tcpserver: unable to bind

2000-06-05 Thread Luca Zancan

Hello everybody,

I'm running QMail 1.03 on a RedHat 6.1. I've configured it following LWQ
instructions and everything went smooth during installation... When I
launch QMail (with "supervise") and I look to /var/log/messages I find
an endless series of messages saying:
"tcpserver: fatal error: unable to bind: port already in use", or
something similar.
Of course the program does not work (I've tried the tests in
TEST.deliver and even local delivery does not work...).
My /etc/services is ok and I have already checked /etc/inetd.conf...
During RedHat installation I have not installed Sendmail. Moreover, if I
do "netstat -pa" BEFORE launching QMail, I see no service active on port
25.
Any ideas?
Thank you very much,
__

Luca Zancan
Logica S.r.l.
e-mail [EMAIL PROTECTED]
URL http://www.logicaonline.com
__






Re: programming with vpopmail - add account from web

2000-06-05 Thread kingram

Bruno Negrăo wrote:
> 
> Why don't you use de qmailadmin program.
> It does what you are trying to do. You can get it at the inter7's site.

Negative... Qmailadmin from INTER7.COM is great to admin tasks not for
people who wants to POP and create their own accounts. In qmailadmin
only postmaster can create new accounts. Normal users can only change
their passwords.

-- 
Best Regards from Poland

Krzysztof Ingram - secondary root where the power of Linux / is the
first
FF Computers Sp. z o.o.
Bielsko-Biala
mailto: [EMAIL PROTECTED]
http://www.ffcomp.com.pl



Re: Scanning outgoing attachments

2000-06-05 Thread Jason Haar

On Sun, Jun 04, 2000 at 08:41:11PM -0300, Ricardo D. Albano wrote:
> I think the best choice is to write a qmail-remote wrapper.
> 

My scan4virus harness (replaces/augments qmail-queue) reports this info...

http://www.geocities.com/jhaar/scan4virus/


> -Original Message-
> From: Jean-Baptiste Jacquemard <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
> Date: Tuesday, May 30, 2000 7:37 AM
> Subject: Scanning outgoing attachments
> 
> 
> >Hello,
> >I would like to scan all outgoing traffic and log the attachments file
> >names, and accessory, the size of the attached file.
> >Please help me, I don't know how to do that.


-- 
Cheers

Jason Haar

Unix/Network Specialist, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417
   



Re: Error #4.4.2

2000-06-05 Thread List

It goes something like the receiving host received the message but the connection was 
cut off before an acknowledgment was sent back to you. The mail was probably sent 
already.
For more info, the qmail list archive can be very handy. :-)
It's at http://www-archive.ornl.gov:8000

This is what PipE said:

> 
> i Got  Return mail  from my Mail server Follow like this 
> 
> Hi. This is the qmail-send program at mbox.samart.co.th. 
> I'm afraid I wasn't able to deliver your message to the following addresses. 
> This is a permanent error; I've given up. Sorry it didn't work out.
> <[EMAIL PROTECTED]>: 
> 203.146.42.135 failed after I sent the message. 
> Remote host said: 554 Transaction Failed
> --- Below this line is a copy of the message.
> 
> And this one is maillog on my server 
> 
> Jun 7 00:28:55 yahoo qmail: 849936535.597206 delivery 18: deferral: Connected_t 
>o_[IPADDRESS OF DES]_but_connection_died._Possible_duplicate!/ 
> 
> 
> Any idea ? 
> =--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--= 
> PipE 
> 
> System Engineer
> Samart Infonet Co.ltd
> 99/12 Software Park, 30th Floor Chaengwattana Rd., Klong Gluar, Pak-kred Nonthaburi 
>11120
> 
> [EMAIL PROTECTED]
> icq uin # 10831
> office phone : (662) 502-6388 fax : (662) 502-6382  
> =--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--= 
>  



Error #4.4.2

2000-06-05 Thread PipE
i Got  Return mail  from my Mail server Follow like
this 

Hi. This is the qmail-send program at mbox.samart.co.th. 
I'm afraid I wasn't able to deliver your message to the following
addresses. 
This is a permanent error; I've given up. Sorry it didn't work
out.
<[EMAIL PROTECTED]>: 
203.146.42.135 failed after I sent the message. 
Remote host said: 554 Transaction Failed
--- Below this line is a copy of the message.

And this one is maillog on my server 

Jun 7 00:28:55 yahoo qmail: 849936535.597206 delivery 18: deferral:
Connected_t o_[IPADDRESS OF
DES]_but_connection_died._Possible_duplicate!/ 


Any idea ? 


=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=

PipE 

System Engineer
Samart Infonet Co.ltd
99/12 Software Park, 30th Floor Chaengwattana Rd., Klong Gluar, Pak-kred
Nonthaburi 11120

[EMAIL PROTECTED]
icq uin # 10831
office phone : (662) 502-6388 fax : (662)
502-6382  
=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=




Re: Upgrading fron sendmail to Qmail, queue problems

2000-06-05 Thread Patrick Berry

on 6/5/00 8:20 PM, net admin at [EMAIL PROTECTED] wrote:

> Hi Folks;
> I am upgrading a FreeBSD sendmail server to Qmail, did go through the FAQ
> and docs extensively, qmail runs and I see all the processes running but
> when I try to send mail to local user I get the following errors:
> 
> qmaili delivery 1: defferal: fastforward:_fatal:_
> qq:_trouble_creating_files_in_queue(#4.3.0)/

Did you try queue-fix?  I have never used it but it may give you some more
clues.

http://www.netmeridian.com/e-huss/queue-fix.tar.gz

Pat




Re: /bin/sh:_/home/vpopmail/bin/postmaster:_No_such_file_or_directory/

2000-06-05 Thread shaoming


Hi to all,

I have manage to find the problem. It seem that the .qmail-default
contain incorrect info.
It was pointing to 
| /home/vpopmail/bin/postmaster

But what puzzles me is :
How did that line get into the .qmail-default file in the first place?
The file is automatically managed by vpopmail and qmailadmin. Is this a
bug with vpopmail and qmailadmin?

shaoming wrote:
> 
> Hi to all!
> 
> I'm using vpopmail to manage my virtualdomains.
> Recently, I encountered one problem with one of my domain.
> The e-mails for the domain do not get to their respective mailboxes, the
> log for one particular session is attached below. It seem to complain
> about not finding a certain file/directory.  This is correct as there
> really is no such file/directory. I'll need to change the path - but how
> do I do that - Which file should I edit? Since this is usually done
> automatically by vpopmail - what possibly could have gone wrong?
> 
> 2000-06-06 10:23:13.147251500 status: local 1/10 remote 0/20
> 2000-06-06 10:23:13.164625500 delivery 56721: deferral:
> /bin/sh:_/home/vpopmail/bin/postmaster:_No_such_file_or_directory/
> 
> I'll need to rectify this fast and I hope you all can give me a hand on
> this.
> 
> thanks a million.



Re: Qmail problems - mail won't send

2000-06-05 Thread Irwan Hadi

At 11:30 PM 6/5/00 -0400, [EMAIL PROTECTED] wrote:
>Mail seems to be building up my mail queue (I can tell from running qmail-
>qstat). I am new to qmail so I don't know quite how everything works yet.
>What would cause the mail to build up in the queue and not send, and how
>would I fix it?

first do
ps -waux | grep qmail
and paste the result here

after that see your log , it can be at /var/log/maillog or 
/var/qmail/log/current (for the last one is if you use multilog instead of 
syslog)




Qmail problems - mail won't send

2000-06-05 Thread slvrchair

Mail seems to be building up my mail queue (I can tell from running qmail-
qstat). I am new to qmail so I don't know quite how everything works yet. 
What would cause the mail to build up in the queue and not send, and how 
would I fix it?

Any help is greatly appreciated. Thanks in
advance.

-
This message was sent using MI-Webmail.
No matter where you are, never lose touch.
Get your Email using MI-Webmail.
http://www.monmouth.com/





Upgrading fron sendmail to Qmail, queue problems

2000-06-05 Thread net admin

Hi Folks;
I am upgrading a FreeBSD sendmail server to Qmail, did go through the FAQ
and docs extensively, qmail runs and I see all the processes running but
when I try to send mail to local user I get the following errors:

qmaili delivery 1: defferal: fastforward:_fatal:_
qq:_trouble_creating_files_in_queue(#4.3.0)/

qmaili warning: trouble opening local/2/0/70377; will try again later

and
qmaili   delivery 1: defferal: sorry,_message_has_wrong_owner

I am using fastforward for sendmail /etc/aliases
~alias/.qmail-default contains:

| fastforward -d /etc/aliases.cdb

I did: tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.temp < /etc/tcp.smtp
and it was OK

also did 'make setup check' at the qmail source dir and went OK

AND I AM RUNNING OUT OF CLUES! (time to get coffee and another brain)

Thanks for any help

Dan




FW: /bin/mail

2000-06-05 Thread Charlie Chrisman


here is the contents of my /var/qmail/rc file  i realized a problem and
am trying to call /bin/mail correctly but i can't figure it out

#!/bin/sh

# Using splogger to send the log through syslog.
# Using binmail to deliver messages to /var/spool/mail/$USER by default.
# Using V7 binmail interface: /bin/mail -f

exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start \
'|preline -f /bin/mail -u "$USER"' \
splogger qmail

any help would be appreciated

thanks
charlie
-Original Message-
From: Peter van Dijk [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 05, 2000 10:48 PM
To: Qmail Mailing List E-mail"
Subject: Re: /bin/mail


On Mon, Jun 05, 2000 at 10:37:24PM -0400, Charlie Chrisman wrote:
> im trying to get qmail to deliever its mail using /bin/mail and i get this
> line in the maillog:
>
> Jun  5 21:53:48 ns1 qmail: 960256428.605530 delivery 8: deferral:
> Unable_to_open_/bin/mail:_access_denied._(#4.2.1)/

How did you tell it to use /bin/mail?

Greetz, Peter.
--
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]




Re: Does someone knows what is this about?

2000-06-05 Thread clemensF

> Bruno Wolff III:

> Except that sites that block probes rather than fix open relays really
> belong in a different kind of list. I think the ORBS would be better
> off just listing confirmed open relays. If they would do this, a lot

yes, this makes sense.

-- 
clemens



Re: Qmail and conf-spawn

2000-06-05 Thread clemensF

> Eric Cox:

> > but linux processes don't share one copy of, say, top, when it is called
> > twice by different users, do they?
> 
> I'm pretty sure they do.  Since programs can't modify their own 

this has been discussed, and i rest my case.

-- 
clemens



Re: /bin/mail

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 10:37:24PM -0400, Charlie Chrisman wrote:
> im trying to get qmail to deliever its mail using /bin/mail and i get this
> line in the maillog:
> 
> Jun  5 21:53:48 ns1 qmail: 960256428.605530 delivery 8: deferral:
> Unable_to_open_/bin/mail:_access_denied._(#4.2.1)/

How did you tell it to use /bin/mail?

