery 87: success: did_0+0+1/ Apr 22 19:11:31 yabox qmail: 987981091.925921 status: local 1/10 remote 5/20 Apr 22 19:11:31 yabox qmail: 987981091.926984 delivery 83: success: 166.84.157.1 31_accepted_message./Remote_host_said:_250_2.6.0_message_received_OK/ Apr 22 19:11:31 yabox qmail: 987981091.936090 status: local 1/10 remote 4/20 Apr 22 19:11:31 yabox qmail: 987981091.937374 end msg 889611 Apr 22 19:11:31 yabox qmail: 987981091.961316 end msg 889610 Apr 22 19:11:32 yabox qmail: 987981092.371505 new msg 889615 Apr 22 19:11:32 yabox qmail: 987981092.372961 info msg 889615: bytes 848 from k [EMAIL PROTECTED] qp 6382 uid 1001 Apr 22 19:11:32 yabox qmail: 987981092.568689 starting delivery 89: msg 889615 t o remote [EMAIL PROTECTED] Apr 22 19:11:32 yabox qmail: 987981092.570498 status: local 1/10 remote 5/20 Apr 22 19:11:32 yabox qmail: 987981092.572454 delivery 86: success: did_0+0+1/ Apr 22 19:11:32 yabox qmail: 987981092.574704 status: local 0/10 remote 5/20 Apr 22 19:11:32 yabox qmail: 987981092.575676 end msg 889614 Apr 22 19:11:32 yabox qmail: 987981092.592710 new msg 889610 Apr 22 19:11:32 yabox qmail: 987981092.593947 info msg 889610: bytes 849 from k [EMAIL PROTECTED] qp 26504 uid 1001 Apr 22 19:11:32 yabox qmail: 987981092.652905 starting delivery 90: msg 889610 t o remote [EMAIL PROTECTED] Apr 22 19:11:32 yabox qmail: 987981092.654393 status: local 0/10 remote 6/20 Apr 22 19:11:32 yabox qmail: 987981092.670517 new msg 889611 Apr 22 19:11:32 yabox qmail: 987981092.671773 info msg 889611: bytes 849 from k [EMAIL PROTECTED] qp 25434 uid 1001 Apr 22 19:11:32 yabox qmail: 987981092.730528 starting delivery 91: msg 889611 t o local [EMAIL PROTECTED] Apr 22 19:11:32 yabox qmail: 987981092.732737 status: local 1/10 remote 6/20 Apr 22 19:11:32 yabox qmail: 987981092.833019 delivery 84: success: 216.220.96.3 _accepted_message./Remote_host_said:_250_2.0.0_f3MN10U23861_Message_accepted_for _delivery/ Apr 22 19:11:32 yabox qmail: 987981092.873245 status: local 1/10 remote 5/20 Apr 22 19:11:32 yabox qmail: 987981092.875197 end msg 889613 Apr 22 19:11:32 yabox qmail: 987981092.911763 new msg 889614 Apr 22 19:11:32 yabox qmail: 987981092.913770 info msg 889614: bytes 960 from k [EMAIL PROTECTED] qp 11066 uid 1001 Apr 22 19:11:33 yabox qmail: 987981093.131247 delivery 88: success: 166.84.157.1 31_accepted_message./Remote_host_said:_250_2.6.0_message_received_OK/ Apr 22 19:11:33 yabox qmail: 987981093.177631 status: local 1/10 remote 4/20 Apr 22 19:11:33 yabox qmail: 987981093.178625 delivery 85: success: 63.216.77.14 2_accepted_message./Remote_host_said:_250_CB9849F7_Message_accepted,_transient_i dentifier_was_1364/ Apr 22 19:11:33 yabox qmail: 987981093.199376 status: local 1/10 remote 3/20 Apr 22 19:11:33 yabox qmail: 987981093.201540 starting delivery 92: msg 889614 t o local [EMAIL PROTECTED] Apr 22 19:11:33 yabox qmail: 987981093.202020 status: local 2/10 remote 3/20 Apr 22 19:11:33 yabox qmail: 987981093.202480 end msg 889612 : -Original Message- From: Kit Halsted [mailto:[EMAIL PROTECTED]] Sent: Sunday, April 22, 2001 10:18 PM To: [EMAIL PROTECTED] Subject: Mail Bomb I had a nasty embarrassing experience today that I'm still trying to figure out. I put together a list of email addresses for all the computer geeks I know, did the following: ... Thanks, -Kit
Mail Bomb
I had a nasty embarrassing experience today that I'm still trying to figure out. I put together a list of email addresses for all the computer geeks I know, did the following: #vadduser [EMAIL PROTECTED] password #cd /home/vpopmail/domains/kithalsted.com/geeks #pico .qmail I then added the addresses, one per line, starting with my own. The resulting file looked like this: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (The dot-qmail man page says the ampersands are optional, so I left them out.) So I sent out an email to [EMAIL PROTECTED] heard the really loud drive in my server start churning, as it always does, but it didn't stop. My SSH session got really laggy. I went to check my mail saw that there were 429 messages waiting. I yanked the network plug from