Denial of service process table attacks
On http://lwn.net/daily/ptable.html is a description of denial of service process table attacks. Am I correct that tcpserver limits fork() calls to a specified number, and therefore alleviates the situation? Thanks, John -- John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA. VOX 408.370.2688, FAX 408.379.9602 [EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
Re: Denial of service process table attacks
At 05:31 23/02/99 -, you wrote: On http://lwn.net/daily/ptable.html is a description of denial of service process table attacks. Am I correct that tcpserver limits fork() calls to a specified number, and therefore alleviates the situation? Correct. As long as you run all of your services via tcpserver. Whilst some inetd implementations have crude forms of DOS protection (initially created for other reasons) I'm not aware of too many that protect against concurrency - most do it by rate. Regards.
Re: Denial of service process table attacks
"md" == Mark Delany [EMAIL PROTECTED] writes: md Whilst some inetd implementations have crude forms of DOS md protection (initially created for other reasons) I'm not aware of md too many that protect against concurrency - most do it by rate. Heh. If I may take a slight detour to tell an inetd-related war story, even if it isn't directly qmail-related In a former life, I was the sysadmin for a cable-based ISP in the US. One customer was in the middle of transitioning email services from machines they ran to our machines. Their boxes were using an older Red Hat distribution and were using Sendmail + the Qualcomm POP daemon. I avoided working on those machines (they weren't really mine), but the transition wasn't going fast enough ... so I had to grease the squeaky wheel. In the evenings, the POP service would become unavailable due to inetd's rate-limiting. Spending as little time as possible to "fix" the problem, I had a cron job check the POP service every minute and SIGHUP inetd every time it was unavailable. But during the busy evening times, the SIGHUPs were remarkably frequent. Oh, 40-50 times/hour, with 5-minute load averages rising into the teens. Trying another quick fix, I simply dropped qmail's tcpserver in place of inetd for starting the POP server. I set the session limit at 60. This killed the machine performance-wise. Thrash-O-Matic. Unlike before, when the machine started thrashing now, it was pretty obvious that syslog was a huge problem. I finally discovered that syslogd was the cause. As syslog was logging events from Sendmail and the POP daemon's login/logout events, it used fsync() after each event. The disk couldn't keep up during busy times, so openlog() calls started blocking ... causing load averages to rise, delays in SMTP and POP server initial greetings, POP client retries making things worse. Until the inetd throttle kicked in. Then enough syslog could finally catch up, the number of blocked processes dropped, and life returned to (near) normal. Then my cron job would HUP inetd, and the cycle repeated. When I started using tcpserver, things went to hell because there was no emergency escape valve (namely that !@#$! inetd) to keep syslog from getting too busy. I recompiled syslogd without the fsync() call, and the system gently purred through the busiest times thereafter. A lot of people don't know about inetd's throttle mechanism. I didn't know there were any modern UNIXen which still used it. Live and learn. -Scott --- Scott Lystig Fritchie 5401 - 10th Ave S, Minneapolis, MN 55417 USA Professional Governing: Is It Faked?
Re: Denial of service process table attacks
On Tue, 23 Feb 1999, Mark Delany wrote: At 05:31 23/02/99 -, you wrote: On http://lwn.net/daily/ptable.html is a description of denial of service process table attacks. Am I correct that tcpserver limits fork() calls to a specified number, and therefore alleviates the situation? Correct. As long as you run all of your services via tcpserver. Too bad similar protection isn't currently available for udp and RPC services :-) jms
atime / qmail-pop3d / qmail-1.01 / freebsd
Howdy, all. Anyone have a take on why the access time for the Maildir/cur directory would not be getting updated specifically on machines using Network Appliance boxen for disk storage (via NFS) when a user connects to POP mail? My take on qmail-pop3d is that it does opendir()/readdir()/ closedir() on Maildir/cur. Pretty simple. Should be enough to trigger an atime update So. When I run a 5-line C program that does exactly that and nothing more, and run it through tcpserver, atime gets updated. When I connect and complete a POP session it doesn't. I've tested this on FreeBSD 2.2.5-STABLE and 2.2.8-STABLE. When I run my little 5-line program or transact a POP session on a non-NetApp qmail-1.01 machine, atime gets updated. When I do both of those things on machines using NetApps for storage, it only gets updated with the 5-line program. Thoughts? I have that awful nagging feeling I missed some documentation somewhere, but beats me where. It seems fairly clear that I am not understanding the way qmail-pop3d works, even though the code looks pretty plain 'n simple. And yes, I'm planning to upgrade to qmail-1.03 soon. :) Brett --- Brett RabeEmail : [EMAIL PROTECTED] Systems Administrator - U S West Phone : 612.664.3078 Interact - 3S Pager : 612.613.2549 600 Stinson Blvd. Fax : 612.664.4770 Minneapolis, MN 55413 USA Pager : [EMAIL PROTECTED] Absolute zero is cool.
