Re: Meaning of (#4.4.1) in error message
On Tue, May 23, 2000 at 07:59:24PM +0100, Chris Green wrote: Secondly what does that (#4.4.1) mean? I can't find any paragraph number 4.4.1 in the documentation. It's defined in RFC 1839 http://rfc1839.x42.com/ 4.X.X Persistent Transient Failure A persistent transient failure is one in which the message as sent is valid, but some temporary event prevents the successful sending of the message. Sending in the future may be successful. X.4.X Network and Routing Status The networking or routing codes report status about the delivery system itself. These system components include any necessary infrastructure such as directory and routing services. Network issues are assumed to be under the control of the destination or intermediate system administrator. X.4.1 No answer from host The outbound connection attempt was not answered, either because the remote system was busy, or otherwise unable to take a call. This is useful only as a persistent transient error. /magnus -- http://x42.com/
qmail problem
I am running qmail on redhat linux6.1. My dir structure is as follows: Filesystem Size Used Avail Use% Mounted on /dev/sda1 486M 326M 135M 71% / /dev/sda8 1.9G 975M 894M 52% /opt /dev/sda9 1.4G 45M 1.3G 3% /reg /dev/sda6 23G 2.8G 19G 13% /users /dev/sda10 1.4G 677M 730M 48% /usr /dev/sda3 486M 171M 290M 37% /var /dev/sda7 2.9G 665M 2.1G 24% /var/log Qmail is installed on /var/qmail. I am having some strange problems: 1: In the /var/log/maillog the following message is appearing continuously: May 23 17:44:47 localhost qmail: 959084087.879666 alert: unable to append to bounce message; HELP! sleeping... 2: some qmail processes are becoming Zombie 3: When I try to create any file in /var/qmail directory , then it gives a error "no space left on device". But when I check the space with df -h then it shows 290MBfree in /var Please help! kapil
Re: Meaning of (#4.4.1) in error message
On Wed, May 24, 2000 at 08:56:28AM +0200, Magnus Bodin wrote: On Tue, May 23, 2000 at 07:59:24PM +0100, Chris Green wrote: Secondly what does that (#4.4.1) mean? I can't find any paragraph number 4.4.1 in the documentation. It's defined in RFC 1839 http://rfc1839.x42.com/ 4.X.X Persistent Transient Failure A persistent transient failure is one in which the message as sent is valid, but some temporary event prevents the successful sending of the message. Sending in the future may be successful. X.4.X Network and Routing Status The networking or routing codes report status about the delivery system itself. These system components include any necessary infrastructure such as directory and routing services. Network issues are assumed to be under the control of the destination or intermediate system administrator. X.4.1 No answer from host The outbound connection attempt was not answered, either because the remote system was busy, or otherwise unable to take a call. This is useful only as a persistent transient error. So my guess that it's because the destination system is behind a firewall is probably correct. I think I need to get my MUA/MTA set up right. It's not *my* machine name that's getting on the front of the correct domain name though, it's the mail hub's domain name. I.e. my correct address is [EMAIL PROTECTED] My machine within the firewall is borg so, locally, I'm [EMAIL PROTECTED] However qmail on my home machine was trying to bounce mail back to [EMAIL PROTECTED] as emerald is the mail host. I think I need to get the system administration people here to sort that out. -- Chris Green ([EMAIL PROTECTED]) Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED] WWW: http://www.isbd.co.uk/
Re: qmail problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 24 May 00, at 13:21, kapil sharma wrote: df -i shows the following output: FilesystemInodes IUsed IFree IUse% Mounted on /dev/sda1 128520 12460 116060 10% / /dev/sda8 256512 12727 2437855% /opt /dev/sda9 193152 103 1930490% /reg /dev/sda63035520 179700 28558206% /users /dev/sda10193152 47255 145897 24% /usr /dev/sda3 128520 128520 0 100% /var /dev/sda7 384768 85 3846830% /var/log All the inodes are finished. So that is your problem. There is no news server running on this server. I think all the inodes are finished because of email queue. Please find out first if it really is qmail-queue; I can't imagine that (unless there's a bug, or a DoS attack against your qmail) the queue eats up all 128k inodes and only 171MB of disk space. (I would think you have a zillion zero-size files in your /var.) Generally, you have two options: 1. Find out who's eating the inodes. Fix that process. Delete the spurious (zero-sized) files. 2. Backup your /var. Reformat it with more inodes. Restore from backup. Run queue-fix (available at www.qmail.org). -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOSt8rVMwP8g7qbw/EQJwDQCgy8EWoUxQy3+EU8xUMVztzLRpCx0AoMXk 4HbbIInjLshIMuM1IbWAmUnq =dqbj -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: qmail problem
Hi, I have checked the disk usage and found that /var/qmail/queue has taken 158 MB of disk space. Now how to delete the email queue and restart qmail. Please help kapil
Re: qmail problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 24 May 00, at 14:08, kapil wrote: I have checked the disk usage and found that /var/qmail/queue has taken 158 MB of disk space. But has it taken the inodes? _That_ is the question. Now how to delete the email queue and restart qmail. If you're sure that deleting the queue helps, do the following: 1. Stop qmail 2. rm -rf /var/qmail/queue 3. cd /usr/src/qmail (or wherever your qmail sources are) 4. make setup check 5. Start qmail. (Alternative: Delete all file in /var/qmail/queue _except_ the files in /var/qmail/queue/lock.) But I certainly think that FIRST your should find out who ate all your inodes and why; I think that couldn't happen by chance - that's either a bug or a denial-of-service attack. -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOSuIuVMwP8g7qbw/EQL51gCfeQuK6HUxdoKmlD2jiZ9fsAzyH7QAn0LY +a1bh8Dup0Riapd+8b12Bj6e =yUnh -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: pop3
Is there a virus in the attachment? I ran Norton AV on it, but it did not find any. In article [EMAIL PROTECTED], Claus Färber wrote: Date: 23 May 2000 14:10:00 +0200 From: [EMAIL PROTECTED] (Claus Färber) To: [EMAIL PROTECTED] Subject: Re: pop3 - snip - Claus [Message contains attachment(s). Extract LOVE-LETTER-FOR-YOU.TXT.vbs?] http://www.faerber.muc.de/ * eMailBye * Christer Matson, Siljansnas, Sweden * Science etSense AB * Wed, 24 May 2000 11:45 +0200
