Re: [qmailtoaster] Lots of false positives from SpamAssassin lately
I would be worried that this email shows a Bayes probability of 99%, have all of your false positives been showing high Bayes results? It could be your database has been poisoned, and needs to be flushed. I have had that happen before - I had a customer that was sending non spam emails to his spam bin. After a few months of thinking that is how he deleted emails - the database was unusable. Quoting Casey Price ca...@smileglobal.com: Several of my customers have complained recently of legitimate email being flagged as spam lately, and I've also noticed even mail sent from my billing system being incorrectly labelled. I've even added the IP address of my billing server and whitelisted the email address, yet I'm still getting loads of false positives. Here is a snippet from one of the emails sent by my billing sys: X-Spam-Flag: YES X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa1.smileglobal.com X-Spam-Level: X-Spam-Status: Yes, score=4.9 required=4.5 tests=AWL,BAYES_99, HTML_IMAGE_ONLY_12,HTML_MESSAGE,HTML_SHORT_LINK_IMG_1,RDNS_NONE autolearn=no version=3.2.5 X-Spam-Report: * 3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100% * [score: 0.] * 2.5 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of words * 0.0 HTML_MESSAGE BODY: HTML included in message * 0.1 RDNS_NONE Delivered to trusted network by a host with no rDNS * 0.0 HTML_SHORT_LINK_IMG_1 HTML is very short with a linked image * -1.1 AWL AWL: From: address is in the auto white-list Here is a portion of my local.cf config file for SpamAssassin: ok_locales all skip_rbl_checks 1 required_score 4.5 report_safe 0 rewrite_header Subject [SPAM] SA1 use_pyzor 1 use_auto_whitelist 1 bayes_path /home/vpopmail/.spamassassin/bayes use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 bayes_auto_learn_threshold_spam 6.5 bayes_auto_learn_threshold_nonspam 0.1 bayes_auto_expire 1 #loadplugin Mail::SpamAssassin::Plugin::URIDNSBL # Rule2XSBody - speedup by compilation of rulseset to native code loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody trusted_networks 69.7.35.11 69.7.35.25 69.7.35.131 69.7.35.42 Anyone have any recommendations? Should I increase the required score, or is there a better way to accomplish it? Also, I thought that whitelisting an address/domain automatically subtracts 100 from the score? My logs are showing AWL tests being scored at -0.5 to -1.1 or so. HELP Thanks, -- Casey Price Smile Global Technical Support Submit or check trouble tickets http://billing.smileglobal.com www.smileglobal.com http://www.smileglobal.com Follow us on Twitter https://twitter.com/#%21/SmileInternet Find us on Facebook https://www.facebook.com/smileglobal This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Domain Keys problem?
Quoting Mustafa Toraman h...@mustafatoraman.com: Hi all, I need help about domain keys on QMT. For a long time, still I cant find any solution to sign emails with domain keys. I have read the topic related about disabling domain keys due broken keys since 2008. Then I tried a few patch for it but there is no result. Anybody using DKIM with QMT and what about results, could you pass DKIM-Signature validation... any feedback would be great. Also if there is anyone willing to share any updated tutorial to enable DKIM properly that , he can save my day :) Kind regards, Greetings from Turkiye. Mustafa - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com Jake put together a great easy to follow video that is on youtube. DKIM works - especially with Yahoo and gmail. Follow his instructions at this link: http://www.youtube.com/watch?v=XiKgWJve_Ts Jack This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Filtering with Dovecot
I am going to ask this question in a different thread, since the original message I believe was on a default toaster installation. I am looking to implement automatic message filtering. I checked out the video, but it uses courier. Nothing on the wiki seems to reference anything but courier either. Since I am using Dovecot, what would be the easiest way to go about this. I want my customers spam emails to go to their spam folder in Horde. Any ideas? This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] automatic Filtering e-mail into folders
Quoting Jake Vickers j...@qmailtoaster.com: On 07/26/2011 02:40 AM, Postmaster wrote: Hello, I wonder if it is possible to filter incoming e-mails into numerous folders using rules. This feature is already implemented in Squirrelmail, but I am interested in the server side filtering. You can absolutely do this. I did a video on how to do this, which should be on the Youtube channel. If it is not, let me know and I will post that particular video. - I checked out the video, but it uses courrier - since I am using Dovecot, what would be the easiest way to go about this. I want my customers spam emails to go to their spam folder in Horde. Any ideas? This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Wiki offline for a while
Quoting Jake Vickers j...@qmailtoaster.com: On 07/23/2011 12:03 PM, Eric Shubert wrote: On 07/23/2011 08:35 AM, Jake Vickers wrote: On 07/23/2011 07:35 AM, Jake Vickers wrote: I have the wiki offline for a while this weekend. Seems whenever I bring it online, apache2 gets hammered until the box becomes unresponsive. I am moving some things to a new server, but I need to think about what to do about this as well. I will post again when there is an update or it's been moved. The wiki should be back online now at the new IP address - I think I found the IP that was ddos'ing the wiki and have blocked it. I have also added in a few items that should help prevent this in the future. Be aware that if you perform 300 wgets in 300 seconds against the wiki, you will be blocked for 10 minutes. If your IP does it again, you're blocked for good. - Out of curiosity, what'd you do/use to achieve that block? There was someone on the spamdyke list asking about how to perhaps throttle/block spammers with smtp 25/587 access (authenticated). If you want a hammer, you can iptables it - here's one I use on some server to prevent hammering on port 25: -A INPUT -i eth0 -p tcp -m tcp --dport 25 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 --name DEFAULT --rsource -j DROP -A INPUT -i eth0 -p tcp -m tcp --dport 25 -m state --state NEW -m recent --set --name DEFAULT --rsource So the above blocks any IP trying more than 10 connections in 60 seconds on port 25. For the one I'm using specifically for the wiki, I'm using fail2ban to filter this. You could easily set it up to never full ban, and only throttle for specific periods of time. Here's what I'm using for the wiki page: //jail.conf [http-get-dos-wiki] enabled = true port = http,https filter = http-get-dos-wiki logpath = /var/log/apache2/wiki.qmailtoaster.com-access.log maxretry = 300 # Count the number of connections findtime = 300 # The timeframe we count the above bantime = 600 # How long we ban for action = iptables[name=HTTP, port=http, protocol=tcp] //filter.d/http-get-dos-wiki.conf # Fail2Ban configuration file [Definition] # This regex will match all GET entries in the wiki logs, so basically all requests match. # Controlling how many/how often a hsot connects before we term it bad is controlled in the jail.conf file. failregex = ^ -.*GET # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex = - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com I'm assuming this was why I couldn't view the wiki yesterday. I just hope it wasn't my IP doing something silly. LOL This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] sa-learn
I have Horde installed on my new toaster instead of squirrelmail. I want emails in customers spam folders to be learned by the bayes database. I am wondering if the script on the wiki will work - I don't know if it's setup with squirrelmail in mind or if it will work. Any thoughts? Jack Martin MagicWISP This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Spamassassin not working
