OT: Vulnerable MUAs ...
|grep -iE 'microsoft|eudora' |wc -l 1757 I wonder if it would change some MUA's behaviour or the selection criteria of some IT managers if some big lists/list providers would start to block mail from certain MUAs for self defense. For sure it would bring the lawyers in quickly. Regards, Frank
About Security
Hi, You can answer me about Qmail support OSF/Unix (Digital) C2 security ? I cann't checkpassword or authen password pass C2 security. How to about it? Wiroon
Re: CAN'T Send to lists!
* Marco Calistri [EMAIL PROTECTED] [010424 02:45]: I use smtproutes on this way: vger.kernel.org:mail.myisp.com hydra.carleton.ca:mail.myisp.com Why not just :mail.myisp.com Because the problem appears only on 2 or 3 domains all the other are ok. Seemingly, your problem is with sender domains in the message and the envelope, not with which SMTP host you use... Using q(mail)sendmail and smtproutes as for above I had this kind of responses: -- Hi. This is the qmail-send program at linux.ik5bcu.ampr.org. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: Connected to 199.183.24.194 but sender was rejected. Remote host said: 553 5.4.3 For MAIL FROM address [EMAIL PROTECTED] the policy analysis reports DNS error with your source domain. This is pretty clear, isn't it? Use qmail-inject with the -f option to set the sender to the same thing that your MUA gives to qmail on SMTP... I'am not able to discover where the problem is. With the sparse info you've given, nor are we. Yes Johan you're right btw now I switched back to qmail-SMTP and now the mail goes accepted;I'm sorry because I'd like q(mail)sendmail features to use Mail-Follow-Up that using qmail-SMTP I loose. -Johan -- Johan Almqvist http://www.almqvist.net/johan/qmail/ PGP signature
Re: questions about an exploit
[Replying via webmail...could be messy] Paul, That bug if I remember right was found a little over a year ago. I believe it was patched in vpopmail quite some time ago. Please someone correct me if I am wrong as this is of the _utmost_ importance. As a side note, I had a machine attacked recenly with a pseudo-successful compromise and the only three services that could be seen outside the firewall were proftpd 2.1.0rc3 and qmail SMTP and qpop3D. (ssh was also there) Are best guess right now is that it was an attack from a user who has ssh access on the system...other then that, those three/four ports should not have been the source of the compromise -- certainly not qmail or qpop3d -- maybe proftpd. -- Just a heads up to people... -davidu Hello everyone, I just came across some website stating that qmail-pop3d + vchkpw contains a particular exploit. http://www.ktwo.ca/c/qmail-pop3d-vchkpw.c Has this been patched already? Is it a qmail problem or a vpopmail problem? Rgds, Paul ""
Re: how to _delay_ failed authentication
On Tue, Apr 24, 2001 at 11:48:09AM +0700, Kittiwat Manosuthi wrote: Anybody know how to delay failed authentication attempts to prevent brute force pwd cracking on POP3 server using qmail vpopmail? That is completely useless, because of concurrency. Greetz, Peter.
VIRUS TROUVE : Re: Very slow qmail response
Panda Antivirus a trouvé les virus suivants dans le message : Envoyé par :Forrest Sutton Adresse : [EMAIL PROTECTED] Pour : [EMAIL PROTECTED] Sujet : Re: Very slow qmail response Date : 24/04/2001 05:00:43 THIS MESSAGE CONTENT VIRUS !!! Fichier : Emanuel.exe Virus : W32/Navidad.B Renommé http://www.pandasoftware.com winmail.dat
qmail Digest 24 Apr 2001 10:00:00 -0000 Issue 1344
qmail Digest 24 Apr 2001 10:00:00 - Issue 1344 Topics (messages 61146 through 61326): Quest about msg-to: 61146 by: Roy Svendsen Re: qmail-pop3d not working? 61147 by: Brett Randall 61200 by: Steven Katz 61201 by: Michael T. Babcock 61212 by: Michael T. Babcock 61226 by: Dave Sill 61229 by: Steven Katz 61235 by: Steven Katz Re: mailing list software to use with qmail? 