tcpserver and logging
There was a message earlier today concerning the machine resources required for log files when using tcpserver//var/qmail/bin/splogger. Shouldn't it be possible for tcpserver to use individual logs per service, through another logging mechanism. Something like: tcpserver -R -v -x tcp.cdb -u 123 -g 456 0 \ myservice /wherever/myprogram 21 | mylogger mylogfile where mylogger is like cat(1), but with a better permissions/ownership structure? (Or, maybe, ... 21 mylogfile would work, too. Anyone tried it?) Thanks, John -- John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA. VOX 408.370.2688, FAX 408.379.9602 [EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
Re: Qmail mailing list and ReplyTo:
Hello! On Fri, 19 Feb 1999 15:29:03 -0300, [EMAIL PROTECTED] wrote: Yes, I understood that (I'm not an idiot, as you may be implying). BTW, please don't be so arrogant to ask others "Please read the post carefuly before replying" [sic]. You win nothing with this attitude. Sorry.. I didn't want to imply that you are and idiot. What should be done when the sender wants his/her personal replies back to a different address *BUT* doesn't want to receive all replies to his/her post personally, that is, the poster still wants to keep the discussion on the list? Add another Reply-To field to the message? I see that there is no point in continuing this debate, I apologize if I insulted you; it was not my intention. But I do doubt it that it is the *right* way to force everyone to use mutt. Some of us just don't like it. :) best regards, Rok Papez, Student at Faculty of Computer and Information Science, University of Ljubljana, Slovenia.
Re: SOLVED AGAIN HELP: NOT SOLVED ! ! looks like a SYN attack
On Mon, Feb 22, 1999 at 01:59:30PM -0300, Eric Dahnke wrote: That solved it. We're running Linux kernel 3.0.26, and I'm sure it is protected from SYN attacks. While were on the subject, does tcpserver have capabilities of dealing effectively with SYN attacks? Thanks, John -- John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA. VOX 408.370.2688, FAX 408.379.9602 [EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
RE: need some spam/relay help
Is it possible to use Bruce Guenter's QMAILQUEUE to hold sent mail in a queue until the user authenticated him or herself via pop. I was thinking a program could be called to dump the mail in the queue and send back a notification to the sender on authorization failure. Thank you Russell
Re: Qmail mailing list and ReplyTo:
Rok Papez [EMAIL PROTECTED] writes: When I hit reply it tells me that From: and Reply-To: fields differ and asks me to what e-mail adress do I want to reply (to mailing list or to the author personal mailbox). - Now that's a smart MUA. Except that it's lying to you. I know a non-trivial number of people for whom, if you answered "personal mailbox" to that question, the response would end up going somewhere that's never read or bouncing. It's also downright rude for people who are answering administrative mail; it forces them to put the role address as their From address, which I personally find distasteful. Being able to indicate that yes, "Russ Allbery" is responding to you, but you should send your responses to his mail to postmaster@leland so that other people can help you too is valuable semantics. MUAs like yours cause inexperienced users to override reply-to, which on more than one occasion has resulted in those people's questions going unanswered for far long than was necessary. And, in the spirit of this thread, no, I am not going to put the role address in the From header, because that's giving in to broken clients. The RFCs spell out what the From header is and what the Reply-To header is, and I'm going to abide by the standards. Software that doesn't is defective and should be fixed. -- Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Mail receipt upon delivery.
Dear all, Is it possible for qmail to send acks back to the sender upon reception of the mail message? I have heard something about qreceipt but I can't find any pointers leading to that. Kind regards, George Koulogiannis
Re: jimbo@fake.com
At 11:04 AM 2/23/99 +0100, Rask Ingemann Lambertsen wrote: On 22-Feb-99 17:13:13, das wrote something about "[EMAIL PROTECTED]". I just couldn't help replying to it, thus: I'm running qmail on my little Linux box with a couple of folks using it [cut] And it is in the ORBS list: URL:http://www.orbs.org/verify.cgi?address=204.117.27.42 Dan, please change qmail so that if control/rcpthosts is missing, qmail will not relay at all. Perhaps qmail(-[qs]mtpd) should even refuse to run. The only people who benefit from the current behaviour are the spammers. I have to 'fess up to that error myself only the other day. I get so blase` about qmail installs that I happened to occasionally forget about rcpthosts. Naturally within a couple of days it dawned on me (at dawn strangely enough) and I fixed it before a scanner spammer noticed. But a less conscientious person may not have bothered. My point is not who is conscientious and who is not, rather it's to concur with Rask in that maybe it's time to change the default behaviour. Regards.
Re: Mail receipt upon delivery.
At 02:01 PM 2/23/99 +0200, Ãéþñãïò ÊïõëïãéÜííçò3O3t5/I= wrote: Dear all, Is it possible for qmail to send acks back to the sender upon reception of the mail message? I have heard something about qreceipt but I can't find any pointers leading to that. Do you mean above and beyond "man qreceipt"? Regards.
Re: Mail receipt upon delivery.
