qmail Digest 10 Mar 1999 11:00:01 -0000 Issue 575
Topics (messages 22788 through 22822):
implementing anti-SPAM policies in qmail
22788 by: Francisco Yepes Candel <[EMAIL PROTECTED]>
I couldn't find a mail exchanger...
22789 by: Czeh Istvan <[EMAIL PROTECTED]>
22815 by: Richard Letts <[EMAIL PROTECTED]>
xinetd & SMTP relay allowing
22790 by: Czeh Istvan <[EMAIL PROTECTED]>
RAID and FS Help
22791 by: Dan Laffin <[EMAIL PROTECTED]>
Getting Qmail to reject unknown MAIL FROM addresses...
22792 by: [EMAIL PROTECTED]
Fw: Your SMTP is about to be abused!
22793 by: "Rick McMillin" <[EMAIL PROTECTED]>
22795 by: [EMAIL PROTECTED]
22796 by: Chris Johnson <[EMAIL PROTECTED]>
22819 by: Markus Stumpf <[EMAIL PROTECTED]>
22820 by: "Brad (Senior Systems Administrator - Americanisp, LLC.)"
<[EMAIL PROTECTED]>
22821 by: Markus Stumpf <[EMAIL PROTECTED]>
Little date normalizer
22794 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
22797 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
22799 by: Mate Wierdl <[EMAIL PROTECTED]>
22801 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
22804 by: Mate Wierdl <[EMAIL PROTECTED]>
22816 by: "Sam" <[EMAIL PROTECTED]>
22817 by: Mate Wierdl <[EMAIL PROTECTED]>
22818 by: "Sam" <[EMAIL PROTECTED]>
use relay on first failure?
22798 by: Peter van Dijk <[EMAIL PROTECTED]>
qpopper vulnerability?
22800 by: John Gonzalez/netMDC admin <[EMAIL PROTECTED]>
22802 by: "Aaron L. Meehan" <[EMAIL PROTECTED]>
22803 by: John Gonzalez/netMDC admin <[EMAIL PROTECTED]>
22806 by: [EMAIL PROTECTED]
22808 by: "Aaron L. Meehan" <[EMAIL PROTECTED]>
SMTP server account probing (fwd)
22805 by: xs <[EMAIL PROTECTED]>
Qmail equivalent of sendmail's virtusertable?
22807 by: Simon Rainey <[EMAIL PROTECTED]>
22810 by: Pedro Melo <[EMAIL PROTECTED]>
22814 by: Justin Bell <[EMAIL PROTECTED]>
Queue in tmpfs
22809 by: "Paul Watkins" <[EMAIL PROTECTED]>
22811 by: [EMAIL PROTECTED]
22812 by: Jeff Hayward <[EMAIL PROTECTED]>
smtpd & pop3d & cyclog
22813 by: <[EMAIL PROTECTED]>
qmail + IMAP
22822 by: Manfred Spraul <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
I want to use qmail in a mail server that act as a mail gateway, i.e: it no
support mailboxes and only redirect all the mail from my organization to
the world and viceversa.
All the traffic SMTP between my organization and the world is forced to go
throught this mail server (I have filtered traffic in my main gateway).
In these circustances, how can I implement the following anti-SPAM policies?:
1. reject all the messages with origin (dirIP) AND destination (rcpt) out
of my domain
2. reject all the messages with a envelope sender "unqualified" (without
domain)
3. reject all the messages with a envelope sender "unresolvable" (in DNS)
4. accept the rest
If this question has already ben made I apologize. Thanks.
Gracias y saludos.
---------------------------------------------------------------------------
Francisco Yepes Candel e-mail:[EMAIL PROTECTED]
Universidad de Murcia telf: +34-968-364828
Servicio de Informática fax : +34-968-364151
30100 Murcia
Spain
Hi!
I have a problem. From a machine the mails returne back with the following
message:
---
Hi. This is the qmail-send program at my.machine.com
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<[EMAIL PROTECTED]>
Sorry, I couldn't find a mail exchanger or IP address. (#5.4.4)
---
foo.bar.com is an alias of foo1.bar.com:
% nslookup foo1.bar.com
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
Name: foo1.bar.com
Address: 10.10.10.10
Aliases: foo.bar.com
foo1.bar.com runs sendmail:
% telnet foo.bar.com 25
Trying 10.10.10.10...
Connected to foo1.bar.com
Escape character is '^]'.
220 foo.bar.com ESMTP Sendmail 8.8.5/8.8.5; Tue, 9 Mar 1999 13:04:24 +0100
^^^^^^^^^^^
If I send mail to foo1.bar.com than foo1.bar.com recieves it correctly, but
foo.bar.com doesn't.
What could be the problem?
