Header Rewriting in Qmail

[Farooq Ashraf]

Hi:

I would like to run Qmail on my firewall to receive and send mail from
internal and external networks respectively. The question is, how can I
rewrite/remove header information to hide the path that the message has
travelled (in fact to hide the identity of internal machines.)

Any suggestions/guidelines, etc.

---
| Farooq Ashraf   | Tel   : (966) 3-860-5634  |
| System Admin. & Lecturer| Fax   : (966) 3-860-5634  |
| College of Computer Science |   |  
|  and Engineering (CCSE) |   |  
| King Fahd University of | E-Mail:   |
| Petroleum & Minerals (KFUPM)| [EMAIL PROTECTED]  |
| KFUPM Box 1218  | [EMAIL PROTECTED] |
| Dhahran 31261, Saudi Arabia |   |
---

qmail Digest 5 Sep 1999 10:00:01 -0000 Issue 750

[qmail-digest-help]

qmail Digest 5 Sep 1999 10:00:01 - Issue 750

Topics (messages 29841 through 29854):

POP3
29841 by: James Smallacombe <[EMAIL PROTECTED]>

restarting qmail
29842 by: Bill Parker <[EMAIL PROTECTED]>

The word from Mail.com
29843 by: Peter van Dijk <[EMAIL PROTECTED]>

Mail.com blacklisting
29844 by: [EMAIL PROTECTED] (John R. Levine)

Lobby mail.com
29845 by: Russell Nelson <[EMAIL PROTECTED]>

Check the RCPT TO: against
29846 by: Russell Nelson <[EMAIL PROTECTED]>

patch wanted: add maildir to elm
29847 by: [EMAIL PROTECTED]

Any ideas?
29848 by: Russell Nelson <[EMAIL PROTECTED]>
29849 by: [EMAIL PROTECTED]
29850 by: Russell Nelson <[EMAIL PROTECTED]>

qmail & inetd.conf
29851 by: Daemeon Reiydelle <[EMAIL PROTECTED]>

standardizing qmail uid and gid numbers
29852 by: [EMAIL PROTECTED]
29853 by: Russell Nelson <[EMAIL PROTECTED]>

Header Rewriting in Qmail
29854 by: Farooq Ashraf <[EMAIL PROTECTED]>

Administrivia:

To subscribe to the digest, e-mail:
[EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]

To bug my human owner, e-mail:
[EMAIL PROTECTED]

To post to the list, e-mail:
[EMAIL PROTECTED]


--



On Sat, 4 Sep 1999 [EMAIL PROTECTED] wrote:

> I have Qmail installed on a FreeBSD 3.2 box and want to allow  users to
> check their mail via POP3 clients- I downloaded and installed the
> checkpassed package- but  I believe tat I have to add a line to my startup
> files- what is it??

depends how you're running it...if you're running it from tcpserver:

/usr/local/bin/tcpserver 0 pop3 /var/qmail/bin/qmail-popup hostname \
/bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir &

If you're not, use inetd.

This is covered in the FAQ:

5.3. How do I set up qmail-pop3d?





At 01:17 AM 9/4/99 -0400, you wrote:
>Stephen,
>
> A kill -HUP seems to always work for me.
>
/etc/rc.d/init.d/qmail stop
/etc/rc.d/init.d/qmail start

will also work well :)

-Bill






On Wed, Sep 01, 1999 at 04:49:40PM -0400, Soffen, Matthew wrote:
> It looks to me that many machines running qmail will die on test 6.
> 
> I tried my personal email server, one I do consulting for, the one at
> abuse.net, and muncher.math.uic.edu. It looks like all of them fail at
> Test 6.
> 
> However when I ran the test on vix's mailer, it passed all the tests.
> The only reason it passes is that it checks the sender address BEFORE
> attempting to deliver.  I also ran the test on Sendmail.org's server.
> It passes as well.
> 
> I have a question though, how valid is testing
> "[EMAIL PROTECTED]" to see if the address
> fails/rejected ?
> The mail server would HAVE to process the % hack.  Its NOT necessarily a
> valid test on all servers.  Its only appropriate to test this on servers
> who HAVE the % hack enabled.
> 
> Comments ?