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



/bin/mail

2000-06-05 Thread Charlie Chrisman

im trying to get qmail to deliever its mail using /bin/mail and i get this
line in the maillog:

Jun  5 21:53:48 ns1 qmail: 960256428.605530 delivery 8: deferral:
Unable_to_open_/bin/mail:_access_denied._(#4.2.1)/

any ideas?

thanks,
Charlie Chrisman
[EMAIL PROTECTED]
(606) 269-7946 Home
(606) 619-2183 Mobile


BEGIN:VCARD
VERSION:2.1
N:Chrisman;Charlie
FN:Charlie Chrisman (E-mail 2)
EMAIL;PREF;INTERNET:[EMAIL PROTECTED]
REV:2503T104312Z
END:VCARD



/bin/sh:_/home/vpopmail/bin/postmaster:_No_such_file_or_directory/

2000-06-05 Thread shaoming


Hi to all!

I'm using vpopmail to manage my virtualdomains.
Recently, I encountered one problem with one of my domain.
The e-mails for the domain do not get to their respective mailboxes, the
log for one particular session is attached below. It seem to complain
about not finding a certain file/directory.  This is correct as there
really is no such file/directory. I'll need to change the path - but how
do I do that - Which file should I edit? Since this is usually done
automatically by vpopmail - what possibly could have gone wrong?

2000-06-06 10:23:13.147251500 status: local 1/10 remote 0/20
2000-06-06 10:23:13.164625500 delivery 56721: deferral:
/bin/sh:_/home/vpopmail/bin/postmaster:_No_such_file_or_directory/

I'll need to rectify this fast and I hope you all can give me a hand on
this.

thanks a million.



Users Backup

2000-06-05 Thread Edilmar Alves

Hi,

I would like to backup the users I created
with QMailAdmin (vpopmail users, not
UNIX users). Is it only backup passwd
file from vpopmail ?
If I lost my server, the only thing I need to
do is to override the vpopmail passwd ...


begin:vcard 
n:Alves;Edilmar
tel;fax:+55(67)741-4530
tel;work:+55(67)741-8811
x-mozilla-html:FALSE
url:http://www.fes.br/
org:Faculdade Estácio de Sá;Coordenação de TPD
version:2.1
email;internet:[EMAIL PROTECTED]
title:FES-CGR
adr;quoted-printable:;;Rua Ven=E2ncio Borges do Nascimento, 377=0D=0AJardim TV Morena;Campo Grande;MS;79052-140;Brasil
end:vcard



maximum recipients.

2000-06-05 Thread Marc-Adrian Napoli

Hi all,

Is there any control file for qmail that will set a maximum recipient count
for any mail coming into qmail-smtpd?

Regards,

Marc-Adrian Napoli
Network Administrator
Connect Infobahn Australia
+61 2 9281 1750




Re: system rebooted, sendmail took over, how do I send those messages now

2000-06-05 Thread David L. Nicol

Susan Short wrote:

> Next question, is there another way I can send this mail without getting
> sendmail to work?

One way to proceed is to divide up the queue into messages, and then
feed each message into qmail-inject. 

You will need to "crack" your sendmail's method of storing its queue,
but it shouldn't be difficult.

Once you have figured it out, feed each message into qmail-inject.



-- 
  David Nicol 816.235.1187 [EMAIL PROTECTED]
Visualize creamed corn



Re: Does someone knows what is this about?

2000-06-05 Thread John R. Levine

>There exists sites which do not have a nice block of IP addresses
>which describe all of their valid mail relay users.  For such sites,
>tarpitting is a much better solution than relay blocking.  MIT is one
>of them (many of its mail relay users are customers of random outside
>ISPs), 

The amount of spam I get from MIT tells me that whatever tarpitting
they think they're doing doesn't work.  Pop-before-SMTP and SMTP AUTH
both work and are widely implemented, as do various IP-in-IP tunnels.
It's sheer pigheadedness that makes MIT refuse to run mail systems the
way that responsible admins do.

Regards,
John Levine, [EMAIL PROTECTED], http://www.abuse.net, Trumansburg NY
abuse.net postmaster




Re: Qmail and conf-spawn

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 04:57:30PM -0700, Eric Cox wrote:
> clemensF wrote:
> > 
> > > David Dyer-Bennet:
> > 
> > >  > identical program invocations get to run their own copy of the program
> > >  > text.
> > >
> > > I don't believe this last bit is the case.  It's clearly not the case
> > > on Linux, anyway, as displayed by the various size numbers in 'top'.
> > 
> > but linux processes don't share one copy of, say, top, when it is called
> > twice by different users, do they?

Yes they do.

> I'm pretty sure they do.  Since programs can't modify their own 
> code space on a Linux system, there's really no reason to have 
> multiple images of any given program code in memory.  Multiple 
> stacks, heaps, and sets of file descriptors, etc, but not program 
> code. 

Correct. Same for library code.

> Your system is probably just thrashing with higher concurrencies 
> because it's swapping out chunks of the dynamic data of all those 
> processes...

Yes, dynamic data ofcourse still needs room in memory.

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



Re: Qmail and conf-spawn

2000-06-05 Thread Eric Cox

clemensF wrote:
> 
> > David Dyer-Bennet:
> 
> >  > identical program invocations get to run their own copy of the program
> >  > text.
> >
> > I don't believe this last bit is the case.  It's clearly not the case
> > on Linux, anyway, as displayed by the various size numbers in 'top'.
> 
> but linux processes don't share one copy of, say, top, when it is called
> twice by different users, do they?

I'm pretty sure they do.  Since programs can't modify their own 
code space on a Linux system, there's really no reason to have 
multiple images of any given program code in memory.  Multiple 
stacks, heaps, and sets of file descriptors, etc, but not program 
code. 

Your system is probably just thrashing with higher concurrencies 
because it's swapping out chunks of the dynamic data of all those 
processes...


Eric



Re: Does someone knows what is this about?

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 05:19:49PM -0400, Greg Hudson wrote:
> >> ORBS also lists tarpitting people, although as spam relays they are
> >> unsusable, too.
> 
> > Anybody clueful enough to do tarpitting should block relaying.
> 
> There exists sites which do not have a nice block of IP addresses
> which describe all of their valid mail relay users.  For such sites,
> tarpitting is a much better solution than relay blocking.  MIT is one
> of them (many of its mail relay users are customers of random outside
> ISPs), and has had numerous problems with ORBS as a result.

I strongly disagree that tarpitting is a solution to relay abuse. A spammer
will just open more connections, or make sure he stays just under the
threshold.

> > No. You obviously do not see my point. ORBS's job is to list open
> > relays.  It does that, and it's good at it too. It also does not
> > enforce this policy on anybody.
> 
> That's fine, but you personally have been making normative statements
> like "No, don't get used to being listed on ORBS" and the one I quoted
> above.

Yes, and I am fully behind those statements.

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



Re: Does someone knows what is this about?

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 03:17:06PM -0500, Bruno Wolff III wrote:
> On Mon, Jun 05, 2000 at 07:09:57PM +0200,
>   Peter van Dijk <[EMAIL PROTECTED]> wrote:
> > 
> > That depends on your filtering software. It seems djb's rblsmtpd does not
> > have an option to change this. That sucks. Your choice is hereby reduced
> > (by DJB, not by any people at ORBS) to 'block everything ORBS list for
> > whatever reason, or not.'
> 
> While that used to be true, it doesn't seem to be any longer. They have
> some experimental zones for looking up different classes of hosts.
> There is inputs.orbs.org for inputs to relays and outputs.orbs.org for
> inputs plus outputs. There are also some other zones for other categories
> including people blocking them.

You do have a point there, I hadn't thought of actually using it.

> I think I will be able to use them again as I only want to block inputs
> and outputs, since the ORBS seems to catch sites faster than the RSS.

A short test shows that both inputs.orbs.org and outputs.orbs.org list a
certain open relay I know about, but do not list mail.securityfocus.com at
all, which is a good thing. Even with rblsmtpd people have a choice then,
it seems :)

I think this should be enough to close all rants on ORBS. *ducks and takes
cover*

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



Re: Does someone knows what is this about?

2000-06-05 Thread Russ Allbery

Bruno Wolff <[EMAIL PROTECTED]> writes:

> I think I will be able to use them again as I only want to block inputs
> and outputs, since the ORBS seems to catch sites faster than the RSS.

That's because RSS requires evidence that the relay is actually being
abused, whereas ORBS will list any machine that's open regardless of
whether it's being abused or not (by design).  I disagree with ORBS on a
lot of things, but it's good that this particular choice is available to
people.

-- 
Russ Allbery ([EMAIL PROTECTED]) 



Re: Does someone knows what is this about?

2000-06-05 Thread Greg Hudson

>> ORBS also lists tarpitting people, although as spam relays they are
>> unsusable, too.

> Anybody clueful enough to do tarpitting should block relaying.

There exists sites which do not have a nice block of IP addresses
which describe all of their valid mail relay users.  For such sites,
tarpitting is a much better solution than relay blocking.  MIT is one
of them (many of its mail relay users are customers of random outside
ISPs), and has had numerous problems with ORBS as a result.

> No. You obviously do not see my point. ORBS's job is to list open
> relays.  It does that, and it's good at it too. It also does not
> enforce this policy on anybody.

That's fine, but you personally have been making normative statements
like "No, don't get used to being listed on ORBS" and the one I quoted
above.



Re: Does someone knows what is this about?

2000-06-05 Thread Bruno Wolff III

On Mon, Jun 05, 2000 at 07:09:57PM +0200,
  Peter van Dijk <[EMAIL PROTECTED]> wrote:
> 
> That depends on your filtering software. It seems djb's rblsmtpd does not
> have an option to change this. That sucks. Your choice is hereby reduced
> (by DJB, not by any people at ORBS) to 'block everything ORBS list for
> whatever reason, or not.'

While that used to be true, it doesn't seem to be any longer. They have
some experimental zones for looking up different classes of hosts.
There is inputs.orbs.org for inputs to relays and outputs.orbs.org for
inputs plus outputs. There are also some other zones for other categories
including people blocking them.

I think I will be able to use them again as I only want to block inputs
and outputs, since the ORBS seems to catch sites faster than the RSS.



system rebooted, sendmail took over, how do I send those messages now

2000-06-05 Thread Susan Short

Our sun OS 2.7 mail server had a system panic on Friday and it rebooted. I 
hadn't configured the boot scripts yet and our other sysadmin didn't call me 
(I was on vacation).

This morning I saw that qmail hadn't started and sendmail (which had never 
been configured to work) had queued all the messages since friday.