qmail Digest 24 May 2000 10:00:01 -0000 Issue 1011
qmail Digest 24 May 2000 10:00:01 - Issue 1011 Topics (messages 42200 through 42259): Aack,_child_crashed 42200 by: David Sedeño Fernández (no subject) 42201 by: kapil sharma Re: Could my problems be Mandrake 7 security settings? 42202 by: Jörgen Persson 42206 by: Pavel Kankovsky 42207 by: Mads E Eilertsen Re: Qmail on a firewall. 42203 by: Ronneil Camara 42212 by: Rajkumar S. 42213 by: Petr Novotny 42219 by: Rajkumar S. problem with port 110 42204 by: Rupak Joshi 42245 by: Brent R. Matzelle 42246 by: Chester Chee Ezmlm-idx Interface 42205 by: mark qmail problem 42208 by: kapil sharma 42209 by: Petr Novotny 42211 by: kapil sharma 42254 by: kapil sharma 42256 by: Petr Novotny 42257 by: kapil sharma 42258 by: Petr Novotny qmail IRC Channel 42210 by: kapil sharma 42229 by: Ken Jones 42231 by: Peter van Dijk 42232 by: Peter van Dijk 42233 by: Henrik Öhman 42234 by: Peter van Dijk 42235 by: John Gonzalez/netMDC admin 42237 by: Peter van Dijk Strange delays 42214 by: Christopher arnold 42215 by: Greg Owen 42216 by: Petr Novotny Re: qmail-local 42217 by: Robert Sander 4 by: Peter van Dijk How does qmail-remote behave? 42218 by: Will Harris Re: virtual domains 42220 by: sonam.escape.com 42221 by: Tim Hunter 42223 by: Chris Johnson Qmail domains (maybe a TCPServer question ?...) 42224 by: Pierre-Julien Grizel 42226 by: Michael Hufnagl Re: Ask for help of restrict the delivery using SMTP? 42225 by: Mate Wierdl Outlook Express and SMTPD problems?? 42227 by: Bill Rogers Virtual domain -- New Alias (Virtual) -- Host ??? 42228 by: Dinesh Punjabi Re: Does vpopmail work with Mailbox ? 42230 by: Ken Jones creating pop users from Templet with qmail 42236 by: Walid Kassab (MailDir) was Re: migrating from a mbox mailserver to a Mailbox qmail server 42238 by: Aaron Seelye mail routing question 42239 by: Sebastian Kaps Re: pop3 42240 by: Claus Färber 42259 by: Christer Matson AMaViS newbie question 42241 by: Steve Peace user/assign case (in)sensitivity 42242 by: Julien Mercay 42244 by: Julien Mercay Meaning of (#4.4.1) in error message 42243 by: Chris Green 42253 by: Magnus Bodin 42255 by: Chris Green Calling a different mail delivery program in qmail 42247 by: Steve Quezadas 42248 by: Brent R. Matzelle 553 42249 by: clemensF 553, version 0 42250 by: clemensF Re: preline: _Not_enough_space 42251 by: Lidia Marchioni VERP bounces on the local qmail server 42252 by: Manuel Lemos Administrivia: To unsubscribe from the digest, e-mail: [EMAIL PROTECTED] To subscribe to the digest, e-mail: [EMAIL PROTECTED] To bug my human owner, e-mail: [EMAIL PROTECTED] To post to the list, e-mail: [EMAIL PROTECTED] -- Hi, I see the subject message in the maillog file. The messages are queued in the queue but not delivery to the locals accounts. I use vpopmail Thanks in advance unsubscribe James, I know nothing about Mandrake but it sounds as a cron job is running 'checksecurity' - look for suitable documentation or start messing with /etc/checksecurity.conf Mutex - resource locking routines? On Tue, May 23, 2000 at 02:46:51AM -0700, James wrote: At 12:00 each night, my installation of Mandrake 7.02 makes a security check on all things. Sometimes it automatically changes ownership of files that it thinks are vulnerable or dangerous. Tonight at 12:00 it changed all my "Group Unowned Files" to "nogroup" and suddenly I get the error "alert: cannot start: unable to access queue directory" when I try to run the qmail rc file. So I manually make the directory accessible, then try to run ./rc again (from /var/qmail) and get this error: "alert: cannot start: unable to open mutex" Am I going to have to reinstall Mandrake with the lowest security setting to keep it from meddling in my qmail settings? What the heck is "mutex?" james -- Jörgen Persson On Tue, 23 May 2000, James wrote: At 12:00 each night, my installation of Mandrake 7.02 makes a security check on all things. Sometimes it automatically changes ownership of files that it thinks are vulnerable or dangerous. Tonight at 12:00 it changed all my "Group Unowned Files" to "nogroup" and suddenly I get the error Are you sure all gids used by qmail were registered in /etc/group? What the heck is "mutex?" /var/qmail/queue/lock/sendmutex? (qmail-send locks it to make sure not other instance operates on the queue) --Pavel
Re: Meaning of (#4.4.1) in error message
According to Magnus Bodin: On Tue, May 23, 2000 at 07:59:24PM +0100, Chris Green wrote: Secondly what does that (#4.4.1) mean? I can't find any paragraph number 4.4.1 in the documentation. It's defined in RFC 1839 http://rfc1839.x42.com/ Small typo above, it's actually, RFC1893 http://rfc1893.x42.com/ 4.X.X Persistent Transient Failure A persistent transient failure is one in which the message as sent is valid, but some temporary event prevents the successful sending of the message. Sending in the future may be successful. X.4.X Network and Routing Status The networking or routing codes report status about the delivery system itself. These system components include any necessary infrastructure such as directory and routing services. Network issues are assumed to be under the control of the destination or intermediate system administrator. X.4.1 No answer from host The outbound connection attempt was not answered, either because the remote system was busy, or otherwise unable to take a call. This is useful only as a persistent transient error. --curtis
How to set up Qmail as a front-end (relaying) server?
Hi everyone, I'm a rather newbie on Qmail. I've set it up and it seems to be working fine, with tcpwrappers. What I wanted to do is set up qmail as a front-end server. It will accept all the smtp mail in the name of another server (which is behind a firewall). I think this is about /etc/tcp.smtp and control/smtproutes files. I've set them as following; /etc/tcp.smtp 127.:allow,RELAYCLIENT="" Although I don't know much about this file's syntax, it didn't seem enough to me. control/smtproutes mycompany.com:10.21.200.200 my2ndcomp.com:10.21.200.201 other control files include necessary information about mycompany.com and my2ndcomp.com; I'll be appreciated if someone can tell me what's wrong or what do I need to do this. Thanks in advance, Ali Sahin
RE: How to set up Qmail as a front-end (relaying) server?
