[vchkpw] My excuses -- Multiple bounces for the same message
Hello, This weekend i have been having an issue with one of the MTA's that is a backup MX for my domain, it seems to have bounced every message addressed to me, more than once. I would like to apologize for the bounces you may have gotten to message you have posted to this list. J-W Regeer. smime.p7s Description: S/MIME cryptographic signature
Re: [vchkpw] vpopmail don't see users logging
On Jan 25, 2005, at 1:37 AM, nathanaël wrote: Hello, Please to be here... I've a standard Qmail installation - with QMR - and vpopmail as a popper. I've a domain and when I try to log with a [EMAIL PROTECTED] the AUTH failed saying bad password. I know passwd is ok. so what is the problem ? My best guess with the info you gave us? Your server hates you. X-Istence P.S. We need a lot more info, what does your pop3d run script look like for example? This message is authored under the license which can be found at http://x-istence.com/LICENSE smime.p7s Description: S/MIME cryptographic signature
Re: [vchkpw] multiple issues.....cannot get in!!
On Jan 20, 2005, at 2:57 PM, Bob Ababurko wrote: X-Istence wrote: On Jan 19, 2005, at 1:45 PM, Charles J. Boening wrote: How many messages does the user have? I have seen this error when there are thousands of messages in a user's Maildir. Charlie I agree with Charlie. Thing to do is set the DATALIMIT higher, it is because it is unable to use that amount of memory that is required to run through the entire directory structure. There is normally nothing wrong with the Maildir itself most of the time. J-W Regeer Is this synonomous with changing qmails softlimit via tcpserver? It is the softlimit that is causing it. Not vpopmail. vchkpw hands it off to qmail-pop3d, and it can not secure enough memory to process the Maildir. Ive put mine up higher, and it works perfectly again. J-W
Re: [vchkpw] multiple issues.....cannot get in!!
On Jan 19, 2005, at 1:45 PM, Charles J. Boening wrote: How many messages does the user have? I have seen this error when there are thousands of messages in a user's Maildir. Charlie I agree with Charlie. Thing to do is set the DATALIMIT higher, it is because it is unable to use that amount of memory that is required to run through the entire directory structure. There is normally nothing wrong with the Maildir itself most of the time. J-W Regeer
Re: [vchkpw] Problems to get e-mail when domain names are capitalized
On Jan 4, 2005, at 11:48 AM, Jeremy Kitchen wrote: On Tuesday 04 January 2005 09:13 am, Walter Souto R. Junior wrote: Hi, My regitrar always capitalize the name of domains for the contacts (e.g. name@DOMAIN.TLD and the messages he send to me never comes. I try to change the the e-mail and I get the message normally, but after the confirmation, the system of the registrar capitalizes the domain again... domains have no case sensitivity. DoMaIn.TlD is the same as domain.tld, DOMAIN.TLD, dOmAIN.tlD, etc. Technically, local parts can be case sensitive, but qmail converts all local parts to lowercase (as I believe most other UNIX mtas do as well). On a qmail system, LaRRY is the same as larry, lArRy, LarRy, etc, they're all delivered to 'larry' So if i have a user whose username is GlaanieBoy, he would not recv any email? Since he does not have email enabled on his account it is not a problem, but i am asking in case that is true, which would mean i could only create accounts with lowercase letters. -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] X-Istence
Re: [vchkpw] courier-imap
On Dec 7, 2004, at 12:43 PM, Oden Eriksson wrote: fredag 03 december 2004 21.27 skrev Tom Collins: Is it possible to configure kmail to not keep a persistent IMAP connection? Can you add a bogus POP account to kmail so it's popping into the server every 15 minutes? It's not persistent. As a work around I guess I could pop it now and then to still be a relay client. Maybe it's just kmail that sucks and I'm barking at the wrong tree. No one here uses this combo? -- Regards // Oden Eriksson Well, most people that are using Kmail plus courier use SMTP auth. X-Istence
Re: [vchkpw] vdelivermail, user quotas and the maildirsize file
On Dec 3, 2004, at 7:24 PM, Tom Collins wrote: I don't know. I've only started to look into the mail quota code. I may pull fresh code from the most recent Courier-IMAP (original source of most of the code) and make sure that I spend as little time with the file open as necessary. I think that vdelivermail will open it for exclusive write access and then append the new size. I have no idea how it will behave if multiple processes want to append to it at the same time. It may be difficult, but I guess I could write a shell script that attempts to deliver two very large emails simultaneously. I could also add an artificial delay in vdelivermail so it keeps the file open longer than necessary in order to force one process to wait for write access. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/ How about locking the file from reading and writing until the writing task is complete, that way there should never be an inconsistent moment, unless off course two vdelivermails try to grab the file lock at the same time, and kernel both grants them (Happened to me on BSD 4.2, was solved in a later version). So that should never happen. If you make the time spent with the file as little as possible, then there should be no slowdown at all. X-Istence
Re: [vchkpw] courier-imap
On Dec 3, 2004, at 2:42 PM, Oden Eriksson wrote: Thanks Jeremy, but smtp auth isn't the answer I was looking for. I know mr. sam and some other profilic people in this sphere thinks pop-before-smtp is dead, is silly and obsolete, but I can say it isn't. The question still, is how to make this work, not to make me start using smtp auth. If was really smart I would stop using an utterly dead (not developed since 1998), and unsupported software like qmail is and use _any_ of the others that is still alive, supported, developed and in much wider use. I bet that's not something you wanted to hear... -- Regards // Oden Eriksson Ohhh, that is music to my ears. Hell, switch to postfix, but please don't come crawling back when you have to use smtp auth as they offer not alternative, or make it hard to use an alternative. Or switch to exim, where smtp auth is almost a necessity, unless off course you can add your IP to the allowed to relay, in which case you need to find out how to do that with vpopmail's relay mechanism and not worry about popping in before sending mail. Say, should I recommend sendmail as well? :P. X-Istence
Re: [vchkpw] vchkpw authentication fails
On Nov 30, 2004, at 11:49 AM, Rainer Duffner wrote: John Berliner wrote: In the kernel, is UFS_DIRHASH enabled, or whatever the option is? This caused a lot of trouble on another server i admin, where it would be so slow, that at times login sporadically failed. It is enabled by default, and it would be stupid to have been removed, but you never know. Hm...I'm pretty new to BSD (more used to Linux) so I'm not sure how to discover kernel compile options...but AFAIK the guy who set all this stuff up just used a generic 4.6 kernel config. The FreeBSD handbook and FAQ (directly linked from http://www.freebsd.org) makes an excellent reading and goes to great lengths explaining the details, which in the end boils down to editing one file and executing a handful of commands (in the right sequence. The UFS_DIRHASH options is - TTBOMK - only useful when creating new filesystems. It doesn't have any effect later-on. Well, shouldn't. ;-) UFS_DIRHASH was introduced with or post-RELENG_4_6, IIRC, together with making softupdates the default at installtime Did not know this. Stepped into freeBSD from Linux in RELENG_4_6_2, and then did a reinstall for RELENG_4_7. If anything see if it is possible to at least upgrade to the last 4.10 version, as there have been a lot of overall improvements (This is off topic BTW) Yeah, that's on my overly long to-do list. It should be on top. ;-) 4.6 contains numerous vulnerabilites and is no longer supported. Looking at it, it was released in June 2002 - that's a long time in FreeBSD-land. If you have a test-machine, you can try going from 4.6 to 4.10 directly via cvsup. Otherwhise, I'm not 100%sure if going straight from 4.6 to 4.10 works (it should, but the devil is a squirrel, as we say here around) - read /usr/src/UPDATING for more information. I suggest a clean reinstall, if you pick RELENG_4_10, it will be a clean start, as there are a ton of old libraries that are in RELENG_4_6. Personally i suggest RELENG_5_3 though, has given me a more stable system, that is far more responsive, but i guess it is personal choice. Also, when you manually auth using pop3: telnet localhost 110 user username pass password list What is the output? (Please truncate, if the user has a ton of emails, we don't need the entire list) Or does it die saying can't scan maildir? per my earlier post, it dies with the Maildir scan ERR. Does this only happen for his account, yes and have you tried to mv the Maildir,and then /var/qmail/bin/maildirmake Maildir in the same dir, then chowning it to the right user and then trying to login again to see if it succeeds then? I didn't try that, but when I do, it authenticates correctly. This is good. So now: I read somewhere that it's not a great idea to manipulate the queues directly; what's the consensus? Can I not just move the messages back into the appropriate directories in the new Maildir I just created? The queue is in /var/qmail/queue and it *is* a bad idea to manipulate it directly (unless You Know What You Are Doing (TM). But what you're manipulating here is the maildir. If you shut down qmail while you move the mail to the old place, you are 100% safe. As it crashes with POP, the error should be in the top-level maildirectory somewhere, I assume. If you're bored, you can truss -p the process after you connected with telnet and before you authenticated ;-) I did that when i had the same problem, and did not find anything. It seems to happen when some message is screwed up in some way. But this user i was tryingt it out on had over 60,000 emails, so finding the culprit woulda been painfull. If you have further ambitions with your Qmail-installation, you might want to check-out Matt Simerson's Qmail-FreeBSD-Toaster at http://www.tnpi.biz. Though it's geared towards ISPs, it does also work very nicely for smaller installations. Shameless plug url:http://bsdguides.org/guides/freebsd/mailserver/ qmail+vpopmail+qmailadmin.php. Guide was written by me, site owned by a friend of mine. It is geared to using the FreeBSD ports tree to make install easier. And includes all the standard stuff you would want (imap, pop3, sa, qmailadmin, qmail, vpopmail) cheers, Rainer Good luck with your install. X-Istence
Re: [vchkpw] incorrect usage reporting
On Nov 30, 2004, at 11:43 AM, Tom Collins wrote: On Nov 30, 2004, at 5:48 AM, Gajen Anandamuruga wrote: I tried sending few mails to that account .The usage increase from that 15% to above. When I delete the mails still the usage shows 15% and not 0%. Even some other email accounts which were working properly now started showing usage 16% even if I delete all mails. If I create a new email account that usage shows as 0% and even after I delete all mails it correctly shows 0%. This problem started happening for already existing accounts. Please help if anyone had the similar problem? Delete your maildirsize files and they'll get recreated with correct values. cd to the domain of your choice, and then run: find . -name maildirsize -delete That will delete all the maildirsize files it finds. Run it without the -delete if you just want to see a list of what it would delete if you would add the -delete. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/ X-Istence
Re: [vchkpw] killed email
On Nov 29, 2004, at 3:57 PM, Jeremy Kitchen wrote: I had to kill this mail... 2.5MB email to the vchkpw mailing list (over 1100 subscribers) kills our puny 400kbit upstream :( Please don't send such large messages to the list.. it's much better to put them up on a website or something and pass out the url. Some of you may have gotten the message, but the rest won't, I had to kill it. Thanks :) -Jeremy What email would this be? you did not put in a header, or a title, or is the title of the origional mail killed email? X-Istence
Re: [vchkpw] vchkpw authentication fails
On Nov 29, 2004, at 6:33 PM, John Berliner wrote: I am a web and application developer who has inherited sysadmin duties for our school's servers. Thus I'm basically a novice. I have scoured the web and mailing lists for clues to solving my problem here, but no luck. So here goes: Our mail services are all working fine, with the exception of a single user (the heaviest mail user, by far) who has previously had intermittent issues with POPping mail. Now it very rarely succeeds -- and currently, does not succeed at all -- in picking up mail. Using any POP client, we get authentication errors (vchkpw: password fail in maillog). We are running vpopmail 5.2.1 + qmail 1.03 on a FreeBSD 4.6 server. No imap. No inetd/ xinetd, just tcpserver + daemontools... In the kernel, is UFS_DIRHASH enabled, or whatever the option is? This caused a lot of trouble on another server i admin, where it would be so slow, that at times login sporadically failed. It is enabled by default, and it would be stupid to have been removed, but you never know. If anything see if it is possible to at least upgrade to the last 4.10 version, as there have been a lot of overall improvements (This is off topic BTW) Thanks in advance, John Berliner Live Oak School Also, when you manually auth using pop3: telnet localhost 110 user username pass password list What is the output? (Please truncate, if the user has a ton of emails, we don't need the entire list) Or does it die saying can't scan maildir? Does this only happen for his account, and have you tried to mv the Maildir,and then /var/qmail/bin/maildirmake Maildir in the same dir, then chowning it to the right user and then trying to login again to see if it succeeds then? X-Istence
Re: [vchkpw] Fields' use?
