Re: Sendmail or Qmail ? Postfix!
Monday 08 of September 2003 04:00, Craig Sanders > > difficult to learn, just a PITA and completely unlike any other unix tools, - does not support de-facto logging standard - syslog - does not support CIDR - does not support IPV6 ... > that it is far more important for his programs to be consistent with each > other no matter what system they're running on than it is for them to be > consistent with everything else on the system. I urge djb to write his own djb/ip and his e-services should run on djb-OS. :] But...this is offtopic Postfix is THE mta to use - it scales well so it can be used either in SOHO or in large e-mail systems and is configurable to do every perversion you might want to do with e-mail. O:-] (and still be RFC compliant) -- People who are funny and smart and return phone calls get much better press than people who are just funny and smart. -- Howard Simons, "The Washington Post" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ..fixing ext3 fs going read-only, was : Sendmail or Qmail ? ..
On Mon, 8 Sep 2003 12:05:24 -0400, Theodore Ts'o <[EMAIL PROTECTED]> wrote in message <[EMAIL PROTECTED]>: > On Sun, Sep 07, 2003 at 07:24:27PM +0200, Arnt Karlsen wrote: > > > What happens on error conditions can be set through tune2fs or as > > > a mount option. Having it remount read-only is probably better > > > than panicing the kernel. > > > > ..yeah, except in /var/log, /var/spool et al, I also lean towards > > panic in /home. > > I tend to use remount read-only feature on desktops, where it's useful > for me to be able to save my work on some other filesystem before I > reboot my system. ..remount read-only is ok, as long as the bugle blows. IME, it doesn't. > But for an unattended server, most of the time it's probably better to > force the system to reboot so you can restore service ASAP. ..even for raid-1 disks??? _Is_ there a combination of raid-1 and journalling fs'es for linux that's ready for carrier grade service? > > > When it happens a reboot may be a good idea, in which case a fsck > > > to fix the problem should occur automatically. > > > > ..should, agrrrRRRrrreed. IME (RH73 - RH9 and woody) it does > > not. > > > > ..what happens is the journaling dies, leaving a good fs intact, > > on rebooting, the dead journal will "repair" the fs wiping good > > data off the fs. > > I'm not sure what you mean by this. When there is a filesystem error ..add an "healthy" dose of irony to repair in "repair". ;-) > detected, all writes to the filesystem are immediately aborted, which ...precludes reporting the error? > means the filesystem on disk is left in an unstable state. (It my > look consistent while the system is still running, but there is a lot .._exactly_, but it is not reported to any of the system users. A system reboot _is_ reported usefully to the system users, all tty users get the news. > of uncommitted data which has not been written out to disk.) So in > general, not running the journal will leave you in a worse state after > rebooting, compared to running the journal. ..it appears my experience disagrees with your expertize here. With more data, I would have been able to advice intelligently on when to and when not to run the journal, I believe we agree not running the journal is adviceable if the system has been left limping like this for a few hours. > An alternative course of action, which we don't currently support > would be to attempt to write everything to disk and quiesce the > filesystem before remounting it read-only. The problem is that trying > to flush everything out to disk might leave things in a worse state > than just freezing all writes. ..could a ramdisk help? As in; store in ramdisk between journal commits and honk the big horn on non-recoverable errors? ..and, on a raid-1 disk set, a failure oughtta cut off the one bad fs and not shoot down the entire raid set because that one fs fails. > The real problem is that in the face of filesystem corruption, by the > time the filesystem notices that something is wrong, there may be > significant damage that has already taken place. Some of it may > already have been written to journal, in which case not replaying the > journal might leave you with more data to recover; on the other hand, > not replaying the journal could also risk leaving your filesystem very > badly corrupted with data which the mail server had promised it had > accepted, not actually getting saved by the filesystem. > > A human could make a read/write snapshot of the filesystem and try it > both ways, but if you want automatic recovery, it's probably better to > run the journal than not to run it. ..agreed, and with ext3 on a raid-1 set, this _oughtta_ be easy. > > ..the errors=remount,ro fstab option remounts the fs ro but fails > > to tell the system, so the system merrily "logs" data and "accepts" > > mail etc 'till Dooms Day, and especially on raid-1 disks I sort of > > expected redundancy, like in "autofeather the bad prop and trim out > > the yaw" and "autopatch that holed fuel tank", and "auto-sync the > > props", I mean, this was done _60_years_ ago in aviation to help > > win WWII, and ext3 on raid-1 floats around USS Yorktown-style??? > > If the system merrily logs data and accepts it, even after the > filesystem is remounted read-only, that implies that the MTA is > horribly buggy, not doing the most basic of error return code checks. ..agreed, pointer hints to such basic hints to such basics? > If the filesystem is remounted read-only, then writes to the > filesystem *will* return an error. If the application doesn't notice, > then it's the application which is at fault, not ext3. ..on Woody, ext3 actually report the remount to /dev/console. ;-) _Nothing_ elsewhere. Dunno about Red Hat, never had one hooked to a monitor upon a journal failure. ..all I know is RH-7.3-8-9 and Woody does _not_ report ext3 journal failures in any way I am aware of and can make use of
Re: Sendmail or Qmail ? ..
On Sat, 2003-09-06 at 22:34, Russell Coker wrote: > On Sat, 6 Sep 2003 00:08, Eric Sproul wrote: > > until the entire message has been received and processed, the receiving > > MTA is not responsible for the message. In fact, I think this is > > RFC-specified. Why then, if the receiver isn't responsible, would it > > want to spend disk I/O queuing a message that may end up being rejected > > or may fail to come completely in? > > The incidence of messages that fail part way through is quite low. Expecially > in communications between big servers (which corresponds to a large portion > of the non-spam traffic). Optimising for the common case makes sense to me. > I should think, though, that using a milter that will reject a message based on the DATA content as it is streaming in would increase the likelihood of such occurrences. For instance, a virus-scanning milter will reject the message as soon as it sees a signature, causing the conversation to be aborted. During a large outbreak, a non-trivial percentage of SMTP traffic may be viruses, so there is still a benefit to buffering in RAM vs. queueing to disk. However, I do agree that asynchronous writes and ext3 unlink-before-commit would mitigate the I/O hit. > > As many other ISP admins know, a large percentage of customers > > are the psychotic kind, prone to POPing their multi-MB mailboxes every > > $%^&[EMAIL PROTECTED] minute, and leaving all the messages on the server. This > > puts a > > non-trivial strain on even a fairly hefty dual-x86 box with H/W RAID5 > > and 2GB of RAM. > > I have not noticed that. I have only noticed a very small portion of users > doing that. With 1,000,000 users the number of psychotic POP users is small > enough that you can deal with them individually. > > Maybe customers of Dutch ISPs are smarter than those of whichever country you > are in. I'm in the US, but let's not start a flame thread over the collective intelligence of our respective populations... ;^P > Why not change your POP server to instead of rejecting the connections to put > gratuitous delays. So if the time since the last connection is < 5 minutes > then make every operation take an extra 18 seconds (some pop servers have 20 > second time outs). That would delay a minimal POP session by 72 seconds > which better than halve the load. I agree, but the political problem remains. Whether I outright reject or impose delays (which will probably generate timeout errors on the client), it generates calls from confused people. But, rather than spend the time explaining the situation, the company would rather the calls not come in at all. Ah, the joy of engineering. > > I did some more figuring on our mail volume and found that even though > > each of our 4 mail routers processes 11-12 messages/second (each message > > requires up to 20 LDAP lookups and a milter for spam filtering), I see > > A caching LDAP proxy would be good for this situation. Converting 20 LDAP > lookups over the network to a single LDAP lookup and 19 accesses to a local > cache daemon should provide some significant benefits. Yes, we run local slapd daemons on all the mailrouters, updated from a central master. We see very good performance from this setup, as noted above. Eric -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ..fixing ext3 fs going read-only, was : Sendmail or Qmail ? ..
On Sun, Sep 07, 2003 at 07:24:27PM +0200, Arnt Karlsen wrote: > > What happens on error conditions can be set through tune2fs or as a > > mount option. Having it remount read-only is probably better than > > panicing the kernel. > > ..yeah, except in /var/log, /var/spool et al, I also lean towards > panic in /home. I tend to use remount read-only feature on desktops, where it's useful for me to be able to save my work on some other filesystem before I reboot my system. But for an unattended server, most of the time it's probably better to force the system to reboot so you can restore service ASAP. > > When it happens a reboot may be a good idea, in which case a fsck to > > fix the problem should occur automatically. > > ..should, agrrrRRRrrreed. IME (RH73 - RH9 and woody) it does not. > > ..what happens is the journaling dies, leaving a good fs intact, > on rebooting, the dead journal will "repair" the fs wiping good > data off the fs. I'm not sure what you mean by this. When there is a filesystem error detected, all writes to the filesystem are immediately aborted, which means the filesystem on disk is left in an unstable state. (It my look consistent while the system is still running, but there is a lot of uncommitted data which has not been written out to disk.) So in general, not running the journal will leave you in a worse state after rebooting, compared to running the journal. An alternative course of action, which we don't currently support would be to attempt to write everything to disk and quiesce the filesystem before remounting it read-only. The problem is that trying to flush everything out to disk might leave things in a worse state than just freezing all writes. The real problem is that in the face of filesystem corruption, by the time the filesystem notices that something is wrong, there may be significant damage that has already taken place. Some of it may already have been written to journal, in which case not replaying the journal might leave you with more data to recover; on the other hand, not replaying the journal could also risk leaving your filesystem very badly corrupted with data which the mail server had promised it had accepted, not actually getting saved by the filesystem. A human could make a read/write snapshot of the filesystem and try it both ways, but if you want automatic recovery, it's probably better to run the journal than not to run it. > ..the errors=remount,ro fstab option remounts the fs ro but fails > to tell the system, so the system merrily "logs" data and "accepts" > mail etc 'till Dooms Day, and especially on raid-1 disks I sort of > expected redundancy, like in "autofeather the bad prop and trim out > the yaw" and "autopatch that holed fuel tank", and "auto-sync the > props", I mean, this was done _60_years_ ago in aviation to help > win WWII, and ext3 on raid-1 floats around USS Yorktown-style??? If the system merrily logs data and accepts it, even after the filesystem is remounted read-only, that implies that the MTA is horribly buggy, not doing the most basic of error return code checks. If the filesystem is remounted read-only, then writes to the filesystem *will* return an error. If the application doesn't notice, then it's the application which is at fault, not ext3. That being said, my preference for servers is to panic immediately on the first sign of trouble, and let the system fsck and come back again. Even if your MTA is non-criminally-negligent, and checks error codes, the best it can do is return a SMTP temporary failure, which still doesn't keep the mail flowing. You're probably best off rebooting the machine and restoring service. - Ted -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
* [EMAIL PROTECTED] (Craig Sanders) [2003.09.07 20:55]: > qmail is so different to sendmail, exim, postfix, and just about every other > unix MTA that migrating to it is a major PITA. migrating away from it is at > least as bad. qmail has some very nice features, and is much faster and far > more secure than sendmail but it's a technology trap as bad as any proprietary > MTA. Just wanted to give anyone considering using qmail a chance to read what he said again because Craig nailed it. I'm in the process of migrating a large mail system from qmail to postfix. I can't tell you how much I hate qmail. Like Craig said, it's like working with a proprietary/commercial product -- it controls what you do, not the other way around. -- Cameron Moore [ Is it wrong that only one company makes a game called 'Monopoly'? ] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Dovecot (was: Re: Sendmail or Qmail ? ..)
On Monday 08 September 2003 14:41, mimo wrote: > I have just played around with dovecot imap server. I can use your > existing mail spool files. Also it allows for craetion of IMAP folders > in users' home dirs which worries me a bit. I'd rather have the mailbox > in MySQL or something like that. But that's a differnet discussion I guess. Can you share your experiences? How does dovecot perform? Does it support SSL (I guess so since it depends on gnutls)? What configuration options does it have? I guess since it supports standard mailboxen, standard mail delivery via procmail can be used by default. Yes, I'll do my own homework - but if people can give a recommendation pro or contra, I might have an idea where to set my hopes. (Ok, it should be an improvement over uw-imapd in any case ;-) cheers -- vbi -- Perl: The Swiss Army Chainsaw pgp0.pgp Description: signature
Re: Sendmail or Qmail ? ..
I have just played around with dovecot imap server. I can use your existing mail spool files. Also it allows for craetion of IMAP folders in users' home dirs which worries me a bit. I'd rather have the mailbox in MySQL or something like that. But that's a differnet discussion I guess. Michael Eric Sproul wrote: On Fri, 2003-09-05 at 11:19, Tinus Nijmeijers wrote: cyrus huh? in that case: is cyrus-popd a drop-in replacement for UW-pop (ipopd) on debian? I seem to remember it is not. You are correct. Cyrus uses a completely different method for storing mail, so you cannot just install its POP daemon. You would have to convert your existing mail spool to Cyrus's format. Eric
Re: Sendmail or Qmail ? ..
