Re: Poor documentation of anti-spam options?
Patrick Bihan-Faou <[EMAIL PROTECTED]> writes on 31 March 2000 at 23:53:31 -0500 > Maybe one way to deal with this is: > 1. verify that the domain of MAIL FROM is correct > 2. verify that the address of the server sending the mail >resolves to that domain... > > This is probably not the best answer, but if you apply that to some key > domains, then you should be able to cut down on a fairly good volume of spam > with fake addresses. Also it should be fairly easy to implement a scheme > like this in qmail (although it also means more DNS lookups for a good > number of incoming mail messages). Remember how we're telling people on the road with laptops that they shouldn't try to relay through their home ISP, they should relay through the ISP they connected to the net through? (so that IP-based relay checking works right). Your suggestion causes their mail to be rejected by the receiving server. NOT a good idea. Also, lots of people who have their own domain, hosted through an ISP, end up sending email with their domain in the envelope sender, but through a server that resolves back to their ISP. I think this idea breaks so much it's hopeless. And what does it really buy you anyway? -- Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]
Re: Poor documentation of anti-spam options?
> Jon Rust <[EMAIL PROTECTED]> wrote: > > I agree with most of what you said here Dave, but I'd have to say > > that rejecting mail with envelope sender domains that don't exist is > > a good thing (either an A or CNAME record, or an MX). If for no other > > reason, you can't bounce back to them. I don't consider this aspect > > an arms race with spammers, just common sense. You give me a false > > from address, I reject your mail. > > Except you're supposing that if a domain is valid, you can resolve it. They > aren't the same thing. I see the daily mail logs here every day, and we always > have a few legitimate mails which are rejected by a receiver doing this; > the problem is, their DNS is down, or their resolver is broken, or their > BIND has decided to take a field day. Result? They reject our legitimate > mail. Well there are other ways to test if a domain *at least* exists. You can check it with whois. OK this is not *the* good answer either, but at least it gives you an good indication that the domain name is potentially working... The problem with spam is that there is no reliable way to split spam from legitimate mail. If you try to filter-out spam, you will always end-up filtering out proper mail as well. The key is to try to keep track as much as possible of what is accepted and what is rejected. Also the tolerable lost email / killed spam ratio is somewhat a personal decision... Patrick.
Re: Poor documentation of anti-spam options?
Hi, From: "Paul Schinder" <[EMAIL PROTECTED]> > At 3:06 PM -0500 3/31/00, Dave Sill wrote: > >Do the spammers: > > > > 1) throw up their hands and admit defeat, or > > 2) start using valid (but wrong) domains in their envelope return > > paths, thereby defeating your rejection and escalating the arms > > race? > > > >Note that many are already doing (2), of course. > > I've had several emails using my @pobox.com address as the MAIL FROM > bounced because spammers use phony @pobox.com addresses. I've never > seen a single spam that originated on pobox's servers. Most of the > spam I see comes from China or relay raped machines outside the US. > And, of course, I've seen numerous pieces of spam with phony > @yahoo.com, @hotmail.com, @aol.com, etc. > Maybe one way to deal with this is: 1. verify that the domain of MAIL FROM is correct 2. verify that the address of the server sending the mail resolves to that domain... This is probably not the best answer, but if you apply that to some key domains, then you should be able to cut down on a fairly good volume of spam with fake addresses. Also it should be fairly easy to implement a scheme like this in qmail (although it also means more DNS lookups for a good number of incoming mail messages). Patrick.
Re: Pop3 and logging?
I have some patches in: http://members.surfshop.net.ph/~bench/qmail On Fri, 31 Mar 2000, Dave Sill wrote: > Chris Bond <[EMAIL PROTECTED]> wrote: > > >Does anybody know the extra line i need to add so that all incoming pop3 > >connections will be logged to mail.info (I need the IP Address and > >username). Currently I start pop3 with the following: > > > >/usr/bin/tcpserver 0 110 /usr/sbin/qmail-popup chef.praceng.co.uk > >/usr/bin/checkpassword /usr/sbin/qmail-pop3d Maildir & > > Add the "-v" option to tcpserver and tack on "| splogger" to the end > of the command (before the &), and you'll get *some* logging. You > won't get username logged without patching qmail-popup, I think. > > -Dave >
Re: tcpserver fork
On Fri, 31 Mar 2000, Peter van Dijk wrote: > On Fri, Mar 31, 2000 at 01:06:10PM +, S Ashok Kumar wrote: > > RedHat 6.1 with qmail-1.03 and ucspi - 0.84. > > qmail-smtpd is run by tcpserver and the -c value is 2000. But as soon as > > it reaches 1247 sessions, it is not able to fork further processes, the > > error message is: > > > > tcpserver: warning: dropping connection, unable to fork: temporary > > failure > > > > You are out of processes. A little tweaking with 'ulimit' might help, or > perhaps you need to tune your kernel somewhere deeper. For Linux, you need to increase NR_TASKS. Edit your /usr/src/linux/includes/linux/tasks.h and recompile the kernel. I've already bumped up NR_TASKS to 1024, then again to 2048. From the comments in tasks.h, the limit for NR_TASKS is 4096 on intel, but I haven't been able to get it to boot when set to 4096 (this is on 2.2.14, IIRC, so newer/development kernels may be different.) HTH, Brian -- [EMAIL PROTECTED] http://www.baquiran.com AIM: bbaquiran
Re: Poor documentation of anti-spam options?
