from:"Jérôme Blion"

Re: [courier-users] Spam filtering on SMTP level

2017-03-20 Thread Jérôme Blion

Le 2017-03-20 10:36, Bernd Wurst a écrit :
> Again, thank you all for your replies.
> 
> We decided to go with pythonfilter, with some modifications.
> 
> When I look at my logs and my inbox, I still could imagine some
> improvements for spam filtering apart from tweaking spamassassin. So 
> I'd
> like to know if some of you have written additional filters for
> pythonfilter and would like to share them. Is there a repository for
> such custom filters?

Hello Bernd,

I tunned the spamassassin and clamav filters and provided them directly 
to Gordon. Don't hesitate to share your work with us, we will appreciate 
it.

HTH.
Jérôme Blion.

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courierfilter + spamassassin = smtp slow.

2017-02-08 Thread Jérôme Blion

Le 2017-02-08 13:25, Mário Ferreira a écrit :
> Hi,
> 
>  After activating courierfilter with spamassassin, the smtp service
> was slow.
> 
>  Spamassassin is very important to block spam's!
> 
>  Questions:
>  1. Is it possible to include whitelist for the courierfilter, thus
> reducing the load to the spamassassin whitelist?
> 
>  2. Is there any way to do tuning to alleviate smtp?
> 
>  Thanks.
> 

Hello,

You can use latest courier-pythonfilter's versions to "chain" whitelist 
and spamassassin.

HTH.
Jérôme Blion.

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Log SMTP Auth

2016-08-22 Thread Jérôme Blion

Hello,

I think you could use courier-pythonfilter and create a new logging 
filter based on whitelist_auth.

HTH.
Jerome Blion.

--
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] Fight against Dridex / Locky

2016-07-27 Thread Jérôme Blion

Hello,

I'm looking for an efficient way to fight against Locky / Dridex and 
such malwares...

I use courier-pythonfilter with spamassassin + clamav
I added clamav-unofficial-sigs but as the attachment is built on the 
fly, it's quite useless.
I use zen.spamhaus.org RBL but it's not enough neither.

Which solution did you implement to filter that Junk ?

Best regards.
Jérôme Blion.

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports.http://sdm.link/zohodev2dev
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] pythonfilter

2016-05-11 Thread Jérôme Blion

Hello Gordon,

I read the documentation but I'm not sure about my understanding of some 
sentences.
eg:
attachments
auto_whitelist whitelist_auth whitelist relayclients greylist
clamav
spamassassin

What will happen when whitelist_auth will send a 2xx code ? Which 
filters will be skipped ? The ones defined on the same line or all 
filters defined after it ? In my example, will they be processed by 
clamav and spamassassin or will it stop further filtering ?

Best regards.
Jérôme Blion.

--
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] [courier-pythonfilter] comeagain proposed patch

2016-03-09 Thread Jérôme Blion

Le 09/03/2016 04:13, Gordon Messmer a écrit :
> On 03/08/2016 05:21 PM, Jérôme Blion wrote:
>> What do you think about that?
> I'd like to do something more general to make filters conditional on the
> results of others, but I haven't given it the time...
>
> Maybe something like:
>
> whitelist_auth conditional
> comeagain if not whitelist_auth
> attachments
> spamassassin
> clamav
> log_aliases
> noduplicates
>
> Wouldn't be very hard to parse.  Any better ideas?
>
Hello

Right now, filters have 3 kind of replies:
  - accept
  - reject
  - neutral

Do you agree with me?

A word like "THEN" or "OR" could do the trick :
   whitelist_auth OR/THEN comeagain
   attachments
   spamassassin
   clamav

To pass, a mail should go through all rules until a 200, 400, 500 has 
been raised or the end of filters' list.
We could consider each line delimits a filtering rule. This line should 
end with an only one accept/reject/neutral situation :
  - all filter in a line could reject the mail (4xx/5xx). The first 
reject is enough.
  - only the last filter could accept it (2xx code). It means previous 
2xx codes are silently transformed to neutral
  - the last filter may return a neutral

Now, I only worked on filters, I didn't look at the main code... I have 
absolutely no idea about the needed work to implement that :-)

What do you think about that ? Would it be easily feasible?

HTH.
Jerome Blion.

--
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111=/4140
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] [courier-pythonfilter] comeagain proposed patch

2016-03-08 Thread Jérôme Blion


Hello everyone (and specially Gordon)

Dridex / Locky are a nightmare. I'm trying to find a way to avoid my 
users to get these mails...

I want a specific behaviour:
 - I want ALL my users to go trough spamassassin/clamav (I won't get 
rid of my own changes to these filters :-) )

 - I want to reject unwanted mails as soon as possible, with the least load

That's why, for me, the best order for modules is:

comeagain
attachments
spamassassin
clamav
log_aliases
noduplicates

With comeagain enabled, first tries coming from authenticated users are 
rejected (and that could happen after each ttl expire...)

I don't want that.

So, I modified comeagain filter to allow authenticated users to go 
through this filter with no disturbance. They will go through all other 
ones :-)

You can manage this feature through pythonfilter-modules.conf:

[comeagain.py]
ignoreAuth = True / False

Please find attached the proposed patch.

What do you think about that?

Hope this helps.
Best regards.
Jerome Blion

--- comeagain.py2016-03-09 02:00:14.284044106 +0100
+++ comeagain.py.new2016-03-09 02:09:27.567409792 +0100
@@ -1,6 +1,7 @@
 #!/usr/bin/python
 # comeagain -- Courier filter implementing a "greylisting" technique.
 # Copyright (C) 2003-2008  Gordon Messmer 
+# Copyright (C) 2016   Jerome Blion 
 #
 # This file is part of pythonfilter.
 #
@@ -30,6 +31,7 @@
 # will be removed from the lists.
 sendersTTL = 60 * 60 * 24 * 30
 sendersPurgeInterval = 60 * 60 * 12
+ignoreAuth = False
 
 
 def initFilter():
@@ -58,7 +60,14 @@
 
 """
 
-   # Grab the sender from the control files.
+# If the server is used to send mail from users, we may want not to blck 
them
+# We won't fill the database as the same IP may try and spam
+if ignoreAuth:
+authUser = courier.control.getAuthUser(controlFileList, bodyFile)
+if authUser:
+return ''
+
+# Grab the sender from the control files.
 try:
 sender = courier.control.getSender(controlFileList)
 except:
@@ -102,8 +111,8 @@
 # and more lines, beginning with an 'r' character, for each
 # recipient.  Run this script with the name of that file as an
 # argument, and it'll validate that email address.
-if not sys.argv[1:]:
-print 'Use: comeagain.py '
+if not sys.argv[2:]:
+print 'Use: comeagain.py  '
 sys.exit(1)
 initFilter()
-print doFilter('', sys.argv[1:])
+print doFilter(sys.argv[1], sys.argv[2:])
--
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111=/4140___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] too few deliveries

2015-12-11 Thread Jérôme Blion

Le 2015-12-11 13:25, Szépe Viktor a écrit :
> Thank you!
> 
> Basically what is the way to raise simultaneous "inprogress" delivery?
> 

Hello,

The real question is: How to decrease the mail in the queue waiting for 
a new delivery attempt?
You will have to check and investigate what's happening to mails you are 
trying to send.

They may be delayed due to typo, provider restrictions...

HTH.
Jérôme.

--
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] spammer masquerading as root

2015-06-16 Thread Jérôme Blion

Hello,

Here is one script I use:

= purge_courier.sh
#/bin/bash

USAGE=Usage: $0 STRING

if [ $# -ne 1 ]
then
 echo $USAGE
 exit 1
fi

/etc/init.d/courier-mta stop
cd /var/lib/courier
rgrep -l $1 msgs/*/D* | while read DATAFILE
do
   CTLFILE=`basename $DATAFILE | sed 's/^D/C/g'`
   rm $DATAFILE
   find msg* -name ${CTLFILE}* | xargs --no-run-if-empty rm
   echo $DATAFILE supprime
done
/etc/init.d/courier-mta start
exit 0
= enf of purge_courier.sh

This script is able to clean your queue using an expression.
Most of the time, I'm able to clean queues with that.

HTH.
Jérôme Blion.




Le 2015-06-16 11:18, alan milligan a écrit :
 Hi,
 
  I've got some nasty spammer managing to send spam via my mail server
 by somehow authenticating as root (if I understand the logs
 correctly):
  Jun 15 22:56:04 hostname courierd:
 newmsg,id=0034D6E2.557F9043.5D5F, auth=ROOT: dns;
 User (x.x-x-x.rdns.scalabledns.com [:::x.x.x.x])
 
  My authdaemon (latest version: 0.66.2) is configured with pam and
 ldap (LOGIN auth only): but there is *no* password set for the root
 user (it's RSA identity only). It would seem quite impossible that
 this user really can be authenticated as root.
 
  Since they are authenticated, it seems I cannot simply block the IP
 via smtpaccess.
 
  This user has caused the mail server to be on a number of blacklists
 and these spam messages (along with legitimate traffic) are filling up
 mail queues with multiple failed delivery attempts. Even setting
 ESMTP_BLOCKBACKSCATTER to include authsmtp/dsn in courierd (latest
 version: 0.74.2) configuration isn't actually stopping this.
 
 Whatsmore attempting cancelmsg (and I'm getting some thousands of
 these) to flush the queue is proving pointless: because of the
 blacklisting no DSN is going to get through to the recipient (spoofed
 that it is). It would be great if there was an additional option in
 cancelmsg simply to remove the msgid from the queue - with no DSN
 processing at all. I'm having to stop courier and manually delete all
 the msgs/msgq files.
 
 Any thoughts upon how I can stop this miscreant sending mail would be
 greatly appreciated.
 
 Alan
 --
 
 ___
 courier-users mailing list
 courier-users@lists.sourceforge.net
 Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

--
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Problem setting up pythonfilter

2015-03-02 Thread Jérôme Blion

Le 2015-03-02 17:17, Jean-Christophe Boggio a écrit :
 Hello,
 
 I am trying to install pythonfilter 1.8 on a working 0.68.2 (debian)
 instance of courier-mta.
 
 I have read and applied the install instructions carefully several
 times but the filters never seem to start and I don't know where to
 search next.
 
 /var/lib/pythonfilter permissions seem ok :
 
 # ls /var/lib/pythonfilter -ld
 drwxr-xr-x 2 daemon daemon 4096 janv. 15 03:28 /var/lib/pythonfilter
 
 # grep 'MAIL.*=' /etc/courier/esmtpd
 MAILUSER=daemon
 MAILGROUP=daemon
 
 # ls -l /etc/courier/filters/active
 lrwxrwxrwx 1 root root 37 mars   2 16:11 pythonfilter -
 /usr/lib/courier/filters/pythonfilter
 
 # ls -l /usr/lib/courier/filters/pythonfilter
 lrwxrwxrwx 1 root root 27 janv. 15 00:38
 /usr/lib/courier/filters/pythonfilter - /usr/local/bin/pythonfilter
 
 If I start it manually, it looks ok :
 
 # sudo -u daemon /usr/local/bin/pythonfilter
 Initialized the debug python filter
 Initialized the log_aliases python filter
 Initialized the noduplicates python filter
 Initialized the auto_whitelist python filter
 Initialized the whitelist_relayclients python filter
 Initialized the whitelist_auth python filter
 Initialized the whitelist_block python filter
 Initialized the greylist python filter
 Initialized the ratelimit python filter
 
 Filtering seems activated :
 
 # cat /etc/courier/enablefiltering
 esmtp
 
 # service courier-mta restart
 Stopping Courier SMTP MSA server: done.
 Stopping Courier SMTP server: done.
 Stopping Courier mail filter: done.
 Stopping Courier mail server: done.
 Starting Courier mail server: done.
 Starting Courier mail filter: done.
 Starting Courier SMTP server: done.
 Starting Courier SMTP MSA server: done.
 
 But I see no trace of filters in the logs :
 
 Mar  2 16:21:42 facteur courierd: Courier 0.68.2 Copyright 1999-2012
 Double Precision, Inc.
 Mar  2 16:21:42 facteur courierd: Installing [0/0]
 Mar  2 16:21:42 facteur courierd: Installing uucp
 Mar  2 16:21:42 facteur courierd: Installed: module.uucp - Courier
 0.68.2 Copyright 1999-2012 Double Precision, Inc.
 Mar  2 16:21:42 facteur courierd: Installing local
 Mar  2 16:21:42 facteur courierd: Installed: module.local - Courier
 0.68.2 Copyright 1999-2012 Double Precision, Inc.
 Mar  2 16:21:42 facteur courierd: Installing fax
 Mar  2 16:21:42 facteur courierd: Installed: module.fax - Courier
 0.68.2 Copyright 1999-2012 Double Precision, Inc.
 Mar  2 16:21:42 facteur courierd: Installing esmtp
 Mar  2 16:21:42 facteur courierd: Installed: module.esmtp - Courier
 0.68.2 Copyright 1999-2012 Double Precision, Inc.
 Mar  2 16:21:42 facteur courierd: Installing dsn
 Mar  2 16:21:42 facteur courierd: Installed: module.dsn - Courier
 0.68.2 Copyright 1999-2012 Double Precision, Inc.
 Mar  2 16:21:42 facteur courierd: Initializing uucp
 Mar  2 16:21:42 facteur courierd: Initializing local
 Mar  2 16:21:42 facteur courierd: Initializing fax
 Mar  2 16:21:42 facteur courierd: Initializing esmtp
 Mar  2 16:21:42 facteur courierd: Initializing dsn
 Mar  2 16:21:42 facteur courierd: Started ./courieruucp, pid=49727,
 maxdels=4, maxhost=4, maxrcpt=16
 Mar  2 16:21:42 facteur courierd: Started ./courierlocal, pid=49729,
 maxdels=10, maxhost=4, maxrcpt=1
 Mar  2 16:21:42 facteur courierd: Started ./courierfax, pid=49730,
 maxdels=1, maxhost=1, maxrcpt=1
 Mar  2 16:21:42 facteur courierd: Started ./courieresmtp, pid=49732,
 maxdels=40, maxhost=4, maxrcpt=100
 Mar  2 16:21:42 facteur courierd: Started ./courierdsn, pid=49733,
 maxdels=4, maxhost=1, maxrcpt=1
 Mar  2 16:21:42 facteur courierd: queuelo=200, queuehi=400
 Mar  2 16:21:42 facteur courierd: Purging /var/lib/courier/msgq
 Mar  2 16:21:42 facteur courierd: Purging /var/lib/courier/msgs
 Mar  2 16:21:42 facteur courierd: Waiting.  shutdown time=Mon Mar  2
 17:21:41 2015, wakeup time=Mon Mar  2 16:42:36 2015,
 queuedelivering=2, inprogress=0
 
 I'm expecting something like :
 
 Mar  2 16:21:42 facteur courierfilter: Starting pythonfilter
 
 
 If I create this directory :
 
 # mkdir /var/lib/courier/allfilters/pythonfilter
 
 The logs show :
 
 Mar  2 16:43:17 facteur courieresmtpd: 
 started,ip=[:::209.85.212.172]
 Mar  2 16:43:17 facteur submit: Connection refused
 Mar  2 16:43:17 facteur submit: Failed to connect to:
 /var/lib/courier/allfilters/pythonfilter
 Mar  2 16:43:17 facteur courieresmtpd:
 error,relay=:::209.85.212.172,from=some...@gmail.com: 432 Mail
 filters temporarily unavailable.
 
 which is what I expect because it is not supposed to be a directory
 but it shows that courier is trying to talk to the filter.
 
 
 I am sure this is obvious but I don't see where to search next.
 
 Thanks for your help,
 
 JC
 

Hello,

to enable the filter, did you type filterctl start pythonfilter ?

Best regards.
jerome Blion.

--
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed

Re: [courier-users] pythonfilter and ClamAV

2014-04-14 Thread Jérôme Blion

Le 2014-04-14 17:15, Bowie Bailey a écrit :
 Anyone try to use courier-pythonfilter with the latest ClamAV?  I'm
 trying to set this up on my new server, but I'm getting some errors
 trying to build the pyclamav package that it requires.  Apparently, it
 is only tested up to ClamAV 0.93, while the current version is 0.98.
 I'm wondering if it is no longer compatible, or if I'm doing something
 wrong.
 
 I'm looking for something more lightweight than Amavis.  All I need is
 something that can run ClamAV on incoming mail.  Any other suggestions?

