[xmail] Re: 1.25 just started to seg fault
Fred - I was unable to get a 64 bit version of XMail to work except when it was compiled in debug mode under FreeBSD 6 (and likely 7 - I haven't tested that). So if you are running a 64 bit version of FreeBSD, then that would fit exactly what I was seeing (core dumps with regular binary, no problem with debug version). I mentioned this to Davide at the time, but it was likely a low priority issue and I think was simply forgotten about as I was able to resolve it by compiling XMail as a 32 bit binary on another system, which had no problems in either debug or non-debug mode. Jeff fred wrote: > I did all that Davide but the server doesn't crash with the debug > executable..!? > > > This one crashes: > 9774140 -rwxr-xr-x 1 root wheel 352176 May 20 15:36 XMail > > This one does not: > 12648537 -rwxr-xr-x 1 root wheel 1059437 May 20 15:43 XMail > > > I will try again a couple of time and will get back to you if I manage to > get a debug XMail.core. > > -fred > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Davide Libenzi > Sent: 20 mai 2008 15:21 > To: xmail@xmailserver.org > Subject: [xmail] Re: 1.25 just started to seg fault > > On Tue, 20 May 2008, fred wrote: > > >> Thanks for replying. >> >> Francis, absolutely nothing changed since the server started to core dump, >> > I > >> can assure you. Friday morning, when I got to work XMAIL wasn't accepting >> emails anymore because it's partition was full, it had 105GB left Thursday >> night. So I checked what was taking all the free space without finding any >> huge amount of anormal files. The files inside xmail partition was >> > occupying > >> less than 5GB. >> > > I remember (as usual) FreeBSD latest version had some problem. I don't > remember exactly who reported this. > Lets try: > > $ setenv XMAIL_DEBUG 1 > $ setenv OSTYPE FreeBSD > $ gmake -f Makefile.bsd > > Then run XMail from inside a shell: > > $ ulimit -c 2 > $ XMail --debug -Md ... > > This should generate a core file. Then: > > $ gdb -c PATH-TO-CORE PATH-TO-XMAIL > > From inside GDB: > > >> bt full >> > > Send that over, and do not delete the core file and the XMail binary. > Of course, no other XMail instance should be running while doing so. > > > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: FreeBSD 7 and lc_r
OK - I found a small amount of info that seems to indicate that the correct flag is simply -pthread without -lc_r, and this is also true for FreeBSD 6, although the only problem I ran into with FreeBSD 6 was a show stopping 64 bit compile issue. Once I compiled 32 bit I had no problems. Anyway, if you are running FreeBSD 7 and have trouble compiling the binaries, remove -lc_r from the makefile - that seems to be working so far for me quite well. From what I read, you should remove it regardless and just keep -pthread, but then I try not to believe everything I read! Jeff Jeff Buehler wrote: > Hi All - > > There appears to be a build problem with FreeBSD 7 and XMail, at least > on the two non-64 bit systems I have updated so far - the build fails on > the -lc_r flag. I am uncertain as to the specifics of the lc_r flag - > it appears to be a directive to link against libc_r for threading - but > at any rate, that flag is no longer recognized (or valid?) under FreeBSD > 7. I removed it from the Makefile and kept -pthread, and so far > everything seems OK with the XMail binaries. > > I am guessing that FreeBSD 7 has changed the way it handles threads, > probably a good thing, and this is the root of the build problem. If > so, does anyone know if simply passing -pthreads is adequate? I haven't > been able to find much info about lc_r so far... > > Thanks, > Jeff > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] FreeBSD 7 and lc_r
Hi All - There appears to be a build problem with FreeBSD 7 and XMail, at least on the two non-64 bit systems I have updated so far - the build fails on the -lc_r flag. I am uncertain as to the specifics of the lc_r flag - it appears to be a directive to link against libc_r for threading - but at any rate, that flag is no longer recognized (or valid?) under FreeBSD 7. I removed it from the Makefile and kept -pthread, and so far everything seems OK with the XMail binaries. I am guessing that FreeBSD 7 has changed the way it handles threads, probably a good thing, and this is the root of the build problem. If so, does anyone know if simply passing -pthreads is adequate? I haven't been able to find much info about lc_r so far... Thanks, Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)
Hi Rob - That is more or less what is happening, but I'm not clear about the specifics. I'm finding it a bit of a mystery - the firewall does NAT, but the external DNS server trying to contact the internal server does so in the case of many other domains, so the firewall is properly configured for external queries - also, a dig dns1.buehlertech.net +trace works properly from the server (as does dns2.buehlertech.net which is on another public IP and behind a different router running PFSense) so dns1.buehlertech.com (and dns2.buehlertech.com) must be visible without difficulty to the external dns server. The server shouldn't really be trying to communicate with it's own public IP (itself), but rather the external dns server which then should simply return the public IP of the server doing the query, or so I would think, but I guess dig +trace has to literally dig all the way back to itself? Even then, why is the secondary dns, which works and is on an entirely separate network, not stepping in? Also, if I do a "dig trikorausa.com +trace" from my secondary server (dns2.buehlertech.net) it works fine. Perhaps the PFSense router is handling the query and NAT properly and the m0n0wall router is not? At this point to me it is some sort of voodoo dns issue (and here I am without any animal sacrifice to offer it), but it isn't causing me any real headaches since SmartDns works. I will look more closely at NAT, though, as I suspect you are right that it is at the center of the issue somehow - it simply redirect inbound requests to port 53 of the server in question, nothing complex. I still need to look at the other external cases, but I have a feeling that there will be some misconfigured DNS or other problems in those cases. It also does not sound like an XMail issue anymore either, so my apologies for continuing on here. I will post a final time if I find out what is going on simply for the sake of posterity! Thanks, Jeff Rob Arends wrote: > This will be a fault where the world uses you public IP to access your zone > hosted on your server, but when your server tries to resolve > dns1.buehlertech.net it is not contactable (probably because of NAT on a > firewall) and so tries dns2.buehlertech.net, but it is also not contactable. > Then it goes back to the root to try again, but of course there is no way > you can talk to yourself via a public IP. > > I may have got a little bit of the process wrong, but in essence it is > correct. > If anyone can talk to you, but you can't talk to you, then it will be NAT. > > Try BIND views, or hosting on a different server, or allowing dns resolution > from 127.0.0.1, then pointing resolv.conf to 127.0.0.1 > > > Rob :-) > > _ > It might look like I'm doing nothing, but on a cellular level, I'm quite > busy. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Jeff Buehler > Sent: Saturday, February 23, 2008 11:36 AM > To: xmail@xmailserver.org > Subject: [xmail] Re: FreeBSD problem (similar to NetBSD problem report ed > earlier?) > > Hi Davide - > > Sorry about the delay on this - I was in away yesterday and today... > > Here is a sample of the dig + trace - I copied only the last two entries > - basically this pattern is repeated until the "too many lookups" > result. The other domains this server is authoritative for produce the > same result except for buehlertech.net and buehlertech.com which work > fine. The only differences I can think of is the reverse points to > buehlertech.net and the domain is buehlertech.net in resolv.conf and in > the hosts file (but why would buehlertech.com work?). > > ;; Received 117 bytes from 192.5.6.30#53(a.gtld-servers.net) in 126 ms > > com.21365 IN NS e.gtld-servers.net. > com.21365 IN NS f.gtld-servers.net. > com.21365 IN NS g.gtld-servers.net. > com.21365 IN NS h.gtld-servers.net. > com.21365 IN NS i.gtld-servers.net. > com.21365 IN NS j.gtld-servers.net. > com.21365 IN NS k.gtld-servers.net. > com.21365 IN NS l.gtld-servers.net. > com.21365 IN NS m.gtld-servers.net. > com.21365 IN NS a.gtld-servers.net. > com.21365 IN NS b.gtld-servers.net. > com.21365 IN NS c.gtld-servers.net. > com.21365 IN NS d.gtld-servers.net. > ;; Received 504 bytes from 67.102.108.82#
[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)
Hi Davide - Sorry about the delay on this - I was in away yesterday and today... Here is a sample of the dig + trace - I copied only the last two entries - basically this pattern is repeated until the "too many lookups" result. The other domains this server is authoritative for produce the same result except for buehlertech.net and buehlertech.com which work fine. The only differences I can think of is the reverse points to buehlertech.net and the domain is buehlertech.net in resolv.conf and in the hosts file (but why would buehlertech.com work?). ;; Received 117 bytes from 192.5.6.30#53(a.gtld-servers.net) in 126 ms com.21365 IN NS e.gtld-servers.net. com.21365 IN NS f.gtld-servers.net. com.21365 IN NS g.gtld-servers.net. com.21365 IN NS h.gtld-servers.net. com.21365 IN NS i.gtld-servers.net. com.21365 IN NS j.gtld-servers.net. com.21365 IN NS k.gtld-servers.net. com.21365 IN NS l.gtld-servers.net. com.21365 IN NS m.gtld-servers.net. com.21365 IN NS a.gtld-servers.net. com.21365 IN NS b.gtld-servers.net. com.21365 IN NS c.gtld-servers.net. com.21365 IN NS d.gtld-servers.net. ;; Received 504 bytes from 67.102.108.82#53(dns1.buehlertech.net) in 68 ms trikorausa.com. 172800 IN NS dns1.buehlertech.net. trikorausa.com. 172800 IN NS dns2.buehlertech.net. ;; Received 117 bytes from 192.12.94.30#53(e.gtld-servers.net) in 93 ms com.21365 IN NS c.gtld-servers.net. com.21365 IN NS d.gtld-servers.net. com.21365 IN NS e.gtld-servers.net. com.21365 IN NS f.gtld-servers.net. com.21365 IN NS g.gtld-servers.net. com.21365 IN NS h.gtld-servers.net. com.21365 IN NS i.gtld-servers.net. com.21365 IN NS j.gtld-servers.net. com.21365 IN NS k.gtld-servers.net. com.21365 IN NS l.gtld-servers.net. com.21365 IN NS m.gtld-servers.net. com.21365 IN NS a.gtld-servers.net. com.21365 IN NS b.gtld-servers.net. ;; Received 504 bytes from 67.102.108.82#53(dns1.buehlertech.net) in 54 ms trikorausa.com. 172800 IN NS dns1.buehlertech.net. trikorausa.com. 172800 IN NS dns2.buehlertech.net. dig: too many lookups Jeff Davide Libenzi wrote: > On Thu, 21 Feb 2008, Jeff Buehler wrote: > > >> By the way, the trace does, and always has, produced the correct name >> servers (dns1.buehlertech.net and dns2.buehlertech.net), it just >> continues to trace after that result. >> > > Do they set the correct AUTHORITY bit in the answer? > > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)
By the way, the trace does, and always has, produced the correct name servers (dns1.buehlertech.net and dns2.buehlertech.net), it just continues to trace after that result. Jeff Jeff Buehler wrote: > Hi Clement - > > Yes - that is the setup, and the m0n0wall provides NAT to the servers > services. > > dig @localhost (or serving LAN ip) triokorausa.com +trace produces the > same "dig: too many lookups" error as does the dig @external-dns > trikorausa.com +trace. Which also seems odd to me, but I have a strange > feeling that it is the correct (to be expected) behavior, even if it is > undesirable in this case. Or perhaps a recent update to FreeBSD is > causing a problem? > > Jeff > > CLEMENT Francis wrote: > >> Hey Jeff >> >> Seams I did not understood all of your dns server setup. >> I thinked you dns only returned a list of NS for the domains it is >> autoritive. >> Sorry :) >> >> Another possibility :) : >> Just in case there is a problem with natted loop-back at monowall = >> router >> >> I suppose you have this physical hardware setup (correct if wrong) : >> >> Internet <-> MonoWall <-> 'autoritive only' dns server ;) / xmail = >> server >> >> Is it this ? >> >> Does the interface between Monowall and dns/xmail server do NAT ? >> >> If NATTED servers : >> >> What does a dig from the dns/xmail server to itself using its internal = >> ip >> address ? >> dig @internal-dns-server-ip-address trikorausa.com +trace >> >> And a dig from the xmail server using the External ip address of the = >> dns >> server (so the Monowall external ip) ? >> dig @monowall-external-internet-ip trikorausa.com +trace >> >> Francis >> >> >> >> >> -Message d'origine- >> De : [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] la part de Jeff Buehler >> Envoy=E9 : jeudi 21 f=E9vrier 2008 17:12 >> =C0 : xmail@xmailserver.org >> Objet : [xmail] Re: FreeBSD problem (similar to NetBSD problem report = >> ed >> earlier?) >> >> >> I should also clarify, as you mention users, that none of this has=20 >> anything to do with users on a LAN. This is a hosting server providing = >> >> web services and email, along with some other functionality. The issue = >> >> at question is how this particular server sees domains that are = >> external=20 >> to it. It has no way of knowing about yahoo.com or hotmail.com without = >> >> a name server that provides recursive lookups, so I have assigned it a=20 >> name server that does. It just so happens that in the case of this one = >> >> domain (trikorausa.com) this server provides the authoritative DNS (A=20 >> records, MX records, etc.). There is no way (that I know about) for me = >> >> to have it query itself just for domains it knows about, then query=20 >> external dns for everything else. >> >> Thanks again, >> Jeff >> >> Jeff Buehler wrote: >> >> >>> Hi Clement - >>> >>> Perhaps I am using the wrong semantics, or perhaps I am not = >>> >>> >> completely=20 >> >> >>> understanding you, or possibly I am doing something wrong (even = >>> >>> >> thought=20 >> >> >>> I have been doing it this way more or less for about 10 years!). = >>> >>> >> This=20 >> >> >>> server provides (what I understand to be) true authoritative name=20 >>> resolution for about 60 domains and ONLY those 60 domains, but = >>> >>> >> provides=20 >> >> >>> no recursive lookups nor any caching - no systems on the LAN query = >>> >>> >> it,=20 >> >> >>> or any other server I provide locally, for DNS resolution. It is = >>> >>> >> simply=20 >> >> >>> queried by external caching DNS servers on the net for name = >>> >>> >> resolution=20 >> >> >>> of a small number of domains. I do provide complete zone content for = >>> >>> >> >> >>> these domains, but not for other domains such as yahoo.com = >>> >>> >> (obviously)=20 >> >> >>> which need to be queried elsewhere as no caching is being done
[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)
Hi Clement - Yes - that is the setup, and the m0n0wall provides NAT to the servers services. dig @localhost (or serving LAN ip) triokorausa.com +trace produces the same "dig: too many lookups" error as does the dig @external-dns trikorausa.com +trace. Which also seems odd to me, but I have a strange feeling that it is the correct (to be expected) behavior, even if it is undesirable in this case. Or perhaps a recent update to FreeBSD is causing a problem? Jeff CLEMENT Francis wrote: > Hey Jeff > > Seams I did not understood all of your dns server setup. > I thinked you dns only returned a list of NS for the domains it is > autoritive. > Sorry :) > > Another possibility :) : > Just in case there is a problem with natted loop-back at monowall = > router > > I suppose you have this physical hardware setup (correct if wrong) : > > Internet <-> MonoWall <-> 'autoritive only' dns server ;) / xmail = > server > > Is it this ? > > Does the interface between Monowall and dns/xmail server do NAT ? > > If NATTED servers : > > What does a dig from the dns/xmail server to itself using its internal = > ip > address ? > dig @internal-dns-server-ip-address trikorausa.com +trace > > And a dig from the xmail server using the External ip address of the = > dns > server (so the Monowall external ip) ? > dig @monowall-external-internet-ip trikorausa.com +trace > > Francis > > > > > -Message d'origine- > De : [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] la part de Jeff Buehler > Envoy=E9 : jeudi 21 f=E9vrier 2008 17:12 > =C0 : xmail@xmailserver.org > Objet : [xmail] Re: FreeBSD problem (similar to NetBSD problem report = > ed > earlier?) > > > I should also clarify, as you mention users, that none of this has=20 > anything to do with users on a LAN. This is a hosting server providing = > > web services and email, along with some other functionality. The issue = > > at question is how this particular server sees domains that are = > external=20 > to it. It has no way of knowing about yahoo.com or hotmail.com without = > > a name server that provides recursive lookups, so I have assigned it a=20 > name server that does. It just so happens that in the case of this one = > > domain (trikorausa.com) this server provides the authoritative DNS (A=20 > records, MX records, etc.). There is no way (that I know about) for me = > > to have it query itself just for domains it knows about, then query=20 > external dns for everything else. > > Thanks again, > Jeff > > Jeff Buehler wrote: > >> Hi Clement - >> >> Perhaps I am using the wrong semantics, or perhaps I am not = >> > completely=20 > >> understanding you, or possibly I am doing something wrong (even = >> > thought=20 > >> I have been doing it this way more or less for about 10 years!). = >> > This=20 > >> server provides (what I understand to be) true authoritative name=20 >> resolution for about 60 domains and ONLY those 60 domains, but = >> > provides=20 > >> no recursive lookups nor any caching - no systems on the LAN query = >> > it,=20 > >> or any other server I provide locally, for DNS resolution. It is = >> > simply=20 > >> queried by external caching DNS servers on the net for name = >> > resolution=20 > >> of a small number of domains. I do provide complete zone content for = >> > > >> these domains, but not for other domains such as yahoo.com = >> > (obviously)=20 > >> which need to be queried elsewhere as no caching is being done. >> >> My understanding is that a DNS server generally should not provide=20 >> recursive lookups and caching while also providing authoritative=20 >> resolution of domains for security reasons. This at least is a=20 >> recommendation made by Dan Bernstein (author of Tiny DNS) and makes=20 >> sense to me - Bind and MS systems allow it, but it is probably not a=20 >> good idea. >> >> Am I missing something? Thanks for your input ... >> >> Jeff >> >> > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)
I should also clarify, as you mention users, that none of this has anything to do with users on a LAN. This is a hosting server providing web services and email, along with some other functionality. The issue at question is how this particular server sees domains that are external to it. It has no way of knowing about yahoo.com or hotmail.com without a name server that provides recursive lookups, so I have assigned it a name server that does. It just so happens that in the case of this one domain (trikorausa.com) this server provides the authoritative DNS (A records, MX records, etc.). There is no way (that I know about) for me to have it query itself just for domains it knows about, then query external dns for everything else. Thanks again, Jeff Jeff Buehler wrote: > Hi Clement - > > Perhaps I am using the wrong semantics, or perhaps I am not completely > understanding you, or possibly I am doing something wrong (even thought > I have been doing it this way more or less for about 10 years!). This > server provides (what I understand to be) true authoritative name > resolution for about 60 domains and ONLY those 60 domains, but provides > no recursive lookups nor any caching - no systems on the LAN query it, > or any other server I provide locally, for DNS resolution. It is simply > queried by external caching DNS servers on the net for name resolution > of a small number of domains. I do provide complete zone content for > these domains, but not for other domains such as yahoo.com (obviously) > which need to be queried elsewhere as no caching is being done. > > My understanding is that a DNS server generally should not provide > recursive lookups and caching while also providing authoritative > resolution of domains for security reasons. This at least is a > recommendation made by Dan Bernstein (author of Tiny DNS) and makes > sense to me - Bind and MS systems allow it, but it is probably not a > good idea. > > Am I missing something? Thanks for your input ... > > Jeff > > CLEMENT Francis wrote: > >> As an autoritive dns, why do you want your internal network to go to = >> the >> 'external' dns servers >> An autoritive dns server for a zone is ONLY one of the NS listed, and = >> theses >> NS roles suppose they have a full copy of the zone content. >> As many election algorythms will sort the ns entries to place the = >> 'locals' >> (network point of vue) as the preferred to ask first, your 'internal >> autoritive' that does not have all of the zone will surely be elected ! >> >> Then, the local computer electing to use you 'false autoritive server', = >> that >> is online and response to dns queries even if not the desirable good >> responses from user point of vue, but a 'good' response at dns protocol >> point of vue, why do you want them to 'change' and switch to the = >> 'external >> true autoritive servers' ? >> A tcpdump for dns traffic on your local network could show that for DOM >> domain almost all the queries are send to you 'false autoritive = >> server'. >> >> Best way to resolve this issue : >> - Don't use any 'internal dns server' for this zone at all >> or >> - Give your internal dns server the complete zone content to become a = >> true >> autoritive dns server for the zone :) >> (Notice that doing so if your local dns is behind a nat server, you = >> could >> face a commom 'nat firewall' loopback issue. I can explain if you want) >> >> Francis >> >> >> -Message d'origine- >> De : [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] la part de Jeff Buehler >> Envoy=E9 : mercredi 20 f=E9vrier 2008 20:35 >> =C0 : xmail@xmailserver.org >> Objet : [xmail] Re: FreeBSD problem (similar to NetBSD problem report = >> ed >> earlier?) >> >> >> Hi Davide - >> >> Yes, it works from an external line, but not from the server itself. I = >> >> am trying to figure out why providing the authoritative DNS for that=20 >> domain (pointing to another server on the net which provides everything = >> >> else for the domain) causes the failure - it seems to be looping, which = >> >> might be expected behavior, but I'm not certain. At this point since = >> it=20 >> works with SmartDNS it is mostly curiosity. >> >> Jeff >> >> - >> To unsubscribe from this list: send the line "unsubscribe xmail" in >> the body of a message to [EMAIL PROTECTED] >> For general help: send the line "help" in the body of a message to >> [EMAIL PROTECTED] >> >> >> > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)
Hi Clement - Perhaps I am using the wrong semantics, or perhaps I am not completely understanding you, or possibly I am doing something wrong (even thought I have been doing it this way more or less for about 10 years!). This server provides (what I understand to be) true authoritative name resolution for about 60 domains and ONLY those 60 domains, but provides no recursive lookups nor any caching - no systems on the LAN query it, or any other server I provide locally, for DNS resolution. It is simply queried by external caching DNS servers on the net for name resolution of a small number of domains. I do provide complete zone content for these domains, but not for other domains such as yahoo.com (obviously) which need to be queried elsewhere as no caching is being done. My understanding is that a DNS server generally should not provide recursive lookups and caching while also providing authoritative resolution of domains for security reasons. This at least is a recommendation made by Dan Bernstein (author of Tiny DNS) and makes sense to me - Bind and MS systems allow it, but it is probably not a good idea. Am I missing something? Thanks for your input ... Jeff CLEMENT Francis wrote: > As an autoritive dns, why do you want your internal network to go to = > the > 'external' dns servers > An autoritive dns server for a zone is ONLY one of the NS listed, and = > theses > NS roles suppose they have a full copy of the zone content. > As many election algorythms will sort the ns entries to place the = > 'locals' > (network point of vue) as the preferred to ask first, your 'internal > autoritive' that does not have all of the zone will surely be elected ! > > Then, the local computer electing to use you 'false autoritive server', = > that > is online and response to dns queries even if not the desirable good > responses from user point of vue, but a 'good' response at dns protocol > point of vue, why do you want them to 'change' and switch to the = > 'external > true autoritive servers' ? > A tcpdump for dns traffic on your local network could show that for DOM > domain almost all the queries are send to you 'false autoritive = > server'. > > Best way to resolve this issue : > - Don't use any 'internal dns server' for this zone at all > or > - Give your internal dns server the complete zone content to become a = > true > autoritive dns server for the zone :) > (Notice that doing so if your local dns is behind a nat server, you = > could > face a commom 'nat firewall' loopback issue. I can explain if you want) > > Francis > > > -Message d'origine- > De : [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] la part de Jeff Buehler > Envoy=E9 : mercredi 20 f=E9vrier 2008 20:35 > =C0 : xmail@xmailserver.org > Objet : [xmail] Re: FreeBSD problem (similar to NetBSD problem report = > ed > earlier?) > > > Hi Davide - > > Yes, it works from an external line, but not from the server itself. I = > > am trying to figure out why providing the authoritative DNS for that=20 > domain (pointing to another server on the net which provides everything = > > else for the domain) causes the failure - it seems to be looping, which = > > might be expected behavior, but I'm not certain. At this point since = > it=20 > works with SmartDNS it is mostly curiosity. > > Jeff > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)