At 3:06 PM -0500 3/31/00, Dave Sill wrote: >Do the spammers: > > 1) throw up their hands and admit defeat, or > 2) start using valid (but wrong) domains in their envelope return > paths, thereby defeating your rejection and escalating the arms > race? > >Note that many are already doing (2), of course. I've had several emails using my @pobox.com address as the MAIL FROM bounced because spammers use phony @pobox.com addresses. I've never seen a single spam that originated on pobox's servers. Most of the spam I see comes from China or relay raped machines outside the US. And, of course, I've seen numerous pieces of spam with phony @yahoo.com, @hotmail.com, @aol.com, etc. > >-Dave -- -- Paul J. Schinder NASA Goddard Space Flight Center Code 693 [EMAIL PROTECTED]
Re: Poor documentation of anti-spam options?
On Thu, Mar 30, 2000 at 03:10:08PM -0800, Jon Rust wrote: > Chris, > > I'm in the exect same place. Finally implemented rblsmtpd, and would > now like to reject addresses with fake domains. I found this: > http://qmail.area.com/qmail-1.03-mfcheck.3.patch, but have not yet > tried it. I was hoping to get some feedback from list on it, but > apparently no one here uses it. hi just wanted to mention this patch which was reccomended to me but i haven't seen mentioned: http://www.flame.org/qmail/ you want poor documentation? this guy's consists of "I won't explain how to apply these patches. I assume you know what you're doing." according to this page the patch provides dns lookups on the smtp MAIL FROM line, checks headers against a 'badheaders' file, rejects based on RBL, and adds a warning header to matches against the MAPS DUL. before i go applying this.. any commentary from users of this patch, or judgements on how it compares to other antispam patches? i am suspect of this patch because flame.org is full of antispam rhetoric and links, but doesn't seem to link to this patch. thanks jeff -- [EMAIL PROTECTED] collab.net | open source | do what's right | now hiring people with clue
qmail-smtpd on SCO OSR5.0.5
Greetings, I'm having a problem whereby SMTP connections from certain mail-servers work fine and from other servers there is a big problem (all packets appear to disappear or get disregarded). Most of the ISP's servers fail (including the secondary MX). The ISP has: 1) Traced the packets as far as the ISDN router. 2) Double checked the router config. and say that everything is fine ... The router (CISCO 801) maps ports 25 and 53(TCP & UDP) through to the SCO box. qmail-smtpd is running under tcpserver with -v for logging purposes ... The config for qmail is very simple. Some servers at the ISP can (and do) telnet to port 25 and get a "good" connect and manage to get through the smtp session and mail entered is delivered. Others receive the "banner" but everything else sent gets "lost" and eventually the session times-out. There are no "deny's" on the router or on SCO,(that I can find) What can any-one suggest ... depression is setting in. Jon Jenkins
Re: Poor documentation of anti-spam options?
Points (Charles' too) taken. Both good arguments. Dunno know if they changed my mind, but got my thinking anyway... jon At 3:06 PM -0500 3/31/00, Dave Sill wrote: >Jon Rust <[EMAIL PROTECTED]> wrote: > >>I agree with most of what you said here Dave, but I'd have to say >>that rejecting mail with envelope sender domains that don't exist is >>a good thing (either an A or CNAME record, or an MX). If for no other >>reason, you can't bounce back to them. > >You have two choices: accept the mail or reject it. If you accept it, >it may be unreplyable, but at least the message has been delivered. If >you reject it, the mail doesn't go through, which is kind of counter >to the whole idea of SMTP. > >Now, the envelope sender could be bad for one of two reasons: it could >be intentionally bad, i.e., spam, or it could be unintentionally bad, >e.g., a typo or a DNS fubar. If it's spam, and you reject it, you >win. If it's not spam and you reject it, you lose. > >OK, so you're willing to throw out the baby with bathwater, and you >start rejecting them. Lots of other people start doing that, too. > >Do the spammers: > > 1) throw up their hands and admit defeat, or > 2) start using valid (but wrong) domains in their envelope return > paths, thereby defeating your rejection and escalating the arms > race? > >Note that many are already doing (2), of course. > >-Dave
pop and smtp sample clients (API) ??
I need to incorporate the ability to send and receieve email (including all incoming email housekeeping) in my C++ and/or Java application. Is there any sample C++/Java classes that can be readily used to do this sort of a thing ? Is there any sample C code that shows how to access the POP/SMTP servers for displaying and sending email. In short, my application will need to build a front end client that communicates with POP/SMTP. Any pointers to documentation urls and/or books will be appreciated. __ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com
Re: Pop3 and logging?