On Nov 20, 2004, at 1:17 AM, Tom Collins wrote: On Nov 19, 2004, at 6:33 PM, shadowplay.net wrote: um.. the uid and gid are used on a unix file systems to identify permission levels of access to files and directories. they allow an administrator to compartementalize access on a *nix box. they are closely tied with the applications chmod chown and chgrp. Perhaps you should have read the rest of this thread before posting. In the case of vpopmail, the fields are called pw_uid and pw_gid but they are used for other purposes. We had considered renaming pw_gid to pw_flags, but as Ken pointed out previously, there's too much code that refers to the field by its old name, pw_gid. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/ Can't we make both point to the same location in memory? Yet have them behave the same way? If the change were done in a major revision, then people might accept it. Once you know what it does, it does not seem to be a logic name for the variable, but you get used to it. X-Istence
Re: [vchkpw] Fields' use?
On Nov 18, 2004, at 3:44 PM, Matthew Walker wrote: What are the pw_uid and pw_gid fields in the user info actually used for? I did a quick read through the docs, and couldn't find any information about what they do other than the fact that they're the user id and group id. Matthew They are named to confuse people. :P Actually i have no clue, but there should be some documentation on them, and they should possible be renamed to something more suiting for the task they are doing or being used for. X-Istence
Re: [vchkpw] vchkpw segfault with smtp auth on amd64
On Nov 16, 2004, at 5:28 PM, Martin Kos wrote: hi i've done a fresh qmail/vpopmail installation on a debian amd64 port. everything seems to work just fine, except the smtp auth. sending an email without smtp auth works just fine. but if i try it with smtp auth i get the following in my logs: kernel: vchkpw[28473] segfault at rip rsp 007fbab0 error 14 the only thing that i have found on the net is the following: http://archives.neohapsis.com/archives/openbsd/2004-05/1814.html i'm not sure if it is really a vpopmail problem. perhaps somebody has already had the same problem? i've tried with disalbing the -02 in the CFLAGS but that does not help. compiling vpopmail with gcc 3.4 was the same thing :-( greets KoS I was trying to trouble shoot this with an AMD 64 server, but was unable to find the culprit, since then we just grabbed a 32 bit old P3, and put that up as our mail gateway with SMTP auth, and all works well again. It would seem that the data that qmail-smtpd sends is not correct, for some reason it sends incorrect base64 decoded information. Best way to test it that i have done is use strace: telnet localhost 25 in another terminal: ps aux | grep qmail-smtpd look for the qmail-smtpd which is not tcpserver, and then use strace to hook onto its PID. Then in the telnet window send the commands to the server until it says auth failed, in which case you just QUIT and then grab the strace output. X-Istence
Re: [vchkpw] .quotawarn.msg header issue
On Nov 14, 2004, at 11:46 PM, Tom Collins wrote: On Nov 14, 2004, at 5:58 PM, Michael Bowe wrote: In the headers of the overquota warning, the Return-Path: is set to email address of the person who sent the message that caused the overquota warning to be generated. I dont know if this is really the desirable result. Probably would be better not having this field generated at all ? I've got a new version of vdelivermail that I'm planning to roll out in a vpopmail beta. I'll change it so it uses a different Return-Path than that of the original sender. Unless I hear otherwise from others, I'll just leave it out -- if someone wanted to include it, they could manually add it to the overquota warning file. How about just [EMAIL PROTECTED] ? That would let the postmaster know about the full mail box, if the message bounces, and also then gives the postmaster the choice of acting upon it. If my logic is flawed, i apologize, it is late, and i need sleep :P X-Istence
[vchkpw] Message pasted on top of message.
Hello, I would like to excuse myself for cross posting, but i thought it would be important enough, as it pertains to both devel and the normal mailling list. I have a .qmail file like this one: /* Yes, i did change my email address. For obvious reasons. I get enough spam allready */ [EMAIL PROTECTED]:/usr/local/vpopmail/domains/osnn.net/xistence] # cat .qmail xistence [at] x-istence.com /usr/local/vpopmail/domains/osnn.net/xistence/Maildir/ That is what qmailadmin created when i told it to forward it to another email account, and save a local copy. Well, the forwarding works perfectly, but the mail stored in the Maildir looks like this: Return-Path: xistence [at] x-istence.com Delivered-To: xistence [at] osnn.net Received: (qmail 47604 invoked by uid 0); 11 Nov 2004 21:26:48 - Received: from unknown (HELO mail.spammers-paradise.com) (67.19.228.228) by slate.osnn.net with SMTP; 11 Nov 2004 21:26:48 - Received: (qmail 52586 invoked by uid 0); 11 Nov 2004 21:14:19 - Received: from unknown (HELO Breached.X-Istence.com) (67.84.194.214) by sedated.spammers-paradise.com with SMTP; 11 Nov 2004 21:14:19 - Received: (qmail 74339 invoked by uid 0); 11 Nov 2004 21:16:45 - Received: from unknown (HELO ?10.10.10.100?) (10.10.10.99) by Breached.X-Istence.com with SMTP; 11 Nov 2004 21:16:45 - Mime-Version: 1.0 (Apple Message framework v619) Content-Transfer-Encoding: 7bit Message-Id: [EMAIL PROTECTED] Content-Type: text/plain; charset=US-ASCII; format=flowed To: [EMAIL PROTECTED] From: X-Istence xistence [at] x-istence.com Subject: Can someone say mail loop? Date: Thu, 11 Nov 2004 16:16:50 -0500 X-Mailer: Apple Mail (2.619) Hello Test. Received: (qmail 47604 invoked by uid 0); 11 Nov 2004 21:26:48 - Received: from unknown (HELO mail.spammers-paradise.com) (67.19.228.228) by slate.osnn.net with SMTP; 11 Nov 2004 21:26:48 - Received: (qmail 52586 invoked by uid 0); 11 Nov 2004 21:14:19 - Received: from unknown (HELO Breached.X-Istence.com) (67.84.194.214) by sedated.spammers-paradise.com with SMTP; 11 Nov 2004 21:14:19 - Received: (qmail 74339 invoked by uid 0); 11 Nov 2004 21:16:45 - Received: from unknown (HELO ?10.10.10.100?) (10.10.10.99) by Breached.X-Istence.com with SMTP; 11 Nov 2004 21:16:45 - Mime-Version: 1.0 (Apple Message framework v619) Content-Transfer-Encoding: 7bit Message-Id: [EMAIL PROTECTED] Content-Type: text/plain; charset=US-ASCII; format=flowed To: [EMAIL PROTECTED] From: X-Istence xistence [at] x-istence.com Subject: Can someone say mail loop? Date: Thu, 11 Nov 2004 16:16:50 -0500 X-Mailer: Apple Mail (2.619) X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on slate.osnn.net X-Spam-Level: * X-Spam-Status: No, hits=1.6 required=5.0 tests=AWL autolearn=ham version=2.64 Hello Test. I have no clue where the error lies, and what i need to do to fix it, or if qmailadmin needs to be fixed, but it is causing quite a bit of problem. A client has his email set up like this as well, and he checks both accounts, unlike me who just did not notice the double message pasting stuff until pointed towards it. Where would i need to start looking for the error? X-Istence
Re: [vchkpw] Pop3 auth problems (vpopmail+mysql)
On Nov 10, 2004, at 12:17 PM, [EMAIL PROTECTED] wrote: New discovery: ... +OK [EMAIL PROTECTED] user [EMAIL PROTECTED] +OK pass 123 list ... This is interesting. It seems to not give you the +OK that it does when i telnet to my server and send it the same commands. have you applied any patches? X-Istence
Re: [vchkpw] MySql load causes bounced mail
On Oct 25, 2004, at 4:08 PM, tonix (Antonio Nati) wrote: At 22/10/2004 22/10/2004 -0400, you wrote: On Oct 22, 2004, at 8:13 AM, tonix (Antonio Nati) wrote: Any comment? Tonino Why is qMail calling _exit() and not exit()? Is there a reason it does not want its files closed, and other stuff properly cleaned up? Or is it because DJB is just not happy with using calls that are in the libc library and thus are not thread safe for the most part? Threads? I don't see where qmail is using threads... I know, i was just pointing out a useless fact i picked up while reading a book. Anyways, eventhough i do not agree with using #define's to override a function, i don't see it as a bad one necessarily, as it clears up the entire MySQL mess. Funny, I'm checking my (chkuser) patch and I see also auth patch (Bill Shupp's toaster version) does the same thing (overriding _exit). I feel it could be time to redesign qmail and use atexit() functions. This could be a lengthy process. But if you are willing to undertake it, and write the patches for it, then it is certainly worth it. Tonino X-Istence
Re: [vchkpw] Archiving mail
On Oct 25, 2004, at 6:38 PM, aichains wrote: very interested. I am as well. Note for AIChains: Next time cut away all the crud that is not needed, in other words, pretty much the entire message, saves on bandwidth. Thanks. X-Istence
Re: [vchkpw] How can I identify a spammer?
On Oct 23, 2004, at 11:22 AM, Jeremy Kitchen wrote: On Fri, 2004-10-22 at 18:57 -0300, Walter Souto R. Junior wrote: Thanks Tom and Jeremy, I do fix my run file for smtp, but now I have a 501 malformed auth input (#5.5.4) using telnet. I'm also trying with Opera with plain, auth and cram-md5 without success. My run file looks like: #!/bin/sh LOCAL=`head -1 /var/qmail/control/me` QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` Can the qmaild user read your vpopmail information? I certainly hope not. This is why you are unabled to authenticate. Now, go fix this and disable your open relay. -Jeremy I agree with jeremy. I took the patch that vpopmail provides in its contrib dir, and made it one big rolled in one patch file, instead of seperate files. This patch requires no hostname in the qmail-smtpd run file; in your qmail source dir just do the following: wget http://www.bsdguides.org/downloads/freebsd/qmail-smtpd-auth.patch (It is used in a guide of mine, but it is for stock qmail) patch qmail-smtpd-auth.patch Then edit your qmail-smtpd run file to run it as A) root, or B) vpopmail (I personally do root, stops all the permissions crap from sneaking in), and then add ~vpopmail/bin/vchkpw /bin/true right after the call to qmail-smtpd. Don't add a hostname anywhere at all, and you are set. X-Istence
Re: [vchkpw] How can I identify a spammer?
On Oct 23, 2004, at 4:16 PM, Erwin Hoffmann wrote: This is a very old story. Pls. visit: http://www.fehcom.de/qmail/smtpauth.html Essentially, with all the disturbed discussion, I'ld like to conclude: - Putting the hostname in the call of qmail-smtpd for SMTP Authentication conforms to the use of qmail-popup/qmail-pop3f, however - forgetting the hostname in there leaves the SMTP server open, wheres - dropping the requirement for the hostname yields (in worst condition) an error message to the client. Thus, my implementation of the SMTP Authentication for Qmail (apart from the many bug-fixes) is fail save. As outlined, technically there is *NO* need to include a hostname in the call of the PAM; even not for qmail-popup - it's simply historic. regards. --eh. Hello, Just to let you know, i was just pointing the person to a patch that would do what they wanted without the hostname. I have visited your site before, and have read it's entire contents, and I know that you don't need the hostname. Also, the patch i described is part of the vpopmail distribution, and i was just presenting it in an alternate form. I am sorry if your message was towards someone else on the mailling list, but i am rather offended by the thought that you meant me, and thus thought that i did not have the knowledge that it is historic and not needed. J-W
Re: [vchkpw] MySql load causes bounced mail
On Oct 22, 2004, at 8:13 AM, tonix (Antonio Nati) wrote: Any comment? Tonino Why is qMail calling _exit() and not exit()? Is there a reason it does not want its files closed, and other stuff properly cleaned up? Or is it because DJB is just not happy with using calls that are in the libc library and thus are not thread safe for the most part? Anyways, eventhough i do not agree with using #define's to override a function, i don't see it as a bad one necessarily, as it clears up the entire MySQL mess. X-Istence
Re: [vchkpw] MySql load causes bounced mail
On Oct 21, 2004, at 3:09 PM, Tom Collins wrote: vdelivermail calls _exit() when running a command in a .qmail file (exit codes 99, 100 and 111). It should really be calling vexit() to give the MySQL lib a chance to close its connections. According to my book here, calling _exit() does not run any atexit() registered functions. This is also the only reason it is async safe, and thus also safe to use when you are in a signal handler. Whereas exit() does call the atexit() registered functions, and thus is not async safe. X-Istence
Re: [vchkpw] chkuser 2.0
On Oct 19, 2004, at 11:14 PM, Charles Sprickman wrote: While it's apparently not fatal to not properly close the mysql connection, I suspect that it's adversely affecting performance. Well, the connection will remain open till MySQL notices the connection is closed. We had this with several C programs a while back. Since the connection is still open according to MySQL its connection limit could be reached, and would start dropping new connections to it.
