[qmailtoaster] newmodel update issues
Hi, I'm having trouble upgrading my qmail toaster system using qtp-newmodel. Would like to have the latest packages. qtp-ami-up2date New Qmail-Toaster Packages Available: available: vpopmail-toaster-5.4.33-1.4.0 (installed: vpopmail-toaster-5.4.17-1.3.7) available: autorespond-toaster-2.0.5-1.4.0 (installed: autorespond-toaster-2.0.4-1.3.6) available: qmailadmin-toaster-1.2.16-1.4.0 (installed: qmailadmin-toaster-1.2.15-1.3.9) available: qmailmrtg-toaster-4.2-1.3.7 (installed: qmailmrtg-toaster-4.2-1.3.6) available: spamassassin-toaster-3.3.2-1.4.3 (installed: spamassassin-toaster-3.2.5-1.3.17) available: clamav-toaster-0.97.6-1.4.2 (installed: clamav-toaster-0.97.3-1.3.44) available: simscan-toaster-1.4.0-1.4.0 (installed: simscan-toaster-1.4.0-1.3.8) available: vqadmin-toaster-2.3.7-1.4.1 (installed: vqadmin-toaster-2.3.4-1.3.6) Specific issue upgrading to qmail-toaster-1.03-1.3.22. Installing vpopmail-toaster-5.4.33-1.4.0 in the sandbox ... Preparing... ## groupadd: group vchkpw exists vpopmail-toaster ## Building qmail-toaster-1.03-1.3.22 ... /usr/src/redhat/RPMS/i686/qmail-toaster-1.03-1.3.22.i686.rpm already exists, qmail-toaster-1.03-1.3.22 not rebuilt Installing qmail-toaster-1.03-1.3.22 in the sandbox ... /usr/src/redhat/RPMS/i686/qmail-toaster-1.03-1.3.22.i686.rpm: not an rpm package (or package manifest): end of log messages qtp-build-rpms - see /mnt/qtp-sandbox/usr/src/qtp-upgrade/log/build-recent.log for more details Build failed, Exiting. Any ideas? Regards George - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] About Pop3/IMAP logs
That's really all about the client software they're using. The only way you would be able to tell on the server is if they allowed their email client to send a read receipt (assuming the original email even called for one), and that still doesn't mean they actually read it. On Wed, Sep 19, 2012 at 9:24 AM, Nikolay Mitev mite...@gmail.com wrote: Hi guys, I want to ask can in the logs pop3/imap activated view Subject: and From: for downloaded emails from end users, they begin to justify that they have do not see certain emails. Best regards, Nikolay
Re: [qmailtoaster] Re: unable to read controls (#4.3.0)
Yes the cert could be a problem. And I too have had an issue with openssl. It was a few months ago though. George On 8/10/2010 8:22 AM, Gary Bowling wrote: Thanks Eric, I may have found the problem, although it has been a bit intermittent so I've not completely declared victory yet. I re-generated my cert for the server and that seems to have resolved it. I wonder if there is something in the new version of openssl as that was installed in the upgrade. Here's all I got when I did a telnet to localhost. qmail]# telnet localhost 587 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 421 unable to read controls (#4.3.0) Connection closed by foreign host. Thanks Gary On 8/10/2010 10:13 AM, Eric Shubert wrote: Gary Bowling wrote: I just updated my OS to the latest version of Centos 5.5 and now I can't send email. I am getting the error an error occurred sending mail: the mail server sent an incorrect greeting: unable to read controls (#4.3.0) Then I get The message could not be sent because the connection to SMTP server mail.gbco.us was lost in the middle of the transaction. Oddly enough, I can't really find any errors in the qmail logs. I thought it was a permissions error in /var/qmail/control but can't find anything there, here's a list of the permissions. drwxr-xr-x 12 root qmail 4096 Jul 19 11:33 .. -rw-r--r-- 1 vpopmail qmail 32 Jul 19 11:31 badloadertypes -rw-r--r-- 1 root root 2048 Aug 10 09:25 badloadertypes.cdb -rw-r--r-- 1 vpopmail qmail 25 Jul 19 11:31 badmailfrom -rw-r--r-- 1 vpopmail qmail 29 Jul 19 11:31 badmailto -rw-r--r-- 1 vpopmail qmail 360 Jul 19 11:31 badmimetypes -rw-r--r-- 1 root root 2048 Aug 10 09:25 badmimetypes.cdb -rw-r--r-- 1 vpopmail qmail 20 Jul 19 11:31 blacklists drwxr-xr-x 2 vpopmail qmail 4096 Jul 19 11:18 certs drwxr-xr-x 2 vpopmail qmail 4096 Sep 11 2009 certtemp lrwxrwxrwx 1 root qmail 14 Jul 19 11:33 clientcert.pem - servercert.pem -rw-r--r-- 1 vpopmail qmail3 Apr 24 2008 concurrencyincoming -rw-r--r-- 1 vpopmail qmail3 Oct 6 2005 concurrencylocal -rw-r--r-- 1 vpopmail qmail3 Oct 6 2005 concurrencyremote -rw-r--r-- 1 vpopmail qmail9 Jul 19 11:31 databytes -rw-r--r-- 1 vpopmail qmail 11 Jun 7 2007 defaultdelivery -rw-r--r-- 1 vpopmail qmail8 Jun 7 2007 defaultdomain -rw-r--r-- 1 vpopmail qmail1 Jul 17 2009 defaulthost -rw-r--r-- 1 vpopmail qmail 245 Aug 10 01:01 dh1024.pem -rw-r--r-- 1 vpopmail qmail 156 Aug 10 01:01 dh512.pem drwxr-xr-x 21 root qmail 4096 Jul 19 11:31 domainkeys -rw-r--r-- 1 vpopmail qmail 887 Sep 20 2006 key -rw-r--r-- 1 vpopmail qmail 963 Sep 20 2006 key.enc -rw-r--r-- 1 vpopmail qmail 13 Jul 26 06:34 locals -rw--- 1 vpopmail qmail0 Jan 19 2007 locals.lock -rw-r--r-- 1 vpopmail qmail3 Jul 28 2009 logcount -rw-r--r-- 1 vpopmail qmail8 Jul 19 11:31 logsize -rw-r--r-- 1 vpopmail qmail 13 Aug 3 2009 me -rw-r--r-- 1 vpopmail qmail2 Apr 21 2006 mfcheck drwxr-xr-x 2 vpopmail qmail 4096 Sep 19 2008 oldcert -rw-r--r-- 1 vpopmail qmail8 Jun 7 2007 plusdomain -rw-r--r-- 1 vpopmail qmail0 Jul 19 11:31 policy -rw-r--r-- 1 vpopmail qmail 187 Oct 18 2005 pop3ds.conf -rw-r--r-- 1 vpopmail qmail7 Oct 6 2005 queuelifetime -rw-r--r-- 1 vpopmail qmail 646 Jul 26 06:34 rcpthosts -rw-r--r-- 1 vpopmail qmail 437 May 2 2006 rcpthosts.backup -rw--- 1 vpopmail qmail0 Jan 19 2007 rcpthosts.lock -rw-r--r-- 1 vpopmail qmail 497 Aug 10 01:01 rsa512.pem -rw-r- 1 vpopmail qmail 497 Sep 20 2006 rsa512.pem.old -rw-r--r-- 1 vpopmail qmail 908 Aug 1 2009 servercert.crt -rw-r--r-- 1 vpopmail qmail 680 Aug 1 2009 servercert.csr -rw-r--r-- 1 vpopmail qmail 891 Aug 1 2009 servercert.key -rw-r--r-- 1 vpopmail qmail 963 Aug 1 2009 servercert.key.enc -rw-r--r-- 1 vpopmail qmail 1799 Aug 1 2009 servercert.pem -rw-r- 1 vpopmail qmail 2359 Feb 2 2009 servercert.pem.old -rw-r--r-- 1 root qmail 1689 Nov 29 2009 servercert.pem.rpmnew -rw-r--r-- 1 clamav root59 Sep 11 2009 simcontrol -rw-r--r-- 1 root root 2129 Aug 10 09:25 simcontrol.cdb -rw-r--r-- 1 vpopmail qmail 82 Apr 25 2008 simcontrol-old -rw-r--r-- 1 vpopmail qmail 250 Jul 20 2009 simmcontrol.internap-server -rw-r--r-- 1 root root 2165 Aug 10 09:25 simversions.cdb -rw-r--r-- 1 vpopmail qmail 14 Aug 2 2009 smtpgreeting -rw-r--r-- 1 vpopmail qmail0 Jul 19 11:31 smtproutes -rw-r--r-- 1 vpopmail qmail2 Jul 19 11:31 spfbehavior -rw-r--r-- 1 vpopmail qmail 247 Aug 3 2009 temp lrwxrwxrwx 1 root root35 Jul 19 11:33 tlsclientciphers - /var/qmail/control/tlsserverciphers -rw-r--r-- 1 vpopmail qmail 600 Jul 19 11:33 tlsserverciphers -rw-r--r-- 1 vpopmail qmail 1148 Jul 26 06:34 virtualdomains -rw--- 1 vpopmail qmail0 Jan 19 2007
Re: [qmailtoaster] Re: Webmail SSL
Scott, When you go to your URL check the certificate details in your browser. This will give you the domain name and valid dates. If these look good, it could be something with the setup. Maybe missing an intermediate certificate or something similar. George On 6/5/2010 6:58 AM, Scott Hughes wrote: Quick question about certificates. I set up my certificate (via GoDaddy) with my correct hostname (mail.SERVERNAME.net). Now I notice if I go to: www.SERVERNAME.net via https, I get a certificate warning. Any way around this or did I mess up with I signed up for the certificate? Thanks, Scott On 6/4/10 10:38 AM, Eric Broch wrote: CJ, I don't use multiple certificates, but I did, in times past, try to find a way to implement it and was glad to see the tutorial posted here for it. Eric -Original Message- From: Maxwell Smart [mailto:c...@yother.com] Sent: Friday, June 04, 2010 9:12 AM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Re: Webmail SSL Eric, Sounds like the exact same configuration as mine. SNI is Server Name Includes and it allows multiple secure connections with a single IP. I am having trouble getting mine to work. Do you use multiple certificates? One for each top level domain? CJ Quoting Eric Broch ebr...@whitehorsetc.com: CJ, Virtual hosts (yes, 5 domains on 1 server), SNI (I don't think so, I'm not really sure what it is???), openssl-0.9.8e-12.el5_4.6 (yes) (i386 and x86_64), gnutls-1.4.1-3.el5_4.8 (yes) (i386 and x86_64). Eric -Original Message- From: Maxwell Smart [mailto:c...@yother.com] Sent: Thursday, June 03, 2010 10:10 PM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Re: Webmail SSL's Eric, Virtual Hosts? Are you using SNI? GnuTLS or SSL? What version OpenSSL? Sorry for so many questions, but a few of us on this list are trying to sort this. CJ Quoting Eric Broch ebr...@whitehorsetc.com: CJ, I secure three sites (domains) on the same server. None of my other clients use webmail Eric B. -Original Message- From: Maxwell Smart [mailto:c...@yother.com] Sent: Thursday, June 03, 2010 6:05 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Webmail SSL Eric, Have you been successful in securing more than one site? CJ Quoting Eric Broch ebr...@whitehorsetc.com: Maxwell Smart wrote: I realize that it's a bit of a hack and I don't like it, but I cannot get it to work correctly otherwise. I just tried your config and it didn't work either. You are using the webmail suffix where I am not. I am trying to get mail.myserver.com to work using SNI. I should be able to have multiple virtual servers using https and I cannot get it to work. I think part of the problem is openssl 0.9.8e SNI requires f and newer. I upgraded on my test server, but I'm still having problems getting it to work correctly. I'll figure it out, it's just frustrating when you read the documentation and it doesn't quite work that way. Then where do you start to troubleshoot. Quoting Eric Shubert e...@shubes.net: I'm not saying that ErrorDocument won't work, just that it's a bit of a hack. The conventional way (and 'better' for a number of reasons) is to use the RewriteEngine. I seem to recall that there's a way to turn on logging for the rewrite engine if you're having a problem with it. Here's the RewriteRule I'm presently using: RewriteRule ^/(webmail.*)$ https://%{SERVER_NAME}/$1 [R=301,L] Upon closer examination, I see that RewriteRule ^(.*/webmail*)$ https://%{SERVER_NAME}$1 [L,R] appears to be missing a period after webmail. I believe that it should be: RewriteRule ^(.*/webmail.*)$ https://%{SERVER_NAME}$1 [L,R] Subtle, but big difference. I believe this would work, the same as the one I'm using above. -- -Eric 'shubes' Maxwell Smart wrote: That's exactly where I am having problems and that's the only way I can get it to work. If I have the welcome.conf enabled it goes to the apache welcome page instead of redirecting and the log file says failed, reason: SSL connection required. If I disable the welcome.conf and include the Error 403 line it works. I was just testing it with the variable when I received this e mail.Quoting Eric Shubert e...@shubes.net: Maxwell Smart wrote: It appears as though you have a default configuration. Replace this in your squirrelmail.conf file. Directory /usr/share/squirrelmail Options None Order allow,deny allow from all /Directory with this Directory /usr/share/squirrelmail RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*/webmail*)$ https://%{SERVER_NAME}$1 [L,R] allow from all Options SSLRequireSSL ErrorDocument 403 https://your.server.com/webmail/; /Directory You will need to change
Re: [qmailtoaster] Re: Webmail SSL
Scott, Guess I answered too quickly. Just noticed different subdomains (www and mail). Unless you have a multi-domain certificate or a wildcard certificate then the certificate is most probably only good for mail.SERVERNAME.net George On 6/5/2010 6:58 AM, Scott Hughes wrote: Quick question about certificates. I set up my certificate (via GoDaddy) with my correct hostname (mail.SERVERNAME.net). Now I notice if I go to: www.SERVERNAME.net via https, I get a certificate warning. Any way around this or did I mess up with I signed up for the certificate? Thanks, Scott On 6/4/10 10:38 AM, Eric Broch wrote: CJ, I don't use multiple certificates, but I did, in times past, try to find a way to implement it and was glad to see the tutorial posted here for it. Eric -Original Message- From: Maxwell Smart [mailto:c...@yother.com] Sent: Friday, June 04, 2010 9:12 AM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Re: Webmail SSL Eric, Sounds like the exact same configuration as mine. SNI is Server Name Includes and it allows multiple secure connections with a single IP. I am having trouble getting mine to work. Do you use multiple certificates? One for each top level domain? CJ Quoting Eric Broch ebr...@whitehorsetc.com: CJ, Virtual hosts (yes, 5 domains on 1 server), SNI (I don't think so, I'm not really sure what it is???), openssl-0.9.8e-12.el5_4.6 (yes) (i386 and x86_64), gnutls-1.4.1-3.el5_4.8 (yes) (i386 and x86_64). Eric -Original Message- From: Maxwell Smart [mailto:c...@yother.com] Sent: Thursday, June 03, 2010 10:10 PM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Re: Webmail SSL's Eric, Virtual Hosts? Are you using SNI? GnuTLS or SSL? What version OpenSSL? Sorry for so many questions, but a few of us on this list are trying to sort this. CJ Quoting Eric Broch ebr...@whitehorsetc.com: CJ, I secure three sites (domains) on the same server. None of my other clients use webmail Eric B. -Original Message- From: Maxwell Smart [mailto:c...@yother.com] Sent: Thursday, June 03, 2010 6:05 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Webmail SSL Eric, Have you been successful in securing more than one site? CJ Quoting Eric Broch ebr...@whitehorsetc.com: Maxwell Smart wrote: I realize that it's a bit of a hack and I don't like it, but I cannot get it to work correctly otherwise. I just tried your config and it didn't work either. You are using the webmail suffix where I am not. I am trying to get mail.myserver.com to work using SNI. I should be able to have multiple virtual servers using https and I cannot get it to work. I think part of the problem is openssl 0.9.8e SNI requires f and newer. I upgraded on my test server, but I'm still having problems getting it to work correctly. I'll figure it out, it's just frustrating when you read the documentation and it doesn't quite work that way. Then where do you start to troubleshoot. Quoting Eric Shubert e...@shubes.net: I'm not saying that ErrorDocument won't work, just that it's a bit of a hack. The conventional way (and 'better' for a number of reasons) is to use the RewriteEngine. I seem to recall that there's a way to turn on logging for the rewrite engine if you're having a problem with it. Here's the RewriteRule I'm presently using: RewriteRule ^/(webmail.*)$ https://%{SERVER_NAME}/$1 [R=301,L] Upon closer examination, I see that RewriteRule ^(.*/webmail*)$ https://%{SERVER_NAME}$1 [L,R] appears to be missing a period after webmail. I believe that it should be: RewriteRule ^(.*/webmail.*)$ https://%{SERVER_NAME}$1 [L,R] Subtle, but big difference. I believe this would work, the same as the one I'm using above. -- -Eric 'shubes' Maxwell Smart wrote: That's exactly where I am having problems and that's the only way I can get it to work. If I have the welcome.conf enabled it goes to the apache welcome page instead of redirecting and the log file says failed, reason: SSL connection required. If I disable the welcome.conf and include the Error 403 line it works. I was just testing it with the variable when I received this e mail.Quoting Eric Shubert e...@shubes.net: Maxwell Smart wrote: It appears as though you have a default configuration. Replace this in your squirrelmail.conf file. Directory /usr/share/squirrelmail Options None Order allow,deny allow from all /Directory with this Directory /usr/share/squirrelmail RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*/webmail*)$ https://%{SERVER_NAME}$1 [L,R] allow from all Options SSLRequireSSL ErrorDocument 403 https://your.server.com/webmail/; /Directory You will need to change the your.server.com to your server name
Re: [qmailtoaster] Re: Webmail SSL
You buy one. Go look at your certificate provider. I costs a lot more though, but offers unlimited subdomain usage. George On 6/5/2010 9:14 AM, Scott Hughes wrote: So how does one do a 'wildcard' certificate? I'm getting close to bringing a new QMT server online and would like to have better certificate results. Thanks, Scott On 6/4/10 6:04 PM, George Varagas wrote: Scott, Guess I answered too quickly. Just noticed different subdomains (www and mail). Unless you have a multi-domain certificate or a wildcard certificate then the certificate is most probably only good for mail.SERVERNAME.net George On 6/5/2010 6:58 AM, Scott Hughes wrote: Quick question about certificates. I set up my certificate (via GoDaddy) with my correct hostname (mail.SERVERNAME.net). Now I notice if I go to: www.SERVERNAME.net via https, I get a certificate warning. Any way around this or did I mess up with I signed up for the certificate? Thanks, Scott On 6/4/10 10:38 AM, Eric Broch wrote: CJ, I don't use multiple certificates, but I did, in times past, try to find a way to implement it and was glad to see the tutorial posted here for it. Eric -Original Message- From: Maxwell Smart [mailto:c...@yother.com] Sent: Friday, June 04, 2010 9:12 AM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Re: Webmail SSL Eric, Sounds like the exact same configuration as mine. SNI is Server Name Includes and it allows multiple secure connections with a single IP. I am having trouble getting mine to work. Do you use multiple certificates? One for each top level domain? CJ Quoting Eric Broch ebr...@whitehorsetc.com: CJ, Virtual hosts (yes, 5 domains on 1 server), SNI (I don't think so, I'm not really sure what it is???), openssl-0.9.8e-12.el5_4.6 (yes) (i386 and x86_64), gnutls-1.4.1-3.el5_4.8 (yes) (i386 and x86_64). Eric -Original Message- From: Maxwell Smart [mailto:c...@yother.com] Sent: Thursday, June 03, 2010 10:10 PM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Re: Webmail SSL's Eric, Virtual Hosts? Are you using SNI? GnuTLS or SSL? What version OpenSSL? Sorry for so many questions, but a few of us on this list are trying to sort this. CJ Quoting Eric Broch ebr...@whitehorsetc.com: CJ, I secure three sites (domains) on the same server. None of my other clients use webmail Eric B. -Original Message- From: Maxwell Smart [mailto:c...@yother.com] Sent: Thursday, June 03, 2010 6:05 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Webmail SSL Eric, Have you been successful in securing more than one site? CJ Quoting Eric Broch ebr...@whitehorsetc.com: Maxwell Smart wrote: I realize that it's a bit of a hack and I don't like it, but I cannot get it to work correctly otherwise. I just tried your config and it didn't work either. You are using the webmail suffix where I am not. I am trying to get mail.myserver.com to work using SNI. I should be able to have multiple virtual servers using https and I cannot get it to work. I think part of the problem is openssl 0.9.8e SNI requires f and newer. I upgraded on my test server, but I'm still having problems getting it to work correctly. I'll figure it out, it's just frustrating when you read the documentation and it doesn't quite work that way. Then where do you start to troubleshoot. Quoting Eric Shubert e...@shubes.net: I'm not saying that ErrorDocument won't work, just that it's a bit of a hack. The conventional way (and 'better' for a number of reasons) is to use the RewriteEngine. I seem to recall that there's a way to turn on logging for the rewrite engine if you're having a problem with it. Here's the RewriteRule I'm presently using: RewriteRule ^/(webmail.*)$ https://%{SERVER_NAME}/$1 [R=301,L] Upon closer examination, I see that RewriteRule ^(.*/webmail*)$ https://%{SERVER_NAME}$1 [L,R] appears to be missing a period after webmail. I believe that it should be: RewriteRule ^(.*/webmail.*)$ https://%{SERVER_NAME}$1 [L,R] Subtle, but big difference. I believe this would work, the same as the one I'm using above. -- -Eric 'shubes' Maxwell Smart wrote: That's exactly where I am having problems and that's the only way I can get it to work. If I have the welcome.conf enabled it goes to the apache welcome page instead of redirecting and the log file says failed, reason: SSL connection required. If I disable the welcome.conf and include the Error 403 line it works. I was just testing it with the variable when I received this e mail.Quoting Eric Shubert e...@shubes.net: Maxwell Smart wrote: It appears as though you have a default configuration. Replace this in your squirrelmail.conf file. Directory /usr/share/squirrelmail
[qmailtoaster] Re: spamassassin whitelist
IMHO it works better with the -h option as now you can use the rDNS feature. This is invaluable in allowing certain known IP's to score low in spamassassin. As for the logging info, spamd/current looks quite similar with the addition of USER_IN_WHITELIST in the rules. George On 5/1/2010 1:31 AM, Jake Vickers wrote: On 04/29/2010 06:49 PM, Eric Shubert wrote: I think I found the problem. In the /var/qmail/supervise/smtp/run file, get rid of the -H option (or change to -h which is the default). Hey Jake (or anyone else), do you recall why the stock QMT is using the -H option with tcpserver for smtp? There is nothing in the spec file notes - I seem to recall there were some changed made in 2006 to make the system faster and this may have been one of the changes since spamassassin may not have used that data at the time. Or it may have been because at the time there was no need to look up the hostname in DNS. Can't really say for sure since there are no notes in the spec file. Have you looked at what this change does to the rest of the components? Does it change logging info? - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] spamassassin whitelist