If you set up qmail-pop3d under supervise, as qmail-smtpd described in LWQ, and patch checkpassword to dump all the log info I want to stdout or stderr, will it be logged by multilog? Thanks, JES Dave Sill writes: > Chris Bond <[EMAIL PROTECTED]> wrote: > > >Does anybody know the extra line i need to add so that all incoming pop3 > >connections will be logged to mail.info (I need the IP Address and > >username). Currently I start pop3 with the following: > > > >/usr/bin/tcpserver 0 110 /usr/sbin/qmail-popup chef.praceng.co.uk > >/usr/bin/checkpassword /usr/sbin/qmail-pop3d Maildir & > > Add the "-v" option to tcpserver and tack on "| splogger" to the end > of the command (before the &), and you'll get *some* logging. You > won't get username logged without patching qmail-popup, I think. > > -Dave
Re: Relay based on IP
"Ricardo D. Albano" <[EMAIL PROTECTED]> wrote: >How can I set qmail to accept relaying from a set of IPs ? >I wan't to set qmail to accept relaying from some local nets. See: http://Web.InfoAve.Net/~dsill/lwq.html#relaying -Dave
Relay based on IP
How can I set qmail to accept relaying from a set of IPs ? I wan't to set qmail to accept relaying from some local nets. RDA.-
Re: Pop3 and logging?
Chris Bond <[EMAIL PROTECTED]> wrote: >Does anybody know the extra line i need to add so that all incoming pop3 >connections will be logged to mail.info (I need the IP Address and >username). Currently I start pop3 with the following: > >/usr/bin/tcpserver 0 110 /usr/sbin/qmail-popup chef.praceng.co.uk >/usr/bin/checkpassword /usr/sbin/qmail-pop3d Maildir & Add the "-v" option to tcpserver and tack on "| splogger" to the end of the command (before the &), and you'll get *some* logging. You won't get username logged without patching qmail-popup, I think. -Dave
Re: Poor documentation of anti-spam options?
Jon Rust <[EMAIL PROTECTED]> wrote: >I agree with most of what you said here Dave, but I'd have to say >that rejecting mail with envelope sender domains that don't exist is >a good thing (either an A or CNAME record, or an MX). If for no other >reason, you can't bounce back to them. You have two choices: accept the mail or reject it. If you accept it, it may be unreplyable, but at least the message has been delivered. If you reject it, the mail doesn't go through, which is kind of counter to the whole idea of SMTP. Now, the envelope sender could be bad for one of two reasons: it could be intentionally bad, i.e., spam, or it could be unintentionally bad, e.g., a typo or a DNS fubar. If it's spam, and you reject it, you win. If it's not spam and you reject it, you lose. OK, so you're willing to throw out the baby with bathwater, and you start rejecting them. Lots of other people start doing that, too. Do the spammers: 1) throw up their hands and admit defeat, or 2) start using valid (but wrong) domains in their envelope return paths, thereby defeating your rejection and escalating the arms race? Note that many are already doing (2), of course. -Dave
Re: Poor documentation of anti-spam options?
Jon Rust <[EMAIL PROTECTED]> wrote: > I agree with most of what you said here Dave, but I'd have to say > that rejecting mail with envelope sender domains that don't exist is > a good thing (either an A or CNAME record, or an MX). If for no other > reason, you can't bounce back to them. I don't consider this aspect > an arms race with spammers, just common sense. You give me a false > from address, I reject your mail. Except you're supposing that if a domain is valid, you can resolve it. They aren't the same thing. I see the daily mail logs here every day, and we always have a few legitimate mails which are rejected by a receiver doing this; the problem is, their DNS is down, or their resolver is broken, or their BIND has decided to take a field day. Result? They reject our legitimate mail. Admittedly, it's a small number (5-50 a day out of thousands of deliveries) but I'm sure the mail users at those remote sites would be less than pleased to find out that their email is being needlessly delayed because of an anti-spam measure that doesn't buy you much. Charles -- --- Charles Cazabon<[EMAIL PROTECTED]> GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: Logging before qmail-send??
[EMAIL PROTECTED] wrote: >Okay, I've read the docs and man pages, but still want to know if I Got >It... > >First chain: > tcpserver | qmail-smptd | qmail-queue > >Second chain: > qmail-send | qmail-rspawn | qmail-local | splogger Yeah, approximately. >This means log1() (see qsutil.h) works anywhere in the second chain (because >it gets piped to splogger), but not in the first chain (no splogger). Do I >have this right? qmail-send logs to standard output, which is fed to splogger. If -rspawn or -local give errors, qmail-send logs them. >How would I add qmail logging to the first chain (pre-qmail-send)? tcpserver logs to standard output, but it doesn't log errors or output from -smtpd or or -queue. If you want qmail-smtpd to log, you'll have to patch it to do so, since it simply doesn't. And you'll have to call syslog rather than write to standard output or standard error since tcpserver doesn't pass them through for you. What is it you want to log? -Dave
Re: Poor documentation of anti-spam options?