> On Thu, Sep 04, 2003 at 03:43:33PM +1000, Rudi Starcevic wrote: > > Sendmail or Qmail ? That is my question. > Well Rudi, You have heard from most camps of users who prefer MTA's for various reasons. Interesting enough, Debian ships exim default, and uses Mailman for it's Debian hosted lists, SuSE ships Postfix, oh yea but they use qmail for the MTA of choice and ezmlm for all the SuSE hosted lists, and the so on and so on. Opinions abound on which is better but I have found after running them all, that I personally like one over the other. Personal convictions because of personal experience. In other words, "only the experienced walk with a limp". I trust that regardless of what your MTA of choice is, you have fun and learn, which is more important than which MTA. Warm Regards, Dee -- W.D.McKinney (Dee) - CEO & President Alaska Wireless Systems Direct (907)349-4308 -=- Mobile (907)230-5048 http://www.akwireless.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Fri, Sep 05, 2003 at 03:14:09PM +1000, Russell Coker wrote: > On Thu, 4 Sep 2003 22:58, Eric Sproul wrote: > > First, scale is a consideration. Once we began to grow our customer > > base, our email volume began to increase dramatically. Qmail queues > > everything to disk, so the more mail you do, the more pressure you put > > on your disk I/O. The server running Qmail was always blocking while it > > I was under the impression that Sendmail also queues everything to disk. by default, it doesn't. > How does it's queue operate then? although it can be configured otherwise (either in the config file or in command line options when calling /usr/sbin/sendmail), sendmail will first attempt to deliver a message submitted to it, and will only fall back to queuing it if the initial delivery fails. this is a performance disaster because it makes resource limiting/rationing impossible, and is probably the primary reason why a sendmail server will fall over and crash under a heavy load that other MTAs (that implement a "queue everything first, deliver out of the queue" approach) handle without breaking a sweat. BTW, this is also one of the reasons why sendmail is slow with most list managers - most of them do not call /usr/sbin/sendmail with '-O DeliveryMode=q' craig -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Fri, Sep 05, 2003 at 12:54:55AM +0200, martin f krafft wrote: > - qmail has a good integration with one of the fastest mailing list > servers, ezmlm. ezmlm is probably the best thing about qmail. however, it's also an example of the technology trap that i referred to in a previous message in this thread. fortunately, courier-mlm has all of the features of ezmlm and works with any standard unix MTA including courier-mta, sendmail, exim, and postfix. ezmlm only works with qmail. btw, mailing list speed has a lot more to do with MTA speed than the list software itself. take any mailing list and try running it with different list managers and different MTAs - several things will become apparent: 1. sendmail is slow with any list manager, even if you pre-sort the recipient list. 2. sendmail's performance varies greatly depending on how you tweak it, and depending on which list manager you use (and how it sends the mail). no matter how well you tweak it, though, it will not even begin to come close to postfix's performance. 3. postfix is extremely fast with any list manager, regardless of whether you pre-sort the recipient list or not and regardless of whether you use VERP[1] features or not. 4. qmail comes close to postfix's speed ONLY if there aren't many recipients at the same domain *OR* if you are using VERP. if there are many recipients at the same domain (e.g. a few hundred at hotmail.com, a few hundred more at yahoo.com etc) and you don't need VERP then delivery by qmail will be much slower. [1] another good idea from djb that was implemented better by others. IMO & IME, he's good at ideas, bad at implementation and absolutely lousy at systems administration. craig -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Thu, Sep 04, 2003 at 08:47:14AM -0400, Dale E Martin wrote: > > It doesnt at all Not to ellaborate, but the subject says it > > all...even then. I hate exim too. > > Has it been covered before on this list? I for one would be interested in > elaboration, if there is something technically inferior about exim or > postfix to qmail or sendmail? Or politically, I suppose, since much of > people's dislike about qmail has more to due with "political" than > technical reasons. there are technical and "political" reasons to avoid qmail. the political reasons have been discussed many times on many lists, so i'll ignore them here. like all of djb's software, qmail has extremely weird configuration. not difficult to learn, just a PITA and completely unlike any other unix tools, and completely unlike anything else on your system - djb (wrongly) believes that it is far more important for his programs to be consistent with each other no matter what system they're running on than it is for them to be consistent with everything else on the system. amongst many other problems (including the unneccessary bizarre re-invention of existing tools that work perfectly well) he makes extensive use of "magic" file and directory names, mere existence of a file can trigger events and radically change the behaviour of a program. this is so fucked up that it's hard to believe he thinks it's a good idea (but he does!). craig -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Thu, Sep 04, 2003 at 03:43:33PM +1000, Rudi Starcevic wrote: > Sendmail or Qmail ? That is my question. neither. postfix is the answer. postfix is backwards compatible with sendmail (meaning minimal disruption during the migration) with better security, speed, and features than qmail (and sendmail too, but that goes without sayiing). > Currently we use Sendmail. It's worked fine, well actually problem free so > better than fine - I've got the Sendmail book and all. However we will be > setting up some new email servers soon and I'm considering Qmail. if you're used to sendmail, you will find postfix to be much easier to understand and configure. > At this stage I'm leaning towards sticking with Sendmail but something inside > wants to know more about Qmail. try setting up two experimental boxes, just to play with. install qmail on one and postfix on the other.you'll need to do this anyway, you really shouldn't migrate mail servers based ONLY on advice from a mailing list - you need to have hands on experience yourself. qmail is certainly worth learning, if only because it has some interesting ideas - but those ideas are implemented far better in postfix. > If you *had* to pick one of these two which would it be ? if i really had no other choice, i'd very reluctantly pick sendmail. not because it's better than qmail (it certainly isn't) but because it isn't a dead-end trap like qmail. qmail is so different to sendmail, exim, postfix, and just about every other unix MTA that migrating to it is a major PITA. migrating away from it is at least as bad. qmail has some very nice features, and is much faster and far more secure than sendmail but it's a technology trap as bad as any proprietary MTA. craig -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ..fixing ext3 fs going read-only, was : Sendmail or Qmail ? ..
On Mon, 8 Sep 2003 00:20:12 +1000, Russell Coker <[EMAIL PROTECTED]> wrote in message <[EMAIL PROTECTED]>: > On Mon, 8 Sep 2003 00:17, Arnt Karlsen wrote: > > ..I have had a few cases of ext3fs'es, even on raid-1, going > > read-only on errors, what do you guys use to bring them back > > into service? > > What happens on error conditions can be set through tune2fs or as a > mount option. Having it remount read-only is probably better than > panicing the kernel. ..yeah, except in /var/log, /var/spool et al, I also lean towards panic in /home. > When it happens a reboot may be a good idea, in which case a fsck to > fix the problem should occur automatically. ..should, agrrrRRRrrreed. IME (RH73 - RH9 and woody) it does not. ..what happens is the journaling dies, leaving a good fs intact, on rebooting, the dead journal will "repair" the fs wiping good data off the fs. ..compare 'df -h' and 'cat /proc/mounts' on such a system. ..the errors=remount,ro fstab option remounts the fs ro but fails to tell the system, so the system merrily "logs" data and "accepts" mail etc 'till Dooms Day, and especially on raid-1 disks I sort of expected redundancy, like in "autofeather the bad prop and trim out the yaw" and "autopatch that holed fuel tank", and "auto-sync the props", I mean, this was done _60_years_ ago in aviation to help win WWII, and ext3 on raid-1 floats around USS Yorktown-style??? -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix! [WAS: Re: Sendmail or Qmail ? ..]
On Sun, Sep 07, 2003 at 11:54:28AM +0800, Jason Lim wrote: > > Hear hear! Nationality doesn't matter. We're talking about technical merit > of things here. Let's keep race, creed, religion, colour out of this. If we gave that impression, that was not the idea. If someone has that feeling, my apologies. > Don't mention SPEWS. SPEWS is famous for blocking large non-USA ISPs at > the drop of a hat, while large USA spam-support ISPs get away with murder. > Why? Because Spews is either run by someone in the USA or knows that if > they started applying the same principals to everyone, more and more large > USA ISPs will be blocked completely, and less and less people will use > SPEWS. Thus SPEWS has double-standards in this regard. Not only SPEWS has that problem :( > I prefer ones that have the same standard, regardless of what country you > are in. Many many block lists are available... www.spamcop.net... or just > check out one of the best Block List comparisons yourself at: > http://www.declude.com/JunkMail/Support/ip4r.htm We currently only use rbl's based on spamtraps and I must say it stops a great number of spammessages. That mostly its automated and no one has to submit anything except spammers that use open-proxies, agents, faulty mailservers, etc. > Don't tell SPEWS and NANAE that... from the way they talk and act, every > spammer must be in China, Korea, Taiwan, and everywhere else EXCEPT the > USA. I know and its a shame :( > In the above block list comparison webpage, I believe it is listed there? No, they're not and they shouldn't be listed there. Spamikaze is just software so everyone can make there own personal rbl and Spamvrij.nl is just a foundation that tries to make emailmarketing acceptable by education of companies and marketiers. It also lists companies on there website that send `spam', but also lists companies that have changed there policy about emailmarketing.. -- Hans -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix! [WAS: Re: Sendmail or Qmail ? ..]
On Sun, Sep 07, 2003 at 03:48:42PM +0200, Adrian 'Dagurashibanipal' von Bidder wrote: Content-Description: signed data > Hans, > > Glad to hear the situation is getting better in .nl. Having been hit by > several 10s of spam from some dutch provider the other day just didn't imply > this :-) I have one advice when sending abuse doesn't help, post[1] the spam in nl.internet.misbruik.spam-signalering with a follow-up to nl.internet.misbruik. Most ISP's in the Netherlands are lurking there and/or posting there like Easynet and Chello. Don't expect results directly, but they will come. > > What is the connection between the nationality of Wietse Venema and > > people who sent spam? This is a very strange argument and more fitted > > for a discussion between kids. > > You *did* see my original mail on that subject? You *did* look at the list of > other more or less silly reasons that were posted already alongside some of > the more serious ones? My-mailer-is-better-than-yours discussions are equal > with my-OS-is-better-than-yours discussions or my-editor-is-better-than-yours > flamefests. Those discussions will always (i) be very long and (ii) turn > silly. I was hoping to avoid (i) by accelerating (ii). Those my-wheel-is-rounder-then-your-wheel-discussions are always silly ;-) [1] Limit you post to onder 10KB max. -- Hans -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ..fixing ext3 fs going read-only, was : Sendmail or Qmail ? ..
On Mon, 8 Sep 2003 00:17, Arnt Karlsen wrote: > ..I have had a few cases of ext3fs'es, even on raid-1, going > read-only on errors, what do you guys use to bring them back > into service? What happens on error conditions can be set through tune2fs or as a mount option. Having it remount read-only is probably better than panicing the kernel. When it happens a reboot may be a good idea, in which case a fsck to fix the problem should occur automatically. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
..fixing ext3 fs going read-only, was : Sendmail or Qmail ? ..
On Sun, 7 Sep 2003 12:34:45 +1000, Russell Coker <[EMAIL PROTECTED]> wrote in message <[EMAIL PROTECTED]>: > > Also I believe that in Ext3 if you write data to a file and then > unlink the file before the data is committed to disk then the data > will never be written. So there seems no loss as long as the file > isn't opened with O_SYNC and you don't call fsync() (and no-one calls > sync()). > ..I have had a few cases of ext3fs'es, even on raid-1, going read-only on errors, what do you guys use to bring them back into service? -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix! [WAS: Re: Sendmail or Qmail ? ..]
On Sunday 07 September 2003 15:48, Adrian 'Dagurashibanipal' von Bidder wrote: Apologies - missing attribution. This was Brian: > > What is the connection between the nationality of Wietse Venema and > > people who sent spam? This is a very strange argument and more fitted > > for a discussion between kids. > > You *did* see my original mail on that subject? You *did* look at the list > of other more or less silly reasons that were posted already alongside some > of the more serious ones? My-mailer-is-better-than-yours discussions are > equal with my-OS-is-better-than-yours discussions or > my-editor-is-better-than-yours flamefests. Those discussions will always > (i) be very long and (ii) turn silly. I was hoping to avoid (i) by > accelerating (ii). > > Well. It didn't work. Surprise. > -- vbi -- I generally avoid temptation unless I can't resist it. -- Mae West pgp0.pgp Description: signature
Re: Postfix! [WAS: Re: Sendmail or Qmail ? ..]
Hans, Glad to hear the situation is getting better in .nl. Having been hit by several 10s of spam from some dutch provider the other day just didn't imply this :-) > What is the connection between the nationality of Wietse Venema and > people who sent spam? This is a very strange argument and more fitted > for a discussion between kids. You *did* see my original mail on that subject? You *did* look at the list of other more or less silly reasons that were posted already alongside some of the more serious ones? My-mailer-is-better-than-yours discussions are equal with my-OS-is-better-than-yours discussions or my-editor-is-better-than-yours flamefests. Those discussions will always (i) be very long and (ii) turn silly. I was hoping to avoid (i) by accelerating (ii). Well. It didn't work. Surprise. -- vbi -- All power corrupts, but we need electricity. pgp0.pgp Description: signature
Re: Sendmail or Qmail ? ..
also sprach Thomas Lamy <[EMAIL PROTECTED]> [2003.09.05.1414 +0200]: > Complete ACK. I'm also willing to give support, as I use > postfix+mysql+sasl at a couple of clients. did you ever get sasl to work with mozilla clients in any but the non-plaintext forms? i'd really appreciate help here! -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! pgp0.pgp Description: PGP signature
Re: Sendmail or Qmail ? ..
also sprach Nathan Eric Norman <[EMAIL PROTECTED]> [2003.09.05.2025 +0200]: > News flash: the FHS specifies how distributions should (or should not) > lay out filesystems. The FHS does not prohibit end users from > creating new root-level directories. executables alongside configuration files in /var is just wrong. the user does not have a choice. that's the last thing i'll say about this. -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! pgp0.pgp Description: PGP signature
Re: Sendmail or Qmail ? ..
On Sun, 7 Sep 2003 13:47, Jason Lim wrote: > Mmm... one of the limitations of Qmail is that it creates many many > individual files (one for each email) and due to filesystem limitations, > EXT2/3 starts slowing to a crawl. Of course, another way would be to use > ReiserFS, but wouldn't doing a FS in a loopback mounted file resolve at > least that? Ext2/3 only slows significantly when you get more than 1000 files per directory. ReiserFS does offer significant benefits for bigger mail servers. A loopback mount solves nothing. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix! [WAS: Re: Sendmail or Qmail ? ..]