Hello,

root@srv-bron:~# diff clamav.py clamav.py.orig
42,43c42,43
 pyclamd.init_unix_socket(localSocket)
 avresult = pyclamd.scan_file(bodyFile)
---
 clamd = pyclamd.ClamdUnixSocket(localSocket)
 avresult = clamd.scan_file(bodyFile)


HTH.
Jérôme Blion.

--
Learn Graph Databases - Download FREE O'Reilly Book
Graph Databases is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] zdkimfilter

2013-07-21 Thread Jérôme Blion

Le 21/07/2013 13:23, Anders a écrit :
 Hi!

 Can someone contribute with some example configuration files for
 zdkimfilter and courier, especially for signing outgoing mail. I have
 tried to follow the information from the zdkimfilter website and the
 man/config files but I can't get it to work, not even off-line
 checking/testing againt self-generated dkim certs with dkimsign.

 Thanks!

 I am running courier-mta on gentoo amd64

 ~A

Hello,

Here is how I implemented it on a debian server:

apt-get -y install libopendkim7 libnettle4 libtool libopendkim-dev

wget http://www.tana.it/sw/zdkimfilter/zdkimfilter-1.1.tar.gz
tar xzf zdkimfilter-1.1.tar.gz
cd zdkimfilter-1.1/  ./configure
make  make install

echo all_mode Y
verbose 4
selector s  /etc/courier/filters/zdkimfilter.conf

mkdir /etc/courier/filters/keys

echo -BEGIN RSA PRIVATE KEY-
[...]
-END RSA PRIVATE KEY-  
/etc/courier/filters/keys/mymarvelousdomain.com

filterctl stop zdkimfilter
filterctl start zdkimfilter

Hope this helps.

Best regards.
Jerome Blion.

--
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831iu=/4140/ostg.clktrk
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] ANN: zdkimfilter 1.1

2012-12-05 Thread Jérôme Blion

Le 05/12/2012 18:28, Alessandro Vesely a écrit :
 This version implements blocking an authenticated user, which I hope
 will never trigger.  One can specify a plain file with a list of users
 that the filter will reject.  The file can be populated by zdkimfilter
 basing on the result of an sql query, or by any other means.

 The dkimsign command has been enhanced, so that it can be used in
 sendmail-terminated pipelines.

 A few database changes are detailed in the releas-notes.

 A few bugfixes, including those recently reported on this list.

 http://www.tana.it/sw/zdkimfilter/

Hello,

How do you manage the fact that:
  - a mail sent has to signed just before being sent (after all other 
filters which can adds headers) ?
  - a mail received should be verified before all other filters (for the 
same reason, the mail should not move at all) ?

Best regards.
Jerome Blion.

--
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] Send several mails per connection

2011-04-13 Thread Jérôme Blion

Hello,

I'm trying to help a customer. He owns a virtual card website. He sends 
several thousands mails per day.
I already setup MAXDELS and MAXHOST, I modified the queue length too to 
be able to survive to any new year mail flood. I fixed Debian Lenny's 
libraries (dbm package bug)

An ISP told my customer he should send all mails through one SMTP 
connection.
I didn't find any parameter to do it. Are there some documents I should 
read?

Best regards.
Jerome Blion

--
Forrester Wave Report - Recovery time is now measured in hours and minutes
not days. Key insights are discussed in the 2010 Forrester Wave Report as
part of an in-depth evaluation of disaster recovery service providers.
Forrester found the best-in-class provider in terms of services and vision.
Read this report now!  http://p.sf.net/sfu/ibm-webcastpromo
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier GUI replacement for qmailadmin

2011-04-11 Thread Jérôme Blion

On Mon, 11 Apr 2011 06:52:13 -0400, Sam Varshavchik
mr...@courier-mta.com
wrote:
 Vini writes:
 
 Hi All,

 I have been using courier with vpopmail and qmailadmin for a while and
 although it all works well I would prefer to use some sort of GUI that
 is made for Courier.

 Is there any GUI that is available for Courier that could do a similar
 job to what qmailadmin does?
 
 I don't know what qmailadmin does, but Courier does include a web-based
 tool  
 for setting up most configuration options.

Hello, 

I use Quica (http://quica.sourceforge.net/)

HTH.
Jerome Blion.

--
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] spamassassin into courierfilter

2011-03-21 Thread Jérôme Blion

Hello, 

I use courier-pythonfilter for both spam and virus scanning during SMTP
transaction.

HTH.
Jerome Blion.

On Mon, 21 Mar 2011 14:46:25 +0100, Matus UHLAR - fantomas
uh...@fantomas.sk wrote:
 Hello,
 
 Can you advise me a (simple) way to integrate SpamAssassin checking at
MTA
 level?
 
 We use courierperlfilter for clamav scanning and logging and I could add
 calling spamc to it, but I'd like to know if there are other nice ways. 
 
 Thank you.

--
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] Script to clean the Courier's queue

2010-12-01 Thread Jérôme Blion

Hello, 

One of my customers flooded the Courier mail queue (10K mails on only one
address !)
To clean it, I used the following script: 

#/bin/bash

USAGE=Usage: $0 STRING

if [ $# -ne 1 ]
then
   echo $USAGE
   exit 1
fi

/etc/init.d/courier-mta stop
cd /var/lib/courier
rgrep -l $1 msgs/*/D* | while read DATAFILE
do
  CTLFILE=`basename $DATAFILE | sed 's/^D/C/g'`
  rm $DATAFILE
  find msg* -name ${CTLFILE}* | xargs rm
done
/etc/init.d/courier-mta start

Beware, this script is particularly violent. It won't warn you if you are
doing such things as ./purge_courier.sh To !
You have to adapt it to change paths and use grep -rl if you don't have
rgrep alias.

Hope this helps...
Jerome Blion.

--
Increase Visibility of Your 3D Game App  Earn a Chance To Win $500!
Tap into the largest installed PC base  get more eyes on your game by
optimizing for Intel(R) Graphics Technology. Get started today with the
Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs.
http://p.sf.net/sfu/intelisp-dev2dev
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] pythonfilter error checking

2010-10-11 Thread Jérôme Blion

Hello, 

Did you try to use pyclamd instead of pyclamav ?

Best regards.
Jerome Blion.

On Mon, 11 Oct 2010 23:01:51 +0900, Bernd Plagge bpla...@choicenet.ne.jp
wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 Hi
 
 I might have found the reason for those LibClamAV errors which (almost)
 nobody else seems to have.
 Today I ran aptitude which also updated all clamav packages. During
 installation I opted for the standard package configuration - as I
didn't
 make any configuration changes.
 
 Soon after that I got another LibClamAV courierfilter: LibClamAV Error:
 cl_free: engine == NULL error.
 While trying to find the problem I also tested the pythonfilter
clamav.py
 program i.e. the included python modules.
 
 - - ---
 python
 Python 2.5.2 (r252:60911, Jan 24 2010, 14:53:14) 
 [GCC 4.3.2] on linux2
 Type help, copyright, credits or license for more information.
 import sys
 import pyclamav
 help(pyclamav)
 
 pyclamav.version()
 '0.4.1'
 pyclamav.get_version()
 LibClamAV Error: cl_cvdhead: Can't open file /var/lib/clamav//daily.cvd
 ('0.96.3', 0, 0)
 
 
 - - ---
 
 Where I had a /var/lib/clamav/daily.cvd file before there was now a
 /var/lib/clamav/daily.cld file.
 It seems that 'daily.cvd' is the compressed version of 'daily.cld'.
 
 The clamav-freshclam package's standard configuration contains
 'CompressLocalDatabase no'.
 So, the first database upgrade after the program upgrade downloaded the
 daily.cld file.
 
 Unfortunately pyclamav doesn't seem to understand the uncompressed
format.
 As a result Courier will block all messages to be sent.
 
 Would it be possible to include a test for the correct clamav database
 versionand throw up an error if 'daily.cvd' doesn't exist? This would be
 very helpful and remove a potential mail disruption.
 
 Cheers,
 Bernd
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.10 (GNU/Linux)
 
 iEYEARECAAYFAkyzGM8ACgkQpYU8M8PbPV4B6wCfUc0WP68hkkMJGTX7lDm9dNVA
 mMEAn0f0rroxWwu+xjxXRgF3iqe8FTje
 =NZgl
 -END PGP SIGNATURE-

--
 Beautiful is writing same markup. Internet Explorer 9 supports
 standards for HTML5, CSS3, SVG 1.1,  ECMAScript5, and DOM L2  L3.
 Spend less time writing and  rewriting code and more time creating great
 experiences on the web. Be a part of the beta today.
 http://p.sf.net/sfu/beautyoftheweb
 ___
 courier-users mailing list
 courier-users@lists.sourceforge.net
 Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

--
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1,  ECMAScript5, and DOM L2  L3.
Spend less time writing and  rewriting code and more time creating great
experiences on the web. Be a part of the beta today.
http://p.sf.net/sfu/beautyoftheweb
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] monitoring queue size

2010-06-01 Thread Jérôme Blion

Le 31/05/2010 17:33, Matus UHLAR - fantomas a écrit :
 Hello,

 we've had some issues in the past regarding revealed passwords, implicit
 relaying (we are trying to get rid of both) that caused mail queue to be
 filled up with spam.

 Does anyone have implemented queue monitoring that could help us to notice
 we have too many mail from one user/IP address in queue?

 Thank you

Hello,

mailq -batch is your friend.

HTH.
Jerome Blion.

--

___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Clamcour

2010-05-26 Thread Jérôme Blion

Hello, 

I replaced it with courier-pythonfiler with clamav module.

HTH.
Jerome Blion.

On Wed, 26 May 2010 15:55:13 -0400, Bowie Bailey bowie_bai...@buc.com
wrote:
 I was looking at using clamcour on a new server rather than
 amavisd-new.  It seems like clamcour has not been updated in quite a
 while.  Does it still work with the current versions of Courier and
Clam?

--

___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] courier and tbird and openssl

2010-05-17 Thread Jérôme Blion

Hello, 

Did you look at firewall settings on this specific client ?
Perhaps some rules are interfering.

HTH.
Jerome Blion.

--

___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] zen.spamhaus.org

2010-04-29 Thread Jérôme Blion

On Thu, 29 Apr 2010 05:53:07 -0600, Joseph C. Lininger
jb...@pcdesk.net
wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA256
 
 Howdy folks,
 I was wondering if anyone happens to know if zen.spamhaus.org is having
 any sort of troubles? I've noticed an increase in the amount of spam
 making it through my server, and I checked the mail logs to see about
 the blacklists. The last time anything was blocked by spamhaus was April
 27 in the evening. I usually have several spamhaus hits per day. Anyone
 else noticing this or did I mess something up on my end and I just
 haven't realized it yet? Thanks in advance for your help.

Hello, 
Spamhaus is known to block DNS servers who perform too many queries to
their DNS servers.
If you use your ISP DNS, it could be the issue. One easy thing to test: 

nslookup reverse_ip.zen.spamhaus.org @your dns server
nslookup reverse_ip.zen.spamhaus.org @another dns server

For example, Google DNS are blocked.

HTH.
Jerome

--
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Howe to integate ClamAV to scan on SMTP level?

2010-04-18 Thread Jérôme Blion

Le 18/04/2010 10:52, Aidas Kasparas a écrit
 on debian you have to use testing packages of python-clamav,
 as stable do not support recent signatures.


That's why volatile.debian.org exists... ;-)

HTH.
Jerome Blion.

--
Download Intel#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier blocklists and authentication

2010-04-10 Thread Jérôme Blion

Hello,

Le 10/04/2010 17:46, Samuel Marinov a écrit :
 Hello,
 The Courier documentation seems vague and confusing on this. I would
 like to setup Courier ESMTP in the following way:

 1. Setup with the blocklist sbl.spamhaus.org

You'd better use zen.spamhaus.org.

 2. Allow complete relaying privileges to all clients NOT on the blocklist

That's not a good idea... You will spam all the world !
I think that's not what you want.

--
Download Intel#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] mails stuck in the queue

2010-02-15 Thread Jérôme Blion

On Mon, 15 Feb 2010 14:20:02 +0100, Michelle Konzack
linux4miche...@tamay-dogan.net wrote:
 I0 R Connection refused

Did you define these domains in hosteddomains or locals file?
(and perhaps in esmtpacceptmailfor.d)

Hope this helps.
Best regards.
Jerome Blion.

--
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] DNS problems with courier 0.63

2010-01-28 Thread Jérôme Blion

Hello,

If these problems appear few day ago, it could be a DNS issue:

Try these commands:
dig +short rs.dns-oarc.net txt
dig +dnssec DNSKEY ripe.net

http://www.ripe.net/ripe/meetings/ripe-59/presentations/uploads/presentations/Tuesday/Plenary%2014:00/Abley-DNSSEC_for_the_Root_Zone.mId7.pdf

HTH.
Jerome Blion.

Le 28/01/2010 04:51, Chuck Williams a écrit :

Hi All,

I recently upgraded my debian server from courier 0.61 to 0.63 and am
now having strange problems associated with courier's use of DNS.

I have always run with BOFHCHECKDNS=1 (the default) without issue.
However, after upgrading all domains were rejected in both inbound and
outbound smtp mail. Examples:

Jan 25 07:58:25 aloha courieresmtp:
id=032E4D3E.4B5D8509.0D76,from=logch...@manawiz.com,addr=mana...@gmail.com:
DNS lookup failed.
Jan 25 09:20:06 aloha courieresmtp:
id=031FC00E.4B5DEDBA.64D0,from=s...@wisdombell.com,addr=bal...@gmail.com:
DNS lookup failed.

Jan 24 18:27:41 aloha courieresmtpd:
error,relay=:::209.85.210.189,from=bnaleen...@gmail.com: 417 DNS
lookup failure:gmail.com. Try again later
Jan 24 18:28:02 aloha courieresmtpd:
error,relay=:::209.85.222.148,from=3wr1dswaaeyclyo2zto-mprtyyp23rzzrwpr2z503@groups.bounces.google.com:
417 DNS lookup failure:groups.bounces.google.com. Try again later.
Jan 24 18:49:08 aloha courieresmtpd:
error,relay=:::64.79.150.121,from=nbusers-ow...@netbeans.org: 417
DNS lookup failure:netbeans.org. Try again later.

DNS is configured and working fine with all other software on the
server. E.g.:

aloha:/etc/courier# dig +short MX gmail.com
30 alt3.gmail-smtp-in.l.google.com.
40 alt4.gmail-smtp-in.l.google.com.
5 gmail-smtp-in.l.google.com.
10 alt1.gmail-smtp-in.l.google.com.
20 alt2.gmail-smtp-in.l.google.com.
aloha:/etc/courier# dig +short A alt3.gmail-smtp-in.l.google.com
209.85.218.11
aloha:/etc/courier# dig +short MX groups.bounces.google.com
5 gmr-smtp-in.l.google.com.
10 alt1.gmr-smtp-in.l.google.com.
10 alt2.gmr-smtp-in.l.google.com.
aloha:/etc/courier# dig +short A gmr-smtp-in.l.google.com
209.85.221.205
aloha:/etc/courier# dig +short MX manawiz.com
0 manawiz.com.
aloha:/etc/courier# dig +short A manawiz.com
64.34.170.220
aloha:/etc/courier#

I reset BOFHCHECKDNS to 0 to work around this issue, and then for the
past couple days have been trying to send a message to this list.
Other messages I'm sending, or my users are sending, are generally
getting to their recipients, but not messages to the courier-users
list. They are all getting delayed-delivery responses with DNS
failures, e.g.:

courier-users@lists.sourceforge.net:
DNS lookup failed.

The only way I'm able to send this message is to subscribe my gmail
account and send from there. As best I can tell, my courier
installation will not send to the courier-users list.

How does courier access DNS? Any ideas on how I can resolve this
issue? Having BOFHCHECKDNS=0 is letting much more spam through, a big
problem, so I really need to change it back.

Thanks for any help,

Chuck

--
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com

___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Sending Spam

2010-01-06 Thread Jérôme Blion

On Wed, 6 Jan 2010 10:49:24 +, Graham Smith
wobblyc...@googlemail.com
wrote:

 Well, find out what's in those messages. Look in the
 /var/spool/courier/msg[sq]

 
 I don't have a /var/spool/courier directory.
 
