qmail Digest 16 Mar 1999 11:00:00 -0000 Issue 581
Topics (messages 22971 through 23016):
dot-qmail security
22971 by: Matthias Pigulla <[EMAIL PROTECTED]>
22972 by: Markus Stumpf <[EMAIL PROTECTED]>
22978 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
22981 by: Markus Stumpf <[EMAIL PROTECTED]>
22982 by: Dave Sill <[EMAIL PROTECTED]>
22983 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
22987 by: Markus Stumpf <[EMAIL PROTECTED]>
23002 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23003 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
23004 by: Mark Delany <[EMAIL PROTECTED]>
23010 by: Brian Reichert <[EMAIL PROTECTED]>
How to reject spam mail?
22973 by: "Jose de Leon" <[EMAIL PROTECTED]>
22976 by: [EMAIL PROTECTED]
22998 by: "Sam" <[EMAIL PROTECTED]>
23000 by: "Richard Shetron" <[EMAIL PROTECTED]>
round robin rcpt's
22974 by: xs <[EMAIL PROTECTED]>
22979 by: Markus Stumpf <[EMAIL PROTECTED]>
22993 by: Kai MacTane <[EMAIL PROTECTED]>
23013 by: Anand Buddhdev <[EMAIL PROTECTED]>
Single UID, and .qmail-default
22975 by: [EMAIL PROTECTED] (Giulio Orsero)
question...
22977 by: Donna Phillips <[EMAIL PROTECTED]>
22980 by: Stefan Paletta <[EMAIL PROTECTED]>
mini-bounce
22984 by: Samuel Dries-Daffner <[EMAIL PROTECTED]>
22986 by: Stefan Paletta <[EMAIL PROTECTED]>
Handling of dead remote hosts
22985 by: Steven Levis <[EMAIL PROTECTED]>
Qmail Server and client
22988 by: "Subba Rao" <[EMAIL PROTECTED]>
22990 by: Justin Bell <[EMAIL PROTECTED]>
ezmlm and "delay notifies" (was: Re: mini-bounce)
22989 by: Markus Stumpf <[EMAIL PROTECTED]>
22994 by: Peter van Dijk <[EMAIL PROTECTED]>
22995 by: Scott Schwartz <[EMAIL PROTECTED]>
22996 by: Peter van Dijk <[EMAIL PROTECTED]>
22997 by: Justin Bell <[EMAIL PROTECTED]>
local-local test
22991 by: Enrico Mangano <[EMAIL PROTECTED]>
22999 by: Enrico Mangano <[EMAIL PROTECTED]>
vsm -> /Maildir/ migration script
22992 by: [EMAIL PROTECTED]
23015 by: "Roman V. Isaev" <[EMAIL PROTECTED]>
[LONG QUOTE] Re: dot-qmail security
23001 by: "Scott D. Yelich" <[EMAIL PROTECTED]>
Back-up scheme, 2 qmail servers
23005 by: Eric Dahnke <[EMAIL PROTECTED]>
23006 by: Andy Walden <[EMAIL PROTECTED]>
A problem with /var/qmail/rc
23007 by: Cris Daniluk <[EMAIL PROTECTED]>
23008 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
procmail/qmail error in log
23009 by: "Donald Chan" <[EMAIL PROTECTED]>
Fwd: round robin rcpt's
23011 by: Guy Antony Halse <[EMAIL PROTECTED]>
cancel <[EMAIL PROTECTED]>
23012 by: Robin Bowes <[EMAIL PROTECTED]>
Should tcpserver block connections once conccurrency has been reached
23014 by: Yusuf Goolamabbas <[EMAIL PROTECTED]>
CNAME_
23016 by: RJP <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Sorry guys,
I haven't had a possibility to follow this thread so far - so maybe I'm
off topic, please excuse me.
If I see things right the issue is to prevent users from using their
.qmail files to pipe data into a shell.
I can see from the thread that it is very difficult to bypass the
situation - restriciting access to .qmail files is unwanted, new files
could be installed etc. pp...
So what about introducing a new qmail feature that allows to control the
use of pipe commands? I know that this might be too drastic, but it was
just a quick idea.
Maybe a check in qmail-local (I think that's the place where to decide
it) wheter a user is allowed to have | commands in his .qmail files.
There could be a configuration file in a root- (or postmaster- or
whatever-)only directory (/var/qmail/controls?), containing a list of
users _not allowed_ to use pipe commands - similar as /etc/ftpusers on
some Linux systems, restricting users from logging in via ftp.
Matthias
--
w e b f a c t o r y | matthias pigulla
www.webfactory.de [EMAIL PROTECTED]
( I am replying to the initial message as the "idea" is completely
different to what we had before).
On Sun, Mar 14, 1999 at 07:38:17PM +0100, Joel Eriksson wrote:
> Is it possible to restrict dot-qmail capabilities for some users and allow
> it for others. I have not found any info on this in the FAQ / README / etc.