> Please people, > > What is the connection between the nationality of Wietse Venema and > people who sent spam? This is a very strange argument and more fitted > for a discussion between kids. We are adults, we are professionals, this > list is to discuss technicall matters (personal opinions allowed). > Please keep up the high standard of this list! > > Thank you > > Brian Hear hear! Nationality doesn't matter. We're talking about technical merit of things here. Let's keep race, creed, religion, colour out of this. > >You should follow nanae more often on usenet and you will know that > >`spammers' mostly moved away from a2000.nl/chello.nl thanks to Marcel > >his actions. And you don't clean a network with over 300k of customers > >overnight, but even SPEWS is seeing changes. Don't mention SPEWS. SPEWS is famous for blocking large non-USA ISPs at the drop of a hat, while large USA spam-support ISPs get away with murder. Why? Because Spews is either run by someone in the USA or knows that if they started applying the same principals to everyone, more and more large USA ISPs will be blocked completely, and less and less people will use SPEWS. Thus SPEWS has double-standards in this regard. I prefer ones that have the same standard, regardless of what country you are in. Many many block lists are available... www.spamcop.net... or just check out one of the best Block List comparisons yourself at: http://www.declude.com/JunkMail/Support/ip4r.htm > >Also another thing, if I may believe statistics from people running > >spamikaze[1] is the US currently nummero uno in there blacklists counted > >by blocked IP-address. Even .tw, .cn and .kr are just minor issues > >compared to the US. Don't tell SPEWS and NANAE that... from the way they talk and act, every spammer must be in China, Korea, Taiwan, and everywhere else EXCEPT the USA. > >Maybe also nice to know is that there is a foundation[2] in the > >Netherlands that fights against Dutch-companies that send people bulk > >e-mail to addresses that are not collected with confirmed opt-in. In the above block list comparison webpage, I believe it is listed there? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
I wrote: >> Unfortunately, [Qmail's] not being maintained by its >> author. I've also used [PM]MDF and Smail. Their authors bailed, too. I've used Slackware's and SuSE's Sendmail on personal systems, but never for anything other people were depending on. W.D. McKinney top-posted: >I know of several "big" mail servers running qmail and the sys admins >don't have the same viewpoint that you do. That doesn't make you wrong >or them wrong though. We're both right. Qmail meets my needs on my personal systems, where I don't need authentication out of a database or SMTP AUTH or milters or mailing lists with Web interfaces. But Exim would work, too, and Debian installed it for me. Big ISPs have software release processes and software quality assurance staff. A crew like that, if they use Qmail, is responsible for knowing which of the patches at qmail.org are crap and which ones work, and how to use them. They can take patches that almost work, and debug them. They don't release "packages," they release *disk images* to production, and get evaluated on their correctness. Qmail meets their needs, too. My servers are in between. Too important for "seems to work" hobby maintenance, too small to afford a professional software staff to debug contributed patches. I *don't know* if I applied a poorly documented qmail.org patch correctly, or whether I configured the resulting setup in ways the patch's author anticipated and tested. When I "google" for comments on the various patches, I don't know whether the commenters are using a system like mine, or one more like the patches' authors'. I need a complete MTA that's being actively maintained by a team who *work together*. Not a collection of patches each of whose status is unknown. That's why I'm not installing Qmail any more. Cameron -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
> On Sun, 7 Sep 2003 02:19, Cameron L. Spitzer wrote: > > I've been running Qmail since '98. It's got a bottleneck > > in disk writes, but aside from that it's fast. > > (Anybody tried running the queue in a ramdisk? > > Running the queue on a ramdisk would kill reliability. Indeed, been there done that. In fact, something I wrote a long while ago about how to increase Qmail's performance greatly (splitting the queues onto two different hard disks/spindles) made it into Debian Weekly news or something. Search Google or the mail list archives for more info on that. And if it is going to be primarily an outgoing mail server, putting it on a Ramdisk makes it deadly fast, but as Russell said... would lose those emails if it suddenly crashed. > Using a non-volatile RAM device however will significantly increase > performance without risk. Umem devices seem a good option for this, their > recent devices are PCI 2.2 - 64bit 66MHz and claim to sustain over 500MB/s > transfer rates with no seeks, I am not sure about Linux device driver support > for that, but the old versions worked well from all accounts. > > If you put your queue on a Umem device you should get all the performance of a > RAM disk with all the reliability of a RAID hard drive device (better > reliability than a hard drive as there are no moving parts). > > http://www.micromemory.com/newwebsite/Dynamic/index.asp > > > Howabout in an fs made in a file mounted looback?) > > What would be the benefit of a FS in a loopback mounted file? That should > kill performance and reliability at the same time. Mmm... one of the limitations of Qmail is that it creates many many individual files (one for each email) and due to filesystem limitations, EXT2/3 starts slowing to a crawl. Of course, another way would be to use ReiserFS, but wouldn't doing a FS in a loopback mounted file resolve at least that? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
- Original Message - From: "Cameron L. Spitzer" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, 07 September, 2003 12:19 AM Subject: Re: Sendmail or Qmail ? .. > I've been running Qmail since '98. It's got a bottleneck > in disk writes, but aside from that it's fast. > (Anybody tried running the queue in a ramdisk? > Howabout in an fs made in a file mounted looback?) > It's secure and reliable. > > Unfortunately, it's not being maintained by its > author. If you want the functionality of a modern MTA, > you need to wade through a disorganized and unverifiable > swamp of contributed patches and add-ons. > I'm sure most of the add-ons are great, if you can figure > out where to get them and how to use them. But the ones I've > tried (mjinject and a couple of SMTP AUTH's) were broken, and > unsupported by *their* authors. I'm not going to ask > hundreds of users to rely on a cobbled-together mess like that. > Apologies and respects to Dave Sill. Of course, it is also the very fact that Qmail does not offer all the bells and whistles that it is also among the most secure MTA available. This does not mean Exim and others are not secure, but natural thinking dictates that given the same security model, one with lots of extra features will be less secure. I use Qmail without any extra patches, and also have Spamassassin installed and integrated with it, and don't have any problem. I use smtp-after-pop, so don't have the SMTP AUTH patches installed, but some of the patches are integrated well into Qmail. > So I've given up on Qmail. I'm using Exim for small systems, > and I'll try Postfix for my next big one. > I've heard good things about Postfix, but as Qmail does basically what I need, and since I don't need all the advanced features, I'm staying with something secure and reliable, unless something I does requires something different. Jas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Sat, 6 Sep 2003 00:08, Eric Sproul wrote: > On Fri, 2003-09-05 at 01:14, Russell Coker wrote: > > I was under the impression that Sendmail also queues everything to disk. > > How does it's queue operate then? > > While the message is coming in, Sendmail buffers the message to memory, > optionally piping the DATA portion to a socket (for milter scanning). > Only after the . does Sendmail accept responsibility for the > message (providing it was not rejected by a milter) and queue it. Some > might say this risky (power outages and such) but I would counter that It's not risky, if anything goes wrong before the . the message must be discarded. However in a modern system there is no performance benefit in buffering to memory over writing to a file without sync(). For a large message you probably want to write it to disk instead of keeping it in memory to avoid thrashing. > until the entire message has been received and processed, the receiving > MTA is not responsible for the message. In fact, I think this is > RFC-specified. Why then, if the receiver isn't responsible, would it > want to spend disk I/O queuing a message that may end up being rejected > or may fail to come completely in? The incidence of messages that fail part way through is quite low. Expecially in communications between big servers (which corresponds to a large portion of the non-spam traffic). Optimising for the common case makes sense to me. Also I believe that in Ext3 if you write data to a file and then unlink the file before the data is committed to disk then the data will never be written. So there seems no loss as long as the file isn't opened with O_SYNC and you don't call fsync() (and no-one calls sync()). > > I'm not sure what the situation was like in 1999, now Qmail and LDAP > > support is adequate. > > But only with patches to the source code. And since it sounds like you > can't distribute modified binaries, you'd have to patch/build qmail on > every MTA. I choose not to install a development environment on my > production servers. I distribute only binary packages with apt from a > central repository. True, this is a significant issue, which is why I recommend Postfix. > > You need two mail storage servers for 60,000 accounts? > > Yes. Actually we now have 4 mail stores. We have discovered, at least > for our situation, that it is not wise to put more than 20K accounts on > a single mailstore. This is not so much for the mail delivery, but for > POP3. As many other ISP admins know, a large percentage of customers > are the psychotic kind, prone to POPing their multi-MB mailboxes every > $%^&[EMAIL PROTECTED] minute, and leaving all the messages on the server. This puts > a > non-trivial strain on even a fairly hefty dual-x86 box with H/W RAID5 > and 2GB of RAM. I have not noticed that. I have only noticed a very small portion of users doing that. With 1,000,000 users the number of psychotic POP users is small enough that you can deal with them individually. Maybe customers of Dutch ISPs are smarter than those of whichever country you are in. > Yes, I know we could set a larger minimum interval for POP, but the > political implications of generating tech support calls about "why can't > I POP my mail?" prevent it. Don't get me started on THAT. 8^o Why not change your POP server to instead of rejecting the connections to put gratuitous delays. So if the time since the last connection is < 5 minutes then make every operation take an extra 18 seconds (some pop servers have 20 second time outs). That would delay a minimal POP session by 72 seconds which better than halve the load. Also if you use Maildir format the impact of checking for mail should not be particularly high. The dentry cache is all that's consulted, give the server plenty of RAM and disk reads should be quite rare. > I did some more figuring on our mail volume and found that even though > each of our 4 mail routers processes 11-12 messages/second (each message > requires up to 20 LDAP lookups and a milter for spam filtering), I see A caching LDAP proxy would be good for this situation. Converting 20 LDAP lookups over the network to a single LDAP lookup and 19 accesses to a local cache daemon should provide some significant benefits. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Sun, 7 Sep 2003 02:19, Cameron L. Spitzer wrote: > I've been running Qmail since '98. It's got a bottleneck > in disk writes, but aside from that it's fast. > (Anybody tried running the queue in a ramdisk? Running the queue on a ramdisk would kill reliability. Using a non-volatile RAM device however will significantly increase performance without risk. Umem devices seem a good option for this, their recent devices are PCI 2.2 - 64bit 66MHz and claim to sustain over 500MB/s transfer rates with no seeks, I am not sure about Linux device driver support for that, but the old versions worked well from all accounts. If you put your queue on a Umem device you should get all the performance of a RAM disk with all the reliability of a RAID hard drive device (better reliability than a hard drive as there are no moving parts). http://www.micromemory.com/newwebsite/Dynamic/index.asp > Howabout in an fs made in a file mounted looback?) What would be the benefit of a FS in a loopback mounted file? That should kill performance and reliability at the same time. > So I've given up on Qmail. I'm using Exim for small systems, > and I'll try Postfix for my next big one. I agree that Postfix is good. However for the last big ISP I was running Qmail was chosen because it uses LDAP entries in the same way as Netscape (the legacy email system) while Postfix has some minor differences. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
Hmm. Since '98 ...good for you. All the patches in the world don't help some folks anyway.Qmail has many ways to skin a cat. In the end, it's pick a horse and ride it. Exim, Postfix, Sendmail and qmail all have querks. Like the Mutt homepage, "All mail clients suck. This one just sucks less." -me, circa 1995 I know of several "big" mail servers running qmail and the sys admins don't have the same viewpoint that you do. That doesn't make you wrong or them wrong though. Dee On Sat, 2003-09-06 at 08:19, Cameron L. Spitzer wrote: > I've been running Qmail since '98. It's got a bottleneck > in disk writes, but aside from that it's fast. > (Anybody tried running the queue in a ramdisk? > Howabout in an fs made in a file mounted looback?) > It's secure and reliable. > > Unfortunately, it's not being maintained by its > author. If you want the functionality of a modern MTA, > you need to wade through a disorganized and unverifiable > swamp of contributed patches and add-ons. > I'm sure most of the add-ons are great, if you can figure > out where to get them and how to use them. But the ones I've > tried (mjinject and a couple of SMTP AUTH's) were broken, and > unsupported by *their* authors. I'm not going to ask > hundreds of users to rely on a cobbled-together mess like that. > Apologies and respects to Dave Sill. > > So I've given up on Qmail. I'm using Exim for small systems, > and I'll try Postfix for my next big one. > > > -- > Cameron > Ps. I read debian-isp at Newsguy. The "From:" address here is > /dev/nulled. My address can be found at http://greens.org/~cls -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Sat, Sep 06, 2003 at 04:19:54PM -, Cameron L. Spitzer <[EMAIL PROTECTED]> wrote: > > So I've given up on Qmail. I'm using Exim for small systems, > and I'll try Postfix for my next big one. Why won't you give exim a try on bigger systems? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
I've been running Qmail since '98. It's got a bottleneck in disk writes, but aside from that it's fast. (Anybody tried running the queue in a ramdisk? Howabout in an fs made in a file mounted looback?) It's secure and reliable. Unfortunately, it's not being maintained by its author. If you want the functionality of a modern MTA, you need to wade through a disorganized and unverifiable swamp of contributed patches and add-ons. I'm sure most of the add-ons are great, if you can figure out where to get them and how to use them. But the ones I've tried (mjinject and a couple of SMTP AUTH's) were broken, and unsupported by *their* authors. I'm not going to ask hundreds of users to rely on a cobbled-together mess like that. Apologies and respects to Dave Sill. So I've given up on Qmail. I'm using Exim for small systems, and I'll try Postfix for my next big one. -- Cameron Ps. I read debian-isp at Newsguy. The "From:" address here is /dev/nulled. My address can be found at http://greens.org/~cls -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix! [WAS: Re: Sendmail or Qmail ? ..]
Please people, What is the connection between the nationality of Wietse Venema and people who sent spam? This is a very strange argument and more fitted for a discussion between kids. We are adults, we are professionals, this list is to discuss technicall matters (personal opinions allowed). Please keep up the high standard of this list! Thank you Brian Hans Spaans wrote: On Fri, Sep 05, 2003 at 03:01:29PM +0200, Adrian von Bidder wrote: Content-Description: signed data On Friday 05 September 2003 13:45, Nico Meijer wrote: - wietse venema is [...] d) dutch Taking into account that .nl is one of the major sources of spam right now (through a2000.nl and plant.nl), I'm not sure if this counts for or against using postfix. You should follow nanae more often on usenet and you will know that `spammers' mostly moved away from a2000.nl/chello.nl thanks to Marcel his actions. And you don't clean a network with over 300k of customers overnight, but even SPEWS is seeing changes. Also another thing, if I may believe statistics from people running spamikaze[1] is the US currently nummero uno in there blacklists counted by blocked IP-address. Even .tw, .cn and .kr are just minor issues compared to the US. Maybe also nice to know is that there is a foundation[2] in the Netherlands that fights against Dutch-companies that send people bulk e-mail to addresses that are not collected with confirmed opt-in. So you may need to rethink your opion about the Netherland and spam, because a lot has changed or is changing or is based on fiction. [1] http://spamikaze.nl.linux.org/ [2] http://www.spamvrij.nl/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix! [WAS: Re: Sendmail or Qmail ? ..]
On Fri, Sep 05, 2003 at 03:01:29PM +0200, Adrian von Bidder wrote: Content-Description: signed data > On Friday 05 September 2003 13:45, Nico Meijer wrote: > > > - wietse venema is [...] d) dutch > > Taking into account that .nl is one of the major sources of spam right now > (through a2000.nl and plant.nl), I'm not sure if this counts for or against > using postfix. You should follow nanae more often on usenet and you will know that `spammers' mostly moved away from a2000.nl/chello.nl thanks to Marcel his actions. And you don't clean a network with over 300k of customers overnight, but even SPEWS is seeing changes. Also another thing, if I may believe statistics from people running spamikaze[1] is the US currently nummero uno in there blacklists counted by blocked IP-address. Even .tw, .cn and .kr are just minor issues compared to the US. Maybe also nice to know is that there is a foundation[2] in the Netherlands that fights against Dutch-companies that send people bulk e-mail to addresses that are not collected with confirmed opt-in. So you may need to rethink your opion about the Netherland and spam, because a lot has changed or is changing or is based on fiction. [1] http://spamikaze.nl.linux.org/ [2] http://www.spamvrij.nl/ -- Hans -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Fri, Sep 05, 2003 at 09:19:51AM +0200, martin f krafft wrote: > also sprach martin f krafft <[EMAIL PROTECTED]> [2003.09.05.0740 +0200]: > > This is illegal. And in any case, it's not official. > > Correction, this is not illegal, but only if you install a package > that violates the FHS[1] big time. I don't see the merits in qmail > to account for this compromise. > > 1. http://www.pathname.com/fhs News flash: the FHS specifies how distributions should (or should not) lay out filesystems. The FHS does not prohibit end users from creating new root-level directories. -- Nathan Norman - Incanus Networking mailto:[EMAIL PROTECTED] The problem is ... that a lot of C++ programmers tend to forget to conquer while dividing. -- Emile van Bergen (on d-devel) pgp0.pgp Description: PGP signature
Re: Sendmail or Qmail ? ..