 I have a /var/spool/mail directory which is currently empty. There is
also
 a
 /var/spool/postfix which I presume was created when I first installed
the
 machine. The server is running Debian stable and is fully up to date.

If you installed packages with aptitude / apt-get, you should find
everything needed into /var/lib/courier


 What I can't tell is whether my server is sending this mail (I think it
 probably is) and if so how are the black hats getting in to send it.


You need to read mails in your queue. They will show you where they come
from (local unix account, remote IP, authentication parameters...)

HTH.
Jerome Blion.

--
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] DKIM headers

2009-12-03 Thread Jérôme Blion


Hello,

I used few months ago a perlfilter to implement DKIM on a courier 
server. But I had some crashes with it.

So... I rewrote it :-) for pythonfilter...

How to install it:
- you need to install pydkim (beware of dependencies with net.resolver 
provided by python-adns)
- generate your keys (for this, you can use 
http://www.topdog-software.com/files/dkim-genkey.sh ). Beware of the 
owner / rights of files generated

- modify your DNS...
- In /etc/pythonfilter.conf, add following lines AFTER antispam filters:

# dkim: sign message using DKIM signature
#
dkim_sign

- In /etc/pythonfilter-modules.conf, add following lines:

[dkim_sign.py]
selector = 'dkim'
privkey = '/home/dkim/dkim.private'

- Install the script attached. It's a little bit ugly (pydkim can't 
handle Messages objects, so I open the body file as a simple string...)


Several things I have in mind:
- one private key per domain. So, we could enable DKIM only for domains 
we want instead of allowing it for every domain we host. Privkey would 
become privkeydir, dkim.private would become domain.private for each 
domain... Is this a real need?
- do I need to explicitly close files I opened ? (bodyFile and privkey) 
or python will do it for me?
- This filter supposes sender is not forged... So it has to be run 
after antispam filters... Or it would be possible to sign spams... Is 
this way safe enough?


I wrote the filter tonight... I didn't test it yet ! Feel free to 
comment it, to fix it, to use it :-)


Hope this helps.
Jerome Blion.

#!/usr/bin/python
# dkim_sign -- Courier filter which add DKIM signature to mails sent
# Copyright (C) 2009 Jerome Blion jer...@hebergement-pro.org
#
# This file is part of pythonfilter.
#
# pythonfilter is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# pythonfilter is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with pythonfilter.  If not, see http://www.gnu.org/licenses/.

import email
import sys
import courier.config
import courier.control
import courier.xfilter
import dkim

def initFilter():
courier.config.applyModuleConfig('dkim_sign.py', globals())
# Record in the system log that this filter was initialized.
sys.stderr.write('Initialized the dkim python filter\n')

def doFilter(bodyFile, controlFileList):
Sign mails with DKIM keys

For mails which are locally hosted, sign messages with DKIM



try:
message = open(bodyFile).read()
sender = courier.control.getSender(controlFileList)
domain=sender.split('@')[1]

sig = dkim.sign(message, selector, domain, open(privkey, 
r).read())
final_mail = email.message_from_string(sig+message)

try:
mfilter = courier.xfilter.XFilter('dkim_sign', 
bodyFile, controlFileList)
except courier.xfilter.LoopError, e:
# LoopError indicates that we've already filtered this 
message.
return ''

mfilter.setMessage(final_mail)
submitVal = mfilter.submit()
return submitVal

except Exception, e:
return '451 Internal failure : %s' (e)

if __name__ == '__main__':
# For debugging, you can create a file or set of files that
# mimics the Courier control file set.
if not sys.argv[2:]:
print 'Use:  dkim.py message body file control file list'
sys.exit(1)
initFilter()
print doFilter(sys.argv[1], sys.argv[2])
--
Join us December 9, 2009 for the Red Hat Virtual Experience,
a free event focused on virtualization and cloud computing. 
Attend in-depth sessions from your desk. Your couch. Anywhere.
http://p.sf.net/sfu/redhat-sfdev2dev___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] DKIM headers

2009-12-03 Thread Jérôme Blion

I forgot the domain check...
Will add it tomorrow... Time to sleep.

Jerome.

--
Join us December 9, 2009 for the Red Hat Virtual Experience,
a free event focused on virtualization and cloud computing. 
Attend in-depth sessions from your desk. Your couch. Anywhere.
http://p.sf.net/sfu/redhat-sfdev2dev
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] PythonFilter

2009-11-07 Thread Jérôme Blion


Lourik Malan a écrit :


Hi guys

 

I'm using the pythonfilter in courier. The comeback module has been 
causing some issues for me with Squirrelmail. I want to disable the 
filter when the email originates from localhost. Is there a way to 
disable the comeback filter for localhost(127.0.0.1)? The problem is 
it fails the first time you send a email. This is fine for me, but not 
my users.


 


Thanks


Hello, in enablefiltering, you should have smtp local
Remove local :)
That's all.

HTH.
Jerome Blion.
--
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] alias and delivered-to

2009-07-29 Thread Jérôme Blion

Sam Varshavchik a écrit :
 Sandro Serafini writes:

 Hi,

 I have a problem: I've set up a mailbox like this:

 postmasteratdomain

 and an alias:

 useratdomain - postmasteratdomain

 If I send a mail to useratdomain, the Delivered-To: header of the mail
 contains postmasteratdomain, but I need it to contain 
 useratdomain instead.

 How can I do this?

 You can't. Alias processing is done when mail is received. After mail 
 is received, only its ultimate recipients are known, all knowledge of 
 original recipients is no longer available.
Hello,

Courier-pythonfilter + log_aliases could log the original recipient.
It won't be in the mail, but in the mail.log...

HTH.
Jerome Blion.

--
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] pythonfilter - clamav as unprivileged user

2009-06-13 Thread Jérôme Blion



Hello, 

I reinstalled clamav from Debian repositories. By default, it runs as
clamav user. 

To have it working with courier-pythonfilter, I have done some
modifications to clamav.py: 

--- clamav.py.orig 2009-06-13 18:32:01.0 +0200
+++ clamav.py 2009-06-13 19:04:13.0 +0200
@@ -29,7 +29,11 @@
 import pyclamav
 def scanMessage(bodyFile, controlFileList):
 try:
- avresult = pyclamav.scanfile(bodyFile)
+ f = open(bodyFile, rb)
+ mail_to_scan = f.read()
+ f.close()
+
+ avresult = pyclamav.scanthis(mail_to_scan)
 except Exception, e:
 return 554  + str(e)
 if avresult[0]:
@@ -39,12 +43,16 @@
 import pyclamd
 def scanMessage(bodyFile, controlFileList):
 try:
+ f = open(bodyFile, rb)
+ mail_to_scan = f.read()
+ f.close()
+
 pyclamd.init_unix_socket(localSocket)
- avresult = pyclamd.scan_file(bodyFile)
+ avresult = pyclamd.scan_stream(mail_to_scan)
 except Exception, e:
 return 554  + str(e)
- if avresult != None and avresult.has_key(bodyFile):
- return
handleVirus(bodyFile, controlFileList, avresult[bodyFile])
+ if avresult != None and avresult.has_key('stream'):
+ return handleVirus(bodyFile, controlFileList, avresult['stream'])
 return '' 

HTH.
Jerome Blion.--
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] submit: Permission denied

2009-05-26 Thread Jérôme Blion

Sam Varshavchik a écrit :
 Jérôme Blion writes:

 When doing filterctl start perlfilter, I've got this error for PHP 
 scripts:

 May 26 18:17:07 ns60332 courierfilter: Starting perlfilter
 May 26 18:17:07 ns60332 courierd: Waiting.  shutdown time=none, 
 wakeup time=Tue May 26 18:20:33 2009, queuedelivering=398, inprogress=7
 May 26 18:17:09 ns60332 submit: Permission denied
 May 26 18:17:11 ns60332 submit: Permission denied
 May 26 18:17:16 ns60332 submit: Permission denied
 May 26 18:17:17 ns60332 courierfilter: Stopping perlfilter

 Check for the correct ownership and permission of the perlfilter's 
 configuration files. perlfilter uses a few config files -- see the 
 courierperlfilter man page.

 Also verify the ownership of the socket directory -- referenced in the 
 same man page.

Hello,

After some more readings, I found this article:
http://www.mail-archive.com/courier-users@lists.sourceforge.net/msg07729.html

I tried to apply this script to my case. In straces logs, I found lot of 
errors about /var/lib/courier/tmp folder...
I started to look on what could write there

I finally found the problem: $mail_tmp_dir = '/var/lib/courier/tmp';
Apache does not run as Daemon. Courier does.

So /var/lib/courier/tmp is not opened enough. And, from my point of 
view, it has not to be.
I have two ways:
 - to setuid perlfilter-dkim.pl to runs as courier's user
 - to change the previous variable.
I chose the second way. It solved my problem.

Is it normal perlfilter forks as the original user? whereas sendmail is 
setuid-bit?

Thanks for your help...
Jerome Blion.

--
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT 
is a gathering of tech-side developers  brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing,  
iPhoneDevCamp as they present alongside digital heavyweights like Barbarian 
Group, R/GA,  Big Spaceship. http://p.sf.net/sfu/creativitycat-com 
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Weird MAILER-DAEMON error messages (randomly)

2009-05-17 Thread Jérôme Blion

Gordon Messmer a écrit :
 Michelle Konzack wrote:
   
 I have a problem with a catch-all mailbox which is normaly working,  but
 randomly it crate errors like:
 
 ...
   
 micxxxle.konz...@localhost
SMTP error: 513 Syntax error.
 

 localhost isn't a valid domain.  Use an FQDN.
   
I noticed this kind of forged mail address with roundcube with a default 
configuration (no default domain)

HTH.
Jerome.

--
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables 
unlimited royalty-free distribution of the report engine 
for externally facing server and web deployment. 
http://p.sf.net/sfu/businessobjects
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] about non-existent senders

2009-05-05 Thread Jérôme Blion

On Tue, 5 May 2009 12:21:01 +0300, sergio ser...@neonet.ua wrote:
 Hello courier-users,
 
   i  have a problem with some local users that have virus, that use my
   smtp  for spamming. i see a lot of smtp conections from non-existent
   local  user  ( like abrakada...@mydomain.com ) and from correct ips,
   that  present  in  smtpaccess  file.  how  can  i  block  mail  from
   non-existent  local  users  (without  enabling smtp authorization if
   possible) ?
   thanks.

Hello, 

Several solutions: 
 - first, firewall infected computers... They won't spam anymore
 - clean infected computers
 - filter your outgoing messages accross an antispam solutions (bad
keywords, spamassassin, or whatever your want)

HTH.
Jerome Blion.

--
The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
production scanning environment may not be a perfect world - but thanks to
Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700
Series Scanner you'll get full speed at 300 dpi even with all image 
processing features enabled. http://p.sf.net/sfu/kodak-com
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] courier-authlib and vpopmail aka authvchkpw

2009-02-23 Thread Jérôme Blion


alexus a écrit :

On Fri, Feb 20, 2009 at 10:25 PM, Sam Varshavchik mr...@courier-mta.com wrote:
  

alexus writes:



I understand that, I still want it so I can use it in case if I decide
to use qmail
  

Someone else mentioned that the current version of vpopmail has some kind of
a module for courier-authlib. You should investigate that to see, if that
will work for you.



req for that patch to work is courier-auth that has authvchkpw, so
once again where can I get older version of courier-authlib that still
had vpopmail module, maybe i can hack it myself and get it to work
with latest version of courier-authlib or something...
  
Vpopmail can use a database backend like Mysql. Vconvert exist to 
convert old database format to new ones.
After you did that, you have a format that authlib-mysql will be able to 
read. And then you're saved !


HTH.
Jerome Blion

(Sorry Sam, for the junk)
--
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] pre-filtering with Courier

2008-12-22 Thread Jérôme Blion


Lindsay Haisley a écrit :

On Sun, 2008-12-21 at 13:25 -0800, Gordon Messmer wrote:
  

Lindsay Haisley wrote:


It looks as if Gordon Messmer has written a very nice Python-based API
for courierfilter and I'm going to give it a shot at the job.  I'm going
to have to write a new module for it, but the documentation on it is
excellent and it shouldn't be too hard.  I'm quite fond of Python as a
programming language :-)
  
Glad to hear it.  Let me know if I can offer any advice.  There are 
modules for clamav and spamassassin which you can use as a base for 
local customizations.



Gordon, here's a suggested patch for the spamassassin.py filter for
pythonfilter.  This is perhaps just a demonstration of concept since you
would probably want to streamline the code.

Essentially, running SpamAssassin with configs in mysql (as opposed to
flat config files) adds a lot of flexibility to it and makes it more
attractive for use in the delivery phase.  To this end, it's slower, but
more flexible, to run SpamAssassin twice, once from the courierfilter
facility to put a ceiling on the SA spam score accepted by Courier and
yet again during delivery to add SA headers and to encapsulate spam
inside of SA wrappers.

This patch implements a checkOnly flag for the module which,when set,
causes it to do nothing to the message, but to provide input gating
based on a comparison of rejectScore with the SA-determined spam score.
If checkOnly == False (the default) spamassassin.py works just as it
does without the patch.

Hello,

I dislike the way you want to make Spamassassin work. You want to scan 
your mails twice. It's a bad idea as it's CPU intensive.
My advice would be to let this filter as it is right now. (put a bigger 
score on mail you don't want to see at all later).
Then in your .maildroprc, you will juste have to scan headers to reject 
mails according to user's preferences



HTH.
Jerome Blion.
--
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] DOS attack prevention

2008-11-13 Thread Jérôme Blion

Alessandro Vesely a écrit :
 User unknown can also be captured from a catchall script, i.e. 
 synchronously rather than parsing log files.
   
I don't like catch-all mechanisms. With such tools, you are unable to 
inform senders that they made a mistake while writing their mail without 
creating a backscatter (which is bad)

 Fail2ban is perfect for that...
 Here is the couriersmtp filter I created:
 [...]
 failregex = error,relay=HOST,.*: (511|550|554|513)
   

 Most (all?) of those are originated via the addiovec_error() function. 
 Thus we know they are sent with LOG_INFO priority.

   
 That's probably an overkill to ban an IP because of a single error. You 
 really want to trigger an IP ban after 4-5 consecutive errors.
 

 That seems fair.

 The above regex would also capture 550 Rejected - see DNSBL stuff, 
 which I don't think deserve being blocked at the firewall.
   
Just try and see what's happening when a stupid spammer is flooding your 
server with several hundreds mails per minute (dictionnary attack or 
more stupid one, trying several times the same address)
You will query DNS so many useless times... and will waste resources. 
You can cache whatever you want, it will always be better to drop 
everything from the spammer. They will have to wait the timeout delay... 
And I love annoying spammers :-)

Here is the content of my jail.conf:

bantime  = 1800
maxretry = 3

[couriersmtp]

enabled  = true
port = smtp
filter   = couriersmtp
logpath  = /var/log/mail.err

 Jerome, what regex do you use for imap/pop3/webmail? I'd recommend 
 something like
   
Webmail, pop3 and imap are disabled from outside my network. Only imaps 
is opened. I didn't face this problem yet.
 failregex = LOGIN FAILED, user=\S* ip=\[HOST]

 While SMTP features a smart tarpit, login failures have a lone 
 sleep(5); depending on MAXDAEMONS (and MAXPERIP) that may allow a good 
 deal of retries.

 The latter log lines also come at LOG_INFO priority. Since logging is 
 being used for interprocess communication purposes, would it make 
 sense to document that the LOG_INFO priority is where info relevant 
 for the firewall is being logged? Parsing just those lines may save 
 some cycles...
   
That's why you should not use mail.log but mail.err... would be much 
smarter.

content of syslog.conf:
mail.err/var/log/mail.err

serveur:~# wc -l /var/log/mail.log /var/log/mail.err
  3001 /var/log/mail.log
75 /var/log/mail.err

ns300321:~# wc -l /var/log/mail.log /var/log/mail.err
  3863 /var/log/mail.log
88 /var/log/mail.err

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Difficulty sending mail via Courier from Mutt on Ubuntu 8.04.1

2008-10-25 Thread Jérôme Blion

Sam Kuper a écrit :
 Hi,

 I'm new to using email on Linux, so please bear with me.

