qmail Digest 11 Feb 2000 11:00:00 -0000 Issue 908 Topics (messages 37042 through 37096): Re: courier-imap rpm 37042 by: Sam Re: Egg on my face 37043 by: Sam 37045 by: Len Budney 37066 by: Sam Re: Big and/or famous sites using qmail? 37044 by: Frank Tegtmeyer 37055 by: Mate Wierdl 37068 by: Sean Casey autoresponder 37046 by: Elliot Goldstein Way too many messages in queue. 37047 by: Voitenko, Denis 37048 by: Frank Tegtmeyer 37049 by: John P. Looney 37050 by: alexander.jernejcic.intellinet.at 37051 by: Greg Owen conf-users a conf-qmail 37052 by: Jiri Rosenmayer 37060 by: Mark Delany Logging 37053 by: Brian Johnson 37054 by: Greg Owen checkpw, APOP 37056 by: Dave Sill 37057 by: Paul Schinder 37058 by: Dave Sill 37061 by: Paul Schinder 37062 by: Dave Sill 37063 by: Paul Schinder Re: Databytes and users? 37059 by: Faried Nawaz rblsmtpd and patch for qmail 37064 by: kevin Re: dos attacks 37065 by: Aaron L. Meehan Re: Journalling and email loss 37067 by: Len Budney 37070 by: Sam 37075 by: Len Budney 37076 by: Sam 37079 by: Len Budney 37081 by: Sam 37084 by: Len Budney 37090 by: Pavel Kankovsky qmail-qread 37069 by: Roberto Samarone Araujo 37071 by: Greg Owen Virus checker 37072 by: Daniel A. Denes 37094 by: Rainer Link maildir access 37073 by: Marek Narkiewicz 37074 by: Manfred Bartz 37078 by: Len Budney 37080 by: Marek Narkiewicz 37082 by: Len Budney 37083 by: Marek Narkiewicz checkpassword on Solaris 7 37077 by: Mark Parker FFS with softupdates (Re: Journalling and email loss) 37085 by: Magnus Bodin Re: fsync semantics (was Re: Linux kernel ....) 37086 by: Magnus Bodin Re: HOw:very virtual domains - copy mail between domains 37087 by: Magnus Bodin maildir - MIME web-viewer ? 37088 by: Olivier M. 37089 by: Anand Buddhdev 37092 by: Olivier M. Re: HTML -> TEXT convertors 37091 by: Andy Bradford Problem compiling Qmail Sources 37093 by: Alexandre Nobrega Duarte (* Guardian *) 37095 by: alexander.jernejcic.intellinet.at 37096 by: Fozzy C. Dressel Administrivia: To unsubscribe from the digest, e-mail: [EMAIL PROTECTED] To subscribe to the digest, e-mail: [EMAIL PROTECTED] To bug my human owner, e-mail: [EMAIL PROTECTED] To post to the list, e-mail: [EMAIL PROTECTED] ----------------------------------------------------------------------
On Wed, 9 Feb 2000, Barry Smoke wrote: > I've had problems with 2 rpm's now that install just fine...but don't run > correctly. No rhyme or reason. > > Courier-imap compiles...installs....won't run. > Zope ....compiles(from source rpm)....installs...runs.....but i can't log in > to manage What do you mean "won't run"? That's like calling an auto mechanic over the phone, telling him that your car doesn't start, and expect him to tell you, over the phone, what's wrong with it. It doesn't work that way. -- Sam
On Thu, 10 Feb 2000, Russell Nelson wrote: > Sam writes: > > > So yeah, Linux does seem to be able to lose mail. On the other hand, > > > there were only four pieces of email lost in about fifty reboots. > > > Most people have the good sense to run Linux on reliable hardware and > > > then it never crashes. > > > > This should not happen on orderly shutdowns. > > Right, these were ... "unscheduled" shutdowns. My desktop is slightly > unreliable because its fan is insufficient for cooling the processor. > It's gotten a lot better since I put some silicon heat sink grease on > it. However, the machine still crashes from time to time. And > apparently a few times it lost mail. Well, hell, you'll probably lose mail even if you're running a journaling filesystem, like that. Contrary to popular belief, a journaling fs does not guarantee that all of your data is intact, just that the integrity of the fs itself will not require a refsck after a crash. -- Sam
Sam <[EMAIL PROTECTED]> wrote: > On Thu, 10 Feb 2000, Russell Nelson wrote: > > Well, hell, you'll probably lose mail even if you're running a > journaling filesystem, like that. Contrary to popular belief, a > journaling fs does not guarantee that all of your data is intact, > just that the integrity of the fs itself will not require a refsck > after a crash. False. Mail will not be lost if if rename() or link() (depending on the software) offers the correct semantics: they should return only after the operation has completed _on hardware_. That's true even with soft updates (in which writes are ganged based on physical proximity on disk). Your point applies specifically to journalling filesystems with soft updates which don't honor the traditional semantics. Len. -- Today's processors are not 1000 times bigger, they're 1000 times smaller. The processors on your desktop are an abnormality. Look at the ones in your car. -- Bruce Schneier
On Thu, 10 Feb 2000, Len Budney wrote: > Sam <[EMAIL PROTECTED]> wrote: > > On Thu, 10 Feb 2000, Russell Nelson wrote: > > > > Well, hell, you'll probably lose mail even if you're running a > > journaling filesystem, like that. Contrary to popular belief, a > > journaling fs does not guarantee that all of your data is intact, > > just that the integrity of the fs itself will not require a refsck > > after a crash. > > False. Mail will not be lost if if rename() or link() (depending on Who said anything about the message already being on the filesystem? -- Sam
> SuSE.com and -- I'm presuming SuSE.de -- also use qmail, as well as ezmlm > for their mailing lists. Not officially :) SuSE stuff told me that they not agree with the mail administrator who set this up. They force postfix. I tried to get predefined qmail user ids into the distribution and they refused the proposal. Regards, Frank
How about: sunsite.auc.dk and some big .edu domains like Ohio State (orb1.osu.edu). Sadly though, UIC does not run qmail on their mail servers. I think one needs to be a bit more precise when listing sites that use qmail. For example, RedHat uses qmail only to host the mailinglists (on lists.redhat.com), and mail.redhat.com runs sendmail. Mate
Topica.com (highly modified) something like 2.5-3 million messages a day (I don't work there, but a lot of my friends do...) Sean
I am trying to make an autoresponder work on a user in a virtual domain in qmail. the user has a .qmail file in /var/qmail/alias/ directory that directs the mail to the users home directory on the default domain on the machine. I am using a simple autoresponder script that works but it gives the return address as the default domain on the machine and not the virtual domain. How can I make the virtual domain appear in the return address? In addition how can I include a field in the subject line? Below is the script that I am using. filename .qmail-whobar-info contents: &[EMAIL PROTECTED] | (echo From: info;echo "To: $SENDER";cat test.txt) | qmail-inject Thanks alot to anyone who can help. Elliot Goldstein
Title: Way too many messages in queue.I have a puny machine that does mail for one of my clients. It appears that they have a ton of messages in the queue as such:
messages in queue: 418
messages in queue but not yet preprocessed: 0How exactly would I interpret this data and what do I do about it?