Is it possible for qmail to send acks back to the sender upon reception of the mail message? I have heard something about qreceipt but I can't find any pointers leading to that. Read the man page on qreceipt - the two lines below should be fine in your .qmail file (assuming you use Maildir format). /Maildir/ |/var/qmail/bin/qreceipt [EMAIL PROTECTED] Bo - Bo Fussing [EMAIL PROTECTED] Gateway Internet Ltd. Hong Kong Tel +852 2963-7173 Fax +852 2963-7353 URL http://www.gateway.net.hk PGP fingerprint = D7 9F ED 1D E5 B9 62 4F 77 BC D1 33 5B 4E 95 81 For PGP ID Signature mail empty message to [EMAIL PROTECTED]
.qmail files
I wanna make a one way mailing list. Do I have to install majordomo or exmlm or can I just put a line in the .qmail file so that I am the only one that can send mail to it? Victor begin:vcard n:Regner;Victor tel;pager:0740-132878 tel;cell:070-4920505 tel;fax:08-6948119 tel;work:08-7023158 x-mozilla-html:FALSE org:1trappaupp Internet Byrå adr:;; version:2.1 email;internet:[EMAIL PROTECTED] title:Tekniker fn:Victor Regner end:vcard
Wilcards in badmailfrom
Hi ! Is it possible to put wilcards in controls/badmailfrom ? Like *free*@* ? I don't think so, but there is maybe a solution. Thank you ! Dimitri SZAJMAN - [EMAIL PROTECTED] http://www.Xon-Xoff.fr
Re: Pine, Qmail, and time zones
On Mon, 22 Feb 1999, Fred Lindberg wrote: It may be configuration problem. Look at where /etc/localtime links. /etc/localtime - ../usr/share/zoneinfo/US/Central I use UTC on the computer and pine puts .. + ( ). Mutt doesn't do the "( )" thing. Maybe changing MUAs would help? That may be an option for me, but not for my users. *Sigh* Here's something interesting: I have TWO date lines in my mail messages, it seems. (Maybe this is normal?): Date: Tue, 23 Feb 1999 07:51:14 -0600 Date: Tue, 23 Feb 1999 07:51:14 -0600 (EST) -- Where does this come from? Well, I'm off again in further search of the answer... -- Chuck Milam I.T. Division - Academic Computing [EMAIL PROTECTED] University of Wisconsin at Oshkosh
Re: Wilcards in badmailfrom
On Tue, 23 Feb 1999, Chris Naden wrote: At 02:23 PM 2/23/99 +0100, you wrote: Hi ! Is it possible to put wilcards in controls/badmailfrom ? If it were possible to do that I'd be supremely grateful. It *is* possible with the jbuce patch. Along with a number of other changes... http://jonathan.nrgup.com/jbuce.diff /pg -- Peter Green Gospel Communications Network, SysAdmin [EMAIL PROTECTED]
Re: .qmail files
On Tue, Feb 23, 1999 at 01:22:27PM +0100, Victor Regner wrote: I wanna make a one way mailing list. Do I have to install majordomo or exmlm or can I just put a line in the .qmail file so that I am the only one that can send mail to it? Put |bouncesaying "You cannot post to this lis" [ "$SENDER"="[EMAIL PROTECTED]" ] as the first line in the .qmail file, and then list the names you want the messages sent to. -- --- Mate Wierdl | Dept. of Math. Sciences | University of Memphis
virtuslhost [Q]
Hi, If an ISP will set me a virtualhost up using qmail, ie all mail for that vh will go right to 1 account at ISP`s server, I will be fetching the mail via ppp - the [Q] is: were do I read about how do I set up my local qmail for it to deliver mail to different users in my localhost (there are 60 of them)? Any pointers are welcome. thank you in advance. -- Pashah
Re: SOLVED AGAIN HELP: NOT SOLVED ! ! looks like a SYN attack
From: Russell Nelson [EMAIL PROTECTED] :John Conover writes: : While were on the subject, does tcpserver have capabilities of dealing : effectively with SYN attacks? : :It's the kernel which is being attacked in a SYN attack. Therefore, :Dan's syncookies fix must be implemented in every kernel of interest. :http://pobox.com/~djb/proto/syncookies.html The Linux kernel has syn cookies, but they are not enabled by default in 2.2. It's a config option. --Adam
Re: tcpserver and logging
On Tue, Feb 23, 1999 at 08:55:43AM -, John Conover wrote: There was a message earlier today concerning the machine resources required for log files when using tcpserver//var/qmail/bin/splogger. Shouldn't it be possible for tcpserver to use individual logs per service, through another logging mechanism. Something like: tcpserver -R -v -x tcp.cdb -u 123 -g 456 0 \ myservice /wherever/myprogram 21 | mylogger mylogfile where mylogger is like cat(1), but with a better permissions/ownership structure? (Or, maybe, ... 21 mylogfile would work, too. Anyone tried it?) DJB's daemontools package has just such an animal, called cyclog. I use it for all of my qmail logging. ftp://koobera.math.uic.edu/www/software/daemontools-0.53.tar.gz Chris
Re: limiting number of recipients in email
may i even sugest that a good idea would be a log monitor (such as swatch) that can watch for a message ID and see how many remote addresses it is being sent to, and alert the admin if it is over $MAXwhatever rcpt's. i know i have found MANY MANY spammers from just switching VC's to see tons of remote email for one message, the cool part is finding their modem, pulling it, and waiting for them to call too. anyway, just a thought. later end \\ Greg Albrecht([EMAIL PROTECTED])\\ \\ Safari Internet (www.safari.net)\\ \\ 1-888-537-9550 ([EMAIL PROTECTED]) \\ On Wed, 24 Feb 1999, Marlon Anthony Abao wrote: hello, am sure that this has been discussed here a gadzillion times, an i hope one more time would not be so bad :) how does one go about limiting the number of recipients in the 'CC:" / "BCC:" fields? i don't want any of my subscribers to spam to the outside world. at least this way, they would at least be discouraged to do so. -marlon
