No problems here, even with Google Cache.
FYI, what google cache shows is not a good indication of second opinion,
since what are you seeing there is mix up of actual page and cached page.
For the real cached page:
http://74.125.153.132/search?q=cache:81EvS442yJEJ:www.qmailtoaster.com/+qmai
Nugroho [mailto:a...@internux.co.id]
Enviado el: miércoles, 27 de mayo de 2009 10:43
Para: qmailtoaster-list@qmailtoaster.com
Asunto: Re: [qmailtoaster] qmailtoaster website
On Wednesday 27 May 2009 16:06:19 David Sánchez Martín wrote:
No problems here, even with Google Cache.
FYI, what
: qmailtoaster-list@qmailtoaster.com
Asunto: Re: [qmailtoaster] qmailtoaster website
Adi Nugroho wrote:
On Wednesday 27 May 2009 16:06:19 David Sánchez Martín wrote:
No problems here, even with Google Cache.
FYI, what google cache shows is not a good indication of second opinion,
since what
Hi list,
Is there a way to configure vpopmail to enforce password complexity,
expiry time and things like that?
I did not found anything, and I've suffered from easy guessable passwords
for my roaming users giving wrong-doers the ability to use me as a relay,
every now and then, and I'm
From:
http://wiki.qmailtoaster.com/index.php/FAQs#Alright_you.27ve_talked_me_into_
it.2C_how_do_I_install.3F
quote
Alright you've talked me into it, how do I install?
The first step is choosing a Linux distribution.
Check on the official web site for supported distros.
Further installation
Just a matter of curiosity,
Why 53 seconds?, why not 300 (5 minutes), since every mta I know retries in
more than 5 minutes ?
Did you use spamdyke for this?
The graylisting in spamdyke, afaik, acts only on e-mail addresses (the
From+To addresses), and not IP's, and I'm interested in knowing
Why 53 seconds? Because when you're blocked, you'll retry in 300
seconds. If greylisting was going to block any spam, it would
have done
so with a 2 second delay. And my users complain when mail is delayed.
A real MTA will retry in, at least, 300 sec.
A bot will retry as soon as
You asked for opinions, and this is mine.
Of course, I asked for opinions, specially because
I used not to be a big fan of graylisting.
Giving that spamdyke uses a slightly different approach to
Graylisting to that I knew, I thought it could be
interesting.
I hopefully give it a try.
For documentation purposes, specially for clues for future users hanging in
the same mistakes (as we all always do), it's interesting, in any case to
explain:
HOW you manage to solve the problem and,
WHICH was the cause.
Maybe in this problem is not relevant, but it will be great for all to
Hi list,
I used not to be a big fan of greylisting, given that it delays the
reception of legitimate mails, but given that spam is getting worst each
day, I want to try it.
Don't get me wrong, blacklists+spamassassin works certainly good but it
takes a lot of CPU.
Greylisting, if I do
Just upgraded with apparently no major issues.
Only the changelog of the RPM doesn't reflect the 0.95.1 version (if this
could be counted as an issue...)
Best regards and thank you again Jake.
---
David Sanchez Martin
Administrador de Sistemas
dsanc...@e2000.es
GPG Key ID: 0x37E7AC1F
E2000
Please upgrade Clamav to version 0.95.1 since there are two possibly
dangerous vulnerabilities in 0.95.0:
A denial of service (DoS):
Bugzilla Bug 1552
UPack crash with malformed file
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552
Another denial of service with a serious possibility of
clamav 0.95.1 has been placed on the main site. Please let me know if
you have any issues with the package. It has not been thoroughly tested
due to time constraints, so it is not included in the current.txt file
at this time. This means that qtp-newmodel, qtp-ami-up2date,
current-download,
Since nobody told me there was a new version, wait a couple days and
I'll have it on the main site.
Hi Jake,
You can allways be informed of new releases of clamav by subscribing:
http://lists.clamav.net/mailman/listinfo/clamav-announce
Traffic: Low (fewer than 1 msg per day)
Best
Well, I do not inform here about all Clamav updates, because:
- I don't want to bother anybody (like jake), who is using his own time for
helping us.