--
Czéh István --- [EMAIL PROTECTED] --- http://www.hal.vein.hu/~isti
To get my PGP public key finger [EMAIL PROTECTED]
On Tue, 9 Mar 1999, Czeh Istvan wrote:
> % nslookup foo1.bar.com
> Server: localhost
> Address: 127.0.0.1
>
> Non-authoritative answer:
> Name: foo1.bar.com
> Address: 10.10.10.10
> Aliases: foo.bar.com
$ to doughnuts foo1.bar.com has something like:
foo1.bar.com IN CNAME foo.bar.com.
IN A 10.10.10.10
which isn't allowed. qmail will problalbly follow the CNAME to
foo.bar.com which then doesn't have an A record?
richard
The problems of the world can't be solved by fixing the working
C. Daniluk
Hi!
I'm running qmail-smtpd from xinetd, and now I need to allow SMTP relay for
the localhost.
I've read FAQ 5.4, and I configured xinetd like this:
service smtp
{
socket_type = stream
protocol = tcp
wait = no
instances = 32
flags = REUSE
user = qmaild
server = /usr/sbin/tcpd
server_args = /usr/local/qmail/bin/tcp-env /usr/local/qmail/bin/qmail-smtpd
}
In /etc/hosts.allow the RELAYCLIENT has been set:
tcp-env: 127.0.0.1 , 193.6.41.140 : setenv RELAYCLIENT
After all this if I try to telnet to the smtp port, qmail-smtpd doesn't
respond:
% telnet localhost 25
Trying 193.6.41.140...
Connected to hal2000.hal.vein.hu.
Escape character is '^]'.
^]
telnet>
Any suggestion?
--
Czéh István --- [EMAIL PROTECTED] --- http://www.hal.vein.hu/~isti
To get my PGP public key finger [EMAIL PROTECTED]
2nd send due to my stupidity of not giving it a real subject. I'm kind
of under the gun on this one, but I want to make sure I do it right...
Hey, I'm finally getting down to setting up this qmail box and I was
wondering if there were any suggestions on filesystem setup (inode
density, cylinder grouping, and cluster size, etc.) and RAID0+1 config
(stripping interval, etc.). I have my system drives (raid1) and my data
drives for the Maildirs (raid0+1) running on an e450 with Solaris 7 and
DiskSuite 4.2. Thanks.
--
Dan Laffin [EMAIL PROTECTED] Phone:(407)660-7900x249
Systems Administrator, MPINet Fax :(407)660-7848
[Pardon me; I sent this reply yesterday but it only went to Sam, who
didn't think much of it.]
Jason Haar <[EMAIL PROTECTED]> writes:
> On Mon, Mar 08, 1999 at 10:49:00PM +0000, Sam wrote:
> > How would you propose to handle the second and subsequent E-mail
> > messages that the sender might send, after the first one is
> > accepted by Qmail?
>
> Well that about sorts that problem out.
>
> I can't see how I can do what I want without patching qmail itself.
As Dan would say, "This is UNIX. Stop acting so helpless."
There are a handful of ways to do the above without patching
qmail. Remember that qmail-smtp reads stdin and writes stdout. In
short, it is a filter. Hence, for example, an expect wrapper along the
following lines would work:
#!/usr/bin/expect --
proc maybe_kill {addr} {
# Check $addr; if bogus, kill as follows:
send "QUIT\n"
send_user "550 Go away! You smell like spam."
}
spawn qmail-smtpd
interact {
-re "mail from:<(.*)>\r" maybe_kill $interact_out(1,string)
}
A similar skeleton can implement tarpitting, helo-host verification,
or almost anything.
Len.
--
46. Take all Admonitions thankfully in what Time or Place Soever given
but afterwards not being culpable take a Time & Place convenient to let
him him know it that gave them.
-- George Washington, "Rules of Civility & Decent Behaviour"
OK, by now I'm sure you've all heard about this thread that's
been going around about this program that connects to your
SMTP server, runs through a built in dictionary of addresses
verifying the validity of each address. It then takes the results
and sends emails to the ones it knows exists. It does something
like this.
On some other lists I'm on, people using Sendmail have been
going on and on about what can be done to fix it, why that fix
can cause other problems, blah, blah, blah. Me being the almighty
QMail supporter (notice I didn't say almighty QMail expert), decided
to put my $0.02 in about how QMail was better than Sendmail and
this spam program was an example of why QMail is better. Below,
you'll see a piece of the email I sent. I said that it was better because
it blindly acknowledges VRFY or RCPT requests. Then this guy emails
this response back (he's probably subscribed to this list).
I can see this guy's point, but I still feel that if you were subjected to
this attack, you'd be much better off with QMail than Sendmail, but I
can't really come up with any concrete facts as to why even though I'm
sure there are some. Does anyone know of any good reasons as to why
QMail is better suited to handle this attack? I'm sure there must be some
because no one on this list seems to worried about it.
