Re: [courier-users] Spam filtering on SMTP level
Le 2017-03-20 10:36, Bernd Wurst a écrit : > Again, thank you all for your replies. > > We decided to go with pythonfilter, with some modifications. > > When I look at my logs and my inbox, I still could imagine some > improvements for spam filtering apart from tweaking spamassassin. So > I'd > like to know if some of you have written additional filters for > pythonfilter and would like to share them. Is there a repository for > such custom filters? Hello Bernd, I tunned the spamassassin and clamav filters and provided them directly to Gordon. Don't hesitate to share your work with us, we will appreciate it. HTH. Jérôme Blion. -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courierfilter + spamassassin = smtp slow.
Le 2017-02-08 13:25, Mário Ferreira a écrit : > Hi, > > After activating courierfilter with spamassassin, the smtp service > was slow. > > Spamassassin is very important to block spam's! > > Questions: > 1. Is it possible to include whitelist for the courierfilter, thus > reducing the load to the spamassassin whitelist? > > 2. Is there any way to do tuning to alleviate smtp? > > Thanks. > Hello, You can use latest courier-pythonfilter's versions to "chain" whitelist and spamassassin. HTH. Jérôme Blion. -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Log SMTP Auth
Hello, I think you could use courier-pythonfilter and create a new logging filter based on whitelist_auth. HTH. Jerome Blion. -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Fight against Dridex / Locky
Hello, I'm looking for an efficient way to fight against Locky / Dridex and such malwares... I use courier-pythonfilter with spamassassin + clamav I added clamav-unofficial-sigs but as the attachment is built on the fly, it's quite useless. I use zen.spamhaus.org RBL but it's not enough neither. Which solution did you implement to filter that Junk ? Best regards. Jérôme Blion. -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.http://sdm.link/zohodev2dev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] pythonfilter
Hello Gordon, I read the documentation but I'm not sure about my understanding of some sentences. eg: attachments auto_whitelist whitelist_auth whitelist relayclients greylist clamav spamassassin What will happen when whitelist_auth will send a 2xx code ? Which filters will be skipped ? The ones defined on the same line or all filters defined after it ? In my example, will they be processed by clamav and spamassassin or will it stop further filtering ? Best regards. Jérôme Blion. -- Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] [courier-pythonfilter] comeagain proposed patch
Le 09/03/2016 04:13, Gordon Messmer a écrit : > On 03/08/2016 05:21 PM, Jérôme Blion wrote: >> What do you think about that? > I'd like to do something more general to make filters conditional on the > results of others, but I haven't given it the time... > > Maybe something like: > > whitelist_auth conditional > comeagain if not whitelist_auth > attachments > spamassassin > clamav > log_aliases > noduplicates > > Wouldn't be very hard to parse. Any better ideas? > Hello Right now, filters have 3 kind of replies: - accept - reject - neutral Do you agree with me? A word like "THEN" or "OR" could do the trick : whitelist_auth OR/THEN comeagain attachments spamassassin clamav To pass, a mail should go through all rules until a 200, 400, 500 has been raised or the end of filters' list. We could consider each line delimits a filtering rule. This line should end with an only one accept/reject/neutral situation : - all filter in a line could reject the mail (4xx/5xx). The first reject is enough. - only the last filter could accept it (2xx code). It means previous 2xx codes are silently transformed to neutral - the last filter may return a neutral Now, I only worked on filters, I didn't look at the main code... I have absolutely no idea about the needed work to implement that :-) What do you think about that ? Would it be easily feasible? HTH. Jerome Blion. -- Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785111=/4140 ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] [courier-pythonfilter] comeagain proposed patch
Hello everyone (and specially Gordon) Dridex / Locky are a nightmare. I'm trying to find a way to avoid my users to get these mails... I want a specific behaviour: - I want ALL my users to go trough spamassassin/clamav (I won't get rid of my own changes to these filters :-) ) - I want to reject unwanted mails as soon as possible, with the least load That's why, for me, the best order for modules is: comeagain attachments spamassassin clamav log_aliases noduplicates With comeagain enabled, first tries coming from authenticated users are rejected (and that could happen after each ttl expire...) I don't want that. So, I modified comeagain filter to allow authenticated users to go through this filter with no disturbance. They will go through all other ones :-) You can manage this feature through pythonfilter-modules.conf: [comeagain.py] ignoreAuth = True / False Please find attached the proposed patch. What do you think about that? Hope this helps. Best regards. Jerome Blion --- comeagain.py2016-03-09 02:00:14.284044106 +0100 +++ comeagain.py.new2016-03-09 02:09:27.567409792 +0100 @@ -1,6 +1,7 @@ #!/usr/bin/python # comeagain -- Courier filter implementing a "greylisting" technique. # Copyright (C) 2003-2008 Gordon Messmer+# Copyright (C) 2016 Jerome Blion # # This file is part of pythonfilter. # @@ -30,6 +31,7 @@ # will be removed from the lists. sendersTTL = 60 * 60 * 24 * 30 sendersPurgeInterval = 60 * 60 * 12 +ignoreAuth = False def initFilter(): @@ -58,7 +60,14 @@ """ - # Grab the sender from the control files. +# If the server is used to send mail from users, we may want not to blck them +# We won't fill the database as the same IP may try and spam +if ignoreAuth: +authUser = courier.control.getAuthUser(controlFileList, bodyFile) +if authUser: +return '' + +# Grab the sender from the control files. try: sender = courier.control.getSender(controlFileList) except: @@ -102,8 +111,8 @@ # and more lines, beginning with an 'r' character, for each # recipient. Run this script with the name of that file as an # argument, and it'll validate that email address. -if not sys.argv[1:]: -print 'Use: comeagain.py ' +if not sys.argv[2:]: +print 'Use: comeagain.py ' sys.exit(1) initFilter() -print doFilter('', sys.argv[1:]) +print doFilter(sys.argv[1], sys.argv[2:]) -- Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785111=/4140___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] too few deliveries
Le 2015-12-11 13:25, Szépe Viktor a écrit : > Thank you! > > Basically what is the way to raise simultaneous "inprogress" delivery? > Hello, The real question is: How to decrease the mail in the queue waiting for a new delivery attempt? You will have to check and investigate what's happening to mails you are trying to send. They may be delayed due to typo, provider restrictions... HTH. Jérôme. -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] spammer masquerading as root
Hello, Here is one script I use: = purge_courier.sh #/bin/bash USAGE=Usage: $0 STRING if [ $# -ne 1 ] then echo $USAGE exit 1 fi /etc/init.d/courier-mta stop cd /var/lib/courier rgrep -l $1 msgs/*/D* | while read DATAFILE do CTLFILE=`basename $DATAFILE | sed 's/^D/C/g'` rm $DATAFILE find msg* -name ${CTLFILE}* | xargs --no-run-if-empty rm echo $DATAFILE supprime done /etc/init.d/courier-mta start exit 0 = enf of purge_courier.sh This script is able to clean your queue using an expression. Most of the time, I'm able to clean queues with that. HTH. Jérôme Blion. Le 2015-06-16 11:18, alan milligan a écrit : Hi, I've got some nasty spammer managing to send spam via my mail server by somehow authenticating as root (if I understand the logs correctly): Jun 15 22:56:04 hostname courierd: newmsg,id=0034D6E2.557F9043.5D5F, auth=ROOT: dns; User (x.x-x-x.rdns.scalabledns.com [:::x.x.x.x]) My authdaemon (latest version: 0.66.2) is configured with pam and ldap (LOGIN auth only): but there is *no* password set for the root user (it's RSA identity only). It would seem quite impossible that this user really can be authenticated as root. Since they are authenticated, it seems I cannot simply block the IP via smtpaccess. This user has caused the mail server to be on a number of blacklists and these spam messages (along with legitimate traffic) are filling up mail queues with multiple failed delivery attempts. Even setting ESMTP_BLOCKBACKSCATTER to include authsmtp/dsn in courierd (latest version: 0.74.2) configuration isn't actually stopping this. Whatsmore attempting cancelmsg (and I'm getting some thousands of these) to flush the queue is proving pointless: because of the blacklisting no DSN is going to get through to the recipient (spoofed that it is). It would be great if there was an additional option in cancelmsg simply to remove the msgid from the queue - with no DSN processing at all. I'm having to stop courier and manually delete all the msgs/msgq files. Any thoughts upon how I can stop this miscreant sending mail would be greatly appreciated. Alan -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Problem setting up pythonfilter
Le 2015-03-02 17:17, Jean-Christophe Boggio a écrit : Hello, I am trying to install pythonfilter 1.8 on a working 0.68.2 (debian) instance of courier-mta. I have read and applied the install instructions carefully several times but the filters never seem to start and I don't know where to search next. /var/lib/pythonfilter permissions seem ok : # ls /var/lib/pythonfilter -ld drwxr-xr-x 2 daemon daemon 4096 janv. 15 03:28 /var/lib/pythonfilter # grep 'MAIL.*=' /etc/courier/esmtpd MAILUSER=daemon MAILGROUP=daemon # ls -l /etc/courier/filters/active lrwxrwxrwx 1 root root 37 mars 2 16:11 pythonfilter - /usr/lib/courier/filters/pythonfilter # ls -l /usr/lib/courier/filters/pythonfilter lrwxrwxrwx 1 root root 27 janv. 15 00:38 /usr/lib/courier/filters/pythonfilter - /usr/local/bin/pythonfilter If I start it manually, it looks ok : # sudo -u daemon /usr/local/bin/pythonfilter Initialized the debug python filter Initialized the log_aliases python filter Initialized the noduplicates python filter Initialized the auto_whitelist python filter Initialized the whitelist_relayclients python filter Initialized the whitelist_auth python filter Initialized the whitelist_block python filter Initialized the greylist python filter Initialized the ratelimit python filter Filtering seems activated : # cat /etc/courier/enablefiltering esmtp # service courier-mta restart Stopping Courier SMTP MSA server: done. Stopping Courier SMTP server: done. Stopping Courier mail filter: done. Stopping Courier mail server: done. Starting Courier mail server: done. Starting Courier mail filter: done. Starting Courier SMTP server: done. Starting Courier SMTP MSA server: done. But I see no trace of filters in the logs : Mar 2 16:21:42 facteur courierd: Courier 0.68.2 Copyright 1999-2012 Double Precision, Inc. Mar 2 16:21:42 facteur courierd: Installing [0/0] Mar 2 16:21:42 facteur courierd: Installing uucp Mar 2 16:21:42 facteur courierd: Installed: module.uucp - Courier 0.68.2 Copyright 1999-2012 Double Precision, Inc. Mar 2 16:21:42 facteur courierd: Installing local Mar 2 16:21:42 facteur courierd: Installed: module.local - Courier 0.68.2 Copyright 1999-2012 Double Precision, Inc. Mar 2 16:21:42 facteur courierd: Installing fax Mar 2 16:21:42 facteur courierd: Installed: module.fax - Courier 0.68.2 Copyright 1999-2012 Double Precision, Inc. Mar 2 16:21:42 facteur courierd: Installing esmtp Mar 2 16:21:42 facteur courierd: Installed: module.esmtp - Courier 0.68.2 Copyright 1999-2012 Double Precision, Inc. Mar 2 16:21:42 facteur courierd: Installing dsn Mar 2 16:21:42 facteur courierd: Installed: module.dsn - Courier 0.68.2 Copyright 1999-2012 Double Precision, Inc. Mar 2 16:21:42 facteur courierd: Initializing uucp Mar 2 16:21:42 facteur courierd: Initializing local Mar 2 16:21:42 facteur courierd: Initializing fax Mar 2 16:21:42 facteur courierd: Initializing esmtp Mar 2 16:21:42 facteur courierd: Initializing dsn Mar 2 16:21:42 facteur courierd: Started ./courieruucp, pid=49727, maxdels=4, maxhost=4, maxrcpt=16 Mar 2 16:21:42 facteur courierd: Started ./courierlocal, pid=49729, maxdels=10, maxhost=4, maxrcpt=1 Mar 2 16:21:42 facteur courierd: Started ./courierfax, pid=49730, maxdels=1, maxhost=1, maxrcpt=1 Mar 2 16:21:42 facteur courierd: Started ./courieresmtp, pid=49732, maxdels=40, maxhost=4, maxrcpt=100 Mar 2 16:21:42 facteur courierd: Started ./courierdsn, pid=49733, maxdels=4, maxhost=1, maxrcpt=1 Mar 2 16:21:42 facteur courierd: queuelo=200, queuehi=400 Mar 2 16:21:42 facteur courierd: Purging /var/lib/courier/msgq Mar 2 16:21:42 facteur courierd: Purging /var/lib/courier/msgs Mar 2 16:21:42 facteur courierd: Waiting. shutdown time=Mon Mar 2 17:21:41 2015, wakeup time=Mon Mar 2 16:42:36 2015, queuedelivering=2, inprogress=0 I'm expecting something like : Mar 2 16:21:42 facteur courierfilter: Starting pythonfilter If I create this directory : # mkdir /var/lib/courier/allfilters/pythonfilter The logs show : Mar 2 16:43:17 facteur courieresmtpd: started,ip=[:::209.85.212.172] Mar 2 16:43:17 facteur submit: Connection refused Mar 2 16:43:17 facteur submit: Failed to connect to: /var/lib/courier/allfilters/pythonfilter Mar 2 16:43:17 facteur courieresmtpd: error,relay=:::209.85.212.172,from=some...@gmail.com: 432 Mail filters temporarily unavailable. which is what I expect because it is not supposed to be a directory but it shows that courier is trying to talk to the filter. I am sure this is obvious but I don't see where to search next. Thanks for your help, JC Hello, to enable the filter, did you type filterctl start pythonfilter ? Best regards. jerome Blion. -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed
Re: [courier-users] pythonfilter and ClamAV
Le 2014-04-14 17:15, Bowie Bailey a écrit : Anyone try to use courier-pythonfilter with the latest ClamAV? I'm trying to set this up on my new server, but I'm getting some errors trying to build the pyclamav package that it requires. Apparently, it is only tested up to ClamAV 0.93, while the current version is 0.98. I'm wondering if it is no longer compatible, or if I'm doing something wrong. I'm looking for something more lightweight than Amavis. All I need is something that can run ClamAV on incoming mail. Any other suggestions? Hello, root@srv-bron:~# diff clamav.py clamav.py.orig 42,43c42,43 pyclamd.init_unix_socket(localSocket) avresult = pyclamd.scan_file(bodyFile) --- clamd = pyclamd.ClamdUnixSocket(localSocket) avresult = clamd.scan_file(bodyFile) HTH. Jérôme Blion. -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] zdkimfilter