Keeping a copy of sent messages
Forgive me if this seems a basic question. We have a Linux server and use Outlook clients. From time to time, it is important to nbe able to telnet in and use PINE to read mail. Is there a way for messages that have been sent from the Outlook clients to have copies kept on the server? That way, if telnetting in, we can see what we have sent in the last few weeks as well as what we have recieved. All help appreciated. Patrick Kirk of Enterprise HR Tel: 0044 118 939 1122 Web: http://www.enterprise-hr.com
Virtual Domains and User Routing
I have the following setup : A basic virtual domain. Everything goes to the .qmail-default apart from a few .qmail-users that redirects the mail to another server. I am receiving tons of spam on one of those .qmail-users. Is there any way to delete messages that are sent to .qmail-user ??? -S
Re: limiting number of recipients in email
On Wed, Feb 24, 1999 at 12:25:24AM +0800, Marlon Anthony Abao wrote: hello, am sure that this has been discussed here a gadzillion times, an i hope one more time would not be so bad :) how does one go about limiting the number of recipients in the 'CC:" / "BCC:" fields? i don't want any of my subscribers to spam to the outside world. at least this way, they would at least be discouraged to do so. You can try patching qmail-smtpd to support tarpitting. This lets you insert a delay after each recipient that the sender supplies after some set number of recipients. If you insert, say, a five-second delay for each recipient after the fiftieth, one of your users would have a hard time sending a message to 10,000 recipients. (This assumes that these messages are being injected by SMTP.) See http://www.palomine.net/qmail/tarpit.html Chris
Re: tcpserver and logging
On Tue, Feb 23, 1999 at 08:55:43AM -, John Conover wrote: There was a message earlier today concerning the machine resources required for log files when using tcpserver//var/qmail/bin/splogger. Shouldn't it be possible for tcpserver to use individual logs per service, through another logging mechanism. Something like: tcpserver -R -v -x tcp.cdb -u 123 -g 456 0 \ myservice /wherever/myprogram 21 | mylogger mylogfile where mylogger is like cat(1), but with a better permissions/ownership structure? (Or, maybe, ... 21 mylogfile would work, too. Anyone tried it?) Somebody else has already suggested cyclog from the daemontools package from DJB. For the cases where you want to send all the output to a single file, I wrote qfilelog, available at: http://www.qcc.sk.ca/~bguenter/distrib/qlogtools/ It has the additional feature of closing and re-opening its output file when sent a HUP, for doing periodic log rotation. -- Bruce Guenter, QCC Communications Corp. EMail: [EMAIL PROTECTED] Phone: (306)249-0220 WWW: http://www.qcc.sk.ca/~bguenter/
Re: Limiting Usage of SMTP server
On Tue, 23 Feb 1999, MountaiNet Tech Support wrote: I just finished setting up Qmail for our POP3 and SMTP servers. How can I set it up so that only people who are dialed up to us can use us for an SMTP server? We have had some problems with people on competitors using us for an anonymous relay system. I want it so only people with our IP address can use this server. I've heard some stuff about denying direct telnet access to 25.is this possible? Michael Samuel's http://qmail-docs.surfdirect.com.au/docs/qmail-antirelay.html regards -Abel Lucano [EMAIL PROTECTED]
Re: need some spam/relay help
On Tue, Feb 23, 1999 at 01:15:21AM -0800, Russell Evans wrote: Is it possible to use Bruce Guenter's QMAILQUEUE to hold sent mail in a queue until the user authenticated him or herself via pop. I was thinking a program could be called to dump the mail in the queue and send back a notification to the sender on authorization failure. It is certainly possible, if not somewhat difficult, to do this. The biggest problem that I've encountered in implementing things like this is that the envelope information is sent *after* the message is completed instead of *before*. What you would need to do is: - send the message to a temporary file - read the sender address from the envelope - determine if that sender has been authenticated - if so, send the message to qmail-queue, followed by the envelope - otherwise, send the envelope to a temporary file as well - when the user authenticates with POP, check for temporary files that would be caused by that user and deliver them to qmail-queue There are several obvious holes in this, though. What if the user never authenticates, or sends piles of mail before authenticating? This could become a big DOS attack. Ownership also becomes sticky, as the files delivered through the QMAILQUEUE mechanism would be owned by whatever user executes qmail-smtpd (which should not be root), while the program that would feed off the authentication would run as that user, making the files unreadable. How and where do you create secure temporary files? -- Bruce Guenter, QCC Communications Corp. EMail: [EMAIL PROTECTED] Phone: (306)249-0220 WWW: http://www.qcc.sk.ca/~bguenter/
