Re: ORBS helps hackers to break into srevers

[Piotr Kasztelowicz]

On Mon, 20 Nov 2000, OK 2 NET - André Paulsberg wrote:

> This is NOT true, and you are way off mark.
> 
> 1. There is no official support of ORBS to my knowledge from QMAIL and its authors,
>not in the way you are implying in your posting to this list.
> 
> 2. Sendmail and postfix and ALL other mailprograms/MTA's that support RBL-type 
>blocking,
>will automaticly support ORBS and any other lists like it.

OK, you are right, I'm sorry

Piotr
---
Piotr Kasztelowicz <[EMAIL PROTECTED]>
[http://www.am.torun.pl/~pekasz]

Re: Host name not found

[markd]

On Tue, Nov 21, 2000 at 12:42:13PM +0530, Kiran wrote:
 
> The following are the files present in the /var/qmail/control directory and their 
>contents:
> 
> concurrencyincoming:20
Bogus file. concurrencylocal and concurrencyremote are the real files.
concurrencyincoming is some invention of [EMAIL PROTECTED]

> defaultdelivery  :./Mailbox
Bogus file. There is no reference to this in qmail. It's yet another
invention of [EMAIL PROTECTED]

> defaultdomain  :lists.dom1.com
> locals  :lists.dom1.com
> me  :lists.dom1.com
> moretcpthosts  :lists.dom2.com

Typo. You mean either rcpthosts or morercpthosts, but not (sic) moretcpthosts

> plusdomain  :lists.dom2.com
> rcpthosts :lists.dom1.com
> lists.dom2.com
> virtualdomains  :lists.dom2.com:username

Wow Kiran. You went to a lot of trouble to retype that didn't you? All you've
done is to waste a lot of your time and a lot of ours.

Why not take the easy path and run /var/qmail/bin/qmail-showctl and
cut-and-paste the output to an email for this list? No that would be too
useful and too simple.

If you feel it's important to hide your domain then buy commercial
support and don't bug this list. If you want free support, give us
real data, not the adulterated junk you posted above.

Sorry for being so harsh, but it's tiresome to see so many people
spend so much time hiding their real details (why, do they have
an ego problem?) This makes it much harder for the list to
understand the real situation. If you make it hard for the list,
you are unlikely to get a useful response. If you make it easy
for the list by providing real, unadulterated data, then you are
likely to find a response that solves your problem. Your call.


Regards.

Re: Host name not found

[Alex Pennace]

On Tue, Nov 21, 2000 at 12:41:51PM +0530, Kiran wrote:
> Hi,
> 
> I set up my qmail 1.03 on Red hat Linux 6.1 for lists.dom1.com. I am able to send 
>and receive mails for this domain. 
> But when I tried to setup a 2nd domain lists.dom2.com and try sending a mail to 
>lists.dom2.com, i get an error - 
> 
> Connecting to lists.dom2.com.dom2.com. via esmtp...
> Host unknown (Name server: lists.dom2.com.dom2.com.: host not found)

I suspect that the MX record for "lists.dom2.com" is messed up in the
BIND zonefile, though I can't perform an MX lookup from here because
you helpfully provided bogus domain names.

 PGP signature

Host name not found

[Kiran]

Hi,
 
I set up my qmail 1.03 on Red hat Linux 6.1 for 
lists.dom1.com. I am able to send and receive mails for this domain. 

But when I tried to setup a 2nd domain 
lists.dom2.com and try sending a mail to lists.dom2.com, i get an error - 

 
Connecting to lists.dom2.com.dom2.com. via 
esmtp...
Host unknown (Name server: 
lists.dom2.com.dom2.com.: host not found)
 
Both dom1.com and dom2.com are there in the 
rcpthosts file. I have tried to keep dom2.com in the virtualdomain file but 
still the same error occurs. The MX records point to the right box, as it 
connects to lists.dom2.com, but it then gives a host not found error. I am 
obviously missing something out here. What could it be?
 
The following are the files present in the 
/var/qmail/control directory and their contents:
 
concurrencyincoming    
        :    
20defaultdelivery  :    
./Mailboxdefaultdomain  :    
lists.dom1.comlocals  
:    
lists.dom1.comme  :    
lists.dom1.commoretcpthosts  
:    
lists.dom2.complusdomain  :    
lists.dom2.comrcpthosts :    
lists.dom1.com   
 
lists.dom2.comvirtualdomains  :    
lists.dom2.com:username
 
 
Thanks in Advance

Re: Best IMAP or Maildir ??

[Ben Beuchler]

On Tue, Nov 21, 2000 at 04:46:59PM +, Dennis Kavadas wrote:

> Just wanted to know, from users experience, the best/suggested 
> IMAP server to use with QMail, I need it to be bullet proof (what else 
> :))

I'm very happy with Courier-IMAP.

Ben

-- 
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground   www.bitstream.net

Best IMAP or Maildir ??

[Dennis Kavadas]

Hi all...

Another question.

Just wanted to know, from users experience, the best/suggested 
IMAP server to use with QMail, I need it to be bullet proof (what else 
:))

Any suggestions appreciated.

Cheers
Dennis

Dennis Kavadas
Network Support Officer
University of New South Wales
Cornea Contact Lens Research Unit
Level 4, Gate 14 Barker Street
Kensington NSW 2052
Ph: (02) 9385 7448

Re: secrets and lies

[Nathan J. Mehl]

([EMAIL PROTECTED] snipped due to overwhelming qmail-centrism)

In the immortal words of Adam McKenna ([EMAIL PROTECTED]):
> 
> You don't, but others do.  For instance, I can distribute a package that
> contains pristine qmail source and patches, and include a script which 
> applies the patches, changes conf-home, and compiles and installs qmail.  
> According to dist.html, that would be fine.  But what if Dan found out 
> someone was doing this and got angry?  Maybe he'd think about changing 
> dist.html.  After he changed it, could I then continue distributing this 
> package without fear of being sued?

IANAL, but my feeling is that the documents in question pretty
unambiguously lead to the conclusion that you'd be SOL in that case,
and I would further suspect that Dan keeps the only notices about
qmail's distribution terms in a centralized place to leave himself the
option of refining the terms were such a case to arise.

As he wrote the code, this is unquestionably his right.

As I peronally could care less about the alleged moral tonic of "Free"
or "Open Source" software and my needs are satisfied by qmail's
default configuration, this isn't really an issue for me personally.
People with personal or business needs for such things should probably
consider the MTAs which explicitly set such terms, rather than hoping
that qmail might one day satisfy them.  Based on past experience, it's
not likely to.

<[EMAIL PROTECTED]>
 Dear Future Employer: Who's your daddy? Who's your daddy? I think
we know. Thanks! $100,000 a year, I'll be there on monday, please.
  -chelleMarie

Re: databytes option for local mail delivery ?

[markd]

On Tue, Nov 21, 2000 at 02:19:21PM +, Dennis Kavadas wrote:
> Hi all...
> 
> I'm aware of the databytes options for remote SMTP... anyone 
> know if there is an option to also set a databytes size for "LOCAL" 
> mail delivery ?

There isn't one. The simplest strategy is to use quotas if you can.


Regards.

Re: another problem

[Alex Pennace]

On Mon, Nov 20, 2000 at 12:28:55PM -0800, Travis Turner wrote:
> This is another problem that I am getting.  Again if
> you could send your response to my address I would
> appreciate it. 
> Thanks Travis
> 
> 
> Hi. This is the qmail-send program at
> mail.appliedi.com.
> I tried to deliver a bounce message to this address,
> but the bounce bounced!
> 
> 
> <[EMAIL PROTECTED]>:
> 63.145.215.13 failed after I sent the message.
> Remote host said: 554 too many hops, this message is
> looping (#5.4.6)

It looks like your control files don't list appliedi.com as a local
domain (either through me, locals or virtualdomains) and you have
created a mail loop for appliedi.com with smtproutes. What is the
output of qmail-showctl?

 PGP signature

Re: return receipts

[Andy Bradford]

Thus said "David L. Nicol" on Mon, 20 Nov 2000 20:12:46 CST:

> What about the "notification on delivery" stuff -- is that not
> an MTA feature?  Is it deprecated?  Rather it would be a feature
> of the MDA, has anyone added it to qmail-local?

You mean something like what is covered in "man qreceipt" ?  It depends 
on what the user is expecting I guess...  If it is
Disposition-Notification-To then it has nothing to do with the MTA, 
however, if it is Notice-Requested-Upon-Delivery-To then that is 
covered...

Andy
-- 
[---[system uptime]]
  8:24pm  up 18 days, 22:43,  4 users,  load average: 1.11, 1.11, 1.04

databytes option for local mail delivery ?

[Dennis Kavadas]

Hi all...

I'm aware of the databytes options for remote SMTP... anyone 
know if there is an option to also set a databytes size for "LOCAL" 
mail delivery ?

Cheers
Dennis

Dennis Kavadas
Network Support Officer
University of New South Wales
Cornea Contact Lens Research Unit
Level 4, Gate 14 Barker Street
Kensington NSW 2052
Ph: (02) 9385 7448

Re: return receipts

[David L. Nicol]

Gerry Boudreaux wrote:
> 
> This is a MUA, not a MTA issue...
> 
> If the MUA honors the receipt request then the MTA will carry it.
> 
> Hope this helps
> 
> Gerry


What about the "notification on delivery" stuff -- is that not
an MTA feature?  Is it deprecated?  Rather it would be a feature
of the MDA, has anyone added it to qmail-local?




-- 
   David Nicol 816.235.1187 [EMAIL PROTECTED]
"I must report that I am in the fortunate position of having logged 
and categorized my nightmares over the past 37 years."
   -- Bob Dehnhardt

Re: SMTP on a port other than 25

[Ricardo Cerqueira]

On Mon, Nov 20, 2000 at 03:14:43PM -0500, Rob Hines Jr. wrote:

[ a lot of irrelevant stuff ]

Which part of "not writing 0, writing number of port _and_ smtp" didn't you understand?
Let me translate: It sounds like he wrote

"tcpserver -v -H -R -whateveroptions 25 smtp $QMAIL/qmail-smtpd"

Can you see the error NOW?

RC

P.S. - Here's the mail snippet once again. Try to locate yourself.

> > > without to write in command this '0' writting only nummber of port
> > > and 'smtp'
> >

-- 
+---
| Ricardo Cerqueira  
| PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 DB 28 DE 03 42 
| Novis  -  Engenharia ISP / Rede Técnica 
| Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal
| Tel: +351 2 1010  - Fax: +351 2 1010 4459

 PGP signature

Re: run file suddenly disappear!!