61148 by: Brett Randall user masquerading 61149 by: Roberto Zanasi Re: Trying to install qmail 61150 by: Dave Sill Re: how to send attaching in qmail using perl 61151 by: David Young 61247 by: Medi Montaseri 61287 by: Forrest Sutton Re: Can't establish SMTP connection (Error 4.4.1) 61152 by: jessica 61154 by: jessica 61236 by: Willy De la Court 61255 by: Andy Bradford 61257 by: Henning Brauer 61274 by: Forrest Sutton 61276 by: Forrest Sutton Re: Qmail and Procmail 61153 by: jessica 61275 by: Forrest Sutton Mail cleansing program 61155 by: jessica 61277 by: Forrest Sutton Re: I am back to square ONE... 61156 by: jessica 61191 by: Bob Greene 61278 by: Forrest Sutton ScanMail Message: To Recipient virus found and action taken. 61157 by: System Attendant 61166 by: System Attendant 61173 by: System Attendant 61178 by: System Attendant 61181 by: System Attendant 61185 by: System Attendant 61187 by: Alex Pennace 61189 by: System Attendant 61199 by: System Attendant 61203 by: System Attendant 61211 by: System Attendant 61230 by: Vincent Schonau 61231 by: David Young 61241 by: System Attendant 61246 by: System Attendant 61252 by: Alex Pennace 61254 by: Robin S. Socha 61260 by: denis 61261 by: Aaron L. Meehan 61296 by: System Attendant 61298 by: System Attendant 61300 by: System Attendant 61303 by: System Attendant 61307 by: System Attendant Re: How to block an email id in qmail? 61158 by: jessica 61279 by: Forrest Sutton Re: Very slow qmail response 61159 by: jessica 61161 by: jessica 61196 by: NDSoftware 61280 by: Forrest Sutton 61283 by: Forrest Sutton Re: tcpserver help 61160 by: jessica 61194 by: Michelle Leonard 61206 by: NDSoftware 61238 by: Henning Brauer 61239 by: Andy Bradford 61245 by: Alex Pennace 61282 by: Forrest Sutton Virus found in message Re: Can't establish SMTP connection (Error 4.4.1) 61162 by: System Anti-Virus Administrator 61174 by: System Anti-Virus Administrator Re: Hide firewall ? 61163 by: jessica 61207 by: Deslions Nicolas 61209 by: NDSoftware 61256 by: Chris Johnson 61284 by: Forrest Sutton Antigen found W32/Navidad.e@M (McAfee4,CA(InoculateIT)) virus 61164 by: ANTIGEN_ITMAILMAN2 61170 by: ANTIGEN_ITMAILMAN2 61188 by: ANTIGEN_ITMAILMAN2 61192 by: ANTIGEN_ITMAILMAN2 61202 by: ANTIGEN_ITMAILMAN2 61213 by: ANTIGEN_ITMAILMAN2 61290 by: ANTIGEN_ITMAILMAN2 61292 by: ANTIGEN_ITMAILMAN2 61294 by: ANTIGEN_ITMAILMAN2 61297 by: ANTIGEN_ITMAILMAN2 61302 by: ANTIGEN_ITMAILMAN2 61305 by: ANTIGEN_ITMAILMAN2 61308 by: ANTIGEN_ITMAILMAN2 61315 by: Jeremy Suo-Anttila Re: qmail, qmail-command and procmail 61165 by: jessica 61285 by: Forrest Sutton qmail-qread and qmail-qstat as suid root... 61167 by: jessica 61215 by: Michelle Leonard 61220 by: NDSoftware 61286 by: Forrest Sutton Re: FOUND VIRUS IN MAIL from [EMAIL PROTECTED] to [EMAIL PROTECTED] 61168 by: Brett Randall 61218 by: Jankok, Lucio 61228 by: Michael Peppard Virus found in message Re: Qmail and Procmail 61169 by: System Anti-Virus Administrator 61234 by: Mads E Eilertsen 61262 by: Jason Haar Re: Domain name added twice 61171 by: Charles Cazabon VIRUS ALERT 61172 by: Alan R. 61237 by: S.P. Hoeke 61240 by: Andy Bradford Re: Can I force a download on POP 61175 by: Charles Cazabon Antigen found W32/Navidad-B (Sophos,Norman) virus 61176 by: ANTIGEN_ITMAILMAN2 61180 by: ANTIGEN_ITMAILMAN2 61183 by: ANTIGEN_ITMAILMAN2 61198 by: ANTIGEN_ITMAILMAN2 61208 by: ANTIGEN_ITMAILMAN2 61217 by: ANTIGEN_ITMAILMAN2 61288 by: ANTIGEN_ITMAILMAN2 61291 by: ANTIGEN_ITMAILMAN2 61293 by: ANTIGEN_ITMAILMAN2 61295 by: ANTIGEN_ITMAILMAN2 61299 by: ANTIGEN_ITMAILMAN2 61304 by: ANTIGEN_ITMAILMAN2 61306 by: ANTIGEN_ITMAILMAN2 Re: E-MAIL-SCAN:VIRUSWARNUNG! IN
qmail-pop3d not handling enough messages
hy! i've gat a qmail-system with vpopmail, using the qmail-pop3d as popper. my problem is, that the number of messages in my cur grew up to 23240 and now i cant get them anymore, the pop3d gives out an error like cant change to $Home/Maildir.. anyone help? thx thomas
User Masqurading
Is it possible to masqurade users like this root@my_private_domain - [EMAIL PROTECTED] only when the email goes outside of my private domain that is non registered? I'm using qmail-1.03. I want emails within my domain to not be masquraded. I would want qmail mail to do this not my email client. Is this possible? I haven't seen any documentation that describes how to do this. Thanks
forwarding to more than one mailbox ?