I fixed qmail and rebooted to make sure that my boot scripts now worked.

Now qmail is working fine but I have over 1000 messages in my sendmail 
queue.

I tried sendmail.bak -q and it ran and tried to send messages but they all 
show up queued.

Any ideas?

We are running behind a firewall and not using DNS behind the firewall I am 
using a hardcoded IP address smtproute to forward everything to our mail 
server in the DMZ.

First question, can I run sendmail.bak (that was copied from the original 
/usr/lib/sendmail that was then linked as follows:
#ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
?

Are my messages queuing because sendmail has never worked properly?  
sendmail.cf is a copy of subsidiary.cf and mailhost in /etc/hosts points to 
the system that is my snmproute for all traffic for qmail.  I have hosts 
then dns in my nsswitch.conf file (I know that qmail doesn't read this but 
sendmail should).

Next question, is there another way I can send this mail without getting 
sendmail to work?

Thanks for any help

Susan Short



Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com




Re: Does someone knows what is this about?

2000-06-05 Thread Ryan Russell

> Except that sites that block probes rather than fix open relays really
> belong in a different kind of list. I think the ORBS would be better
> off just listing confirmed open relays. If they would do this, a lot

Peter van Dijk confirmed that we are listed in a different category from
regular open relays, so consumers of the ORBS list who wish to
differentiate can do so.

Ryan




Re: Does someone knows what is this about?

2000-06-05 Thread Bruno Wolff III

On Mon, Jun 05, 2000 at 09:13:24AM -0700,
  Ryan Russell <[EMAIL PROTECTED]> wrote:
> 
> It makes perfect sense, from a certain point of view.  The ORBS guys want
> to list relays.  The run across an address block that has a number of open
> relays, and the adminitrators of that block aren't responsive to requests
> to arrange to have them closed.  ORBS then lists those particular
> addresses (their purpose in life.)  In response the provider blocks the
> ORBS machines.  The ORBS guys can no longer test for relays, and
> especially given what they had found before and the provider's lack of
> response, they can only assume there are any number of open relays in the
> address block.  
> 
> Were they to do otherwise, they'd be fail-open instead of fail-closed.
> 

Except that sites that block probes rather than fix open relays really
belong in a different kind of list. I think the ORBS would be better
off just listing confirmed open relays. If they would do this, a lot
more people would use them. I think that in general groups that maintain
lists for others to use as block lists should remain very focused and let
the mail admins pick and choose which lists make sense to use for their
sites. When different functions are lumped together, admins may have to
not use a list, even if it lists sites that have some problem they are
willing to block on, but also lists some sites that have a different
problem that they don't want to block on.



Re: programming with vpopmail - add account from web

2000-06-05 Thread Bruno Negrão

Why don't you use de qmailadmin program.
It does what you are trying to do. You can get it at the inter7's site.

-Mensagem Original-
De: Próspero, Esteban <[EMAIL PROTECTED]>
Para: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Enviada em: Segunda-feira, 5 de Junho de 2000 12:21
Assunto: programming with vpopmail - add account from web


Hi everyone!
Where can I get more information about vpopmail api functions? I want to
make an html page where anyone could pop into and add as a users of
sqwebmail (a kind of Hotmail). I'm using qmail 1.03 and vpopmail.

Thanks in advance!!

Esteban Javier Próspero






Re: [newcomer] Problems installing Qmail+VMailMgr+Courier-Imap

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 03:04:54PM -0300, Martin A. Langhoff wrote:
[snip]
> Now, the symptoms I could gather:
> - syslogd taking 50% processor time

syslog sucks. daemontools (which you installed) come with multilog which
does a far better job.

> - command line utilities like mail / sendmail are there and seem
> to work, but `mail root` or `sendmail root` and then typing `mail` to
> see my own msg did not work. Maybe I'm expecting something to work that
> won't ever work when virtualizing email accounts?

qmail does not and will not ever deliver to root. Check ~alias for where
this mail went, or check the logfiles.

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



[newcomer] Problems installing Qmail+VMailMgr+Courier-Imap

2000-06-05 Thread Martin A. Langhoff

hello,

I've come across HOWO recently added to the linux HOWTO's, written
by Dan Kuykendall, titled "Qmail VMailMgr and Courier-ImapHOWTO". This
HOWTO guided me though the prep/compile/install for
- ucspi-tcp
- daemontools
- supervise-scripts
- qmail
- vmailmgr
- courier-imap

 and a few config changes, like add a user and add a virtualhosts
file to add users to a test domain virtualhost. Ah, of course, I did
remove sendmail and friends before starting.

And then restarted.

[ a little background on the machine: it's an old RH5.1 upgraded to
RH.6.1, running named (from CD rpms), Samba (built from src) and MySQL
(from SRPMs) and Apache+mod_perl (built from src). I do have lots of
Perl modules, but don't think it matters. ]

Well, now nothing's running as it should. It's an internal test
server,  so I don't really mind that syslog is taking 50% of cpu time.
:) But I guess that signals that something's running wrong, don't you?

Now, the symptoms I could gather:
- syslogd taking 50% processor time
- command line utilities like mail / sendmail are there and seem
to work, but `mail root` or `sendmail root` and then typing `mail` to
see my own msg did not work. Maybe I'm expecting something to work that
won't ever work when virtualizing email accounts?
- tried to connect to the imap server from the very same box,
with NN4.x under GNOME and got an eternal wait.
- tried to connect to the pop server from the very same box,
with NN4.x under GNOME and got an eternal wait.

As you can read, I'm quite new to this software, and I'm looking for
clues to follow. Could someone point me in the right direction? The aim
of all this is to get qmail to work, and then virtual domain accounts to
work also over imap. Then. with the aid of an opensource imap webmail
interface, I'll be out with Pinky and The Brain to conquer the world :)

Thanks!



martin
-- --
To understand recursion, one must first understand recursion.
-- --
- Martin Langhoff @ S C I M  Multimedia Technology -
  - http://www.scim.net  | God is real until  -
  - mailto:[EMAIL PROTECTED]  | declared integer   -





Re: How to get QMQP to work

2000-06-05 Thread clemensF

> Johan Almqvist:

> How can I get qmail to use QMTP between two boxes that there is a lot of
> traffic between? I tried putting the respective IP adresses in
> /var/qmail/control/qmqpservers, but that didn't do it.

how about this:  you setup qmail-qmtpd on both machines to serve on a tcp-
port reserved for this purpose, while keeping qmail-smtpd on 25.

-- 
clemens



Re: Sender domain must resolve

2000-06-05 Thread clemensF

> Pablo Martínez Schroder:

> When qmail tries to send mail to [EMAIL PROTECTED] from our mail server
> (212.49.139.237) and the sender is [EMAIL PROTECTED], bt.es mail
> server says "Sender domain must resolve".

how about this:  you either find the lines in the sources where this error
is raised and from there backwards or from the appropriate mx record
forward.

-- 
clemens



Re: Sorry, no mailbox ...

2000-06-05 Thread clemensF

> Goran Blazic:

> address [EMAIL PROTECTED] (the same address on different
> 
> There was no way to do this, so I somehow tracked it to the fact, that I had

how is somehow?  could you please describe this in more detail?

-- 
clemens



RE: dot-qmail in vpopmail

2000-06-05 Thread "Próspero, Esteban"

!Hola Pablo!

I think you should put a .qmail-usuario under
~vpopmail/domains/mydomain.tld/.qmail-usuario. Look at vpopmail man page or
http://www.inter7.com/vpopmail/vpopmail.html the dot-qmail section.

Suerte!

Esteban Javier Próspero
> From: Pablo Martínez Schroder [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, June 05, 2000 1:39 PM
> To:   lista, qmail
> Subject:  dot-qmail in vpopmail
> 
> It is possible to use a .qmail file with vpopmail...
> 
> I have tried a .qmail file in ~vpopmail/domains/mydomain.tld/user with
> the lines
> 
> ./Maildir/
> &[EMAIL PROTECTED]
> 
> but qmail tries to send it to [EMAIL PROTECTED] and tries to
> execute with sh "&[EMAIL PROTECTED]"
> 
> I've also tried to use .qmail-user in ~vpopmail/domains/mydomain.tld,
> but this file isn't read, the mail is send directly to the user's
> Maildir
> -- 
> Pablo Martínez Schroder
> Departamento de Administracion de Sistemas
>  
>  Hidra Telecomunicaciones y Multimedia, S.A.
>  C/. Casas de Campos, 3
>  29001 Málaga
>  Tlf Nal.: 902 20 21 02
>  Tlf Int.: +34 95 222 92 14
>  http://www.hipernet.es/
>  mailto:[EMAIL PROTECTED]



Re: Does someone knows what is this about?

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 07:36:43PM +0200, Petr Novotny wrote:
[snip]
> On 5 Jun 00, at 19:27, Peter van Dijk wrote:
> 
> > If one of your customers runs an open relay, you should force your customer
> > into fixing it, or make sure yourself that they can't cause any damage.
> > Open relays found by spammers tend to cause great network-loads too.
> 
> Hell, ORBS doesn't make sure about that either. Imagine a 
> customer behind a normal 28.8 dial-up. How much spam can he 
> send through his "open relay"? ORBS tester also only tests if a 
> single message gets through; but for a real spammer, less then ten 
> thousand messages per hour is too slow.

Ok, so you found an example where the open relay won't cause network loads.
Big furry deal. There's more to it. An open relay prevents providers from
monitoring abuse by their own users.

> ORBS also lists tarpitting people, although as spam relays they 
> are unsusable, too.

Anybody clueful enough to do tarpitting should block relaying.

> ORBS also lists people who allow only limited relay (only 40
> e-mails per sender address daily).
> 
> Should I go on?

No. You obviously do not see my point. ORBS's job is to list open relays.
It does that, and it's good at it too. It also does not enforce this policy
on anybody.

You show the ORBS guy a way to distinguish relays like the ones you mention
above from relays with thick pipes and perhaps he'll consider doing several
kinds of listings. But I don't think so. Open relays are a bad thing
_always_.

> Open relays per se aren't bad; unguarded open relays behind a 
> thick cable are bad. ORBS doesn't mind a difference. Sorry, not for 
> me; in fact, enough for me to preach against.

I will not stop you in your preaching. I will disagree tho, and loudly too
:)

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



dot-qmail in vpopmail

2000-06-05 Thread Pablo Martínez Schroder

It is possible to use a .qmail file with vpopmail...

I have tried a .qmail file in ~vpopmail/domains/mydomain.tld/user with
the lines

./Maildir/
&[EMAIL PROTECTED]

but qmail tries to send it to [EMAIL PROTECTED] and tries to
execute with sh "&[EMAIL PROTECTED]"

I've also tried to use .qmail-user in ~vpopmail/domains/mydomain.tld,
but this file isn't read, the mail is send directly to the user's
Maildir
-- 
Pablo Martínez Schroder
Departamento de Administracion de Sistemas
 
 Hidra Telecomunicaciones y Multimedia, S.A.
 C/. Casas de Campos, 3
 29001 Málaga
 Tlf Nal.: 902 20 21 02
 Tlf Int.: +34 95 222 92 14
 http://www.hipernet.es/
 mailto:[EMAIL PROTECTED]



Re: Why not inetd?