[Mate Wierdl]

On Mon, Nov 20, 2000 at 01:52:21PM -0500, Paul Jarc wrote:
> Mate Wierdl <[EMAIL PROTECTED]> writes:
> > On Mon, Nov 20, 2000 at 01:58:13PM +0800, Eric Yu wrote:
> > > the log directory for qmail-smtpd is /var/log/qmail/smtpd
> > 
> > Yes, but the logdir for qmail-send is /var/log/qmail !!
> 
> But this should not cause problems.  multilog (running in
> /var/log/qmail) won't notice or touch any file named "smtpd".

But *could* cause problems: what if neither directory exists, and
qmail-smtpd would start before qmail-send (remember that svscan does
not start services in any predetermined order).  This is why I asked
about the permissions on these directories.

It certainly does not explain the disappearing run file.  I'd like to
see an output that would show this:

Show me the run file in question with `ls -l' , then restart/reboot,
whatever, then run ls -l again.

Mate

Re: still having problems

[Chris Johnson]

On Mon, Nov 20, 2000 at 03:19:17PM -0800, Travis Turner wrote:
> At 12:46 PM 11/20/2000 -0500, you wrote:
> I have followed the faq but I am still getting errors
> upon trying to telnet to the localhost using
> tcpserver.  What I did was
> 1. Created a file under /var/qmail called tcpserver
> with the start up script described in the FAQ.
> 2. Created links in /etc/rc.d/rc3.d - rc5.d to point
> to the tcpserver.
> 3. created the tcprules cdb
> 4. rebooted.  Still no joy.  Here are the two scripts
> that I made.
> 
> /usr/local/bin/tcpserver -v -u 502 -g 501 -x
> /etc/tcp.smtp.cdb 0 smtp
> /var/qmail/bin/qmail-smtpd 2>&1 |
> /var/qmail/bin/splogger smtpd 3 &

Is this all on one line? It has to be, or you need to continue your lines with
a '\' .

> a.b.c.:allow,RELAYCLIENT=""
> 127.:allow,RELAYCLIENT=""
> a.b.c.d:allow,RELAYCLIENT=""
> a.b.c.d:allow,RELAYCLIENT=""
> 127.0.0.1:allow,RELAYCLIENT=""

a.b.c, a.b.c.d, etc. were supposed to be examples; you're supposed to use real
IP addresses. Does your file really say this?

Chris

still having problems

[Travis Turner]

At 12:46 PM 11/20/2000 -0500, you wrote:
I have followed the faq but I am still getting errors
upon trying to telnet to the localhost using
tcpserver.  What I did was
1. Created a file under /var/qmail called tcpserver
with the start up script described in the FAQ.
2. Created links in /etc/rc.d/rc3.d - rc5.d to point
to the tcpserver.
3. created the tcprules cdb
4. rebooted.  Still no joy.  Here are the two scripts
that I made.

/usr/local/bin/tcpserver -v -u 502 -g 501 -x
/etc/tcp.smtp.cdb 0 smtp
/var/qmail/bin/qmail-smtpd 2>&1 |
/var/qmail/bin/splogger smtpd 3 &

on this one I have spaces between everything.  Do i
need some tabs?

a.b.c.:allow,RELAYCLIENT=""
127.:allow,RELAYCLIENT=""
a.b.c.d:allow,RELAYCLIENT=""
a.b.c.d:allow,RELAYCLIENT=""
127.0.0.1:allow,RELAYCLIENT=""

I still cannot connect to port 25.  If I uncomment the
lines in inetd.conf it comes right up after giving a
-HUP to inetd.

Thanks for the suggestions.

Regards,

Travis
On Mon, Nov 20, 2000 at 10:26:41AM -0700, Travis
Turner wrote:
> What is happening to my server any clues.
> 
> Nov 19 13:53:49 mail inetd[516]: smtp/tcp server
failing (looping or being 
> flooded$
> Nov 19 14:04:09 mail inetd[516]: smtp/tcp server
failing (looping or being 
> flooded$
[snip]

http://cr.yp.to/qmail/faq/servers.html#tcpserver-smtpd



__
Do You Yahoo!?
Yahoo! Calendar - Get organized for the holidays!
http://calendar.yahoo.com/

Re: secrets and lies

[Adam McKenna]

On Mon, Nov 20, 2000 at 04:21:51PM -0500, Paul Jarc wrote:
> Adam McKenna <[EMAIL PROTECTED]> writes:
> > Maybe he'd think about changing dist.html.  After he changed it,
> > could I then continue distributing this package without fear of
> > being sued?
> 
> If the new dist.html said no, then it would seem clear that you
> couldn't.  This is not an ambiguity in the current or potential future
> dist.html, but I think I see your point now: you want to know what you
> will *always* be allowed to do with qmail, not just what you are
> allowed to do today.  (Right?)

Allowing someone to download and use a piece of software under certain terms, 
and then changing the terms after that person has made an investment of 
time/money in order to use that software is not acceptable.

All I'm saying is that I'd like the redistribution terms/terms of use to come 
with the software.  That way I don't have to be paranoidically checking
dist.html every day to make sure Dan hasn't changed the terms.

--Adam

-- 
Adam McKenna <[EMAIL PROTECTED]> | "No matter how much it changes, 
http://flounder.net/publickey.html   |  technology's just a bunch of wires 
GPG: 17A4 11F7 5E7E C2E7 08AA|  connected to a bunch of other wires."
 38B0 05D0 8BF7 2C6D 110A|  Joe Rogan, _NewsRadio_
  5:37pm  up 163 days, 15:53, 11 users,  load average: 0.23, 0.14, 0.05

RE: secrets and lies

[Jamin Collins]

I may be missing some of the point here, but the way I see it, there is a
distinct desire to have a license provided with the software indicating what
is and isn't allowed.  This is a fairly normal practice in the software
industry (open and closed source alike).  

IMHO, the license included with the software serves as a static marker of
sorts.  While future versions of the license may change and be included with
future versions of the software, they don't apply to previous versions of
the software that where shipped with another license.

It is this peace of mind that I too would like to see.  I'm in no way
attempting to take away the author's right to change a license for their
software.  However, if I've accepted one license on a piece of software
because it meets my needs and I can deal with any requirements of the
license, I would like to know that the license is not going to change.  This
is not too much to ask.

If the author then wants to put a web page up with the most current version
of the license, great.  However, I think there are many others like myself
out there, that would like to see a copy of the license (as it pertains to
the software at the time the software was released) included with the
software.

Note:
If anyone out there knows of a company that successfully changed their
license for software and made those changes effective retroactively, I would
like to know.

Jamin W. Collins

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 20, 2000 3:22 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: secrets and lies


Adam McKenna <[EMAIL PROTECTED]> writes:
> Maybe he'd think about changing dist.html.  After he changed it,
> could I then continue distributing this package without fear of
> being sued?

If the new dist.html said no, then it would seem clear that you
couldn't.  This is not an ambiguity in the current or potential future
dist.html, but I think I see your point now: you want to know what you
will *always* be allowed to do with qmail, not just what you are
allowed to do today.  (Right?)

Well, barring future changes in copyright law (which could potentially
invalidate *any* statement we might make today), you will always be
allowed to patch, compile, back up, and run qmail.  You will always be
allowed to distribute your patches, since you hold copyright on them
(I think).  Additionally, you can redistribute vanilla qmail today.
You do not have the guarantee that you will always be allowed to
redistribute qmail, but this is not ambiguous - it's clearly, if
implicitly, unspecified.  If you agree with this but call it
"ambiguous" instead of "unspecified", then I guess we'll just have to
be more careful how we use such words to avoid confusion.


paul

Re: Information

[Timothy Legant]

On Wed, Nov 15, 2000 at 11:33:22AM -0200, Cleiton Luiz Siqueira wrote:
> Hi all,
> 
> I just started using qmail 1.03 a week ago too, I have had some

Welcome!

> problems with it, and I've not found in the FAQ the solutions for
> these problems.

[snip authentication stuff...]

> My problems are with SMTP. I installed the "qmail-1_03.tgz"
> package in a FreeBSD 3.4  Box. When I send a message for a local user,
> this message doesn't get in the mailbox. And the qmail-send answer me
> that the mailbox doesn't exist, but the mailbox exist, and it is with
> the right permissions. I use qmail with maildir option.

Ok.

> The domain is in the locals, me and rcpthosts files.
> I've started pop3 and smtp in the inetd.conf file with the follow
> lines:
> 
> pop3 stream tcp nowait root /var/qmail/bin/qmail-popup qmail-popup
> ab.com.br /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
> smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env
> /var/qmail/bin/qmail-smtpd

Ok, although tcpserver is recommended these days rather than inetd. I've
run qmail on FreeBSD 3.3, 3.4, 3.5 and 4.x with tcpserver and I prefer
that configuration.

> I use the shell script in the /usr/local/etc/rc.d/qmaild.sh with
> the follow lines:
> 
> #!/bin/sh
> 
> # Using splogger to send the log through syslog.
> # Using qmail-local to deliver messages to ~/Mailbox by default.
> 
> exec env - PATH="/var/qmail/bin:$PATH" \
> qmail-start ./Maildir splogger qmail &
  ^
The first argument to qmail-start tells qmail how to deliver local mail.
In your case, you've said to deliver it to a mbox-style mailbox called
Maildir in the user's home directory, *not* a maildir.

If you add a trailing slash, like this: ./Maildir/, you are saying to
deliver to a maildir-style directory named Maildir in the users home
directory.

If your users have .qmail files in their home directories, they can
specify different delivery instructions. Otherwise, the default delivery
instruction from the qmail-start command-line is followed. If there is
no mbox file named $HOME/Maildir, then qmail is correct - the mailbox
doesn't exist. Add the slash at the end and see if that works better.

> Another thing is when I send a message from the local network to
> other domains, it answers me that these domains aren't in the
> rcpthosts files, but it's is very strange!!!

You need to enable selective relaying. See

http://web.infoave.net/~dsill/lwq.html#relaying

for information on how to configure this.

> Can you imagine if I put in the rcpthosts files whole the domains
> that exist in the Internet networking?

The rcpthosts file should contain only domains that you want to receive
mail *for*. NOT domains you want to send mail *to*. Again, to allow
other machines to use your qmail installation to send mail, you must
enable relaying for those machines. See above.

> I understood that the rcpthosts file is to avoid spam from the other
> networks, and not to filter the destination addresses.
> If you could help me about it I would thank.
> 
> 
> Regards Cleiton.
> 

-thl

Re: secrets and lies

[Paul Jarc]

"Michael T. Babcock" <[EMAIL PROTECTED]> writes:
> Paul Jarc wrote:
> > The GPL doesn't give you permission to get a copy of Emacs; it
> > only specifies what you can do once you have.
> 
> For a lot of people, being able to obtain said software isn't the
> problem -- its the right to use it in the ways they wish to do so in
> the long term.

Yes, I know, but the message I was responding to addressed this point
specifically.


paul

Re: secrets and lies

[Paul Jarc]

Adam McKenna <[EMAIL PROTECTED]> writes:
> Maybe he'd think about changing dist.html.  After he changed it,
> could I then continue distributing this package without fear of
> being sued?