How about using the qmail-users feature and redirecting delivery
instructions out of the $HOME directory to something out of reach
for the customer.
Put up a simple HTML form with CGI-support that checks the input and modifies
the .qmail file.
Benefit is that you have kind of absolute control of what users are
allowed to put in "their" .qmail files and benefit for the user is
that he can establish e.g. forwards without knowing anything about qmail.
Thus you can also allow the user to run a autoresponder (which would
need to have execution of programs enabled).
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | In a world without
Research & Development | mailto:[EMAIL PROTECTED] | walls and fences,
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | who needs
D-80807 Muenchen | Fax: +49 (89) 32356-299 | Windows and Gates?
Matthias Pigulla wrote:
>
> Sorry guys,
>
> So what about introducing a new qmail feature that allows to control the
> use of pipe commands? I know that this might be too drastic, but it was
> just a quick idea.
Another solution (more elegant in my modest opinion) would be to
establish this: if there is a user named johndoe AND there is a file
~alias/.qmail-johndoe, use this one and never EVER look for anything at
~johndoe/ -- not even for recipients like [EMAIL PROTECTED]
Shouldn't be too hard to patch qmail's current version for this.
Cya,
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Informática e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
On Mon, Mar 15, 1999 at 05:17:37PM -0300, Juan Carlos Castro y Castro wrote:
> Another solution (more elegant in my modest opinion) would be to
> establish this: if there is a user named johndoe AND there is a file
> ~alias/.qmail-johndoe, use this one and never EVER look for anything at
> ~johndoe/ -- not even for recipients like [EMAIL PROTECTED]
>
> Shouldn't be too hard to patch qmail's current version for this.
Isn't that what the "qmail-users" mechanism is there for?
But it would fix in no way the problems in this thread.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | In a world without
Research & Development | mailto:[EMAIL PROTECTED] | walls and fences,
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | who needs
D-80807 Muenchen | Fax: +49 (89) 32356-299 | Windows and Gates?
Brad Shelton <[EMAIL PROTECTED]> wrote:
>
>All you have to do is create it as root and make it readable by the mail
>process for the user. They can read it, but they can't replace it.
Not true. If the user can write the directory, they can replace it.
-Dave
Markus Stumpf wrote:
>
> On Mon, Mar 15, 1999 at 05:17:37PM -0300, Juan Carlos Castro y Castro wrote:
> > Another solution (more elegant in my modest opinion) would be to
> > establish this: if there is a user named johndoe AND there is a file
> > ~alias/.qmail-johndoe, use this one and never EVER look for anything at
> > ~johndoe/ -- not even for recipients like [EMAIL PROTECTED]
> >
> > Shouldn't be too hard to patch qmail's current version for this.
>
> Isn't that what the "qmail-users" mechanism is there for?
>
> But it would fix in no way the problems in this thread.
Maybe it would be too much for the person who originally brought the
question, because users would be unable to do anything with their .qmail
while what the guy wanted was only to prevent them from running
programs. But I fail to see why the problem wouldn't be solved.
About qmail-users (correct me if I'm wrong): the only difference I see
between it and the forwarding feature in .qmail is the former is capable
to assign file names which are independent of the alias name (i.e.
.qmail-blah could be capable of defining rules for an address other than
user-blah).
Cya,
--
___THE___ One man alone cannot fight the future. USE LINUX!
\ \ / / _______________________________________________
\ V / |Juan Carlos Castro y Castro |
\ / |[EMAIL PROTECTED] |
/ \ |Linuxeiro, alvinegro, X-Phile e Carioca Folgado|
/ ^ \ |Diretor de Informática e Eventos Sobrenaturais |
/ / \ \ |da E-RACE CORPORATION |
~~~ ~~~ -----------------------------------------------
RACER
On Mon, Mar 15, 1999 at 05:36:16PM -0300, Juan Carlos Castro y Castro wrote:
> About qmail-users (correct me if I'm wrong): the only difference I see
> between it and the forwarding feature in .qmail is the former is capable
> to assign file names which are independent of the alias name (i.e.
> .qmail-blah could be capable of defining rules for an address other than
> user-blah).
I frequently use the following /var/qmail/users/assign file:
------------------------------------------------------------------------
+:alias:100:101:/var/qmail/alias:-::
.
------------------------------------------------------------------------
Thus, ALL mail on that system will be controlled via instructions
in /var/qmail/alias/
The .qmail-default file therin contains
------------------------------------------------------------------------
|forward "$LOCAL"@space.net
------------------------------------------------------------------------
I use this mainly on our servers, so that (local) mail to user@localhost
gets sent to our central "mailhub" without forcing each user to have
a .qmail file in his/her $HOME.
You can create .qmail-firstuser, .qmail-seconduser, .qmail-NTHuser
to handle email for firstuser, seconduser, ...
Checking for $HOME/.qmail is disabled for all users, because of the
wildcard match for "any" in /var/qmail/users/assign.
With the above create a .qmail-user file for every user. If there
is no .qmail-user-default then addresses like .qmail-user-blah
won't work (will bounce).