I agree with most of what you said here Dave, but I'd have to say that rejecting mail with envelope sender domains that don't exist is a good thing (either an A or CNAME record, or an MX). If for no other reason, you can't bounce back to them. I don't consider this aspect an arms race with spammers, just common sense. You give me a false from address, I reject your mail. I guess it could be done using dot-qmail, maildrop/procmail and a little elbow grease on a per user basis. For me, that's not ideal, but would work. jon At 2:24 PM -0500 3/31/00, Dave Sill wrote: >Chris Hardie <[EMAIL PROTECTED]> wrote: > >>I've been observing what seems to be a lack of clear and concise >>documentation about anti-spam/security options for the novice and/or >>average qmail user. > >LWQ doesn't cover anti-spam options in depth because I've personally >never felt the need to implement MTA-level spam control and nobody who >does use them has contributed such coverage. > >qmail's anti-spam options are limited because there's simply no >reliable way to differentiate spam and legitimate mail. DJB refuses to >engage in an arms race with spammers.
Mailing list question.
Hi List. I'm a pretty new with qmail. In fact I just drop sendmail few days ago. I manage to define a new list (with qmailadmin) but I need to put in this list a very large list of users that exists in a virtual domain. The question is: how can i do that, without typing one by one? Thanks in advance!!!
Re: POP Account
Hemanta Sharma <[EMAIL PROTECTED]> wrote: >I have two different users, one want to get email in > >[EMAIL PROTECTED] >which is no problem and the other one want to get it in > >[EMAIL PROTECTED] >which is creating the problem > >The problem is that when the message is sent to [EMAIL PROTECTED], the >user [EMAIL PROTECTED] get the message instead. > >Pls suggest the necessary configs. and the way to do it Assuming that abc.com is a real, local domain and 123.abc.com is a virtual domain... Mail to [EMAIL PROTECTED] will be handled by local user "hemanta" abc.com. Say you want [EMAIL PROTECTED] to go to local user "hemanta123". Add: 123.abc.com to control/rcphosts. Add: 123.abc.com:alias-123 to control/virtualdomains. Put: &hemanta123 in ~alias/.qmail-123-hemanta. Restart qmail. -Dave
Re: Poor documentation of anti-spam options?
Chris Hardie <[EMAIL PROTECTED]> wrote: >I've been observing what seems to be a lack of clear and concise >documentation about anti-spam/security options for the novice and/or >average qmail user. LWQ doesn't cover anti-spam options in depth because I've personally never felt the need to implement MTA-level spam control and nobody who does use them has contributed such coverage. qmail's anti-spam options are limited because there's simply no reliable way to differentiate spam and legitimate mail. DJB refuses to engage in an arms race with spammers. There are few security options in qmail: security was designed into it. Exceptions are relaying control via rcphosts and RELAYCLIENT, and process limits such as those provided by concurrencyremote/concurrencylocal, tcpserver, and softlimit. These are, I think, adequately covered by LWQ. LWQ doesn't cover relay control via STARTTLS and AUTH patches, but it will eventually since I've recently done this. >Only after scouring the mailing list archive was I able to determine that >that "DENYMAIL" patch is the apparently recommended way of doing this, and >of course everyone says "get it from the qmail website". I'm not sure, but I don't think that patch was ever updated for 1.03. >Whether or not this particular example is valid, it definitely seems like >one has to do a lot of work to figure out the best way to set up a secure >(but not draconian) and spam-unfriendly (but not malicious) qmail system. A standard LWQ install is reasonably secure and, at least, not an open relay. -Dave
Re: how do you use a deferral host in qmail?
Ian Lance Taylor <[EMAIL PROTECTED]> wrote: >smtproutes is read by qmail-remote, and a new qmail-remote process is >spawned for each outgoing mail message anyhow. Of course. Thanks. -Dave
Re: qmail-lspawn # Using qmail-local to deliver messages to ~/Mailbox by default.??./Maibox
em9652015 <[EMAIL PROTECTED]> wrote: >I have problem, while I try ps ax show this, > >qmail-lspawn # Using qmail-local to deliver messages to ~/Mailbox by >default.??./Maibox > >How I can turn off this option? This isn't an option, it's a misconfiguration. Look at the script that runs qmail-start: it's botched. -Dave
Re: how do you use a deferral host in qmail?