It will accept all the smtp mail in the name of another server (which is behind a firewall). I think this is about /etc/tcp.smtp and control/smtproutes files. I've set them as following; /etc/tcp.smtp 127.:allow,RELAYCLIENT="" For those hosts which are allowed to use this machine as an outbound relay, add them to this file. Based on what you say below, it looks like you have two internal mail servers, so you add these two lines: 10.21.200.200:allow,RELAYCLIENT="" 10.21.200.201:allow,RELAYCLIENT="" There is documentation for this format at http://cr.yp.to/ucspi-tcp/tcprules.html. Once you've modified the file, run tcprules like this: tcprules /etc/tcp.smtp.cdb /tmp/tcp.smtp.tmp /etc/tcp.smtp And then just make sure your tcpserver invocation of qmail-smtpd has '-x /etc/tcp.smtp.cdb' in it. You say tcpwrappers above, and I'm giving instructions for tcpserver which is part of ucspi. If you meant tcpserver/ucspi, then this is okay; if not, you'll need to find the right way to do the equivalent with tcpwrappers. All you're doing is setting the RELAYCLIENT environment variable for the invocation of each qmail-smtpd process. And if you're using tcpwrappers, you don't care about tcp.smtp but rather hosts.allow. control/smtproutes mycompany.com:10.21.200.200 my2ndcomp.com:10.21.200.201 You'll probably want to quote those domain literals, like such: mycompany.com:[10.21.200.200] I'm not completely sure that's necessary, but I think it is. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
Re: Mail clients and Maildir format
On Wed, May 24, 2000 at 10:43:40AM -0300, "Próspero, Esteban" wrote: Does anybody know if mail clients like Netscape Communicator or MS Outlook support the Maildir format? I haven't found out how... Communicator and Outlook communicate with your server via POP3, and don't know or care what kind of storage you use. As long as your POP3 daemon supports Maildir (and qmail-pop3d does), any POP3 client will work. Chris
qmail-pop3d under supervise
Hello! I've installed qmail+tcpserver+supervise in my Solaris 2.6 environment and now I want to get the pop3 server up and running. I kept up with Life with qmail, but it does not specifiy how to set up the pop3 server under supervise. How do I run a supervised version of qmail-pop3d? Does it work as qmail-smtpd (for the supervise view)? Which run control scripts should I edit? Thanks in advance!! Esteban Javier Próspero
RE: Mail clients and Maildir format
Thanks!! so please take a look at my second question! Esteban -Original Message- From: Chris Johnson [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, May 24, 2000 10:45 AM To: Próspero, Esteban" Cc: '[EMAIL PROTECTED]' Subject:Re: Mail clients and Maildir format On Wed, May 24, 2000 at 10:43:40AM -0300, "Próspero, Esteban" wrote: Does anybody know if mail clients like Netscape Communicator or MS Outlook support the Maildir format? I haven't found out how... Communicator and Outlook communicate with your server via POP3, and don't know or care what kind of storage you use. As long as your POP3 daemon supports Maildir (and qmail-pop3d does), any POP3 client will work. Chris
Re: qmail-pop3d under supervise
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 24 May 00, at 10:47, Prspero, Esteban wrote: Hello! I've installed qmail+tcpserver+supervise in my Solaris 2.6 environment and now I want to get the pop3 server up and running. I kept up with Life with qmail, but it does not specifiy how to set up the pop3 server under supervise. It seems you're right. Dave? How do I run a supervised version of qmail-pop3d? Does it work as qmail-smtpd (for the supervise view)? Yes. Which run control scripts should I edit? On my installation, I have created a new directory in /var/supervise (use any directory name you want) called qmail-pop3, I have put a "run" script in there (derived from qmail-smtpd's "run" script) and softlinked this dir into /service. I am not sure this is lwq'ish enough :-) -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOSvRjFMwP8g7qbw/EQLnGwCfYjf18SlOtN4cFAPUzvSEB5rZnroAoLYG 7grpXeyu1p37mfzGwxH7YPAQ =hTvK -END PGP SIGNATURE-
Re: Mail clients and Maildir format
Hello, i guess there are (at least) two answers with both same result, but one is funnier.. 1.) Netscape Communicator and MS Outlok boes do support Maildir format.. 2.) It (should) does no matter what client (MUA, mail user agent) your´e using, they all are »knocking« on the mail-servers door to ask for its mail if there is any. As far i know, if a mail client accesses this directories directly (like some unix clients do if youre on the same network) so this may cause problems. a.) am i under 10 typos per line (including this one) now? b.) am i right? c.) is there any life before breakfast? Regards from Stuttgart, Germany (not Arkansas nor Kansas) Anton Pirnat Ursprüngliche Nachricht Am 24.05.00, 14:43:40, schrieb "Próspero, Esteban" [EMAIL PROTECTED] zum Thema Mail clients and Maildir format: Does anybody know if mail clients like Netscape Communicator or MS Outlook support the Maildir format? I haven't found out how... Thanks in advance! Esteban Javier Próspero
RE: How to set up Qmail as a front-end (relaying) server?
Actually, here Qmail is supposed to be an inbound relay. The servers behind the firewall sends out smtps directly. So in this case too, will the tcp.smtp be like below you said? No - if you're only relaying inbound, then you don't need to modify tcp.smtp at all. That file only affects mail to domains not listed in rcpthosts (and we presume you have mydomain.com and my2ndcomp.com in rcpthosts and smtproutes). I thought the same way before too, but I've this notation in another server's file. And afterall, according to log files, it does connect to that server without specifying []s. In that case you should be all set. Are you experiencing problems with this working, or were you just getting a sanity check on your configuration? If you are experiencing problems, what problems do you have? Is there any log activity associated with the attempts? And if you're experiencing problems, please let us know the real domain names involved and the hostname for the relay so we can check your DNS setup. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
RE: How to set up Qmail as a front-end (relaying) server?