If the new dist.html said no, then it would seem clear that you
couldn't.  This is not an ambiguity in the current or potential future
dist.html, but I think I see your point now: you want to know what you
will *always* be allowed to do with qmail, not just what you are
allowed to do today.  (Right?)

Well, barring future changes in copyright law (which could potentially
invalidate *any* statement we might make today), you will always be
allowed to patch, compile, back up, and run qmail.  You will always be
allowed to distribute your patches, since you hold copyright on them
(I think).  Additionally, you can redistribute vanilla qmail today.
You do not have the guarantee that you will always be allowed to
redistribute qmail, but this is not ambiguous - it's clearly, if
implicitly, unspecified.  If you agree with this but call it
"ambiguous" instead of "unspecified", then I guess we'll just have to
be more careful how we use such words to avoid confusion.


paul

Re: secrets and lies

[David Dyer-Bennet]

Paul Jarc <[EMAIL PROTECTED]> writes on 20 November 2000 at 13:21:16 -0500
 > Adam McKenna <[EMAIL PROTECTED]> writes:
 > > I want an unambiguous license included with the software that
 > > explicitly defines what I am allowed to do with it.  If you don't
 > > need that then fine, but please don't argue that it's not needed,
 > > because there are clearly a number of people on this list that
 > > desire it.
 > 
 > Please don't confuse need with desire.  You may not like dist.html or
 > softwarelaw.html or rights.html, but I don't see ambiguity in them,
 > and I don't see how including them in the software distributions would
 > make them any more legally significant.

Equally, you should not confuse *your* needs (or lack thereof) with
other people's needs.
-- 
David Dyer-Bennet  /  Welcome to the future!  /  [EMAIL PROTECTED]
SF: http://www.dd-b.net/dd-b/  Minicon: http://www.mnstf.org/minicon/
Photos: http://dd-b.lighthunters.net/

another problem

[Travis Turner]

This is another problem that I am getting.  Again if
you could send your response to my address I would
appreciate it. 
Thanks Travis


Hi. This is the qmail-send program at
mail.appliedi.com.
I tried to deliver a bounce message to this address,
but the bounce bounced!


<[EMAIL PROTECTED]>:
63.145.215.13 failed after I sent the message.
Remote host said: 554 too many hops, this message is
looping (#5.4.6)


--- Below this line is the original bounce.


Return-Path: <>
Received: (qmail 3045 invoked from network); 20 Nov
2000 18:01:36 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:36
-
Received: (qmail 3041 invoked from network); 20 Nov
2000 18:01:36 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:36
-
Received: (qmail 3037 invoked from network); 20 Nov
2000 18:01:36 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:36
-
Received: (qmail 3033 invoked from network); 20 Nov
2000 18:01:35 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:35
-
Received: (qmail 3029 invoked from network); 20 Nov
2000 18:01:35 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:35
-
Received: (qmail 3025 invoked from network); 20 Nov
2000 18:01:35 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:35
-
Received: (qmail 3021 invoked from network); 20 Nov
2000 18:01:35 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:35
-
Received: (qmail 3017 invoked from network); 20 Nov
2000 18:01:35 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:35
-
Received: (qmail 3013 invoked from network); 20 Nov
2000 18:01:35 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:35
-
Received: (qmail 3009 invoked from network); 20 Nov
2000 18:01:35 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:35
-
Received: (qmail 3005 invoked from network); 20 Nov
2000 18:01:34 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:34
-
Received: (qmail 3001 invoked from network); 20 Nov
2000 18:01:24 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:24
-
Received: (qmail 2997 invoked from network); 20 Nov
2000 18:01:24 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:24
-
Received: (qmail 2993 invoked from network); 20 Nov
2000 18:01:24 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:24
-
Received: (qmail 2989 invoked from network); 20 Nov
2000 18:01:24 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:24
-
Received: (qmail 2985 invoked from network); 20 Nov
2000 18:01:24 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:24
-
Received: (qmail 2981 invoked from network); 20 Nov
2000 18:01:24 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:24
-
Received: (qmail 2977 invoked from network); 20 Nov
2000 18:01:24 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:24
-
Received: (qmail 2973 invoked from network); 20 Nov
2000 18:01:23 -
Received: from mail.appliedi.com (HELO
hello?this?is?an?Applied?Integration?machine)
([EMAIL PROTECTED])
  by mail.appliedi.com with SMTP; 20 Nov 2000 18:01:23
-
Re

Re: SMTP on a port other than 25

[Rob Hines Jr.]

Here's my run script in supervise:

#!/bin/sh
QMAILDUID=`/usr/xpg4/bin/id -u qmaild`
NOFILESGID=`/usr/xpg4/bin/id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
exec /usr/local/bin/softlimit -m 400 \
/usr/local/bin/tcpserver -v -H -R -l 0 -x /etc/tcp.smtp.cdb -c "$MAXSMTPD"
\
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-smtpd /bin
/checkpassword /bin/true /bin/cmd5checkpw /bin/true 2>&1 &

exec /usr/local/bin/softlimit -m 400 \
/usr/local/bin/tcpserver -v -H -R -l 0 -x /etc/tcp.smtp.cdb -c "$MAXSMTPD"
\
-u "$QMAILDUID" -g "$NOFILESGID" 0 ghost-smtp /var/qmail/bin/qmail-smtp
d /bin/checkpassword /bin/true /bin/cmd5checkpw /bin/true 2>&1 &

I guess I'm not understanding the question. Are we missing the realization that
ports and interfaces are different?

So it doesn't matter if it's 0 25, or 0 smtp, or 127.0.0.1 25, or 127.0.0.1 smtp, or
localhost 25, or localhost smtp or whatever, so long as you have an interface, and a
port, right?

Rob

Ricardo Cerqueira wrote:

> That's not the issue. According to the original mail, he wrote "tcpserver
>  25 smtp"
>
> > without to write in command this '0' writting only nummber of port
> > and 'smtp'
>
> That 25 is supposed to be the IP address where tcpserver is supposed to
> bind itself to. I _know_ you can write whatever you want in the port
> option, as long as it matches something in /etc/services, or is an integer.
> But "host" is supposed to be a host, or 0 (for "all interfaces"). 25
> shouldn't work.
>
> RC
>
> On Mon, Nov 20, 2000 at 12:27:21PM -0500, Rob Hines Jr. wrote:
> > Just go into /etc/services and make a name alias if you feel more comfortable
> > with that. tcpserver actually looks up 'smtp' in the services file to find out
> > the port number. right now, I am using smtp-ghost in my second tcpserver init,
> > and I set up smtp-ghost in the services file to look at my alternate port. In
> > any case, tcpserver doesn't care if you put smtp, or 25 in that spot.
> >
> > Works just fine for me.
> >
> > Rob
> >
> > Ricardo Cerqueira wrote:
> >
> > > >
> > > > a propos tcpserver with smtp - on Solaris, where zero '0' before
> > > > smtp word has been written the program not works. So we uses it
> > > > without to write in command this '0' writting only nummber of port
> > > > and 'smtp'
> > > >
> > >
> > > Errr... and it works??? Those args are supposed to be "IP address" and
> > > "port". 0 stands for "all interfaces", and "smtp" stands for 25.
> > > If you're writing "25 smtp"... It's NOT supposed to be bound to any
> > > interface (is there any kind of int in solaris responding as 25?)
> > >
> > > RC
> > >
> > > --
> > > +---
> > > | Ricardo Cerqueira
> > > | PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 DB 28 DE 03 42
> > > | Novis  -  Engenharia ISP / Rede Técnica
> > > | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal
> > > | Tel: +351 2 1010  - Fax: +351 2 1010 4459
> > >
> > >   
> > >Part 1.2Type: application/pgp-signature
> >
> > --
> > Rob Hines Jr.
> > System Administrator
> >
> > Phone:  (317)469-4535
> > Fax:  (317)469-4508
> > Email: [EMAIL PROTECTED]
> > URL: http://www.joboptions.com
> >
> >
>
> --
> +---
> | Ricardo Cerqueira
> | PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 DB 28 DE 03 42
> | Novis  -  Engenharia ISP / Rede Técnica
> | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal
> | Tel: +351 2 1010  - Fax: +351 2 1010 4459
>
>   
>Part 1.2Type: application/pgp-signature

--
Rob Hines Jr.
System Administrator

Phone:  (317)469-4535
Fax:  (317)469-4508
Email: [EMAIL PROTECTED]
URL: http://www.joboptions.com

Re: tcpserver: fatal: unable to bind: address already used

[Charles Cazabon]

Jon <[EMAIL PROTECTED]> wrote:
> 
> When I started up qmail today (it has worked before) I got this error in my
> /var/log/qmail/smtpd/current -
> 
> @40003a19660f0523d96c tcpserver: fatal: unable to bind: address already
> used

Something is already bound to port 25 on your machine.  Perhaps one of
your Solaris patches re-enabled sendmail?  They've been known to do that.
Otherwise, check your inetd.conf and ensure it's not trying to listen for
smtp traffic for you.

Charles
-- 
---
Charles Cazabon<[EMAIL PROTECTED]>
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
---

RE: customizable undeliverable email messages

[David Dyer-Bennet]

Troy Muller <[EMAIL PROTECTED]> writes on 20 November 2000 at 09:46:09 -0800

 >> My basic advice is "it's best not to mess with it".  This is a
 >> large, complex, can of worms, and it's not (in practice) governed
 >> by standards or even written documentation.

 > If this is the case, how come all most all mtu's have a similar
 > format to bounced mail?  Maybe this is a case for making it a
 > standard?  Since we want complete inoperability between all the
 > mailers out there, we should push for a standard.

(Your quoting came out backwards; I've fixed it above to prevent
confusion).

If you think MTAs mostly have similar formats, you're not looking at a
wide enough variety of traffic.  

A new standard would almost certainly not be widely adopted, so a new
one would only *add* to the confusion.  The existing DSN spec is not
supported by qmail, and is in general too complex to be a good choice.
-- 
David Dyer-Bennet  /  Welcome to the future!  /  [EMAIL PROTECTED]
SF: http://www.dd-b.net/dd-b/  Minicon: http://www.mnstf.org/minicon/
Photos: http://dd-b.lighthunters.net/

Re: return receipts

[Gerry Boudreaux]

This is a MUA, not a MTA issue...

If the MUA honors the receipt request then the MTA will carry it.

Hope this helps

Gerry

At 11:58 AM 11/20/2000, Tzabu wrote:
>Hi...
>
>Some of my clients use Netscape and it's feature Return Receipts. Can 
>anyone tell me what can I do to get them working in qmail? Any patches 
>available that add this functionality?

