qmail Digest 1 Aug 2000 10:00:01 -0000 Issue 1080

Tue, 01 Aug 2000 02:56:24 -0700 


qmail Digest 1 Aug 2000 10:00:01 -0000 Issue 1080

Topics (messages 45873 through 45932):

many processes open
        45873 by: Marco Benetton
        45881 by: Chris, the Young One
        45912 by: andrew.tic.ch
        45921 by: Chris, the Young One
        45929 by: Toens Bueker

qmail ident lookups
        45874 by: wolfgang zeikat
        45875 by: James Raftery

Re: WEIRD BEHAVIOR WITH MY QMAILd!!
        45876 by: Ricardo Cerqueira

Re: Still getting CNAME_lookup_failed_temporarily errors
        45877 by: Jens Hafsteinsson
        45878 by: Holborn BongMiester
        45880 by: Jens Hafsteinsson
        45882 by: Jens Hafsteinsson
        45887 by: Jens Hafsteinsson
        45888 by: Chris, the Young One
        45890 by: Petr Novotny
        45893 by: Chris, the Young One
        45895 by: Petr Novotny
        45914 by: asantos
        45916 by: Holborn BongMiester
        45932 by: Jens Hafsteinsson

Re: qmail running; no mail delivery to Maildir
        45879 by: Tim Hunter

Not receiving mail sent through smtpd
        45883 by: Craig L. Ching
        45884 by: Tim Hunter
        45885 by: Chris, the Young One
        45886 by: Chris, the Young One
        45889 by: Craig L. Ching
        45891 by: Chris, the Young One
        45892 by: Craig L. Ching

qmail & dns
        45894 by: reach_prashant.zeenext.com
        45896 by: Chris, the Young One
        45898 by: reach_prashant.zeenext.com
        45915 by: Brett Randall

Re: Open letter
        45897 by: Dave Sill
        45899 by: Michael T. Babcock
        45900 by: Dave Sill
        45901 by: Michael T. Babcock
        45902 by: Ihnen, David

Re: tai64n -- why?
        45903 by: David Dyer-Bennet
        45904 by: Charles Cazabon
        45905 by: David Dyer-Bennet
        45906 by: tony.corp.quepasa.com
        45907 by: markd.bushwire.net
        45908 by: David Dyer-Bennet
        45909 by: Ben Beuchler
        45922 by: Chris, the Young One
        45924 by: David Dyer-Bennet

How I deal with qmail log files
        45910 by: Ihnen, David

Re: qmail-1.03 on Solaris is broken
        45911 by: andrew.tic.ch

TCPserver error (fwd)
        45913 by: Z
        45928 by: Uwe Ohse
        45930 by: Alex Campbell

Re: [offtopic?] RE: Encryption (was: Open letter)
        45917 by: Michael T. Babcock
        45918 by: Adam McKenna
        45919 by: Ihnen, David
        45920 by: Jacob Scott

Duplicate Message-ID question
        45923 by: Sten

qmail-pw2u error
        45925 by: Vincent Danen
        45927 by: Chris, the Young One

question ?
        45926 by: Chad Cranston

Re: The famous [EMAIL PROTECTED]
        45931 by: Eric Cox

Administrivia:

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To bug my human owner, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        [EMAIL PROTECTED]


----------------------------------------------------------------------


Hi all
I have a big problem with my mail server.
In a moment I have 328 processes open and the mail server had a problem
with libc.so.6, this is the log in log/current:

@40000000398064413962161c delivery 303: deferral:
bin/qmail-queue:_error_in_loading_shared_libraries:_libc.so.6:_cannot_open_shar
ed_object_file:_Error_23/Unable_to_forward_message:_qq_temporary_problem_(#4.3.
0)./

I have set the file concurencyremote=20 and concurencylocal=10
but how is possible that I have 328 qmail-smtpd process in a time.

Thanks in advantage




On Mon, Jul 31, 2000 at 12:03:12PM +0200, Marco Benetton wrote:
! @40000000398064413962161c delivery 303: deferral: 
bin/qmail-queue:_error_in_loading_shared_libraries:_libc.so.6:_cannot_open_shared_object_file:_Error_23/Unable_to_forward_message:_qq_temporary_problem_(#4.3.0)./

Error 23, in Linux (not such a big assumption seeing that your libc is
called libc.so.6 :-)), is ENFILE (File table overflow). Essentially,
your system cannot open any more files. It's just a temporary situation,
just wait it out and hope you don't get more SMTP connections. :-)

! I have set the file concurencyremote=20 and concurencylocal=10
! but how is possible that I have 328 qmail-smtpd process in a time.

concurrencyremote and concurrencylocal do not affect how many
qmail-smtpd processes can be run. Having 328 connections seems to
me to be doable only if you invoke qmail-smtpd via inetd (see
http://cr.yp.to/docs/inetd.html).

Try using tcpserver from the ucspi-tcp package instead. It has a
concurrency limit of 40, by default. See http://cr.yp.to/ucspi-tcp.html.

Good luck,
        ---Chris K.
-- 
 Chris, the Young One |_ but what's a dropped message between friends? 
  Auckland, New Zealand |_ this is UDP, not TCP after all ;) ---John H. 
http://cloud9.hedgee.com/ |_ Robinson, IV  
 PGP: 0xCCC6114E/0x706A6AAD |_ 



Chris, 

>your system cannot open any more files. It's just a temporary situation,
>just wait it out and hope you don't get more SMTP connections. :-)
Perhaps checkout ulimit -n, which refers to the max. no. of file descriptors
- With Solaris using ulimit -n xxx before calling qmail-start is appropriate,
but with Linux it looks like there is no upper limit (bash offers you a ulimit
command to check this). Maybe there's a hard-coded f.d. limit in the kernel??

>concurrencyremote and concurrencylocal do not affect how many
>qmail-smtpd processes can be run. Having 328 connections seems to
>me to be doable only if you invoke qmail-smtpd via inetd (see
>http://cr.yp.to/docs/inetd.html).
I disagree: I've setup machines handling plenty of connections
using tcpserver - which is, I feel, a far more appropriate way of
calling qmail-smtpd. Have you come across particular problems
with tcpserver that lead you to the 'Need inetd' conclusion? If it's
an issue of timeouts, or [very] slow connections, that should be
the familiar old cookie of the -R and -H options to tcpserver - as
someone who moved from inetd to tcpserver myself, this is a
problem I remember well....

cheers,

Andrew.

----------
From:   Chris, the Young One[SMTP:[EMAIL PROTECTED]]
Sent:   31 July 2000 14:49
To:     [EMAIL PROTECTED]
Subject:        Re: many processes open

On Mon, Jul 31, 2000 at 12:03:12PM +0200, Marco Benetton wrote:
! @40000000398064413962161c delivery 303: deferral:
bin/qmail-queue:_error_in_loading_shared_libraries:_libc.so.6:_cannot_open_shared_object_file:_Error_23/Unable_to_forward_message:_qq_temporary_problem_(#4.3.0)./

Error 23, in Linux (not such a big assumption seeing that your libc is
called libc.so.6 :-)), is ENFILE (File table overflow). Essentially,
your system cannot open any more files. It's just a temporary situation,
just wait it out and hope you don't get more SMTP connections. :-)

! I have set the file concurencyremote=20 and concurencylocal=10
! but how is possible that I have 328 qmail-smtpd process in a time.

concurrencyremote and concurrencylocal do not affect how many
qmail-smtpd processes can be run. Having 328 connections seems to
me to be doable only if you invoke qmail-smtpd via inetd (see
http://cr.yp.to/docs/inetd.html).

Try using tcpserver from the ucspi-tcp package instead. It has a
concurrency limit of 40, by default. See http://cr.yp.to/ucspi-tcp.html.

Good luck,
        ---Chris
K.




On Mon, Jul 31, 2000 at 08:03:41PM +0000, [EMAIL PROTECTED] wrote:
! >your system cannot open any more files. It's just a temporary situation,
! >just wait it out and hope you don't get more SMTP connections. :-)
! Perhaps checkout ulimit -n, which refers to the max. no. of file descriptors
! - With Solaris using ulimit -n xxx before calling qmail-start is appropriate,
! but with Linux it looks like there is no upper limit (bash offers you a ulimit
! command to check this). Maybe there's a hard-coded f.d. limit in the kernel??

Linux 2.2's global fd limit (as opposed to the per-process fd limit
which you set with ``ulimit -n'') isn't hard-coded; you can set it via 
/proc/sys/fs/file-max.

! I disagree: I've setup machines handling plenty of connections
! using tcpserver - which is, I feel, a far more appropriate way of
! calling qmail-smtpd.

You can set tcpserver's concurrency to 400, should you so wish. But
by default it will handle only 40, which was why I found 328 a bit
strange. (Maybe it's because my mail server doesn't get that many
SMTP connections, not enough to merit altering the concurrency limit.)

!                      Have you come across particular problems
! with tcpserver that lead you to the 'Need inetd' conclusion?

I didn't say you ``need'' inetd. My conclusion was that with inetd,
there is effectively _no_ concurrency limit, which in my opinion is
a Bad Thing.

        ---Chris K.
-- 
 Chris, the Young One |_ Never brag about how your machines haven't been 
  Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's 
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of 
 PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider 



"Chris, the Young One" <[EMAIL PROTECTED]> wrote:

> !                      Have you come across particular problems
> ! with tcpserver that lead you to the 'Need inetd' conclusion?
> 
> I didn't say you ``need'' inetd. My conclusion was that with inetd,
> there is effectively _no_ concurrency limit, which in my opinion is
> a Bad Thing.

>From inetd(8):

The optional `max'' suffix (separated from `wait'' or `nowait'' by a dot)
specifies the maximum number of server instances that may be spawned from
inetd within an interval of 60 seconds. When omitted, `max'' defaults to 40.

By
Töns
-- 
Linux. The dot in /.



qmail seems to be doing ident lookups with each email a local user sends
via SMTP.

since the ident port has been disabled in our firewall,
these lookups slow sending mail down on the users' client side.

is there a way to run qmail without those lookups?

wolfgang



On Mon, Jul 31, 2000 at 01:24:16PM +0200, wolfgang zeikat wrote:
> since the ident port has been disabled in our firewall,
> these lookups slow sending mail down on the users' client side.
> 
> is there a way to run qmail without those lookups?