Additionally create a .qmail-default file which handles delivery
for .qmail-user-blah or users without a .qmail-user file (i.e.
forward them to postmaster, drop them to /dev/null, bounce them with
an error message, just as you like).
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | In a world without
Research & Development | mailto:[EMAIL PROTECTED] | walls and fences,
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | who needs
D-80807 Muenchen | Fax: +49 (89) 32356-299 | Windows and Gates?
> It's really only a problem for sites that are small enough to have all of a
> users home characteristics on one system. As soon as mail delivery is placed
> on a dedicated service away from, eg, public_html, the problem goes away.
> Until that time, they have to do work to ensure that the .qmail files cannot
> be tampered with by the user if that's what they want to restrict.
The issue is: Should users be able to modify/add their .qmail files.
Qmail seems to advertise this as a feature. Fine, it's a feature.
There is no problem when users are not allowed to modify (their) .qmail
files -- they can be owner protected (just not placed where the user has
write perms).
The issue is: Fine, users should be able to modify their .qmail files --
but they should not be able to pipe to a shell or other command.
There have been several solutions to this. Personally, I think all of
them do not go far enough. The easiest solution in my mind would be
that the email could not be piped to an arbitrary program unless it had
a certain group permission (ie: some group "qmail" something -- there
are enough of them, using one or having one more doesn't seem like it
would hurt).
What this allows is for the base qmail system to run and for piping to
be allowed on a per case basis. Then, if the piped command ever changes
and/or is full of holes, so be it.
The next step or alternative choice would be for a program not to run
unless it's registered in /var/qmail/blah/pipekeys where digical
signatures of the target pipe program are stored. If the digital
signature changes, then the pipe is not allowed. This would most likely
skip the group perms, but it would allow for a per pip check and
enabling.
Scott
ps: No, I do not have and do not plan to code either of these.
> That you think qmail-local has some divine way of knowing what exactly you
> wish to constrain is endowing it with too much prescience.
Not really. Have it look up digital signatures for programs it runs.
If the signature is missing or has changed, don't run the program.
Not all digital signatures need to be resource intensive so
I don't want to hear about hurting qmail's efficiency.
Scott
At 06:25 PM 3/15/99 -0700, Scott D. Yelich wrote:
>> That you think qmail-local has some divine way of knowing what exactly you
>> wish to constrain is endowing it with too much prescience.
>
>
>Not really. Have it look up digital signatures for programs it runs.
>If the signature is missing or has changed, don't run the program.
Yep. In Unixland we call them permissions.
You don't want the user to be able to run the program, permission the
program/directory away from them. Unix has all the capabilities needed to
control access on the filesystem, I wouldn't expect that qmail should need
to invent any more.
Regards.
On Mon, Mar 15, 1999 at 06:20:46PM -0700, Scott D. Yelich wrote:
> The issue is: Fine, users should be able to modify their .qmail files --
> but they should not be able to pipe to a shell or other command.
Did I miss anything? Why noy just have qmail-local chroot, and
hand-craft a ~/bin directory for the users?
--
Brian 'you Bastard' Reichert [EMAIL PROTECTED]
37 Crystal Ave. #303 Current daytime number: (603)-434-6842
Derry NH 03038-1713 USA Intel architecture: the left-hand path
Could somebody please give me some ideas on what is best way to reject spam
mail?
I've scanned the QMail home page and although I've seen several patches, I'm
not sure what is best for me.
Thanks,
Jose
IMHO rblsmtpd + restrictive relay, should help a lot.
On Mon, Mar 15, 1999 at 10:16:56AM -0800, Jose de Leon wrote:
> Could somebody please give me some ideas on what is best way to reject spam
> mail?
> I've scanned the QMail home page and although I've seen several patches, I'm
> not sure what is best for me.
Pashah
--
http://www.spb.sitek.net/~pashah/public-key-0x97739141.pgp
Jose de Leon writes:
> Could somebody please give me some ideas on what is best way to reject spam
> mail?
>
> I've scanned the QMail home page and although I've seen several patches, I'm
> not sure what is best for me.
The best spam filter is the one that you write yourself, based upon the
kind of E-mail and the kind of spam you typically receive.
If you would like to be handed a ready-made solution on a platter, without
any additional effort on your part, you will be sorely disappointed with
anything that claims to achieve that.
--
Sam
Peronally, I'd like something with some basic trn type ability for
regular expressions.
[EMAIL PROTECTED]/ih case insensitive, only check headers
[EMAIL PROTECTED]/h only check headers
/make money fast/i only check subject line
/Extractor-Pro/a check entire message
reject on a match with a syslog entry, ie
new message...
info message...
rejected matched [pattern matched]
> Jose de Leon writes:
>
> > Could somebody please give me some ideas on what is best way to reject spam
> > mail?
> >
> > I've scanned the QMail home page and although I've seen several patches, I'm
> > not sure what is best for me.
>
> The best spam filter is the one that you write yourself, based upon the
> kind of E-mail and the kind of spam you typically receive.