Re: [vchkpw] /home/vpopmail/etc/tcp.smtp.cdb keeps being rebuild
On Sep 13, 2004, at 11:09 AM, Miolinux wrote: Ken Jones wrote: On Monday 13 September 2004 09:08 am, Miolinux wrote: Probably because --enable-roaming-users tells vpopmail to rebuild the tcp.smtp.cdb file after each pop connection. Ken Jones But if i set --disable-roaming-user the sql table doesn't get updated. How can i tell vpopmail to update ONLY mysql table after a user pop in? Thanks It sounds like a patch needs to be written for it. But what you are doing is highly uncommon (In my judgement), so i think it was just something that was overlooked. I will see if i can get something done tommorow. X-Istence
Re: [vchkpw] Re: un-subscribe
On Sep 9, 2004, at 2:14 AM, Jeremy Kitchen wrote: I've always been a fan of having an internet license where you can't get an ISP without taking a short class on common sense and safe internet practices :) I guess not everyone can be helped. An ISP in europe will sell you internet that is firewalled, and the only way to open a port up is to call tech support and get one of the guys on the phone, explain why you need the port open (Enough ports are open for normal day to day stuff), and answer a few questions. So if you answer the questions wrong, you will not have the port opened. So a lot of home servers can be run on that without fear because you know that the owners have at least answered enough questions right that they know how to run the particular server (For instance, mail, or HTTPD). On their IP block, there is no damage done yet cause of spamming. And any PC's that are spamming, even with the port closed, get their internet taken away until they fix the problem, or decide to switch ISP. They offer tech support (walk in) for $50 (one time) and they fix whatever the problem was, and reactivate your internet :). Pretty cool actually. Wish i could remember the name, read about it in the Financiale Telegraaf (Dutch newspaper about finances). -Jeremy X-Istence
Re: [vchkpw] Re: un-subscribe
On Sep 8, 2004, at 8:43 PM, Rainer Duffner wrote: Am Do, den 09.09.2004 schrieb Jeremy Kitchen um 0:50: On Wednesday 08 September 2004 04:44 pm, Kirti S. Bajwa wrote: [EMAIL PROTECTED] please stop this madness. read the headers of every message sent to you by the mailing list to figure out how to unsubscribe. You'd think that people subscribing to a list about a mailserver-management software would know how to read (let alone find) a header. But the last time someone posted the above advice, the person in question promptly asked how to find the header... It should be obvious though, unless they use Outhouse or any of its variants. It scares me to think that these people might actually run a mailserver. Gives a whole new meaning to the joke about on the internet, nobody knows you're a dog, doesn't it ? Scary indeed. Perhaps you could implement a filter that directs people wanting subscribe with Outlook-clients to a web-page describing how to view the header in various Outlook-variants. Then, before the subscription is approved, they have to fill out a little multiple choice test I think this would be a great idea. The multiple choice test would weed out all people needing support in the first place, so we would have nothing to do :) :P. Just kidding, but yes, i think it would be good to have like a small entrance exam. Rainer -- === ~ Rainer Duffner - [EMAIL PROTECTED] ~ ~ Freising - Munich - Germany ~ ~Unix - Linux - BSD - OpenSource - Security ~ ~ http://www.ultra-secure.de/~rainer/pubkey.pgp ~ ===
Re: [vchkpw] mail server on the loose!
On Aug 29, 2004, at 1:23 PM, Jeremy Kitchen wrote: If you get this message before I shut the mail server down, consider yourself lucky :) Our mail server will be down for about 3 hours as I drive it across Illinois. Our website will still be available, but our mail server won't. So long as traffic isn't horrible, it should be back up in about 3-4 hours. Sorry for any inconvenience :) -Jeremy Inter7 Internet Technologies, Inc. I am lucky! :P Err, well i think so anyways. I hope the move went without a lot of trouble :) X-Istence
Re: [vchkpw] spamassassin errors using vpopmail (vuserinfo)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Charles M. Gerungan wrote: What's going on? This appears in my spamd log while processing a single message: 2004-06-22 00:06:14.621893500 clean message (0.8/5.0) for (unknown):89 in 0.5 seconds, 823 bytes. That is what causes it. since it does not pass vuserinfo a proper username, it can do nothing. Which is why you get the error messages you are getting. What i found is that if i give vpopmail a shell (/bin/sh), all works perfectly and i have no problems what so ever. (This is on FreeBSD 4.10) So i don't know where the problem lies, but i know it fixed it for me. See if that works for you :). X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFA14QEJukONu5DUaQRAl/yAJ97vC2itMfQKmXn65ukfSXteWpeigCfbsxZ CEOEhjHI8yyA1uDxht9oVwk= =FZ1i -END PGP SIGNATURE-
Re: [vchkpw] spamassassin errors using vpopmail (vuserinfo)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Charles M. Gerungan wrote: Hello X-Istence, On Mon, 21 Jun 2004 20:57:40 -0400 X-Istence wrote: XI What i found is that if i give vpopmail a shell (/bin/sh), all works XI perfectly and i have no problems what so ever. (This is on FreeBSD 4.10) Which makes me wonder. How do you invoke spamd? (I'll show you mine if you'll show me yours :) [EMAIL PROTECTED] /usr/local/etc/svc.d/spamd # cat run #!/bin/sh exec /usr/local/bin/spamd -m 20 -a -H -v -u vpopmail -s stderr 21 mkdir /var/spamd-service cd /var/spamd-service echo #\!/bin/sh run echo exec /usr/local/bin/spamd -a -c -m 20 -v -u vpopmail run chmod +x run mkdir log cd log cat EOF run #!/bin/sh exec setuidgid qmaill \ multilog \ t \ ./main EOF chmod +x run mkdir main chown qmaill:qmail main chmod +s main :) X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFA15lZJukONu5DUaQRAuiVAJ4pb17GrG5e0JPrSsLnYIThyddLMACeMFjH dadvVPXbhepZx3IEACoauRk= =klcv -END PGP SIGNATURE-
Re: [vchkpw] Sort of skel files for maildrop
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Charles M. Gerungan wrote: I've followed the instructions w.r.t. maildrop and vpopmail according to Johan Almqvist[1] and it's working as expected. Is it possible to have vpopmail create the required files -- MAILDIRFILTER, MAILDIR and the adopted .qmail file -- automatically upon creation of a new virtual use, like skel files for the shell? [1] http://www.almqvist.net/johan/qmail/vpopmail+maildrop.html Not yet, there might be a patch for it in cvs at sourceforge, if there is not, this would certainly be a good feature. There was a thread a long time ago about this, but the author never replied again when asked to update his code, so that it would work better. X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAz5gmJukONu5DUaQRAj+2AKCNad0nHZngnXbaaaly7drJ50Wd6ACfUbIw dmlGDdpaqAtLtq9aUwFmnP4= =uzdC -END PGP SIGNATURE-
Re: [vchkpw] dot qmail processing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rick Widmer wrote: Paul Oehler wrote: It's in the qmail docs. man dot-qmail It isn't in there explicitly, but it says that lines starting with # are ignored, and that qmail-local will only process .qmail files that aren't empty. Is this how qmailadmin creates a blackhole e-mail address? I don't think there is a way to create a blackhole address within qmailadmin yet, but I plan to use it in the version I am working on. I don't know where you get your info, but qmailadmin certainly does. Breached# cat .qmail |/usr/bin/true delete Breached# pwd /usr/storage/mail/x-istence.com/blackhole/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAy1+nJukONu5DUaQRAvWIAJ9dQMZP9tbN8T911jTbCSV0wBaeDgCeMDqc 5qaAs+W2CpZQmWsoijFpRf4= =ag+u -END PGP SIGNATURE-
Re: [vchkpw] dot qmail processing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tom Collins wrote: On Jun 9, 2004, at 5:46 PM, Paul Oehler wrote: Out of curiosity, is this a documented feature? I don't remember ever reading this anywhere. It's in the qmail docs. man dot-qmail It isn't in there explicitly, but it says that lines starting with # are ignored, and that qmail-local will only process .qmail files that aren't empty. Bug and feature :P -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/ X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAyl2iJukONu5DUaQRAgroAKCMgD0SYqrXL4s7phNRA1lhJx/q4wCfTKMe mG+/NcFhgkmm7uH5FC8VdPs= =rmst -END PGP SIGNATURE-
Re: [vchkpw] For X-Istence (was webmail)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jeremy Kitchen wrote: On Thursday 03 June 2004 09:31 pm, Troy E Bouchard wrote: True, he never asked ... but I was trying to be helpful ... your reply wasn't ... No not a shameless plug ... a helpful suggestion. That's fine. VPOP3 has a webmail server with it. That is why I replied the way I did. what's this vpop3 and what webmail server are you speaking of? -Jeremy Go to the site he is speaking off, and you can find: Our VPOP3 suite of software provides an extensive range of facilities for sending, receiving and handling Internet and Internal email on your company network. Addins are also available for network faxing, virus scanning, etc - http://www.pscs.co.uk/ X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAwE9DJukONu5DUaQRAkNNAKCHEiq0AcoX0qrbg7hKpLbfC5fImQCgjbaq RJ2AC346itDARB//tgdXyik= =W6hd -END PGP SIGNATURE-
Re: [vchkpw] For X-Istence (was webmail)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Troy E Bouchard wrote: True, he never asked ... but I was trying to be helpful ... your reply wasn't ... No not a shameless plug ... a helpful suggestion. My reply was just pointing out the obvious. That there is no point in telling someone to use a different product when they obviously want help with another. Take it or leave it. VPOP3 has a webmail server with it. That is why I replied the way I did. POP3 is a protocol, which is what qmail-pop3d does. He was asking if there was some way to use this protocol instead of imap for squirelmail. If VPOP3 is a totally different product not related to vpopmail, then there was no point reply with what you did reply, considering the fact he wants to use squirelmail with vpopmail, and not install a totally different product. I will say no more. HOIT! TroyB On Thu, 2004-06-03 at 18:46, X-Istence wrote: Troy E Bouchard wrote: If you want to use a Windows Box point yourself to http://www.pscs.co.uk/ Shameless plug? Even then he never asked to use a Windows server, so there is absolutely no need for this link. X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAv+CVJukONu5DUaQRAsLWAJ0QScAsNP0KGGotJqbbLmsYe1vhYwCfboVw 98nUj/NMikkXcr+qy7BDRJc= =ysIn -END PGP SIGNATURE-
Re: [vchkpw] Change passwd howto
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rick Widmer wrote: snip I'm not sure what thread you are looking at, but considering that I wrote all the PHP code on http://pmailadmin.sourceforge.net/, more than doubled the size of the code in the vpopmail extension for PHP, and have patches in vpopmail and qmail admin, I think I have some idea which code does what. :) My bad. It's in that thread where we discussed the PHP extensions and how it could be improved. I remember you or someone else saying that the functions that would be added to the php extensions would in fact just be wrapper functions for the deamon so that there is no hassle with that. My memory has failed me, time for me to go search for the thread, and reread it. snip Cool! Just because it works on my machine doesn't mean its done. Let me know what happens... Since I am the last one to touch much of the code in vpopmail and qmailadmin, [1] I should probably be the first to look at the problems. sigh... That discussion should probably be on the SourceFORGE vpopmail-devel list. Thanks for reminding me, i need to signup for that list. http://lists.sourceforge.net/mailman/listinfo/vpopmail-devel Rick [1] This refers to the CVS versions only. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAv/khJukONu5DUaQRAnveAJ9YMmKAknWySrbKsdANyfmHP3L1+gCglV+4 PcGJCK6OMbn+yvvLfubz3qc= =1h0T -END PGP SIGNATURE-
Re: [vchkpw] Quota is not working
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joao Rechena wrote: Greetings, I have several accounts on one domain, every one with quota and working fine, but I have this mailbox that the quota is not working, it stayed on the 48% of usage and the mail keeps increasing, the quota is 50MB and it already goes on the 100MB Did anyone had this problem before ? Thank you for your help. Vpopmail version 5.2.2 -- Joao Rechena mailto:[EMAIL PROTECTED] http://ispower.org = Have no phear I is here Try removing the quota file for the user, and then sending it a mail and see if it is updated. If it is, then there you go, if not, then i have no clue. I do know for a fact though that quota has never really worked on any of the servers i used it on, so instead i enforce file system quota's. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAv/mPJukONu5DUaQRAlJKAJ9nXX41TloQQ3OwA2OV0Lr7JA9AAACfapFE bHKhnrI4tfNHvkeT2aqqKTQ= =LdZv -END PGP SIGNATURE-
Re: [vchkpw] Unable_to_run_/bin/sh