Hi Davide - Yes, it works from an external line, but not from the server itself. I am trying to figure out why providing the authoritative DNS for that domain (pointing to another server on the net which provides everything else for the domain) causes the failure - it seems to be looping, which might be expected behavior, but I'm not certain. At this point since it works with SmartDNS it is mostly curiosity. Jeff Davide Libenzi wrote: > On Wed, 20 Feb 2008, Jeff Buehler wrote: > > >> OK, just to add to my confusion, here is part of what is going on - this >> server also provides the authoritative DNS for trikorausa.com (but not >> local DNS queries or caching!). It does not provide any other services >> for trikorausa.com (no email etc.) - the records point to an outside >> address. If I do a "dig @an-external-dns-server trikorausa.com +trace" >> I still get a "dig: Too many lookups" error. Does that make sense - is >> it looping? It seems like it should work - the external primary DNS >> knows the server doing the dig provides the authoritative DNS, shouldn't >> it simply trace back to it and stop? Essentially the server is simply >> doing a trace from an external DNS server back to itself. If I do a dig >> using ANY dns server from the server that provides the authoritative DNS >> for this domain I get the same result. As Davide reported if I do a dig >> to trikorausa.com from an outside line the trace is fine and does not fail. >> >> Also I don't know what the story is with the other domains - I only have >> client reports at this point about unexpected failures. Also, three >> weeks ago I was able to send email to trikorausa.com without the >> "nxdomain" error. >> > > From here it works just fine: > > > [EMAIL PROTECTED]:~$ dig trikorausa.com mx +trace > > ; <<>> DiG 9.4.2 <<>> trikorausa.com mx +trace > ;; global options: printcmd > ... 324708 IN NS J.ROOT-SERVERS.NET. > ... 324708 IN NS K.ROOT-SERVERS.NET. > ... 324708 IN NS L.ROOT-SERVERS.NET. > ... 324708 IN NS M.ROOT-SERVERS.NET. > ... 324708 IN NS A.ROOT-SERVERS.NET. > ... 324708 IN NS B.ROOT-SERVERS.NET. > ... 324708 IN NS C.ROOT-SERVERS.NET. > ... 324708 IN NS D.ROOT-SERVERS.NET. > ... 324708 IN NS E.ROOT-SERVERS.NET. > ... 324708 IN NS F.ROOT-SERVERS.NET. > ... 324708 IN NS G.ROOT-SERVERS.NET. > ... 324708 IN NS H.ROOT-SERVERS.NET. > ... 324708 IN NS I.ROOT-SERVERS.NET. > ;; Received 428 bytes from 10.107.17.218#53(10.107.17.218) in 0 ms > > com.172800 IN NS D.GTLD-SERVERS.NET. > com.172800 IN NS F.GTLD-SERVERS.NET. > com.172800 IN NS B.GTLD-SERVERS.NET. > com.172800 IN NS E.GTLD-SERVERS.NET. > com.172800 IN NS H.GTLD-SERVERS.NET. > com.172800 IN NS M.GTLD-SERVERS.NET. > com.172800 IN NS K.GTLD-SERVERS.NET. > com.172800 IN NS C.GTLD-SERVERS.NET. > com.172800 IN NS I.GTLD-SERVERS.NET. > com.172800 IN NS J.GTLD-SERVERS.NET. > com.172800 IN NS L.GTLD-SERVERS.NET. > com.172800 IN NS A.GTLD-SERVERS.NET. > com.172800 IN NS G.GTLD-SERVERS.NET. > ;; Received 492 bytes from 202.12.27.33#53(M.ROOT-SERVERS.NET) in 127 ms > > trikorausa.com. 172800 IN NS dns1.buehlertech.net. > trikorausa.com. 172800 IN NS dns2.buehlertech.net. > ;; Received 117 bytes from 192.43.172.30#53(I.GTLD-SERVERS.NET) in 197 ms > > trikorausa.com. 43200 IN MX 10 mail.trikorausa.com. > trikorausa.com. 43200 IN NS dns1.buehlertech.net. > trikorausa.com. 43200 IN NS dns2.buehlertech.net. > ;; Received 154 bytes from 69.12.155.168#53(dns2.buehlertech.net) in 35 ms > > > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)
OK, just to add to my confusion, here is part of what is going on - this server also provides the authoritative DNS for trikorausa.com (but not local DNS queries or caching!). It does not provide any other services for trikorausa.com (no email etc.) - the records point to an outside address. If I do a "dig @an-external-dns-server trikorausa.com +trace" I still get a "dig: Too many lookups" error. Does that make sense - is it looping? It seems like it should work - the external primary DNS knows the server doing the dig provides the authoritative DNS, shouldn't it simply trace back to it and stop? Essentially the server is simply doing a trace from an external DNS server back to itself. If I do a dig using ANY dns server from the server that provides the authoritative DNS for this domain I get the same result. As Davide reported if I do a dig to trikorausa.com from an outside line the trace is fine and does not fail. Also I don't know what the story is with the other domains - I only have client reports at this point about unexpected failures. Also, three weeks ago I was able to send email to trikorausa.com without the "nxdomain" error. Jeff CLEMENT Francis wrote: > Hello Davide > > Recently I asked you how SMARTDnshost variable affected xmail internal > resolver, and you said that when using SmartDnsHost, xmail only ask for = > the > 'final' request (directly the mx lookup without trying first soa, ns, = > . ) > > I asked this because I had the same problem as Jeff but was not at this = > time > able to find the reason about xmail resolver without smartdnshost = > setting > able or not to find the mx records for domains that was ok with dig = > and/or > nslookups at xmail server side (so using os resolver) and that the same > xmail server with smartdnshost applied was able to find without = > problems > (with all involved dns servers caches cleaned that don't use smart = > hosts > themself) > > I didn't have time to trace dns queries w/wo SmarDnshost usage (to see > timings, ...) but it seems that in some cases of long latencies on the = > wire > (temporarly high bandwidth usages, ...) xmail 'timeouts' quicker for = > dns > queries than then it use 'classic' resolvers (SmartDnsHost setting in > effect). > The problem could be after this timeout : how xmail handle this ? retry > later ? and on persistent 'no response from dns server', flag the = > domain > with an 'nxdomain' internal error without having any valid 'nxdomain' > responses ? > Could any of these be possible ? > Any way to test xmail resolver by changing xmail internal dns 'timeout' > value ? > > Francis > > > -Message d'origine- > De : [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] la part de Davide Libenzi > Envoy=E9 : mardi 19 f=E9vrier 2008 21:33 > =C0 : XMail mailing list > Objet : [xmail] Re: FreeBSD problem (similar to NetBSD problem reported > earlier?) > > > On Tue, 19 Feb 2008, Jeff Buehler wrote: > > >> Hi Davide - >> =20 >> Everything works when I use SmartDNS host to point to the same = >> > resolver=20 > >> as the server uses (a m0n0wall router). >> If I do not use SmartDNS host, I get the error to domains that can=20 >> receive email from other sources. >> =20 >> One example domain is trikorausa.com, although I am getting reports = >> > of=20 > >> the error from clients with about 5 other domains that mail can be = >> > sent=20 > >> to from other sources (like Hotmail). The results of a dig=20 >> trikorausa.com mx +trace actually result in a "dig: too many lookups" = >> > > >> failure - apparently the last time I did it a inadvertently did a = >> > "dig=20 > >> trikorausa.com mx + trace" with a space between the + and the trace = >> > and=20 > >> didn't notice that it hadn't performed a trace - sorry about that... >> =20 >> I will research why would I might get a "too many lookups" failure = >> > (the=20 > >> domain is fine and has valid MX records) and try to determine what = >> > may=20 > >> have changed recently (and if XMail is even involved) - I send to = >> > this=20 > >> domain all of the time and this seems to have started about when I=20 >> upgraded to 1.25. However, there were a number of changes around = >> > that=20 > >> time (including a FreeBSD update) so I will continue trying to = >> > isolate=20 > >> what
[xmail] Re: FreeBSD problem (similar to NetBSD problem reported earlier?)
Hi Davide - Everything works when I use SmartDNS host to point to the same resolver as the server uses (a m0n0wall router). If I do not use SmartDNS host, I get the error to domains that can receive email from other sources. One example domain is trikorausa.com, although I am getting reports of the error from clients with about 5 other domains that mail can be sent to from other sources (like Hotmail). The results of a dig trikorausa.com mx +trace actually result in a "dig: too many lookups" failure - apparently the last time I did it a inadvertently did a "dig trikorausa.com mx + trace" with a space between the + and the trace and didn't notice that it hadn't performed a trace - sorry about that... I will research why would I might get a "too many lookups" failure (the domain is fine and has valid MX records) and try to determine what may have changed recently (and if XMail is even involved) - I send to this domain all of the time and this seems to have started about when I upgraded to 1.25. However, there were a number of changes around that time (including a FreeBSD update) so I will continue trying to isolate what is up and post back if I can find the problem. Thanks, Jeff Davide Libenzi wrote: > On Tue, 19 Feb 2008, Jeff Buehler wrote: > > >> Hi David - >> I spoke too soon! The problem has reappeared, and consistently. So it was >> NOT the line speed issue. >> I will test SmartDNS settings and post the results. Presently >> /etc/resolv.conf is set to the m0n0wall router on the LAN. >> > > Are you using SmartDNSHost or not? > If yes, the DNS server configured in the SmartDNSHost returns a nary > answer. > If not, which domain is failing for you? > If domain XXX is failing, go in your XMail box, issue this command and > post here: > > $ dig XXX mx +trace > > > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: FreeBSD problem (similar to NetBSD problem reported earlier?)
I don't know why that last post got all bunched up... Setting SmartHost to the m0n0wall router solved the problem. So something changed between 1.25 and 1.24 (or in FreeBSD) regarding external DNS, possibly the "Completely changed the DNS resolution code" part in the changelog? Anyway this works fine - problem solved. Thanks again, Jeff Jeff Buehler wrote: > Hi David - > I spoke too soon! The problem has reappeared, and consistently. So it was > NOT the line speed issue. > I will test SmartDNS settings and post the results. Presently > /etc/resolv.conf is set to the m0n0wall router on the LAN. > > Jeff > > Jeff Buehler wrote: Hi David - I think I have finally solved this mysterious > problem, and of course it was an element I had not even considered (as it > often is). The line provider (Covad) for this server had a problem several > weeks ago with this line, about the time I was updating xmail to 1.25. When > they were running tests on the line, they had slowed it down (from 5.4mb > down/700k up to 300k down/60k up) and they managed to leave it that way. By > some miracle the people using this server didn't notice (nor did I), aside > from this problem, as it also provides web services - it does explain a lot > of "strange" behavior I have been seeing, though! This slowdown seems to > havebeen causing a time out on the DNS query for certain domains, so the > common denominator may have been (just guessing) a high latency on the > response time for these particular domains coupled with the very slow line > speed of my servers connection, causing the fore mentioned error (NXDOMAIN). > Now that the circuit is operating at its proper speeds, the problem has gone > away. I don't know if this is a reflection on any particular package (Bind > under *BSD, XMail, etc.) in terms of low speed testing, but it might be > worthnoting for someone that at very low speeds something is failing > intermittently. Thanks for your help and input! Jeff David Lord wrote: On 18 > Feb 2008, at 12:27, Jeff Buehler wrote: Hi all - Sorry to be late to the > gamewith this - in an earlier list email that I inadvertently deleted > (thinking I had no helpful input, of course!) titled "Problem with XMail on > NetBSD-4" there was a discussion about the error: Recipient domain > ".com"does not exist (or it has a misconfigured DNS) I am also getting > this error regularly with FreeBSD 6 and XMail 1.25. I mention it in the > XMailforums as well, and read about a number of other recent occurrences, > butnothing has been resolved specifically. As I mention in the forums, I > haveverified the domains are valid and properly configured in some of the > cases, but the errors are consistent with specific domains. In my case, one > example is "trikorausa.com" which I can send email from any server other > thanmy active XMail server under FreeBSD, adn which looks properly > configuredvia dnstools.com (I configured it, so I believe it is correct...) > Davide responded: I think XMail is getting a ERR_DNS_NXDOMAIN (NXDOMAIN) > fromyour DNS server. When that's happening, XMail does not even try to fall > back to the A record delivery. and I think seems like it may be correct, but > I am uncertain how to test this. The server does not provide DNS queries for > itself (although it provides DNS for the domains it is authoritative on) but > queries a m0n0wall router on the LAN, which queries my ISPs DNS servers. The > server is able to resolve a dig as well as dig+trace to the MX record to > trikorausa.com (and other domains) without incident. This would suggest that > something else might be going on, since the domain does have a functional > andvalid MX record, so there should be no need to fall back to an A record. > Davide's reply was in response to my problems with NetBSD-3.1 and > NetBSD-4.0.I'd been using SmartDNSHost pointing to my local dns as that was > also configured for private ips on the lan and at some point this had become > replaced by a malformed version (I'd commented out it out for some reason > andafterwards un-commented the wrong line). The only thing this broke was > local mail delivery which I didn't notice until testing new server which > usedcloned configuration of current server. This seems to be a new problem, > but I updated XMail to 1.25, FreeBSD (minor update) and the m0n0wall router > (minor update) all around the same time. I am not using SmartDNSHost, nor > have I ever, although I've been running XMail for 6 or more years... should > Itest setting it to my ISP DNS servers rather than the local m0n0wall router > (which queries the ISP servers anyway successfully with other services on > thesame server)? Does anyone have any ideas or r
[xmail] Re: FreeBSD problem (similar to NetBSD problem reported earlier?)
Hi David - I spoke too soon! The problem has reappeared, and consistently. So it was NOT the line speed issue. I will test SmartDNS settings and post the results. Presently /etc/resolv.conf is set to the m0n0wall router on the LAN. Jeff Jeff Buehler wrote: Hi David - I think I have finally solved this mysterious problem, and of course it was an element I had not even considered (as it often is). The line provider (Covad) for this server had a problem several weeks ago with this line, about the time I was updating xmail to 1.25. When they were running tests on the line, they had slowed it down (from 5.4mb down/700k up to 300k down/60k up) and they managed to leave it that way. By some miracle the people using this server didn't notice (nor did I), aside from this problem, as it also provides web services - it does explain a lot of "strange" behavior I have been seeing, though! This slowdown seems to havebeen causing a time out on the DNS query for certain domains, so the common denominator may have been (just guessing) a high latency on the response time for these particular domains coupled with the very slow line speed of my servers connection, causing the fore mentioned error (NXDOMAIN). Now that the circuit is operating at its proper speeds, the problem has gone away. I don't know if this is a reflection on any particular package (Bind under *BSD, XMail, etc.) in terms of low speed testing, but it might be worthnoting for someone that at very low speeds something is failing intermittently. Thanks for your help and input! Jeff David Lord wrote: On 18 Feb 2008, at 12:27, Jeff Buehler wrote: Hi all - Sorry to be late to the gamewith this - in an earlier list email that I inadvertently deleted (thinking I had no helpful input, of course!) titled "Problem with XMail on NetBSD-4" there was a discussion about the error: Recipient domain ".com"does not exist (or it has a misconfigured DNS) I am also getting this error regularly with FreeBSD 6 and XMail 1.25. I mention it in the XMailforums as well, and read about a number of other recent occurrences, butnothing has been resolved specifically. As I mention in the forums, I haveverified the domains are valid and properly configured in some of the cases, but the errors are consistent with specific domains. In my case, one example is "trikorausa.com" which I can send email from any server other thanmy active XMail server under FreeBSD, adn which looks properly configuredvia dnstools.com (I configured it, so I believe it is correct...) Davide responded: I think XMail is getting a ERR_DNS_NXDOMAIN (NXDOMAIN) fromyour DNS server. When that's happening, XMail does not even try to fall back to the A record delivery. and I think seems like it may be correct, but I am uncertain how to test this. The server does not provide DNS queries for itself (although it provides DNS for the domains it is authoritative on) but queries a m0n0wall router on the LAN, which queries my ISPs DNS servers. The server is able to resolve a dig as well as dig+trace to the MX record to trikorausa.com (and other domains) without incident. This would suggest that something else might be going on, since the domain does have a functional andvalid MX record, so there should be no need to fall back to an A record. Davide's reply was in response to my problems with NetBSD-3.1 and NetBSD-4.0.I'd been using SmartDNSHost pointing to my local dns as that was also configured for private ips on the lan and at some point this had become replaced by a malformed version (I'd commented out it out for some reason andafterwards un-commented the wrong line). The only thing this broke was local mail delivery which I didn't notice until testing new server which usedcloned configuration of current server. This seems to be a new problem, but I updated XMail to 1.25, FreeBSD (minor update) and the m0n0wall router (minor update) all around the same time. I am not using SmartDNSHost, nor have I ever, although I've been running XMail for 6 or more years... should Itest setting it to my ISP DNS servers rather than the local m0n0wall router (which queries the ISP servers anyway successfully with other services on thesame server)? Does anyone have any ideas or recommendations about how to test where the problem might be? I'd suggest trying with SmartDNSHost set to the router then again with it set to the ISP. What servers do you have set inresolv.conf? David Thanks, Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] general help: send the line "help" in the body of a message to [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the bodyof a message to [EMAIL PROTECTED] --- Links --- 1 mailto:[EMAIL PR
[xmail] Re: FreeBSD problem (similar to NetBSD problem reported earlier?)
Hi David - I think I have finally solved this mysterious problem, and of course it was an element I had not even considered (as it often is). The line provider (Covad) for this server had a problem several weeks ago with this line, about the time I was updating xmail to 1.25. When they were running tests on the line, they had slowed it down (from 5.4mb down/700k up to 300k down/60k up) and they managed to leave it that way. By some miracle the people using this server didn't notice (nor did I), aside from this problem, as it also provides web services - it does explain a lot of "strange" behavior I have been seeing, though! This slowdown seems to have been causing a time out on the DNS query for certain domains, so the common denominator may have been (just guessing) a high latency on the response time for these particular domains coupled with the very slow line speed of my servers connection, causing the fore mentioned error (NXDOMAIN). Now that the circuit is operating at its proper speeds, the problem has gone away. I don't know if this is a reflection on any particular package (Bind under *BSD, XMail, etc.) in terms of low speed testing, but it might be worth noting for someone that at very low speeds something is failing intermittently. Thanks for your help and input! Jeff David Lord wrote: > On 18 Feb 2008, at 12:27, Jeff Buehler wrote: > > >> Hi all - >> >> Sorry to be late to the game with this - in an earlier list email that I >> inadvertently deleted (thinking I had no helpful input, of course!) >> titled "Problem with XMail on NetBSD-4" there was a discussion about the >> error: >> >> Recipient domain ".com" does not exist (or it has a misconfigured DNS) >> >> I am also getting this error regularly with FreeBSD 6 and XMail 1.25. I >> mention it in the XMail forums as well, and read about a number of other >> recent occurrences, but nothing has been resolved specifically. As I >> mention in the forums, I have verified the domains are valid and >> properly configured in some of the cases, but the errors are consistent >> with specific domains. In my case, one example is "trikorausa.com" >> which I can send email from any server other than my active XMail server >> under FreeBSD, adn which looks properly configured via dnstools.com (I >> configured it, so I believe it is correct...) >> >> Davide responded: >> >> I think XMail is getting a ERR_DNS_NXDOMAIN (NXDOMAIN) from your DNS >> server. When that's happening, XMail does not even try to fall back to the >> A record delivery. >> >> and I think seems like it may be correct, but I am uncertain how to test >> this. The server does not provide DNS queries for itself (although it >> provides DNS for the domains it is authoritative on) but queries a >> m0n0wall router on the LAN, which queries my ISPs DNS servers. The >> server is able to resolve a dig as well as dig+trace to the MX record to >> trikorausa.com (and other domains) without incident. This would suggest >> that something else might be going on, since the domain does have a >> functional and valid MX record, so there should be no need to fall back >> to an A record. >> > > Davide's reply was in response to my problems with NetBSD-3.1 and > NetBSD-4.0. I'd been using SmartDNSHost pointing to my local dns as > that was also configured for private ips on the lan and at some point > this had become replaced by a malformed version (I'd commented out it > out for some reason and afterwards un-commented the wrong line). The > only thing this broke was local mail delivery which I didn't notice > until testing new server which used cloned configuration of current > server. > > >> This seems to be a new problem, but I updated XMail to 1.25, FreeBSD >> (minor update) and the m0n0wall router (minor update) all around the >> same time. I am not using SmartDNSHost, nor have I ever, although I've >> been running XMail for 6 or more years... should I test setting it to my >> ISP DNS servers rather than the local m0n0wall router (which queries the >> ISP servers anyway successfully with other services on the same server)? >> >> Does anyone have any ideas or recommendations about how to test where >> the problem might be? >> > > I'd suggest trying with SmartDNSHost set to the router then again > with it set to the ISP. > > What servers do you have set in resolv.conf? > > David > > > >> Thanks, >> Jeff >> > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] FreeBSD problem (similar to NetBSD problem reported earlier?)