Hi,

You should use the -R option to tcpserver to stop it makng ident
queries.
See http://cr.yp.to/ucspi-tcp/tcpserver.html for the full list of
tcpserver options.

Regards,

james
-- 
James Raftery (JBR54)  -  Programmer Hostmaster  -  IE TLD Hostmaster
   IE Domain Registry  -  www.domainregistry.ie  -  (+353 1) 706 2375
  "Managing 4000 customer domains with BIND has been a lot like
   herding cats." - Mike Batchelor, on [EMAIL PROTECTED]



On Mon, Jul 31, 2000 at 02:29:20AM +0100, Artur D'assumpção wrote:

[snipped a bunch of badly indented lines]

>                     If I send , LOCALY, a mail to [EMAIL PROTECTED] or even 
>[EMAIL PROTECTED], it will
>                     work with no problems!! 
>                     In the other way, if ill do the same thing remotly only 
>[EMAIL PROTECTED] will work!! Everything
>                     else , [EMAIL PROTECTED] [EMAIL PROTECTED] will give 
>this error. 
> 
>                     
>194.210.xx.xx_does_not_like_recipient./Remote_host_said:_553_sorry,_that_domain_isn't_in_my
> 
>                     _list_of_allowed_rcpthosts_(#5.7.1)/Giving_up_on_194.210.xx.xx./ 
> 

OK, that's common. Are you sure [EMAIL PROTECTED] won't work? It should. vhost 
should fail, but galileu _should_ work. It IS in the rcpthosts file. And, because it's 
in control/locals, it should be taken as a local address.

>                     And I have this, 
> 
>                     [root@sarrazola control]# cat defaultdomain 
>                     example.com 
>                     [root@sarrazola control]# cat locals 
>                     localhost 
>                     galileu.example.com 
>                     example.com 
>                     galileu 
>                     [root@sarrazola control]# cat me 
>                     galileu.example.com 
>                     [root@sarrazola control]# cat rcpthosts 
>                     localhost 
>                     galileu 
>                     galileu.example.com 
>                     example.com 
>                     [root@sarrazola control]# 
> 
> 
>                     Has you can see I can't resolve the problem... And I dont 
>understand it... 

RTFM would be nice. man 5 qmail-control, in particular, is very useful to find out 
what each and every one of this file is supposed to do.

RC


-- 
+-------------------
| Ricardo Cerqueira  
| PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 DB 28 DE 03 42 
| Novis  -  Engenharia ISP / Rede Técnica 
| Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701




>From: "asantos" <[EMAIL PROTECTED]>
> >named does recursive queries by default according to the docs.
>
>Well.. is your installation the default one? ;)

Yes, I would think so.

> >Everything in named.conf seems fine. The zone "." looks like this:
> >
> >zone "." in
> >{
> >  type hint;
> >  file "db.cache";
> >};
> >
> >and the db.cache file contains the root servers.
>
>In the right directory? I'm grabing at straws, here, but ...

Yes, it is in the right directory.

>
> >Well, if the problem lies with my resolver, are there any tools that I 
>can
> >use to simulate what qmail is trying to do? ping and nslookup seem t be
> >working fine.
> >Maybe some simple source code that I can fiddle with to figure this out?
>
>
>The main difference between qmail and other software re DNS is that qmail
>doesn't give a hoot about the /etc/hosts file. Everything is done through
>DNS. As things stand now, I'd dump bind and try djbdns... unless you can 
>get
>someone to debug bind for you.
>
>The tests I've done with triton.axon.is using nslookup did ok. It's even
>recursive. dnsq concurs, everything seems ok. If this was djbdns, with its
>clearer binding to interfaces, I'd say that your DNS server is ok for
>outside queries, but not correctly configured for local queries, and point
>the proverbial finger at the culprit.
>
>Next thing I'd suspect would be libc upgrade problems... what OS are you
>running? I couldn't identify it remotely. It looks like Linux 2.2.14, 
>but...
>try to reinstall your libc's.

This thought has bee creeping up on me since yesterday. I'm a bit keen on 
sticking with bind, so I will check on my libs first. I'm running Linux 
2.2.16 (RH6.1 at heart).

>
>Did you install qmail from source or using a binary package?
>

>From source, but compiled on a different machine (the user and group match).

Thanks,
Jens
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com




Jens Hafsteinsson wrote:
> >In the right directory? I'm grabing at straws, here, but ...
> 
> Yes, it is in the right directory.

You all may be barking up the wrong tree (there again, so could I
:). Whats the address that getting the CNAME lookup failure. What
does qmail-qstat give?

I'm intrested to whats cuasing the CNAME errors.

Regards,

D.




>From: Holborn BongMiester <[EMAIL PROTECTED]>
>
>You all may be barking up the wrong tree (there again, so could I
>:). Whats the address that getting the CNAME lookup failure.

I've tried several addresses, both local to my root domain and external. 
Example domains are dimon.is and abacus.com. All fail with the CNAME error.

>What does qmail-qstat give?
>

qmail-qstat gives the following:

messages in queue: 2
messages in queue but not yet preprocessed: 0

Jens

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com




>From: Holborn BongMiester <[EMAIL PROTECTED]>

> > >You all may be barking up the wrong tree (there again, so could I
> > >:). Whats the address that getting the CNAME lookup failure.
> >
> > I've tried several addresses, both local to my root domain and external.
> > Example domains are dimon.is and abacus.com. All fail with the CNAME 
>error.
>
>Okay. What OS?

At my end or theirs?
My end is Linux (2.2.16, glibc 2.1.2) and dimon is Linux (version ?). I 
don't know about abacus.

>
> > >What does qmail-qstat give?
> > >
> >
> > qmail-qstat gives the following:
> >
> > messages in queue: 2
> > messages in queue but not yet preprocessed: 0
>
>So two waiting to go.

I've clean the queue several times just to keep the log managable. These are 
the most recent messages.

What kind of preprocessing does qmail do?

Jens
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com







>From: Holborn BongMiester <[EMAIL PROTECTED]>
>
>Do you have an nsswitch.conf in your /etc/ dir? Make sure it has:
>
>hosts:      files dns
>
>as the hosts line. This means it will first attempt to resolve the entry
>in /etc/hosts if not it tries dns.

The hosts line in nsswitch.conf reads:

hosts:  files nisplus nis dns

I don't use NIS.

>
>Them in ya resolv.conf you'll want:
>
>nameserver 127.0.0.1

Ok. I had 'search axon.is' and 'nameserver 194.144.127.194'. Tried to also 
remove search but it didn't change anything. Now I only have 'nameserver 
127.0.0.1'.

>
>That _should_ be your resolv set up correctly, what does nslookup -d -q=mx
>abacus.com give?

nslookup -d -q=mx abacus.com.

;; res_nmkquery(QUERY, 1.0.0.127.in-addr.arpa, IN, PTR)
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 15582, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 2,  additional = 2

    QUESTIONS:
        1.0.0.127.in-addr.arpa, type = PTR, class = IN
    ANSWERS:
    ->  1.0.0.127.in-addr.arpa
        name = localhost
        ttl = 86400 (1D)
    AUTHORITY RECORDS:
    ->  0.0.127.in-addr.arpa
        nameserver = triton.axon.is
        ttl = 86400 (1D)
    ->  0.0.127.in-addr.arpa
        nameserver = sprettur.isnet.is
        ttl = 86400 (1D)
    ADDITIONAL RECORDS:
    ->  triton.axon.is
        internet address = 194.144.127.194
        ttl = 86400 (1D)
    ->  sprettur.isnet.is
        internet address = 193.4.58.19
        ttl = 15853 (4h24m13s)

------------
Server:  localhost
Address:  127.0.0.1

;; res_nmkquery(QUERY, abacus.com, IN, MX)
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 15583, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 2,  authority records = 3,  additional = 5

    QUESTIONS:
        abacus.com, type = MX, class = IN
    ANSWERS:
    ->  abacus.com
        preference = 10, mail exchanger = merc91.us.sas.com
        ttl = 28300 (7h51m40s)
    ->  abacus.com
        preference = 10, mail exchanger = merc92.us.sas.com
        ttl = 28300 (7h51m40s)
    AUTHORITY RECORDS:
    ->  abacus.com
        nameserver = LAMB.sas.com
        ttl = 172296 (1d23h51m36s)
    ->  abacus.com
        nameserver = SCHAF.sas.com
        ttl = 172296 (1d23h51m36s)
    ->  abacus.com
        nameserver = BLEAT.sas.com
        ttl = 172296 (1d23h51m36s)
    ADDITIONAL RECORDS:
    ->  merc91.us.sas.com
        internet address = 149.173.6.1
        ttl = 28398 (7h53m18s)
    ->  merc92.us.sas.com
        internet address = 149.173.6.2
        ttl = 28398 (7h53m18s)
    ->  LAMB.sas.com
        internet address = 149.173.1.1
        ttl = 172296 (1d23h51m36s)
    ->  SCHAF.sas.com
        internet address = 212.185.185.19
        ttl = 172296 (1d23h51m36s)
    ->  BLEAT.sas.com
        internet address = 149.173.1.4
        ttl = 172296 (1d23h51m36s)

------------
Non-authoritative answer:
abacus.com
        preference = 10, mail exchanger = merc91.us.sas.com
        ttl = 28300 (7h51m40s)
abacus.com
        preference = 10, mail exchanger = merc92.us.sas.com
        ttl = 28300 (7h51m40s)

Authoritative answers can be found from:
abacus.com
        nameserver = LAMB.sas.com
        ttl = 172296 (1d23h51m36s)
abacus.com
        nameserver = SCHAF.sas.com
        ttl = 172296 (1d23h51m36s)
abacus.com
        nameserver = BLEAT.sas.com
        ttl = 172296 (1d23h51m36s)
merc91.us.sas.com
        internet address = 149.173.6.1
        ttl = 28398 (7h53m18s)
merc92.us.sas.com
        internet address = 149.173.6.2
        ttl = 28398 (7h53m18s)
LAMB.sas.com
        internet address = 149.173.1.1
        ttl = 172296 (1d23h51m36s)
SCHAF.sas.com
        internet address = 212.185.185.19
        ttl = 172296 (1d23h51m36s)
BLEAT.sas.com
        internet address = 149.173.1.4
        ttl = 172296 (1d23h51m36s)

>
> > >So two waiting to go.
> >
> > I've clean the queue several times just to keep the log managable. These 
>are
> > the most recent messages.
>
>*nods* I can imagine it's a bit of a nuisence :(
>
> > What kind of preprocessing does qmail do?
>
>Preprocessing? You mean before sending mail out 'to the world'?