Quoting Eric Shubert e...@shubes.net: On 07/22/2011 11:04 AM, MagicWISP wrote: Quoting sa...@magicwisp.com: So far - I have changed my tcp.smtp file and simcontrol file, to try to make sure I have no problems. I issued the qmailctl cdb commands afterwards - and it didn't fix it. I have figured out that simscan is not running. [root@mail simscan]# cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT=,10.1.1.:allow,RELAYCLIENT=,172.25.13:allow,RELAYCLIENT=,12.169.159.250:allow,RELAYCLIENT=,12.169.159.241:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,QMAILQUEUE=/var/qmail/bin/simscan :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=5,QMAILQUUE=/var/qmail/bin/simscan,DKVERIFY=DEGIJKfh,DKQUEUE=/var/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 [root@mail simscan]# cat /var/qmail/control/simcontrol :clam=yes,spam=yes,spam_hits=12,attach=.src:.ade:.adp:.app:.asd:.asf:.asp:.asx:.avi:.bas:.bat:.bin:.chm:.cil:.cla:.class:.cmd:.com:.cpl:.crt:.csh:.css:.dll:.dot:.email:.eml:.exe:.fxp:.hlp:.hta:.inf:.ins:.isp:.js:.jse:.ksh:.lnk:.mda:.mdb:.mde:.mdt:.mdw:.mdz:.mov:.mp3:.mpe:.mpeg:.mpg:.msc:.msi:.msp:.mst:.nws:.ocx:.ops:.pcd:.pif:.pl:.pm:.pot:.pps:.prf:.prg:.ps:.rar:.reg:.scf:.scr:.sct:.shb:.shm:.shs:.url:.vb:.vbe:.vbs:.vxd:.wav:.wmd:.wmf:.wms:.wmz:.wsc:.wsf:.wsh:.wsz:.xsl:.xlt:.xlw: [root@mail simscan]# Simscan isn't appearing anywhere ins my smtp logs though. [root@mail smtp]# cat current | tai64nlocal | grep simscan [root@mail smtp]# So for some reason it isn't getting the call. Any ideas? Permissions perhaps? # ls -l /var/qmail/bin/simscan -rws--x--x 1 clamav root 59176 Apr 14 11:25 /var/qmail/bin/simscan # -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com Doesn't look like that's the problem: [root@mail ~]# ls -l /var/qmail/bin/simscan -rws--x--x 1 clamav root 59176 Jul 18 20:27 /var/qmail/bin/simscan This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Spamassassin not working
Quoting MagicWISP sa...@magicwisp.com: Quoting Eric Shubert e...@shubes.net: On 07/22/2011 11:04 AM, MagicWISP wrote: Quoting sa...@magicwisp.com: So far - I have changed my tcp.smtp file and simcontrol file, to try to make sure I have no problems. I issued the qmailctl cdb commands afterwards - and it didn't fix it. I have figured out that simscan is not running. [root@mail simscan]# cat /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT=,10.1.1.:allow,RELAYCLIENT=,172.25.13:allow,RELAYCLIENT=,12.169.159.250:allow,RELAYCLIENT=,12.169.159.241:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,QMAILQUEUE=/var/qmail/bin/simscan :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=5,QMAILQUUE=/var/qmail/bin/simscan,DKVERIFY=DEGIJKfh,DKQUEUE=/var/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 [root@mail simscan]# cat /var/qmail/control/simcontrol :clam=yes,spam=yes,spam_hits=12,attach=.src:.ade:.adp:.app:.asd:.asf:.asp:.asx:.avi:.bas:.bat:.bin:.chm:.cil:.cla:.class:.cmd:.com:.cpl:.crt:.csh:.css:.dll:.dot:.email:.eml:.exe:.fxp:.hlp:.hta:.inf:.ins:.isp:.js:.jse:.ksh:.lnk:.mda:.mdb:.mde:.mdt:.mdw:.mdz:.mov:.mp3:.mpe:.mpeg:.mpg:.msc:.msi:.msp:.mst:.nws:.ocx:.ops:.pcd:.pif:.pl:.pm:.pot:.pps:.prf:.prg:.ps:.rar:.reg:.scf:.scr:.sct:.shb:.shm:.shs:.url:.vb:.vbe:.vbs:.vxd:.wav:.wmd:.wmf:.wms:.wmz:.wsc:.wsf:.wsh:.wsz:.xsl:.xlt:.xlw: [root@mail simscan]# Simscan isn't appearing anywhere ins my smtp logs though. [root@mail smtp]# cat current | tai64nlocal | grep simscan [root@mail smtp]# So for some reason it isn't getting the call. Any ideas? Permissions perhaps? # ls -l /var/qmail/bin/simscan -rws--x--x 1 clamav root 59176 Apr 14 11:25 /var/qmail/bin/simscan # -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com Doesn't look like that's the problem: [root@mail ~]# ls -l /var/qmail/bin/simscan -rws--x--x 1 clamav root 59176 Jul 18 20:27 /var/qmail/bin/simscan This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com Figured it out - finally. Wanted to reply so maybe some poor sap that is googling later might have some help. I had misspelled a word - check this out. When I brought over my old tcp.smtp it followed. QMAILQUUE=/var/qmail/bin/simscan Missing a letter - and boom there it was!!! This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Courier-IMAP or Dovecot ?
I just built a new toaster - and migrated an old one over. The old one was courier-IMAP, the new one I decided to use dovecot instead. The wiki made it s easy. Then I imported the old emails from the existing server. I would like to figure out how to make cwatchall and watchall use the dovecot log. Quoting Eric Shubert e...@shubes.net: On 07/22/2011 06:59 PM, Carlos Herrera Polo wrote: Hello.. I'am using Courier-IMAP many years, users using pop3 or imap4, not problem with pop3 but when mailbox have many emails is slow or can't retrieve messages... Should migrate ? To elaborate a little, migration per se isn't really necessary. You can install dovecot safely on your existing QMT host, turn off courier, and turn on dovecot. It's pretty simple. Directions are on the wiki. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Courier-IMAP or Dovecot ?
With the instructions on the wiki dovecot can do both IMAP and POP3. One service does all Quoting Carlos Herrera Polo carlos.herrerap...@gmail.com: And Dovecot is a pop3 server ? Thanks for your answers and sorry, my english is very bad ! 2011/7/22, Eric Shubert e...@shubes.net: On 07/22/2011 06:59 PM, Carlos Herrera Polo wrote: Hello.. I'am using Courier-IMAP many years, users using pop3 or imap4, not problem with pop3 but when mailbox have many emails is slow or can't retrieve messages... Should migrate ? To elaborate a little, migration per se isn't really necessary. You can install dovecot safely on your existing QMT host, turn off courier, and turn on dovecot. It's pretty simple. Directions are on the wiki. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Enviado desde mi dispositivo móvil - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com This message was sent using IMP, the Internet Messaging Program. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Domainkeys
I am trying to figure out my domainkeys signature. Here is an header of an email I sent myself at another address: Received: from f10bb8-10 (10.1.116.201) by idc1embx0004.corp.global.level3.com (10.1.9.79) with Microsoft SMTP Server id 8.1.375.2; Tue, 6 Apr 2010 08:46:06 -0600 Received: from mail28.messagelabs.com (mail28.messagelabs.com [216.82.249.131])(using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))(No client certificate requested) by f10bb8-10 (Postfix) with ESMTP id 54E6E4514 for jack.mar...@level3.com; Tue, 6 Apr 2010 14:45:06 + (GMT) X-VirusChecked: Checked X-Env-Sender: jack.d.mar...@magicwisp.com X-Msg-Ref: server-13.tower-28.messagelabs.com!1270565097!68063129!1 X-StarScan-Version: 6.2.4; banners=-,-,- X-Originating-IP: [12.169.159.242] X-SpamReason: No, hits=1.5 required=7.0 tests=HTML_90_100,HTML_MESSAGE, MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT Received: (qmail 1107 invoked from network); 6 Apr 2010 14:44:58 - Received: from mail.magicwisp.com (HELO mail.magicwisp.com) (12.169.159.242) by server-13.tower-28.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 6 Apr 2010 14:44:58 - DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=mail.magicwisp.com; h=from :to:subject:date:message-id:mime-version:content-type; s=dkim1; bh=2Pf8+Cl2bwZzgJS4YUMawkUEYtk=; b=nzXC4kGH0Udf2vpiley2Uj2WDkhk x62TMkYHXsyLmReG5+Ke458ZaYVsDmF8GoJa Received: (qmail 25783 invoked by uid 89); 6 Apr 2010 14:44:55 - Received: from unknown (HELO magicwisba8dea) (jack.d.mar...@magicwisp.com@12.169.159.128) by mail.magicwisp.com with ESMTPA; 6 Apr 2010 14:44:55 - Received: from 127.0.0.1 (AVG SMTP 9.0.800 [271.1.1/2793]); Tue, 06 Apr 2010 09:43:51 -0500 From: Jack Martin jack.d.mar...@magicwisp.com To: jack.mar...@level3.com Subject: DomainKeys Test Date: Tue, 6 Apr 2010 09:43:33 -0500 Message-ID: 001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AcrVl2qV/qD/L8X9RTq6FhTorqTw4Q== Content-Language: en-us Content-Type: multipart/mixed; boundaryAVGMAIL-6ED26C84=== Return-Path: jack.d.mar...