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bill Gradwohl wrote: I've installed qmail and vpopmail on 2 different test boxes. One is working just fine and the other is giving me the Unable_to_run_/bin/sh message in /var/log/qmail-send/current. I believe its vdelivermail that's doing it, but I don't know why it works on one box and not the other. I'm running vpopmail V 5.4.0, on Fedora Core 2 on both boxes. I've checked the archives and I can su vpopmail -c '/bin/sh' so the archive suggestions don't seem to apply. What am I missing? Check that the shell you have for the vpopmail user is valid and working. If it is not, that would be your problem. If a shell is properly set (grep -i vpopmail /etc/passwd) then check that the shell really exists: ls -al /path/to/shell If need be, fix it up, and go on with life. J-W -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAvq7oJukONu5DUaQRAuP/AJ4vO1/s70T1qDPrDfpmTZGvxCYcfwCcCdjx Aehf+YrTAfeeZMbrCEanOls= =5C1o -END PGP SIGNATURE-
Re: [vchkpw] ip After Email
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 zafar wrote: Hi All I already Posted that Question but can't give any success of any replied message. Plz give me any solution of that problem. I am making a Application in .NEt in which i am using pop accounts from Qmail server. When i configure account for pop mail from Qmails. It gives me error in .NEt like that Socket Closed and on QMail server i am getting error in that format in the Maillog. Jun 1 07:18:07 mail1 vpopmail[28975]: vchkpw: password fail [EMAIL PROTECTED]:211.114.109.6 its adding Ip after email from where request is generating. How can i remove that ip after the email. Thats normal. It does it on all my servers as well. Have any person any idea of such kind of problem. with Regards ZAFAR X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAvSNEJukONu5DUaQRApDkAKCZvox4PW2LqrXuJ/UzG7VAJm6BfACeJTMN b0rPd/V1Nb2uzJFJc2WKjhU= =S2mx -END PGP SIGNATURE-
Re: [vchkpw] Roaming user don't work
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Franck wrote: snip But, in var/log/message, i've this : vpopmail[15499]: vchkpw-smtp: vpopmail user not found [EMAIL PROTECTED]:81.56.xxx.xx The login is not [EMAIL PROTECTED] ? It's only for pop before smtp ??? No, the login certainly is. It is just like loggin in to pop, except now you are loggin into SMTP to send an email. X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAvSPdJukONu5DUaQRAmKeAJsFnjcTgdAqUAWjtH4mkRaqcwWqBgCeLOF9 fSn/J4I3gkZo385tOg9BdHE= =ucOZ -END PGP SIGNATURE-
Re: [vchkpw] Change passwd howto
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jean Wainer wrote: snip There's a vpopmail plugin for squirrelmail. The only catch is that you have to run apache as vpopmail user. Thus giving anyone that has web access or is allowed to run PHP scripts on your server the allowance to play with vpopmail as much as they want. If this is just a webmail based server i do think it is okay, but if i were you i would still be worried. --Jw. Jan-Willem Regeer X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAuzNwJukONu5DUaQRAjYLAJ9vADfu7bWzPgf93nqJTXVUEbB44QCfT+XL ffzkcZCcwLLYdgdmtliHorQ= =TAZ6 -END PGP SIGNATURE-
Re: [vchkpw] Change passwd howto
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jean Wainer wrote: Thus giving anyone that has web access or is allowed to run PHP scripts on your server the allowance to play with vpopmail as much as they want. If this is just a webmail based server i do think it is okay, but if i were you i would still be worried. We are using it on one of our webmail servers, and since we have a lot of anti-spam and account management features which depend on the vpopmail user to be configured within the webmail, we have choosen to do that.. What i would suggest instead is to create a wrapper in C, that is set setuid to vpopmail instead, that way only vpasswd can be abused if there is a hole in some PHP script that is run on the server. Worst thing that can happen then is that your users passwords are changed, but that is still a lot of guess work. I personally would prefer to have just one function, than having Apache be able to access all the vpopmail functions. I'd rather not be in for a surprise that i am hosting a random domain without knowing it. --Jw. Jan-Willem Regeer So i'm not the only jw here, eh? Jean C. S. Wainer --Jw. Sorry :P Indeed you are not. Jan-Willem Regeer X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAuzkMJukONu5DUaQRAkWoAJ94TEs1Xa93Tup9zaBWtMjJvB3J6QCeLueo m6F7FXBPz+BDlZIzS0K5luk= =ieUi -END PGP SIGNATURE-
Re: [vchkpw] Change passwd howto
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rick Widmer wrote: X-Istence wrote: For cdb there are these things you can do. 1) Wait till the PHP extensions fully work and the vpopmail deamon that the PHP extensions use fully work First a little correction, the PHP extension and the vpopmail daemon are two different ways to do the same thing. The extension gives PHP direct access to the vpopmail library and should only be run in a closed environment because it trusts any PHP user. The daemon validates connections and limits access based on the current users' rights. Nope, last i checked the vpopmail extensions in PHP USE the vpopmail deamon and just make wrap around function for the sockets that need to be opened and validation of data. That is as far as i can read from the entire thread, but I am of course totally wrong. snip auth backends If I wasn't in the process of preparing for a release, I might consider putting it up on a live server, and intend to do so right after release. If you already run a recent version of vpopmail, you should be able to compile the daemon and run it alongside your existing mail system. I have no doubt you can use it for password changes on CDB very easily. I will have a server i can use for random tests up one of these days. You have to use the SourceFORGE CVS version from HEAD to get the daemon. http://sourceforge.net/projects/vpopmail/ Then look at the utilities and the daemon interface here: http://pmailadmin.sourceforge.net/ (If you are adventurous, install the whole thing from CVS and let us know how it goes... :) Yeah, was gonna do that on my new test server just for shits and giggles, ill let everyone know. X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAvAjuJukONu5DUaQRAs/AAJ4j65YgKyiS5AjNxcieNq3eDq2X1gCbBmHe OyThbzsVFZ5VDYMbJVnVf/8= =oVxz -END PGP SIGNATURE-
Re: [vchkpw] Change passwd howto
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Patrick Donker wrote: Guys, I use qmail + vpopmail + courier-imapd + squirrelmail. My question is; what would be the easiest way to inplement a change-password option in Squirrel? I have found a plugin, but that is based on pam, which I dont use. I need something that uses vchkpw. My guess is that somebody on this list has solved this already before, so, why not ask ;) ? -Patrick There is no need to post your question to the list twice, i am pretty sure we all read it, and even if we did not, then nobody knowns the answer. The easiest way? Well that all depends on how your vpopmail is setup. Do you use MySQL? cdb? PGSQL? These are all determining factors. For all of them there are different way's that it could be done. For the cdb based one it would be a bit harder, but i bet it could be done some way. Check out the new php module/vpopmail deamon method and see if that could be an option. So far, all I know of is that plugin that uses PAM. X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAue8JJukONu5DUaQRAipzAJ993eUizQU+FTDiJhthr1wjx+oVugCgnDPw Cy4e3bm3o62wLNvp/ZgO6wc= =MJ8r -END PGP SIGNATURE-
Re: [vchkpw] Change passwd howto
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Patrick Donker wrote: Sorry for my double post, but I didnt see my first posting on the list, so I thought something went wrong...my bad apparently... Anyhow, I dont use any database backend, just plain old cdb. I did find something, but for that I have to recompile imap again, so that will be something for another day. If I got things working I'll post the solution on this list. -Patrick That's okay. For cdb there are these things you can do. 1) Wait till the PHP extensions fully work and the vpopmail deamon that the PHP extensions use fully work 2) Set vpassword's setuid bit and have apache execute it as whatever user apache runs under (NOTE: INSECURE, AND ALLOWS ANY USER TO CHANGE ANY PASSWORD FOR ANY ACCOUNT UNDER ANY DOMAIN IN VPOPMAIL) 3) Write some wrapper around it, that first requires a username and password thru some method and making sure there is no way that this username and password can be found, and thus securely invoking vpasswd. 4) Using PAM authentication 5) Using MySQL/PGSQL instead of CDB. X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAup31JukONu5DUaQRAl3CAJ4+qxpee/thWeRMcMwILneks5xnEgCeMlrh aLpZhhHly3GW+HCWjWSs3hk= =DW52 -END PGP SIGNATURE-
Re: [vchkpw] Looking for patches
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bill Gradwohl wrote [At least in part]: snip Then I vdeluser deleted the testuser and the .qmail-testuser file was still there. Maybe I've got the .qmail file in the wrong place. ??? Both locations work. Should a user specific .qmail file be inside the domain directory or inside the users directory? It doesn't seem to matter, but have always made it a point to place them inside the users directory. If it's inside the users directory, then vdeluser will nuke it. If it has to be at the domain level, then it would be nice for vdeluser to nuke it since there isn't any other possible use for that file. For a workaround i would just suggest placing them in the users directory :). X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAup7pJukONu5DUaQRAigGAKCT6hbVhyylEfCjfyswF7NUnyTyowCcDKzo wsgGO2dziWuC6twkMoPRQLc= =/hY1 -END PGP SIGNATURE-
Re: [vchkpw] User is over quota (whithout beeing over quota)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Werner Amon wrote: Michael Bellears schrieb: My users are reporting me they are receiving a warning message that they are over their user quota, but they know they are not over quota. Which pop3 daemon do you use? If it is qmail-pop3d, have you patched it with the qmail-maildir++.patch from the contrib directory? By default it does not update the maildirsize file afaik. Werner I hate to do this, but did you even read the thread starters message? X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAuIxsJukONu5DUaQRAnwmAJ4q9AIotYjdKANNdwwZoQHWBsDEvACdFlFB OLjjooZ/ssXTUCCqh5DJpbo= =9mTC -END PGP SIGNATURE-
Re: [vchkpw] User is over quota (whithout beeing over quota)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: Hi guys, My users are reporting me they are receiving a warning message that they are over their user quota, but they know they are not over quota. Do note quote me on this, but i _believe_ the way to fix this is to remove the quota file, and it should be rebuild on the next delivery. Do you know some issue related to maildir quotas and vpopmail? Read the maillings list, it just doesnt work properly. Any comment/idea? Thank you, Bruno Negrao -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAuAq6JukONu5DUaQRAqJdAJ9Ua7XA2gxRFNHkG7bg9obU/PiQGwCfSAyi 73o/XoMlh6Nx30Rq/mXgj+4= =Da8M -END PGP SIGNATURE-
Re: [vchkpw] SMTP Auth HOW? *UPDATE* AMD64
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 DEBO Jurgen E. G. wrote: snip First, I suggest You verify Your authentication. Start-tls is initiated, in that case the pasword has to be plain-text, not cram. First off, starttls is not initiated, as then he would have had to enter starttls to start it in the first place. Second, auth login takes a base 64 username and base 64 password which he supplied. Dont trust me on that? Please read the RFC's for it. If he was using cram-md5 he wouldnt have issued a AUTH LOGIN. He would have issued a AUTH CRAM-MD5. - Anyways, id like to second anything the thread starter said. I have been on the system myself (not like that matters, i know), but he has read all the documentation, and anything there is to know about SMTP auth, so its not a mistake some place. For some reason something is going wrong some place, and i am thinking it could be in the base64.c file, however i have no clue most of it. I highly doubt its vchkpw as vchkpw gets handed just the info it needs, and works with pop3, so it _should_ work with smtp auth as well. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAsTt9JukONu5DUaQRAkJaAJ9qSXy95Cej2AMBedJ9ohKKI51nHgCfcvpM 708uHSBbjo65tOpLZSRhabY= =JDLs -END PGP SIGNATURE-
Re: [vchkpw] Re: SMTP Auth HOWTO?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Your first message, which started this flamewar. snip Roy, In the OLD days, people were happy with SMTP-Auth. I consider it LESS security as SMTP after POP, because with SMTP-Auth, You sent Your e-mailadress and Your password of Your mailbox over the internet. When a man-in-the-middle catch this e-mail (or worse Your PW), he can use it for spam, or access Your mailbox. Well, considering you send your entire email over the line to get access to pop, this claim is not true. Just thought id bring this up, as everywhere else you are suggesting that it is not true that you said that. Hell, pop3-ssl would be the same as smtp-ssl both would allow secure authentication. SMTP after POP is a pain, and it doesnt help against these so called man in the middle attacks. Unless off course you would also provide a patch to make it pop3-ssl, in which cause the next thing you say would be a better solution. I suggest You use: SHUPP's version with netqmail like : fetch http://www.qmail.org/netqmail-1.05.tar.gz tar xzvf netqmail-1.05.tar.gz.tar cd netqmail-1.05 ./collate.sh # patch with Shupp's TLS and SMTP-Auth fetch http://shupp.org/patches/netqmail-1.05-tls-smtpauth-20040207.patch patch ./netqmail-1.05-tls-smtpauth-20040207.patch So now that we have smtp-ssl, or smtps, how is SMTP after POP still more secure? Why not just start an SSL connection and then auth with SMTP? I dont see a difference at all. You brough POP in for no apperant reason at all. Hell, id rather use SMTP auth than first pop and then sending the mail, as its a pain in the ass to configure most mail clients to do POP before SMTP. certificate: You can copy thoses (extension .pem) from : freeBSD, vpopmail stuff cd /var/qmail/control cp /usr/local/cert/ipop3d.pem servercert.pem ln -s servercert.pem ./clientcert.pem Breached# ls /usr/local/cert/ipop3d.pem ls: /usr/local/cert/ipop3d.pem: No such file or directory hrm, thats FreeBSD BTW. Activate TLS by create a certificate, and You will be much better off to create an encrypted connecton to Your SMTP server by the SMTP Enc smtps 465/tcp#smtp protocol over TLS/SSL (was ssmtp) smtps 465/udp#smtp protocol over TLS/SSL (was ssmtp) snip 500 million line sig X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAr8DYJukONu5DUaQRAt+1AJ4rE88Og4vvjtJmrr6an0jCZYrduwCgk1C5 WKsxNOR6msDCJFK7wwaboqs= =vm3x -END PGP SIGNATURE-