Yes. qmail-qstat says it has 0 preprocessed messages in the queue but 2 
waiting to be sent. I was just wondering if qmail did some header building 
or something based on information it had at the time. Say that I now change 
my setup in some way but that change isn't reflected in the old messages in 
the queue as the have already been preprocessed, so next time qmail tries to 
deliver them, they fail.

Jens
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com




On Mon, Jul 31, 2000 at 03:11:14PM +0000, Jens Hafsteinsson wrote:
! Yes. qmail-qstat says it has 0 preprocessed messages in the queue but 2 
! waiting to be sent. I was just wondering if qmail did some header building 
! or something based on information it had at the time.

If I remember right, preprocessing (which is done by qmail-queue)
involves determining whether a message is local or remote.

!                                                       Say that I now change 
! my setup in some way but that change isn't reflected in the old messages in 
! the queue as the have already been preprocessed, so next time qmail tries to 
! deliver them, they fail.

This happens if you change /var/qmail/control/locals so that the
notion of what's local is changed. Other than that I can't see how
else it can happen.

See INTERNALS in the qmail distribution.

        ---Chris K.
-- 
 Chris, the Young One |_ If you can't afford a backup system, you can't 
  Auckland, New Zealand |_ afford to have important data on your computer. 
http://cloud9.hedgee.com/ |_ ---Tracy R. Reed  
 PGP: 0xCCC6114E/0x706A6AAD |_ 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 1 Aug 00, at 3:25, Chris, the Young One wrote:

> If I remember right, preprocessing (which is done by qmail-queue)

No, it's done by qmail-send. (qmail-queue writes the message into 
the queue and pulls the trigger; that's all.)

> involves determining whether a message is local or remote.

Yep.

> !                                   Say that I now change 
> ! my setup in some way but that change isn't reflected in the old
> ! messages in the queue as the have already been preprocessed, so next
> ! time qmail tries to deliver them, they fail.
> 
> This happens if you change /var/qmail/control/locals so that the
> notion of what's local is changed. Other than that I can't see how
> else it can happen.

DJB sais that qmail-2.0 will handle this situation better. (Like, you 
want to ditch all mails going to aol.com; once they're 
preprocessed, you can't just put aol.com in virtualdomains and 
/dev/null the messages locally; you must first re-inject the 
messages, so that local/remote decision is retried.)

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOYWORFMwP8g7qbw/EQL7cgCgrWgAAC4wG/9c0OMGCsBff+RpwzwAoN+M
v7oFujaricywPflsvlrgbJrv
=bCXp
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
                                                             [Tom Waits]



On Mon, Jul 31, 2000 at 05:33:39PM +0200, Petr Novotny wrote:
! No, it's done by qmail-send. (qmail-queue writes the message into 
! the queue and pulls the trigger; that's all.)

Having just peek at INTERNALS again, I agree. My mistake.

! DJB sais that qmail-2.0 will handle this situation better. (Like, you 
! want to ditch all mails going to aol.com; once they're 
! preprocessed, you can't just put aol.com in virtualdomains and 
! /dev/null the messages locally; you must first re-inject the 
! messages, so that local/remote decision is retried.)

At the moment though, as far as I know, the messages get sent pretty
much straight after preprocessing. Just how do you get the messages
``reinjected''? (Please don't tell me it's in the FAQ. :-))

        ---Chris K.
-- 
 Chris, the Young One |_ but what's a dropped message between friends? 
  Auckland, New Zealand |_ this is UDP, not TCP after all ;) ---John H. 
http://cloud9.hedgee.com/ |_ Robinson, IV  
 PGP: 0xCCC6114E/0x706A6AAD |_ 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 1 Aug 00, at 3:42, Chris, the Young One wrote:

> At the moment though, as far as I know, the messages get sent pretty
> much straight after preprocessing. Just how do you get the messages
> ``reinjected''?

For example by a smtproutes entry pointing back at yourself. (Be 
careful about rcpthosts or RELAYCLIENT in that case; you don't 
want to bounce the message during reinjection, do you?)

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOYWSMlMwP8g7qbw/EQJDhgCfaHTdaaewRJ5UYpXQjNaaYX2Ti/AAn0Km
UXztdJ0vkYlHpAVO1Ug0a0fB
=RGZE
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
                                                             [Tom Waits]



From: Jens Hafsteinsson <[EMAIL PROTECTED]>
>>Did you install qmail from source or using a binary package?
>>
>
>From source, but compiled on a different machine (the user and group
match).


Right.

A ldd qmail-remote on my machine gives me:

libresolv.so.2 => /lib/libresolv.so.2 (0x40019000)
libc.so.6 => /lib/libc.so.6 (0x40027000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

I bet you a eider feather against a authentic Sakenussem scroll that your
problem is right there on the first line: different versions of libresolv.

Armando





asantos wrote:
> I bet you a eider feather against a authentic Sakenussem scroll that your
> problem is right there on the first line: different versions of libresolv.

Agreed. After confirming his resolv was setup and functioning, I suggested
a recompile (if on the same box) without and LD_LIBRARY_PATH and after
rerunning ldocnfig as root (he was on Linux so no need for the -R :)

Failing that a truss/strace and actually see what it's up to.

Regards,

D.




>From: "asantos" <[EMAIL PROTECTED]>
>
>A ldd qmail-remote on my machine gives me:
>
>libresolv.so.2 => /lib/libresolv.so.2 (0x40019000)
>libc.so.6 => /lib/libc.so.6 (0x40027000)
>/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
>
>I bet you a eider feather against a authentic Sakenussem scroll that your
>problem is right there on the first line: different versions of libresolv.
>

ldd qmail-remote on triton gives

libresolv.so.2 => /lib/libresolv.so.2 (0x40015000)
libc.so.6 => /lib/libc.so.6 (0x40025000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

ldd qmail-remote on the machine I compiled it gives

libresolv.so.2 => /lib/libresolv.so.2 (0x40018000)
libc.so.6 => /lib/libc.so.6 (0x40028000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

Running ldd -v shows the same version numbers on both systems.

I'll try and move qmail to another machine that is more similar to the one I 
compiled it on and see how it runs there.

Thanks,
Jens

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com




Isn't this a FAQ somewhere?

Double check your /var/qmail/rc
make sure you have ./Maildir/ with the ending /
otherwise it thinks its delivering to a file



-----Original Message-----
From: root [mailto:root]On Behalf Of Harsha Linux
Sent: Monday, July 31, 2000 2:52 AM
To: [EMAIL PROTECTED]
Subject: qmail running; no mail delivery to Maildir


Hi,

I installed qmail in this order..

MySQL Version 3.22.32
tcpserver (ucspi-tcp-0.88)
qmail-1.03

qmail was working fine. Mails were being deleiverd to Mailbox file.

I switched to Maildir format according to instructions in qmail's
INSTALL.maildir file. I logged in as root and executed :

        ./maildirmake ~user1/Maildir
        echo ./Maildir/ > ~user1/.qmail

for all the users (have only a few users...for testing)

I also excuted:

        ./maildirmake /etc/skel/Maildir
        echo ./Maildir/ > /etc/skel/.qmail

so that all new users are created with proper Maildirs.

Step-4 of qmail's INSTALL file says...

4. Read INSTALL.ctl and FAQ. Minimal survival command:

And according to the FAQ file...

According to FAQ's question 5.1:
5.1. How do I run qmail-smtpd under tcpserver?

I setup in inet.conf file the following (since I have tcpserver
installed)

   tcpserver -u 7770 -g 2108 0 smtp /var/qmail/bin/qmail-smtpd &

(I have replaced 7770 and 2108 with my qmaild uid and nofiles gid)

According to FAQ's question 5.3:
5.3. How do I set up qmail-pop3d?

I setup in /etc/inetd.conf the following...

   tcpserver 0 pop3 /var/qmail/bin/qmail-popup YOURHOST \
   /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir &

(Since I have tcpserver installed) I've replaced YOURHOST with my host
name. I have also installed the checkpassword programs.

Now, I can connect to my system on port 25 using telnet and send local
mails using SMTP commands. But mails are not being delivered to mailbox
or Maildir.

I checked the file /var/log/maillog file. But it
says...Unable_to_open_./Maildir

        Jul 31 12:04:28 Linux qmail: 965025268.328030 status: local 1/10 remote
0/20
        Jul 31 12:04:28 Linux qmail: 965025268.422942 delivery 25: deferral:
Unable_to_open_./Maildir:_is_a_directory._(#4.2.1)/
        Jul 31 12:04:28 Linux qmail: 965025268.423060 status: local 0/10 remote
0/20

What could be wrong? Please help

With regards,
Harsha




Hi!

Thanks for the help on this so far, the pointers have really helped me
understand qmail.  I've nailed down the problem, but I still don't know how
to resolve it.  Basically, the clue was in my qmail-send logs.  Here's an
example of what I'm seeing:

@400000003981b5cf1637e39c new msg 12548
@400000003981b5cf16432284 info msg 12548: bytes 2104 from <> qp 12047 uid
105
                                                           ^
-----------------------------------------------------------|  Nothing here
and


@400000003981b5cf16d538f4 starting delivery 3956: msg 12548 to local
@sumo.craig-home.org
                                                                    ^
--------------------------------------------------------------------|
Nothing here.

@400000003981b5cf16e3c39c status: local 1/10 remote 0/20
@400000003981b5cf1ba4fcfc delivery 3956: success: did_0+0+2/
@400000003981b5cf1bb890b4 status: local 0/10 remote 0/20
@400000003981b5cf1bbea364 end msg 12548

Does this look familiar to anyone?  Thanks for all the help!