@magicwisp.com As you can see there is no signature, but my DNS has it in there. If I do a dig on the private key I get this: dig private._domainkey.magicwisp.com TXT ; DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 private._domainkey.magicwisp. com TXT ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 17030 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;private._domainkey.magicwisp.com. IN TXT ;; ANSWER SECTION: private._domainkey.magicwisp.com. 1800 IN TXT k=rsa\; p=MEwwDQYJKoZIhvcNAQEBB QADOwAwOAIxAOwAw0NImAYGcyqJdmVKN2biJzYMzq8TbxfXJcF9F9KnbbDpzB/FHuJiCs7rBkOAs QIDA QAB ;; Query time: 203 msec ;; SERVER: 12.127.17.83#53(12.127.17.83) ;; WHEN: Tue Apr 6 09:52:13 2010 ;; MSG SIZE rcvd: 176 My tcp.smtp says I am signing: 127.:allow,RELAYCLIENT= 12.169.159.250:allow,RELAYCLIENT= DKSIGN=/var/qmail/control/domainkeys/%/private,:allow,BADMIMETYPE=,BADLO ADERTYPE=M,CHKUSER_RCPTLI MIT=15,CHKUSER_WRONGRCPTLIMIT=3,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qma il/bin/simscan,DKQUEUE=/v ar/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/priva te,RBLSMTPD=,NOP0FCHECK= 1 Anybody have any ideas where to look for an answer? No virus found in this outgoing message. Checked by AVG - www.avg.com Version: 9.0.800 / Virus Database: 271.1.1/2794 - Release Date: 04/06/10 01:32:00 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Domainkeys
Of course it is a qmailtoaster machine - LOL. Yes I have DKIM setup and working. I am trying to have both setup. From: Jake Vickers [mailto:j...@qmailtoaster.com] Sent: Tuesday, April 06, 2010 10:06 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Domainkeys On 04/06/2010 10:55 AM, MagicWISP Sales wrote: I am trying to figure out my domainkeys signature. Here is an header of an email I sent myself at another address: Received: from f10bb8-10 (10.1.116.201) by idc1embx0004.corp.global.level3.com (10.1.9.79) with Microsoft SMTP Server id 8.1.375.2; Tue, 6 Apr 2010 08:46:06 -0600 Received: from mail28.messagelabs.com (mail28.messagelabs.com [216.82.249.131])(using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))(No client certificate requested) by f10bb8-10 (Postfix) with ESMTP id 54E6E4514 for mailto:jack.mar...@level3.com jack.mar...@level3.com; Tue, 6 Apr 2010 14:45:06 + (GMT) X-VirusChecked: Checked X-Env-Sender: jack.d.mar...@magicwisp.com X-Msg-Ref: server-13.tower-28.messagelabs.com!1270565097!68063129!1 X-StarScan-Version: 6.2.4; banners=-,-,- X-Originating-IP: [12.169.159.242] X-SpamReason: No, hits=1.5 required=7.0 tests=HTML_90_100,HTML_MESSAGE, MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT Received: (qmail 1107 invoked from network); 6 Apr 2010 14:44:58 - Received: from mail.magicwisp.com (HELO mail.magicwisp.com) (12.169.159.242) by server-13.tower-28.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 6 Apr 2010 14:44:58 - DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=mail.magicwisp.com; h=from :to:subject:date:message-id:mime-version:content-type; s=dkim1; bh=2Pf8+Cl2bwZzgJS4YUMawkUEYtk=; b=nzXC4kGH0Udf2vpiley2Uj2WDkhk x62TMkYHXsyLmReG5+Ke458ZaYVsDmF8GoJa Received: (qmail 25783 invoked by uid 89); 6 Apr 2010 14:44:55 - Received: from unknown (HELO magicwisba8dea) (jack.d.mar...@magicwisp.com@12.169.159.128) by mail.magicwisp.com with ESMTPA; 6 Apr 2010 14:44:55 - Received: from 127.0.0.1 (AVG SMTP 9.0.800 [271.1.1/2793]); Tue, 06 Apr 2010 09:43:51 -0500 From: Jack Martin mailto:jack.d.mar...@magicwisp.com jack.d.mar...@magicwisp.com To: mailto:jack.mar...@level3.com jack.mar...@level3.com Subject: DomainKeys Test Date: Tue, 6 Apr 2010 09:43:33 -0500 Message-ID: mailto:001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com 001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AcrVl2qV/qD/L8X9RTq6FhTorqTw4Q== Content-Language: en-us Content-Type: multipart/mixed; boundaryAVGMAIL-6ED26C84=== Return-Path: jack.d.mar...@magicwisp.com As you can see there is no signature, but my DNS has it in there. If I do a dig on the private key I get this: dig private._domainkey.magicwisp.com TXT ; DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 private._domainkey.magicwisp. com TXT ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 17030 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;private._domainkey.magicwisp.com. IN TXT ;; ANSWER SECTION: private._domainkey.magicwisp.com. 1800 IN TXT k=rsa\; p=MEwwDQYJKoZIhvcNAQEBB QADOwAwOAIxAOwAw0NImAYGcyqJdmVKN2biJzYMzq8TbxfXJcF9F9KnbbDpzB/FHuJiCs7rBkOAs QIDA QAB ;; Query time: 203 msec ;; SERVER: 12.127.17.83#53(12.127.17.83) ;; WHEN: Tue Apr 6 09:52:13 2010 ;; MSG SIZE rcvd: 176 My tcp.smtp says I am signing: 127.:allow,RELAYCLIENT= 12.169.159.250:allow,RELAYCLIENT= DKSIGN=/var/qmail/control/domainkeys/%/private,:allow,BADMIMETYPE=,BADLO ADERTYPE=M,CHKUSER_RCPTLI MIT=15,CHKUSER_WRONGRCPTLIMIT=3,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qma il/bin/simscan,DKQUEUE=/v ar/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/priva te,RBLSMTPD=,NOP0FCHECK= 1 Anybody have any ideas where to look for an answer? I see dkim1 in your email headers - are you signing using DKIM? Is this message being sent/signed on a Qmailtoaster machine? No virus found in this outgoing message. Checked by AVG - www.avg.com Version: 9.0.800 / Virus Database: 271.1.1/2794 - Release Date: 04/06/10 01:32:00 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail
RE: [qmailtoaster] Domainkeys
The .250 address is a machine that relays. I have used sendmail.net and got this: Authentication System: DomainKeys Identified Mail Result: DKIM signature confirmed GOOD Description: Signature verified, message arrived intact Reporting host: sendmail.net More information: http://mipassoc.org/dkim/ Sendmail milter: https://sourceforge.net/projects/dkim-milter/ Authentication System: Domain Keys Result: DK signature confirmed BAD Description: Signature verification failed, message may have been tampered with or corrupted Reporting host: sendmail.net More information: http://antispam.yahoo.com/domainkeys Sendmail milter: https://sourceforge.net/projects/domainkeys-milter/ Authentication System: Sender ID Result: SID data confirmed GOOD Description: Sending host is authorized for sending domain Reporting host: sendmail.net More information: http://www.microsoft.com/senderid Sendmail milter: https://sourceforge.net/projects/sid-milter/ Authentication System: Sender Permitted From (SPF) Result: SPF data confirmed GOOD Description: Sending host is authorized for sending domain Reporting host: sendmail.net More information: http://spf.pobox.com/ From: Postmaster [mailto:postmas...@seawise-chartering.co.uk] Sent: Tuesday, April 06, 2010 10:33 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Domainkeys Are you sending this e-mail from your intranet? What is 12.169.159.250? Can you send a test e-mail to sa-t...@sendmail.net from your qmailtoaster server? Your tcp.smtp: 127.:allow,RELAYCLIENT= 12.169.159.250:allow,RELAYCLIENT= DKSIGN=/var/qmail/control/domainkeys/%/private,:allow,BADMIMETYPE=,BADLO ADERTYPE=M,CHKUSER_RCPTLI MIT=15,CHKUSER_WRONGRCPTLIMIT=3,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qma il/bin/simscan,DKQUEUE=/var/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail /control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK= 1 In my tcp.smtp I also have DKSIGN=/var/qmail/control/domainkeys/%/private in 127.:allow section Regards Alex On 06/04/2010 15:55, MagicWISP Sales wrote: I am trying to figure out my domainkeys signature. Here is an header of an email I sent myself at another address: Received: from f10bb8-10 (10.1.116.201) by idc1embx0004.corp.global.level3.com (10.1.9.79) with Microsoft SMTP Server id 8.1.375.2; Tue, 6 Apr 2010 08:46:06 -0600 Received: from mail28.messagelabs.com (mail28.messagelabs.com [216.82.249.131])(using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))(No client certificate requested) by f10bb8-10 (Postfix) with ESMTP id 54E6E4514 for mailto:jack.mar...@level3.com jack.mar...