2000-06-05 Thread Petr Novotny

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 5 Jun 00, at 12:02, John Gonzalez/netMDC admin wrote:

> inetd by default has the above behaviour, but can be overridden in the
> configuration file to accept any number of connections.

That's bad, too. I want to limit the number of live incoming 
connections - simply because I have a limited number of open file 
handles. I don't want other programs to starve because inetd-
spawned service got all the handles.

-BEGIN PGP SIGNATURE-
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOTvXdFMwP8g7qbw/EQJKVQCg9QVjj9758ceNoKUF0RnIjjNEsCoAoPTM
Nxrg9fO2WTP98lvgP5sLcGk/
=ZA/e
-END PGP SIGNATURE-
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
 [Tom Waits]



Re: Does someone knows what is this about?

2000-06-05 Thread Petr Novotny

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 5 Jun 00, at 19:27, Peter van Dijk wrote:

> If one of your customers runs an open relay, you should force your customer
> into fixing it, or make sure yourself that they can't cause any damage.
> Open relays found by spammers tend to cause great network-loads too.

Hell, ORBS doesn't make sure about that either. Imagine a 
customer behind a normal 28.8 dial-up. How much spam can he 
send through his "open relay"? ORBS tester also only tests if a 
single message gets through; but for a real spammer, less then ten 
thousand messages per hour is too slow.

ORBS also lists tarpitting people, although as spam relays they 
are unsusable, too.

ORBS also lists people who allow only limited relay (only 40
e-mails per sender address daily).

Should I go on?


Open relays per se aren't bad; unguarded open relays behind a 
thick cable are bad. ORBS doesn't mind a difference. Sorry, not for 
me; in fact, enough for me to preach against.

-BEGIN PGP SIGNATURE-
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOTvXG1MwP8g7qbw/EQIqxgCgvxm8wFI8z2C4Ha6yPa9X38HCPRUAoOHh
nay5yK7sAmsZONgVMWf9FdHo
=iWH2
-END PGP SIGNATURE-
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
 [Tom Waits]



Re: Does someone knows what is this about?

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 07:20:05PM +0200, Petr Novotny wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> On 5 Jun 00, at 19:12, Peter van Dijk wrote:
> 
> > The only correct choice is 1. If your customer has an open relay, block
> > them on your own smarthost until they fix their problem.
> 
> Oh thanks. In other words, you're giving me the following 
> possibilities:
> 1. Get used to being listed in ORBS.

No. Make sure you don't get listed in ORBS. If you get listed in ORBS, that
is for a good reason - blocking your machine blocks illegally relayed
email.

> 2. Losing customers by denying them service (something that 
> noone else does, at least around here).

If one of your customers runs an open relay, you should force your customer
into fixing it, or make sure yourself that they can't cause any damage.
Open relays found by spammers tend to cause great network-loads too.

You should not get used to being listed in ORBS. You should make sure ORBS
has no reason to list you. ORBS is not there to cause you trouble, ORBS is
there to help people avoid problems. If they want to.

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



Re: Why not inetd?

2000-06-05 Thread John Gonzalez/netMDC admin

On Mon, 5 Jun 2000, Peter Samuel wrote:

>It has a rate limiting "feature" whereby it will stop servicing a port
>for 10 MINUTES if it thinks the rate of incoming connections is too
>high (I have flat lined a remote inetd with qmail-remote from a 14k4
>modem). tcpserver doesn't care about rate, it just cares about
>simultaneous connections.
>Regards
>Peter
>--
>Peter Samuel[EMAIL PROTECTED]

While i agree with Peter that tcpserver is superior, i dont want people
getting the wrong idea of inetd.

inetd by default has the above behaviour, but can be overridden in the
configuration file to accept any number of connections.


-- 
  ___   _  __   _  
__  /___ ___    /__  John Gonzalez/Net.Tech
__  __ \ __ \  __/_  __ `__ \/ __  /_  ___/ MDC Computers/netMDC!
_  / / / `__/ /_  / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052
/_/ /_/\___/\__/ /_/ /_/ /_/\__,_/  \___/ http://www.netmdc.com
[-[system info]---]
 12:00pm  up 25 days, 17:26,  3 users,  load average: 0.62, 0.29, 0.20




Re: Does someone knows what is this about?

2000-06-05 Thread Petr Novotny

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 5 Jun 00, at 19:12, Peter van Dijk wrote:

> The only correct choice is 1. If your customer has an open relay, block
> them on your own smarthost until they fix their problem.

Oh thanks. In other words, you're giving me the following 
possibilities:
1. Get used to being listed in ORBS.
2. Losing customers by denying them service (something that 
noone else does, at least around here).

Again it seems that #1 is the only correct choice, unless there's a 
business model involving no customers...

-BEGIN PGP SIGNATURE-
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOTvTNVMwP8g7qbw/EQIgCQCfVFnYbSblPWjfu+OfvHTdPYDSTsQAoP7H
WY9LKZ9Cy8p4tnDgrWeBbg4U
=+uko
-END PGP SIGNATURE-
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
 [Tom Waits]



Re: Does someone knows what is this about?

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 07:06:58PM +0200, Petr Novotny wrote:
[snip]
> 
> I have yet to see a contract saying "Thou shalt not run an open 
> relay."

Our contracts with CoLo's do, implicitly or explicitly. We are allowed to
block port 25 towards colo's (and we do) if we hear about an open relay.

> > Are you going to ignore your customer's violation of 
> > the contract?  By allowing customers to run insecure relays and blindly 
> > forwarding spam, the ISP is probably violating his own contract with his 
> > upstream service provider...
> 
> What? Do you think that companies like EBONE and Sprint 
> provide you with the connectivity only if you agree not to run open 
> relays?

I don't know. I do think they should.

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



Re: Does someone knows what is this about?

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 06:36:04PM +0200, Petr Novotny wrote:
[snip]
> 
> On 5 Jun 00, at 18:28, Peter van Dijk wrote:
> 
> > > > - ORBS has IMHO too much false positives
> > 
> > That is impossible. ORBS does not list a machine until it has received
> > a relayed test message.
> 
> Second (or higher) level relay _is_ a false positive. My ISP has 
> been listed recently because they're doing a smarthost for clueless 
> companies with dial-up connectivity (and no relay checks). What 
> should the poor ISP do?
> 
> 1. Tell the customers to go f*ck themselves and cut their service.
> 2. Automagically detect that the customer is being relay-abused.
> 3. Block ORBS tester.
> 4. Let the remaining customers suffer because the smarthost is 
> blacklisted.

The only correct choice is 1. If your customer has an open relay, block
them on your own smarthost until they fix their problem.

ORBS has no choice other than list you as an output point, because that is
the only way it will block relayed mail. Blocking the input point is
useless, unless you honor ORBS even for internal hosts.

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



Re: Does someone knows what is this about?

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 06:21:10PM +0200, Petr Novotny wrote:
[snip]
> On 5 Jun 00, at 18:13, IDG New Media Support - André Paulsberg wrote:
> 
> > What a mail admin chooses to do with is ORBS information is up to him,
> > and he may ignore some or all listings ORBS give out for "admin
> > refused".
> 
> How can I set up my filters to just use "really open relay" info from 
> ORBS and throw away "admin refused" unknows?

That depends on your filtering software. It seems djb's rblsmtpd does not
have an option to change this. That sucks. Your choice is hereby reduced
(by DJB, not by any people at ORBS) to 'block everything ORBS list for
whatever reason, or not.'

[snip]
> 
> 
> Hell, you have guilty machine's IP. What's so mysterious about 
> connecting to the machine directly and leave a RCPT 
> TO: there?
> 

Hmm I'll suggest this one to Alan (the ORBS guy). I wonder why he never
came up with this. Or didn't he?

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



Re: Does someone knows what is this about?

2000-06-05 Thread Petr Novotny

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 5 Jun 00, at 19:01, Will Harris wrote:

> No - advise them of their problem, and suspend mail service until they have 
> fixed their faulty servers.
> 
> Most ISPs have contracts with their network customers explicity forbidding 
> spamming of any kind.

I am not sure I understand what you're talking about. Relaying is 
not spamming - and you'd have a hard time proving otherwise in 
court.

I have yet to see a contract saying "Thou shalt not run an open 
relay."

> Are you going to ignore your customer's violation of 
> the contract?  By allowing customers to run insecure relays and blindly 
> forwarding spam, the ISP is probably violating his own contract with his 
> upstream service provider...

What? Do you think that companies like EBONE and Sprint 
provide you with the connectivity only if you agree not to run open 
relays?


-BEGIN PGP SIGNATURE-
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOTvQIlMwP8g7qbw/EQItAACfX1szqtJck+8SsPxt2A34twUkg1cAniz4
Dejan+IFsKmh9yrWSrQ0wgqI
=iP7n
-END PGP SIGNATURE-
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
 [Tom Waits]



Re: Does someone knows what is this about?

2000-06-05 Thread Will Harris

My 2 rappen/centimes:

 >Second (or higher) level relay _is_ a false positive.

No it's not - positive is positive.  You provide relaying or you 
don't.  Are you or are you not responsible for maintaining some standard of 
net ethics?

 >My ISP has
 >been listed recently because they're doing a smarthost for clueless
 >companies with dial-up connectivity (and no relay checks). What
 >should the poor ISP do?
 >
 >1. Tell the customers to go f*ck themselves and cut their service.

No - advise them of their problem, and suspend mail service until they have 
fixed their faulty servers.

Most ISPs have contracts with their network customers explicity forbidding 
spamming of any kind.  Are you going to ignore your customer's violation of 
the contract?  By allowing customers to run insecure relays and blindly 
forwarding spam, the ISP is probably violating his own contract with his 
upstream service provider...

regards,
Will
__

  "I was going to be a Neo-Deconstructivist, but Mom wouldn't let me..."

multimedia laboratorium  [EMAIL PROTECTED]
institut fuer informatik(pgp id)F703D035
der universitaet zuerich(office) +41  1 635 4346
winterthurerstr. 190(fax)+41  1 635 6809
ch-8057 zuerich (mobile) +41 76 372 0913
switzerland www.ifi.unizh.ch/~harris
__




Re: qmail questions

2000-06-05 Thread John Anderson

Hi,

> > second, i have set up control/virtualdomains without any problems
> > using the good faq. but, i haven't found anything about forwarding
> > emails. let's assume i have set up test-domain.com:testuser in
> > the virtual domain control file. now, any incoming mail is delivered
> > to the local user "testuser". ok, but how to forward i.e. any incoming
> > emails to "[EMAIL PROTECTED]" to i.e. borther-of-
> > [EMAIL PROTECTED] ??
>
> That depends on what package you use to administer virtual domains
> (vpopmail or Bruce Günther's).
>

Are there examples, HowTos or FAQs for both of these anywhere?  It seems that
this question has been asked several different ways over the past few days,
and no answers.