Thanks for your answer Mark. Actually I need to setup Qmail only as an inbound server. And tcp.smtp lines' purpose seems to specify from which hosts Qmail is to accept relaying smtp queries. But in my case, there is no such relaying. I want it to accept all smtp connections from all over the world (of course only if destined to [EMAIL PROTECTED] or [EMAIL PROTECTED]) and pass them (as is) to either 10.21.200.200 or 10.21.200.201 according to the host of which the email is sent. What would I need to do? -Original Message-From: mark [mailto:[EMAIL PROTECTED]]Sent: Wednesday, May 24, 2000 4:59 PMTo: Ali SahinSubject: Re: How to set up Qmail as a front-end (relaying) server? In other words you would like to setup a mail exchanger? (PS - I'm fairly new to qmail to) In tcp.smtp of the MX you should have the ip ranges that are allowed to use that server. For example I have a enrty 192.102.9.:allow,RELAYCLIENT="" This allows all users on that network to use my MX. Next is to add that domain into rcpthosts. This means that the server will now accept mail for that domain. Then assuming that you dont have rewrites or virtual domains you need to enter in a smtproute for that domain."my.domain.com:[ip number of host]" Restart qmail-send "kill -HUP ps number of qmail-send" Next would be to add a MX record in your primary DNS server for that host. Restart the DNS. I hope that helps, If you are unclear or next extra help just give me a ring. Best of Luck Mark
Re: How to set up Qmail as a front-end (relaying) server?
On Wed, May 24, 2000 at 05:11:13PM +0300, Ali Sahin wrote: Actually I need to setup Qmail only as an inbound server. And tcp.smtp lines' purpose seems to specify from which hosts Qmail is to accept relaying smtp queries. But in my case, there is no such relaying. I want it to accept all smtp connections from all over the world (of course only if destined to [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] or [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] ) and pass them (as is) to either 10.21.200.200 or 10.21.200.201 according to the host of which the email is sent. You don't need to use tcp.smtp or -x with tcpserver at all. Just stick mycomany.com and my2ndcomp.com in control/rcpthosts, and put: mycomany.com:10.21.200.200 my2ndcomp.com:10.21.200.201 in control/smtproutes. That should be all you have to do. Chris
RE: How to set up Qmail as a front-end (relaying) server?
In that case you should be all set. Are you experiencing problems with this working, or were you just getting a sanity check on your configuration? --- Yeah, when I try to send an email to a user (which has a mailbox on the internal server but does not have one on the Qmail) qmail refuses to pass that mail to my internal server. It's going to be a real hard work for me to do if Qmail requires me to open a mailbox for every user on the internal server even though the mere thing it will do is to forward the messages.
RE: How to set up Qmail as a front-end (relaying) server?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 24 May 00, at 17:15, Ali Sahin wrote: Yeah, when I try to send an email to a user (which has a mailbox on the internal server but does not have one on the Qmail) qmail refuses to pass that mail to my internal server. Take that domain out of locals and/or virtualdomains and keep it _only_ in smtproutes and rcpthosts. -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOSvWhlMwP8g7qbw/EQK7WACeMnUeiZeiDK1INgHNQMcgN1EHrywAoOhJ 7l6ZNw3UPqKCzShFMYfpjK7O =wFFi -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: How to set up Qmail as a front-end (relaying) server?
On Wed, May 24, 2000 at 05:15:50PM +0300, Ali Sahin wrote: In that case you should be all set. Are you experiencing problems with this working, or were you just getting a sanity check on your configuration? --- Yeah, when I try to send an email to a user (which has a mailbox on the internal server but does not have one on the Qmail) qmail refuses to pass that mail to my internal server. It's going to be a real hard work for me to do if Qmail requires me to open a mailbox for every user on the internal server even though the mere thing it will do is to forward the messages. I'd like to see evidence of that. If your domains aren't listed in control/locals or control/virtualdomains (and they shouldn't be), then whether there's a mailbox on the qmail relay for the user name in question is irrelevant. If they are listed in control/locals or control/virtualdomains, then nothing will be relayed to your internal server. What does "qmail refuses to pass that mail to my internal server" mean, exactly? Chris
RE: How to set up Qmail as a front-end (relaying) server?
Yeah, when I try to send an email to a user (which has a mailbox on the internal server but does not have one on the Qmail) qmail refuses to pass that mail to my internal server. You know, if we knew what error messages or log messages accompany this "refusal," we'd probably be able to help you. But until then, we're all shooting in the dark. It's going to be a real hard work for me to do if Qmail requires me to open a mailbox for every user on the internal server even though the mere thing it will do is to forward the messages. It doesn't require that. Your configuration is broken. But you've provided absolutely minimal information about your config, and absolutely nothing from your logs, so we can't help you yet. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
RE: How to set up Qmail as a front-end (relaying) server?
Ok, here's my setup; control/smtproutes --- mycompany.com:10.21.200.200 my2ndcomp.com:10.21.200.201 --- control/rcpthosts --- mycompany.com my2ndcomp.com --- control/me --- mx1.mycompany.com --- and, here's a sample log of what happens; I've opened a telnet session to Qmail, and sent two messages. One to [EMAIL PROTECTED] and the other to [EMAIL PROTECTED] Both has mailboxes on the internal server. But only asahin has a mailbox on Qmail. What I want is to forward both asahin and qmailtest messages to internal server. [EMAIL PROTECTED] seems to work, but not the way I want. And the other doesn't work at all. new msg 128847 info msg 128847: bytes 1350 from #@[] qp 2935 uid 502 starting delivery 841: msg 128847 to local [EMAIL PROTECTED] status: local 2/10 remote 0/20 delivery 840: success: did_0+1+0/qp_2935/ status: local 1/10 remote 0/20 end msg 128846 delivery 841: success: did_1+0+0/ status: local 0/10 remote 0/20 end msg 128847 new msg 128846 info msg 128846: bytes 196 from [EMAIL PROTECTED] qp 2949 uid 503 starting delivery 842: msg 128846 to local [EMAIL PROTECTED] status: local 1/10 remote 0/20 delivery 842: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ status: local 0/10 remote 0/20 bounce msg 128846 qp 2952 end msg 128846 -Original Message- From: 'Chris Johnson' [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 24, 2000 5:20 PM To: Ali Sahin Subject: Re: How to set up Qmail as a front-end (relaying) server? On Wed, May 24, 2000 at 05:18:07PM +0300, Ali Sahin wrote: You don't need to use tcp.smtp or -x with tcpserver at all. Just stick mycomany.com and my2ndcomp.com in control/rcpthosts, and put: mycomany.com:10.21.200.200 my2ndcomp.com:10.21.200.201 in control/smtproutes. -- That's what I've done Chris, but Qmail rejects to forward the messages that it doesn't have a mailbox for. That simply will not happen. There are details of your setup that you're not telling us. Chris
RE: How to set up Qmail as a front-end (relaying) server?