 If I use mutt -x to compose and send an email, it seems to work (that 
 is, it drops me to the command line after I finish entering the 
 message body), but the email never reaches the recipient.

 tail /var/log/syslog gives the following:

 Oct 25 23:17:02 shelleysoldbox courierd: Initializing dsn
 Oct 25 23:17:02 shelleysoldbox courierd: Started ./courieruucp, 
 pid=5434, maxdels=4, maxhost=4, maxrcpt=16
 Oct 25 23:17:02 shelleysoldbox courierd: Started ./courierlocal, 
 pid=5435, maxdels=10, maxhost=4, maxrcpt=1
 Oct 25 23:17:02 shelleysoldbox courierd: Started ./courierfax, 
 pid=5436, maxdels=1, maxhost=1, maxrcpt=1
 Oct 25 23:17:02 shelleysoldbox courierd: Started ./courieresmtp, 
 pid=5437, maxdels=40, maxhost=4, maxrcpt=100
 Oct 25 23:17:02 shelleysoldbox courierd: Started ./courierdsn, 
 pid=5438, maxdels=4, maxhost=1, maxrcpt=1
 Oct 25 23:17:02 shelleysoldbox courierd: queuelo=200, queuehi=400
 Oct 25 23:17:02 shelleysoldbox courierd: Purging /var/lib/courier/msgq
 Oct 25 23:17:02 shelleysoldbox courierd: Purging /var/lib/courier/msgs
 Oct 25 23:17:02 shelleysoldbox courierd: Waiting.  shutdown time=Sun 
 Oct 26 00:17:02 2008, wakeup time=Sat Oct 25 23:44:59 2008, 
 queuedelivering=1, inprogress=0

 I don't know where to look next. All suggestions welcome!

 Many thanks in advance,

 Sam
Hello,

Is Courier compiled by yourself or installed by your distribution 
package system?
Type: which sendmail

I suppose the real problem is mutt...

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] how to delete messages from mailq?

2008-10-19 Thread Jérôme Blion

[EMAIL PROTECTED] a écrit :
 I have my mailq filled with about 2500 messages, but I want to discard
 them all. The cancelmsg command requires a msgid, there's no way to
 wildcard.
 

 You can use this simple shell script to cancel any message in the queue
 with Courier's cancelmsg command, all on one single line:

 for i in `mailq | egrep '^[0-9]' | awk '{print $2}'`; do echo Dropping
 message $i...; cancelmsg $i; done

 HTH. Ciao, Dino.
   
More violent :

/etc/init.d/courier stop
cd /usr/lib/courier/var/ ; rm -fR msgs/* msgq/*
/etc/init.d/courier start

You can reduce the violence of the cleaning step by using find..
For example: find . -user theuserwhospammed -type f -exec rm {} \;


HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Turn off greylisting for authenticated users

2008-10-13 Thread Jérôme Blion

Jacek Midura a écrit :
 Hello,

 I try to implement greylisting on Courier MTA on Debian. I selected 
 greylisting.py 2.0.2 taken from http://source.schokokeks.org/greylisting/
 (connected with Courier through courierfilter interface).
 Greylisting works OK for incoming mails, but mails sent by authenticated 
 users (outgoing) are subject to greylisting as well (which is unacceptable).
 Is it possible to turn it off for authenticated users? Greylisting.py 
 itself does not offer such an option.
 I looked into 'enablefiltering' configuration file but it does not 
 differentiate for authenticated and non-authenticated ESMTP sessions.
 On the other hand perhaps you can recommend some other greylisting script?

 Thanks for your help.
   
Hello,

With courier-pythonfilter, you can whitelist authenticated users.
Beware with that stuff, it means all other filters will be bypassed.

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] Deliverquota -c

2008-09-26 Thread Jérôme Blion

Hello,

I'm using that defaultdelivery:
defaultdelivery = | /usr/lib/courier/bin/deliverquota -c -w 90 
./Maildir $MAILDIRQUOTA

When the home folder exists, it works fine. But only when the home 
folder exists.
I read in the manual page that deliverquota would use mkdir -p to 
create the folders tree.

Can it create the homedir automatically too ?

Best regards.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Setting up quotas

2008-09-25 Thread Jérôme Blion

Sam Varshavchik a écrit :
 Jérôme Blion writes:

 Hello,

 (as you noticed) I'm trying to set up quotas on a fresh Courier 0.60 
 + Courier-authlib 0.61 server.
 I want to use virtual users stored in a Mysql database.

 I created the same table as indicated in the README: 
 http://www.courier-mta.org/authlib/README.authmysql.html

 # /usr/lib/courier/sbin/authtest [EMAIL PROTECTED] toto
 Authentication succeeded.

  Authenticated: [EMAIL PROTECTED]  (uid 65534, gid 65534)
 Home Directory: /home/courier/jerome
Maildir: (none)
  Quota: 1S
 Encrypted Password: oX7w/WT7FRqvM
 Cleartext Password: toto
Options: (none)


 As defaultdelivery, I set up: | /usr/lib/courier/bin/deliverquota 
 -c -w 90 ./Maildir

 Append \$MAILDIRQUOTA to the above (mind the quoting and the escaping).
IT WORKS (I checked IMAP too) !!! Can you confirm me that mails are 
refused with a temporary failure?

Sep 25 08:35:26 sandbox courierd: newmsg,id=F6A5.48DB312E.67ED: 
dns; localhost (localhost [127.0.0.1])
Sep 25 08:35:26 sandbox courierd: 
started,id=F6A5.48DB312E.67ED,from=[EMAIL 
PROTECTED],module=local,[EMAIL PROTECTED]/home/courier/jerome!| 
/usr/lib/courier/bin/deliverquota -c -w 90 ./Maildir 
$MAILDIRQUOT...,addr=jerome
Sep 25 08:35:26 sandbox courierd: Waiting.  shutdown time=none, wakeup 
time=Thu Sep 25 08:36:02 2008, queuedelivering=11, inprogress=5
Sep 25 08:35:26 sandbox courierlocal: 
id=F6A5.48DB312E.67ED,from=[EMAIL PROTECTED],addr=[EMAIL 
PROTECTED]: 
Mail quota exceeded.
Sep 25 08:35:26 sandbox courierlocal: 
id=F6A5.48DB312E.67ED,from=[EMAIL PROTECTED],addr=[EMAIL 
PROTECTED],status: 
failure
Sep 25 08:35:26 sandbox courierd: completed,id=F6A5.48DB312E.67ED

In the deliverquota manpage, I read that: The second argument to 
*deliverquota* is optional. If present, /|quota|/ specifies a new quota 
setting for this maildir. Specifying /|quota|/ is equivalent to running 
maildirmake(1) http://www.courier-mta.org/maildirmake.html with the 
|-q| option. The second argument to *deliverquota* is considered 
obsolete, and may be removed in the future.

Do you know when you will clean that?
Do you know a better way to manage dynamic quotas?

Thanks for the tip :)
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] SMTP Delay

2008-09-25 Thread Jérôme Blion

Glenn Martin a écrit :
 I was wondering if im missing something with SMTP. There appears to be a 
 delay when sending mail. I bet its trying to resolve the incoming IP because 
 if you send 2 emails at once or within a certain time frame theres no delay, 
 any idea what this is or how to delete it?

 Thanks
 Glenn R. Martin
   

http://www.courier-mta.org/FAQ.html#esmtptimeout

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] Pythonfilter - Quota management

2008-09-24 Thread Jérôme Blion

Hello,

I read quota.py from courier-pythonfilter. the script uses the 
maildirsize file to know what is the quota of the actual mailbox.
At least authmysql and authldap can provide quota field. Here is an 
example of what I tried:

# grep -i quota auth* (I cleaned the output)
authldaprc:# LDAP_MAILDIRQUOTA  quota
authmysqlrc:MYSQL_QUOTA_FIELD   quota

# ./authtest [EMAIL PROTECTED] toto
Authentication succeeded.

 Authenticated: [EMAIL PROTECTED]  (uid 255, gid 255)
Home Directory: /home/courier/jerome
   Maildir: (none)
 Quota: 1000
Encrypted Password: Z5AnpGCgxlZec
Cleartext Password: toto
   Options: (none)

# python
Python 2.4.4 (#2, Apr 15 2008, 23:43:20)
[GCC 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)] on linux2
Type help, copyright, credits or license for more information.
  import os
  import sys
  import courier.authdaemon
  import courier.config
  import courier.control
 
  userInfo = courier.authdaemon.getUserInfo('smtp', 
'[EMAIL PROTECTED]')
  print userInfo['QUOTA']
1000
 

So, from my point of view, courier-pythonfilter could use the quota 
field filled in the database. Is there something I missed which could 
block me while trying to use this field?
Is there a better way to apply quotas with Mysql / LDAP backends?

Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Pythonfilter - Quota management

2008-09-24 Thread Jérôme Blion

Just forget the noise, I realized my mistake.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] Setting up quotas

2008-09-24 Thread Jérôme Blion

Hello,

(as you noticed) I'm trying to set up quotas on a fresh Courier 0.60 + 
Courier-authlib 0.61 server.
I want to use virtual users stored in a Mysql database.

I created the same table as indicated in the README: 
http://www.courier-mta.org/authlib/README.authmysql.html

# /usr/lib/courier/sbin/authtest [EMAIL PROTECTED] toto
Authentication succeeded.

 Authenticated: [EMAIL PROTECTED]  (uid 65534, gid 65534)
Home Directory: /home/courier/jerome
   Maildir: (none)
 Quota: 1S
Encrypted Password: oX7w/WT7FRqvM
Cleartext Password: toto
   Options: (none)


As defaultdelivery, I set up: | /usr/lib/courier/bin/deliverquota -c -w 90 
./Maildir

I can send huge number of huge mails with no warning.

In the INSTALL file, I read: Maildir quotas are supported by IMAP, POP3, and 
the webmail server.
With Thunderbird, When I look at properties of my mailbox, I see there are no 
quota set up.

I'm sure the answer is near, But I don't see it. What did I do wrong?

Best regards.
Jerome Blion.



-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] How to identify mails sent to an alias

2008-09-20 Thread Jérôme Blion

Michelle Konzack a écrit :
 Hello Gordon,

 Can a pythonfilter be writen to add a X-Header
 to the message with the original Recipient?

 Thanks, Greetings and nice Day/Evening/Morning
   
To have only one header, we need to run a script AFTER the mail has been 
accepted.
So, this is not possible with pythonfilter.
Maildrop would be better for that, I think...

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier will not deliver to a Cloaked MTA?

2008-09-12 Thread Jérôme Blion


Ray Collazo a écrit :

On Thu, Sep 11, 2008 at 7:38 PM, Ray Collazo [EMAIL PROTECTED]
wrote:
  

Hello all!
  I have found that my installation of Courier will not deliver mail
to MTAs that cannot be Pinged by normal means.
  

I highly doubt it.
Show examples, log files, SMTP excerpts, etc.

jerry




Jerry, Thanks for responding!


Take for example this failed message, as shown in the log (One of many
entries for this email address): (log entries trimmed for brevty, but all
show the same behaviour as below:) 
[...]

---

   UNDELIVERABLE MAIL

Your message to the following recipients cannot be delivered:

'[EMAIL PROTECTED]':
 Connection timed out

---
=
  
Did you notice single quotes? The server can decide to stop responding 
you with such recipients which seems to be forged intentionnally to spam 
people.
I immediately did an NSLOOKUP and check the mail exchange info... 
= 
[EMAIL PROTECTED]:~$ nslookup
  

set type=MX
design-electric.com


Server: 192.168.0.100
Address:192.168.0.100#53

Non-authoritative answer:
design-electric.com mail exchanger = 10 keystone.design-electric.com.

[...]
To verify that I am not having any network difficulties, I have contacted a
co-worker and I had him do a ping and a telnet on his home network
connection, which is on a completely different carrier than the office
network connection: He was able to reproduce my exact same results (no ping,
but can connect to the SMTP server).
  

Yes, it's not surprising some servers do not answer to ICMP echo request.

This very same behavior has happened with a few other email addresses that
this user has attempted to contact, all of them having unpingable SMTP
servers.
  

With such errors in the address ?

All other mail goes through the system flawlessly, except to these few
hidden MTAs that this user is dealing with. 



...



Here is the extremely odd thing that I Really cannot figure out now and that
makes me go Huh?

In doing this whole testing, I decided Ok: Let me try sending to an address
I know should always be there... Postmaster.

So I went ahead and wrote a test message over to
[EMAIL PROTECTED], and followed the results in the log:


[EMAIL PROTECTED]:~$ sudo grep [EMAIL PROTECTED]
/var/log/mail.log 
Sep 11 18:54:18 sentinel courierd:

started,id=000BB358.48C9CBCA.051F,from=[EMAIL PROTECTED],modul
e=esmtp,host=design-electric.com,addr=[EMAIL PROTECTED]
Sep 11 18:54:19 sentinel courieresmtp:
id=000BB358.48C9CBCA.051F,from=[EMAIL PROTECTED],addr=postmas
[EMAIL PROTECTED]: 250 2.6.0  [EMAIL PROTECTED]
Queued mail for delivery Sep 11 18:54:19 sentinel courieresmtp:
id=000BB358.48C9CBCA.051F,from=[EMAIL PROTECTED],addr=postmas
[EMAIL PROTECTED],size=3884,success: delivered:
keystone.design-electric.com [64.62.95.66] Sep 11 18:54:19 sentinel
courieresmtp:
id=000BB358.48C9CBCA.051F,from=[EMAIL PROTECTED],addr=postmas
[EMAIL PROTECTED],size=3884,status: success 
 
Apparently the message to Postmaster went through!!!
  

So, the fact the server does not answer to ping is not the problem.


So what the heck is causing my users message to hang in the queue for so
many days and then give up?? I checked to verify that the user that is being
addressed exists (or at least isn't being immediately rejected) by manually
initiating a mail exchange: 
 
[EMAIL PROTECTED]:~$ telnet keystone.design-electric.com 25 
Trying 64.62.95.66... 
Connected to keystone.design-electric.com. 
Escape character is '^]'. 
220 design-electric.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959
ready at  Thu, 11 Sep 2008 20:02:56 -0600 
EHLO mail2.loraninc.com 
250-design-electric.com Hello [216.117.220.102] 
250-TURN 
250-SIZE 10485760 
250-ETRN 
250-PIPELINING 
250-DSN 
250-ENHANCEDSTATUSCODES
250-8bitmime 
250-BINARYMIME 
250-CHUNKING 
250-VRFY 
250-X-EXPS GSSAPI NTLM LOGIN 
250-X-EXPS=LOGIN 
250-AUTH GSSAPI NTLM LOGIN 
250-AUTH=LOGIN 
250-X-LINK2STATE 
250-XEXCH50 
250 OK 
MAIL FROM: [EMAIL PROTECTED] 
250 2.1.0 [EMAIL PROTECTED] OK 
RCPT TO: [EMAIL PROTECTED] 
250 2.1.5 [EMAIL PROTECTED] 
QUIT 
221 2.0.0 design-electric.com Service closing transmission channel
Connection closed by foreign host. 

  
No, you didn't validate that the user : '[EMAIL PROTECTED]' 
exists...


HTH.
Jerome Blion.
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe:

Re: [courier-users] Passes SPF but still being classified as spam

2008-09-05 Thread Jérôme Blion

Tim Lyth a écrit :
 Hi all,

 My wife has complained that a number of genuine (advertising) email have 
 been classified as spam by SA, yet they have SPF_PASS in the list of 
 tests run against the email.  Unfortunately, SPF_PASS is given 0.0 
 weighting by SA and therefore the emails are being classified as spam.

 I'm tempted to dig through the SA config file to edit the weighting for 
 the SPF_PASS test, but I'm concerned that this may lead to 
 false-negatives for genuine spam.

 What do people recommend I do?

 Cheers,
 Tim Lyth
   
Hello,

If you behave like a spammer, don't be surprised to be treated like a 
spammer.

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Passes SPF but still being classified as spam

2008-09-05 Thread Jérôme Blion


Art Sackett a écrit :

On Sat, Sep 06, 2008 at 01:45:13AM +1000, Tim Lyth wrote:

  
I'm tempted to dig through the SA config file to edit the weighting for 
the SPF_PASS test, but I'm concerned that this may lead to 
false-negatives for genuine spam.



Myself, if I were using SA instead of DSPAM: I'd use Courier's built-in
SPF tests to reject those messages that outright fail the SPF tests,
then go ahead and reconfigure SA to give credence to the SPF test
results

eg: some AOL mail servers are not registered in the SPF field of aol.com.
More over, when using mailing lists, it's a bad idea to reject any mail 
with a failed SPF check.