the server, killed qmail-send, did #vdeluser [EMAIL PROTECTED] #cd /var/qmail/queue/remote #rm -rf * I then re-added chowned the 0-22 directories got everything working again, but not until after ~20 copies of the message had been sent to people who will now think of me as an End User. So, of course, I started questioning myself, wondering if maybe I *had* added the group address to the .qmail file like a moron. So I did #vadduser [EMAIL PROTECTED] password #cd /home/vpopmail/domains/kithalsted.com/testgroup #pico .qmail I then added the addresses, one per line, starting with my own. The resulting file looked like this: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] I sent a single message; the results were the same, except that I spammed myself instead of my friends. The weird thing is, I have another account that works. [EMAIL PROTECTED] is a vpopmail account that forwards to my main account my pager. /home/vpopmail/domains/kithalsted.com/pageme/.qmail looks like this: [EMAIL PROTECTED] [EMAIL PROTECTED] Does anybody have any idea what's going on? I'm lost here. /var/log/maillog headers from the messages are available on request, vpopmail 4.9.8-1, Qmail 1.0.3, OpenBSD 2.8-stable on PII/350. Thanks, -Kit
Re: Vpopmail privacy problem please help ;(
At 12:27 AM + 4/18/01, Jeremy Gray wrote: (What's up with your attributions? I wrote the double-quoted stuff.) A- If you really want to hide that information, use FirstClass on a Mac or NT box. Or better yet, QuickMail 1.x with StarNine Internet Gateway. B- Judging from a quick extremely unscientific survey of headers in various incoming emails on my laptop, it appears that whether or not the sender's IP appears in the Received: header is dependent on some combination of client server, further that it is by no means restricted to Qmail. I'll refrain from commenting on whether suppressing the sender's IP info would actually be desirable. -Kit I would have to paste exactally what is being shown, That would be helpful if you want anything closer to an accurate answer. I know that by default the senders actual ip is sent, but this is also showing the full local hostname / email address of the sender. I could see how it would be annoying to start getting mail for your business to your home local isp. In my case, I dont even use my local isp mail, so if someone responded to something like that, I wouldnt even get the mail. Could make for people thinking I'm ignoring them. Why would they go through Received: headers to get in touch with you? That's just a bizarre concept. -Kit
Re: Vpopmail privacy problem please help ;(
At 9:11 PM + 4/17/01, Jeremy Gray wrote: I'm not sure if this is a vpopmail, qmail/pop3d or tcpserver issue =(, but when a user sends mail remotely via vpopmail (running qmail-pop3d), the "recieved from:" field in the headers shows the users local hostname/ISP IP rather than our server. Is there a flag or something to make it leave this information out, or use the servers information instead? Since you keep sending this same question over over no one else is answering, I'll pass on a couple of comments: A- If you really want to hide that information, use FirstClass on a Mac or NT box. Or better yet, QuickMail 1.x with StarNine Internet Gateway. B- Judging from a quick extremely unscientific survey of headers in various incoming emails on my laptop, it appears that whether or not the sender's IP appears in the Received: header is dependent on some combination of client server, further that it is by no means restricted to Qmail. I'll refrain from commenting on whether suppressing the sender's IP info would actually be desirable. -Kit
Re: Aliases?
qmail: 987226408.763211 triple bounce: discarding bounce/8 89609 Apr 14 01:33:28 yabox qmail: 987226408.765946 end msg 889609 Apr 14 01:33:28 yabox qmail: 987226408.782720 delivery 1255: failure: Sorry,_no_ mailbox_here_by_that_name._(#5.1.1)/ Kit Halsted wrote: Thanks, Ken. Any pointers on how to set up the system aliases without messing things up for vpopmail? (FQDN is in locals, DN is handled by vpopmail.)
Re: Aliases?