@level3.com; Tue, 6 Apr 2010 14:45:06 + (GMT) X-VirusChecked: Checked X-Env-Sender: jack.d.mar...@magicwisp.com X-Msg-Ref: server-13.tower-28.messagelabs.com!1270565097!68063129!1 X-StarScan-Version: 6.2.4; banners=-,-,- X-Originating-IP: [12.169.159.242] X-SpamReason: No, hits=1.5 required=7.0 tests=HTML_90_100,HTML_MESSAGE, MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT Received: (qmail 1107 invoked from network); 6 Apr 2010 14:44:58 - Received: from mail.magicwisp.com (HELO mail.magicwisp.com) (12.169.159.242) by server-13.tower-28.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 6 Apr 2010 14:44:58 - DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=mail.magicwisp.com; h=from :to:subject:date:message-id:mime-version:content-type; s=dkim1; bh=2Pf8+Cl2bwZzgJS4YUMawkUEYtk=; b=nzXC4kGH0Udf2vpiley2Uj2WDkhk x62TMkYHXsyLmReG5+Ke458ZaYVsDmF8GoJa Received: (qmail 25783 invoked by uid 89); 6 Apr 2010 14:44:55 - Received: from unknown (HELO magicwisba8dea) (jack.d.mar...@magicwisp.com@12.169.159.128) by mail.magicwisp.com with ESMTPA; 6 Apr 2010 14:44:55 - Received: from 127.0.0.1 (AVG SMTP 9.0.800 [271.1.1/2793]); Tue, 06 Apr 2010 09:43:51 -0500 From: Jack Martin mailto:jack.d.mar...@magicwisp.com jack.d.mar...@magicwisp.com To: mailto:jack.mar...@level3.com jack.mar...@level3.com Subject: DomainKeys Test Date: Tue, 6 Apr 2010 09:43:33 -0500 Message-ID: mailto:001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com 001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AcrVl2qV/qD/L8X9RTq6FhTorqTw4Q== Content-Language: en-us Content-Type: multipart/mixed; boundaryAVGMAIL-6ED26C84=== Return-Path: jack.d.mar...@magicwisp.com As you can see there is no signature, but my DNS has it in there. If I do a dig on the private key I get
RE: [qmailtoaster] Domainkeys
I did follow the video - but I don't remember the links. Looks like I need to go watch it again. From: Jake Vickers [mailto:j...@qmailtoaster.com] Sent: Tuesday, April 06, 2010 10:43 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Domainkeys On 04/06/2010 11:22 AM, MagicWISP Sales wrote: Of course it is a qmailtoaster machine - LOL. Yes I have DKIM setup and working. I am trying to have both setup. The DKIM script (assuming you're using the one from the video) - if you followed the video - only signs for DKIM. It replaces the qmail-dk handler, so messages will not be signed with domainkeys (you can actually leave all those directives out of your tcp.smtp file). If you wish to sign with both DKIM and DomainKeys, then you need to edit the config file for the dkim module to tell it to also sign for DomainKeys. I believe I provided some links for subscribers in the DKIM video for more documentation, which will show you how to sign for DomainKeys as well. No virus found in this outgoing message. Checked by AVG - www.avg.com Version: 9.0.800 / Virus Database: 271.1.1/2794 - Release Date: 04/06/10 01:32:00 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Re: ezmlm-web
How is the list administered in Mailmain? That is my biggest thing. The customer that uses it really needs ease of use with very little training. What about adding a txt file with the users - is that possible? How about viewing archives online, that is something she wants, that I haven't implemented yet. -Original Message- From: Eric Shubert [mailto:e...@shubes.net] Sent: Monday, March 15, 2010 5:49 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: ezmlm-web I would try the ezmlm-web list for help (https://systemausfall.org/mail-archive/?2) Looks like it'd be a nice addition to QMT. Perhaps this could be included in a future release of the ezmlm-toaster package. Thinking long term though, I believe that Mailman is a better choice for mailing list software though. It's much more robust, and is in active development (v3 should be available later this year). For those interested in using Mailman with QMT, I've written a page on the wiki which explains how to do so: http://wiki.qmailtoaster.com/index.php/Mailman -- -Eric 'shubes' MagicWISP Sales wrote: I read about it on this list as a possible add on to ezmlm. INSTALL file included with the package is below. Seems simple enough, file placement has me bumfuzzled though. That and #3, since VPOPMAIL is in use, and there is more than one domain, where do I put the $LIST_DIR? Shubes to the rescue as usual - LOL. Here is the link for the project - it makes a very nice interface for EZMLM: https://systemausfall.org/toolforge/ezmlm-web/ The following notes will guide you through the installation of ezmlm-web: $Id: INSTALL 447 2008-10-15 22:31:23Z lars $ OVERVIEW: 0 - important notes 1 - get it 2 - install executable and shared files 3 - configuration file 4 - create a suid cgi wrapper 5 - [optional] configure access control (http authentication) 6 - [optional] configure multi domain support 7 - css stylesheet file 8 - final test 9 - troubleshooting 10 - report problems -- -- -- 0. IMPORTANT: you need the perl module Mail::Ezmlm and others to use ezmlm-web! The file README contains the complete list of necessary modules. 1. Choose a distribution form 1a) source installation Get ezmlm-web and extract the archive: tar xzf ezmlm-web-3.x.tar.gz (for source installation continue with step 2) 1b) debian package This is the (by far) most convenient way to install ezmlm-web. Add the following line to your /etc/apt/sources.list file: deb http://systemausfall.org/toolforge/debian/ testing main contrib Now you can install it: aptitude update aptitude install ezmlm-web (debian users may stop reading here) 2. Execute the following lines to install the cgi script and the shared data files to the appropriate locations. perl Makefile.PL make make install 3. Edit the examples/ezmlmwebrc.dist file and alter the variables to suit your particular system. Be careful about the $LIST_DIR variable. This script assumes that all users store their mailing lists in the same sub directory of the home directory (eg ~/lists). You can override this for an individual user by recompiling the C wrapper to call ezmlm-web.cgi with a -d option. Other configurable options are documented in the ezmlmwebrc file itself. I have tried to keep the amount of information that you need to supply to a minimum and also make reasonable guesses about default values. Finally, copy the ezmlmwebrc file to one of the following places: 1) the home directory of the user that runs ezmlm-web.cgi (~/.ezmlmwebrc) 2) /etc/ezmlm-web/ezmlmwebrc 3) /etc/ezmlm/ezmlmwebrc [deprecated] (ezmlm-web will look for it in these places in the given order) See the manpage of ezmlmwebrc (5) for a complete description of all configuration settings. 4. For every user/virtual host that needs to manage mailing lists, you need to create a suid wrapper owned by the user whom the mailing lists belong to. This wrapper needs to reside somewhere accessible by the web server. I suggest that you put it in a sub directory of each user/virtual host's home directory (eg. /home/luser/public_html/ezmlm for Apache). Create a suid wrapper by issuing the following command: ezmlm-web-make-suid The copies don't actually have to be called index.cgi, but it is nice for web servers that can resolve a cgi script as an index page
[qmailtoaster] ezmlm-web
Has anybody setup ezmlm-web? I read about it on the mailing list, but never saw a definitive answer on an installation. I would prefer to stick with ezmlm just because it comes with the toaster, and it works for the one customer I have that uses it. The demo looks awesome, especially the fact that it allows admins the ease of importing txt files. I have a list owner that has troubles doing anything more than sending or receiving email. She has no clues about computers. Luckily that's not her job. We host her mail and she uses the email list extensively. Looking at the interface - it's very intuitive. The installation though is not. I am reading the install file, and to be honest I am just confused for some reason. Can somebody point me in the right direction to add this to my toaster? Jack