On Fri, 2003-09-05 at 11:19, Tinus Nijmeijers wrote: > cyrus huh? in that case: is cyrus-popd a drop-in replacement for UW-pop > (ipopd) on debian? > I seem to remember it is not. You are correct. Cyrus uses a completely different method for storing mail, so you cannot just install its POP daemon. You would have to convert your existing mail spool to Cyrus's format. Eric -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Fri, 2003-09-05 at 16:31, Guus Houtzager wrote: > On Fri, 2003-09-05 at 16:18, Tinus Nijmeijers wrote: > > On Fri, 2003-09-05 at 16:08, Eric Sproul wrote: > > > > > Yes, I know we could set a larger minimum interval for POP, but the > > > political implications of generating tech support calls about "why can't > > > I POP my mail?" prevent it. Don't get me started on THAT. 8^o > > > > sorry to butt in, but HOW could you set such a minimum interval? > > I have searched and found nothing that could do this for me. > > It's not a configoption of your MTA, it's a pop/imap server specific > setting. We're running cyrus and there it's controlled using > I know. cyrus huh? in that case: is cyrus-popd a drop-in replacement for UW-pop (ipopd) on debian? I seem to remember it is not. tinus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Fri, 2003-09-05 at 16:18, Tinus Nijmeijers wrote: > On Fri, 2003-09-05 at 16:08, Eric Sproul wrote: > > > Yes, I know we could set a larger minimum interval for POP, but the > > political implications of generating tech support calls about "why can't > > I POP my mail?" prevent it. Don't get me started on THAT. 8^o > > sorry to butt in, but HOW could you set such a minimum interval? > I have searched and found nothing that could do this for me. It's not a configoption of your MTA, it's a pop/imap server specific setting. We're running cyrus and there it's controlled using # Minimum time between POP mail fetches in minutes popminpoll: 1 in /etc/imapd.conf > thanks > > tinus. Regards, Guus Houtzager -- Luna.nl B.V. --- Puntegaalstraat 109 Postbus 63000 Tel : (010) 750 2000 3024 EB ROTTERDAM 3002 JA ROTTERDAMFax : (010) 750 2002 www.luna.nl [EMAIL PROTECTED] Helpdesk: (010) 750 2020 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Fri, 2003-09-05 at 10:18, Tinus Nijmeijers wrote: > On Fri, 2003-09-05 at 16:08, Eric Sproul wrote: > > > Yes, I know we could set a larger minimum interval for POP, but the > > political implications of generating tech support calls about "why can't > > I POP my mail?" prevent it. Don't get me started on THAT. 8^o > > sorry to butt in, but HOW could you set such a minimum interval? > I have searched and found nothing that could do this for me. It depends on your POP daemon. We use Cyrus, and it's a simple config option. Perhaps someone else who uses what you do will be able to tell you. If you happen to use Cyrus, look for: # Minimum time between POP mail fetches in minutes #popminpoll: 1 in your imapd.conf. We're running Cyrus 2.1.15 from the Debian package. Eric -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Fri, 2003-09-05 at 16:08, Eric Sproul wrote: > Yes, I know we could set a larger minimum interval for POP, but the > political implications of generating tech support calls about "why can't > I POP my mail?" prevent it. Don't get me started on THAT. 8^o sorry to butt in, but HOW could you set such a minimum interval? I have searched and found nothing that could do this for me. thanks tinus. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Fri, 2003-09-05 at 01:14, Russell Coker wrote: > I was under the impression that Sendmail also queues everything to disk. How > does it's queue operate then? While the message is coming in, Sendmail buffers the message to memory, optionally piping the DATA portion to a socket (for milter scanning). Only after the . does Sendmail accept responsibility for the message (providing it was not rejected by a milter) and queue it. Some might say this risky (power outages and such) but I would counter that until the entire message has been received and processed, the receiving MTA is not responsible for the message. In fact, I think this is RFC-specified. Why then, if the receiver isn't responsible, would it want to spend disk I/O queuing a message that may end up being rejected or may fail to come completely in? > I'm not sure what the situation was like in 1999, now Qmail and LDAP support > is adequate. But only with patches to the source code. And since it sounds like you can't distribute modified binaries, you'd have to patch/build qmail on every MTA. I choose not to install a development environment on my production servers. I distribute only binary packages with apt from a central repository. > You need two mail storage servers for 60,000 accounts? Yes. Actually we now have 4 mail stores. We have discovered, at least for our situation, that it is not wise to put more than 20K accounts on a single mailstore. This is not so much for the mail delivery, but for POP3. As many other ISP admins know, a large percentage of customers are the psychotic kind, prone to POPing their multi-MB mailboxes every $%^&[EMAIL PROTECTED] minute, and leaving all the messages on the server. This puts a non-trivial strain on even a fairly hefty dual-x86 box with H/W RAID5 and 2GB of RAM. Yes, I know we could set a larger minimum interval for POP, but the political implications of generating tech support calls about "why can't I POP my mail?" prevent it. Don't get me started on THAT. 8^o > Of course there are lots of things you can do to tune performance, such as > mounting with noatime and using a patched kernel to fix the performance > limiting bugs (I used a SUSE kernel for the mail servers in question). Yes, we use the noatime trick to great effect on the mail stores. While we're on the disk topic, does anyone have or know of a tool to gather I/O statistics on a DAC960? Two of our 4 mail stores have these controllers, and I'm curious how they're doing. I did some more figuring on our mail volume and found that even though each of our 4 mail routers processes 11-12 messages/second (each message requires up to 20 LDAP lookups and a milter for spam filtering), I see virtually no latency in delivery to the mail store. I don't say that to brag, I just have no idea how other folks process their mail, and I'm curious whether we're out of the ordinary or just run-of-the-mill, ho-hum. ;) Good discussion all around though. I'm learning a lot here. Eric -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: Sendmail or Qmail ? ..
martin f krafft wrote: > > also sprach Dale E Martin <[EMAIL PROTECTED]> > [2003.09.04.1447 +0200]: > > Has it been covered before on this list? I for one would be > > interested in elaboration, if there is something technically > > inferior about exim or postfix to qmail or sendmail? Or > > politically, I suppose, since much of people's dislike about qmail > > has more to due with "political" than technical reasons. > > random notes (these are facts and opinions, please don't flame me): > > - sendmail and exim are both single setuid binaries. bad. > - postfix is the most performant of all four. > - qmail has an interesting but possibly confusing > configuration paradigm > - postfix has the easiest configuration, IMHO. > - qmail has a good integration with one of the fastest mailing list > servers, ezmlm. > - exim is very extensible. > - qmail does not come with anything but basic mail transfer stuff. if > you want things like tls or sasl, you have to patch. > - qmail isn't available as a binary package for Debian. > - qmail support includes being flamed by the author > - postfix and exim support are available here, and if only be me and > dman respectively (note that you have to mention my name in a post > if you want me to see it. i am writing my phd and am thus > filtering messages to not be flooded) > - ralf hildebrandt uses postfix (he's the guru, next to wietse. > > can't think of any more. > Complete ACK. I'm also willing to give support, as I use postfix+mysql+sasl at a couple of clients. Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix! [WAS: Re: Sendmail or Qmail ? ..]
On Friday 05 September 2003 13:45, Nico Meijer wrote: > - wietse venema is [...] d) dutch Taking into account that .nl is one of the major sources of spam right now (through a2000.nl and plant.nl), I'm not sure if this counts for or against using postfix. -- vbi (Happy postfix user) (Since experience tells me that there is always somebody ready to take any attempted joke for serious: O\ | 0/ ) -- featured link: http://fortytwo.ch/gpg/intro pgp0.pgp Description: signature
Re: Sendmail or Qmail ? ..
also sprach martin f krafft <[EMAIL PROTECTED]> [2003.09.05.0740 +0200]: > This is illegal. And in any case, it's not official. Correction, this is not illegal, but only if you install a package that violates the FHS[1] big time. I don't see the merits in qmail to account for this compromise. 1. http://www.pathname.com/fhs -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! pgp0.pgp Description: PGP signature
Postfix! [WAS: Re: Sendmail or Qmail ? ..]
Hi Martin, > - ralf hildebrandt uses postfix (he's the guru, next to wietse. - ralf hildebrandt and patrick koetter (the other guru) are coming out with a book on postfix (http://www.nostarch.com/postfix.htm) - wietse venema (postfix's author) is a) capable b) generally a nice person, or so i've been told c) an active contributor on the postfix-users mailing list d) dutch > can't think of any more. What more does one need? ;-) Bye... Nico -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
also sprach W.D. McKinney <[EMAIL PROTECTED]> [2003.09.05.0448 +0200]: > > - qmail isn't available as a binary package for Debian > > Wrong. See http://smarden.org/pape/Debian/ This is illegal. And in any case, it's not official. > > - qmail support includes being flamed by the author > > Wrong. Ask a question and find out. Many helpful people who don't > flame but as they highly experienced folks they expect one to > think through the issue and post the needed info to reply with > help. I don't want to get into this, so I won't comment. -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! pgp0.pgp Description: PGP signature
Re: Sendmail or Qmail ? ..
also sprach Dale E Martin <[EMAIL PROTECTED]> [2003.09.05.0207 +0200]: > I'd add: > - exim has the most extensive and useful documentation > > (But I'd love to be proven wrong!) possible, although i do find the stuff on postfix.org adequate. maybe not for MTA newbies but for people with experience it's all you need. -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! pgp0.pgp Description: PGP signature
Re: Sendmail or Qmail ? ..
On Thu, 4 Sep 2003 22:58, Eric Sproul wrote: > First, scale is a consideration. Once we began to grow our customer > base, our email volume began to increase dramatically. Qmail queues > everything to disk, so the more mail you do, the more pressure you put > on your disk I/O. The server running Qmail was always blocking while it I was under the impression that Sendmail also queues everything to disk. How does it's queue operate then? > where the mailbox is). We chose OpenLDAP. At the time (1999), Qmail > did not have LDAP support (correct me if I'm wrong). Sendmail did. > Even if Qmail did have LDAP support then, Sendmail's source was *much* > easier to dig through for the performance tuning we did. I'm not sure what the situation was like in 1999, now Qmail and LDAP support is adequate. > Today we are very happy with our Sendmail installation. Debian and > Sendmail play very happily together, and with our modular setup we > process over 4 million messages a day with over 60,000 mailboxes. Yes, > Sendmail has had several high-profile vulnerabilities, but with Debian > and apt, we were able to stay on top of it with little difficulty. I > can see how Qmail could look attractive to a smaller site with a less > complex setup, but for us, Sendmail was the way to go. You need two mail storage servers for 60,000 accounts? Recently I was running a system with over 1M accounts on 5 storage servers. The machines all had 4G of RAM which was necessary to keep the directory structure in cache. So the servers were averaging about 2M/s of disk writes and only 200K/s of reads according to iostat. Performance was OK but dropped out at times of high load. I determined that using a NVRAM device (such as a umem card) for the primary queue would allow each server to handle twice the load with only a 7% price increase per server. I am fairly confident that the same Qmail setup could handle 4M messages and 60K mail boxes per back-end server very easily with Dell PowerEdge 2650 machines in a fairly standard setup. Of course there are lots of things you can do to tune performance, such as mounting with noatime and using a patched kernel to fix the performance limiting bugs (I used a SUSE kernel for the mail servers in question). -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Thu, Sep 04, 2003 at 06:51:41PM -0800, W.D. McKinney wrote: >On Thu, 2003-09-04 at 04:58, Eric Sproul wrote: >> Sendmail's milter plug-in system has also been invaluable when we >> implemented server-side bayesian spam filtering, and as we work on virus >> scanning. >> > >qmail being modular has the capability of performing this also. Yeah, qmail is modular, but that doesn't mean you can do a milter, accept with some (not really) fourth coming patch from hell. The whole concept of milter is a different religion than qmail. Say you want to use a cluster to virus/spam filter (oh, been said), a sendmail milter would pipe the message off to the load balancer, and the "milter" would receive it back into the sendmail process. Sending a message out for processing and dropping it back in the queue is really not the qmail way. With qmail you might accept mail to a cluster of relays (eg via dns round robin) which (by say smtproutes) deliver to destination(s) (configured to only accept mail from the cluster) after processing. qmtp might speed things up on your private network. -- Do-able but nothing like a milter. // George -- GEORGE GEORGALIS, System Admin/Architectcell: 646-331-2027< Security Services, Web, Mail,mailto:[EMAIL PROTECTED] Multimedia, DB, DNS and Metrics. http://www.galis.org/george -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Thu, 2003-09-04 at 04:58, Eric Sproul wrote: > On Thu, 2003-09-04 at 01:43, Rudi Starcevic wrote: > > Hi, > > > > Sorry to bother you all with this repeat question. > > I've have searched around and seen plenty of opinions but I'd like to > > ask again and get the latest from this list. > > > > Sendmail or Qmail ? That is my question. > > Rudi, > I work at an ISP that used to use Qmail, but now uses Sendmail. There > are several reasons why the switch was made, none having anything to do > with the "religion" surrounding either one. The following is my > opinion, illustrated with some examples from my company. > > First, scale is a consideration. Once we began to grow our customer > base, our email volume began to increase dramatically. Qmail queues > everything to disk, so the more mail you do, the more pressure you put > on your disk I/O. The server running Qmail was always blocking while it > tried to keep up with the disk writes. We had to decide whether to > spend huge $$$ on a big-iron server to handle it all, or to go cheap and > modular using some other MTA. We opted for the latter. We replaced our > single mailserver with four mail routing servers and two mail storage > servers, where customer accounts reside. > qmail is more modular than any other MTA, especially Sendmail. > Sendmail uses RAM more heavily than Qmail, relieving some of the disk > I/O pressure, and improving performance under heavy loads. In order to > go modular, we needed a directory service to tie it all together (so > that each mail router can reference a system-wide config, and figure out > where the mailbox is). We chose OpenLDAP. At the time (1999), Qmail > did not have LDAP support (correct me if I'm wrong). Sendmail did. > Even if Qmail did have LDAP support then, Sendmail's source was *much* > easier to dig through for the performance tuning we did. > > Sendmail's milter plug-in system has also been invaluable when we > implemented server-side bayesian spam filtering, and as we work on virus > scanning. > qmail being modular has the capability of performing this also. > Today we are very happy with our Sendmail installation. Debian and > Sendmail play very happily together, and with our modular setup we > process over 4 million messages a day with over 60,000 mailboxes. Yes, > Sendmail has had several high-profile vulnerabilities, but with Debian > and apt, we were able to stay on top of it with little difficulty. I > can see how Qmail could look attractive to a smaller site with a less > complex setup, but for us, Sendmail was the way to go. > > Regards, > Eric Good to know you are happy. That makes a big difference. Dee -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Thu, 2003-09-04 at 14:54, martin f krafft wrote: > - qmail isn't available as a binary package for Debian Wrong. See http://smarden.org/pape/Debian/ > . > - qmail support includes being flamed by the author Wrong. Ask a question and find out. Many helpful people who don't flame but as they highly experienced folks they expect one to think through the issue and post the needed info to reply with help. I like debian by the way :-) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Fri, Sep 05, 2003 at 12:54:55AM +0200, martin f krafft wrote: Mostly good comments (I've never used postfix or exim -- comments seem accurate from what I've heard) but I have to disagree with this: >- qmail support includes being flamed by the author I've subscribed to the qmail list more or less continuously since: "Wed, 21 Feb 2001 16:37:27 +0800", possibly earlier with an employer's email account. In that time I've collected quite a few postings... $ find Mail/qmail.old/ -type f | wc -l 23561 $ find Mail/qmail/ -type f | wc -l 866 (some might be from related lists like qmail-dist) of those only a few are from the author... $ rgrep -l '[EMAIL PROTECTED]' Mail/qmail.old | wc -l 13 $ rgrep -l '[EMAIL PROTECTED]' Mail/qmail | wc -l 2 of those only 8 appear to have been from DJB. I've included them at the end of this message. I would characterize DJB more like a sphinx than a flamer. True if you are frustrated and confused and post arbitrary questions to the qmail list, you will be squarely rebuked, quickly, by other subscribers. In my opinion that's very different than being chastised. On the same note, if you post carefully the facts needed to answer your question, or just ask what they are, you will get an answer, quickly. It doesn't really matter how difficult your question is. There is pretty good signal to noise on the list too. I find going through the work of properly framing my questions is often enough to answer them myself, before I get to post. Addressing the OP question. qmail is fast in many (not all) benchmarks, as reliable as you can get (through power failure et al) and it has a perfect security record. I use it because of the simplicity and granularity of configuration, you can make it do _anything_, more easily than other mailers I've used. However, the configuration is unlike anything else, very different. For that reason I would not use qmail in production before you have at least 6 months experience with it, less if you have a simple configuration. The components are not complicated, but if you don't understand how they all work together, you can break your server quickly. // George PS the funny license is easier to deal with than most people think. The only time I've heard of a license issue that couldn't be resolved was for an os that was to be distributed, to run on some 'thing' that didn't have a /var directory and couldn't compile as part of the install. :} Oops, I forgot the dates with the messages below, you can collate them if you want $ rgrep -l '[EMAIL PROTECTED]' Mail/qmail.old | xargs egrep -h '(^Message-ID|^Date)' Message-ID: <[EMAIL PROTECTED]> Date: Wed, 11 Apr 2001 08:55:09 -0400 (EDT) Date: Wed, 11 Apr 2001 09:51:39 -0400 Message-ID: <[EMAIL PROTECTED]> Date: 15 Apr 2001 19:31:35 - Message-ID: <[EMAIL PROTECTED]> Date: 4 Oct 2002 19:19:51 - Message-ID: <[EMAIL PROTECTED]> Date: 13 Oct 2002 08:43:09 - Message-ID: <[EMAIL PROTECTED]> Date: 15 Oct 2002 22:37:36 - Message-ID: <[EMAIL PROTECTED]> Date: 16 Oct 2002 01:20:41 - Message-ID: <[EMAIL PROTECTED]> Date: 15 Nov 2002 09:00:51 - Message-ID: <[EMAIL PROTECTED]> Date: 23 Nov 2002 03:23:03 - Message-ID: <[EMAIL PROTECTED]> Date: 14 Jan 2003 02:11:17 - Message-ID: <[EMAIL PROTECTED]> Date: Mon, 14 Jul 2003 17:48:49 -0700 Message-ID: <[EMAIL PROTECTED]> Date: 14 Jul 2003 19:59:44 - Message-ID: <[EMAIL PROTECTED]> Date: 15 Jul 2003 00:05:55 - Message-ID: <[EMAIL PROTECTED]> $ rgrep -l '[EMAIL PROTECTED]' Mail/qmail | xargs egrep -h '(^Message-ID|^Date)' Date: Fri, 22 Aug 2003 15:31:44 +0530 Date: Fri, 22 Aug 2003 16:30:11 +0530 Message-ID: <[EMAIL PROTECTED]> From: "D. J. Bernstein" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: RFCs? David Benfell writes: > I keep hearing rumblings about how Dan plays fast and loose with the > RFCs in qmail and his other programs. Mud-slinging 101: Claim that the program won't work for most people. Claim that it's a research prototype not meant for serious use. Claim that nobody uses the program. Don't worry about the truth. These claims are effective as long as the program is not perceived as being popular. Readers using the program will know that you're lying, but they aren't your target audience. Mud-slinging 102: Claim that, while the program seems to work, it is a disaster waiting to happen. Claim that it has interoperability problems. Claim that it violates RFCs. Don't worry about the truth. These claims remain fairly effective even after the program is perceived as being popular. Members of your target audience won't have any reason to think that you're lying: they haven't read the RFCs, and they aren't familiar with the tiny protocol details that affect interoperability. > Robert Banz ([EMAIL PROTECTED]) says, "the author [DJB] has been > known to 'scoff' at the thought of RFC compliance (from Lisa '98)" I wasn't at LISA '98. > Michael H. Warfield See http://cr.yp.to/qmail/warfi
Re: Sendmail or Qmail ? ..