Cheers,
Craig



It looks like to me a bad smtp session, was this created manually?  or by
some mailer?



-----Original Message-----
From: Craig L. Ching [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 31, 2000 10:38 AM
To: qmail Distribution List (E-mail)
Subject: Not receiving mail sent through smtpd


Hi!

Thanks for the help on this so far, the pointers have really helped me
understand qmail.  I've nailed down the problem, but I still don't know how
to resolve it.  Basically, the clue was in my qmail-send logs.  Here's an
example of what I'm seeing:

@400000003981b5cf1637e39c new msg 12548
@400000003981b5cf16432284 info msg 12548: bytes 2104 from <> qp 12047 uid
105
                                                           ^
-----------------------------------------------------------|  Nothing here
and


@400000003981b5cf16d538f4 starting delivery 3956: msg 12548 to local
@sumo.craig-home.org
                                                                    ^
--------------------------------------------------------------------|
Nothing here.

@400000003981b5cf16e3c39c status: local 1/10 remote 0/20
@400000003981b5cf1ba4fcfc delivery 3956: success: did_0+0+2/
@400000003981b5cf1bb890b4 status: local 0/10 remote 0/20
@400000003981b5cf1bbea364 end msg 12548

Does this look familiar to anyone?  Thanks for all the help!

Cheers,
Craig




On Mon, Jul 31, 2000 at 09:37:47AM -0500, Craig L. Ching wrote:
! @400000003981b5cf1637e39c new msg 12548
! @400000003981b5cf16432284 info msg 12548: bytes 2104 from <> qp 12047 uid 105

Empty sender == don't send bounce messages.

! @400000003981b5cf16d538f4 starting delivery 3956: msg 12548 to local 
@sumo.craig-home.org

An empty ``local'' part is definitely wrong.

Since you were testing your SMTP set-up (unless my memory is failing
again), you might try the following SMTP conversaion (assuming your
local user name is ``you''):

ehlo localhost
mail from:<[EMAIL PROTECTED]>
rcpt to:<[EMAIL PROTECTED]>
data
.
quit

After this, neither the sender nor recipient should show up as empty
in your logs.

Note: you can't omit the angle brackets.

        ---Chris K.
-- 
 Chris, the Young One |_ If you can't afford a backup system, you can't 
  Auckland, New Zealand |_ afford to have important data on your computer. 
http://cloud9.hedgee.com/ |_ ---Tracy R. Reed  
 PGP: 0xCCC6114E/0x706A6AAD |_ 



Let's try again:

On Tue, Aug 01, 2000 at 02:45:40AM +1200, Chris, the Young One wrote:
! ehlo localhost

``ehlo sumo.craig-home.org'' (you can use helo also)

! mail from:<[EMAIL PROTECTED]>

``mail from:<[EMAIL PROTECTED]>'' (now that I looked back
at your previous messages)

! rcpt to:<[EMAIL PROTECTED]>

I type sudo too much. :-) Replace ``you'' with ``cching'', as before.
Also, there is no space between the colon and the left angle bracket,
just in case this wasn't made clear. :-)

! data
! .
! quit

        ---Chris K.
-- 
 Chris, the Young One |_ Never brag about how your machines haven't been 
  Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's 
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of 
 PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider 



> Let's try again:
> 
> On Tue, Aug 01, 2000 at 02:45:40AM +1200, Chris, the Young One wrote:
> ! ehlo localhost
> 
> ``ehlo sumo.craig-home.org'' (you can use helo also)
> 
> ! mail from:<[EMAIL PROTECTED]>
> 
> ``mail from:<[EMAIL PROTECTED]>'' (now that I looked back
> at your previous messages)
> 
> ! rcpt to:<[EMAIL PROTECTED]>
> 
Thanks, I'll give that a shot!  Now, the TEST.receive example looks nothing
like this.  Should it?  Or should my configuration not worry about that?  I
just want to make sure I have everything set up correctly.

> I type sudo too much. :-) Replace ``you'' with ``cching'', as before.
> Also, there is no space between the colon and the left angle bracket,
> just in case this wasn't made clear. :-)
> 
> ! data
> ! .
> ! quit
> 
>       ---Chris K.
> -- 
>  Chris, the Young One |_ Never brag about how your machines 
> haven't been 
>   Auckland, New Zealand |_ hacked, or your code hasn't been 
> broken. It's 
> http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of 
>  PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider 
> 
Cheers,
Craig



On Mon, Jul 31, 2000 at 10:28:29AM -0500, Craig L. Ching wrote:
! Thanks, I'll give that a shot!  Now, the TEST.receive example looks nothing
! like this.

Sure it does! That document skimped out on writing ``mail from:'' and
``rcpt to:'' fully, but does have a note later on saying ``(Note for
programmers: Most SMTP servers need more text after MAIL and RCPT.
See RFC 821.)''. ``ehlo'' is defined in RFC 1869, but for qmail-smtpd
behaves almost identically to ``helo''.

Other than those, how different is my snippet from TEST.receive's one?

!             Should it?  Or should my configuration not worry about that?  I
! just want to make sure I have everything set up correctly.

Well, if either works, you're in business.

        ---Chris K.
-- 
 Chris, the Young One |_ Never brag about how your machines haven't been 
  Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's 
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of 
 PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider 



> On Mon, Jul 31, 2000 at 10:28:29AM -0500, Craig L. Ching wrote:
> ! Thanks, I'll give that a shot!  Now, the TEST.receive 
> example looks nothing
> ! like this.
> 
> Sure it does! That document skimped out on writing ``mail from:'' and
> ``rcpt to:'' fully, but does have a note later on saying ``(Note for
> programmers: Most SMTP servers need more text after MAIL and RCPT.
> See RFC 821.)''. ``ehlo'' is defined in RFC 1869, but for qmail-smtpd
> behaves almost identically to ``helo''.
> 
> Other than those, how different is my snippet from TEST.receive's one?
> 
Ooops!  I didn't read carefully enough!  Just following the text without
thinking, sorry!

> !             Should it?  Or should my configuration not 
> worry about that?  I
> ! just want to make sure I have everything set up correctly.
> 
> Well, if either works, you're in business.
> 
Excellent!  Thanks much for your help and everyone else's help as well.  I
also want to thank Dave Sill for "Life With qmail", read that over the
weekend.  Guess I'd better go out and get the RFC's now!

>       ---Chris K.
> -- 
>  Chris, the Young One |_ Never brag about how your machines 
> haven't been 
>   Auckland, New Zealand |_ hacked, or your code hasn't been 
> broken. It's 
> http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of 
>  PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider 
> 
Cheers,
Craig



hello friends 

sorry for asking you too many silly questions , but its just bcoz i want to
know more about qmail  


   so these questions just keep popping up  , 

   
 how qmail will send the message from  one domain 

  say a  [EMAIL PROTECTED]  to  someother domain   say [EMAIL PROTECTED]


   when DNS comes in to the picture , is qmail it self starts query
authorative dns server for that domain or its a job of some other programme
 bundled  with qmail-1.03  

  thanks once again ,
  with warmest regards 
 Prashant Desai





On Mon, Jul 31, 2000 at 11:47:49AM +0300, [EMAIL PROTECTED] wrote:
!    when DNS comes in to the picture , is qmail it self starts query
! authorative dns server for that domain or its a job of some other programme
!  bundled  with qmail-1.03  

qmail-1.03 uses BIND's libresolv to do the actual resolution. See
dns.c. Most of the action occurs in the resolve() function.

        ---Chris K.
-- 
 Chris, the Young One |_ If you can't afford a backup system, you can't 
  Auckland, New Zealand |_ afford to have important data on your computer. 
http://cloud9.hedgee.com/ |_ ---Tracy R. Reed  
 PGP: 0xCCC6114E/0x706A6AAD |_ 






  hello  guys 
sorry for asking you too many silly questions , but its just bcoz i want to
know more about qmail  


   so these questions just keep popping up  , 

   
 how qmail will send the message from  one domain 

  say a  [EMAIL PROTECTED]  to  someother domain   say [EMAIL PROTECTED]


   when DNS comes in to the picture , is qmail it self starts query
authorative dns server for that domain or its a job of some other programme
 bundled  with qmail-1.03  

  thanks once again ,
  with warmest regards 
 Prashant Desai





Take a look at the DNS-HOWTO (linux) and read about MX records. That'll be
easier than waiting here.

Brett

Manager
InterPlanetary Solutions
http://ipsware.com/



> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Monday, July 31, 2000 9:48 PM
> To: [EMAIL PROTECTED]
> Subject: qmail & dns
>
>
> hello friends
>
> sorry for asking you too many silly questions , but its just bcoz
> i want to
> know more about qmail
>
>
>    so these questions just keep popping up  ,
>
>
>  how qmail will send the message from  one domain
>
>   say a  [EMAIL PROTECTED]  to  someother domain   say [EMAIL PROTECTED]
>
>
>    when DNS comes in to the picture , is qmail it self starts query
> authorative dns server for that domain or its a job of some other
> programme
>  bundled  with qmail-1.03
>
>   thanks once again ,
>   with warmest regards
>  Prashant Desai
>
>




Patrick Lambert <[EMAIL PROTECTED]> wrote:

>Each SMTP server could compute a random set of keys when it
>is installed, and a simple new command could be added to retrieve
>the public key. When any connection is made between the servers,
>a public key would be fetched. If the remote server has not been
>upgraded and does not support PKI, then the transmission would
>continue in a normal way. If both servers support it, then
>encryption could be established, automatically, using PKI.

Congratulations, you've just reinvented RFC2487:

  http://www.ietf.org/rfc/rfc2487.txt

qmail patch available from:

  http://www.esat.kuleuven.ac.be/~vermeule/qmail/tls.patch

-Dave



Agreed: PGP (et. al.) is definately the answer, not server-to-server
encryption.  However, properly authenticated DNS (or an evolution
thereof) and resulting authenticated (S/Q)MTP sessions would be a leap
forward as well.

[EMAIL PROTECTED] wrote:

> The problem with your solution is that server to server encryption
> does not stop government and big corporations from looking at your
> mail on the mail server after it has arrived. Ask any system admin
> how hard it is to scan /var/mail or a users home directory. Answer,
> it's trivial.