Re: secrets and lies

[Adam McKenna]

On Mon, Nov 20, 2000 at 01:21:16PM -0500, Paul Jarc wrote:
> Adam McKenna <[EMAIL PROTECTED]> writes:
> > I want an unambiguous license included with the software that
> > explicitly defines what I am allowed to do with it.  If you don't
> > need that then fine, but please don't argue that it's not needed,
> > because there are clearly a number of people on this list that
> > desire it.
> 
> Please don't confuse need with desire.  You may not like dist.html or
> softwarelaw.html or rights.html, but I don't see ambiguity in them,

You don't, but others do.  For instance, I can distribute a package that
contains pristine qmail source and patches, and include a script which 
applies the patches, changes conf-home, and compiles and installs qmail.  
According to dist.html, that would be fine.  But what if Dan found out 
someone was doing this and got angry?  Maybe he'd think about changing 
dist.html.  After he changed it, could I then continue distributing this 
package without fear of being sued?

> and I don't see how including them in the software distributions would
> make them any more legally significant.

Including them in the tarball would set specific terms on specific pieces of 
software.

--Adam

-- 
Adam McKenna <[EMAIL PROTECTED]> | "No matter how much it changes, 
http://flounder.net/publickey.html   |  technology's just a bunch of wires 
GPG: 17A4 11F7 5E7E C2E7 08AA|  connected to a bunch of other wires."
 38B0 05D0 8BF7 2C6D 110A|  Joe Rogan, _NewsRadio_
  2:52pm  up 163 days, 13:08, 11 users,  load average: 0.28, 0.08, 0.03

Re: tcpserver: fatal: unable to bind: address already used

[Kris Kelley]

Jon wrote:
> When I started up qmail today (it has worked before) I got this error in
my
> /var/log/qmail/smtpd/current -
>
> @40003a19660f0523d96c tcpserver: fatal: unable to bind: address
already
> used

Something else is hogging the port.  Is sendmail running on your system?

---Kris Kelley

Re: run file suddenly disappear!!

[Paul Jarc]

Mate Wierdl <[EMAIL PROTECTED]> writes:
> On Mon, Nov 20, 2000 at 01:58:13PM +0800, Eric Yu wrote:
> > the log directory for qmail-smtpd is /var/log/qmail/smtpd
> 
> Yes, but the logdir for qmail-send is /var/log/qmail !!

But this should not cause problems.  multilog (running in
/var/log/qmail) won't notice or touch any file named "smtpd".


paul

Re: secrets and lies

[Michael T. Babcock]

Paul Jarc wrote:

> It's the same situation as with, say, Emacs.  The GPL doesn't give you
> permission to get a copy of Emacs; it only specifies what you can do
> once you have.  The nearest I could find to explicit permission to
> download it is "By FTP we provide source code for all GNU software,
> free of charge." at
> http://www.gnu.org/software/software.html#HowToGetSoftware>, and
> that covers only the GNU site itself, not mirrors.  I think
> rights.html is clearer.

For a lot of people, being able to obtain said software isn't the problem -- its
the right to use it in the ways they wish to do so in the long term.  That's what
licenses are about.  The fact that GNU software happens to be mirrored all over
the globe pretty much eliminates the obtaining factor ... especially since anyone
who has a copy has full rights to redistribution under the GPL.
--
Michael T. Babcock, C.T.O. FibreSpeed
http://www.fibrespeed.net/~mbabcock

Re: secrets and lies

[Paul Jarc]

Adam McKenna <[EMAIL PROTECTED]> writes:
> I want an unambiguous license included with the software that
> explicitly defines what I am allowed to do with it.  If you don't
> need that then fine, but please don't argue that it's not needed,
> because there are clearly a number of people on this list that
> desire it.

Please don't confuse need with desire.  You may not like dist.html or
softwarelaw.html or rights.html, but I don't see ambiguity in them,
and I don't see how including them in the software distributions would
make them any more legally significant.


paul

Re: SMTP on a port other than 25

[Ricardo Cerqueira]

That's not the issue. According to the original mail, he wrote "tcpserver
 25 smtp"

> without to write in command this '0' writting only nummber of port
> and 'smtp'

That 25 is supposed to be the IP address where tcpserver is supposed to
bind itself to. I _know_ you can write whatever you want in the port
option, as long as it matches something in /etc/services, or is an integer.
But "host" is supposed to be a host, or 0 (for "all interfaces"). 25
shouldn't work.

RC

On Mon, Nov 20, 2000 at 12:27:21PM -0500, Rob Hines Jr. wrote:
> Just go into /etc/services and make a name alias if you feel more comfortable
> with that. tcpserver actually looks up 'smtp' in the services file to find out
> the port number. right now, I am using smtp-ghost in my second tcpserver init,
> and I set up smtp-ghost in the services file to look at my alternate port. In
> any case, tcpserver doesn't care if you put smtp, or 25 in that spot.
> 
> Works just fine for me.
> 
> Rob
> 
> Ricardo Cerqueira wrote:
> 
> > >
> > > a propos tcpserver with smtp - on Solaris, where zero '0' before
> > > smtp word has been written the program not works. So we uses it
> > > without to write in command this '0' writting only nummber of port
> > > and 'smtp'
> > >
> >
> > Errr... and it works??? Those args are supposed to be "IP address" and
> > "port". 0 stands for "all interfaces", and "smtp" stands for 25.
> > If you're writing "25 smtp"... It's NOT supposed to be bound to any
> > interface (is there any kind of int in solaris responding as 25?)
> >
> > RC
> >
> > --
> > +---
> > | Ricardo Cerqueira
> > | PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 DB 28 DE 03 42
> > | Novis  -  Engenharia ISP / Rede Técnica
> > | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal
> > | Tel: +351 2 1010  - Fax: +351 2 1010 4459
> >
> >   
> >Part 1.2Type: application/pgp-signature
> 
> --
> Rob Hines Jr.
> System Administrator
> 
> Phone:  (317)469-4535
> Fax:  (317)469-4508
> Email: [EMAIL PROTECTED]
> URL: http://www.joboptions.com
> 
> 

-- 
+---
| Ricardo Cerqueira  
| PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 DB 28 DE 03 42 
| Novis  -  Engenharia ISP / Rede Técnica 
| Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal
| Tel: +351 2 1010  - Fax: +351 2 1010 4459

 PGP signature

return receipts

[Tzabu]

Hi...
 
Some of my clients use Netscape and it's feature Return 
Receipts. Can anyone tell me what can I do to get them working in qmail? 
Any patches available that add this 
functionality?

Re: smtp/tcp service is flooded

[markd]

On Mon, Nov 20, 2000 at 10:27:03AM -0700, Travis Turner wrote:
> What is happening to my server any clues.

inetd has primitive tests that it thinks checks for loops and/or failing
services. Check your inetd manpage, particularly the -r option.

inetd simply wasn't well designed for high volume smtp which is why many
people switch to tcpserver. It's pretty straightforward to switch over,
so you'll want to consider doing so.


Regards.

> 
> Nov 19 13:53:49 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$
> Nov 19 14:04:09 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$
> Nov 19 14:21:56 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$
> Nov 19 14:45:46 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$
> Nov 19 14:56:31 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$
> Nov 19 15:08:53 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$
> Nov 19 15:20:07 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$
> 
> Regards,
> 
> 
> Travis Turner
> Information Technology Manager
> Applied Integration Corporation
> Tucson, Arizona  U.S.A.
> Phone (520) 743-3095
> Fax (520) 623-1683
> 
> "Do not meddle in the affairs of dragons for you are crunchy
> and taste good with ketchup."
> 
> 
> 

tcpserver: fatal: unable to bind: address already used

[Jon]

Hi Everyone,

When I started up qmail today (it has worked before) I got this error in my
/var/log/qmail/smtpd/current -

@40003a19660f0523d96c tcpserver: fatal: unable to bind: address already
used

I am running Solaris and the current version of qmail.  Any ideas of what
the problem is and how I can fix it,

Thanks,

Jon

Re: Hop count problem in qmail-send

[markd]

> >> 1) qmail-inject queues a mail for the original To: address
> >> 2) qmail-send delivers this mail using qmail-lspawn to this same .qmail
> >> file
> >> 3) goto 1
> > 
> > There's an important point you've missed. Step 2a where qmail-lspawn uses
> > qmail-local to deliver the mail to .qmail. qmail-local will not deliver
> > a mail that already has the same Delivered-To: header that it wants to
> > generate.
> 
> This is the catch; without preline, there is no Delivered-To: header.
> I'd figure qmail-local (or any of the steps before it) would also check
> the hop count.

Hmm. Whilst the qmail-command manpage does say this:

 WARNING: The mail message does not begin with  qmail-local's
 usual Return-Path and Delivered-To lines.

in relation to pipeline deliveries, I'm struggling to understand
*why* that choice was made. When does a pipeline delivery make it ok
to loop thru the same .qmail file?

I guess one reason is that it's a lot easier to use preline (or echo $DTLINE) to
add the header than it is for any script that needs to, to reliably remove an
embedded header. There must be another but it's not coming to me right now.

And yes, as a fallback qmail-local *could* count Received: lines, just
as qmail-smtpd does.

Actually qmail-queue would be a better spot for this. A slight complication is that
qmail-queue does very little header scanning of the input right now. Having said
that, performing the test in qmail-queue has the advantage of catching loops on all
queue insertion and eliminates the need for this code in qmail-smtpd (I note
no checking seems to be done in qmail-qmqpd).

> I'm afraid they got lost with the rest of the 100Mb I had to chuck. If I
> remeber correctly, there were a lot of MBOX lines and a lot of Received:
> lines inserted by my local qmail. This is how the remote smtpds counted
> the number of hops, I guess.

You remembered correctly. It turns out to be trivial to reproduce. You just need
this:

| qmail-inject

in the offending .qmail file.


Regards.

Re: qmail build problem under SuSE 7.0

[David Benfell]

Eek!  Looks like my update didn't make it...  I did get it to compile
and I think it's working...  Yay!

On Mon, Nov 20, 2000 at 12:19:38AM -0500, Adam McKenna wrote:
> 
> On Sun, Nov 19, 2000 at 07:16:07PM -0800, David Benfell wrote:
> > > I serioulsy suggest that you downgrade to your OS's latest supported glibc, 
> > > unless there is a specific reason you need a later one.  Building glibc from
> > > source is not for amateurs.
> > > 
> > I think I've done just that:
> > 
> > benfell:~ # ls -al /lib/libc*
> > -rwxr-xr-x   1 root root  4070534 Sep 20 09:07 /lib/libc.so.6
> 
> Er, why is libc.so.6 not a symlink?  Doesn't ldconfig give a warning?
> 
Hmmm... ldconfig does not complain.