Le 21/07/2013 13:23, Anders a écrit : Hi! Can someone contribute with some example configuration files for zdkimfilter and courier, especially for signing outgoing mail. I have tried to follow the information from the zdkimfilter website and the man/config files but I can't get it to work, not even off-line checking/testing againt self-generated dkim certs with dkimsign. Thanks! I am running courier-mta on gentoo amd64 ~A Hello, Here is how I implemented it on a debian server: apt-get -y install libopendkim7 libnettle4 libtool libopendkim-dev wget http://www.tana.it/sw/zdkimfilter/zdkimfilter-1.1.tar.gz tar xzf zdkimfilter-1.1.tar.gz cd zdkimfilter-1.1/ ./configure make make install echo all_mode Y verbose 4 selector s /etc/courier/filters/zdkimfilter.conf mkdir /etc/courier/filters/keys echo -BEGIN RSA PRIVATE KEY- [...] -END RSA PRIVATE KEY- /etc/courier/filters/keys/mymarvelousdomain.com filterctl stop zdkimfilter filterctl start zdkimfilter Hope this helps. Best regards. Jerome Blion. -- See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831iu=/4140/ostg.clktrk ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] ANN: zdkimfilter 1.1
Le 05/12/2012 18:28, Alessandro Vesely a écrit : This version implements blocking an authenticated user, which I hope will never trigger. One can specify a plain file with a list of users that the filter will reject. The file can be populated by zdkimfilter basing on the result of an sql query, or by any other means. The dkimsign command has been enhanced, so that it can be used in sendmail-terminated pipelines. A few database changes are detailed in the releas-notes. A few bugfixes, including those recently reported on this list. http://www.tana.it/sw/zdkimfilter/ Hello, How do you manage the fact that: - a mail sent has to signed just before being sent (after all other filters which can adds headers) ? - a mail received should be verified before all other filters (for the same reason, the mail should not move at all) ? Best regards. Jerome Blion. -- LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Send several mails per connection
Hello, I'm trying to help a customer. He owns a virtual card website. He sends several thousands mails per day. I already setup MAXDELS and MAXHOST, I modified the queue length too to be able to survive to any new year mail flood. I fixed Debian Lenny's libraries (dbm package bug) An ISP told my customer he should send all mails through one SMTP connection. I didn't find any parameter to do it. Are there some documents I should read? Best regards. Jerome Blion -- Forrester Wave Report - Recovery time is now measured in hours and minutes not days. Key insights are discussed in the 2010 Forrester Wave Report as part of an in-depth evaluation of disaster recovery service providers. Forrester found the best-in-class provider in terms of services and vision. Read this report now! http://p.sf.net/sfu/ibm-webcastpromo ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier GUI replacement for qmailadmin
On Mon, 11 Apr 2011 06:52:13 -0400, Sam Varshavchik mr...@courier-mta.com wrote: Vini writes: Hi All, I have been using courier with vpopmail and qmailadmin for a while and although it all works well I would prefer to use some sort of GUI that is made for Courier. Is there any GUI that is available for Courier that could do a similar job to what qmailadmin does? I don't know what qmailadmin does, but Courier does include a web-based tool for setting up most configuration options. Hello, I use Quica (http://quica.sourceforge.net/) HTH. Jerome Blion. -- Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] spamassassin into courierfilter
Hello, I use courier-pythonfilter for both spam and virus scanning during SMTP transaction. HTH. Jerome Blion. On Mon, 21 Mar 2011 14:46:25 +0100, Matus UHLAR - fantomas uh...@fantomas.sk wrote: Hello, Can you advise me a (simple) way to integrate SpamAssassin checking at MTA level? We use courierperlfilter for clamav scanning and logging and I could add calling spamc to it, but I'd like to know if there are other nice ways. Thank you. -- Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Script to clean the Courier's queue
Hello, One of my customers flooded the Courier mail queue (10K mails on only one address !) To clean it, I used the following script: #/bin/bash USAGE=Usage: $0 STRING if [ $# -ne 1 ] then echo $USAGE exit 1 fi /etc/init.d/courier-mta stop cd /var/lib/courier rgrep -l $1 msgs/*/D* | while read DATAFILE do CTLFILE=`basename $DATAFILE | sed 's/^D/C/g'` rm $DATAFILE find msg* -name ${CTLFILE}* | xargs rm done /etc/init.d/courier-mta start Beware, this script is particularly violent. It won't warn you if you are doing such things as ./purge_courier.sh To ! You have to adapt it to change paths and use grep -rl if you don't have rgrep alias. Hope this helps... Jerome Blion. -- Increase Visibility of Your 3D Game App Earn a Chance To Win $500! Tap into the largest installed PC base get more eyes on your game by optimizing for Intel(R) Graphics Technology. Get started today with the Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. http://p.sf.net/sfu/intelisp-dev2dev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] pythonfilter error checking
Hello, Did you try to use pyclamd instead of pyclamav ? Best regards. Jerome Blion. On Mon, 11 Oct 2010 23:01:51 +0900, Bernd Plagge bpla...@choicenet.ne.jp wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi I might have found the reason for those LibClamAV errors which (almost) nobody else seems to have. Today I ran aptitude which also updated all clamav packages. During installation I opted for the standard package configuration - as I didn't make any configuration changes. Soon after that I got another LibClamAV courierfilter: LibClamAV Error: cl_free: engine == NULL error. While trying to find the problem I also tested the pythonfilter clamav.py program i.e. the included python modules. - - --- python Python 2.5.2 (r252:60911, Jan 24 2010, 14:53:14) [GCC 4.3.2] on linux2 Type help, copyright, credits or license for more information. import sys import pyclamav help(pyclamav) pyclamav.version() '0.4.1' pyclamav.get_version() LibClamAV Error: cl_cvdhead: Can't open file /var/lib/clamav//daily.cvd ('0.96.3', 0, 0) - - --- Where I had a /var/lib/clamav/daily.cvd file before there was now a /var/lib/clamav/daily.cld file. It seems that 'daily.cvd' is the compressed version of 'daily.cld'. The clamav-freshclam package's standard configuration contains 'CompressLocalDatabase no'. So, the first database upgrade after the program upgrade downloaded the daily.cld file. Unfortunately pyclamav doesn't seem to understand the uncompressed format. As a result Courier will block all messages to be sent. Would it be possible to include a test for the correct clamav database versionand throw up an error if 'daily.cvd' doesn't exist? This would be very helpful and remove a potential mail disruption. Cheers, Bernd -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyzGM8ACgkQpYU8M8PbPV4B6wCfUc0WP68hkkMJGTX7lDm9dNVA mMEAn0f0rroxWwu+xjxXRgF3iqe8FTje =NZgl -END PGP SIGNATURE- -- Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today. http://p.sf.net/sfu/beautyoftheweb ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users -- Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today. http://p.sf.net/sfu/beautyoftheweb ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] monitoring queue size
Le 31/05/2010 17:33, Matus UHLAR - fantomas a écrit : Hello, we've had some issues in the past regarding revealed passwords, implicit relaying (we are trying to get rid of both) that caused mail queue to be filled up with spam. Does anyone have implemented queue monitoring that could help us to notice we have too many mail from one user/IP address in queue? Thank you Hello, mailq -batch is your friend. HTH. Jerome Blion. -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Clamcour
Hello, I replaced it with courier-pythonfiler with clamav module. HTH. Jerome Blion. On Wed, 26 May 2010 15:55:13 -0400, Bowie Bailey bowie_bai...@buc.com wrote: I was looking at using clamcour on a new server rather than amavisd-new. It seems like clamcour has not been updated in quite a while. Does it still work with the current versions of Courier and Clam? -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courier and tbird and openssl
Hello, Did you look at firewall settings on this specific client ? Perhaps some rules are interfering. HTH. Jerome Blion. -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] zen.spamhaus.org
On Thu, 29 Apr 2010 05:53:07 -0600, Joseph C. Lininger jb...@pcdesk.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Howdy folks, I was wondering if anyone happens to know if zen.spamhaus.org is having any sort of troubles? I've noticed an increase in the amount of spam making it through my server, and I checked the mail logs to see about the blacklists. The last time anything was blocked by spamhaus was April 27 in the evening. I usually have several spamhaus hits per day. Anyone else noticing this or did I mess something up on my end and I just haven't realized it yet? Thanks in advance for your help. Hello, Spamhaus is known to block DNS servers who perform too many queries to their DNS servers. If you use your ISP DNS, it could be the issue. One easy thing to test: nslookup reverse_ip.zen.spamhaus.org @your dns server nslookup reverse_ip.zen.spamhaus.org @another dns server For example, Google DNS are blocked. HTH. Jerome -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Howe to integate ClamAV to scan on SMTP level?
Le 18/04/2010 10:52, Aidas Kasparas a écrit on debian you have to use testing packages of python-clamav, as stable do not support recent signatures. That's why volatile.debian.org exists... ;-) HTH. Jerome Blion. -- Download Intel#174; Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier blocklists and authentication
Hello, Le 10/04/2010 17:46, Samuel Marinov a écrit : Hello, The Courier documentation seems vague and confusing on this. I would like to setup Courier ESMTP in the following way: 1. Setup with the blocklist sbl.spamhaus.org You'd better use zen.spamhaus.org. 2. Allow complete relaying privileges to all clients NOT on the blocklist That's not a good idea... You will spam all the world ! I think that's not what you want. -- Download Intel#174; Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] mails stuck in the queue
On Mon, 15 Feb 2010 14:20:02 +0100, Michelle Konzack linux4miche...@tamay-dogan.net wrote: I0 R Connection refused Did you define these domains in hosteddomains or locals file? (and perhaps in esmtpacceptmailfor.d) Hope this helps. Best regards. Jerome Blion. -- SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW http://p.sf.net/sfu/solaris-dev2dev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] DNS problems with courier 0.63
Hello, If these problems appear few day ago, it could be a DNS issue: Try these commands: dig +short rs.dns-oarc.net txt dig +dnssec DNSKEY ripe.net http://www.ripe.net/ripe/meetings/ripe-59/presentations/uploads/presentations/Tuesday/Plenary%2014:00/Abley-DNSSEC_for_the_Root_Zone.mId7.pdf HTH. Jerome Blion. Le 28/01/2010 04:51, Chuck Williams a écrit : Hi All, I recently upgraded my debian server from courier 0.61 to 0.63 and am now having strange problems associated with courier's use of DNS. I have always run with BOFHCHECKDNS=1 (the default) without issue. However, after upgrading all domains were rejected in both inbound and outbound smtp mail. Examples: Jan 25 07:58:25 aloha courieresmtp: id=032E4D3E.4B5D8509.0D76,from=logch...@manawiz.com,addr=mana...@gmail.com: DNS lookup failed. Jan 25 09:20:06 aloha courieresmtp: id=031FC00E.4B5DEDBA.64D0,from=s...@wisdombell.com,addr=bal...@gmail.com: DNS lookup failed. Jan 24 18:27:41 aloha courieresmtpd: error,relay=:::209.85.210.189,from=bnaleen...@gmail.com: 417 DNS lookup failure:gmail.com. Try again later Jan 24 18:28:02 aloha courieresmtpd: error,relay=:::209.85.222.148,from=3wr1dswaaeyclyo2zto-mprtyyp23rzzrwpr2z503@groups.bounces.google.com: 417 DNS lookup failure:groups.bounces.google.com. Try again later. Jan 24 18:49:08 aloha courieresmtpd: error,relay=:::64.79.150.121,from=nbusers-ow...@netbeans.org: 417 DNS lookup failure:netbeans.org. Try again later. DNS is configured and working fine with all other software on the server. E.g.: aloha:/etc/courier# dig +short MX gmail.com 30 alt3.gmail-smtp-in.l.google.com. 40 alt4.gmail-smtp-in.l.google.com. 5 gmail-smtp-in.l.google.com. 10 alt1.gmail-smtp-in.l.google.com. 20 alt2.gmail-smtp-in.l.google.com. aloha:/etc/courier# dig +short A alt3.gmail-smtp-in.l.google.com 209.85.218.11 aloha:/etc/courier# dig +short MX groups.bounces.google.com 5 gmr-smtp-in.l.google.com. 10 alt1.gmr-smtp-in.l.google.com. 10 alt2.gmr-smtp-in.l.google.com. aloha:/etc/courier# dig +short A gmr-smtp-in.l.google.com 209.85.221.205 aloha:/etc/courier# dig +short MX manawiz.com 0 manawiz.com. aloha:/etc/courier# dig +short A manawiz.com 64.34.170.220 aloha:/etc/courier# I reset BOFHCHECKDNS to 0 to work around this issue, and then for the past couple days have been trying to send a message to this list. Other messages I'm sending, or my users are sending, are generally getting to their recipients, but not messages to the courier-users list. They are all getting delayed-delivery responses with DNS failures, e.g.: courier-users@lists.sourceforge.net: DNS lookup failed. The only way I'm able to send this message is to subscribe my gmail account and send from there. As best I can tell, my courier installation will not send to the courier-users list. How does courier access DNS? Any ideas on how I can resolve this issue? Having BOFHCHECKDNS=0 is letting much more spam through, a big problem, so I really need to change it back. Thanks for any help, Chuck -- The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users -- The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Sending Spam
On Wed, 6 Jan 2010 10:49:24 +, Graham Smith wobblyc...@googlemail.com wrote: Well, find out what's in those messages. Look in the /var/spool/courier/msg[sq] I don't have a /var/spool/courier directory. I have a /var/spool/mail directory which is currently empty. There is also a /var/spool/postfix which I presume was created when I first installed the machine. The server is running Debian stable and is fully up to date. If you installed packages with aptitude / apt-get, you should find everything needed into /var/lib/courier What I can't tell is whether my server is sending this mail (I think it probably is) and if so how are the black hats getting in to send it. You need to read mails in your queue. They will show you where they come from (local unix account, remote IP, authentication parameters...) HTH. Jerome Blion. -- This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] DKIM headers