Hi, i have a qmail installation with vpopmail + sqwebmail + qmailadmin working now, i would like to forward to more than one mailbox at the same time... is there any possibilities in qmailadmin ? i found a way to do that by adding a dot qmail file in the user directory and adding some + forward e-mail address in it. I have tried it yet, am i alright ? Thanks. Fred.
It's not my list but ... (AV Bots)
It isn't my list, but if it was I would add the IP addresses of any servers that sent a virus warning to my list into my tcp rules block list.
Ban These Exchange Server Users
If you noticed, all the Virii Reject Messages are from Exchange Servers... QMAIL anti-Virus Scanning like qmail-scanner says [This message was _not_ sent to the originator, as they appear to be a mailing-list or other automated Email message] I know you all are so against it... but don't you think it's time to re-consider installing a scanner on Mailing Lists? probably would have saved a GB of traffic yesterday and today... I could see this as a Denial of Service Attack against a mailing list.. bombing it with viruses to watch all the subscribers reject all the viruses
RE: .qmail alias file with an underscore in the entry...
I have taken a look at my maillog and strangely enough, I do get a report that the delivery proceeded without any problems. Yet I never get the email... BUT if I try sending an email directly to the Hotmail address using pine (sending it to [EMAIL PROTECTED] instead of root@ for example), the message gets there OK (the maillog for both methods are identical, though). I guess it might be a Hotmail problem or something. I will try to open an webmail account with another provider to see if I get the same behavior. Thanks anyway! -Cleo Have you tried prefixing the email address with to make sure qmail knows it's an email address to forward to? Can you post logs of what happens when you try emailing root@? __ Chris Bolt [EMAIL PROTECTED] http://www.bolt.cx -Original Message- From: Cleo Macy [mailto:[EMAIL PROTECTED]] Sent: Monday, April 23, 2001 8:33 PM To: [EMAIL PROTECTED] Subject: .qmail alias file with an underscore in the entry... Hi, I've looked in the qmail FAQ but have not found an answer to my question. I hope someone out there can help me. I have tried creating an alias for the root user on my FreeBSD system, but have noticed that if I put an email address with an underscore in it, such as [EMAIL PROTECTED], in the /var/qmail/alias/.qmail- root file, the mail never gets forwarded to that address. But the forwarding seems to works fine with any other address that doesn't contain an underscore. Is this a limitation of the qmail alias mechanism? If so, is there a workaround? If not, what am I doing wrong? Thanks! -Cleo
Re: It's not my list but ... (AV Bots)
Bruno == Bruno Wolff [EMAIL PROTECTED] writes: It isn't my list, but if it was I would add the IP addresses of any servers that sent a virus warning to my list into my tcp rules block list. Or simply strip the attachments to any messages... That'd be my ideal choice. Keep the list relatively text-only (HTML to some degree), have no virii problems and keep total bandwidth usage down. Overheads are obvious, but at least for each e-mail to the list, the attachment would just have to be stripped when it arrived (a relatively simple Perl script could do it, or a compiled C program if you're after efficiency). I think this overhead is minor compared to the headache of virii warnings over the last couple of days (thank God for Gnus scoring :) -- ^X^C q quit :q ^C end x exit ZZ ^D ^Z ^K^B ? help
Re: Ban These Exchange Server Users
Robert Mudryk [EMAIL PROTECTED] writes: If you noticed, all the Virii Reject Messages are from Exchange Servers... QMAIL anti-Virus Scanning like qmail-scanner says [This message was _not_ sent to the originator, as they appear to be a mailing-list or other automated Email message] I know you all are so against it... but don't you think it's time to re-consider installing a scanner on Mailing Lists? No, I think it's time to kick everyone running one of those broken scanners that mails the mailing list off of the mailing list. I could see this as a Denial of Service Attack against a mailing list.. bombing it with viruses to watch all the subscribers reject all the viruses Good reason to remove every person using such a scanner from the mailing list. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/
Re: It's not my list but ... (AV Bots)
* Bruno Wolff III [EMAIL PROTECTED] [010424 09:31]: It isn't my list, but if it was I would add the IP addresses of any servers that sent a virus warning to my list into my tcp rules block list. Well, this one feature in Windows has created more traffic than qmail over the last 24h. Anyway, your suggestion is wrong. If the admin of a central mailserver is a) stupid enough to run Windows b) stupid enough to use a virus scanner c) stupid enough to run a misconfigured mail notificication we have a clear case of MCSE, but that's no reason to punish the users of that server. Again: the problem is on the server side (i.e. administrators running Exchange on Win2k or whatever the the lates hype is) here, not on the users'. -- Robin S. Socha http://my.gnus.org/ - To boldly frobnicate what no newbie has grokked before.