Re: virtuslhost [Q]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, If an ISP will set me a virtualhost up using qmail, ie all mail for that vh will go right to 1 account at ISP`s server, I will be fetching the mail via ppp - the [Q] is: were do I read about how do I set up my local qmail for it to deliver mail to different users in my localhost (there are 60 of them)? It has nothing to do with your local qmail: as long as your ISP is using qmail and your local qmail is configured to receive mail for your domain (i.e: it has to be in rcpthosts and in locals) you can use fetchmail to get your mail and deliver it to the correct user. I use a .fetchmailrc like this: poll your.pop.server.com pop3 aka your.own.domain.com no dns envelope "Delivered-To:" qvirtual "login-" user "login" password "pass" to * here fetchall forcecr Bye - -- Luca Olivetti http://www.luca.ddns.org Telefonica es un freno para el desarrollo del país Telefonica is a restrain on the development of the country - --[ http://www.internautas.org ]- -BEGIN PGP SIGNATURE- Version: GnuPG v0.9.2 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE20u4hCQPXTRx9NmQRAq1gAKCXoA1UirZxYhHpNW5fHgmzZvqYYQCfRef9 gV0rbnj66o/KGk2XlicfiRg= =PiMG -END PGP SIGNATURE-
badmailfrom question
are the messages from the addresses in /var/qmail/control/badmailfrom automatically bounced or do they just go to /dev/null? I'm not aware where all those spam go. TIA -- k e c h i e "It's now safe to turn off your computer" means computing was unsafe before it appeared. -- m e
Re: badmailfrom question
On Wed, Feb 24, 1999 at 02:57:19AM +0800, [EMAIL PROTECTED] wrote: are the messages from the addresses in /var/qmail/control/badmailfrom automatically bounced or do they just go to /dev/null? The sender is rejected at the SMTP level. The sender says: MAIL FROM:[EMAIL PROTECTED] and qmail-smtpd responds: 553 sorry, your envelope sender is in my badmailfrom list (#5.7.1) End of story. Chris
Re: badmailfrom question
On Wed, Feb 24, 1999 at 02:57:19AM +0800, [EMAIL PROTECTED] wrote: are the messages from the addresses in /var/qmail/control/badmailfrom automatically bounced or do they just go to /dev/null? The sender is rejected at the SMTP level. The sender says: MAIL FROM:[EMAIL PROTECTED] and qmail-smtpd responds: 553 sorry, your envelope sender is in my badmailfrom list (#5.7.1) End of story. Is there anyway to have qmail use badmailfrom on the from line in the header? The spammers are forging the envelopes so the envelopes are pretty useless these days for filtering. (I've always referred to the "From " line as the envelope sender and called the "From:" line in the header the header from line.) -- Richard Shetron [EMAIL PROTECTED] [EMAIL PROTECTED] What is the Meaning of Life? There is no meaning, It's just a consequence of complex carbon based chemistry; don't worry about it The Super 76, "Free Aspirin and Tender Sympathy", Las Vegas Strip.
Re: Limiting Usage of SMTP server
On Tue, 23 Feb 1999, MountaiNet Tech Support wrote: I followed his instructions on Configuring Qmail to be a Selective Relay but had problems with one step. The command is: # sed 's/:.*//' virtualdomains | cat - locals | sort rcpthosts But when I run it, I get: bash: virtualdomains: No such file or directory Any ideas? don't you use virtualdomains? just define your rcpthosts file (domains that your mailserver accept mails for - your choice-) and continue with the instructions regards -Abel Lucano [EMAIL PROTECTED]
Re: Moving mail
On Tue, Feb 23, 1999 at 02:01:54PM -0500, MountaiNet Tech Support wrote: Our existing mail server user /var/spool/mail/username for mail storage. I just installed qmail and use Maildir for delivery. I need a way to move all of the mail on the existing server to the new one. The current mail server seperates mail by a From header like this: From [EMAIL PROTECTED] Tue Feb 23 17:24:52 1999 The new server uses Maildir storage so each message is listed as a seperate file in the user's Maildir. Does anyone have a script that would read each box in /usr/var/spool/mail/ on the old server and re-mail them to the user's account on the new server? Does this make since? Check the Maildir department on http://www.qmail.org. There are a couple of perl scripts there that do what you want. Chris
Re: badmailfrom question
On Tue, Feb 23, 1999 at 02:02:35PM -0500, Richard Shetron wrote: On Wed, Feb 24, 1999 at 02:57:19AM +0800, [EMAIL PROTECTED] wrote: are the messages from the addresses in /var/qmail/control/badmailfrom automatically bounced or do they just go to /dev/null? The sender is rejected at the SMTP level. The sender says: MAIL FROM:[EMAIL PROTECTED] and qmail-smtpd responds: 553 sorry, your envelope sender is in my badmailfrom list (#5.7.1) End of story. Is there anyway to have qmail use badmailfrom on the from line in the header? The spammers are forging the envelopes so the envelopes are pretty useless these days for filtering. Nope. qmail-smtpd doesn't look at the address headers. For this task you'll probably need a mail delivery agent with filtering like maildrop or procmail. Chris
Virtual Domains Setup
Hello, I want to have the following setup: I have a server that I want to not to have any e-mail setup by default. I just want e-mail for the virtual domains. In other words, I don't want the users and accounts on my box to have e-mail by default, only if I allow them to via a virtual domain (all others will bounce). I have the setup almost up, by putting: - control/defaultdomain 127.0.0.1 - control/locals localhost 127.0.0.1 - control/me 127.0.0.1 Then I have all my domains in control/rcpthosts and control/virtualdomains. I had to make it 127.0.0.1 instead of localhost because qmail detects if there is no dot in an e-mail, and appends default domain (resulting in localhost.localhost). When I send mail to just "robertw", it appends 127.0.0.1, and mail processes. When I send mail to [EMAIL PROTECTED], it forwards it to [EMAIL PROTECTED] because of the qmail file. So all seems well there. The problem is when you look at the SMTP greeting, it says 127.0.0.1. I changed that with the control/smtpgreeting. But now when a bounce message is sent, it says it came from 127.0.0.1... which is not what I want. This happens elsewhere too. Anyways, I am even on the right path to getting this set up correctly? I want a dummy server, that is not really a host in and of itself. Thanks, Robert S. Wojciechowski Jr. [EMAIL PROTECTED]