Thanks,
Rick McMillin
I-Land Internet Services
-----Original Message-----
From: Bob Love <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Monday, March 08, 1999 6:30 PM
Subject: RE: Your SMTP is about to be abused!
>>Yep, we run QMail and have been very happy with it. We
>>also received this message and ran some tests (like trying
>>the VRFY command) and it looks like QMail is not susceptible
>>to this type of spam attack.
>>
>>From what I've seen, it looks like what this spam program does
>>is connect to your SMTP server and use the VRFY command
>>to check to see if a certain email address is valid at your domain.
>
>Huh? Non susceptible? Rick... wake up and smell the coffee...
>
>telnet mail.internetland.net 25
>
>220 newton.internetland.net ESMTP
>vrfy ricklist
>252 send some mail, i'll try my best
>vrfy xyzzy
>252 send some mail, i'll try my best
>vrfy kjhfksjfdf
>252 send some mail, i'll try my best
>mail from:[EMAIL PROTECTED]
>250 ok
>rcpt to:ricklist
>250 ok
>rcpt to: xyzzy
>250 ok
>rcpt to kjhfksjfdf
>250 ok
>
>I'd worry, if I were you. For a start the program we're all speaking about
>doesn't use vrfy it uses rcpt
>
>In both cases on your server, if you're attacked, it will respond with a
>positive (or semi-positive in the case of vrfy) answer for EVERY word in
>their dictionary. Let's say they have a 500,000 word dictionary (I have no
>idea what size they use). Shortly after the harvesting attack, you're going
>to get 500,000 spams flooding into your mailserver (or more likely 5000
>messages with 100 BCC: recipients each?).
>
>Please don't take this as a personal message (my server's not much better)
>but I think we all need to worry about this scummy piece of software. It's
>already been suggested round here it could be used by our competition to
>harvest and target our users (ISP market is very small and competitive
>here). There's a lot more nasty uses for this software than just spam...
;-(
>
>Regards
>
>Bob
>
>
>
>_________________ • The ISP-TECH Discussion List • _________________
> To Remove, Send an Email to: mailto:[EMAIL PROTECTED]
> To Join, Send an Email to: mailto:[EMAIL PROTECTED]
>
>Make your POPs easier, more efficient, and smarter with a RAS solution
>from Ariel. For a limited time buy one RAS server and get a second for
>free. http://www.ariel.com/241 or call (888) RAS-3407.
>
>
>
>
>
>
Rick McMillin <[EMAIL PROTECTED]> writes on 9 March 1999 at 09:30:22 -0600
> OK, by now I'm sure you've all heard about this thread that's
> been going around about this program that connects to your
> SMTP server, runs through a built in dictionary of addresses
> verifying the validity of each address. It then takes the results
> and sends emails to the ones it knows exists. It does something
> like this.
And qmail gives it a positive on every name it tries. This has
up-sides and down-sides. If everybody did this, the attack wouldn't
work at all and wouldn't be tried. It's sort-of like building one of
those infinite mazes of web-pages with invalid addresses on every page
to try to pollute the mailing lists of people harvesting web
addresses.
On the other hand, since people ARE trying this attack, it means
you'll be getting double-bounces on 500,000 pieces of spam soon, which
might not be so good.
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
On Tue, Mar 09, 1999 at 09:55:06AM -0600, [EMAIL PROTECTED] wrote:
> Rick McMillin <[EMAIL PROTECTED]> writes on 9 March 1999 at 09:30:22 -0600
> > OK, by now I'm sure you've all heard about this thread that's
> > been going around about this program that connects to your
> > SMTP server, runs through a built in dictionary of addresses
> > verifying the validity of each address. It then takes the results
> > and sends emails to the ones it knows exists. It does something
> > like this.
>
> And qmail gives it a positive on every name it tries. This has
> up-sides and down-sides. If everybody did this, the attack wouldn't
> work at all and wouldn't be tried. It's sort-of like building one of
> those infinite mazes of web-pages with invalid addresses on every page
> to try to pollute the mailing lists of people harvesting web
> addresses.
I may be giving them too much credit, but it's conceivable that this software
considers a 100 percent positive rate as meaning what it does mean--that the
results are meaningless. If that's the case, then qmail is immune to this
attack.
Chris
On Tue, Mar 09, 1999 at 11:01:52AM -0500, Chris Johnson wrote:
> I may be giving them too much credit,
I'm sure you do :-(
However, "Fred Lindberg" <[EMAIL PROTECTED]> pointed out to me
as an answer to my first post that there is a patch flying around
(probably at http://www.qmai.org/) allowing restriction of the number of
RCPT TOs within one single stream.
This may be of help.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | In a world without
Research & Development | mailto:[EMAIL PROTECTED] | walls and fences,
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | who needs
D-80807 Muenchen | Fax: +49 (89) 32356-299 | Windows and Gates?