Re: [vchkpw] SMTP Auth HOWTO?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brooks Roy wrote: I do not have an open relay. I am trying to setup SMTP Auth. It is not working.. When users try to auth, it just keeps asking for username password over and over. Never sends. How are they authentication? with [EMAIL PROTECTED] or just username? X-Istence wrote: Brooks Roy wrote: I have put in the patch as described in the contrib README and changed it to be /bin/checkpassword instead of vchkpw and I still have the same senario. What does your data.cdb or smtp.cdb look like that gets created from a file? Also, it should still be to vchkpw if you want to use vpopmail. This is what your run file should look like: exec /usr/local/bin/softlimit -m 1000 \ /usr/local/bin/tcpserver -v -H -R -l $LOCAL -x \ /usr/local/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD -u \ $QMAILDUID -g vchkpw 192.168.5.50 25 \ /usr/local/bin/fixcrio \ /usr/local/bin/rblsmtpd -r relays.ordb.org \ /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /usr/bin/true Also make sure $QMAILDUID $MAXSMTPD and $LOCAL are set properly. I see that you have your /usr/local/vpopmail/etc/tcp.smtp.cdb, are you sure that is no causing the open relay? Try pointing it to one that only has: :allow in it, and see if you are still an open relay then. X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFArmIMJukONu5DUaQRAmnpAKCCfD0TAifKW9/j9tV5u9PZRo8c4wCgk/B1 UPQrlLc6uG27pYQXT5Sh1kY= =ry3M -END PGP SIGNATURE-
Re: [vchkpw] vpopmail
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Clayton Weise wrote: If you're using maildrop it does. Or at least, mine did. Seconded. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFArmMDJukONu5DUaQRAhvgAJ4ksBb5c8cfyEPtxHt4sN4nPlh3xQCggcHS qbN/f25i+Ji0kC0EHZ3WJOM= =g8Ol -END PGP SIGNATURE-
Re: [vchkpw] SMTP Auth HOWTO?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jeremy Kitchen wrote: On Thursday 20 May 2004 07:00 pm, blist wrote: Here is my run tcpserver script for qmail-smtpd: exec /usr/local/bin/softlimit -m 1000 \ /usr/local/bin/tcpserver -v -H -R -l $LOCAL -x \ /usr/local/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD -u \ $QMAILDUID -g vchkpw 192.168.5.50 25 \ /usr/local/bin/fixcrio \ /usr/local/bin/rblsmtpd -r relays.ordb.org \ /var/qmail/bin/qmail-smtpd ps1.prostream.net \ /usr/local/vpopmail/bin/vchkpw /bin/true Simple, remove the hostname, and all should be well. what's the value of $QMAILDUID in that script? also, if you take out the hostname you're an open relay, because you're authenticating with /bin/true Wrong, vchkpw needs another program to change the directory for, check the way qmail-pop3d works. pop3-popup checkpasswrd realpop3 (Which is now in the users directory) If vchkpw is not given another argument to execute after it auth's the user, qmail-smtpd has no way to check if it was successfull. -Jeremy -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFArV1GJukONu5DUaQRAt/SAJ9Ubh1+KnXuKN9p+AGtnz3OvPEi4wCgmS2k lqa015oQi4ITRgNw0nECxRI= =LOQ4 -END PGP SIGNATURE-
Re: [vchkpw] SMTP Auth HOWTO?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 My apologies, the solution i provided *WILL* not work. Considering the code still contains the hostname stuff. What i suggest is you grab the patch from the vpopmail contrib directory, it contains a copy that *will* work. X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFArV6EJukONu5DUaQRAuMQAJ4oPWzzYWeeAKRlYOop6DWxovBy/wCghqre PvraZ1VWDiBT4Yx++8H0Xho= =pS6m -END PGP SIGNATURE-
Re: [vchkpw] SMTP Auth HOWTO?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brooks Roy wrote: So use the patch from the vpopmail contrib directory WITHOUT the hostname in the run script for tcpserver? Wont this make the server an open relay? No, cause that patch doesnt require a hostname on purpose, as to many poeple were unsure if it was needed or not. It is not needed, thus it was removed. So no, you will not make yourself an open relay. X-Istence wrote: My apologies, the solution i provided *WILL* not work. Considering the code still contains the hostname stuff. What i suggest is you grab the patch from the vpopmail contrib directory, it contains a copy that *will* work. X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFArWgSJukONu5DUaQRApA6AKCM+q+2R0ErkBTWX1AK+swrOrruLgCfbBZs x1XaueBT++M1ovsaIvevqpw= =Ubls -END PGP SIGNATURE-
Re: [vchkpw] webmail
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jeremy Kitchen wrote: On Monday 17 May 2004 05:29 pm, null wrote: Hello folks, Ive been trying to find a webmail to use with qmail+vpopmail but im afraid that i couldnt find. I used squirrelwebmail for ages (IMAP) and now I wanted one for my pop server. If anyone is using some web-mail that seems to be good please give me a hint! www.squirrelmail.org www.horde.org www.ilohamail.org -Jeremy I would like to second the motion for the last link. Its an awesome webmail client, and can fully do both IMAP and POP3. X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAqUX/JukONu5DUaQRAiYvAJ0RhN4nG/ibB4P/ZbGgZ+1lvMY/FQCfeMXS nn19TOfYiuk733QbgaPWGGk= =Ffqc -END PGP SIGNATURE-
Re: [vchkpw] Problems with multi domains in vpopmail
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mário Gamito wrote: Hi, I've installed vpopmail, but i'm having problems with adding domains. The first one i add works just fine. From the second one on i get this error: Signal 1 caught by ps (procps version 2.0.13). Please send bug reports to [EMAIL PROTECTED] I've compiled vpopmail with --enable-many-domains=y What can be wrong ? Any help would be gratly appreciated. Warm Regards, Mário Gamito PLease run: strace ./vadddomain domain to add postmaster password and give us the output. This procps stuff, can you provide me more info about it? It seems this is the first case that it goes wrong. How did you compile vpopmail, what flags, did you use an rpm? Did you set any special cflags or anything of that sort? X-Istence -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAp3KYJukONu5DUaQRAlNkAKCY3xWCDAcBKSp5RYKhUEWIV8K8lgCgrAZW IGSuAbB//6lCcAyhTQmLhtQ= =Yh8Q -END PGP SIGNATURE-
Re: [vchkpw] Qmail popmail and relay-ctrl problem
Paul Theodoropoulos wrote: oh dear god. now we have to have this crap posted to the vchkpw list too? Please keep your religion to yourself. Not everyone believes in a god. top posting is not against the law, violates no RFC's, and has only become an issue in the last three or four years, due to a very vocal minority. top posting is not wrong, no kitties will actually die if you top post, and FURTHERMORE, the lengthy, badgering top post complaining about top posting is far more annoying and intrusive than top posting itself. No, but it makes it really annoying to read list archives at sites that have the entire message. Cause it doesnt really let you know where new stuff is post compared to older info. here's one for you x-istence - how about TRIMMING your posts. you've been posting to this list for a long time now, and half of your post consist of the entire, long original post, and your one liner at the bottom. a much, much older tradition on the net was that one should TRIM one's posts to include only the most relevant, quoted parts. Sorry, i mostly do this, forgot this one time. Forgive me. i find untrimmed posts annoying. shall i start berating the list every time you do it? Sure. I couldnt care less. apologies in advance, this kind of passive-aggressive control freak behavior gets under my skin. So does top posting. At 09:24 PM 5/7/2004, you wrote: snip Paul Theodoropoulos http://www.anastrophe.com X-Istence
Re: [vchkpw] Trouble with dotqmail2valias
Gabriel Ambuehl wrote: Hi Gabriel Ambuehl, you wrote. GA Hi, GA running vconvert -c -m works perfectly so I presume my settings are GA correct. However, running dotqmail2valias -a (to add all domains) GA will create the valias table but not enter any values into it. GA What am I doing wrong? Seems like dotqmail2valias has a bug and removes .qmail files even if it couldn't add them to the DB (of which it suffered the first time). I was using a copy of our live tree, phw. Regards, Gabriel There is an ongoing project to move all the code from dotqmail2valias into vconvert as well, check the list archives. I dont think dotqmail2valias works as it was designed, or has a bug in it. X-istence
Re: [vchkpw] Qmail popmail and relay-ctrl problem
Paul Theodoropoulos wrote: sorry for the double post. At 07:13 AM 5/8/2004, you wrote: At 05:10 AM 5/8/2004, X-Istence wrote: Paul Theodoropoulos wrote: Paul Theodoropoulos http://www.anastrophe.com Thats quite allright. X-Istence
Re: [vchkpw] Qmail popmail and relay-ctrl problem
[EMAIL PROTECTED] wrote: Hi All I have installed Qmail on linux 7.2 with vpopmail support and relay-ctrl patch. I am trying to pop my mails from that qmail mail on other application server through remote pop accounts procedure. When i give him user name as email and send password then Qmail server reject that password and append the IP after the email, although user name and password is correct, i check it manually on telnet. But giving me error of that kind. May 6 07:52:21 mail2 vpopmail[25532]: vchkpw: password fail [EMAIL PROTECTED]:211.117.134.11_ What's and where it is wrong. bcz of ip concatenating pop server unable to authenticate that user. So any solution or setting to remove. There is nothingin application like that adding ip after the email. Waiting for a good reply. tx. Zafar The IP is added by vchkpw itself, and doesnt matter at all. Its for administrative purposes only. X-Istence
Re: [vchkpw] Qmail popmail and relay-ctrl problem
Your message was top-posted. Please configure your MUA to quote correctly before sending messages to mailing lists. If you don't know what this means, read this: http://www.faqs.org/docs/jargon/T/top-post.html To learn what quote correctly means, read this: http://www.netmeister.org/news/learn2quote2.html If you are using MS MUA, these free add-on packages can apparently fix their quoting style for you: http://home.in.tum.de/~jain/software/oe-quotefix/ http://home.in.tum.de/~jain/software/outlook-quotefix/ I've corrected your quoting for this reply, but will ignore further top-posted messages. (Thanks charles, qmail list) [EMAIL PROTECTED] wrote: Send reply to: [EMAIL PROTECTED] Date sent: Fri, 07 May 2004 15:01:58 -0400 From: X-Istence [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject:Re: [vchkpw] Qmail popmail and relay-ctrl problem [ Double-click this line for list subscription options ] [EMAIL PROTECTED] wrote: Hi All I have installed Qmail on linux 7.2 with vpopmail support and relay-ctrl patch. I am trying to pop my mails from that qmail mail on other application server through remote pop accounts procedure. When i give him user name as email and send password then Qmail server reject that password and append the IP after the email, although user name and password is correct, i check it manually on telnet. But giving me error of that kind. May 6 07:52:21 mail2 vpopmail[25532]: vchkpw: password fail [EMAIL PROTECTED]:211.117.134.11_ What's and where it is wrong. bcz of ip concatenating pop server unable to authenticate that user. So any solution or setting to remove. There is nothingin application like that adding ip after the email. Waiting for a good reply. tx. Zafar The IP is added by vchkpw itself, and doesnt matter at all. Its for administrative purposes only. X-Istence Hi All, Thanks for reply. But i am still unable to understand that why vchkpw added ip while pop my qmail account from other application, although i am using telnet, in which nothing ip added like that. So plz tell me is it possible that i can remove or handle that. so That ppl can use pop account from qmail otherwise qmail will be ? plz reply. tx. ZAFar May 8 00:15:24 Breached vpopmail[83838]: vchkpw-imap: (PLAIN) login success [EMAIL PROTECTED]:10.10.10.55 May 8 00:15:25 Breached vpopmail[83840]: vchkpw-imap: (PLAIN) login success [EMAIL PROTECTED]:10.10.10.55 This is from my logs. It works as expected, your run scripts are either wrong, or you are sending wrong password. X-Istence
Re: [vchkpw] MySQL error messages vpalias.c