> messages in queue: 418 > messages in queue but not yet preprocessed: 0 > > How exactly would I interpret this data and what do I do about it? Normally no need to worry. There are 418 messages that could not be delivered until now. There are several reasons possible: not enough bandwith or no connection altogether, the messages go to a destination that is currently not reachable. Do any messages go through? Regards, Frank
On Thu, Feb 10, 2000 at 10:01:31AM -0500, Voitenko, Denis mentioned: > I have a puny machine that does mail for one of my clients. It appears that > they have a ton of messages in the queue as such: > > messages in queue: 418 > messages in queue but not yet preprocessed: 0 > > How exactly would I interpret this data and what do I do about it? Looks like there was some problem - it's looked at all those messages, but not delivered them. Either have a look through the qmail log files, and see why their delivery has been deferred, or send a "ALRM" signal (kill -ALRM pid) to qmail-send to make it try and redeliver the messages. Kate
first look with ps, if qmail-send and its three little friends (rspawn, lspawn, clean) are running. then have glance at the output of qmail-qread. is there only one host you are not reaching or are there many? you could ask qmail-tcpto, if there are troubles specific to one special connections. if there was a connection error, do a qmail-tcpok and sigalrm qmail-send. last, if you are trying to reach someone @chello.at: give up. they are struggling with their servers. :) alexander -- ======================================== Alexander Jernejcic email:[EMAIL PROTECTED] IntelliNet EDV-Dienstleistungsges.m.b.H. 1060 Wien, Mariahilferstr. 103 Tel: +43/1/595 23 88 Fax: +43/1/595 23 90 http://www.intellinet.at On 10 Feb, Voitenko, Denis wrote: > I have a puny machine that does mail for one of my clients. It appears > that they have a ton of messages in the queue as such: > > messages in queue: 418 > messages in queue but not yet preprocessed: 0 > > How exactly would I interpret this data and what do I do about it? > >
> I have a puny machine that does mail for one of my clients. It > appears that they have a ton of messages in the queue as such: > messages in queue: 418 > messages in queue but not yet preprocessed: 0 > How exactly would I interpret this data and what do I do about it? 1) Run qmail-qread to see what the messages are and where they are going. You will get output like this (albeit far more lines - redirect to a file): 10 Feb 2000 09:21:49 GMT #34686 280 <[EMAIL PROTECTED]> remote [EMAIL PROTECTED] This tells you that there is mail in the queue from [EMAIL PROTECTED] to [EMAIL PROTECTED] that has not been delivered. 2) Look in your logs to see why the messages haven't been delivered. Do so by editing your mail log and searching for either the message number (34686 above) or the recipient. I recommend searching from the bottom up since message numbers are re-used. The line you find will have a delivery number (like such): Feb 10 09:29:36 sassafrass qmail: 950192976.586510 starting delivery 1: msg 34686 to remote [EMAIL PROTECTED] From that point, search down for "delivery 1" (or appropriate delivery number): Feb 10 09:30:21 sassafrass qmail: 950193021.380168 delivery 1: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/ Okay. The message was deferred because qmail couldn't look up the remote host in DNS. Other causes may be: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/ (The remote host is down or not reachable for some reason. Test.) Connected_to_128.11.23.228_but_connection_died._(#4.4.2)/ (The remote host answered but didn't continue/finish the SMTP transaction. Either something is wrong at their end, or they're offline and you've got a proxying firewall like Raptor that screws you up). Connected_to_207.244.124.137_but_greeting_failed./ \ Remote_host_said:_421_polaris.shore.net:_Too_many_concurrent \ _SMTP_connections;_please_try_again_later/ (The remote host was too busy and politely asked you to try later) Sorry,_I_couldn't_find_any_host_by_that_name._(#4.1.2)/ (The user mistyped the recipient's address, most likely) 3) Repeat with enough messages to figure out what's going on. Questions to ask include: a) Is it the same host that's causing all the deferrals? b) If not, is it the same error across many hosts? c) Can I find an obvious connectivity problem with ping or traceroute? d) Can I find an obvious problem by telnet'ting to the remote machines SMTP port and manually typing some SMTP commands? 4) Obviously, with this many deferrals, you can shortcut the process by 'grep deferral: /var/log/maillog'. If they're all CNAME_lookup_failed_temporarily, for example, you'll want to test your DNS using nslookup. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
Folks I want to run multiple instances of qmail. My question is: "If I already run 1 instance of qmail and I want to run second, have I create another users (qmaild, qmails, ..) or I can use these users from first qmail instance ?? Is there some problem if these users have different home directory than root directory of the second instance of qmail?? J. P.S.: Please post cc: to me because I'not subscriber of the list. ----------------------------------------------------------------- Jiri Rosenmayer e-mail: [EMAIL PROTECTED] SkyNet a. s. http://www.pgp.cz PGP fingerprint: 1907 1F79 CC70 74EE FC55 F649 5651 33A4 50D4 ABB9
On Thu, Feb 10, 2000 at 05:01:37PM +0100, Jiri Rosenmayer wrote: > Folks > > > I want to run multiple instances of qmail. > > My question is: "If I already run 1 instance of qmail and I want to > run second, have I create another users (qmaild, qmails, ..) or I can use > these users from first qmail instance ?? Is there some problem if these > users have different home directory than root directory of the second > instance of qmail?? You can use the same users. I don't believe the home directory is particularly relevant for any of the users, excepting ~alias. Are you planning to run a separate alias entries, or do you plan to use the same one? It also might be instructive to understand why you are running multiple instances. There are many good reasons, but we're all a curious lot here. Regards.