Hello, I used few months ago a perlfilter to implement DKIM on a courier server. But I had some crashes with it. So... I rewrote it :-) for pythonfilter... How to install it: - you need to install pydkim (beware of dependencies with net.resolver provided by python-adns) - generate your keys (for this, you can use http://www.topdog-software.com/files/dkim-genkey.sh ). Beware of the owner / rights of files generated - modify your DNS... - In /etc/pythonfilter.conf, add following lines AFTER antispam filters: # dkim: sign message using DKIM signature # dkim_sign - In /etc/pythonfilter-modules.conf, add following lines: [dkim_sign.py] selector = 'dkim' privkey = '/home/dkim/dkim.private' - Install the script attached. It's a little bit ugly (pydkim can't handle Messages objects, so I open the body file as a simple string...) Several things I have in mind: - one private key per domain. So, we could enable DKIM only for domains we want instead of allowing it for every domain we host. Privkey would become privkeydir, dkim.private would become domain.private for each domain... Is this a real need? - do I need to explicitly close files I opened ? (bodyFile and privkey) or python will do it for me? - This filter supposes sender is not forged... So it has to be run after antispam filters... Or it would be possible to sign spams... Is this way safe enough? I wrote the filter tonight... I didn't test it yet ! Feel free to comment it, to fix it, to use it :-) Hope this helps. Jerome Blion. #!/usr/bin/python # dkim_sign -- Courier filter which add DKIM signature to mails sent # Copyright (C) 2009 Jerome Blion jer...@hebergement-pro.org # # This file is part of pythonfilter. # # pythonfilter is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # pythonfilter is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with pythonfilter. If not, see http://www.gnu.org/licenses/. import email import sys import courier.config import courier.control import courier.xfilter import dkim def initFilter(): courier.config.applyModuleConfig('dkim_sign.py', globals()) # Record in the system log that this filter was initialized. sys.stderr.write('Initialized the dkim python filter\n') def doFilter(bodyFile, controlFileList): Sign mails with DKIM keys For mails which are locally hosted, sign messages with DKIM try: message = open(bodyFile).read() sender = courier.control.getSender(controlFileList) domain=sender.split('@')[1] sig = dkim.sign(message, selector, domain, open(privkey, r).read()) final_mail = email.message_from_string(sig+message) try: mfilter = courier.xfilter.XFilter('dkim_sign', bodyFile, controlFileList) except courier.xfilter.LoopError, e: # LoopError indicates that we've already filtered this message. return '' mfilter.setMessage(final_mail) submitVal = mfilter.submit() return submitVal except Exception, e: return '451 Internal failure : %s' (e) if __name__ == '__main__': # For debugging, you can create a file or set of files that # mimics the Courier control file set. if not sys.argv[2:]: print 'Use: dkim.py message body file control file list' sys.exit(1) initFilter() print doFilter(sys.argv[1], sys.argv[2]) -- Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] DKIM headers
I forgot the domain check... Will add it tomorrow... Time to sleep. Jerome. -- Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] PythonFilter
Lourik Malan a écrit : Hi guys I'm using the pythonfilter in courier. The comeback module has been causing some issues for me with Squirrelmail. I want to disable the filter when the email originates from localhost. Is there a way to disable the comeback filter for localhost(127.0.0.1)? The problem is it fails the first time you send a email. This is fine for me, but not my users. Thanks Hello, in enablefiltering, you should have smtp local Remove local :) That's all. HTH. Jerome Blion. -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] alias and delivered-to
Sam Varshavchik a écrit : Sandro Serafini writes: Hi, I have a problem: I've set up a mailbox like this: postmasteratdomain and an alias: useratdomain - postmasteratdomain If I send a mail to useratdomain, the Delivered-To: header of the mail contains postmasteratdomain, but I need it to contain useratdomain instead. How can I do this? You can't. Alias processing is done when mail is received. After mail is received, only its ultimate recipients are known, all knowledge of original recipients is no longer available. Hello, Courier-pythonfilter + log_aliases could log the original recipient. It won't be in the mail, but in the mail.log... HTH. Jerome Blion. -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] pythonfilter - clamav as unprivileged user
Hello, I reinstalled clamav from Debian repositories. By default, it runs as clamav user. To have it working with courier-pythonfilter, I have done some modifications to clamav.py: --- clamav.py.orig 2009-06-13 18:32:01.0 +0200 +++ clamav.py 2009-06-13 19:04:13.0 +0200 @@ -29,7 +29,11 @@ import pyclamav def scanMessage(bodyFile, controlFileList): try: - avresult = pyclamav.scanfile(bodyFile) + f = open(bodyFile, rb) + mail_to_scan = f.read() + f.close() + + avresult = pyclamav.scanthis(mail_to_scan) except Exception, e: return 554 + str(e) if avresult[0]: @@ -39,12 +43,16 @@ import pyclamd def scanMessage(bodyFile, controlFileList): try: + f = open(bodyFile, rb) + mail_to_scan = f.read() + f.close() + pyclamd.init_unix_socket(localSocket) - avresult = pyclamd.scan_file(bodyFile) + avresult = pyclamd.scan_stream(mail_to_scan) except Exception, e: return 554 + str(e) - if avresult != None and avresult.has_key(bodyFile): - return handleVirus(bodyFile, controlFileList, avresult[bodyFile]) + if avresult != None and avresult.has_key('stream'): + return handleVirus(bodyFile, controlFileList, avresult['stream']) return '' HTH. Jerome Blion.-- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] submit: Permission denied
Sam Varshavchik a écrit : Jérôme Blion writes: When doing filterctl start perlfilter, I've got this error for PHP scripts: May 26 18:17:07 ns60332 courierfilter: Starting perlfilter May 26 18:17:07 ns60332 courierd: Waiting. shutdown time=none, wakeup time=Tue May 26 18:20:33 2009, queuedelivering=398, inprogress=7 May 26 18:17:09 ns60332 submit: Permission denied May 26 18:17:11 ns60332 submit: Permission denied May 26 18:17:16 ns60332 submit: Permission denied May 26 18:17:17 ns60332 courierfilter: Stopping perlfilter Check for the correct ownership and permission of the perlfilter's configuration files. perlfilter uses a few config files -- see the courierperlfilter man page. Also verify the ownership of the socket directory -- referenced in the same man page. Hello, After some more readings, I found this article: http://www.mail-archive.com/courier-users@lists.sourceforge.net/msg07729.html I tried to apply this script to my case. In straces logs, I found lot of errors about /var/lib/courier/tmp folder... I started to look on what could write there I finally found the problem: $mail_tmp_dir = '/var/lib/courier/tmp'; Apache does not run as Daemon. Courier does. So /var/lib/courier/tmp is not opened enough. And, from my point of view, it has not to be. I have two ways: - to setuid perlfilter-dkim.pl to runs as courier's user - to change the previous variable. I chose the second way. It solved my problem. Is it normal perlfilter forks as the original user? whereas sendmail is setuid-bit? Thanks for your help... Jerome Blion. -- Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, iPhoneDevCamp as they present alongside digital heavyweights like Barbarian Group, R/GA, Big Spaceship. http://p.sf.net/sfu/creativitycat-com ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Weird MAILER-DAEMON error messages (randomly)
Gordon Messmer a écrit : Michelle Konzack wrote: I have a problem with a catch-all mailbox which is normaly working, but randomly it crate errors like: ... micxxxle.konz...@localhost SMTP error: 513 Syntax error. localhost isn't a valid domain. Use an FQDN. I noticed this kind of forged mail address with roundcube with a default configuration (no default domain) HTH. Jerome. -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] about non-existent senders
On Tue, 5 May 2009 12:21:01 +0300, sergio ser...@neonet.ua wrote: Hello courier-users, i have a problem with some local users that have virus, that use my smtp for spamming. i see a lot of smtp conections from non-existent local user ( like abrakada...@mydomain.com ) and from correct ips, that present in smtpaccess file. how can i block mail from non-existent local users (without enabling smtp authorization if possible) ? thanks. Hello, Several solutions: - first, firewall infected computers... They won't spam anymore - clean infected computers - filter your outgoing messages accross an antispam solutions (bad keywords, spamassassin, or whatever your want) HTH. Jerome Blion. -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courier-authlib and vpopmail aka authvchkpw
alexus a écrit : On Fri, Feb 20, 2009 at 10:25 PM, Sam Varshavchik mr...@courier-mta.com wrote: alexus writes: I understand that, I still want it so I can use it in case if I decide to use qmail Someone else mentioned that the current version of vpopmail has some kind of a module for courier-authlib. You should investigate that to see, if that will work for you. req for that patch to work is courier-auth that has authvchkpw, so once again where can I get older version of courier-authlib that still had vpopmail module, maybe i can hack it myself and get it to work with latest version of courier-authlib or something... Vpopmail can use a database backend like Mysql. Vconvert exist to convert old database format to new ones. After you did that, you have a format that authlib-mysql will be able to read. And then you're saved ! HTH. Jerome Blion (Sorry Sam, for the junk) -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] pre-filtering with Courier
Lindsay Haisley a écrit : On Sun, 2008-12-21 at 13:25 -0800, Gordon Messmer wrote: Lindsay Haisley wrote: It looks as if Gordon Messmer has written a very nice Python-based API for courierfilter and I'm going to give it a shot at the job. I'm going to have to write a new module for it, but the documentation on it is excellent and it shouldn't be too hard. I'm quite fond of Python as a programming language :-) Glad to hear it. Let me know if I can offer any advice. There are modules for clamav and spamassassin which you can use as a base for local customizations. Gordon, here's a suggested patch for the spamassassin.py filter for pythonfilter. This is perhaps just a demonstration of concept since you would probably want to streamline the code. Essentially, running SpamAssassin with configs in mysql (as opposed to flat config files) adds a lot of flexibility to it and makes it more attractive for use in the delivery phase. To this end, it's slower, but more flexible, to run SpamAssassin twice, once from the courierfilter facility to put a ceiling on the SA spam score accepted by Courier and yet again during delivery to add SA headers and to encapsulate spam inside of SA wrappers. This patch implements a checkOnly flag for the module which,when set, causes it to do nothing to the message, but to provide input gating based on a comparison of rejectScore with the SA-determined spam score. If checkOnly == False (the default) spamassassin.py works just as it does without the patch. Hello, I dislike the way you want to make Spamassassin work. You want to scan your mails twice. It's a bad idea as it's CPU intensive. My advice would be to let this filter as it is right now. (put a bigger score on mail you don't want to see at all later). Then in your .maildroprc, you will juste have to scan headers to reject mails according to user's preferences HTH. Jerome Blion. -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] DOS attack prevention
Alessandro Vesely a écrit : User unknown can also be captured from a catchall script, i.e. synchronously rather than parsing log files. I don't like catch-all mechanisms. With such tools, you are unable to inform senders that they made a mistake while writing their mail without creating a backscatter (which is bad) Fail2ban is perfect for that... Here is the couriersmtp filter I created: [...] failregex = error,relay=HOST,.*: (511|550|554|513) Most (all?) of those are originated via the addiovec_error() function. Thus we know they are sent with LOG_INFO priority. That's probably an overkill to ban an IP because of a single error. You really want to trigger an IP ban after 4-5 consecutive errors. That seems fair. The above regex would also capture 550 Rejected - see DNSBL stuff, which I don't think deserve being blocked at the firewall. Just try and see what's happening when a stupid spammer is flooding your server with several hundreds mails per minute (dictionnary attack or more stupid one, trying several times the same address) You will query DNS so many useless times... and will waste resources. You can cache whatever you want, it will always be better to drop everything from the spammer. They will have to wait the timeout delay... And I love annoying spammers :-) Here is the content of my jail.conf: bantime = 1800 maxretry = 3 [couriersmtp] enabled = true port = smtp filter = couriersmtp logpath = /var/log/mail.err Jerome, what regex do you use for imap/pop3/webmail? I'd recommend something like Webmail, pop3 and imap are disabled from outside my network. Only imaps is opened. I didn't face this problem yet. failregex = LOGIN FAILED, user=\S* ip=\[HOST] While SMTP features a smart tarpit, login failures have a lone sleep(5); depending on MAXDAEMONS (and MAXPERIP) that may allow a good deal of retries. The latter log lines also come at LOG_INFO priority. Since logging is being used for interprocess communication purposes, would it make sense to document that the LOG_INFO priority is where info relevant for the firewall is being logged? Parsing just those lines may save some cycles... That's why you should not use mail.log but mail.err... would be much smarter. content of syslog.conf: mail.err/var/log/mail.err serveur:~# wc -l /var/log/mail.log /var/log/mail.err 3001 /var/log/mail.log 75 /var/log/mail.err ns300321:~# wc -l /var/log/mail.log /var/log/mail.err 3863 /var/log/mail.log 88 /var/log/mail.err HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Difficulty sending mail via Courier from Mutt on Ubuntu 8.04.1
Sam Kuper a écrit : Hi, I'm new to using email on Linux, so please bear with me. If I use mutt -x to compose and send an email, it seems to work (that is, it drops me to the command line after I finish entering the message body), but the email never reaches the recipient. tail /var/log/syslog gives the following: Oct 25 23:17:02 shelleysoldbox courierd: Initializing dsn Oct 25 23:17:02 shelleysoldbox courierd: Started ./courieruucp, pid=5434, maxdels=4, maxhost=4, maxrcpt=16 Oct 25 23:17:02 shelleysoldbox courierd: Started ./courierlocal, pid=5435, maxdels=10, maxhost=4, maxrcpt=1 Oct 25 23:17:02 shelleysoldbox courierd: Started ./courierfax, pid=5436, maxdels=1, maxhost=1, maxrcpt=1 Oct 25 23:17:02 shelleysoldbox courierd: Started ./courieresmtp, pid=5437, maxdels=40, maxhost=4, maxrcpt=100 Oct 25 23:17:02 shelleysoldbox courierd: Started ./courierdsn, pid=5438, maxdels=4, maxhost=1, maxrcpt=1 Oct 25 23:17:02 shelleysoldbox courierd: queuelo=200, queuehi=400 Oct 25 23:17:02 shelleysoldbox courierd: Purging /var/lib/courier/msgq Oct 25 23:17:02 shelleysoldbox courierd: Purging /var/lib/courier/msgs Oct 25 23:17:02 shelleysoldbox courierd: Waiting. shutdown time=Sun Oct 26 00:17:02 2008, wakeup time=Sat Oct 25 23:44:59 2008, queuedelivering=1, inprogress=0 I don't know where to look next. All suggestions welcome! Many thanks in advance, Sam Hello, Is Courier compiled by yourself or installed by your distribution package system? Type: which sendmail I suppose the real problem is mutt... HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] how to delete messages from mailq?