Rick Widmer wrote: My travels have finally brought me to the MySQL database module... I am working on improving the error messages returned by vconvert, as part of the process of testing the MySQL back end. The first thing I've noticed is that a number of errors call fprintf(stderr) directly from the extension. I would like to make them record the error in a string, set errori and return the error code where it is apropriate. Then I have to look at the places it is called and update the error handling there. I would prefer to leave the formatting of error messages up to the end user program: ~vpopmail/bin/*, qmailadmin, etc. Any objections? None, code cleanup is always nice :P. I am diving into the source every so often as well for jobs people ask me to do. At first glance, it appers that vpalias.c, vmysql.c and vpgsql.c share common functions. It seems to me that if the code is in vmysql.c and vpgsql.c it should also appear in vcdb.c and vpalias.c should not exist. It looks like there is some ifdef magic going on to hide the code in this file. It seems to me it would be better to add vpalias.c to vcdb.c and add empty function definitions in the other auth back-ends. Ifdefs would remain so you can still switch valias on or off with a ./configure option. Should I move it to cdb.c? Why not? Would be just as easy. Next, there are two programs vconvert and dotqmail2valias that both translate data from file to database, or from database to file. Should I merge the programs into one. Future conversions would then be one step. If the users or aliases have already been converted, you just get duplicate warnings. Merge them? Yes, i was planning on doing this, but i dont have the time. Rick Useless stats on why not to listen to me: 0 patches to vpopmail Just random blabbing :P To busy to do it myself (I still think it needs to be done) X-Istence
Re: [vchkpw] Troubles running make [SOLVED]
Tom Collins wrote: On May 4, 2004, at 3:31 PM, X-Istence wrote: Mabey its time to fix your server time. This shouldnt happen. If I don't build the tarball correctly, it will happen. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/ Ah, so its your mistake :P ntpdate ntp.nasa.gov before you build the tar ball :P. X-Istence
Re: [vchkpw] sending e-mail error
null wrote: Hello folks, Im having some odd problems with qmail+vpopmail in sending e-mails. I set everything correct in my mail client and I tried first to send e-mails to a mail account in my mail server and it worked just fine, I can log in and receive emails/attachments. When I try to send e-mails I get this error: The message could not be sent because one of the recipients was rejected by the server. Server response: '533 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)'. (Account: 'mail.6s-gaming.com', SMTP Server: 'mail.6s-gaming.com', Error Number: 0x800ccc79). snip Thanks for all the help that comes! Rgs, Alex http://scriptkitchen.com/qmail/553.html X-Istence
Re: [vchkpw] Troubles running make [SOLVED]
Jeremy Kitchen wrote: On Tuesday 04 May 2004 03:28 pm, Patrick Donker wrote: have you tried: touch * in the root of the source tree? -Jeremy Thanks for this tip Jeremy; it solved my problem. Only thing is that I dont understand why. I've looked at man touch, and I know what it does, but dont understand why and how it solved my problem(?). Maybe you can clue me in? If it is too off-topic for this list, maybe you can explain it too me (briefly) by emailing me direcly? Thanks and sorry for the impatience :) man make it describes how make uses timestamps to determine what needs to be built. Surely you can put that together with the information you got from 'man touch' and know why what you did fixed the problem. -Jeremy Mabey its time to fix your server time. This shouldnt happen. X-Istence
Re: [vchkpw] Re: strange behavior in from header.
Sebastien FOUTREL wrote: Thank you for your informations Peter. In fact, the mailto:; part in the From:, To: headers were added to my mail by my Mozilla Thunderbird when I pasted the original message to this mailing-list. So, I should remove the @IP part by adding a -R to my tcpserver option and/or change my username from [EMAIL PROTECTED] to user%vhost or user+vhost ? Peter Palmreuther wrote: snip The @IP should not be a problem at all. I sent a mail to over 1,000 servers for a mailling list and i used SMTP auth to authenticate with my SMTP to send it, and it worked fine, EVEN though @IP is added. This includes quite a few french servers. X-Istence
Re: [vchkpw] Re: strange behavior in from header.
Tom Collins wrote: On May 2, 2004, at 8:03 AM, X-Istence wrote: The @IP should not be a problem at all. I sent a mail to over 1,000 servers for a mailling list and i used SMTP auth to authenticate with my SMTP to send it, and it worked fine, EVEN though @IP is added. This includes quite a few french servers. If it's an ezmlm list, it strips all Received headers before sending the message out, and it handles all bounces (so you won't see them). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/ Its not though. All headers stay in tact with the mailling list software that is used. They do it in case they have problems with spam, allowing most people to collectively come together and find where it origionated from. X-Istence
Re: [vchkpw] Tip for using chkuser with Maildrop
tonix (Antonio Nati) wrote: Jeremy, why does the actual suck? It's the first time I hear that. Tonino At 29/04/2004 29/04/2004 -0500, you wrote: On Thursday 29 April 2004 09:49 am, tonix (Antonio Nati) wrote: P.S. I'm studying for version 2.0 of chkuser, this could be another issue. please make it not suck (like the current one does), that's all I ask. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail on EFNET ++ scriptkitchen.com/qmail [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED] The code is one big ball of messyness. X-Istence
Re: [vchkpw] Cdb and mysql auth modules at a time?
Cesare D'Amico wrote: snip Ciao ce Not possible. At this time. X-Istence
Re: [vchkpw] vpopmail + postfix
Paulo Fragoso wrote: Hi, How can we setup vpopmail to work with Postfix? Is necessary have qmail installed too? Thanks, Paulo. vpopmail was created for qmail only, postfix and qmail are two different MTA's so this is not a solution you can use with postfix. X-IStence
Re: [vchkpw] Upgrading vpopmail
Christian Reeves wrote: I am/was running vpopmail 5.2.1 and want to upgrade to 5.4.3. I read the FAQ about upgrading and it seems pretty straightforward. I backup up the recommended dir's, downloaded the latest stable release, compiled with the same options I did when installing the current running version, did make, then make stripNow, the touch times on /vpop/bin/* indicate the files were replaced by the newer version's files but I'm not so sure I got the job done. All seems to be working fine though. 1. How do I know definitivley that I'm runnin the newer version? 2. qmailadmin reports the older version on it's login screen. Is this a sign the upgrade didn't take? No, its a sign that you didnt recompile qmailadmin like your supposed to. I did the upgrade to overcome a bug I've posted about but never received a response on. The bug is that when I run 'vdeldomain', it deletes the domain fine but then the permissions on /var/qmail/control/rcpthosts gets changed to 600. Weird...so I though getting the newest release would be a good place to start. Christian
Re: [vchkpw] vdelivermail is soo slow..
Brian wrote: Hello All, I'm at a loss and all I can come up with is this: last pid: 70373; load averages: 4.32, 3.48, 3.53 up 33+19:31:48 09:32:36 148 processes: 26 running, 122 sleeping CPU states: 5.6% user, 0.0% nice, 94.0% system, 0.2% interrupt, 0.2% idle Mem: 125M Active, 262M Inact, 67M Wired, 19M Cache, 61M Buf, 28M Free Swap: 512M Total, 512M Free PID USERNAME PRI NICE SIZERES STATE C TIME WCPUCPU COMMAND 93447 www18 0 15384K 13288K lockf 1 3:06 2.20% 2.20% httpd 68988 vpopmail 56 0 1376K 944K RUN1 0:00 17.94% 1.71% vdelivermai snip Ouch, that looks painfull. Do the messages get delivered at all? This is a snapshot from top as I'm trying to send an email to a local ezmlm list that goes to about 50 local people. This shouldnt be slow at all. I have a mailling list that goes to 300 local people, with vdelivermail and never have this problem, however, i do not use MySQL. I get 50 vdelivermails (which is fine) but they are all slow to deliver. I've had this server for almost a year (dual 933's 512Ecc U160 drives) and it does nothing but qmail+vpopmail and a webmail client. I have clam antivirus and spamassassin which I'm calling through qmail-scanner. this is my tcp.rules file: 127.0.0.:allow,RELAYCLIENT=,RBLSMTPD=,QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue 192.168.1.:allow,RELAYCLIENT=,RBLSMTPD=,QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue :allow,QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue This is useless to us if its vdelivermail that is screwing up and not qmail-smtpd. snip and yesterday I was getting intermittent errors like this: 2004-04-06 09:28:48.197123500 delivery 19551: deferral: vmysql:_sql_error[1]:_Can't_create_database_'vpopmail'._Database_exists/ 2004-04-06 09:28:48.211717500 delivery 19534: deferral: vmysql:_sql_error[1]:_Can't_create_database_'vpopmail'._Database_exists/ 2004-04-06 09:28:48.232450500 delivery 19544: deferral: vmysql:_sql_error[1]:_Can't_create_database_'vpopmail'._Database_exists/ This cant be good. snip but so far today things have been ok.. except that vdeliver mail is *so* high.. Have you tried recompiling vpopmail from scratch/ports tree, and installing a new copy. It shouldnt make a difference, but if it does then something was wrong with your old binaries. 2004-04-07 09:41:06.857760500 delivery 956: success: did_0+0+1/ How long does it take approxamitly for each mail to be delivered with vdelivermail? And do you have it compiled with the spamassassin patch or not. This is on a FreeBSD 4.9-p3 system ( I know I have to patch to p4 ) Go patch yourself :P vpopmail-5.4.0 and mysql 3.23.57 (compiled for freebsd 4.8) Should be fine. Uptime: 23 hours 32 min 43 sec Threads: 3 Questions: 18086 Slow queries: 0 Opens: 19 Flush tables: 1 Open tables: 13 Queries per second avg: 0.213 TIA - Brian X-Istence
Re: [vchkpw] vpopmaild - errors on login
Marcin Soltysiak wrote: - Original Message - I see you have different error messages during login for: invalid email address user does not exist invalid password It might be better to return the same message for all so the hostile hacker can't learn as much about your users. Good point. I'd suggest - ERR XXX Login invalid to stdout and detailed info to syslog Solt Its using tcpserver, so why not to multilog. I personally try to limit as much as possible the use of syslog. X-Istence
Re: [vchkpw] test copy of vpopmaild.c
Ken Jones wrote: Anyone want a test copy of vpopmaild before it gets posted? It could use another set of eyes. Ken Sure, shoot me a copy this way :) X-Istence
Re: [vchkpw] proposed vpopmaild commands/usage
Iavor Raytchev wrote: Guys, I am in hospital at the moment - one of the muscles of my left leg refused to work and the doctors look for the reason. Get better first, then think about this, its a second priority. I could not read all posts - I would just like to tell you that two more people are interested in this daemon - and they want to write it - so it seems that this project has the unique chance to be something supported by a broad community of top people. I have never managed such huge community effort, so I have no idea about the dynamics. I only hope that personal pursuits will not allow any of the great people interested in the daemon to be lost. Ken Jones has allready written one, and was releasing a beta on Monday, we shall see how that goes. I'll try to come back to the list on Monday. Until then - best to all, Iavor X-Istence
Re: [vchkpw] indirect reasons for 5.7.1? - behavior confirmed
Kurt Bigler wrote: snip The plot thickens. sockstat produced no output, apparently a limitation of the virtual server implementation. Inquiring into this, the parent server apparently had default processes answering (stupidly) when virtual server email servers were not running. The administrator fixed this with a quick configuration change, and now everything behaves as expected. Thanks for your help, which lead to the resolution. Still a mystery to me why a default SMTP answerer would respond with 5.7.1. I inquired about that but got no reply yet. -Kurt Well, that is an easy one, if they are running qmail as well, it would answer with a 5.7.1 meaning your domain is not in their rcpthosts. X-Istence
Re: [vchkpw] vpopmail 5.4.x + SMTP AUTH + TLS
Jøran Kvalvaag wrote: Hi, Can someone merge the SMTP AUTH patch that is in the contrib directory with a TLS patch such as this one for netqmail-1.05? http://inoa.net/qmail-tls/netqmail-1.04-tls-20040120.patch Like this? http://shupp.org/patches/netqmail-1.05-tls-smtpauth-20040207.patch -- JKvalvaag Was about to reply saying search on google, there is one allready :P. X-Istence
Re: [vchkpw] Encryption
Cory Barton wrote: Hello, I am currently working on setting up an extranet site for my company. I would like to import the information from the mysql vpopmail db into the cms's (Content Management System) user database, however the cms db stores passwords like so: 7729ca956c9bdb1ea9e498ebeb57ffda However the passwords in the vpopmail db are stored like so: $1$D065m$p8ZGr5V/L.rnHmYvi1KAu/ So I was wondering if anyone knows of a way that I can: 1. Convert the passwords in the vpopmail database to work with the other database (without making changes to the email system) or 2. Change the way the email system stores its passwords to match the way the cms stores its passwords. The cms uses php. Thanks for the help Well, let me answer this one. The first one is MD5 generated, the second one i believe is general crypt generated. What this means is that you would either need to rewrite the CMS so it accepts crypt'ed passwords, or rewrite vpopmail to instead of crypt use MD5, as there is no way to convert one to the other. X-Istence