>
> If you would like to be handed a ready-made solution on a platter, without
> any additional effort on your part, you will be sorely disappointed with
> anything that claims to achieve that.
>
> --
> Sam
>
>
--
Richard Shetron [EMAIL PROTECTED] [EMAIL PROTECTED]
What is the Meaning of Life?
There is no meaning,
It's just a consequence of complex carbon based chemistry; don't worry about it
The Super 76, "Free Aspirin and Tender Sympathy", Las Vegas Strip.
hey all,
i was wondering if anyone knew of a package that did this, or perhaps
something qmail might allready have that will round robin messages to
different rcpt's, for example:
/var/qmail/alias/.qmail-support:
&[EMAIL PROTECTED]
&[EMAIL PROTECTED]
&[EMAIL PROTECTED]
so for each message to [EMAIL PROTECTED], it is delivered to those three
people, what i would like to do is have every other message goto
every other person, so msg1 goes to tech1, msg2 goes to tech2, msg3 goes
to tech3, msg4 goes to tech1, and so on...
thanks
end
-------------------------------------------------
Greg Albrecht Safari Internet
System Administrator Fort Lauderdale, FL
[EMAIL PROTECTED] www.safari.net
+1[888|954]537-9550
-------------------------------------------------
On Mon, Mar 15, 1999 at 01:18:34PM -0500, xs wrote:
> /var/qmail/alias/.qmail-support:
> &[EMAIL PROTECTED]
> &[EMAIL PROTECTED]
> &[EMAIL PROTECTED]
>
> so for each message to [EMAIL PROTECTED], it is delivered to those three
> people, what i would like to do is have every other message goto
> every other person, so msg1 goes to tech1, msg2 goes to tech2, msg3 goes
> to tech3, msg4 goes to tech1, and so on...
How about a "randomized" approach?
Get a kind of random number (maybe date '+%s') and if this number
modulo 3 is (0,1,2) deliver it via condredirect to (tech1, tech2, tech3) ?
This is no exact "round robin" but in the long term it kinda is.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | In a world without
Research & Development | mailto:[EMAIL PROTECTED] | walls and fences,
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | who needs
D-80807 Muenchen | Fax: +49 (89) 32356-299 | Windows and Gates?
Text written by xs at 01:18 PM 3/15/99 -0500:
>
>so for each message to [EMAIL PROTECTED], it is delivered to those three
>people, what i would like to do is have every other message goto
>every other person, so msg1 goes to tech1, msg2 goes to tech2, msg3 goes
>to tech3, msg4 goes to tech1, and so on...
My quickie solution would be something like this (untested code follows!):
.qmail-support:
&[EMAIL PROTECTED]
|/usr/local/bin/rotate
/usr/local/bin/rotate:
tail +2 name-list > name-list.tmp
head -1 name-list >> name-list.tmp
mv -f name-list.tmp name-list
head -1 name-list > /var/qmail/alias/.qmail-support
echo "|/usr/local/bin/rotate" >> /var/qmail/alias/.qmail-support
So if you want to add a new person, you just append their name to
name-list. Each time a mail is delivered, the name at the top of the list
is moved to the bottom and everyone else moves up one.
I'm not sure where you'd rather keep name-list, hence the lack of path
information on that file.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
copious free time /n./
1. [used ironically to indicate the speaker's lack of the quantity in
question] A mythical schedule slot for accomplishing tasks held to be
unlikely or impossible. Sometimes used to indicate that the speaker
is interested in accomplishing the task, but believes that the oppor-
tunity will not arise... 2. [Archly] Time reserved for bogus or
otherwise idiotic tasks, such as implementation of chrome, or the
stroking of suits.
On Mon, Mar 15, 1999 at 02:02:12PM -0800, Kai MacTane wrote:
> >so for each message to [EMAIL PROTECTED], it is delivered to those three
> >people, what i would like to do is have every other message goto
> >every other person, so msg1 goes to tech1, msg2 goes to tech2, msg3 goes
> >to tech3, msg4 goes to tech1, and so on...
>
> My quickie solution would be something like this (untested code follows!):
>
> .qmail-support:
> &[EMAIL PROTECTED]
> |/usr/local/bin/rotate
>
> /usr/local/bin/rotate:
> tail +2 name-list > name-list.tmp
> head -1 name-list >> name-list.tmp
> mv -f name-list.tmp name-list
> head -1 name-list > /var/qmail/alias/.qmail-support
> echo "|/usr/local/bin/rotate" >> /var/qmail/alias/.qmail-support
Make sure you make the ~alias directory sticky, because mail can arrive
anytime. Also, this method has a problem because 2 qmail-locals will run 2
rotates and may cause corruption of the name list. It is better to use a
locking mechanism. A perfect tool is the setlock command from the
serialmail package.
--
System Administrator
See complete headers for address, homepage and phone numbers
linux2.0.33/qmail1.03
I set up qmail as per P.Gregg doc (single UID).