I'm looking for a way to add a Bcc: line to all e-mails that come through my smtp server. I'm trying to log all the e-mail that people send through my server to another pop box so I can just download the messages, and then filter them or whatever I want with my mailreader. has someone written a wrapper or something that could help me do something like this? Thanks
> I'm looking for a way to add a Bcc: line to all e-mails that come > through my smtp server. I'm trying to log all the e-mail that people > send through my server to another pop box so I can just download the > messages, and then filter them or whatever I want with my mailreader. > has someone written a wrapper or something that could help me do > something like this? FAQ 8.2: ] How do I keep a copy of all incoming and outgoing mail messages? ] ] Answer: Set QUEUE_EXTRA to "Tlog\0" and QUEUE_EXTRALEN to 5 in ] extra.h. Recompile qmail. Put ./msg-log into ~alias/.qmail-log. ] ] You can also use QUEUE_EXTRA to, e.g., record the Message-ID of ] every message: run ] ] | awk '/^$/ { exit } /^[mM][eE][sS][sS][aA][gG][eE]-/ { print }' ] ] from ~alias/.qmail-log. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
I installed Shinya Ohira's checkpw checkpassword replacement, and it works fine with "checkpw" (standard USER + PASS authentication), but with "checkapoppw" I get "authorization failed". I'm using fetchmail, but I have the same problem when I "manually" generate the APOP hash. How can I debug this? -Dave
At 2:39 PM -0500 2/10/00, Dave Sill wrote: >I installed Shinya Ohira's checkpw checkpassword replacement, and it >works fine with "checkpw" (standard USER + PASS authentication), but >with "checkapoppw" I get "authorization failed". I'm using fetchmail, >but I have the same problem when I "manually" generate the APOP hash. Really? It works for me. Do you have a ~/Maildir/.password with the right permissions? > >How can I debug this? Put recordio in the chain, or fetchmail -vv. > >-Dave -- Paul J. Schinder NASA Goddard Space Flight Center Code 693 [EMAIL PROTECTED]
Paul Schinder <[EMAIL PROTECTED]> wrote: >At 2:39 PM -0500 2/10/00, Dave Sill wrote: >>I installed Shinya Ohira's checkpw checkpassword replacement, and it >>works fine with "checkpw" (standard USER + PASS authentication), but >>with "checkapoppw" I get "authorization failed". I'm using fetchmail, >>but I have the same problem when I "manually" generate the APOP hash. > >Really? It works for me. Do you have a ~/Maildir/.password with the >right permissions? Yeah, really. I put the .password in place, verified it using checkpw, switched to checkapoppw without touching .password, and it fails. >>How can I debug this? > >Put recordio in the chain, or fetchmail -vv. I'll try recordio, but here's what fetchmail -vv said: $ fetchmail -vv fetchmail: 5.1.0 querying emaildev (protocol APOP) at Thu, 10 Feb 2000 14:49:04 -0500 (EST) fetchmail: POP3< +OK <[EMAIL PROTECTED]> fetchmail: POP3> APOP de5 377129bbb5e2a8e84b0576cddaf384c9 fetchmail: POP3< -ERR authorization failed fetchmail: authorization failed fetchmail: Authorization failure on de5@emaildev fetchmail: POP3> QUIT fetchmail: authorization error while fetching from emaildev fetchmail: Query status=3 fetchmail: normal termination, status 3 fetchmail: Deleting fetchids file. (.password contained "apoptest" at the time) And: $ echo -n "<[EMAIL PROTECTED]>apoptest"|md5 377129bbb5e2a8e84b0576cddaf384c9 -Dave
At 2:58 PM -0500 2/10/00, Dave Sill wrote: >Paul Schinder <[EMAIL PROTECTED]> wrote: > > >At 2:39 PM -0500 2/10/00, Dave Sill wrote: > >>I installed Shinya Ohira's checkpw checkpassword replacement, and it > >>works fine with "checkpw" (standard USER + PASS authentication), but > >>with "checkapoppw" I get "authorization failed". I'm using fetchmail, > >>but I have the same problem when I "manually" generate the APOP hash. > > > >Really? It works for me. Do you have a ~/Maildir/.password with the > >right permissions? > >Yeah, really. I put the .password in place, verified it using checkpw, >switched to checkapoppw without touching .password, and it fails. > > >>How can I debug this? > > > >Put recordio in the chain, or fetchmail -vv. > >I'll try recordio, but here's what fetchmail -vv said: > >$ fetchmail -vv >fetchmail: 5.1.0 querying emaildev (protocol APOP) at Thu, 10 Feb >2000 14:49:04 -0500 (EST) >fetchmail: POP3< +OK <[EMAIL PROTECTED]> >fetchmail: POP3> APOP de5 377129bbb5e2a8e84b0576cddaf384c9 >fetchmail: POP3< -ERR authorization failed >fetchmail: authorization failed >fetchmail: Authorization failure on de5@emaildev >fetchmail: POP3> QUIT >fetchmail: authorization error while fetching from emaildev >fetchmail: Query status=3 >fetchmail: normal termination, status 3 >fetchmail: Deleting fetchids file. > >(.password contained "apoptest" at the time) I doubt that recordio will help you any more than this. > >And: > >$ echo -n "<[EMAIL PROTECTED]>apoptest"|md5 >377129bbb5e2a8e84b0576cddaf384c9 I get the same checksum on both Mac and Sun. Is it an Inhell chip? (It'd give me a perverse pleasure to see something fail on an Intel chip for a change because of endian problems.) Maybe checkpw's md5 calculation assumes big endian? I use it on both PPC (Linux) and Sparc (Solaris 7) with no problems. > >-Dave -- Paul J. Schinder NASA Goddard Space Flight Center Code 693 [EMAIL PROTECTED]
Paul Schinder <[EMAIL PROTECTED]> wrote: >>$ fetchmail -vv >>fetchmail: 5.1.0 querying emaildev (protocol APOP) at Thu, 10 Feb >>2000 14:49:04 -0500 (EST) >>fetchmail: POP3< +OK <[EMAIL PROTECTED]> >>fetchmail: POP3> APOP de5 377129bbb5e2a8e84b0576cddaf384c9 >>fetchmail: POP3< -ERR authorization failed >>fetchmail: authorization failed >>fetchmail: Authorization failure on de5@emaildev >>fetchmail: POP3> QUIT >>fetchmail: authorization error while fetching from emaildev >>fetchmail: Query status=3 >>fetchmail: normal termination, status 3 >>fetchmail: Deleting fetchids file. >> >>(.password contained "apoptest" at the time) > >I doubt that recordio will help you any more than this. It didn't. >>And: >> >>$ echo -n "<[EMAIL PROTECTED]>apoptest"|md5 >>377129bbb5e2a8e84b0576cddaf384c9 > >I get the same checksum on both Mac and Sun. > >Is it an Inhell chip? (It'd give me a perverse pleasure to see >something fail on an Intel chip for a change because of endian >problems.) Maybe checkpw's md5 calculation assumes big endian? I >use it on both PPC (Linux) and Sparc (Solaris 7) with no problems. Solaris 7 SPARC, gcc 2.8.1. -Dave