RE: Virtual Domains Setup
Robert Wojciechowski Jr. wrote/schrieb/scribsit: - control/defaultdomain 127.0.0.1 - control/locals localhost 127.0.0.1 - control/me 127.0.0.1 Anyways, I am even on the right path to getting this set up correctly? I want a dummy server, that is not really a host in and of itself. The box _must_ have a hostname after all. Stick it into me, delete any other config files apart from virtualdomains and rcpthosts and you're set. Stefan
Re: badmailfrom question
MAIL FROM:[EMAIL PROTECTED] Is there anyway to have qmail use badmailfrom on the from line in the header? The spammers are forging the envelopes so the envelopes are pretty useless these days for filtering. The From line *is* the envelope sender, which is coming from the MAIL FROM during the smtp conversation. It is not the From: header. Mate
Re: badmailfrom question
Is there anyway to have qmail use badmailfrom on the from line in the header? The spammers are forging the envelopes so the envelopes are pretty useless these days for filtering. Nope. qmail-smtpd doesn't look at the address headers. For this task you'll probably need a mail delivery agent with filtering like maildrop or procmail. What the original post said does not make much sense: the From line *is* the envelope sender's address. Mate
Re: badmailfrom question
From: Mate Wierdl [EMAIL PROTECTED] :What the original post said does not make much sense: the From line :*is* the envelope sender's address. No it's not. If I put [EMAIL PROTECTED] in my badmailfrom, I will still get messages that you send to the qmail list. But those messages will still say: From: Mate Wierdl [EMAIL PROTECTED] The envelope sender will be: [EMAIL PROTECTED] --Adam
Timestamps and message arrival times
Hi, I'm trying to figure out how the time stamping mechanism works for messages which propogate the internet. I have been looking for a tutorial but found none. The archives provided help, and man datetime did not. I'm in one timezone and my mailserver in another, so have been able to do some testing. Here are conclusions I've made based on the results of my testing. - The sending e-mail client sets the definitive time stamp in the message header (Date:) - The receiving e-mail client uses the Date: field for minutes and seconds, but adjusts the hour according to the timezone changes associated with the server hops recorded in the header? Ok have your laugh, but how the hell else is the minute field conserved (per what the sending client entered), yet the message arrives with the correct local hour. - I changed the localtime setting on the mailserver (in the other timezone), but it didn't effect the arrival time shown within my mail client? That is because qmail always lives in GMT, no? And what if you have mail users who pop your server from different timezones? Cheers - eric
Re: Limiting Usage of SMTP server
At 04:04 PM 2/23/99 +, Abel Lucano wrote: On Tue, 23 Feb 1999, MountaiNet Tech Support wrote: I followed his instructions on Configuring Qmail to be a Selective Relay but had problems with one step. The command is: # sed 's/:.*//' virtualdomains | cat - locals | sort rcpthosts But when I run it, I get: bash: virtualdomains: No such file or directory Any ideas? don't you use virtualdomains? And did you cd to /var/qmail/control first? (I don't believe I'm asking that question). Regards.
Re: badmailfrom question
From: Mate Wierdl [EMAIL PROTECTED] :I do not understand what you are talking about: I am talking about :From line, not From: header. The other guy wants badmailfrom to work on the From: line. Not the From: header (i.e. the From: line in the body of the message) At least that's how I understood his question. Basically the answer is that qmail doesn't do that. I am pretty sure maildrop does though. :Mate --Adam
Now running qmail on all our servers! Hoorah!
Finally, we are running qmaiil on all our mail servers, so thanks to everyone here who has helped me figure stuff out. It's mostly going ok, and there were no major customer hassles after the switchover. We have noticed that performance has increased dramatically. We are using inhouse LDAP patches to do our user/password lookups, so I will post our patches when our site has been cleaned up (They are nothing on the scale of Andres though, but they may be useful to someone), and we are over any teething problems. We did have one issue by the way, and I'm curious if anyone else has experienced this. We are running the main mail server on Linux. When we tried to upgrade before, I found that qmail-popup sessions were not timing out. This time around I found (with strace) that the select call in timeoutread and timeoutwrite was counting down to zero, but then it was resettting to the original timeout value somehow. So, it would never exit! At the moment I have made a hack to fix this, but I really need to know if there is a "proper" solution to this issue. I can post more details if anyone wants. Regards, Richard Aldridge, Internet Systems Engineer, Cable Internet.