> random notes (these are facts and opinions, please don't flame me): > > - sendmail and exim are both single setuid binaries. bad. > - postfix is the most performant of all four. > - qmail has an interesting but possibly confusing configuration paradigm > - postfix has the easiest configuration, IMHO. > - qmail has a good integration with one of the fastest mailing list > servers, ezmlm. > - exim is very extensible. > - qmail does not come with anything but basic mail transfer stuff. if > you want things like tls or sasl, you have to patch. > - qmail isn't available as a binary package for Debian. > - qmail support includes being flamed by the author > - postfix and exim support are available here, and if only be me and > dman respectively (note that you have to mention my name in a post > if you want me to see it. i am writing my phd and am thus > filtering messages to not be flooded) > - ralf hildebrandt uses postfix (he's the guru, next to wietse. I'd add: - exim has the most extensive and useful documentation (But I'd love to be proven wrong!) Later, Dale -- Dale E. Martin, Clifton Labs, Inc. Senior Computer Engineer [EMAIL PROTECTED] http://www.cliftonlabs.com pgp key available pgp0.pgp Description: PGP signature
Re: Sendmail or Qmail ? ..
Martin, Very good. More food for thought and consideration. Thanks Regards Rudi. martin f krafft wrote: also sprach Dale E Martin <[EMAIL PROTECTED]> [2003.09.04.1447 +0200]: Has it been covered before on this list? I for one would be interested in elaboration, if there is something technically inferior about exim or postfix to qmail or sendmail? Or politically, I suppose, since much of people's dislike about qmail has more to due with "political" than technical reasons. random notes (these are facts and opinions, please don't flame me): - sendmail and exim are both single setuid binaries. bad. - postfix is the most performant of all four. - qmail has an interesting but possibly confusing configuration paradigm - postfix has the easiest configuration, IMHO. - qmail has a good integration with one of the fastest mailing list servers, ezmlm. - exim is very extensible. - qmail does not come with anything but basic mail transfer stuff. if you want things like tls or sasl, you have to patch. - qmail isn't available as a binary package for Debian. - qmail support includes being flamed by the author - postfix and exim support are available here, and if only be me and dman respectively (note that you have to mention my name in a post if you want me to see it. i am writing my phd and am thus filtering messages to not be flooded) - ralf hildebrandt uses postfix (he's the guru, next to wietse. can't think of any more.
Re: Sendmail or Qmail ? ..
also sprach Dale E Martin <[EMAIL PROTECTED]> [2003.09.04.1447 +0200]: > Has it been covered before on this list? I for one would be > interested in elaboration, if there is something technically > inferior about exim or postfix to qmail or sendmail? Or > politically, I suppose, since much of people's dislike about qmail > has more to due with "political" than technical reasons. random notes (these are facts and opinions, please don't flame me): - sendmail and exim are both single setuid binaries. bad. - postfix is the most performant of all four. - qmail has an interesting but possibly confusing configuration paradigm - postfix has the easiest configuration, IMHO. - qmail has a good integration with one of the fastest mailing list servers, ezmlm. - exim is very extensible. - qmail does not come with anything but basic mail transfer stuff. if you want things like tls or sasl, you have to patch. - qmail isn't available as a binary package for Debian. - qmail support includes being flamed by the author - postfix and exim support are available here, and if only be me and dman respectively (note that you have to mention my name in a post if you want me to see it. i am writing my phd and am thus filtering messages to not be flooded) - ralf hildebrandt uses postfix (he's the guru, next to wietse. can't think of any more. -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! pgp0.pgp Description: PGP signature
Re: Sendmail or Qmail ? ..
El jue, 04-09-2003 a las 07:58, Eric Sproul escribió: > We chose OpenLDAP. At the time (1999), Qmail > did not have LDAP support (correct me if I'm wrong). Sendmail did. > Even if Qmail did have LDAP support then, Sendmail's source was *much* > easier to dig through for the performance tuning we did. It does support LDAP now, and yes. You are right about the disk-io tradeoff. But, where reliability and lossless environments are needed, the way qmail does things ensure you NEVER loose mail, even if its all over a SAN or NFS setup. This is because it will return OK delivered or OK queued until it confirms it has been written. Its like postgresql. You can have it allways fsync (all writes, deletes inserts trigger a commit before they return OK), and it will slow down, need big iron. Or you can turn fsync off and live with the posibility of you loosing some data in a power outage. Mail is almost never a MUST HAVE thing though, i think for most its valid to just live with the posibility of loosing an email in the queue, or to have it half written to it. Not for me though, i like the secure,reliable thing and i did get some good big iron (two dell 2650 in a drbd cluster+heartbeat, 2 gigs ram). Also, i like the way qmail is done to be managable. Even then, i am trying to move to postfix as fast as i can. Not because of religion (i am religious too though, just really a sinner), but because it has a healthy community, its very very well supported in debian, it has very little of sendmail nonsense (i was reading the 7th edition unix redbook...damn, even back then, people already hated it), and its GPL (-a nice cherry on top that is, master yoda said.). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Thu, 04 Sep 2003 08:58:27 -0400, Eric Sproul <[EMAIL PROTECTED]> wrote in message <[EMAIL PROTECTED]>: > On Thu, 2003-09-04 at 01:43, Rudi Starcevic wrote: > > Hi, > > > > Sorry to bother you all with this repeat question. > > I've have searched around and seen plenty of opinions but I'd like > > to ask again and get the latest from this list. > > > > Sendmail or Qmail ? That is my question. > > Rudi, ..how about Postfix? On chosing Sendmail, you obviously rejected it, but why? -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
Hi, First thanks to all who have replied. We're all busy so I do appreciate the time taken to tap out a reply message. It's very interesting and in some ways what I expected. There is no right or wrong. Just like programing there is many ways to the top of the mountain. So for me it's come down to a choice of three. a) Sendmail b) Qmail c) Postfix. Well Qmail is out I think - for Religous reasons. See I'm Religous - that's why I use and love Debian ;-) As for Sendmail, well some say it's full of holes but as Eric has noted those bugs get ironed out pronto and apt sorts the rest out ( though I like to compile from source ). Others say it's hard to understand or configure. That's true but if you've read the Sendmail 'Bat' book, which I have, then it's not that complicated at all ( well actually the 200 pages of regular expression's was kinda complicated ). I've looked into Postfix briefly before and will re-examine it. My goal is to maximize security. Postfix is well known to be very secure and stable, some would say it's kinda like an improved Sendmail. So it looks like a choice between two for me: Sendmail or Postfix. I think I'm going to sleep on this one. Again many thanks for your valuable time. Cheers Rudi. > On Thu, 2003-09-04 at 01:43, Rudi Starcevic wrote: > > Hi, > > > > Sorry to bother you all with this repeat question. > > I've have searched around and seen plenty of opinions but I'd like to > > ask again and get the latest from this list. > > > > Sendmail or Qmail ? That is my question. > > Rudi, > I work at an ISP that used to use Qmail, but now uses Sendmail. > There are several reasons why the switch was made, none having > anything to do with the "religion" surrounding either one. The > following is my opinion, illustrated with some examples from my company. > > First, scale is a consideration. Once we began to grow our customer > base, our email volume began to increase dramatically. Qmail queues > everything to disk, so the more mail you do, the more pressure you > put on your disk I/O. The server running Qmail was always blocking > while it tried to keep up with the disk writes. We had to decide > whether to spend huge $$$ on a big-iron server to handle it all, or > to go cheap and modular using some other MTA. We opted for the > latter. We replaced our single mailserver with four mail routing > servers and two mail storage servers, where customer accounts reside. > > Sendmail uses RAM more heavily than Qmail, relieving some of the disk > I/O pressure, and improving performance under heavy loads. In order > to go modular, we needed a directory service to tie it all together (so > that each mail router can reference a system-wide config, and figure > out where the mailbox is). We chose OpenLDAP. At the time (1999), Qmail > did not have LDAP support (correct me if I'm wrong). Sendmail did. > Even if Qmail did have LDAP support then, Sendmail's source was > *much* easier to dig through for the performance tuning we did. > > Sendmail's milter plug-in system has also been invaluable when we > implemented server-side bayesian spam filtering, and as we work on virus > scanning. > > Today we are very happy with our Sendmail installation. Debian and > Sendmail play very happily together, and with our modular setup we > process over 4 million messages a day with over 60,000 mailboxes. > Yes, Sendmail has had several high-profile vulnerabilities, but with > Debian and apt, we were able to stay on top of it with little > difficulty. I can see how Qmail could look attractive to a smaller > site with a less complex setup, but for us, Sendmail was the way to go. > > Regards, > Eric -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
I repeat the earlier question: Why not exim? I really don't know. I have fallen in love with it, thought the tools to configure do not exists (Oh my God, I actually have to MANUALLY edit the config file). I have a small installation, but intend to grow, and if there will be a problem with exim, I'd like to change now. I use IMAP which I never tried under sendmail. So, if the list gets the time, I'd like to know why not exim, with an eye towards changing (I'm currently building a replacement server, so now would be a good time to change if necessary). Rod > On Thu, 2003-09-04 at 01:43, Rudi Starcevic wrote: >> Hi, >> >> Sorry to bother you all with this repeat question. >> I've have searched around and seen plenty of opinions but I'd like to >> ask again and get the latest from this list. >> >> Sendmail or Qmail ? That is my question. > > Rudi, > I work at an ISP that used to use Qmail, but now uses Sendmail. There > are several reasons why the switch was made, none having anything to do > with the "religion" surrounding either one. The following is my > opinion, illustrated with some examples from my company. > > First, scale is a consideration. Once we began to grow our customer > base, our email volume began to increase dramatically. Qmail queues > everything to disk, so the more mail you do, the more pressure you put > on your disk I/O. The server running Qmail was always blocking while it > tried to keep up with the disk writes. We had to decide whether to > spend huge $$$ on a big-iron server to handle it all, or to go cheap and > modular using some other MTA. We opted for the latter. We replaced our > single mailserver with four mail routing servers and two mail storage > servers, where customer accounts reside. > > Sendmail uses RAM more heavily than Qmail, relieving some of the disk > I/O pressure, and improving performance under heavy loads. In order to > go modular, we needed a directory service to tie it all together (so > that each mail router can reference a system-wide config, and figure out > where the mailbox is). We chose OpenLDAP. At the time (1999), Qmail > did not have LDAP support (correct me if I'm wrong). Sendmail did. > Even if Qmail did have LDAP support then, Sendmail's source was *much* > easier to dig through for the performance tuning we did. > > Sendmail's milter plug-in system has also been invaluable when we > implemented server-side bayesian spam filtering, and as we work on virus > scanning. > > Today we are very happy with our Sendmail installation. Debian and > Sendmail play very happily together, and with our modular setup we > process over 4 million messages a day with over 60,000 mailboxes. Yes, > Sendmail has had several high-profile vulnerabilities, but with Debian > and apt, we were able to stay on top of it with little difficulty. I > can see how Qmail could look attractive to a smaller site with a less > complex setup, but for us, Sendmail was the way to go. > > Regards, > Eric > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- Lasciate ogni speranza, voi ch' entrate - Dante -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
On Thu, 2003-09-04 at 01:43, Rudi Starcevic wrote: > Hi, > > Sorry to bother you all with this repeat question. > I've have searched around and seen plenty of opinions but I'd like to > ask again and get the latest from this list. > > Sendmail or Qmail ? That is my question. Rudi, I work at an ISP that used to use Qmail, but now uses Sendmail. There are several reasons why the switch was made, none having anything to do with the "religion" surrounding either one. The following is my opinion, illustrated with some examples from my company. First, scale is a consideration. Once we began to grow our customer base, our email volume began to increase dramatically. Qmail queues everything to disk, so the more mail you do, the more pressure you put on your disk I/O. The server running Qmail was always blocking while it tried to keep up with the disk writes. We had to decide whether to spend huge $$$ on a big-iron server to handle it all, or to go cheap and modular using some other MTA. We opted for the latter. We replaced our single mailserver with four mail routing servers and two mail storage servers, where customer accounts reside. Sendmail uses RAM more heavily than Qmail, relieving some of the disk I/O pressure, and improving performance under heavy loads. In order to go modular, we needed a directory service to tie it all together (so that each mail router can reference a system-wide config, and figure out where the mailbox is). We chose OpenLDAP. At the time (1999), Qmail did not have LDAP support (correct me if I'm wrong). Sendmail did. Even if Qmail did have LDAP support then, Sendmail's source was *much* easier to dig through for the performance tuning we did. Sendmail's milter plug-in system has also been invaluable when we implemented server-side bayesian spam filtering, and as we work on virus scanning. Today we are very happy with our Sendmail installation. Debian and Sendmail play very happily together, and with our modular setup we process over 4 million messages a day with over 60,000 mailboxes. Yes, Sendmail has had several high-profile vulnerabilities, but with Debian and apt, we were able to stay on top of it with little difficulty. I can see how Qmail could look attractive to a smaller site with a less complex setup, but for us, Sendmail was the way to go. Regards, Eric -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
> It doesnt at all Not to ellaborate, but the subject says it > all...even then. I hate exim too. Has it been covered before on this list? I for one would be interested in elaboration, if there is something technically inferior about exim or postfix to qmail or sendmail? Or politically, I suppose, since much of people's dislike about qmail has more to due with "political" than technical reasons. Later, Dale -- Dale E. Martin, Clifton Labs, Inc. Senior Computer Engineer [EMAIL PROTECTED] http://www.cliftonlabs.com pgp key available -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
> At this stage I'm leaning towards sticking with Sendmail but something > inside wants to know more about Qmail. I'd pick exim or postfix over either of those, but then again I've only dealt with smaller mail installations. Take care, Dale -- Dale E. Martin, Clifton Labs, Inc. Senior Computer Engineer [EMAIL PROTECTED] http://www.cliftonlabs.com pgp key available -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
Hi, so how does exim compare in all of this? Sorry Jamie - In my case, and my case alone, Exim doesn't compare. There are many very good MTA's out there. For me I know Sendmail - ( I compile from source ). I've heard lots of good things about Qmail to I did consider that one only. Also every Guru I've met in person uses Sendmail. Not that means much but I do admire those Guru's. Thanks al again. It's lookin' like Sendmail for me .. Cheers Rudi. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
El jue, 04-09-2003 a las 01:47, Jamie Baddeley escribió: > so how does exim compare in all of this? > It doesnt at all Not to ellaborate, but the subject says it all...even then. I hate exim too. > jamie -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
Hi, >> Why change something thats working perfectly ?? Greg .. Yes that's what I was thinking .. -- but that's what they also said in Nth America 'til the recent blackouts :-( >> And it has no paralell in security (AGES and AGES better than sendmail) Alex .. That's what mostly appeals to me over Sendmail. >> I (and my employer) have picked Sendmail. We make considerable use of a GPL product called MIMEDefang: >> Mark .. Thanks I'll check that one out - Hope to see you in Brisbane at the next meeting, we've met there before ( small world hey ! ) I'll probably be sticking with Sendmail. But for sure even though I've not had problems, touch wood, Security is the only reason I look elsewhere than Sendmail. Many thanks for your time .. Regards Rudi.