At 3:21 PM -0500 2/10/00, Dave Sill wrote: > >Solaris 7 SPARC, gcc 2.8.1. Compiler bug, maybe? I'm using 2.95.2 now, and it was 2.95.1 that compiled the checkpw that does this: leprss% fetchmail -vv -c --protocol APOP mors.gsfc.nasa.gov Enter password for [EMAIL PROTECTED]: fetchmail: 5.2.0 querying mors.gsfc.nasa.gov (protocol APOP) at Thu, 10 Feb 2000 15:25:58 -0500 (EST) fetchmail: POP3< +OK <[EMAIL PROTECTED]> fetchmail: POP3> APOP schinder b765dc6f5216e38f4d349c3ecc057541 fetchmail: POP3< +OK fetchmail: selecting or re-polling default folder fetchmail: POP3> STAT fetchmail: POP3< +OK 5 19217 fetchmail: POP3> LAST fetchmail: POP3< +OK 0 5 messages for schinder at mors.gsfc.nasa.gov (19217 octets). fetchmail: POP3> QUIT fetchmail: POP3< +OK fetchmail: normal termination, status 0 Of course, checkpw was compiled on a 32 bit SparcIPX, and is now running on a 64 bit Ultra 5. I could send the binary to you if you want (12k), since you're running on a SPARC. > >-Dave -- Paul J. Schinder NASA Goddard Space Flight Center Code 693 [EMAIL PROTECTED]
Russell Nelson <[EMAIL PROTECTED]> writes: TAG writes: > Is it possible to set a databytes file for a specific user that will > overide the system wide databytes file?? Only if that user has a fixed IP address. There's another way around that problem -- the pop-before-you-send-mail software; it can set RELAYCLIENT and DATABYTES.
Hi All, I'm want to apply a patch to rblsmtpd which allows it to use more than one listing service. Where do I put the patch file and what are the commands to apply the patch ? My patch file multirbls.diff currently sits in the directory : /TEMP/rblsmtpd-0.70 Is this right and how to I apply the patch? Regards, Kevin Smith Lemon Lainey Design UK http://www.lemonlaineydesign.com
Quoting Marek Narkiewicz ([EMAIL PROTECTED]): > Would it be possible to lmit the number of spawns that tcpserver can > make from one ip address concurrently to preven one ip spawning up > to the limit of concurrent daemons and denying access to that > daemon? I can't think of a way to do it from what i've read of the > docs but it seems like quite a useful feature so i was wondering if > there was a patch or a plan to add that functionality? If not can > someone give me a few pointers on what would be involved in such a > modification so I can have a go myselgf? cheers You might try IPLimit: http://www.jedi.claranet.fr I used it successfully against those broken, PITA, bare-linefeed-sending MS mail servers. A Gotcha that got me: IPLimit's docs mention putting its data file into /var/run. If your particular *nix (esp linux distributions such as debian, which we run) removes files in /var/run on bootup, make sure to touch it and chmod so that it's writable by the userid tcpserver switches to, because it doesn't create the file itself. Alternatively, hack the code to put it elsewhere or open the file for writing. Aaron
Sam <[EMAIL PROTECTED]> wrote: > On Thu, 10 Feb 2000, Len Budney wrote: > > > Sam <[EMAIL PROTECTED]> wrote: > > > On Thu, 10 Feb 2000, Russell Nelson wrote: > > > > > > Well, hell, you'll probably lose mail even if you're running a > > > journaling filesystem... > > > > False. Mail will not be lost if if rename() or link() (depending on > > Who said anything about the message already being on the filesystem? Then your comment was utterly inane. Any MTA which returns success before writing a message to the filesystem, and syncing it, should be thrown away. Any MUA which doesn't check exit status of the MTA should be thrown away. Authors of such junk should be flogged. (My remark applies to qmail 2, as well. Zeroseek will build compressed journals, but the journal entry had better be on disk before success is returned.) Len. -- Cryptographic systems are broken constantly, but the attacks are almost never against the algorithms. The really difficult problems in security systems are key distribution, management, reliability, robustness, etc. -- Bruce Schneier
On Thu, 10 Feb 2000, Len Budney wrote: > Sam <[EMAIL PROTECTED]> wrote: > > On Thu, 10 Feb 2000, Len Budney wrote: > > > > > Sam <[EMAIL PROTECTED]> wrote: > > > > On Thu, 10 Feb 2000, Russell Nelson wrote: > > > > > > > > Well, hell, you'll probably lose mail even if you're running a > > > > journaling filesystem... > > > > > > False. Mail will not be lost if if rename() or link() (depending on > > > > Who said anything about the message already being on the filesystem? > > Then your comment was utterly inane. Any MTA which returns success > before writing a message to the filesystem, and syncing it, should be Which only syncs the data. close() then updates the metadata, which may remain buffered for some time before getting flushed out. -- Sam
> > > > (Sam) > > > > > Well, hell, you'll probably lose mail even if you're running a > > > > > journaling filesystem... > > > > > > > (me) > > > > False. Mail will not be lost if if rename() or link() (depending on > > > > > (Sam) > > > Who said anything about the message already being on the filesystem? > > > (me) > > Then your comment was utterly inane. Any MTA which returns success > > before writing a message to the filesystem, and syncing it... > (Sam) > Which only syncs the data. close() then updates the metadata, which > may remain buffered for some time before getting flushed out. Which brings us back to link() or rename(), of course. Writing data directly to the target queue/file is a mistake, unless you want queued, incomplete messages after a failure. Is it late at night where you are? I'm certain you know all this; you must be tired. Len. -- Look at it this way: sendmail is a whale, and qmail is a shark. Perhaps you're impressed by the size of the whale; perhaps, if you grew up surrounded by whales, you find it hard to imagine a big sea creature without tons of blubber. -- Dan Bernstein