HTH
Jerome Blion.
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Account to access all mailboxes

2008-09-05 Thread Jérôme Blion

Sam Varshavchik a écrit :
 Thomas writes:

 Hi,

 Is it somehow possible to use administrator credentials to access all 
 mailboxes? I'm using courier-imap-4.0.2 with courier-authlib-0.55.

 Not in this prehistoric version. Can be done in the current version, 
 with virtual accounts, by setting up and configuring virtual shared 
 folders, then putting your account into the virtual administrator 
 group, and using an IMAP client that properly implements public 
 namespaces and access control lists.
I had a (very bad) idea...
Could the following architectura work as requested:

MAIN_MAILDIR:
-- .user1
-.Sent
-.Trash
[...]
-- .user2
-.Sent
-.Trash
[...]

The maildir of user1 would be MAIN_MAILDIR/.user1
For user2 would be MAIN_MAILDIR/.user2
For admin: MAIN_MAILDIR

This can only work with virtual users bound to the same unix user.

Could it work?

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] How to identify mails sent to an alias

2008-09-02 Thread Jérôme Blion

Gordon Messmer a écrit :
 Attached is a pythonfilter which will log the original recipient 
 address for messages that are delivered to aliases.  It took less than 
 5 minutes to write. :)

 Virtually anything that you want logged could be done in a very 
 similar fashion.

Tested and approved :) It's the easiest way to make it work :)
Thanks.

Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] How to identify mails sent to an alias

2008-08-19 Thread Jérôme Blion

Hello,

I use lot of aliases going to the same real mailbox. I use these 
aliases to register on different websites. My goal is to identify where 
my email has been stolen / given
But... I have a problem.

I sent me a mail to grosbill at hebergement-pro.org: # echo coucou | 
nail [EMAIL PROTECTED]
It should go to jerome at hebergement-pro.org:

# egrep -hv #|^$ webadmin system
abuse: postmaster
espace: jerome
grosbill: jerome
jetable: jerome
root: postmaster
startssl: jerome
webmaster: postmaster
xda: jerome
root: postmaster
mailer-daemon: postmaster
MAILER-DAEMON: postmaster
uucp: postmaster
postmaster:

Aug 19 22:54:46 serveur courierd: newmsg,id=292E.48AB3312.78D3: 
dns; mx.network-hosting.com ([:::91.121.151.120])
Aug 19 22:54:46 serveur courierd: 
started,id=292E.48AB3312.78D3,from=root at 
network-hosting.com,module=local,host=jerome!!1!1!/home/courier/domains/hebergement-pro.org/jerome!/home/courier/domains/hebergement-pro.org/jerome/Maildir!,addr=jerome
Aug 19 22:54:46 serveur courierd: Waiting.  shutdown time=none, wakeup 
time=none, queuedelivering=1, inprogress=1
Aug 19 22:54:46 serveur courierlocal: 
id=292E.48AB3312.78D3,from=root at 
network-hosting.com,addr=jerome at 
hebergement-pro.org,size=1621,success: Message delivered.
Aug 19 22:54:46 serveur courierd: completed,id=292E.48AB3312.78D3
Aug 19 22:54:46 serveur courierd: Waiting.  shutdown time=Thu Aug 28 
17:00:03 2008, wakeup time=Thu Aug 28 17:00:03 2008, queuedelivering=0, 
inprogress=0

Never in my logs, I can see the mail has been sent to grosbill...

serveur:~# grep grosbill /var/log/mail.log
serveur:~#

When I'm in To: or Cc: Field, it's OK, I can identify which alias has 
been used.
But How to identify which alias has been used when sent in Bcc: ?

I hope I have been clear enough :)

Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier modified messages (non-encoded 8-bit messages)

2008-08-15 Thread Jérôme Blion

Michelle Konzack a écrit :
 Question: Is there a possibility to prevent courier-mta  to  envelope
   such messages and send it anyway WITHOUT recompiling courier?
   or is it planed to make this configurable
Answer: Yes:

echo opt BOFHBADMIME=accept  bofh
You can use webadmin cgi to do this change.
The FAQ is very old for this point.

HTH.
Jerome Blion

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Modifying headers on all relayed email

2008-07-31 Thread Jérôme Blion

Richard Guy Briggs a écrit :
 Hi all,

 I've been a sysadmin of sendmail, and currently admin exim and more
 closely postfix.

 I'm looking for a way to modify (delete and add) standard headers
 (Return-Path: and Reply-To:) for all relayed mail through courier.  I
 have only a certain type of traffic transitting a specific courier MTA
 and want to apply the same rules to all of it.

 What I'm looking for appears to be headerdel and headeradd that are
 provided for couriermlm, except I need this for general email and not
 just mailing lists.

 I've also looked at reformail as a potential way to implement it, but
 again, it is for general email being relayed and not per user that could
 be accomplished with local delivery.

 Is there a straight-forward way to do this?  
   
I would have an idea...

Courier-Pythonfilter + Homemade plugin.
Use Xfilter, and then, modify your mail with such thing:

del msg['theheaderyouwanttoremove']

msg.add_header(.)

I don't know wether it works or not.

HTH.
Jerome Blion.


-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Modifying headers on all relayed email

2008-07-31 Thread Jérôme Blion

Richard Guy Briggs a écrit :
 On Thu, Jul 31, 2008 at 11:45:17AM -0700, Jérôme Blion wrote:
   
 Richard Guy Briggs a écrit :
 
 I'm looking for a way to modify (delete and add) standard headers
 (Return-Path: and Reply-To:) for all relayed mail through courier.  I
 have only a certain type of traffic transitting a specific courier MTA
 and want to apply the same rules to all of it.

 What I'm looking for appears to be headerdel and headeradd that are
 provided for couriermlm, except I need this for general email and not
 just mailing lists.

 I've also looked at reformail as a potential way to implement it, but
 again, it is for general email being relayed and not per user that could
 be accomplished with local delivery.

 Is there a straight-forward way to do this?
   
 Courier-Pythonfilter + Homemade plugin.
 Use Xfilter, and then, modify your mail with such thing:

 del msg['theheaderyouwanttoremove']

 msg.add_header(.)

 I don't know wether it works or not.
 
 Interesting.  My understanding of filters was that they took in the data
 and only returned a result code and didn't have the capacity to modify
 and/or pass back the data.  How does it pass back the data?
   
Indeed, since 0.57.1, it's now possible to modify contents of the mail 
without having to create a new mail !
Before this version, we have to generate a new mail and then send it to 
the queue. On these old versions, you need these kind of filters to act 
at the end of the filters list.

The process of modifying mail's contents (including headers) is managed 
by Xfilter... Just modify the mail the way you need, and submit it. 
Xfilter does the rest and will do necessary steps :)

 I've now found this thread
 (http://wiki.apache.org/spamassassin/IntegratedInCourierUsingMaildrop)
 that helps understand how to use some of this, but it still isn't clear
 to me how this can be used.  It appears I might be able to set some
 value of DEFAULTDELIVERY in /etc/courier/courierd that might do what I
 want, but again I wonder if that is only for local delivery and not for
 any mail being relayed through this MTA to other destinations.

 In looking for courier-pythonfilter packages, I see some available for
 FreeBSD, but nothing for Debian or RedHat(ES5).
1 - Maildrop won't fit your needs here, if you want your outgoing mail 
to be modified too. DEFAULTDELIVERY will be used for incoming mails.
2 - Rejecting mails after SMTP transaction is bad :
- either you drop them silently, which is bad
- either you take the risk to spam forged senders

Even if you found some packages for Debian, they are outdated :-) Some 
recents changes add important features. You have to install it manually 
from the sources available at the URI: 
http://www.dragonsdawn.net/~gordon/courier-pythonfilter/

If your Courier's version is under 0.57.1, wait few days, Gordon will 
soon release 1.4 version, which will fix some issues with old versions 
of Courier.
If your version is newer, you can take 1.3 version, I use it on several 
Debian servers.

Perhaps you will find some another nice filters in pythonfilter :-)


HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Modifying headers on all relayed email

2008-07-31 Thread Jérôme Blion

Richard Guy Briggs a écrit :
 Is Xfilter part of courier or part of courier-pythonfilter?

 Will courier-pythonfilter work with python-2.3?
   
I don't know... I use it with python-2.4.

 Ugh, worse than this, I just checked and it is ES4, courier-0.45.4 .  :(

 I'd found the archive with versions up to 1.3.  Thanks for the
 confirmation of latest version.  Perhaps 1.4 will work with something
 this old?  With a courier version that old, I'm assuming I'll need to
 generate and submit a new mail?
   
You are running prehistoric versions ! You'd better upgrade that !
I don't know how pythonfilter will behave with such oldies...

Really, you should consider upgrading your server. At least Courier. At 
most, all the server !

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] spamassassin

2008-07-23 Thread Jérôme Blion


Jan Müller a écrit :

3 ideas for you:
- reject message when SMTP connection is still opened: use Courier-pythonfilter 
with spamassassin filter. It works perfectly.
- DEFAULTDELIVERY=|/usr/bin/spamc|/usr/lib/courier/bin/maildrop
- If there is nothing else in your maildroprc, you won't reject anything. Do 
you see spamassassin working in syslog ? (mail.log or something like that)
HTH.
Jerome Blion.



[...]
I did not understand your suggestion about maildroprc and rejecting. I
was trying to get spamassasin to put headers in spam mails and filter
them accordingly in imap client. Is there a better way? It is company
mail, we should not reject mails if possible.
  

1 - I don't think it's a goot idea. Your users don't want heard of spam.
2 - Try DEFAULTDELIVERY=|/usr/bin/spamc

There is smapd startup visible in log. There are some rules with zero
weight, but it doesn't seem to be major. There is no activity
afterwards.
  
In syslog, when you send a mail through your server, do you see 
spamassassin working?

Something like:

Jul 22 06:17:35 serveur spamd[5459]: spamd: connection from localhost 
[127.0.0.1] at port 59893

Jul 22 06:17:35 serveur spamd[5459]: spamd: setuid to daemon succeeded
Jul 22 06:17:36 serveur spamd[5459]: spamd: processing message 
[EMAIL PROTECTED] for daemon:1
Jul 22 06:17:37 serveur spamd[5459]: spamd: identified spam (6.3/5.0) 
for daemon:1 in 1.3 seconds, 2006 bytes.
Jul 22 06:17:37 serveur spamd[5459]: spamd: result: Y 6 - 
BAYES_99,DRUGS_ERECTILE,DRUG_ED_SILD,HTML_MESSAGE,RDNS_NONE 
scantime=1.3,size=2006,user=daemon,uid=1,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=59893,mid=[EMAIL PROTECTED],bayes=1.00,autolearn=no

Jul 22 06:17:37 serveur spamd[13029]: prefork: child states: II

HTH.
Jerome Blion.
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier and Pythonfilter/Greylist Installation

2008-07-22 Thread Jérôme Blion

Steve Poe a écrit :
 I have few questions on making Pythonfilter /greylist work with  
 Courier. I am a newbie in both areas:

 I was on Macro Balmer's web site to learn about / download python  
 greylisting with Courier. The
 web site refers to courier-pythonfilter-0.9 then pythonfilter- 
 greylist. Then I found pythonfilter-1.3 which
 has a greylist python script. Since I am new at this, I am confused as  
 to which path I should take?
   
Alway prefer latest versions for new setups.

 We want to install the pythonfilter / greylist option for Courier, but  
 we do not want it to be active yet. Can we do the
 install python setup.py install without Courier knowing the  
 pythonfilter is installed?
   
In the installation guide, they explain how to setup pythonfilter.

1 - you have to create a link (in /usr/lib/courier/libexec/filters on my 
servers):
lrwxrwxrwx 1 root   root   21 2008-07-16 18:28 pythonfilter - 
/usr/bin/pythonfilter

2 - you have to run: filterctl start pythonfilter.

You can do the first step. Until you do the second step, pythonfilter 
won't filter anything.

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] spamassasin

2008-07-22 Thread Jérôme Blion

Jan Müller a écrit :
 I have working spamassasin, but can not get it to process courier mail.

 Eg: when I feed spamassasin a test mesage via the command line, it
 returns some output. But when i recieve mail via smtp, there is not
 spamassassin header. Spam still reigns.
 Here is what i did trying to follow tips from spamassassin website:

 in courier/etc/courier:
 DEFAULTDELIVERY=| /usr/lib/courier/bin/maildrop

 and courier/etc/maildroprc:
 import USER
 if ($LOGNAME ne )
 {
 xfilter spamc -u $LOGNAME
 }
 else
 {
 xfilter spamc -u $USER
 }

 What should i do next?

 Thank you for help.
   
3 ideas for you:
 - reject message when SMTP connection is still opened: use 
Courier-pythonfilter with spamassassin filter. It works perfectly.
 - DEFAULTDELIVERY=|/usr/bin/spamc|/usr/lib/courier/bin/maildrop
 - If there is nothing else in your maildroprc, you won't reject 
anything. Do you see spamassassin working in syslog ? (mail.log or 
something like that)

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] pythonfilter 1.2

2008-07-17 Thread Jérôme Blion

Gordon Messmer a écrit :
 Jerome Blion wrote:

 I performed other tests...

 Here is the mail I can read in the final mailbox:
 ==
 ...

 line 1
 line 2
 line 3y courier 0.59

 line 1
 line 2
 line 3
 ==

 Oh... Well, that's because I am a *huge* idiot.

 The attached patch should fix that problem.  Please test it.
Hello,

I have tested the patch. It fixes the problem !
Great thanks for you speed, Now, I have 2 perfect servers :)

Many thanks once again.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] pythonfilter 1.2

2008-07-16 Thread Jérôme Blion


Peter Burden a écrit :
2008/7/16 Jerome Blion [EMAIL PROTECTED] 
mailto:[EMAIL PROTECTED]:


On Tue, 15 Jul 2008 17:15:15 -0700, Gordon Messmer
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
wrote:
 Jérôme Blion wrote:
 Does anybody have any idea of the root cause of this problem?

 Could you be more explicit about what the problem is?

Hello,

I performed other tests...
Here is the mail I sent (from my Sent folder):

==
MIME-Version: 1.0
Date: Wed, 16 Jul 2008 09:57:33 +0200
From: Jerome Blion [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
To: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
Subject: test
Message-ID: [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
X-Sender: [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
User-Agent: RoundCube Webmail/0.1
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

line 1
line 2
line 3
==

Here is the mail I can read in the final mailbox:

==
Delivered-To: [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
Return-Path: [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
ns300321.ovh.net http://ns300321.ovh.net
X-Spam-Level:
X-Spam-Status: No, score=0.5 required=5.0 tests=AWL autolearn=ham
version=3.2.5
Received: from smtp5-g19.free.fr http://smtp5-g19.free.fr
(smtp5-g19.free.fr http://smtp5-g19.free.fr [:::212.27.42.35
http://212.27.42.35])
   by mail.sim-plage.com http://mail.sim-plage.com with
esmtp; Wed, 16 Jul 2008 09:57:35 +0200
   id 00010F38.487DA9EF.55BD
Received: from smtp5-g19.free.fr http://smtp5-g19.free.fr
(localhost.localdomain [127.0.0.1 http://127.0.0.1])
   by smtp5-g19.free.fr http://smtp5-g19.free.fr (Postfix)
with ESMTP id CD4523F63C6
   for [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]; Wed, 16 Jul 2008 09:57:35
+0200 (CEST)
Received: from serveur.hebergement-pro.org
http://serveur.hebergement-pro.org
   (sal69-1-82-231-94-173.fbx.proxad.net
http://sal69-1-82-231-94-173.fbx.proxad.net [82.231.94.173
http://82.231.94.173])
   by smtp5-g19.free.fr http://smtp5-g19.free.fr (Postfix)
with ESMTP id C09313F6399
   for [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]; Wed, 16 Jul 2008 09:57:35
+0200 (CEST)
Received: from mail.hebergement-pro.org
http://mail.hebergement-pro.org ([:::127.0.0.1
http://127.0.0.1])
   by serveur.hebergement-pro.org
http://serveur.hebergement-pro.org with esmtp;
   Wed, 16 Jul 2008 09:57:33 +0200 id 00010160.487DA9ED.5FE3
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Date: Wed, 16 Jul 2008 09:57:33 +0200
From: Jerome Blion [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
To: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
Subject: test
Message-ID: [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
X-Sender: [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
User-Agent: RoundCube Webmail/0.1
X-Mime-Autoconverted: from 8bit to 7bit by courier 0.59

line 1
line 2
line 3y courier 0.59

line 1
line 2
line 3
==

I didn't make any error while copying/pasting.
A part of the entire message is duplicated. Here we can even see
part of
headers.