Ezmlm with alias user on virtual domains?
Has anyone done this? I have a line such as: Mydomain.com:alias-mydomain In my virtualusers... then in the ~/alias directory, I have normal .qmail-mydomain* files. Now I want to setup ezmlm on that domain. Do I have to make a controlling user besides alias for ezmlm? What I need I suppose is a way to forward all mail to alias-mydomain to user-mydomain preserving the extension! So: alias-user -list-blah will be forwarded to user-list-blah. Is there a special forward type that will rewrite and forward for .qmail files? I need this because one person does not control a virtual domain here, and I want each user to be able to make their own lists. Robert S. Wojciechowski Jr. [EMAIL PROTECTED]
Re: Timestamps and message arrival times
- Eric Dahnke [EMAIL PROTECTED]: | I'm trying to figure out how the time stamping mechanism works for | messages which propogate the internet. [...] | | - The sending e-mail client sets the definitive time stamp in the | message header (Date:) Note that a correctly formatted Date: field contains the time zone, so any program can convert it to UTC (GMT) or their own local time zone. Also, note that most machines through which the message passes add a Received: field with a time stamp (same rules). | - The receiving e-mail client uses the Date: field for minutes and | seconds, but adjusts the hour according to the timezone changes | associated with the server hops recorded in the header? No, if the client and its host are set up correctly, they know what time zone you're in, so it adjusts the time shown accordingly. | - I changed the localtime setting on the mailserver (in the other | timezone), but it didn't effect the arrival time shown within my mail | client? That is because qmail always lives in GMT, no? It's that time zone indication in the Date: field again. | And what if you have mail users who pop your server from different | timezones? Not a problem at all, as long as all the software operates properly. This is not really a qmail issue - it applies to all kinds of mail software. So this list is not really the place for any lengthy discussion of these issues, methinks. - Harald
qmHandle, SSI's, and permissions
Howdy! I'm running qmail 1.03 on a RedHat 5.1 (2.0.34 kernel, glibc) system, with the vchkpw single-uid package to handle our virtual domains. The package and qmail are working wonderfully :-) I'd like to set up a web page to monitor common mail stat's, essentially "qmHandle -l" and "qmHandle -s" with the idea to eventually set up a CGI-based qmHandle queue-handling facility. qmHandle works, when run as root as intended. Off course, Apache runs as nobody, as when qhHandle is run as nobody, line 16 of the perl script: @dirlist = split (/\n/, `ls -1 -R ${queue}remote`); Generates: [nobody@vmail bin]$ qmHandle -l ls: /var/qmail/queue/remote: Permission denied ls: /var/qmail/queue/local: Permission denied Naturally, this is because "nobody" does not have permissions on the queue. Any idea's on how to (safely) allow an SSI like "!--#exec cmd="/var/qmail/bin/qmHandle -l" --" to run as nobody? -Tillman Hodgson
[MAILER-DAEMON@muncher.math.uic.edu: failure notice]
I got four messages like these. Can anybody tell me what is going on? Mate - Forwarded message from [EMAIL PROTECTED] - Delivered-To: [EMAIL PROTECTED] Date: 23 Feb 1999 23:06:46 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the qmail-send program at muncher.math.uic.edu. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: ezmlm-send: fatal: this message is looping: it already has my Delivered-To line (#5.4.6) --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: (qmail 131 invoked from network); 23 Feb 1999 23:06:45 - Received: from relay1.pair.com (HELO relay.pair.com) (209.68.1.20) by muncher.math.uic.edu with SMTP; 23 Feb 1999 23:06:45 - Received: from dragonware.de ([EMAIL PROTECTED] [149.228.132.183]) by relay.pair.com (8.8.7/8.8.5) with SMTP id SAA15985 for [EMAIL PROTECTED]; Tue, 23 Feb 1999 18:05:03 -0500 (EST) Received: (qmail 4652 invoked by uid 0); 23 Feb 1999 22:50:58 - Received: from muncher.math.uic.edu (muncher.math.uic.edu [131.193.178.181]) by harma.pair.com (8.9.1/8.6.12) with SMTP id QAA14634 for [EMAIL PROTECTED]; Tue, 23 Feb 1999 16:02:20 -0500 (EST) X-Envelope-To: [EMAIL PROTECTED] Received: (qmail 11024 invoked by uid 1002); 23 Feb 1999 21:01:19 - Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk Delivered-To: mailing list [EMAIL PROTECTED] Received: (qmail 23448 invoked from network); 23 Feb 1999 21:01:18 - Received: from wierdlmpc.msci.memphis.edu ([EMAIL PROTECTED]) by muncher.math.uic.edu with SMTP; 23 Feb 1999 21:01:18 - Received: (qmail 19350 invoked by uid 500); 23 Feb 1999 21:10:10 - Message-ID: [EMAIL PROTECTED] Mail-Followup-To: [EMAIL PROTECTED], [EMAIL PROTECTED] To: MountaiNet Tech Support [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Moving mail In-Reply-To: Message from MountaiNet Tech Support [EMAIL PROTECTED] of "Tue, 23 Feb 1999 14:01:54 EST." [EMAIL PROTECTED] [EMAIL