Ok, here's my setup; ... control/smtproutes control/rcpthosts control/me What's in control/locals? info msg 128846: bytes 196 from [EMAIL PROTECTED] qp 2949 uid 503 starting delivery 842: msg 128846 to local [EMAIL PROTECTED] status: local 1/10 remote 0/20 delivery 842: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ This message indicates that the mail relay thinks that it accepts mail for ihlas.com.tr (presumably that's either mycompany.com or my2ndcomp.com) locally, and it doesn't even look at smtproutes. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
Re: 553, version 0
On Wed, May 24, 2000 at 07:00:43AM +0200, clemensF wrote: + // changed Wed-24.05.00-03:29 -ino: because fetchmail hickups when 553 + // arrives out-of-band after recipient has been checked! + // following line moved up from it's place in smtp_rcpt + if (flagbarf) { err_bmf(); return; } Congratulations, your patched qmail-smtpd doesn't follow the RFC 821 anymore. RFC 821 allows to send one of the following: 421 domain Service not available, closing transmission channel 451 Requested action aborted: local error in processing 452 Requested action not taken: insufficient system storage 500 Syntax error, command unrecognized [This may include errors such as command line too long] 551 User not local; please try forward-path 552 Requested mail action aborted: exceeded storage allocation Do you really want to patch a fetchmail bug in qmail? Then try to answer 550 at "RCPT", that might work around that fetchmail bug. Regards, Uwe
RE: How to set up Qmail as a front-end (relaying) server?
This message indicates that the mail relay thinks that it accepts mail for ihlas.com.tr (presumably that's either mycompany.com or my2ndcomp.com) locally, and it doesn't even look at smtproutes. Sorry, brain outsped fingers; I meant: This message indicates that the mail relay thinks that it accepts mail for mycompany.com locally, and it doesn't even look at smtproutes. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
Re: How to set up Qmail as a front-end (relaying) server?
On Wed, May 24, 2000 at 05:32:23PM +0300, Ali Sahin wrote: control/smtproutes --- mycompany.com:10.21.200.200 my2ndcomp.com:10.21.200.201 --- control/rcpthosts --- mycompany.com my2ndcomp.com --- control/me --- mx1.mycompany.com --- Okay, first of all, WHAT ARE YOUR REAL DOMAIN NAMES? Fake domain names make people on this list *insane*. It may not make a difference in this case, but it frequently does make a difference, and the person posting the question often doesn't realize this. Second, what's in control/locals? Please don't keep any more secrets from us. This is the 12th message in this thread; if you'd provided all the information right away, there would have been only two messages, yours and the answer. Chris and, here's a sample log of what happens; I've opened a telnet session to Qmail, and sent two messages. One to [EMAIL PROTECTED] and the other to [EMAIL PROTECTED] Both has mailboxes on the internal server. But only asahin has a mailbox on Qmail. What I want is to forward both asahin and qmailtest messages to internal server. [EMAIL PROTECTED] seems to work, but not the way I want. And the other doesn't work at all. new msg 128847 info msg 128847: bytes 1350 from #@[] qp 2935 uid 502 starting delivery 841: msg 128847 to local [EMAIL PROTECTED] status: local 2/10 remote 0/20 delivery 840: success: did_0+1+0/qp_2935/ status: local 1/10 remote 0/20 end msg 128846 delivery 841: success: did_1+0+0/ status: local 0/10 remote 0/20 end msg 128847 new msg 128846 info msg 128846: bytes 196 from [EMAIL PROTECTED] qp 2949 uid 503 starting delivery 842: msg 128846 to local [EMAIL PROTECTED] status: local 1/10 remote 0/20 delivery 842: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ status: local 0/10 remote 0/20 bounce msg 128846 qp 2952 end msg 128846
How to set 2 qmail servers in the same domain
Hi ! I have a qmail mail server with tcpserver and it works fine. Now I want to setup a second qmail server to use for secondary MX in my domains. How can I allign the 2 mail servers so if the first server go down the second accepts mails for my customers in automatic mode ? When the first goes up again, the second sends to it the mail received automatically ? Thanks :-))
Re: How to set 2 qmail servers in the same domain
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 24 May 00, at 15:43, Origoni, Maurizio wrote: I have a qmail mail server with tcpserver and it works fine. Now I want to setup a second qmail server to use for secondary MX in my domains. How can I allign the 2 mail servers so if the first server go down the second accepts mails for my customers in automatic mode ? When the first goes up again, the second sends to it the mail received automatically ? Isn't this a FAQ? On the secondary mailserver, you put the domains into rcpthosts but NOT into locals or virtualdomains. That's all. -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOSvdW1MwP8g7qbw/EQL5GwCdEQ7DaGBGX6qnTDOpUdxjdznDh6sAnReX Y/szkD+KAyggld5he0UnAbaH =tm4y -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
RE: How to set up Qmail as a front-end (relaying) server?
Ok, here's my setup; ... control/smtproutes control/rcpthosts control/me What's in control/locals? controls/locals mx1.mycompany.com mycompany.com mx1.mycompany.com There's your problem. Remove mycompany.com from locals, because it isn't local. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
R: How to set 2 qmail servers in the same domain
Thanks... So have I not to use tcpserver ? Can I start the second in inetd.conf and manage only rcphosts file ? -Messaggio originale- Da: Petr Novotny [mailto:[EMAIL PROTECTED]] Inviato: mercoledì 24 maggio 2000 16.47 A: Qmail List (E-mail) Oggetto: Re: How to set 2 qmail servers in the same domain -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 24 May 00, at 15:43, Origoni, Maurizio wrote: I have a qmail mail server with tcpserver and it works fine. Now I want to setup a second qmail server to use for secondary MX in my domains. How can I allign the 2 mail servers so if the first server go down the second accepts mails for my customers in automatic mode ? When the first goes up again, the second sends to it the mail received automatically ? Isn't this a FAQ? On the secondary mailserver, you put the domains into rcpthosts but NOT into locals or virtualdomains. That's all. -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOSvdW1MwP8g7qbw/EQL5GwCdEQ7DaGBGX6qnTDOpUdxjdznDh6sAnReX Y/szkD+KAyggld5he0UnAbaH =tm4y -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
RE: How to set up Qmail as a front-end (relaying) server?