I have users queues in /var/popboxes/username/Maildir.
For every user I have an entry in /var/qmail/users/assign
=go:popuser:888:888:/var/popboxes/go:::
=ao:popuser:888:888:/var/popboxes/ao:::
...
I need to assign other addresses (internet addresses) to the users.
[EMAIL PROTECTED] --> go
[EMAIL PROTECTED] --> ao
Until now I did this way:
====
virtualdomains
[EMAIL PROTECTED]:alias-local
[EMAIL PROTECTED]:alias-local
.qmail-local-default
|forward $DEFAULT
add lines to assign:
=giuliox:popuser:888:888:/var/popboxes/go:::
=tizio:popuser:888:888:/var/popboxes/ao:::
====
I'd like to switch to:
====
virtualdomains
[EMAIL PROTECTED]:go
[EMAIL PROTECTED]:ao
no need for .qmail-local-default
no need to new lines in assign
add .qmail-default in every queue dir with ./Maildir/ inside.
====
This doesn't wolk.
- Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/
The only way I could make it work is
1)
change
=go:popuser:888:888:/var/popboxes/go:::
to
+go:popuser:888:888:/var/popboxes/go:-::
but this way go receive messages sent to goabcdef
2)
use 2 lines for every user
=go:popuser:888:888:/var/popboxes/go:::
+go-:popuser:888:888:/var/popboxes/go:-::
The same thing works ok If I use a real user (/etc/passwd) with a real homedir and a
.qmail-default file.
Do you understand what I mean?
Is there a solution?
Thanks.
--
Giulio
[EMAIL PROTECTED]
I know I have seen it on this list before BUT...
Using the dot-qmail file how do I set up a forward that it also copies/moves the
message to the place where it was originally sent...
example
if email is sent to [EMAIL PROTECTED] (which is an actual mail box)
I need the .qmail file set up to deliver to THAT mailbox as well as sending a
copy of the message to [EMAIL PROTECTED]
Thanks :)
-Donna
Donna Phillips wrote/schrieb/scribsit:
> if email is sent to [EMAIL PROTECTED] (which is an actual mail box)
> I need the .qmail file set up to deliver to THAT mailbox as well as
> sending a copy of the message to [EMAIL PROTECTED]
In .qmail-admin:
&[EMAIL PROTECTED]
./Maildir/
Stefan
We recently sent mail to another school and received what I call a
"mini-bounce" that follows. It doesn't look like they're using qmail but
is there a qmail equivalent of this that we could install on our server?
I would hope that our mail server stay up, but should there be delays it
would be cool if there were notification to senders.
Thanks,
Samuel Daffner
Mills College ITS
From: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
Date: Sun, 14 Mar 1999 22:19:16 -0500
Status: RO
Your message has encountered delivery problems to the following
recipients:
[EMAIL PROTECTED]
Your message is delayed
Message for domain vaxmail.kenyon.edu delayed at kenyon.edu.
Unable to contact domain for 48 hours.
Will continue trying for 24 hours.
No action is required on your part.
Your message reads (in part):
Resent-To: [EMAIL PROTECTED]
Samuel Dries-Daffner wrote/schrieb/scribsit:
> We recently sent mail to another school and received what I call a
> "mini-bounce" that follows.
http://www.erols.com/bwightman/qmail/
Stefan
Hi,
The online FAQ refers to three features of qmail
for the handling of downed remote hosts. Does anyone
know at one point these were implemented?
If someone knows where in the code these reside,
that would be the most helpful, as I may adjust the
hardcoded parameters to suit our needs.
After checking the CHANGES file, I wasn't able to
discern after which version this occured. I'm using
version 1.01, and will upgrade to the latest if
necessary.
The FAQ I refer to above is at:
ftp://koobera.math.uic.edu/www/qmail/faq/efficiency.html#dead-hosts
Thanks,
==
Steven Levis
_________________________________________________________
DO YOU YAHOO!?
Get your free @yahoo.com address at http://mail.yahoo.com
I have 2 questions.
1. Can I set up the mail server to be Qmail, without having to change the clients?
2. Does the Qmail server still use SMTP with the clients?
3. What port does Qmail use?
Thank you in advance.
Subba Rao
[EMAIL PROTECTED]
==============================================================
Disclaimer - I question and speak for myself.
On Mon, Mar 15, 1999 at 03:08:17PM -0500, Subba Rao wrote:
# I have 2 questions.
#
# 1. Can I set up the mail server to be Qmail, without having to change the clients?
yes
# 2. Does the Qmail server still use SMTP with the clients?
yes
# 3. What port does Qmail use?
25
but that's THREE questions
--
/- [EMAIL PROTECTED] --------------- [EMAIL PROTECTED] -\
|Justin Bell NIC:JB3084| Time and rules are changing. |
|Pearson | Attention span is quickening. |
|Developer | Welcome to the Information Age. |
\-------- http://www.superlibrary.com/people/justin/ ----------/
On Mon, Mar 15, 1999 at 10:05:04PM +0100, Stefan Paletta wrote:
> Samuel Dries-Daffner wrote/schrieb/scribsit:
> > We recently sent mail to another school and received what I call a
> > "mini-bounce" that follows.