Hi all - Sorry to be late to the game with this - in an earlier list email that I inadvertently deleted (thinking I had no helpful input, of course!) titled "Problem with XMail on NetBSD-4" there was a discussion about the error: Recipient domain ".com" does not exist (or it has a misconfigured DNS) I am also getting this error regularly with FreeBSD 6 and XMail 1.25. I mention it in the XMail forums as well, and read about a number of other recent occurrences, but nothing has been resolved specifically. As I mention in the forums, I have verified the domains are valid and properly configured in some of the cases, but the errors are consistent with specific domains. In my case, one example is "trikorausa.com" which I can send email from any server other than my active XMail server under FreeBSD, adn which looks properly configured via dnstools.com (I configured it, so I believe it is correct...) Davide responded: I think XMail is getting a ERR_DNS_NXDOMAIN (NXDOMAIN) from your DNS server. When that's happening, XMail does not even try to fall back to the A record delivery. and I think seems like it may be correct, but I am uncertain how to test this. The server does not provide DNS queries for itself (although it provides DNS for the domains it is authoritative on) but queries a m0n0wall router on the LAN, which queries my ISPs DNS servers. The server is able to resolve a dig as well as dig+trace to the MX record to trikorausa.com (and other domains) without incident. This would suggest that something else might be going on, since the domain does have a functional and valid MX record, so there should be no need to fall back to an A record. This seems to be a new problem, but I updated XMail to 1.25, FreeBSD (minor update) and the m0n0wall router (minor update) all around the same time. I am not using SmartDNSHost, nor have I ever, although I've been running XMail for 6 or more years... should I test setting it to my ISP DNS servers rather than the local m0n0wall router (which queries the ISP servers anyway successfully with other services on the same server)? Does anyone have any ideas or recommendations about how to test where the problem might be? Thanks, Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Relocate .pid file on *BSD
Hi Harald - You are right - I just tested it and had assumed that "pidfile=" set the location. It's seems strange that it would be hard coded in any application rather than parameterized. It sounds like the variable mentioned by Tjeerd might be the way to go. Jeff Harald Schneider wrote: Hi Jeff, as far as I can see this just assigns the standard path to the .pid to a variable which is used for the Kill command. It does not SET the -pid file's location - right ? IMHO it needs to be modified in the source. Any hints Davide ? -- Harald Jeff Buehler wrote: Hi Harald - It's all about the startup script on *BSD. There is no standard package for Xmail (something I have thought about setting up numerous times) in FreeBSD, so modifying a "default" template is not an issue. I place my custom startup script in /usr/local/etc/rc.d - I believe this is at least somewhat similar in the other *BSDs. It specifiers the location of the .pid file - here is the script I use, pidfile being declared explicitly: #!/bin/sh# # $FreeBSD: XMail - non-standard port # # PROVIDE: xmail # # Add the fellowing line to /etc/rc.conf.local or /etc/rc.conf # to enable xmail # # xmail_enable (bool): Set it to "YES" to enable ... /etc/rc.subr MAIL_ROOT=/server/MailRoot export MAIL_ROOT name="xmail" rcvar=`set_rcvar` command=${MAIL_ROOT}/bin/XMail command_args="-B- -W- -X- -F- -Ms /server/MailRoot -MM -Qr 50 -Ql -Pl -Sl -SI 127.0.0.1:25 -Ll -Mr 240 -Sr 300"pidfile="/var/run/XMail.pid" sig_stop=-kill $pidfile # read configurationand set defaults load_rc_config "$name" : ${xmail_enable="NO"} run_rc_command "$1" I hope that helps! Jeff Harald Schneider wrote: Hi, is there a way to relocate the XMail.pid file from /var/run to another location ? This would allow to use XMail as e.g. a proxy with user rights only, startable from a simple script - all files in a single folder. -- Harald - Tounsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED] --- Links --- 1 mailto:[EMAIL PROTECTED] 2 mailto:[EMAIL PROTECTED] 3 mailto:[EMAIL PROTECTED] 4 mailto:[EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Relocate .pid file on *BSD
Hi Harald - It's all about the startup script on *BSD. There is no standard package for Xmail (something I have thought about setting up numerous times) in FreeBSD, so modifying a "default" template is not an issue. I place my custom startup script in /usr/local/etc/rc.d - I believe this is at least somewhat similar in the other *BSDs. It specifiers the location of the .pid file - here is the script I use, pidfile being declared explicitly: #!/bin/sh # # $FreeBSD: XMail - non-standard port # # PROVIDE: xmail # # Add the fellowing line to /etc/rc.conf.local or /etc/rc.conf # to enable xmail # # xmail_enable (bool):Set it to "YES" to enable .. /etc/rc.subr MAIL_ROOT=/server/MailRoot export MAIL_ROOT name="xmail" rcvar=`set_rcvar` command=${MAIL_ROOT}/bin/XMail command_args="-B- -W- -X- -F- -Ms /server/MailRoot -MM -Qr 50 -Ql -Pl -Sl -SI 127.0.0.1:25 -Ll -Mr 240 -Sr 300" pidfile="/var/run/XMail.pid" sig_stop=-kill $pidfile # read configuration and set defaults load_rc_config "$name" : ${xmail_enable="NO"} run_rc_command "$1" I hope that helps! Jeff Harald Schneider wrote: > Hi, > > is there a way to relocate the XMail.pid file from /var/run to another > location ? > > This would allow to use XMail as e.g. a proxy with user rights only, > startable from a simple script - all files in a single folder. > > -- Harald > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: freebsd 6 problems?
Hi Davide - Under FreeBSD 6 a clean compile of 64 bit XMail 1.24 fails. The 32 bit version runs fine on 64 bit platforms (so far). If it helps, I can provide you a ssh shell to a 64 bit FreeBSD platform to recompile and test. Thanks, Jeff Davide Libenzi wrote: On Mon, 12 Mar 2007, Jeff Buehler wrote: I have been running XMail using "daemontools" under Freebsd 5/6 32 and 64 bit for about ayear or so. I have decided to discontinue using daemontools, and I only now notice than when I try to run XMail from a standard rc.d script under Freebsd(64 bit), it crashes UNLESS I run it in debug (-Md) mode, which is themode I (I think) needed to use to run it under daemontools which doesn't want things running in the background. If I run xmail locally without the -Mdparameter (for example, ./MailRoot/bin/XMail with MAIL_ROOT set properly) after a fresh compile it simply dies (signal 11) with almost no info. Under the 32 bit version of an otherwise identical OS it is fine and launches. So, does anyone have info about XMail failing under FreeBSD 6 64 bit? It appears to simply fail... A version compiled on a 32 bit platform appears to run on my 64 bit platforms although I haven't actually tested it. Thanks for any info about this! Which XMail version? XMail binary compiled for 32 or 64 bit? I remember someone mentioned about something like that, butwhen I asked more questions, he disappeared ... - Davide - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED] --- Links --- 1 mailto:[EMAIL PROTECTED] 2 mailto:[EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] freebsd 6 problems?
I have been running XMail using "daemontools" under Freebsd 5/6 32 and 64 bit for about a year or so. I have decided to discontinue using daemontools, and I only now notice than when I try to run XMail from a standard rc.d script under Freebsd (64 bit), it crashes UNLESS I run it in debug (-Md) mode, which is the mode I (I think) needed to use to run it under daemontools which doesn't want things running in the background. If I run xmail locally without the -Md parameter (for example, /MailRoot/bin/XMail with MAIL_ROOT set properly) after a fresh compile it simply dies (signal 11) with almost no info. Under the 32 bit version of an otherwise identical OS it is fine and launches. So, does anyone have info about XMail failing under FreeBSD 6 64 bit? It appears to simply fail... A version compiled on a 32 bit platform appears to run on my 64 bit platforms although I haven't actually tested it. Thanks for any info about this! Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: xmail 1.24 smtp timeouts
I am leaving on vacation for a couple of weeks on Friday. On my return I will see if I can lab test this and get to the bottom of it - if so, I will make certain to notify the list of whatever I find... Thanks again, Jeff Davide Libenzi wrote: > On Wed, 14 Feb 2007, Jeff Buehler wrote: > > >> Hi Davide - >> >> Thanks for your input - >> >> I'm running OpenSSL (OpenSSL/0.9.7e-p1). I'm not compiling against or >> running any other SSL libs (that I am aware of - is there a simple way >> to test?). I guess the important question is how much of a speed >> slowdown one might expect when using SSL. >> >> As an addendum to what I am seeing, I found out that a user had sent out >> something like 75 emails with a 9 mb attachment, which was causing the >> problem in that instance. I have reduced max attachment size to about 4 >> mb and things seem fine so far. However, 10 meg attachments have been >> fine for the entire life of 1.23 and 1.22 configured the same way (ASSP >> -> ClamSMTP -> XMail for 2 years or so?). This is a duel Opteron with 2 >> gb ram on a 1.5 mb/1.5 mb line, so it should be able to handle that kind >> of load, I would think - I am not seeing any significant loads in >> general. The server handles about 5000 email requests per day. >> >> I would suspect the ASSP -> ClamSMTP (ClamAV) -> Xmail as the culprit, >> but in this case XMail was running up the cpu cycles, and the email was >> outgoing not coming in. It would try to send the 9 mb attachment out, >> ramp up to about 98% then fail any further connections. >> > > Well, I don't know. XMail can handle that load hands down with that > machine. You can try to un-plug one of the components to see where the > problem is. > > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: xmail 1.24 smtp timeouts
Hi Davide - Thanks for your input - I'm running OpenSSL (OpenSSL/0.9.7e-p1). I'm not compiling against or running any other SSL libs (that I am aware of - is there a simple way to test?). I guess the important question is how much of a speed slowdown one might expect when using SSL. As an addendum to what I am seeing, I found out that a user had sent out something like 75 emails with a 9 mb attachment, which was causing the problem in that instance. I have reduced max attachment size to about 4 mb and things seem fine so far. However, 10 meg attachments have been fine for the entire life of 1.23 and 1.22 configured the same way (ASSP -> ClamSMTP -> XMail for 2 years or so?). This is a duel Opteron with 2 gb ram on a 1.5 mb/1.5 mb line, so it should be able to handle that kind of load, I would think - I am not seeing any significant loads in general. The server handles about 5000 email requests per day. I would suspect the ASSP -> ClamSMTP (ClamAV) -> Xmail as the culprit, but in this case XMail was running up the cpu cycles, and the email was outgoing not coming in. It would try to send the 9 mb attachment out, ramp up to about 98% then fail any further connections. Jeff Davide Libenzi wrote: > On Wed, 14 Feb 2007, Jeff Buehler wrote: > > >> Thanks for the info, Francesco. Obviously, I spend a lot of time going >> through the documentation (since all of that is right there in the docs and >> Ihad only "EnableSMTP-TLS"[TAB]"0"!) >> Do you think it reasonable to assume that I might see a performance increase >> after completely disabling all SSL functionality this way, or might I be >> "barking up the wrong tree"? Ultimately I may use SSL, but right now I have >> no need real for it... I am traveling to Germany/Paris in two days, and it >> would be nice if my mail server didn't keep locking up while I'm away! >> > > I can't be openssl. If openssl is working fine with other apps, then the > library is ok. IMO it's somthing else. > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: xmail 1.24 smtp timeouts
Thanks for the info, Francesco. Obviously, I spend a lot of time going through the documentation (since all of that is right there in the docs and Ihad only "EnableSMTP-TLS"[TAB]"0"!) Do you think it reasonable to assume that I might see a performance increase after completely disabling all SSL functionality this way, or might I be "barking up the wrong tree"? Ultimately I may use SSL, but right now I have no need real for it... I am traveling to Germany/Paris in two days, and it would be nice if my mail server didn't keep locking up while I'm away! Thanks again, Jeff Francesco Vertova wrote: At 22.25 13/02/07, you wrote: Also, I beleive (unhless I am doing something incorrectly) that I have discabled the use of SSL completely - does XMail still make calls to OpenSSL even if SSL is unused? AFAIK, in order to disable SSL in 1.24 you have to put this in server.tab: "EnableCTRL-TLS"[TAB]"0" "EnablePOP3-TLS"[TAB]"0" "EnableSMTP-TLS"[TAB]"0" and this on the command line: -B- -W- -X- Ciao, Francesco - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: sendthe line "help" in the body of a message to [EMAIL PROTECTED] --- Links --- 1 mailto:[EMAIL PROTECTED] 2 mailto:[EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: xmail 1.24 smtp timeouts
Hi Davide - Using top, XMailis the active process using CPU. However, perhaps it would display that way if the fault was with OpenSSL, which I am using. However, I am using the FreeBSD 6.2 standard port and having no problems with other SSl uses on thisd system. Also, I beleive (unhless I am doing something incorrectly) that I have discabled the use of SSL completely - does XMail still make calls to OpenSSL even if SSL is unused? I am setting in server.tab: "SSLWantVerify""0" "SSLWantCert""0" "SSLAllowSelfSigned""1" "SSLUseCertsFile""0" "SSLUseCertsDir""0" "EnableSMTP-TLS""0" Thanks, Jeff - Original Message - From: "Davide Libenzi" To: "Xmail Mailing List" Sent: Tuesday, February 13, 2007 12:52 PM Subject: [xmail] Re: xmail 1.24 smtp timeouts > On Mon, 12 Feb 2007, Jeff Buehler wrote: > >> Hi Everyone - >> >> I have been getting XMail timeouts, along with CPU use going up to >> something like 98%, after upgrading to 1.24. I am not 100% certain that >> the upgrade is what is causing this, so I am looking for ideas. I did >> not have any problems with 1.23, and I don't think that I am seeing any >> more traffic than I did when using 1.23. >> >> I am running FreeBSD 6.2, and saw this with 1.24 under 6.1 also. My >> configuration is a bit unusual. ASSP is receiving socket 25/587 -> >> ClamSMTP -> Xmail, but XMail is the executable that seems to be getting >> "overwhelmed". > > One thing that I googled time ago that was making openssl for have large > delays, was related to the lack of a good source of entropy. But if you're > not using openssl, that's never get triggered. > Also, are you sure it's XMail sucking CPU? > > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: ClamAV usage with XMail
I use ASSP withlut ClamAV, then the email is scanned by ClamSMTP WITH ClamAV. ASSP's implementation is less complete than ClamSMTP which does a deep scan. Then XMail gets the email for delivery. This has worked great up until XMail 1.24, but now I seem to be having time out problems with XMail. My guess is that 1.24 is slower with the SSL addition (even not using SSL) than 1.23 and that is cuaing it to hang. Using ClamAV with ClamSMTP I have only had one virus in over three years get through, and that due to a failed update the night before. Jeff On 2/13/2007, "David Lord" <[EMAIL PROTECTED]> wrote: >On 12 Feb 2007, at 20:28, Brian wrote: > >> Any opinions on using ClamAV with XMail? >> How good is ClamAV and is it secure / stable? > >I installed both fprot and clamav on NetBSD with intention of using >whichever I managed to get working first which turned out to be >fprot. I've no reason to suspect clamav is any less useful than fprot >and it might even be more configurable. > >I suspect glst prevents the server seeing many viruses and so far >fprot hasn't let any through to my users (me). > >David > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] xmail 1.24 smtp timeouts
Hi Everyone - I have been getting XMail timeouts, along with CPU use going up to something like 98%, after upgrading to 1.24. I am not 100% certain that the upgrade is what is causing this, so I am looking for ideas. I did not have any problems with 1.23, and I don't think that I am seeing any more traffic than I did when using 1.23. I am running FreeBSD 6.2, and saw this with 1.24 under 6.1 also. My configuration is a bit unusual. ASSP is receiving socket 25/587 -> ClamSMTP -> Xmail, but XMail is the executable that seems to be getting "overwhelmed". Reducing SMTP connections via ASSP seems to help some, as does reducing allowed file sizes, but I haven't verified this completely. The timeouts are intermittent, but always there seems to be a large number of connections via netstat. Here are the enabled server.tab entries of any interest: "NotifyTryPattern""0" "MaxMTAOps""16" "ReceivedHdrType""1" "FetchHdrTags""+X-Deliver-To,+Received,To,Cc" "SmtpMsgIPBanSpammers""550 Denied due inclusion of your IP in our spam lists" "SmtpMsgIPBanSpamAddress""550 Denied due inclusion of your email address in our spam lists" "SmtpMsgIPBanMaps""550 Denied due inclusion of your IP in the following map" "SMTP-MaxErrors""3" "MaxMessageSize""62000" "EnableAuthSMTP-POP3""1" "AllowNullSender""1" "DefaultSmtpPerms""MRVZ" "SSLWantVerify""0" "SSLWantCert""0" "SSLAllowSelfSigned""1" "SSLUseCertsFile""0" "SSLUseCertsDir""0" "EnableSMTP-TLS""0" Any help would be greatly appreciated! I am about to downgrade to 1.23... Thanks, Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Advices
ASSP is great. I sue it with ClamSMTP rather than using ASSP's virus filtering. I have been running ASSP -> ClamSMTP -> XMail for several years now with literally no problems (other than the occasional misconfiguration issue :)), however I am using FreeBSD 6 (not Windows). Jeff Emmanuel Gonzalez wrote: >Hi, > > > We're using Xmail servers for long. > > We have migrate on a Win 2K3 server and it's working fine. > > > > My question : > > - does anyone knows an antivirus working fine with xmail (on > Windows 2003 server) and working with xmail filters. > > - Can someone advise me to find a spam tool working on windows 2003 > server > > > > Again, I won't change my Xmail Server ! You did a fabulous work Davide. > > > > Thanks for your help > > > > Emmanuel Gonzalez > > > > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Poll ...
I don't need it right now, but I think it's an excellent idea to add it if it isn't a crazy amount of work. I can easily see needing it in the future... Thanks, Jeff Davide Libenzi wrote: > How many would appreciate per-RCPT SMTP filter capabilities? > > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Problems in receiving mail from hotmail
It sounds like a filter added on to XMail or something... unless you mean XMail is hanging on emails from Hotmail. I don't really understand the statement "mails from Hotmail are regularly caught as bad html" - I don't think XMail would do that unless you are talking about it actually crashing with Hotmail HTML email or something... can you clarify? Jeff Prakash wrote: > Hi All > > i am fresh to linux admin. > > In our concern we are using X-Mailserver running on Debian 2.6 Linux. > > mails from hotmail is regularly caught as badhtml and there need to manual > release of those mail > > Help me in this concern > > Regards > Prakash > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Reducing spam
Look into ASSP (Anti Spam Server Proxy). This is my favorite solution for a number of reasons. XMail has a number of tools to help with SPAM, and they work well, but I found ASSP to be significantly ahead of any specific XMail integration solutions I was able to come up with or implement after about 6 years of using it, so that's my advice. Jeff Clive Lansink wrote: > Hi list. Spam seems to be getting to rediculous levels so I'm trying to > reduce the number of spam messages I am receiving in my xmail server. > > I started by uncommenting the line in server.tab: > "CustMapsList" > "list.dsbl.org.:1,blackholes.mail-abuse.org.:1,dialups.mail-abuse.org.:0" > > First, is there any way to tell if Xmail is correctly contacting the hosts in > the maps list? It would be nice to know that it is. > > Also, what is the best system to use for this purpose? I've heard of > something called Sorbs but I don't know much about it and whether it would be > better to put that into the CustMapsList. > > Here is a random sample of a message I can expect to receive. The log entry > looks like this: > > "lansink.co.nz" "lansink.co.nz" "63.163.14.58" "2006-10-02 00:09:00" > "smtp.secureserver.net" "lansink.co.nz" "[EMAIL PROTECTED]" "[EMAIL > PROTECTED]" "S7C56" "RCPT=OK" "" "0" "" > > It is addressed to "[EMAIL PROTECTED]", which is actually wrong but I have my > domain set up so I receive all messages for the domain other than those for > other specific mailboxes. > > I take it then that the mail-from was "[EMAIL PROTECTED]", and the IP address > that this message came from was "63.163.14.58". I could possibly keep that > IP address in my own list of spamming IP addresses, but I really don't want > to have to maintain my own list. I'd rather rely on one of these public > organisations to do that, but I would still want a simple way to report an > offending IP address to people better able to deal with it. > > Is there a tool I can add to xmail that could reply to the sender of a > message with a chalenge so they must respond in a specific way to authorise > the message? I am thinking that this could be relatively simple to do by > adding a tool to xmail if it is not already done. It would rely on having a > list of senders that are known to be acceptable, and some rules for other > messages such as for email lists that are also acceptable. But any other > incoming message would be chalenged. Just an idea. > > I'm reluctant to go back to a system in which my ISP filters spam for me > because they are often too agressive and can filter out messages that I > really need to see. I'm not happy with anti-spam systems that do some sort > of analysis on the message to determine if it is spam or genuine mail. But I > do agree with coming down hard on people who misbehave and I'd like to do > what I can to stop spam at its source. > > Since we're all using xmail on this list, I would really appreciate a > discussion on how to reduce spam. Ultimately it would be good to update the > manual to make it easier for others to get to grips with this, and I'd be > happy to write something depending on what results from this discussion. > > > Clive Lansink > Email: [EMAIL PROTECTED] > Phone: +64 9 520-4242 > Mobile: +64 21 663-999 > Fax: +64 21 789-150 > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Problems installing Xmail
I haven't read the rest of this post (sorry) but in case it helps I recall it does attempt a chroot and port forward/redirect, which was a bit of a problem for me as I do this myself using ASSAP and ClamSMTP - I finally just installed XMail manually and ignored the port, which worked well. Jeff Davide Libenzi wrote: > On Sun, 1 Oct 2006, Simon Zarate wrote: > > >> While trying to install, fail and reply with this error. >> > > Hmm, something fishy is going on with the gentoo portage. Either their > package ir b0rken, or they're trying to run XMail in a chroot by doing > port forwarding. > > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Spammers - How to block them.
Hi Henri - >That's odd. How many smtp threads were you running? I've set the >maximum to 16 now where 4 should be enough to handle all incoming mail >(easily!). > > Whatever the default is (is it MaxMTAOps? - that is set to 16 on my system). Running on FreeBSD on a Athlon XP running at 2 GHz, 1 gig of RAM, fast SCSI hard drive. Nothing too fancy. Right now running ASSP -> clamsmtp -> XMail (in this case on the same system) this handily processes 4500 (or so) valid emails per day and refuses about the same number of additional SPAMs. Without the CLAMsmtp and ASSP this same system processed almost that much email without me ever seeing the problem you describe. >It's not the spam per se, I know how to get rid of that. It's because >99.5% of all incoming mail is for non-existent recipients. I don't >want to check them all to see if it's spam or not cause I already >*know* it's spam. I don't want to waste server resources and internet >bandwidth for something I already know I don't want. I just want to >get rid of those attempts from spammers to deliver spam to my server >as quickly and as easily as possible. > > > Again, if the problem is email to invalid users, I don't see how any of the other options you mentioned in XMail will necessarily help. Perhaps they will by using a different mechanism, like RBL check, that is faster than XMails own determination of an invalid address, but that seems a stretch to me. ASSP is designed to close the SMTP session immediately if it doesn't like an email for any reason specified by the admin, such as an invalid address, so it directly addresses the problem you are having. However, as also mentioned, it seems very strange to me that XMail would be so slow on refusing invalid connections as to cause connection failures from valid senders if you have a low volume of email - I don't know XMail's mechanism behind this (perhaps someone else can clarify) but I have never run into that problem, or heard of anyone else running into that problem, unless they were getting a HUGE volume of SPAM (and not specifically to invalid users). So it might be worth looking into WHY your installation is behaving this way, since it sounds fishy to me. Maybe 4 threads was too low? Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Spammers - How to block them.