You are completely right. As stated before in this thread, % may very well
be a valid character in the user-part of an email-address.

Greetz, Peter
-- 
| 'He broke my heart,  |  Peter van Dijk |
 I broke his neck' | [EMAIL PROTECTED] |
   nognikz - As the sun|Hardbeat@ircnet - #cistron/#linux.nl |
http://www.nognikz.mdk.nu/ | Hardbeat@undernet - #groningen/#kinkfm/#vdh |




>http://maps.vix.com/tsi/new-rlytest.cgi?ADDR=iq-ss5.iquest.net

I wrote that relay tester.  It does indeed give false positives for
qmail.  It mostly looks for sendmail holes, since that's where most
of the holes are.

One of the things on my list of things to do is to make it look at the
banner and if it recognizes the MTA, skip tests that are likely to give
false positives.

See http://www.abuse.net/relay.html for the full version that can actually
send test messages.

-- 
John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869
[EMAIL PROTECTED], Village Trustee and Sewer Commissioner, http://iecc.com/johnl, 
Member, Provisional board, Coalition Against Unsolicited Commercial E-mail




Nathan J. Mehl writes:
 > I'm afraid that the message sent by the abuse staff at Mail.Com to Mr.
 > Bell was somewhat unclear.

Um, no, it was *completely* unclear.  The first two sentences were
factual.  From there it turned into utter drivel.

Blocking him was perfectly reasonable, and as you've noted, you've
unblocked him, apologized, and taken steps to ensure that it doesn't
happen again.  On the other hand, sending him and this mailing list on
a wild goose chase, tracking down the rumor *you* generated with your
falsehood about failing relay tests, was completely unacceptable.  You
really owe Justin and maybe us a second, different, apology.

I suggest that this is what it should have said (feel free to rip off
this verbiage and nounage):

On Thu Jul 15, we received a high volume of traffic from
206.246.140.165 (iq-ss5.iquest.net). Specif

Re:help: qmail question

[Mate Wierdl]

You went back to your old style of not giving detals about your setup,
no log output.  Your report sounds like:

"I have a Toyota.  It does not work; please Help!"

Mate

Newbee to Qmail

[Ron 'The InSaNe One' Rosson]

I just got qmail up and installed on my system. I am coming from a Sendmail
8.9.3 setup. Here are the following issues that I am having a hard time
figuring out:
1. How to get qmail to use the /etc/aliases I was using when I was
   running sendmail.
2. How to set a Smarthost for outgoing mail.
3. Whatis the equivalent of mailstats for qmail

TIA
-- 
---
Ron Rosson  ... and a UNIX user said ...
The InSaNe One rm -rf *
[EMAIL PROTECTED]and all was null and void
---
Therapy is expensive, poppin' bubble wrap is cheap! You choose.

Re: Newbee to Qmail

[Magnus Bodin]

On Sun, 5 Sep 1999, Ron 'The InSaNe One' Rosson wrote:

> 1. How to get qmail to use the /etc/aliases I was using when I was
>running sendmail.

install fastforward. And then learn about .qmail-files.

> 2. How to set a Smarthost for outgoing mail.

what is that?

> 3. Whatis the equivalent of mailstats for qmail

qmailanalog

Look at http://www.qmail.org/

And don't miss Dave Sills "Life with qmail"



cheers,

-- 
magnus
-- MOST useless 1998 * http://x42.com/

Re: Newbee to Qmail

[James J. Lippard]

On Sun, 5 Sep 1999, Ron 'The InSaNe One' Rosson wrote:

> I just got qmail up and installed on my system. I am coming from a Sendmail
> 8.9.3 setup. Here are the following issues that I am having a hard time
> figuring out:
>   2. How to set a Smarthost for outgoing mail.