Thanks.


--John



>
>
> -Johan
> --
> Johan Almqvist




Re: Does someone knows what is this about?

2000-06-05 Thread Petr Novotny

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 5 Jun 00, at 18:28, Peter van Dijk wrote:

> > > - ORBS has IMHO too much false positives
> 
> That is impossible. ORBS does not list a machine until it has received
> a relayed test message.

Second (or higher) level relay _is_ a false positive. My ISP has 
been listed recently because they're doing a smarthost for clueless 
companies with dial-up connectivity (and no relay checks). What 
should the poor ISP do?

1. Tell the customers to go f*ck themselves and cut their service.
2. Automagically detect that the customer is being relay-abused.
3. Block ORBS tester.
4. Let the remaining customers suffer because the smarthost is 
blacklisted.


I've been using ORBS for some time, and I ditched it; having multi-
level relays listed was as much "collateral damage" as bombing of 
Chinese Embassy.

-BEGIN PGP SIGNATURE-
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOTvI5FMwP8g7qbw/EQI/KACdElQESFgt423r2AWGF8tVTQMu9oIAn2Km
g/whhuHCPcWJ/NlgT21tKqO8
=No5Z
-END PGP SIGNATURE-
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
 [Tom Waits]



Re: Does someone knows what is this about?

2000-06-05 Thread Ryan Russell

On Mon, 5 Jun 2000, Peter van Dijk wrote:

> That is impossible. ORBS does not list a machine until it has received a
> relayed test message. If you know of any false positives, let me know too
> and I'd be happy to investigate. I have had several people run to me and
> say 'ORBS listed me but I'm not an open relay', and everytime I have been
> able to relay through their servers.

We don't have open relays, never did.  AFAIK, we're still on the
list.  We're there because our address provider does have (or did have) an
bunch of open relays within their space.  Then they blocked ORBS from
being able to check, and ORBS felt forced to list the whole address block,
which includes us.  

Our block may be listed in a different category, that I haven't checked.

Ryan




Re: Does someone knows what is this about?

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 06:13:57PM +0200, IDG New Media Support - André Paulsberg 
wrote:
> > Forget about ORBS. Anyone using/caring about ORBS should reconsider his decision:
> 
> Before giving "judgement" over ORBS, please understand what they are doing
> and the possible effects (both good and bad) for "you" as a mail admin.
> 
[snip]
> 
> > - ORBS does not notify blocked sites about the blockage
> 
> This is not my personal experience nor their written rule,
> as they send E-Mail to either postmaster @ RDNS or IP.

Both, if I recall correctly.

[snip]
> > - ORBS has IMHO too much false positives

That is impossible. ORBS does not list a machine until it has received a
relayed test message. If you know of any false positives, let me know too
and I'd be happy to investigate. I have had several people run to me and
say 'ORBS listed me but I'm not an open relay', and everytime I have been
able to relay through their servers.

> I've yet to see a single false positive,
> not that this means they don't exist.

I don't think they do. The one case mentioned that I see as a possibility
is somebody _responding_ to an open-relay notification by blocking ORBS.
ORBS has no choice other than to keep reporting these machines as open
relays, since it is unable to gather newer info.

> The ongoing "discussion" about ORBS attitude or Alan's personality,
> doesn't seem to come from people who know what ORBS is or does.
> Still they rant about ORBS and it's errors and lack of Internet ethics,
> while failing to give any facts or prove any of their statements.

Yup.

> My personal opinion is that Open Relay server is the number one mail-problem
> on the Internet today, some might say SPAM is but SPAMMERS aren't causing
> a fraction of the possible havoc Open Relay servers COULD create.
> If you don't believe me it's quite simple math to solve the possibility riddle,
> just imagine someone wanting to "knock out" AOL's mailsevers for a few weeks...

Note that I do not use ORBS for blocking on my mailservers. It is my opinion
(which I will not enforce on any of you) that I as an admin should not
enforce ORBS-blocking onto my users. I will eventually allow users to do
ORBS-blocking (and RBL etc.) on a per-account basis, if they want to.

I do encourage the ORBS-project, because it gives people yet another choice
(and nothing more than that). We (Vuurwerk Internet) currently host the ORBS
relay tester, not because of any opinion on relay-blocking but because ORBS
gives people a choice.

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



Re: Does someone knows what is this about?

2000-06-05 Thread Petr Novotny

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 5 Jun 00, at 18:13, IDG New Media Support - André Paulsberg wrote:

> What a mail admin chooses to do with is ORBS information is up to him,
> and he may ignore some or all listings ORBS give out for "admin
> refused".

How can I set up my filters to just use "really open relay" info from
ORBS and throw away "admin refused" unknows?

> > - ORBS does not notify blocked sites about the blockage
>
> This is not my personal experience nor their written rule,
> as they send E-Mail to either postmaster @ RDNS or IP.

Ah. Since when is a mailserver requires to accept e-mails at its
reverse DNS name or IP? That's the problem; I have spoken to
people who never saw to e-mail; why? They don't accept at their
RDNS or IP.


Hell, you have guilty machine's IP. What's so mysterious about
connecting to the machine directly and leave a RCPT
TO: there?


-BEGIN PGP SIGNATURE-
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOTvFZ1MwP8g7qbw/EQJKFwCgtGLHeI4A469Mk1iSKYrp+aIVNRMAnipc
xOdfB3nkkW+cnaGy/iTjH3Og
=KG5N
-END PGP SIGNATURE-



Re: Does someone knows what is this about?

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 12:06:55PM -0400, Len Budney wrote:
> Peter van Dijk <[EMAIL PROTECTED]> wrote:
> > On Mon, Jun 05, 2000 at 10:48:24AM -0500, Mate Wierdl wrote:
> > > > More evidence that the person running ORBS is incompetent.
> > 
> > He's not. I've spoken to him on several occasions and he is quite
> > clueful.
> 
> Not to restart another perennial flame-war, but why then does he
> blacklist people who block his probes? Is it really his intention to
> provide the service of blacklisting both a) open relays and b) people
> who disagree with him?

ORBS is not enforcing any policy on anyone.

And to answer your second question: yes, those are 2 of the services he
provide. However, any admin is free to use none, either or both of these
services. If you want documented open relays blocked but don't care about
sites that block ORBS themselves, you are free to do so.

Check http://www.orbs.org/usingindex.html for slightly more info.

> If he is clueful, then his ethics come into question. He's better off
> being thought clueless, in my book.

I see no problems with his ethics. What he does (and _all_ he does) is test
machines for relaying, and if they do, list them _as_such_. If a machine
blocks his probes, it is listed as one that blocks his probes, NOT as an
open relay. It is up to systems administrators to decide for themselves
what to block and what not.

I question the ethics of any admin blocking ORBS.

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



Re: Does someone knows what is this about?

2000-06-05 Thread IDG New Media Support - André Paulsberg

> Forget about ORBS. Anyone using/caring about ORBS should reconsider his decision:

Before giving "judgement" over ORBS, please understand what they are doing
and the possible effects (both good and bad) for "you" as a mail admin.


> - ORBS blocks "unfriendly" sites criticising ORBS

You should read the ORBS site more carefully,
when it comes their listing policies.
You should also take care when stating that "ORBS blocks" this and that,
since ORBS only lists servers which come under their criteria.

The reason most discussed are their policy to list servers where admins
ask or demand ORBS to not test anymore, this causes ORBS to list
these IP addresse as something like "admin refused to be tested by ORBS".

What a mail admin chooses to do with is ORBS information is up to him,
and he may ignore some or all listings ORBS give out for "admin refused".


> - ORBS does not notify blocked sites about the blockage

This is not my personal experience nor their written rule,
as they send E-Mail to either postmaster @ RDNS or IP.
Where you have this information from is beyond me,
but if you know of any ORBS listed server(s) that hasn't
received any notification please tell us.


> - ORBS has IMHO too much false positives

I've yet to see a single false positive,
not that this means they don't exist.
I have however seen some of their nameservers being "outdated",
causing recently secured server to show up as Open Relays.



The ongoing "discussion" about ORBS attitude or Alan's personality,
doesn't seem to come from people who know what ORBS is or does.
Still they rant about ORBS and it's errors and lack of Internet ethics,
while failing to give any facts or prove any of their statements.

My personal opinion is that Open Relay server is the number one mail-problem
on the Internet today, some might say SPAM is but SPAMMERS aren't causing
a fraction of the possible havoc Open Relay servers COULD create.
If you don't believe me it's quite simple math to solve the possibility riddle,
just imagine someone wanting to "knock out" AOL's mailsevers for a few weeks...


There is about 100'000 Open Relay outputs, getting mail from 150'000 Open Relay inputs:
---
If anyone sent 1 E-Mail containing 1'000'000 random addresses in the "To:" field
and repeating this with all of the 150'000 inputs as their SMTP relay server,
it would generate 150'000'000'000 E-Mails sized 9MB - 16MB with sender "?@aol.com"
that would BOUNCE to and from the AOL servers and various Open Relay outputs.
Total havoc of upto 3'000'000'000'000'000'000 bytes sent to/from AOL servers and 
network,
but "only" took you 1'500'000'000'000 bytes to send (or 135 days at 1Mbps :-)


Regards André Paulsberg





Re: Does someone knows what is this about?

2000-06-05 Thread Ryan Russell

On Mon, 5 Jun 2000, Len Budney wrote:

> Not to restart another perennial flame-war, but why then does he
> blacklist people who block his probes? Is it really his intention to
> provide the service of blacklisting both a) open relays and b) people
> who disagree with him?

As the mail admin for a sire that is in ORBS because my address provider
blocks them, I can speak to this a little bit.

It makes perfect sense, from a certain point of view.  The ORBS guys want
to list relays.  The run across an address block that has a number of open
relays, and the adminitrators of that block aren't responsive to requests
to arrange to have them closed.  ORBS then lists those particular
addresses (their purpose in life.)  In response the provider blocks the
ORBS machines.  The ORBS guys can no longer test for relays, and
especially given what they had found before and the provider's lack of
response, they can only assume there are any number of open relays in the
address block.  

Were they to do otherwise, they'd be fail-open instead of fail-closed.

Ryan




Re: Does someone knows what is this about?