>
> http://www.erols.com/bwightman/qmail/
While we're on this I always wondered how this will work with
ezmlm?
The notification message is sent back to the envelope sender. This
is the "bounce controller" of ezmlm which will consider the response
as a bounce and probably send a probe that will "bounce", too.
The user will then be removed from the mailing list.
Am I correct?
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | In a world without
Research & Development | mailto:[EMAIL PROTECTED] | walls and fences,
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | who needs
D-80807 Muenchen | Fax: +49 (89) 32356-299 | Windows and Gates?
On Mon, Mar 15, 1999 at 10:16:28PM +0100, Markus Stumpf wrote:
> On Mon, Mar 15, 1999 at 10:05:04PM +0100, Stefan Paletta wrote:
> > Samuel Dries-Daffner wrote/schrieb/scribsit:
> > > We recently sent mail to another school and received what I call a
> > > "mini-bounce" that follows.
> >
> > http://www.erols.com/bwightman/qmail/
>
> While we're on this I always wondered how this will work with
> ezmlm?
>
> The notification message is sent back to the envelope sender. This
> is the "bounce controller" of ezmlm which will consider the response
> as a bounce and probably send a probe that will "bounce", too.
> The user will then be removed from the mailing list.
>
> Am I correct?
Almost. ezmlm will not remove any subscriber within ten days from the first bounce.
But yes, it would consider these warnings as bounces.
Greetz, Peter.
--
.| Peter van Dijk | <mo|VERWEG> stoned worden of coden
.| [EMAIL PROTECTED] | <mo|VERWEG> dat is de levensvraag
| <mo|VERWEG> coden of stoned worden
| <mo|VERWEG> stonend worden En coden
| <mo|VERWEG> hmm
| <mo|VERWEG> dan maar stoned worden en slashdot lezen:)
Peter van Dijk <[EMAIL PROTECTED]> writes:
| But yes, it would consider these warnings as bounces.
It also considers vacation messages to be bounces. :-(
On Mon, Mar 15, 1999 at 06:13:15PM -0500, Scott Schwartz wrote:
> Peter van Dijk <[EMAIL PROTECTED]> writes:
> | But yes, it would consider these warnings as bounces.
>
> It also considers vacation messages to be bounces. :-(
Yes, but these are normally only sent out once.. Unless.. hmm.. damn... every ezmlm
message has a different envelope-from..
Greetz, Peter.
--
.| Peter van Dijk | <mo|VERWEG> stoned worden of coden
.| [EMAIL PROTECTED] | <mo|VERWEG> dat is de levensvraag
| <mo|VERWEG> coden of stoned worden
| <mo|VERWEG> stonend worden En coden
| <mo|VERWEG> hmm
| <mo|VERWEG> dan maar stoned worden en slashdot lezen:)
On Mon, Mar 15, 1999 at 06:13:15PM -0500, Scott Schwartz wrote:
# Peter van Dijk <[EMAIL PROTECTED]> writes:
# | But yes, it would consider these warnings as bounces.
#
# It also considers vacation messages to be bounces. :-(
#
but vacation messages shouldnt be replying to list email, right?
--
/- [EMAIL PROTECTED] --------------- [EMAIL PROTECTED] -\
|Justin Bell NIC:JB3084| Time and rules are changing. |
|Pearson | Attention span is quickening. |
|Developer | Welcome to the Information Age. |
\-------- http://www.superlibrary.com/people/justin/ ----------/
...
>> Sending a local-local mail with echo, i received an error in my syslog.
...
>> All qmail daemons were running.
>What command starts qmail?
In /etc/init.d/qmail i just have:
csh -cf '/var/qmail/rc &'
>> This is my syslog:
>> Mar 12 20:37:37 out qmail: 921267457.446445 info msg 74001: bytes
>> 190 from <[EMAIL PROTECTED]> qp 2269 uid 0
>> Mar 12 20:37:37 out qmail: 921267457.453123 starting delivery 7:
>> msg 74001 to local [EMAIL PROTECTED]
>> Mar 12 20:37:37 out qmail: 921267457.455606 status: local 1/10
>> remote 0/20
>> Mar 12 20:37:37 out qmail: 921267457.486754 delivery 7:
>> failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/
>> Mar 12 20:37:37 out qmail: 921267457.489978 status: local 0/10
>> remote 0/20
>> Mar 12 20:37:37 out qmail: 921267457.511358 bounce msg 74001 qp 2272
>> Mar 12 20:37:37 out qmail: 921267457.513089 end msg 74001
>> Mar 12 20:37:37 out qmail: 921267457.516306 new msg 74005
>> Mar 12 20:37:37 out qmail: 921267457.517269 info msg 74005: bytes
>> 701 from <> qp 2272 uid 7796
>> Mar 12 20:37:37 out qmail: 921267457.525678 starting delivery 8:
>> msg 74005 to remote [EMAIL PROTECTED]
>> Mar 12 20:37:37 out qmail: 921267457.527208 status: local 0/10
>> remote 1/20
>> Mar 12 20:37:37 out qmail: 921267457.544726 delivery 8: deferral:
>> CNAME_lookup_failed_temporarily._(#4.4.3)/
>> Mar 12 20:37:37 out qmail: 921267457.545458 status: local 0/10
>> remote 0/20
>>
>> Moreover if i try a 'telnet localhost 25' it ends with:
>> 'Connection closed by foreign host'
>What is the whole session?