Blackey <[EMAIL PROTECTED]> wrote:

>"
>   The Bill means the UK government - specifically the Home Office and
>   Home Secretary Jack Straw - can demand encryption keys to any and all
>   data communications, with a prison sentence of two years for those who
>   do not comply with the order.
>
>(source "http://uk.news.yahoo.com/000728/101/aedvu.html")"

Yow. Well, you could always move to a free country. Luckily, one's
already been set up for you. :-)

>Most email transmitted now doesn't require PGP protection, (or warrant it). I
>know that with the amount of email I get in a day, I wouldn't want the
>extra overhead of having to decrypt it all.

Ah, but if you only encrypt the stuff that needs to be encrypted,
you're waving a red flag and saying "Hey, look! I've got something to
hide!" Better to encrypt everything you can and keep the spooks
guessing.

The overhead should be acceptable with modern hardware--and well worth
it to preserve your privacy.

-Dave



And unfortunately, zero-effort security is, with current technology, an oxymoron.
Swipe-card key systems that do the authentication would be low-effort.  Retina
scanning cameras built into your monitor to do authentication would be low effort
as well.  Until then, people have to decide if its worth their effort or not.

[EMAIL PROTECTED] wrote:

> Key management is a non-zero effort, installation is a non-zero effort,
> cost is a non-zero effort and actual usage is a non-zero effort.
>
> Total transparency is what I define as "easy to use" in the context
> of the average email user (who probably has an email address at AOL).
> I'm afraid anything less won't get there.




Would you consider PGP more than a low-effort?  It would be zero effort if
we weren't concerned about the privacy of our own secret keys, thus keeping
them encrypted behind passwords.  

Maybe an extra-low-effort system would consist of a simply speaking a
keyword into a microphone, and using voiceprint authentication to decrypt
the secret keys.  Fortunately almost all computers have the ability to read
in decent quality audio.  Sending to particular people is no effort - the
public key aquisition can be automated.

Its interesting to think of the change in load on list servers.  Would you
encrypt to the list server, who then decrypts and re-encrypts for each
client, or would there be a collaborative key for the list that everybody
had the secret to and could decrypt?  More probably we would just
cleartext-sign the messages for source authentication, for backwards
compatibility, I suspect.

Either way, it can be zero-effort for the people generating the e-mail,
outside of authenticating your personal secret key, though accepting the
e-mail has the same effort problems.

I would be signing my messages pgp, if I could, but I haven't gotten ahold
of PGP 7 yet... and the earlier versions don't work on 2000.

David


-----Original Message-----
From: Michael T. Babcock [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 31, 2000 9:06 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Open letter


And unfortunately, zero-effort security is, with current technology, an
oxymoron.
Swipe-card key systems that do the authentication would be low-effort.
Retina
scanning cameras built into your monitor to do authentication would be low
effort
as well.  Until then, people have to decide if its worth their effort or
not.

[EMAIL PROTECTED] wrote:

> Key management is a non-zero effort, installation is a non-zero effort,
> cost is a non-zero effort and actual usage is a non-zero effort.
>
> Total transparency is what I define as "easy to use" in the context
> of the average email user (who probably has an email address at AOL).
> I'm afraid anything less won't get there.



[EMAIL PROTECTED] <[EMAIL PROTECTED]> writes on 30 July 2000 at 21:21:19 -0700
 > On Sun, Jul 30, 2000 at 11:06:38PM -0500, Ben Beuchler wrote:
 > > I understand from DJB's website that TAI is a better way to deal with
 > > time functions than the typical unix localtime().  However, it seems to
 > > make a lot of things really awkward when it is used as the time stamp in
 > > a log file.
 > 
 > Really? If I want to tail a log file, eg, I go like this:
 > 
 > tail ../someservice/current | tai64nlocal
 > 
 > and it all looks fine for humans.

Yeah, it works fine for people who check log files by tailing them.  I
check them by bringing them into an emacs buffer, so the funny
timestamps make them darned near useless.

I actually find second resolution entirely adequate for log entries;
the great detail TAI provides is just wasted space to me, and
displaces other, more useful, information from the screen.
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]



David Dyer-Bennet <[EMAIL PROTECTED]> wrote:
>  > 
>  > Really? If I want to tail a log file, eg, I go like this:
>  > 
>  > tail ../someservice/current | tai64nlocal
>  > 
>  > and it all looks fine for humans.
 
> Yeah, it works fine for people who check log files by tailing them.  I
> check them by bringing them into an emacs buffer, so the funny
> timestamps make them darned near useless.

So why not tail them to a temp file and use emacs to view the temp file?
Or write an emacs-lisp function to convert the timestamps.

Charles 
-- 
-----------------------------------------------------------------------
Charles Cazabon                            <[EMAIL PROTECTED]>
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------



Charles Cazabon <[EMAIL PROTECTED]> writes on 31 July 2000 at 11:20:48 -0600
 > David Dyer-Bennet <[EMAIL PROTECTED]> wrote:
 > >  > 
 > >  > Really? If I want to tail a log file, eg, I go like this:
 > >  > 
 > >  > tail ../someservice/current | tai64nlocal
 > >  > 
 > >  > and it all looks fine for humans.
 >  
 > > Yeah, it works fine for people who check log files by tailing them.  I
 > > check them by bringing them into an emacs buffer, so the funny
 > > timestamps make them darned near useless.
 > 
 > So why not tail them to a temp file and use emacs to view the temp file?
 > Or write an emacs-lisp function to convert the timestamps.

If I'm going to go to effort to make it work the way I want, I think
I'll just change multilog to use a sensible format.  It's silly having
archival log files sitting there that don't mean anything without a
conversion program; straight text is the appropriate format for log
files. 

I had thought about writing a mode for TAI stamped log files that
converts the timestamps, but that will be pretty slow since it'll have
to change every line of the file.
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]



Isn't there something on this list about "profile not speculate"?

(defun convert-tai64nlocal (arg)
"generate a local, human timestamped buffer from a tai64 timestamped buffer"
  (interactive "p")
  (mark-whole-buffer)
  (shell-command-on-region
  (region-beginning) (region-end) "tai64nlocal" nil nil)
  )

works pretty fast, only issue it opens an output buffer, but OTOH, you
don't have to go to any effort.... ;^) 

You could also just take out the 't' in your "...log/run" files, no time
stamp, no problem. 

Regards,
Tony

On Mon, 31 Jul 2000, David Dyer-Bennet wrote:

> Charles Cazabon <[EMAIL PROTECTED]> writes on 31 July 2000 at 11:20:48 -0600
>  > David Dyer-Bennet <[EMAIL PROTECTED]> wrote:
>  > >  > 
>  > >  > Really? If I want to tail a log file, eg, I go like this:
>  > >  > 
>  > >  > tail ../someservice/current | tai64nlocal
>  > >  > 
>  > >  > and it all looks fine for humans.
>  >  
>  > > Yeah, it works fine for people who check log files by tailing them.  I
>  > > check them by bringing them into an emacs buffer, so the funny
>  > > timestamps make them darned near useless.
>  > 
>  > So why not tail them to a temp file and use emacs to view the temp file?
>  > Or write an emacs-lisp function to convert the timestamps.
> 
> If I'm going to go to effort to make it work the way I want, I think
> I'll just change multilog to use a sensible format.  It's silly having
> archival log files sitting there that don't mean anything without a
> conversion program; straight text is the appropriate format for log
> files. 
> 
> I had thought about writing a mode for TAI stamped log files that
> converts the timestamps, but that will be pretty slow since it'll have
> to change every line of the file.
> 

-- 
Tony Hansmann ([EMAIL PROTECTED])
Director of Technical Services
Quepasa.com, INC.
602-716-0100




On Mon, Jul 31, 2000 at 12:23:38PM -0500, David Dyer-Bennet wrote:
> Charles Cazabon <[EMAIL PROTECTED]> writes on 31 July 2000 at 11:20:48 -0600
>  > David Dyer-Bennet <[EMAIL PROTECTED]> wrote:
>  > >  > 
>  > >  > Really? If I want to tail a log file, eg, I go like this:
>  > >  > 
>  > >  > tail ../someservice/current | tai64nlocal
>  > >  > 
>  > >  > and it all looks fine for humans.
>  >  
>  > > Yeah, it works fine for people who check log files by tailing them.  I
>  > > check them by bringing them into an emacs buffer, so the funny
>  > > timestamps make them darned near useless.
>  > 
>  > So why not tail them to a temp file and use emacs to view the temp file?
>  > Or write an emacs-lisp function to convert the timestamps.
> 
> If I'm going to go to effort to make it work the way I want, I think
> I'll just change multilog to use a sensible format.  It's silly having
> archival log files sitting there that don't mean anything without a
> conversion program; straight text is the appropriate format for log
> files. 

But it *is* straight text. The point about tai is that it's entirely
appropriate for log files that may live for a long time. Have you
read the rationale for tai at all?


Regards.



[EMAIL PROTECTED] <[EMAIL PROTECTED]> writes on 31 July 2000 at 10:50:23 -0700
 > On Mon, Jul 31, 2000 at 12:23:38PM -0500, David Dyer-Bennet wrote:
 > > Charles Cazabon <[EMAIL PROTECTED]> writes on 31 July 2000 at 11:20:48 
 >-0600
 > >  > David Dyer-Bennet <[EMAIL PROTECTED]> wrote:
 > >  > >  > 
 > >  > >  > Really? If I want to tail a log file, eg, I go like this:
 > >  > >  > 
 > >  > >  > tail ../someservice/current | tai64nlocal
 > >  > >  > 
 > >  > >  > and it all looks fine for humans.
 > >  >  
 > >  > > Yeah, it works fine for people who check log files by tailing them.  I
 > >  > > check them by bringing them into an emacs buffer, so the funny
 > >  > > timestamps make them darned near useless.
 > >  > 
 > >  > So why not tail them to a temp file and use emacs to view the temp file?
 > >  > Or write an emacs-lisp function to convert the timestamps.
 > > 
 > > If I'm going to go to effort to make it work the way I want, I think
 > > I'll just change multilog to use a sensible format.  It's silly having
 > > archival log files sitting there that don't mean anything without a
 > > conversion program; straight text is the appropriate format for log
 > > files. 
 > 
 > But it *is* straight text. The point about tai is that it's entirely
 > appropriate for log files that may live for a long time. Have you
 > read the rationale for tai at all?