Thanks Philip. I had added it to /etc/mail/spamassassin/local.cf and have restarted spamassassin. I wanted to check the reverse DNS as opposed to the email domain name only (whitelist_from). I guess I could compromise if I can't get whitelist_from_rcvd to work. I'll wait to see if anyone else has any suggestions before trying it. George On 4/29/2010 7:53 PM, Philip wrote: Hello where did you add it ? Try this : add whitelist_from *...@domainname.com to /etc/mail/spamassassin/local.cf and restart spamassassin It should work -P On 4/29/2010 6:07 AM, George Varagas wrote: Hi, I have installed qmailtoaster and am trying to get whitelist working in spamassassin. I have had it working on an old qmailrocks installation but can't seem to get it going with qmailtoaster. My issue is that if an address is in the whitelist it should subtract 100 from the spam score. An example of what I am using: whitelist_from_rcvd * domainname.com Now when the server receives an email from domainname.com (reverse dns) it does not subtract 100. What am I missing. Thanks, George - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] spamassassin whitelist
Yes I have installed spamdyke and have the domains it there. But that is for pre-processing. Email still goes through spamassassin after spamdyke and that is where it is not scoring correctly - subtracting 100. Cheers George On 4/30/2010 6:07 AM, Postmaster wrote: Did you install spamdyke? Spamdyke checks the reserve dns. Check-out qmailtoaster-plus Rgds Alex On 29/04/2010 12:20, George Varagas wrote: Thanks Philip. I had added it to /etc/mail/spamassassin/local.cf and have restarted spamassassin. I wanted to check the reverse DNS as opposed to the email domain name only (whitelist_from). I guess I could compromise if I can't get whitelist_from_rcvd to work. I'll wait to see if anyone else has any suggestions before trying it. George On 4/29/2010 7:53 PM, Philip wrote: Hello where did you add it ? Try this : add whitelist_from *...@domainname.com to /etc/mail/spamassassin/local.cf and restart spamassassin It should work -P On 4/29/2010 6:07 AM, George Varagas wrote: Hi, I have installed qmailtoaster and am trying to get whitelist working in spamassassin. I have had it working on an old qmailrocks installation but can't seem to get it going with qmailtoaster. My issue is that if an address is in the whitelist it should subtract 100 from the spam score. An example of what I am using: whitelist_from_rcvd * domainname.com Now when the server receives an email from domainname.com (reverse dns) it does not subtract 100. What am I missing. Thanks, George - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: spamassassin whitelist
Header info: Received: from unknown (HELO mail-vw0-f44.google.com) (209.85.212.44) I have in /etc/mail/spamassassin/local.cf whitelist_from_rcvd * google.com whitelist_from_rcvd * gmail.com And the spam score I received 1.9 when it should have been more like -99 or so. George On 4/30/2010 7:23 AM, Eric Shubert wrote: I don't know any reason why whitelist_from_rcvd shouldn't work. Are you seeing the rDNS name in the email's Received: header? George Varagas wrote: Thanks Philip. I had added it to /etc/mail/spamassassin/local.cf and have restarted spamassassin. I wanted to check the reverse DNS as opposed to the email domain name only (whitelist_from). I guess I could compromise if I can't get whitelist_from_rcvd to work. I'll wait to see if anyone else has any suggestions before trying it. George On 4/29/2010 7:53 PM, Philip wrote: Hello where did you add it ? Try this : add whitelist_from *...@domainname.com to /etc/mail/spamassassin/local.cf and restart spamassassin It should work -P On 4/29/2010 6:07 AM, George Varagas wrote: Hi, I have installed qmailtoaster and am trying to get whitelist working in spamassassin. I have had it working on an old qmailrocks installation but can't seem to get it going with qmailtoaster. My issue is that if an address is in the whitelist it should subtract 100 from the spam score. An example of what I am using: whitelist_from_rcvd * domainname.com Now when the server receives an email from domainname.com (reverse dns) it does not subtract 100. What am I missing. Thanks, George - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: spamassassin whitelist
Looking at the headers from other emails coming through another old server running qmailrocks I believe you are right. Looks like the Received should be Received: from mail-vw0-f44.google.com (209.85.212.44) So do we list this as a bug and how do we go about doing this? I guess I will try using whitelist_from and see how I go with that although as I am moving from a setup that uses rDNS I am sure I will have issues as I don't know some of the from addresses. George On 4/30/2010 8:20 AM, Eric Shubert wrote: I don't know for sure, but it looks to me as though qmail should be putting the rDNS name in the Received: header where it presently says unknown. Why this isn't happening I have no idea. I think that's where the problem is though. I expect that if you can find where the rDNS in the Received: line is supposed to be coming from (somewhere in qmail-smtpd), I think you'll find why whitelist_from_rcvd isn't working. This looks like a bug in QMT to me, as all of (the few) headers I looked at say unknown there. :( George Varagas wrote: Header info: Received: from unknown (HELO mail-vw0-f44.google.com) (209.85.212.44) I have in /etc/mail/spamassassin/local.cf whitelist_from_rcvd * google.com whitelist_from_rcvd * gmail.com And the spam score I received 1.9 when it should have been more like -99 or so. George On 4/30/2010 7:23 AM, Eric Shubert wrote: I don't know any reason why whitelist_from_rcvd shouldn't work. Are you seeing the rDNS name in the email's Received: header? George Varagas wrote: Thanks Philip. I had added it to /etc/mail/spamassassin/local.cf and have restarted spamassassin. I wanted to check the reverse DNS as opposed to the email domain name only (whitelist_from). I guess I could compromise if I can't get whitelist_from_rcvd to work. I'll wait to see if anyone else has any suggestions before trying it. George On 4/29/2010 7:53 PM, Philip wrote: Hello where did you add it ? Try this : add whitelist_from *...@domainname.com to /etc/mail/spamassassin/local.cf and restart spamassassin It should work -P On 4/29/2010 6:07 AM, George Varagas wrote: Hi, I have installed qmailtoaster and am trying to get whitelist working in spamassassin. I have had it working on an old qmailrocks installation but can't seem to get it going with qmailtoaster. My issue is that if an address is in the whitelist it should subtract 100 from the spam score. An example of what I am using: whitelist_from_rcvd * domainname.com Now when the server receives an email from domainname.com (reverse dns) it does not subtract 100. What am I missing. Thanks, George - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: spamassassin whitelist
Eric you are my hero! That seems to do the trick. @40004bda10d319c66574 [24165] info: spamd: clean message (-97.6/4.0) for clamav:89 in 0.1 seconds, 2063 bytes. Looking at my old server they have all similar options except no -H or -h. Be interesting to see what Jake thinks. Anyway thanks to all who have helped. George On 4/30/2010 8:49 AM, Eric Shubert wrote: I think I found the problem. In the /var/qmail/supervise/smtp/run file, get rid of the -H option (or change to -h which is the default). Hey Jake (or anyone else), do you recall why the stock QMT is using the -H option with tcpserver for smtp? Eric Shubert wrote: I don't know for sure, but it looks to me as though qmail should be putting the rDNS name in the Received: header where it presently says unknown. Why this isn't happening I have no idea. I think that's where the problem is though. I expect that if you can find where the rDNS in the Received: line is supposed to be coming from (somewhere in qmail-smtpd), I think you'll find why whitelist_from_rcvd isn't working. This looks like a bug in QMT to me, as all of (the few) headers I looked at say unknown there. :( George Varagas wrote: Header info: Received: from unknown (HELO mail-vw0-f44.google.com) (209.85.212.44) I have in /etc/mail/spamassassin/local.cf whitelist_from_rcvd * google.com whitelist_from_rcvd * gmail.com And the spam score I received 1.9 when it should have been more like -99 or so. George On 4/30/2010 7:23 AM, Eric Shubert wrote: I don't know any reason why whitelist_from_rcvd shouldn't work. Are you seeing the rDNS name in the email's Received: header? George Varagas wrote: Thanks Philip. I had added it to /etc/mail/spamassassin/local.cf and have restarted spamassassin. I wanted to check the reverse DNS as opposed to the email domain name only (whitelist_from). I guess I could compromise if I can't get whitelist_from_rcvd to work. I'll wait to see if anyone else has any suggestions before trying it. George On 4/29/2010 7:53 PM, Philip wrote: Hello where did you add it ? Try this : add whitelist_from *...@domainname.com to /etc/mail/spamassassin/local.cf and restart spamassassin It should work -P On 4/29/2010 6:07 AM, George Varagas wrote: Hi, I have installed qmailtoaster and am trying to get whitelist working in spamassassin. I have had it working on an old qmailrocks installation but can't seem to get it going with qmailtoaster. My issue is that if an address is in the whitelist it should subtract 100 from the spam score. An example of what I am using: whitelist_from_rcvd * domainname.com Now when the server receives an email from domainname.com (reverse dns) it does not subtract 100. What am I missing. Thanks, George - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] spamassassin whitelist
Hi, I have installed qmailtoaster and am trying to get whitelist working in spamassassin. I have had it working on an old qmailrocks installation but can't seem to get it going with qmailtoaster. My issue is that if an address is in the whitelist it should subtract 100 from the spam score. An example of what I am using: whitelist_from_rcvd * domainname.com Now when the server receives an email from domainname.com (reverse dns) it does not subtract 100. What am I missing. Thanks, George - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: verizon and sprint
They're not blackberry phones, are they? http://technowtf.blogspot.com/2010/04/blackberry-phones-do-not-allow-use-of.html Also you might try changing the smtp port to 465 or 587. Then if it's really Sprint/Verizon intercepting the packets destined for your mailserver, maybe it only cares about packets destined for port 25? -George On Mon, Apr 26, 2010 at 10:57 AM, Eric Shubert e...@shubes.net wrote: Eric Broch wrote: Hello list, I have 2 users sending email from cell phones and using their Qmail Toasters as outgoing mail servers. It seems that somehow the cell phone company, Verizon and Sprint in these cases, is somehow implementing an intermediary server between the Toaster and the cell phone. This intermediary server is blacklisted on zen.spamhaus.org. Is there a way to un-blacklist these servers on the Qmail Toaster without removing zen.spamhaus.org from the blacklist file? Eric If there's an intermediary server, then they're not using their QMT as the outgoing server. Email would only reach the QMT host if the message was destined to a domain on the QMT host. It this correct? If not, then I'm not understanding the problem correctly. If you're not using spamdyke, I don't know of a way around this problem. If you're using spamdyke, you can whitelist the Verizon and Sprint servers (I would whitelist their rDNS names) to bypass RBL (as well as all other) filters. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: X-SPAM Headers missing from emails
I followed the spamdyke installation here: http://wiki.qmailtoaster.com/index.php/Spamdyke http://wiki.qmailtoaster.com/index.php/SpamdykeEverything seemed to be working fine, except, unfortunately it broke TLS on SMTP so I had to disable it. with spamdyke: Starting TLS... STARTTLS [220] 'Proceed.' Using cipher: AES256-SHA Then the email would get delivered without TLS in the header. When I disabled spamdyke again: Starting TLS... STARTTLS [220] 'ready for tls' Using cipher: DHE-RSA-AES256-SHA The email headers confirmed it successfully encrypted during smtp session. Right now I have it off... any idea why this might have happened? Thanks On Mon, Mar 29, 2010 at 3:02 PM, Eric Shubert e...@shubes.net wrote: Also check your /var/qmail/control/simcontrol file. Should be set to scan by default though. Does smtp or spamd log show any result of scanning? BTW, I highly recommend using spamdyke. That will reject 80+% of spam without even receiving it, so spamassassin and clamav have a lot less work to do. Your server will breath easier. -- -Eric 'shubes' Postmaster wrote: Have you tried spamassassin -D --lint Also see if you have all necessary plugins uncommented/perl dependencies. Regards Alex On 29/03/2010 19:16, George Alexander wrote: I recently moved my mailserver from an old qmailtoaster install to the newest (as of right now). The only things that stayed from the old server were the contents of /home/vpopmail/domains/mydomain.tld The server is setup on CentOS 5.4 64bit from scratch following the guide on the wiki. We're still getting email, and everything is working fine on the new server, except some spam keeps coming in. Normally I would now go adjust scores in 50_scores.cf http://50_scores.cf to ensure it doesn't come in anymore, but there are no spam headers on the email for me to look at the tests that the spam passed. What do I need to do to make sure they're there? Here's my /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 Here's my /etc/mail/spamassassin/local.cf http://local.cf ok_locales all skip_rbl_checks 1 required_score 5 report_safe 0 rewrite_header Subject ***SPAM*** use_pyzor 1 use_auto_whitelist 1 use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 Anybody else have any ideas? thanks - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] New ClamAV and Squirrelmail
2 packages are now out of date on the toaster: http://www.clamav.net/lang/en/2010/04/02/announcing-clamav-0-96/ http://squirrelmail.org/index.php Just thought I'd give y'all the heads up Thanks
[qmailtoaster] X-SPAM Headers missing from emails
I recently moved my mailserver from an old qmailtoaster install to the newest (as of right now). The only things that stayed from the old server were the contents of /home/vpopmail/domains/mydomain.tld The server is setup on CentOS 5.4 64bit from scratch following the guide on the wiki. We're still getting email, and everything is working fine on the new server, except some spam keeps coming in. Normally I would now go adjust scores in 50_scores.cf to ensure it doesn't come in anymore, but there are no spam headers on the email for me to look at the tests that the spam passed. What do I need to do to make sure they're there? Here's my /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 Here's my /etc/mail/spamassassin/local.cf ok_locales all skip_rbl_checks 1 required_score 5 report_safe 0 rewrite_header Subject ***SPAM*** use_pyzor 1 use_auto_whitelist 1 use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 Anybody else have any ideas? thanks
Re: [qmailtoaster] X-SPAM Headers missing from emails
Thanks! I read that somewhere already but I was looking at it all wrong. This time I noticed the lines that said: module not installed Thanks! On Mon, Mar 29, 2010 at 1:22 PM, Postmaster postmas...@seawise-chartering.co.uk wrote: Have you tried spamassassin -D --lint Also see if you have all necessary plugins uncommented/perl dependencies. Regards Alex On 29/03/2010 19:16, George Alexander wrote: I recently moved my mailserver from an old qmailtoaster install to the newest (as of right now). The only things that stayed from the old server were the contents of /home/vpopmail/domains/mydomain.tld The server is setup on CentOS 5.4 64bit from scratch following the guide on the wiki. We're still getting email, and everything is working fine on the new server, except some spam keeps coming in. Normally I would now go adjust scores in 50_scores.cf to ensure it doesn't come in anymore, but there are no spam headers on the email for me to look at the tests that the spam passed. What do I need to do to make sure they're there? Here's my /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 Here's my /etc/mail/spamassassin/local.cf ok_locales all skip_rbl_checks 1 required_score 5 report_safe 0 rewrite_header Subject ***SPAM*** use_pyzor 1 use_auto_whitelist 1 use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 Anybody else have any ideas? thanks
Re: [qmailtoaster] auto detach
I've got maildrop to work, I think I missed the install step. Just to recap for other goofs like me ... fdr60 specific, source in /usr/src/qtms-install rpm -e qmailadmin-toaster rpmbuild --rebuild --with fdr60 --define 'spambox 1' qmailadmin-toaster-*.src.rpm rpm -Uvh /usr/src/redhat/RPMS/i386/qmailadmin-toaster*.rpm Once complete, logon to qmailadmin and you should be able to click on spam box checkbox. Once you do that, you should see the following in user .qmail |/var/qmail/bin/preline /usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' /etc/mail/mailfilter You should see log file in /var/log/maildrop. Now I have to plug in my script somehow... George I have setup a .qmail for one user with this content |/var/qmail/bin/preline /usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' /etc/mail/mailfilter Nothing happens, there is no log in /var/log/maildrop. I have also followed the FAQ in http://wiki.qmailtoaster.com/index.php/FAQs to get the maildrop to work but no joy. any ideas ? George George Mogielnicki wrote: Hi; I need to run ripmime on either incoming or already delivered email to detach specific pdf documents (this is for an asterisk related fax gateway). Currently I run a cron job against MailDir of a domain and am able to detach required pdf's. I would prefer to run my script when the mail is delivered, not from cron, this should improve concurrency of processes. Is there a way to insert my custom script somewhere ? You could use a .mailfilter in the directory and use the maildrop commands (which can call other scripts as well). - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] auto detach
As it turns out, to plug in your own script is quite easy. All I had to do was to place the following in .mailfilter `/tmp/test/test.pl` and the mail file is passed in the stdin to the script. Is there an easy way to enable .mailfilter domain wise? /etc/ mail/mailfilter seems to include rules for users only. I could modify /etc/mail/mailfilter I suppose... Jake - thanks for the initial hint. George I've got maildrop to work, I think I missed the install step. Just to recap for other goofs like me ... fdr60 specific, source in /usr/src/qtms-install rpm -e qmailadmin-toaster rpmbuild --rebuild --with fdr60 --define 'spambox 1' qmailadmin-toaster-*.src.rpm rpm -Uvh /usr/src/redhat/RPMS/i386/qmailadmin-toaster*.rpm Once complete, logon to qmailadmin and you should be able to click on spam box checkbox. Once you do that, you should see the following in user .qmail |/var/qmail/bin/preline /usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' /etc/mail/mailfilter You should see log file in /var/log/maildrop. Now I have to plug in my script somehow... George I have setup a .qmail for one user with this content |/var/qmail/bin/preline /usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' /etc/mail/mailfilter Nothing happens, there is no log in /var/log/maildrop. I have also followed the FAQ in http://wiki.qmailtoaster.com/index.php/FAQs to get the maildrop to work but no joy. any ideas ? George George Mogielnicki wrote: Hi; I need to run ripmime on either incoming or already delivered email to detach specific pdf documents (this is for an asterisk related fax gateway). Currently I run a cron job against MailDir of a domain and am able to detach required pdf's. I would prefer to run my script when the mail is delivered, not from cron, this should improve concurrency of processes. Is there a way to insert my custom script somewhere ? You could use a .mailfilter in the directory and use the maildrop commands (which can call other scripts as well). - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] auto detach
Hi; I need to run ripmime on either incoming or already delivered email to detach specific pdf documents (this is for an asterisk related fax gateway). Currently I run a cron job against MailDir of a domain and am able to detach required pdf's. I would prefer to run my script when the mail is delivered, not from cron, this should improve concurrency of processes. Is there a way to insert my custom script somewhere ? Thanks; George - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] auto detach