On Thu, 10 Feb 2000, Len Budney wrote: > > > > > (Sam) > > > > > > Well, hell, you'll probably lose mail even if you're running a > > > > > > journaling filesystem... > > > > > > > > > (me) > > > > > False. Mail will not be lost if if rename() or link() (depending on > > > > > > > (Sam) > > > > Who said anything about the message already being on the filesystem? > > > > > (me) > > > Then your comment was utterly inane. Any MTA which returns success > > > before writing a message to the filesystem, and syncing it... > > > (Sam) > > Which only syncs the data. close() then updates the metadata, which > > may remain buffered for some time before getting flushed out. > > Which brings us back to link() or rename(), of course. Writing data > directly to the target queue/file is a mistake, unless you want > queued, incomplete messages after a failure. And, if close() does not update the metadata, there's no reason why link or rename should either. What this REALLY brings us back to is the fact that the only thing that journaling guarantees you is that you won't have to refsck everything after a reboot. It does not guarantee you that both data and metadata is going to be synchronously updated prior to close, rename, link, or any other system call returning. -- Sam
Sam <[EMAIL PROTECTED]> wrote: > On Thu, 10 Feb 2000, Len Budney wrote: > > > > Which brings us back to link() or rename()... > > And, if close() does not update the metadata, there's no reason why link > or rename should either. > > What this REALLY brings us back to is the fact that the only thing that > journaling guarantees you is that you won't have to refsck everything > after a reboot... Journalling is absolutely orthogonal to the reliability issue. The reliability issue is: What are the semantics of fsync(), link() and rename()? If they return after the requested operation completes to disk, we can guarantee reliability. If not, we can't. Which brings us back to your mistake; you make a claim about ``journalling filesystems'' which is true for some, and false for others. FFS had those semantics, for example, but happened to break them when soft updates were added. Len. -- 256-bit keys will forever be immune from brute-force attacks until computers are made up of something other than matter and occupy something other than space. -- Bruce Schneier
On Thu, 10 Feb 2000, Len Budney wrote: > Sam <[EMAIL PROTECTED]> wrote: > > On Thu, 10 Feb 2000, Len Budney wrote: > > > > > > Which brings us back to link() or rename()... > > > > And, if close() does not update the metadata, there's no reason why link > > or rename should either. > > > > What this REALLY brings us back to is the fact that the only thing that > > journaling guarantees you is that you won't have to refsck everything > > after a reboot... > > Journalling is absolutely orthogonal to the reliability issue. The > reliability issue is: What are the semantics of fsync(), link() and > rename()? If they return after the requested operation completes to disk, > we can guarantee reliability. If not, we can't. > > Which brings us back to your mistake; you make a claim about ``journalling > filesystems'' which is true for some, and false for others. FFS had > those semantics, for example, but happened to break them when soft > updates were added. My original statement was: "Well, hell, you'll probably lose mail even if you're running a journaling filesystem. Contrary to popular belief, a journaling fs does not guarantee that all of your data is intact, just that the integrity of the fs itself will not require a refsck after a crash." I did not say that all journaling file systems do not sync both the data and the metadata, just that it's not a requirement for implementing a journaled filesystem. In fact, syncing both data and metadata upon close, and syncing the metadata on every inode update, would kill performance to such an extent that it makes me doubt that any high performance journaling filesystem does that. Journaling already comes with a heavy enough payload already. I repeat: the only thing that journaling itself guarantees you is a fsckless recovery. Expecting anything more out of a journaling filesystem is sheer fallacy. If journaling filesystems behave the way you think journaling filesystems really behave, then companies like Oracle, Sybase, and Informix would have no reason to exist, and we can simply write data to flat files, and expect them to be there when we finished writing to them. The world doesn't work that way, I'm afraid. -- Sam
Sam <[EMAIL PROTECTED]> wrote: > On Thu, 10 Feb 2000, Len Budney wrote: > > > Which brings us back to your mistake; you make a claim about > > ``journalling filesystems'' which is true for some, and false for > > others... > > I did not say that all journaling file systems do not sync both the data > and the metadata, just that it's not a requirement for implementing a > journaled filesystem. Okay, conceded. We agree that ``reliable'' is not spelled ``journalling''. I mistook you to be implying that journalled filesystems generally are subject to email loss. I apologize for taking your statement farther than you meant it. What threw me for a loop was your apparent focus on journalling itself; it seemed like a red herring. Nobody made any silly claims about journalling on this list; indeed there was a recent discussion about the reliability impact of soft updates on FFS--giving us a good example of both a reliable journalled filesystem, and an unreliable journalled filesystem. pax, Len. -- My motivation is disgust at the incredible damage that Eric Allman's code has done to the Internet, destroying innocent email messages and compromising the security of half a million hosts. -- Dan Bernstein, author of qmail
On Thu, 10 Feb 2000, Len Budney wrote: > Then your comment was utterly inane. Any MTA which returns success > before writing a message to the filesystem, and syncing it, should be > thrown away... What if the MTA has already forwarded the message in question to other MTA and got an acknowledgement? What if the message has already been processed by some program? Why should MTA bother making sure a copy of the message has been saved to the disk in these situations? Qmail's design has advantages but it is not the only way to design MTA in the universe. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
I would like to know what the fields of qmail-qread mean . For Example : 7 Feb 2000 15:35:40 GMT #635162 2305 < > local [EMAIL PROTECTED] I don't understand what the field < > means , it sometimes appear as <#@[]> . I would like to know How can I delete a mail from queue . Roberto Samarone Araujo