Yes, when I first looked at it.  As is often the case with Dan, I just
disagree.  It's not straight text in the sense I mean; it's not human
readable.  Of all the strange choices Dan's made that I've encountered
in working with qmail, this is the first one that I fail completely to
understand.  All the others, I see the tradeoffs and I see why he
chose as he did, even if I might have chosen otherwise.  This one
makes zero sense.  It's non-functional.  It doesn't connect to the way
I work. 
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]



On Mon, Jul 31, 2000 at 12:54:23PM -0500, David Dyer-Bennet wrote:

> Yes, when I first looked at it.  As is often the case with Dan, I just
> disagree.  It's not straight text in the sense I mean; it's not human
> readable.  Of all the strange choices Dan's made that I've encountered
> in working with qmail, this is the first one that I fail completely to
> understand.  All the others, I see the tradeoffs and I see why he
> chose as he did, even if I might have chosen otherwise.  This one
> makes zero sense.  It's non-functional.  It doesn't connect to the way
> I work. 

You have expressed my sentiments precisely.  It has left me sad and
confused.

Ben

-- 
Ben Beuchler                                         [EMAIL PROTECTED]
MAILER-DAEMON                                         (612) 321-9290 x101
Bitstream Underground                                   www.bitstream.net



On Mon, Jul 31, 2000 at 12:54:23PM -0500, David Dyer-Bennet wrote:
!                                                          This one
! makes zero sense.  It's non-functional.  It doesn't connect to the way
! I work. 

Would you prefer the splogger format (to wit, Unix timestamp with
fractional part) instead? I'd do anything to use a logging format
that avoids timezone dependency, and multilog/tai64n seems to do
that job well.

        ---Chris K.
-- 
 Chris, the Young One |_ Never brag about how your machines haven't been 
  Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's 
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of 
 PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider 



Chris, the Young One <[EMAIL PROTECTED]> writes on 1 August 2000 at 12:56:46 +1200
 > On Mon, Jul 31, 2000 at 12:54:23PM -0500, David Dyer-Bennet wrote:
 > !                                                          This one
 > ! makes zero sense.  It's non-functional.  It doesn't connect to the way
 > ! I work. 
 > 
 > Would you prefer the splogger format (to wit, Unix timestamp with
 > fractional part) instead? I'd do anything to use a logging format
 > that avoids timezone dependency, and multilog/tai64n seems to do
 > that job well.

You mean this:
   Jul 31 06:02:10 gw qmail: 965023330.820010 status: local 1/10 remote 0/50
?

It's better than tai64n, because syslog puts a real timestamp on, but
that big chunk of meaningless numbers in the middle wastes a lot of
the line and adds no useful information.  It's what I'm using now on
my main server, but it's quite wasteful and annoying.  (But
qmailanalog expects it)

I can see the desire to have a timezone independent format if you're
reading logs from systems in multiple timezones.  I'm not.

Having anything other than my current timezone in plain ASCII is a big
lose for me; it means I can't correlate the logs either to each other,
or to the real world.  (Yes, the random numbers produced by tai
correlate to each other, but I can't remember them, whereas I can
remember that something happened in midafternoon pretty easily).

Multilog and splogger should really have selectable time format and
timezone settings.  I'd love to use multilog and tell it to use plain
text and central time, rather than having to involve post-processors
(which are a pain for the current log; for older logs it could be done
automatically at rollover).  You, on the other hand, could tell your
multilog to use GMT on all machines so that when you correlate them
across timezones they'd all match up right.  And then we'd both be
happier than we are now.
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]



This little perl script is what I use to transform qmail log files into
something I can understand easily.  Face it, the format of the log files is
hard to track with your eyes, to tell when a message actually worked, with
its repeating message numbers and delivery numbers...

I run it under a 'watch -n 1 mailwatch' in the background to keep an eye on
things, but also put in options for retrieving from other files, and
retrieving an arbitrary number of deliveries (mailwatch /var/log/maillog.2
125) and all the entries (mailwatch /var/log/maillog.1 -) (default is
mailwatch /var/log/maillog 18)

I didn't bother transforming the tai times with the localtime function, just
clipping out the times in the log file already myself.  It would be trivial
to make the change though.

In its current incarnation, it prints out the messages that are recieved but
not delivered, and then prints out the specified number of entries (minus
the number of messages-in-delivery lines)

(it ignores everything with 'emon' in it, my little monitoring script, to
keep it from spamming my screen)

Its probably not complete, and not particularly efficient, but it sure
relaxes my mind when scanning current status.

David

--------------BEGIN PERL SCRIPT------------------
#!/usr/bin/perl

$| = 1;
my $logfile = $ARGV[0] ? $ARGV[0] : "/var/log/maillog";
if ($ARGV[1] eq "-") {
  $length = 0;
  @loglist = `cat $logfile`;
} elsif ($ARGV[1]) {
  $length = $ARGV[1];
  my $tail = $length * 50;
  @loglist = `/usr/bin/tail --lines $tail $logfile`;
} else {
  $length = "18";
  @loglist = `/usr/bin/tail --lines 1000 $logfile`;
}


foreach (@loglist) {
   if (/info msg (\d+): bytes (\d+) from \<(.*?)\>/) {
     $from{$1} = $3;
     $size{$1} = $2;
     unless ($from{$1} =~ /\@/) {
       $from{$1} = "BLANK-ADDRESS($from{$1})";
     }
   } elsif (/starting delivery (\d+): msg (\d+) to remote (.*?)$/) {
     $msg2del{$2} = $1;
     $del2msg{$1} = $2;
     $addressee{$2} = $3
   } elsif (/starting delivery (\d+): msg (\d+) to local (.*?)$/) {
     $msg2del{$2} = $1;
     $del2msg{$1} = $2;
     $addressee{$2} = $3
   } elsif (/(...............).+delivery (\d+): success: /) {
     if (exists $del2msg{$2}) {
#       printf "%s SUCCESS: %8.8s From %30.30s to %30.30s\n", $1, $2,
$from{$del2msg{$2}}, $addressee{$del2msg{$2}};
       $string = "$1 SUCCESS: From $from{$del2msg{$2}} delivered to
$addressee{$del2msg{$2}}";
       unless ($string =~ /emon/) { 
         push @through, $string;
       }
     } else {
       push @through, "orphan: no message info for delivery $2 ";
     }
   } elsif (/(...............).+delivery (\d+): failure: (.*)$/) {
     if (exists $del2msg{$2}) {
       push @through, "$1 FAILED: From $from{$del2msg{$2}} to
$addressee{$del2msg{$2}}";
       push @through, "$1 REASON: $3";
     }
   } elsif (/(...............).+delivery (\d+): deferral: /) {
     if (exists $del2msg{$2}) {
       push @through, "$1 DEFERRED: From $from{$del2msg{$2}} to
$addressee{$del2msg{$2}}";
     }
   } elsif (/status: /) {
   } elsif (/end msg (\d+)/) {
     delete $from{$1};
     delete $size{$1};
     delete $msg2del{$del2msg{$1}};
     delete $addressee{$del2msg{$1}};
     delete $del2msg{$1};
   } elsif (/new msg/) {
   } elsif (/(...............).*bounce msg (\d+)/) {
     push @through, "$1 BOUNCE: from $from{$2} to $addressee{$2}";
   } else {
     print "error: no match $_";
   }
}

open PIPE, "| cut -b -130";
$count = 0;

foreach (keys %from) {
  $count ++;
  unless (exists $msg2del{$_}) {
    print PIPE "message from $from{$_} recieved and waiting for delivery\n";
  } else {
    print PIPE "message from $from{$_} to $addressee{$_} delivery in
process\n"
  }
}

print PIPE "---OLDER---\n";

if ($length) {
  $lines = $length - $count ;
  $offset = $#through - ($lines);
} else {
  $lines = $#through;
  $offset = 0;
}
foreach (0..$lines) {
  print PIPE "$through[$offset + $_]\n";
}

print PIPE "---NEWER---\n";

-------END PERL SCRIPT-------------

-----Original Message-----
From: David Dyer-Bennet [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 31, 2000 10:54 AM
To: qmail list
Subject: Re: tai64n -- why?


[EMAIL PROTECTED] <[EMAIL PROTECTED]> writes on 31 July 2000 at 10:50:23
-0700
 > On Mon, Jul 31, 2000 at 12:23:38PM -0500, David Dyer-Bennet wrote:
 > > Charles Cazabon <[EMAIL PROTECTED]> writes on 31 July 2000 at
11:20:48 -0600
 > >  > David Dyer-Bennet <[EMAIL PROTECTED]> wrote:
 > >  > >  > 
 > >  > >  > Really? If I want to tail a log file, eg, I go like this:
 > >  > >  > 
 > >  > >  > tail ../someservice/current | tai64nlocal
 > >  > >  > 
 > >  > >  > and it all looks fine for humans.
 > >  >  
 > >  > > Yeah, it works fine for people who check log files by tailing
them.  I
 > >  > > check them by bringing them into an emacs buffer, so the funny
 > >  > > timestamps make them darned near useless.
 > >  > 
 > >  > So why not tail them to a temp file and use emacs to view the temp
file?
 > >  > Or write an emacs-lisp function to convert the timestamps.
 > > 
 > > If I'm going to go to effort to make it work the way I want, I think
 > > I'll just change multilog to use a sensible format.  It's silly having
 > > archival log files sitting there that don't mean anything without a
 > > conversion program; straight text is the appropriate format for log
 > > files. 
 > 
 > But it *is* straight text. The point about tai is that it's entirely
 > appropriate for log files that may live for a long time. Have you
 > read the rationale for tai at all?