Markus Stumpf wrote:
> However, "Fred Lindberg" <[EMAIL PROTECTED]> pointed out to me
> as an answer to my first post that there is a patch flying around
> (probably at http://www.qmai.org/) allowing restriction of the number of
> RCPT TOs within one single stream.
> This may be of help.
only problem with that is:
the software that they are talking about sends just one RCPT
TO request per stream. it opens up another connection to
brute force the possibility of existing addresses. (From
what I understand of all this)... All that needs to be done
to avoid this is to create a patch which has a variable or
something that can be set to threshold "denies" of invalid
requests. maybe even puts them in /etc/tcp.smtp 'addy':DENY
or something ;) heh
-Brad
On Wed, Mar 10, 1999 at 12:59:21AM -0700, Brad (Senior Systems Administrator -
Americanisp, LLC.) wrote:
> only problem with that is:
> the software that they are talking about sends just one RCPT
> TO request per stream. it opens up another connection to
> brute force the possibility of existing addresses. (From
> what I understand of all this)...
No it doesn't (at least as I read the description on the web page)
See
http://www.l8r.com/nwa/nwa1.htm
> All that needs to be done
> to avoid this is to create a patch which has a variable or
> something that can be set to threshold "denies" of invalid
> requests. maybe even puts them in /etc/tcp.smtp 'addy':DENY
> or something ;) heh
If it would behave "single streamed", your solution wouldn't work either,
as for an unpatched qmail-smtpd there isn't such a thing as "invalid
requests" if testing a dictionary with syntactically correct RCPT TO
lines against it.
If you patch qmail-smtpd to keep (centralized) track on incoming connections
per time period and lock out those which are over some threshold this
will probably work as long as you are not a bigger site with many users
subscribed to a mailing list that is distributed via qmail.
In the latter case you'll probably notice a similar behaviour.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | In a world without
Research & Development | mailto:[EMAIL PROTECTED] | walls and fences,
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | who needs
D-80807 Muenchen | Fax: +49 (89) 32356-299 | Windows and Gates?
Hi! I worked on Sam's idea and, instead of sed, I made up a little gawk
script to normalize the Date: field of messages. It works like a charm!
Note that:
1) It doesn't check for duplicate Date: fields, but it does add one if
the header comes to an end without one;
2) It renames the old Date: field to Client-Date:;
3) It adds "(server time)" at the end of the new Date: field
4) I couldn't extract an RFC-822-compliant string from strftime (that's
why the servertz variable). Anyone can tip me on how to do that?
-----------------------------------------------------------------------
#!/usr/bin/gawk -f
BEGIN {
inheader = 1;
datenotparsed = 0;
servertz = "-0300";
}
function printdate() {
print "Date: " strftime("%a, %e %h %Y %T ") servertz " (server
time)";
}
{
if ($0 == "")
{
inheader = 0;
if (datenotparsed)
printdate();
}
if (inheader)
{
if (substr($0, 1, 6) == "Date: ")
{
print "Client-" $0;
printdate();
datenotparsed = 0;
}
else
print $0;
}
else
print $0;
}
-----------------------------------------------------------------------
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Informática e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
Oops, line 4 should read
datenotparsed = 1;
Also, the way to use it (in ezmlm mailing lists) is to insert it in the
beginning of the ezmlm-send line in .qmail-xxx like that:
|/(your path)/ezmlm-send '/(your path)/(your list)'
becomes:
|/(your path)/redate.awk |/(your path)/ezmlm-send '/(your path)/(your
list)'
Cya,
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Informática e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
What was wrong with using reformail like
|reformail -i"Date: $(date) -0300 (server time)"|forward .....
Mate
On Tue, Mar 09, 1999 at 12:44:49PM -0300, Juan Carlos Castro y Castro wrote:
> Hi! I worked on Sam's idea and, instead of sed, I made up a little gawk
> script to normalize the Date: field of messages. It works like a charm!
> Note that:
>
> 1) It doesn't check for duplicate Date: fields, but it does add one if
> the header comes to an end without one;
>
> 2) It renames the old Date: field to Client-Date:;
>
> 3) It adds "(server time)" at the end of the new Date: field
>
> 4) I couldn't extract an RFC-822-compliant string from strftime (that's
> why the servertz variable). Anyone can tip me on how to do that?
>
> -----------------------------------------------------------------------
> #!/usr/bin/gawk -f
> BEGIN {
> inheader = 1;
> datenotparsed = 0;
> servertz = "-0300";
> }
>
> function printdate() {
> print "Date: " strftime("%a, %e %h %Y %T ") servertz " (server
> time)";
> }
>
> {
> if ($0 == "")
> {
> inheader = 0;
> if (datenotparsed)
> printdate();
> }
>
> if (inheader)
> {
> if (substr($0, 1, 6) == "Date: ")
> {
> print "Client-" $0;
> printdate();
> datenotparsed = 0;
> }
> else
> print $0;
> }
> else
> print $0;
> }
> -----------------------------------------------------------------------
>
> --
> ___THE___ One man alone cannot fight the future. USE LINUX!