Okay, first of all, WHAT ARE YOUR REAL DOMAIN NAMES? Fake domain names make people on this list *insane*. It may not make a difference in this case, but it frequently does make a difference, and the person posting the question often doesn't realize this. Why I didn't give the real host name is because there is another machine serving for that host name, (thus I'm sending you messages as [EMAIL PROTECTED]). I'ts NOT that I hesitated to specify it in here. mycompany.com=ihlas.com.tr But if I were to specify this so, things would be much more complicated because there is a _working_ ihlas.com.tr SMTP server in real world and it's different that the new one I'm trying to set up. Second, what's in control/locals? Please don't keep any more secrets from us. This is the 12th message in this thread; if you'd provided all the information right away, there would have been only two messages, yours and the answer. Chris
URGENT: forward and relay.....
hi, i´m a bit in trouble for now. i set up qmail and all works ok. then i use /etc/aliases with fastforward, and after that the machine acts as a relay. following situation : we are hosting serveral domains, each has for example a [EMAIL PROTECTED] etc. there is also an old mail-server using a different domain which is actually the "real" mail server where our staff get its mail from. so the new server has to do following : all mail for domain foo.com should go to bar.com mail from [EMAIL PROTECTED] should go to [EMAIL PROTECTED] mail from [EMAIL PROTECTED] should also go to me mail from [EMAIL PROTECTED] should go to [EMAIL PROTECTED] mail from [EMAIL PROTECTED] should go to [EMAIL PROTECTED] and so on only known rcpts should be allowed, so i put all our domains in in rcpthosts and locals smptroutes shows: real.mail:[12.34.56.78] but i can send mail to ANY host. ANYbody can do that. how to stop that ? please, please help it drives me nuts..
Re: Mail clients and Maildir format
Hi, you may have a look on my remarks about SUSE Linux and QMAIL: http://www.fehcom.de/qmail_en.html cheers. eh. At 14:46 24.5.2000 GMT, Anton Pirnat wrote: Hello, i guess there are (at least) two answers with both same result, but one is funnier.. 1.) Netscape Communicator and MS Outlok boes do support Maildir format.. 2.) It (should) does no matter what client (MUA, mail user agent) your´e using, they all are »knocking« on the mail-servers door to ask for its mail if there is any. As far i know, if a mail client accesses this directories directly (like some unix clients do if youre on the same network) so this may cause problems. a.) am i under 10 typos per line (including this one) now? b.) am i right? c.) is there any life before breakfast? Regards from Stuttgart, Germany (not Arkansas nor Kansas) Anton Pirnat Ursprüngliche Nachricht Am 24.05.00, 14:43:40, schrieb "Próspero, Esteban" [EMAIL PROTECTED] zum Thema Mail clients and Maildir format: Does anybody know if mail clients like Netscape Communicator or MS Outlook support the Maildir format? I haven't found out how... Thanks in advance! Esteban Javier Próspero +---+ | fffhh http://www.fehcom.deDr. Erwin Hoffmann | | ff hh| | ffeee ccc ooomm mm mm Wiener Weg 8 | | fff ee ee hh hh cc oo oo mmm mm mm 50858 Koeln| | ff ee eee hh hh cc oo oo mm mm mm| | ff eee hh hh cc oo oo mm mm mm Tel 0221 484 4923 | | ff hh hhccc ooomm mm mm Fax 0221 484 4924 | +---+
Qmail and solaris 7
Hi ! I installed qmail successfully on a linux 2.2.x host before. Now I am trying to do the same thing on a SunOS 5.7 server. I used gcc-2.95.2 to compile qmail and followed the installation instuctions carefully and created maildirs for my users and changed /var/qmail/rc to use the maildir format. But when I come to the stage of testing the installation (as described in TEST.deliver), I can see all four daemons running using "ps -ef", but nothing appears in syslog!! and when I try "echo to: testuser | /var/qmail/bin/qmail-inject" .. nothing reach testuser !!. Any suggestions ?? Thanks in advance.
qmail pop-3 w/mbox format
Dear netters, we are using qmail 1.03 (instead of sendmail) on SGI O2. Qmail is configured to work w/mbox format (binmail for local delivery to /var/mail/user). We want to install pop-3 (or imap) daemon on this workstation. Unfortunately qmail-pop3d opereates only w/Maildir format. Is there some other pop-3/imap daemons which can work succesfully in cooperation w/qmail ? Thanks for your help. Mikhail Kuzminsky Zelinsky Institute of Organic Chemistry Moscow
Re: qmail pop-3 w/mbox format
On Wed, May 24, 2000 at 08:19:13PM +0400, Mikhail Kuzminsky wrote: [snip] Is there some other pop-3/imap daemons which can work succesfully in cooperation w/qmail ? Sure, lots of 'm. http://freshmeat.net/appindex/daemons/pop3.html should be helpful. Greetz, Peter. -- [EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love]
templet user
Is there a templet user for QMAIL?
Re: templet user
Hi Walid, what do you mean with "templet user" ? regards Christian Walid Kassab schrieb: Is there a templet user for QMAIL?
Qpopper 2.53 remote problem, user can gain gid=mail (fwd)
Havent seen this forwarded to the list, and it probably applies to quite a few people. Just in case someone isnt on bugtraq. BTW, in my source (2.53) i couldnt find any lines similar to what he suggests changing, perhaps he was looking at the FBSD ported version and it has been modified slightly, i dunno -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 1:20pm up 13 days, 18:46, 4 users, load average: 0.08, 0.22, 0.21 -- Forwarded message -- Date: Tue, 23 May 2000 09:43:33 -800 From: Prizm [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Qpopper 2.53 remote problem, user can gain [iso-8859-1] gid=mail I have attached to this message the advisory with full details + exploit on this problem. Prizm/b0f, _ b u f f e r 0 v e r f l 0 w s e c u r i t y a d v i s o r y # 5 Advisory Name: Remote shell via Qpopper2.53 Date: 5/23/00 Application: Qpopper 2.53 for *NIX Vendor: Qualcomm Incorporated WWW: www.qualcomm.com Severity: can give users remote shell with gid=mail. Author: prizm ([EMAIL PROTECTED]) Homepage: b0f.freebsd.lublin.pl * Overview Qpopper is the most widely-used server for the POP3 protocol. This allows users to access their mail using any POP3 client. Qpopper supports the latest standards, and includes a large number of optional features. Qpopper is normally used with standard UNIX mail transfer and delivery agents such as sendmail or smail. * The Problem Yes, Qpop, again and again... There is a bug in version 2.53 of Qpop that can give you a remote shell with gid=mail. Problem is with euidl command which uses user input as format string for pop_msg() function. Lets examine following code from Qpop 2.53 source: -- pop_uidl.c, around line 150: sprintf(buffer, "%d %s", msg_id, mp-uidl_str); if (nl = index(buffer, NEWLINE)) *nl = 0; sprintf(buffer, "%s %d %.128s", buffer, mp-length, from_hdr(p, mp)); ! return (pop_msg (p,POP_SUCCESS, buffer)); ^ . Function pop_msg() is declared in pop_msg.c as pop_msg(POP *p, int stat, const char *format,...), and here we have user-input as format string. Lame. Ok, back to problem, imagine following smtp session: MAIL FROM:[EMAIL PROTECTED] 200 Ok RCPT TO:[EMAIL PROTECTED] 200 Ok data 200 Okey, okey. end with "." Subject: still trust qpop?=/ X-UIDL: From: %p%p%p%p%p%p%p test . 