- I only report versions which correct known vulnerabilities, because, I
think, the community wants to be secure, or at least know how insecure it
Hi,
AFAIK, if this is not modified by a patch (which i really don't know),
the queue retry schedule is not configurable and it's quadratic.
It tries to send the message less and less often until it reaches
queuelifetime, then it's tried to be delivered again and generates a bounce
if this
I've received exactly 6 of Jon W. Myers RE: [qmailtoaster] moving domain
from old to new qmail toaster, too.
There are multiple threads in this list saying so. You are not alone.
Is a known bug, don't know when or if it will get fixed anytime soon, it's
not an special problem, at least for me,
Same here, but not with every single email, just with some of them and
usually only 2 copies.
De: Anil Aliyan [mailto:[EMAIL PROTECTED]
Enviado el: miércoles, 19 de noviembre de 2008 9:13
Para: qmailtoaster-list@qmailtoaster.com
Asunto: ***POSIBLE SPAM***
@qmailtoaster.com
Asunto: Re: [qmailtoaster] (another) Vulnerability in clamav
Thanks Erik,
you always provide a great support!
Kindly Regards,
Alberto.
Erik A. Espinoza ha scritto:
New clamav is released on the main page.
Erik
On Sun, Nov 16, 2008 at 11:58 PM, David Sánchez Martín
[EMAIL PROTECTED
Hi list,
For our own common interest:
http://www.securityfocus.com/bid/32207/discuss
ClamAV is prone to an off-by-one heap-based buffer-overflow vulnerability
because the application fails to perform adequate boundary checks on
user-supplied data.
Successfully exploiting this
Hi list:
There's a list of security problems with 0.92.1 in ClamAV [1], related to
compressed.
Three of them are considered critical (AFAIK: [2][3][4], and fixed on
ClamAV 0.93 [5].
Current clamav-toaster reads 0.92.1.
Should we worry?
References:
[1]
Hi Rich:
There's a nice set of scripts called QmailToaster-Plus that is pretty
popular (and VERY nice, also) around here.
There's an entry in the Wiki about the whole process:
http://wiki.qmailtoaster.com/index.php/Upgrading
In my case, though, i prefer to update package by package
So, this was apparently not true.
Still waiting.
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
|
David Sanchez Martin | [EMAIL PROTECTED]
Administrador de Sistemas| http://www.e2000.es
E2000
1: How do I turn this information into a *TIME* of attempted delivery.
Just pipe it thru tai64nlocal, like this:
cat mylogfile | tai64nlocal
2: The teacher says she never got the mail, how do I figure out what
happened to it?
You must search it in the correspondent /var/log/qmail/send/*
About domainkeys patch:
AFAIK i only had _unlogged_rejects_ (qq permanent errors) of accepting mail
and NOT silent deletions.
Sender should receive a nice mail rejection notice from qmail, and email is
not lost, just refused.
On the other hand, I truly think dk must be disabled, in a current
Hi Davide
I ask this question some time now in this very list :-)
See this thread
http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg08041.html
SPP is more a framework by itself than a patch.
Is very attractive to have a fw that makes easy to control the smtp session
without
Qmail-SPP have a great community writing plugins, that are more compatible
between them.
See, for example one of the battle-horses of this list, apply RBL
_only_if_not_authenticated_ , is resolved in one of the plugins of Roberto
Alsina's collection (http://ra-plugins.googlecode.com/)
Hi guys:
1 .- Is clamav-toaster-0.90-1.3.10 compatible with simscan-toaster-1.2-1.3.1
?
2 .- Is documentation of implementing the new SRS on the toaster available
somewhere? (an step by step guide will be cool)
Thanks!
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
Apart from deleting, is there any other way ?
Yep, you can do it temporarily:
svc -d /var/qmail/supervise/NAMEOFSERVICE
This will disable NAMEOFSERVICE temporarily
You can bring it up again with:
svc -u /var/qmail/supervise/NAMEOFSERVICE
See http://cr.yp.to/daemontools/svc.html
Hi:
Apparently, our toaster doesn't work well with BATV
http://mipassoc.org/batv/draft-levine-batv-03.html
BATV is used basically for avoiding fake bounces.