What do you mean?? The whole session of the telnet??
It is:
Trying 125.0.0.1...
Connect to out
Escape character is '^]'
Connection closed by foreign host
>What command starts qmail-smtpd?
Somewhere in /etc/inetd.conf i have:
smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env
tcp-env /var/qmail/bin/qmail-smtpd
___
Thanks,
Enrico Mangano.
Glenn wrote:
>Your Mailbox has to exist in your home directory. That's where
>qmail will deliver by default (unless you changed your
>/var/qmail/rc). So try
> su - enr1co; touch ~enr1co/Mailbox; chmod 600 ~enrico/Mailbox
I did it but unfortunately nothing has changed.
___
Thanks,
Enrico Mangano.
Hi,
maybe smd. has written already a script which will create the proper
~/Maildir/ for every user in /etc/passwd ?
I would really be happy to get this one (:
Pashah
--
http://www.spb.sitek.net/~pashah/public-key-0x97739141.pgp
On 03/16, [EMAIL PROTECTED] wrote:
> maybe smd. has written already a script which will create the proper
> ~/Maildir/ for every user in /etc/passwd ?
> I would really be happy to get this one (:
My modified checkpassword does that... just rip off main() from
maildirmake.c and insert it into your checkpasswd. 4 mkdirs, that's all.
--
Roman V. Isaev http://www.gunlab.com.ru Moscow, Russia
> This is an extract from proftpd menual:
Has anyone managed to get proftpd to actually chroot?
Scott
Hello List,
We have a server moving about 9000 msgs per day and want to have a
second qmail server waiting on our network to take over in the event of
a failure.
Our current thinking is:
- an identical qmail installation on a backup machine
- daily copy of /home /control and /alias to backup machine
- in the event of a massive failure unplug the ethernet from the main
server and plug into the backup machine.
(I realize we will lose the queue --normally just full of waiting
bounces-- and all msgs received for local users since the last backup)
My question is, will there be any implications "Out_There" of suddenly
having a new IP and hostname for our mailserver, assuming we make the
appro DNS changes?
Any other comments on this kind of idle machine waiting backup scheme?
(the main mail server is dpt raid fived)
cheers - eric
>
> - an identical qmail installation on a backup machine
> - daily copy of /home /control and /alias to backup machine
> - in the event of a massive failure unplug the ethernet from the main
> server and plug into the backup machine.
>
> (I realize we will lose the queue --normally just full of waiting
> bounces-- and all msgs received for local users since the last backup)
>
> My question is, will there be any implications "Out_There" of suddenly
> having a new IP and hostname for our mailserver, assuming we make the
> appro DNS changes?
If its not going to be online unless failure occurs, why would you give it
a different ip or hostname?
-andy
"Adam D. McKenna" wrote:
> From: <[EMAIL PROTECTED]>
>
> :/usr/local/bin/supervise /var/run/supervise/qmail-send env - \
> :PATH="/usr/local/bin:$PATH" TZ=MSK-3MSD \
> :/var/qmail/bin/qmail-start '|preline procmail' /usr/local/bin/accustamp \
> :| /usr/local/bin/cyclog -s100004000 -n5 /var/log/maillog &
>
> Well, first of all cyclog doesn't log to a file, it logs to a directory.
>
> Second of all you're going to give cyclog 500 megs of logs? (n5 x 100 megs
> specified in -s)
>
> Third, make sure there are no spaces after the \ characters you have at the
> end of your lines.
>
> Make sure /var/log/maillog/ exists and is a directory.
>
> >NAME
> > supervise - start and monitor a service
> >
> >SYNOPSIS
> >supervise [ -rsudox ] dir program [ args ... ]
>
> I.E. you may want to do those "env" commands BEFORE running supervise.
>
> --Adam
Excuse my ignorance to this feature, but how would qmail handle logging to a
directory? Does it automatically break down by date, etc? I've never run
across this feature in the mans, etc but it sounds very useful.
--
Cris Daniluk [EMAIL PROTECTED]
-------------------------------------------------------------
Digital Services Network, Inc. http://www.dsnet.net
1129 Niles-Cortland Road, Warren, Ohio 44484 [EMAIL PROTECTED]
(330) 609-8624 ext. 20 Fax (330) 609-9990
The Web Hosting Specialists
-------------------------------------------------------------
From: Cris Daniluk <[EMAIL PROTECTED]>
:Excuse my ignorance to this feature, but how would qmail handle logging to a
:directory? Does it automatically break down by date, etc? I've never run
:across this feature in the mans, etc but it sounds very useful.
qmail doesn't log, cyclog does.