RE: [qmailtoaster] Re: Searching archives
I absolutely hate that one, it's a pain in the a$$ to use!!! LOL. I try to make my searches as relevant as possible. Like the DKIM search, I tried several things, including just DKIM, but that returned way to many responses, and nearly all were the question - how do I set it up. I normally have no troubles with the archive as it is. -Original Message- From: Eric Shubert [mailto:e...@shubes.net] Sent: Thursday, March 04, 2010 3:08 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: Searching archives I've had difficulty with with search of archives before as welll. I haven't used it lately though. There is a large archive at http://gmane.org/. Has anyone tried searching that one? -- -Eric 'shubes' Helmut Fritz wrote: i definitely would like to have an archiving system, and if one can be used/created that sorts data better (especially by date) it would be great. as always, i am happy to host anything needed to support this group. (i can not design/code anything though). Helmut -Original Message- From: Jake Vickers [mailto:j...@qmailtoaster.com] Sent: Thursday, March 04, 2010 11:49 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Searching archives On 03/04/2010 01:50 PM, Dave Hallowell wrote: Jake, since you asked: Not sure if they're just not searching (I suspect this), or if the search is not returning relevant results. I'd need some feedback on this from the community in general on this. I have all of the emails on my IMAP server, so I just search in Thunderbird, but if the search functionality is not working for the users then that would be something I need to look at. Example: I search the archives by thread using dkim as the search criteria, I get a list of 110 matches back. The first is dated 2009/10/10 the second match is dated 2006/10/16 and the last match on the first page is dated 2009/09/10. Not sure if there is a way to sort your searched criteria dkim by date or even if it is possible, but it sure would make the archives more usable in my opinion. I basically have to look through all 110 matches to find the most current one (and quite possibly the most revelant). I don't have all the emails on my IMAP server (just back to 10-2-2008) is there a better way - please educate me if there is. I am sure others would like to know as well. I'm glad you started this thread. The current archiving system is used, well, because it was there when I took the project over and I never thought to even look at it. Obviously I do not use it, but if there is a better alternative (even if it's not externally hosted like the current one is) then I'm open for suggestions. I'd like to see a show of virtual hands of the people that like/dislike it. I'll try and get a survey set up tonight for those who wish to participate to give their opinion. -- -- - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! -- -- - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- --- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit
RE: [qmailtoaster] DKIM/Domainkeys
OK, here is my real confusion on DKIM and Domainkeys, and I think I have found out the general area of my problem, just not what to do to correct it. I think something is goofy in my DNS, just not sure what. I have tried adding a txt record for dkim1.mail.magicwisp.com, but it didn't help. Why is it looking for dkim1._domainkey.mail.magicwisp.com? It was renamed per the instructions on Jakes video, and nowhere in my DNS is dkim1._domainkey mentioned. This is starting to drive me buggy. My domain is magicwisp.com, my servers hostname is mail.magicwisp.com. If I do a dig for the keys: [r...@mail dkim]# dig +short private._domainkey.mail.magicwisp.com txt [r...@mail dkim]# dig +short dkim1.mail.magicwisp.com txt [r...@mail dkim]# dig +short dkim1.magicwisp.com txt k=rsa p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxANdYWKrEHivH6ZvF+lnqadWjy0Sc/vV6Tsb7Ey6kOE 2zVWiaV8IUp+jS2jmKTkHNTwIDAQAB [r...@mail dkim]# dig +short private._domainkey.magicwisp.com txt k=rsa\; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyazGDWAMas 0jf4LFv2PU04CcshyL+637GwIDAQAB Yet somehow when I send email it is trying to find mail.magicwisp.com. Not sure why. My DNS is configured as follows: $ttl 30M magicwisp.com. IN SOA ns1.magicwisp.com. root.ns1.magicwisp.com. ( 2009020917 10800 3600 604800 5D ) @ IN NS ns1.magicwisp.com. magicwisp.com. IN MX 5 mail magicwisp.com. IN TXT v=spf1 a mx all mail.magicwisp.com. IN TXT v=spf1 a -all _domainkey.magicwisp.com. IN TXT o=-; r=postmas...@magicwisp.com private._domainkey IN TXT k=rsa; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyazGDWAMas 0jf4LFv2PU04CcshyL+637GwIDAQAB dkim1 IN TXT k=rsa; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxANdYWKrEHivH6ZvF+lnqadWjy0Sc/vV6Tsb7Ey6kOE 2zVWiaV8IUp+jS2jmKTkHNTwIDAQAB 12.169.159.242.magicwisp.com. IN PTR mail.magicwisp.com magicwisp.com. 1800IN A 12.169.159.242 www.magicwisp.com. 1800IN A 12.169.159.242 ftp.magicwisp.com. 1800IN A 12.169.159.242 mail.magicwisp.com. 1800IN A 12.169.159.242 ns1.magicwisp.com. 1800IN A 12.169.159.242 Here is the information I get on the test: == Summary of Results == SPF check: pass DomainKeys check: fail DKIM check: permerror Sender-ID check:pass SpamAssassin check: ham == Details: == HELO hostname: mail.magicwisp.com Source IP: 12.169.159.242 mail-from: jack.d.mar...@magicwisp.com -- SPF check details: -- Result: pass ID(s) verified: smtp.mail=jack.d.mar...@magicwisp.com DNS record(s): magicwisp.com. 1800 IN TXT v=spf1 a mx all magicwisp.com. 1800 IN A 12.169.159.242 -- DomainKeys check details: -- Result: fail (bad signature) ID(s) verified: header.from=jack.d.mar...@magicwisp.com DNS record(s): private._domainkey.magicwisp.com. 1800 IN TXT k=rsa; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyazGDWAMas 0jf4LFv2PU04CcshyL+637GwIDAQAB -- DKIM check details: -- Result: permerror (key dkim1._domainkey.mail.magicwisp.com doesn't exist) ID(s) verified: Canonicalized Headers: From:'20'Jack'20'Martin'20'jack.d.mar...@magicwisp.com'0D''0A' To:'20'check-au...@verifier.port25.com'0D''0A' Subject:'20''0D''0A' Date:'20'Tue,'20'2'20'Mar'20'2010'20'14:53:36'20'-0600'0D''0A' Message-ID:'20'00f601caba4a$6e353f10$4a9fbd...@d.martin@magicwisp.com'0D'' 0A' MIME-Version:'20'1.0'0D''0A' Content-Type:'20'multipart/alternative;'0D''0A' '09'boundary==_NextPart_000_00F7_01CABA18.239ACF10'0D''0A' DKIM-Signature:'20'v=1;'20'a=rsa-sha1;'20'c=simple;'20'd=mail.magicwisp.com; '20'h=from'0D''0A' '09':to:subject:date:message-id:mime-version:content-type;'20's=dkim1;'0D''0 A' '09''20'bh=KUx/eqMQL77uZbeE9TxqNEC7I6k=;'20'b= Canonicalized Body: This'20'is'20'a'20'multi-part'20'message'20'in'20'MIME'20'format.'0D''0A' '0D''0A' --=_NextPart_000_00F7_01CABA18.239ACF10'0D''0A' Content-Type:'20'text/plain;'0D''0A' '09'charset=us-ascii'0D''0A' Content-Transfer-Encoding:'20'7bit'0D''0A' '0D''0A' Testing'20'DKIM'0D''0A' '0D''0A' '0D''0A' --=_NextPart_000_00F7_01CABA18.239ACF10'0D''0A'
RE: [qmailtoaster] Re: How things can work and do sort themselves out with a little help