> I would like to know what the fields of qmail-qread mean . > > For Example : > >7 Feb 2000 15:35:40 GMT #635162 2305 < > > local [EMAIL PROTECTED] > > >I don't understand what the field < > means , it sometimes appear as ><#@[]> . <> is a "null return path." When mail bounces, the bounce message is usually sent with a null return path so that it can't bounce back and create a mail loop. This is specified in RFC821. <#@[]> is qmail's version of a null return path, which IIRC should always remain local. In other words, qmail uses it for things like double bounces which don't leave the system. (That's my recollection. Searching the archive will probably give you a more accurate and authoritative answer). >I would like to know How can I delete a mail from queue . If you shut down the qmail processes and remove the appropriate files from the queue, that'll do it, but you're just as likely to mess up your queue. If you modify the date on the /var/qmail/queue/info/*/<msgid> file so that it appears older than your default timeout, it'll bounce the next time the queue runs. But for most cases, you're probably better off leaving it in the queue. -- Greg
Hello list, can someone recommend a virus-checking solution that will run with qmail as well as without (i.e., run standalone and check non-mail files)? Platform is debian. Help really appreciated! TIA, Daniel mailto:[EMAIL PROTECTED]
"Daniel A. Denes" wrote: > can someone recommend a virus-checking solution that will run with > qmail as well as without (i.e., run standalone and check non-mail > files)? Platform is debian. Help really appreciated! Well, please have a look at http://av-linux.w3.to, especially http://www.ce.is.fh-furtwangen.de/~link/security/av-linux.txt or http://www.ce.is.fh-furtwangen.de/~link/security/av-linux_e.txt In simple terms - use a standalone virus scanner (on demand) for your latter approach and AMaViS or scan4virus in combination with one or more standalone (on demand) scanner to do virus scanning of eMail (attachments). cu, Rainer -- Member of Virus Help Munich (www.vhm.haitec.de) | Rainer Link Member of AMaViS Development Team (amavis.org) | [EMAIL PROTECTED] Maintainer FAQ "antivirus for Linux" (av-linux.w3.to) | rainer.w3.to
How do i go about reading from a maildir without ncroaching on the security of the maildir? ie what is the procedure for reading emails from one. Also where can i find the spec for maildirs like an rfc or similar. cheers -- Marek Narkiewicz, Systems Director WelshDragon ltd [EMAIL PROTECTED] 02/10/2000 at 02:33:50
Marek Narkiewicz <[EMAIL PROTECTED]> writes: > How do i go about reading from a maildir without ncroaching on the > security of the maildir? ie what is the procedure for reading emails > from one. Basically you need a MUA (Mail User Agent) which is capable of reading from maildirs. Mutt is one. I personally use Xemacs21/gnus5.8. <http://qmail.org> > Also where can i find the spec for maildirs like an rfc or similar. man 5 maildir -- Manfred Bartz
Marek Narkiewicz <[EMAIL PROTECTED]> wrote: > > How do i go about reading from a maildir without ncroaching on the > security of the maildir? Depends what you mean by ``security''. If you really mean ``security'', then the answer is: only do it if they're your emails (or you're authorized). If you mean ``reliability'', then there's no issue: go ahead and read any file in maildir/new or maildir/cur. Don't touch any files you see in maildir/tmp--unless they're older than 36 hours, in which case you should delete them. > Also where can i find the spec for maildirs like an rfc or similar. The best spec is the manpage maildir(5), included with qmail. It tells you everything you need. It also refers you to a page on Dan's website with a little more information for MUA implementers. > ie what is the procedure for reading emails If you mean, ``What MUA uses Maildirs as folders?'' then as far as I know the only one is mutt. For spot use, ``more'' or ``less'' should be good enough. Len. -- The moment you run that, a local attacker can take over your machine. Isn't security fun? -- Dan Bernstein
Ok thanks a lot, you answered my (rather badly phrased) question perfectly. I intend to offer my clients a web based interface to their pop3 mail in conjunction with a java aplet based live notificationt that they have new mail. As the account that they will be using will be their standard pop3 one I need to maintain the integrity of their existing email locations unless they explicitly override that by deleting etc. Now in order for the java server to update the client when new mail is available it needs some way of knowing which mails have already been read by the web client. Looking at the maildr spec I see that the info addition to files in the cur directory could be used for this purpose. Does qmail-pop3d currently offer anything outside rfc 1460 that can mark messages as read? If not can anyone think of the most logical way to utilise that info field? I would like to then improve on the functionality to offer imap style folders but virtually based on a code in the info. Thanks for any help, On Thu, 10 Feb 2000 22:18:57 -0500, [EMAIL PROTECTED] wrote: >Marek Narkiewicz <[EMAIL PROTECTED]> wrote: >> >> How do i go about reading from a maildir without ncroaching on the >> security of the maildir? > >Depends what you mean by ``security''. If you really mean ``security'', >then the answer is: only do it if they're your emails (or you're >authorized). > >If you mean ``reliability'', then there's no issue: go ahead and read >any file in maildir/new or maildir/cur. Don't touch any files you see >in maildir/tmp--unless they're older than 36 hours, in which case you >should delete them. > >> Also where can i find the spec for maildirs like an rfc or similar. > >The best spec is the manpage maildir(5), included with qmail. It tells >you everything you need. It also refers you to a page on Dan's website >with a little more information for MUA implementers. > >> ie what is the procedure for reading emails > >If you mean, ``What MUA uses Maildirs as folders?'' then as far as I >know the only one is mutt. For spot use, ``more'' or ``less'' should >be good enough. > >Len. > > >-- >The moment you run that, a local attacker can take over your machine. >Isn't security fun? > -- Dan Bernstein -- Marek Narkiewicz, Systems Director WelshDragon ltd [EMAIL PROTECTED] 02/10/2000 at 03:49:21