Re: Sendmail or Qmail ? ..
so how does exim compare in all of this? jamie On Thu, 04 Sep 2003 18:10, Alex Borges wrote: > It all depends > > qmail has a very non standard way of being managed. Its almost > meta-unix. That said, its VERY flexible, extremely powerfull, once you > get a hang of it INCREDEBLY EASY to manage. And it has no paralell in > security (AGES and AGES better than sendmail) > > Sadly, its non free. You cannot distribute binaries of it, you can not > distribute it modified (have to distribute the patches separately). Even > if debian has very good packages for it, the license defeats the good > system in debian so you still have to go through some extra work to get > it to work. Anything you want to do to it in terms of features is patch > and recompile. > > Anyhow, qmail is what i use for the big things, postfix for the small > things, sendmail is an urban legend. I HATE it. > > El jue, 04-09-2003 a las 00:43, Rudi Starcevic escribió: > > Hi, > > > > Sorry to bother you all with this repeat question. > > I've have searched around and seen plenty of opinions but I'd like to > > ask again and get the latest from this list. > > > > Sendmail or Qmail ? That is my question. > > > > Currently we use Sendmail. It's worked fine, well actually problem free > > so better than fine - I've got the Sendmail book and all. > > However we will be setting up some new email servers soon and I'm > > considering Qmail. > > > > As I hold this list in high regard I'll base my final decision on the > > feedback I get from this list. > > > > At this stage I'm leaning towards sticking with Sendmail but something > > inside wants to know more about Qmail. > > > > If you *had* to pick one of these two which would it be ? > > > > Many thanks > > Best regards > > Rudi. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
I'm using Qmail for over 4 years on small installations without any problems The biggest problem with qmail is DJB's attitude. The people on the qmail list have the same attitude, but they know everything about the source and can help you. I only install Qmail.. Maurice Lucas On Thu, 2003-09-04 at 07:43, Rudi Starcevic wrote: > Hi, > > Sorry to bother you all with this repeat question. > I've have searched around and seen plenty of opinions but I'd like to > ask again and get the latest from this list. > > Sendmail or Qmail ? That is my question. > > Currently we use Sendmail. It's worked fine, well actually problem free > so better than fine - I've got the Sendmail book and all. > However we will be setting up some new email servers soon and I'm > considering Qmail. > > As I hold this list in high regard I'll base my final decision on the > feedback I get from this list. > > At this stage I'm leaning towards sticking with Sendmail but something > inside wants to know more about Qmail. > > If you *had* to pick one of these two which would it be ? > > Many thanks > Best regards > Rudi. > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
It all depends qmail has a very non standard way of being managed. Its almost meta-unix. That said, its VERY flexible, extremely powerfull, once you get a hang of it INCREDEBLY EASY to manage. And it has no paralell in security (AGES and AGES better than sendmail) Sadly, its non free. You cannot distribute binaries of it, you can not distribute it modified (have to distribute the patches separately). Even if debian has very good packages for it, the license defeats the good system in debian so you still have to go through some extra work to get it to work. Anything you want to do to it in terms of features is patch and recompile. Anyhow, qmail is what i use for the big things, postfix for the small things, sendmail is an urban legend. I HATE it. El jue, 04-09-2003 a las 00:43, Rudi Starcevic escribió: > Hi, > > Sorry to bother you all with this repeat question. > I've have searched around and seen plenty of opinions but I'd like to > ask again and get the latest from this list. > > Sendmail or Qmail ? That is my question. > > Currently we use Sendmail. It's worked fine, well actually problem free > so better than fine - I've got the Sendmail book and all. > However we will be setting up some new email servers soon and I'm > considering Qmail. > > As I hold this list in high regard I'll base my final decision on the > feedback I get from this list. > > At this stage I'm leaning towards sticking with Sendmail but something > inside wants to know more about Qmail. > > If you *had* to pick one of these two which would it be ? > > Many thanks > Best regards > Rudi. > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
Why change something thats working perfectly ?? - Original Message - From: Rudi Starcevic To: [EMAIL PROTECTED] Sent: Thursday, September 04, 2003 3:43 PM Subject: Sendmail or Qmail ? .. Hi,Sorry to bother you all with this repeat question.I've have searched around and seen plenty of opinions but I'd like to ask again and get the latest from this list.Sendmail or Qmail ? That is my question.Currently we use Sendmail. It's worked fine, well actually problem free so better than fine - I've got the Sendmail book and all.However we will be setting up some new email servers soon and I'm considering Qmail.As I hold this list in high regard I'll base my final decision on the feedback I get from this list.At this stage I'm leaning towards sticking with Sendmail but something inside wants to know more about Qmail.If you *had* to pick one of these two which would it be ?Many thanksBest regardsRudi.-- To UNSUBSCRIBE, email to [EMAIL PROTECTED]with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Sendmail or Qmail ? ..
Hi, Sorry to bother you all with this repeat question. I've have searched around and seen plenty of opinions but I'd like to ask again and get the latest from this list. Sendmail or Qmail ? That is my question. Currently we use Sendmail. It's worked fine, well actually problem free so better than fine - I've got the Sendmail book and all. However we will be setting up some new email servers soon and I'm considering Qmail. As I hold this list in high regard I'll base my final decision on the feedback I get from this list. At this stage I'm leaning towards sticking with Sendmail but something inside wants to know more about Qmail. If you *had* to pick one of these two which would it be ? Many thanks Best regards Rudi. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Disable STARTTLS in sendmail
On Tue, Aug 12, 2003 at 05:45:04PM -0400, Richard A Nelson wrote: > On Tue, 12 Aug 2003, Markus Bajohr wrote: > > > I've installed Debian Woody 3.0 with the sendmail package. > > It's all working, but I get a lot of messages, like: > > > > Aug 12 13:22:35 fileserver sm-mta[2420]: STARTTLS=server: file > > /etc/mail/ssl/sendmail-server.crt unsafe: No such file or directory > > Aug 12 13:30:01 fileserver sm-msp-queue[2496]: STARTTLS=client: file > > /etc/mail/ssl/sendmail-client.crt unsafe: No such file or directory > > Aug 12 13:30:01 fileserver sm-msp-queue[2496]: STARTTLS=client: file > > /etc/mail/ssl/sendmail-common.key unsafe: No such file or directory > > Aug 12 13:30:01 fileserver sm-msp-queue[2496]: STARTTLS=client: file > > /etc/mail/ssl/sendmail-server.crt unsafe: No such file or directory > > Aug 12 13:30:01 fileserver sm-msp-queue[2496]: STARTTLS=client, error: > > load verify locs /etc/ssl/certs/, /etc/mail/ssl/sendmail-server.crt > > failed: 0 > > > > My question: How can I disable the STARTTLS? > > I don't need it on a fileserver. Is there a way to disable these error > > messages in the logfile(s)? > > The next upload will make STARTTLS and AUTH completely optional, > until then, make sure you remove, the line > include(`/etc/mail/[tls/]?starttls.m4') > from both sendmail.mc and submit.mc Is this not cleaner and clearer? (add it to sendmail.mc) dnl # Disable TLS define(`sm_enable_tls', `no')dnl -simonm (E: [EMAIL PROTECTED] W: +44 28 9072 5060 M: +44 7710 836915) SAM: "What's new Normie?" NORM: "Terrorists, Sam. They've taken over my stomach & they're demanding beer." -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Disable STARTTLS in sendmail
Hello, I've installed Debian Woody 3.0 with the sendmail package. It's all working, but I get a lot of messages, like: Aug 12 13:22:35 fileserver sm-mta[2420]: STARTTLS=server: file /etc/mail/ssl/sendmail-server.crt unsafe: No such file or directory Aug 12 13:30:01 fileserver sm-msp-queue[2496]: STARTTLS=client: file /etc/mail/ssl/sendmail-client.crt unsafe: No such file or directory Aug 12 13:30:01 fileserver sm-msp-queue[2496]: STARTTLS=client: file /etc/mail/ssl/sendmail-common.key unsafe: No such file or directory Aug 12 13:30:01 fileserver sm-msp-queue[2496]: STARTTLS=client: file /etc/mail/ssl/sendmail-server.crt unsafe: No such file or directory Aug 12 13:30:01 fileserver sm-msp-queue[2496]: STARTTLS=client, error: load verify locs /etc/ssl/certs/, /etc/mail/ssl/sendmail-server.crt failed: 0 My question: How can I disable the STARTTLS? I don't need it on a fileserver. Is there a way to disable these error messages in the logfile(s)? Regards, Markus Bajohr -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Virtualusertable in sendmail don't work.
Hello: I'm triying to use virtualusertable feature of sendmail I put in my sendmail.mc: LOCAL_CONFIG FEATURE(`nullclient', jupiter.dmz.technitrade.com)dnl LOCAL_CONFIG ## Custom configurations below (will be preserved) FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl And make the hash: makemap hash /etc/mail/virtusertable.db < /etc/mail/virtusertable But seems no have effect. some ideas? Thank's in advance. = Erick Ivaan Lopez Carreon -<[EMAIL PROTECTED]> pub 1024D/88B6CA79 2003-05-08 Fingerprint = A388 97F1 7EED AF5A 6DB4 46B7 B360 18CC 88B6 CA79 www.fsl.org.mx __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Is sendmail trusted-user feature broken?
Thanks for all the help I received on this. Yes, the X-Authentication-Warning reporting abuse of the sendmail -f switch, went away after I added the following line to submit.mc FEATURE(`use_ct_file')dnl and, of course, adding the trusted username (in my case, apache, since that's what my server is running under) to /etc/trusted-users :) First, make sure this (or something darn near like it) is indeed in /etc/mail/sendmail.cf: Ft/etc/mail/trusted-users %[^\#] Now, if this process actually winds up invoking sendmail binary vs talking to port 25, you'll also need to add that FEATURE to /etc/mail/submit.mc and remake (no restart required). Welcome to the world of split personality sendmail :) I read that the trusted-user feature was entirely disabled in sendmail versions 8.1 through 8.6, but then was revived. Does that have anything to do with it? No, and I don't recall seeing that, but 'tis been a while :) I read it in the O'Reilly {Sendmail} book, on page 245. But oh my gosh! I see that my edition of that book was printed in 1994! My, how time flies Thanks again, -- +---+ | John Sigerson | | EIR News Service, Inc. E-mail: [EMAIL PROTECTED]| | 60 Sycolin RoadVoice: 703-777-9451 x543 | | Leesburg, VA 20175 Fax:703-771-3099 or 771-9492 | | USAWeb:http://www.larouchepub.com | +---+ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Is sendmail trusted-user feature broken?
Thanks for all the help I received on this. Yes, the X-Authentication-Warning reporting abuse of the sendmail -f switch, went away after I added the following line to submit.mc FEATURE(`use_ct_file')dnl and, of course, adding the trusted username (in my case, apache, since that's what my server is running under) to /etc/trusted-users :) First, make sure this (or something darn near like it) is indeed in /etc/mail/sendmail.cf: Ft/etc/mail/trusted-users %[^\#] Now, if this process actually winds up invoking sendmail binary vs talking to port 25, you'll also need to add that FEATURE to /etc/mail/submit.mc and remake (no restart required). Welcome to the world of split personality sendmail :) I read that the trusted-user feature was entirely disabled in sendmail versions 8.1 through 8.6, but then was revived. Does that have anything to do with it? No, and I don't recall seeing that, but 'tis been a while :) I read it in the O'Reilly {Sendmail} book, on page 245. But oh my gosh! I see that my edition of that book was printed in 1994! My, how time flies Thanks again, -- +---+ | John Sigerson | | EIR News Service, Inc. E-mail: [EMAIL PROTECTED]| | 60 Sycolin RoadVoice: 703-777-9451 x543 | | Leesburg, VA 20175 Fax:703-771-3099 or 771-9492 | | USAWeb:http://www.larouchepub.com | +---+
RE: Is sendmail trusted-user feature broken?
Sorry, but do you have changed the default user for apache from 'www-data' to 'apache'? Otherwise you have to put www-data into one line of '/etc/mail/trusted-users'. That works on our servers (pure woody). Our 'submit.mc': ... OSTYPE(`debian')dnl DOMAIN(`debian-msp')dnl FEATURE(use_ct_file)dnl ... Please be aware about the position - - it dosen't work everywhere within that file! Christian -Original Message- From: John Sigerson [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 25, 2003 3:47 AM To: debian-isp@lists.debian.org Subject: Is sendmail trusted-user feature broken? ... The docs indicate that "apache" needs to be added as a "trusted user", and so I added "apache" to /etc/mail/trusted-users; added FEATURE(`use_ct_file')dnl to /etc/mail/sendmail.mc, did make, and restarted sendmail. (For testing, I also did not include authwarnings as one of the privacy flags.) ...
Re: Is sendmail trusted-user feature broken?