[EMAIL PROTECTED] a écrit : I have my mailq filled with about 2500 messages, but I want to discard them all. The cancelmsg command requires a msgid, there's no way to wildcard. You can use this simple shell script to cancel any message in the queue with Courier's cancelmsg command, all on one single line: for i in `mailq | egrep '^[0-9]' | awk '{print $2}'`; do echo Dropping message $i...; cancelmsg $i; done HTH. Ciao, Dino. More violent : /etc/init.d/courier stop cd /usr/lib/courier/var/ ; rm -fR msgs/* msgq/* /etc/init.d/courier start You can reduce the violence of the cleaning step by using find.. For example: find . -user theuserwhospammed -type f -exec rm {} \; HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Turn off greylisting for authenticated users
Jacek Midura a écrit : Hello, I try to implement greylisting on Courier MTA on Debian. I selected greylisting.py 2.0.2 taken from http://source.schokokeks.org/greylisting/ (connected with Courier through courierfilter interface). Greylisting works OK for incoming mails, but mails sent by authenticated users (outgoing) are subject to greylisting as well (which is unacceptable). Is it possible to turn it off for authenticated users? Greylisting.py itself does not offer such an option. I looked into 'enablefiltering' configuration file but it does not differentiate for authenticated and non-authenticated ESMTP sessions. On the other hand perhaps you can recommend some other greylisting script? Thanks for your help. Hello, With courier-pythonfilter, you can whitelist authenticated users. Beware with that stuff, it means all other filters will be bypassed. HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Deliverquota -c
Hello, I'm using that defaultdelivery: defaultdelivery = | /usr/lib/courier/bin/deliverquota -c -w 90 ./Maildir $MAILDIRQUOTA When the home folder exists, it works fine. But only when the home folder exists. I read in the manual page that deliverquota would use mkdir -p to create the folders tree. Can it create the homedir automatically too ? Best regards. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Setting up quotas
Sam Varshavchik a écrit : Jérôme Blion writes: Hello, (as you noticed) I'm trying to set up quotas on a fresh Courier 0.60 + Courier-authlib 0.61 server. I want to use virtual users stored in a Mysql database. I created the same table as indicated in the README: http://www.courier-mta.org/authlib/README.authmysql.html # /usr/lib/courier/sbin/authtest [EMAIL PROTECTED] toto Authentication succeeded. Authenticated: [EMAIL PROTECTED] (uid 65534, gid 65534) Home Directory: /home/courier/jerome Maildir: (none) Quota: 1S Encrypted Password: oX7w/WT7FRqvM Cleartext Password: toto Options: (none) As defaultdelivery, I set up: | /usr/lib/courier/bin/deliverquota -c -w 90 ./Maildir Append \$MAILDIRQUOTA to the above (mind the quoting and the escaping). IT WORKS (I checked IMAP too) !!! Can you confirm me that mails are refused with a temporary failure? Sep 25 08:35:26 sandbox courierd: newmsg,id=F6A5.48DB312E.67ED: dns; localhost (localhost [127.0.0.1]) Sep 25 08:35:26 sandbox courierd: started,id=F6A5.48DB312E.67ED,from=[EMAIL PROTECTED],module=local,[EMAIL PROTECTED]/home/courier/jerome!| /usr/lib/courier/bin/deliverquota -c -w 90 ./Maildir $MAILDIRQUOT...,addr=jerome Sep 25 08:35:26 sandbox courierd: Waiting. shutdown time=none, wakeup time=Thu Sep 25 08:36:02 2008, queuedelivering=11, inprogress=5 Sep 25 08:35:26 sandbox courierlocal: id=F6A5.48DB312E.67ED,from=[EMAIL PROTECTED],addr=[EMAIL PROTECTED]: Mail quota exceeded. Sep 25 08:35:26 sandbox courierlocal: id=F6A5.48DB312E.67ED,from=[EMAIL PROTECTED],addr=[EMAIL PROTECTED],status: failure Sep 25 08:35:26 sandbox courierd: completed,id=F6A5.48DB312E.67ED In the deliverquota manpage, I read that: The second argument to *deliverquota* is optional. If present, /|quota|/ specifies a new quota setting for this maildir. Specifying /|quota|/ is equivalent to running maildirmake(1) http://www.courier-mta.org/maildirmake.html with the |-q| option. The second argument to *deliverquota* is considered obsolete, and may be removed in the future. Do you know when you will clean that? Do you know a better way to manage dynamic quotas? Thanks for the tip :) Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] SMTP Delay
Glenn Martin a écrit : I was wondering if im missing something with SMTP. There appears to be a delay when sending mail. I bet its trying to resolve the incoming IP because if you send 2 emails at once or within a certain time frame theres no delay, any idea what this is or how to delete it? Thanks Glenn R. Martin http://www.courier-mta.org/FAQ.html#esmtptimeout - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Pythonfilter - Quota management
Hello, I read quota.py from courier-pythonfilter. the script uses the maildirsize file to know what is the quota of the actual mailbox. At least authmysql and authldap can provide quota field. Here is an example of what I tried: # grep -i quota auth* (I cleaned the output) authldaprc:# LDAP_MAILDIRQUOTA quota authmysqlrc:MYSQL_QUOTA_FIELD quota # ./authtest [EMAIL PROTECTED] toto Authentication succeeded. Authenticated: [EMAIL PROTECTED] (uid 255, gid 255) Home Directory: /home/courier/jerome Maildir: (none) Quota: 1000 Encrypted Password: Z5AnpGCgxlZec Cleartext Password: toto Options: (none) # python Python 2.4.4 (#2, Apr 15 2008, 23:43:20) [GCC 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)] on linux2 Type help, copyright, credits or license for more information. import os import sys import courier.authdaemon import courier.config import courier.control userInfo = courier.authdaemon.getUserInfo('smtp', '[EMAIL PROTECTED]') print userInfo['QUOTA'] 1000 So, from my point of view, courier-pythonfilter could use the quota field filled in the database. Is there something I missed which could block me while trying to use this field? Is there a better way to apply quotas with Mysql / LDAP backends? Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Pythonfilter - Quota management
Just forget the noise, I realized my mistake. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Setting up quotas
Hello, (as you noticed) I'm trying to set up quotas on a fresh Courier 0.60 + Courier-authlib 0.61 server. I want to use virtual users stored in a Mysql database. I created the same table as indicated in the README: http://www.courier-mta.org/authlib/README.authmysql.html # /usr/lib/courier/sbin/authtest [EMAIL PROTECTED] toto Authentication succeeded. Authenticated: [EMAIL PROTECTED] (uid 65534, gid 65534) Home Directory: /home/courier/jerome Maildir: (none) Quota: 1S Encrypted Password: oX7w/WT7FRqvM Cleartext Password: toto Options: (none) As defaultdelivery, I set up: | /usr/lib/courier/bin/deliverquota -c -w 90 ./Maildir I can send huge number of huge mails with no warning. In the INSTALL file, I read: Maildir quotas are supported by IMAP, POP3, and the webmail server. With Thunderbird, When I look at properties of my mailbox, I see there are no quota set up. I'm sure the answer is near, But I don't see it. What did I do wrong? Best regards. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] How to identify mails sent to an alias
Michelle Konzack a écrit : Hello Gordon, Can a pythonfilter be writen to add a X-Header to the message with the original Recipient? Thanks, Greetings and nice Day/Evening/Morning To have only one header, we need to run a script AFTER the mail has been accepted. So, this is not possible with pythonfilter. Maildrop would be better for that, I think... HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier will not deliver to a Cloaked MTA?
Ray Collazo a écrit : On Thu, Sep 11, 2008 at 7:38 PM, Ray Collazo [EMAIL PROTECTED] wrote: Hello all! I have found that my installation of Courier will not deliver mail to MTAs that cannot be Pinged by normal means. I highly doubt it. Show examples, log files, SMTP excerpts, etc. jerry Jerry, Thanks for responding! Take for example this failed message, as shown in the log (One of many entries for this email address): (log entries trimmed for brevty, but all show the same behaviour as below:) [...] --- UNDELIVERABLE MAIL Your message to the following recipients cannot be delivered: '[EMAIL PROTECTED]': Connection timed out --- = Did you notice single quotes? The server can decide to stop responding you with such recipients which seems to be forged intentionnally to spam people. I immediately did an NSLOOKUP and check the mail exchange info... = [EMAIL PROTECTED]:~$ nslookup set type=MX design-electric.com Server: 192.168.0.100 Address:192.168.0.100#53 Non-authoritative answer: design-electric.com mail exchanger = 10 keystone.design-electric.com. [...] To verify that I am not having any network difficulties, I have contacted a co-worker and I had him do a ping and a telnet on his home network connection, which is on a completely different carrier than the office network connection: He was able to reproduce my exact same results (no ping, but can connect to the SMTP server). Yes, it's not surprising some servers do not answer to ICMP echo request. This very same behavior has happened with a few other email addresses that this user has attempted to contact, all of them having unpingable SMTP servers. With such errors in the address ? All other mail goes through the system flawlessly, except to these few hidden MTAs that this user is dealing with. ... Here is the extremely odd thing that I Really cannot figure out now and that makes me go Huh? In doing this whole testing, I decided Ok: Let me try sending to an address I know should always be there... Postmaster. So I went ahead and wrote a test message over to [EMAIL PROTECTED], and followed the results in the log: [EMAIL PROTECTED]:~$ sudo grep [EMAIL PROTECTED] /var/log/mail.log Sep 11 18:54:18 sentinel courierd: started,id=000BB358.48C9CBCA.051F,from=[EMAIL PROTECTED],modul e=esmtp,host=design-electric.com,addr=[EMAIL PROTECTED] Sep 11 18:54:19 sentinel courieresmtp: id=000BB358.48C9CBCA.051F,from=[EMAIL PROTECTED],addr=postmas [EMAIL PROTECTED]: 250 2.6.0 [EMAIL PROTECTED] Queued mail for delivery Sep 11 18:54:19 sentinel courieresmtp: id=000BB358.48C9CBCA.051F,from=[EMAIL PROTECTED],addr=postmas [EMAIL PROTECTED],size=3884,success: delivered: keystone.design-electric.com [64.62.95.66] Sep 11 18:54:19 sentinel courieresmtp: id=000BB358.48C9CBCA.051F,from=[EMAIL PROTECTED],addr=postmas [EMAIL PROTECTED],size=3884,status: success Apparently the message to Postmaster went through!!! So, the fact the server does not answer to ping is not the problem. So what the heck is causing my users message to hang in the queue for so many days and then give up?? I checked to verify that the user that is being addressed exists (or at least isn't being immediately rejected) by manually initiating a mail exchange: [EMAIL PROTECTED]:~$ telnet keystone.design-electric.com 25 Trying 64.62.95.66... Connected to keystone.design-electric.com. Escape character is '^]'. 220 design-electric.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Thu, 11 Sep 2008 20:02:56 -0600 EHLO mail2.loraninc.com 250-design-electric.com Hello [216.117.220.102] 250-TURN 250-SIZE 10485760 250-ETRN 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-8bitmime 250-BINARYMIME 250-CHUNKING 250-VRFY 250-X-EXPS GSSAPI NTLM LOGIN 250-X-EXPS=LOGIN 250-AUTH GSSAPI NTLM LOGIN 250-AUTH=LOGIN 250-X-LINK2STATE 250-XEXCH50 250 OK MAIL FROM: [EMAIL PROTECTED] 250 2.1.0 [EMAIL PROTECTED] OK RCPT TO: [EMAIL PROTECTED] 250 2.1.5 [EMAIL PROTECTED] QUIT 221 2.0.0 design-electric.com Service closing transmission channel Connection closed by foreign host. No, you didn't validate that the user : '[EMAIL PROTECTED]' exists... HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe:
Re: [courier-users] Passes SPF but still being classified as spam
Tim Lyth a écrit : Hi all, My wife has complained that a number of genuine (advertising) email have been classified as spam by SA, yet they have SPF_PASS in the list of tests run against the email. Unfortunately, SPF_PASS is given 0.0 weighting by SA and therefore the emails are being classified as spam. I'm tempted to dig through the SA config file to edit the weighting for the SPF_PASS test, but I'm concerned that this may lead to false-negatives for genuine spam. What do people recommend I do? Cheers, Tim Lyth Hello, If you behave like a spammer, don't be surprised to be treated like a spammer. HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Passes SPF but still being classified as spam
Art Sackett a écrit : On Sat, Sep 06, 2008 at 01:45:13AM +1000, Tim Lyth wrote: I'm tempted to dig through the SA config file to edit the weighting for the SPF_PASS test, but I'm concerned that this may lead to false-negatives for genuine spam. Myself, if I were using SA instead of DSPAM: I'd use Courier's built-in SPF tests to reject those messages that outright fail the SPF tests, then go ahead and reconfigure SA to give credence to the SPF test results eg: some AOL mail servers are not registered in the SPF field of aol.com. More over, when using mailing lists, it's a bad idea to reject any mail with a failed SPF check. HTH Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Account to access all mailboxes
Sam Varshavchik a écrit : Thomas writes: Hi, Is it somehow possible to use administrator credentials to access all mailboxes? I'm using courier-imap-4.0.2 with courier-authlib-0.55. Not in this prehistoric version. Can be done in the current version, with virtual accounts, by setting up and configuring virtual shared folders, then putting your account into the virtual administrator group, and using an IMAP client that properly implements public namespaces and access control lists. I had a (very bad) idea... Could the following architectura work as requested: MAIN_MAILDIR: -- .user1 -.Sent -.Trash [...] -- .user2 -.Sent -.Trash [...] The maildir of user1 would be MAIN_MAILDIR/.user1 For user2 would be MAIN_MAILDIR/.user2 For admin: MAIN_MAILDIR This can only work with virtual users bound to the same unix user. Could it work? HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] How to identify mails sent to an alias
Gordon Messmer a écrit : Attached is a pythonfilter which will log the original recipient address for messages that are delivered to aliases. It took less than 5 minutes to write. :) Virtually anything that you want logged could be done in a very similar fashion. Tested and approved :) It's the easiest way to make it work :) Thanks. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] How to identify mails sent to an alias