I have setup a .qmail for one user with this content |/var/qmail/bin/preline /usr/bin/maildrop -A 'Content-Filter: maildrop-toaster' /etc/mail/mailfilter Nothing happens, there is no log in /var/log/maildrop. I have also followed the FAQ in http://wiki.qmailtoaster.com/index.php/FAQs to get the maildrop to work but no joy. any ideas ? George George Mogielnicki wrote: Hi; I need to run ripmime on either incoming or already delivered email to detach specific pdf documents (this is for an asterisk related fax gateway). Currently I run a cron job against MailDir of a domain and am able to detach required pdf's. I would prefer to run my script when the mail is delivered, not from cron, this should improve concurrency of processes. Is there a way to insert my custom script somewhere ? You could use a .mailfilter in the directory and use the maildrop commands (which can call other scripts as well). - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] Permission problems after removing domain
Hi, I have qmail toaster running on FC5 Each time I remove a domain using vqadmin the /var/qmail/control/rcpthosts file gets root owner and 600 permissions which breaks SMTP with the following error: 21 unable to read controls (#4.3.0) The only to fix is to manually chmod that file with read permissions. Is there a permanent fix for this? Please help Thanks - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] Qmail Toaster - Times out on certain SMTP connections - Status 256
Hi, I'm using the latest update of QTP but something appears broken. I am seeing errors in the SMTP log where the connection appears to timeout and returns a status of 256. It only happens with a couple of specific connections - but they are important ones ie Paypal and Amazon! 98% of connections are fine - something seems to freeze or prevent data coming in. I obtained the script using recordio. Using FIXCRIO seems to block the server, each connection never completes. Until recently this was not a problem - I cannot be sure whether it is the Qmail Toaster upgrade or whether the remote MX's have changed and are causing the problem. Here is the log output. ( I have obfuscated ip addresses ) 2008-11-16 18:59:53.133233500 tcpserver: pid 11346 from 87.xxx.84.26 2008-11-16 18:59:53.133307500 tcpserver: ok 11346 ip-72-xxx-47-196.ip.secureserver.net:72.xxx.47.196:25 :87.xxx.84.26::48913 008-11-16 18:59:56.292441500 11346 220 MYSERVER - Welcome to SMTP Server ESMTP 008-11-16 18:59:56.433152500 11346 EHLO mm-retail-out-12102.amazon.com 008-11-16 18:59:56.433194500 11346 250-MTSERVER - Welcome to SMTP Server 008-11-16 18:59:56.433196500 11346 250-STARTTLS 008-11-16 18:59:56.433210500 11346 250-PIPELINING 008-11-16 18:59:56.433211500 11346 250-8BITMIME 008-11-16 18:59:56.433212500 11346 250-SIZE 20971520 008-11-16 18:59:56.433213500 11346 250 AUTH LOGIN PLAIN CRAM-MD5 008-11-16 18:59:56.574199500 11346 MAIL FROM:[EMAIL PROTECTED] SIZE=46021 2008-11-16 18:59:56.702990500 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote mm-retail-out-12102.amazon.com:unknown:87.xxx.84.26 rcpt : sender accepted 2008-11-16 19:04:56.531551500 11346 [EOF] 008-11-16 19:06:14.701562500 11346 451 SPF lookup failure (#4.3.0) 2008-11-16 19:06:14.701648500 11346 [EOF] 2008-11-16 19:06:14.701709500 tcpserver: end 11346 status 256 ## HELP! Any clues as to what is happenning and how to fix this or patch it would be appreciated. thanks! George - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Qmail Toaster - Times out on certain SMTP connections - Status 256
Thanks for the quick response, unfortunately, it did not fix the issue. I modified spfbehavior and changed the value to 1. I then did qmailctl restart . Is that sufficient? The problem is still there. If you look at the log in my original mail there appears to be a 5 minute pause between CHKUSR accepting sender and the remote server giving up and sending an [EOF]. The SPF error appears after this and therefore I suspect it is not the root of the issue. It looks like the remote server is waiting for some kind of response before sending any further data, also the amount of initial data sent by the remote server seems small compared with normal interactions ... OR qmail_smtp is failing to read the data ... I am currently only experiencing this problem fom Paypal and Amazon MXs - everything else works perfectly. The remote severs continue to to try to resend the mails. Your help is already much appreciated! Thanks George Jake Vickers wrote: George wrote: 008-11-16 19:06:14.701562500 11346 451 SPF lookup failure (#4.3.0) 2008-11-16 19:06:14.701648500 11346 [EOF] 2008-11-16 19:06:14.701709500 tcpserver: end 11346 status 256 ## HELP! Any clues as to what is happenning and how to fix this or patch it would be appreciated. Change /var/qmail/control/spfbehavior from 3 to 1. It's failing SPF lookups. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] best way to whitelist a certain address
I tried qmailctl restart and not all of the spamd processes had new time stamps, so I don't have a warm fuzzy feeling. George Toft, CISSP Brent Gardner wrote: Jake Vickers wrote: Helmut Fritz wrote: Hmmm...does 'pkill -HUP spamd' not work ***well***? Are there config files that need rebuilding? It might - never tried. My script uses the proper way, by utilizing the daemontools commands (the processes are started by daemontools). What about qmailctl restart? When I issue qmailctl stop, then ps aux | grep spam, there's no result except my grep process. Brent Gardner - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] best way to whitelist a certain address
I whitelisted a sender by adding the e-mail address to /etc/mail/spamassassin/local.cf and then restarting qmail. The headers show my change worked: X-Spam-Report: * 3.0 INVESTMENT_ADVICE BODY: Message mentions investment advice * 0.0 HTML_MESSAGE BODY: HTML included in message * 0.2 AWL AWL: From: address is in the auto white-list however, by having the address in the whitelist, my spam score went up. I thought it was supposed to go down by 100, not up by 0.2. What else do I need to do? I couldn't find anything on the QMT Wiki. George Toft, CISSP dnk wrote: Since I have not yet dug deep into the internals of a toaster, I was wondering what is the best way to whitelist a particular address? Or I guess it would be better to whitelist the server or something. In a nutshell, i have a bash script running on an unrelated machine that emails me some data (the other machine is not a proper mail server with DNS records, etc), so the emails it generates are getting stopped on my toaster, but show on a different server that has a looser set of spam settings And I know i will likely have to cover this for our nagios box (as we are getting ready to move our mail company mail server to a toaster) regards, dnk - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Using QMT to pass form contents
I have seen this solution in place at large companies, but have not seen a script. What comes to mind is: - have letters/number (one character) in image format stored on the server - concatenate them together in a fashion that makes sense to you, but is not obviously predictable - Store the sequence that was issued - When the form comes back, make sure it contains a sequence that was stored - expire the store after an hour I don't remember the name of the technology - something like AYAH (Are You A Human?). George Toft, CISSP Richard Starkie wrote: Hi George, Thanks for your reply, can you advise how I would the image reffered to in suggestion 3 as this is closest to my idea MT Rich -Original Message- From: George Toft [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: 31/08/07 14:42 Subject: Re: [qmailtoaster] Using QMT to pass form contents There are two ways to do this: 1. Cheesmo: form method=post action=mailto:[EMAIL PROTECTED] 2. Better: Have the form processor on the back-end e-mail the script. Matt's scripts do this. (Google Matts archive formmail) 3. Even better: Do #2, but have a box that the user has to fill in to prove a human is on the other side instead of a spam engine. Beware, putting a form on your site WILL increase your spam. George Toft, CISSP Richard Starkie wrote: First let me apologise if this is actually OT. I am trying to write a script that will pass the contents from a html form on the same server to a QMT user account. If anyone can either help with writing or pointing me in the right direction of a free repository with a suitable script I would be greatful MT Rich - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Opinions wanted
I use the Center for Internet Security Red Hat Enterprise Linux Benchmark (http://cisecurity.org/bench_linux.html) to lock down the server. I took the portions in bold courier and put them in a shell script. For SN6, I have this: # SN.6 Evaluate Every Installed Package echo Evaluate Every Installed Package . . . rpm -e nc rp-pppoe alsa-utils bluez-hcidump \ dosfstools bluez-bluefw mt-st rdate rsh wireless-tools \ pdksh bluez-utils dhclient yp-tools libvorbis \ system-config-soundcard sox finger rdist tcsh isdn4k-utils \ ppp wvdial ypbind squid spamassassin dovecot mysql-devel \ openssl-devel e2fsprogs-devel zlib-devel krb5-devel \ mkbootdisk NetworkManager I also added this: # Activate slocate echo Updating the slocate database . . . cd /etc cp -p updatedb.conf updatedb.conf.orig sed -e s/DAILY_UPDATE=no/DAILY_UPDATE=yes/g \ updatedb.conf.orig updatedb.conf /etc/cron.daily/slocate.cron Shameless plug: I was the lead developer on this Benchmark (http://www.cisecurity.org/honor_roll.html). Regards, George Toft, CISSP Kyle Quillen wrote: Hey all, What are some suggestions for a post install script that could be ran to further harden a toaster system? This is something that I think I can contribute if you guys give me a list of things you think you would like to see the script install/setup. Or is it good the way it is and should I just leave it alone? Thanks Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Unwanted Login Attempts
So you have this running monitoring the vpopmail service? ACZoom indicates this can be done (in a generic fashion), but I did not see any how-to on implementing it. Can you share how you did it? Regards, George Google is your friend: http://freshmeat.net/projects/blockhosts/ http://www.aczoom.com/cms/blockhosts http://brneurosci.org/linuxsetup79.html http://www.aczoom.com/tools/blockhosts/ I was skeptical at first, but it's doing a great job on my end. Harry On Aug 8, 2007, at 5:00 PM, George Toft wrote: Please provide more information. George Toft, CISSP, MSIS 623-203-1760 Harry Zink wrote: Install BlockHosts - it takes care of these kind of hack attempts really fast. Harry On Aug 7, 2007, at 6:04 PM, George Toft wrote: If you offer POP service to the Internet, this is going to happen. You could add an iptables rule to block everyone, except the IP address of users on your system, but if their IP address changes, you get a trouble ticket from a user who can't get their mail. You will spend lots of time chasing your own users. Not fun. Make sure your system is patched and built using the QMT scripts. The firewall is very good. I run yum update weekly to keep it up to date. What I do when this happens is look in /var/log/maillog for the IP address of the offender. Then run whois IP ADDR to get the ISP of the offender. If it is in the US/Canada, I fire off an e- mail with the logs (/var/log/maillog) to the abuse address and I use the key words brute force attack on our mail server and please address this AUP violation with your subscriber. If the attack is from China, I don't even waste my time. When I was at a web hosting company, we took these complaints seriously. Maybe it works, maybe not. I've never had a repeat attack. I did have a BF attack from Argentina that went on for hours. I e-mailed the ISP and it stopped about 15 minutes later. George Toft, CISSP, MSIS 623-203-1760 Francisco Paco Peralta wrote: Hello list, I am looking for a way to minimize the rogue attempts to login to my system. Any suggestions are welcome. I get a logwatch report every morning and have been getting the results. While it doesn't happen every day I would like to minimize my exposure. See Below: - vpopmail Begin No Such User Found: *@ - 1 Time(s) 0246@ - 1 Time(s) 12345678@ - 1 Time(s) 123456@ - 1 Time(s) 1234@ - 1 Time(s) 123@ - 1 Time(s) 123abc@ - 1 Time(s) 1q2w3e@ - 1 Time(s) a1b2c3@ - 1 Time(s) abc123@ - 1 Time(s) amanda@ - 1 Time(s) andrew@ - 1 Time(s) apple@ - 1 Time(s) asshole@ - 1 Time(s) bandit@ - 1 Time(s) baseball@ - 1 Time(s) beavis@ - 1 Time(s) buster@ - 1 Time(s) chris@ - 1 Time(s) computer@ - 1 Time(s) cowboys@ - 1 Time(s) dakota@ - 1 Time(s) dallas@ - 1 Time(s) daniel@ - 1 Time(s) david@ - 1 Time(s) diamond@ - 1 Time(s) dragon@ - 1 Time(s) falcon@ - 1 Time(s) fiction@ - 1 Time(s) foobar@ - 1 Time(s) fred@ - 1 Time(s) friends@ - 1 Time(s) george@ - 1 Time(s) harley@ - 1 Time(s) hatton@ - 1 Time(s) hello@ - 1 Time(s) hockey@ - 1 Time(s) internet@ - 2 Time(s) jennifer@ - 1 Time(s) jessica@ - 1 Time(s) jordan@ - 2 Time(s) joshua@ - 1 Time(s) justin@ - 1 Time(s) maddock@ - 1 Time(s) maggie@ - 1 Time(s) michael@ - 1 Time(s) michelle@ - 1 Time(s) mickey@ - 2 Time(s) mike@ - 1 Time(s) monday@ - 1 Time(s) money@ - 1 Time(s) monkey@ - 1 Time(s) mustang@ - 1 Time(s) newpass@ - 1 Time(s) newuser@ - 1 Time(s) nicole@ - 1 Time(s) notused@ - 1 Time(s) orange@ - 1 Time(s) pascal@ - 1 Time(s) passwd@ - 1 Time(s) password@ - 1 Time(s) patrick@ - 1 Time(s) pepper@ - 1 Time(s) purple@ - 1 Time(s) qwerty@ - 2 Time(s) richard@ - 1 Time(s) robert@ - 1 Time(s) school@ - 1 Time(s) sendit@ - 1 Time(s) shadow@ - 1 Time(s) silver@ - 1 Time(s) smokey@ - 1 Time(s) snoopy@ - 1 Time(s) soccer@ - 1 Time(s) sports@ - 1 Time(s) stupid@ - 1 Time(s) summer@ - 2 Time(s) sunshine@ - 1 Time(s) test@ - 1 Time(s) thomas@ - 1 Time(s) undead@ - 1 Time(s) vikings@ - 1 Time(s) wheeling@ - 1 Time(s) **Unmatched Entries** vchkpw-smtp: invalid user/domain characters null:xxx.xxx.xxx.xxx vchkpw-smtp: invalid user/domain characters [EMAIL PROTECTED]:xxx.xxx.xxx.xxx -- vpopmail End - Francisco Paco Peralta - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: qmailtoaster-list- [EMAIL PROTECTED] mailto:qmailtoaster-list- [EMAIL PROTECTED] For additional commands, e-mail: qmailtoaster-list- [EMAIL PROTECTED] mailto:qmailtoaster-list- [EMAIL PROTECTED] --- */Andrew Young/* /Remember your biggest obstacle to success is the absence of execution
Re: [qmailtoaster] switchover
One more tip: Make sure your reverse DNS for your new server is set up. Comcast and AOL reject mail that does not have reverse DNS set up correctly. See http://postmaster.info.aol.com/errors/421dnsnr.html George Toft, CISSP, MSIS 623-203-1760 Naveen wrote: Dear list, Presently my company using ALT N MDaemon , and we would like to change our mail server to Qmail Toaster. I already installed Qmail with QMT-ISO. Can some one suggest me that the best way to change over to qmail from Mdaemon with out down time or may be less down time. Regads, Naveen - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Unwanted Login Attempts
Please provide more information. George Toft, CISSP, MSIS 623-203-1760 Harry Zink wrote: Install BlockHosts - it takes care of these kind of hack attempts really fast. Harry On Aug 7, 2007, at 6:04 PM, George Toft wrote: If you offer POP service to the Internet, this is going to happen. You could add an iptables rule to block everyone, except the IP address of users on your system, but if their IP address changes, you get a trouble ticket from a user who can't get their mail. You will spend lots of time chasing your own users. Not fun. Make sure your system is patched and built using the QMT scripts. The firewall is very good. I run yum update weekly to keep it up to date. What I do when this happens is look in /var/log/maillog for the IP address of the offender. Then run whois IP ADDR to get the ISP of the offender. If it is in the US/Canada, I fire off an e-mail with the logs (/var/log/maillog) to the abuse address and I use the key words brute force attack on our mail server and please address this AUP violation with your subscriber. If the attack is from China, I don't even waste my time. When I was at a web hosting company, we took these complaints seriously. Maybe it works, maybe not. I've never had a repeat attack. I did have a BF attack from Argentina that went on for hours. I e-mailed the ISP and it stopped about 15 minutes later. George Toft, CISSP, MSIS 623-203-1760 Francisco Paco Peralta wrote: Hello list, I am looking for a way to minimize the rogue attempts to login to my system. Any suggestions are welcome. I get a logwatch report every morning and have been getting the results. While it doesn't happen every day I would like to minimize my exposure. See Below: - vpopmail Begin No Such User Found: *@ - 1 Time(s) 0246@ - 1 Time(s) 12345678@ - 1 Time(s) 123456@ - 1 Time(s) 1234@ - 1 Time(s) 123@ - 1 Time(s) 123abc@ - 1 Time(s) 1q2w3e@ - 1 Time(s) a1b2c3@ - 1 Time(s) abc123@ - 1 Time(s) amanda@ - 1 Time(s) andrew@ - 1 Time(s) apple@ - 1 Time(s) asshole@ - 1 Time(s) bandit@ - 1 Time(s) baseball@ - 1 Time(s) beavis@ - 1 Time(s) buster@ - 1 Time(s) chris@ - 1 Time(s) computer@ - 1 Time(s) cowboys@ - 1 Time(s) dakota@ - 1 Time(s) dallas@ - 1 Time(s) daniel@ - 1 Time(s) david@ - 1 Time(s) diamond@ - 1 Time(s) dragon@ - 1 Time(s) falcon@ - 1 Time(s) fiction@ - 1 Time(s) foobar@ - 1 Time(s) fred@ - 1 Time(s) friends@ - 1 Time(s) george@ - 1 Time(s) harley@ - 1 Time(s) hatton@ - 1 Time(s) hello@ - 1 Time(s) hockey@ - 1 Time(s) internet@ - 2 Time(s) jennifer@ - 1 Time(s) jessica@ - 1 Time(s) jordan@ - 2 Time(s) joshua@ - 1 Time(s) justin@ - 1 Time(s) maddock@ - 1 Time(s) maggie@ - 1 Time(s) michael@ - 1 Time(s) michelle@ - 1 Time(s) mickey@ - 2 Time(s) mike@ - 1 Time(s) monday@ - 1 Time(s) money@ - 1 Time(s) monkey@ - 1 Time(s) mustang@ - 1 Time(s) newpass@ - 1 Time(s) newuser@ - 1 Time(s) nicole@ - 1 Time(s) notused@ - 1 Time(s) orange@ - 1 Time(s) pascal@ - 1 Time(s) passwd@ - 1 Time(s) password@ - 1 Time(s) patrick@ - 1 Time(s) pepper@ - 1 Time(s) purple@ - 1 Time(s) qwerty@ - 2 Time(s) richard@ - 1 Time(s) robert@ - 1 Time(s) school@ - 1 Time(s) sendit@ - 1 Time(s) shadow@ - 1 Time(s) silver@ - 1 Time(s) smokey@ - 1 Time(s) snoopy@ - 1 Time(s) soccer@ - 1 Time(s) sports@ - 1 Time(s) stupid@ - 1 Time(s) summer@ - 2 Time(s) sunshine@ - 1 Time(s) test@ - 1 Time(s) thomas@ - 1 Time(s) undead@ - 1 Time(s) vikings@ - 1 Time(s) wheeling@ - 1 Time(s) **Unmatched Entries** vchkpw-smtp: invalid user/domain characters null:xxx.xxx.xxx.xxx vchkpw-smtp: invalid user/domain characters [EMAIL PROTECTED]:xxx.xxx.xxx.xxx -- vpopmail End - Francisco Paco Peralta - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] --- */Andrew Young/* /Remember your biggest obstacle to success is the absence of execution.// / - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Unwanted Login Attempts
If you offer POP service to the Internet, this is going to happen. You could add an iptables rule to block everyone, except the IP address of users on your system, but if their IP address changes, you get a trouble ticket from a user who can't get their mail. You will spend lots of time chasing your own users. Not fun. Make sure your system is patched and built using the QMT scripts. The firewall is very good. I run yum update weekly to keep it up to date. What I do when this happens is look in /var/log/maillog for the IP address of the offender. Then run whois IP ADDR to get the ISP of the offender. If it is in the US/Canada, I fire off an e-mail with the logs (/var/log/maillog) to the abuse address and I use the key words brute force attack on our mail server and please address this AUP violation with your subscriber. If the attack is from China, I don't even waste my time. When I was at a web hosting company, we took these complaints seriously. Maybe it works, maybe not. I've never had a repeat attack. I did have a BF attack from Argentina that went on for hours. I e-mailed the ISP and it stopped about 15 minutes later. George Toft, CISSP, MSIS 623-203-1760 Francisco Paco Peralta wrote: Hello list, I am looking for a way to minimize the rogue attempts to login to my system. Any suggestions are welcome. I get a logwatch report every morning and have been getting the results. While it doesn't happen every day I would like to minimize my exposure. See Below: - vpopmail Begin No Such User Found: *@ - 1 Time(s) 0246@ - 1 Time(s) 12345678@ - 1 Time(s) 123456@ - 1 Time(s) 1234@ - 1 Time(s) 123@ - 1 Time(s) 123abc@ - 1 Time(s) 1q2w3e@ - 1 Time(s) a1b2c3@ - 1 Time(s) abc123@ - 1 Time(s) amanda@ - 1 Time(s) andrew@ - 1 Time(s) apple@ - 1 Time(s) asshole@ - 1 Time(s) bandit@ - 1 Time(s) baseball@ - 1 Time(s) beavis@ - 1 Time(s) buster@ - 1 Time(s) chris@ - 1 Time(s) computer@ - 1 Time(s) cowboys@ - 1 Time(s) dakota@ - 1 Time(s) dallas@ - 1 Time(s) daniel@ - 1 Time(s) david@ - 1 Time(s) diamond@ - 1 Time(s) dragon@ - 1 Time(s) falcon@ - 1 Time(s) fiction@ - 1 Time(s) foobar@ - 1 Time(s) fred@ - 1 Time(s) friends@ - 1 Time(s) george@ - 1 Time(s) harley@ - 1 Time(s) hatton@ - 1 Time(s) hello@ - 1 Time(s) hockey@ - 1 Time(s) internet@ - 2 Time(s) jennifer@ - 1 Time(s) jessica@ - 1 Time(s) jordan@ - 2 Time(s) joshua@ - 1 Time(s) justin@ - 1 Time(s) maddock@ - 1 Time(s) maggie@ - 1 Time(s) michael@ - 1 Time(s) michelle@ - 1 Time(s) mickey@ - 2 Time(s) mike@ - 1 Time(s) monday@ - 1 Time(s) money@ - 1 Time(s) monkey@ - 1 Time(s) mustang@ - 1 Time(s) newpass@ - 1 Time(s) newuser@ - 1 Time(s) nicole@ - 1 Time(s) notused@ - 1 Time(s) orange@ - 1 Time(s) pascal@ - 1 Time(s) passwd@ - 1 Time(s) password@ - 1 Time(s) patrick@ - 1 Time(s) pepper@ - 1 Time(s) purple@ - 1 Time(s) qwerty@ - 2 Time(s) richard@ - 1 Time(s) robert@ - 1 Time(s) school@ - 1 Time(s) sendit@ - 1 Time(s) shadow@ - 1 Time(s) silver@ - 1 Time(s) smokey@ - 1 Time(s) snoopy@ - 1 Time(s) soccer@ - 1 Time(s) sports@ - 1 Time(s) stupid@ - 1 Time(s) summer@ - 2 Time(s) sunshine@ - 1 Time(s) test@ - 1 Time(s) thomas@ - 1 Time(s) undead@ - 1 Time(s) vikings@ - 1 Time(s) wheeling@ - 1 Time(s) **Unmatched Entries** vchkpw-smtp: invalid user/domain characters null:xxx.xxx.xxx.xxx vchkpw-smtp: invalid user/domain characters [EMAIL PROTECTED]:xxx.xxx.xxx.xxx -- vpopmail End - Francisco Paco Peralta - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Cannot Prevent Qmail from Queuing
