My apologies to all, typed into the wrong email reply.
best wishes
Tony White
On 25/12/2012 14:00, Tony White wrote:
Can I send it using Western Union please?
best wishes
Tony White
Yea Computing Services
http://www.ycs.com.au
4 The Crescent
Yea
Victoria
Australia 3717
Telephone No's
VIC : 03 9008 5614
FAX : 03 9008 5610 (FAX2Email)
IMPORTANT NOTICE
This communication including any file attachments is intended solely for
the use of the individual or entity to whom it is addressed. If you are
not the intended recipient, or the person responsible for delivering
this communication to the intended recipient, please immediately notify
the sender by email and delete the original transmission and its
contents. Any unauthorised use, dissemination, forwarding, printing or
copying of this communication including file attachments is prohibited.
It is your responsibility to scan this communication including any file
attachments for viruses and other defects. To the extent permitted by
law, Yea Computing Services and its associates will not be liable for
any loss or damage arising in any way from this communication including
any file attachments.
You may not disclose this information to a third party without written
permission from the Author.
On 25/12/2012 12:57, Rajesh M wrote:
eric
separating tcprules for smtp and submission works great. we have been
using this for years.
concerning the error tony is facing
i have noticed in the past that : intrusion threshold error (571 sorry,
you are violating our security policies) is recd when the number of wrong
recepients gets triggered.
in case of outlook i have noted that it somehow does this
if i add an user in my address book in some cases it converts it into :
'u...@abc.com' -- ie with quotes at both ends
you can google : "outlook adds quotes to email address" and you will find
over 50000 results ... :) and there are hundreds of people complaining
about this stupdity of microsoft.
if an email is sent to the above email id then i get error : invalid host
: abc.com'
note the quote at the end ...
probably this is what triggers the intrusion policy rule
CHKUSER_MAXWRONGRCPT_STRING
when sending to 300 recepients especially with outlook there is every
possibility of this issue coming up.
on a side note : i feel that qmailtoaster would need a slight modification
to remove quotes and other non-permitted characters from both ends ie
starting and ending of the email id to care off such issues of quotes.
rajesh
These are all good things to do to QMT, and I hope to have separate
tcprules for smtp and submission ports in the stock QMT at some point.
Tony, from what you've indicated though, I expect it's the intrusion
threshold rule that's biting you. I'm not certain what triggers this
rule, and I could be wrong about this. Hopefully Tonino will clarify
things in this regard.
Please let us know if changing the CHKUSER_RCPTLIMIT variable gets you
going or not.
--
-Eric 'shubes'
On 12/24/2012 04:53 AM, Rajesh M wrote:
tony
we faced similar problems and this is what we have done
in the /var/qmail/supervise
there are folders smtp and submission
smtp is for people connecting on port 25 -- primarily external users
if you open smtp/run then you will see a line
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
this tcp.smtp.cdb is generated from the file tcp.smtp
when you run the command
tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp
tcp.smtp contains the chkuser rules
since you already have spamdyke you don't need to set the maximum number
of recepients in chkuser
CHKUSER_RCPTLIMIT="150"
coming to your specific problem is submission
transmission via submission port 587 is authenticated ie your clients
use it
the submission/run file also uses the
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" -- which is by default
this means that you will be compelled to use the same setting for smtp
however what we have done is make a duplicate of tcp.smtp ie
tcp.smtp.587
this allows me to have separate chkuser rules exclusively submission
port.
next i created cdb file out of it using command
tcprules tcp.smtp.587.cdb tcp.smtp.587.tmp < tcp.smtp.587
next i changed the submission/run file to use
TCP_CDB="/etc/tcprules.d/tcp.smtp.587.cdb"
and i got a separate rule applied for submission port exclusively
my smtp port has spamdyke and chkuser protecting it while my
authenticated
senders via submission port can enjoy unrestricted services
if you want one single static ip to have a separate rule then
you can add this line just above the allow: line in
/etc/tcprules.d/tcp.smtp.587
xxx.xxx.xxx.:allow,CHKUSER_RCPTLIMIT="300"
here xxx.xxx.xxx is the static ip of your customer
NOTE : we have also compiled chkuser so that we can start or stop
chkuser
using the CHKUSER_START="ALWAYS" OR CHKUSER_START="NONE"
rajesh
Hi Eric,
Yes, it is on a static IP and that IP is in the whitelist for
spamdyke.
Also they are using the submission port for sending. The client has
to use M$ Outlook unless you can suggest a an alternative?
One point is that Outlook seems to attach everything as winmail.dat!
Yet sometimes it attaches as a PDF.
best wishes
Tony White
Yea Computing Services
http://www.ycs.com.au
4 The Crescent
Yea
Victoria
Australia 3717
Telephone No's
VIC : 03 9008 5614
FAX : 03 9008 5610 (FAX2Email)
IMPORTANT NOTICE
This communication including any file attachments is intended solely
for
the use of the individual or entity to whom it is addressed. If you are
not the intended recipient, or the person responsible for delivering
this communication to the intended recipient, please immediately notify
the sender by email and delete the original transmission and its
contents. Any unauthorised use, dissemination, forwarding, printing or
copying of this communication including file attachments is prohibited.
It is your responsibility to scan this communication including any file
attachments for viruses and other defects. To the extent permitted by
law, Yea Computing Services and its associates will not be liable for
any loss or damage arising in any way from this communication including
any file attachments.
You may not disclose this information to a third party without written
permission from the Author.
On 23/12/2012 03:40, Eric Shubert wrote:
I guess it's coming from chkuser after all. 571 is the
chkuser_intrusionthreshold_string.
I don't see any variable setting for this threshold at
http://opensource.interazioni.it/qmail/chkuser/documentation/chkuser_settings.html
This would only be helpful though if the user was coming from a
specific
static IP address. Is this the case?
Hey Tonino (chkuser author), any suggestions or insight?
Thanks.
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com