> > lrwxrwxrwx   1 root root   17 Nov 14 10:39 /lib/libcom_err.so.2 -> 
>libcom_err.so.2.0
> > -rwxr-xr-x   1 root root 8133 Jul 29 07:33 /lib/libcom_err.so.2.0
> > -rwxr-xr-x   1 root root61180 Sep 20 09:07 /lib/libcrypt.so.1
> > benfell:~ # rpm -qf /lib/libc.so.6
> > shlibs-2.1.3-163
> > 
> > This is the latest version of glibc that SuSE offers.  "rpm -vf
> > /lib/libc.so.6 --verify" returns no output, so I presume all is well,
> > but just to be sure, I did "rpm -a --verify | less" and saw output
> > consistent with what I believe I've done to the system.
> > 
> > Next, I went looking for libresolv (note the before and after shots
> > separated by an updatedb):
> 
> How about resolv.h?  I'd remove everything glibc-related in /usr/local/lib
> and /usr/local/include if I were you.
> 
Yup.  This was it.  I'd nailed /usr/local/lib, but not
/usr/local/include.  Maybe next time I'll remember.

> > I think this is the wrong place for a religious war on Debian, but I
> > guess I did start it.  I'll only say that from what I've seen, they
> > have lots of problems with their unstable branch.  And they do warn
> > you about this.  My approach has, so far, generated less difficulty,
> > mainly because I focus on packages for which there have been security
> > alerts.  The solution for a security alert on "su" turns out to be
> > building against glibc 2.1.3 or higher.  So I upgraded glibc (I think
> > this is a lot easier than it used to be) on my other systems and
> > rebuilt sh-utils successfully.  Admittedly, in this case, it was
> > unnecessary to upgrade to glibc 2.2.
> 
> I'm not sure you understand what Debian unstable is.  It's the most recent
> version of every package, rather than a set of packages that has been deemed
> "stable".  So, of course there will be problems.  The question is, how bad
> will those problems be?  You can stop updating your unstable dist whenever 
> you want, or update selected packages.
> 
At least with unstable, they're warning you.  And with their scheme of
things, I accept that you're taking your life in your hands when you
use unstable.  Fine, you're going for the ride, scary as it might be,
but that's your choice.  Hell, I run development kernels on production
boxes and blithely upgrade glibcs.  Who am I to criticize you for
that?

Their process is not one I trust.  In theory, it should be a good one
because it includes the ability to audit code.  In practice, I keep
hearing about major problems where they really, really break things,
and not just in unstable.  So I don't think their process is working
well.

I won't soon forget how I had to run around to a bunch of my
co-workers' machines with a floppy disk.  They had installed Debian,
for whatever reason it is that people choose Debian.  And now they
didn't have a working dhcpcd.  That made it tougher for them to
download any other fixes that needed to be applied.  So there I was,
with my version of dhcpcd from a SuSE system...

This was not a new bug.  I had encountered it on two previous attempts
to install Debian.

But when I ask Debian advocates about the dhcpcd episode, all I hear
is silence.

Lately, I've seen on an internal mailing list how they've gone and
broken about three packages in stable and are denying that there's any
problem whatsoever.  A bunch of people where I work are pretty unhappy
about that.

If I recall correctly, one of those packages is mutt.  This strikes me
as really, really strange.  I think I've downloaded and built most of
the versions that have come out in the last couple years.  While it
doesn't seem to handle Maildirs as well as I'd like, I can't say I've
actually had a broken one.  So I'm wondering what happened to break it
on Debian.

Note I am specifically not criticizing Debian for its decision to drop
support for slink.  While there's been plenty of grumpiness about
that, I believe they kept it on artificial life support for far too
long.  From what I've seen on the lists, it's pretty much agreed that
potato took far too long to come out.  But, this is a volunteer
effort.  Life is like that.

Now one of our most talkative system administrators is crowing about
their decision to go with Red Hat.  (This, after he arrived at the
company singing the praises of D

Re: run file suddenly disappear!!

[Mate Wierdl]

On Mon, Nov 20, 2000 at 01:58:13PM +0800, Eric Yu wrote:
> Mate Wierdl wrote:
> 
> > On Fri, Nov 17, 2000 at 06:03:31PM +0800, eric yu wrote:
> > > /service/qmail-send/log/run
> > >
> > > #!/bin/sh
> > > SETUIDGID=/usr/local/bin/setuidgid  # directory for setuidgid
> > > MULTILOG=/usr/local/bin/multilog# directory for multilog
> > > PROG=smtpd
> > > LOGDIR=/var/log/qmail  # directory for qmail-send log
> > > LOGUSER=qmaill  # user to own logs
> > > LOGNUM=10# number of log files.
> > > LOGSIZE=500  # maximum file size for log files.
> > >
> > > exec $SETUIDGID $LOGUSER $MULTILOG t n$LOGNUM s$LOGSIZE $LOGDIR
> >
> > So your $LOGDIR is /var/log/qmail, but then

Please read the line above---again.

> >
> > > /service/qmail-smtpd/log/run
> > >
> > > #!/bin/sh
> > > # This is the run file for supervise to execute the qmail-smtpd's log.
> > >
> > > SETUIDGID=/usr/local/bin/setuidgid  # directory for setuidgid
> > > MULTILOG=/usr/local/bin/multilog# directory for multilog
> > > PROG=smtpd
> > > LOGDIR=/var/log/qmail/$PROG # directory for qmail-smtpd log
> > > LOGUSER=qmaill  # user to own logs
> > > LOGNUM=10   # number of log files
> > > LOGSIZE=500  # maximum file size for log files
> > >
> > > exec $SETUIDGID $LOGUSER $MULTILOG t n$LOGNUM s$LOGSIZE $LOGDIR
> >
> > so the $LOGDIR is a subdir of qmail-send's logdir which is again
> > /var/log/qmail.
> 
> the log directory for qmail-smtpd is /var/log/qmail/smtpd

Yes, but the logdir for qmail-send is /var/log/qmail !!

What are the permissions on /var/log/qmail and /var/log/qmail/smtpd ?

Mate

Re: RBL

[Jon Griffin]

I think I entered the names that I got off of the anti-spam doc on qmail.org.
I could have messed up also, thanks for the corrections.

At 11:32 AM 11/20/00 -0600, Mate Wierdl wrote:
> > msci.memphis.edu
>
>This should be relays.msci.memphis.edu.
>
>How did you enter these domains?
>Why did you enter both
>
>dul.maps.vix.com
>
>and
>
>dialups.mail-abuse.org
>
>What is the difference?
>
>Mate

RE: customizable undeliverable email messages

[Troy Muller]

David et all,

See below:



--
Troy Muller
Sr. Unix Administrator
SAGEport, Inc 

I laughed, I cried, I then used Debian Linux.


-Original Message-
From: David Dyer-Bennet [mailto:[EMAIL PROTECTED]]
Sent: Saturday, November 18, 2000 10:11 AM
To: '[EMAIL PROTECTED]'
Subject: Re: customizable undeliverable email messages


Troy Muller <[EMAIL PROTECTED]> writes on 17 November 2000 at 15:37:16
-0800
 > Hi all,
 > 
 > Being new to qmail, I thought this would be the appropriate place to ask
 > this question.
 > 
 > How do I (or can I?) go about handling undeliverable email messages
 > differently than what is currently being used.  What I am looking to do
is
 > to intercept the message going to any user (all of them), re-write the
 > message to make it a bit more clear for users to debug these problems
 > themselves and also give them suggested hints as to what they could do to
 > verify that the email address is correct, etc.
 > 
 > I know if my site (domain) generates the error, I log it and also send
this
 > type of info to the user on the other end, but I want to do this when the
 > final destination fails to deliver the message and the remote system
replys
 > with an undeliverable email message.  I want to be able to intercept
these
 > undeliverable email messages and put them in a format that I think is
 > appropriate.

My basic advice is "it's best not to mess with it".  This is a large,
complex, can of worms, and it's not (in practice) governed by
standards or even written documentation.

>> If this is the case, how come all most all mtu's have a similar format to
bounced mail?
>> Maybe this is a case for making it a standard?  Since we want complete
inoperability between all the
>> mailers out there, we should push for a standard.



If you *must* do it, do a lot of research on what bounce formats
various software recognizes.  Relevant software includes mailing list
managers, MUAs (many offer the option to retry or resend a bounce),
and any sort of auto-responder.  You will be doing the net a grave
disservice if you break these.

>> I was afriad of this.  Sound like a lot of work.  Does anyone have a
starting point?

-troy

Then, what you need to put your new software in control of nonexistent
addresses is a .qmail-default file in the appropriate place.
-- 
David Dyer-Bennet  /  Welcome to the future!  /
[EMAIL PROTECTED]
SF: http://www.dd-b.net/dd-b/  Minicon:
http://www.mnstf.org/minicon/
Photos: http://dd-b.lighthunters.net/

Re: smtp/tcp service is flooded

[Alex Pennace]

On Mon, Nov 20, 2000 at 10:26:41AM -0700, Travis Turner wrote:
> What is happening to my server any clues.
> 
> Nov 19 13:53:49 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$
> Nov 19 14:04:09 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$
[snip]

http://cr.yp.to/qmail/faq/servers.html#tcpserver-smtpd

 PGP signature

Re: ORBS helps hackers to break into srevers

[Alex Pennace]

On Mon, Nov 20, 2000 at 07:08:33AM +0100, Piotr Kasztelowicz wrote:
> It not difficult to spuppose, that if MTA were old and
> insecure=possible for open relay the rest of sotwares
> are insecure too.

There are many insecure hosts that are not on the ORBS list simply
because they are not running an open relay. There are many hosts
listed in ORBS that are otherwise secure but someone made an
oopsie. In particular, I believe many older but still prevalent Linux
distributions came with MTAs that were open relays by default but were
otherwise secure.

> There is problem with them, tha
> the list of "relay host's" is widely published on net,
> instead to send it interested admin.

Let's entertain your thoughts on security: if a host is truly
comprimised either by being an open relay or other vulnerability, why
should other hosts have to endure abuse from it? ORBS allows other
administrators to block out a certain subset of hosts.

And even without ORBS there are still plenty of ways for the local
script kiddie to find your system.

 PGP signature

smtp service being flooded

[Travis Turner]

What is happening to my server any clues.

Nov 19 13:53:49 mail inetd[516]: smtp/tcp server
failing (looping or being flooded) stopping service
for 10 minutes$
Nov 19 14:04:09 mail inetd[516]: smtp/tcp server
failing (looping or being flooded$
Nov 19 14:21:56 mail inetd[516]: smtp/tcp server
failing (looping or being flooded$
Nov 19 14:45:46 mail inetd[516]: smtp/tcp server
failing (looping or being flooded$
Nov 19 14:56:31 mail inetd[516]: smtp/tcp server
failing (looping or being flooded$
Nov 19 15:08:53 mail inetd[516]: smtp/tcp server
failing (looping or being flooded$
Nov 19 15:20:07 mail inetd[516]: smtp/tcp server
failing (looping or being flooded$

Please reply directly to me because as you can see
this is the problem

Regards,

Travis

__
Do You Yahoo!?
Yahoo! Calendar - Get organized for the holidays!
http://calendar.yahoo.com/

Re: smtp/tcp service is flooded

[Charles Cazabon]

Travis Turner <[EMAIL PROTECTED]> wrote:
> What is happening to my server any clues.
> 
> Nov 19 13:53:49 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$
> Nov 19 14:04:09 mail inetd[516]: smtp/tcp server failing (looping or being 
> flooded$

Presumably you are receiving several mail connections in quick succession,
and qmail-smtpd accepts mail and then exits -- but its happening quickly
enough to trigger inetd's broken connection rate limiting.