Hello, I use lot of aliases going to the same real mailbox. I use these aliases to register on different websites. My goal is to identify where my email has been stolen / given But... I have a problem. I sent me a mail to grosbill at hebergement-pro.org: # echo coucou | nail [EMAIL PROTECTED] It should go to jerome at hebergement-pro.org: # egrep -hv #|^$ webadmin system abuse: postmaster espace: jerome grosbill: jerome jetable: jerome root: postmaster startssl: jerome webmaster: postmaster xda: jerome root: postmaster mailer-daemon: postmaster MAILER-DAEMON: postmaster uucp: postmaster postmaster: Aug 19 22:54:46 serveur courierd: newmsg,id=292E.48AB3312.78D3: dns; mx.network-hosting.com ([:::91.121.151.120]) Aug 19 22:54:46 serveur courierd: started,id=292E.48AB3312.78D3,from=root at network-hosting.com,module=local,host=jerome!!1!1!/home/courier/domains/hebergement-pro.org/jerome!/home/courier/domains/hebergement-pro.org/jerome/Maildir!,addr=jerome Aug 19 22:54:46 serveur courierd: Waiting. shutdown time=none, wakeup time=none, queuedelivering=1, inprogress=1 Aug 19 22:54:46 serveur courierlocal: id=292E.48AB3312.78D3,from=root at network-hosting.com,addr=jerome at hebergement-pro.org,size=1621,success: Message delivered. Aug 19 22:54:46 serveur courierd: completed,id=292E.48AB3312.78D3 Aug 19 22:54:46 serveur courierd: Waiting. shutdown time=Thu Aug 28 17:00:03 2008, wakeup time=Thu Aug 28 17:00:03 2008, queuedelivering=0, inprogress=0 Never in my logs, I can see the mail has been sent to grosbill... serveur:~# grep grosbill /var/log/mail.log serveur:~# When I'm in To: or Cc: Field, it's OK, I can identify which alias has been used. But How to identify which alias has been used when sent in Bcc: ? I hope I have been clear enough :) Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier modified messages (non-encoded 8-bit messages)
Michelle Konzack a écrit : Question: Is there a possibility to prevent courier-mta to envelope such messages and send it anyway WITHOUT recompiling courier? or is it planed to make this configurable Answer: Yes: echo opt BOFHBADMIME=accept bofh You can use webadmin cgi to do this change. The FAQ is very old for this point. HTH. Jerome Blion - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Modifying headers on all relayed email
Richard Guy Briggs a écrit : Hi all, I've been a sysadmin of sendmail, and currently admin exim and more closely postfix. I'm looking for a way to modify (delete and add) standard headers (Return-Path: and Reply-To:) for all relayed mail through courier. I have only a certain type of traffic transitting a specific courier MTA and want to apply the same rules to all of it. What I'm looking for appears to be headerdel and headeradd that are provided for couriermlm, except I need this for general email and not just mailing lists. I've also looked at reformail as a potential way to implement it, but again, it is for general email being relayed and not per user that could be accomplished with local delivery. Is there a straight-forward way to do this? I would have an idea... Courier-Pythonfilter + Homemade plugin. Use Xfilter, and then, modify your mail with such thing: del msg['theheaderyouwanttoremove'] msg.add_header(.) I don't know wether it works or not. HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Modifying headers on all relayed email
Richard Guy Briggs a écrit : On Thu, Jul 31, 2008 at 11:45:17AM -0700, Jérôme Blion wrote: Richard Guy Briggs a écrit : I'm looking for a way to modify (delete and add) standard headers (Return-Path: and Reply-To:) for all relayed mail through courier. I have only a certain type of traffic transitting a specific courier MTA and want to apply the same rules to all of it. What I'm looking for appears to be headerdel and headeradd that are provided for couriermlm, except I need this for general email and not just mailing lists. I've also looked at reformail as a potential way to implement it, but again, it is for general email being relayed and not per user that could be accomplished with local delivery. Is there a straight-forward way to do this? Courier-Pythonfilter + Homemade plugin. Use Xfilter, and then, modify your mail with such thing: del msg['theheaderyouwanttoremove'] msg.add_header(.) I don't know wether it works or not. Interesting. My understanding of filters was that they took in the data and only returned a result code and didn't have the capacity to modify and/or pass back the data. How does it pass back the data? Indeed, since 0.57.1, it's now possible to modify contents of the mail without having to create a new mail ! Before this version, we have to generate a new mail and then send it to the queue. On these old versions, you need these kind of filters to act at the end of the filters list. The process of modifying mail's contents (including headers) is managed by Xfilter... Just modify the mail the way you need, and submit it. Xfilter does the rest and will do necessary steps :) I've now found this thread (http://wiki.apache.org/spamassassin/IntegratedInCourierUsingMaildrop) that helps understand how to use some of this, but it still isn't clear to me how this can be used. It appears I might be able to set some value of DEFAULTDELIVERY in /etc/courier/courierd that might do what I want, but again I wonder if that is only for local delivery and not for any mail being relayed through this MTA to other destinations. In looking for courier-pythonfilter packages, I see some available for FreeBSD, but nothing for Debian or RedHat(ES5). 1 - Maildrop won't fit your needs here, if you want your outgoing mail to be modified too. DEFAULTDELIVERY will be used for incoming mails. 2 - Rejecting mails after SMTP transaction is bad : - either you drop them silently, which is bad - either you take the risk to spam forged senders Even if you found some packages for Debian, they are outdated :-) Some recents changes add important features. You have to install it manually from the sources available at the URI: http://www.dragonsdawn.net/~gordon/courier-pythonfilter/ If your Courier's version is under 0.57.1, wait few days, Gordon will soon release 1.4 version, which will fix some issues with old versions of Courier. If your version is newer, you can take 1.3 version, I use it on several Debian servers. Perhaps you will find some another nice filters in pythonfilter :-) HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Modifying headers on all relayed email
Richard Guy Briggs a écrit : Is Xfilter part of courier or part of courier-pythonfilter? Will courier-pythonfilter work with python-2.3? I don't know... I use it with python-2.4. Ugh, worse than this, I just checked and it is ES4, courier-0.45.4 . :( I'd found the archive with versions up to 1.3. Thanks for the confirmation of latest version. Perhaps 1.4 will work with something this old? With a courier version that old, I'm assuming I'll need to generate and submit a new mail? You are running prehistoric versions ! You'd better upgrade that ! I don't know how pythonfilter will behave with such oldies... Really, you should consider upgrading your server. At least Courier. At most, all the server ! HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] spamassassin
Jan Müller a écrit : 3 ideas for you: - reject message when SMTP connection is still opened: use Courier-pythonfilter with spamassassin filter. It works perfectly. - DEFAULTDELIVERY=|/usr/bin/spamc|/usr/lib/courier/bin/maildrop - If there is nothing else in your maildroprc, you won't reject anything. Do you see spamassassin working in syslog ? (mail.log or something like that) HTH. Jerome Blion. [...] I did not understand your suggestion about maildroprc and rejecting. I was trying to get spamassasin to put headers in spam mails and filter them accordingly in imap client. Is there a better way? It is company mail, we should not reject mails if possible. 1 - I don't think it's a goot idea. Your users don't want heard of spam. 2 - Try DEFAULTDELIVERY=|/usr/bin/spamc There is smapd startup visible in log. There are some rules with zero weight, but it doesn't seem to be major. There is no activity afterwards. In syslog, when you send a mail through your server, do you see spamassassin working? Something like: Jul 22 06:17:35 serveur spamd[5459]: spamd: connection from localhost [127.0.0.1] at port 59893 Jul 22 06:17:35 serveur spamd[5459]: spamd: setuid to daemon succeeded Jul 22 06:17:36 serveur spamd[5459]: spamd: processing message [EMAIL PROTECTED] for daemon:1 Jul 22 06:17:37 serveur spamd[5459]: spamd: identified spam (6.3/5.0) for daemon:1 in 1.3 seconds, 2006 bytes. Jul 22 06:17:37 serveur spamd[5459]: spamd: result: Y 6 - BAYES_99,DRUGS_ERECTILE,DRUG_ED_SILD,HTML_MESSAGE,RDNS_NONE scantime=1.3,size=2006,user=daemon,uid=1,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=59893,mid=[EMAIL PROTECTED],bayes=1.00,autolearn=no Jul 22 06:17:37 serveur spamd[13029]: prefork: child states: II HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier and Pythonfilter/Greylist Installation
Steve Poe a écrit : I have few questions on making Pythonfilter /greylist work with Courier. I am a newbie in both areas: I was on Macro Balmer's web site to learn about / download python greylisting with Courier. The web site refers to courier-pythonfilter-0.9 then pythonfilter- greylist. Then I found pythonfilter-1.3 which has a greylist python script. Since I am new at this, I am confused as to which path I should take? Alway prefer latest versions for new setups. We want to install the pythonfilter / greylist option for Courier, but we do not want it to be active yet. Can we do the install python setup.py install without Courier knowing the pythonfilter is installed? In the installation guide, they explain how to setup pythonfilter. 1 - you have to create a link (in /usr/lib/courier/libexec/filters on my servers): lrwxrwxrwx 1 root root 21 2008-07-16 18:28 pythonfilter - /usr/bin/pythonfilter 2 - you have to run: filterctl start pythonfilter. You can do the first step. Until you do the second step, pythonfilter won't filter anything. HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] spamassasin
Jan Müller a écrit : I have working spamassasin, but can not get it to process courier mail. Eg: when I feed spamassasin a test mesage via the command line, it returns some output. But when i recieve mail via smtp, there is not spamassassin header. Spam still reigns. Here is what i did trying to follow tips from spamassassin website: in courier/etc/courier: DEFAULTDELIVERY=| /usr/lib/courier/bin/maildrop and courier/etc/maildroprc: import USER if ($LOGNAME ne ) { xfilter spamc -u $LOGNAME } else { xfilter spamc -u $USER } What should i do next? Thank you for help. 3 ideas for you: - reject message when SMTP connection is still opened: use Courier-pythonfilter with spamassassin filter. It works perfectly. - DEFAULTDELIVERY=|/usr/bin/spamc|/usr/lib/courier/bin/maildrop - If there is nothing else in your maildroprc, you won't reject anything. Do you see spamassassin working in syslog ? (mail.log or something like that) HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] pythonfilter 1.2
Gordon Messmer a écrit : Jerome Blion wrote: I performed other tests... Here is the mail I can read in the final mailbox: == ... line 1 line 2 line 3y courier 0.59 line 1 line 2 line 3 == Oh... Well, that's because I am a *huge* idiot. The attached patch should fix that problem. Please test it. Hello, I have tested the patch. It fixes the problem ! Great thanks for you speed, Now, I have 2 perfect servers :) Many thanks once again. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] pythonfilter 1.2
Peter Burden a écrit : 2008/7/16 Jerome Blion [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]: On Tue, 15 Jul 2008 17:15:15 -0700, Gordon Messmer [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Jérôme Blion wrote: Does anybody have any idea of the root cause of this problem? Could you be more explicit about what the problem is? Hello, I performed other tests... Here is the mail I sent (from my Sent folder): == MIME-Version: 1.0 Date: Wed, 16 Jul 2008 09:57:33 +0200 From: Jerome Blion [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] To: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Subject: test Message-ID: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] X-Sender: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] User-Agent: RoundCube Webmail/0.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit line 1 line 2 line 3 == Here is the mail I can read in the final mailbox: == Delivered-To: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Return-Path: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on ns300321.ovh.net http://ns300321.ovh.net X-Spam-Level: X-Spam-Status: No, score=0.5 required=5.0 tests=AWL autolearn=ham version=3.2.5 Received: from smtp5-g19.free.fr http://smtp5-g19.free.fr (smtp5-g19.free.fr http://smtp5-g19.free.fr [:::212.27.42.35 http://212.27.42.35]) by mail.sim-plage.com http://mail.sim-plage.com with esmtp; Wed, 16 Jul 2008 09:57:35 +0200 id 00010F38.487DA9EF.55BD Received: from smtp5-g19.free.fr http://smtp5-g19.free.fr (localhost.localdomain [127.0.0.1 http://127.0.0.1]) by smtp5-g19.free.fr http://smtp5-g19.free.fr (Postfix) with ESMTP id CD4523F63C6 for [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]; Wed, 16 Jul 2008 09:57:35 +0200 (CEST) Received: from serveur.hebergement-pro.org http://serveur.hebergement-pro.org (sal69-1-82-231-94-173.fbx.proxad.net http://sal69-1-82-231-94-173.fbx.proxad.net [82.231.94.173 http://82.231.94.173]) by smtp5-g19.free.fr http://smtp5-g19.free.fr (Postfix) with ESMTP id C09313F6399 for [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]; Wed, 16 Jul 2008 09:57:35 +0200 (CEST) Received: from mail.hebergement-pro.org http://mail.hebergement-pro.org ([:::127.0.0.1 http://127.0.0.1]) by serveur.hebergement-pro.org http://serveur.hebergement-pro.org with esmtp; Wed, 16 Jul 2008 09:57:33 +0200 id 00010160.487DA9ED.5FE3 Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Date: Wed, 16 Jul 2008 09:57:33 +0200 From: Jerome Blion [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] To: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Subject: test Message-ID: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] X-Sender: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] User-Agent: RoundCube Webmail/0.1 X-Mime-Autoconverted: from 8bit to 7bit by courier 0.59 line 1 line 2 line 3y courier 0.59 line 1 line 2 line 3 == I didn't make any error while copying/pasting. A part of the entire message is duplicated. Here we can even see part of headers. I tried to send a HTML message, it worked fine. When I desactivate Spamassassin filter from any side (either hebergement-pro or sim-plage), it works fine. I tested on 2 servers only. The problem occurs only from hebergement-pro.org http://hebergement-pro.org to sim-plage.com http://sim-plage.com. Mails sent from sim-plage.com http://sim-plage.com to hebergement-pro.org http://hebergement-pro.org are correct. What could I provide you to help you more? Jerome Blion. Are you sure both servers are running Courier 0.59 ? I encountered a very similar looking problem when I developed sigfilter, apparently on servers earlier than 0.57.1 (I think that's the version number) you needed to include MIME=none in the esmtpd configuration file. Hello, Now, both servers are up to date: Courier 0.60.0, Courier-authlib 0.61.0, Pythonfilter 1.2 (+ clamav 0.93.3, Spamassassin 3.2.5). I didn't forget to run make install-configure to update my configuration. To be sure I have no old binaries, I deleted everything in /usr/lib/courier except etc folder. Both Courier are compiled with following commands: export COURIERAUTHCONFIG=/usr/lib/courier/bin/courierauthconfig export CPPFLAGS=-I/usr/lib/courier/include ./configure --with-paranoid-smtpext --enable
Re: [courier-users] Challenge-response supported for general email server?