Looks like your other two questions have been answered already.  For this
one, put a file names smtproutes in /var/qmail/control that contains

:smart.host.name

Jim Lippard   [EMAIL PROTECTED]   http://www.discord.org/
Unsolicited bulk email charge:   $500/message.   Don't send me any.
PGP Fingerprint: 0C1F FE18 D311 1792 5EA8  43C8 7AD2 B485 DE75 841C

Problems with tcpserver

[Martin Paulucci]

Hi!!

I'm having some trouble with tcpserver. I'm trying to use relaying, 
and I already have a process running with the following parameters:

qmaild  3464   238  0 23:33:43 ?0:00 tcpserver -H -R -v -
x/etc/tcp.smtp.cdb -u101 -g100 0 25 rblsmtpd /var/qmail/bin 

and also a file, which I compiled with tcprules in /etc/tcp.smtp and 
tcp.smtp.db with this contents:
# cat /etc/tcp.smtp
200.20.10.:allow,RELAYCLIENT=""
200.43.4.:allow,RELAYCLIENT=""
:allow

Where 200.20.10.X is a local private network and 200.43.4.X is my 
C class of internet. 
The problem I'm having is that telnetting from the same mail server 
to port 25 it says it can't relay :
553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) 

But I'm supposed to be an allowed client to relayI'm on that list

What should I do?.

Thanks!
 
Best regards,

Martin Paulucci
http://www.ServiRED.COM
[EMAIL PROTECTED]
Cell Phone: 15-4935-4246
VoiceMail/Fax: (+54-11)4-961-3204

Re: Problems with tcpserver

[Sam]

On Sun, 5 Sep 1999, Martin Paulucci wrote:

> Hi!!
> 
> I'm having some trouble with tcpserver. I'm trying to use relaying, 
> and I already have a process running with the following parameters:
> 
> qmaild  3464   238  0 23:33:43 ?0:00 tcpserver -H -R -v -
> x/etc/tcp.smtp.cdb -u101 -g100 0 25 rblsmtpd /var/qmail/bin 
> 
> and also a file, which I compiled with tcprules in /etc/tcp.smtp and 
> tcp.smtp.db with this contents:
> # cat /etc/tcp.smtp
> 200.20.10.:allow,RELAYCLIENT=""
> 200.43.4.:allow,RELAYCLIENT=""
> :allow
> 
> Where 200.20.10.X is a local private network and 200.43.4.X is my 
> C class of internet. 
> The problem I'm having is that telnetting from the same mail server 
> to port 25 it says it can't relay :
> 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) 

That's because 127.0.0.1 is not specified as an IP address that is allowed
to relay.  If you're telnetting to localhost, you're coming from the
127.0.0.0/8 network.

can't start

[James]

I'm using Red Hat Mandrake 6.0, and I've gone through the Adam McKenna
steps (http://www.flounder.net/qmail/qmail-howto.html) for installing
qmail.  Before this qmail installation, I was able to use sendmail just
fine, except I had problems getting the virtual email setup to work, so
I've decided to use qmail.

Now, after having gone through the installation steps, qmail was running on
my system, until I rebooted.  I thought I had placed the proper script in
the proper startup file, but I guess I haven't.  But for starters, I don't
know how to even START qmail manually.  I tried going into the qmail
install directory and typed:

qmail start

but I got this error: bash: qmail: command not found

So then I went to the /var/qmail/bin directory, but got the same error.
How do I get qmail to start again?  It was running before I rebooted.

I'll also mention that I couldn't get the step for rblsmtpd
(http://www.flounder.net/qmail/qmail-howto.html#10b) to work.. the
"setuser" was a command that my system didn't understand.  Could this cause
a problem?

Thanks for any help.
james

Re: can't start

[James]

Ok.. now I have tried to clean up as much as possible, and I have to issue
this command to start qmail:

./qmail start

and when I do, I get this:

Starting qmail: qmail-sendsupervise: usage: supervise dir
 qmail-smtpdsupervise: usage: supervise dir
.