Date: Fri, 31 Mar 2000 10:37:25 -0500 (EST) From: Dave Sill <[EMAIL PROTECTED]> >The remaining problem is to have a current set of smtproutes >available which could probably be generated from log file >analysis in near-realtime. Doing it anywhere near realtime would require many qmail restarts on both systems, which is not good for performance. smtproutes is read by qmail-remote, and a new qmail-remote process is spawned for each outgoing mail message anyhow. This plan shouldn't have a significant performance impact. (Well, I suppose a very large smtproutes file might be problematical.) But I agree that using distributing the mail randomly across multiple outgoing mail servers seems like a better and simpler approach. Ian
Re: Problem: 552 max. message size exceeded
Quoting Peter van Dijk ([EMAIL PROTECTED]): > On Thu, Mar 30, 2000 at 11:17:16AM -0800, Aaron L. Meehan wrote: > [snip] > > > > Yes, this same thing happens when sending messages larger than 1Mb to > > hotmail.com nowadays. There was a good thread about it, if I > > remember. The deal was that hotmail is expecting the peer to > > implement ESMTP SIZE if it gets "EHLO blah." > > qmail-remote says HELO, not EHLO. Ahh, yes, that was why hotmail's behavior was so utterly broken! I didn't recall that fact. Thanks. Aaron
Re: tcpserver fork
> I think the standard linux kernel supports 512 processes. So you are > probably > running into that limit. You need to modify your kernel to support more > processes. There are some HOWTO's to do this on the linux sites Unfortunately, I haven't come across docs that are correct on how to do it. Most docs say that it's not necessary to modify the kernel source as it previous versions, but the tricks they suggest haven't worked for me on 2.2 or 2.3 kernels, I've still had to modify the header files as the older docs suggest. steve
Re: tcpserver fork
I think the standard linux kernel supports 512 processes. So you are probably running into that limit. You need to modify your kernel to support more processes. There are some HOWTO's to do this on the linux sites -- Ken Jones http://www.inter7.com/vpopmail/ "Ricardo D. Albano" wrote: > > I have the same problem. > I'm running qmail as inbound relay server of a large site, te server is a > 4xPII 400Mhz - 1Gb RAM, but when the tcpserver processes reach about ~400, > My linux box crash (Shared library errors and 'no more forks'). > > How can I increment this number ? > > RDA.- > > >RedHat 6.1 with qmail-1.03 and ucspi - 0.84. > >qmail-smtpd is run by tcpserver and the -c value is 2000. But as soon as > >it reaches 1247 sessions, it is not able to fork further processes, the > >error message is: > > > >tcpserver: warning: dropping connection, unable to fork: temporary > >failure > > > >This value (1247) does not change even when I increase RAM from 512MB to > >1GB or decrease it to 128MB. My question is what causes fork to not run > >a new process. I know it is a non qmail question. But someone over here > >who has already solved this problem may help me or point me to some URLs > >to troubleshoot this. > > > >Thanks. > > > >- Ashok -- Ken Jones http://www.inter7.com/vpopmail/
Re: tcpserver fork
Thank's, but this doesn't work. At 350 tcpserver forks it crash with 'can not open shared library' ... 'no more forks... etc. RDA.- >On Fri, Mar 31, 2000 at 12:29:37PM -0300, Ricardo D. Albano wrote: >> >> I have the same problem. >> I'm running qmail as inbound relay server of a large site, te server is a >> 4xPII 400Mhz - 1Gb RAM, but when the tcpserver processes reach about ~400, >> My linux box crash (Shared library errors and 'no more forks'). > >Actually, this is more of a Linux issue... > >Anyway, try this: > >echo 65536 > /proc/sys/fs/inode-max >echo 16384 > /proc/sys/fs/file-max > > Regards; > Ricardo > >> >> How can I increment this number ? >> >> RDA.- >> >> >> >RedHat 6.1 with qmail-1.03 and ucspi - 0.84. >> >qmail-smtpd is run by tcpserver and the -c value is 2000. But as soon as >> >it reaches 1247 sessions, it is not able to fork further processes, the >> >error message is: >> > >> >tcpserver: warning: dropping connection, unable to fork: temporary >> >failure >> > >> >This value (1247) does not change even when I increase RAM from 512MB to >> >1GB or decrease it to 128MB. My question is what causes fork to not run >> >a new process. I know it is a non qmail question. But someone over here >> >who has already solved this problem may help me or point me to some URLs >> >to troubleshoot this. >> > >> >Thanks. >> > >> >- Ashok >> > >-- >+--- >| Ricardo Cerqueira >| PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42 >| Novis - Engenharia / Rede Técnica >| Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal >| Tel: +351 21 3166730/00 (24h/dia) - Fax: +351 21 3166701
Re: tcpserver fork
On Fri, Mar 31, 2000 at 12:29:37PM -0300, Ricardo D. Albano wrote: > > I have the same problem. > I'm running qmail as inbound relay server of a large site, te server is a > 4xPII 400Mhz - 1Gb RAM, but when the tcpserver processes reach about ~400, > My linux box crash (Shared library errors and 'no more forks'). Actually, this is more of a Linux issue... Anyway, try this: echo 65536 > /proc/sys/fs/inode-max echo 16384 > /proc/sys/fs/file-max Regards; Ricardo > > How can I increment this number ? > > RDA.- > > > >RedHat 6.1 with qmail-1.03 and ucspi - 0.84. > >qmail-smtpd is run by tcpserver and the -c value is 2000. But as soon as > >it reaches 1247 sessions, it is not able to fork further processes, the > >error message is: > > > >tcpserver: warning: dropping connection, unable to fork: temporary > >failure > > > >This value (1247) does not change even when I increase RAM from 512MB to > >1GB or decrease it to 128MB. My question is what causes fork to not run > >a new process. I know it is a non qmail question. But someone over here > >who has already solved this problem may help me or point me to some URLs > >to troubleshoot this. > > > >Thanks. > > > >- Ashok > -- +--- | Ricardo Cerqueira | PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42 | Novis - Engenharia / Rede Técnica | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal | Tel: +351 21 3166730/00 (24h/dia) - Fax: +351 21 3166701
Re: how do you use a deferral host in qmail?