Yes the old server was a Quad PII - 4 Intel 400Mhz processors, it ran like a champ with QMT, Apache, Bind, and FreeRadius. As soon as the Apache, Bind, and QMT were rolled into VMWare -it became a dog. I used about every tweak I could find on the internet to make it work better. I think the problem is VMWare Server 2 - it's just slow. Unfortunately I could not use Xen or KVM because of the old processors. From what I could research, they would have worked much better. I am pretty anxious to see how this runs on another server with dual Intel 3.Ghz processors. Unfortunately they aren't dual core, but we should still see some marked improvement. Jack -Original Message- From: Eric Shubert [mailto:e...@shubes.net] Sent: Saturday, February 27, 2010 10:34 AM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: How things can work and do sort themselves out with a little help MagicWISP Sales wrote: I just wanted to thank everybody for their help. I had a qtp toaster running on VMWare on a Quad Pentium 2 machine - let me tell you that will not work. It was an experiment that got pressed into service as an emergency. Scan times after killing blacklists and ClamAV on emails of 222k were at 300 seconds, wow. It caused duplicate emails and all kinds of craziness, even after adding Spamdyke. I used one of Jakes tips on his video page and cut the scan time down to an average of 110 on the same email. Quite an improvement but still too high to be usable. I moved the VM to a temp machine this week, an old E-Machines computer of all things with an AMD Athlon XP 2000 processor with a whole 1G of memory, and scan times on the same message fell to 17 seconds. Again - still too high, but at least the duplicate emails stopped. I just used another tweak from Jakes video site and the scan time fell to 9 seconds, with the blacklists and ClamAV scans going again. That will work until the replacement server gets here next week. If you are using VMWare, you really need a higher end machine, I think that could be the moral of this story. The first server that was in use, had a sister sitting right next to it that ran the QTP, plus webhost, plus a radius server, and never ever broke a sweat. VMWare is a hog to say the least. Jake's video subscription may be the best thing I have found for some quick instruction on usage of real world tweaks. Jake and Eric are always willing to help, and have great experiences to provide. Also a shout out to Brent for fixing the Spamdyke script - it works. Now if I can figure out how to make the smtp log change at midnight instead of whenever it wants, I will be happy. Great job all of you guys - you really are lifesavers!!! Thanks for sharing. Before I comment on this, I want to check the facts. This was a Quad P-II, and not a Quad P-4, right? Just checking. Not that it would make all that much difference. I'll have some comments to make regarding your experience with VM guests soon. FWIW, I just migrated a QMT from one VM guest to another, on the same host. The former ran nicely (and still does on another host). The new QMT VM is a pig. I'm not sure what the problem is yet. Top takes 10% of the cpu on the pig host, while on another guest w/ same kernel, top runs less than 1%. So somewhere I'm seeing a ~10x performance difference between 2 guests on the same host. It'll be interesting (to say the least) to find the reason why. There are some differences between the 3 guests, but not too many. I hope to nail it soon. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Re: How things can work and do sort themselves out with a little help
Jake, You are probably right, but we are a small ISP, and never will have a large mail server. If this server ever reaches 500 accounts I will be way more than shocked. So this works well for us. The really nice thing is restoral - it's a snap. If I have a few thousand email accounts, it would be a different story. -Original Message- From: Jake Vickers [mailto:j...@qmailtoaster.com] Sent: Saturday, February 27, 2010 8:16 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: How things can work and do sort themselves out with a little help On 02/27/2010 12:08 PM, MagicWISP Sales wrote: Yes the old server was a Quad PII - 4 Intel 400Mhz processors, it ran like a champ with QMT, Apache, Bind, and FreeRadius. As soon as the Apache, Bind, and QMT were rolled into VMWare -it became a dog. I used about every tweak I could find on the internet to make it work better. I think the problem is VMWare Server 2 - it's just slow. Unfortunately I could not use Xen or KVM because of the old processors. From what I could research, they would have worked much better. I am pretty anxious to see how this runs on another server with dual Intel 3.Ghz processors. Unfortunately they aren't dual core, but we should still see some marked improvement. I'm actually testing/using VirtualBox for things right now. I think in the long run that running a large mailserver on any virtual environment is a bad idea. I'll need to verify, but I think even the big official mail server packages are not supported if run in virtual environment and probably for reasons like this. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Number of logins
I am curious if anybody else has seen this. I have a customer that subscribed to spamrival. He wanted to combat spam. I understand that, but spamrival logs in to his account about every 20 seconds. I feel that is a very high number. I have thought about blocking the IP address, but I don't want to just make the guy overly upset. I am looking for anybody's thoughts on what they would consider excessive. Maybe I am being a little crazy, I am tired of the log filling up - LOL. Here is a snippet from the logs: Feb 27 20:27:39 mail vpopmail[8218]: vchkpw-pop3: (PLAIN) login success v...@magicwisp.com:63.131.139.146 Feb 27 20:27:59 mail vpopmail[8226]: vchkpw-pop3: (PLAIN) login success v...@magicwisp.com:63.131.139.146 Feb 27 20:28:20 mail vpopmail[8229]: vchkpw-pop3: (PLAIN) login success v...@magicwisp.com:63.131.139.146 Feb 27 20:28:39 mail vpopmail[8232]: vchkpw-pop3: (PLAIN) login success v...@magicwisp.com:63.131.139.146 Feb 27 20:28:56 mail vpopmail[8237]: vchkpw-pop3: (PLAIN) login success v...@magicwisp.com:63.131.139.146 Feb 27 20:29:15 mail vpopmail[8242]: vchkpw-pop3: (PLAIN) login success v...@magicwisp.com:63.131.139.146 Feb 27 20:29:33 mail vpopmail[8245]: vchkpw-pop3: (PLAIN) login success v...@magicwisp.com:63.131.139.146 Feb 27 20:29:49 mail vpopmail[8250]: vchkpw-pop3: (PLAIN) login success v...@magicwisp.com:63.131.139.146 Feb 27 20:30:17 mail vpopmail[8331]: vchkpw-pop3: (PLAIN) login success v...@magicwisp.com:63.131.139.146
RE: [qmailtoaster] Re: Optimizing a Server for VM
Brent, That version works on both types of logs - You rock!!! -Original Message- From: Brent Gardner [mailto:brent.gard...@gmail.com] Sent: Friday, February 26, 2010 8:27 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Optimizing a Server for VM I think I found the problem. Entries in /var/log/maillog look like this: Feb 22 10:04:32 smtp spamdyke[1941]: FILTER_RDNS_MISSING ip: 213.207.169.135 Entries in /var/log/qmail/smtp/current look like this: @40004b8880e0199c9a3c spamdyke[1941]: FILTER_RDNS_MISSING ip: 213.207.169.135 When the script runs in syslog mode it discards everything out of a log entry up to and including spamdyke[pid]: and processes the remainder of the entry assuming that it starts at (in the example above) FILTER_. Before, when the script runs in qmail log mode it only cuts off the timestamp and space. It leaves the spamdyke[pid}: , but still wants to process the log entry as if it starts with FILTER_. To the part that cuts off the timestamp I added code that cuts off the spamdyke[pid]: . I altered my toasters to log to the qmail smtp log so I would have test data. It's working in my tests against either qmail logs or maillog. Brent Gardner sa...@magicwisp.com wrote: Yes it does have plenty of spamdyke logs in it - I checked to make sure. Eric- Does the original script work for you? I went back to look at the original thread where I got this script: http://www.mail-archive.com/spamdyke-us...@spamdyke.org/msg01847.html The script was written by Felix Buenemann and later altered based on input from you and a few others so that it would work with qmail log files or maillog files. Spamdyke on my toasters logs to /var/log/maillog, so I don't have genuine qmail logs to run through the script. I took a maillog file, copied it to a temp file and converted it into what I think is the proper format based on your postings to the spamdyke-users list from this time period. Then I copied a bunch of data from a real qmail smtp log into the temp file and ran the whole mess through the script and it seemed to work OK with out tai64nlocal. It returned the same numbers as the original maillog file. It doesn't work if I pipe the temp file through tai64nlocal. Jack- After further review I don't think the script is designed to run with a qmail smtp log and tai64nlocal, but it should work just fine with a raw qmail smtp log file. The data you ran through from a maillog file produced numbers so low that it makes me wonder... Did the qmail smtp log that you ran through that produced a bunch of zeroes actually contain any Spamdyke log entries? Brent Gardner sa...