2000-06-05 Thread Len Budney

Peter van Dijk <[EMAIL PROTECTED]> wrote:
> On Mon, Jun 05, 2000 at 10:48:24AM -0500, Mate Wierdl wrote:
> > > More evidence that the person running ORBS is incompetent.
> 
> He's not. I've spoken to him on several occasions and he is quite
> clueful.

Not to restart another perennial flame-war, but why then does he
blacklist people who block his probes? Is it really his intention to
provide the service of blacklisting both a) open relays and b) people
who disagree with him?

If he is clueful, then his ethics come into question. He's better off
being thought clueless, in my book.

Len.

--
Frugal Tip #16:
Dry clean your wax paper for reuse.



Re: Does someone knows what is this about?

2000-06-05 Thread Peter van Dijk

On Mon, Jun 05, 2000 at 10:48:24AM -0500, Mate Wierdl wrote:
> 
> > More evidence that the person running ORBS is incompetent.

He's not. I've spoken to him on several occasions and he is quite clueful.

> I now understand why I get these messages from ORBS dropped into my
> postmaster box.

You will get mail from ORBS in two situations:
- ORBS wants to warn you that they successfully relayed through your
  server.
- an ORBS testmail ends up in your mailbox. This is quite common and
  actually a good thing - it did not get relayed.

Greetz, Peter.
-- 
[EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]



Re: No log??

2000-06-05 Thread clemensF

> Goran Blazic:

> After installing qmail on my system, suddenly there was no logging activity
> anymore... Nothing new gets written into /var/log/messages anymore?!!?

you might post /etc/syslog.conf and /etc/newsyslog.conf for us to check.

-- 
clemens



Re: Does someone knows what is this about?

2000-06-05 Thread Mate Wierdl


> More evidence that the person running ORBS is incompetent.

I now understand why I get these messages from ORBS dropped into my
postmaster box.

In what sense does ORBS think the described behavior of qmail is
insecure? 

What problem do they refer to, anyways?

It certainly is annoying to get these messages from ORBS whenever
someone wants to check my box out via ORBS.

Mate



Re: qmail+maildrop+amavis

2000-06-05 Thread Nuno Ferreira

There are nothing out of the ordinary in the logs.
With this configuration, however I am receiving the same mails several times
and the queue grows, which means I must be injecting the same mail in the
queue instead of forwarding it to another user.

I read the maildrop man page, but I cannot figure it out.

Help would be apreciated,
Thanks

Nuno Ferreira
Departamento de Informática da APCMC
 Tel: 22 5074212
 Fax: 22 5074219
 [EMAIL PROTECTED]
-
- Original Message -
From: "Paul Schinder" <[EMAIL PROTECTED]>
To: "Nuno Ferreira" <[EMAIL PROTECTED]>
Cc: "Qmail mailing-list" <[EMAIL PROTECTED]>
Sent: Monday, June 05, 2000 1:15 PM
Subject: Re: qmail+maildrop+amavis


At 11:59 AM +0100 6/5/00, Nuno Ferreira wrote:
>Alright, what I am seeing is this.
>~/.qmail is working, forward works swell for example, but I either cannot
>get the program (the | program) to work or I can but it is the program
>that's not working.
>
>My specific problem is this:
>
>in ~/.qmail I have
>./Maildir/
>| preline /var/local/bin/maildrop user
>
>in ~/.mailfilter I have
>DEFAULT="./Maildir/"
>if ( /^(To|Cc|From|Reply-To): .*guy_I_want_to_caught*/ )
>to [EMAIL PROTECTED]

What Do The Logs Say (TM)?  In particular, the maildrop log that you
should be writing to since you're having trouble.  man maildropfilter
and look for logfile.

>
>
>other destination never gets the message.
>
>Also, I would really appreciate any info, pointers on AMaVIS and QMail.
>
>TIA,
>
>Nuno Ferreira
>Departamento de Informática da APCMC
>  Tel: 22 5074212
>  Fax: 22 5074219
>  [EMAIL PROTECTED]
>-
>- Original Message -
>From: "Eric Cox" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Monday, June 05, 2000 10:14 AM
>Subject: Re: qmail+maildrop+amavis
>
>
>>
>>
>>  Nuno Ferreira wrote:
>>  >
>>  > Hi,
>>  >
>>  > Two questions.
>>  > Seems my ~/.qmail never gets executed by Qmail, so I am not able to
have
>a
>>  > functional maildrop or procmail. BTW, is ~/.qmail a script that gets
>>  > executed by QMail or is it a file that is read by it to know how to
>perform
>>  > to specific users.
>>
>>  Nope, ~/.qmail isn't a script...
>>
>>  There are copious numbers of man pages that come with the default
>>  installation.  The one you want is 'man dot-qmail'.
>>
>>  Hope that helps,
>>  Eric
>>

--
--
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693
[EMAIL PROTECTED]





Re: Sender domain must resolve

2000-06-05 Thread Bruno Wolff III

On Mon, Jun 05, 2000 at 03:37:30PM +0200,
  Pablo Martínez Schroder <[EMAIL PROTECTED]> wrote:
> Bruno Wolff III wrote:
> > There isn't any MX or A record associated with hidratel.com. Some sites
> > check for the existance of an A record or MX record and refuse email
> > if there isn't one. Not all sites do this. This also might be a problem
> > with only some of the DNS servers authoritative for hidratel.com.
> 
> The domain hidratel.com has a MX record, but it doesn't have any A
> record. Does a domain need to have both records configured? Or it
> depends of the configuration of the other SMTP servers?

You are correct about the mx. When I do wildcard lookups with nslookup
(type=any) I only get the NS records for hidratel.com. When I specifically
ask for MX records I get one.

Domain names in envelope sender addresses don't have to exist. But some
places check this to reduce spam and double bounces.



Re: programming with vpopmail - add account from web

2000-06-05 Thread Peter Green

also sprach Esteban.Prospero:
> Hi everyone!
> Where can I get more information about vpopmail api functions?



> I want to
> make an html page where anyone could pop into and add as a users of
> sqwebmail (a kind of Hotmail). I'm using qmail 1.03 and vpopmail.

Wouldn't it just be easier to throw something together in Perl and execute
VPOPMAILDIR/bin/vadduser, rather than trying to tie into the API?

/pg
-- 
Peter Green : Gospel Communications Network, SysAdmin : [EMAIL PROTECTED]
---
... faster BogoMIPS calculations (yes, it now boots 2 seconds faster than
it used to: we're considering changing the name from "Linux" to "InstaBOOT".
(Linus, in the announcement for 1.3.26)




Re: Large organizations using dnscache?

2000-06-05 Thread Mate Wierdl

On Sun, Jun 04, 2000 at 11:53:29AM -0400, Raul Miller wrote:
> On Sun, Jun 04, 2000 at 10:51:36AM -0400, Bennett Todd wrote:
> > It's worse than that. The original version _did_ explicitly mention
> > qmail (and Postfix) as replacements for sendmail that would settle
> > the security problems. A subsequent revision removed them.
> 
> It would be interesting to know the rationale for the change [was there
> a security problem with postfix?  was compatability with the "sendmail
> standard" seen as the issue?  did they buy into "all sendmail's security
> bugs have been fixed" line?  etc..].

Two remarks (none are dnscache related; sorry):

I just saw a book from Peter Norton on computer security, and it
recommends qmail as a secure replacement for sendmail (it mentions,
but does not recommend postfix).

How would you define "big site" for an MTA?  Ohio State (the
university with the most students in the US) runs qmail on its mail
servers.  This means 64,000 students.

Mate 



programming with vpopmail - add account from web

2000-06-05 Thread "Próspero, Esteban"

Hi everyone!
Where can I get more information about vpopmail api functions? I want to
make an html page where anyone could pop into and add as a users of
sqwebmail (a kind of Hotmail). I'm using qmail 1.03 and vpopmail.

Thanks in advance!!

Esteban Javier Próspero




Under heavy load?

2000-06-05 Thread Alex Povolotsky

Hello!

I'm evaluating qmail performance (qmail with vpopmail, one domain, 1
users) and I've found that under 20 clients queue grows VERY fast.

Each client retreives all mail from given account, and than send some mails
to it. In 3 minutes qmail running on fairly powerful box gives:

messages in queue: 392
messages in queue but not yet preprocessed: 282

while exim doesn't seems to have this problem.

I didn't do anything special with setup. Maybe I should reconfigure
something? 

Alex.

 PGP signature


Re: Sender domain must resolve

2000-06-05 Thread Pablo Martínez Schroder

Bruno Wolff III wrote:
> There isn't any MX or A record associated with hidratel.com. Some sites
> check for the existance of an A record or MX record and refuse email
> if there isn't one. Not all sites do this. This also might be a problem
> with only some of the DNS servers authoritative for hidratel.com.

The domain hidratel.com has a MX record, but it doesn't have any A
record. Does a domain need to have both records configured? Or it
depends of the configuration of the other SMTP servers?



-- 
Pablo Martínez Schroder
Departamento de Administracion de Sistemas



Re: Problems with tcpserver

2000-06-05 Thread Chris Johnson

On Mon, Jun 05, 2000 at 12:29:39PM +0200, Holger Haeffelin wrote:
> I've got some problems with my tcpserver. It is configured to relay for some
> ip-adresses and block all others. I use the latest version of ucspi and I
> installed it as described. For most of the ip-adresses, tcpserver works
> fine, but in some cases, it allows relaying (with setting RELAYCLIENT=""
> !!!) for ip-adresses which should be blocked. My config file looks like
> this:

Huh? It allows relaying with RELAYCLIENT="" for IP addresses which should be
blocked? Setting RELAYCLIENT="" is what you do to allow relaying.

> 123.123.123.123:allow, RELAYCLIENT=""
^
> 123.123.123.:allow,RELAYCLIENT=""
> 123.123.123.123-125:allow, RELAYCLIENT=""
^
> :deny

This may have nothing to do with your problem (and I'm not sure what your
problem is), but you need to remove the space between "allow," and
"RELAYCLIENT"

Also, do you really mean to deny altogether connections from clients to which
you don't want to allow relaying? Do you receive your inbound mail through some
other SMTP server?

Chris



Re: Sender domain must resolve

2000-06-05 Thread Bruno Wolff III

On Mon, Jun 05, 2000 at 12:27:49PM +0200,
  Pablo Martínez Schroder <[EMAIL PROTECTED]> wrote:
> I'm having some problems sending mail to a specific domain...
> 
> When qmail tries to send mail to [EMAIL PROTECTED] from our mail server
> (212.49.139.237) and the sender is [EMAIL PROTECTED], bt.es mail
> server says "Sender domain must resolve".
> 
> This don't happen when the mail server sends mails to others domain, so
> I really do not have a clue of what can be happening. I think it's
> related with DNS, but I don't know what can I be doing wrong, or what it
> supossed to be the right configuration.