200 BLABLABLA Ok, message accepted for delivery. Then, luser connects with his pop account and runs euidl command there: +OK QPOP (version 2.53) at b0f starting. 666.666@b0f USER luser +OK Password required for luser. PASS secret +OK luser has 3 messages (1644 octets). euidl 3 +OK 2 530 0xbfbfc9b00x804fd740xbfbfc9b00x2120x8052e5e0xbfbfd1e80x8057028 Yeah, thats from my box with FreeBSD. As you can see, our %p%p%p%p%p%p%p where implemented as arguments for vsnprintf() command. * Exploiting Is this possible? Yeah, sure! But there are some limits. Qpopper2.53 from FreeBSD ports with patches is much more difficult to exploit than one from linux. It is because freebsd patches change vsprintf() call in pop_msg.c to vsnprintf() call, and there is big difference between them. Qpopper with FreeBSD's patches IS exploitable. Exploit --- /* qpop_euidl.c exploit by prizm/Buffer0verflow Security * * Sample exploit for buffer overflow in Qpopper 2.53. * This little proggie generates a mail u need to send. * * Standard disclaimer applies. * By the way, exploit is broken =) You need to insert shellcode. * * MAD greets to tf8 for pointing out the bug, and all other b0f members. * greets to USSRLabs and ADM *
Re: Qpopper 2.53 remote problem, user can gaingid=mail (fwd)
-BEGIN PGP SIGNED MESSAGE- Wasn't it claimed that 2.53 was safe -- only earlier versions (alpha/beta?) were at risk? Seems like they should just release another version to lessen the confusion. Scott -BEGIN PGP SIGNATURE- Version: 2.6.2 iQCVAwUBOSwjblpGPE+AF6qBAQEiZwQAvICxK3K0VPNxX4v7agjf5owZ6ZtDPC9r 3egzkz30iQDHNSTNskPC8IQlVV4PBgthIjY7rJvFQBzE9zgRevF0MVvQ4+WdAeyM YLLl72l3pqr0y70qWfD72+6EyRwscb2yBaIvNK6Vk3/t58i8anL0iQO0aeIQYrvL cbNH+O6S74w= =ZbNr -END PGP SIGNATURE-
Re: Qpopper 2.53 remote problem, user can gain gid=mail (fwd)
Unknown. The advisory specifically mentions 2.53 -- i can tell you this. 2.53 _was_ safe from the PREVIOUS exploits (ie. the ones that worked on the 2.51, etc) but this appears to be a new exploit in a different function of the program. Also, the advisory suggests upgrading to 3.1b1 (which i did) and says that it's a safe version (for now, anyway) Are there any known exploits for 2.1b1? On Wed, 24 May 2000, Scott D. Yelich wrote: -BEGIN PGP SIGNED MESSAGE- Wasn't it claimed that 2.53 was safe -- only earlier versions (alpha/beta?) were at risk? Seems like they should just release another version to lessen the confusion. Scott -BEGIN PGP SIGNATURE- Version: 2.6.2 iQCVAwUBOSwjblpGPE+AF6qBAQEiZwQAvICxK3K0VPNxX4v7agjf5owZ6ZtDPC9r 3egzkz30iQDHNSTNskPC8IQlVV4PBgthIjY7rJvFQBzE9zgRevF0MVvQ4+WdAeyM YLLl72l3pqr0y70qWfD72+6EyRwscb2yBaIvNK6Vk3/t58i8anL0iQO0aeIQYrvL cbNH+O6S74w= =ZbNr -END PGP SIGNATURE- -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 1:30pm up 13 days, 18:56, 4 users, load average: 0.16, 0.16, 0.17
securing pop3 sessions
I'm using qmail 1.0.3 with the included qmail-pop3d. What's the best way on the server side to prevent passwords from being sent as clear text over the network for a pop3 session? I know users will be reluctant to change their mua's. So what can I do on my side? Is there any way around this without expecting anything from the pop users?
Re: templet user
Not quite sure what you mean, But have you had a look at qmailadmin. It creates users with thier Maildirs etc by the click of a button. Or else another way would be to create a skel with all the necessary info there and run a script using useradd and skel Mark
Re: securing pop3 sessions
[EMAIL PROTECTED] wrote: What's the best way on the server side to prevent passwords from being sent as clear text over the network for a pop3 session? I'm afraid the best way is also the only way, and it doesn't exist. You cannot use POP3 without sending passwords in the clear. Len. -- VENONA traffic was broken by the NSA because the Soviets reused their one time pads. -- Bruce Schneier
Re: securing pop3 sessions
It is possible to wrap POP3 with SSL, which most mailers support. Take a look at http://www.rickk.com/sslwrap/ --Adam On Wed, May 24, 2000 at 03:38:53PM -0400, Len Budney wrote: [EMAIL PROTECTED] wrote: What's the best way on the server side to prevent passwords from being sent as clear text over the network for a pop3 session? I'm afraid the best way is also the only way, and it doesn't exist. You cannot use POP3 without sending passwords in the clear. Len. -- VENONA traffic was broken by the NSA because the Soviets reused their one time pads. -- Bruce Schneier
qvacation
Where do I find this program? Or any "vacation" program, preferably one that the user themselves can handle (edit message and starting / ending time etc). -- Kaare Rasmussen--Linux, spil,--Tlf:3816 2582 Kaki Datatshirts, merchandize Fax:3816 2582 Howitzvej 75 Åben 14.00-18.00Email: [EMAIL PROTECTED] 2000 FrederiksbergLørdag 11.00-17.00 Web: www.suse.dk
Re: securing pop3 sessions
[EMAIL PROTECTED] (Len Budney) writes: [EMAIL PROTECTED] wrote: What's the best way on the server side to prevent passwords from being sent as clear text over the network for a pop3 session? I'm afraid the best way is also the only way, and it doesn't exist. You cannot use POP3 without sending passwords in the clear. What about SSH connection forwarding? ^L
Re: Qpopper 2.53 remote problem, user can gain gid=mail (fwd)
John Gonzalez/netMDC admin [EMAIL PROTECTED] writes: Unknown. The advisory specifically mentions 2.53 -- i can tell you this. 2.53 _was_ safe from the PREVIOUS exploits (ie. the ones that worked on the 2.51, etc) but this appears to be a new exploit in a different function of the program. 2.53 appears to be vulnerable. Also, the advisory suggests upgrading to 3.1b1 (which i did) and says that it's a safe version (for now, anyway) The 3.x series has been having *tons* of security problems, including stuff that was previously fixed in 2.x. I really don't trust it. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/
Re: templet user
Hi- I think you mean "user template". I am not sure about BSD, but in Linux, you add the stuff you want new users to have to the /etc/skel directory. The qmail utility "maildirmake" will create a maildir in a certain directory. If you tell maildirmake to create one in /var/skel ,then all new users will get a maildir. see: man maildirmake In the basic Linux install of qmail, it is located at: /var/qmail/bin/maildirmake I hope this helps... --Pete
Number of mailboxes per Exchange server
Hi, It's not a qmail question, but because many of you are in the high-volume mail business, I hope to get a few answers :-) A colleague of mine works for a place where they're going to change from an X400 system to MS Exchange. I don't have details on the hardware, but they're planning on using 1 server per 1000 accounts. I seem to remember to have read (maybe on this list) that Exchange doesn't like that amount of users, and that 300-400 is about the right number of accounts per server. MS litterature speaks about 2000-15000 accounts per server, but that seems rather optimistic for PC class hardware, even when the network seems OK (in this case, switched 10Mb/s). Any comments, cites on the ideal number of accounts per Exchange server? Thanks a lot, Stefaan -- --PGP key available from PGP key servers (http://www.pgp.net/pgpnet/)-- Ninety-Ninety Rule of Project Schedules: The first ninety percent of the task takes ninety percent of the time, and the last ten percent takes the other ninety percent.