The sending SMTP server rewrites the mail from like this:
MAIL FROM: [EMAIL PROTECTED]
to
MAIL FROM: prvs=fred/[EMAIL PROTECTED]
I'm guessing that CHKUSER is rejecting it due to the '/'. I don't see where
a '/' is introduced into the MailFrom according to the BATV spec, but it's
possible that I'm missing something there.
If this is indeed your problem, you'll need to tell CHKUSER that '/' is
allowed. You'll need to
Hi:
AFAIK you can always use ulimit (http://www.ss64.com/bash/ulimit.html) or
softlimit (http://cr.yp.to/daemontools/softlimit.html) for CPU time used.
Using it as a filter:
For example:
In /var/qmail/supervise/spamd/run
From:
#!/bin/sh
exec /usr/bin/spamd -x -u vpopmail -s stderr 21
Hi Erol:
Since RBL blacklists are based on DNS you should seek for DNS queries and
responses.
Moreover, you should see DNS queries to your DNS cache server (that
configured in /etc/resolv.conf )
Since that tend to be very small and hideous UDP packets sended from your
server to your cache
Sánchez Martín [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
Maybe he doesn't need SMTPAUTH nor RELAYCLIENT, at least at por 25 (think of
of someone that completely implemented submission (587) port for his users).
Maybe he only wants external MTA to use port 25, not his own relay users
Maybe he doesn't need SMTPAUTH nor RELAYCLIENT, at least at por 25 (think of
of someone that completely implemented submission (587) port for his users).
Maybe he only wants external MTA to use port 25, not his own relay users.
The question about SMTPAUTH disabling:
I haven't tested it but
hotmail and rediffmail and I am
able to get those mails through the SPAM filter.
You can please try sending me a mail at [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] and check this.
Thanks,
Midhun
On 11/22/06, *David Sánchez Martín* [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote
, the following error was returned.
[EMAIL PROTECTED]: host X.X.X.X[X.X.X.X] said: 554 mail server
permanently rejected message (#5.3.0) (in reply to end of DATA
command) test mail
Thanks,
Midhun
On 11/20/06, *David Sánchez Martín * [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED
Sounds like domainkeys and/or SPF. Try disabling them (in tcp.smtp).
Yep, It looks like SPF and domainkeys issues, because he doesn't tell
about his spam box ;-) , but AFTER DATA?
If it's before data, it'd be SPF, since checking could be done then.
Not the case
If it's after data, it'd be
AFAIK you can limit also domain quotas (i don't use it) via vqadmin
http://YOUTOASTERIP/mail/vqadmin/toaster.vqadmin?nav=view_domaindname=THEDO
MAINYOUWANTTOLIMIT.COM.
Is up to the postmaster of whatever domain what he can do with that quota.
I don't use them, sorry
-Mensaje original-
De: Adam Cantwell [mailto:[EMAIL PROTECTED]
Enviado el: jueves, 16 de noviembre de 2006 12:48
Para: qmailtoaster-list@qmailtoaster.com
Asunto: Re: [qmailtoaster] qmailadmin quota management
David Sánchez Martín wrote:
AFAIK you can
Do a qmailctl cdb (for making sure you have a good simscan.cdb) then send
us the output of qmailctl stat
This happens with all e-mail?
Only with certain domains?
Did you modify something in /etc/mail/spamassassin/* ?
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
Certainy it should work great, but i don't like unassisted updates.
I don't want being woke up at 3 o'clock because out alert system a trivial
problem stopped the corporative mail system.
I thinks is good idea to retrieve source rpms, build the binary rpm's
nightly, and wait for the sysadmin
Certainy, out alert system, I thinks
BTW i'm not in drugs, just typed uncarefully :-D
-Mensaje original-
De: David Sánchez Martín [mailto:[EMAIL PROTECTED]
Enviado el: lunes, 13 de noviembre de 2006 18:11
Para: qmailtoaster-list@qmailtoaster.com
Asunto: RE: [qmailtoaster] upgrade
the script, automatically skipping over everything
that's already been done, and apply the update (which is done with a single
rpm -Uvh command btw).
You might want to give it a try! ;)
David Sánchez Martín wrote:
Certainy it should work great, but i don't like unassisted updates.