PROTECTED] Date: Tue, 23 Feb 1999 15:10:09 -0600 From: Mate Wierdl [EMAIL PROTECTED] X-UIDL: f0eb5a8c99d61bf6379a3a2ffba98dac Our existing mail server user /var/spool/mail/username for mail storage. I just installed qmail and use Maildir for delivery. I need a way to move all of the mail on the existing server to the new one. The current mail server seperates mail by a From header like this: From [EMAIL PROTECTED] Tue Feb 23 17:24:52 1999 The new server uses Maildir storage so each message is listed as a seperate file in the user's Maildir. Does anyone have a script that would read each box in /usr/var/spool/mail/ on the old server and re-mail them to the user's account on the new server? Does this make since? Instead, you might want to use Russell Nelson's convert and create script from www.qmail.org. Mount temporarily the dir containing the new Maildirs via nfs . Mate - End forwarded message - -- --- Mate Wierdl | Dept. of Math. Sciences | University of Memphis
Re: [MAILER-DAEMON@muncher.math.uic.edu: failure notice]
Once upon a midnight dreary, Mate Wierdl had spoken clearly: I got four messages like these. Can anybody tell me what is going on? [snip] Hi. This is the qmail-send program at muncher.math.uic.edu. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: ezmlm-send: fatal: this message is looping: it already has my Delivered-To line (#5.4.6) Any chance that someone, somehow, subscribed [EMAIL PROTECTED] to the qmail mailing list??? Just a thought... Roger "Merch" Merchberger -- Roger "Merch" Merchberger --- sysadmin, Iceberg Computers Recycling is good, right??? Ok, so I'll recycle an old .sig. If at first you don't succeed, nuclear warhead disarmament should *not* be your first career choice.
RE: Virtual Domains Setup
Ok, I have it working well now, just one quirk (dunno if it's a bug). I have my main mail server name in control/me, and no other files except virtualhosts and rcpthosts. I have the following .qmail files: .qmail-domain-root // for domain.com .qmail-anotherdom-root // for anotherdom.com domain.com is the name of the mail server (mail.domain.com located in control/me) Ok, mail to [EMAIL PROTECTED] works as expected. But mail to [EMAIL PROTECTED] bounces! Why? I have it handled here I thought. It must have something to do with the fact that my control/me file says "mail.domain.com". Thanks. Robert S. Wojciechowski Jr. [EMAIL PROTECTED] -Original Message- From: Stefan Paletta [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 23, 1999 3:15 PM To: Robert Wojciechowski Jr. Cc: [EMAIL PROTECTED] Subject: RE: Virtual Domains Setup Robert Wojciechowski Jr. wrote/schrieb/scribsit: - control/defaultdomain 127.0.0.1 - control/locals localhost 127.0.0.1 - control/me 127.0.0.1 Anyways, I am even on the right path to getting this set up correctly? I want a dummy server, that is not really a host in and of itself. The box _must_ have a hostname after all. Stick it into me, delete any other config files apart from virtualdomains and rcpthosts and you're set. Stefan
Re: Aliases
On Tue, Feb 23, 1999 at 07:33:07PM -0500, MountaiNet Tech Support wrote: I have a few users who I was using /etc/aliases for under sendmail and need to know how to do those on my qmail system. I seen that I could use my existing /etc/aliases, but I really didnt wanna do that, wanted to know how qmail did this by default.thanks again! Need to read the docs; man dot-qmail, in particular. -- --- Mate Wierdl | Dept. of Math. Sciences | University of Memphis
non-resolving domain name patch
I just searched thorugh the archive looking for the Has anyone written a patch for Qmail 1.0.3 to reject mail if envelope sender domain can't be resolved? Funny you should ask, not 15 minutes ago I upgraded to 1.0.3 using such a patch. You want the patches from Jonathan Bradshaw mentioned on www.qmail.org. --- I cant seem to find this patch on the site... anyone? -- /- [EMAIL PROTECTED] --- [EMAIL PROTECTED] -\ |Justin Bell NIC:JB3084| Time and rules are changing. | |Pearson| Attention span is quickening.| |Developer | Welcome to the Information Age. | \ http://www.superlibrary.com/people/justin/ --/
Re: [MAILER-DAEMON@muncher.math.uic.edu: failure notice]
Mate Wierdl [EMAIL PROTECTED] writes: | I got four messages like these. Can anybody tell me what is going on? It looks like Thorsten Wasmann has a very broken forwarding program installed. It sees messages addressed to you and to the qmail list (which is where he got them in the first place), and apparently forwards them to you in addition to whatever else it should be doing. I got a bunch of them too, until I finally blocked relay1.pair.com (DATABYTES=1, since qmail-smtpd doesn't have a way to bounce a message cleanly.)
Re: [MAILER-DAEMON@muncher.math.uic.edu: failure notice]
what it looks like is that he has his .qmail file pointing back to [EMAIL PROTECTED] When messages come in for him, they get sent right back to the list, w/o any of the headers changing... So the qmail list thinks it came from the person who posted it.. --Adam