Well, I had already fooled around with submit.mc, but on your suggestion I tried it again--but with no success. I added the following line to submit.mc: define(`confTRUSTED_USER', `johnsig')dnl then did make, and from my johnsig shell, did the following: /usr/sbin/sendmail [EMAIL PROTECTED] johnsig but alas! I {still} get the X-Authentication-Warning message saying that johnsig used -f. Maybe there's some kind of PAM issue lurking here? Anyway, to solve the immediate problem, I just installed sudo, added "apache" to the list of sudoers, giving it NOPASSWD:/usr/sbin/sendmail permission, and then edited the CGI script, adding sudo before the sendmail command. It is admittedly less secure, but my CGI can only be run by users who have been authenticated over SSL. But if you think this is a really bad idea, please let me know. --John Sigerson -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John Sigerson <[EMAIL PROTECTED]> wrote: X-Authentication-Warning: eirweb2.chvlva.adelphia.net: apache set sender to [EMAIL PROTECTED] using -f The docs indicate that "apache" needs to be added as a "trusted user", and so I added "apache" to /etc/mail/trusted-users; added FEATURE(`use_ct_file')dnl to /etc/mail/sendmail.mc, did make, and restarted sendmail. (For testing, I also did not include authwarnings as one of the privacy flags.) But still, this pesky X-Authentication-Warning will not go away! You also need to edit submit.mc to add the trusted user feature. Yours sincerely, - -- Mark Suter <[EMAIL PROTECTED]> | I have often regretted my Miju Systems - http://www.miju.com.au/ | speech, never my silence. mobile 0411 262 316 gnupg key 2C71D63D | Xenocrates (396-314 B.C.) -- +---+ | John Sigerson | | EIR News Service, Inc. E-mail: [EMAIL PROTECTED]| | 60 Sycolin RoadVoice: 703-777-9451 x543 | | Leesburg, VA 20175 Fax:703-771-3099 or 771-9492 | | USAWeb:http://www.larouchepub.com | +---+
RE: Is sendmail trusted-user feature broken?
Sorry, but do you have changed the default user for apache from 'www-data' to 'apache'? Otherwise you have to put www-data into one line of '/etc/mail/trusted-users'. That works on our servers (pure woody). Our 'submit.mc': ... OSTYPE(`debian')dnl DOMAIN(`debian-msp')dnl FEATURE(use_ct_file)dnl ... Please be aware about the position - - it dosen't work everywhere within that file! Christian -Original Message- From: John Sigerson [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 25, 2003 3:47 AM To: [EMAIL PROTECTED] Subject: Is sendmail trusted-user feature broken? ... The docs indicate that "apache" needs to be added as a "trusted user", and so I added "apache" to /etc/mail/trusted-users; added FEATURE(`use_ct_file')dnl to /etc/mail/sendmail.mc, did make, and restarted sendmail. (For testing, I also did not include authwarnings as one of the privacy flags.) ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Is sendmail trusted-user feature broken?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John Sigerson <[EMAIL PROTECTED]> wrote: > X-Authentication-Warning: eirweb2.chvlva.adelphia.net: apache set > sender to [EMAIL PROTECTED] using -f > > The docs indicate that "apache" needs to be added as a "trusted > user", and so I added "apache" to /etc/mail/trusted-users; added > FEATURE(`use_ct_file')dnl to /etc/mail/sendmail.mc, did make, > and restarted sendmail. (For testing, I also did not include > authwarnings as one of the privacy flags.) > > But still, this pesky X-Authentication-Warning will not go away! You also need to edit submit.mc to add the trusted user feature. Yours sincerely, - -- Mark Suter <[EMAIL PROTECTED]> | I have often regretted my Miju Systems - http://www.miju.com.au/ | speech, never my silence. mobile 0411 262 316 gnupg key 2C71D63D | Xenocrates (396-314 B.C.) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Check Keyservers or http://zwitterion.org/keys/ iD8DBQE++UQGRYso2ixx1j0RAgJ4AJ0f5k+m/CKwADLJMPNZ660eTKa0TwCfZJXR /QqLRGhUCyWV5uPOMGtpPRE= =rTFn -END PGP SIGNATURE-
Re: Is sendmail trusted-user feature broken?
Well, I had already fooled around with submit.mc, but on your suggestion I tried it again--but with no success. I added the following line to submit.mc: define(`confTRUSTED_USER', `johnsig')dnl then did make, and from my johnsig shell, did the following: /usr/sbin/sendmail [EMAIL PROTECTED] johnsig but alas! I {still} get the X-Authentication-Warning message saying that johnsig used -f. Maybe there's some kind of PAM issue lurking here? Anyway, to solve the immediate problem, I just installed sudo, added "apache" to the list of sudoers, giving it NOPASSWD:/usr/sbin/sendmail permission, and then edited the CGI script, adding sudo before the sendmail command. It is admittedly less secure, but my CGI can only be run by users who have been authenticated over SSL. But if you think this is a really bad idea, please let me know. --John Sigerson -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John Sigerson <[EMAIL PROTECTED]> wrote: X-Authentication-Warning: eirweb2.chvlva.adelphia.net: apache set sender to [EMAIL PROTECTED] using -f The docs indicate that "apache" needs to be added as a "trusted user", and so I added "apache" to /etc/mail/trusted-users; added FEATURE(`use_ct_file')dnl to /etc/mail/sendmail.mc, did make, and restarted sendmail. (For testing, I also did not include authwarnings as one of the privacy flags.) But still, this pesky X-Authentication-Warning will not go away! You also need to edit submit.mc to add the trusted user feature. Yours sincerely, - -- Mark Suter <[EMAIL PROTECTED]> | I have often regretted my Miju Systems - http://www.miju.com.au/ | speech, never my silence. mobile 0411 262 316 gnupg key 2C71D63D | Xenocrates (396-314 B.C.) -- +---+ | John Sigerson | | EIR News Service, Inc. E-mail: [EMAIL PROTECTED]| | 60 Sycolin RoadVoice: 703-777-9451 x543 | | Leesburg, VA 20175 Fax:703-771-3099 or 771-9492 | | USAWeb:http://www.larouchepub.com | +---+ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Is sendmail trusted-user feature broken?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John Sigerson <[EMAIL PROTECTED]> wrote: > X-Authentication-Warning: eirweb2.chvlva.adelphia.net: apache set > sender to [EMAIL PROTECTED] using -f > > The docs indicate that "apache" needs to be added as a "trusted > user", and so I added "apache" to /etc/mail/trusted-users; added > FEATURE(`use_ct_file')dnl to /etc/mail/sendmail.mc, did make, > and restarted sendmail. (For testing, I also did not include > authwarnings as one of the privacy flags.) > > But still, this pesky X-Authentication-Warning will not go away! You also need to edit submit.mc to add the trusted user feature. Yours sincerely, - -- Mark Suter <[EMAIL PROTECTED]> | I have often regretted my Miju Systems - http://www.miju.com.au/ | speech, never my silence. mobile 0411 262 316 gnupg key 2C71D63D | Xenocrates (396-314 B.C.) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Check Keyservers or http://zwitterion.org/keys/ iD8DBQE++UQGRYso2ixx1j0RAgJ4AJ0f5k+m/CKwADLJMPNZ660eTKa0TwCfZJXR /QqLRGhUCyWV5uPOMGtpPRE= =rTFn -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Is sendmail trusted-user feature broken?
I'm using Debian sendmail distribution 8.12.3-6.4 and I have apache running as user "apache" and group "apache". I'm running a CGI program which calls sendmail using the "-f" switch to set the sender's e-mail address (apache is running a number of virtual servers, each with a separate domain). The problem is that sendmail keeps adding this warning to the mail message header: X-Authentication-Warning: eirweb2.chvlva.adelphia.net: apache set sender to [EMAIL PROTECTED] using -f The docs indicate that "apache" needs to be added as a "trusted user", and so I added "apache" to /etc/mail/trusted-users; added FEATURE(`use_ct_file')dnl to /etc/mail/sendmail.mc, did make, and restarted sendmail. (For testing, I also did not include authwarnings as one of the privacy flags.) But still, this pesky X-Authentication-Warning will not go away! Any suggestions would be greatly appreciated! I read that the trusted-user feature was entirely disabled in sendmail versions 8.1 through 8.6, but then was revived. Does that have anything to do with it? -- +---+ | John Sigerson | | EIR News Service, Inc. E-mail: [EMAIL PROTECTED]| | 60 Sycolin RoadVoice: 703-777-9451 x543 | | Leesburg, VA 20175 Fax:703-771-3099 or 771-9492 | | USAWeb:http://www.larouchepub.com | +---+
Is sendmail trusted-user feature broken?
I'm using Debian sendmail distribution 8.12.3-6.4 and I have apache running as user "apache" and group "apache". I'm running a CGI program which calls sendmail using the "-f" switch to set the sender's e-mail address (apache is running a number of virtual servers, each with a separate domain). The problem is that sendmail keeps adding this warning to the mail message header: X-Authentication-Warning: eirweb2.chvlva.adelphia.net: apache set sender to [EMAIL PROTECTED] using -f The docs indicate that "apache" needs to be added as a "trusted user", and so I added "apache" to /etc/mail/trusted-users; added FEATURE(`use_ct_file')dnl to /etc/mail/sendmail.mc, did make, and restarted sendmail. (For testing, I also did not include authwarnings as one of the privacy flags.) But still, this pesky X-Authentication-Warning will not go away! Any suggestions would be greatly appreciated! I read that the trusted-user feature was entirely disabled in sendmail versions 8.1 through 8.6, but then was revived. Does that have anything to do with it? -- +---+ | John Sigerson | | EIR News Service, Inc. E-mail: [EMAIL PROTECTED]| | 60 Sycolin RoadVoice: 703-777-9451 x543 | | Leesburg, VA 20175 Fax:703-771-3099 or 771-9492 | | USAWeb:http://www.larouchepub.com | +---+ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sendmail or qmail or what?
On Fri, 6 Jun 2003, Ariel Graneros wrote: > I prefer postfix, it is rock solid everywhere i use it, has fewer security > issues than sendmail, is quite powerful, and the best of all, is veery easy > to configure. Anyway, i've never tried anything else. > > On Wed, 21 May 2003 12:10:17 -0300 > "Ana Paula Sabelli" <[EMAIL PROTECTED]> wrote: > > > Hi, > > I´m setting up a mail server, I ´d like to hear opinions about which one is > > better. Hello, Maybe i missed it in this thread, and i don't want to start a holy war, but is there a reason not to use Exim? It's the standard mail server that is loaded with Debian and i use it on all of my boxen. It's a whole lot easier than sendmail and i am not aware of any security issues and it apparently does a whole lot more than i can figure out to do. So, i'm just curious as to why so many people recommend other things than the default Exim. Thank you.
Re: sendmail or qmail or what?
I prefer postfix, it is rock solid everywhere i use it, has fewer security issues than sendmail, is quite powerful, and the best of all, is veery easy to configure. Anyway, i've never tried anything else. On Wed, 21 May 2003 12:10:17 -0300 "Ana Paula Sabelli" <[EMAIL PROTECTED]> wrote: > Hi, > I´m setting up a mail server, I ´d like to hear opinions about which one is > better. > > TIA > > Ana Paula Sabelli
Re: sendmail or qmail or what?
On Fri, 6 Jun 2003, Ariel Graneros wrote: > I prefer postfix, it is rock solid everywhere i use it, has fewer security issues > than sendmail, is quite powerful, and the best of all, is veery easy to configure. > Anyway, i've never tried anything else. > > On Wed, 21 May 2003 12:10:17 -0300 > "Ana Paula Sabelli" <[EMAIL PROTECTED]> wrote: > > > Hi, > > I´m setting up a mail server, I ´d like to hear opinions about which one is better. Hello, Maybe i missed it in this thread, and i don't want to start a holy war, but is there a reason not to use Exim? It's the standard mail server that is loaded with Debian and i use it on all of my boxen. It's a whole lot easier than sendmail and i am not aware of any security issues and it apparently does a whole lot more than i can figure out to do. So, i'm just curious as to why so many people recommend other things than the default Exim. Thank you. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sendmail or qmail or what?
I prefer postfix, it is rock solid everywhere i use it, has fewer security issues than sendmail, is quite powerful, and the best of all, is veery easy to configure. Anyway, i've never tried anything else. On Wed, 21 May 2003 12:10:17 -0300 "Ana Paula Sabelli" <[EMAIL PROTECTED]> wrote: > Hi, > I´m setting up a mail server, I ´d like to hear opinions about which one is better. > > TIA > > Ana Paula Sabelli -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sendmail or qmail or what?
Greetings! On Wed, 21 May 2003 18:40:36 +0200 Franz Georg Köhler <[EMAIL PROTECTED]> wrote: > > I?m setting up a mail server, I ?d like to hear opinions about which > > one is better. > > It depends on your personal preferences. > > I favor exim: http://www.exim.org/ . Main question: what do you want/need? For a pure satellite hub you can be quite well of with SSMTP. What is your metric (for "best")? Flexibility, available addins, security, easy to configure, or what? For a brief comparison of the most common ones: http://www.geocities.com/mailsoftware42/ Well, that's the MTA side - what about the client part. Do you need POP or IMAP? Both? LDAP access? What spool design, etc. There are (again) loads of agents available. Again: what is your metric for "best"? Bye Volker Tanger -- Besuchen Sie unsere neuen Internet-Seiten http://www.detewe.de Neues Highlight: Wunschproduktberater fuer den Home & Office-Bereich. Visit our new Internet Pages on http://www.detewe.de Our Highlight: Online Product Adviser for Home & Office. (Currently available in German only)
Re: sendmail or qmail or what?
Hi, On Wed, May 21, 2003 at 12:10:17PM -0300, Ana Paula Sabelli wrote: > Hi, > I´m setting up a mail server, I ´d like to hear opinions about which > one is better. Qmail. Even though it has some problems too, as every piece of software does, they are in no way of the same magnitude as sendmail's history of remote root exploits, complexity and general ugliness. Qmail lacks some modern features, but I rather have a mail server that lacks features than one that lacks security. Also, qmail's modular architecture accomodates creating create custom features very well. I've been deploying and managing qmail based mail servers for a number of years now, and am very happy with it. Cheers, Emile, -- E-Advies - Emile van Bergen [EMAIL PROTECTED] tel. +31 (0)70 3906153 http://www.e-advies.nl pgpEPgMxMKk3r.pgp Description: PGP signature
Re: sendmail or qmail or what?
> I´m setting up a mail server, I ´d like to hear opinions about which one > is better. My favorit ist qmail. Take a look at http://www.pipeline.com.au/staff/mbowe/isp/webmail-server.htm greets - Diese eMail ist ein Service von Wird noch nicht verraten! http://www.Held-vom-Erdbeerfeld.de/
Re: sendmail or qmail or what?
On Wed, May 21, 2003 at 09:24:39PM +0200, Adrian 'Dagurashibanipal' von Bidder wrote: Content-Description: signed data > On Wednesday 21 May 2003 17:10, Ana Paula Sabelli wrote: > > Hi, > > I?m setting up a mail server, I ?d like to hear opinions about which one is > > better. > > Personally, I don't like qmail mainly because of its license (I never > explored further than that), and because about the only things I regularly > hear is that it has some obscure 'features' where the authors opinion differs > from everybody else's. > > I stopped using sendmail because I really like to *understand* a > configuration > file... > > I use postfix - easy to set up, does everything I want it to do, has good > spam > control possibilities and also good documentation on how to use them. > > Haven't used exim. > > greets > -- vbi > > -- > featured link: http://fortytwo.ch/time I am setting up a mail server too. After studying and reading others comments. I am using Postfix, Courier (pop/imap)...