Thanks! This helped flush the spam out of a soon-to-be-decommissioned qmail server that was replaced by QMT. George Toft, CISSP, MSIS 623-203-1760 Jake Vickers wrote: Dairenn Lombard wrote: Hello All, This may, in fact, have more to do with the fact that there are 1,134 domains on a Dual 1.8GHz Xeon with 1GB on an 80GB RAID1 array running one of our QMail toasters than it does the fact that there is a problem with the toaster software, but I just thought I'd ask. The gist of the situation is that, in the past week or so, qmail has been queuing email, and, sending the ALARM signal to the PID for qmail-send has not been causing the queue to process. The only thing that used to work was the Microsoft Solution (reboot). Big red flag right there. Today, the situation has degraded to the point that not even a reboot eliminates the symptoms (no surprise there) and that the queue has stopped running twice today. The question here is, which logs should I be looking at for clues as to the issue? Important clues to the issue may also be hidden within the versions of the various packages we have running and so therefore I am including both the OS distribution, kernel version and versions of the toaster RPMs here: Try setting your queueliftime (http://wiki.qmailtoaster.com/index.php/Queuelifetime) to something sort of low (I use 3 hours myself) and see if that will clean your queue up some if you haven't already. I have a suspicion that the bulk of that will be bounce messages and spam waiting to be flushed. The default is to let them sit in there for 1 week before bouncing them. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Cannot Prevent Qmail from Queuing
Thanks for the reply - I found it 30 seconds before reading this e-mail. George Toft, CISSP, MSIS 623-203-1760 Jake Vickers wrote: George Toft wrote: Gentle shove in the right direction please - what file do we edit to change this value? Can someone update the documentation with this info? Also, this page advertises online poker sites: http://wiki.qmailtoaster.com/index.php/Bouncefrom Not that I object to poker - I play it quite a bit - it just does not seem appropriate for a qmail-centric site. I chose qmail because I don't want to gamble with my mail server :) We had an issue with wiki-spam for a bit. It rears it's ugly head from time to time, but for the most part it's stopped. I occasionally find a page that had been spammed that needs to be reverted every once in a while though. As far as how to do this - read the link for queuelifetime. That file is located in /var/qmail/control/queuelifetime Adjust it to something like 10800 (3 hours), save the file, then qmailctl restart. Jake Vickers wrote: Try setting your queueliftime (http://wiki.qmailtoaster.com/index.php/Queuelifetime) to something sort of low (I use 3 hours myself) and see if that will clean your queue up some if you haven't already. I have a suspicion that the bulk of that will be bounce messages and spam waiting to be flushed. The default is to let them sit in there for 1 week before bouncing them. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Cannot Prevent Qmail from Queuing
Gentle shove in the right direction please - what file do we edit to change this value? Can someone update the documentation with this info? Also, this page advertises online poker sites: http://wiki.qmailtoaster.com/index.php/Bouncefrom Not that I object to poker - I play it quite a bit - it just does not seem appropriate for a qmail-centric site. I chose qmail because I don't want to gamble with my mail server :) George Toft, CISSP, MSIS 623-203-1760 Jake Vickers wrote: Dairenn Lombard wrote: Hello All, This may, in fact, have more to do with the fact that there are 1,134 domains on a Dual 1.8GHz Xeon with 1GB on an 80GB RAID1 array running one of our QMail toasters than it does the fact that there is a problem with the toaster software, but I just thought I'd ask. The gist of the situation is that, in the past week or so, qmail has been queuing email, and, sending the ALARM signal to the PID for qmail-send has not been causing the queue to process. The only thing that used to work was the Microsoft Solution (reboot). Big red flag right there. Today, the situation has degraded to the point that not even a reboot eliminates the symptoms (no surprise there) and that the queue has stopped running twice today. The question here is, which logs should I be looking at for clues as to the issue? Important clues to the issue may also be hidden within the versions of the various packages we have running and so therefore I am including both the OS distribution, kernel version and versions of the toaster RPMs here: Try setting your queueliftime (http://wiki.qmailtoaster.com/index.php/Queuelifetime) to something sort of low (I use 3 hours myself) and see if that will clean your queue up some if you haven't already. I have a suspicion that the bulk of that will be bounce messages and spam waiting to be flushed. The default is to let them sit in there for 1 week before bouncing them. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] [Fwd: ezmlm warning]
After several months of subscribing to this list, I received this message, and no more mail from this list. Nothing QMT-related has changed on my server since I built it. Any ideas what happened? -- George Toft, CISSP, MSIS 623-203-1760 Original Message Subject: ezmlm warning Date: 7 Jul 2007 11:02:00 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Hi! This is the ezmlm program. I'm managing the qmailtoaster-list@qmailtoaster.com mailing list. I'm working for my owner, who can be reached at [EMAIL PROTECTED] Messages to you from the qmailtoaster-list mailing list seem to have been bouncing. I've attached a copy of the first bounce message I received. If this message bounces too, I will send you a probe. If the probe bounces, I will remove your address from the qmailtoaster-list mailing list, without further notice. I've kept a list of which messages from the qmailtoaster-list mailing list have bounced from your address. Copies of these messages may be in the archive. To retrieve a set of messages 123-145 (a maximum of 100 per request), send an empty message to: [EMAIL PROTECTED] To receive a subject and author list for the last 100 or so messages, send an empty message to: [EMAIL PROTECTED] Here are the message numbers: 13753 13780 13866 13883 13886 --- Enclosed is a copy of the bounce message I received. Return-Path: Received: (qmail 30134 invoked for bounce); 25 Jun 2007 15:49:29 - Date: 25 Jun 2007 15:49:29 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the qmail-send program at ns2.qmailtoaster.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: User and password not set, continuing without authentication. [EMAIL PROTECTED] 64.85.162.6 failed after I sent the message. Remote host said: 554 DomainKeys verify status: bad key (#5.3.0) - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] argument list to long
When this happens, try this trick: ls | while read FILE; do somecommand $FILE done Hope this helps. George Toft, CISSP, MSIS 623-203-1760 Dan Herbon wrote: Hello, Looking for some help here. Some of my user directories have in excess of 6000-1 emails sitting in their MailDir directories since some of them are required to store their email for 6 months. I am running into a problem when I attempt to run maintenance scripts I’ve wrote which can’t process such a list of files. For example I’ll receive the following error when grep’ing: -bash: /bin/grep: Argument list too long When creating users, I know qmail by default will create numbers when the amount of users grows over a certain size. It’ll create them in dir 1, 2, 3, etc. Is there a way to do this for emails? Once the dir contains a certain number it’ll move them into another directory. Thanks - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problem with QMT replication between two servers
I guess I should read the site closer - I just built a QMT fail-over cluster and I didn't do it like this :( In a nutshell, I set up multi-master replicated MySQL servers using MySQL version 5, then installed QMT, then set up rsync on /home/vpopmail and /var/qmail/control.. Crude, but is works. Downside is creating new domains won't replicate without a qmail recycle. Adding users works fine, so this is ok for me. George Toft, CISSP, MSIS 623-203-1760 ccie 6862 wrote: We've set up failover replication according to http://wiki.qmailtoaster.com/index.php/QMT_Failover_replication_Setup. It appears to be close to running, except we're running into the following error that is logged in /unison/unisonlog.full. It's as follows: Fri Jun 15 16:23:13 CDT 2007 ***STARTING REPLICATION RUN Contacting server... Fatal error: Received unexpected header from the server: expected Unison 2.13\n but received SSH-2.0-OpenSSH_3.9p1\n, which differs at S. This can happen because you have different versions of Unison installed on the client and server machines, or because your connection is failing and somebody is printing an error message, or because your remote login shell is printing something itself before starting Unison. Deleting lock file Done Fri Jun 15 16:23:13 CDT 2007 The Unison versions are identical, and I'd suspect the the problem is that the SSH is returning SSH-2.0-OpenSSH_3.9p1. Can anyone please tell me how to get OpenSSH to no return this? Thank you. Allyn Boardwalk for $500? In 2007? Ha! Play Monopoly Here and Now (it's updated for today's economy) at Yahoo! Games. http://get.games.yahoo.com/proddesc?gamekey=monopolyherenow - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] qmailctl stop/start
I built 4 toasters on Centos 4.4 and had the same problem. I looked at the cnt40-perl.sh script and this package is NOT installed. Thanks for the fix! George Toft, CISSP, MSIS 623-203-1760 Jake Vickers wrote: Glenn Remstedt wrote: here is the last lines from 'install Bundle::CPAN' . . Writing /usr/lib/perl5/5.8.8/i386-linux-thread-multi/auto/Net/.packlist Appending installation info to /usr/lib/perl5/5.8.8/i386-linux-thread-multi/perllocal.pod GBARR/libnet-1.21.tar.gz /usr/bin/make install -- OK Net::FTP is up to date (2.77). Term::ReadKey is up to date (2.30). Term::ReadLine::Perl is up to date (1.0302). YAML is up to date (0.62). Text::Glob is up to date (0.08). CPAN is up to date (1.9102). File::Which is up to date (0.05). * but I do still have the very same error from the 'qmlog spamd' Okay, that's up to date. Now install this module, making sure to prepend any dependencies: perl -MCPAN -e shell install Crypt::OpenSSL::Bignum - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Configuration Backup
I wrote a custom script that checks a few things: - It sends a local account an e-mail, and waits for delivery (takes 0-3 seconds) - Looks for pop errors (unknown user and password failed - Verified processes are up And soon to be added: - compares the directories in /home/vpopmail/domains with /var/qmail/control/virtualdomains - look for values under 60 in the output of qmailctl stat George Toft, CISSP, MSIS 623-203-1760 Josh Dinsdale wrote: Hi Guys I’ve been wondering if anyone’ has had much experience with doing snmp monitoring of a qmailtoaster box? I’ve used snmp on linux box’s before, but Im wondering if there are any specific things to look at in regards to the toaster? Best Regards Josh Dinsdale IT Engineer Navigate Solutions Innovation Centre St Cross Business Park Newport, IW PO30 5WB T: 01983 550360 E: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] W: www.navigatesolutions.co.uk http://www.navigatesolutions.co.uk/ IT Excellence Executed /Navigate Solutions LLP is registered in England and Wales, company number OC313052/ No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.467 / Virus Database: 269.6.2/780 - Release Date: 29/04/2007 06:30 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] MDADM and Exim on Centos 5
well, I didn't quite rework it - I just hammered it into what I needed: =[ START ] #!/bin/sh # # CentOS 4.3 dependencies for basic install # # # Removes sendmail and adds all deps # # Removes openssl and installs it again because # it conflicts with it's own files (?) # rpm --import /usr/share/doc/centos-release-4/RPM* yum -y remove sendmail rpm -e --nodeps openssl yum -y install autoconf automake automake17 bzip2 bzip2-devel curl curl-devel expect expect-devel gcc gcc-c++ gcc-g77 gdbm gdbm-devel gmp gmp-devel httpd httpd-devel httpd-manual httpd-suexec krb5-auth-dialog krb5-devel krb5-libs krb5-workstation libgcc libidn libidn-devel libtool mdadm redhat-lsb mrtg ntp openssh openssh-clients openssh-askpass openssh-server openssl openssl-devel pcre pcre-devel perl-Digest-HMAC perl-Digest-SHA1 perl-Net-DNS perl-Time-HiRes php php-ldap php-mysql php-pear redhat-rpm-config rpm-build rpm-devel rpm-libs rpm-python sed setup setuptool stunnel system-config-date which rpm -e --nodeps exim rm -rf /var/log/exim =[ END ] As you can see, I added mdadm and redhat-lsb *back* into the system, and then forcibly remove exim and its log directory. It seems to work pretty well so far. George Toft, CISSP, MSIS 623-203-1760 George Toft wrote: Same thing happens on CentOS 4.4 - just found that out last night. I will be reworking the cnt40-deps.sh scipt later this week to not uninstall mdadm. Hopefully it works. George Toft, CISSP, MSIS 623-203-1760 Aaron Johnson wrote: MDADM, the multi-disk administration tool in Centos 5 at least requires Exim. Exim is removed as part of the qmail-toaster install, thus uninstalling mdadm. This isn't so bad if you only have one multi-disk device (/dev/md0) because mdadm is also stored on the initial ramdisk and can load the root file system. Mdadm being removed during qmail-toaster installation did cause me issues because I have a seperate raid (actually multi-path) disk mounted at /home/vpopmail. My solution was to install mdadm manually. You can get the sources from: http://www.kernel.org/pub/linux/utils/raid/mdadm/ and it is a pretty straight forward compile/install process. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] who is [EMAIL PROTECTED] ???
for my mail server: Top 100 Sender MailNumber 4 [EMAIL PROTECTED] 18 [EMAIL PROTECTED] scored as the #4 sender of e-mail on my server. Any idea who this is? -- George Toft, CISSP, MSIS 623-203-1760 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] MDADM and Exim on Centos 5
Same thing happens on CentOS 4.4 - just found that out last night. I will be reworking the cnt40-deps.sh scipt later this week to not uninstall mdadm. Hopefully it works. George Toft, CISSP, MSIS 623-203-1760 Aaron Johnson wrote: MDADM, the multi-disk administration tool in Centos 5 at least requires Exim. Exim is removed as part of the qmail-toaster install, thus uninstalling mdadm. This isn't so bad if you only have one multi-disk device (/dev/md0) because mdadm is also stored on the initial ramdisk and can load the root file system. Mdadm being removed during qmail-toaster installation did cause me issues because I have a seperate raid (actually multi-path) disk mounted at /home/vpopmail. My solution was to install mdadm manually. You can get the sources from: http://www.kernel.org/pub/linux/utils/raid/mdadm/ and it is a pretty straight forward compile/install process. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Fax as tif
I love the PBL - it immediately cut my spam by 60% (judging from the logs). George Toft, CISSP, MSIS 623-203-1760 Eric Shubes wrote: George Toft wrote: Looking at the type of mail that I receive, 2.2-2.8 provides a good balance of minimizing spam, and getting [virtually] no false positives. Perhaps I'm trying to tune SA with the wrong tool (adjusting the score)? When all you have is a hammer, every problem looks like a nail. Maybe I need a screwdriver? George Toft, CISSP, MSIS 623-203-1760 Your screwdriver would be RBLs (if you're using the stock default). Quite effective and efficient. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Disappearing Email
No squirrelmail filters in place (didn't even know it had them until today). I have screenshots of the disappearing e-mails. When I first logged in: http://georgetoft.com/qmailtoaster/mail1.bmp About 30 min later: http://georgetoft.com/qmailtoaster/mail2.bmp See what's different - mail from Nieto Paed and Zion Lewis (just looking quickly) are missing in the second screenshot. I viewed one of them. Never deleted any mail - I only read mail via squirrelmail. The mails arrived. Squirrelmail saw them. Squirrelmail lost them. My pop3 client retrieved them at 8:57 am (over an hour after they disappeared from squirrelmail). All times on the server and clients are set to America/Phoenix. I checked the pop3 client filters, and they DO NOT delete mail from the server. I looked on the server this evening. The missing mails are not on the server. The other mails shown in mail2.bmp are still there. Really weird! George Toft, CISSP, MSIS 623-203-1760 Jake Vickers wrote: George Toft wrote: Adding more noise and not enough info . . . I noticed this also one day when I was using squirrelmail - a bunch of spam showed up (10-15 messages), I read one, clicked on the inbox link, and they we all gone. I did not delete even one - they just went away. What process would possibly delete mail after they have been delivered? Squirrelmail filters? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SPF rejecting test mode
That's a very good idea Tim I'm going to do it too! George S - Original Message - From: Tim Mancour [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, April 09, 2007 4:24 PM Subject: RE: [qmailtoaster] SPF rejecting test mode Eric, I had to back off to a value of 3 for the same reason. Since I've observed that Email's that return softfail are often spam I added the following rule to my local.cf file: header spf_softfail Received-SPF =~ /softfail/ score spf_softfail 1.0 Regards, Tim -Original Message- From: Jake Vickers [mailto:[EMAIL PROTECTED] Sent: Monday, April 09, 2007 4:53 PM To: [EMAIL PROTECTED] Subject: Re: [qmailtoaster] SPF rejecting test mode Eric Shubes wrote: It came to my attention today that my toaster is rejecting messages based on SPF policy even though the sender's SPF policy indicates that the domain is testing: http://www.openspf.org/[EMAIL PROTECTED]ip=63.109.97 .44receiver=doris I have /var/qmail/control/spfbehavior set to 4 (reject softfail). Perhaps I should back off to a value of 3 (the stock setting)?q Has anyone else noticed this behavior? Yes, I have seen this as well. I had assumed that a SPF record in testing causing a softfail was the proper behavior, since technically it's not passing. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Fax as tif
