On 10/21/2013 10:48 AM, Sam Clippinger wrote: > I have some good news and some bad news... > > The good news: spamdyke version 5.0.0 is done, tested and ready. The > biggest new feature is recipient validation -- spamdyke uses the qmail's > configuration files and duplicates qmail's logic to determine if an > address is valid, so there's no need to maintain a separate file of > valid addresses. The testing has taken forever to finish, but it's > finally done! > > The bad news: the recipient validation feature doesn't work, at least > not for me. Imagine my chagrin when I tried to install it on my own > server and every incoming message was rejected. I ran all of my unit > tests as root, but in the real world spamdyke runs as non-root. qmail > is very modular, which means the configuration files are owned by > different user(s) than the mail folders, which means no one non-root > user has access to all of the files needed to validate an address. I > tried changing the permissions on folders to allow access, but qmail > will only queue messages and won't deliver them when the permissions are > too loose. Running spamdyke as root would work, but I'm just not > comfortable recommending that as a solution. > > So, as soon as I finish wiping the egg off my face, I have another > solution in mind that should be pretty easy to implement. But first I > need a little help. I'd like to know how the file ownership and > permissions are setup on different qmail servers. My own server was > installed using the instructions from lifewithqmail.org > <http://lifewithqmail.org> and only root can see all the necessary files > for recipient validation. However, that may not be true for other > installations. So if a few of you are willing, could you send me an > email to let me know: > How your server was installed (QmailToaster, Plesk, lifewithqmail.org > <http://lifewithqmail.org>, qmailrocks.org <http://qmailrocks.org>, etc)? > In your /var/qmail/users/assign file, what UID and GID are given in > fields 3 & 4 and what username and group name do those map to? > The 5th field in /var/qmail/users/assign gives a folder path. What user > and group owns those folders and what permissions are set on those > folders (and the subfolders)? > There should be a system user named "alias" on your server. What > permissions are set on that user's home folder and the ".qmail" files > found there? > > Thanks so much (in advance) for your help! I was really really looking > forward to posting the new version today and I'm very disappointed I > can't do that. Needless to say, I'll be working on fixing this issue as > quickly as I can so I can roll out the new version ASAP. > > -- Sam Clippinger >
Interesting timing, Sam. I just finished coding a spamdyke rpm package (the first?) for spamdyke last night. It should be available on repoforge in the near future. I'm in the process of upgrading all of the QMailToaster packages for CentOS6, and spamdyke will be officially integrated with that release. FWIW, QMT will also have yum support (hopefully via repoforge), and dovecot on the back end of things. I'm presently in the midst of changing qmail-toaster so that it'll build as a non-root user (I recently completed doing this to vpopmail as well). BL, I'm already up to my waist in qmail users, so I *might* be of some help. :) 1) Installed with QMailToaster (of course!) 2) assign contains 89:89, which maps to vpopmail:vchkuser. 3) all are vpopmail:vchkpw 700. 4) # grep alias /etc/passwd alias:x:7790:2108:qmail alias:/var/qmail/alias:/sbin/nologin # ls -ld /var/qmail/alias drwxr-sr-x 2 alias qmail 4096 Aug 4 2012 /var/qmail/alias # ls -l /var/qmail/alias/.qmail* -rw-r--r-- 1 alias nofiles 34 Jan 8 2010 /var/qmail/alias/.qmail-mailer-daemon -rw-r--r-- 1 alias nofiles 34 Jan 8 2010 /var/qmail/alias/.qmail-postmaster -rw-r--r-- 1 alias nofiles 34 Jan 8 2010 /var/qmail/alias/.qmail-root (group 2107 is nofiles, 2108 is qmail) Are your messages not making to the queue? -rws--x--x 1 qmailq qmail 24776 Aug 4 2012 qmail-queue I ask because I would think that once they're in the queue, you'd be home free. If they're being rejected at smtp time, I wouldn't expect them to be making it to the queue. I'll be delving deeper into qmail later this week, and will post if any lights come on. Thanks Sam. -- -Eric 'shubes' _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