Does this mean I am getting a supervise error or something?  Or are things
sort of working ok?

james

Re: can't start

[James]

At 10:24 PM 9/5/99 Jim Lippard wrote:
>Try "setuidgid", not "setguid".

Ok.. that worked, but it opened up a whole host of other errors.. so back
to work I go.

james

Re: can't start

[James]

At 07:09 AM 9/6/99 magnus wrote:
>I would try to install daemontools, as the HOWTO, and lwq advises.
>The daemontools package includes setuser or setguid, depending on
>version of daemontools.

I have already installed daemontools, and checked it with:
 date | ./tai64n | ./tai64nlocal
 date | sh -c './multilog t e 2>&1' | ./tai64nlocal

and my output was:
1999-09-05 22:23:21.323922500 Sun Sep  5 22:23:21 PDT 1999
1999-09-05 22:26:13.056125500 Sun Sep  5 22:26:13 PDT 1999

I notice that in my /usr/local/bin directory, I don't see setguid, but I do
see a setuidgid.  Should there be a setguid in that directory?

james

Re: can't start

[James J. Lippard]

Try "setuidgid", not "setguid".

Jim Lippard   [EMAIL PROTECTED]   http://www.discord.org/
Unsolicited bulk email charge:   $500/message.   Don't send me any.
PGP Fingerprint: 0C1F FE18 D311 1792 5EA8  43C8 7AD2 B485 DE75 841C

On Mon, 6 Sep 1999, Magnus Bodin wrote:

> On Sun, 5 Sep 1999, James wrote:
> 
> > >In the life with qmail, his qmail script also has "setuser".. if I replace
> > >all setuser's with "setguid" will this fix my problem?
> > 
> > Well, that didn't fix it.. I get this error now:
> > ./qmail: setguid: command not found
> > 
> > Is there anything else I can try?
> 
> 
> I would try to install daemontools, as the HOWTO, and lwq advises.
> The daemontools package includes setuser or setguid, depending on
> version of daemontools.
> 
> http://pobox.com/~djb/daemontools.html
> 
> -- 
> magnus
> -- MOST useless 1998 * http://x42.com/
> 
> 

Re: can't start

[magnus]

On Sun, Sep 05, 1999 at 10:27:03PM +0100, James wrote:
> At 07:09 AM 9/6/99 magnus wrote:
> >I would try to install daemontools, as the HOWTO, and lwq advises.
> >The daemontools package includes setuser or setguid, depending on
> >version of daemontools.
> 
> I have already installed daemontools, and checked it with:
> [...]
> 
> I notice that in my /usr/local/bin directory, I don't see setguid, but I do
> see a setuidgid.  Should there be a setguid in that directory?

Sorry. I should have written setuidgid.

Either download the OLD version of daemontools and use the instructions in
HOWTO and/or life with qmail, or "reread" the documentation with the changes
mentioned here in mind:

http://qmail.x42.com/koobera/www/daemontools/upgrade.html

(my qmail.org-mirror, couldn't get hold of djb:s site at the time)

-- 
magnus
-- MOST useless 1998 * http://x42.com/

Setting qmail to be a local server and a gateway

[Mark Parker]

Hi,

Is it possible to configure a qmail server to receive and store email for
POP3 retrieval for some virtual domains, and also have it act as a gateway
which simply forwards e-mails for other virtual domains to servers within a
connected internal network.(all domains have MX record pointing to the qmail
server)??

Can this be achieved through a combination of the smtp-routes and virtual
domain settings on the qmail server? If so could it please be outlined as we
are looking at possibly using qmail for this.

Many thanks

Mark Parker

Re: can't start

[James]

>In the life with qmail, his qmail script also has "setuser".. if I replace
>all setuser's with "setguid" will this fix my problem?

Well, that didn't fix it.. I get this error now:
./qmail: setguid: command not found

Is there anything else I can try?

james

Re: can't start

[Magnus Bodin]

On Sun, 5 Sep 1999, James wrote:

> >In the life with qmail, his qmail script also has "setuser".. if I replace
> >all setuser's with "setguid" will this fix my problem?
> 
> Well, that didn't fix it.. I get this error now:
> ./qmail: setguid: command not found
> 
> Is there anything else I can try?