Hi Henri - I suspect this makes little difference, but just in case you aren't aware of this, you can run ASSP on a different computer - it doesn't have to be the same system, and so Perl also does not need to be on your XMail system. I'm not certain why you have feelings about running something in front of XMail if it will simply reduce the burden on your server (significantly) but we all have our reasons, I suppose! If you aren't processing much email, then I can't understand why you are getting the "server too busy" errors you mentioned in your first email. Something doesn't sound quite right. Frankly, even before I was running ASSP, I was processing quite a bit of email (thousands a day, sometimes more, and thousands more a day of SPAM) and I never received an error like that on send. I understood you to say that you were getting SMTP connect errors because XMail was taking too long to refuse invalid users. Logically, if you are receiving server too busy errors simply from refusing emails to non-valid users (as I read your first email to be saying), which would require an incredible volume of invalid email (or a very, very slow server), then the only way to prevent server overload would be to put something in front of XMail, since XMail is already refusing those emails that are causing the problem. But I must have misunderstood given the direction the rest of this thread has taken. If it is simply an issue of SPAM in general, and you need to block it, and you don't want to use something like ASSP (for reasons of purity?), then your best bet is greylisting (as Rob Arends covers well), RBL blocking, and perhaps something like you mention with an automated addition to the spammers list as a last addition. Jeff Henri van Riel wrote: >Hi Jeff, > > > >>You can run ASSP on a different server than XMail. Also, you can >>use it simply to verify that the address being sent to is a valid >>one - it does not need to perform Bayesian -filter based SPAM >>blocking unless you want it to (you could open up the ruleset, or >>you can have it simply tag the email that goes through with >>something if it thinks it's SPAM). If what you need is to be able >>to close sessions to invalid addresses quickly, that is the only way >>I know how to do it. >> >> > >I'll certainly look into it but I don't like the idea of having to run >something in front of XMail... Also, I'd need to install Perl on my >mailserver which is *strictly* a mailserver. > > > >>What you suggest might work, but spammers domains and addresses >>change very rapidly, so I'm not certain you would actually cut down >>the volume much, and you would end up having to process all of that >>email. ASSP will simply terminate the session more or less >>immediately if it doesn't like the email, the sender, or the >>address, or any combination of those things. >> >> > >I don't have to process that much email though. First of all, my new >CustMapsList filters out a lot of spam. If the sender seems ok, XMail >first checks if the recipient is known. If not, it redirects it to my >catch-all account. While it is doing that, the filters.pre-data.tab >filter kicks in *before* the data command, only the headers have >arrived so far. Next, my script will get the ip address from those >headers and exits with code 3 which makes XMail to terminate the >connection. Mail with a valid recipient will still go through the >filter but that's not a problem. > >Sounds to me that it could work! ;) > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Spammers - How to block them.
Hi Henri - You can run ASSP on a different server than XMail. Also, you can use it simply to verify that the address being sent to is a valid one - it does not need to perform Bayesian -filter based SPAM blocking unless you want it to (you could open up the ruleset, or you can have it simply tag the email that goes through with something if it thinks it's SPAM). If what you need is to be able to close sessions to invalid addresses quickly, that is the only way I know how to do it. What you suggest might work, but spammers domains and addresses change very rapidly, so I'm not certain you would actually cut down the volume much, and you would end up having to process all of that email. ASSP will simply terminate the session more or less immediately if it doesn't like the email, the sender, or the address, or any combination of those things. Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Spammers - How to block them.
ASSP with XMail is an excellent solution for this - it is robust and reasonably lightweight. ASSP checks the first number of K that you specify to determine if an email is SPAM, then closes the session if it is. You can specify valid user accounts in a text file or using LDAP. If the email is invalid, it simply closes the session. Then you can forward the email to XMail for final processing. Jeff Henri van Riel wrote: >Hi all, > >I've got a peculiar problem. My domain (a sub-domain of my ISP) >receives a lot of (spam) email. I'm talking more than 15,000 emails >per day (about 10mb/hour). All these emails are for recipients *not* >defined on my domain. Someone has simply generated thousands of fake >email addresses and put them on a cd and sells that (probably). > >I've set up XMail so that it only accepts mail for known users, so I >don't really receive these emails. The problem is that my smtp threads >are always *busy*. When I try to send email from outside my LAN >through my mailserver at home I always get the message `server too >busy, retry later...` because all my SMTP threads are handling >mail from these spammers... > >What I would like is that XMail *immediately* drops the connection >with the spammer's mailserver but it doesn't seem to do that. >Connections stay open for a while because this server has dozens of >emails to deliver to my server (all for users that don't exist!). > >Is there a way to immediately drop the connection with the server that >tries to deliver mail to an unknown user and also ban this particular >mail server for at least a day? That would decrease the number of >random emails significantly and save me a lot on bandwidth. > >Any help would be appreciated. > >Thanks. > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Error messages returned to sender replicated
Leanardo: Interesting find about the errors appearing not to be XMail generated - I will have to look into that in more detail by going over the logs when I can get the time. Clement: I use an IP in the cmdalias. The FQDN of the Exchange server resolves only to one IP. Xmail connects to the Exchange server through a M0n0wall firewall/NAT device that is NAT'ing the Exchange server. I don't recall seeing multiple times the same same bounce before upgrading to 1.22 (and now that you brought it up, M0n0wall is a recent addition to the network there as well). I will have to go over the logs as soon as I can to answer your other question about whether or not the bounce is seen on the Exchange side. It sounds like I will need to spend some more time with the logs and testing on this one - I will let you know what I find - thanks for all of your input! Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Error messages returned to sender replicated
Oops - my apologies - thanks for catching that. I am trying to do too many things today. Here are two emails (with the same subject and message identifier (1137780666750.135234560.3ee.banshee.buehlertech.net) this time). From: buehlertech.net PostMaster [EMAIL PROTECTED] Sent: Friday, January 20, 2006 2:49 PM To: Jeff Buehler Subject: Error sending message [1137780666750.135234560.3ee.banshee.buehlertech.net] from [buehlertech.net] [<00>] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number of delivery attempts has been reached] [<01>] Error sending message [1137780666750.135234560.3ee.banshee.buehlertech.net] from [buehlertech.net]. ID: Mail From: <[EMAIL PROTECTED]> Rcpt To: <[EMAIL PROTECTED]> Server: [delmone.com] [<02>] The reason of the delivery failure was: The maximum number of delivery attempts has been reached [<05>] Here is listed the initial part of the message: Received: from BuehlerTechAntiSpam ([127.0.0.1]:58144) by antispam.buehlertech.net ([127.0.0.1]:25) with [XMail 1.22 ESMTP Server] id for <[EMAIL PROTECTED]> from <[EMAIL PROTECTED]>; Fri, 20 Jan 2006 10:11:04 -0800 Received: from 71.134.90.35 ([71.134.90.35] helo=mail.interoceanss.com) by BuehlerTechAntiSpam ; 20 Jan 06 18:11:02 - MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="_=_NextPart_001_01C61DEC.DE69A4EC" Subject: test4 Content-class: urn:content-classes:message X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Fri, 20 Jan 2006 10:11:00 -0800 Message-ID: <[EMAIL PROTECTED]> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: test4 Thread-Index: AcYd7N33dm49C2YAQOGUDPl2HKf/bg== From: "Jeff Buehler" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> X-Virus-Scanned: Buehler Technologies Anti-virus ClamSMTP From: buehlertech.net PostMaster [EMAIL PROTECTED] Sent: Friday, January 20, 2006 2:25 PM To: Jeff Buehler Subject: Error sending message [1137780666750.135234560.3ee.banshee.buehlertech.net] from [buehlertech.net] [<00>] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number of delivery attempts has been reached] [<01>] Error sending message [1137780666750.135234560.3ee.banshee.buehlertech.net] from [buehlertech.net]. ID: Mail From: <[EMAIL PROTECTED]> Rcpt To: <[EMAIL PROTECTED]> Server: [delmone.com] [<02>] The reason of the delivery failure was: The maximum number of delivery attempts has been reached [<05>] Here is listed the initial part of the message: Received: from BuehlerTechAntiSpam ([127.0.0.1]:58144) by antispam.buehlertech.net ([127.0.0.1]:25) with [XMail 1.22 ESMTP Server] id for <[EMAIL PROTECTED]> from <[EMAIL PROTECTED]>; Fri, 20 Jan 2006 10:11:04 -0800 Received: from 71.134.90.35 ([71.134.90.35] helo=mail.interoceanss.com) by BuehlerTechAntiSpam ; 20 Jan 06 18:11:02 - MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="_=_NextPart_001_01C61DEC.DE69A4EC" Subject: test4 Content-class: urn:content-classes:message X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Fri, 20 Jan 2006 10:11:00 -0800 Message-ID: <[EMAIL PROTECTED]> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: test4 Thread-Index: AcYd7N33dm49C2YAQOGUDPl2HKf/bg== From: "Jeff Buehler" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> X-Virus-Scanned: Buehler Technologies Anti-virus ClamSMTP Jeff Leonardo Fogel wrote: >--- Jeff Buehler wrote: > > > >>At any rate, the strange part is that each of the >>messages I sent IS >>from the same email. >> >> > >No, Jeff. They are from different e-mails. Look at the >subjects, please: test4 and test3. > >Regards. > > > > > > > > >___ >Yahoo! doce lar. Faça do Yahoo! sua homepage. >http://br.yahoo.com/homepageset.html > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Error messages returned to sender replicated
Yes - I despise Exchange, personally. However, talking the people holding the money out of using Exchange and going with LDAP/IMAP is like telling them that their father is a moron. They look dumbfounded and then proceed as if nothing was said. I host entirely on FreeBSD and I am just doing SPAM/AntiVirus filtering for this particular client. At any rate, the strange part is that each of the messages I sent IS from the same email. So, XMail is seeing two different messages (as you pointed out) but it is actually from the SAME send, so it must be getting duplicated by one of the other applications(?). So, as you mention, there is obviously something in the configuration that is causing the trouble. I will keep looking into it and report what I find for posteritys sake! Thanks, Jeff Davide Libenzi wrote: >On Mon, 23 Jan 2006, Jeff Buehler wrote: > > > >>Hmmm - ok, let me look at this a little deeper (and thanks for your input!). >> >>In answer to your questions: >> >>Exchange has its own domain, but only handles internal email (so >>outbound is Exchange -> ASSP -> (clamSMTP) -> Xmail -> INTERNET or >>inbound is INTERNET->ASSP -> (clamSMTP) -> XMail -> Exchange). Xmail >>does forward the error messages to Exchange by using "smtprelay" in >>cmdalias - it does not actually have a mail account for the Exchange >>user, it just relays. Postmaster does receive errors as well, but they >>seem inconsistent with the others - I need to research this point a bit >>more and see if I am receiving more than 1 error to this account as >>well, but I don't think I am. >> >>It appears that I am not getting one email for each failure - rather, it >>appears to be some random number of bounce emails (sometimes 3, >>sometimes 5, and so on). >> >>Two complete examples (from the same failure) follow: >> >> > >Those refer to two different messages ... > > > > >>From: buehlertech.net PostMaster [EMAIL PROTECTED] >>Sent: Friday, January 20, 2006 1:03 PM >>To: Jeff Buehler >>Subject: Error sending message >>[1137780666750.135234560.3ee.banshee.buehlertech.net] from >> >> >^^^ > > >and > > > > >>From: buehlertech.net PostMaster [EMAIL PROTECTED] >>Sent: Friday, January 20, 2006 12:22 PM >>To: Jeff Buehler >>Subject: Error sending message >>[1137775892511.135234560.250.banshee.buehlertech.net] from >> >> >^^^ > >Something funky is going on with your setup. I don't know what, but a wild >guess is that removing MS Exchange will have a 98% probability of fixing it :) > > > >- Davide > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Error messages returned to sender replicated
Thats what I thought should happen, but my Exchange users are verifiably getting multiple (it seems to be random) bounces back. Only my Exchange users seem to be affected - users accessing from a standard email client are getting the correct (single bounce) behavior). Jeff Davide Libenzi wrote: >On Sat, 21 Jan 2006, Jeff Buehler wrote: > > > >>I see. Any thoughts on what my be causing the repeat error bounces? >>Has anyone else run into this problem? >>If not, I would guess it has to do with the Exchange/ASSP/XMail >>relationship somehow since that is the only distinct thing about my >>configuration from a standard one... >>Davide, can you think of anything that may have changed between >>1.20/1.21 and 1.22 that might affect this? >> >> > >The one below is a standard bounce message that happen (only once per >message - maximum) if the maximum number of delivery attempts is reached. > > > > >>>>Ah ... I was unaware of that setting. It's commented out, which >>>>according to the documentation would seem to suggest that the errors >>>>aren't (or shouldn't be) coming from XMail at all. However, the headers >>>>indicate (to me, anyway!) that they are - here is an abbreviated example: >>>> >>>>From: buehlertech.net PostMaster [mailto:[EMAIL PROTECTED] >>>>Sent: Tuesday, January 17, 2006 6:31 AM >>>>To: Jens Jensen >>>>Subject: Error sending message >>>>[1137452256244.135361536.4d65.banshee.buehlertech.net] from >>>>[buehlertech.net] >>>> >>>>[<00>] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number >>>>of delivery attempts has been reached] >>>> >>>> > > > >- Davide > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Error messages returned to sender replicated
Hmmm - ok, let me look at this a little deeper (and thanks for your input!). In answer to your questions: Exchange has its own domain, but only handles internal email (so outbound is Exchange -> ASSP -> (clamSMTP) -> Xmail -> INTERNET or inbound is INTERNET->ASSP -> (clamSMTP) -> XMail -> Exchange). Xmail does forward the error messages to Exchange by using "smtprelay" in cmdalias - it does not actually have a mail account for the Exchange user, it just relays. Postmaster does receive errors as well, but they seem inconsistent with the others - I need to research this point a bit more and see if I am receiving more than 1 error to this account as well, but I don't think I am. It appears that I am not getting one email for each failure - rather, it appears to be some random number of bounce emails (sometimes 3, sometimes 5, and so on). Two complete examples (from the same failure) follow: From: buehlertech.net PostMaster [EMAIL PROTECTED] Sent: Friday, January 20, 2006 1:03 PM To: Jeff Buehler Subject: Error sending message [1137780666750.135234560.3ee.banshee.buehlertech.net] from [buehlertech.net] [<00>] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number of delivery attempts has been reached] [<01>] Error sending message [1137780666750.135234560.3ee.banshee.buehlertech.net] from [buehlertech.net]. ID: Mail From: <[EMAIL PROTECTED]> Rcpt To: <[EMAIL PROTECTED]> Server: [delmone.com] [<02>] The reason of the delivery failure was: The maximum number of delivery attempts has been reached [<05>] Here is listed the initial part of the message: Received: from BuehlerTechAntiSpam ([127.0.0.1]:58144) by antispam.buehlertech.net ([127.0.0.1]:25) with [XMail 1.22 ESMTP Server] id for <[EMAIL PROTECTED]> from <[EMAIL PROTECTED]>; Fri, 20 Jan 2006 10:11:04 -0800 Received: from 71.134.90.35 ([71.134.90.35] helo=mail.interoceanss.com) by BuehlerTechAntiSpam ; 20 Jan 06 18:11:02 - MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="_=_NextPart_001_01C61DEC.DE69A4EC" Subject: test4 Content-class: urn:content-classes:message X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Fri, 20 Jan 2006 10:11:00 -0800 Message-ID: <[EMAIL PROTECTED]> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: test4 Thread-Index: AcYd7N33dm49C2YAQOGUDPl2HKf/bg== From: "Jeff Buehler" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> X-Virus-Scanned: Buehler Technologies Anti-virus ClamSMTP - From: buehlertech.net PostMaster [EMAIL PROTECTED] Sent: Friday, January 20, 2006 12:22 PM To: Jeff Buehler Subject: Error sending message [1137775892511.135234560.250.banshee.buehlertech.net] from [buehlertech.net] [<00>] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number of delivery attempts has been reached] [<01>] Error sending message [1137775892511.135234560.250.banshee.buehlertech.net] from [buehlertech.net]. ID: Mail From: <[EMAIL PROTECTED]> Rcpt To: <[EMAIL PROTECTED]> Server: [delmone.com] [<02>] The reason of the delivery failure was: The maximum number of delivery attempts has been reached [<05>] Here is listed the initial part of the message: Received: from BuehlerTechAntiSpam ([127.0.0.1]:54200) by antispam.buehlertech.net ([127.0.0.1]:25) with [XMail 1.22 ESMTP Server] id for <[EMAIL PROTECTED]> from <[EMAIL PROTECTED]>; Fri, 20 Jan 2006 08:51:32 -0800 Received: from 71.134.90.35 ([71.134.90.35] helo=mail.interoceanss.com) by BuehlerTechAntiSpam ; 20 Jan 06 16:51:31 - MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="_=_NextPart_001_01C61DE1.C3D28DF8" Subject: test3 Content-class: urn:content-classes:message X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Fri, 20 Jan 2006 08:51:17 -0800 Message-ID: <[EMAIL PROTECTED]> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: test3 Thread-Index: AcYd4buU0P6OtpNtTT+mAMHshLq35g== From: "Jeff Buehler" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> X-Virus-Scanned: Buehler Technologies Anti-virus ClamSMTP Thanks, Jeff Leonardo Fogel wrote: >--- Jeff Buehler wrote : > > > >>Right now I have XMail set to >>try 10 times, so there >>seem to be 10 emails that are sent to notify the >>sender of the failure. >> >>(...) >>Exchange users that have this problem - XMail is >>running on FreeBSD, but >>a number of Exchange users send through it as shown: >> >>Exchange -> ASSP (anti-spam proxy) ->XMail -> >>Internet - the problem >>definitely happens with this flow >> >> >> > >Some thoughts: >As far as I know from XMail, a bounce (error) message >is like any other message, i.e., XMail w
[xmail] Re: Error messages returned to sender replicated
I see. Any thoughts on what my be causing the repeat error bounces? Has anyone else run into this problem? If not, I would guess it has to do with the Exchange/ASSP/XMail relationship somehow since that is the only distinct thing about my configuration from a standard one... Davide, can you think of anything that may have changed between 1.20/1.21 and 1.22 that might affect this? Jeff Davide Libenzi wrote: >On Fri, 20 Jan 2006, Jeff Buehler wrote: > > > >>Ah ... I was unaware of that setting. It's commented out, which >>according to the documentation would seem to suggest that the errors >>aren't (or shouldn't be) coming from XMail at all. However, the headers >>indicate (to me, anyway!) that they are - here is an abbreviated example: >> >>From: buehlertech.net PostMaster [mailto:[EMAIL PROTECTED] >>Sent: Tuesday, January 17, 2006 6:31 AM >>To: Jens Jensen >>Subject: Error sending message >>[1137452256244.135361536.4d65.banshee.buehlertech.net] from >>[buehlertech.net] >> >>[<00>] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number >>of delivery attempts has been reached] >> >> > >The NotifyTryPattern variable does not affect final/definitive bounces, >only intermediate ones. > > > >- Davide > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Error messages returned to sender replicated
By the way, I had no indications of this happening using 1.21 or earlier. This does not mean that it didn't for certain, but I am pretty certain that it would have come up (I was running 1.21 and maybe 1.20 from the time they were made available until the newer versions with this configuration - exchange -> assp -> xmail -> internet). It is possible that I may have made some seemingly insignificant change to any of the players involved, though, most suspect being ASSP. I have verified that I (seem) get only one failure message back to the sender when the configuration does not involve exchange, that being email client -> assp -> xmail -> internet. Unless I am misreading the documentation, I think this is also not the right behavior since NotifyTryPattern is set to the default, but I prefer it to a whole bunch of messages! Here is an example of the header for that: [<00>] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number of delivery attempts has been reached] [<01>] Error sending message [1137796073865.135234560.61c.banshee.buehlertech.net] from [buehlertech.net]. ID: Mail From: <[EMAIL PROTECTED]> Rcpt To: <[EMAIL PROTECTED]> Server: [bogusdomain.com] [<02>] The reason of the delivery failure was: The maximum number of delivery attempts has been reached Thanks again for any thoughts or ideas... Jeff Jeff Buehler wrote: >Ah ... I was unaware of that setting. It's commented out, which >according to the documentation would seem to suggest that the errors >aren't (or shouldn't be) coming from XMail at all. However, the headers >indicate (to me, anyway!) that they are - here is an abbreviated example: > >From: buehlertech.net PostMaster [mailto:[EMAIL PROTECTED] >Sent: Tuesday, January 17, 2006 6:31 AM >To: Jens Jensen >Subject: Error sending message >[1137452256244.135361536.4d65.banshee.buehlertech.net] from >[buehlertech.net] > >[<00>] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number >of delivery attempts has been reached] > >Jeff > >Davide Libenzi wrote: > > > >>On Fri, 20 Jan 2006, Jeff Buehler wrote: >> >> >> >> >> >>>Hi everyone - >>> >>>Running XMail 1.22 my users have been reporting that "No server found" >>>errors are coming back in duplicate. The mails all come in after "The >>>maximum number of delivery attempts has been reached" and the user >>>receives a separate email for each failed delivery attempt, rather than >>>one email containing all of the failures (which is the expected >>>behavior, right?). Right now I have XMail set to try 10 times, so there >>>seem to be 10 emails that are sent to notify the sender of the failure. >>>It was set to 40, and in that case the user was receiving 40 (or so) >>>emails. I have not verified that the number of returns is always >>>exactly the same as the retry setting, but it is at least somewhat close. >>> >>> >>> >>> >>How's your "NotifyTryPattern" set inside the server.tab? >> >> >> >>- Davide >> >> >>- >>To unsubscribe from this list: send the line "unsubscribe xmail" in >>the body of a message to [EMAIL PROTECTED] >>For general help: send the line "help" in the body of a message to >>[EMAIL PROTECTED] >> >> >> >> >> >> > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Error messages returned to sender replicated