Putting yahoogroups in local.cf seems to have increased the spam score by 0.9: X-Spam-Flag: YES X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on server.northvalleycomputing.com X-Spam-Level: ** X-Spam-Status: Yes, score=2.3 required=2.2 tests=AWL,HTML_MESSAGE, HTML_TINY_FONT autolearn=no version=3.1.8 X-Spam-Report: * 0.0 HTML_MESSAGE BODY: HTML included in message * 1.4 HTML_TINY_FONT RAW: body contains 1 or 0-point font * 0.9 AWL AWL: From: address is in the auto white-list Received: from unknown (HELO n32.bullet.scd.yahoo.com) (66.94.237.26) by server.northvalleycomputing.com with SMTP; 11 Apr 2007 06:49:21 - Contents of /etc/mail/spamassassin/local.cf: # These values can be overridden by editing ~/.spamassassin/user_prefs.cf # (see spamassassin(1) for details) # These should be safe assumptions and allow for simple visual sifting # without risking lost emails. ok_locales all skip_rbl_checks 1 required_score 2.2 report_safe 0 rewrite_header Subject ***SPAM*** use_pyzor 1 use_auto_whitelist 1 use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 # 04/02/07 NVC: Allow yahoogroups.com whitelist_from_rcvd [EMAIL PROTECTED] yahoo.com So how do I make the score reduce if the mail is in the AWL? George Toft, CISSP, MSIS 623-203-1760 Jake Vickers wrote: George Toft wrote: Closely related . . . How do I whitelist based on a header field? I belong to a couple of mailing lists and some messages are getting flagged as ***SPAM***. Can I whitelist messages based on any of these headers: X-eGroups-Approved-By: azipaegroups [EMAIL PROTECTED] via web; 02 Apr 2007 22:53:49 - Sender: [EMAIL PROTECTED] Mailing-List: list [EMAIL PROTECTED]; contact [EMAIL PROTECTED] Delivered-To: mailing list [EMAIL PROTECTED] List-Id: azipa.yahoogroups.com I've tried editing local.cf (seems to be wrong) and /usr/share/spamassassin/60_whitelist.cf. I might be in the right place on the latter, but need a gentle shove in the right direction. You were in the right spot. You don't want to edit the files in /usr/shares/spamassassin as they'll be deleted whenever an upgrade comes around. You want to put the entries in your /etc/mail/spamassassin/local.cf file. Just make sure you lint it and restart the daemon when finished: spamassassin -D --lint And for restarting the daemon you can download a script from my site (v2gnu.com) called qmail-spam or install QT-Plus (qtp.qmailtoaster.com) as it's included in there. You can also do it manually: svc -d /var/qmail/supervise/spamd /var/qmail/supervise/spamd/log svc -t /var/qmail/supervise/spamd /var/qmail/supervise/spamd/log svc -u /var/qmail/supervise/spamd /var/qmail/supervise/spamd/log And you would whitelist yahoogroups.com I know there's been a running thread on the best way to whitelist Yahoo groups on the spamassassin mailing list. Might want to peek at their archives. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Disappearing Email
Adding more noise and not enough info . . . I noticed this also one day when I was using squirrelmail - a bunch of spam showed up (10-15 messages), I read one, clicked on the inbox link, and they we all gone. I did not delete even one - they just went away. What process would possibly delete mail after they have been delivered? George Toft, CISSP, MSIS 623-203-1760 Ed Morrison wrote: Anyone have any thoughts on this? Thanks! On 3/20/07, *Erik A. Espinoza* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hello Phil, Make sure you are using the latest clamav. Perhaps you are using clamav 0.90 which contained some issues that caused mail to be lost. Erik I am experiencing this issue myself. When running qtp-newmodel clam does not appear to have a newer version(?). How should I update this? Thanks! [EMAIL PROTECTED] qmail]# qtp-newmodel qtp-newmodel v0.2.7 starting Tue Apr 10 05:25:12 PDT 2007 qtp-whatami v0.2.3 DISTRO=CentOS OSVER=4.4 ARCH=i686 BUILD_DIST=cnt40 BUILD_DIR=/usr/src/redhat This machine's OS is supported, but this version/arch has not been tested. If your OS is not current, you should consider upgrading it. Do you want to proceed at your own risk? (yes, no) y/[n] : y Ok, here we go ... Do you want to include development packages? (This is *not* recommended for production servers) Shall we continue? (yes, no|skip, batch, quit) y / [n]|s / b / q : n Getting package list ... qmail Toaster is an integrated distribution. Packages are preconfigured for the whole distro. As a result, a partial install might be misconfigured. Upgrading all packages to their latest version is strongly recommended. Now that you've been warned, we will proceed with package selection ... zlib-1.2.3-1.0.3 is already installed, bypassed daemontools-toaster-0.76-1.3.2 is already installed, bypassed ucspi-tcp-toaster-0.88-1.3.4 is already installed, bypassed vpopmail-toaster-5.4.13-1.3.3 is already installed, bypassed libdomainkeys-toaster-0.68-1.3.2 is already installed, bypassed libsrs2-toaster-1.0.18-1.3.2 is already installed, bypassed qmail-toaster-1.03-1.3.14 is already installed, bypassed courier-authlib-toaster-0.59.1-1.3.5 is already installed, bypassed courier-imap-toaster-4.1.2-1.3.6 is already installed, bypassed autorespond-toaster-2.0.4-1.3.2 is already installed, bypassed control-panel-toaster-0.5-1.3.3 is already installed, bypassed ezmlm-toaster-0.53.324-1.3.2 is already installed, bypassed qmailadmin-toaster-1.2.9-1.3.3 is already installed, bypassed qmailmrtg-toaster-4.2-1.3.2 is already installed, bypassed maildrop-toaster-2.0.3-1.3.4 is already installed, bypassed isoqlog-toaster-2.1-1.3.3 is already installed, bypassed squirrelmail-toaster-1.4.9a-1.3.5 is already installed, bypassed spamassassin-toaster-3.1.8-1.3.7 is already installed, bypassed clamav-toaster-0.90.1-1.3.11 is already installed, bypassed ripmime-toaster-1.4.0.6-1.3.2 is already installed, bypassed simscan-toaster-1.3.1-1.3.5 is already installed, bypassed vqadmin-toaster-2.3.4-1.3.2 is already installed, bypassed djbdns is not installed, would you like to install it? Shall we continue? (yes, no|skip, batch, quit) [y] / n|s / b / q : n qmail Toaster packages are all current. There is nothing more to do. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Fax as tif
Hi Jake, Here are the headers . . . From - Wed Apr 11 00:56:31 2007 X-Account-Key: account1 X-UIDL: 1176274162.6630.server.northvalleycomputing.com,S=18178 X-Mozilla-Status: 0001 X-Mozilla-Status2: Return-Path: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: (qmail 6628 invoked by uid 89); 11 Apr 2007 06:49:22 - DomainKey-Status: bad Received: by simscan 1.3.1 ppid: 6622, pid: 6623, t: 0.9315s scanners: attach: 1.3.1 clamav: 0.90.1-exp/m:42/d:2691 spam: 3.1.8 X-Spam-Flag: YES X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on server.northvalleycomputing.com X-Spam-Level: ** X-Spam-Status: Yes, score=2.3 required=2.2 tests=AWL,HTML_MESSAGE, HTML_TINY_FONT autolearn=no version=3.1.8 X-Spam-Report: * 0.0 HTML_MESSAGE BODY: HTML included in message * 1.4 HTML_TINY_FONT RAW: body contains 1 or 0-point font * 0.9 AWL AWL: From: address is in the auto white-list Received: from unknown (HELO n32.bullet.scd.yahoo.com) (66.94.237.26) by server.northvalleycomputing.com with SMTP; 11 Apr 2007 06:49:21 - Received-SPF: none (server.northvalleycomputing.com: domain at returns.groups.yahoo.com does not designate permitted sender hosts) Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=lima; d=yahoogroups.com; b=KCSruvypzTqYlQSrC8nagKE9GdXJA1tx8AsHVgVI5WMlIlwgIREHEhayV6UgIwjz6SXV/6lG7yrCYu3NhlpVa4RmfaBe/eLzEPbEmY2hUu2bicjmIT14N8xMLeVD7nvf; Received: from [209.73.164.83] by n32.bullet.scd.yahoo.com with NNFMP; 11 Apr 2007 06:49:19 - Received: from [66.218.67.85] by t7.bullet.scd.yahoo.com with NNFMP; 11 Apr 2007 06:49:19 - X-Yahoo-Newman-Id: 3517437-m1790 Received: (qmail 17957 invoked from network); 11 Apr 2007 06:49:18 - Received: from unknown (66.218.66.70) by m49.grp.scd.yahoo.com with QMQP; 11 Apr 2007 06:49:18 - Received: from unknown (HELO n7c.bullet.sp1.yahoo.com) (69.147.64.167) by mta12.grp.scd.yahoo.com with SMTP; 11 Apr 2007 06:49:18 - Received: from [216.252.122.217] by n7.bullet.sp1.yahoo.com with NNFMP; 11 Apr 2007 06:48:29 - Received: from [66.218.69.4] by t2.bullet.sp1.yahoo.com with NNFMP; 11 Apr 2007 06:48:29 - Received: from [66.218.66.81] by t4.bullet.scd.yahoo.com with NNFMP; 11 Apr 2007 06:48:29 - X-Sender: [EMAIL PROTECTED] X-Apparently-To: [EMAIL PROTECTED] Received: (qmail 87929 invoked from network); 10 Apr 2007 19:07:52 - Received: from unknown (66.218.67.35) by m31.grp.scd.yahoo.com with QMQP; 10 Apr 2007 19:07:52 - Received: from unknown (HELO n31b.bullet.sp1.yahoo.com) (209.131.38.209) by mta9.grp.scd.yahoo.com with SMTP; 10 Apr 2007 19:07:52 - Received: from [216.252.122.216] by n31.bullet.sp1.yahoo.com with NNFMP; 10 Apr 2007 19:05:37 - Received: from [66.218.69.1] by t1.bullet.sp1.yahoo.com with NNFMP; 10 Apr 2007 19:05:37 - Received: from [66.218.66.90] by t1.bullet.scd.yahoo.com with NNFMP; 10 Apr 2007 19:05:37 - To: [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] User-Agent: eGroups-EW/0.82 X-Mailer: Yahoo Groups Message Poster X-Originating-IP: 209.131.38.209 X-eGroups-Msg-Info: 1:6:0:0 X-Yahoo-Post-IP: 68.3.11.126 From: Tony Deblon [EMAIL PROTECTED] X-Yahoo-Profile: antonyd1976 X-eGroups-Approved-By: azipaegroups [EMAIL PROTECTED] via web; 11 Apr 2007 06:48:29 - Sender: [EMAIL PROTECTED] MIME-Version: 1.0 Mailing-List: list [EMAIL PROTECTED]; contact [EMAIL PROTECTED] Delivered-To: mailing list [EMAIL PROTECTED] List-Id: aztech-work.yahoogroups.com Precedence: bulk List-Unsubscribe: mailto:[EMAIL PROTECTED] Date: Tue, 10 Apr 2007 19:05:37 - Subject: ***SPAM*** [aztech-work] C++ Application Developer with Tivoli Storage Manager X-Yahoo-Newman-Property: groups-email-ff Content-Type: multipart/alternative; boundary=F2wXmUQ1XMxgz6e9YfpmR3BQK3zzUP6k7CN7Yvz X-Spam-Prev-Subject: [aztech-work] C++ Application Developer with Tivoli Storage Manager --F2wXmUQ1XMxgz6e9YfpmR3BQK3zzUP6k7CN7Yvz Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable George Toft, CISSP, MSIS 623-203-1760 Jake Vickers wrote: George Toft wrote: Putting yahoogroups in local.cf seems to have increased the spam score by 0.9: X-Spam-Flag: YES X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on server.northvalleycomputing.com X-Spam-Level: ** X-Spam-Status: Yes, score=2.3 required=2.2 tests=AWL,HTML_MESSAGE, HTML_TINY_FONT autolearn=no version=3.1.8 X-Spam-Report: * 0.0 HTML_MESSAGE BODY: HTML included in message * 1.4 HTML_TINY_FONT RAW: body contains 1 or 0-point font * 0.9 AWL AWL: From: address is in the auto white-list Received: from unknown (HELO n32.bullet.scd.yahoo.com) (66.94.237.26) by server.northvalleycomputing.com with SMTP; 11 Apr 2007 06:49:21 - We'd need to see the full headers to see where the email is coming from # 04/02/07 NVC: Allow yahoogroups.com
Re: [qmailtoaster] Fax as tif
Looking at the type of mail that I receive, 2.2-2.8 provides a good balance of minimizing spam, and getting [virtually] no false positives. Perhaps I'm trying to tune SA with the wrong tool (adjusting the score)? When all you have is a hammer, every problem looks like a nail. Maybe I need a screwdriver? George Toft, CISSP, MSIS 623-203-1760 Jake Vickers wrote: George Toft wrote: Hi Jake, Here are the headers . . . X-Spam-Status: Yes, score=2.3 required=2.2 tests=AWL,HTML_MESSAGE, That score is rather low in my opinion. The default required is 5. Almost all of the scores in SA are geared to get it above the 5 score, so almost all of them will score above 2.2 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Disappearing Email
CentOS 4.4 install with QMT. Nothing else. No users, except me. A few cron jobs, but nothing that makes changes (just monitoring stuff). Weird. The squirrelmail isn't compiled with some kind of smap filter is it? George Toft, CISSP, MSIS 623-203-1760 Erik A. Espinoza wrote: Nothing should delete mail after delivery other than a client. Sounds like you may have something else running on your machine that is causing problems. Erik On 4/11/07, George Toft [EMAIL PROTECTED] wrote: Adding more noise and not enough info . . . I noticed this also one day when I was using squirrelmail - a bunch of spam showed up (10-15 messages), I read one, clicked on the inbox link, and they we all gone. I did not delete even one - they just went away. What process would possibly delete mail after they have been delivered? George Toft, CISSP, MSIS 623-203-1760 Ed Morrison wrote: Anyone have any thoughts on this? Thanks! On 3/20/07, *Erik A. Espinoza* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hello Phil, Make sure you are using the latest clamav. Perhaps you are using clamav 0.90 which contained some issues that caused mail to be lost. Erik I am experiencing this issue myself. When running qtp-newmodel clam does not appear to have a newer version(?). How should I update this? Thanks! [EMAIL PROTECTED] qmail]# qtp-newmodel qtp-newmodel v0.2.7 starting Tue Apr 10 05:25:12 PDT 2007 qtp-whatami v0.2.3 DISTRO=CentOS OSVER=4.4 ARCH=i686 BUILD_DIST=cnt40 BUILD_DIR=/usr/src/redhat This machine's OS is supported, but this version/arch has not been tested. If your OS is not current, you should consider upgrading it. Do you want to proceed at your own risk? (yes, no) y/[n] : y Ok, here we go ... Do you want to include development packages? (This is *not* recommended for production servers) Shall we continue? (yes, no|skip, batch, quit) y / [n]|s / b / q : n Getting package list ... qmail Toaster is an integrated distribution. Packages are preconfigured for the whole distro. As a result, a partial install might be misconfigured. Upgrading all packages to their latest version is strongly recommended. Now that you've been warned, we will proceed with package selection ... zlib-1.2.3-1.0.3 is already installed, bypassed daemontools-toaster-0.76-1.3.2 is already installed, bypassed ucspi-tcp-toaster-0.88-1.3.4 is already installed, bypassed vpopmail-toaster-5.4.13-1.3.3 is already installed, bypassed libdomainkeys-toaster-0.68-1.3.2 is already installed, bypassed libsrs2-toaster-1.0.18-1.3.2 is already installed, bypassed qmail-toaster-1.03-1.3.14 is already installed, bypassed courier-authlib-toaster-0.59.1-1.3.5 is already installed, bypassed courier-imap-toaster-4.1.2-1.3.6 is already installed, bypassed autorespond-toaster-2.0.4-1.3.2 is already installed, bypassed control-panel-toaster-0.5-1.3.3 is already installed, bypassed ezmlm-toaster-0.53.324-1.3.2 is already installed, bypassed qmailadmin-toaster-1.2.9-1.3.3 is already installed, bypassed qmailmrtg-toaster-4.2-1.3.2 is already installed, bypassed maildrop-toaster-2.0.3-1.3.4 is already installed, bypassed isoqlog-toaster-2.1-1.3.3 is already installed, bypassed squirrelmail-toaster-1.4.9a-1.3.5 is already installed, bypassed spamassassin-toaster-3.1.8-1.3.7 is already installed, bypassed clamav-toaster-0.90.1-1.3.11 is already installed, bypassed ripmime-toaster-1.4.0.6-1.3.2 is already installed, bypassed simscan-toaster-1.3.1-1.3.5 is already installed, bypassed vqadmin-toaster-2.3.4-1.3.2 is already installed, bypassed djbdns is not installed, would you like to install it? Shall we continue? (yes, no|skip, batch, quit) [y] / n|s / b / q : n qmail Toaster packages are all current. There is nothing more to do. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Fax as tif
Thanks, Jake. Do you sleep? Answering e-mail at 3:54am? Yikes! George Toft, CISSP, MSIS 623-203-1760 Jake Vickers wrote: George Toft wrote: Closely related . . . How do I whitelist based on a header field? I belong to a couple of mailing lists and some messages are getting flagged as ***SPAM***. Can I whitelist messages based on any of these headers: X-eGroups-Approved-By: azipaegroups [EMAIL PROTECTED] via web; 02 Apr 2007 22:53:49 - Sender: [EMAIL PROTECTED] Mailing-List: list [EMAIL PROTECTED]; contact [EMAIL PROTECTED] Delivered-To: mailing list [EMAIL PROTECTED] List-Id: azipa.yahoogroups.com I've tried editing local.cf (seems to be wrong) and /usr/share/spamassassin/60_whitelist.cf. I might be in the right place on the latter, but need a gentle shove in the right direction. You were in the right spot. You don't want to edit the files in /usr/shares/spamassassin as they'll be deleted whenever an upgrade comes around. You want to put the entries in your /etc/mail/spamassassin/local.cf file. Just make sure you lint it and restart the daemon when finished: spamassassin -D --lint And for restarting the daemon you can download a script from my site (v2gnu.com) called qmail-spam or install QT-Plus (qtp.qmailtoaster.com) as it's included in there. You can also do it manually: svc -d /var/qmail/supervise/spamd /var/qmail/supervise/spamd/log svc -t /var/qmail/supervise/spamd /var/qmail/supervise/spamd/log svc -u /var/qmail/supervise/spamd /var/qmail/supervise/spamd/log And you would whitelist yahoogroups.com I know there's been a running thread on the best way to whitelist Yahoo groups on the spamassassin mailing list. Might want to peek at their archives. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Fax as tif
Closely related . . . How do I whitelist based on a header field? I belong to a couple of mailing lists and some messages are getting flagged as ***SPAM***. Can I whitelist messages based on any of these headers: X-eGroups-Approved-By: azipaegroups [EMAIL PROTECTED] via web; 02 Apr 2007 22:53:49 - Sender: [EMAIL PROTECTED] Mailing-List: list [EMAIL PROTECTED]; contact [EMAIL PROTECTED] Delivered-To: mailing list [EMAIL PROTECTED] List-Id: azipa.yahoogroups.com I've tried editing local.cf (seems to be wrong) and /usr/share/spamassassin/60_whitelist.cf. I might be in the right place on the latter, but need a gentle shove in the right direction. George Toft Jake Vickers wrote: Jim Shupert, Jr. wrote: Friends, we have a phone system that will get a fax and then send it as an email. the email is mostly an attachment ( tif ) my challenge is that these are being marked as ***spam*** I think ... i need to whitelist or somehow always let mail that is from [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] to come through. note it is coming from within my domain and I have looked at ( and edited the var/qmail/control/simcontrol ) so i know the problem is not the attachment (tif) In your /etc/mail/spamassassin/local.cf: whitelist_from [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] migration from qmailrocks to qmailtoaster
- Original Message - From: Jake Vickers [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, April 03, 2007 2:07 PM Subject: Re: [qmailtoaster] migration from qmailrocks to qmailtoaster [EMAIL PROTECTED] wrote: Hello, I am doing a migration from an old Mandriva 2005 and qmailrocks installation WITHOUT the use of MYSQL but with Vpopmail. My new machine is actually a QMT-iso version 1.0. I usually just transferred the mails in the old Maildir to the same place into the new machines Maildir, I understand that this wont work with qmt and mysql. Please advice me how to do this. You can create the users in the QMT version, and then once they're created copy the emails to the directories. That's the easiest way to do it. You can also uses the vconvert function for qmail instead of manually adding them (if you have a large group of users or encrypted passwords importing is much easier). I've done it a few times from QMR and Shupp's installations and here are the basics. I wish I was at work to look at my notes, but this should be all you need. I have some scripts i wrote which zip and rsync to a new server and such, but they are overkill for only a couple of domains. I'm not sure I've seen anyone else post correct info on using vconvert elsewhere so I'll share because I know this works (10 minutes to write ): ### #zip up your old files and move them to the new server... gzip, zip, bzip2 whatever flavor you like #i unzip the vpopmail directory from the old server and put it where it goes. # I unzip and untar the archive like this: tar -xzvf domain.net.vpopmail.tar.gz # change to the directory where it goes (move the files here if you unzipped it elsewhere): cd /home/vpopmail/domains/ #IMPORTANT THE PATH MUST BE CORRECT OR DELIVERY WILL FAIL #you should edit the .vpasswd file to correct the paths to the mailboxes or it won't work because mysql will have an incorrect location for the toaster's mail files: # use perl, sed or gsub to fix it; i like perl: #syntax for single words perl -pi -e's/oldinfo/newinfo/' file-to-work.on #you have to use a \before the directory slashes so a path looks like this: perl -pi -e's/\/oldpath\/goes\/here/\/newpath\/goes\/here/' .vpasswd #add them to mysql using the built-in converter (reads the vpasswd files and imports it) /var/bin/vconvert -c -m domain1.com #(you can list more if you want just by using a space and then another domain) #get your vpopmail user password for the next step: cat /home/vpopmail/etc/vpopmail.mysql | awk -F\| '{print $4}' #export the mysql database and grep for the domain you added to see if it imported (you'll need to know your vpopmail pass): #(don't worry this just exports... drop is how you get rid of a database) mysqldump -uvpopmail vpopmail -p | grep domain #note - there seems to be an issue with the usercount after importing the users and i haven't looked into it to fix it (other than manually editing the table value) #note as a separate reminder (not related to converting) - you may want to compile with roaming users because it's not built by default by the toaster. ## George Sweetnam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] allow relay with authentication
- Original Message - From: Joseph Lundgren [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Cc: [EMAIL PROTECTED] Sent: Tuesday, April 03, 2007 6:38 PM Subject: RE: [qmailtoaster] allow relay with authentication Jim, In vpopmail terminology, this is called roaming. Roaming is disabled by default in the qmailtoaster distribution. If you read http://wiki.qmailtoaster.com/index.php/Vpopmail_roaming_users you'll see the steps necessary to enable this feature during compilation. Sincerely, -- Joseph Lundgren Systems Engineer Peak Internet, LLC [EMAIL PROTECTED] = Eric or Erik will this work? Humm... I've been experimenting with the chroot installation options and would this work to enable roaming users when using QT+? echo --enable-roaming-users /opt/qmailtoaster-plus/etc/rpmbuild/vpopmail-toaster Here are the build options for vpopmail-toaster: rpm vpopmail-toaster -q --info The default is off and if we aren't specifying it in the file shouldn't it work? George Sweetnam - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] Congraturlations!!!