There isn't any MX or A record associated with hidratel.com. Some sites
check for the existance of an A record or MX record and refuse email
if there isn't one. Not all sites do this. This also might be a problem
with only some of the DNS servers authoritative for hidratel.com.



Re: How to get QMQP to work

2000-06-05 Thread Frank Tegtmeyer


> How can I get qmail to use QMTP between two boxes that there is a lot of
> traffic between? I tried putting the respective IP adresses in
> /var/qmail/control/qmqpservers, but that didn't do it.

qmqpservers is for QMQP, not for QMTP.

At the moment QMTP is supported by qmail-qmtpd and a program in the 
serialmail package.

Regards, Frank



Re: Does someone knows what is this about?

2000-06-05 Thread Bruno Wolff III

> > - ORBS blocks "unfriendly" sites criticising ORBS
> 
> Is there a site with documentation on this?  I'd like to 
> check it out for myself.

There is a bit more to it then that. Some people who disagree with how the
ORBS is run block their relay tests. The ORBS considers this grounds for
being listed as a potential relay since they can't test the site if their
test messages are blocked. The theory is, that they are worried about sites
blocking them, and not being able to list open relays for those sites.

I don't think this is really a good policy. The downside of the extra
coverage isn't worth the trouble. What they might lose, is the ability to
list some two-stage relays like demon. And blocking of two stage relays
is one of the problems people have with them. They do give the output
of two stage relays a few days to fix or block the input site, so it isn't
as big of a deal as it was.



How to get QMQP to work

2000-06-05 Thread Johan Almqvist

Hi!

How can I get qmail to use QMTP between two boxes that there is a lot of
traffic between? I tried putting the respective IP adresses in
/var/qmail/control/qmqpservers, but that didn't do it.

-Johan
-- 
Johan Almqvist



Re: $HOME/Mailbox delivery

2000-06-05 Thread Will Harris

On 14:24 5.06.2000, Petr Novotny could be heard musing
 >-BEGIN PGP SIGNED MESSAGE-
 >Hash: SHA1
 >
 >Hi,
 >
 >this guy has set up qmail with $HOME/Mailbox delivery. Now he
 >wants to use ipop3d (part of uw-imap, he uses the RedHat 6.2
 >package) with $HOME/Mailbox. Do you have any idea how? Does
 >it run that way "out-of-the-box"?
 >
 >I suggested him to use maildirs but he seems reluctant (not
 >sendmailish enough, pehaps).

The latest versions will use $HOME/mbox if it is there, and 
/var/mail/ otherwise.  The file really is called "mbox", so I 
assume if you use "mbox" instead of "Mailbox" in the .qmail file, it should 
work right away (or make a sym link).

regards,
Will

__

  "I was going to be a Neo-Deconstructivist, but Mom wouldn't let me..."

multimedia laboratorium  [EMAIL PROTECTED]
institut fuer informatik(pgp id)F703D035
der universitaet zuerich(office) +41  1 635 4346
winterthurerstr. 190(fax)+41  1 635 6809
ch-8057 zuerich (mobile) +41 76 372 0913
switzerland www.ifi.unizh.ch/~harris
__




$HOME/Mailbox delivery

2000-06-05 Thread Petr Novotny

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

this guy has set up qmail with $HOME/Mailbox delivery. Now he 
wants to use ipop3d (part of uw-imap, he uses the RedHat 6.2 
package) with $HOME/Mailbox. Do you have any idea how? Does 
it run that way "out-of-the-box"?

I suggested him to use maildirs but he seems reluctant (not 
sendmailish enough, pehaps).

THanks

-BEGIN PGP SIGNATURE-
Version: PGP 6.0.2 -- QDPGP 2.60 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBOTuN6FMwP8g7qbw/EQJtewCdGaUe9RWBTLLIfeHFIK6Vn3Y882oAoMc7
GnBtNZhuh3Z/sDHlfFDpvp1r
=M3ZD
-END PGP SIGNATURE-
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
 [Tom Waits]



A addition for Chris Johnson's tarpit patch.

2000-06-05 Thread Rodrigo Severo

Dear List,


I sent Chris and now I am sending to this list this addition I made for
Chris Johnson's tarpit patch
.

I just made a patch to qmail-smtpd man's page to list the 2 new control
files and environment variables Chris's patch creates.


Rodrigo Severo

-
*** qmail-smtpd.8.orig  Mon Jun 15 07:53:16 1998
--- qmail-smtpd.8   Sat Jun  3 13:50:36 2000
***
*** 162,171 
--- 162,195 
will refuse to run.
The first word of
.I smtpgreeting
should be the current host's name.
.TP 5
+   .I tarpitcount
+   Number of RCPT TOs
+   .B qmail-smtpd
+   will accept before start tarpitting or 0 for no tarpit.
+   
+   If the variable
+   .B TARPITCOUNT
+   is set, it overrides
+   .IR tarpitcount .
+   .TP 5
+   .I tarpitdelay
+   Number of seconds of delay 
+   .B qmail-smtpd
+   will insert after
+   .IR tarpitcount
+   RCPT TOs. See 
+   .IR tarpitcount
+   above.
+   
+   If the variable
+   .B TARPITDELAY
+   is set, it overrides
+   .IR tarpitdelay .
+   .TP 5
.I timeoutsmtpd
Number of seconds
.B qmail-smtpd
will wait for each new buffer of data from the remote SMTP client.
Default: 1200.
- 
-- 
---
Rodrigo Severo
[EMAIL PROTECTED]
Fabrica de Ideias
sbs - ed. empire center - bl. s - sala 109
cep 70070-904 - brasilia-df - brazil
tel: (61) 321 1357
fax: (61) 321 6096
---



Re: qmail+maildrop+amavis

2000-06-05 Thread Paul Schinder

At 11:59 AM +0100 6/5/00, Nuno Ferreira wrote:
>Alright, what I am seeing is this.
>~/.qmail is working, forward works swell for example, but I either cannot
>get the program (the | program) to work or I can but it is the program
>that's not working.
>
>My specific problem is this:
>
>in ~/.qmail I have
>./Maildir/
>| preline /var/local/bin/maildrop user
>
>in ~/.mailfilter I have
>DEFAULT="./Maildir/"
>if ( /^(To|Cc|From|Reply-To): .*guy_I_want_to_caught*/ )
>to [EMAIL PROTECTED]

What Do The Logs Say (TM)?  In particular, the maildrop log that you
should be writing to since you're having trouble.  man maildropfilter
and look for logfile.

>
>
>other destination never gets the message.
>
>Also, I would really appreciate any info, pointers on AMaVIS and QMail.
>
>TIA,
>
>Nuno Ferreira
>Departamento de Informática da APCMC
>  Tel: 22 5074212
>  Fax: 22 5074219
>  [EMAIL PROTECTED]
>-
>- Original Message -
>From: "Eric Cox" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Monday, June 05, 2000 10:14 AM
>Subject: Re: qmail+maildrop+amavis
>
>
>>
>>
>>  Nuno Ferreira wrote:
>>  >
>>  > Hi,
>>  >
>>  > Two questions.
>>  > Seems my ~/.qmail never gets executed by Qmail, so I am not able to have
>a
>>  > functional maildrop or procmail. BTW, is ~/.qmail a script that gets
>>  > executed by QMail or is it a file that is read by it to know how to
>perform
>>  > to specific users.
>>
>>  Nope, ~/.qmail isn't a script...
>>
>>  There are copious numbers of man pages that come with the default
>>  installation.  The one you want is 'man dot-qmail'.
>>
>>  Hope that helps,
>>  Eric
>>

--
--
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693
[EMAIL PROTECTED]



qmail-lspawn hassels

2000-06-05 Thread TAG

Hi ALL,

I have the qmail-mysql (Iain Pattersen patch) running and I get the
following errors:

960186398.488070 delivery 40431:
deferral:Temporary_failure_in_qmail-lspawn./

I get them every minute or so - the local queue has grown considerably
since - ...

Can anyone please shed some light as to why qmail-lspawn would fail??
If there is any information I have left out - please ask..

ALSO is there anyone else out there that is running qmail-mysql on
solaris???

Many thanks
Tonino



Sender domain must resolve

2000-06-05 Thread Pablo Martínez Schroder

I'm having some problems sending mail to a specific domain...

When qmail tries to send mail to [EMAIL PROTECTED] from our mail server
(212.49.139.237) and the sender is [EMAIL PROTECTED], bt.es mail
server says "Sender domain must resolve".

This don't happen when the mail server sends mails to others domain, so
I really do not have a clue of what can be happening. I think it's
related with DNS, but I don't know what can I be doing wrong, or what it
supossed to be the right configuration.

Thanks in advance!
-- 
Pablo Martínez Schroder
Departamento de Administracion de Sistemas



Re: qmail+maildrop+amavis

2000-06-05 Thread Nuno Ferreira

Alright, what I am seeing is this.
~/.qmail is working, forward works swell for example, but I either cannot
get the program (the | program) to work or I can but it is the program
that's not working.

My specific problem is this:

in ~/.qmail I have
./Maildir/
| preline /var/local/bin/maildrop user

in ~/.mailfilter I have
DEFAULT="./Maildir/"
if ( /^(To|Cc|From|Reply-To): .*guy_I_want_to_caught*/ )
   to [EMAIL PROTECTED]


other destination never gets the message.

Also, I would really appreciate any info, pointers on AMaVIS and QMail.

TIA,

Nuno Ferreira
Departamento de Informática da APCMC
 Tel: 22 5074212
 Fax: 22 5074219
 [EMAIL PROTECTED]
-
- Original Message -
From: "Eric Cox" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, June 05, 2000 10:14 AM
Subject: Re: qmail+maildrop+amavis


>
>
> Nuno Ferreira wrote:
> >
> > Hi,
> >
> > Two questions.
> > Seems my ~/.qmail never gets executed by Qmail, so I am not able to have
a
> > functional maildrop or procmail. BTW, is ~/.qmail a script that gets
> > executed by QMail or is it a file that is read by it to know how to
perform
> > to specific users.
>
> Nope, ~/.qmail isn't a script...
>
> There are copious numbers of man pages that come with the default
> installation.  The one you want is 'man dot-qmail'.
>
> Hope that helps,
> Eric
>




Re: Problems with tcpserver

2000-06-05 Thread Frank Tegtmeyer

> fine, but in some cases, it allows relaying (with setting RELAYCLIENT=""
> !!!) for ip-adresses which should be blocked.

Which addresses?

Frank



Re: Why not inetd?

2000-06-05 Thread Gjermund Sorseth

   > I run a relatively low traffic mailserver.
   > It runs qmail smptd and pop3 from inetd.
   > I hear all the time that inetd sucks, but i never hear any reasons why.
   > So my question is: why does inetd sucks?
   >
   > /Magnus Näslund


It does not give the programs it runs any information about the
client, like ip-address etc.  It does not log connections.  It does not
offer any access-control features. It may have a built-in unconfigurable
max-limit as to how many programs it will run per minute or second.
It may call listen() with a too low tcp connection backlog number.