Switch to tcpserver for qmail-smtpd and this 'problem' will go away.

Charles
-- 
---
Charles Cazabon<[EMAIL PROTECTED]>
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
---

Re: secrets and lies

[Adam McKenna]

On Mon, Nov 20, 2000 at 11:43:44AM -0500, Paul Jarc wrote:
> The same way as if rights.html were included in qmail-1.03.tar.gz: I'd
> ask people who had copies to present them, to support my claim.  There
> would be more such copies if it were included in qmail-1.03.tar.gz,
> but I'm not going to waste time worrying about it.

You're not, because you're not thinking from the perspective of someone who
wants to distribute.

> It's the same situation as with, say, Emacs.  The GPL doesn't give you
> permission to get a copy of Emacs; it only specifies what you can do
> once you have.  The nearest I could find to explicit permission to
> download it is "By FTP we provide source code for all GNU software,
> free of charge." at
> http://www.gnu.org/software/software.html#HowToGetSoftware>, and
> that covers only the GNU site itself, not mirrors.  I think
> rights.html is clearer.

You're still thinking too narrowly.  I want an unambiguous license included 
with the software that explicitly defines what I am allowed to do with it.
If you don't need that then fine, but please don't argue that it's not
needed, because there are clearly a number of people on this list that desire
it.

--Adam

-- 
Adam McKenna <[EMAIL PROTECTED]> | "No matter how much it changes, 
http://flounder.net/publickey.html   |  technology's just a bunch of wires 
GPG: 17A4 11F7 5E7E C2E7 08AA|  connected to a bunch of other wires."
 38B0 05D0 8BF7 2C6D 110A|  Joe Rogan, _NewsRadio_
 12:35pm  up 163 days, 10:52, 11 users,  load average: 0.14, 0.10, 0.03

Re: SMTP on a port other than 25

[Rob Hines Jr.]

Just go into /etc/services and make a name alias if you feel more comfortable
with that. tcpserver actually looks up 'smtp' in the services file to find out
the port number. right now, I am using smtp-ghost in my second tcpserver init,
and I set up smtp-ghost in the services file to look at my alternate port. In
any case, tcpserver doesn't care if you put smtp, or 25 in that spot.

Works just fine for me.

Rob

Ricardo Cerqueira wrote:

> >
> > a propos tcpserver with smtp - on Solaris, where zero '0' before
> > smtp word has been written the program not works. So we uses it
> > without to write in command this '0' writting only nummber of port
> > and 'smtp'
> >
>
> Errr... and it works??? Those args are supposed to be "IP address" and
> "port". 0 stands for "all interfaces", and "smtp" stands for 25.
> If you're writing "25 smtp"... It's NOT supposed to be bound to any
> interface (is there any kind of int in solaris responding as 25?)
>
> RC
>
> --
> +---
> | Ricardo Cerqueira
> | PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 DB 28 DE 03 42
> | Novis  -  Engenharia ISP / Rede Técnica
> | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal
> | Tel: +351 2 1010  - Fax: +351 2 1010 4459
>
>   
>Part 1.2Type: application/pgp-signature

--
Rob Hines Jr.
System Administrator

Phone:  (317)469-4535
Fax:  (317)469-4508
Email: [EMAIL PROTECTED]
URL: http://www.joboptions.com

Re: ORBS helps hackers to break into srevers

[Adam McKenna]

On Mon, Nov 20, 2000 at 01:33:22PM +0100, Piotr Kasztelowicz wrote:
> On Mon, 20 Nov 2000, Adam McKenna wrote:
> 
> > Hello, this list is for discussion of qmail, if you wish to discuss orbs
> > please take this to SPAM-L or elsewhere.
> 
> The answer for all subscibers, Adam, I am not sure that this is disscusion
> for spam-l rather than qmail list.

*PLONK*

--Adam

Re: RBL

[Mate Wierdl]

> msci.memphis.edu

This should be relays.msci.memphis.edu.

How did you enter these domains?
Why did you enter both 

dul.maps.vix.com

and

dialups.mail-abuse.org

What is the difference?  

Mate

smtp/tcp service is flooded

[Travis Turner]

What is happening to my server any clues.

Nov 19 13:53:49 mail inetd[516]: smtp/tcp server failing (looping or being 
flooded$
Nov 19 14:04:09 mail inetd[516]: smtp/tcp server failing (looping or being 
flooded$
Nov 19 14:21:56 mail inetd[516]: smtp/tcp server failing (looping or being 
flooded$
Nov 19 14:45:46 mail inetd[516]: smtp/tcp server failing (looping or being 
flooded$
Nov 19 14:56:31 mail inetd[516]: smtp/tcp server failing (looping or being 
flooded$
Nov 19 15:08:53 mail inetd[516]: smtp/tcp server failing (looping or being 
flooded$
Nov 19 15:20:07 mail inetd[516]: smtp/tcp server failing (looping or being 
flooded$

Regards,


Travis Turner
Information Technology Manager
Applied Integration Corporation
Tucson, Arizona  U.S.A.
Phone (520) 743-3095
Fax (520) 623-1683

"Do not meddle in the affairs of dragons for you are crunchy
and taste good with ketchup."

Re: secrets and lies

[Paul Jarc]

"Michael T. Babcock" <[EMAIL PROTECTED]> writes:
> Paul Jarc wrote:
> > "Pavel Kankovsky" <[EMAIL PROTECTED]> writes:
> > > But there are ABSOLUTELY no references to dist.html or
> > > softwarelaw.html in the source tarballs.
> >
> > So what?
> 
> So when a lot of people download the files, they don't know what the
> licensing is and have to ask on the list(s)

True, but not relevant to the question of what is legal.

> > I see no theories of his [in rights.html].  The only part there he
> > attributes to himself is:
> 
> He wrote it all -- its all DJB's theories -- they may be right or wrong, but
> he's not a lawyer so its not even really worth trusting his theories at all.

Have you even read rights.html?  When talking about what might be the
correct interpretation of the law, it says "Some people think ..." and
"Other people ...".  It doesn't say "I think".  Are you saying that
these are simply false statements, and that no one actually holds the
views that Dan says some do?  Even if so, why does it matter?  He says
"I promise I won't sue you for copyright violation for downloading
documents from my server."  Would you be more satisfied with something
like "I hereby waive my right to sue ..."?  It still wouldn't be a
contract.  He could still go back and edit it.  You'd still need
others' copies to support your claim that you got it legally.

> > which makes it clear to me that downloading, e.g., qmail-1.03.tar.gz
> > won't get me in trouble.
> 
> No, because there's no statement about whether the University he
> works at thinks that they own the Copyright on software he may have
> worked on while being paid by them -- he doesn't include a waiver
> statement by them either.

There's also no statement that he wrote any of his software on the
University's time.  He could publish a statement (by himself, or by
University officials) that he in fact is the copyright holder, but why
would you trust such an explicit statement over the implicit one,
since that statement could be false anyway?  If I really cared, I'd
want a signed document from the University.  Otherwise, the present
situation is as good as any other.


paul

Re: secrets and lies

[Paul Jarc]

Adam McKenna <[EMAIL PROTECTED]> writes:
> On Sun, Nov 19, 2000 at 09:05:04PM -0500, Paul Jarc wrote:
> > : I don't know which of these theories will succeed in court.  I also
> > : don't think you should have to care.  So I promise I won't sue you
> > : for copyright violation for downloading documents from my server.
> > 
> > which makes it clear to me that downloading, e.g., qmail-1.03.tar.gz
> > won't get me in trouble.
> 
> Unless Dan decides at a later date to remove that page from his website.  At
> that point, how will you prove that you obtained the software legitimately?

The same way as if rights.html were included in qmail-1.03.tar.gz: I'd
ask people who had copies to present them, to support my claim.  There
would be more such copies if it were included in qmail-1.03.tar.gz,
but I'm not going to waste time worrying about it.

It's the same situation as with, say, Emacs.  The GPL doesn't give you
permission to get a copy of Emacs; it only specifies what you can do
once you have.  The nearest I could find to explicit permission to
download it is "By FTP we provide source code for all GNU software,
free of charge." at
http://www.gnu.org/software/software.html#HowToGetSoftware>, and
that covers only the GNU site itself, not mirrors.  I think
rights.html is clearer.


paul

Re: secrets and lies

[David Dyer-Bennet]

Michael T. Babcock <[EMAIL PROTECTED]> writes on 20 November 2000 at 10:34:23 
-0500
 > Just like many others, IANAL, but ...
 > 
 > Paul Jarc wrote:

 > > I see no theories of his there.  The only part there he attributes to
 > > himself is:
 > 
 > He wrote it all -- its all DJB's theories -- they may be right or wrong, but
 > he's not a lawyer so its not even really worth trusting his theories at all.

But his statements about what he will and won't do in the future might
be considered binding.  For that matter, his belief that it's okay for
us to download stuff from his server, coupled with his placing stuff
on his server, could be interpreted as permission for us to download
that stuff.  

Or not.  I'd be happier with a clearcut license, and if I were trying
to get qmail into corporate environments I'd probably find the lack of
license a big problem.
-- 
David Dyer-Bennet  /  Welcome to the future!  /  [EMAIL PROTECTED]
SF: http://www.dd-b.net/dd-b/  Minicon: http://www.mnstf.org/minicon/
Photos: http://dd-b.lighthunters.net/

Separation of qmail-smtpd & qmail-remote

[Gan]

Hi!
I want to separate my mail server into 2 machines , (simple relaying but
too many users) , How can I do that? Should i use controls/smtproutes file ?

Delivery Service Notification

[Daniel POGAC]

Is qmail support Delivery
Service Notification ??? If the answer is yes, how i can enable it

 



Daniel POGAÈ

Tech. Support

TatraSoft Group s.r.o

Sibírska 4

83102 Bratislava

tel: +421-7-55574033

fax: +421-7-55566385

[EMAIL PROTECTED]

 

Re: dot-qmail help

[Charles Cazabon]

Pat Berry <[EMAIL PROTECTED]> wrote:
> 
> Problem: I have a dot-qmail file in ~alias that goes to a number of people
> and I would like to restrict it so that only a single host may send mail to
> that alias.
> 
> I'm pretty sure I need to check $QMAILHOST, no?  If in the dot-qmail file I
> do something like this:
> 
> |/path/to/shellscript
> 
> and the shell script checks the envars to make sure the sending host is
> cool, then how do I just have it go ahead and process the delivery to a
> bunch of people?