I recently built the qmail toaster for CentOS 4.4 (http://wiki.qmailtoaster.com/index.php/CentOS_4.4_QmailToaster_Install) and it builds so much cleaner and works much better than my previous toaster (built from http://shupp.org/toaster/index.php). My spam dropped 70-80% over the previous build (mainly due to the PBL). I just wanted to say thanks for putting this project together, and to let y'all know that I plan on providing lots of feedback :) You definitely tamed the beast! -- George Toft - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spam detection
- Original Message - From: John [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Saturday, March 24, 2007 3:07 PM Subject: [qmailtoaster] spam detection Hi, I have followed the instructions on enabling spam detection in Qmailadmin at http://wiki.qmailtoaster.com/index.php/QMail-Toaster:FAQ (FAQ 3.6). As instructed, I added echo --define 'spambox 1' /opt/qmailtoaster-plus/etc/rpmbuild/qmailadmin-toaster (all one line) and then ran qtp-newmodel. I don't see any spam detection box in Qmailadmin I've heard people refer to (it would be in edit/new email accounts interface, right?)? I found a tutorial for moving spam to a folder using mailfilters at http://opensourceheaven.net/?page_id=98 I'll give that a try later, but I am feeling like my original efforts should have done something based on the discussions I've seen. Unfortunately, I see no effect in building Qmailadmin-toaster with the spambox 1 option. Thanks in advance, John John, Log in with the webmail client and you'll see the spam box listed there once spam is received. There is nothing else for you to do. George S. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] qtp 0.2.9-1.3.11 released
- Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list qmailtoaster-list@qmailtoaster.com Sent: Friday, March 09, 2007 4:18 PM Subject: [qmailtoaster] qtp 0.2.9-1.3.11 released Changes in this version: .) removes clamav-toaster before upgrading if installed clamav-toater = 0.90.1-1.3.11 .) backs up / restores entire /usr/share/clamav directory .) restore configuration files default changed to 'no' .) missing package files in linked sandbox no longer fatal (message only) That'll solve the issues I was having with clam too. For some reason it was installing .10 and .11 at the same time (when upgrading). The versions of the past 2 versions changed their syntax slightly (switching . and -). I've been fighting issues where multilog can't write to the /var/log/qmail tree, but figured it out this AM. I was looking at permissions, but didn't look at /var itself. It'd been changed to being owned by vpopmail.vchkpw ... nasty surprise! I didn't find anything which caused it either, but now the logging works. I am a bit puzzled why we don't use some of the daemontools features still (svcscanboot). Without readproctitle running it's tough to troubleshoot when you don't have logs. I made a custom rpm for daemontools to get some extras. Off to fix /etc/hosts now so imap will work (happens every time on a new install when i deploy to a pub ip) ---removing xinetd because we're running tcpserver. George S. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] qtp-newmodel and djbdns errors
- Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, March 06, 2007 6:26 PM Subject: Re: [qmailtoaster] qtp-newmodel and djbdns errors George Sweetnam wrote: Eric, I've been experimenting on a new CentOs build today and have run into a problem in the install script. Ran this: /opt/qmailtoaster-plus/bin/qtp-newmodel BEGIN OUTPUT --- ---snip-- qtp-build-rpms - rpm -Uvh failed for djbdns-1.05-1.0.3 qtp-build-rpms - see /opt/qtp-sandbox/usr/src/qtp-upgrade/log/build-recent.log Build failed, Exiting. END OUTPUT --- So I look at the file: tail -20 /opt/qtp-sandbox/usr/src/qtp-upgrade/log/build-recent.log BEGIN OUTPUT --- Installing djbdns-1.05-1.0.3 in the sandbox ... error: Failed dependencies: djbdns-extcache conflicts with djbdns-1.05-1.0.3.i686 djbdns conflicts with djbdns-extcache-1.05-1.0.3.i686 djbdns-localcache conflicts with djbdns-extcache-1.05-1.0.3.i686 djbdns-extcache conflicts with djbdns-localcache-1.05-1.0.3.i686 END OUTPUT --- I think we have a need to question prior to the installation whether it's going to be an interal only list or external only. Then push the result to the rpm -Uvh command to install the proper version. [Have internal be the default]. rpm -Uvh /usr/src/redhat/RPMS/i686/djbdns-1.05-1.0.3.i686.rpm - Also I'd recommend adding a -v switch to newmodel so the version of the script is more apparent. qtp-newmodel -v George S Yeah George, djbdns doesn't work with qtp-newmodel at this time (http://qtp.qmailtoaster.com/ticket/7). I started in on a fix for it, but it got to be a little more than I had anticipated. I use bind myself, so I haven't had a chance to work out how djbdns should be handled. Please update the ticket (you'll need to register first) with any information about how you'd like it to work. In the meantime, you'll need to deselect djbdns with qtp-newmodel, and install it manually. Thanks. -- -Eric 'shubes' === I'll download the new version you put out of qtp-newmodel and start over. I'd been making notes of issues and it seems you've already resolved some (clamav requiring a second install attempt due to qmaill user/group). George S. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] qtp-newmodel and djbdns errors
Eric, I've been experimenting on a new CentOs build today and have run into a problem in the install script. Ran this: /opt/qmailtoaster-plus/bin/qtp-newmodel BEGIN OUTPUT --- ---snip-- qtp-build-rpms - rpm -Uvh failed for djbdns-1.05-1.0.3 qtp-build-rpms - see /opt/qtp-sandbox/usr/src/qtp-upgrade/log/build-recent.log Build failed, Exiting. END OUTPUT --- So I look at the file: tail -20 /opt/qtp-sandbox/usr/src/qtp-upgrade/log/build-recent.log BEGIN OUTPUT --- Installing djbdns-1.05-1.0.3 in the sandbox ... error: Failed dependencies: djbdns-extcache conflicts with djbdns-1.05-1.0.3.i686 djbdns conflicts with djbdns-extcache-1.05-1.0.3.i686 djbdns-localcache conflicts with djbdns-extcache-1.05-1.0.3.i686 djbdns-extcache conflicts with djbdns-localcache-1.05-1.0.3.i686 END OUTPUT --- I think we have a need to question prior to the installation whether it's going to be an interal only list or external only. Then push the result to the rpm -Uvh command to install the proper version. [Have internal be the default]. rpm -Uvh /usr/src/redhat/RPMS/i686/djbdns-1.05-1.0.3.i686.rpm - Also I'd recommend adding a -v switch to newmodel so the version of the script is more apparent. qtp-newmodel -v George S - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] New Qmailtoaster-Plus Home
Does this exist?http://qtp.qmailtoaster.com/releases/ George S. - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list qmailtoaster-list@qmailtoaster.com Sent: Monday, March 05, 2007 3:45 PM Subject: [qmailtoaster] New Qmailtoaster-Plus Home Hey all, The migration of the QmailToaster-Plus project from shubes.net to http://qtp.qmailtoaster.com has been completed. The old URLs at shubes.net will automatically redirect you to the new site. Documentation will soon reflect the new location. Thanks to Nick Hemmesch and Erik Espinoza for allowing the use and setting up of the qtp.qmailtoaster.com domain name, and special thanks to Jake Vickers for hosting the new site. If you have any problem or questions regarding the site, please email the list. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] problems with install
- Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, March 02, 2007 6:37 PM Subject: Re: [qmailtoaster] problems with install Jim Shupert, Jr. wrote: I did comment out the line for firewall.sh === #The line below is wrong in the file firewall.sh: iptables -A INPUT -s $MYIP -i ! lo -j DROP #Did you really mean to lock out the remote connection for the person using the machine? #I would recommend something like this in the ssh section (you may want to omit the -i eth0 if you don't want to specify it) and removing the line above entirely: iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m cent --set iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m cent --update --seconds 60 --hitcount 4 -j DROP iptables -A INPUT -s $MYIP/255.255.255.255 -p tcp -m tcp --dport 22 -j ACCEPT # George S - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] problems with install
repost... it wrapped badly and some of the characters were omitted (re in recent) #The line below is wrong in the file firewall.sh: iptables -A INPUT -s $MYIP -i ! lo -j DROP #Did you really mean to lock out the remote connection for the person using the machine? #I would recommend something like this in the ssh section (you may want to omit the -i eth0 if you don't want to specify it) and removing the line above entirely: iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP iptables -A INPUT -s $MYIP/255.255.255.255 -p tcp -m tcp --dport 22 -j ACCEPT # George S - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] problems with install
- Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Monday, March 05, 2007 5:23 PM Subject: Re: [qmailtoaster] problems with install George Sweetnam wrote: - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, March 02, 2007 6:37 PM Subject: Re: [qmailtoaster] problems with install Jim Shupert, Jr. wrote: I did comment out the line for firewall.sh === #The line below is wrong in the file firewall.sh: iptables -A INPUT -s $MYIP -i ! lo -j DROP #Did you really mean to lock out the remote connection for the person using the machine? #I would recommend something like this in the ssh section (you may want to omit the -i eth0 if you don't want to specify it) and removing the line above entirely: iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m cent --set iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m cent --update --seconds 60 --hitcount 4 -j DROP iptables -A INPUT -s $MYIP/255.255.255.255 -p tcp -m tcp --dport 22 -j ACCEPT # George S I simply added iptables -A INPUT -s my.local.sub.net/255.255.255.0 -j ACCEPT before the offending line(s) to accept everything from my local subnet. Perhaps not the best solution. George, will you create a flyspray enhancement task so that this can be taken care of? I think it deserves some attention, whatever the solution might be. -- -Eric 'shubes' == i listed it as a bug request because it's a typo to specifically deny the installer (kinda funny really) George. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] New Qmailtoaster-Plus Home
- Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Monday, March 05, 2007 5:16 PM Subject: Re: [qmailtoaster] New Qmailtoaster-Plus Home Not as such. I think you're looking for http://qtp.qmailtoaster.com/browser/releases This is a much nicer interface for browsing than the vanilla svn pages. The 'native' svn interface (http://qtp.qmailtoaster.com/svn) is borken, but you can still use wget to get various modules by using http://qtp.qmailtoaster.com/svn/releases/... I might someday figure out why the 'native' svn is borked, but it's not high on my list. ;) George Sweetnam wrote: Does this exist?http://qtp.qmailtoaster.com/releases/ George S. - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list qmailtoaster-list@qmailtoaster.com Sent: Monday, March 05, 2007 3:45 PM Subject: [qmailtoaster] New Qmailtoaster-Plus Home Hey all, The migration of the QmailToaster-Plus project from shubes.net to http://qtp.qmailtoaster.com has been completed. The old URLs at shubes.net will automatically redirect you to the new site. Documentation will soon reflect the new location. Thanks to Nick Hemmesch and Erik Espinoza for allowing the use and setting up of the qtp.qmailtoaster.com domain name, and special thanks to Jake Vickers for hosting the new site. If you have any problem or questions regarding the site, please email the list. -- -Eric 'shubes' -- -Eric 'shubes' - I was following the installation links on your new page (http://qtp.qmailtoaster.com) and the gpgkey and download links were broken. I can wget them now so I guess it's been corrected. I was going to attempt to use the qtp to install from scratch on a clean system (i did put the pre-req's and some other perl stuff on it already though). George. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Problems with qtp-newmodel
- Original Message - From: Guillermo Villasana [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, March 01, 2007 11:52 AM Subject: [qmailtoaster] Problems with qtp-newmodel Hi guys, I have been trying to update my toaster, but when I get to the point of building the sandbox, it takes a lot of time, and my conection to the server is lost and the process stops, I tried to restart it, what should I do? I have set to be copied, should I use the linked version? I don't remember why it is best to use the copied instead of the linked version. Thanks again Terius - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - # I use screen to remotely install it. yum install screen type screen to start a session run your script qmt-newmodel.sh use [cntl] + [a] + [d] to detach the screen session type screen -r to resume it later. Note: if you have more than one session just do a screen -r # (you will get a list of #s) type exit when done -- It's great for those late night unattended installs or when using a wireless in which you cordless phone likes to steal your channel and disconnect you! George S. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to disable certain services
On 2/13/07, Eric Shubes [EMAIL PROTECTED] wrote: Erik A. Espinoza wrote: As long as there's 'svc' to control it, I see no need for putting links into /service/. For that matter, why is there a /service/ at all in the toaster? I'd be inclined to ditch it. Probably there since the Miguel Beccari days and hasn't been removed. You can rmdir it without side effect. If someone wanted to disable a stock service permanently, will 'svc -d' persist after a reboot, or would they need to modify the qmail script to run it? No, 'svc -d' is a temporary disable. The only way to permanently remove it is to rm the dir. I usually leave everything running and just use the firewall to control access. For example on my system I don't allow imap or pop3 without ssl. Since tcpserver doesn't take any resources unless it is in use, then there is no worries. Erik I suppose you could create an init script that runs 'svc -d' to disable whatever service you didn't want. No no no no... this is not how you disable a service from running in daemontools. You can change it's normal state to down and leave it configured for future use. (like in a post i made last year explaining how to clear the read proctile status of daemontools from the processess list ... this one: readproctitle service errors: . ) If you do a svstat on the directory you will see status listings saying normally up or down (only services in an abnormal state will list a message saying they are different from the norm) svstat /var/qmail/supervise/* If you create a blank file named down in the service directory and then shut the service down its normal state will become down and will not run unless manually started... even after a reboot. touch down /var/qmail/supervise/pop3-ssl/down svstat /var/qmail/supervise/pop3-ssl /service/pop3-ssl: up (pid 23468) 2 seconds, normally down lets you know it's different from how it should be svc -d /var/qmail/supervise/pop3-ssl /service/pop3-ssl: down 27 seconds svstat /var/qmail/supervise/pop3-ssl George S - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] imap4 configuration files
- Original Message - From: Philip [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, February 13, 2007 3:56 AM Subject: [qmailtoaster] imap4 configuration files Hello I wanted to change a few options/configurations for imapd .. If you check the run file you can see a cat /etc/courier/imapd | /usr/bin/envconv exec /usr/bin/envdir ./env/ You can guess that if you change a few variables in the /etc/courier/imapd if may reflect but not at all, it is bypassed ... If you want to change the max connection you need to add a -c X (x= # of connections, default 40) to the run file the MAXDAEMONS or MAXPERIP variables arent used whatever you set them up to .. That's not exactly the way it should work I think. Even if you can of course set again a firewall to block ppl from connecting more than x-times ... that option is there and should be used The reason I wanted to increase the maxdaemons, I noticed that with the new courier, sometimes the connections were maxed , more or less coz the connection wasnt dropped and kept alive I will check more into that .. just found that out while changing the MAXDAEMONS :) You shouldn't play with those setting because squirrelmail connects using the same ip (127.0.0.1) and you are limiting the total connections allowed to all of your web users. You could see if there is a way to allow localhost more and limit the rest... I haven't played with the imap conf in a couple of years though. George S. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] QMAIL TOASTER ISSUES
(svc -du /var/qmail/supervise/smtp) will fix it for you. George s - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] catchall settings questions
- Original Message - From: Jean-Paul van de Plasse [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, February 09, 2007 8:33 AM Subject: Re: [qmailtoaster] Telnet Port 25 could be relayed without authentication. The delete one makes it accept all and just trash it. change it to bounce-no-mailbox and it will work as expected. JP This brings up the point about whether we should be deleting or bouncing messages. I don't bounce messages because I feel it gives email name harvesters a confirmation of which mailboxes are valid (they don't bounce). I was just thinking that I may be defeating the purpose of chkuser Questions: 1) Does using the delete setting in any way interfere with the chkuser options on setting the number of invalid rcpts? 2) At what point are the messages getting deleted? -- are they being scanned for clam and spamd? I wonder if it only deletes when it clears the scans and delivery is attempted 3) If chkuser is bouncing then simscan wouldn't ever be called, but is that the case with the delete setting on the catchall? (sort of related to #1) Feel free to ask other questions and discuss what would work best. George S.
Re: [qmailtoaster] Installation on Ubuntu
It'd be great if QT ran on an Ubuntu (or debian) server, but that hasn't been done yet, and to be honest, it's a fairly low priority at this point. Having to support a non-rpm based distro would simply tax the developers too much, and functional enhancements would suffer. That's not to say it couldn't be done though. I'd personally like to see this happen too. If someone were to just do it, I think the contribution would be welcomed. It would need to be done in an automated fashion though, using tools that would convert rpms to debs automatically. Such tools do exist, it's just that no one (TTBOMK) has applied them yet. In the meantime, I find it hard to believe that FC won't work on your machine if Ubuntu would. What's the problem with it? -- -Eric 'shubes' - The best way would be to get toaster in an apt repository and apt-get it. But I've never built debian packages (yes debian is a package based system too) To get you started on debian: Since toaster is .rpm instead of a .deb you can use a program like alien (apt-get install alien) and unpack the files that way (alien -i toaster-filename.rpm). I've done some of the rpm's like that to tinker with them on a debian system, but I've not actually run them on a live toaster w/ debian operating system. George S. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
Erik Espinoza wrote: A BSD admin that can take qmailtoaster and make it run on BSD can implmenet a firewall policy using ipf. Sure ;-D. But you're not taking into account admin laziness. ES, port 587 is all about SMTP-AUTH, meaning that tcprules shouldn't really matter as it's all done through auth. Port 25 doesn't require auth, therefore it would need independent control. What possible scenario would we need to control port 587 independently of port 25 and why? This seems like unnecessary complication, with no pay off at all. You know, that is the reason I'd like to see that files separated. Submission service and SMTP service in fact serve for totally different purposes. One is used for MUA-MTA message submission, other is used for MTA-to-MTA message transfer. I can hardly see why should I use same tcprules for totally different services? In ideal world I would enable things like SPF and simscan only on SMTP service, and domainkeys or dkim signing only on SUBMISSION service. And I would never-ever add IP ranges with RELAYCLIENT= to the tcprules for SUBMISSION service as it will look like nonsence there - I always want my users to auth themselves to use SUBMISSION service. That is why I use separate rulesets for SMTP and SUBMISSION. I asked nearly the same thing a couple of weeks ago and was told we use one file. Since I consider much of what we do as a basic package and in many cases a work in progress, I created a second tcpserver submission file for my toaster box. Submission port usage is similar, but very different. It even has different services for each (part of the reason i decided to separate them)... if I typo the file for the smtp service (port 25), tcp.smtp, it would take down my smtp service, but not my submission service... thus making it easier to tell where the problem is... we already separate the logs. Not to mention I have totally different rules in each for handling things like rbl lookups and friendly ip's. I know about putting firewall/spam filters in front too we have a barracuda as an mx filter for some of our domains (debian, non-toaster server) and it's ridiculous to have it go through the scans too. Our debian box essentially allows the mailfilter ip through unmolested and uses :deny for the rest because the customers are pointed to the submission port already. I used to setup port 26 for customers (before submission and didn't use smtp auth's port) to get around isp's blocking port 25 to send (for our hosted customers off-net). I allow relaying for friendly ip's through submission, and others can auth and send without passing through spamscanning and rbl lookups. For anything on port 25... tough... you get the works (either mx level filtering on another box or rbl's/spam/clamd on the local server). George - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SRS with multi frontend smtp
- Original Message - From: Philip Nix Guru [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Saturday, January 27, 2007 4:54 PM Subject: Re: [qmailtoaster] SRS with multi frontend smtp Actually it is more : incoming : internet - scanners - real box if all scanners are down, internet - real box (lowest mx priority) outgoing : realbox - internet(on that setup, customers email arent scanned, we trust them in a way :) ) I just want to point out that by listing your real box as an mx and not having scanning on it you're going to get spammed hard. I used to run a similar setup a couple of years ago and spammers love to go after lower priority mx servers (higher numbers) because they think it's less likely you have scanning on it. Your real server is going to get targeted by the spammers and bypass the other ones. George. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamhaus - what do you think?
I just replaced the old sbl-xbl.spamhaus.org (zen blocks all the dynamic ones now ... I'd use sorbs if i wanted that) with cbl.abuseat.org which is what blocks most of them anyway. I had sbl-xbl.spamhaus.org right after my cbl rbl list and found it blocked VERY few additional ip's... so I removed it completely. Plus the response time on sbl-xbl.spamhaus.org is horrid at peak times. George. - Original Message - From: Jake Vickers [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 7:21 AM Subject: Re: [qmailtoaster] spamhaus - what do you think? Eric Shubes wrote: There appear to be plenty of BLs out there already. I think we simply need to find a way to manage (classify/rate/select) them. Perhaps it'd be useful to set up any easy way for the toaster to use an anti-rbl list (the capability's built in to rblsmtpd). Each admin could then maintain their own anti-rbl list containing addresses they would like to allow. Keeping it up2date would be a challenge though. This would probably only work with an automated update sort of like dyndns. Just a thought. I agree that there are already a lot of lists out there. The ones that I liked all have either gone away, had serious issues that caused them to be unusable, or changed their policies and made themselves unusable. I was mainly just venting my frustration. I'll look into a vote-type system to link on the wiki somewhere, where we can vote on the RBLs - when I get back this evening. I see where the anti-rbl list could be beneficial, but most of my users are NOT computer people in any way, shape, or form. I have one group of users that I have told 32 times now (I resorted to keeping hash-marks on a sticky-tab every time they called me for this issue) that you cannot email 400M TIFF pictures. They pay well, but they also serious tax my sanity. If I had to then have them give me their IP address or get ANY technical information out of them whatsoever (that includes who their ISP is - really!), it would become a debacle and the owner would force another of his sit-down meetings that are a waste of time. In my situation they definetly would not work. But I did see a user on the list a few months back that was using white-lists. From the little I remember he just put the whitelist first in his blacklists file. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] qtp-newmodel errors
qtp-newmodel doesn't handle djbdns at the moment (I use bind, so testing djbdns is problematic for me). I hope to have it fixed in the next release. Eric, If you have a test version of your installation scripts with djbdns I can run some test installations for you. I have a nice dualcpu server we use to test installations before updating to our public boxes. If you want to specify an OS and such I'll work with that too. Like Cent 4.4 - just specify if you want full or server editions tested. I have working djbdns copies (and a some custom rbl lists installations, ect) on our debian and fedora boxes to reference if needed. Spec of the test box: hp proliant dl380 (g4) w/ dual xeon (3.x) cpu's, 2g ram, dual raid (0 for boot, and 5 for data). George. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] perl module mail::domainkeys
#about adding perl modules from cpan or rpm (which isn't a bad idea on an rpm based system) #we don't have to load through cpan necessarily. You can load modules from the command line too: perl -MCPAN -e 'install Net::DNS'#orperl -e 'use CPAN; install Net::DNS;'When i was installing spamassassin from source (which i still do on several systems) I scripted a bunch of modules to install in this way.George - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Fw: [qmailtoaster] UPDATED PACKAGE: libsrs2-toaster
- submission port 587 The latest qmail-toaster package has a separate smtp process listening on port 587 which acts as a MailSubmissionAgent. This can be used to allow users who would otherwise be blacklisted to submit email, as this MSA does not check blacklists, but requires authentication. Where is the tcp.smtp file for the new smtp process found? The existing one is in /etc/tcprules.d/ I'll guess it has something like this in it (but uses the new auth process): :allow,RELAYCLIENT= George - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Invalid recipient bounces
You shouldn't set the catchall to bounce though... select delete. The dictionary attacks will harvest the valid users if you select bounce! George. - Original Message - From: Nathan Grennan [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, January 12, 2007 12:48 PM Subject: Re: [qmailtoaster] Invalid recipient bounces Eric Shubes wrote: I presume these are coming into your catchall account. Is http://wiki.qmailtoaster.com/index.php/Account_verification_using_badmailto what you're looking for? I thought I had disabled the catchall a while back. I just checked and found it enabled on the postmaster account. I switched it to bounce. This should give me the desired recipient checking without any more backscatter? - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] smtp hanging up
If you have 4 network entries on a single interface, smtp will use the last of them. So for eth0 you have : ifcfg-eth0 ifcfg-eth0:0 ifcfg-eth0:1 ifcfg-eth0:2 The entry you want your primary ip on is 0:2. George. - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 10, 2007 2:16 PM Subject: Re: [qmailtoaster] smtp hanging up Thanks for the pointer, George. Nice thing to know! To be more specific, is that the last one listed by ifconfig? (and what determines that?) George Sweetnam wrote: One thing to keep in mind when adding multiple ip's on a machine... the smtp services will use the LAST ip listed on the box. That can play havoc with reverse dns, tcprules, firewalls, ect. I learned it the hard way with a machine I switched to add additional ip's last year and we started having smtp problems because of it (SPF mainly). George - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, January 04, 2007 11:33 PM Subject: Re: [qmailtoaster] smtp hanging up Erik Espinoza wrote: Sounds like an smtp route is missing in the postfix. I'll buy that, since the /var/log/maillog on the web server says: Jan 4 21:47:51 hostname postfix/smtp[30371]: connect to mail.mydomain.com[10.0.1.70]: No route to host (port 25) (see reply to Jake) Your postfix is probably connecting to the outside static ip instead of attempting to hit 10.0.1.69 directly on the private network. You may be on to something here, but I'm not sure. main.cf for postfix had relayhost = 10.0.1.70. I changed it to 10.0.1.69, and two messages made it through. That seems to have fixed things up somewhat. I'll have to talk with the networking guy tomorrow and see why .70 was used instead of .69. Thanks loads EE. You've pointed me in the right direction! Thanks to Jake and everyone else too! I really appreciate everyone's help. See if, frm a diff machine, you can hit 10.0.1.69 from the outside ip. On 1/4/07, Eric Shubes [EMAIL PROTECTED] wrote: This problem has me stumped at the moment. A (relatively) high volume toaster (10.0.1.69) on CentOS4. It's been running fine for the most part. However, when processing messages from a local web server (10.0.1.66) relayed from postfix, the message doesn't go through. FWIW (doesn't make sense to me) the sending postfix queue shows that the connection timed out or no route to host. I turned on recordio to see what's happening, and here the smtp log for a session: 2007-01-04 18:23:53.798287500 tcpserver: status: 0/100 2007-01-04 18:23:54.875954500 tcpserver: status: 1/100 2007-01-04 18:23:54.875962500 tcpserver: pid 5787 from 10.0.1.66 2007-01-04 18:23:54.875964500 tcpserver: ok 5787 spin4:10.0.1.69:25 :10.0.1.66::43332 2007-01-04 18:23:54.875967500 5787 [EOF] 2007-01-04 18:23:54.970660500 5787 220 mydomain.com - Welcome to Qmail Toaster Ver. 1.3 SMTP Server ESMTP^M 2007-01-04 18:23:54.970671500 5787 [EOF] 2007-01-04 18:23:54.970673500 tcpserver: end 5787 status 256 2007-01-04 18:23:54.970675500 tcpserver: status: 0/100 The smtp session rapidly terminates, out of the blue. I can telnet from the web server to the toaster just fine. tcp.smtp: 127.:allow,RELAYCLIENT= 10.0.1.:allow,RELAYCLIENT= :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private qmail-dk has been taken out (qmail-queue - qmail-queue.orig) timeoutsmtpd: 60 Any thoughts/ideas? -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Ldap Authentication
Switching to ldap means more than just the basic auth has to change, many of the toaster packages have to be rebuilt as well (courier, ect). George. - Original Message - From: Stefano Scalise To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 10, 2007 3:02 AM Subject: Re: [qmailtoaster] Ldap Authentication errata-corrige NOT I need an authentication method qmail-based BUT I need an authentication method ldap-based - Original Message - From: Stefano Scalise To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 10, 2007 9:46 AM Subject: [qmailtoaster] Ldap Authentication Hi to all, I am going to implement a mail server based on qmailtoaster. I saw that qmailtoaster comes with a mysql-based installation. As I need an authentication method qmail-based, do you think it is easily switchable teh authentication from mysql to ldap? Thanks for your answers. Stefano.