I tried to send a HTML message, it worked fine.
When I desactivate Spamassassin filter from any side (either
hebergement-pro or sim-plage), it works fine.

I tested on 2 servers only. The problem occurs only from
hebergement-pro.org http://hebergement-pro.org to sim-plage.com
http://sim-plage.com. Mails sent from sim-plage.com
http://sim-plage.com to
hebergement-pro.org http://hebergement-pro.org are correct.

What could I provide you to help you more?

Jerome Blion.


Are you sure both servers are running Courier 0.59 ?
I encountered a very similar looking problem when I
developed sigfilter, apparently on servers earlier than
0.57.1 (I think that's the version number) you needed to
include MIME=none in the esmtpd configuration
file.


Hello,

Now, both servers are up to date: Courier 0.60.0, Courier-authlib 
0.61.0, Pythonfilter 1.2 (+ clamav 0.93.3, Spamassassin 3.2.5). I didn't 
forget to run make install-configure to update my configuration.
To be sure I have no old binaries, I deleted everything in 
/usr/lib/courier except etc folder.


Both Courier are compiled with following commands:
   export COURIERAUTHCONFIG=/usr/lib/courier/bin/courierauthconfig
   export CPPFLAGS=-I/usr/lib/courier/include
   ./configure --with-paranoid-smtpext --enable

Re: [courier-users] Challenge-response supported for general email server?

2008-07-15 Thread Jérôme Blion


Steve Poe a écrit :

I am new to email servers, so pardon my ignorance.

The small company I work for has an email server where they want
to create an approved/whitelist for emails coming from the outside. 
For example,
I email [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]. the abc.com 
http://abc.com mailserver does not see my email

address in approved list for the user account and/or as a company-wide
contact list, so the abc.com http://abc.com mail server sends a 
reply to me to confirm I sent
the email that I *really* wanted to send the email to [EMAIL PROTECTED] 
mailto:[EMAIL PROTECTED]. Meanwhile,

John receives my email, after confirmation of my response, then he adds me
to his personal contact/approved list. The mail administrator found 
out that I am
a new client of abc.com http://abc.com so I am added to the 
company-wide approved list.


We are running Courier 0.53 on Centos Linux 4.4


Is this possible?

Thanks for your help.

Thanks.

Steve

Hello,

Just imagine:
1/ Quiet day today, no mails:
- your server use such a challenge question...
- the remote server requires such challenge question too...

If you don't want to enter in a nice deadlock, you will have to add the 
first recipient to the whitelist. If you don't do it automatically, it 
would mean that your colleagues will have to add them manually... Don't 
count on it ! So, you will have to add automatically all recipients you 
are trying to reach, including all typos, all spams you could send due 
to an infection...


More over, sending challenge question is the best practice to never 
receive mail automatically generated. Even if the return address is 
valid, you will never be sure it's read ! You will never get the answer 
! Bye bye, bills, receipts, invoices...


2/ We love all the world:
- I spam your server with forged addresses
- YOU will be blacklisted all around the world. YOU will have to pay 
fees to get removed from SORBS...


Do you really want to loose mail, customers and money?

If your goal is to fight against spam, use greylisting + spamassassin.

HTH.
Jerome Blion.
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Challenge-response supported for general email server?

2008-07-15 Thread Jérôme Blion

Steve Poe a écrit :
 Jérôme,

 Thank you for your response.

 Pardon my ignorance, again, but is there any special we need for 
 greylisting?
 We do use spamassassin.

 Is there any control we can give back to the users for managing their own
 approved list of email addresses?

 Steve
Spamassassin is a content filter. It's heavy and loads machines. 
Greylisting is an easy and light way to block most spammers.
In order to have greylisting working, you just need to find a filter 
which do it. Like courier-pythonfilter. Gordon Messmer published a new 
release 2 days ago !

http://www.dragonsdawn.net/~gordon/courier-pythonfilter/

You can use greylist or comeagin filter. I didn't test them.


Some papers suggest to have a manual whitelist. In fact, there is no 
hard constraint on that. At worst, mail will take longer to deliver. It 
will always be better than a challenge response. I don't like the idea 
of whitelist... What if one server in this list is beginning to spam?
Another suggestion: use URIBL... like zen.spamhaus.org.

Your courier version is very old. Too old. Lots of improvements have 
been implemented since 0.53.
I discovered yesterday that, since 0.59, we can modify mail contents 
easily :)

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Challenge-response supported for general emailserver?

2008-07-15 Thread Jérôme Blion

Steve Poe a écrit :
 Esa,

 I am researching for my boss/company. Obtaining the pros/cons
 on all sides is what I need to do. Why do you feel its okay to pay
 for others spam? What options/solutions do you have?

 Thanks for your time.

 Steve

Hi again.
One thing you really have to keep in mind: If you send a mail back to 
the sender, you can be blacklisted very easily !!!
It's so easy to forge email addresses that you should never trust an 
email sender before having filtered it.

HTH.
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] pythonfilter 1.2

2008-07-15 Thread Jérôme Blion

Hello,

I'm facing a strange behaviour.
 From my server (hebergement-pro.org) to a remote one I upgraded right 
now (sim-plage.com), I have this strange behaviour:

Delivered-To: [EMAIL PROTECTED]
Return-Path: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on 
ns300321.ovh.net
X-Spam-Level: *
X-Spam-Status: No, score=1.8 required=5.0 tests=AWL,TVD_SPACE_RATIO
autolearn=no version=3.2.5
Received: from smtp5-g19.free.fr (smtp5-g19.free.fr 
[:::212.27.42.35])
by mail.sim-plage.com with esmtp; Wed, 16 Jul 2008 01:40:08 
+0200
id 0002A3EC.487D3558.0949
Received: from smtp5-g19.free.fr (localhost.localdomain [127.0.0.1])
by smtp5-g19.free.fr (Postfix) with ESMTP id 339333F61C5
for [EMAIL PROTECTED]; Wed, 16 Jul 2008 01:40:08 +0200 (CEST)
Received: from serveur.hebergement-pro.org
(sal69-1-82-231-94-173.fbx.proxad.net [82.231.94.173])
by smtp5-g19.free.fr (Postfix) with ESMTP id 1F1103F616F
for [EMAIL PROTECTED]; Wed, 16 Jul 2008 01:40:08 +0200 (CEST)
Received: from [127.0.0.1] ([:::192.168.1.7])
(SSL: TLSv1/SSLv3,256bits,AES256-SHA)
by serveur.hebergement-pro.org with esmtp;
Wed, 16 Jul 2008 01:40:06 +0200 id 00010193.487D3556.2895
Message-ID: [EMAIL PROTECTED]
Date: Wed, 16 Jul 2008 01:40:05 +0200
From: =?ISO-8859-1?Q?J=E9r=F4me_Blion?= [EMAIL PROTECTED]
User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
MIME-Version: 1.0
To: [EMAIL PROTECTED]
Subject: test
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

testntent-Transfer-Encoding: 7bit

test

if I desactivate the spamassassin plugin on the remote host: 

Delivered-To: [EMAIL PROTECTED]
Return-Path: [EMAIL PROTECTED]
Received: from smtp5-g19.free.fr (smtp5-g19.free.fr 
[:::212.27.42.35])
  by mail.sim-plage.com with esmtp; Wed, 16 Jul 2008 01:45:07 +0200
  id 0002A0FA.487D3683.109C
Received: from smtp5-g19.free.fr (localhost.localdomain [127.0.0.1])
by smtp5-g19.free.fr (Postfix) with ESMTP id C394A3F6208
for [EMAIL PROTECTED]; Wed, 16 Jul 2008 01:45:07 +0200 (CEST)
Received: from serveur.hebergement-pro.org 
(sal69-1-82-231-94-173.fbx.proxad.net [82.231.94.173])
by smtp5-g19.free.fr (Postfix) with ESMTP id AE1873F618F
for [EMAIL PROTECTED]; Wed, 16 Jul 2008 01:45:07 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
serveur.hebergement-pro.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.1 required=5.0 
tests=ALL_TRUSTED,AWL,BAYES_00,
TVD_SPACE_RATIO autolearn=no version=3.2.5
Received: from [127.0.0.1] ([:::192.168.1.7])
(SSL: TLSv1/SSLv3,256bits,AES256-SHA)
by serveur.hebergement-pro.org with esmtp;
Wed, 16 Jul 2008 01:45:05 +0200 id 00010193.487D3681.2C75
Message-ID: [EMAIL PROTECTED]
Date: Wed, 16 Jul 2008 01:45:04 +0200
From: =?ISO-8859-1?Q?J=E9r=F4me_Blion?= [EMAIL PROTECTED]
User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
MIME-Version: 1.0
To: [EMAIL PROTECTED]
Subject: test
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

test



If I send a mail from sim-plage.com to hebergement-pro.org, I have no problems.
If I desactivate Spamassassin from any side, everything works fine.

hebergement-pro.org : Courier 0.59 / Pythonfilter 1.2
sim-plage.com : Courier 0.60 / Pythonfilter 1.2

Exactly the same pythonfilter configuration files (scp powered)
Does anybody have any idea of the root cause of this problem?

One of the main difference I pointed out is that X-Spam-Checker-Version header 
has not the same number of lines. Could it be the reason?

Jerome Blion.


-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] pythonfilter 1.2

2008-07-14 Thread Jérôme Blion

Gordon Messmer a écrit :
 * A much improved SpamAssassin module that can modify messages.  This 
 makes it much easier to use Courier and pythonfilter as a mail gateway
Hello,

I installed the latest version. This change is just perfect for me.

 From xfilter.py:


The behavior and return value of the submit method will depend on
the version of Courier under which filters are used.  Under version
0.57.1 and prior versions, the recipients of the original message
will be marked complete, and a string value will be returned which
indicates to courier that no further filtering should be performed
by any courierfilters.  The string which is returned by the submit
method should be returned to pythonfilter by the filter which called
the submit method.  Because modifying the message creates a new
message in Courier's queue in these releases, you must not reject a
message that has been modified; it is no longer possible to notify
the sender that the message was rejected.  Filters that modify
messages should be run last.

Under versions of Courier which support modifying the message's body
file in place, the submit function will do so and will not mark all
of the recipients complete.  Submit will return an empty string,
which should be returned to pythonfilter by the filter which called
the submit method.  Additional filters, if any are configured, will
continue to be called.  This is more efficient than earlier methods,
which would start filtering over from the beginning each time that
xfilter was used.

Do you mean it's now possible to modify mail contents without generating 
a new mail?
I sent me a mail, which has been filtered. I saw only one mail (local is 
filtered too)

If that's the case, we could add any headers we would want ? (to add 
clamav header, for example)

By the way, thank you for this update :-)
Jerome Blion.

-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK  win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100url=/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Moving Courier to a new host/server

2008-05-30 Thread Jérôme Blion

Hello,

For mail waiting in the queue, it could be interesting to convert the 
old server to a smarthost, emptying all the queue on the new server.

HTH.
Jerome Blion.

-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] about pythonfilter again

2008-03-12 Thread Jérôme Blion


Sergio Bortsov a écrit :

Hello Gordon,

Wednesday, March 12, 2008, 6:50:09 PM, you wrote:

  

Sergio Bortsov wrote:


/kernel: pid 9591 (python), uid 100: exited on signal 11 (core dumped)
  
  


  

What platform is this?


freebsd 4.8
perl5.10
spamassasin 3.2.4
  
If you have the core file, I might be able to 
examine it and see what happened.


only this I think

Mar 11 16:23:29 colo /kernel: pid 3807 (python), uid 100: exited on signal 11
Mar 11 16:23:42 colo /kernel: pid 3767 (python), uid 100: exited on signal 11 
(core dumped)
[...]


find / -name core
xD

HTH.
Jerome Blion.
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] Mailbombing cleaning with cancelmsg

2008-03-02 Thread Jérôme Blion

Hello everybody.

One of my servers has been used by an old legitimate user (fired) to 
bomb some mailboxes. I had to clean my queue...
I previously worked on such issues by providing the -batch option to 
mailq...
So mailq -batch | grep [EMAIL PROTECTED] gives me enough data pieces to 
do what I would like.

But cancelmsg sends a DSN. I had more than 5 mails to clean (f.g 
user) so, it would have created 5 DSN !

I would like to avoid to write a script which would do:
 - rgrep -l the_string_i_m_looking_for /usr/lib/courier/var/msgs/D*
 - for each datafile, delete:
- control file
- data file
- the file in msgq containing the name of the control file.
 - removing empty folders (or mailq will be slower to answer)

In case of manual removal, is there an order I could apply to the 
removal process? My goal would be to work on files courier won't use 
anymore (by creating kind of orphans)

Is there a way to avoid the DSN to be generated by cancelmsg?

Best regards.
Jerome Blion.


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] /var/run/courier/authdaemon/socket missing

2008-02-23 Thread Jérôme Blion

Benjamin Burkhart a écrit :
 Hi all,

 By strace-ing courierpop3login I found out that it wants to open the 
 above socket but that the socket does not exist.

 In the logs, this looks like this:
 Feb 24 01:44:57 servername courierpop3login: Connection, 
 ip=[:::myclientIPaddress]
 Feb 24 01:44:59 servername courierpop3login: authdaemon: s_connect() 
 failed: No such file or directory
 Feb 24 01:44:59 servername courierpop3login: LOGIN FAILED, 
 [EMAIL PROTECTED], ip=[:::myclientIPaddress]
 Feb 24 01:44:59 servername courierpop3login: authentication error: No 
 such file or directory

 This on a Debian Sarge box. Here's a bit more data:
 root ~  dpkg --list | grep courier
 ii  courier-authdaemon0.58-4   
 Courier authentication daemon
 ii  courier-authlib   0.58-4   
 Courier authentication library
 ii  courier-authlib-mysql 0.58-4   MySQL 
 support for the Courier authentication
 ii  courier-authlib-userdb0.58-4   
 userdb support for the Courier authenticatio
 rc  courier-authmysql 0.47-4sarge5 
 Courier Mail Server - MySQL authentication
 ii  courier-base  0.53.3-5 
 Courier Mail Server - Base system
 ii  courier-imap  4.1.1.20060828-5 
 Courier Mail Server - IMAP server
 ii  courier-imap-ssl  4.1.1.20060828-5 
 Courier Mail Server - IMAP over SSL
 rc  courier-mta   0.47-4sarge4 
 Courier Mail Server - ESMTP daemon
 ii  courier-pop   0.53.3-5 
 Courier Mail Server - POP3 server
 ii  courier-pop-ssl   0.53.3-5 
 Courier Mail Server - POP3 over SSL
 ii  courier-ssl   0.53.3-5 
 Courier Mail Server - SSL/TLS Support

 root ~  grep -v '^#' /etc/courier/authdaemonrc | grep .
 authmodulelist=authmysql
 authmodulelistorig=authcustom authcram authuserdb authldap authpgsql 
 authmysql authpam
 daemons=5
 version=
 authdaemonvar=/var/run/courier/authdaemon

 root /etc/courier  grep -v '^#' pop3d | grep .
 PIDFILE=/var/run/courier/pop3d.pid
 MAXDAEMONS=40
 MAXPERIP=4
 POP3AUTH=
 POP3AUTH_ORIG=PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256
 POP3AUTH_TLS=
 POP3AUTH_TLS_ORIG=LOGIN PLAIN
 POP3_PROXY=0
 PORT=110
 ADDRESS=0
 TCPDOPTS=-nodnslookup -noidentlookup
 LOGGEROPTS=-name=pop3d
 POP3DSTART=YES
 MAILDIRPATH=Maildir

 As you can see, I am authenticating using a mysql database.

 Any ideas as to why the socket is missing, who should create it but 
 doesn't? Actually my configuration has been working like a charm until 
 recently ...

 Please let me know if you need more information.

 Cheers,
 Benjamin.

   
Hi...
Are Authdaemon running ?

HTH.
Jerome Blion.