Steve Poe a écrit : I am new to email servers, so pardon my ignorance. The small company I work for has an email server where they want to create an approved/whitelist for emails coming from the outside. For example, I email [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]. the abc.com http://abc.com mailserver does not see my email address in approved list for the user account and/or as a company-wide contact list, so the abc.com http://abc.com mail server sends a reply to me to confirm I sent the email that I *really* wanted to send the email to [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]. Meanwhile, John receives my email, after confirmation of my response, then he adds me to his personal contact/approved list. The mail administrator found out that I am a new client of abc.com http://abc.com so I am added to the company-wide approved list. We are running Courier 0.53 on Centos Linux 4.4 Is this possible? Thanks for your help. Thanks. Steve Hello, Just imagine: 1/ Quiet day today, no mails: - your server use such a challenge question... - the remote server requires such challenge question too... If you don't want to enter in a nice deadlock, you will have to add the first recipient to the whitelist. If you don't do it automatically, it would mean that your colleagues will have to add them manually... Don't count on it ! So, you will have to add automatically all recipients you are trying to reach, including all typos, all spams you could send due to an infection... More over, sending challenge question is the best practice to never receive mail automatically generated. Even if the return address is valid, you will never be sure it's read ! You will never get the answer ! Bye bye, bills, receipts, invoices... 2/ We love all the world: - I spam your server with forged addresses - YOU will be blacklisted all around the world. YOU will have to pay fees to get removed from SORBS... Do you really want to loose mail, customers and money? If your goal is to fight against spam, use greylisting + spamassassin. HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Challenge-response supported for general email server?
Steve Poe a écrit : Jérôme, Thank you for your response. Pardon my ignorance, again, but is there any special we need for greylisting? We do use spamassassin. Is there any control we can give back to the users for managing their own approved list of email addresses? Steve Spamassassin is a content filter. It's heavy and loads machines. Greylisting is an easy and light way to block most spammers. In order to have greylisting working, you just need to find a filter which do it. Like courier-pythonfilter. Gordon Messmer published a new release 2 days ago ! http://www.dragonsdawn.net/~gordon/courier-pythonfilter/ You can use greylist or comeagin filter. I didn't test them. Some papers suggest to have a manual whitelist. In fact, there is no hard constraint on that. At worst, mail will take longer to deliver. It will always be better than a challenge response. I don't like the idea of whitelist... What if one server in this list is beginning to spam? Another suggestion: use URIBL... like zen.spamhaus.org. Your courier version is very old. Too old. Lots of improvements have been implemented since 0.53. I discovered yesterday that, since 0.59, we can modify mail contents easily :) HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Challenge-response supported for general emailserver?
Steve Poe a écrit : Esa, I am researching for my boss/company. Obtaining the pros/cons on all sides is what I need to do. Why do you feel its okay to pay for others spam? What options/solutions do you have? Thanks for your time. Steve Hi again. One thing you really have to keep in mind: If you send a mail back to the sender, you can be blacklisted very easily !!! It's so easy to forge email addresses that you should never trust an email sender before having filtered it. HTH. Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] pythonfilter 1.2
Hello, I'm facing a strange behaviour. From my server (hebergement-pro.org) to a remote one I upgraded right now (sim-plage.com), I have this strange behaviour: Delivered-To: [EMAIL PROTECTED] Return-Path: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on ns300321.ovh.net X-Spam-Level: * X-Spam-Status: No, score=1.8 required=5.0 tests=AWL,TVD_SPACE_RATIO autolearn=no version=3.2.5 Received: from smtp5-g19.free.fr (smtp5-g19.free.fr [:::212.27.42.35]) by mail.sim-plage.com with esmtp; Wed, 16 Jul 2008 01:40:08 +0200 id 0002A3EC.487D3558.0949 Received: from smtp5-g19.free.fr (localhost.localdomain [127.0.0.1]) by smtp5-g19.free.fr (Postfix) with ESMTP id 339333F61C5 for [EMAIL PROTECTED]; Wed, 16 Jul 2008 01:40:08 +0200 (CEST) Received: from serveur.hebergement-pro.org (sal69-1-82-231-94-173.fbx.proxad.net [82.231.94.173]) by smtp5-g19.free.fr (Postfix) with ESMTP id 1F1103F616F for [EMAIL PROTECTED]; Wed, 16 Jul 2008 01:40:08 +0200 (CEST) Received: from [127.0.0.1] ([:::192.168.1.7]) (SSL: TLSv1/SSLv3,256bits,AES256-SHA) by serveur.hebergement-pro.org with esmtp; Wed, 16 Jul 2008 01:40:06 +0200 id 00010193.487D3556.2895 Message-ID: [EMAIL PROTECTED] Date: Wed, 16 Jul 2008 01:40:05 +0200 From: =?ISO-8859-1?Q?J=E9r=F4me_Blion?= [EMAIL PROTECTED] User-Agent: Thunderbird 2.0.0.14 (Windows/20080421) MIME-Version: 1.0 To: [EMAIL PROTECTED] Subject: test Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit testntent-Transfer-Encoding: 7bit test if I desactivate the spamassassin plugin on the remote host: Delivered-To: [EMAIL PROTECTED] Return-Path: [EMAIL PROTECTED] Received: from smtp5-g19.free.fr (smtp5-g19.free.fr [:::212.27.42.35]) by mail.sim-plage.com with esmtp; Wed, 16 Jul 2008 01:45:07 +0200 id 0002A0FA.487D3683.109C Received: from smtp5-g19.free.fr (localhost.localdomain [127.0.0.1]) by smtp5-g19.free.fr (Postfix) with ESMTP id C394A3F6208 for [EMAIL PROTECTED]; Wed, 16 Jul 2008 01:45:07 +0200 (CEST) Received: from serveur.hebergement-pro.org (sal69-1-82-231-94-173.fbx.proxad.net [82.231.94.173]) by smtp5-g19.free.fr (Postfix) with ESMTP id AE1873F618F for [EMAIL PROTECTED]; Wed, 16 Jul 2008 01:45:07 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on serveur.hebergement-pro.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, TVD_SPACE_RATIO autolearn=no version=3.2.5 Received: from [127.0.0.1] ([:::192.168.1.7]) (SSL: TLSv1/SSLv3,256bits,AES256-SHA) by serveur.hebergement-pro.org with esmtp; Wed, 16 Jul 2008 01:45:05 +0200 id 00010193.487D3681.2C75 Message-ID: [EMAIL PROTECTED] Date: Wed, 16 Jul 2008 01:45:04 +0200 From: =?ISO-8859-1?Q?J=E9r=F4me_Blion?= [EMAIL PROTECTED] User-Agent: Thunderbird 2.0.0.14 (Windows/20080421) MIME-Version: 1.0 To: [EMAIL PROTECTED] Subject: test Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit test If I send a mail from sim-plage.com to hebergement-pro.org, I have no problems. If I desactivate Spamassassin from any side, everything works fine. hebergement-pro.org : Courier 0.59 / Pythonfilter 1.2 sim-plage.com : Courier 0.60 / Pythonfilter 1.2 Exactly the same pythonfilter configuration files (scp powered) Does anybody have any idea of the root cause of this problem? One of the main difference I pointed out is that X-Spam-Checker-Version header has not the same number of lines. Could it be the reason? Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] pythonfilter 1.2
Gordon Messmer a écrit : * A much improved SpamAssassin module that can modify messages. This makes it much easier to use Courier and pythonfilter as a mail gateway Hello, I installed the latest version. This change is just perfect for me. From xfilter.py: The behavior and return value of the submit method will depend on the version of Courier under which filters are used. Under version 0.57.1 and prior versions, the recipients of the original message will be marked complete, and a string value will be returned which indicates to courier that no further filtering should be performed by any courierfilters. The string which is returned by the submit method should be returned to pythonfilter by the filter which called the submit method. Because modifying the message creates a new message in Courier's queue in these releases, you must not reject a message that has been modified; it is no longer possible to notify the sender that the message was rejected. Filters that modify messages should be run last. Under versions of Courier which support modifying the message's body file in place, the submit function will do so and will not mark all of the recipients complete. Submit will return an empty string, which should be returned to pythonfilter by the filter which called the submit method. Additional filters, if any are configured, will continue to be called. This is more efficient than earlier methods, which would start filtering over from the beginning each time that xfilter was used. Do you mean it's now possible to modify mail contents without generating a new mail? I sent me a mail, which has been filtered. I saw only one mail (local is filtered too) If that's the case, we could add any headers we would want ? (to add clamav header, for example) By the way, thank you for this update :-) Jerome Blion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Moving Courier to a new host/server
Hello, For mail waiting in the queue, it could be interesting to convert the old server to a smarthost, emptying all the queue on the new server. HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] about pythonfilter again
Sergio Bortsov a écrit : Hello Gordon, Wednesday, March 12, 2008, 6:50:09 PM, you wrote: Sergio Bortsov wrote: /kernel: pid 9591 (python), uid 100: exited on signal 11 (core dumped) What platform is this? freebsd 4.8 perl5.10 spamassasin 3.2.4 If you have the core file, I might be able to examine it and see what happened. only this I think Mar 11 16:23:29 colo /kernel: pid 3807 (python), uid 100: exited on signal 11 Mar 11 16:23:42 colo /kernel: pid 3767 (python), uid 100: exited on signal 11 (core dumped) [...] find / -name core xD HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Mailbombing cleaning with cancelmsg
Hello everybody. One of my servers has been used by an old legitimate user (fired) to bomb some mailboxes. I had to clean my queue... I previously worked on such issues by providing the -batch option to mailq... So mailq -batch | grep [EMAIL PROTECTED] gives me enough data pieces to do what I would like. But cancelmsg sends a DSN. I had more than 5 mails to clean (f.g user) so, it would have created 5 DSN ! I would like to avoid to write a script which would do: - rgrep -l the_string_i_m_looking_for /usr/lib/courier/var/msgs/D* - for each datafile, delete: - control file - data file - the file in msgq containing the name of the control file. - removing empty folders (or mailq will be slower to answer) In case of manual removal, is there an order I could apply to the removal process? My goal would be to work on files courier won't use anymore (by creating kind of orphans) Is there a way to avoid the DSN to be generated by cancelmsg? Best regards. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] /var/run/courier/authdaemon/socket missing
Benjamin Burkhart a écrit : Hi all, By strace-ing courierpop3login I found out that it wants to open the above socket but that the socket does not exist. In the logs, this looks like this: Feb 24 01:44:57 servername courierpop3login: Connection, ip=[:::myclientIPaddress] Feb 24 01:44:59 servername courierpop3login: authdaemon: s_connect() failed: No such file or directory Feb 24 01:44:59 servername courierpop3login: LOGIN FAILED, [EMAIL PROTECTED], ip=[:::myclientIPaddress] Feb 24 01:44:59 servername courierpop3login: authentication error: No such file or directory This on a Debian Sarge box. Here's a bit more data: root ~ dpkg --list | grep courier ii courier-authdaemon0.58-4 Courier authentication daemon ii courier-authlib 0.58-4 Courier authentication library ii courier-authlib-mysql 0.58-4 MySQL support for the Courier authentication ii courier-authlib-userdb0.58-4 userdb support for the Courier authenticatio rc courier-authmysql 0.47-4sarge5 Courier Mail Server - MySQL authentication ii courier-base 0.53.3-5 Courier Mail Server - Base system ii courier-imap 4.1.1.20060828-5 Courier Mail Server - IMAP server ii courier-imap-ssl 4.1.1.20060828-5 Courier Mail Server - IMAP over SSL rc courier-mta 0.47-4sarge4 Courier Mail Server - ESMTP daemon ii courier-pop 0.53.3-5 Courier Mail Server - POP3 server ii courier-pop-ssl 0.53.3-5 Courier Mail Server - POP3 over SSL ii courier-ssl 0.53.3-5 Courier Mail Server - SSL/TLS Support root ~ grep -v '^#' /etc/courier/authdaemonrc | grep . authmodulelist=authmysql authmodulelistorig=authcustom authcram authuserdb authldap authpgsql authmysql authpam daemons=5 version= authdaemonvar=/var/run/courier/authdaemon root /etc/courier grep -v '^#' pop3d | grep . PIDFILE=/var/run/courier/pop3d.pid MAXDAEMONS=40 MAXPERIP=4 POP3AUTH= POP3AUTH_ORIG=PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256 POP3AUTH_TLS= POP3AUTH_TLS_ORIG=LOGIN PLAIN POP3_PROXY=0 PORT=110 ADDRESS=0 TCPDOPTS=-nodnslookup -noidentlookup LOGGEROPTS=-name=pop3d POP3DSTART=YES MAILDIRPATH=Maildir As you can see, I am authenticating using a mysql database. Any ideas as to why the socket is missing, who should create it but doesn't? Actually my configuration has been working like a charm until recently ... Please let me know if you need more information. Cheers, Benjamin. Hi... Are Authdaemon running ? HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] submit fails
Christian Huldt a écrit : I tend to get submit errors for some From addresses, to the point those messages can't get through. It seems to be consistent. Where should I be looking to find the cause? submit: Invalid argument or Feb 17 08:53:32 mail submit: No such file or directory and then Feb 17 08:53:32 mail courieresmtpd: error,relay=:::212.105.110.37,from=[EMAIL PROTECTED]: 432 Mail filters temporarily unavailable. Which filters are you using? Best regards. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier not accepting external connections atall
Bernd Wurst a écrit : Hi. On Sunday 17 February 2008, Mircea Zahan wrote: helo domain 250-dc Ok. 250-dc also is not courier but it's also not standards conform. Tree digits and a space must be the beginning of the (last) answer line. Also, domain is propably not resolvable and therefore no good HELO name. dc is the name of the machine courier is running on. You replaced 250 dc Ok. by 250-dc Ok. manually? Why? Ok, you're right, I wasn't talking ESMTP. So, you could try to do this. Bottom line: I do connect to the right machine, the machine receives external TCP connections because they appear in maillog, but courier does not answer anything after accepting the connection. At least that's what the diagnostic tool from www.mxtoolbox.com says. That may be because your IDENT-lookup is still enabled and the remote client does not offer an ident server. Try switching it off (extend TCPDOPTS by -noidentlookup). To get valuable assistance, please use - correct host names. If your server shall be on the internet, please use internet hostnames. Neither domain nor dc is a FQDN and therefore should not be used in the internet. hostname -f should give you a full host name, containing the name of the machine and the domain it lives in. If that's not the case, you should configure your machine's hostname according to your operating system's docs. - ESMTP. If Courier complains about an ESMTP command error, this may be true. - as much from the default configuration as possible. If everything works, customize bit by bit and you could keep in mind what worked and what did not. If you customize a lot of stuff, there are many places where you could have made a mistake or where things could get mixed up. regards, Bernd If you have several routes on your box, check, that there is no asymmetrical routing. HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] High loaded clamcour
[EMAIL PROTECTED] a écrit : My system: Debian etch courier-mta 0.53.3-5 clamcour 0.2.2-1.2 Cheers Marco Both versions are old... Can you try with the latest clamcour version ? (0.3.8) - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courier and greylisting and callback.