Get it and check it out, you'll learn very quickly what it does.
--Adam
Hi,
I seem to get the following error whenever qmail delivers mail.
I use procmail for the vsm setup. Anyone know why I get the following?
Mar 15 23:28:02 wedge qmail: 921558482.166368 delivery 74: success:
procmail:_Kernel-lock_failed/procmail:_Kernel-unlock_failed/did_0+0+1/
--
Donald Chan........................[[EMAIL PROTECTED]]
[215]417-8241..........[http://www.seas.upenn.edu/~dchan]
"People get annoyed when you try to debug them"
--Larry Wall
> hey all,
> i was wondering if anyone knew of a package that did this, or perhaps
> something qmail might allready have that will round robin messages to
> different rcpt's, for example:
Hiya ...
I have written a program that does just this, we use it for our help@rucus
address. It round robins between any number of people, and does mail
threading (so that one person always deals with the same query irrespective
of the number of messages sent). It also ensures that all outgoing and
incomming mail can be archived (usefull for preparing faqs, etc) and
provides a followup method for unresolved queries.
Basically each message is issued with a ticket and a unique id number which
is used by the program to keep track of, and distribute the mail. The
information is stored in a flatfile database that is easily queried (grep :)
when people want to make follow up queries.
The program wasn't originally intended for distribution (arm pulling by
other sysadmin who is on this list ;) so is rather poorly documented. The
code should be self explanitory though.
If you would like to look at and/or play arround with the script, it is
available under GPL from
ftp://rucus.ru.ac.za/pub/mail/other/tracker.tgz
All I ask is that you let me have a copy of any improvements that you make :)
Oh, and I am not on this list, so please direct any comments/queries to me
at the email address below.
- Guy
--
\\\\ Mon Dieu! Nous sommes dans la merde ////
(o o) __ __ (o o)
_________oOOo__(_)__oOOo_______(__)_____(__)_______oOOo__(_)__oOOo____
| The ideas and opinions expressed | Rhodes University, South Africa | J
| above are mine, not yours. They | Email: [EMAIL PROTECTED] | A
| could be for a small fee though. | http://www.rucus.ru.ac.za/~guy | P
|_____________________________oOOo_______oOOo________________________| H
(__) (__) ||||| (__) (__)
This message was cancelled from within Mozilla.
Hi, I am currently using tcpserver on a Linux 2.0.36 box/RH 5.2 box
I have setup tcpserver with a limit of 5 connections via -c5 and
backlog of 1 with -b1
However, when I start up the 7th and subsequent connection, I
basically get held up waiting for the smtpgreeting string which will
occur as soon as I close some other connection.
However with netstat -t I can see, that all the exisiting connections
are in the ESTABLISHED state. If I were to increase concurrency limit
to something higher, is there a possibility that the OS TCP tables
might become full, with most entries primarily waiting for connections
to complete. Would it be better to refuse connection ?
In sendmail 8.9.3, using the following flags
# maximum number of children we allow at one time
O MaxDaemonChildren=4
# maximum number of new connections per second
O ConnectionRateThrottle=3
If the sixth connection comes in, its is refused
Is there a patch to tcpserver which does something similar or this
concept/idea is bogus :-)
Thanks, Yusuf
--
Yusuf Goolamabbas
[EMAIL PROTECTED]
G'Day.
I have been sporadically trying to set up Qmail-1.03 for about 3 weeks
now and keep running into:
Mar 16 09:07:53 SedricWorks qmail: 921575273.166915 status: local 0/10
remote 2/20
Mar 16 09:07:53 SedricWorks qmail: 921575273.276501 delivery 4:
deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/
I know! the FAQ says something about DNS! but I don't know enough
to make any sense of that though.
Fetchmail,Netscape,host,ftp and all the rest work quite happily.
Incoming mail arrives at local Mailbox(s) OK.
Without knowing any more than that, this seems to imply that the DNS
is working?
I have (attempted to) follow the original INSTALL and then several
other sets of directions for specifically setting up a single machine
to a dial-up ISP.
I have run the various perl scripts to check the directory &
/var/qmail/control contents - OK.
grep says that the deferral: message emanates from qmail-send.c
line 935 which just after a call to read(), & that is where I lose it at
the moment through not knowing enough about how the unix libraries work.
Presumably read()'s file handle is actually the end of a pipe which is
expected to be connected through to the ISP server but isn't?
I rather suspect that the problem may be something to do with
resolv.conf, but I have yet to find a coherent account of
what ought to be in there.
Normally, at this point, I would start sticking debug statements
into the qmail code to try & find out more about what it is doing
but since it is very likely (to somebody here @ least) a glaringly
obvious set-up error, I will try asking first!
Regards, RJP
--
RJP Personal..