Ah ... I was unaware of that setting. It's commented out, which according to the documentation would seem to suggest that the errors aren't (or shouldn't be) coming from XMail at all. However, the headers indicate (to me, anyway!) that they are - here is an abbreviated example: From: buehlertech.net PostMaster [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 17, 2006 6:31 AM To: Jens Jensen Subject: Error sending message [1137452256244.135361536.4d65.banshee.buehlertech.net] from [buehlertech.net] [<00>] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number of delivery attempts has been reached] Jeff Davide Libenzi wrote: >On Fri, 20 Jan 2006, Jeff Buehler wrote: > > > >>Hi everyone - >> >>Running XMail 1.22 my users have been reporting that "No server found" >>errors are coming back in duplicate. The mails all come in after "The >>maximum number of delivery attempts has been reached" and the user >>receives a separate email for each failed delivery attempt, rather than >>one email containing all of the failures (which is the expected >>behavior, right?). Right now I have XMail set to try 10 times, so there >>seem to be 10 emails that are sent to notify the sender of the failure. >>It was set to 40, and in that case the user was receiving 40 (or so) >>emails. I have not verified that the number of returns is always >>exactly the same as the retry setting, but it is at least somewhat close. >> >> > >How's your "NotifyTryPattern" set inside the server.tab? > > > >- Davide > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Error messages returned to sender replicated
Hi everyone - Running XMail 1.22 my users have been reporting that "No server found" errors are coming back in duplicate. The mails all come in after "The maximum number of delivery attempts has been reached" and the user receives a separate email for each failed delivery attempt, rather than one email containing all of the failures (which is the expected behavior, right?). Right now I have XMail set to try 10 times, so there seem to be 10 emails that are sent to notify the sender of the failure. It was set to 40, and in that case the user was receiving 40 (or so) emails. I have not verified that the number of returns is always exactly the same as the retry setting, but it is at least somewhat close. Has anyone seen this behavior? I am trying to verify if it is only my Exchange users that have this problem - XMail is running on FreeBSD, but a number of Exchange users send through it as shown: Exchange -> ASSP (anti-spam proxy) ->XMail -> Internet - the problem definitely happens with this flow or Email client -> ASSP -> XMail -> Internet - the problem has not been verified yet with this flow Thanks, Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Backup
I prefer rsync of the entire MailRoot directory to another system, but you could as easily rsync to an alternate media source on the same system. By using rsync, you can run it often since rsync operates incrementally (only the portions of files that have changed are replicated). I run it every 5 minutes staggered to two different systems, so changes are up to date about every 2.5 minutes. In order to do a restore you can simply rsync in the reverse direction, which might take 10 seconds or less to complete. This method can also be used for primitive but effective failover to alternate systems. Jeff Chad Fleenor wrote: >I always just tar up /var/MailRoot every night. I have had to restore >this file before because someone deleted a domain. It took me less than >5 minutes to have the domain back up and operational, no one knew that >anything had happened. > >Thanks > >Kay Seljeseth wrote: > > > >>Is a full directory backup of the mailroot the best way to make a backup of >>the xmailserver config? >> >>May the message files under the mailbox directories be excluded if not >>needing a backup of the messages, but still wanting a full config backup? >> >>(did not find any info about this in the readme file?) >> >>Thanks! >> >>- >>To unsubscribe from this list: send the line "unsubscribe xmail" in >>the body of a message to [EMAIL PROTECTED] >>For general help: send the line "help" in the body of a message to >>[EMAIL PROTECTED] >> >> >> >> >> > > > > -- Buehler Technologies 19 Circle Drive - San Rafael, CA 94901 415.459.4677 - [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: hidden copy - recent supreme court decision
Yeah, sorry about the soapbox (I had just woken up when I wrote that so I was on a bit of a soapbox - my apologies!) Issues like the one you are in are always quite complicated to resolve, and nothing is ever black and white... Right now in the U.S. these sorts of issues are really in my face all of the time. For example, one of my favorites right now, the Patriot Act! What a giant freedom sucking black hole piece of crap that is. As if taking away our toenail clippers on the plane is going to stop a determined martyr/terrorist/whatever, or high-tech invasion of privacy is going to actually protect us from some of the terrible things we have perpetrated on global affairs (I would make a list but it would reduce me to grinding my teeth). Anyway, here I am ranting again... sorry. You could always "accidentally" have an email forwarded to a given user that mentions a mail has been forwarded to the boss, and apologize later saying that it was a preconfigured behavior you were unaware of or some nonsense. By the time the boss found out, everyone involved might be a little steamed... Good luck with however it works out (and sorry to use this mail list for non-technical ranting yet again!) Jeff Vidmantas wrote: >Jeff, > >I understand moral situation quite enough and I'm not looking positive >to the things like spying on people's >letters. I'm asked to make possibility to realize such things, not to >start spying right now. >Boss will make decision. Since I'm just IT engineer, not boss or >similar, I don't know the exact reason of making copies. >But I know it is related to spreading (selling?) commercial information. >Anyway, I don't think the illegal copies are best way to fight it. I'm >feeling really uncomfortable. >But my job is to make programs... > > >Jeff Buehler wrote: > > >>Who cares about the law? What about your own sense of moral >>culpability? Sure, it's your job, and it's hard to tell your paycheck >>to f-off, but spying on people is spying on people. Life is short and >>there are a lot of ways to make money - the one thing you can keep to >>the grave is your belief that you have done what is intrinsically right >>(as long as you have stood up for that!). I don't think it's worth >>being the conduit for something that you may not be comfortable with. >>If you are, then fine, go for it. I wouldn't be, but we all come from >>different places! >> >>Jeff >> >>Leonardo Fogel wrote: >> >> >> >> >>>--- Helio Cavichiolo Jr wrote: >>> >>> >>> >>> >>> >>> >>> >>>>That's a great idea, but perhaps not enough. Here in >>>>Brazil, as in France, the >>>>law don't allow mail violation. >>>> >>>> >>>> >>>> >>>> >>>News about the topic: >>>"The decision of the TST [brazilian supreme court of >>>labour] was favourable to HSBC, under the >>>argumentation that 'the enterprise can track all >>>eletronic addresses, because there is not any privacy >>>to be preserved, since the e-mail could not be used >>>for private ends'." Security Review, year I, number 4. >>> >>> >>> >>> >>> >>> >>> >>> >>> >>>___ >>>Yahoo! doce lar. Faça do Yahoo! sua homepage. >>>http://br.yahoo.com/homepageset.html >>> >>>- >>>To unsubscribe from this list: send the line "unsubscribe xmail" in >>>the body of a message to [EMAIL PROTECTED] >>>For general help: send the line "help" in the body of a message to >>>[EMAIL PROTECTED] >>> >>> >>> >>> >>> >>> >>> >>- >>To unsubscribe from this list: send the line "unsubscribe xmail" in >>the body of a message to [EMAIL PROTECTED] >>For general help: send the line "help" in the body of a message to >>[EMAIL PROTECTED] >> >> >>__ NOD32 1.1325 (20051215) Information __ >> >>This message was checked by NOD32 antivirus system. >>http://www.eset.com >> >> >> >> >> >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: hidden copy - recent supreme court decision
Who cares about the law? What about your own sense of moral culpability? Sure, it's your job, and it's hard to tell your paycheck to f-off, but spying on people is spying on people. Life is short and there are a lot of ways to make money - the one thing you can keep to the grave is your belief that you have done what is intrinsically right (as long as you have stood up for that!). I don't think it's worth being the conduit for something that you may not be comfortable with. If you are, then fine, go for it. I wouldn't be, but we all come from different places! Jeff Leonardo Fogel wrote: >--- Helio Cavichiolo Jr wrote: > > > > >>That's a great idea, but perhaps not enough. Here in >>Brazil, as in France, the >>law don't allow mail violation. >> >> > >News about the topic: >"The decision of the TST [brazilian supreme court of >labour] was favourable to HSBC, under the >argumentation that 'the enterprise can track all >eletronic addresses, because there is not any privacy >to be preserved, since the e-mail could not be used >for private ends'." Security Review, year I, number 4. > > > > > > > > > >___ >Yahoo! doce lar. Faça do Yahoo! sua homepage. >http://br.yahoo.com/homepageset.html > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: smtp authentication to external server via cmdaliases
Sönke, thanks again! That will do the trick ... Jeff Sönke Ruempler wrote: >Hi Jeff, > >[EMAIL PROTECTED] <> wrote on Wednesday, November 23, 2005 8:09 >AM: > > > >>I am using the cmdaliases functionality to forward certain >>emails to an >>Exchange 2003 Server. I would like to disable general SMTP for the >>Exchange server and force authentication. Does anyone know >>of a way to >>authenticate the SMTP session when forwarding an email via a cmdalias? >> >> > >Not per user - but per domain: > >http://www.xmailserver.org/Readme.html#smtp_client_authentication > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] smtp authentication to external server via cmdaliases
Hi all - I am using the cmdaliases functionality to forward certain emails to an Exchange 2003 Server. I would like to disable general SMTP for the Exchange server and force authentication. Does anyone know of a way to authenticate the SMTP session when forwarding an email via a cmdalias? Thanks for any input! Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: still on clamav and xmail...
Also, check out clamsmtp if you aren't running Windows - I'm not certain if it is faster than the available XMail filters (which I have had mixed luck with over the years), but it is easy to setup and works well for me... it is very lightweight and written in C. Jeff jonn ah wrote: > >hi all, > >Can anybody tell me which av filters (clamav) works on >xmail? I followed chris franklin's directions on his >av filter with xmail but it doesnt detect eicar's test >virus when i send it thru xmail... > > >thanks! > > > > >__ >Yahoo! Mail - PC Magazine Editors' Choice 2005 >http://mail.yahoo.com >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: earthlink modified
Davide, sorry - I just reread you previous email and I now realize that you clarified already that XMail does not try an A record if MX records exist, but I am a bit confused. Are you saying that it will try the A record if the MX records exist but fail, or that it won't try the A record at all if any MX records exist even if sends to them fail? Earthlink seems to be failing because after all MX records fail, if the A record is then attempted the send is terminated completely, rather than XMail continuing to try the MX records as it should later. Or am I not clearly understanding the mechanism here... Thanks again for your input on this! Jeff Davide Libenzi wrote: >On Sat, 15 Oct 2005, Jeff Buehler wrote: > > > >>Let me try that last question without the other info: Does anyone know >>if XMail 1.22 queries A records when MX queries for a domain have >>failed? I realize this has been covered, but I'm not clear on the >>specific outcome of this ... >> >> > >Yes, of course it does. It is supposed to try the A record if MX >resolution fails. Note that XMail does not try to send to the A record if >MX records exist, but a failure happened in the delivery to such records. > > >- Davide > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: earthlink modified
Thanks, Davide. I am the worst with RFC's - many of them seem to contradict each other, so this is just a question (not an attack or even a recommendation - I am very happy with XMail!) I assume that querying the A record query is by design, based on your response, so I am wondering if there is a way to change that in the configuration. The Earthlink problem I am seeing is probably almost certainly related to this A record query. I printed this (and the RFC) earlier, but just for clarity: Earthlink says "The earthlink.net A record forwards port 25 connections to our outbound SMTP servers. Unless the mail server attempting the transaction maintains IP connectivity through the Earthlink network, delivery attempts through the A record will consequently fail and the above quoted error message will be returned." and that this is the fault of the MTA for being non-compliant with RFC 2821 (partially) shown below: RFC 2821, "Address Resolution and Mail Handling": "If one or more MX RRs are found for a given name, SMTP systems MUST NOT utilize any A RRs associated with that name unless they are located using the MX RRs; the "implicit MX" rule above applies only if there are no MX records present. If MX records are present, but none of them are usable, this situation MUST be reported as an error." So, any suggestions? Is there a way to prevent the A record query, or is there another sound reason not to prevent this? Thanks, Jeff Davide Libenzi wrote: >On Sat, 15 Oct 2005, Jeff Buehler wrote: > > > >>Let me try that last question without the other info: Does anyone know >>if XMail 1.22 queries A records when MX queries for a domain have >>failed? I realize this has been covered, but I'm not clear on the >>specific outcome of this ... >> >> > >Yes, of course it does. It is supposed to try the A record if MX >resolution fails. Note that XMail does not try to send to the A record if >MX records exist, but a failure happened in the delivery to such records. > > >- Davide > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] earthlink modified
Hi all - Let me try that last question without the other info: Does anyone know if XMail 1.22 queries A records when MX queries for a domain have failed? I realize this has been covered, but I'm not clear on the specific outcome of this ... Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: earthlink
I am familiar with that thread, but I am not certain that these problems are exactly the same (I think there are some confusing crossovers in the original thread, which was very protracted). I am running FreeBSD 5.4, Bind 9.31. I do not get simple "end of socket stream data" messages - this one is the only one I have been getting (550-EarthLink does not recognize your computer (67.102.229.138) as connecting from an EarthLink connection. If this is in error, please contact technical support) and just recently. I do not have problems sending to Hotmail. The Microsoft DNS does seem to have a problem that is related as it leads to the same errors, but in my case does not apply (at least not directly). Check this out: http://www.interact-sw.co.uk/iangblog/2004/06/02/exchangeproblems So, I am not certain that the problem you refer to and this are exactly related, although they are certainly related to some degree. I vaguely recall, however, that XMail does do an A record check if the MX records fail, is that right? I guess that is what I am trying to verify at the moment, since according to what I have read this would lead to a problem with the Earthlink servers specifically if all MX sends failed. The only other reference I found that might be of help was that Earthlink seems to change their DNS regularly, and that bogus DNS caching might be related. To that end I deleted the DNS entries from MailRoot -> dnscache->MX, which might have helped (hard to verify). Thanks, Jeff Tony Shiffer wrote: >Jeff; >This is an old and persistent issue. It has been discussed a great deal >here, but I believe the last word was that Davide does not believe it is >happening, or assigns blame to using a Microsoft DNS server. > >I have seen several fixes, but they seem to revolve around using >SMARTDNSHOST. Davide (I seem to remember anyway) just says always to blame >Microsoft DNS - and not use it. Others (such as us) have found that just >using SMARTDNSHOST solves the issue - even when a M$ DNS server is what it >points to. > >The EarthLink error is a classic - because it returns PLENTY of information >to help troubleshoot (although it hasn't been so helpful for folks on this >list who have the problem). Other manifestations of this error seem to be >when the receiving server just slams the connection shut instead of >providing a 550 message as EarthLink does. In those cases, xmail simply >reports an "end of socket stream data" - which is true enough, but not so >helpful in troubleshooting. > >Are you on *ix or Windows? > >Tony > > >- Original Message - >From: "Jeff Buehler" <[EMAIL PROTECTED]> >To: >Sent: Friday, October 14, 2005 2:39 PM >Subject: [xmail] earthlink > > > > >>Hi All - >> >>it seems to me that this may have been covered, but I wasn't able to >>find any XMail specific references to it: >> >>Sending to Earthlink, my customers are getting a number of seemingly >>intermittent errros as follows: >> >>550-EarthLink does not recognize your computer (67.102.229.138) as >>connecting from an EarthLink connection. If this is in error, please >>contact technical support. >>550 relaying to <[EMAIL PROTECTED]> prohibited by administrator >> >> >>It would seem, after some research, that this is because of a DNS >>problem in which the following occurs (according to Earthlink): >> >> are due to an improper MTA configuration with the host that is >>responsible for delivering outbound mail on your network. In a nutshell, >>the mail server which attempted to deliver mail to the earthlink.net >>e-mail address was initially unable to successfully deliver the mail to >>the earthlink.net MX (more than likely due to high load on our end, no >>Earthlink MX host was available to accept the transaction at the moment >>of the delivery attempt), and so the Earthlink A record was attempted by >>the sending mail server. The earthlink.net A record, however, forwards >>port 25 connections to our outbound SMTP servers. Unless the mail server >>attempting the transaction maintains IP connectivity through the >>Earthlink network, delivery attempts through the A record will >>consequently fail and the above quoted error message will be returned. >> >> >>on the same site where I found the most helpful information on this >>(http://forums.smartertools.com/ShowPost.aspx?PostID=3872) this is also >>mentioned: >> >> >>The behavior exhibited by the sending mail server, in this case, is not >>standard. According to RFC 2821, "Address Resolution and Mail Handling": >> >>"If one or more MX
[xmail] earthlink
Hi All - it seems to me that this may have been covered, but I wasn't able to find any XMail specific references to it: Sending to Earthlink, my customers are getting a number of seemingly intermittent errros as follows: 550-EarthLink does not recognize your computer (67.102.229.138) as connecting from an EarthLink connection. If this is in error, please contact technical support. 550 relaying to <[EMAIL PROTECTED]> prohibited by administrator It would seem, after some research, that this is because of a DNS problem in which the following occurs (according to Earthlink): are due to an improper MTA configuration with the host that is responsible for delivering outbound mail on your network. In a nutshell, the mail server which attempted to deliver mail to the earthlink.net e-mail address was initially unable to successfully deliver the mail to the earthlink.net MX (more than likely due to high load on our end, no Earthlink MX host was available to accept the transaction at the moment of the delivery attempt), and so the Earthlink A record was attempted by the sending mail server. The earthlink.net A record, however, forwards port 25 connections to our outbound SMTP servers. Unless the mail server attempting the transaction maintains IP connectivity through the Earthlink network, delivery attempts through the A record will consequently fail and the above quoted error message will be returned. on the same site where I found the most helpful information on this (http://forums.smartertools.com/ShowPost.aspx?PostID=3872) this is also mentioned: The behavior exhibited by the sending mail server, in this case, is not standard. According to RFC 2821, "Address Resolution and Mail Handling": "If one or more MX RRs are found for a given name, SMTP systems MUST NOT utilize any A RRs associated with that name unless they are located using the MX RRs; the "implicit MX" rule above applies only if there are no MX records present. If MX records are present, but none of them are usable, this situation MUST be reported as an error." http://www.faqs.org/rfcs/rfc2821.html Does anyone have any recommendations or suggestions about this? Does version 1.23 correct the attempt to send to an A record, or is that is even what may be happening? I recall a lot of commentary recently on the DNS/A record issue, but I can't recall (and I have not kept) the email thread about that. Is anyone else having this problem? Thanks, Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Build/Smoke test request ...
Here is another verification that it builds fine on FreeBSD 5.4. I haven't tried running it yet. Jeff Davide Libenzi wrote: >I might have found the reason for the XMail erratic behaviour on some BSDs >versions. I need Solaris and *BSD users to try to build and run the >following version: > >http://www.xmailserver.org/xmail-1.23-pre01.tar.gz > >Thank you! > > >- Davide > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Need testers ...
Davide - The build seemed to work flawlessly under FreeBSD 5.4 (setenv OSTYPE FreeBSD, gmake -f Makefile.bsd). All of the binaries were built, as were the correct directories (assuming they haven't changed from previous builds, that is!) Would you like me to do some very simple testing tomorrow? I can run it on a development platform and do a few email tests... Jeff Davide Libenzi wrote: >On Sun, 2 Oct 2005, Jeff Buehler wrote: > > > >>Davide - >> >>I am happy to help with FreeBSD 5.4 ... >> >> > >Thx! Here's the archive: > >http://www.xmailserver.org/xmail-1.22-pre02.tar.gz > > > >- Davide > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Need testers ...