> \ \ / / _______________________________________________
> \ V / |Juan Carlos Castro y Castro |
> \ / |[EMAIL PROTECTED] |
> / \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
> / ^ \ |Diretor de Informática e Eventos Sobrenaturais |
> / / \ \ |da E-RACE CORPORATION |
> ~~~ ~~~ -----------------------------------------------
> RACER
--
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
Mate Wierdl wrote:
>
> What was wrong with using reformail like
>
> |reformail -i"Date: $(date) -0300 (server time)"|forward .....
I didn't know this thing existed. Where can I find it?
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Informática e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
On Tue, Mar 09, 1999 at 03:01:40PM -0300, Juan Carlos Castro y Castro wrote:
> Mate Wierdl wrote:
> >
> > What was wrong with using reformail like
> >
> > |reformail -i"Date: $(date) -0300 (server time)"|forward .....
>
> I didn't know this thing existed. Where can I find it?
It is part of Sam's maildrop package; perhaps there is a URL at
www.qmail.org. It is very similar to formail of the procmail package. So
you could also use
|formail -f -i"Date: $(date) -0300 (server time)"|
--
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
Mate Wierdl writes:
> > > |reformail -i"Date: $(date) -0300 (server time)"|forward .....
> >
> > I didn't know this thing existed. Where can I find it?
>
> It is part of Sam's maildrop package; perhaps there is a URL at
> www.qmail.org. It is very similar to formail of the procmail package. So
> you could also use
>
> |formail -f -i"Date: $(date) -0300 (server time)"|
In fact, it's identical. The only difference is that overall my options
are slightly better organized.
--
Sam
In fact, it's identical. The only difference is that overall my options
are slightly better organized.
There is just one thing which I miss in reformail: capitalization of
header fields matter:
Run
echo Date: okidoki| formail -f -Idate
echo Date: okidoki| reformail -Idate
Mate
Mate Wierdl writes:
> In fact, it's identical. The only difference is that overall my options
> are slightly better organized.
>
> There is just one thing which I miss in reformail: capitalization of
> header fields matter:
> Run
>
> echo Date: okidoki| formail -f -Idate
>
> echo Date: okidoki| reformail -Idate
Ugly formail syntax that people should not be using.
formail -f -Idate just happens to do the same thing as formail -f -Idate:
And that happens to be the same thing that reformail -Idate: does.
--
Sam
Is there any way to make qmail try delivery of a message _once_, and if that fails
(as in 'deferred', not 'bounced'), have qmail forward the message to a fixed relay?
Greetz, Peter.
--
.| Peter van Dijk | <mo|VERWEG> stoned worden of coden
.| [EMAIL PROTECTED] | <mo|VERWEG> dat is de levensvraag
| <mo|VERWEG> coden of stoned worden
| <mo|VERWEG> stonend worden En coden
| <mo|VERWEG> hmm
| <mo|VERWEG> dan maar stoned worden en slashdot lezen:)
On Tue, 9 Mar 1999 [EMAIL PROTECTED] wrote:
-| On Tue, Mar 09, 1999 at 09:56:41AM +0100, Peter van Dijk wrote:
-| > rephrase: no bugs have been found... after the amount of bugs found in previous
-| > qpopper releases, I don't trust it.
-|
-| okay (:
-| right you are ... the only thing that makes me use it anyways is it`s
-| bulletinboard feature ...
can you describe the feature?
_ __ _____ __ _________
______________ /_______ ___ ____ /______ John Gonzalez/Net.Tech
__ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC!
_ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052
/_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com
[---------------------------------------------[system info]-----------]
12:20pm up 32 days, 19:00, 2 users, load average: 0.04, 0.06, 0.01
This would be the same feature supplied in the popbull patch to
qmail-pop3d available on the qmail.org web site(s). Namely,
the ability to send a mail bulletin to all users without the need to
deliver a unique message to each mailbox. I find it quite useful.
Aaron
Quoting John Gonzalez/netMDC admin ([EMAIL PROTECTED]):
> On Tue, 9 Mar 1999 [EMAIL PROTECTED] wrote:
>
> -| On Tue, Mar 09, 1999 at 09:56:41AM +0100, Peter van Dijk wrote:
> -| > rephrase: no bugs have been found... after the amount of bugs found in previous
> -| > qpopper releases, I don't trust it.
> -|
> -| okay (:
> -| right you are ... the only thing that makes me use it anyways is it`s
> -| bulletinboard feature ...