Marek Narkiewicz <[EMAIL PROTECTED]> wrote: > > Now in order for the java server to update the client when new mail > is available it needs some way of knowing which mails have already > been read by the web client. The easiest way, if your maildir clients all play nice, is that files in maildir/new are new, and files in maildir/cur have been seen (which isn't the same as read, exactly, but I'm just nitpicking). So just inform your Java client when there are files in maildir/new. > Does qmail-pop3d currently offer anything outside rfc 1460 that can > mark messages as read? When a message has been popped, qmail-pop3d _does_ move it to maildir/cur, which effectively marks it as read. So you're all set. > If not can anyone think of the most logical way to utilise that info > field? I would like to then improve on the functionality to offer imap > style folders but virtually based on a code in the info. I can't help you there; I don't know much about IMAP. The main concern is that scanning a directory can be slow if the folders are too full (where too full has been estimated at 25K emails). I don't know if the concern is reasonable, since I don't know if anybody ever has folders so full. Len. -- How about the B1H problem, when your body temperature goes above 100 degrees? Or the L1m problem, when the lira dips below one millicent? Casinos worry about the D52C problem, when there are more than 52 cards in a deck. This could be the start of something big. -- Bruce Schneier
Once again thank you. :-) On Thu, 10 Feb 2000 23:03:43 -0500, [EMAIL PROTECTED] wrote: >Marek Narkiewicz <[EMAIL PROTECTED]> wrote: >> >> Now in order for the java server to update the client when new mail >> is available it needs some way of knowing which mails have already >> been read by the web client. > >The easiest way, if your maildir clients all play nice, is that files >in maildir/new are new, and files in maildir/cur have been seen (which >isn't the same as read, exactly, but I'm just nitpicking). So just inform >your Java client when there are files in maildir/new. > Excellent as I don't run any local mua's all access will be via the qmail-pop3d server which I'm sure does behave. >> Does qmail-pop3d currently offer anything outside rfc 1460 that can >> mark messages as read? > >When a message has been popped, qmail-pop3d _does_ move it to maildir/cur, >which effectively marks it as read. So you're all set. That is ideal and I am grateful to you for pointing it out as It is 4:00 am and it had passed me by totally. :-( > >> If not can anyone think of the most logical way to utilise that info >> field? I would like to then improve on the functionality to offer imap >> style folders but virtually based on a code in the info. > >I can't help you there; I don't know much about IMAP. The main concern >is that scanning a directory can be slow if the folders are too full >(where too full has been estimated at 25K emails). I don't know if the >concern is reasonable, since I don't know if anybody ever has folders >so full. > >Len. > End result is that I can go ahead now with the automatic mail notification and return to the folder idea when I have time to modify qmail-pop3d. Thankyou for your time. > >-- >How about the B1H problem, when your body temperature goes above >100 degrees? Or the L1m problem, when the lira dips below one >millicent? Casinos worry about the D52C problem, when there are more >than 52 cards in a deck. This could be the start of something big. > -- Bruce Schneier -- Marek Narkiewicz, Systems Director WelshDragon ltd [EMAIL PROTECTED] 02/10/2000 at 04:12:04
Hi, presently I am fighting to setup pop3 access to the qmail server. I have attempted to use both the commands/configurations from the FAQ (using tcpserver) and from the Living With Qmail doco (using inetd) and I receive the same error using both. telnet <hostname> 110 +OK <18972.950238486@hostname> user <username> +OK pass <passwd> -ERR authorization failed I have confirmed that the username and password I am using is correct. Is there an underlying issue with Solaris 7 and the checkpassword program, or am I missing something else. Any help would be greatly appreciated. Thanks Mark P
On Thu, Feb 10, 2000 at 11:21:08PM -0500, Len Budney wrote: > Sam <[EMAIL PROTECTED]> wrote: > > On Thu, 10 Feb 2000, Len Budney wrote: > > > > > Which brings us back to your mistake; you make a claim about > > > ``journalling filesystems'' which is true for some, and false for > > > others... > > > > I did not say that all journaling file systems do not sync both the data > > and the metadata, just that it's not a requirement for implementing a > > journaled filesystem. > > Okay, conceded. We agree that ``reliable'' is not spelled ``journalling''. > I mistook you to be implying that journalled filesystems generally are > subject to email loss. I apologize for taking your statement farther > than you meant it. > > What threw me for a loop was your apparent focus on journalling itself; it > seemed like a red herring. Nobody made any silly claims about journalling > on this list; indeed there was a recent discussion about the reliability > impact of soft updates on FFS--giving us a good example of both a reliable > journalled filesystem, and an unreliable journalled filesystem. Thanks. Yes. Let's make the clarification. FFS with soft updates is NOT a journaling file system. It will however be significally faster than any journaling filesystem(*) but it still needs to get fsyncs AFTER e.g. a return from rename() to be sure that it effectively has happened on disk. It DOES NOT MEAN that rename() is no longer an atomic operation in respect to other applications, but if you get a crash between the rename() and the fsync() you cannot be sure that the rename has been done when you come up again. The impact of qmail is however dim to me. Please enlighten upon the problems that can arise. Do we have to add extra fsyncs here? /magnus (*) Kirk McKusick is presenting these tests at Usenix this summer, he said to me yesterday. -- http://x42.com/