Re: [vchkpw] php vpopmail daemon etc. - developing story
Rick Macdougall wrote: Hi, Ken Jones wrote: I've been thinking about this and I think the daemon is definitly the way to go. If Rick can't release the code I can write one. I think the protocol could be like this: I found the code and although it is not as pretty as I remember it is available for release. It's in php with a tcpserver front end. It currently lacks user authentication though. From then on we could pass commands like: For admin accounts: vadduser [EMAIL PROTECTED] pass vdeluser [EMAIL PROTECTED] vadddomain domain postmaster-pass vdeldomain domain Very easy to add modules to the server, just add a case statement. I already have server code to handle this kind of daemon in both single threaded and multithreaded modes. Since it's written in php, and uses tcpserver as the socket connector, it should scale quite well. Regards, Rick Now what i want to ask is, could we write it efficiently. As i would want to deploy this over multiple servers, and having everything written out in normal ASCII would be a waste of bandwidth (all bytes count), i think that we should make it binary communication, just like DJB is trying to do with IM2000. just my 0.02$. X-Istence
Re: [vchkpw] php vpopmail daemon etc. - developing story
Marcin Soltysiak wrote: Ken Jones wrote: I've been thinking about this and I think the daemon is definitly the way to go. If Rick can't release the code I can write one. I think the protocol could be like this: I found the code and although it is not as pretty as I remember it is available for release. It's in php with a tcpserver front end. It currently lacks user authentication though. From then on we could pass commands like: For admin accounts: vadduser [EMAIL PROTECTED] pass vdeluser [EMAIL PROTECTED] vadddomain domain postmaster-pass vdeldomain domain Very easy to add modules to the server, just add a case statement. I already have server code to handle this kind of daemon in both single threaded and multithreaded modes. Since it's written in php, and uses tcpserver as the socket connector, it should scale quite well. How about security? If we got it secures by SSL we coiuld use it on multiple servers from one console. Rick, could you post a URL to the code? That sounds good. Of course as a C programmer I'd prefer it be written in C linking in the vpopmail API. I'd like to take a swing at building it in C over the weekend. vmailmgr has something like this already, including a php module to talk to it. Perhaps we can re-use some of that code. That woudl be the best way. However, then we'd need a PHP API to use in web-apps Solt why? We could talk to it using normal sockets. I dont see why it would require a special API to talk to a normal deamon on a TCP/IP. Even Unix sockets. X-Istence
Re: [vchkpw] php vpopmail daemon etc. - developing story
Rick Widmer wrote: snip [1] Maybe it is my age showing, but it seems to me you want daemons lean and mean, and having to load the whole PHP interpreter just doesn't do it for me. (This is from someone who usually prefers to do everything in PHP.) I agree. X-istence
Re: [vchkpw] php vpopmail daemon etc. - developing story
Rick Macdougall wrote: Ken Jones wrote: On Friday 02 April 2004 1:27 pm, Rick Macdougall wrote: That sounds good. Of course as a C programmer I'd prefer it be written in C linking in the vpopmail API. I'd like to take a swing at building it in C over the weekend. vmailmgr has something like this already, including a php module to talk to it. Perhaps we can re-use some of that code. Fine by me, although I'd prefer a C daemon myself, I do find php easier to read and to debug. Regards, Rick C is smaller, and leaner. Id rather have it in C than PHP, running spamassassin allready eats server resources cause of perl, lets not get a PHP deamon written that needs PHP to run. X-istence
Re: [vchkpw] php vpopmail daemon etc. - developing story
Ken Jones wrote: On Friday 02 April 2004 2:32 pm, Iavor Raytchev wrote: Hello everybody, As it seems that the daemon idea prevails - what about a 'home' for the daemon? When I spoke to Boian Bonev (one of the authors of the php vpopmail extension) he was absolutely for the daemon idea, but he said that it is very important to decide about its home - Is it going to be somewhere around vpopmail or somewhere around php or somewhere around itself. In certain way it somehow belongs to all these places. As in addition to a home - it will need also a group of people who believe in it - the place where it lives should be easily accessible. Would be best to open a Sourceforge.net project and open a wiki for an easy white board? Iavor I'd like to keep it in the vpopmail project. The daemon could be part of the regular code and the php client module could be part of contrib? I really like the idea of a wiki, too bad we don't have one for vpopmail. Ken This would cause problems. Then it would not be in PHP releases, and only in the contrib directory, thus making it still an remote option and not likely a widely adopted one. X-Istence
Re: [vchkpw] indirect reasons for 5.7.1?
Kurt Bigler wrote: This is regarding qmail + vpopmail 5.3.12 running under tcpserver, on FreeBSD 4.6.1. My server was bouncing *everything* with 5.7.1, that is including stuff that should have been delivered to domains hosted by my server. 5.7.1 can mean a domain is not on your rcpthosts list. /var/control/rcpthosts I panicked and just rebooted my server (because reboot is very quick and it is the most reliable way to fix a bunch of things quickly without having to take time to identify a problem), and thus lost some of the evidence. Reboot should be your last thing to try, what if it was more serious and the box never came back up? But I am suspicious based on previous expeirences that if a certain process dies that some process starts responding to all smtp requests with 5.7.1. Or is there any other obvious reason why qmail might go into a permanent 5.7.1 mode? Check rcpthosts, restart qmail-smtpd, only things that would affect a 5.7.1. Which means permanent error, or permanent not allowed. Thanks for any thoughts, and sorry to be so lacking in info. I did do a quick ps when I discovered the problem and I'm pretty sure that the tcpserver process involving qmail-smtpd was probably not there. I only remembered it should have been there after rebooting and doing another ps. Is there some default mode for smtp connections that takes over under such a circumstance? Well, if your SMTP service was not there, your server could not be accepting mail, thus there would be nothing to bounce. Thus it would not be able to create 5.7.1 bounces in the first place. Thanks, Kurt Bigler
Re: [vchkpw] indirect reasons for 5.7.1? - behavior confirmed
Kurt Bigler wrote: snip I confirmed that if I kill this process (line from ps output): qmaild86243 0.0 0.1 904 360 ?? SNJ 3:05PM 0:00.09 tcpserver -v -H -R -lvps.breathsense.com -x /var/vpopmail/etc/tcp.smtp.cdb -c200 -u1003 -g1001 0 25 fixcrio /var/qmail/bin/qmail-smtpd that incoming SMTP attempts are greeted by a 5.7.1 error. Does anyone understand how this happens? Thanks, Kurt Bigler Well, considering that is your SMTP service, it looks like another server on the same system is taking over, or you configured something wrong. since its freebsd, take a look at: sockstat -4, and look for port 25 and what process has it in use if you kill that process you mentioned. X-Istence
Re: [vchkpw] php vpopmail daemon etc. - developing story
Doug Clements wrote: Iavor Raytchev wrote: [snip] X-Istence wrote: Now what i want to ask is, could we write it efficiently. As i would want to deploy this over multiple servers, and having everything written out in normal ASCII would be a waste of bandwidth (all bytes count), i think that we should make it binary communication, just like DJB is trying to do with IM2000. [snip] We must write it efficiently and with all (as many as possible) aspects in mind. If we create the next thing that 'works, but...' - it would be not very useful. Efficiency is good, but you lose a lot of debugging ease when you go to binary protocols. How many times have you used telnet to debug pop and smtp sessions? Converting to binary communications does not save that much bandwidth at all, and for a large price of complexity. --Doug I have written apps to test certain stuff for me. Telnet on windows at the time was horrible, and would not work for what i wanted. But good point. X-Istence
Re: [vchkpw] call for scripts/tools
Brad Davis wrote: On Monday 22 March 2004 19:18, Charles Sprickman wrote: Hi, I'm finally settling in to a nice vpopmail install, and I'm trying to help our support staff deal with this wildly different system (the old mailserver was sendmail/uw-imap). There were a number of shell scripts and whatnot on the old server to show things like what aliases from any hosted domain pointed to what accounts, mail usage reports, etc. Before I go nuts and re-invent the wheel, does anyone have anything that could either go in the contrib directory of the vpopmail distribution or perhaps somewhere on the sf.net site? Some handy things I have in mind: -alias mapper (something to show what aliases go where) qmailadmin -quota report (who is over quota at the moment, who's approaching quota) qmailadmin -.qmail checker (look for completely bogus/illegal .qmail files, verify that somewhere in each domain vdelivermail is called) None yet -any log parsing tools that deal with vpopmail's mysql logging None yet -any web tools beyond qmailadmin/vqadmin None yet There's more, but I'm curious what people have and what you'd like to publically share. Hi Charles, I'd like to see what you find. Maybe we could have a repository of tools like these on sourceforge. Regards, Brad Davis
Re: [vchkpw] call for scripts/tools
Rick Macdougall wrote: Hi, snip I have a couple of these in production including a showqueue script (handy for adding domains to badmailfrom), and showsmtpip script (handy for blacklisting IP spammers). If someone wants to setup a sourceforge account I'll gladly donate them and write up some others. Regards, Rick Just post em to the vpopmail sourceforge site, its a quick easy thing to signup, and then post em to be added to the contrib directory. X-Istence
Re: [vchkpw] spamassassin features added to cvs version
Ken wrote: On Sunday 14 March 2004 6:42 pm, X-Istence wrote: snip -gx enable automatically deleting email marked as spam Do we get to set the limit? Like i prefer to not delete anything over 4, but delete anyting higher than 8. If we delete anything marked as spam, it would delete at level 4, which is not what i would like, as i have one or two messages daily that are from family and friends that are at that level, but i cant whitelist them all one by one. Anything over 8 would really be spam, and i could care less about them. You could always whitelist_from email from family and friends then delete everything over 4. That's what I do. Seems to work really well. We are going to start integrating control over the user_prefs file into qmailadmin, so you could manage your whitelist_from lists. Thats exactly what i had hoped to avoid, i have a lot of family and friends, and adding them one by one, and then email adress changes is kind of hard. I will look into adding a patch to put the double check in place, so that it has the functions that i am looking for, and allows them to be turned on and off at will, also specifying a limit. snip X-Istence
Re: [vchkpw] spamassassin features added to cvs version
Ken Jones wrote: I added the spamassasin features to the cvs version today. New configure option: --enable-spamassassin With this option, spamassassin is turned on by default New vmoddomlimits options -gc disable spamassassin for whole domain -gx enable automatically deleting email marked as spam Do we get to set the limit? Like i prefer to not delete anything over 4, but delete anyting higher than 8. If we delete anything marked as spam, it would delete at level 4, which is not what i would like, as i have one or two messages daily that are from family and friends that are at that level, but i cant whitelist them all one by one. Anything over 8 would really be spam, and i could care less about them. New vmoduser options -f disables spamassassin for a user -F enable automatic deletion of email marked as spam for a user To make it as clean as possible and support individual users spam assassin preferences, it only calls spamd when writing the email to a users Maildir. It uses the spamassassin vpopmail features to read a users .spamassassin/user_prefs file. And uses spamd with a unix socket. Right now the spamd options are hard coded in vdelivermail.c using spamc right? I found some problems with the current SpamAssassin 2.63 code for automated creation of user_prefs files. I'll post the patch to vpopmail source forge and submit it to the spamassassin folks. I had posted a patch for this before, but it was rejected, for some reason it is unable to create it at the moment, and it causes spamassassin to hang for ages (over 300 seconds per message) for some unknown reason before just letting it pass. We have been using the code in production for weeks with no problems. So hopefully it will work for you. Good to know :) Ken Jones X-Istence
Re: [vchkpw] Spamassassin: i wish..