Have your .qmail file look like this:

|/path/to/shellscript
&address1@domain
&address2&domain
[...]

Have your script exit 0 if you want to allow the message to be delivered.
Have the script exit 99 to silently drop the message on the floor and not
forward it to anyone else.

Charles
-- 
---
Charles Cazabon<[EMAIL PROTECTED]>
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
---

dot-qmail help

[Pat Berry]

Hi all,

Preface: I've been through dot-qmail, qmail-command, and the list archives
and I just not getting it.

Problem: I have a dot-qmail file in ~alias that goes to a number of people
and I would like to restrict it so that only a single host may send mail to
that alias.

I'm pretty sure I need to check $QMAILHOST, no?  If in the dot-qmail file I
do something like this:

|/path/to/shellscript

and the shell script checks the envars to make sure the sending host is
cool, then how do I just have it go ahead and process the delivery to a
bunch of people?

Pat

--
Freestyle Interactive | http://www.freestyleinteractive.com/ | 415.869.7400

Re: secrets and lies

[Michael T. Babcock]

Just like many others, IANAL, but ...

Paul Jarc wrote:

> "Pavel Kankovsky" <[EMAIL PROTECTED]> writes:
> > But there are ABSOLUTELY no references to dist.html or softwarelaw.html in
> > the source tarballs.
>
> So what?

So when a lot of people download the files, they don't know what the licensing
is and have to ask on the list(s) -- if he refered to those URLs at least (in
all distributions) and/or included text versions (is it really that hard?),
people would know what they're getting.

> I see no theories of his there.  The only part there he attributes to
> himself is:

He wrote it all -- its all DJB's theories -- they may be right or wrong, but
he's not a lawyer so its not even really worth trusting his theories at all.

> which makes it clear to me that downloading, e.g., qmail-1.03.tar.gz
> won't get me in trouble.

No, because there's no statement about whether the University he works at thinks
that they own the Copyright on software he may have worked on while being paid
by them -- he doesn't include a waiver statement by them either.  In fact, the
only thing that's very clear from his documents on Copyright is that he either
doesn't like licenses, or he is afraid to use one because it won't hold up in
court and he'll lose the control he likes having.

Both those reasons are valid to me, btw.
--
Michael T. Babcock, C.T.O. FibreSpeed
http://www.fibrespeed.net/~mbabcock

Re: Slackware

[Milen Petrinski]

Here is my part of rc.local

echo "Starting qmail..."
/var/qmail/rc &

echo "Starting tcpserver..."
env - PATH="/var/qmail/bin:/usr/local/bin:/usr/local/bin/ezmlm"
/usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -u1001 -g102 0 smtp
/var/qmail/bin/qmail-smtpd &

/usr/local/bin/tcpserver -u1011 -g104 0 110 /var/qmail/bin/qmail-popup
bates.eu.com /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir &

I have setup qmail with vpopmail under tcpserver on Slackware 7.0

Milen

- Original Message -
From: Luka Gerzic <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, November 20, 2000 2:31 PM
Subject: Slackware


> Does anyone have a slackware startup scripts for qmail w/ qmailpop3d (on
> tcpserver)?
> There are some problems when try to fix configure script given on lwq.
> difference from RH is that slack have /etc/rc.d/ instead /etc/init.d/
> and also files rc. instead of rc.dX dir's.
>
> greetz
>
>

Re: ORBS helps hackers to break into srevers

[Johan Almqvist]

[sorry but this was just too much...]

On Mon, Nov 20, 2000 at 01:33:22PM +0100, Piotr Kasztelowicz wrote:
> Qmail is one MTA only, which suports and propagates ORBS "moral" and
> technical thus availablility to connect with qmail platform to ORBS
> and reject mail from listed by ORBS hosts.
> Neither sendmail nor postfix is interested with ORBS anty-spam system
> and don't support ORBS. The ORBS system is also by sendmail's and
> postfix's team not accepted. There only qmail administrators may
> use ORBS.

That is WRONG. I use ORBS on a number of servers that run sendmail,
postfix and Exim. It works like a charm, keeps out spam and has a few too
many false positives, which come in thru my secondary MX's (real spammers
don't usually retry sending to a fallback host...)

> If qmail team will resign to support ORBS their criminal story
> will be finished. Also you as qmail propagator too has more
> to deceide with them. This is also great question to you. 

Who is the qmail team? I have never heard of them and would like to make
their acquaintance.

> In my opinion ORBS - there are hackers supporters and first of
> all the hackers use the effects of its test to search "good" for
> hacking hosts. I have presented it on this list. Addtionaly - this
> is difficult to discuss with ORBS, while no person's name, who
> manage with them has been listed on ORBS WWW page.
> This is realy last posting form me on this subject and I think
> all has been said. I hope to be reason to think about this problem,
> which depends me personal and as I suppose the many host's admin

Can you please provide proof for ORBS supporting script kiddies?

If you mean that the OBRS list of potential relaying host as such
constitutes help to script kiddies, why does this not apply to other RBL
lists? And what technical solution to spreading such lists of IP's in a
secure manner do you propose?

> Piotr Kasztelowicz, MD
> Vicepresident of Polish Medical Internet Society

-Johan Almqvist
First Executive President of the International Swedish Society for Spam
Prevention, Yet To Be Founded.
-- 
Johan Almqvist

Re: ORBS helps hackers to break into srevers

[OK 2 NET - André Paulsberg]

> Qmail is one MTA only, which suports and propagates ORBS "moral" and
> technical thus availablility to connect with qmail platform to ORBS
> and reject mail from listed by ORBS hosts.
>
> Neither sendmail nor postfix is interested with ORBS anty-spam system and don't 
>support ORBS.
> The ORBS system is also by sendmail's and postfix's team not accepted.
> There only qmail administrators may use ORBS.

This is NOT true, and you are way off mark.

1. There is no official support of ORBS to my knowledge from QMAIL and its authors,
   not in the way you are implying in your posting to this list.

2. Sendmail and postfix and ALL other mailprograms/MTA's that support RBL-type 
blocking,
   will automaticly support ORBS and any other lists like it.

3. There are several conserend QMAIL admins how desperatly try to make their
   workload less affected by other mail-administrators poorly secured servers.

4. There are several other mail admins that run other MTA-software,
   who also run with ORBS with or without the "support" of the MTA-vendor.


> If qmail team will resign to support ORBS their criminal story will be finished.
> Also you as qmail propagator too has more to deceide with them.
> This is also great question to you.

You seem to mean that ORBS has done something wrong to you and/or others,
yet you have little or no evidence of your claims about criminal activities.


> In my opinion ORBS - there are hackers supporters and first of all the
> hackers use the effects of its test to search "good" for hacking hosts.

You seemed to have messed up you server and are now blaming ORBS for it,
your hacker visits could JUST aswell found your server like they did
BEFORE you where reported to ORBS and subsequently listed there.


> I have presented it on this list.
> Addtionaly - this is difficult to discuss with ORBS,
> while no person's name, who manage with them has been listed on ORBS WWW page.

His name is Alan Brown, and on his www.orbs.org page he has a [EMAIL PROTECTED]
as the contact address which should get you in contact with the adminitrators.


> This is realy last posting form me on this subject and I think
> all has been said. I hope to be reason to think about this problem,
> which depends me personal and as I suppose the many host's admin

You should realy get your server RE-TESTET, if it is secure it will
be removed but this is only possible if you are NOT blocking ORBS.

Your earlyer mails said you where blocking ORBS,
maybe ORBS administrators are TRYING to get in contact with you?


Regards André Paulsberg

Re: Slackware

[Steve Fulton]

Here's that portion of my rc.local file (in /etc/rc.d)

/usr/local/bin/tcpserver -v -R 0 pop3
/usr/local/qmail/bin/qmail-popup pop3.esotericsystems.org \
/bin/checkpassword /usr/local/qmail/bin/qmail-pop3d Maildir 2>&1 |
\ /usr/local/qmail/bin/splogger pop3d &

Works like a charm.

Steve.


- Original Message -
From: "Luka Gerzic" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, November 20, 2000 7:31 AM
Subject: Slackware


> Does anyone have a slackware startup scripts for qmail w/ qmailpop3d (on
> tcpserver)?
> There are some problems when try to fix configure script given on lwq.
> difference from RH is that slack have /etc/rc.d/ instead /etc/init.d/
> and also files rc. instead of rc.dX dir's.
>
> greetz
>
>

Information

[Cleiton Luiz Siqueira]

Hi all,
    I just started using qmail 1.03 a week ago too, I
have had some problems with it,
and I've not found in the FAQ the solutions for these problems.
    Qmail is using postgres to authenticate the users.
The authentications is working
well.
    I used checkpassword daemon to connect in the database
and authenticate the
users.
    My problems are with SMTP. I installed the "qmail-1_03.tgz"
package in a
FreeBSD 3.4  Box. When I send a message for a local user, this
message doesn't
get in the mailbox. And the qmail-send answer me that the mailbox doesn't
exist, but
the mailbox exist, and it is with the right permissions. I use qmail
with maildir option.
    The domain is in the locals, me and rcpthosts files.
    I've started pop3 and smtp in the inetd.conf file
with the follow lines:
pop3 stream tcp nowait root /var/qmail/bin/qmail-popup
qmail-popup ab.com.br /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env
tcp-env /var/qmail/bin/qmail-smtpd
    I use the shell script in the /usr/local/etc/rc.d/qmaild.sh
with the follow lines:
#!/bin/sh
# Using splogger to send the log through syslog.
# Using qmail-local to deliver messages to ~/Mailbox
by default.
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start ./Maildir splogger qmail &
    Another thing is when I send a message from the local
network to other domains,
it answers me that these domains aren't in the rcpthosts files, but
it's is very strange!!!
    Can you imagine if  I put in the rcpthosts
files whole the domains that exist in the
Internet networking?
    I understood that the rcpthosts file is to avoid
spam from the other networks,
and not to filter the destination addresses.
    If you could help me about it I would thank.
 
Regards Cleiton.
 

Re: ORBS helps hackers to break into srevers

[Piotr Kasztelowicz]

On Mon, 20 Nov 2000, Adam McKenna wrote:

> Hello, this list is for discussion of qmail, if you wish to discuss orbs
> please take this to SPAM-L or elsewhere.

The answer for all subscibers, Adam, I am not sure that this is disscusion
for spam-l rather than qmail list.

Qmail is one MTA only, which suports and propagates ORBS "moral" and
technical thus availablility to connect with qmail platform to ORBS
and reject mail from listed by ORBS hosts.

Neither sendmail nor postfix is interested with ORBS anty-spam system
and don't support ORBS. The ORBS system is also by sendmail's and
postfix's team not accepted. There only qmail administrators may
use ORBS.

