Hi all,
Just for curious, so... Does anybody has made a vpopmail bind to Lua
(www.lua.org)?
I think that is safe to ask before I start the work...
Thanks,
--
Walter Souto R. Junior
Bayweb Consultoria em Internet
Rua do Catete, 347 sobreloja 218
Catete - Rio de Janeiro - RJ
www.bayweb.com.br
Is there any other IMAP server that can work with vpopmail the way
courier-imap does?
You bet! See www.bincimap.org.
And read http://www.differentpla.net/node/view/165. You can take some
hints from here.
Cheers,
--
Walter
Hi,
I have one of my users using my server to send spam (I think). The
messages came from 200.78.38.103. When I figure that out, I just block him
and bring my server back... So how can I see what account on vpopmail did
used to do this kind of thing? I have only auth-smtp, and just accept
m
Install this
http://www.enderunix.org/isoqlog/
Don't forget the cron job to update it's webpages.
It reads from qmail logs, so hopefully qmail is logging properly on your
box.
=)
Best Regards,
Jeremy Eder
Hi-Tek Data, Corp.
V: 516-797-8800
F: 516-797-8892
Thanks Jeremy, but the spammer changes your
Hi Jeremy,
the smtp auth patch you use should be putting a header in the email
saying who
sent it.. check for that header, and shut the guy off.
This is the first thing that I did try. My server was set 2 years ago and
vpopmail version is 5.3.20. I use the toaster guide from Bill Shup and his
il-smtpd $LOCAL /home/vpopmail/bin/vchkpw /bin/true 2>&1
On Fri, 22 Oct 2004 12:04:04 -0500, Jeremy Kitchen <[EMAIL PROTECTED]>
wrote:
On Friday 22 October 2004 10:33 am, Walter Souto R. Junior wrote:
Received: (qmail 5098 invoked by uid 1010); 22 Oct 2004 11:46:22 -0200
Receive
Hi Tom,
On Oct 22, 2004, at 2:57 PM, Walter Souto R. Junior wrote:
I do fix my run file for smtp, but now I have a "501 malformed auth
input (#5.5.4)" using telnet. I'm also trying with Opera with plain,
auth and cram-md5 without success. My run file looks like:
Well, you
Jeremy,
It's a REALLY BAD IDEA to leave your system as an open relay. Please,
for the sake of yourself, and the rest of the internet, shut your open
relay down.
-Jeremy
Yes! I shut my open relay off. Now I do relay only for myself and my
clients. I figure out the problem with my run file for qma
On Sat, 23 Oct 2004 10:22:19 -0500, Jeremy Kitchen <[EMAIL PROTECTED]>
wrote:
On Fri, 2004-10-22 at 18:57 -0300, Walter Souto R. Junior wrote:
Thanks Tom and Jeremy,
I do fix my run file for smtp, but now I have a "501 malformed auth
input
(#5.5.4)" using telnet. I'm a
Perhaps the code could be split up into chkuser, which does its purpose
in
validating local recipients, and another patch that attempts to perform
some
checks on the envelope sender.
I agree with that. chkuser is great, but in some particular cases the only
desirable feature is to validating
oblem with
regsitro.br, so I apreciate any help.
Thanks in advance,
--
Walter Souto R. Junior
Bayweb Internet Consulting
Tel/Fax: +55 (21) 2226-3625
Celular: +55 (21) 9323-7283
Hi Jeremy,
try connecting to your smtp server with telnet or netcat or similar and
doing
this:
helo bob
mail from: [EMAIL PROTECTED]
rcpt to: [EMAIL PROTECTED]
rcpt to: [EMAIL PROTECTED]
rcpt to: [EMAIL PROTECTED]
etc, and see what happens.
Ok. Now I get confused... Look that:
Trying 127.0.0.1..
Hi Alex,
this error message is not in vanilla qmail. So I guess, you are using
some kind of badrcptto-patch (qregex?). Please show us this patch and
the contents of it's config file (control/badrcptto?)
I just look into it moments before I get your message. Yes I'm using some
kind of regex patch.
Hi Alex,
Drop or fix the first non-comment line. It does not work.
Explanation: Your regex.h does not support \W and \D (see regex(7), GNU
regex manual). That means, the regex code drops connections with
recipient domains containing uppercase W and D chars (see your example
smtp session).
Ok! Now I
Hi,
Today I start to get something like that in my qmail-smtpd log:
@4000425d5b4710447784 CHKUSER rejected rcpt: from <::> remote
unknown:128.241.88.105> rcpt <[EMAIL PROTECTED]> : not existing
recipient
@4000425d5b47106c75cc tcpserver: status: 3/20
@4000425d5ba019eb855c CHKUSER r
Ken,
Thanks for your help.
You probably are receiving a dictionary scan from infected PC's.
Be sure to use rblsmtpd against one or more of the good rbl sites.
I have tried this before write here. So maybe too much rbl's, look:
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTP
02.56.230.13
62.210.190.2
67.104.181.51
205.211.164.226
131.211.194.57
and so many others...
Multilog is rotating 1 Mb logs in a few minutes, but I get them all
blocked.
Thanks,
--
Walter Souto R. Junior
Bayweb Internet Consulting
Tel/Fax: +55 (21) 2226-3625
Celular: +55 (21) 9323-7283
Hi Tonix,
If remote user is sending using an authenticated SMTP session, you would
find his name within chkuser logging.
Look at these entries from my smtpd log:
@4000425d6a992de7abbc.s:@4000425d6a2c106b451c CHKUSER rejected
rcpt: from <::> remote rcpt
<[EMAIL PROTECTED]> : not exist
Rick,
Looks to me like someone used your domain(s) as the From address when
sending out spam, those messages bounced to who ever the sent them to
and now they are being returned (falsely, but what are you going to do
about faked From addresses).
Happens to us every so often as well, usually
Hi Rick,
I don't know what you can do. What you have done so far is block
legitimate email servers from sending your clients email, while reducing
your load, it is not a good practice. If you are going to do something
like that you might as well just turn off your mail server.
I totally agr
Hi Marco,
/usr/local/bin/rblsmtpd -b -C \
-r "list.dsbl.org:Your mail server is listed in DSBL list." \
-r "bl.spamcop.net:Your mail server is listed in Spamcop
blocklist." \
-r "relays.ordb.org:Your mail server is an OPEN RELAY (ORDB
list)." \
-r "sbl.spamhaus.o
21 matches
Mail list logo