[EMAIL PROTECTED] wrote: >On Thu, Mar 30, 2000 at 03:23:21PM -0500, Dave Sill wrote: >> Logging with multilog is very cheap. > >sounds interesting... where do I look? ftp://koobera.math.uic.edu/www/daemontools.html >:-) Just an idea on how to split the mail: > >I guess that "a large percentage" of said deferred mail goes to a >handful of domains. So I would take that spare machine and set it >up to handle such mail, and configure the main mail server to >forward that mail to the second mail server using "smtproutes". >So you would deliver most of that mail immediately to the >secondary server, thus freeing the main server's resources, >and have the secondary mail server trying the slower deliveries. That's an interesting approach. I'm still unclear about the advantages of splitting the load between servers by deliverability vs. some arbitrary scheme. How does having the main server pumping out all highly deliverable mail and the fallback server plodding away on frequently deferred mail win over two (or three or N) servers doing a mix of both? >The remaining problem is to have a current set of smtproutes >available which could probably be generated from log file >analysis in near-realtime. Doing it anywhere near realtime would require many qmail restarts on both systems, which is not good for performance. -Dave
Re: tcpserver fork
I have the same problem. I'm running qmail as inbound relay server of a large site, te server is a 4xPII 400Mhz - 1Gb RAM, but when the tcpserver processes reach about ~400, My linux box crash (Shared library errors and 'no more forks'). How can I increment this number ? RDA.- >RedHat 6.1 with qmail-1.03 and ucspi - 0.84. >qmail-smtpd is run by tcpserver and the -c value is 2000. But as soon as >it reaches 1247 sessions, it is not able to fork further processes, the >error message is: > >tcpserver: warning: dropping connection, unable to fork: temporary >failure > >This value (1247) does not change even when I increase RAM from 512MB to >1GB or decrease it to 128MB. My question is what causes fork to not run >a new process. I know it is a non qmail question. But someone over here >who has already solved this problem may help me or point me to some URLs >to troubleshoot this. > >Thanks. > >- Ashok
Re: Problem: 552 max. message size exceeded
[EMAIL PROTECTED] wrote: >thank you. So it's time to move to qmail-1.04, which will presumably >not only support ESMTP, but also incorporate that bunch of patches >floating around? I seriously doubt there will be a 1.04. I also seriously doubt the next release of qmail will incorporate "that bunch of patches floating around". >(Ok, what would it cost to do it?) Are you asking for a price quote? If so, please contact qmail consultants off list. >Or is qmail dead due to Postfix success? Yeah, that's the ticket: qmail's dead. :-) Postfix is pretty nice, but it borrows heavily from qmail. Where it diverges, I think it generally suffers--often in the name of sendmail compatibility. I find its configuration cumbersome compared to qmail. It's modular, but not as usefully as qmail. The code is solid, but DJB's code is substantially more robust. -Dave
Virtual Users ?
Hello list, I've read the documentation about virtual domains and it seems fairly clear to me. I also came over vchkpw (oder vpoper nowadays). In 'vchkps' is described how to create pop accounts vor virtual users, e.g. users that are not in /etc/passwd but in a flat text file or even in a mysql database. Is there a way to configure qmail to look up users from a simple flat text file (so not /etc/passwd) or even a mysqldatabase (okok, performance penalty) when accepting mails for local deilvery via port 25 ? [and this for virtual domains, too] thanks for your time, Markus Fischer -- Markus Fischer, http://josefine.ben.tuwien.ac.at/~mfischer/ EMail: [EMAIL PROTECTED] PGP Public Key: http://josefine.ben.tuwien.ac.at/~mfischer/C2272BD0.asc PGP Fingerprint: D3B0 DD4F E12B F911 3CE1 C2B5 D674 B445 C227 2BD0 - Free Software For A Free World -
Re: qmailanalog
Hello all, On Thu, Mar 30, 2000 at 08:42:07PM +0200, S.P. Hoeke wrote: > I'm wondering if there's a FAQ or HOW-TO with regards to qmailanalog... > The man pages are, for me, not sufficient to get it running :-( I had it running once, but it didn't produce the desired results. What irks me is that it's a real hack of awk and the like that I don't understand (read "unmaintainable for me"). Does anyone know if there is perchance a Perl version floating around? Other than that running qmailanalog was a two-stage processing of the qmail log files, as far as memory serves. First I had to produce an intermediate format which was then processed by various programs to generate the different reports. Best Regards, --Toni++
Re: Problem: 552 max. message size exceeded
Hello, On Fri, Mar 31, 2000 at 04:01:31PM +0200, Peter van Dijk wrote: > On Thu, Mar 30, 2000 at 11:17:16AM -0800, Aaron L. Meehan wrote: > > implement ESMTP SIZE if it gets "EHLO blah." > > qmail-remote says HELO, not EHLO. thank you. So it's time to move to qmail-1.04, which will presumably not only support ESMTP, but also incorporate that bunch of patches floating around? (Ok, what would it cost to do it?) Or is qmail dead due to Postfix success? Best Regards, --Toni++
Re: Command Line Options
System Administrator <[EMAIL PROTECTED]> wrote: > > Can anyone help me mail thru command line ? > > I need to mail with attachements. i.e mail a user thru command line > options and where in i need to send some files as attachments in the same > mail. This is an MUA issue. One easy way to get full MIME encoding from the commandline would be to install mutt (www.mutt.org) and call it from the commandline: mutt [EMAIL PROTECTED] -a attachment1.txt -a attachment2.txt < To: "Recipient" <[EMAIL PROTECTED]> Subject: Mail with attachments sent from commandline Here are your attachments EOF Charles -- --- Charles Cazabon<[EMAIL PROTECTED]> GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: how do you use a deferral host in qmail?