-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] submit fails

2008-02-17 Thread Jérôme Blion

Christian Huldt a écrit :
 I tend to get submit errors for some From addresses, to the point those
 messages can't get through. It seems to be consistent.

 Where should I be looking to find the cause?

 submit: Invalid argument

 or

 Feb 17 08:53:32 mail submit: No such file or directory

 and then

 Feb 17 08:53:32 mail courieresmtpd:
 error,relay=:::212.105.110.37,from=[EMAIL PROTECTED]: 432
 Mail filters temporarily unavailable.

   
Which filters are you using?

Best regards.
Jerome Blion.


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier not accepting external connections atall

2008-02-17 Thread Jérôme Blion


Bernd Wurst a écrit :

Hi.

On Sunday 17 February 2008, Mircea Zahan wrote:
  

helo domain
250-dc Ok.


250-dc also is not courier but it's also not standards conform. Tree
digits and a space must be the beginning of the (last) answer line.

Also, domain is propably not resolvable and therefore no good HELO name.
  

dc is the name of the machine courier is running on.



You replaced 250 dc Ok. by 250-dc Ok. manually? Why?


  

Ok, you're right, I wasn't talking ESMTP.



So, you could try to do this.


  

Bottom line: I do connect to the right machine, the machine receives
external TCP connections because they appear in maillog, but courier does
not answer anything after accepting the connection. At least that's what
the diagnostic tool from www.mxtoolbox.com says.



That may be because your IDENT-lookup is still enabled and the remote client 
does not offer an ident server. Try switching it off (extend TCPDOPTS 
by -noidentlookup).



To get valuable assistance, please use
- correct host names. If your server shall be on the internet, please use 
internet hostnames. Neither domain nor dc is a FQDN and therefore should 
not be used in the internet. hostname -f should give you a full host name, 
containing the name of the machine and the domain it lives in. If that's not 
the case, you should configure your machine's hostname according to your 
operating system's docs.

- ESMTP. If Courier complains about an ESMTP command error, this may be true.
- as much from the default configuration as possible. If everything works, 
customize bit by bit and you could keep in mind what worked and what did not. 
If you customize a lot of stuff, there are many places where you could have 
made a mistake or where things could get mixed up.


regards, Bernd
  


If you have several routes on your box, check, that there is no 
asymmetrical routing.


HTH.
Jerome Blion.
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] High loaded clamcour

2008-02-14 Thread Jérôme Blion

[EMAIL PROTECTED] a écrit :
 My system:
 Debian etch
 courier-mta  0.53.3-5
 clamcour 0.2.2-1.2

 Cheers
 Marco
   
Both versions are old...
Can you try with the latest clamcour version ? (0.3.8)


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] courier and greylisting and callback.

2008-02-14 Thread Jérôme Blion

-=Devil_InSide=- a écrit :
 has the courier this features?
 early under windows i use mdaemon -- good windows mail server, wich has some 
 features like greylisting, domain keys, spf and whitelist for each of thic 
 services.
 but i found just spf in a courier-mta.

 in any overviews in a web  for exim and postfix i see possibility to reject 
 server, those HELO has only a digits or keyword, but not only blacklisting by 
 ip or network or mask of e-mail address ([EMAIL PROTECTED] etc), how it 
 written in courier documentation.
 has the courier such possibilities?

 i think, that possibility  to make a greylisting or callback is very useful 
 for control the incoming spam --- on mdaemon greylisting  was a good solution.
 and on other servers i saw callback --- more interesting solution, as i think.

 in a debian repositories i found a milter-greylist -- can i use it with 
 courier-mta ? 
 in description to this package i read that this filter for sendmail, but 
 reading docs and mans for this package has to brood over more universality of 
 this program.
   
Hello,

You can use pythonfilter. It implements Greylisting.
What do you mean when you talk about callback ?

HTH.
Jerome Blion.


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] courier and greylisting and callback.

2008-02-14 Thread Jérôme Blion

-=Devil_InSi- a écrit :
 callback - a check of sender. 
 when local  mail server recieve message, it temporary stop recieving after 
 any header ( to usually) and try initialize simulation session of sending 
 mail to adress $from.
 if remote server hasn't that address in recipient's list, the incoming 
 connection is closing and incoming mail rejects hard (usually).

 my english is poor, but hope, that i not distort this description.

  
 ,--[J__r__me Blion [EMAIL PROTECTED] Thu, 14 Feb 2008 23:17:06 +0100]
 |-=Devil_InSide=- a __crit :
 | has the courier this features?
 | early under windows i use mdaemon -- good windows mail server, wich has 
 some features like greylisting, domain keys, spf and whitelist for each of 
 thic services.
 | but i found just spf in a courier-mta.
 |
 | in any overviews in a web  for exim and postfix i see possibility to 
 reject server, those HELO has only a digits or keyword, but not only 
 blacklisting by ip or network or mask of e-mail address ([EMAIL PROTECTED] 
 etc), how it written in courier documentation.
 | has the courier such possibilities?
 |
 | i think, that possibility  to make a greylisting or callback is very 
 useful for control the incoming spam --- on mdaemon greylisting  was a good 
 solution.
 | and on other servers i saw callback --- more interesting solution, as i 
 think.
 |
 | in a debian repositories i found a milter-greylist -- can i use it with 
 courier-mta ? 
 | in description to this package i read that this filter for sendmail, but 
 reading docs and mans for this package has to brood over more universality of 
 this program.
 |   
 |Hello,
 |
 |You can use pythonfilter. It implements Greylisting.
 |What do you mean when you talk about callback ?
 |
 |HTH.
 |Jerome Blion.
   

Hello,

(content of pythonfilter.conf)
# dialback: checks the envelope sender's address to make sure that a bounce
#   or reply can be delivered.  Mail from addresses that can't be 
verified
#   will be refused.


This module is included into pythonfilter.
Does it fit your requirements?

(No problem for your english, I understand you quite fine, and I'm not 
english neither :) )

HTH.
Jerome Blion.


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] attacks

2008-02-03 Thread Jérôme Blion

Sam Varshavchik a écrit :
 Leigh S. Jones, KR6X writes:

 « HTML content follows »

 I'm getting fed up with my bandwidth being gobbled up by numerous 
 attackers running dictionary attacks on my users passwords for pop3 
 and imap logins.  To that end, I'm hoping to enlist the aid of 
 couriertcpd.   The way I understand it, I need to build an access 
 file with IP addresses followed by a tab then the keyword deny, 
 compile it into a binary database using a script similar to 
 makesmtpaccess, probably this would invoke 
 /usr/lib/courier/courier/makedatprog through the script 
 /usr/lib/courier/makedat, and then add the line 
 -access=[filename.dat] in /etc/init.d/pop3d, etc., pointing to my 
 database when invoking the daemons.  Have I got this all correctly?

 Yes. There's a script called 'makedat' that's a generic version of 
 makesmtpaccess, that you can use.

 Having said all that -- this is a losing battle. You'll spend the rest 
 of your life maintaining this list manually, so you should cobble 
 together some script that parses the log files, and inserts IP 
 addresses into the blacklist.
fail2ban is designed to fit your needs.

HTH.
Jerome Blion.


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] pythonfitler and unix socket

2008-01-04 Thread Jérôme Blion


FM a écrit :

Hello everybody,

To force pythonfilter to use the clamd  and clamd.conf config , I remove 
pyclamav.so.


in clamd.conf I have :
LocalSocket /var/run/clamav/clamd.sock

but I receive these error from pythonfilter :
(...)
Jan  4 10:40:20 verona courierfilter: Uncaught exception in clamav 
doFilter function: ScanError:Could not reach clamd using unix socket 
(/var/run/clamd)
Jan  4 10:40:20 verona courierfilter: File 
/etc/courier/filters/active/pythonfilter, line 194, in processMessage
Jan  4 10:40:20 verona courierfilter: replyCode = i_filter[1](bodyFile, 
controlFileList)
Jan  4 10:40:20 verona courierfilter: File 
/usr/lib/python2.2/site-packages/pythonfilter/clamav.py, line 50, in 
doFilter

Jan  4 10:40:20 verona courierfilter: return scanMessage(bodyFile)
Jan  4 10:40:20 verona courierfilter: File 
/usr/lib/python2.2/site-packages/pythonfilter/clamav.py, line 35, in 
scanMessage

Jan  4 10:40:20 verona courierfilter: pyclamd.init_unix_socket()
Jan  4 10:40:20 verona courierfilter: File 
/usr/lib/python2.2/site-packages/pyclamd.py, line 111, in init_unix_socket

Jan  4 10:40:20 verona courierfilter: ping()
Jan  4 10:40:20 verona courierfilter: File 
/usr/lib/python2.2/site-packages/pyclamd.py, line 167, in ping

Jan  4 10:40:20 verona courierfilter: s = __init_socket__()
Jan  4 10:40:20 verona courierfilter: File 
/usr/lib/python2.2/site-packages/pyclamd.py, line 414, in __init_socket__
Jan  4 10:40:20 verona courierfilter: raise ScanError, 'Could not reach 
clamd using unix socket (%s)' % (clamd_SOCKET)

(...)

Is there a way to set the unix socket to /var/run/clamav/clamd.sock 
instead of /var/run/clamd ?


Regards,


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
  

Which pythonfilter do you use ?
With 1.0, I posted a message some days ago...
Here is a version which allow to use a specific socket...

You have to modify /etc/pythonfilter-modules.conf

Add:

[clamav.py]
LocalSocket = '/var/run/clamav/clamd.sock'

HTH.
Jerome Blion.


#!/usr/bin/python
# clamav -- Courier filter which scans messages with ClamAV
# Copyright (C) 2004  Robert Penz [EMAIL PROTECTED]
# Copyright (C) 2007  Gordon Messmer [EMAIL PROTECTED]
# Copyright (C) 2008  Jerome Blion [EMAIL PROTECTED]
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

import sys
import courier.config

LocalSocket = ''

try:
import pyclamav
def scanMessage(bodyFile):
try:
avresult = pyclamav.scanfile(bodyFile)
except Exception, e:
return 554  + str(e)
if avresult[0]:
return 554 Virus found - Signature is %s % avresult[1]
return ''
except ImportError:
import pyclamd
def scanMessage(bodyFile):
try:
pyclamd.init_unix_socket(LocalSocket)
avresult = pyclamd.scan_file(bodyFile)
except Exception, e:
return 554  + str(e)
if avresult != None and avresult.has_key(bodyFile):
return 554 Virus found - Signature is %s % avresult[bodyFile]
return ''


def initFilter():
courier.config.applyModuleConfig('clamav.py', globals())

# Record in the system log that this filter was initialized.
sys.stderr.write('Initialized the clamav python filter\n')

def doFilter(bodyFile, controlFileList):
return scanMessage(bodyFile)


if __name__ == '__main__':
# we only work with 1 parameter
if len(sys.argv) != 2:
print Usage: clamav.py message_body_file
sys.exit(0)
initFilter()
print doFilter(sys.argv[1], )
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] Spamassassin and clamav modules

2008-01-01 Thread Jérôme Blion


Hi :)

I rewrote some parts of these two modules.
Local socket or paths can be different...

With these modules, the admin is able to set up correct paths to make 
these filters working.


So, we have to modify pythonfilter-modules.conf. Here is how I modified it:

   [clamav.py]
   LocalSocket = '/tmp/clamd'

   [...]

   [spamassassin.py]
   spamc_path = '/usr/local/bin/spamc'

LocalSocket is the name of the parameter in clamav.conf.

Please find attached both modules.

HTH.
Jerome Blion.
#!/usr/bin/python
# clamav -- Courier filter which scans messages with ClamAV
# Copyright (C) 2004  Robert Penz [EMAIL PROTECTED]
# Copyright (C) 2007  Gordon Messmer [EMAIL PROTECTED]
# Copyright (C) 2008  Jerome Blion [EMAIL PROTECTED]
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

import sys
import courier.config

LocalSocket = ''

try:
import pyclamav
def scanMessage(bodyFile):
try:
avresult = pyclamav.scanfile(bodyFile)
except Exception, e:
return 554  + str(e)
if avresult[0]:
return 554 Virus found - Signature is %s % avresult[1]
return ''
except ImportError:
import pyclamd
def scanMessage(bodyFile):
try:
pyclamd.init_unix_socket(LocalSocket)
avresult = pyclamd.scan_file(bodyFile)
except Exception, e:
return 554  + str(e)
if avresult != None and avresult.has_key(bodyFile):
return 554 Virus found - Signature is %s % avresult[bodyFile]
return ''


def initFilter():
courier.config.applyModuleConfig('clamav.py', globals())

# Record in the system log that this filter was initialized.
sys.stderr.write('Initialized the clamav python filter\n')

def doFilter(bodyFile, controlFileList):
return scanMessage(bodyFile)


if __name__ == '__main__':
# we only work with 1 parameter
if len(sys.argv) != 2:
print Usage: clamav.py message_body_file
sys.exit(0)
initFilter()
print doFilter(sys.argv[1], )
#!/usr/bin/python
# spamassassin -- Courier filter which scans messages with spamassassin
# Copyright (C) 2007-2008  Jerome Blion [EMAIL PROTECTED]
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

import sys
import commands
import courier.config

spamc_path = '/usr/bin/spamc'

def initFilter():
courier.config.applyModuleConfig('spamassassin.py', globals())
# Record in the system log that this filter was initialized.
sys.stderr.write('Initialized the spamassasinfilter python filter\n')

def doFilter(bodyFile, controlFileList):
try:
cmd = spamc_path + ' -c  ' + bodyFile
(status,output) = commands.getstatusoutput(cmd)
except Exception, e:
return 554  + str(e)
if status != 0:
return '554 Mail rejected - spam detected: '+ output
return ''


if __name__ == '__main__':
# For debugging, you can create a file that contains just one
# line, beginning with an 's' character, followed by an email
# address.  Run this script with the name of that file as an
# argument, and it'll validate that email address.
if not sys.argv[1:]:
print Usage: spamassassin.py message body file
sys.exit(0)
initFilter()
print doFilter(sys.argv[1], )
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier-authlib-mysql

2007-12-31 Thread Jérôme Blion

mattias a écrit :
 I try tu use mysql with courier
 But i can't get it to work
 My database exist and my user have full rights to it
 My log follow
 Dec 31 16:59:50 mjw imapd: authentication error: Input/output error
 Dec 31 17:05:24 mjw authdaemond: authmysql: mysql_select_db(mj.) error:
 Incorrect database name 'mj.'
 Dec 31 17:05:24 mjw imapd: authentication error: Input/output error
 Dec 31 17:08:10 mjw authdaemond: authmysql: mysql_select_db(mj.) error:
 Incorrect database name 'mj.'
 Dec 31 17:08:10 mjw imapd: authentication error: Input/output error
 Please help!


 -
 This SF.net email is sponsored by: Microsoft
 Defy all challenges. Microsoft(R) Visual Studio 2005.
 http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
 ___
 courier-users mailing list
 courier-users@lists.sourceforge.net
 Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
   

Incorrect database name 'mj.'

Remove the dot :)
HTH



-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] question

2007-12-31 Thread Jérôme Blion

mattias a écrit :
 Some one tell me to edit the authmysqlrc
 And Delete control characters and all other crap from authmysqlrc. You
 probably 
 But hmm what do you meen?


 -
 This SF.net email is sponsored by: Microsoft
 Defy all challenges. Microsoft(R) Visual Studio 2005.
 http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
 ___
 courier-users mailing list
 courier-users@lists.sourceforge.net
 Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
   
dos2unix is your friend.


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier Backup / replication point

2007-11-24 Thread Jérôme Blion


Jay Lee a écrit :
Sounds to me like something that should be (and has been) configured 
at the filesystem/block layers rather than at the Courier application 
layer.  Take a look at projects like RedHat's GFS or Sun's ZFS.  I 
don't know much about NetApps either but I know they do NFS very well 
(which Courier supports very well) and I'm pretty sure they can be 
configured redundantly.


Jay

On 11/24/07, *Ronie Gilberto Henrich* [EMAIL PROTECTED] 
mailto:[EMAIL PROTECTED] wrote:



Is it any feature in courier that allows me to inform
backup storage paths?

Today I use unison to maintain a replica of our email
files, configurations, ..., in a second server to use as a fast
recovery backup solution.
The problem is that unison uses a lot of resources and
IO_WAIT is always very high.