Davide - I am happy to help with FreeBSD 5.4 ... Jeff Davide Libenzi wrote: >I need ppl with Solaris and *BSD machines that verify an XMail build >(simple build, not run) ... > > >- Davide > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: mail problem
The forum is an excellent resource, if sometimes challenging to get through (lots of info and search doesn't always cut it)... http://xmailforum.homelinux.net/ Charlie Qualls wrote: >Hey there Jeff, > >Thanks for your thinking this out for me. I'll see what else I can >find. I know that large organizations use the program and I think it's >a wonderful program, I'm a small operation with less then 30 users not >counting the users I created to try to figure out the problem. Thanks >again for some guidence on where else to look and places to look for a >answer. >In answer to you question about looking in the forums, no I didn't try >searching that. I do know that for as long as I have been reading this >group(about 2yrs) I have never seen a problem like this. > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: mail problem
Hi Charlie - Well, I'm uncertain what to tell you. My suspicion, since I have heard of no one having this particular sort of problem (there is a large XMail user base running 1.21 on Linux) is that there is something being overlooked. I would double check your findings as "scientifically" as possible, and make absolutely certain that what you think you are seeing is really what you are seeing. Make certain that the addresses you are using are all valid, that the logs are definately not reporting anything strange, your XMail server.tab settings look right, and so on. If you are certain about your findings, then I would start looking at other apps that may be interfering or trying to bind to the ports, such as Sendmail (which should be disabled, or at least XMail and Sendmail should be binding to different ports). If that all looks good, I would test your connection to make certain that packets aren't dropping or something. make certain your MTU setting is correct (if you are connecting via DSL PPP then it is likely less than the default of 1500 as I recall). I have had incorrect MTU settings cause intermittent failures that can be difficult to pin down. Without at least one or two other people verifying the findings or seeing the behavior, it probably indicates to an misconfiguration (of some sort) or an anomaly on your system. Did you try searching the forums for any similar user experiences? Jeff Charlie Qualls wrote: >Hey there Jeff, > >I forgot, this also happens if listing several people in the "to" >address field. I don't know how many before it balks though. > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: mail problem
So, when you receive mail some email is lost - the logs say that mail came in correctly but it is not in the Domains -> MailDir -> new folder and when you send email some mail is lost - the logs say that it was sent correctly, but it never arrives at the recipient email account - and this happens ONLY with mail groups that you are aware of? Is that the gist of it? Jeff Charlie Qualls wrote: >Hello Group, > > I'm using 1.21 on a redhat server running just mail. I'm having a > issue of mail delivery. The logs say the mail was received ok but > if I go look in the mailbox, it's not there. This happens > internally and externally. I set up 30 bogus accounts and using the > bat as a client set it up to mail to groups or "list". I mail 4 > test messages to the "list" of the bogus accounts. Checking each > account, some made it and some did not. There was no rhythm or > reason to which made it and which did not. > Again this is also happening to mail sent outside of our system. > Oh I also tried this with Thunderbird and had the same results but > no pattern to what was delivered and what wasn't. > > Mostly I hope I explained the problem well enough that you all > understand my problem. > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMail + SSL patch
You should ALWAYS be able to tell if someone is abusing your system by doing a somewhat regular log analysis, at least in my opinion. If I were to implement SSL, I would do this log analysis regularly anyway. This is the only way I know of that many system attacks can be discovered - vigilance on the part of a human and overall system-awareness. Many admins scan the logs only after the fact - I think this is inadequate. So it doesn't seem to me that using SSL in a general way would provide any real extra security, just extra processing time. It's best use is to make certain that an email is encrypted so that it can't be read by intermediary servers, not to prevent spammers from getting a hold of account passwords. In the case you mention, I consider it far more likely that a user would reveal their password inadvertently to a would-be hacker/spammer who would then use it to gain access, or that a user would use a simple to crack password, or some other entry point - SSL of would not help with any of this. I tell all my users not to send any email they aren't comfortable being public knowledge. SSL would correct this. It is a good service to offer for those who need it, though! For those who need to send email with industry secrets, credit card numbers, drug deals, spy vs. spy, radical anarchist viewpoints, and so on! I can't tell you what the overhead is exactly for SSL, although on a fast system it wouldn't be anywhere near 5 seconds for any but extremely large messages. However, if you are processing a lot of email, and especially allowing large attachments and the like, overall you may feel the burn! Jeff Ross Gohlke wrote: >Jeff Buehler wrote: > > >>By the way, while it is possible, I think the likelihood of spammers >> >> >going to the effort to retrieve packets to use your server for spamming >is extremely low. I have never heard of anyone going to the effort to >sniff packets simply to spam on commercial servers - none of the big >commercial servers use SSL for regular email transactions - Comcast, >SBC, and so on - and they have a lot more at risk than most of us. >Also, it is a potentially pretty big bust these days since once they use > > > >>an ill-gained password they have stepped over the law, so if they manage >> >> > > > >>to cause damage with it they might be tracked down like dogs (with your >> >> >help, of course!) > >It's hard to find the balance between paranoid and exposed... > > > >>Lastly, SSL is not very efficient since it takes time to encrypt and >> >> >then decrypt. Personally I would only use it for transactions that are >required to be secure, not for daily emailing. > >So if SSL is used, does it encrypt the ENTIRE MESSAGE, not just >authentication? Does it hog the processor or just make the user wait? For >how long? 5 or 50 extra seconds on an average email? What about >attachments? > >Encrypted email is definitely a service I want to offer. > >I think the stakes for email are only going to get higher, especially if >SPF or similar takes hold. ISPs will have to get increasingly vigilant >about how they do email. > >Here's a googled list of clients that support SSL. >http://www.uni.edu/its/us/document/unimail/ssl/ > > > >>Anyway, if you still want to use it, I would try updating your openssl >> >> >either to the newest version or to 0.9.7e (which I know works on my >system). > >Should I just download the patch from the same place in your website? > > > > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMail + SSL patch
On FreeBSD there is a port of stunnel: /usr/ports/security/stunnel Jeff Ross Gohlke wrote: >Alas, I'm on FreeBSD! Is there Linux stunnel? > >PGP would protect the mail itself, but is a separate issue from securing >SMTP Auth, no? What I'm trying to do right now is protect the ACCOUNT >INFORMATION. > >Even if it's unlikely that someone would sniff my users' packets, what's >to stop a spammer from snagging random SMTP username/pass of the Net and >using that server to send spam? I'm just trying to be consistent. > >For anyone running a commercial service for users, such issues must be >considered. > >Thanks for all the feedback. > > > >>But well, it might work - give it a try Ross. >> >> > > >ross > > > > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMail + SSL patch
By the way, while it is possible, I think the likelihood of spammers going to the effort to retrieve packets to use your server for spamming is extremely low. I have never heard of anyone going to the effort to sniff packets simply to spam on commercial servers - none of the big commercial servers use SSL for regular email transactions - Comcast, SBC, and so on - and they have a lot more at risk than most of us. Also, it is a potentially pretty big bust these days since once they use an ill-gained password they have stepped over the law, so if they manage to cause damage with it they might be tracked down like dogs (with your help, of course!) Lastly, SSL is not very efficient since it takes time to encrypt and then decrypt. Personally I would only use it for transactions that are required to be secure, not for daily emailing. Anyway, if you still want to use it, I would try updating your openssl either to the newest version or to 0.9.7e (which I know works on my system). Jeff Ross Gohlke wrote: >Alas, I'm on FreeBSD! Is there Linux stunnel? > >PGP would protect the mail itself, but is a separate issue from securing >SMTP Auth, no? What I'm trying to do right now is protect the ACCOUNT >INFORMATION. > >Even if it's unlikely that someone would sniff my users' packets, what's >to stop a spammer from snagging random SMTP username/pass of the Net and >using that server to send spam? I'm just trying to be consistent. > >For anyone running a commercial service for users, such issues must be >considered. > >Thanks for all the feedback. > > > >>But well, it might work - give it a try Ross. >> >> > > >ross > > > > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMail + SSL patch
Well, that was easy! It compiled and linked without difficulty on my FreeBSD 5.4 platform. My openssl is version 0.9.7e, however ... try upgrading to that and see if you have better luck... Jeff Ross Gohlke wrote: >I have tried to install the patch linked from the XMail homepage: >http://mail.godeltech.com/xmail/ > >My specs: >FreeBSD 5.3 >openssl-0.9.7d > >I downloaded the patch and applied it to my preexisting XMail 1.2.1 >source. I did not use the binary for FreeBSD 4.8. > >gmake -f Makefile-SSL.bsd >outputs this: > >%gmake -f Makefile-SSL.bsd >../bin/MkMachDep > SysMachine.h >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SSLSupport.cpp >SSLSupport.cpp:161:8: warning: extra tokens at end of #endif directive g++ > -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c BuffSock.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c MailSvr.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c POP3Svr.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c POP3Utils.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMAILSvr.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMAILUtils.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMTPSvr.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMTPUtils.cpp >g++ -o bin/XMail SSLSupport.o BuffSock.o CTRLSvr.o DynDNS.o DNS.o >DNSCache.o Errors.o ExtAliases.o FINGSvr.o MailConfig.o MailSvr.o >Maildir.o MailDomains.o MD5.o MiscUtils.o LMAILSvr.o AliasDomain.o >POP3GwLink.o POP3Svr.o POP3Utils.o PSYNCSvr.o ResLocks.o SList.o >SMAILSvr.o TabIndex.o SMAILUtils.o SMTPSvr.o SMTPUtils.o ShBlocks.o >StrUtils.o MessQueue.o QueueUtils.o SvrUtils.o SysDep.o UsrMailList.o >UsrAuth.o UsrUtils.o Main.o Base64Enc.o Filter.o -lkvm -lcrypt -pthread >-lc_r -lssl -lcrypto >SSLSupport.o(.text+0x388): In function `SSLMakeSession(int, int, int)': : >undefined reference to `SysSetSockNoDelay(int, int)' >POP3Utils.o(.text+0xe08): In function >`UPopSessionSendMsg(POP3_HANDLE_struct*, int, BSOCK_HANDLE_struct*)': : >undefined reference to `SysSendFile(BSOCK_HANDLE_struct*, char const*, >unsigned long, unsigned long, int)' >SMTPUtils.o(.text+0x28b6): In function >`USmtpSendMail(SMTPCH_HANDLE_struct*, char const*, char const*, >FileSection const*, SMTPError*)': >: undefined reference to `SysSendFile(BSOCK_HANDLE_struct*, char const*, >unsigned long, unsigned long, int)' >gmake: *** [bin/XMail] Error 1 > >Is anybody else interested in SSL-encrypted SMTP authentication? Is >anybody else using this patch? On FreeBSD 5.3? > >Any suggestion on what I could try? Would upgrading openssl to >openssl-0.9.7e help? > >If not SSL, what is the risk of a plaintext password sent over the >Internet being picked off and abused? > >Thanks. > >Ross > > > > > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMail + SSL patch
It would be nice to get SSL working with XMail - if I can get some time together today, Ross, I will try compiling the SSL patch for XMail 1.21 under FreeBSD 5.4, and see if I can get it working. Jeff Alexander Hagenah wrote: >Am 9.9.2005 schrieb "Sönke Ruempler" <[EMAIL PROTECTED]>: > > > >>Yes i did, even with XMail some time ago. >> >> > >I never said, it won't work - I only mentioned, that stunnel causes >often problems. >I also wrote, that he could try it out and then he will see if it works - >or won't. > >-- >Regards, >Alexander 'xaitax' Hagenah >http://xmail.topconcepts.net >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMail + SSL patch
The risk of someone bothering to parse packets and retrieve your passwords in order to gain access to user email is, I think, extremely small unless you have information that people really want to read, in which case it is easy to do. In other words, almost anyone can get a password from plain text email, but almost no one in most cases of standard email would bother wasting their time. On the other hand, if you have email or email accounts that need to be secure for specific reasons then it is mandatory that you use some form of encryption (such as SSL, etc.) because the email is easily read, and the passwords if passed in plain text are easy to retrieve. I hope that helps... Jeff Ross Gohlke wrote: >I have tried to install the patch linked from the XMail homepage: >http://mail.godeltech.com/xmail/ > >My specs: >FreeBSD 5.3 >openssl-0.9.7d > >I downloaded the patch and applied it to my preexisting XMail 1.2.1 >source. I did not use the binary for FreeBSD 4.8. > >gmake -f Makefile-SSL.bsd >outputs this: > >%gmake -f Makefile-SSL.bsd >../bin/MkMachDep > SysMachine.h >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SSLSupport.cpp >SSLSupport.cpp:161:8: warning: extra tokens at end of #endif directive g++ > -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c BuffSock.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c MailSvr.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c POP3Svr.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c POP3Utils.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMAILSvr.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMAILUtils.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMTPSvr.cpp >g++ -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1 >-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMTPUtils.cpp >g++ -o bin/XMail SSLSupport.o BuffSock.o CTRLSvr.o DynDNS.o DNS.o >DNSCache.o Errors.o ExtAliases.o FINGSvr.o MailConfig.o MailSvr.o >Maildir.o MailDomains.o MD5.o MiscUtils.o LMAILSvr.o AliasDomain.o >POP3GwLink.o POP3Svr.o POP3Utils.o PSYNCSvr.o ResLocks.o SList.o >SMAILSvr.o TabIndex.o SMAILUtils.o SMTPSvr.o SMTPUtils.o ShBlocks.o >StrUtils.o MessQueue.o QueueUtils.o SvrUtils.o SysDep.o UsrMailList.o >UsrAuth.o UsrUtils.o Main.o Base64Enc.o Filter.o -lkvm -lcrypt -pthread >-lc_r -lssl -lcrypto >SSLSupport.o(.text+0x388): In function `SSLMakeSession(int, int, int)': : >undefined reference to `SysSetSockNoDelay(int, int)' >POP3Utils.o(.text+0xe08): In function >`UPopSessionSendMsg(POP3_HANDLE_struct*, int, BSOCK_HANDLE_struct*)': : >undefined reference to `SysSendFile(BSOCK_HANDLE_struct*, char const*, >unsigned long, unsigned long, int)' >SMTPUtils.o(.text+0x28b6): In function >`USmtpSendMail(SMTPCH_HANDLE_struct*, char const*, char const*, >FileSection const*, SMTPError*)': >: undefined reference to `SysSendFile(BSOCK_HANDLE_struct*, char const*, >unsigned long, unsigned long, int)' >gmake: *** [bin/XMail] Error 1 > >Is anybody else interested in SSL-encrypted SMTP authentication? Is >anybody else using this patch? On FreeBSD 5.3? > >Any suggestion on what I could try? Would upgrading openssl to >openssl-0.9.7e help? > >If not SSL, what is the risk of a plaintext password sent over the >Internet being picked off and abused? > >Thanks. > >Ross > > > > > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: stopping spam
Ah - I was only referring to a Spam Assassin filter I sued with XMail, and in my case as of about a year ago (the last time I set it up and used it). Glad that it has all of those features now - it didn't that I was aware of then. No danger of flame at all - I like dialog about this stuff - it helps me clarify my own direction and make changes if better options are out there. However, with respect to efficiency, you mention that to use Spam Assassin in these ways requires a significant investment not only time to install, but also in hardware. This is largely what I was referring to when I mentioned ASSP - it is robust, easy to install, extremely powerful and configurable AND there is no reason to run it on separate platform because it isn't a memory or a CPU hog, and it is fast. I have yet to try ALL of the Spam Assassin apps you comment on (SpamC, SPamD, etc.) - when I ran it under FreeBSD it was simply a perl filter in XMail and SpamD running (I vaguely recall RBL through Razor or some name like that). At the time, it was really slow, but there was no SMTP session handling, so I'm glad that has been introduced. In my case, I run ASSP -> ClamSMTPD (effective and thorough antivirus) -> XMail (and for some clients -> Exchange). This has proven to be simple, robust and effective, and I know the Windows implementation is straightforward from the mail list (even though I don't use Windows internally). It sounds like Spam Assassin is a pain under Windows (I find Cygwin to be a bit of a pain myself and try to avoid it - why use it at all for a operate platform - just run Linux or *BSD). So my recommendation still remains ASSP - Digerati has used it, it is easy and works well, so all that is required is finding out why it was failing on his system, which the ASSP mail list would help with quickly. Jeff Jason J. Ellingson wrote: >ASSP is great and I applaud anyone using it... > >ASSP is easier to set up and use than SpamAssassin. I won't argue that. > >However, SpamAssassin offers everything ASSP does and more. > >In your post: > > > >>>It (ASSP) is far more efficient since it handles the SPAM check in the >>> >>> >SMTP session then closes it after a specified number of bytes > ><< SpamAssassin does the same. You insert your SpamC filter into Post-SMTP >and it will only check messages smaller than a specified size you can set. >You can also avoid running the filter for authenticated users (!aex). The >filter as well as SpamD has timeouts and triggers to return spam-identified >messages instantly when it scores high enough to be spam. > > > >>>It (ASSP) has far more options (RBL, filters, domain blocking, >>> >>> >whitelisting, etc.) > ><< So does SpamAssassin. You can use all the RBLs you like, enable disable >filters to your heart's content, add domains, email addresses, IPs, etc to >blacklists, and whitelists. > >Please, I don't mean to start a flame war. Please read the following which >I think is fair: > >ASSP is great! Simple to install and use - Great for novices and experts >alike! > >SpamAssassin is great! Slightly more powerful, but a lot more work to >install and use - Not for novices! > >Jason J Ellingson > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >Behalf Of Jeff Buehler >Sent: Thursday, September 08, 2005 7:12 PM >To: xmail@xmailserver.org >Subject: [xmail] Re: stopping spam > > >I would look more closely at what is causing the problem with ASSP and >continue to use that. I like it much better than Spam Assassin myself, >at least for use with XMail. It is far more efficient since it handles >the SPAM check in the SMTP session then closes it after a specified >number of bytes, and it has far more options (RBL, filters, domain >blocking, whitelisting, etc.). > >Jeff > >Eric Garnice wrote: > > > >>On 9/8/2005 5:16 PM Jason J. Ellingson wrote: >> >> >> >> >>>I have run SpamAssasin on Windows servers (both with ActivePerl and >>> >>> >CygWin) > > >>>and Linux servers. Running SpamAssassin on Linux (or other unix) runs >>> >>> >much > > >>>faster and more reliably than on Windows. >>> >>>I run XMail on a Windows server and SpamAssassin on a Fedora Core 4 >>> >>> >server. > > >>>Works like a charm. I wrote a SpamC filter for Windows XMail Post-Data >>>filter to use. >>> >>>If you are really limited to just one box, then you should try to run &g
[xmail] Re: stopping spam
I would look more closely at what is causing the problem with ASSP and continue to use that. I like it much better than Spam Assassin myself, at least for use with XMail. It is far more efficient since it handles the SPAM check in the SMTP session then closes it after a specified number of bytes, and it has far more options (RBL, filters, domain blocking, whitelisting, etc.). Jeff Eric Garnice wrote: >On 9/8/2005 5:16 PM Jason J. Ellingson wrote: > > >>I have run SpamAssasin on Windows servers (both with ActivePerl and CygWin) >>and Linux servers. Running SpamAssassin on Linux (or other unix) runs much >>faster and more reliably than on Windows. >> >>I run XMail on a Windows server and SpamAssassin on a Fedora Core 4 server. >>Works like a charm. I wrote a SpamC filter for Windows XMail Post-Data >>filter to use. >> >>If you are really limited to just one box, then you should try to run >>SpamAssassin using CygWin so you can make full use of DCC, Pyzor, Razor and >>such. I still have an out-dated (but useful) page hidden on my server that >>might help you... >> >>http://www.yourtech.net/documents/cw-sa/ >> >>I will (someday) write step by step instructions for install XMail for >>Windows, XMail-WAI (webmail and admin) for Windows, and SpamAssassin for >>Fedora Core 4. >> >>If you do decide to try Fedora Core 4, use YUM to install SpamAssassin. >>It'll give you a startup script for SpamAssassin and install it as a >>service. Also note that SpamAssassin doesn't run under root account... >>you'll need to create an account for it to run under... I named mine "spamd" >> >>Jason J Ellingson >> >> > >To my knowledge (and I have done some searching in the past), no one has >developed a decent XMail filter for SpamAssassin in serial mode on Windows. > >At work I'm forced to run my XMail relay directly on the Exchange server >and use Dario's XSpamC to call SpamAssassin on Fedora PPC on a Mac G4. >It's been flawless for over a year now. > >I don't think Digerati is going to find exactly what he's looking for. > >- Eric > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: stopping spam
How does ASSP "flake out" - I haven't had any problems with ASSP (running on FreeBSD 5.x, anyway). ASSP is the best solution I have found. Jeff Digerati Isabaddass wrote: >I am not sure if this got through the first time so here goes again. > > >What can I use that will not cost anything to stop spam at the server? > >I have tried to work with spamassassin for win32 on win2k and its >installed but how do I hook it to xmail? > >I have also used ASSP and it works for a while then flakes out and >will not work properly as a proxy for xmail. >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: duplicate email
Just to be clear, the senders in this case are sending to my local users. So, these are emails to my users that continue sending and sending until I finally either contact the sending ISP or block the domain. The SMAIL and SMTP logs simply show the same email being sent over and over, and then my users receive the mail over and over every time they check their email. So everything is normal except that the remote server keeps resending at regular intervals. I still suspect the remote servers are at fault since I rarely encounter this, but it is happening just enough that I am starting to wonder ... Sönke Ruempler wrote: >On 07.09.2005 19:57, Jeff Buehler wrote: > > > >>I could find no reference to this anywhere - I occasionally have senders >>that send, and the email does not stop sending, like a SPAM bomb, but >>these are valid senders. I assumed the first couple of times that it >>was something in the remote server configuration causing this, but this >>is the fifth or sixth time it has happened so it looks like my server >>may not be closing the session properly in SOME cases so the remote >>server just keeps sending over and over. >> >>Has anyone seen this behavior? I have a feeling it may be related to my >>ANTI-SPAM proxy which relays to XMail, but I'm not certain ... >> >> > >What do SMAIL and SMTP logs show in the case that happens? >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] duplicate email
Hi all - I could find no reference to this anywhere - I occasionally have senders that send, and the email does not stop sending, like a SPAM bomb, but these are valid senders. I assumed the first couple of times that it was something in the remote server configuration causing this, but this is the fifth or sixth time it has happened so it looks like my server may not be closing the session properly in SOME cases so the remote server just keeps sending over and over. Has anyone seen this behavior? I have a feeling it may be related to my ANTI-SPAM proxy which relays to XMail, but I'm not certain ... Thanks, Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: messages to yahoo and or hotmail does not get del ivered
You may have been right then, Rob - if you recently posted about having the exact same config I was thinking that that was Edinilson (I no longer have that email - oops) so that would make possibly three with this problem. He posted about this also, so I think I must be mixing you two up a bit. It sounds like what you are doing should help get to the bottom of it ... As Davide points out, though, it must be something either unrelated (or maybe indirectly related) to XMail since so few seem to have it. My suspicion is still that it isWindows specific, possibly Win 2000 specific, and that it has to do with some interaction between that XMail binary and DNS. But I can't test it easily (it would take a gun to my head to get me to set up a Win 2000 server at this point). Francis and Edinilson seem to only have the problem with Hotmail and Yahoo, so that is also strange that you have it with many domains rather than just those two. Rob, are you outdide the U.S.? Edinilson, are you seeing the problem with Windows 2000 also or with some other OS? What is your config since seem to have confused Robs with yours? Jeff Rob Arends wrote: >Ok, I hadn't noticed anyone other than Francis post they had the same issue >- must have missed it. >I didn't post config, but did say I have *exactly* the same config and >issue. (I think I even emphasised the 'exactly' then too.) > >Re the 'Cisco PIX' issue: > >http://www.postfix.org/faq.html#timeouts > >Cisco PIX "fixup protocol smtp" bug >The Cisco PIX firewall has a bug when running software older than version >5.2(4) or 6.0(1). > > >I never have 'fixup protocol smtp' on because it does not support ESMTP and >AUTH, so it kills authenticated SMTP sessions. Also 6.0.1 is really old, >I'm currently using 6.3.5 >Just to put perspective on the PIX issue, I install these thing for a living >and have never had to track down an SMTP issue like this, that ended up >being caused by the PIX. > >Back to the "DNS" issue: >I have ethereal running 24x7 on my mail server now (25 hrs so far), logging >to file. I have enough disk space to handle that for a while. I cleared >the cache on the w2k DNS server (different box) and on the mail server I >'flushed dns', emptied the 'mx' & 'ns' cache in xmail and restarted xmail. > >I then sent a test email to a user that I know has had problems. It all >worked as expected on the 'refreshed' environment - the mail was received. >Now I need to wait a few days? - not sure really how long - but eventually >the mails to this user will fail due to the A record being used in place of >the MX record. >At that point I'll collate and analyse the packet dumps and report my >findings. > >Note: the SmartDNSHost is inside my PIX firewall, so there is nothing but >LAN between the two servers. > >Rob :) > > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >Behalf Of Jeff Buehler >Sent: Sunday, September 04, 2005 12:50 AM >To: xmail@xmailserver.org >Subject: [xmail] Re: messages to yahoo and or hotmail does not get del >ivered > > >/-- I think you may be meaning me when you say "Edlinilson"./ > >No, I meant Edinilson. He has the same config as Francis, has what appears >to be exactly the same behavior, has verified that MS SMTP works where XMail >fails, and so on. > >You may be a third person seeing exactly the same behavior - your previous >two emails that I read discussing greenbaycc.org and intergraonline.com >seemed to be something else completely. There was another one you sent that >said you were seeing an A record problem as well, but you didn't send any >info about your configuration - type of system, whether or not it was with >everyone (as it sounds like it is) or just Hotmail and Yahoo (which, so far, >seems to be the problem that Francis and Edinilson are specifically having). >Little differences like that can easily mean that it is two entirely >different problems. > >You probably mentioned some of this in one of the previous threads, but >neither my memory nor my datastore go back that far, so: > >What is your configuration (win 2000, Linux, what DNS, etc.)? You're >problem sounds like XMail is using A records periodically when it should be >using MX records - this has been verified? It happens with other domains >periodically or consistently? Are Hotmail and Yahoo noticeably suspect, or >just as likely to fail as others? > >Jeff > > >Rob Arends wrote: > > > >>I think you may be meaning me when you say "Edlinilson". >> >>Re Point 6, I did mention that I have the problem with other