-=Devil_InSide=- a écrit : has the courier this features? early under windows i use mdaemon -- good windows mail server, wich has some features like greylisting, domain keys, spf and whitelist for each of thic services. but i found just spf in a courier-mta. in any overviews in a web for exim and postfix i see possibility to reject server, those HELO has only a digits or keyword, but not only blacklisting by ip or network or mask of e-mail address ([EMAIL PROTECTED] etc), how it written in courier documentation. has the courier such possibilities? i think, that possibility to make a greylisting or callback is very useful for control the incoming spam --- on mdaemon greylisting was a good solution. and on other servers i saw callback --- more interesting solution, as i think. in a debian repositories i found a milter-greylist -- can i use it with courier-mta ? in description to this package i read that this filter for sendmail, but reading docs and mans for this package has to brood over more universality of this program. Hello, You can use pythonfilter. It implements Greylisting. What do you mean when you talk about callback ? HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courier and greylisting and callback.
-=Devil_InSi- a écrit : callback - a check of sender. when local mail server recieve message, it temporary stop recieving after any header ( to usually) and try initialize simulation session of sending mail to adress $from. if remote server hasn't that address in recipient's list, the incoming connection is closing and incoming mail rejects hard (usually). my english is poor, but hope, that i not distort this description. ,--[J__r__me Blion [EMAIL PROTECTED] Thu, 14 Feb 2008 23:17:06 +0100] |-=Devil_InSide=- a __crit : | has the courier this features? | early under windows i use mdaemon -- good windows mail server, wich has some features like greylisting, domain keys, spf and whitelist for each of thic services. | but i found just spf in a courier-mta. | | in any overviews in a web for exim and postfix i see possibility to reject server, those HELO has only a digits or keyword, but not only blacklisting by ip or network or mask of e-mail address ([EMAIL PROTECTED] etc), how it written in courier documentation. | has the courier such possibilities? | | i think, that possibility to make a greylisting or callback is very useful for control the incoming spam --- on mdaemon greylisting was a good solution. | and on other servers i saw callback --- more interesting solution, as i think. | | in a debian repositories i found a milter-greylist -- can i use it with courier-mta ? | in description to this package i read that this filter for sendmail, but reading docs and mans for this package has to brood over more universality of this program. | |Hello, | |You can use pythonfilter. It implements Greylisting. |What do you mean when you talk about callback ? | |HTH. |Jerome Blion. Hello, (content of pythonfilter.conf) # dialback: checks the envelope sender's address to make sure that a bounce # or reply can be delivered. Mail from addresses that can't be verified # will be refused. This module is included into pythonfilter. Does it fit your requirements? (No problem for your english, I understand you quite fine, and I'm not english neither :) ) HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] attacks
Sam Varshavchik a écrit : Leigh S. Jones, KR6X writes: « HTML content follows » I'm getting fed up with my bandwidth being gobbled up by numerous attackers running dictionary attacks on my users passwords for pop3 and imap logins. To that end, I'm hoping to enlist the aid of couriertcpd. The way I understand it, I need to build an access file with IP addresses followed by a tab then the keyword deny, compile it into a binary database using a script similar to makesmtpaccess, probably this would invoke /usr/lib/courier/courier/makedatprog through the script /usr/lib/courier/makedat, and then add the line -access=[filename.dat] in /etc/init.d/pop3d, etc., pointing to my database when invoking the daemons. Have I got this all correctly? Yes. There's a script called 'makedat' that's a generic version of makesmtpaccess, that you can use. Having said all that -- this is a losing battle. You'll spend the rest of your life maintaining this list manually, so you should cobble together some script that parses the log files, and inserts IP addresses into the blacklist. fail2ban is designed to fit your needs. HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] pythonfitler and unix socket
FM a écrit : Hello everybody, To force pythonfilter to use the clamd and clamd.conf config , I remove pyclamav.so. in clamd.conf I have : LocalSocket /var/run/clamav/clamd.sock but I receive these error from pythonfilter : (...) Jan 4 10:40:20 verona courierfilter: Uncaught exception in clamav doFilter function: ScanError:Could not reach clamd using unix socket (/var/run/clamd) Jan 4 10:40:20 verona courierfilter: File /etc/courier/filters/active/pythonfilter, line 194, in processMessage Jan 4 10:40:20 verona courierfilter: replyCode = i_filter[1](bodyFile, controlFileList) Jan 4 10:40:20 verona courierfilter: File /usr/lib/python2.2/site-packages/pythonfilter/clamav.py, line 50, in doFilter Jan 4 10:40:20 verona courierfilter: return scanMessage(bodyFile) Jan 4 10:40:20 verona courierfilter: File /usr/lib/python2.2/site-packages/pythonfilter/clamav.py, line 35, in scanMessage Jan 4 10:40:20 verona courierfilter: pyclamd.init_unix_socket() Jan 4 10:40:20 verona courierfilter: File /usr/lib/python2.2/site-packages/pyclamd.py, line 111, in init_unix_socket Jan 4 10:40:20 verona courierfilter: ping() Jan 4 10:40:20 verona courierfilter: File /usr/lib/python2.2/site-packages/pyclamd.py, line 167, in ping Jan 4 10:40:20 verona courierfilter: s = __init_socket__() Jan 4 10:40:20 verona courierfilter: File /usr/lib/python2.2/site-packages/pyclamd.py, line 414, in __init_socket__ Jan 4 10:40:20 verona courierfilter: raise ScanError, 'Could not reach clamd using unix socket (%s)' % (clamd_SOCKET) (...) Is there a way to set the unix socket to /var/run/clamav/clamd.sock instead of /var/run/clamd ? Regards, - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users Which pythonfilter do you use ? With 1.0, I posted a message some days ago... Here is a version which allow to use a specific socket... You have to modify /etc/pythonfilter-modules.conf Add: [clamav.py] LocalSocket = '/var/run/clamav/clamd.sock' HTH. Jerome Blion. #!/usr/bin/python # clamav -- Courier filter which scans messages with ClamAV # Copyright (C) 2004 Robert Penz [EMAIL PROTECTED] # Copyright (C) 2007 Gordon Messmer [EMAIL PROTECTED] # Copyright (C) 2008 Jerome Blion [EMAIL PROTECTED] # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA import sys import courier.config LocalSocket = '' try: import pyclamav def scanMessage(bodyFile): try: avresult = pyclamav.scanfile(bodyFile) except Exception, e: return 554 + str(e) if avresult[0]: return 554 Virus found - Signature is %s % avresult[1] return '' except ImportError: import pyclamd def scanMessage(bodyFile): try: pyclamd.init_unix_socket(LocalSocket) avresult = pyclamd.scan_file(bodyFile) except Exception, e: return 554 + str(e) if avresult != None and avresult.has_key(bodyFile): return 554 Virus found - Signature is %s % avresult[bodyFile] return '' def initFilter(): courier.config.applyModuleConfig('clamav.py', globals()) # Record in the system log that this filter was initialized. sys.stderr.write('Initialized the clamav python filter\n') def doFilter(bodyFile, controlFileList): return scanMessage(bodyFile) if __name__ == '__main__': # we only work with 1 parameter if len(sys.argv) != 2: print Usage: clamav.py message_body_file sys.exit(0) initFilter() print doFilter(sys.argv[1], ) - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Spamassassin and clamav modules
Hi :) I rewrote some parts of these two modules. Local socket or paths can be different... With these modules, the admin is able to set up correct paths to make these filters working. So, we have to modify pythonfilter-modules.conf. Here is how I modified it: [clamav.py] LocalSocket = '/tmp/clamd' [...] [spamassassin.py] spamc_path = '/usr/local/bin/spamc' LocalSocket is the name of the parameter in clamav.conf. Please find attached both modules. HTH. Jerome Blion. #!/usr/bin/python # clamav -- Courier filter which scans messages with ClamAV # Copyright (C) 2004 Robert Penz [EMAIL PROTECTED] # Copyright (C) 2007 Gordon Messmer [EMAIL PROTECTED] # Copyright (C) 2008 Jerome Blion [EMAIL PROTECTED] # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA import sys import courier.config LocalSocket = '' try: import pyclamav def scanMessage(bodyFile): try: avresult = pyclamav.scanfile(bodyFile) except Exception, e: return 554 + str(e) if avresult[0]: return 554 Virus found - Signature is %s % avresult[1] return '' except ImportError: import pyclamd def scanMessage(bodyFile): try: pyclamd.init_unix_socket(LocalSocket) avresult = pyclamd.scan_file(bodyFile) except Exception, e: return 554 + str(e) if avresult != None and avresult.has_key(bodyFile): return 554 Virus found - Signature is %s % avresult[bodyFile] return '' def initFilter(): courier.config.applyModuleConfig('clamav.py', globals()) # Record in the system log that this filter was initialized. sys.stderr.write('Initialized the clamav python filter\n') def doFilter(bodyFile, controlFileList): return scanMessage(bodyFile) if __name__ == '__main__': # we only work with 1 parameter if len(sys.argv) != 2: print Usage: clamav.py message_body_file sys.exit(0) initFilter() print doFilter(sys.argv[1], ) #!/usr/bin/python # spamassassin -- Courier filter which scans messages with spamassassin # Copyright (C) 2007-2008 Jerome Blion [EMAIL PROTECTED] # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA import sys import commands import courier.config spamc_path = '/usr/bin/spamc' def initFilter(): courier.config.applyModuleConfig('spamassassin.py', globals()) # Record in the system log that this filter was initialized. sys.stderr.write('Initialized the spamassasinfilter python filter\n') def doFilter(bodyFile, controlFileList): try: cmd = spamc_path + ' -c ' + bodyFile (status,output) = commands.getstatusoutput(cmd) except Exception, e: return 554 + str(e) if status != 0: return '554 Mail rejected - spam detected: '+ output return '' if __name__ == '__main__': # For debugging, you can create a file that contains just one # line, beginning with an 's' character, followed by an email # address. Run this script with the name of that file as an # argument, and it'll validate that email address. if not sys.argv[1:]: print Usage: spamassassin.py message body file sys.exit(0) initFilter() print doFilter(sys.argv[1], ) - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier-authlib-mysql
mattias a écrit : I try tu use mysql with courier But i can't get it to work My database exist and my user have full rights to it My log follow Dec 31 16:59:50 mjw imapd: authentication error: Input/output error Dec 31 17:05:24 mjw authdaemond: authmysql: mysql_select_db(mj.) error: Incorrect database name 'mj.' Dec 31 17:05:24 mjw imapd: authentication error: Input/output error Dec 31 17:08:10 mjw authdaemond: authmysql: mysql_select_db(mj.) error: Incorrect database name 'mj.' Dec 31 17:08:10 mjw imapd: authentication error: Input/output error Please help! - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users Incorrect database name 'mj.' Remove the dot :) HTH - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] question
mattias a écrit : Some one tell me to edit the authmysqlrc And Delete control characters and all other crap from authmysqlrc. You probably But hmm what do you meen? - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users dos2unix is your friend. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier Backup / replication point
Jay Lee a écrit : Sounds to me like something that should be (and has been) configured at the filesystem/block layers rather than at the Courier application layer. Take a look at projects like RedHat's GFS or Sun's ZFS. I don't know much about NetApps either but I know they do NFS very well (which Courier supports very well) and I'm pretty sure they can be configured redundantly. Jay On 11/24/07, *Ronie Gilberto Henrich* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Is it any feature in courier that allows me to inform backup storage paths? Today I use unison to maintain a replica of our email files, configurations, ..., in a second server to use as a fast recovery backup solution. The problem is that unison uses a lot of resources and IO_WAIT is always very high. So, I was wondering if it is any feature to inform backup storage paths for courier to save all its files always into two different paths. Does something like this exist? If it does not exist, don't you think it is a interesting feature to be implemented? Thanks and regards, Ronie Hi, If we work with a filer, an easier way to proceed would be to affect LUNS/filesystems to the backup server. This way, you don't have to copy anything... The rollback on the master server just follows the same process. After that, you have to secure your filer. (snapshot and so on) HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] pythonfilter - spamassassin
Gordon Messmer a écrit : Bernd Plagge wrote: I don't disagree with you but I don't like the idea to check spam - which gets rejected - for viruses. Well, if you run the spamassassin filter before clamav, and messages are rejected as spam, then they won't be scanned for viruses. I don't recommend that, though. Virus scanning should be something that you provide to everyone. Even your own users shouldn't be able to send viruses to other users. I would run clamav first, and scan everything. Run clamav even before your whitelist filters. My approach would be to first run filters which have the bigger chance to reject mails, to save resources. If a mail is flagged as spam, I totally don't care if it contains a virus, it won't be delivered at all. If the spam come from my LAN, I will take corrective actions to clean the computer. In my case, it's lot more interesting to have the following order: 1 - Spamassassin 2 - Clamav 3 - Whitelist 4 - DSN management I agree with you nevertheless, mails coming from trusted hosts should be scanned by an antivirus solution. HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] pythonfilter - spamassassin