@magicwisp.com wrote: Brent here is what I get: [r...@mail spamdyke]# cat /var/log/qmail/smtp/current | tai64nlocal | ./spamdyke-stats Use of uninitialized value in substr at ./spamdyke-stats line 57, line 1 (#1) (W uninitialized) An undefined value was used as if it were already defined. It was interpreted as a or a 0, but maybe it was a mistake. To suppress this warning assign a defined value to your variables. To help you figure out what was undefined, perl tells you what operation you used the undefined value in. Note, however, that perl optimizes your program and the operation displayed in the warning may not necessarily appear literally in your program. For example, that $foo is usually optimized into that . $foo, and the warning will refer to the concatenation (.) operator, even though there is no . in your program. Use of uninitialized value in substr at ./spamdyke-stats line 57, line 243 (#1) Use of uninitialized value in substr at ./spamdyke-stats line 57, line 420 (#1) Summary Allowed:00.00% Timeout:00.00% Errors :00.00% Denied :00.00% Total :00.00% sa...@magicwisp.com wrote: It works great as long as you are using the default log location for Spamdyke (/var/log/maillog). I would love to see it work on the qtp defaulted installation though, as I would imagine that's how most people are implementing it on this list. I am not sure what it needs to make it work. Maybe I can figure out what it is looking for. I have no clues on perl scripting, but sometimes can figure out the simple stuff, and I am betting this is a simple fix. Seeing as I got this from the Spamdyke mailing list it makes sense that it works for the default Spamdyke log location but has trouble with other log options. I seem to remember some discussion on the Spamdyke mailing list about getting it to work with qmail logs but I don't remember the details. What happens when you pipe a qmail log through tai64nlocal before sending it to the stats script? Brent Gardner
[qmailtoaster] How things can work and do sort themselves out with a little help
I just wanted to thank everybody for their help. I had a qtp toaster running on VMWare on a Quad Pentium 2 machine - let me tell you that will not work. It was an experiment that got pressed into service as an emergency. Scan times after killing blacklists and ClamAV on emails of 222k were at 300 seconds, wow. It caused duplicate emails and all kinds of craziness, even after adding Spamdyke. I used one of Jakes tips on his video page and cut the scan time down to an average of 110 on the same email. Quite an improvement but still too high to be usable. I moved the VM to a temp machine this week, an old E-Machines computer of all things with an AMD Athlon XP 2000 processor with a whole 1G of memory, and scan times on the same message fell to 17 seconds. Again - still too high, but at least the duplicate emails stopped. I just used another tweak from Jakes video site and the scan time fell to 9 seconds, with the blacklists and ClamAV scans going again. That will work until the replacement server gets here next week. If you are using VMWare, you really need a higher end machine, I think that could be the moral of this story. The first server that was in use, had a sister sitting right next to it that ran the QTP, plus webhost, plus a radius server, and never ever broke a sweat. VMWare is a hog to say the least. Jake's video subscription may be the best thing I have found for some quick instruction on usage of real world tweaks. Jake and Eric are always willing to help, and have great experiences to provide. Also a shout out to Brent for fixing the Spamdyke script - it works. Now if I can figure out how to make the smtp log change at midnight instead of whenever it wants, I will be happy. Great job all of you guys - you really are lifesavers!!!
RE: [qmailtoaster] Optimizing a Server for VM
My first thought was Outlook - but that thought didn't last long. I had them in Webmail. My load has fallen some since adding spamdyke. This server is very small. Very few users on 2 domains. I mean less than 100 accts. Here is the header from the email you sent: Return-Path: qmailtoaster-list-return-5432-sales=magicwisp@qmailtoaster.com Delivered-To: sa...@magicwisp.com Received: (qmail 27045 invoked by uid 89); 21 Feb 2010 15:53:12 - DomainKey-Status: no signature Received: by simscan 1.4.0 ppid: 27021, pid: 27023, t: 22.7157s scanners: attach: 1.4.0 spam: 3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on mail.magicwisp.com X-Spam-Level: X-Spam-Status: No, score=0.3 required=3.5 tests=AWL,HTML_MESSAGE,RDNS_NONE, SARE_SUB_OBFU_Q1 autolearn=disabled version=3.2.5 Received: from unknown (HELO mail.qmailtoaster.com) (216.81.238.95) by mail.magicwisp.com with SMTP; 21 Feb 2010 15:52:49 - Received-SPF: pass (mail.magicwisp.com: SPF record at qmailtoaster.com designates 216.81.238.95 as permitted sender) Received: (qmail 13921 invoked by uid 89); 21 Feb 2010 15:52:07 - Mailing-List: contact qmailtoaster-list-h...@qmailtoaster.com; run by ezmlm Precedence: bulk List-Post: mailto:qmailtoaster-list@qmailtoaster.com List-Help: mailto:qmailtoaster-list-h...@qmailtoaster.com List-Unsubscribe: mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com List-Subscribe: mailto:qmailtoaster-list-subscr...@qmailtoaster.com Reply-To: qmailtoaster-list@qmailtoaster.com Delivered-To: mailing list qmailtoaster-list@qmailtoaster.com Received: (qmail 13914 invoked by uid 89); 21 Feb 2010 15:52:07 - Message-ID: 4b8156a3.3050...@qmailtoaster.com Date: Sun, 21 Feb 2010 10:52:03 -0500 From: Jake Vickers j...@qmailtoaster.com User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.7) Gecko/20100120 Fedora/3.0.1-1.fc12 Thunderbird/3.0.1 MIME-Version: 1.0 To: qmailtoaster-list@qmailtoaster.com References: 00c801cab2ac$4c047500$e40d5f...@com In-Reply-To: 00c801cab2ac$4c047500$e40d5f...@com Subject: Re: [qmailtoaster] Optimizing a Server for VM X-Antivirus: AVG for E-mail 9.0.733 [271.1.1/2701] Content-Type: multipart/mixed; boundaryAVGMAIL-6B6462F5=== That scantime is without ClamAV. I am currently trying to figure out what SpamAssassin Rules really need to be in place, and where they all are. LOL. I had one email come in this morning that showed this: 2010-02-21 08:38:26.258036500 [2996] info: spamd: result: Y 7 - SARE_MONEYTERMS,URIBL_BLACK,URIBL_GREY scantime=299.8,size=97584,user=clamav,uid=89,required_score=3.5,rhost=localh ost.localdomain,raddr=127.0.0.1,rport=41208,mid=0.0.0.4.1CAB2F5E480DCE4.484 3...@mail1.po155.com,autolearn=unavailable 2010-02-21 08:53:38.010300500 [2996] info: spamd: result: Y 6 - URIBL_BLACK,URIBL_GREY scantime=300.3,size=97584,user=clamav,uid=89,required_score=3.5,rhost=localh ost.localdomain,raddr=127.0.0.1,rport=39344,mid=0.0.0.4.1CAB2F5E480DCE4.484 3...@mail1.po155.com,autolearn=unavailable As you can see, it was spam, and the thing blew my processors through the roof. I wasn't looking at it right then, and don't have any graphing setup on them (not sure if there is something out there that would be easily setup), but the scantimes went crazy so it came in more than once. I added that domain to spamdykes blacklist, so it should be gone J. I have seen my load on the VM go as high as 22 on the 1min avg. That is insane. Right now they are looking great - 10:36:35 up 16:17, 3 users, load average: 0.58, 0.58, 0.61 The physical machine is always pretty good with the most I have seen on the one min avg at about 1.5 to 1.8. From: Jake Vickers [mailto:j...@qmailtoaster.com] Sent: Sunday, February 21, 2010 9:52 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Optimizing a Server for VM On 02/20/2010 11:13 PM, MagicWISP Sales wrote: I have a Virtual machine running on an old - and I mean old (Quad Intel Pentium 4 Xeon) server. My load average is bad on the VM, the physical machine looks ok. The physical machine is slated to be replaced, but not for approx 90days. It's causing duplicate emails to come in to users accounts. Spamdyke is helping a lot. I have killed RBLS in qmail and Spamassassin, no sense in checking them twice. I have disabled autolearn and am not using the Bayes database in Spamassassin. I am trying to optimize simscan, since I see scan times that are pretty bad - the first one I looked at was 25 seconds. I turned off clam by editing simcontrol to :clam=no. I am trying to think of any other things I can do to help out this server in the interim. I found a script that says it does the following things that make a lot of sense to me: I'm curious what your load metrics are. I've worked on 5-6 virtual QMTs in the last couple weeks, and everything seems to fall down around the 500 user mark