I don't want
This is because the limit of # of arguments in the command line
A better approach instead
sa-learn -spam *
Is a script snippet like this:
for file in *; do
sa-learn -spam $file
# And if you want to delete that spam email
rm -f $file
done
This is slower but will do circunvent
AFAIK whitelisting RBL should be used here
Rblstmtd (http://cr.yp.to/ucspi-tcp/rblsmtpd.html) accepts -b and -a
arguments
Rblsmtpd checks in sequence and when it gets a match, stops searching.
-a mens a whitelist, meaning that ip's in that list should be whitelisted
For example, say you want
Seguros |
|
Agustin Bravo Esquina Calle C|
33120 Pravia Asturias Spain |
|
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
-Mensaje original-
De: David Sánchez Martín
That's it and BTW you must look at qmailtap
http://wiki.qmailtoaster.com/index.php/Taps
And you can then make yourself a script running from a cronjob that checks
the space of the receiving mailbox.
Something like this (not tested):
#!/bin/bash
No security issues, just disabling MX check for
recipients affect your relay users.
This MX check IMHO__only__pretend__ to help YOUR
users don't make mistakes in domain part of the email address of the recipient,
when sending OUTSIDE your mailbox.
The real effect is that temporary DNS
Great!
I checked tcpblocker that does something similar (
http://www.inter7.com/?page=tcpblocker ) but it involves a cronjob and logs
(and a little change in source code to work with currrent toaster).
The approach of this patch seem really better.
Could you contribute your conf?
Or better
A better and straightforward solution for this kind of stuff is enabling
submission port (http://www.ietf.org/rfc/rfc2476.txt).
That won't let spammers or wrong doers pass, and your relay users won't be
blocked by a RBL anymore.
IMHO this is the simplest and safest way.
users
IOW, set up an additional SMTP process which doesn't use RBLs and listens on
whatever port, and have the roaming (or all) users use the whatever port?
Do we have a wiki TNT for that?
David Sánchez Martín wrote:
A better and straightforward solution for this kind of stuff is
enabling
Are you running any periodical (cron) sync or expire options with sa-learn?
Training mechanisms? I'm venturing to setup a setup within Horde/IMP so
users can flag spam/ham message to help train the database. But I'm still a
bit short in the know-how of executing scripts via valias (see my related
Busca en el manual de dot-qmail
Ya sabes:
man dot-qmail
Así
mismo, te recomiendo estas utilidades http://www.superscript.com/qtools/intro.html
Ah, por favor, escribe en ingles en la lista, o al menos incluye la
traduccion, o indica en el subject que hablas en castellano,
gracias.
ENG
Returned by spamassassin???
Ok, let's figure it out the problem:
The problem is one spammer sends you a forged From mail.
1.- If the mail From is not valid, is rejected by chkuser, no bounces
2.- If the mail Recipient is not a valid user on your mailserver is rejected
by chkuser, so no
Ok, i won't ask :-D
# ls -alh /home/vpopmail/.spamassassin/total
15Mdrwx-- 2 vpopmail vchkpw 4,0K nov 6 09:21
.drwx-- 10 vpopmail vchkpw 4,0K oct 17 10:05
..-rw--- 1 vpopmail vchkpw 10M nov 6 09:21
auto-whitelist-rw--- 1 vpopmail vchkpw 12K nov 6
09:21
Nope, i thought he was talking about update script
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
|
David Sanchez Martin | [EMAIL PROTECTED]
Administrador de Sistemas| http://www.e2000.es
E2000
Your keyboard stucks because they it like BIND, is a voodoo curse.
No offence.
Offence is getting 3 users without DNS
Thanks my ISP, thanks BIND
Thanks nic.es for getting .es domains out due an strange upgrade, thanks
BIND again
Serving authoritative responses is not the purpose of
Is a permission problem.
If you don't use shared maildirs ignore this.
I'm learning about shared maildirs with courier-imap, and this was fixed
simply letting vpopmail enter that directory.
This is the permissions of that directories
[EMAIL PROTECTED] ~]# ls -al /etc/courier/shared
total 20
use Qmail?
On 11/6/06, David Sánchez Martín [EMAIL PROTECTED] wrote:
Your keyboard stucks because they it like BIND, is a voodoo curse.