Thanks, Ken. Any pointers on how to set up the system aliases without messing things up for vpopmail? (FQDN is in locals, DN is handled by vpopmail.) -Kit At 6:16 AM -0500 4/9/01, [EMAIL PROTECTED] wrote: FastForward and vpopmail will not work together. They both wish to occupy the .qmail-default file, and it won't work properly. You can add them both there, but it will cause problems in the long run. Kit Halsted wrote: Sorry for the reposted question, but I'm still hoping somebody might be able to clue me in... I'm running Qmail 1.03, FastForward 0.51, vpopmail (4.9.8-1, I think, latest stable release as of 6 days ago) on an OpenBSD 2.8/i386 box. I set up an /etc/aliases file ran newaliases to get the standard system accounts to forward to my account. Newaliases appeared to run fine, but mail to root still bounces as below. Anybody know what I'm doing wrong? Bounce: -- Return-Path: Delivered-To: [EMAIL PROTECTED] Received: (qmail 20565 invoked for bounce); 5 Apr 2001 15:36:49 - Date: 5 Apr 2001 15:36:49 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the qmail-send program at yabox.kithalsted.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: Sorry, no mailbox here by that name. vpopmail (#5.1.1) --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: (qmail 19904 invoked from network); 5 Apr 2001 15:36:48 - Received: from w098.z064002075.nyc-ny.dsl.cnc.net (HELO ?10.0.1.39?) (64.2.75.98) by mail.kithalsted.com with SMTP; 5 Apr 2001 15:36:48 - Mime-Version: 1.0 X-Sender: [EMAIL PROTECTED]@mail.kithalsted.com Message-Id: p04320402b6f23f4f3ea7@[10.0.1.39] X-Mailer: Eudora for Macintosh! Date: Thu, 5 Apr 2001 11:27:32 -0400 To: [EMAIL PROTECTED] From: Kit Halsted [EMAIL PROTECTED] Subject: test-[EMAIL PROTECTED] Content-Type: text/plain; charset="us-ascii" ; format="flowed" -- Thanks, -Kit -- [EMAIL PROTECTED] Inter7 Internet Technologies, Inc. www.inter7.com - 847-492-0470 Prices at http://www.inter7.com/prices
Aliases?
Sorry for the reposted question, but I'm still hoping somebody might be able to clue me in... I'm running Qmail 1.03, FastForward 0.51, vpopmail (4.9.8-1, I think, latest stable release as of 6 days ago) on an OpenBSD 2.8/i386 box. I set up an /etc/aliases file ran newaliases to get the standard system accounts to forward to my account. Newaliases appeared to run fine, but mail to root still bounces as below. Anybody know what I'm doing wrong? Bounce: -- Return-Path: Delivered-To: [EMAIL PROTECTED] Received: (qmail 20565 invoked for bounce); 5 Apr 2001 15:36:49 - Date: 5 Apr 2001 15:36:49 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the qmail-send program at yabox.kithalsted.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: Sorry, no mailbox here by that name. vpopmail (#5.1.1) --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: (qmail 19904 invoked from network); 5 Apr 2001 15:36:48 - Received: from w098.z064002075.nyc-ny.dsl.cnc.net (HELO ?10.0.1.39?) (64.2.75.98) by mail.kithalsted.com with SMTP; 5 Apr 2001 15:36:48 - Mime-Version: 1.0 X-Sender: [EMAIL PROTECTED]@mail.kithalsted.com Message-Id: p04320402b6f23f4f3ea7@[10.0.1.39] X-Mailer: Eudora for Macintosh! Date: Thu, 5 Apr 2001 11:27:32 -0400 To: [EMAIL PROTECTED] From: Kit Halsted [EMAIL PROTECTED] Subject: test-[EMAIL PROTECTED] Content-Type: text/plain; charset="us-ascii" ; format="flowed" -- Thanks, -Kit
Aliases?
I apologize if this is more a Qmail or OpenBSD question than a vpopmail question, but I suspect vpopmail mail handling is what's confusing me. I'm running Qmail 1.03, FastForward 0.51, vpopmail (4.9.8-1, I think, latest stable release as of 2 days ago) on an OpenBSD 2.8/i386 box. I set up an /etc/aliases file ran newaliases to get the standard system accounts to forward to my account. Newaliases appeared to run fine, but mail to root still bounces as below. Anybody know what I'm doing wrong? Bounce: -- Return-Path: Delivered-To: [EMAIL PROTECTED] Received: (qmail 20565 invoked for bounce); 5 Apr 2001 15:36:49 - Date: 5 Apr 2001 15:36:49 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the qmail-send program at yabox.kithalsted.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: Sorry, no mailbox here by that name. vpopmail (#5.1.1) --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: (qmail 19904 invoked from network); 5 Apr 2001 15:36:48 - Received: from w098.z064002075.nyc-ny.dsl.cnc.net (HELO ?10.0.1.39?) (64.2.75.98) by mail.kithalsted.com with SMTP; 5 Apr 2001 15:36:48 - Mime-Version: 1.0 X-Sender: [EMAIL PROTECTED]@mail.kithalsted.com Message-Id: p04320402b6f23f4f3ea7@[10.0.1.39] X-Mailer: Eudora for Macintosh! Date: Thu, 5 Apr 2001 11:27:32 -0400 To: [EMAIL PROTECTED] From: Kit Halsted [EMAIL PROTECTED] Subject: test-[EMAIL PROTECTED] Content-Type: text/plain; charset="us-ascii" ; format="flowed" -- Thanks, -Kit
Re: Virtual User, symlink, Mutt...