Re: [qmailtoaster] smtp hanging up
One thing to keep in mind when adding multiple ip's on a machine... the smtp services will use the LAST ip listed on the box. That can play havoc with reverse dns, tcprules, firewalls, ect. I learned it the hard way with a machine I switched to add additional ip's last year and we started having smtp problems because of it (SPF mainly). George - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, January 04, 2007 11:33 PM Subject: Re: [qmailtoaster] smtp hanging up Erik Espinoza wrote: Sounds like an smtp route is missing in the postfix. I'll buy that, since the /var/log/maillog on the web server says: Jan 4 21:47:51 hostname postfix/smtp[30371]: connect to mail.mydomain.com[10.0.1.70]: No route to host (port 25) (see reply to Jake) Your postfix is probably connecting to the outside static ip instead of attempting to hit 10.0.1.69 directly on the private network. You may be on to something here, but I'm not sure. main.cf for postfix had relayhost = 10.0.1.70. I changed it to 10.0.1.69, and two messages made it through. That seems to have fixed things up somewhat. I'll have to talk with the networking guy tomorrow and see why .70 was used instead of .69. Thanks loads EE. You've pointed me in the right direction! Thanks to Jake and everyone else too! I really appreciate everyone's help. See if, frm a diff machine, you can hit 10.0.1.69 from the outside ip. On 1/4/07, Eric Shubes [EMAIL PROTECTED] wrote: This problem has me stumped at the moment. A (relatively) high volume toaster (10.0.1.69) on CentOS4. It's been running fine for the most part. However, when processing messages from a local web server (10.0.1.66) relayed from postfix, the message doesn't go through. FWIW (doesn't make sense to me) the sending postfix queue shows that the connection timed out or no route to host. I turned on recordio to see what's happening, and here the smtp log for a session: 2007-01-04 18:23:53.798287500 tcpserver: status: 0/100 2007-01-04 18:23:54.875954500 tcpserver: status: 1/100 2007-01-04 18:23:54.875962500 tcpserver: pid 5787 from 10.0.1.66 2007-01-04 18:23:54.875964500 tcpserver: ok 5787 spin4:10.0.1.69:25 :10.0.1.66::43332 2007-01-04 18:23:54.875967500 5787 [EOF] 2007-01-04 18:23:54.970660500 5787 220 mydomain.com - Welcome to Qmail Toaster Ver. 1.3 SMTP Server ESMTP^M 2007-01-04 18:23:54.970671500 5787 [EOF] 2007-01-04 18:23:54.970673500 tcpserver: end 5787 status 256 2007-01-04 18:23:54.970675500 tcpserver: status: 0/100 The smtp session rapidly terminates, out of the blue. I can telnet from the web server to the toaster just fine. tcp.smtp: 127.:allow,RELAYCLIENT= 10.0.1.:allow,RELAYCLIENT= :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private qmail-dk has been taken out (qmail-queue - qmail-queue.orig) timeoutsmtpd: 60 Any thoughts/ideas? -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] simscan clam and spamassasin - please help!!!
It seems likely that something isn't installing completely with your toaster. For spam and clam scanning to be enabled (and show in the headers) they must be installed, functional, and detected by simscan at the point it's updated. Run this from the command line and see if it shows in your headers: /var/qmail/bin/simscanmk /var/qmail/bin/simscanmk -g If you don't see it in the headers (or a test script) then it's likely spamassassin isn't functioning correctly ( tail -10 /var/log/qmail/spamd/current ) George S. - Original Message - From: Hainarosie Razvan [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Monday, November 13, 2006 9:33 AM Subject: Re: [qmailtoaster] simscan clam and spamassasin - please help!!! Hi can anyone give me some advise in the matter written below. I did 3 or 4 fresh install of the qmailtoaster package and I do not kinow where to go. I can not figure out what is wrong. Please help me. Razvan Hainarosie Razvan wrote: I am using a fresh install of Centos 4.2 and the stable version of qmailtoaster package. The problem is with my mail headers that looks like this: Received: from unknown (HELO mail.wavin.ro) (82.76.33.244) by ares.itcompany.ro with (DHE-RSA-AES256-SHA encrypted) SMTP; 12 Nov 2006 11:42:22 - Received-SPF: none (ares.itcompany.ro: domain at wavin.ro does not designate permitted sender hosts) Received: (qmail 3068 invoked by uid 89); 12 Nov 2006 11:19:56 - Received: by simscan 1.2.0 ppid: 3060, pid: 3063, t: 0.2296s scanners: attach: 1.2.0 clamav: 0.88.5/m:41/d:2186 Received: from unknown (HELO raluca) ([EMAIL PROTECTED]@192.168.10.100) by mail.wavin.ro with ESMTPA; 12 Nov 2006 11:19:56 - From: sss [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: test Date: Sun, 12 Nov 2006 13:19:52 +0200 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary==_NextPart_000__01C7065D.3E543660 X-Mailer: Microsoft Office Outlook, Build 11.0.6353 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 Thread-Index: AccGTHBYvrpWPJSET72raOCVU0DbNA== Why I can not find spam at the scanners: attach: 1.2.0 clamav: 0.88.5/m:41/d:2186 line Maybe is a stupid question but I am not able to solve it. PLease help me, Thanks, Razvan What does your /var/qmail/control/simcontrol file contain? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] my simcontrol file is: :clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif and my tcp.smtp file look like this 127.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=15,CHKUSER_WRONGRCPTLIMIT=3,QMAILQUEUE=/var/qmail/bin/simscan 192.168.1.:allow,RELAYCLIENT=,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=40,CHKUSER_WRONGRCPTLIMIT=20,QMAILQUEUE=/var/qmail/bin/simscan :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=3,QMAILQUEUE=/var/qmail/bin/simscan - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] clamav vulnerability
- Original Message - From: Erik Espinoza [EMAIL PROTECTED] Incorrect, but close. 1) download the src.rpm 2) compile 3) service qmail stop 4) rpm -e --nodeps clamav-toaster 5) install the compiled binary 6) service qmail cdb (rebuild versions) 7) service qmail start How about this: ### 1) #note: for spamassassin upgrades you should backup the local.cf file: DATENAME=`date +%Y%m%d` cp /etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf.$DATENAME 2) download the src.rpm wget http://devel.qmailtoaster.com/download/clamav-toaster-0.90RC1-1.3.5.src.rpm -P /usr/src/redhat/SOURCES wget http://www.qmailtoaster.com/download/stable/spamassassin-toaster-3.1.7-1.3.5.src.rpm - P /usr/src/redhat/SOURCES wget http://www.qmailtoaster.com/download/stable/qmail-toaster-1.03-1.3.6.src.rpm -P /usr/src/redhat/SOURCES 3) change to the install dir and compile it (use your distro, ie cnt4, fdr40, fdr50) cd /usr/src/redhat/SOURCES/ rpmbuild --rebuild --with fdr50 clamav-toaster-0.90RC1-1.3.5.src.rpm cd /usr/src/redhat/SOURCES/ rpmbuild --rebuild --with fdr50 spamassassin-toaster-3.1.7-1.3.5.src.rpm cd /usr/src/redhat/SOURCES/ rpmbuild --rebuild --with fdr50 qmail-toaster-1.03-1.3.6.src.rpm 4) stop the qmail services prior to updating or removing any rpms service qmail stop service qmail stat #note: all should be stopped status prior to proceeding 5) remove the old rpm clamav and spamassassin (the others just skip to #6) rpm -e --nodeps clamav-toaster rpm -e --nodeps spamassassin-toaster 6) install the compiled binary rpm -Uvh /usr/src/redhat/RPMS/i386/clamav-toaster-0.90RC1-1.3.5.i386.rpm rpm -Uvh /usr/src/redhat/RPMS/i386/spamassassin-toaster-3.1.7-1.3.5.i386.rpm rpm -Uvh /usr/src/redhat/RPMS/i386/qmail-toaster-1.03-1.3.6.i386.rpm 7) service qmail cdb (rebuild versions) 8) service qmail start 9) SPAMASSASSIN ONLY: If you upgraded spamassassin, copy the new file and then replace with your backup file: mv /etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf.orig DATENAME=`date +%Y%m%d` mv /etc/mail/spamassassin/local.cf.$DATENAME /etc/mail/spamassassin/local.cf #note you will now have a local.cf, local.cf.orig, and a local.cf.dateofbackup 9) test it: mkdir /test echo just testing /test/mailtest.txt env QMAILQUEUE=/var/qmail/bin/simscan SIMSCAN_DEBUG=2 /var/qmail/bin/qmail-inject [EMAIL PROTECTED] /test/mailtest.txt ### - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Archiving/Mail Storage?
I have a similar setup on one of my company servers. One domain is tapped and archived in a box for 90 days. I just use a find script (nightly cron) and have it remove files in the dir older than 90 days. George S - Original Message - From: Peter Peltonen [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Monday, October 16, 2006 9:58 AM Subject: Re: [qmailtoaster] Archiving/Mail Storage? On 10/16/06, Peter Peltonen [EMAIL PROTECTED] wrote: If there are not that many accounts, you could just make a forward (copy) all incoming mail to another storage account (that you must first create, of course)? This can be done from qmailadmin. If there are many accounts... Hm, I think that If you want to archive all already existing mail, just copying the message files from the Maildir to the storage account's Maildir should work (never tried that though) or use imapsync: http://www.linux-france.org/prj/imapsync/ (I've found it quite handy when I must transfer existing mail from one server to another). Of course the setup I suggested only archives incoming mail. So qmail-tap looks like the right solution here. Regards, Peter - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Pls suggest on Spamassassin to catch spam
Jakes right, "CHKUSER_WRONGRCPTLIMIT="200"" is WAY too high. One of our big servers averages over 5 messages a second and it's set to 3 (which might be a little low for some people). The idea is to stop dictionary attacks to your domain... at worst you'll only get 3-5 messages through before they are told to go away. George S. - Original Message - From: Jake Vickers To: qmailtoaster-list@qmailtoaster.com Sent: Monday, October 16, 2006 6:35 AM Subject: Re: [qmailtoaster] Pls suggest on Spamassassin to catch spam ashok wrote: Dear All,, Im newbie for Spamassassin. I have installed qmail-toaster and running my qmail server fine. Only problem is with SPAM getting lots of Viagra , extra pounds ,online games etc These are the below info for you to analyse [EMAIL PROTECTED] ~]# cat /etc/tcprules.d/tcp.smtp #Once edited this pls execute #tcprules tcp.smtp.cdb .tcp.smtp.tmp tcp.smtp 127.:allow,RELAYCLIENT="" 206.13.200.66:allow,RELAYCLIENT="" #125.22.36.22:allow,RELAYCLIENT="" :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="200",CHKUSER_WRONGRCPTLIMIT="200" I can see the reason for 200 on the chkuser function, but 200 on the wrongrcptlimit is WAY too high. This should be more like 5 or 10.Add some more rules, and look at SURBL. They will help catch a lot of your spam. For the messages that are sending excerpts from books and pasting a GIF file over it, there's not a good fix to this yet.
Re: [qmailtoaster] Problem disabling Web access for users
Title: Messaggio You couldblock 127.0.0.1 on port 143 (not sure if this will have any other repercussions though) , but why not just disable or put a .htaccess file on the webmail via apache? George Sweetnam - Original Message - From: Taxxolo To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, October 10, 2006 5:07 AM Subject: [qmailtoaster] Problem disabling Web access for users Hi all, i've set the "Disable web access" options on all the users of my domain. In the Mysql vpopmail database all the users have got the value "4" into pw_gid field. But the server continue to accept the connection with squirrell webmail. Only if i disable the imap access,the connectionvia web doesn't work but doesn't work the local imap connection too... These are my Qmailtoasterpackages: daemontools-toaster-0.76-1.2.11qmail-toaster-1.03-1.3.2control-panel-toaster-0.5-1.2.9qmailmrtg-toaster-4.2-1.2.11vqadmin-toaster-2.3.4-1.2.13simscan-toaster-1.2-1.2.7ucspi-tcp-toaster-0.88-1.2.11qmail-pop3d-toaster-1.03-1.3.2autorespond-toaster-2.0.4-1.2.9ezmlm-toaster-0.53.324-1.2.11qmailadmin-toaster-1.2.9-1.2.13maildrop-toaster-1.8.1-1.2.11isoqlog-toaster-2.1-1.2.10squirrelmail-toaster-1.4.6-1.2.15clamav-toaster-0.88.2-1.2.15vpopmail-toaster-5.4.13-1.2.12courier-imap-toaster-3.0.8-1.2.10ezmlm-cgi-toaster-0.53.324-1.2.11maildrop-toaster-devel-1.8.1-1.2.11spamassassin-toaster-3.1.1-1.2.14 What can i do? Thanks Paolo
Re: [qmailtoaster] slowness in sending large # of messages:SOLVED
If you've been playing with tcp.smtp, it'd be a good idea to check for relay issues: http://www.abuse.net/relay.html George Sweetnam - Original Message - From: Michael Handiboe [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, October 10, 2006 1:37 PM Subject: Re: [qmailtoaster] slowness in sending large # of messages:SOLVED Jake Vickers wrote: 127. applies rules only to the mail server host itself (or 'local' mail? So what's the difference?) a.b.c.d applies rules to only mail sent from a.b.c.d to the mail host and then the :allow line applies to everyone? OR everyone not explicitly listed above? 127 is for local emails, such as the webmail (SquirrelMail). a.b.c.d applies for that specific IP address. :allow is for any connection that does not fall under the first rules. Problem solved and I see where I was being tripped over. Reason: I think it's because I wasn't working with a new and freshly built QT. I had to put the chkuser_settings.h file into the right place (it wasn't where this http://wiki.qmailtoaster.com/index.php/Chkuser said it would be) and edit it and follow the directions AND modify my /etc/tcprules.d/tcp.smtp file appropriately. My customer is now able to send 40+ messages in about 2 seconds. Hooray! I suffered only a little pain :) . --Michael - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] A little question
Here's a link: http://www.palomine.net/qmail/tarpit.patch Basically it just says after X (tarpitcount) # of messages then start delaying them X (tarpitdelay) seconds. George Sweetnam - Original Message - From: Özgür Kolukısa To: qmailtoaster-list@qmailtoaster.com Sent: Tuesday, October 10, 2006 3:08 AM Subject: [qmailtoaster] A little question Good days, I have a little question, what is,what does and howto use tarpit? Can anybody explain it to me? Regards
[qmailtoaster] Spamassassin user preferences
Hi all; I have setup Spamassassin score relatively low at the moment (at 3), but would like to lower it still for one user. Default conf file mentions the possibility of providing an overwrite in user home directory but this did not really have any effect, probably that's expected, as qmailtoaster has virtual email users. Is there a way to control spamassassin at the email user level ? George - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Catchall
Here are some options (delete, bounce, forward to, and send to another domain): | /home/vpopmail/bin/vdelivermail '' delete | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox |/home/vpopmail/bin/vdelivermail '' [EMAIL PROTECTED] |/home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/domain.com/postmaster George - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, September 28, 2006 9:48 AM Subject: Re: [qmailtoaster] Catchall I'm not familiar with that version of qmailadmin. The 1.3 toaster version allows you to specify which account is used for catchall. There is no option (that I see) for bouncing catchall. I would try turning off catchall bounced, and set postmaster as catchall account. K Anand wrote: Hi, I have not set any account as catchall...From the qmailadin, I used the Set Catchall bounced option. I'm running qmail-toaster-1.03-1.2.10 with qmailadmin-toaster-1.2.9-1.2.11. Should I mark any account as a catchall account or by default it is set to some account ?? I just saw that the postmaster account was not set as a catchall account. Anand - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, September 27, 2006 8:45 PM Subject: Re: [qmailtoaster] Catchall K Anand wrote: OK ..thanx for the confirmation...So how do I stop these double bounces from filling up the mailbox of postmaster ?? Anand Don't bounce catchall email. IOW, set your catchall (postmaster or other) account to standard routing. BTW, how did you set your catchall account to bounce? I don't see such an option. What version of toaster are you running? -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] RE: duplicate emails
Humm... in the past I used an init script as well, but discovered that using daemontools to manage it (and run it as a spamd too) was a better idea. I still cannot start spamassassin by using /etc/init.d/spamassassin restart Look at your processes and see if you are running spamd (spamd child)... it's a MUCH more efficient way to call spamassassin. If you shut down your inet process you can always manually run it from the console and directly see the error messages too (highly recommened). I suspect you aren't using spamd and you will run out of memory FAST under any kind of load if that's the case. I do this to manually watch it and troubleshoot (yes you can read the logs, but you can react faster and change the start options more quickly: svc -d /var/qmail/supervise/spamd /usr/bin/spamd -m5 -l -x -u vpopmail ctl + c to exit svc -u /var/qmail/supervise/spamd Don't forget to start the init or daemon back up though or your mail will hang waitng on it. The above spamd line is normally exec'd in this file (format is slightly different though): /var/qmail/supervise/spamd/run George Sweetnam - Original Message - From: Steve Ingraham [EMAIL PROTECTED] To: users@spamassassin.apache.org; qmailtoaster-list@qmailtoaster.com; qmail@list.cr.yp.to Sent: Thursday, September 28, 2006 1:51 PM Subject: [qmailtoaster] RE: duplicate emails Loren Wilton wrote: I did notice one possible problem in that debug output. There was an 'inappropriate ioctl for device' message in the whitelist stuff near the end. This is something that has been a problem for other and has been discussed before, but I don't recall what the usual fix is to solve this problem. I don't think it is causing your duplicate emails, but there is a minor nit there that is probably making AWL not work right. Thanks for the information Loren, it appears that email is delivering normally again. I definitely would not know enough of what I was doing to start changing anything with this issue. I feel shell shocked for now and want to leave well enough alone now that things are functioning again. I really do think I need an expert to look over my configuration. Who knows what I may have screwed up? I will say that I don't know for sure. As a note, I think I may know what could have caused my problems with duplicate emails. I do believe that when I ran the RDJ script and attempted to update the rules this bogged down the email server. As Jake mentioned the other day, this caused delivery problems with qmail. Once I stopped the update; removed all of the rules out of /etc/mail/spamassassin and rebooted the server (I still cannot start spamassassin by using /etc/init.d/spamassassin restart), email started delivering normally. It appears that the server resources were being maxed out. On another note, I believe I had a compounding problem with our internal email server running Exchange 2000 that coincided with the above problem. The C: drive on that server filled up and thus stopped the Microsoft Exchange MTA Stack service that evidently delivers mail from non-Exchange systems. Here is Microsoft's description of the function of the Exchange MTA Stack service: The Microsoft Exchange MTA Stacks service (MTA) routes messages through X.400 and gateway connectors to non-Exchange messaging systems. In a mixed environment with servers running Exchange Server 5.5 in the local routing group, the MTA is also used to transfer messages between Exchange Server 2003 and Exchange Server 5.5. This occurs because Exchange Server 5.5 MTAs communicate with each other in the local site directly through RPCs. Exchange Server 2003 must rely on this communication method for backward compatibility. The executable file of the Microsoft Exchange MTA Stacks service is EMSMTA.exe, which is located in the \Program Files\Exchsrvr\bin directory. This service depends on System Attendant and maintains its own specific message queues outside the Exchange store in the \Program Files\Exchsrvr\Mtadata directory. The registry key is HKEY_Local_Machine\System\CurrentControlSet\Services\MSExchangeMTA. Note You should leave the Microsoft Exchange MTA Stacks service running, so that server monitors in their default configuration do not report a server running Exchange Server as unavailable. These two things I think were Cause 1 and Cause 2 of my failure, at least I think they were. I will say that stopping the RDJ update and removing all unnecessary rule sets out of /etc/mail/spamassassin helped get the system delivering again, furthermore, once I freed up space on the Exchange 2000 machine and restarted the MTA Stack service things started going back to normal. Of course this brings me right back to my original reason for starting this process this week. Our users are getting a lot of spam in their mailboxes that I was trying to block from getting through by updating rules in spamassassin. George, I have included some of the things you mentioned
Re: [qmailtoaster] problem receiving remote email
Since it worked when you disabled simscan you should turn it back on again and manually disable the spam and clam in the control file for it. spam=no,clam=no On the line above the default entry (it reads down from the top put a line specific to your email address). Turn spam off for all domains. Then send a test message to the [EMAIL PROTECTED] and see if you can get it to that box. [EMAIL PROTECTED]:clam=yes,spam=yes,trophie=yes,spam_hits=20,attach=.scr:.bat:.com:.pif:.exe:.vbs:.lnk:.wsh:.hta [EMAIL PROTECTED]:clam=yes,spam=no,trophie=yes,attach=.scr:.bat:.com:.pif:.exe:.vbs:.lnk:.wsh:.hta :clam=no,spam=no,trophie=no,spam_hits=5.5,attach=.scr:.bat:.com:.pif:.exe:.vbs:.lnk:.wsh:.hta Then do this: /var/qmail/bin/simscanmk /var/qmail/bin/simscanmk -g It's likely you did an update to spamassassin and forgot to update the simscan db file (-g command) previously to the network issue. Then when you were having the problem rebooted the machine or restarted qmail, which made the update effective. George Sweetnam - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list qmailtoaster-list@qmailtoaster.com Sent: Wednesday, September 27, 2006 12:03 PM Subject: [qmailtoaster] problem receiving remote email I'm trying to track down a problem with a high volume server and would appreciate any insights. To begin with, there was a networking problem which I know nothing about that apparently started this whole ordeal. The network problem is allegedly fixed, but the email problem persists. The smtp log appears to be normal, except that there are no simscan messages. A test email eventually bounced with Sorry, I wasn't able to establish an SMTP connection. (#4.4.1). Something's misleading though, as I saw the smtp session for this message in the log, and it ended with status 0 (but no simscan record). Guessing that simscan (or more likely something within it like SA or clamav) was having a problem, I disabled simscan, and mail is flowing once again. Any ideas what might be the problem here? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] duplicate emails