No offence.
Offence is getting 3 users without DNS
Thanks my ISP, thanks BIND
Thanks nic.es for getting .es domains out due an strange upgrade
BIND works in the hand of a skilled sysadmin. The config files are straight
forward and not very complicated.
A skilled sysadmin like you is not the common (i really mean it, NO
sarcasm).
But simple things, and doing one thing at a time and do it well is the motto
of UNIX, and it works.
Who
Erik Espinoza schrieb:
Wish I knew what could be wrong with the old install. I'm glad it's
fixed in the newer version. Have you thought about using the upgrade
script to upgrade?
Erik
yes.. i have thought about using the upgrade script, but can´t do that on a
business week. Have to wait
The times of the two first DNS resolvers are UNACEPTABLE
I tried doing telnet mail.wnx.com 25 and the first time take 15 seconds to
show me the helo message
I tried again and taked 1 second to show me the helo message.
First:
How busy is your box? Doing a top will show you some statistics
the difference
between logs output.
I think that my qmailctl restart did not really work as well as a
stop/start with a wait inbetween.
-MA
David Sánchez Martín wrote:
The times of the two first DNS resolvers are UNACEPTABLE
I tried doing telnet mail.wnx.com 25 and the first time take 15
Why disable?
If the secondary MX is a MX this SPF entry should work!
v=spf1 mx -all
(the -all entry means every mail from this domain is sended from that
servers, in this case MX)
Or your secondary MX does NAT or something like this?
Argument list too long means that * expands in too much
files.
If you use bash, create an script like
this
---cut
here---
#!/bin/bash
cd DIRECTORYWITHMAILS # The mailbox with
spam
for file in *; do
# Do here whatever you like to do with
That sounds like it's worth a try, but I kinda doubt that it'd be
effective.
spamd spawns the processes that actually do the spam checking (spamd
child), so those are the processes you'd really need to 'nice'. I
don't know if the children pick up the nice level of the parent or
not, or
I read something in this list about enabling submission port (as stated in
RFC 2476) in the toaster.
There's something about this in the toaster? ( or maybe i just dreamed of it
;-)
BTW, the message submission port is forced to be authenticated and with TLS
? (or it can be accomplished).
Hi Anatoly,
Only for your information, this is THE solution BUT as stated early on
this list ( ;- ) ) this CERTAINLY WILL LEAD YOU TO PROBLEMS (non-spam mail
getting rejected).
It is better to use maildrop as per user basis to put mails that
contain ***SPAM*** in the subject to a new
Craig I was able to put a dot on username both from qmailadmin and CLI
The only time i needed to use : was with .qmail aliases, for example
The file /home/vpopmail/domains/mydomain.com/.qmail-firstname:lastname
Makes an alias for [EMAIL PROTECTED]
-Mensaje original-
De: Craig
Which distro are you using?
RHEL4 here (rpm's build as if it would be CentOS 4)
BEGIN:VCARD
VERSION:2.1
N:Sánchez Martín;David
FN:[EMAIL PROTECTED] ([EMAIL PROTECTED])
ORG:E2000 Financial Investments, S.A.;Centro de Nuevas Tecnologías
TITLE:Administrador de Sistemas
TEL;WORK;VOICE:902196177
I thought for spamassassin you mus stop qmail and remove the package before
you rebuild/compile?
I do upgraded spamassassin-toaster without removing the old package.
The only thing i noticed is /etc/mail/spamassassin/* being rewrited so
you'll lost your custom configurations.
BEGIN:VCARD
Hi all!
Is there a easy way to limit bandwith of incoming (i don't intend to limit
my relay users, but it's not a bad idea) mail from SMTP?
Thanks in advance!
BEGIN:VCARD
VERSION:2.1
N:Sánchez Martín;David
FN:[EMAIL PROTECTED] ([EMAIL PROTECTED])
ORG:E2000 Financial Investments,
I was thinking about creating a script in php that would poll the
first account and copy to the 2nd when needed. But I figured there has
to be a better way or a pre-made util to do this?
I generally use a mail client, with rules (in my case, Apple Mail) to
perform such stuff, via IMAP).
74 matches
Mail list logo