At 12:27 PM -0500 2/23/01, Kari Suomela wrote: Friday February 23 2001 11:34, Kit Halsted wrote to All: KH out of 6 consultants, but one guy used telnet Pine extensively KH on KH our old system really wants that functionality. I'm thinking KH it'll KH be fine, just set him up for ssh Mutt set a symlink for KH /home/vpopmail/domains/ourdomain.com/user/Maildir in /home/user. KH Of If the user uses Pine exclusively, you can forward all mail to his /home/user/Maildir. Naturally he will not be able to pop in for it. Thanks, but I'm looking for a way to enable POP _and_ shell. I guess I could do it with a cron job, but I'd prefer something more elegant. Thanks, -Kit
Re: Virtual User, symlink, Mutt...
Sorry, I really should have been more clear. Here's what I'm looking for: A user, let's call him Patrick, has to get POP mail at night when he gets home. He also has to be able to read mail via SSH Mutt during the day. Here's the kicker: it is strictly forbidden for users on this system to send shell passwords out in cleartext, so a .qmail file forwarding to his home dir is out. Use of APOP is also out for various reasons. Have I painted myself into a corner, or is there some permissions magic I can work on his vpopmail Maildir to pull this off? Thanks, -Kit At 12:57 PM -0600 2/23/01, Ken Jones wrote: Kit Halsted wrote: Hi- I'm using Qmail 1.03 vpopmail 4.9.6-1 on OpenBSD 2.8 -stable. Everything works as expected I'm a happy camper. Of course, there is one problem, or I wouldn't be writing... I have virtualized our primary domain so shell users won't be sending their passwords all over the net in cleartext. This is fine with 5 out of 6 consultants, but one guy used telnet Pine extensively on our old system really wants that functionality. I'm thinking it'll be fine, just set him up for ssh Mutt set a symlink for /home/vpopmail/domains/ourdomain.com/user/Maildir in /home/user. Of course, he gets a permission denied error. I know the virtual user Maildir has to be owned by vpopmail:vchkpw. Is this a Catch-22, or does anybody know of a workaround for this? TIA, -Kit The easiest work around is to add a forward from the virtual account to his local /etc/passwd account. Either of these two forwards should work [EMAIL PROTECTED] user Where user = his shell login. Ken Jones
RE: Virtual User, symlink, Mutt...
At 1:40 PM -0700 2/23/01, Matt Simerson wrote: Does it have to be Mutt or can he use Pine? I'm not sure. Pine was pulled from the OpenBSD ports for security reasons, I respect that. OTOH, if Pine can do this I might be willing to take the risk. What can Pine do? -Kit Matt -Original Message- From: Kit Halsted [mailto:[EMAIL PROTECTED]] Sent: Friday, February 23, 2001 11:25 AM To: Ken Jones Cc: [EMAIL PROTECTED] Subject: Re: Virtual User, symlink, Mutt... Sorry, I really should have been more clear. Here's what I'm looking for: A user, let's call him Patrick, has to get POP mail at night when he gets home. He also has to be able to read mail via SSH Mutt during the day. Here's the kicker: it is strictly forbidden for users on this system to send shell passwords out in cleartext, so a .qmail file forwarding to his home dir is out. Use of APOP is also out for various reasons. Have I painted myself into a corner, or is there some permissions magic I can work on his vpopmail Maildir to pull this off? Thanks, snip
Outlook Express Problem
I just started using vpopmail just joined this list. Please accept my apologies if this is a FAQ, but I didn't find anything in the archives. Here's my situation: I found vpopmail while researching ways to use non-system users for mail, primarily as a way around OpenBSD's 8-character limit on usernames. It appeared to be the perfect solution until my boss tried to set up an account in Outlook Express.. OE has a 30-character limit on account names (on a Mac, haven't checked on Windoze yet) the account in question was something like "[EMAIL PROTECTED]". Much as I'd like to just say "don't use OE", that's not an option. I'm thinking I can manually change the domain identifier in /var/qmail/control/virtualdomains ~vpopmail/domains, but I thought I'd ask for thoughts here before I go breaking everything. TIA, -Kit