Cristiano Deana wrote: Now spam threshold is hardcoded with --enable-spam-threshold=15 shouldn't be better to put it in vlimits.default? I think this should be made an option, if it is not set, look for vlimits.default, if it is set, then use it hard coded, i prefer that as i dont want vdelivermail to open files each time it runs, which can be a lot of times, as i get a lot of mail, id rather have it hard coded. X-Istence
Re: [vchkpw] Spamassassin: i wish..
Ken Jones wrote: On Friday 12 March 2004 6:35 am, Cristiano Deana wrote: Il giorno Friday 12 March 2004 12:53, X-Istence mi scriveva: Now spam threshold is hardcoded with --enable-spam-threshold=15 shouldn't be better to put it in vlimits.default? I think this should be made an option, if it is not set, look for vlimits.default, if it is set, then use it hard coded, Yes, better. Very well. In the patch I have based on the BSD patch, it uses the required_hits in the system global setting, normally in /etc/mail/spamassassin/local.cf and can be overriden by a users .spamassassin/users_pref file. So there is no need for an --enable-spam-threshold option. Spamassassin adds a header X-Spam-Flag: YES if the email goes over the required_hit count. I'm going to try and add the code to the cvs version over the weekend. Ken Jones The BSD code had a hard set limit, with the --enable-spam-threshold=15, which means that anything over 15 would get DELETED, and not just tagged, which is what SA does normally. See, i like to have anything over 4 points tagged, then if for some reason, it is really spam, it will reach the 10 points i set with the enable flag, and vldelivermail will delete it instead of writing it to disk. Its one way i have kept my mail box clean of a lot of crud, as really, i dont want it to be saved if it is just spam. X-Istence
Re: [vchkpw] Spamassassin: i wish..
Jeremy Kitchen wrote: On Fri, 2004-03-12 at 14:35, X-Istence wrote: Ken Jones wrote: On Friday 12 March 2004 6:35 am, Cristiano Deana wrote: Il giorno Friday 12 March 2004 12:53, X-Istence mi scriveva: Now spam threshold is hardcoded with --enable-spam-threshold=15 shouldn't be better to put it in vlimits.default? I think this should be made an option, if it is not set, look for vlimits.default, if it is set, then use it hard coded, Yes, better. Very well. In the patch I have based on the BSD patch, it uses the required_hits in the system global setting, normally in /etc/mail/spamassassin/local.cf and can be overriden by a users .spamassassin/users_pref file. So there is no need for an --enable-spam-threshold option. Spamassassin adds a header X-Spam-Flag: YES if the email goes over the required_hit count. I'm going to try and add the code to the cvs version over the weekend. Ken Jones The BSD code had a hard set limit, with the --enable-spam-threshold=15, which means that anything over 15 would get DELETED, and not just tagged, which is what SA does normally. does normally? SA is only used for tagging mail. You can send me a GTUBE email and it won't get deleted, even with a score of 1000. See, i like to have anything over 4 points tagged, then if for some reason, it is really spam, it will reach the 10 points i set with the enable flag, and vldelivermail will delete it instead of writing it to disk. Its one way i have kept my mail box clean of a lot of crud, as really, i dont want it to be saved if it is just spam. yea, I like that sort of dual threshold setup as well. Perhaps spamassassin could be made to have dual thresholds and have like a X-REALLY-SPAM: header. I prefer not trying to compare values, but check for 'flags' personally. -Jeremy Well, spamc somehow returns the amount of points it got some how, and that is how it gets deleted. X-Istence
Re: [vchkpw] vuserinfo quotas delay
Alex Borges wrote: I have a vpopmail+qmail Vpopmail has been upgraded to 5.2.1 and well... i send a large email to an account and it gets there fine...BUT vuserinfo does not report the usage increase correctly i assume some quota file is corrupt or something... What can i do to fix this? A lot of issues were fixed in 5.2.2 or, even in 5.4.3 (Which is the new stable, 5.5.0 is the new development.). You could try those. If anything, just go to the users Maildir, and delete the quota file, and recreate it with vusermod, or whatever that one tool is called (I am at school, sorry). X-Istence
Re: [vchkpw] Re: vpopmail - stunnel
Peter Palmreuther wrote: On Wed, Feb 25, 2004 at 01:45:53PM -0500, Jeff Koch wrote: I have started seeing stunnel processes owned by vpopmail in the process log. Can anyone explain what that's about? or should I be concerned? vpopmail 6977 0.0 0.0 3272 848 ?SFeb19 0:00 /usr/sbin/stunnel -f -p /var/qmail/control/servercert.pem -l /var/qma Probably POP, IMAP or SMTP over SSL. If you get a longer listing (ps auxw) you'd probably see that it's qmail-popup or qmail-smtpd running. Thanks. That's interesting. So we can do encrypted smtp and pop or imap sessions without bothering with PGP? PGP does not encrypt a 'SMTP|POP3|IMAP4' /session/, but the /message content/. SSL in fact does only encrypt the 'session', i.e. the transfer from 'client A to server B'. PGP ( Co.) protects your mail being read from /anybody/ without proper key, SSL protects your mail from being intercepted and read on transport over SSL encrypted path. This means: if you SSL connect your primary SMTP server your message is 'safe'. If this very server send the mail out using a not SSL protected connection anybody else can again reasd it, if he somehow manages it to fetch the packets. Any idea which email clients support that? There're some: Lookout Quickly can do, IIRC, so can 'The Bat!', 'Pocomai', 'Becky' and Eudora (to name the Windows fraction). Some of them even can 'STARTTLS'. For *nix there also a few: I know at least about 'mutt' and 'Sylpheed', but I'm quite sure 'Evolution' has SSL support as well, if not it's on the straight way to having it. Forgot to mention the lovely ThunderBird, which runs on both windows and Linux, BSD, Solaris, and many more. Its nice and fast, and easy to use. SSL for mail issues at client side is not that uncommon anymore, albeits it's use is rather limited. It can be of use if you send/receive your mail using an external SMTP/POP3/IMAP server and do not want your ISP to be able to read it. For any unkown term or program: use Google to locate it or it's meaning, I'm to lazy to provide all applicable URLs. :-)
Re: [vchkpw] OFFTOPIC! how come ppl don't start new threads when creating mails??
Raboo Treed wrote: how come ppl don't start new threads when creating mails?? or is my mail client broken? /Raboo Looks like you as well need to not start threads in the middle of an old one. As you just did what you said you didnt like. X-Istence
Re: [vchkpw] Re: [qmailadmin] Re: PHP vpopmail extension
Rick Widmer wrote: Existence wrote: Rick Widmer wrote: That is what i meant, not everyone is able to have a special server just for mail, and thus running Apache as vpopmail:vchkpw is not an option. If you created some sort of deamon that allows you with public and privatekey's to communicate. Then you can run apache as www:www and not have to worry about users being able to alter vpopmail stuff cause of the mail server running under vpopmail:vchkpw. It is very easy to start a second instance of Apache. Just create a second httpd.conf file with different users, different DocumentRoot and add Listen directives to both httpd.conf files specifying which ports and IP addresses each server handles. The more I think about it the more it looks like the most secure solution. (Other than a separate mail server.) I personally dont like the idea that i have to use resources on two running Apache's, but it is indeed possible. A binary that handled a few information retrieval functions is probably all that would be needed. I think there would be about 4-6 functions it should be able to return data from. I actually considered writing it before I decided to attack the PHP extension. For the rest we may as well exec the existing progtrams and not re-invent existing functionality. I've already got a PHP program that manages mail domains that way, but it reads the ~vpopmail/domains/ directory to get all its information. Well, what i meant is that having one binary that can do everything in one, is easier than having to run several different commands each time to add or remove domains, and having to parse different output each time. I personally might start on this, if i get the chance, as it would be a lot better than running apache as the mail user, when other there are other websites on it. If you do, please be sure to implement security within your program. Each page hit the php program needs to pass user supplied credentials so you can verify the user. The vpopmail library does not do this security checking, so you have to. If the vpopmail library becomes directly available to anyone running as www:www, they can do ANYTHING to your mail accounts. Yeah, that much i have figured out :P. I would use http auth, and then use the checkpasswd implementation in this long running deamon, to check if it is correct or not, if it is not correct, we drop the connection, if this happens 3 times in a row, that user is disallowed to contact the deamon again, until they have waited 1 hour. Rick
Re: [vchkpw] Re: [qmailadmin] Re: PHP vpopmail extension
Rick Widmer wrote: X-Istence wrote: Rick Widmer wrote (At least in part): I am adding the following functions to vpopmail: valias_select_names, valias_select_names_next, valias_select_names_end Kinda like C++'s std::vector things, allowing you to walk thru an array of aliased domain names. I don't know about std::vector, this is stolen from valias_select_all() and valias_select_all_next(). I wanted just the alias names, preferably sorted. Since it is so easy from any of the database front ends, I decided to sort the names for cdb and say vpopmail always returns them sorted. That is very handy for QmailAdmin... it does't have to sort them. Makes sense. Would make it a whole lot easier to parse the names coming at you, and no need to allocate more memory for sorting and then outputting it, output as it comes along. Submit a patch on sourceforge is what tom would say :P Already done... :P [ 895348 ] Ordered Alias Names for cdb I am testing the extension running PHP as an Apache module, with Apache running as vpopmail:vchkpw. I think it should also run from CGI as long as it is run as the vpopmail user. I don't see any way to get around running as the mail system user, and considering how easy it is to setup a separate instance of Apache I don't see any reason to worry about anything else. If you don't agree, now is the time to show me a better way. How about a public private key sort of thing like SSH? For what? As I see it the vpopmail extension for PHP is for web servers that are running on the mail server, like QmailAdmin or sqWebmail are run now. Since everything is done by one process I don't see any need for fancy communications in the extension. That is what i meant, not everyone is able to have a special server just for mail, and thus running Apache as vpopmail:vchkpw is not an option. If you created some sort of deamon that allows you with public and privatekey's to communicate. Then you can run apache as www:www and not have to worry about users being able to alter vpopmail stuff cause of the mail server running under vpopmail:vchkpw. Using named pipes as a means to talk to each other. This would require a deamon. If I had that daemon, I wouldn't bother with an extension. It would be much easier to code a library in PHP to accesses the daemon. Hitting something like this via a SSH tunnel would be very cool! You could manage a mail server from many web servers. It is serious overkill for what I want. This little project is about using PHP for prototyping the user interface for QmailAdmin 1.3. Or even, just exec, and having a binary setuid vpopmail:vchkpw and talk over stdin, and stdout. A binary that handled a few information retrieval functions is probably all that would be needed. I think there would be about 4-6 functions it should be able to return data from. I actually considered writing it before I decided to attack the PHP extension. For the rest we may as well exec the existing progtrams and not re-invent existing functionality. I've already got a PHP program that manages mail domains that way, but it reads the ~vpopmail/domains/ directory to get all its information. Well, what i meant is that having one binary that can do everything in one, is easier than having to run several different commands each time to add or remove domains, and having to parse different output each time. I personally might start on this, if i get the chance, as it would be a lot better than running apache as the mail user, when other there are other websites on it. This would be better than running apache as vpopmail:vchkpw.i prefer not to run two different apache's side by side, just one, running as www:www :) I don't run two web servers side by side either... the ONLY things Apache does on my mail server are mail related. There are NO web sites and very few people who login to it directly. I see it as an extension of the mail system, not a web server, so running as the vpopmail user is natural. Not everyone has the ability to have one server just for mail, which is why i suggest some sort of deamon, or a program that is setuid, to execute and talk with.. snip Thanks for responding... Rick