[xmail] Re: messages to yahoo and or hotmail does not get del ivered
/-- I think you may be meaning me when you say "Edlinilson"./ No, I meant Edinilson. He has the same config as Francis, has what appears to be exactly the same behavior, has verified that MS SMTP works where XMail fails, and so on. You may be a third person seeing exactly the same behavior - your previous two emails that I read discussing greenbaycc.org and intergraonline.com seemed to be something else completely. There was another one you sent that said you were seeing an A record problem as well, but you didn't send any info about your configuration - type of system, whether or not it was with everyone (as it sounds like it is) or just Hotmail and Yahoo (which, so far, seems to be the problem that Francis and Edinilson are specifically having). Little differences like that can easily mean that it is two entirely different problems. You probably mentioned some of this in one of the previous threads, but neither my memory nor my datastore go back that far, so: What is your configuration (win 2000, Linux, what DNS, etc.)? You're problem sounds like XMail is using A records periodically when it should be using MX records - this has been verified? It happens with other domains periodically or consistently? Are Hotmail and Yahoo noticeably suspect, or just as likely to fail as others? Jeff Rob Arends wrote: >I think you may be meaning me when you say "Edlinilson". > >Re Point 6, I did mention that I have the problem with other MTAs that have >an A record for the domain. >"aanet.com.au" is an example. So it is not just yahoo/hotmail. >Re point 7, I agree that Xmail is, and should be, very RFC compliant. > >I think the question is why is Xmail using the A record when there is a good >MX record? >I have asked Davide to elaborate on his comment for FireWall interference >and I'll see what I can do on a packet trace. > >Rob :) > >-----Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >Behalf Of Jeff Buehler >Sent: Saturday, September 03, 2005 1:50 AM >To: xmail@xmailserver.org >Subject: [xmail] Re: messages to yahoo and or hotmail does not get del >ivered > > >Hmmm - so far, you two are the only ones that are verified as having the >exact same problem sending to Yahoo and Hotmail - there may be others, but >we haven't verified that, is that correct? You both have the same >configuration (exactly, as Edinilson pointed out). So what do we know so >far? > >1. WIN 2000 service pack 4 >2. MS DNS from Win 2000 on a different system than XMail and presently using >SmartDNSHost (Edlinilson pointed out he seemed to have the problem even >without SmartDNSHost) >3. Neither of you is in the US (does this increase the likelihood of failed >connection attempts (?) or do these providers have systems spread globally >(?)) >4. XMail 1.21 (but Edinilson pointed out that other versions down to 1.17 >behaved the same way) >5. Francis has verified that with this configuration XMail seems to be using >A records on occasion when it should be using MX records >6. The problem is intermittent and ONLY happens with Hotmail and Yahoo >7. Edinilson has verified that the problem does not exist when using MS SMTP >to send from the same configuration, so it seems somehow related to XMail. >On this issue I have found XMail to be extremely RFC compliant (I think that >was one of Davides intentions) and it may be that MS SMTP is doing something >"extra" to overcome some known issue that we have yet to discover with >Hotmail, Yahoo, DNS, or something else. >8. Many or most others running XMail are not having this problem. It >remains to be seen if others running it on Windows 2000 do or don't. > >So here is what I would do if I were you: > >1. Try it on Windows 2003 server if you can - 2000 is starting to get a >little grey at the temples anyway. >2. Try it on Linux or *BSD (FreeBSD! FreeBSD!) > >If you still have the same problem with these configurations, then the >problem likely has to do with your infrastructure outside of the OS - some >funky problem that defies imagination, but that IT people are all quite >familiar with! You know, the kind of problem where you stand there with >your mouth hanging open and mutter: "huh?" and it never makes any sense, or >a distinction in the way it interacts with XMail that is unusual. > >Without being able to replicate the behavior, you have a very limited test >group - you two (so far!) If I could replicate the behavior, and had any >time left over after typing this email, then I would help, but at the moment >it is up to you! I don't think anyone is ignoring XMail under Windows, but >finding any possible bug without being able to easily replicate it is >extr
[xmail] Re: messages to yahoo and or hotmail does not get del ivered
It sounds like first the dump of XMail communications running under Win 2000, to see exactly where the time out or break occurs, and possibly also a dump of the FreeBSD firewall might help to see if that is part of the problem. Coordinating them might be a good idea so you can see the same XMail communication from both Win 2000 and the FreeBSD firewall occurring at the same time. FreeBSD command is tcpdump -i (netinterface) -c count -w path/to/filename (I was just messing around with it now) For Windows it looks like this tool might be helpful: http://www.winpcap.org/windump/ Sönke, Davide, do you agree with that? Jeff Edinilson J. Santos wrote: >Our firewall gateway is a freebsd. >Which level of tcpdump do you want? > >I can send you everything that you want, just tell me what. > >Edinilson >- >ATINET-Professional Web Hosting >Tel Voz: (0xx11) 4412-0876 >http://www.atinet.com.br > > >- Original Message - >From: "Davide Libenzi" >To: >Sent: Friday, September 02, 2005 1:50 PM >Subject: [xmail] Re: messages to yahoo and or hotmail does not get del >ivered > > >On Fri, 2 Sep 2005, Sönke Ruempler wrote: > > > >>On 02.09.2005 17:07, Davide Libenzi wrote: >> >> >> >>>In the hotmail case, that sure has DNS configured like it should, the MX >>>resolution is not a problem (like you can see from the logs posted). The >>>"End of stream data" error, is something you linked to problem in the >>>link >>>between XMail and the remote SMTP server. And the fact that happens on an >>>handfull of setups out of many tenths of thousands, shows that is somehow >>>related with network setups. >>> >>> >>Some tcpdump logs could help ... >> >> > >I asked them. Have you seen them? > > >- Davide > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: messages to yahoo and or hotmail does not get del ivered
What would you look for in a tcpdump like this? I am technical (years of c/c++/PHP/Perl programming) but I am clueless about tcpdumps... pardon my ignorance! Jeff Sönke Ruempler wrote: >On 02.09.2005 17:07, Davide Libenzi wrote: > > > >>In the hotmail case, that sure has DNS configured like it should, the MX >>resolution is not a problem (like you can see from the logs posted). The >>"End of stream data" error, is something you linked to problem in the link >>between XMail and the remote SMTP server. And the fact that happens on an >>handfull of setups out of many tenths of thousands, shows that is somehow >>related with network setups. >> >> > >Some tcpdump logs could help ... >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: messages to yahoo and or hotmail does not get del ivered
Hmmm - so far, you two are the only ones that are verified as having the exact same problem sending to Yahoo and Hotmail - there may be others, but we haven't verified that, is that correct? You both have the same configuration (exactly, as Edinilson pointed out). So what do we know so far? 1. WIN 2000 service pack 4 2. MS DNS from Win 2000 on a different system than XMail and presently using SmartDNSHost (Edlinilson pointed out he seemed to have the problem even without SmartDNSHost) 3. Neither of you is in the US (does this increase the likelihood of failed connection attempts (?) or do these providers have systems spread globally (?)) 4. XMail 1.21 (but Edinilson pointed out that other versions down to 1.17 behaved the same way) 5. Francis has verified that with this configuration XMail seems to be using A records on occasion when it should be using MX records 6. The problem is intermittent and ONLY happens with Hotmail and Yahoo 7. Edinilson has verified that the problem does not exist when using MS SMTP to send from the same configuration, so it seems somehow related to XMail. On this issue I have found XMail to be extremely RFC compliant (I think that was one of Davides intentions) and it may be that MS SMTP is doing something "extra" to overcome some known issue that we have yet to discover with Hotmail, Yahoo, DNS, or something else. 8. Many or most others running XMail are not having this problem. It remains to be seen if others running it on Windows 2000 do or don't. So here is what I would do if I were you: 1. Try it on Windows 2003 server if you can - 2000 is starting to get a little grey at the temples anyway. 2. Try it on Linux or *BSD (FreeBSD! FreeBSD!) If you still have the same problem with these configurations, then the problem likely has to do with your infrastructure outside of the OS - some funky problem that defies imagination, but that IT people are all quite familiar with! You know, the kind of problem where you stand there with your mouth hanging open and mutter: "huh?" and it never makes any sense, or a distinction in the way it interacts with XMail that is unusual. Without being able to replicate the behavior, you have a very limited test group - you two (so far!) If I could replicate the behavior, and had any time left over after typing this email, then I would help, but at the moment it is up to you! I don't think anyone is ignoring XMail under Windows, but finding any possible bug without being able to easily replicate it is extremely difficult... Jeff CLEMENT Francis wrote: > > > >>-Message d'origine- >>De : Edinilson J. Santos [mailto:[EMAIL PROTECTED] >>Envoyé : vendredi 2 septembre 2005 15:02 >>À : xmail@xmailserver.org >>Objet : [xmail] Re: messages to yahoo and or hotmail does not get >>delivered >> >> >> >> >.. >.. >.. > > >>I'm discarding DNS problems. >> >>Thanks >> >>Edinilson >>- >>ATINET-Professional Web Hosting >>Tel Voz: (0xx11) 4412-0876 >>http://www.atinet.com.br >> >> >> > >Me too ... > >Francis >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: messages to yahoo and or hotmail does not get del ivered
Hmmm - thats interesting. The only aspect of your configuration that I have no experience with is SmartDNSHost pointing to another system for DNS resolution - I have never used SmartDNSHost. Have you tried turning that off? Have you tried pointing it to another DNS server, such as one provided by your ISP, especially a non-MS DNS solution just to verify it has nothing to do with that? Hotmail and Yahoo are both very busy, and very slow. I would consider latency issues when trying to resolve problems with these domains, although using an A record rather than an MX record wouldn't seem to be related to that. Jeff CLEMENT Francis wrote: > > > >>-Message d'origine- >>De : jonn ah [mailto:[EMAIL PROTECTED] >>Envoyé : mercredi 31 août 2005 10:31 >>À : xmail@xmailserver.org >>Objet : [xmail] Re: messages to yahoo and or hotmail does not get >>delivered >> >> >> >> >> >>Hi all, >> >>would downgrading to a previous xmail version solve this >>hotmail/yahoo problem? if so, is there a repository for >>other rpm versions? >> >> >> >> >> > >Not sure ... As I said, I never encourated this problem with 1.17 but don't >know if 1.18 or 1.19 or 1.20 have the problem. >And as at 1.17 time my server didn't have exactly the same patchs available >for w2k as current setup with xmail 1.21 I'm not sure this is a xmail >problem ... could be a dns server problem introduced by a os patch ... >But I can't revert back to 1.17 as now I use smtp filters in production >The 'test' to do is to revert back to 1.17 on a 'up to date' (all patchs) on >a test server, and see if problem occurs. If no, os patchs don't introduce >the problem so next test is to install 1.18 then 1.19 ... until problem >occurs again. >It's time consumming because the problem comes 'randomly' > >Francis >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: messages to yahoo and or hotmail does not get delivered
Some people are distinctly having this problem with 1.21, and others are distinctly not having this problem with 1.21? Sounds fishy to me - there must be some sort of common attribute of the systems that are having the problem... it is also suspect because it is intermittent, and so there is a big difference between a consistent problem with Hotmail/MSN and a different consistent problem with Hotmail AND Yahoo, so fine grained analysis seems to me the only solution. For example, what exactly is the common error. I have hundreds (or more) emails being sent to Yahoo and Hotmail every day without any difficulty running1.21 from a FreeBSD system with BIND. Are you absolutely certain that the problem you had with MSN/Hotmail on your Fedora system is the same problem that the others are seeing? If there is a problem that is clearly identifiable I would think that very specific information would be necessary to track it down - what is the (exact) OS, is BIND being run by anyone that has seen this problem (and can identify it as the same problem exactly), and so on. This was basically what I put forward last time, but there was no real "hard data" to go on, so the thread just died. The only alternative I see is hard-core debugging on production systems, which wouldn't appeal to me very much. Jeff Joe Harrell wrote: >No, not "all", I had this problem with Hotmail/MSN and worked around it the >same way as the others by using another SMTP server. Actually ended up >sending out everything that way, rather than fight with those that won't go >on a case by case basis. > Running Linux (Fedora) and current version of Xmail. > > On 8/30/05, Jeff Buehler <[EMAIL PROTECTED]> wrote: > > >>I remember this topic too. The only thing I thought strange at the >>time, and still do, is that many users of 1.21 are not affected by this >>problem at all (myself being an example), and so there must be something >>related in the systems of those who do have the problem. I am not >>saying any of these things are the cause (I have no idea) but I remember >>thinking that many (all?) were running Windows Systems and that many >>were coming from outside the U.S.. Perhaps the problem is with the >>Windows binary, or the way it interacts with Microsoft DNS? Maybe there >>is something else related? It seems to me it might be helpful if people >>with this problem published relevant system data so that we can see what >>the commonalities are to isolate the problem... just a thought. >> >>Jeff >> >>Edinilson J. Santos wrote: >> >> >> >>>I'm using the same solution that Francis described without problems. >>> >>>Try to search in the list about this topic. I'm the first that related it >>>few months ago. >>> >>>Edinilson >>>- >>>ATINET-Professional Web Hosting >>>Tel Voz: (0xx11) 4412-0876 >>>http://www.atinet.com.br >>> >>> >>>- Original Message - >>>From: "CLEMENT Francis" <[EMAIL PROTECTED]> >>>To: >>>Sent: Tuesday, August 30, 2005 9:22 AM >>>Subject: [xmail] Re: messages to yahoo and or hotmail does not get >>> >>> >>delivered >> >> >>> >>> >>>This problem was previously reported on this mailing list. >>>Seems (but not completly clarified/debugged at this time) 'xmail 1.21' >>> >>> >>have >> >> >>>some problems with some 'domains' zones setup (hotmail and yahoo in most >>>cases). >>>Seems xmail or dns server or tcp stack ? finaly choose the domain A >>> >>> >>record >> >> >>>and not the MX record for the domain in some cases ! even if a nslookup >>> >>> >>or >> >> >>>dig get the correct response ... >>> >>>I had the same problem, and configured xmail to allways use a smtp >>> >>> >>gateway >> >> >>>(a iis smtp server on another computer using the same dns server for >>> >>> >>final >> >> >>>delivery !!) to temporary resolve sending to these domains (especialy >>>hotmail ...) >>> >>>So, if you isp provide you a smtp gateway, tell xmail to deliver to it >>> >>> >>and >> >> >>>let the isp smtp server do the job. >>>Put this line in smtpfwd.tab (replace a.b.c.d with you isp smtp server) : >>> &
[xmail] Re: messages to yahoo and or hotmail does not get delivered
I remember this topic too. The only thing I thought strange at the time, and still do, is that many users of 1.21 are not affected by this problem at all (myself being an example), and so there must be something related in the systems of those who do have the problem. I am not saying any of these things are the cause (I have no idea) but I remember thinking that many (all?) were running Windows Systems and that many were coming from outside the U.S.. Perhaps the problem is with the Windows binary, or the way it interacts with Microsoft DNS? Maybe there is something else related? It seems to me it might be helpful if people with this problem published relevant system data so that we can see what the commonalities are to isolate the problem... just a thought. Jeff Edinilson J. Santos wrote: >I'm using the same solution that Francis described without problems. > >Try to search in the list about this topic. I'm the first that related it >few months ago. > >Edinilson >- >ATINET-Professional Web Hosting >Tel Voz: (0xx11) 4412-0876 >http://www.atinet.com.br > > >- Original Message - >From: "CLEMENT Francis" <[EMAIL PROTECTED]> >To: >Sent: Tuesday, August 30, 2005 9:22 AM >Subject: [xmail] Re: messages to yahoo and or hotmail does not get delivered > > > > >This problem was previously reported on this mailing list. >Seems (but not completly clarified/debugged at this time) 'xmail 1.21' have >some problems with some 'domains' zones setup (hotmail and yahoo in most >cases). >Seems xmail or dns server or tcp stack ? finaly choose the domain A record >and not the MX record for the domain in some cases ! even if a nslookup or >dig get the correct response ... > >I had the same problem, and configured xmail to allways use a smtp gateway >(a iis smtp server on another computer using the same dns server for final >delivery !!) to temporary resolve sending to these domains (especialy >hotmail ...) > >So, if you isp provide you a smtp gateway, tell xmail to deliver to it and >let the isp smtp server do the job. >Put this line in smtpfwd.tab (replace a.b.c.d with you isp smtp server) : > >"*" "a.b.c.d:25" > >As I said previously I have to get some tcp dumps to help understand the >problem when xmail resolves by itself on these domains but my xmail server >is in 'production' (for customers) and i can't test with it for this >delivery problem so I need to find time to run another server on another >'dummy' domain ... > >Francis > > > > >>-Message d'origine- >>De : David Lord [mailto:[EMAIL PROTECTED] >>Envoyé : mardi 30 août 2005 12:33 >>À : xmail@xmailserver.org >>Objet : [xmail] Re: messages to yahoo and or hotmail does not get >>delivered >> >> >>On 29 Aug 2005, at 3:33, jonn ah wrote: >> >> >> >>>Hi all, >>> >>>we're using xmail's pop3 and smtp service but when we try to send >>>messages to either yahoo or hotmail, the messages does not >>> >>> >>seem to get >> >> >>>delivered...Is there a default blacklist list that xmail >>> >>> >>automatically >> >> >>>throws out messages to yahoo or hotmail to /dev/null? using tail -f >>>/var/log/messages gives me nothing...I can however, send to other >>>domains without any problems... >>> >>>any ideas? >>> >>> >>>thanks! >>> >>> >>Possibly they both have tighter requirements on sender >>authentication, RDNS, SPF etc. >> >>David >> >>- >>To unsubscribe from this list: send the line "unsubscribe xmail" in >>the body of a message to [EMAIL PROTECTED] >>For general help: send the line "help" in the body of a message to >>[EMAIL PROTECTED] >> >> >> >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Official 'Powered by XMail Banner' ...
I like the 3d look myself, so "http://www.fonsy.com/XMail_IAN88x31.2.jpg"; is also my vote. It's also relatively easy to read at a small size, and uses elements of the original logo so that "brand recognition" is maintained. Jeff Davide Libenzi wrote: >On Sat, 27 Aug 2005, Rob Arends wrote: > > > >>Well, I think that settles it. >> >>Davide has spoken! >> >>The winner is: http://www.fonsy.com/XMail_IAN88x31.2.jpg >> >> > >That's only my preference though. Let's say that my vote count 5 :=) > > >- Davide > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Xmail filter with ClamAV
As far as I know, it does. ASSP greylisting is a bit of a mystery to me, though, to be honest, so this aspect you should research. I don't think it is using greylisting in the same way as XMail does but I am not really certain (there is some sort of a greylist download that occurs and is used, rather than the refuse/send mechanism that is the kind of greylisting XMail uses). As far as I know all of the scanning takes place during the SMTP session, as I mentioned - 15K (or whatever you specify - many users swear by just using 5k) is allowed through then the Bayesian filter makes a determination. I am pretty certain that the greylisting mechanism is actually invoked prior to this, so it is more or less the first thing that happens. There is also SPF checking, RBL checking, proper header construct verification, verification against an LDAP lookup (if desired) and other stuff. After training ASSP, users have the option to receive SPAM marked (which I discourage since the entire mail has to be dealt with then, which is inefficient) or to have it refused, or to not have it scanned at all if outside corporate policy on that. Because the whitelisting mechanism is so robust, and the Bayesian filter quite solid, I have had almost no complaints about false positives. I presently have about 4000 emails go through a day with something like 90 users, all remote - I provide filtering for a small corporation and operate as a web/email host as well. Inevitably with this number of users some people want mail from Costco and some people don't, so there is no perfect solution. Jeff John Kielkopf wrote: >Jeff Buehler wrote: > > > >>I simply disallow email of greater than 5 mb (that was my cutoff >>exactly!) - email is not ideal for large file transfers for a number of >>reasons, so I discourage it. >> >> >> >> >I agree, however some of my users may say otherwise ;) > >I was thinking about scanning all messages <2MB durring the SMTP >session, and then scanning the few larger ones off-line at low >priority. Currently I just don't scan anything > 5MB. > > > >>The accuracy I >>have had once properly configured is exceptional (98-99%) - in ASSP >>whitelisting is very important and automated which helps a lot. I >>prefer it over Spam Assassin myself. >> >> >> >> >Do you get many complaints about false positives? Roughly how many >users do you have? > >I prefer to do most of my antispam in the SMTP envelope, before the DATA >phase. It's just a waste of bandwidth otherwise. Do you know if >greylisting in ASSP does this? > >Thanks, >--John > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > -- Buehler Technologies 19 Circle Drive - San Rafael, CA 94901 415.459.4677 - [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Xmail filter with ClamAV
I simply disallow email of greater than 5 mb (that was my cutoff exactly!) - email is not ideal for large file transfers for a number of reasons, so I discourage it. However, if you need to allow larger emails, then I'm not certain how different your situation is - ASSP does a significant amount of filtering (greylisting, etc.) and can actually do virus scanning as well and much more efficiently since it only scans the first X number of bytes of an email (but not compressed archives). Any thorough anti-virus scan (that I am aware of) will risk time outs for really large files that get to them. ClamSMTP is very thorough (using clamAV to do the scanning, including archives and so on) so it needs to be carefully configured and has the potential to cause problems. ASSP is great for anti-spam since it scans the first X bytes (I have mine set to 15k) of a mail and then simply refuses it (sending a SPAM error to the sender) if it is determined to be SPAM, significantly lowering the overhead associated with SPAM scanning. The accuracy I have had once properly configured is exceptional (98-99%) - in ASSP whitelisting is very important and automated which helps a lot. I prefer it over Spam Assassin myself. Jeff John Kielkopf wrote: >Jeff Buehler wrote: > > > >> Hi John - >> >>I use clamSMTP - it is c based proxy that is very lightweight and easy >>to use. I also use ASSP in front of this for anti-spam (so sender -> >>ASSP -> clamSMTP -> XMail -> sendee). As it turns out, after testing, >>the emails didn't even reach my anti-virus because ASSP blocked all of >>the attachments, but I am reasonably certain that it would have caught >>all of them regardless - I have had great success with clamSMTP. >> >>Jeff >> >> >> >Are you stripping all attachments with ASSP? If not, how does clamSMTP >react to large (>5MB) attachments? Does it just not scan them, or does >it risk a time-out? > >I currently use a combination of blacklisting and greylisting (and of >course some white listing) in a pre-data filter, so actually very few >viruses do make it to the scanner. Though some aggressive viruses have >managed to pound their way through the greylist before they end up on a >blacklist. > >clamSMTP would require me to do all my antispam with something like >ASSP, as you've suggested, and possibly complicate things like shutting >off antispam and/or antivirus at a per user level (something we do quite >often) - but it is something to think about. > >Still, the perfectionist in me still wants to get my script working well >(and fast - many of our users tend to send large attachments via email). > Moving AV back to a mailproc.tab filter and scanning off-line may be >what I have to do. > >--John > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > -- Buehler Technologies 19 Circle Drive - San Rafael, CA 94901 415.459.4677 - [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Xmail filter with ClamAV