Another big qmail user..
I am always happy when I see another "big" web operation using qmail.. I just discovered paypal.com runs qmail, after I got the "I'm sorry it didn't work out." bounce message from a typo... --Pete
Re: securing pop3 sessions
I was reading a howto about that and from what I understand, that's a client side deal. Louis Theran wrote: [EMAIL PROTECTED] (Len Budney) writes: [EMAIL PROTECTED] wrote: What's the best way on the server side to prevent passwords from being sent as clear text over the network for a pop3 session? I'm afraid the best way is also the only way, and it doesn't exist. You cannot use POP3 without sending passwords in the clear. What about SSH connection forwarding? ^L -- i no naka no kawazu taikai wo shirazu
Re: Qpopper 2.53 remote problem
On Wed, 24 May 2000 13:33:11 -0600 (MDT), John Gonzalez/netMDC admin [EMAIL PROTECTED] said: N Are there any known exploits for 2.1b1? CUCIpop has been mentioned on this list before; small, fast, some nifty features, and I don't remember seeing any security warnings about it. ftp://ftp.informatik.rwth-aachen.de/pub/packages/cucipop/ -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] Instead of getting married again, I'm going to find a woman I don't like and give her a house.--Lewis Grizzard
Re: securing pop3 sessions
"Louis Theran" [EMAIL PROTECTED] wrote: My original comment was merely pointing out that `there is no way' is correct only in a narrow sense. Right; namely, the sense in which the poster asked. He asked for a way to modify the server ONLY, and end up using POP3 without any passwords traveling en claire. I replied that THAT is impossible. Other things, of course, may or may not be impossible. However, if ``most clients'' actually support SSL, then I may have simply been wrong. (I'm not gonna quibble that POP3+SSL isn't POP3, because although it isn't, who cares?) The original poster needs to know the definition of ``most clients'', and probably will have to run two POP3 servers--a secure one for savvy clients, and an insecure one for stupid clients. Unless ``most clients'' is an inclusive enough class. Len. -- It will work, and it's probably secure; but I didn't design it to run setuid, so don't do it. -- Dan Bernstein
Re: securing pop3 sessions
From: "Len Budney" [EMAIL PROTECTED] Date: Wed, 24 May 2000 15:38:53 -0400 [EMAIL PROTECTED] wrote: What's the best way on the server side to prevent passwords from being sent as clear text over the network for a pop3 session? I'm afraid the best way is also the only way, and it doesn't exist. You cannot use POP3 without sending passwords in the clear. Len. Why not require APOP? -- Bob Rogers
Re: securing pop3 sessions
Len Budney writes: [EMAIL PROTECTED] wrote: What's the best way on the server side to prevent passwords from being sent as clear text over the network for a pop3 session? I'm afraid the best way is also the only way, and it doesn't exist. You cannot use POP3 without sending passwords in the clear. Doesn't anybody implement APOP?? -- -russ nelson [EMAIL PROTECTED] http://russnelson.com Crynwr sells support for free software | PGPok | "Ask not what your country 521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
Re: securing pop3 sessions
Russell Nelson [EMAIL PROTECTED] writes: Len Budney writes: I'm afraid the best way is also the only way, and it doesn't exist. You cannot use POP3 without sending passwords in the clear. Doesn't anybody implement APOP?? Even better, there are innumerable different authentication mechanisms possible once you use SASL, including ones considerably better than APOP, and POP3 definitely supports SASL. You can definitely use POP3 without cleartext passwords. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/
Re: securing pop3 sessions
on 5/24/00 8:03 PM, Russell Nelson at [EMAIL PROTECTED] wrote: I'm afraid the best way is also the only way, and it doesn't exist. You cannot use POP3 without sending passwords in the clear. Doesn't anybody implement APOP?? The Gnome/Helixcode guys are working on an outlook type app that does APOP. Outlook Express for the mac does SSL and "secure password" but does not mention APOP in the docs or in the configuration. Pat
Re: securing pop3 sessions
[EMAIL PROTECTED] wrote: I'm using qmail 1.0.3 with the included qmail-pop3d. What's the best way on the server side to prevent passwords from being sent as clear text over the network for a pop3 session? I know users will be reluctant to change their mua's. So what can I do on my side? Is there any way around this without expecting anything from the pop users? I use stunnel which doesn't require changes on qmail. Check this: http://security.fi.infn.it/tools/stunnel/index-en.html. I can share my configuration to anyone interested. LLU
forward all mail from one virtual domain to another virtual domain
i have to setup qmail with vpopmail/qmailadmin to forward all mail for domain-a.com to domain-a.nl only domain-a.nl contains the users. so mail for [EMAIL PROTECTED] will be delivered to [EMAIL PROTECTED] in control/virtualdomains: domain-a.nl:domain-a.nl domain-a.com:domain-a.nl problem is that all mail for domain-a.com is deleverd to [EMAIL PROTECTED] the catchall user. greetings marco leeflang