I would try to install daemontools, as the HOWTO, and lwq advises.
The daemontools package includes setuser or setguid, depending on
version of daemontools.

http://pobox.com/~djb/daemontools.html

-- 
magnus
-- MOST useless 1998 * http://x42.com/

Re: can't start

[James]

At 09:14 PM 9/5/99 Pat wrote:
>Well, it looks like you got daemontool 6 where setuser was replaced
>with setguid and other oddities.  I got bitten by that as well.  As
>has been mentioned a couple of times, most of the HOWTOs haven't
>caught up to the newest daemontools.
>You might want to consult the nifty Life with Qmail and see if that
>helps out any:
>http://web.infoave.net/~dsill/lwq.html

In the life with qmail, his qmail script also has "setuser".. if I replace
all setuser's with "setguid" will this fix my problem?  I went to the
correct directory this time to start qmail, and it tried to start, but it
hit the line in the script "setuser" and quit.  I'll go and change all the
"setuser" text I can find.

james

Re: can't start

[Patrick Berry]

>>> James had the thought that... <<<

> Now, after having gone through the installation steps, qmail was running on
> my system, until I rebooted.  I thought I had placed the proper script in
> the proper startup file, but I guess I haven't.  But for starters, I don't
> know how to even START qmail manually.  I tried going into the qmail
> install directory and typed:
> 
> qmail start

Well, if you did indeed put the startup scripts in the right place you
would want to do this:

/etc/rc.d/init.d/qmail start
(at least on redhat systems)

> but I got this error: bash: qmail: command not found

Which would make sense if you were in /usr/local/src/qmail or
whatever since the startup scripts don't live there.

> So then I went to the /var/qmail/bin directory, but got the same error.
> How do I get qmail to start again?  It was running before I rebooted.
> 
> I'll also mention that I couldn't get the step for rblsmtpd
> (http://www.flounder.net/qmail/qmail-howto.html#10b) to work.. the
> "setuser" was a command that my system didn't understand.  Could this cause
> a problem?

Well, it looks like you got daemontool 6 where setuser was replaced
with setguid and other oddities.  I got bitten by that as well.  As
has been mentioned a couple of times, most of the HOWTOs haven't
caught up to the newest daemontools.

You might want to consult the nifty Life with Qmail and see if that
helps out any:
http://web.infoave.net/~dsill/lwq.html

Pat

-- 
Patrick Berry  ---  Code Creation  ---  Freestyle Interactive  ---  415.778.0610
 http://www.freestyleinteractive.com

Re: Login shell for telent clients

[Bill Parker]

At 08:37 PM 9/4/99 -0400, you wrote:
>Is there a way to have in.telnetd present the client with a different
>shell than the default shell (bash) listed in the /etc/login.defs file?
>The man page says you can have a different login program specified at
>the command line for in.telnetd. Would it be a hassle to recompile a
>version of login to change the .defs file? Where is the source code of
>login?

Joel, just so you know, my system was compromised by a pissant hacker from
the following location: 134.96.59.1 (which is a proxy machine located in
the .de domain which is either germany or denmark)...the exploit occurred
because an attempt was made at telnetting into the box (telnet access is
now closed, and commented out in /etc/inetd.conf and /etc/services)...I
strongly advise against using telnet even with tcpwrappers...it took me
the better part of 1.5 hours to get my system back to normal usage,
damage done was to /etc/passwd and qmail v1.03...

I would like to know how something like this could happen, would the
problem have been caused by a rapid fire type of attack, and if so,
what can be done to counter such stupidity (I don't think notifying
the site admin will be of much good, but i'm not sure about this)?

-Bill

p.s. - I got good help by Ken Jones at inter7 to get my system back up
and running, but this should serve as warning not to use telnet in any
way shape or form...