>
> can you describe the feature?
has anyone messed with the popbull feature with virtual domains or the
vmailmgrd patch?
On Tue, 9 Mar 1999, Aaron L. Meehan wrote:
-| This would be the same feature supplied in the popbull patch to
-| qmail-pop3d available on the qmail.org web site(s). Namely,
-| the ability to send a mail bulletin to all users without the need to
-| deliver a unique message to each mailbox. I find it quite useful.
-|
-| Aaron
-|
-| Quoting John Gonzalez/netMDC admin ([EMAIL PROTECTED]):
-| > On Tue, 9 Mar 1999 [EMAIL PROTECTED] wrote:
-| >
-| > -| On Tue, Mar 09, 1999 at 09:56:41AM +0100, Peter van Dijk wrote:
-| > -| > rephrase: no bugs have been found... after the amount of bugs found in
previous
-| > -| > qpopper releases, I don't trust it.
-| > -|
-| > -| okay (:
-| > -| right you are ... the only thing that makes me use it anyways is it`s
-| > -| bulletinboard feature ...
-| >
-| > can you describe the feature?
-|
_ __ _____ __ _________
______________ /_______ ___ ____ /______ John Gonzalez/Net.Tech
__ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC!
_ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052
/_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com
[---------------------------------------------[system info]-----------]
12:25pm up 32 days, 19:05, 2 users, load average: 0.03, 0.05, 0.00
On Tue, Mar 09, 1999 at 10:04:56AM -0800, Aaron L. Meehan wrote:
> This would be the same feature supplied in the popbull patch to
> qmail-pop3d available on the qmail.org web site(s). Namely,
> the ability to send a mail bulletin to all users without the need to
> deliver a unique message to each mailbox. I find it quite useful.
[ssnip]
> > can you describe the feature?
[ssnip]
I think the following is worth posting to make the idea really clear:
-----
4.3) How does bulletins work :
During POP session after the authentication by user, server
copies the bulletins placed in the BULLDIR in to the users
message spool. Server would figure out the last bulletin
read by user by placing under users home directory ~/.popbull
the last bulletin number read. Any bulletin in the BULLDIR
with number greater than the one in ~/.popbull would
be copied to users message spool.
----
it works for qpopper, what`s about qmail`s popper - can it do that way too?
Or it will send to new user old bulls too?
Oh! on systems with no homedirs it is possible to keep a DB of user:latest
bull recieved ...
Pashah
--
http://www.spb.sitek.net/~pashah/public-key-0x97739141.pgp
Well, the qmail popbull patch works a bit differently, since it counts
on the access time of the user's Maildir vs the creation time of the
actual bulletin file to determine whether they should get the bulletin
(as far as I can remember).
I'm wondering which method I prefer now. One drawback of the access
time method is that if the user accesses the mail in another fashion
(we have a imap webmail gateway, for example), or if a technician
needs to access the customer's mail for some reason, then the access
time of the Maildir has been modified and they will never get the
bulletin.. I'll ponder what to do.. One drawback of the ~/.popbull
method would be a few thousand more inodes used.. among other things.
Aaron
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]):
> 4.3) How does bulletins work :
> During POP session after the authentication by user, server
> copies the bulletins placed in the BULLDIR in to the users
> message spool. Server would figure out the last bulletin
> read by user by placing under users home directory ~/.popbull
> the last bulletin number read. Any bulletin in the BULLDIR
> with number greater than the one in ~/.popbull would
> be copied to users message spool.
> ----
>
> it works for qpopper, what`s about qmail`s popper - can it do that way too?
> Or it will send to new user old bulls too?
same thing, over again
end
-------------------------------------------------
Greg Albrecht Safari Internet
System Administrator Fort Lauderdale, FL
[EMAIL PROTECTED] www.safari.net
+1[888|954]537-9550
-------------------------------------------------
---------- Forwarded message ----------
Date: Mon, 8 Mar 1999 12:13:22 -0700
From: Brett Glass <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: SMTP server account probing
Several ISPs throughout the Net are reporting an attack described at
http://www.l8r.com/nwa/nwa1.htm
In this attack, an SMTP server is probed for common names, presumably
so that spam can the be targeted at them. The attacking machine
connects and issues hundreds of RCPT TO: commands, searching a long
list of common user names (e.g. susan) for ones that don't cause
errors. It then compiles a list of target addresses to spam.
Unfortunately, the attack -- besides allowing the perpetrator to spam
users -- also brings SMTP servers to their knees. This happens most
often if the server maintains lists of user names in a database where
looking up a name requires substantial disk activity or computational
overhead.
Some people whose domain names have been hard-coded into a commercial
program designed to implement this attack have responded with outrage,
e.g.
http://www.junk.org/earthonline/
I'm surprised that I haven't seen this one on the Bugtraq list yet.