On Thu, Mar 30, 2000 at 01:29:21PM -0800, Jon Rust wrote: > At 4:08 PM -0500 3/30/00, Jeremy Hansen wrote: > >You're cocky and absolutely useless. > > > >Thanks > >-jeremy > > Whoa, you're so far off base now, I'd guess you just lost all > interest from anyone else worthwhile on the list. Mine anyway... > Dave Sill has been, and continues to be, a tremendous support > resource on the list and through LWQ. Just because he didn't give the > answer you wanted doesn't mean he's "absolutely useless". Correct. Dave rulez :) > Take a deep breath, play some Q3A or whatever, and realize that he > and John Levine have pointed you in the right direction. Correct. Now, I want killfiles for mutt :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: tcpserver fork
On Fri, Mar 31, 2000 at 01:06:10PM +, S Ashok Kumar wrote: > RedHat 6.1 with qmail-1.03 and ucspi - 0.84. > qmail-smtpd is run by tcpserver and the -c value is 2000. But as soon as > it reaches 1247 sessions, it is not able to fork further processes, the > error message is: > > tcpserver: warning: dropping connection, unable to fork: temporary > failure > > This value (1247) does not change even when I increase RAM from 512MB to > 1GB or decrease it to 128MB. My question is what causes fork to not run > a new process. I know it is a non qmail question. But someone over here > who has already solved this problem may help me or point me to some URLs > to troubleshoot this. You are out of processes. A little tweaking with 'ulimit' might help, or perhaps you need to tune your kernel somewhere deeper. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Problem: 552 max. message size exceeded
On Thu, Mar 30, 2000 at 11:17:16AM -0800, Aaron L. Meehan wrote: [snip] > > Yes, this same thing happens when sending messages larger than 1Mb to > hotmail.com nowadays. There was a good thread about it, if I > remember. The deal was that hotmail is expecting the peer to > implement ESMTP SIZE if it gets "EHLO blah." qmail-remote says HELO, not EHLO. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
tcpserver fork
RedHat 6.1 with qmail-1.03 and ucspi - 0.84. qmail-smtpd is run by tcpserver and the -c value is 2000. But as soon as it reaches 1247 sessions, it is not able to fork further processes, the error message is: tcpserver: warning: dropping connection, unable to fork: temporary failure This value (1247) does not change even when I increase RAM from 512MB to 1GB or decrease it to 128MB. My question is what causes fork to not run a new process. I know it is a non qmail question. But someone over here who has already solved this problem may help me or point me to some URLs to troubleshoot this. Thanks. - Ashok
Re: Command Line Options
On Fri, 31 Mar 2000 18:01:13 +0530 (IST), System Administrator <[EMAIL PROTECTED]> wrote: >HI > >Can anyone help me mail thru command line ? > >I need to mail with attachements. i.e mail a user thru command line >options and where in i need to send some files as attachments in the same >mail. > >- Admin. > >--- >Parag Mehta <[EMAIL PROTECTED]> >System Administrator. > >Puretech Internet Pvt. Ltd. http://puretech.co.in/ >77 Atlanta. Nariman Point. >Mumbai - 400021. India. Tel: +91-22-2833158 > > how about uuencode? e.g. $ uuencode firstfile < firstfile >mail.txt $ uuencode secondfile < secondfile >>mail.txt $ mailx -s "2 files as attachement" [EMAIL PROTECTED] < mail.txt jan stifter
Command Line Options
HI Can anyone help me mail thru command line ? I need to mail with attachements. i.e mail a user thru command line options and where in i need to send some files as attachments in the same mail. - Admin. --- Parag Mehta<[EMAIL PROTECTED]> System Administrator. Puretech Internet Pvt. Ltd. http://puretech.co.in/ 77 Atlanta. Nariman Point. Mumbai - 400021. India. Tel: +91-22-2833158
Pop3 and logging?