On Thu, Feb 03, 2000 at 11:15:41PM -0500, Russell Nelson wrote: > [EMAIL PROTECTED] writes: > > On Thu, 3 Feb 2000 15:12:00 -0500 (EST) , Russell Nelson writes: > > > ext2 has always honored fsync. You fsync a file, and its data goes > > > off to disk. You fsync a directory and its data goes off to disk. > > > The only reason this surprises anyone is because the BSD hackers > > > decided that fsyncing a file should also fsync the directory the file > > > resides in. > > > > What use is syncing the data to disk, if you can't > > get to it after a crash? It might as well have just > > stayed in cache otherwise.... > > fsync the data if you want the data on disk. > fsync the directory if you want the metadata on disk. > > What's complicated or difficult about that? According to McKusick yesterday when I asked specifically about this problem discussed here, he admitted that fsync:ing a directory could be a costly operation if directories had to be fsynced recursively. In e.g. a queue-directory or a Maildir, it will probably have no impact. Therefore, a fsync() of the file would be sufficient he said. Really two. Maildir-example: 1. write to tmp 2. fsync() 3. rename(tmp, new) 4. fsync() /magnus -- http://x42.com/
On Thu, Feb 03, 2000 at 12:02:49AM +0100, Bolmehag, Peter wrote: > > Hi > > I just moved from sendmail to qmail. Now I have domainaliases in the > sendmail configuratio that looks like this: > > [EMAIL PROTECTED] [EMAIL PROTECTED] > > Mail is received for [EMAIL PROTECTED] and is copied and sent out to > [EMAIL PROTECTED] . > > I have lots of these pairs where mail comes in to one domain and leaves for > another directly. > > HOw do I do that with qmail? Look at my "The forward-all-to-another-domain-alternative" in http://x42.com/qmail/doc/vdomains3.txt (old post from here recycled once again) /magnus -- http://x42.com/
Hello, The last week, I tried a few webmail solutions, based on imap and pop. Some are pretty, but actually, I think it is silly to use pop, when we could simply use a CGI to read the mails _directely_ from user Maildir (with password check naturally). As I'm probably not the first one getting this idea, there are probably already some scripts existing... Maybe you could help me find one ? :) I'd like to write/find a perl script, with simple read capabilities (no folders, addressbook and such things at first) and MIME capabilities for attachments. Thanks a lot in advance for any hint! Olivier
On Fri, Feb 11, 2000 at 07:33:12AM +0100, Olivier M. wrote: > Hello, > > The last week, I tried a few webmail solutions, based on imap and > pop. Some are pretty, but actually, I think it is silly to use pop, > when we could simply use a CGI to read the mails _directely_ from > user Maildir (with password check naturally). http://www.inter7.com/sqwebmail -- See complete headers for more info
On Fri, Feb 11, 2000 at 09:59:03AM +0300, Anand Buddhdev wrote: > On Fri, Feb 11, 2000 at 07:33:12AM +0100, Olivier M. wrote: > > The last week, I tried a few webmail solutions, based on imap and > > pop. Some are pretty, but actually, I think it is silly to use pop, > > when we could simply use a CGI to read the mails _directely_ from > > user Maildir (with password check naturally). > > http://www.inter7.com/sqwebmail Thanks for this pointer. But I'm looking for something less "heavy" :) I'd like to program some parts of the script myself, and I can't do that with C yet. Anything in perl, php or python ? Olivier
Thus said Curtis Generous on Wed, 26 Jan 2000 03:58:21 EST: > Are there any standalone, fast HTML -> TEXT convertors > available that would convert message body information on the > fly? You might try to conjure up something with sed or even perl. I'm not certain how much overhead each would impose, but it isn't hard to strip out those dumb formatting tags. It might not leave the document in a *pretty* state though. :) Andy -- +====== Andy ====== TiK: garbaglio ======+ | Linux is about freedom of choice | +== http://www.xmission.com/~bradipo/ ===+
Hello , I'm a computer science student from Brazil . I'm trying to install qmail 1.03 on a PowerPC running AIX 4.15. Whenever I try to compile the source I got the below message: #make setup check ./compile qmail-local.c 1506-333 (S) License failure: acquire: No servers available for this vendor (network license server/library). make: 1254-004 The error code from the last command is 1. Can you help-me with this ? Thanks in advance. Alexandre Nobrega Duarte - [EMAIL PROTECTED] Graduacao em Ciencias da Computacao Universidade Federal da Paraiba - Campus II Departamento de Sistemas e Computacao Alexandre Nobrega Duarte - [EMAIL PROTECTED] Graduacao em Ciencias da Computacao Universidade Federal da Paraiba - Campus II Departamento de Sistemas e Computacao
seems to me, as if something is broken in your deveolping environement... -- ======================================== Alexander Jernejcic email:[EMAIL PROTECTED] IntelliNet EDV-Dienstleistungsges.m.b.H. 1060 Wien, Mariahilferstr. 103 Tel: +43/1/595 23 88 Fax: +43/1/595 23 90 http://www.intellinet.at On 11 Feb, Alexandre Nobrega Duarte (* Guardian *) wrote: > Hello , I'm a computer science student from Brazil . > I'm trying to install qmail 1.03 on a PowerPC running AIX 4.15. > Whenever I try to compile the source I got the below message: > > #make setup check > > ./compile qmail-local.c > 1506-333 (S) License failure: acquire: No servers available for this > vendor (network license server/library). > make: 1254-004 The error code from the last command is 1. > > > Can you help-me with this ? > > Thanks in advance. > > > > Alexandre Nobrega Duarte - [EMAIL PROTECTED] > Graduacao em Ciencias da Computacao > Universidade Federal da Paraiba - Campus II > Departamento de Sistemas e Computacao > > > > Alexandre Nobrega Duarte - [EMAIL PROTECTED] > Graduacao em Ciencias da Computacao > Universidade Federal da Paraiba - Campus II > Departamento de Sistemas e Computacao
> seems to me, as if something is broken in your deveolping > environement... > On 11 Feb, Alexandre Nobrega Duarte (* Guardian *) wrote: > > Hello , I'm a computer science student from Brazil . > > I'm trying to install qmail 1.03 on a PowerPC running AIX 4.15. > > Whenever I try to compile the source I got the below message: > > > > #make setup check > > > > ./compile qmail-local.c > > 1506-333 (S) License failure: acquire: No servers available for this > > vendor (network license server/library). > > make: 1254-004 The error code from the last command is 1. looks like an AIX message. Do you have a licence-key for your c-compiler ? /fozzy Mit freundlichen Gruessen/Best Regards [PSI-Corps: Vertrauen ist der Anfang von allem .... Babylon-5] -- Fozzy C. Dressel Debis systemhaus EDVG Hofmuehlgasse 3 - 5 Email: [EMAIL PROTECTED] A-1060 Vienna, Austria Tel: (+43)(1) 59903-1293 (8-19 CET)