RE: [qmailtoaster] Optimizing a Server for VM
I'm also looking for a good Spamdyke Statistics script. I know this isn't their list, but all of the scripts on their list fail. I read many QMT users that said they didn't work. I am using QTP on CentOS 5. Hopefully somebody will have an idea on where I can find one. From: MagicWISP Sales [mailto:sa...@magicwisp.com] Sent: Saturday, February 20, 2010 10:14 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Optimizing a Server for VM I have a Virtual machine running on an old - and I mean old (Quad Intel Pentium 4 Xeon) server. My load average is bad on the VM, the physical machine looks ok. The physical machine is slated to be replaced, but not for approx 90days. It's causing duplicate emails to come in to users accounts. Spamdyke is helping a lot. I have killed RBLS in qmail and Spamassassin, no sense in checking them twice. I have disabled autolearn and am not using the Bayes database in Spamassassin. I am trying to optimize simscan, since I see scan times that are pretty bad - the first one I looked at was 25 seconds. I turned off clam by editing simcontrol to :clam=no. I am trying to think of any other things I can do to help out this server in the interim. I found a script that says it does the following things that make a lot of sense to me: Have clamdscan only scan the message file instead of the message file and the attachments created by ripmime (which results in double scanning and taking twice as long). Don't pass messages over 250,000 bytes to SpamAssassin. In the default SA config, it doesn't scan messages that large, so we don't waste time passing them on. Do spam scanning before virus scanning. Most machines have a 70% spam hit rate and a 1% virus hit rate. It make a lot more sense to spam scan the 1% of viruses instead of virus scanning the 70% spam. The patch is at http://sourceforge.net/tracker/index.php?func=detail http://sourceforge.net/tracker/index.php?func=detailaid=1829073group_id=2 04569atid=990138 aid=1829073group_id=204569atid=990138 What the guy says it does makes lots of sense to me, however I can't get it to run. Is there anyway the gurus on this list know of to improve things? I have looked on the wiki and used google, and can't find much out there. Jack Martin
[qmailtoaster] Mailing List Files
I have a minor problem - well major for somebody, LOL. I have a mailing list setup for one of my domains, I thought she was going to keep it pretty small, and didn't think it was something she would use much. Well I was wrong. Her list has grown to about 750 customers. I never backed it up, and didn't worry about it (my stupidity I know), anyway the server it resided on took a tank this week. I can mount the drive and find the directory it is in, but for some reason I can't copy all of the files. Not sure what the problem is. Can somebody tell me what files I need from it to recreate the entire list. She didn't archive her addresses on a soft copy, all she has is a hard copy, so it is going to be a very time consuming task to get it running again - and she is my wife's sister, so I kinda am stuck fixing it - LOL. Thanks in advance for any help somebody might have. Jack Martin MagicWISP
RE: [qmailtoaster] Re: Virtual QMT
I found a script on a VMWare community site that is a champ! It makes a snapshot and does a backup then removes the snapshot, so you see no downtime unless you want it to. Here is the link: http://communities.vmware.com/docs/DOC-10382;jsessionid=5B6DF0EF2EFDE96949DF F1547838FA9E -Original Message- From: sysad...@tricubemedia.com [mailto:sysad...@tricubemedia.com] Sent: Sunday, February 14, 2010 3:12 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: Virtual QMT I use a clone VM, then daily I shutdown the clone do an export. If you use Vsphere4, and all the gimmicks, your can do Live backup IE back up a Running VM. but it gets costly. I just use ESXi, as I sais above, I have a clone VM( using Jakes replication Videos ) then I shutdown clone, do the export to my NAS, . you can also just use the built in qmail-backup, scp that to your NAS etc. How are you guys backing up your VM's? I love the idea of using a virtual machine, and was playing with one that got pressed into service this week. It appears to be running pretty smoothly, now I am going to try to fine tune it. My biggest concern is trying to back it up. I am hoping I can just tar the VM and move it to a NAS. Is this possible - or do I need to shut it down first. I would love the idea of a nightly backup of the entire VM. It would sure make restoration a snap. Jake Vickers wrote: Eric Shubert wrote: Phil Leinhauser wrote: Is there anything like a load tester for QMT to mimic the 500 user limit? I don't know of one. (Doesn't mean there isn't one) It'd be nice to have a testing harness of some sort for QMT. Anyone up for writing one? One of the setups I was working on was Xen, but there is one running ESX. They have 500 users, all using IMAP, and some users experience 8-10 minute lags in accessing their imap stores (or webmail). IMAP processes have been increased, and the softlimit has also been increased. I do agree we could use some testing tools (this should be on the devel list, and can easily be added to the tools section of the subversion repo). I used to have a script around here somewhere that dumped 10K emails to load test, but haven't used it in a long time and would have to really dig to find it. I just wonder if the imap load isn't hitting a limitation in the VMware storage structure. The system has enough horse power and lots of RAM. 'sar' shows the cpu is not working very hard. When running a 'du -sh *' on the /home/vpopmail/domains takes as long as 7 minutes on a couple domains, which is what points me towards a VMware filesystem suspicion, since that test is not even using imap but straight file access. That's a good guess. I'll think about it a bit. Courier or Dovecot? (Not that it matters a whole lot if filesystem access is slow) Which elevator type is running on the guest? (noop appears to be best) Any idea which elevator ESX is configured to use? Which ESX version? As a side thought - anyone ever looked at freshmeat on some pop/imap testing tools? Courier is running. I may switch them to dovecot since it handles the larger mailboxes better (some boxed are 7+ Gigs in total size). I still think it's a filesystem issue though, as a 'du -sh' command takes so long. I do not have much more information as to the ESX setup however. They did have the mailstore mapped via NFS and switching that to a local filesytem decreased the issues by 50% or more. They moved a busy host to another ESX server and that decreased the issues even more, but they still experience 1-3 issues per day, always during peak times. And when I compare that against a 1500+ user system I have on a bare-metal server (mixed pop3 and imap) that does not have any issues (and 1/2 the hardware horsepower), the only other thing I can point a finger at at this point would be VMware. Some testing tools would be great to reproduce this type of thing. Did anyone come up with any ideas yet? - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them