Re: sendmail or qmail or what?
On Wed, 2003-05-21 at 07:10, Ana Paula Sabelli wrote: > Hi, > I´m setting up a mail server, I ´d like to hear opinions about which > one is better. > > TIA > > Ana Paula Sabelli OK, it's a sysadmin preference type isssue for sure. Having run Sendmail, Exim, Postfix, qmail and atmail, we have settled on qmail as it has been rock solid. What else do you need ? See http://lifewithqmail.org/lwq.html Dee -- W.D.McKinney (Dee) Alaska Wireless Systems http://3233667600
Re: sendmail or qmail or what?
On Wednesday 21 May 2003 17:10, Ana Paula Sabelli wrote: > Hi, > I´m setting up a mail server, I ´d like to hear opinions about which one is > better. Personally, I don't like qmail mainly because of its license (I never explored further than that), and because about the only things I regularly hear is that it has some obscure 'features' where the authors opinion differs from everybody else's. I stopped using sendmail because I really like to *understand* a configuration file... I use postfix - easy to set up, does everything I want it to do, has good spam control possibilities and also good documentation on how to use them. Haven't used exim. greets -- vbi -- featured link: http://fortytwo.ch/time pgpERTGPVL3A2.pgp Description: signature
Re: sendmail or qmail or what?
At 12:10 PM 5/21/2003 -0300, Ana Paula Sabelli wrote: Hi, I´m setting up a mail server, I ´d like to hear opinions about which one is better. TIA Ana Paula Sabelli Personally, I use Postfix.. It handles just about anything I need to throw at it.. -Splash
Re: sendmail or qmail or what?
On Wed, May 21, 2003 at 12:10:17PM -0300, Ana Paula Sabelli <[EMAIL PROTECTED]> wrote: > Hi, > I?m setting up a mail server, I ?d like to hear opinions about which one is > better. It depends on your personal preferences. I favor exim: http://www.exim.org/ .
sendmail or qmail or what?
Hi, I´m setting up a mail server, I ´d like to hear opinions about which one is better. TIA Ana Paula Sabelli
i have problems for configure mailscanner + sendmail +f-prot
someone now a good howto to do it or how to do it run???
sendmail connection timeout problem
Hi there, i have a problem on my primary mail server. it runs debian woody and sendmail. it is forwarding mails with the mailertable feature to our customers mailservers. the customers are connected to our PoP via leased-lines. here the error from the mail.log Apr 9 15:06:11 mx1 sm-mta[2220]: h39D1BoU002214: timeout waiting for input from [customer mailserver's ip] during client greeting after 2 to 3 retries the mails are delivered ... so the messages get deferred for 1 to 3 times and so the mail delay is 5-15 minutes, wich is not acceptable for out customer. Have played with the timeouts but this doesn't improve the mail delivery. Every time i telneted to port 25 of the customer server the greeting from the customer's server took not longer than 1 second. So it has to be a problem of the sendmail configuration. It happens not only to our customer, as i can also see this problem happening with other internet mailservers. The leased-lines are up and I run netsaint to check the customers smtp server. The banwidth usage on the leased lines is never obove 50% so smtp traffic should go through without problems. The bandwidth is between 2 and 6 Mbit/s Thanks in advance for any advice you can give me! Regards, mfl --- Appendix --- dpkg --list | grep sendmail ii sendmail 8.12.3-6.3 ii sendmail-doc 8.12.3-6.3 OK, here my sendmail.mc VERSIONID(`$Id: sendmail.mc, v 8.12.3-4 2002-04-15 17:35:56 cowboy Exp $') OSTYPE(`debian')dnl DOMAIN(`debian-mta')dnl dnl # dnl # General defines dnl # LOCAL_CONFIG FEATURE(`use_cw_file')dnl FEATURE(`use_ct_file')dnl FEATURE(`nouucp', `reject')dnl FEATURE(`mailertable')dnl FEATURE(`smrsh')dnl FEATURE(`virtusertable')dnl dnl # added 20030225 by mfl define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn')dnl define(`confMAX_DAEMON_CHILDREN', `1000')dnl define(`confMAX_QUEUE_CHILDREN', `500')dnl define(`confMAX_RUNNERS_PER_QUEUE', `150')dnl define(`confTO_QUEUEWARN', `1h')dnl dnl # timeouts # added by mfl define(`confTO_CONNECT', `5m')dnl define(`confTO_ICONNECT', `3m')dnl define(`confTO_MISC', `5m')dnl define(`confTO_HOSTSTATUS', `5m')dnl define(`confTO_IDENT', `1s')dnl define(`confSEPARATE_PROC', `true')dnl define(`confDIAL_DELAY', `15s')dnl dnl # dnl # Dialup/LAN connection overrides dnl # include(`/etc/mail/dialup.m4')dnl include(`/etc/mail/provider.m4')dnl MAILER_DEFINITIONS MAILER(local)dnl MAILER(smtp)dnl define(`confSMTP_LOGIN_MSG', ``$j Sendmail; ready to serve... ; $b'')
sendmail + amavis-ng + amavis-ng-milter-helper + clamavd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi I am trying to use sendmail + amavis-ng + amavis-ng-milter-helper + clamavd in a mail server of 1635 users. It works, but after a while (about 10 minutes) I see messages like that Mar 18 17:09:21 drow sm-mta[30007]: h2IG9Au2030007: milter_read(milter-amavis): cmd read returned 0, expecting 5 Mar 18 17:09:21 drow sm-mta[30007]: h2IG9Au2030007: Milter (milter-amavis): to error state Mar 18 17:09:21 drow sm-mta[30007]: h2IG9Au2030007: Milter (milter-amavis): init failed to open Mar 18 17:09:21 drow sm-mta[30007]: h2IG9Au2030007: Milter (milter-amavis): to error state Mar 18 17:09:27 drow sm-mta[30038]: h2IG9Ru2030038: Milter (milter-amavis): write(O) returned -1, expected 5: Broken pipe Mar 18 17:09:27 drow sm-mta[30038]: h2IG9Ru2030038: Milter (milter-amavis): to error state Mar 18 17:09:27 drow sm-mta[30038]: h2IG9Ru2030038: Milter (milter-amavis): init failed to open Mar 18 17:09:27 drow sm-mta[30038]: h2IG9Ru2030038: Milter (milter-amavis): to error state Mar 18 17:09:41 drow sm-mta[30097]: h2IG9fu2030097: milter_read(milter-amavis): cmd read returned 0, expecting 5 Mar 18 17:09:41 drow sm-mta[30097]: h2IG9fu2030097: Milter (milter-amavis): to error state Mar 18 17:09:41 drow sm-mta[30097]: h2IG9fu2030097: Milter (milter-amavis): init failed to open Mar 18 17:09:41 drow sm-mta[30097]: h2IG9fu2030097: Milter (milter-amavis): to error state _ and I think maybe I've overloaded the machine. I'm new to this list. I suppose you've talk about what combination is better for medium traffic of emails before. Can you tell me when? (aprox... I'll try to search the mailing-list archives). Anyway, if anyone has any suggestions I'd be grateful. Here is some info about the machine hosting this mail server. Thank you very much. # cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 2 model name : Intel(R) Pentium(R) 4 CPU 1.80GHz stepping: 4 cpu MHz : 1817.923 cache size : 0 KB fdiv_bug: no hlt_bug : no sep_bug : no f00f_bug: no coma_bug: no fpu : yes fpu_exception : yes cpuid level : 2 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 cflush dtrace acpi mmx fxsr xmm xmm2 ssnp 28 acc bogomips: 3630.69 # cat /proc/meminfo total:used:free: shared: buffers: cached: Mem: 496406528 342515712 153890816 123846656 228249600 33964032 Swap: 2960998400 296099840 MemTotal:484772 kB MemFree: 150284 kB MemShared: 120944 kB Buffers: 222900 kB Cached: 33168 kB SwapTotal: 289160 kB SwapFree:289160 kB some lines of amavis.conf _ [global] mail-transfer-agent = Milter virus-scanner = CLAMD extractors=Mail, GZIP, BZIP2, LHA, ARC, Zip, Tar, ZOO, RAR, TNEF, ARJ notifiers=Sender, Admin [MIME] ;; Ignore MIME message extracting errors? ; ignore errors = no ;; What to do if such error occues? ;; freeze - default behaviour, message will be frozen ;; drop+notify - drop message, notify sender ; error action = freeze [Milter] ;; Currently, an external C program amavis-milter is needed for Milter ;; support. ;; ;; This is the socket AMaViS will listen on. amavis-milter will ;; connect to this socket if it wants a message to be checked. amavis socket = /var/run/amavis-ng/socket.amavis ;; This is the socket amavs-milter will listen on. [security] ;; Resource limits for unpacking each message ;; How many levels of unpacking do we do? maxlevels = 20 ;; How many files do we want to write? maxfiles = 1000 ;; How much diskspace do we want to consume? maxspace = 30M ;; If amavis is run as UID root, drop root privileges to uid, gid. uid = amavis gid = amavis [CLAMD] socket = /var/run/clamd.ctl milter socket = /var/run/amavis-ng/socket.milter ;; The path to amavis-milter amavis-milter = /usr/sbin/amavis-milter ;; amavis-milter pid file amavis-milter pidfile = /var/run/amavis-ng/amavis-milter.pid ;; Debug options for amavis-milter (should not be needed in normal ;; operation) amavis-milter debug = 3 amavis-milter logfile = /var/log/amavis-ng/amavis-milter.log ;; The AMaViS pid file pidfile = /var/run/amavis-ng/amavisd.pid daemon = yes ;; For sending out messages sendmail = /usr/sbin/sendmail args = -i -f -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+d2FfGOU6HQZ81TcRAq79AJ0VNVYGbIMTC37Zl37yMN7yz6Zm1wCeLOlf lmfrDWcZ/GhB+6PEbEnpW8A= =9XLk -END PGP SIGNATURE-
sendmail + amavis-ng + amavis-ng-milter-helper + clamavd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi I am trying to use sendmail + amavis-ng + amavis-ng-milter-helper + clamavd in a mail server of 1635 users. It works, but after a while (about 10 minutes) I see messages like that Mar 18 17:09:21 drow sm-mta[30007]: h2IG9Au2030007: milter_read(milter-amavis): cmd read returned 0, expecting 5 Mar 18 17:09:21 drow sm-mta[30007]: h2IG9Au2030007: Milter (milter-amavis): to error state Mar 18 17:09:21 drow sm-mta[30007]: h2IG9Au2030007: Milter (milter-amavis): init failed to open Mar 18 17:09:21 drow sm-mta[30007]: h2IG9Au2030007: Milter (milter-amavis): to error state Mar 18 17:09:27 drow sm-mta[30038]: h2IG9Ru2030038: Milter (milter-amavis): write(O) returned -1, expected 5: Broken pipe Mar 18 17:09:27 drow sm-mta[30038]: h2IG9Ru2030038: Milter (milter-amavis): to error state Mar 18 17:09:27 drow sm-mta[30038]: h2IG9Ru2030038: Milter (milter-amavis): init failed to open Mar 18 17:09:27 drow sm-mta[30038]: h2IG9Ru2030038: Milter (milter-amavis): to error state Mar 18 17:09:41 drow sm-mta[30097]: h2IG9fu2030097: milter_read(milter-amavis): cmd read returned 0, expecting 5 Mar 18 17:09:41 drow sm-mta[30097]: h2IG9fu2030097: Milter (milter-amavis): to error state Mar 18 17:09:41 drow sm-mta[30097]: h2IG9fu2030097: Milter (milter-amavis): init failed to open Mar 18 17:09:41 drow sm-mta[30097]: h2IG9fu2030097: Milter (milter-amavis): to error state _ and I think maybe I've overloaded the machine. I'm new to this list. I suppose you've talk about what combination is better for medium traffic of emails before. Can you tell me when? (aprox... I'll try to search the mailing-list archives). Anyway, if anyone has any suggestions I'd be grateful. Here is some info about the machine hosting this mail server. Thank you very much. # cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 2 model name : Intel(R) Pentium(R) 4 CPU 1.80GHz stepping: 4 cpu MHz : 1817.923 cache size : 0 KB fdiv_bug: no hlt_bug : no sep_bug : no f00f_bug: no coma_bug: no fpu : yes fpu_exception : yes cpuid level : 2 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 cflush dtrace acpi mmx fxsr xmm xmm2 ssnp 28 acc bogomips: 3630.69 # cat /proc/meminfo total:used:free: shared: buffers: cached: Mem: 496406528 342515712 153890816 123846656 228249600 33964032 Swap: 2960998400 296099840 MemTotal:484772 kB MemFree: 150284 kB MemShared: 120944 kB Buffers: 222900 kB Cached: 33168 kB SwapTotal: 289160 kB SwapFree:289160 kB some lines of amavis.conf _ [global] mail-transfer-agent = Milter virus-scanner = CLAMD extractors=Mail, GZIP, BZIP2, LHA, ARC, Zip, Tar, ZOO, RAR, TNEF, ARJ notifiers=Sender, Admin [MIME] ;; Ignore MIME message extracting errors? ; ignore errors = no ;; What to do if such error occues? ;; freeze - default behaviour, message will be frozen ;; drop+notify - drop message, notify sender ; error action = freeze [Milter] ;; Currently, an external C program amavis-milter is needed for Milter ;; support. ;; ;; This is the socket AMaViS will listen on. amavis-milter will ;; connect to this socket if it wants a message to be checked. amavis socket = /var/run/amavis-ng/socket.amavis ;; This is the socket amavs-milter will listen on. [security] ;; Resource limits for unpacking each message ;; How many levels of unpacking do we do? maxlevels = 20 ;; How many files do we want to write? maxfiles = 1000 ;; How much diskspace do we want to consume? maxspace = 30M ;; If amavis is run as UID root, drop root privileges to uid, gid. uid = amavis gid = amavis [CLAMD] socket = /var/run/clamd.ctl milter socket = /var/run/amavis-ng/socket.milter ;; The path to amavis-milter amavis-milter = /usr/sbin/amavis-milter ;; amavis-milter pid file amavis-milter pidfile = /var/run/amavis-ng/amavis-milter.pid ;; Debug options for amavis-milter (should not be needed in normal ;; operation) amavis-milter debug = 3 amavis-milter logfile = /var/log/amavis-ng/amavis-milter.log ;; The AMaViS pid file pidfile = /var/run/amavis-ng/amavisd.pid daemon = yes ;; For sending out messages sendmail = /usr/sbin/sendmail args = -i -f -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+d2FfGOU6HQZ81TcRAq79AJ0VNVYGbIMTC37Zl37yMN7yz6Zm1wCeLOlf lmfrDWcZ/GhB+6PEbEnpW8A= =9XLk -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
SSL Configuration and sendmail problem in mqueue
Hi people: When u intall debian with the ssl package from where does the ssl get the certificate. I been looking arround the /etc/ssl/ but could n't make it clear. Could anyone help with this. The other cuestion is rather simple just to avoid a mess. I got a server with sendmail runnig, we use amavis to filter the in/out-caming mail I found in /var/spool/mqueue/ several mail files dating from more than 2 or even3 month ago. Could I stop the sendmail and wipe out all this files, or shuld take some care and erase only the old ones. Thank's rak -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]