Hi John - I use clamSMTP - it is c based proxy that is very lightweight and easy to use. I also use ASSP in front of this for anti-spam (so sender -> ASSP -> clamSMTP -> XMail -> sendee). As it turns out, after testing, the emails didn't even reach my anti-virus because ASSP blocked all of the attachments, but I am reasonably certain that it would have caught all of them regardless - I have had great success with clamSMTP. Jeff John Kielkopf wrote: >Anyone else scanning mail with ClamAV? > >With just telling ClamAV to scan the "message file" supplied by Xmail, >It'll miss a number of the test from http://www.webmail.us/testvirus > >If I build a new temp file to scan doing the following: > - Strip "<>" and everything before > - Add a "Return-Path: " header to the top. > - Detect and fix a bad EOH (no double "CRLF" before the start of the >message body) > >I can then get ClamAV to pass all of the tests that contain a virus. >(#24 and #24 get past, but they contain no virus). > >Is it possible to get ClamAV to hit the target without all of this? I'd >like to avoid the overhead of building a new file every time I want to >scan it. > >Thanks, >--John > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > -- Buehler Technologies 19 Circle Drive - San Rafael, CA 94901 415.459.4677 - [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Can't send email from outside of my LAN
Try telneting to the SMTP port (25) to make certain it isn't blocked. Your ISP may be blocking port 25 (most of them are these days). i.e. telnet mail.yourdomain.com 25 or by ip telnet xx.xxx.xxx.xx 25 Jeff Larry Azlin wrote: >Greetings. > >I run Xmail 1.21 on a SUSE 9.0 box to host my personal email >(azlin.com), and all's well if the laptop running my email client >(Thunderbird) is on my LAN. Recently I've been taking the laptop over >to a friend's house and trying to send email from there, w/o success. >I can GET email from my Xmail server, I just can't SEND through it. > >I've modified smtprelay.tab to include the ip at my friend's house, so >it now looks like: > >"192.168.0.0"[TAB]"255.255.0.0" >"xxx.xxx.xxx.0"[TAB]"255.255.255.0" > >And I've verified that smtp.ipmap.tab is correct: > >"0.0.0.0"[TAB]"0.0.0.0"[TAB]"ALLOW"[TAB]1 > >Just to be sure, I've also looked at my pop3 log files and verified >that I've got his ip address correct. Yet, when I try to send email, >there's a long delay while Thunderbird is trying to send, and I get an >"unable to access server" type of message. I'm betting that there's >something simple which I need to do in addition to the above changes > can anyone point me in the right direction? > >TIA, >Larry Azlin > >P.S. I restarted Xmail after these changes. > >__ >Do You Yahoo!? >Tired of spam? Yahoo! Mail has the best spam protection around >http://mail.yahoo.com >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Suppress NDRs
By the way, Sönke, the solution you outlined is working perfectly - thanks! Jeff Sönke Ruempler wrote: >Hi Eric, > >On 18.07.2005 20:38, Eric Garnice wrote: > > > >>I have an XMail server in front of an Exchange server solely doing >>SpamAssassin. A problem arises where missed spam is sent to a bogus user on >>the domain where the from address is a valid distribution group on the same >>domain. The result is everyone on the distribution group receiving a copy >>of the non-delivery report. Is there any way to prevent these reports to be >>sent to valid users? >> >> > >I guess the problem you have is very similar to Jeff Buehler's thread >one day ago and you maybe want to read that ;-) >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: undeliverable message auto delete
Thanks! I'm doing it right now ... Jeff Sönke Ruempler wrote: >Jeff, > >On 17.07.2005 23:10, Jeff Buehler wrote: > > >>Thanks, Sönke - >> >>I was hoping to keep them in the queue for awhile, but I am collecting >>500 or more undeliverables a day presently since I am forwarding to a >>domain that is getting heavily spammed. >> >>When spammers send spam to bogus users at the busy Exchange server I am >>forwarding to, it predicatably sends back the "user doesn't exist" >>message, then xmail correctly attempts to send that back to the spammer >>who, of course, doesn't accept incoming mail, and so the message is >>undelivered. >> >>Are you aeware of a better way to handle this sort of interaction? I >>could create a user to match every user on the Exchange server and at >>least cut out a hop, but XMail will still then try to send the "no user >>by that name" reply back to the spammer. I guess it's important to >>notify valid senders to the domain that a given user doesn't exist, >>though... Is that an RFC requirement? >> >> > >My solution is to setup a cmdaliases file for each user that is being >forwarded. So your mail server does not send bogus bounce mails into the >internet. It's quite simple because XMail then sends directly "550 user >not found" in the SMTP session. So there is _NO_ bounce mail generated >and your Exchange server gets only these messages that it can handle. > >And if there is a non-spam sender that types a wrong mail adress he'll >get a bounce message from the server that tries to send to yours. > >I hope you got the advantage of that way. > >And note: Some providers are blacklisting servers with high bounce >volumes. So someone - aware or unaware - could exploit your mailserver >with wrong sender addresses and wrong rcpt addresses. now your >mailserver weirdly sends out bounces back to the faked sender mailserver >and could get blacklisted. > >So it's always a good idea to use forwarding for each user and not for >whole domains. That differs the lame admins from the good ones *SCNR* >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: undeliverable message auto delete
Thanks, Sönke - I was hoping to keep them in the queue for awhile, but I am collecting 500 or more undeliverables a day presently since I am forwarding to a domain that is getting heavily spammed. When spammers send spam to bogus users at the busy Exchange server I am forwarding to, it predicatably sends back the "user doesn't exist" message, then xmail correctly attempts to send that back to the spammer who, of course, doesn't accept incoming mail, and so the message is undelivered. Are you aeware of a better way to handle this sort of interaction? I could create a user to match every user on the Exchange server and at least cut out a hop, but XMail will still then try to send the "no user by that name" reply back to the spammer. I guess it's important to notify valid senders to the domain that a given user doesn't exist, though... Is that an RFC requirement? In the meantime, I am going to turn on RemoveSpoolErrors as you mentioned just so I don't have to go empty out the undeliverable queue every three days manually. Thanks again! Jeff Sönke Ruempler wrote: >Hi Jeff, > >On 17.07.2005 22:53, Jeff Buehler wrote: > > > >>Does anyone know of an existing solution for the auto-deletion of >>undeliverable messages in XMail? I am running FreeBSD. >> >>Writing something to remove them all periodically would be pretty easy, >>but I would like something that allows a settable "time to collect dust" >>before removing undeliverables in the FROZ directory, which seems like >>it might be useful to a lot of people. I guess this wouldn't be too >>difficult to write either - just query the present date against the mail >>creation date. But it would still be easier to use someone elses >>already working solution, if one exists! >> >> > >The only switch that XMail provides at present is the server.tab variable: > >[RemoveSpoolErrors] >Indicate if mail has to be removed or stored in 'froz' directory >after a failure in delivery or filtering. > >So errors are removed just in time. >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] undeliverable message auto delete
Hi all - Does anyone know of an existing solution for the auto-deletion of undeliverable messages in XMail? I am running FreeBSD. Writing something to remove them all periodically would be pretty easy, but I would like something that allows a settable "time to collect dust" before removing undeliverables in the FROZ directory, which seems like it might be useful to a lot of people. I guess this wouldn't be too difficult to write either - just query the present date against the mail creation date. But it would still be easier to use someone elses already working solution, if one exists! Thanks, Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: smtp greeting helodomain
Hi Sönke - When I change [SmtpServerDomain] by adding the prefix (mail2) then the resulting greeting is: [EMAIL PROTECTED] Is that correct? I wasn't expecting the numeric value before the domain... Jeff Jeff Buehler wrote: >Hi Sönke - > >Thanks for your reply - >Presently my [SmtpServerDomain] is set to buehlertech.net, does it >require the prefix (i.e. mail or mail2.buehlertech.net)? > >Jeff > > > >Sönke Ruempler wrote: > > > >>On 15.07.2005 21:31, Jeff Buehler wrote: >> >> >> >> >>>Hi everyone - >>> >>>I am running XMail 1.21 on FreeBSD 5.4 - everything runs great. However, >>>although HeloDomain is set (to mail.buehlertech.net and >>>mail2.buehlertech.net) my greeting remains, for example, >>><[EMAIL PROTECTED]>. I assume the prefix is random. >>> >>>If I remove helodomain, I get the same kind of response, even though I >>>have a proper PTR (reverse) record for each of these domains. >>> >>> >>> >>> >>HeloDomain is what what your server sends if it's connecting to a remote >>server. >> >>What you whant is: >> >>[SmtpServerDomain] >> If set, forces the domain name XMail uses inside the ESMTP banner >>used to support CRAM-MD5 ESMTP authentication. >> >>Try that please. >>- >>To unsubscribe from this list: send the line "unsubscribe xmail" in >>the body of a message to [EMAIL PROTECTED] >>For general help: send the line "help" in the body of a message to >>[EMAIL PROTECTED] >> >> >> >> >> >> > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: smtp greeting helodomain
Hi Sönke - Thanks for your reply - Presently my [SmtpServerDomain] is set to buehlertech.net, does it require the prefix (i.e. mail or mail2.buehlertech.net)? Jeff Sönke Ruempler wrote: >On 15.07.2005 21:31, Jeff Buehler wrote: > > >>Hi everyone - >> >>I am running XMail 1.21 on FreeBSD 5.4 - everything runs great. However, >>although HeloDomain is set (to mail.buehlertech.net and >>mail2.buehlertech.net) my greeting remains, for example, >><[EMAIL PROTECTED]>. I assume the prefix is random. >> >>If I remove helodomain, I get the same kind of response, even though I >>have a proper PTR (reverse) record for each of these domains. >> >> > >HeloDomain is what what your server sends if it's connecting to a remote >server. > >What you whant is: > >[SmtpServerDomain] >If set, forces the domain name XMail uses inside the ESMTP banner >used to support CRAM-MD5 ESMTP authentication. > >Try that please. >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] smtp greeting helodomain
Hi everyone - I am running XMail 1.21 on FreeBSD 5.4 - everything runs great. However, although HeloDomain is set (to mail.buehlertech.net and mail2.buehlertech.net) my greeting remains, for example, <[EMAIL PROTECTED]>. I assume the prefix is random. If I remove helodomain, I get the same kind of response, even though I have a proper PTR (reverse) record for each of these domains. Any ideas? Thanks, Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: pop before smtp
At first I thought that was a question I should just go ahead and answer without bothering to double check my Thunderbird configuration, because I was certain that it isn't doing SMTP authentication. As it turns out, it is - at some point I actually checked the box to do so, and I have no idea when (obviously I was sleepwalking). That means that I either have roughly 50 users who can't send mail and don't seem to care enough to bother letting me know, or by some small miracle they figured out to get their email clients to do SMTP authentication, which I have a hard time believing. But then this week has been full of strange suprises! Thanks for snapping me out of yet another misconception... I can only assume at this point that Rob was correct in pointing out that I have to use SMTP authentication now across the board since my SMTP and POP3 are coming in and going out of different IP:PORT combinations. Clarity at last... :) Jeff Sönke Ruempler wrote: >[EMAIL PROTECTED] <> wrote on Thursday, July 07, 2005 2:16 >AM: > > > >>Maybe its some sort of security related bug in Thunderbird >>that allows >>it to authenticate across 2 different IP's? >> >> > >Are you sure that TB does not send SMTP auth? What tell the SMTP logs? >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: pop before smtp
Hmmm - that makes sense. I wonder why Thunderbird has no problem doing popb4, though ... it works as before doing popb4. ASSP does something a bit unusual in that it operates as a proxy, so i'm not certain it is technically providing SMTP but might be doing some sort of passthrough. XMail is active at 127.0.0.1:25, 192.168.1.13:110 and ASSP at 192.168.13:25, so your thought makes sense since XMail is technically listening on two different IPs even though one is 25 and the other is 110. Maybe its some sort of security related bug in Thunderbird that allows it to authenticate across 2 different IP's? Thanks, Rob... Jeff Rob Arends wrote: >Jeff, your email below answers it. > >How can xmail correlate the popb4smtp, if the smtp is actually ASSP. >POPb4 only works if the same server is running both port 25 and port 110. >In your case xmail will see the smtp connection coming from ASSP, not the >MUA. > >Rob :-) > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >Behalf Of Jeff Buehler >Sent: Thursday, July 07, 2005 4:59 AM >To: xmail@xmailserver.org >Subject: [xmail] Re: pop before smtp > > >Nah! ASSP (anti spam smtp proxy) is actually a great opensource >anti-spam proxy tool that (as it tunrs out) runs under Linux, FreeBSD >and Windows. It loads a specified number of bytes of a given mail then >refuses the connection based on a bayesian determination of spam, RBL, >etc. instead of downloading the whole thing (unless you want it to). It >has RBL, whitelisting, greylisting, SPF, web-based interface, limited >anti-virus (which I don't use), and its fast and reasonably simple to >install. The only thing that would make it better (in my opinion) is if >it were written in c/c++ instead of Perl. I like it quite a bit better >than SpamAssassin myself. > >At any rate, it appears I was wrong about the smtp authentication OR >popb4 and it is actually popb4 AND smtp authentication, which is kool. >So now I know. I will instruct my users to start using SMTP >authentication because, as another use kindly pointed out recently, why not? > >Thanks again for your input, Davide! > >Jeff > > > >Davide Libenzi wrote: > > > >>On Tue, 5 Jul 2005, Jeff Buehler wrote: >> >> >> >> >> >>>Yes, the email client (in this case Thunderbird and numerous other >>>external email clients) must be doing pop before smtp since I have never >>>enabled true SMTP authentication (even though I would like to, but that >>>is another story), and none of my testing has included setting password >>>authentication for SMTP. >>> >>>The part that suprised me is that I am not set up to do real SMTP >>>authentication (only pop before), but when going through the ASSP proxy >>>running on the same system as XMail, SMTP authentication not only works >>>with at least some email clietns but is actually required for some. >>>Perhaps this is expected behavior, but I thought it was an either/or >>>sort of thing. >>> >>>So, ASSP -> Xmail with pop before SMTP works with Thunderbird (at >>>least), but in Outlook 2003 and Mac OS X Mailtool (at least) SMTP >>>authentication is required for proper authentication. This was not the >>>case when ASSP was on a seperate IP and a seperate platform - with that >>>config, pop before SMTP worked for all these email clients. Also this >>>was not the case when ASSP was not in the picture (so obviously it has >>>something to do with ASSP -> XMail). >>> >>> >>> >>> >>Then remove ASSP (whatever it is) :=) >> >> >>- Davide >> >>- >>To unsubscribe from this list: send the line "unsubscribe xmail" in >>the body of a message to [EMAIL PROTECTED] >>For general help: send the line "help" in the body of a message to >>[EMAIL PROTECTED] >> >> >> >> >> >> > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: pop before smtp
That was my guess too (that ASSP was the culprit), as I mentioned in my first mails about it, but I thought I would check and see if anyone had any ideas. The strange part is the timing issue - across a LAN no problem, but locally certain email clients fail to do popb4smtp (and other ones do not), so it would seem to be an issue of ASSP not waiting properly for an authentication response or something. At any rate, I am satisfied with the solution of SMTP authentication now that I know it is not abnormal behavior to have it working. Thanks, Jeff Sönke Ruempler wrote: >On 06.07.2005 20:59, Jeff Buehler wrote: > > >>Nah! ASSP (anti spam smtp proxy) is actually a great opensource >>anti-spam proxy tool that (as it tunrs out) runs under Linux, FreeBSD >>and Windows. It loads a specified number of bytes of a given mail then >>refuses the connection based on a bayesian determination of spam, RBL, >>etc. instead of downloading the whole thing (unless you want it to). It >>has RBL, whitelisting, greylisting, SPF, web-based interface, limited >>anti-virus (which I don't use), and its fast and reasonably simple to >>install. The only thing that would make it better (in my opinion) is if >>it were written in c/c++ instead of Perl. I like it quite a bit better >>than SpamAssassin myself. >> >>At any rate, it appears I was wrong about the smtp authentication OR >>popb4 and it is actually popb4 AND smtp authentication, which is kool. >>So now I know. I will instruct my users to start using SMTP >>authentication because, as another use kindly pointed out recently, why not? >> >> > >I guess if you encounter this problem again, you should dump the traffic >with tcpdump or whatever. Maybe we can help you then. But IMHO that >sounds not like a XMail problem but a "ASSP"'s. >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: pop before smtp
Nah! ASSP (anti spam smtp proxy) is actually a great opensource anti-spam proxy tool that (as it tunrs out) runs under Linux, FreeBSD and Windows. It loads a specified number of bytes of a given mail then refuses the connection based on a bayesian determination of spam, RBL, etc. instead of downloading the whole thing (unless you want it to). It has RBL, whitelisting, greylisting, SPF, web-based interface, limited anti-virus (which I don't use), and its fast and reasonably simple to install. The only thing that would make it better (in my opinion) is if it were written in c/c++ instead of Perl. I like it quite a bit better than SpamAssassin myself. At any rate, it appears I was wrong about the smtp authentication OR popb4 and it is actually popb4 AND smtp authentication, which is kool. So now I know. I will instruct my users to start using SMTP authentication because, as another use kindly pointed out recently, why not? Thanks again for your input, Davide! Jeff Davide Libenzi wrote: >On Tue, 5 Jul 2005, Jeff Buehler wrote: > > > >>Yes, the email client (in this case Thunderbird and numerous other >>external email clients) must be doing pop before smtp since I have never >>enabled true SMTP authentication (even though I would like to, but that >>is another story), and none of my testing has included setting password >>authentication for SMTP. >> >>The part that suprised me is that I am not set up to do real SMTP >>authentication (only pop before), but when going through the ASSP proxy >>running on the same system as XMail, SMTP authentication not only works >>with at least some email clietns but is actually required for some. >>Perhaps this is expected behavior, but I thought it was an either/or >>sort of thing. >> >>So, ASSP -> Xmail with pop before SMTP works with Thunderbird (at >>least), but in Outlook 2003 and Mac OS X Mailtool (at least) SMTP >>authentication is required for proper authentication. This was not the >>case when ASSP was on a seperate IP and a seperate platform - with that >>config, pop before SMTP worked for all these email clients. Also this >>was not the case when ASSP was not in the picture (so obviously it has >>something to do with ASSP -> XMail). >> >> > >Then remove ASSP (whatever it is) :=) > > >- Davide > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: pop before smtp
Ah ha! Thanks, Rob - that makes sense now. The behavior I am seeing is expected. I'm glad that SMTP authorization works alongside with pop before smtp, and as you said, why would anyone want to turn it off. I'll start promoting it since it can coexist with the popb4. I didn't promote smtp authorization previously because I already had users using the pop b4 smtp already (it is pretty standard with the larger ISP's like Comcast or SBC so users are familiar with it) and I wasn't certain how it would interact with uebmiau or other web mail apps. Now I see that it can coexist, though, and that is great ... Thanks, Jeff Rob Arends wrote: >Jeff, > >Smtp auth is enabled by default, and there does not seem to be a way to turn >it off (why would you?), however I know the "EnableAuthSMTP-POP3" "1" >is configurable and is turned on by default. > >*ALL* my users are told to use smtp auth. It gets them around grey listing >and they can send as whom ever they like. Because of this I still know who >they are, and that's all that matters. Never had a problem, but then I've >never actively promoted or tried pop-b4-smtp. > >Rob :-) > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >Behalf Of Jeff Buehler >Sent: Wednesday, July 06, 2005 10:33 AM >To: xmail@xmailserver.org >Subject: [xmail] Re: pop before smtp > > >Yes, the email client (in this case Thunderbird and numerous other >external email clients) must be doing pop before smtp since I have never >enabled true SMTP authentication (even though I would like to, but that >is another story), and none of my testing has included setting password >authentication for SMTP. > >The part that suprised me is that I am not set up to do real SMTP >authentication (only pop before), but when going through the ASSP proxy >running on the same system as XMail, SMTP authentication not only works >with at least some email clietns but is actually required for some. >Perhaps this is expected behavior, but I thought it was an either/or >sort of thing. > >So, ASSP -> Xmail with pop before SMTP works with Thunderbird (at >least), but in Outlook 2003 and Mac OS X Mailtool (at least) SMTP >authentication is required for proper authentication. This was not the >case when ASSP was on a seperate IP and a seperate platform - with that >config, pop before SMTP worked for all these email clients. Also this >was not the case when ASSP was not in the picture (so obviously it has >something to do with ASSP -> XMail). > >Jeff > > > >Davide Libenzi wrote: > > > >>On Tue, 5 Jul 2005, Jeff Buehler wrote: >> >> >> >> >> >>>Hmmm - >>> >>>It would appear that if I set the email clients in question to require >>>SMTP authentication, and use the same username and password as for pop3 >>>authentication, then everything works. I thought this was an either/or >>>requirement, but now I have most users doing pop3 before smtp and some >>>users using smtp authentication, and it works (so far). >>> >>> >>> >>> >>If you use *real* SMTP authentication, then you won't need the POP3 before >>SMTP thing. In order for POP3 before SMTP to work, you need you mail >>clients to actually try a POP3 session before the SMTP session (with the >>account doing the POP3 session being the *same* as the MAIL FROM: <> of >>the SMTP session). Is your email client doing so? >> >> >>- Davide >> >>- >>To unsubscribe from this list: send the line "unsubscribe xmail" in >>the body of a message to [EMAIL PROTECTED] >>For general help: send the line "help" in the body of a message to >>[EMAIL PROTECTED] >> >> >> >> >> >> > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: pop before smtp
Yes, the email client (in this case Thunderbird and numerous other external email clients) must be doing pop before smtp since I have never enabled true SMTP authentication (even though I would like to, but that is another story), and none of my testing has included setting password authentication for SMTP. The part that suprised me is that I am not set up to do real SMTP authentication (only pop before), but when going through the ASSP proxy running on the same system as XMail, SMTP authentication not only works with at least some email clietns but is actually required for some. Perhaps this is expected behavior, but I thought it was an either/or sort of thing. So, ASSP -> Xmail with pop before SMTP works with Thunderbird (at least), but in Outlook 2003 and Mac OS X Mailtool (at least) SMTP authentication is required for proper authentication. This was not the case when ASSP was on a seperate IP and a seperate platform - with that config, pop before SMTP worked for all these email clients. Also this was not the case when ASSP was not in the picture (so obviously it has something to do with ASSP -> XMail). Jeff Davide Libenzi wrote: >On Tue, 5 Jul 2005, Jeff Buehler wrote: > > > >>Hmmm - >> >>It would appear that if I set the email clients in question to require >>SMTP authentication, and use the same username and password as for pop3 >>authentication, then everything works. I thought this was an either/or >>requirement, but now I have most users doing pop3 before smtp and some >>users using smtp authentication, and it works (so far). >> >> > >If you use *real* SMTP authentication, then you won't need the POP3 before >SMTP thing. In order for POP3 before SMTP to work, you need you mail >clients to actually try a POP3 session before the SMTP session (with the >account doing the POP3 session being the *same* as the MAIL FROM: <> of >the SMTP session). Is your email client doing so? > > >- Davide > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: pop before smtp
Hmmm - It would appear that if I set the email clients in question to require SMTP authentication, and use the same username and password as for pop3 authentication, then everything works. I thought this was an either/or requirement, but now I have most users doing pop3 before smtp and some users using smtp authentication, and it works (so far). Should I be concerned? This must be some funky ASSP thing ... but I am (pleasantly?) suprised that XMail allows it to verify even when it is not set to do smtp authentication (or at least I didn't think that it was!) Jeff Jeff Buehler wrote: >Hi all - > >This question may be a bit out of place, but someone here may have a >recommendation... > >Over the years, I have had an occasional problem with different mail >clietns choking on pop before smtp. Generally this has been the case on >Mac (OS 9) mail clients, which thankfully are gone from my user group now. > >Recently I put an anti-spam service (ASSP) on the same box and IP as >XMail which forwards mail to XMail after scanning it. This mecahnism >has worked with no problems when I had ASSP on a seperate IP and a >seperate box from XMail, and it works well now *except* that certain >mail clients no longer seem to be able to authenticate properly. >Specifically these are Mac OS X mailtool and Outlook 2003 that I am >aware of (Thunderbird works fine). > >This is obviosly some sort of interaction between ASSP and XMail, and so >the problem might exist on either side, but I was hoping someone on the >XMail side might have some ideas ...? > >Thanks! > >Jeff > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] pop before smtp
Hi all - This question may be a bit out of place, but someone here may have a recommendation... Over the years, I have had an occasional problem with different mail clietns choking on pop before smtp. Generally this has been the case on Mac (OS 9) mail clients, which thankfully are gone from my user group now. Recently I put an anti-spam service (ASSP) on the same box and IP as XMail which forwards mail to XMail after scanning it. This mecahnism has worked with no problems when I had ASSP on a seperate IP and a seperate box from XMail, and it works well now *except* that certain mail clients no longer seem to be able to authenticate properly. Specifically these are Mac OS X mailtool and Outlook 2003 that I am aware of (Thunderbird works fine). This is obviosly some sort of interaction between ASSP and XMail, and so the problem might exist on either side, but I was hoping someone on the XMail side might have some ideas ...? Thanks! Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]