You need the -r which means to use as a rejection list -a is a white list (don't run through an rbl). I don't have any problems using multiple lines when entering then in the blacklists file... putting it directly into the smtp/run file without a \ on the end of the line would be foolish though. Use the qmail-inject line I sent last time to test your email...it'll show you where it's failing. George. - Original Message - From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Cc: [EMAIL PROTECTED] Sent: Wednesday, September 27, 2006 6:12 PM Subject: Re: [qmailtoaster] duplicate emails Steve Ingraham wrote: Eric (Shubes) wrote: Caution: the contents of /var/qmail/control/blacklists must be on a single line (I think - you might be able to escape the newline (CR), but I'm not sure w/out testing it). Eric, can you explain what you are referring to in your Caution statement above? Do you mean that all of the content should be listed on one line? So using an example from George's blacklist below the content should look like: -r sbl.spamhaus.org -r bl.spamcop.net -r relays.ordb.org . . . etc. Yes, that looks good. If this is the way it needs to be input into the blacklists file should there be commas, spaces or something else between each entry? Just spaces between each entry. No commas, only space(s). If not, then I guess I am a little confused on what you are referring to. Don't put them on separate lines. Steve Ingraham ___ George Sweetnam wrote: You might also want to add some additional blacklists from orbs (don't do the all-in-one). Some like the dynamic shouldn't be used, but the exploited server rbl is very handy. I added 5 or 6 to my servers and it's helped even more. The content of my current blacklists control file (I does change): -r sbl.spamhaus.org -r bl.spamcop.net -r relays.ordb.org -r block.dnsbl.sorbs.net -r http.dnsbl.sorbs.net -r misc.dnsbl.sorbs.net -r rhsbl.sorbs.net -r smtp.dnsbl.sorbs.net -r socks.dnsbl.sorbs.net -r spam.dnsbl.sorbs.net -r web.dnsbl.sorbs.net -r zombie.dnsbl.sorbs.net Just eliminate the biggest files in your setup - comment out BLACKLIST and BLACKLIST_URL from your config. Those two are huge and taking them out of my setup returned my system to normal behavior. Thanks, I will look at adding to my blacklists control file. Can you tell me what the -r command means? Steve Ingraham --Original Message-- Steve Ingraham wrote: I need help with a problem. Our users are seeing some multiple duplicate emails coming from the same sender. This is not occurring with every email so there does not seem to be any pattern to which incoming emails will be duplicated and which ones won't. They are also reporting that duplicate emails are sent when they send to an outside email. Has anyone experienced this problem before? What could be causing this to occur and what can I do to stop this? I am running qmailtoaster and spamassassin as an external email gateway. There has been nothing changed with qmail but I did update some rules in SA using rules_du_jour yesterday. Would these rules updates cause this problem? If so, what would have changed? Jake Vickers wrote: If your system is low on resources (ie: RAM), then the spamd process can take too long, making Toaster think the mail got lost somewhere, so it resends it. Might want to check and see how much RAM you're using. I want to thank everyone who posted a reply on my inquiry. I believe Jake Vickers was right about the problem. The RAM on the email server was bogged down since yesterday when I updated the various .cf files using rules_du_jour. I had included just a handful of rules from RDJ but it appears that RDJ utilizes much too much of my server resources to use it to update my spamassassin rules. It was slowing down the server so much that simple functions were not responding. This appears to have affected the delivery of emails. In fact I noticed that my original message to these mail lists took several hours to post and were duplicated also. I resolved the problem by moving the various rules .cf files out of the /etc/mail/spamassassin folder and restarting spamassassin. If anyone has a simple way of updating rules for spamassassin I would welcome your input. I still need to update the rules as I have been getting a great number of emails coming through to users. Specifically, we are getting a lot of the pharmaceutical spam and the stock spam. Again, thanks to everyone for the posts. Steve Ingraham -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED
Re: [qmailtoaster] duplicate emails
You should always test the mail going through your server when you make changes like that. Anyone making changes to spamassassin, rbl's, clamav, ssattach, ect should be sending a test message to see if/where it hangs. Most of the time you'll see it's stuck on spamc. I have a short script I've made to test mail myself (/home/testmail.sh) and it makes life much easier. It's a good idea to look for errors with: spamassassin -D --lint ===repost (i've saved this one now!) === Anytime I make updates to the mailserver settings I also using qmail-inject to send a message through (great for showing what is failing): echo mail test message /tmp/mailtest.txt env QMAILQUEUE=/var/qmail/bin/simscan SIMSCAN_DEBUG=2 /var/qmail/bin/qmail-inject [EMAIL PROTECTED] /tmp/mailtest.txt == George Sweetnam - Original Message - From: Steve Ingraham To: qmailtoaster-list@qmailtoaster.com ; users@spamassassin.apache.org ; qmail@list.cr.yp.to Sent: Tuesday, September 26, 2006 4:39 PM Subject: RE: [qmailtoaster] duplicate emails Steve Ingraham wrote: I need help with a problem. Our users are seeing some multiple duplicate emails coming from the same sender. This is not occurring with every email so there does not seem to be any pattern to which incoming emails will be duplicated and which ones won't. They are also reporting that duplicate emails are sent when they send to an outside email. Has anyone experienced this problem before? What could be causing this to occur and what can I do to stop this? I am running qmailtoaster and spamassassin as an external email gateway. There has been nothing changed with qmail but I did update some rules in SA using rules_du_jour yesterday. Would these rules updates cause this problem? If so, what would have changed? Jake Vickers wrote: If your system is low on resources (ie: RAM), then the spamd process can take too long, making Toaster think the mail got lost somewhere, so it resends it. Might want to check and see how much RAM you're using. I want to thank everyone who posted a reply on my inquiry. I believe Jake Vickers was right about the problem. The RAM on the email server was bogged down since yesterday when I updated the various .cf files using rules_du_jour. I had included just a handful of rules from RDJ but it appears that RDJ utilizes much too much of my server resources to use it to update my spamassassin rules. It was slowing down the server so much that simple functions were not responding. This appears to have affected the delivery of emails. In fact I noticed that my original message to these mail lists took several hours to post and were duplicated also. I resolved the problem by moving the various rules .cf files out of the /etc/mail/spamassassin folder and restarting spamassassin. If anyone has a simple way of updating rules for spamassassin I would welcome your input. I still need to update the rules as I have been getting a great number of emails coming through to users. Specifically, we are getting a lot of the pharmaceutical spam and the stock spam. Again, thanks to everyone for the posts. Steve Ingraham - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] can not recieve mail
Title: Message Make sure to login to your registrars account and modify the name servers created for your domian (for directnic I choose the "modify name servers") This is not to be confused with modifying dns servers listed for your domain. If it's not changed there nothing will update properly. Also, don't be fooled into thinking changing ip's will work. It's named based...the ip's will follow. Actually, upon reading your zone file... try updating the serial... it was last updated in 2004 according to it's value. George - Original Message - From: Chris Marcellin To: qmailtoaster-list@qmailtoaster.com Sent: Sunday, September 24, 2006 4:42 PM Subject: Re: [qmailtoaster] can not recieve mail oh, you said parent servers. sorry, i thought you meant my "DNS bind" servers. yeah, it does look like it is stemming from the parent servers, but, unfortunately i have no control over that, and like i said it's had more than enough time to propagate. is there a way to fix this?Chris Marcellin wrote: Jon;I know, that's the test i did to confirm my problems. The records at my parent servers are fine.here's a copy of my bind zone file for canus.org:$TTL 86400$ORIGIN canus.org.@ IN SOA ns1.canus.org. postmaster.canus.org. ( 2004042731 ; serial 21600 ; refresh 3600 ; retry 604800 ; expires 86400 ) ; minimum IN NS ns1.canus.org. IN NS ns.teksavvy.com. IN NS mail.canus.org. IN MX 10 webmail.canus.org. IN A 206.248.143.18ns1 IN A 206.248.143.18mail IN A 206.248.143.19www IN A 206.248.143.18pop3 IN A 206.248.143.19smtp IN A 206.248.143.19webmail IN A 206.248.143.19_domainkey.canus.org IN TXT "t=y; o=-; [EMAIL PROTECTED]"private._domainkey IN TXT "k=rsa; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMAUw1o85CevJFR9sE6a271S5LNbKCAMnVCFQvnKvdZHhwxGd+nvwgtTSptGEylx1QIDAQAB"canus.org. IN TXT "v=spf1 ip4:206.248.143.16/29 ip4:206.248.139.43 a mx ptr ~all"webmail.canus.org. IN TXT "v=spf1 a -all"Jon Darrington wrote: Chris, Have a quick look at: http://www.dnsreport.com/tools/dnsreport.ch?domain=canus.org it suggests that the problems stem from differences with your records at your parent servers. Hope this helps, Jon -Original Message-From: Chris Marcellin [mailto:[EMAIL PROTECTED]] Sent: 24 September 2006 21:21To: qmailtoaster-list@qmailtoaster.comSubject: Re: [qmailtoaster] can not recieve mailto make matters even more interesting. i have a dns problem. i can't figure it out, as well, and my ISP's DNS administrator can't figure it out too. a while back, my dns servers were, ns.canus.org and ns1.canus.org, ns1.teksavvy.com. however, i changed that to ns1.canus.org, and mail.canus.org. i did all the configurations correctly, and it's been about 4 weeks now that i have made the changes, so, it has had plenty of time for the root servers to propagate. but, the root servers still have ns.canus.org in their database. and because of that, my dns isn't working perfectly. anyone have any ideas what the problem or solution can be.Jon Darrington wrote: Hi Chris, I could not get an smtp reply or any other typical response(http, https, icmp - ping), so thought there was no server there- hence the question as to had your ip changed. Glad it's all sorted now, Jon -Original Message-From: Chris Marcellin [mailto:[EMAIL PROTECTED]] Sent: 24 September 2006 15:27To: qmailtoaster-list@qmailtoaster.comSubject: Re: [qmailtoaster] can not recieve mailHi Jon;sorry, i should have replied back to my message. the funny thing is, when i connection got dropped, and while i was troubleshooting it with my ISP, they forgot tore-enable my subnet of static ip's. i finally figured that out when i just couldn't get any sort of replied from outside regarding smtp. i then called them and askedif whether my static ip's were set, ps.so, I thank you Jon. just out of curiosity, what sort of replies did you get when you looked up those ip's below?ChrisJon Darrington wrote: Chris, I have no idea of what kind of connnection you are on, but have you checked that when the connection was dropped they did not change your ip. I have just done a couple of lookups and get different replies ie 206.248.143.18 and 206.248.143.19 for smtp.canus.org.
Re: [qmailtoaster] can not recieve mail
Title: Message 2004042731 ; serial - Original Message - From: Chris Marcellin To: qmailtoaster-list@qmailtoaster.com Sent: Monday, September 25, 2006 8:41 PM Subject: Re: [qmailtoaster] can not recieve mail I hear you. I already went to my registrar's DNS configuration, and updated it. The last time i changed the serial was yesterday. what do you mean last updated in 2004? how can you determine by the serial the last update, this is new to me, please give me more info.Thans GeorgeGeorge Sweetnam wrote: Make sure to login to your registrars account and modify the name servers created for your domian (for directnic I choose the "modify name servers") This is not to be confused with modifying dns servers listed for your domain. If it's not changed there nothing will update properly. Also, don't be fooled into thinking changing ip's will work. It's named based...the ip's will follow. Actually, upon reading your zone file... try updating the serial... it was last updated in 2004 according to it's value. George - Original Message - From: Chris Marcellin To: qmailtoaster-list@qmailtoaster.com Sent: Sunday, September 24, 2006 4:42 PM Subject: Re: [qmailtoaster] can not recieve mail oh, you said parent servers. sorry, i thought you meant my "DNS bind" servers. yeah, it does look like it is stemming from the parent servers, but, unfortunately i have no control over that, and like i said it's had more than enough time to propagate. is there a way to fix this?Chris Marcellin wrote: Jon;I know, that's the test i did to confirm my problems. The records at my parent servers are fine.here's a copy of my bind zone file for canus.org:$TTL 86400$ORIGIN canus.org.@ IN SOA ns1.canus.org. postmaster.canus.org. ( 2004042731 ; serial 21600 ; refresh 3600 ; retry 604800 ; expires 86400 ) ; minimum IN NS ns1.canus.org. IN NS ns.teksavvy.com. IN NS mail.canus.org. IN MX 10 webmail.canus.org. IN A 206.248.143.18ns1 IN A 206.248.143.18mail IN A 206.248.143.19www IN A 206.248.143.18pop3 IN A 206.248.143.19smtp IN A 206.248.143.19webmail IN A 206.248.143.19_domainkey.canus.org IN TXT "t=y; o=-; [EMAIL PROTECTED]"private._domainkey IN TXT "k=rsa; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMAUw1o85CevJFR9sE6a271S5LNbKCAMnVCFQvnKvdZHhwxGd+nvwgtTSptGEylx1QIDAQAB"canus.org. IN TXT "v=spf1 ip4:206.248.143.16/29 ip4:206.248.139.43 a mx ptr ~all"webmail.canus.org. IN TXT "v=spf1 a -all"Jon Darrington wrote: Chris, Have a quick look at: http://www.dnsreport.com/tools/dnsreport.ch?domain=canus.org it suggests that the problems stem from differences with your records at your parent servers. Hope this helps, Jon -Original Message-From: Chris Marcellin [mailto:[EMAIL PROTECTED]] Sent: 24 September 2006 21:21To: qmailtoaster-list@qmailtoaster.comSubject: Re: [qmailtoaster] can not recieve mailto make matters even more interesting. i have a dns problem. i can't figure it out, as well, and my ISP's DNS administrator can't figure it out too. a while back, my dns servers were, ns.canus.org and ns1.canus.org, ns1.teksavvy.com. however, i changed that to ns1.canus.org, and mail.canus.org. i did all the configurations correctly, and it's been about 4 weeks now that i have made the changes, so, it has had plenty of time for the root servers to propagate. but, the root servers still have ns.canus.org in their database. and because of that, my dns isn't working perfectly. anyone have any ideas what the problem or solution can be.Jon Darrington wrote: Hi Chris, I could not get an smtp reply or any other typical response(http, https, icmp - ping), so thought there was no server there- hence the question as to had your ip changed. Glad it's all sorted now, Jon -Original Message-From: Chris Marcellin [mailto:[EMAIL PROTECTED]] Sent: 24 September 2006 15:27To: qmailtoaster-list@qmailtoaster.comSubject: Re: [qmailtoaster] can not recieve mailHi Jon;sorry, i should have replied back to my message. the funny thing is, when i connection got dropped, and while i was troubleshooting it with my ISP, they forgot tore-enable my subnet of static ip's. i finally figured that out when i just cou
Re: [qmailtoaster] can not recieve mail
True, it just has to be incremented, but it's hard to tell if it's been updated if it's not using the date. Upon a second look it does appear someone has added another digit to it too... yuck. I'd hate to try and keep up with the updates to zone files not in date format. George - Original Message - From: Erik Espinoza [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Monday, September 25, 2006 8:46 PM Subject: Re: [qmailtoaster] can not recieve mail Serial numbesr do not have to follow the date. It's a suggestion and not a requirement of the protocol. Erik On 9/25/06, Chris Marcellin [EMAIL PROTECTED] wrote: I hear you. I already went to my registrar's DNS configuration, and updated it. The last time i changed the serial was yesterday. what do you mean last updated in 2004? how can you determine by the serial the last update, this is new to me, please give me more info. Thans George George Sweetnam wrote: Make sure to login to your registrars account and modify the name servers created for your domian (for directnic I choose the modify name servers) This is not to be confused with modifying dns servers listed for your domain. If it's not changed there nothing will update properly. Also, don't be fooled into thinking changing ip's will work. It's named based...the ip's will follow. Actually, upon reading your zone file... try updating the serial... it was last updated in 2004 according to it's value. George - Original Message - From: Chris Marcellin To: qmailtoaster-list@qmailtoaster.com Sent: Sunday, September 24, 2006 4:42 PM Subject: Re: [qmailtoaster] can not recieve mail oh, you said parent servers. sorry, i thought you meant my DNS bind servers. yeah, it does look like it is stemming from the parent servers, but, unfortunately i have no control over that, and like i said it's had more than enough time to propagate. is there a way to fix this? Chris Marcellin wrote: Jon; I know, that's the test i did to confirm my problems. The records at my parent servers are fine. here's a copy of my bind zone file for canus.org: $TTL86400 $ORIGIN canus.org. @ IN SOA ns1.canus.org. postmaster.canus.org. ( 2004042731 ; serial 21600 ; refresh 3600; retry 604800 ; expires 86400 ) ; minimum IN NS ns1.canus.org. IN NS ns.teksavvy.com. IN NS mail.canus.org. IN MX 10 webmail.canus.org. IN A 206.248.143.18 ns1 IN A 206.248.143.18 mailIN A 206.248.143.19 www IN A 206.248.143.18 pop3IN A 206.248.143.19 smtpIN A 206.248.143.19 webmail IN A 206.248.143.19 _domainkey.canus.org IN TXT t=y; o=-; [EMAIL PROTECTED] private._domainkey IN TXT k=rsa; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOA IxAMAUw1o85CevJFR9sE6a271S5LNbKCAMnVCFQvnKvdZHhwxGd+nvwgtTSptGEylx1QIDAQAB canus.org. IN TXT v=spf1 ip4:206.248.143.16/29 ip4:206.24 8.139.43 a mx ptr ~all webmail.canus.org. IN TXT v=spf1 a -all Jon Darrington wrote: Chris, Have a quick look at: http://www.dnsreport.com/tools/dnsreport.ch?domain=canus.org it suggests that the problems stem from differences with your records at your parent servers. Hope this helps, Jon -Original Message- From: Chris Marcellin [mailto:[EMAIL PROTECTED] Sent: 24 September 2006 21:21 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] can not recieve mail to make matters even more interesting. i have a dns problem. i can't figure it out, as well, and my ISP's DNS administrator can't figure it out too. a while back, my dns servers were, ns.canus.org and ns1.canus.org, ns1.teksavvy.com. however, i changed that to ns1.canus.org, and mail.canus.org. i did all the configurations correctly, and it's been about 4 weeks now that i have made the changes, so, it has had plenty of time for the root servers to propagate. but, the root servers still have ns.canus.org in their database. and because of that, my dns isn't working perfectly. anyone have any ideas what the problem or solution can be. Jon Darrington wrote: Hi Chris, I could not get an smtp reply or any other typical response (http, https, icmp - ping), so thought there was no server there - hence the question as to had your ip changed. Glad it's all sorted now, Jon -Original Message- From: Chris Marcellin [mailto:[EMAIL PROTECTED] Sent: 24 September 2006 15:27 To: qmailtoaster-list
Re: [qmailtoaster] qmail-toaster and kurobox
Well, I gave it a shot and this email is send from toaster running on a kurobox :-). It was surprisingly easy. Me being almost a newbie, this is a testimony to truly incredible work done both in the kurobox and qmail-toaster community. Unbelievable. As far as installation is concerned, I had only 1 issue. I could not start iptables, error message iptables v1.3.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. I'm running 2.6.17.1 kernel patched for kurobox, and I'm sure sooner or later a solution will present itself, did not have time to investigate. In broad outline, the steps to install qmail-toaster are just combination of kurobox and qmail-toaster wikis: install default os on kurobox http://www.kurobox.com/mwiki/index.php/Manual_Setup install U-boot and Fedora Core 5 http://www.kurobox.com/mwiki/index.php/Install_Fedora_Core_5 install qmail-toaster for FC5 http://www.qmailtoaster.com/centos/cnt40/EZ-QmailToaster-CentOS-4.3.txt you need to change architecture in fdr50-install-script.sh from i386 to ppc And that's all, takes a long time, but it works. In case you wonder what the big deal is here with kurobox. It is a tiny headless server, PPC 260 MHz processor with 128 MB ram, 2 usb ports and 1 GB ethernet. It is dead quiet (less 20db) and installs one internal PATA drive (I have 750MB Seagate...). Dimensions are less than a hardcover book. Kurobox without harddrvie will set you back 150 USD. I believe this is a perfect personal (family or some really tiny shop) server. My next plans for my kurobox are slimserver (digital music streaming) and eventually asterix (without fancy codecs of course). George Just to be on the safe side, No, I'm not affiliated with http://kurobox.com/, I just love this product. On Saturday 16 September 2006 19:36, Erik Espinoza wrote: Hello George, I don't believe anyone has reported using the qmailtoaster on a Kurobox. My guess is that it would take some work to port it over. I had installed CentOS 4.2 beta on a sparc, and was unable to get QmailToaster to cleanly compile on it. You can give it a shot and let us know. Erik On 9/15/06, George M. [EMAIL PROTECTED] wrote: Hi all; I have been very successful in installing qmail-toaster on FC5 server. I'm thinking of trying to install it on a kurobox (http://kurobox.com/). FC5 can be installed on a kurobox. Has anyone try it ? George - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] qmail-tap patch
This gets asked fairly often. What do you think of including a taps.sample or a taps.instructions file with the distro? George Sweetnam - Original Message - From: Jake Vickers [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Monday, September 18, 2006 10:55 AM Subject: Re: [qmailtoaster] qmail-tap patch Ed Morrison wrote: It's my understanding that the qmail-tap patch is installed by default with the toaster install. I do not see the /var/qmail/control/tap file. Has the location to control the settings changed? If so, where? The patch is included, but it is not set up. You must create the tap file to define how you want it set up. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]