So, I was wondering if it is any feature to inform backup
storage paths for courier to save all its files always into two
different paths. Does something like this exist?

If it does not exist, don't you think it is a interesting
feature to be implemented?

Thanks and regards,

Ronie


Hi,

If we work with a filer, an easier way to proceed would be to affect 
LUNS/filesystems to the backup server.
This way, you don't have to copy anything...  The rollback on the master 
server just follows the same process.

After that, you have to secure your filer. (snapshot and so on)

HTH.
Jerome Blion.
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] pythonfilter - spamassassin

2007-11-20 Thread Jérôme Blion


Gordon Messmer a écrit :

Bernd Plagge wrote:
  

I don't disagree with you but I don't like the idea to check spam -
which gets rejected - for viruses.



Well, if you run the spamassassin filter before clamav, and messages are
rejected as spam, then they won't be scanned for viruses.

I don't recommend that, though.  Virus scanning should be something that
you provide to everyone.  Even your own users shouldn't be able to send
viruses to other users.  I would run clamav first, and scan everything.
 Run clamav even before your whitelist filters.
  
My approach would be to first run filters which have the bigger chance 
to reject mails, to save resources.
If a mail is flagged as spam, I totally don't care if it contains a 
virus, it won't be delivered at all.
If the spam come from my LAN, I will take corrective actions to clean 
the computer.


In my case, it's lot more interesting to have the following order:
1 - Spamassassin
2 - Clamav
3 - Whitelist
4 - DSN management

I agree with you nevertheless, mails coming from trusted hosts should 
be scanned by an antivirus solution.


HTH.
Jerome Blion.
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] pythonfilter - spamassassin

2007-11-18 Thread Jérôme Blion

Bernd Plagge a écrit :
 Hello,

 I'd like to get some advise.

 I've just set up courier 0.57 with Gordon's pythonfilter.
 Pythonfilter modules used are clamav, spamassassin,
 whitelist_relayclients, whitelist_auth.

 Thas works fine and was quickly installed! Thank you!

 However, it seems that 
  - the filter quietly removes all spam
 i.e. I don't see the actual X-Spam-Status (as before)
  - even non-Spam mails don't seem to get the additional header

 We have a number of customer who are afraid of false positives and
 therefore I'd like to provide a 'delete yourself / control yourself'
 variant e.g. by moving all spam to a different folder.

 So, if we used the modules 
whitelist_relayclients
whileist_auth
spfcheck
greylisting

 in the pythonfilter  and 
 clamav
 spamassassin

 in (a) a different filter or (b) triggered by maildrop we could probably
 greatly reduce the amount of mail passing spam and virus check.

 Any comments are appreciated!

 Bernd
   
Hello,

During transaction, it's not (yet) possible to modify headers. So, 
before having accepted the message for delivery, there is no way to add 
these headers. One workaround was to modify headers and re-injecting the 
mail in the queue... Gordon documented this feature but spamassassin 
filter does not implement it.

To have headers AND filtering, you will have 2 ways:
 - using maildrop: it means spammers will see their mail accepted. No 
error messages for the sender when the message is flagged
 - re-injecting the mail in the queue. Depending on the load on the 
mailserver, it's possible or not.

HTH.
Jerome Blion.


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] slow sending (smtp)

2007-11-18 Thread Jérôme Blion

Bernd Plagge a écrit :
 Hello,

 this is probably a configuration issue.
 (ldap based) authtest works like a charm but when I send mail from my
 notebook it takes 10-15 secs before the mail is send while it is less
 than a seconds with qmail.
 I supsect that this is a DNS problem but how can I test this?
 Or is there a different explanation?

 Any help is appreciated!

 Bernd
   
Depending on the order of the modules in pythonfilter, your mails are 
scanned by Spamassassin and Clamav.
You can do a tail -f /var/log/mail.log to see what's going on...

HTH
Jerome Blion.


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] courieresmtpd: STARTTLS failed: couriertls: accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

2007-11-15 Thread Jérôme Blion

Sam Varshavchik a écrit :
 Jérôme Blion writes:

 Hello everybody.

 I installed this week-end the latest release of Courier (0.57.1) from 
 scratch.

 I want to enable SMTP-S and IMAP-S. When I tried my setup, I had 
 these error:

 serveur imapd-ssl: couriertls: connect: error:1408F10B:SSL 
 routines:SSL3_GET_RECORD:wrong version number
 serveur esmtpd-ssl: couriertls: connect: error:1408F10B:SSL 
 routines:SSL3_GET_RECORD:wrong version number

 In /usr/lib/courier/etc, I modified imapd-ssl, esmtpd-ssl, courierd:
 TLS_PROTOCOL=SSL23
 After a restart, I was able to send mails and read them with 
 roundcube / Thunderbird.

 I have this error now:
 serveur courieresmtpd: courieresmtpd: STARTTLS failed: couriertls: 
 accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

 Which is the file to modify? Or what did I mess up?

 Change TLS_PROTOCOL in the esmtpd config file back to TLS1.
I modified esmtpd-ssl, but not esmtpd... After having modified it to 
have SSL23, it fixed my problem.
Next time, I will open my eyes.

Thank you :)
Jerome Blion.


-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now  http://get.splunk.com/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] courieresmtpd: STARTTLS failed: couriertls: accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

2007-11-14 Thread Jérôme Blion

Hello everybody.

I installed this week-end the latest release of Courier (0.57.1) from 
scratch.

I want to enable SMTP-S and IMAP-S. When I tried my setup, I had these 
error:

serveur imapd-ssl: couriertls: connect: error:1408F10B:SSL 
routines:SSL3_GET_RECORD:wrong version number
serveur esmtpd-ssl: couriertls: connect: error:1408F10B:SSL 
routines:SSL3_GET_RECORD:wrong version number

In /usr/lib/courier/etc, I modified imapd-ssl, esmtpd-ssl, courierd:
TLS_PROTOCOL=SSL23
After a restart, I was able to send mails and read them with roundcube / 
Thunderbird.

I have this error now:
serveur courieresmtpd: courieresmtpd: STARTTLS failed: couriertls: 
accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

Which is the file to modify? Or what did I mess up?
Thank you ;-)
Jerome Blion.


-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now  http://get.splunk.com/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] breaking smtp, smart host spam

2007-11-04 Thread Jérôme Blion


Arturo 'Buanzo' Busleiman a écrit :



I'd start looking now if I were you. This has been coming for a while.



I agree.
  

Don't worry for me ;-)
Port 25 is blocked from my LAN to the net... Content-filtering is 
performed for EVERY mail that go through RBLs  SPF. Even outgoing mails 
are scanned.


I confirm that RBL / SPF are a quick way to drop lot of junk... For the 
few other mails, I accept to consume some resources to analyse them with 
Spamassassin.
It's a little bit frustrating when you want to send a mail to an abuse 
concerning spams anyway :-)


Have a nice night ;-)
-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now  http://get.splunk.com/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] breaking smtp

2007-11-03 Thread Jérôme Blion

Gordon Messmer a écrit :
 Personally, I think transparency is a negative in this situation, since 
 valid users of your network have nothing to indicate that they can't 
 reach the mail servers that they are supposed to use, or why that would 
 be the case.
   
Hi,

When allowing all computers to send mails directly, when a virus is 
spreading on the network, I wouldn't imagine the load of the entire system.
Viruses don't try to use the mail user agent and so, the configuration 
of it is not retrieved yet... They directly send mails.
So, for now, a simple firewall is needed. All mailservers can be 
configured to be smarthosts. All clients should use a valid SMTP server 
(through VPN or not)

To catch all zombies, just configure your firewall to log what you need. 
A batch could process logs and give you all your need to clean your network.

When zombies computers will behave like normal computers, we will look 
for another ways to block them.


HTH.
Jerome Blion.


-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now  http://get.splunk.com/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] Double bounce

2007-10-02 Thread Jérôme Blion

Hello,

My webserver is mainly used by robots that try to register bad email 
addresses on phpBB forums.
So, a mail is going out... and comes back within a nice DSN :) As the 
user used to sent the mail does not exist, it does a double bounce.
Is there an easy way to discard all these mails automatically?


Have a nice night :)
Jerome Blion.


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Double bounce

2007-10-02 Thread Jérôme Blion

Jay Lee a écrit :
 Jérôme Blion wrote:
 Hello,

 My webserver is mainly used by robots that try to register bad email 
 addresses on phpBB forums.
   

 Consider setting up a captcha verification, it should cut back on 
 these somewhat (though not completely, spammers still get thru sometimes)
I already contacted the webmaster of the spammed forum in order him to 
take corrective actions. As I'm hosting websites, I think it would not 
be a good idea to modify my clients files. Nevertheless, I use captchas 
on forums I manage. It's not perfect, but most spammers are blocked.

 So, a mail is going out... and comes back within a nice DSN :) As the 
 user used to sent the mail does not exist, it does a double bounce.
 Is there an easy way to discard all these mails automatically?
   

 Courier by default will not accept mail to non-existant users.  You 
 should undo whatever you did so that Courier will send a 550 User 
 unknown message when these bounces come back.

 Jay
My provider blocks SMTP traffic from customer's IP if this traffic does 
not go through their SMTP server. More and more french providers do the 
same... It's a way to fight against zombies computers...

So, my courier is configured as a simple smarthost.

Correct me if I'm wrong...

Mails are relayed from my box to my provider's one. Now, the request is 
closed on my side.
My provider's server sends me a DSN... My server can not deliver it. If 
it answers 550, we will run in an infinite loop. So, the double bounce 
message is mailed to postmaster (me)

Is there a way to keep the request opened on my side until the last SMTP 
provides an answer?

Jerome...


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] courier-imap integration with outlook

2007-09-11 Thread Jérôme Blion

Mohit Tewari a écrit :

 Hi,
 My setup is debian / courier-imap / userdb
 Right now the users can come to our website and get authenticated and 
 after authentication they are redirected to mail client where then can 
 read / send their mails (squirrelmail), the first time they log in the 
 authentication is done by matching their passwords against the md5 
 hashed value of their passwords in our database and then that md5 
 hashed password is provided to the imap for log into imap server.
 Userdb has also been created by taking the md5 hash of the password 
 from the database.
 Now we want to provide them the facility of downloading their mails in 
 their outlook or anyother mail client (Eudora etc).
 However they will have to enter the md5 hash of their password while 
 getting their mails in the outlook as the userdb it created using the 
 hash.
 Is there a way that imap can be tweaked so that imap creates an md5 
 hash of the clear text password it receives and than use that hash to 
 authenticate against the userdb.dat.
 Where should I look for getting the source files of courier-imap to do 
 this if possible.

 Thanks,
 Mohit.

Hello,

If your userdb is fine (systempw / imappw), just check authentification 
is done through authuserdb.
In authdaemonrc, you should have something like: 
authmodulelist=authuserdb authcustom
This way, any e-mail client will provide the password, and 
courier-authlib will do the rest.

Is there something I did not understand?

HTH.
Jerome Blion.



-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] courier-imap integration with outlook

2007-09-11 Thread Jérôme Blion


Jérôme Blion a écrit :

Mohit Tewari a écrit :
  

Hi,
My setup is debian / courier-imap / userdb
Right now the users can come to our website and get authenticated and 
after authentication they are redirected to mail client where then can 
read / send their mails (squirrelmail), the first time they log in the 
authentication is done by matching their passwords against the md5 
hashed value of their passwords in our database and then that md5 
hashed password is provided to the imap for log into imap server.
Userdb has also been created by taking the md5 hash of the password 
from the database.
Now we want to provide them the facility of downloading their mails in 
their outlook or anyother mail client (Eudora etc).
However they will have to enter the md5 hash of their password while 
getting their mails in the outlook as the userdb it created using the 
hash.
Is there a way that imap can be tweaked so that imap creates an md5 
hash of the clear text password it receives and than use that hash to 
authenticate against the userdb.dat.
Where should I look for getting the source files of courier-imap to do 
this if possible.


Thanks,
Mohit.



Hello,

If your userdb is fine (systempw / imappw), just check authentification 
is done through authuserdb.
In authdaemonrc, you should have something like: 
authmodulelist=authuserdb authcustom
This way, any e-mail client will provide the password, and 
courier-authlib will do the rest.


Is there something I did not understand?

HTH.
Jerome Blion.
  

Huuum. I think I understood... You used the MD5 hash as password in userdb?
So it's encrypted twice?

Jerome.
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Accept and delete mails on a specific mailbox

2007-09-08 Thread Jérôme Blion

Hello,

I misunderstood this line:  Blank lines in the file are ignored. Lines 
starting with the # character are comments, and are also ignored.
They are ignored as delivery delivery instructions but included in the 
byte count.

It works with a nice # before :)

Thank you.
Jerome Blion.


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier-auth with AUTHSHADOW.

2007-09-04 Thread Jérôme Blion

Hello

Fine... I think nobody here has a crystal bowl to guess which errors do 
you have...
What does mail.log says ? Do you have authdaemon installed and running?

BR.
Jerome Blion.


-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now   http://get.splunk.com/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] deferred mails

2007-08-17 Thread Jérôme Blion

Bambero a écrit :
 Hello

 I had a strange situation with sending emails.
   
Hello,

The most strange thing is that your e-mail changes in the log...
Don't hide data pieces we could need, it will only slow things down...

 Logs shows me sth like this:

 Aug 16 23:11:33 zeus courierd:
 started,id=0011EE71.46C20312.6FF6,from=[EMAIL 
 PROTECTED],module=esmtp,host=gmail.com,addr=[EMAIL PROTECTED]
 Aug 16 23:11:33 zeus courieresmtp:
 id=0011EE31.46C1E49B.77C8,from=[EMAIL PROTECTED],addr=[EMAIL 
 PROTECTED],status:
 deferred

 .. and after few hours i got an error message (below).

 After server restart everything works fine courier starts to deliver
 deferred messages.
   
Did you first try a courier flush ?

 I'm running courier 0.54.0 on OpenBSD 4.0.

 What may be wrong ?

 Regards
 Bambero

 [EMAIL PROTECTED]:
  Invalid argument
   
Do you have something else to hide to us?
The final server seems to be broken...

HTH.
Jerome Blion.


-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now   http://get.splunk.com/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] SMTP

2007-07-24 Thread Jérôme Blion


Bernd Wurst a écrit :

Hallo.

Am Dienstag, 24. Juli 2007 schrieb Bambero:
  

I need to run courier on two different IP's. One of them with
smtp-auth for outgoing mail, two of them without smtp-auth only for
accepting incomming mail. Is it possible to do that without two
instances of smtp server ? What is the best way to do that ?



What would be the benefit over just providing all features to all 
IP-addresses?


cu, Bernd

  

I would take this problem by the other side...
I think Bambera want to force smtp-auth on an interface and let it 
disable (for incoming mails) on the other ones.


What I would suggest is the following: iptables !
Just block ports you don't want users to connect to.

What is the mechanism that identifies if a mail is incoming or outcoming?
Except Received:  headers, that can be faked, I don't know how to 
distinguish these two flows


client == server ( == server)
server == server ( == mailbox)

Am I right in my guesses?
HTH.
Jerome.


-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now   http://get.splunk.com/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] How to empty e-mail accounts

2007-07-21 Thread Jérôme Blion

Leonidas Safran a écrit :
 Hello,

 I've been reading through documentation pages...
 http://www.courier-mta.org/documentation.html

 but I didn't find what I am looking for... :-(

 I even think it might not be a courier specific command, but more an IMAP 
 standard.. whatever... how do I delete all e-mails of an e-mail account, on 
 system side (not with an e-mail client)? I don't want to delete the account, 
 only all e-mails.


 Thanks for helping ;-)

 LS
   
Look at the maildir structure...
find $MAILDIR -type f !-name .* | xargs rm
That should give good results...

Just test ;)
HTH.
Jerome blion.


-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now   http://get.splunk.com/
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] No luck with courier-pythonfilter and courier-0.56.0.20070701

2007-07-19 Thread Jérôme Blion


Nathan Harris a écrit :
Anyone successfully running courier-pythonfilter 0.22 with the latest 
courier?


courier-pythonfilter starts successfully, but every access yields: 
||432 Mail filters temporarily unavailable.


-Nathan


Hello,

Did you put pythonfilter in debug mode?
What does logs say?

What is your config?

BR.
Jerome Blion.
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

1 2 >

1 - 100 of 155 matches

Mail list logo