Hi, Does anybody know the extra line i need to add so that all incoming pop3 connections will be logged to mail.info (I need the IP Address and username). Currently I start pop3 with the following: /usr/bin/tcpserver 0 110 /usr/sbin/qmail-popup chef.praceng.co.uk /usr/bin/checkpassword /usr/sbin/qmail-pop3d Maildir & Thanks, Chris
qmail Digest 31 Mar 2000 11:00:01 -0000 Issue 957
qmail Digest 31 Mar 2000 11:00:01 - Issue 957 Topics (messages 39283 through 39363): VERP 39283 by: Martin Renner 39287 by: Magnus Bodin 39288 by: Frank Tegtmeyer How to make user can pop their messages 39284 by: Irwan Hadi 39292 by: Irwan Hadi Problem sending mail to virtual domain 39285 by: Irwan Hadi 39294 by: Irwan Hadi Re: Still can't run qmail from init script 39286 by: Irwan Hadi 39303 by: Mikko Hänninen 39304 by: Adam McKenna 39306 by: Charles Cazabon 39308 by: Dave Sill qmail-remote processes stuck in ESTABLISHED for more than 36 hours 39289 by: Peter Hunter qmail delivering to wrong user 39290 by: G.Z. 39293 by: Dave Sill Re: same username with different domain(SMTP) 39291 by: Dave Sill can't remove 39295 by: Philip Gabbert 39296 by: Vince Vielhaber 39297 by: Timothy L. Mayo 39299 by: Soffen, Matthew Re: date of creation of POP/SMTP users 39298 by: ravivr.hss.hns.com 39300 by: Charles Cazabon Sending email to a specific MX ?? 39301 by: Dinesh Punjabi 39302 by: Dave Sill qmailanalog 39305 by: S.P. Hoeke 39309 by: Dave Sill 39310 by: S.P. Hoeke 39312 by: Dave Sill 39319 by: S.P. Hoeke 39325 by: Dave Sill 39329 by: Jon Rust 39349 by: Charles Cazabon 39351 by: Jon Rust 39352 by: Ronny Haryanto 39353 by: Jon Rust 39355 by: Ronny Haryanto Re: Problem: 552 max. message size exceeded 39307 by: Dave Sill 39318 by: Aaron L. Meehan 39336 by: Toni Mueller Re: blank lines in header? 39311 by: Dave Sill 39314 by: Derek B. Noonburg 39315 by: Derek B. Noonburg Re: adding aliases 39313 by: Dave Sill Re: Little further 39316 by: Dave Sill POP Account 39317 by: Hemanta Sharma 39321 by: Dave Sill 39330 by: Hemanta Sharma 39335 by: Dave Sill 39340 by: Hemanta Sharma Re: Virtual users and domains 39320 by: Dave Sill offtopic about installation 39322 by: Mate Wierdl how do you use a deferral host in qmail? 39323 by: Jeremy Hansen 39326 by: Dave Sill 39328 by: Jeremy Hansen 39332 by: John R. Levine 39333 by: Dave Sill 39334 by: Jeremy Hansen 39338 by: Jeremy Hansen 39339 by: Dave Sill 39342 by: Jeremy Hansen 39343 by: Dave Sill 39344 by: Jeremy Hansen 39345 by: Len Budney 39346 by: Jon Rust 39361 by: Ismal Hisham Darus 39362 by: andy huhn Logging before qmail-send?? 39324 by: smanjourides.corp.visto.com Re: qmailanalog and UNIX basics 39327 by: Len Budney Recommended IMAP D? 39331 by: Steve Craft 39337 by: Dave Sill Adding New Users HELP 39341 by: Christopher Tarricone Poor documentation of anti-spam options? 39347 by: Chris Hardie 39354 by: Jon Rust 39363 by: Scott D. Yelich RH upgrade notes 39348 by: Mate Wierdl 39350 by: Ronny Haryanto Re: Error 550 ? 39356 by: Psabs® 39357 by: Charles Cazabon tcpserver for windows 39358 by: Laszlo Vecsey qmail-lspawn # Using qmail-local to deliver messages to ~/Mailbox by default.??./Maibox 39359 by: em9652015 QmailAnalogue 39360 by: Mike Perks Administrivia: To unsubscribe from the digest, e-mail: [EMAIL PROTECTED] To subscribe to the digest, e-mail: [EMAIL PROTECTED] To bug my human owner, e-mail: [EMAIL PROTECTED] To post to the list, e-mail: [EMAIL PROTECTED] -- *This message was transferred with a trial version of CommuniGate(tm) Pro* Hi. In several places I was reading about the "VERP (Variable Envelope Return Path)" feature of qmail. Unfortunately, I didn't find any information about how to use this feature. I have an application, which is communicating directly via SMTP with qmail. As I am sending to huge lists (up to 28000 recipients) I would like to use VERP. Martin On Thu, Mar 30, 2000 at 02:23:47PM +0200, Martin Renner wrote: > *This message was transferred with a trial version of CommuniGate(tm) Pro* > > Hi. > > In several places I was reading about the "VERP (Variable Envelope > Return Path)" feature of qmail. > > Unfortunately, I didn't find any information about how to use this > feature. > > I have an application, which is communicating directly via SMTP with > qmail. As I am sending to huge lists (up to 28000 recipients) I would > like to use VERP. http://cr.yp.to/proto/verp.txt Snip from "man qmail-inject":. r Use a per-recipient VERP. qmail-inject will append each recipient address to the envelope sender of the copy going
Re: Poor documentation of anti-spam options?
-BEGIN PGP SIGNED MESSAGE- We all know the qmail documentation is perfect. -BEGIN PGP SIGNATURE- Version: 2.6.2 iQCVAwUBOORj81pGPE+AF6qBAQFChgP/ctdvtjCI4sEZSrMpjgVbunb8VX2y3Dzz kTegfYBUs6v95NLoPCyK+npe+f+FCVwD0wy3EX655ACC29HCpxeuMxaT5U5MpC8F Ywkg4h3uXZ0B+wKYc03zyQ1XLOfDmlnFUOkVhdGZvBapBBNcvdMLA7/oJA+9KNEv 2nIKUsXisrQ= =zNwX -END PGP SIGNATURE-