Yes, when I first looked at it.  As is often the case with Dan, I just
disagree.  It's not straight text in the sense I mean; it's not human
readable.  Of all the strange choices Dan's made that I've encountered
in working with qmail, this is the first one that I fail completely to
understand.  All the others, I see the tradeoffs and I see why he
chose as he did, even if I might have chosen otherwise.  This one
makes zero sense.  It's non-functional.  It doesn't connect to the way
I work. 
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]



Toens,

>That'd be great. Because I can't imagine, why the
>'bare-LFs' thing should only affect qmails on Solaris 7 -
>and why it should trigger this undeterministic. If bare
>LFs would be the reason, it should trigger on the first
>mail, right?
Well in the case I was looking at, the machines in question
are used by tens of thousands of users every day - so
some of these may have broken clients. Alternatively, mail
is coming in for those same users from broken servers. As
I write, the systems are still happy (no recurrence of the
000's of procs), so it really looks like bare LF was the
issue. Since it's now 'Fixed', I'm unlikely to be back with
that system for a while....

Contrary to your assertion that it only affects Solaris 7, I did
see that other systems (Linux) were affected in other messages
in the archive (go search...) - so I suspect all platforms could
have this issue if 'Stoned' enough by broken mailers.

I suppose it's worth mentioning that the issue was sporadic,
so that the apparent DoS would last for maybe an hour... which
suggests dialup users to me, with broken clients, rather than
servers.

Unfortunately at present dialup "Outbound" mail is handled by the
same machines as Internet "Inbound" mail, meaning that a
"DoS" like this from either source degrades both services. This
will be changed to having separate "Inbound" and "Outbound"
machines - this reduces the impact of this problem.

I think for the systems concerned, bare-LF mailers must be
pretty rare, but once a couple started appearing, it spelt trouble.

cheers,

Andrew.

----------
From:   Toens Bueker[SMTP:[EMAIL PROTECTED]]
Sent:   29 July 2000 23:36
To:     [EMAIL PROTECTED]
Subject:        Re: qmail-1.03 on Solaris is broken

Andrew Richards <[EMAIL PROTECTED]> wrote:

> The SMTP service may issue a QUIT, and immediately try again,
> resulting in a potential loop."
> 
> The actual qmail-smtpd error message re bare LFs is
> 
>      451 See http://pobox.com/~djb/docs/smtplf.html
> 
> which would trigger the above fault if Microsoft's software does
> indeed send bare LFs - contributors suggest it does.

[...]

> Anyway, part of my reason for posting was to speculate on why
> a mailserver might get a flood of SMTP connections. 

Now, I'm testing qmails behaviour under these conditions,
'cause I need to relay a quite reasonable amount of mail
through it a few times a week. This is no spam, though.

> The above bare LF issue is obviously one, as are
> smtpstone and a DoS. In my case, fixing the bare LF
> problem fixed the many-procs problem, by fixing the
> thing that was triggering it, but there may still be
> something that is 'broken' in Solaris 2.7. If I'm
> feeling brave, and happen to be working with that system
> again, I'll try smtpstone-ing it...  

That'd be great. Because I can't imagine, why the
'bare-LFs' thing should only affect qmails on Solaris 7 -
and why it should trigger this undeterministic. If bare
LFs would be the reason, it should trigger on the first
mail, right?

By
Töns
-- 
Linux. The dot in /.






i'm getting the following tcpserver error:

[root@myserver /var/qmail/control]# tcpserver -x/etc/tcp.smtp.cdb -u513
-g513 0 smtp /var/qmail/bin/qmail-smtpd & 
[1] 4307 
tcpserver: fatal: unable to bind: address already used 
[1] Exit 111                    tcpserver -x/etc/tcp.smtp.cdb -u513 -g513
0 smtp /var/qmail/bin/qmail-smtpd
[root@myserver /var/qmail/control]#                                         

i've done a ps -aux | grep tcp and don't see it running anywhere.

my /etc/tcp.smtp is:  
127.:allow,RELAYCLIENT="" 
216.160.248.:allow,RELAYCLIENT="" 
216.160.240.:allow,RELAYCLIENT="" 
10.1.1.:allow,RELAYCLIENT="" 
192.168.1.:allow, RELAYCLIENT="" 
:allow


something else is already running on that port, and after doing an nmap
it seems to be smtp.  i checked my inetd.conf but it says nothing of
smtp being started there.  

what i'm trying to do is solve the relaying problem of having .com or
.net in the rcpthosts file.  

Thanks,

Z




On Mon, Jul 31, 2000 at 03:31:07PM -0500, Z wrote:
 
> something else is already running on that port, and after doing an nmap
> it seems to be smtp.  i checked my inetd.conf but it says nothing of
> smtp being started there.  

is sendmail still hanging around/running?

try "lsof | grep smtp" or "netstat -p | grep smtp" to find the culprit.

Regards, Uwe



Hey,

Your startup could also be happening in the rc2.d scripts, check them
/etc/rc*.d/ as well as the start up of the sendmail in
/etc/rc2.d/S**sendmail.

Is there a /var/run/'filename' for that process and is it dead (svstat
/var/run/'filename')

Good luck!



On Mon, Jul 31, 2000 at 03:31:07PM -0500, Z wrote:

> something else is already running on that port, and after doing an nmap
> it seems to be smtp.  i checked my inetd.conf but it says nothing of
> smtp being started there.

is sendmail still hanging around/running?

try "lsof | grep smtp" or "netstat -p | grep smtp" to find the culprit.

Regards, Uwe





Potentially long, off-topic message: (follow-ups and/or flames probably best
kept private :)

"Ihnen, David" wrote:

> Would you consider PGP more than a low-effort?  It would be zero effort if
> we weren't concerned about the privacy of our own secret keys, thus keeping
> them encrypted behind passwords.

Personally?  Using PGP is very low-effort for me.  Typing my 25+ character
passphrase has become reflexive.  I've run a site re: PGP use since my first
website in 1993 or so, so I'm probably not a good test-case.  :-)

> Maybe an extra-low-effort system would consist of a simply speaking a
> keyword into a microphone, and using voiceprint authentication to decrypt
> the secret keys.  Fortunately almost all computers have the ability to read
> in decent quality audio.  Sending to particular people is no effort - the
> public key aquisition can be automated.

I saw some very interesting matrix-mapping software back in 1994 and 1995 for
DOS that converted individual words (expandable to phrases) into vectors
(stored as matrices) that could easily be compared against a stored file for
each person.  The idea was to do the "opposite" of voice-to-text recognition
software and store the portion of audio that is unique for each user instead of
using primarily the part that is similar.

> Its interesting to think of the change in load on list servers.  Would you
> encrypt to the list server, who then decrypts and re-encrypts for each
> client, or would there be a collaborative key for the list that everybody
> had the secret to and could decrypt?  More probably we would just
> cleartext-sign the messages for source authentication, for backwards
> compatibility, I suspect.

Assuming, like the original 'open letter' poster, that you don't want others to
snoop on the messages (but their being a subscriber to the list is "okay"),
then you'd want a public key for the mailing list that all messages are
encrypted to.  The mailing list would decrypt the session key for the message
(PGP only requires using CPU intensive P.K. cryptography to sign a session
key).  It would then re-encrypt the session key (effectively, the message) to
the public keys of each of the recipients on the list.  (It would not need to
necessarily verify the sender's signature, to avoid decrypting messages at
all).  The sender's signature (if used) would be intact in the encrypted
message and each person would be able to verify for themselves that that user
had sent 'them' the message in question.  The CPU intensive portion would be
encrypting the session keys to everyone on the list.  Assuming the old PGP
protocol, that would mean doing 1024 (or more) bit RSA on a 128 bit session key
(16 bytes).

> Either way, it can be zero-effort for the people generating the e-mail,
> outside of authenticating your personal secret key, though accepting the
> e-mail has the same effort problems.
>
> I would be signing my messages pgp, if I could, but I haven't gotten ahold
> of PGP 7 yet... and the earlier versions don't work on 2000.

Use any version of PGP or "PGP for Windows" and use the clipboard encryption
features:
1) select all text (Ctrl-A)
2) "copy" (Ctrl-C)
3) click on PGP tray icon
4) click "sign & encrypt"
5) enter password
6) click window of program with selected text
7) "paste" (Ctrl-V) (replacing original with encrypted + signed cipher-text)




On Mon, Jul 31, 2000 at 06:04:12PM -0400, Michael T. Babcock wrote:
> Use any version of PGP or "PGP for Windows" and use the clipboard encryption
> features:
> 1) select all text (Ctrl-A)
> 2) "copy" (Ctrl-C)
> 3) click on PGP tray icon
> 4) click "sign & encrypt"
> 5) enter password
> 6) click window of program with selected text
> 7) "paste" (Ctrl-V) (replacing original with encrypted + signed cipher-text)

It's not even this complicated with 6.5.  You click on the window whose text
you want to encrypt, click on the try icon, and click "encrypt window" (or
something like that).  PGP automatically does the copying and pasting for you.

--Adam



Original Message From: Michael T. Babcock on Monday, July 31, 2000 3:04 PM
>> I would be signing my messages pgp, if I could, but I haven't gotten
ahold
>> of PGP 7 yet... and the earlier versions don't work on 2000.
>
>Use any version of PGP or "PGP for Windows" and use the clipboard
encryption
>features:
>1) select all text (Ctrl-A)
>2) "copy" (Ctrl-C)
>3) click on PGP tray icon
>4) click "sign & encrypt"
>5) enter password
>6) click window of program with selected text
>7) "paste" (Ctrl-V) (replacing original with encrypted + signed
cipher-text)

Maybe you didn't understand what I said...

I can't even INSTALL the current pgp for windows.  It don't work.  Installer
doesn't run.

David



most recent PGP for windows install worked fine on win2k for me. Put it on
last week.

Jacob
-----Original Message-----
From: Ihnen, David [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 31, 2000 3:16 PM
To: '[EMAIL PROTECTED]'; Ihnen, David
Cc: '[EMAIL PROTECTED]'
Subject: RE: [offtopic?] RE: Encryption (was: Open letter)


Original Message From: Michael T. Babcock on Monday, July 31, 2000 3:04 PM
>> I would be signing my messages pgp, if I could, but I haven't gotten
ahold
>> of PGP 7 yet... and the earlier versions don't work on 2000.
>
>Use any version of PGP or "PGP for Windows" and use the clipboard
encryption
>features:
>1) select all text (Ctrl-A)
>2) "copy" (Ctrl-C)
>3) click on PGP tray icon
>4) click "sign & encrypt"
>5) enter password
>6) click window of program with selected text
>7) "paste" (Ctrl-V) (replacing original with encrypted + signed
cipher-text)

Maybe you didn't understand what I said...