-- 
Gjermund Sorseth



Re: Why not inetd?

2000-06-05 Thread Peter Samuel

On Mon, 5 Jun 2000, Magnus Naeslund wrote:

> I run a relatively low traffic mailserver.
> It runs qmail smptd and pop3 from inetd.
> I hear all the time that inetd sucks, but i never hear any reasons why.
> So my question is: why does inetd sucks?

Two that immediately come to mind:

No inbuilt support for access control - it requires a helper program
such as tcpd from the tcp_wrappers program. tcpserver has this built
in.

It has a rate limiting "feature" whereby it will stop servicing a port
for 10 MINUTES if it thinks the rate of incoming connections is too
high (I have flat lined a remote inetd with qmail-remote from a 14k4
modem). tcpserver doesn't care about rate, it just cares about
simultaneous connections.

Inetd will serve UDP connections which is something tcpserver will not.

Regards
Peter
--
Peter Samuel[EMAIL PROTECTED]
Technical Consultantor at present:
eServ. Pty Ltd  [EMAIL PROTECTED]
Phone: +61 2 9206 3410  Fax: +61 2 9281 1301

"If you kill all your unhappy customers, you'll only have happy ones left"




Problems with tcpserver

2000-06-05 Thread Holger Haeffelin

Hi all,

I've got some problems with my tcpserver. It is configured to relay for some
ip-adresses and block all others. I use the latest version of ucspi and I
installed it as described. For most of the ip-adresses, tcpserver works
fine, but in some cases, it allows relaying (with setting RELAYCLIENT=""
!!!) for ip-adresses which should be blocked. My config file looks like
this:

123.123.123.123:allow, RELAYCLIENT=""
123.123.123.:allow,RELAYCLIENT=""
123.123.123.123-125:allow, RELAYCLIENT=""
:deny

I posted this some time ago with the log entries, but I did not recieve any
answer/hint. Didn't anyone discover this problem with his installation??

Regards,
Holger




Why not inetd?

2000-06-05 Thread Magnus Naeslund

I run a relatively low traffic mailserver.
It runs qmail smptd and pop3 from inetd.
I hear all the time that inetd sucks, but i never hear any reasons why.
So my question is: why does inetd sucks?

/Magnus Näslund




Re: smtp relay setup (faq 5.4)

2000-06-05 Thread Frank Tegtmeyer


> Following FAQ 5.4 steps for relay rules, I was was unsuccessful, but
> tcpd is not where the faq says it will be, so could that be the problem?

Forget tcpd and use ucspi-tcp (tcpserver) instead. It's in the FAQ how to 
do it.

Regards, Frank



Re: patch for authenticate SMTP services

2000-06-05 Thread Krzysztof Dabrowski

At 09:54 2000-06-05 +, Nguyen Hong Son wrote:
>Dear All
>Does someone show me a patch for authentication to SMTP services in qmail ?

http://members.elysium.pl/brush/qmail-smtpd-auth/index.html

K.




qmail Digest 5 Jun 2000 10:00:00 -0000 Issue 1023

2000-06-05 Thread qmail-digest-help


qmail Digest 5 Jun 2000 10:00:00 - Issue 1023

Topics (messages 42648 through 42667):

Re: Does someone knows what is this about?
42648 by: Russell Nelson

mail.log; syslog
42649 by: Attila Csosz

Re: smtp relay setup (faq 5.4)
42650 by: John Stile
42651 by: John Stile

SMTP Size/RFC 1870
42652 by: Einar Bordewich

fastfwd & dot-fordward problem
42653 by: buqtraq list
42654 by: Chris Johnson
42655 by: buqtraq list
42656 by: Chris Johnson

errors for all new email being sent to [EMAIL PROTECTED]
42657 by: Deya Motawie

Re: Scanning outgoing attachments
42658 by: Ricardo D. Albano

Re: Reject mail by Subject field contents
42659 by: Ricardo D. Albano

Re: Syslog is Evil to me!
42660 by: Ricardo D. Albano

qmail lspawn hassels??
42661 by: TAG

No log??
42662 by: Goran Blazic
42665 by: Eric Cox

Sorry, no mailbox ...
42663 by: Goran Blazic

qmail+maildrop+amavis
42664 by: Nuno Ferreira
42666 by: Eric Cox

patch for authenticate SMTP services
42667 by: Nguyen Hong Son

Administrivia:

To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]

To subscribe to the digest, e-mail:
[EMAIL PROTECTED]

To bug my human owner, e-mail:
[EMAIL PROTECTED]

To post to the list, e-mail:
[EMAIL PROTECTED]


--



Rodrigo Severo writes:
 > I was looking at ORBS page about MTAs vulnerabilities and found this
 > about qmail:
 > 
 > -
 > Qmail admins: Qmail's current version is insecure by default. Most
 > admins know enough to follow the instructions for securing it before
 > putting qmail into service, however it usually drops ORBS test messages
 > checking for UUCP pathing vulnerabilities - "! pathing" - into the admin
 > mailbox. As ! is a standard network addressing indicator, this should be
 > regarded as a Qmail bug.
 > -

More evidence that the person running ORBS is incompetent.

-- 
-russ nelson <[EMAIL PROTECTED]>  http://russnelson.com
Crynwr sells support for free software  | PGPok | "Ask not what your country
521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to
Potsdam, NY 13676-3213  | +1 315 268 9201 FAX   | do for you..."  -Perry M.




How to set up qmail or syslog to create entries only in mail.log?
I've entries both mail.log and syslog. I want entries only in mail.log.

Thanks
 Attila
 

-- 
--
- Mail: [EMAIL PROTECTED]; Debian 2.2 Linux  / 2.2.13 / qmail   -
- Get my PGP key: gpg --keyserver keys.pgp.com --recv-key 0x2cc33acb -





With your line in place, I can still recieve mail after the change (so the
extra "tcp-env" was breakign the deamon).

I added the line to my /etd/hosts.allow:
tcp-env: 10.1.4.10: setenv = RELAYCLIENT

When I try to send mail from 10.1.4.10, I get the message:
"An error occured while sending mail.
The mail server responded:
sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
Please check the message recipients and try again."

Eric Cox wrote:

> John Stile wrote:
> >
> > I'm running linux, redhat6.2, with qmail  pop3d and smtp
> > I can receive mail on the server and from a remote netscape client.
> > I can only send mail when logged into the server.
> >
> > Following FAQ 5.4 steps for relay rules, I was was unsuccessful, but
> > tcpd is not where the faq says it will be, so could that be the problem?
> >
> > I found that the only occurrence of tcpd is in /usr/sbin/tcpd, not
> > /usr/local/bin/tcpd.
> > Taking this into account, I added the single line to my /etc/inetd.conf:
> >
> > smtp stream tcp nowait qmaild /usr/sbin/tcpd /var/qmail/bin/tcp-env
> > tcp-env /var/qmail/bin/qmail-smtpd
>
> Mine is almost exactly the same, except there is only one tcp-env
> (all one line):
>
> smtp stream tcp nowait qmaild /usr/sbin/tcpd /var/qmail/bin/tcp-env
> /var/qmail/bin/qmail-smtpd
>
> What happens when you telnet to the POP server?  Like this:
>
> eric@dream:~ > telnet localhost 110
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> +OK <[EMAIL PROTECTED]>
>
> Eric





So stupid.  Dude, that worked.  I had added 10.1.4.10 to /etc/hosts.allow,
and but my client is 192.168.0.10,
so when I changed it, it all works.
Sorry for wasting more space on the mail server.
FAQ's rock!
Eric Cox wrote:

> John Stile wrote:
> >
> > I'm running linux, redhat6.2, with qmail  pop3d and smtp
> > I can receive mail on the server and from a remote netscape client.
> > I can only send mail when logged into the server.
> >
> > Following FAQ 5.4 steps for relay rules, I was was unsuccessful, but
> > tcpd is not where the faq says it will be, so could that be the problem?
> >
> > I found that the only occ

patch for authenticate SMTP services

2000-06-05 Thread Nguyen Hong Son

Dear All
Does someone show me a patch for authentication to SMTP services in qmail ?
Thanks a lot

Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com




Re: qmail+maildrop+amavis

2000-06-05 Thread Eric Cox



Nuno Ferreira wrote:
> 
> Hi,
> 
> Two questions.
> Seems my ~/.qmail never gets executed by Qmail, so I am not able to have a
> functional maildrop or procmail. BTW, is ~/.qmail a script that gets
> executed by QMail or is it a file that is read by it to know how to perform
> to specific users.

Nope, ~/.qmail isn't a script...

There are copious numbers of man pages that come with the default 
installation.  The one you want is 'man dot-qmail'.  

Hope that helps,
Eric



Re: No log??

2000-06-05 Thread Eric Cox

Goran Blazic wrote:
> 
> Hi...
> 
> After installing qmail on my system, suddenly there was no logging activity
> anymore... Nothing new gets written into /var/log/messages anymore?!!?
> 
> Does anyone have any ideas?

What have you checked so far?  Is syslogd still running? 


> Friends are those who, when you must inconvenience them, are less bothered
> by it than you.

Friends will help you move; real friends will help you move a body. 


Eric



qmail+maildrop+amavis

2000-06-05 Thread Nuno Ferreira

Hi,

Two questions.
Seems my ~/.qmail never gets executed by Qmail, so I am not able to have a
functional maildrop or procmail. BTW, is ~/.qmail a script that gets
executed by QMail or is it a file that is read by it to know how to perform
to specific users.

Also I can't seem to get any info on getting amavis working with Qmail. All
the their document says it's ''... integrated due to contribution ...
remains untested"

TIA

Nuno Ferreira
Departamento de Informática da APCMC
 Tel: 22 5074212
 Fax: 22 5074219
 [EMAIL PROTECTED]
-




Sorry, no mailbox ...

2000-06-05 Thread Goran Blazic

Ups, another problem... forgot about it before...

I have a few virtual domain on my system, and now I want to use the mail
address [EMAIL PROTECTED] (the same address on different
domains)...

There was no way to do this, so I somehow tracked it to the fact, that I had
a alias for info in the primary domain on the system
(/var/qmail/alias/.qmail-info). I tried to remove this alias, but the
addresses (info@*) still do not exist?

Any ideas?

Goran

Friends are those who, when you must inconvenience them, are less bothered
by it than you.




No log??

2000-06-05 Thread Goran Blazic

Hi...

This problem might not be directly qmail related, but it is somehow
connected...

After installing qmail on my system, suddenly there was no logging activity
anymore... Nothing new gets written into /var/log/messages anymore?!!?

Does anyone have any ideas? 

Goran

Friends are those who, when you must inconvenience them, are less bothered
by it than you.