Bernd Plagge a écrit : Hello, I'd like to get some advise. I've just set up courier 0.57 with Gordon's pythonfilter. Pythonfilter modules used are clamav, spamassassin, whitelist_relayclients, whitelist_auth. Thas works fine and was quickly installed! Thank you! However, it seems that - the filter quietly removes all spam i.e. I don't see the actual X-Spam-Status (as before) - even non-Spam mails don't seem to get the additional header We have a number of customer who are afraid of false positives and therefore I'd like to provide a 'delete yourself / control yourself' variant e.g. by moving all spam to a different folder. So, if we used the modules whitelist_relayclients whileist_auth spfcheck greylisting in the pythonfilter and clamav spamassassin in (a) a different filter or (b) triggered by maildrop we could probably greatly reduce the amount of mail passing spam and virus check. Any comments are appreciated! Bernd Hello, During transaction, it's not (yet) possible to modify headers. So, before having accepted the message for delivery, there is no way to add these headers. One workaround was to modify headers and re-injecting the mail in the queue... Gordon documented this feature but spamassassin filter does not implement it. To have headers AND filtering, you will have 2 ways: - using maildrop: it means spammers will see their mail accepted. No error messages for the sender when the message is flagged - re-injecting the mail in the queue. Depending on the load on the mailserver, it's possible or not. HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] slow sending (smtp)
Bernd Plagge a écrit : Hello, this is probably a configuration issue. (ldap based) authtest works like a charm but when I send mail from my notebook it takes 10-15 secs before the mail is send while it is less than a seconds with qmail. I supsect that this is a DNS problem but how can I test this? Or is there a different explanation? Any help is appreciated! Bernd Depending on the order of the modules in pythonfilter, your mails are scanned by Spamassassin and Clamav. You can do a tail -f /var/log/mail.log to see what's going on... HTH Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courieresmtpd: STARTTLS failed: couriertls: accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
Sam Varshavchik a écrit : Jérôme Blion writes: Hello everybody. I installed this week-end the latest release of Courier (0.57.1) from scratch. I want to enable SMTP-S and IMAP-S. When I tried my setup, I had these error: serveur imapd-ssl: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number serveur esmtpd-ssl: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number In /usr/lib/courier/etc, I modified imapd-ssl, esmtpd-ssl, courierd: TLS_PROTOCOL=SSL23 After a restart, I was able to send mails and read them with roundcube / Thunderbird. I have this error now: serveur courieresmtpd: courieresmtpd: STARTTLS failed: couriertls: accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number Which is the file to modify? Or what did I mess up? Change TLS_PROTOCOL in the esmtpd config file back to TLS1. I modified esmtpd-ssl, but not esmtpd... After having modified it to have SSL23, it fixed my problem. Next time, I will open my eyes. Thank you :) Jerome Blion. - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] courieresmtpd: STARTTLS failed: couriertls: accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
Hello everybody. I installed this week-end the latest release of Courier (0.57.1) from scratch. I want to enable SMTP-S and IMAP-S. When I tried my setup, I had these error: serveur imapd-ssl: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number serveur esmtpd-ssl: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number In /usr/lib/courier/etc, I modified imapd-ssl, esmtpd-ssl, courierd: TLS_PROTOCOL=SSL23 After a restart, I was able to send mails and read them with roundcube / Thunderbird. I have this error now: serveur courieresmtpd: courieresmtpd: STARTTLS failed: couriertls: accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number Which is the file to modify? Or what did I mess up? Thank you ;-) Jerome Blion. - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] breaking smtp, smart host spam
Arturo 'Buanzo' Busleiman a écrit : I'd start looking now if I were you. This has been coming for a while. I agree. Don't worry for me ;-) Port 25 is blocked from my LAN to the net... Content-filtering is performed for EVERY mail that go through RBLs SPF. Even outgoing mails are scanned. I confirm that RBL / SPF are a quick way to drop lot of junk... For the few other mails, I accept to consume some resources to analyse them with Spamassassin. It's a little bit frustrating when you want to send a mail to an abuse concerning spams anyway :-) Have a nice night ;-) - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] breaking smtp
Gordon Messmer a écrit : Personally, I think transparency is a negative in this situation, since valid users of your network have nothing to indicate that they can't reach the mail servers that they are supposed to use, or why that would be the case. Hi, When allowing all computers to send mails directly, when a virus is spreading on the network, I wouldn't imagine the load of the entire system. Viruses don't try to use the mail user agent and so, the configuration of it is not retrieved yet... They directly send mails. So, for now, a simple firewall is needed. All mailservers can be configured to be smarthosts. All clients should use a valid SMTP server (through VPN or not) To catch all zombies, just configure your firewall to log what you need. A batch could process logs and give you all your need to clean your network. When zombies computers will behave like normal computers, we will look for another ways to block them. HTH. Jerome Blion. - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Double bounce
Hello, My webserver is mainly used by robots that try to register bad email addresses on phpBB forums. So, a mail is going out... and comes back within a nice DSN :) As the user used to sent the mail does not exist, it does a double bounce. Is there an easy way to discard all these mails automatically? Have a nice night :) Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Double bounce
Jay Lee a écrit : Jérôme Blion wrote: Hello, My webserver is mainly used by robots that try to register bad email addresses on phpBB forums. Consider setting up a captcha verification, it should cut back on these somewhat (though not completely, spammers still get thru sometimes) I already contacted the webmaster of the spammed forum in order him to take corrective actions. As I'm hosting websites, I think it would not be a good idea to modify my clients files. Nevertheless, I use captchas on forums I manage. It's not perfect, but most spammers are blocked. So, a mail is going out... and comes back within a nice DSN :) As the user used to sent the mail does not exist, it does a double bounce. Is there an easy way to discard all these mails automatically? Courier by default will not accept mail to non-existant users. You should undo whatever you did so that Courier will send a 550 User unknown message when these bounces come back. Jay My provider blocks SMTP traffic from customer's IP if this traffic does not go through their SMTP server. More and more french providers do the same... It's a way to fight against zombies computers... So, my courier is configured as a simple smarthost. Correct me if I'm wrong... Mails are relayed from my box to my provider's one. Now, the request is closed on my side. My provider's server sends me a DSN... My server can not deliver it. If it answers 550, we will run in an infinite loop. So, the double bounce message is mailed to postmaster (me) Is there a way to keep the request opened on my side until the last SMTP provides an answer? Jerome... - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courier-imap integration with outlook
Mohit Tewari a écrit : Hi, My setup is debian / courier-imap / userdb Right now the users can come to our website and get authenticated and after authentication they are redirected to mail client where then can read / send their mails (squirrelmail), the first time they log in the authentication is done by matching their passwords against the md5 hashed value of their passwords in our database and then that md5 hashed password is provided to the imap for log into imap server. Userdb has also been created by taking the md5 hash of the password from the database. Now we want to provide them the facility of downloading their mails in their outlook or anyother mail client (Eudora etc). However they will have to enter the md5 hash of their password while getting their mails in the outlook as the userdb it created using the hash. Is there a way that imap can be tweaked so that imap creates an md5 hash of the clear text password it receives and than use that hash to authenticate against the userdb.dat. Where should I look for getting the source files of courier-imap to do this if possible. Thanks, Mohit. Hello, If your userdb is fine (systempw / imappw), just check authentification is done through authuserdb. In authdaemonrc, you should have something like: authmodulelist=authuserdb authcustom This way, any e-mail client will provide the password, and courier-authlib will do the rest. Is there something I did not understand? HTH. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courier-imap integration with outlook
Jérôme Blion a écrit : Mohit Tewari a écrit : Hi, My setup is debian / courier-imap / userdb Right now the users can come to our website and get authenticated and after authentication they are redirected to mail client where then can read / send their mails (squirrelmail), the first time they log in the authentication is done by matching their passwords against the md5 hashed value of their passwords in our database and then that md5 hashed password is provided to the imap for log into imap server. Userdb has also been created by taking the md5 hash of the password from the database. Now we want to provide them the facility of downloading their mails in their outlook or anyother mail client (Eudora etc). However they will have to enter the md5 hash of their password while getting their mails in the outlook as the userdb it created using the hash. Is there a way that imap can be tweaked so that imap creates an md5 hash of the clear text password it receives and than use that hash to authenticate against the userdb.dat. Where should I look for getting the source files of courier-imap to do this if possible. Thanks, Mohit. Hello, If your userdb is fine (systempw / imappw), just check authentification is done through authuserdb. In authdaemonrc, you should have something like: authmodulelist=authuserdb authcustom This way, any e-mail client will provide the password, and courier-authlib will do the rest. Is there something I did not understand? HTH. Jerome Blion. Huuum. I think I understood... You used the MD5 hash as password in userdb? So it's encrypted twice? Jerome. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Accept and delete mails on a specific mailbox
Hello, I misunderstood this line: Blank lines in the file are ignored. Lines starting with the # character are comments, and are also ignored. They are ignored as delivery delivery instructions but included in the byte count. It works with a nice # before :) Thank you. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier-auth with AUTHSHADOW.
Hello Fine... I think nobody here has a crystal bowl to guess which errors do you have... What does mail.log says ? Do you have authdaemon installed and running? BR. Jerome Blion. - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] deferred mails
Bambero a écrit : Hello I had a strange situation with sending emails. Hello, The most strange thing is that your e-mail changes in the log... Don't hide data pieces we could need, it will only slow things down... Logs shows me sth like this: Aug 16 23:11:33 zeus courierd: started,id=0011EE71.46C20312.6FF6,from=[EMAIL PROTECTED],module=esmtp,host=gmail.com,addr=[EMAIL PROTECTED] Aug 16 23:11:33 zeus courieresmtp: id=0011EE31.46C1E49B.77C8,from=[EMAIL PROTECTED],addr=[EMAIL PROTECTED],status: deferred .. and after few hours i got an error message (below). After server restart everything works fine courier starts to deliver deferred messages. Did you first try a courier flush ? I'm running courier 0.54.0 on OpenBSD 4.0. What may be wrong ? Regards Bambero [EMAIL PROTECTED]: Invalid argument Do you have something else to hide to us? The final server seems to be broken... HTH. Jerome Blion. - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] SMTP
Bernd Wurst a écrit : Hallo. Am Dienstag, 24. Juli 2007 schrieb Bambero: I need to run courier on two different IP's. One of them with smtp-auth for outgoing mail, two of them without smtp-auth only for accepting incomming mail. Is it possible to do that without two instances of smtp server ? What is the best way to do that ? What would be the benefit over just providing all features to all IP-addresses? cu, Bernd I would take this problem by the other side... I think Bambera want to force smtp-auth on an interface and let it disable (for incoming mails) on the other ones. What I would suggest is the following: iptables ! Just block ports you don't want users to connect to. What is the mechanism that identifies if a mail is incoming or outcoming? Except Received: headers, that can be faked, I don't know how to distinguish these two flows client == server ( == server) server == server ( == mailbox) Am I right in my guesses? HTH. Jerome. - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] How to empty e-mail accounts
Leonidas Safran a écrit : Hello, I've been reading through documentation pages... http://www.courier-mta.org/documentation.html but I didn't find what I am looking for... :-( I even think it might not be a courier specific command, but more an IMAP standard.. whatever... how do I delete all e-mails of an e-mail account, on system side (not with an e-mail client)? I don't want to delete the account, only all e-mails. Thanks for helping ;-) LS Look at the maildir structure... find $MAILDIR -type f !-name .* | xargs rm That should give good results... Just test ;) HTH. Jerome blion. - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] No luck with courier-pythonfilter and courier-0.56.0.20070701
Nathan Harris a écrit : Anyone successfully running courier-pythonfilter 0.22 with the latest courier? courier-pythonfilter starts successfully, but every access yields: ||432 Mail filters temporarily unavailable. -Nathan Hello, Did you put pythonfilter in debug mode? What does logs say? What is your config? BR. Jerome Blion. - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users