I can't even INSTALL the current pgp for windows.  It don't work.  Installer
doesn't run.

David





        I didn't see anything in the FAQ that seemed to be relevant to 
this, and the ORNL search engine wants to split 'message-id' into
'message' and 'id'.  Please accept my apologies if this has been
covered in the past.

        I just received a pair of messages from PayPal, which appears
to be using qmail.  I'm fortunate to have received a pair of messages
(headers below), because I use procmail to eliminate duplicate
messages based upon the Message-ID header, which RFC 822 requires to
be unique.  However, I'm a paranoid bastard, and shunt all "duplicate"
email to a duplicates folder, rather than sending it to /dev/null, so
I caught the false duplicate.  My question is, is this a known problem
with qmail, possibly a misconfiguration or something correctable by an
upgrade?  I'd like to be able to tell PayPal more than "Your mailer is
doing Bad Things.".
        Thanks,
                Sten

===header 1===
>From [EMAIL PROTECTED]  Mon Jul 31 21:24:49 2000
Return-Path: <[EMAIL PROTECTED]>
Received: from localhost
        by sten.sten.org (8.10.2/8.10.2/grendel) with ESMTP id e712Omo25542
        for <x>; Mon, 31 Jul 2000 21:24:48 -0500
X-Received-IP: (IDENT:x [127.0.0.1]) 
Received: from mail.jump.net [206.196.91.7]
        by localhost with IMAP (fetchmail-5.4.1)
        for x (multi-drop); Mon, 31 Jul 2000 21:24:48 -0500 (CDT)
Received: (from x)
        by mail15.jump.net (8.10.2/) id e712LU004043
        for x; Mon, 31 Jul 2000 21:21:30 -0500 (CDT)
Received: from web5.paypal.com (web5.paypal.com [208.48.73.218])
        by mail15.jump.net (8.10.2/) with SMTP id e712LTk04037
        for <x>; Mon, 31 Jul 2000 21:21:30 -0500 (CDT)
Received: from web5.paypal.com (web5.paypal.com [208.48.73.218])
        by mail15.jump.net (8.10.2/) with SMTP id e712LTk04037
        for <x>; Mon, 31 Jul 2000 21:21:30 -0500 (CDT)
Received: (qmail 28583 invoked by uid 99); 1 Aug 2000 02:20:39 -0000
Date: 1 Aug 2000 02:20:39 -0000
Message-ID: <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
To: x

===header 2===
>From [EMAIL PROTECTED]  Mon Jul 31 21:24:48 2000
Return-Path: <[EMAIL PROTECTED]>
Received: from localhost
        by sten.sten.org (8.10.2/8.10.2/grendel) with ESMTP id e712Omo25536
        for <x>; Mon, 31 Jul 2000 21:24:48 -0500
X-Received-IP: (IDENT:x [127.0.0.1]) 
Received: from mail.jump.net [206.196.91.7]
        by localhost with IMAP (fetchmail-5.4.1)
        for x (multi-drop); Mon, 31 Jul 2000 21:24:48 -0500 (CDT)
Received: (from x)
        by mail.jump.net (8.9.1/) id VAA29732
        for x; Mon, 31 Jul 2000 21:21:29 -0500 (CDT)
From: [EMAIL PROTECTED]
Received: from web5.paypal.com (web5.paypal.com [208.48.73.218])
        by mail.jump.net (8.9.1/) with SMTP id VAA29728
        for <x>; Mon, 31 Jul 2000 21:21:29 -0500 (CDT)
Received: from web5.paypal.com (web5.paypal.com [208.48.73.218])
        by mail.jump.net (8.9.1/) with SMTP id VAA29728
        for <x>; Mon, 31 Jul 2000 21:21:29 -0500 (CDT)
Received: (qmail 28582 invoked by uid 99); 1 Aug 2000 02:20:39 -0000
Date: 1 Aug 2000 02:20:39 -0000
Message-ID: <[EMAIL PROTECTED]>
To: x

-- 
#include <disclaimer.h>                               /* Sten Drescher */
[The Internet is] like a library in Resident Evil.
                                                 - Mark Waid, 23 Aug 2000



I'm getting this error:

qmail-pw2u: fatal: unable to find alias user

I'm calling it like this:

#!/bin/sh
/var/qmail/bin/qmail-pw2u </etc/passwd >/var/qmail/users/assign &&
qmail-newu

In /etc/passwd I have this:

alias:x:400:401::/var/qmail/alias:/bin/true

Does anyone know what I'm doing wrong?  qmail won't deliver mail and
I get this in my logfile:

delivery 34: deferral: Trouble_reading_users/cdb_in_qmail-lspawn./

I've never encountered this error before but, mind you, I've never
used qmail-pw2u before.  Any ideas?

-- 
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
Freezer Burn BBS:  telnet://bbs.freezer-burn.org . ICQ: 54924721
Webmaster for the Linux Portal Site Freezer Burn:  http://www.freezer-burn.org

Current Linux uptime: 2 days 5 hours 31 minutes.



On Mon, Jul 31, 2000 at 11:12:54PM -0400, Vincent Danen wrote:
! In /etc/passwd I have this:
! 
! alias:x:400:401::/var/qmail/alias:/bin/true

Can you please run qmail-showctl and list the output of the line
``user ids''. The first number shown has to be 400, in your case.

Also, type ``ls -dln /var/qmail/alias'' and make sure it says 400
in the third field.

        ---Chris K.
-- 
 Chris, the Young One |_ Never brag about how your machines haven't been 
  Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's 
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of 
 PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider


I'm having problems w/ vpasswd
 
the binary file for vpasswd (to change the password of a vpopmail user)
is located in /home/vpopmail/bin
but the users are located in /home/vpopmail/domains/foo.com
how can i use the vpopmail and vadduser  ?? .... it does not specify any syntax
i need to add users and change password for vpop users from console.
Thanx in advance

Chad


> [EMAIL PROTECTED] wrote:
> 
> I have talked to the original dns admins.
> to clear up the old dns records so that the MX and A records point to our new
> dns. but still seem to get bounced email when it goes thru the gcs.gateway(who
> owns it? i don't know). 

I've attached the bounce message from "gcs.gateway" (really ns.albertsons.com) 
for your perusal... 

> I am currently working with the albertsons email
> admins. to try and track where the problem lies. I appreciate your patience
> and understand your frustration.


What I don't understand is how list.cr.yp.to is sending the mail into 
albertsons.com - I don't think it is.  Are you sure you don't have a 
smtproute (or equivalent sendmail construct ) pointing into albertsons.com?

In any case it's still broken - I've had to firewall 167.234.1.10 
because I got sick of seeing it in my logs - sorry...

I also don't understand how 167.234.1.10 (or something in there somewhere) 
is sending bounces back to the people in the From: header instead of the 
envelope sender, which would have sent it harmlessly back to list.cr.yp.to 
(except that you would have been automatically unsubbed from the list :), 
and avoided this whole thing...



dream:/ # nslookup -type=MX amstr.com 
amstr.com       preference = 10, mail exchanger = mail2.pilot.net

dream:/ # telnet mail2.pilot.net 25
220 mail01-oak.pilot.net ESMTP Sendmail; Tue, 1 Aug 2000 01:43:48 -0700 (PDT)
Authorized Use Only


Ahem. 'nother point for qmail...  :)

Eric






-------- Original Message --------
Return-Path: <>
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 504 invoked from network); 24 Jul 2000 21:37:30 -0000
Received: from unknown (HELO ns.albertsons.com) (167.234.1.10)by
192.dsl7839.rcsis.com with SMTP; 24 Jul 2000 21:37:30 -0000
Received: from S7352c.7000.albertsons.com (S7352c.7000.albertsons.com
[167.234.12.204]) by ns.albertsons.com (AIX4.3/UCB 8.8.8/8.8.8) with ESMTP id
QAA13634 for <[EMAIL PROTECTED]>; Sat, 22 Jul 2000 16:35:45 -0600
Received: from dubs0001.amstr.com (roll.mcit.com [162.120.128.9])by
S7352c.7000.albertsons.com (AIX4.3/8.9.3/8.9.3) with ESMTP id QAA118486for
<[EMAIL PROTECTED]>; Sat, 22 Jul 2000 16:32:41 -0600
X-Internal-ID: 3973070E00016071
Received: from amstr.com (162.120.128.9) by dubs0001.amstr.com (NPlex 2.0.119)
for [EMAIL PROTECTED]; Sat, 22 Jul 2000 15:32:43 -0700
Message-ID: <[EMAIL PROTECTED]>
Date: 22 Jul 2000 15:32:42 -0700
From: [EMAIL PROTECTED]
Subject: Returned mail: User unknown
To: [EMAIL PROTECTED]
X-Mozilla-Status: 8001
X-Mozilla-Status2: 00000000
X-UIDL: 964474650.507.dream


*** This message originated by GCS Client Services ***

----- Delivery could not be made to the following recipients -----
Invalid Recipient: MichaelG  <[EMAIL PROTECTED]>  (unrecoverable error)
Invalid Recipient: qmail  <[EMAIL PROTECTED]>  (unrecoverable error)

RFC822 Header may follow:

X-Env-Sender: [EMAIL PROTECTED]
X-Env-Recipient: [EMAIL PROTECTED]
X-End-of-Envelope:
X-Internal-ID: 3973070E0001606E
Received: from amstr.com (162.120.128.9) by dubs0001.amstr.com (NPlex 2.0.119)
for [EMAIL PROTECTED]; Sat, 22 Jul 2000 15:32:26 -0700
Message-ID: <[EMAIL PROTECTED]>
Date: Sat, 22 Jul 2000 15:30:23 -0700
From: (Eric Cox) <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: orbs.org accuses qmail of mailbomb relaying!

Reply via email to