--Brett Glass
Hi,
Sendmail has some neat features for handling virtual domains, and it all
got a whole lot easier with the introduction of virtusertable in 8.9.0. I'm
running over 2000 virtual domains under sendmail and make use of four
rewrite rules in virtusertable:
@wibble.com wibble.pop3
=> deliver mail addressed to *any* user @wibble.com into the POP3 mailbox
called wibble.pop3.
@wibble.com %1.wibble
=> deliver mail addressed to [EMAIL PROTECTED] into the POP3 mailbox
someuser.wibble. That is, take the user and add ".wibble" to form the
mailbox name.
@wibble.com [EMAIL PROTECTED]
=> deliver mail addressed to any user @wibble.com to [EMAIL PROTECTED] I do
not handle mail for the wobble.net domain.
@wibble.com [EMAIL PROTECTED]
=> deliver mail addressed to [EMAIL PROTECTED] to [EMAIL PROTECTED] I
do not handle mail for the wobble.net domain.
Now sendmail is big and slow and I'd really like to move to qmail. However
I'm having a hard time figuring out how I'm going to handle these four
rewrite rules using qmail. Can anyone help?
Thanks,
Simon.
Look into qmail-users. It handles all the situations bellow (except for the
last one that im not sure about).
On 09-Mar-99 Simon Rainey wrote:
> Hi,
>
> Sendmail has some neat features for handling virtual domains, and it all
> got a whole lot easier with the introduction of virtusertable in 8.9.0. I'm
> running over 2000 virtual domains under sendmail and make use of four
> rewrite rules in virtusertable:
>
> @wibble.com wibble.pop3
>
> => deliver mail addressed to *any* user @wibble.com into the POP3 mailbox
> called wibble.pop3.
>
> @wibble.com %1.wibble
>
> => deliver mail addressed to [EMAIL PROTECTED] into the POP3 mailbox
> someuser.wibble. That is, take the user and add ".wibble" to form the
> mailbox name.
>
> @wibble.com [EMAIL PROTECTED]
>
> => deliver mail addressed to any user @wibble.com to [EMAIL PROTECTED] I do
> not handle mail for the wobble.net domain.
>
> @wibble.com [EMAIL PROTECTED]
>
> => deliver mail addressed to [EMAIL PROTECTED] to [EMAIL PROTECTED] I
> do not handle mail for the wobble.net domain.
>
> Now sendmail is big and slow and I'd really like to move to qmail. However
> I'm having a hard time figuring out how I'm going to handle these four
> rewrite rules using qmail. Can anyone help?
>
> Thanks,
> Simon.
---
Pedro Melo <[EMAIL PROTECTED]>
IP - Engenharia de Rede <http://ip.pt/>
Av. Duque de Avila, 23, 1049-071 LISBOA - PORTUGAL
tel: +351 1 3166740/00 (24h/dia) - fax: +351 1 3166701
On Tue, Mar 09, 1999 at 07:29:41PM -0000, Pedro Melo wrote:
# Look into qmail-users. It handles all the situations bellow (except for the
# last one that im not sure about).
the last one can be done quite easily with a virtual address sent to
.qmail-wibble-default
|forward "$LOCAL"@wobble.net
#
# On 09-Mar-99 Simon Rainey wrote:
# > Hi,
# >
# > Sendmail has some neat features for handling virtual domains, and it all
# > got a whole lot easier with the introduction of virtusertable in 8.9.0. I'm
# > running over 2000 virtual domains under sendmail and make use of four
# > rewrite rules in virtusertable:
# >
# > @wibble.com wibble.pop3
# >
# > => deliver mail addressed to *any* user @wibble.com into the POP3 mailbox
# > called wibble.pop3.
# >
# > @wibble.com %1.wibble
# >
# > => deliver mail addressed to [EMAIL PROTECTED] into the POP3 mailbox
# > someuser.wibble. That is, take the user and add ".wibble" to form the
# > mailbox name.
# >
# > @wibble.com [EMAIL PROTECTED]
# >
# > => deliver mail addressed to any user @wibble.com to [EMAIL PROTECTED] I do
# > not handle mail for the wobble.net domain.
# >
# > @wibble.com [EMAIL PROTECTED]
# >
# > => deliver mail addressed to [EMAIL PROTECTED] to [EMAIL PROTECTED] I
# > do not handle mail for the wobble.net domain.
# >
# > Now sendmail is big and slow and I'd really like to move to qmail. However
# > I'm having a hard time figuring out how I'm going to handle these four
# > rewrite rules using qmail. Can anyone help?
# >
# > Thanks,
# > Simon.
#
# ---
# Pedro Melo <[EMAIL PROTECTED]>
# IP - Engenharia de Rede <http://ip.pt/>
# Av. Duque de Avila, 23, 1049-071 LISBOA - PORTUGAL
# tel: +351 1 3166740/00 (24h/dia) - fax: +351 1 3166701
--
/- [EMAIL PROTECTED] --------------- [EMAIL PROTECTED] -\
|Justin Bell NIC:JB3084| Time and rules are changing. |
|Pearson | Attention span is quickening. |
|Developer | Welcome to the Information Age. |
\-------- http://www.superlibrary.com/people/justin/ ----------/
I'm operating a system that doesn't need the reliability that queueing
affords - speed is all that counts, because after 10 minutes any email that
hasn't gotten out is out-of-date and worthless - such is the unique nature
of our system. Since I've got to get out 10,000 emails in a few minutes,
I'm finding that the hard disk is the massive bottleneck in achieving this.
I'm running Solaris and am looking at the possibility of having the queue on
tmpfs so it's in RAM. Of course, on reboot or crash the directory structure
would be gone.. how much of this directory structure does qmail expect to
find, and how much of it will it create on the fly? Any other suggestions?
Paul Watkins
______________________________
Paul I. Watkins
MCSE, OCDBA, CCTT
Systems / Network Engineer
Oracle / MS SQL Server DBA
phone: 219-291-0520
fax: 219-291-0524
email: [EMAIL PROTECTED]
web: http://www.cs-int.com
Client/Server Integrators, Inc
19575 Brick Road
South Bend, IN 46637
______________________________
On Tue, Mar 09, 1999 at 02:21:12PM -0500, Paul Watkins wrote:
> I'm operating a system that doesn't need the reliability that queueing
> affords - speed is all that counts, because after 10 minutes any email that
> hasn't gotten out is out-of-date and worthless - such is the unique nature
> of our system. Since I've got to get out 10,000 emails in a few minutes,
> I'm finding that the hard disk is the massive bottleneck in achieving this.
> I'm running Solaris and am looking at the possibility of having the queue on
> tmpfs so it's in RAM. Of course, on reboot or crash the directory structure
> would be gone.. how much of this directory structure does qmail expect to
> find, and how much of it will it create on the fly? Any other suggestions?
RAID 1+0, or Solid State Disk (SSD).
In the case of needing the queue to sync as quickly as possible, I'd
look into SSD from Quantum as /var/qmail/queue. Under $10K.
--
John White johnjohn
at
triceratops.com
PGP Public Key: http://www.triceratops.com/john/public-key.pgp
I'm finding that the hard disk is the massive bottleneck in achieving this.
I'm running Solaris and am looking at the possibility of having the queue on
tmpfs so it's in RAM. Of course, on reboot or crash the directory structure
would be gone.. how much of this directory structure does qmail expect to
find, and how much of it will it create on the fly? Any other suggestions?
I'm assuming that you'll mount the tmpfs as /var/qmail/queue. After
mounting, before running qmail-start, just run "make setup" from the
qmail source directory. That will give you a clean queue.
-- Jeff Hayward
Hi there,
We try to log smtpd and pop3d transaction using cyclog. For some reason,
it refuses sending the stderr to cyclog. I do put 2>&1 to my script.
In /etc/init.d/qmail-smtpd, it looks like:
supervise /var/lock/qmail-smtpd tcpserver -v -c60 -u51 -g50 -b20 0
smtp \
/var/qmail/bin/qmail-smtpd 2>&1 \
| setuser qmaill accustamp \
| setuser qmaill supervise /var/lock/qmail-smtpd-cyclog cyclog \
-s 1000000 /var/log/qmail/qmail-smtpd &
It only logs the successful messages via cyclog, it logs errors to
/var/log/syslog (maillog for Solaris)
In the /etc/init.d/qmail-pop3d, it looks like:
supervise /var/lock/qmail-pop3d tcpserver 0 pop-3
/var/qmail/bin/qmail-popup \
gateway.dakotacom.net checkpassword qmail-popbull
/var/qmail/bulletins \
/var/qmail/bin/qmail-pop3d Maildir 2>&1 | setuser qmaill
accustamp
\
| setuser qmaill supervise /var/lock/qmail-pop3d-cyclog cyclog \
-s 1000000 /var/log/qmail/qmail-pop3d &
I got no log info at all. The file sizes are all zero.
Any suggestions are welcomed.
Thanks a lot.
--George
I know that this is partially off-topic, but does anyone know how
reliable the Maildir support in qmail-imap (the imap server from UW, the
Maildir patches from Mattias Larsson) is?
While testing I found 2 bugs:
* I could not move messages from a Maildir into a mbox file (Netscape
client, not thoroughly tested)
* I could not move/rename Maildirs (I've sent a fix to Mattias)
I would like to switch to qmail+IMAP+Maildir, but I can't do that unless
I'm sure that this is stable.
Thanks,
Manfred