If qmail team will resign to support ORBS their criminal story
will be finished. Also you as qmail propagator too has more
to deceide with them. This is also great question to you. 

In my opinion ORBS - there are hackers supporters and first of
all the hackers use the effects of its test to search "good" for
hacking hosts. I have presented it on this list. Addtionaly - this
is difficult to discuss with ORBS, while no person's name, who
manage with them has been listed on ORBS WWW page.
This is realy last posting form me on this subject and I think
all has been said. I hope to be reason to think about this problem,
which depends me personal and as I suppose the many host's admin

Piotr Kasztelowicz, MD
Vicepresident of Polish Medical Internet Society
---
Piotr Kasztelowicz <[EMAIL PROTECTED]>
[http://www.am.torun.pl/~pekasz]

Slackware

[Luka Gerzic]

Does anyone have a slackware startup scripts for qmail w/ qmailpop3d (on
tcpserver)?
There are some problems when try to fix configure script given on lwq.
difference from RH is that slack have /etc/rc.d/ instead /etc/init.d/
and also files rc. instead of rc.dX dir's.

greetz

Re: Hop count problem in qmail-send

[Richard van den Berg]

markd wrote: 
>> I just started using qmail 1.03 a week ago, and made some interesting
>> discovery. I had the following .qmail file:
>> 
>> | preline formail -I "Bcc: `some/script`" | qmail-inject
>> 
>> Obviously, this causes a loop since qmail-inject will try to deliver to
> 
> Hmm. When I try the same pipeline I get a bounce alerting me to a loop due
> to a potentially duplicate Delivered-To: header. Specifically:
> 
> This message is looping: it already has my Delivered-To line. (#5.4.6)
> 
> And this is precisely what I'd expect as qmail has very good loop detection.

Good point. I rechecked my faulty .qmail file, and it actually reads:

| formail -I "Bcc: `some/script`" | qmail-inject

I discovered the use of preline after I made the loop. So much for the
"very good loop detection" of qmail. One can argue that when you don't
use preline, you have misconfigured qmail, but isn't a mailloop always a
misconfiguration?

>> the Bcc: addresses as well as to the original To: line. The interesting
>> bit is that this filled up the /var/mail file system rather quickly.
>> What happend is that:
>> 
>> 1) qmail-inject queues a mail for the original To: address
>> 2) qmail-send delivers this mail using qmail-lspawn to this same .qmail
>> file
>> 3) goto 1
> 
> There's an important point you've missed. Step 2a where qmail-lspawn uses
> qmail-local to deliver the mail to .qmail. qmail-local will not deliver
> a mail that already has the same Delivered-To: header that it wants to
> generate.

This is the catch; without preline, there is no Delivered-To: header.
I'd figure qmail-local (or any of the steps before it) would also check
the hop count.

> Alternatively the formail invocation
> is somehow removing the Delivered-To: heades.

Right on the money. Why is it safe/smart for qmail to depend on this
header?

> Have you the full headers of one of those bounces?

I'm afraid they got lost with the rest of the 100Mb I had to chuck. If I
remeber correctly, there were a lot of MBOX lines and a lot of Received:
lines inserted by my local qmail. This is how the remote smtpds counted
the number of hops, I guess.

Sincerely,

Richard

Re: SMTP on a port other than 25

[Ricardo Cerqueira]

> 
> a propos tcpserver with smtp - on Solaris, where zero '0' before
> smtp word has been written the program not works. So we uses it
> without to write in command this '0' writting only nummber of port
> and 'smtp' 
> 

Errr... and it works??? Those args are supposed to be "IP address" and
"port". 0 stands for "all interfaces", and "smtp" stands for 25.
If you're writing "25 smtp"... It's NOT supposed to be bound to any
interface (is there any kind of int in solaris responding as 25?)

RC

-- 
+---
| Ricardo Cerqueira  
| PGP Key fingerprint  -  B7 05 13 CE 48 0A BF 1E  87 21 83 DB 28 DE 03 42 
| Novis  -  Engenharia ISP / Rede Técnica 
| Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal
| Tel: +351 2 1010  - Fax: +351 2 1010 4459

 PGP signature

qmail Digest 20 Nov 2000 11:00:01 -0000 Issue 1189

[qmail-digest-help]

qmail Digest 20 Nov 2000 11:00:01 - Issue 1189

Topics (messages 52467 through 52516):

URGENT !  custom footer with qmail
52467 by: reach_prashant.mail.zeenext.com
52468 by: Olivier M.

[newbie question] IP logging?
52469 by: Stefan Laudat
52481 by: Steve Kapinos

defaulthost is ignored
52470 by: Sebastian Steinlechner

Re: secrets and lies
52471 by: Pavel Kankovsky
52472 by: Pavel Kankovsky
52476 by: Raul Miller
52477 by: Andy Bradford
52499 by: Paul Jarc
52501 by: Adam McKenna

Re: qmail and /var/spool/mail
52473 by: Jose AP Celestino

Re: qmail build problem under SuSE 7.0
52474 by: Jose AP Celestino
52475 by: Erwin Hoffmann
52478 by: David Benfell
52479 by: David Benfell
52480 by: Adam McKenna
52487 by: David Benfell
52488 by: Jose AP Celestino
52489 by: Adam McKenna
52493 by: David Benfell
52494 by: David Benfell
52495 by: Adam McKenna
52498 by: David Benfell
52500 by: Adam McKenna
52502 by: David Benfell
52508 by: Adam McKenna

SMTP on a port other than 25
52482 by: Phil Barnett
52483 by: Vince Vielhaber
52484 by: Phil Barnett
52485 by: Jose AP Celestino
52486 by: Jose AP Celestino
52490 by: Phil Barnett
52491 by: Piotr Kasztelowicz
52504 by: Amitai Schlair
52505 by: -dsr-
52506 by: -dsr-
52507 by: Amitai Schlair

ORBS helps hackers to break into srevers
52492 by: Piotr Kasztelowicz
52496 by: Alex Pennace
52497 by: Piotr Kasztelowicz
52503 by: Alex Pennace
52513 by: Piotr Kasztelowicz
52514 by: Adam McKenna

deferral: unable_to_chdir_to_maildir. (#4.2.1)
52509 by: Dennis
52510 by: Adam McKenna
52511 by: Amitai Schlair

Re: run file suddenly disappear!!
52512 by: Eric Yu

Hop count problem in qmail-send
52515 by: Richard van den Berg
52516 by: markd.bushwire.net

Administrivia:

To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]

To subscribe to the digest, e-mail:
[EMAIL PROTECTED]

To bug my human owner, e-mail:
[EMAIL PROTECTED]

To post to the list, e-mail:
[EMAIL PROTECTED]


--





  hello friends 


   is it possible to insert custom footer at the end of every mail sent
through my MTA which obviously is qmail-1.03 ,its possible with sendmail
which we were running previously so , now my boss wants this feature , but
i dont know how to implement ,  i am ready to recompile  it if any source
modifications are need then please suggest me which file to modify and on
which line i will have to add my custom footer , i am using qmail-1.03 with
qmail-ldap-2000602.patch  patch which is modifying my qmail-smtpd   so
please guide me what should i do ? 
  

  thanks & regards,
Prashant Desai 





On Sun, Nov 19, 2000 at 07:00:02AM +0300, [EMAIL PROTECTED] wrote:
> 
>is it possible to insert custom footer at the end of every mail sent
> through my MTA which obviously is qmail-1.03 ,its possible with sendmail
> which we were running previously so , now my boss wants this feature , but
> i dont know how to implement ,i am ready to recompile  it if any source
> modifications are need then please suggest me which file to modify and on
> which line i will have to add my custom footer , i am using qmail-1.03 with
> qmail-ldap-2000602.patch  patch which is modifying my qmail-smtpd   so
> please guide me what should i do ? 

you could filter all mails using qmail-scanner, and use it to add
a footer (it now add an X-header: it's probably easy to make
it add a footer).

Olivier
-- 
_
 Olivier Mueller - [EMAIL PROTECTED] - PGPkeyID: 0E84D2EA - Switzerland
qmail projects: http://omail.omnis.ch  -  http://webmail.omnis.ch




How can I see the incoming IPs of my pop3 clients?
Thanks!

-- 
Stefan Laudat 
http://www.pepsicola.ro/~stefan
---
Love is the triumph of imagination over intelligence.
-- H. L. Mencken




If you setup qmail with tcpserver, accustamp, and cyclelog, as per the
HOWTOs, you should be getting logging of qmail-pop3d connections in
/var/log/qmail/qmail-pop3d

-Steve

-Original Message-
From: Stefan Laudat [mailto:[EMAIL PROTECTED]]
Sent: Sunday, November 19, 2000 7:36 AM
To: [EMAIL PROTECTED]
Subject: [newbie question] IP logging?


How can I see the incoming IPs of my pop3 clients?
Thanks!

--
Stefan Laudat
http://www.pepsicola.ro/~stefan
---
Love is the triumph of imagination over intelligence.
-- H. L. Mencken





Hi all,

As my machine running qmail is named senfpott.gysar (a bogus name, used only
in our local network), i

Re: Hop count problem in qmail-send

[markd]

On Mon, Nov 20, 2000 at 08:54:24AM +0100, Richard van den Berg wrote:
> Hi there,
> 
> I just started using qmail 1.03 a week ago, and made some interesting
> discovery. I had the following .qmail file:
> 
> | preline formail -I "Bcc: `some/script`" | qmail-inject
> 
> Obviously, this causes a loop since qmail-inject will try to deliver to

Hmm. When I try the same pipeline I get a bounce alerting me to a loop due
to a potentially duplicate Delivered-To: header. Specifically:

This message is looping: it already has my Delivered-To line. (#5.4.6)

And this is precisely what I'd expect as qmail has very good loop detection.

> the Bcc: addresses as well as to the original To: line. The interesting
> bit is that this filled up the /var/mail file system rather quickly.
> What happend is that:
> 
> 1) qmail-inject queues a mail for the original To: address
> 2) qmail-send delivers this mail using qmail-lspawn to this same .qmail
> file
> 3) goto 1

There's an important point you've missed. Step 2a where qmail-lspawn uses
qmail-local to deliver the mail to .qmail. qmail-local will not deliver
a mail that already has the same Delivered-To: header that it wants to
generate.

In effect. If the same mail ever attempts delivery thru the same .qmail
file more than once it will be detected.

> This goes on indefinately! I soon started getting many bounces from the
> people on the Bcc: list, saying things like "Too many hops 233 (max
> 30)". Yes 233 hops! It seems that nor qmail-inject, qmail-queue,
> qmail-send or qmail-lspawn checks for hop counts. I believe this is a
> bug.

Let me hazard a guess that the mail is actually going out to a remote
recipient in the bcc: list and the delivery at that end is somehow
removing the Delivered-To: headers. Alternatively the formail invocation
is somehow removing the Delivered-To: heades.

Have you the full headers of one of those bounces?


Regards.