Re: CAN'T Send to lists!
Marco Calistri [EMAIL PROTECTED] wrote: Hello,sorry to disturb for so stupid questions but I cannot send messages to some mailing list servers: [EMAIL PROTECTED] I can't speak to the other hosts you mentioned, but vger is run with some very interesting policies for accepting mail, primarily because they host the linux-kernel mailing list (among others). The admins there have all sorts of filtering rules, and they use the RBL (and possibly RSS, and maybe ORBS, I can't remember) to stop the huge amount of spam people try to get through to the lists there. If you have specific questions about what parts of their policies might be dropping your submissions, try writing to Matti Arnio (sp?). I don't have an email address for him at the moment, but he's easy to find by searching the l-k archives. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: .qmail alias file with an underscore in the entry...
Cleo Macy [EMAIL PROTECTED] wrote: I have taken a look at my maillog and strangely enough, I do get a report that the delivery proceeded without any problems. Yet I never get the email... BUT if I try sending an email directly to the Hotmail address using pine (sending it to [EMAIL PROTECTED] instead of root@ for example), the message gets there OK (the maillog for both methods are identical, though). It's the Hotmail Inbox protector feature. If you send mail directly to a Hotmail address with your MUA, the recipient's address shows up in both the envelope, and in the headers of the message (in the To: or cc: header). If instead you have a forward directive going to a Hotmail account, the hotmail address doesn't show up in the To: or cc: headers, and Hotmail accepts but silently drops the message, if the recipient has the Inbox protector feature enabled. In short, it's not qmail's fault. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: Ban These Exchange Server Users
Russ == Russ Allbery [EMAIL PROTECTED] writes: Robert Mudryk [EMAIL PROTECTED] writes: If you noticed, all the Virii Reject Messages are from Exchange Servers... QMAIL anti-Virus Scanning like qmail-scanner says [This message was _not_ sent to the originator, as they appear to be a mailing-list or other automated Email message] I know you all are so against it... but don't you think it's time to re-consider installing a scanner on Mailing Lists? No, I think it's time to kick everyone running one of those broken scanners that mails the mailing list off of the mailing list. While this might serve as a deterrent for some users, most are smart enough to realise that all they have to do is re-subscribe. Most people run their own servers, so they can just as easily add their own new account for the list. Sure, we can ban a whole domain, but there are nicer ways to be a Nazi than this... -- Microsoft Works. - Oxymoron
Re: questions about an exploit
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote: As a side note, I had a machine attacked recenly with a pseudo-successful compromise and the only three services that could be seen outside the firewall were proftpd 2.1.0rc3 and qmail SMTP and qpop3D. (ssh was also there) Are best guess right now is that it was an attack from a user who has ssh access on the system...other then that, those three/four ports should not have been the source of the compromise -- certainly not qmail or qpop3d -- maybe proftpd. Proftpd has had several remote root exploits over the last eighteen months or so. Granted, the reported ones have been fixed, but with that kind of a track record, what are the chances that there are zero vulnerabilities left? I'd strongly suspect proftpd in this case. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
RE: qmail-pop3d not working?
Does anyone have any idea why pop would stop delivering 15 minutes after rebooting? I've provided my findings below. Thanks again for any help you may provide. You're a great list! Steven -Original Message- From: Steven Katz [EMAIL PROTECTED] Sent: Monday, April 23, 2001 10:19 AM To: [EMAIL PROTECTED] Subject: RE: qmail-pop3d not working? It seems to be only pop that stops working after 15 minutes, as messages are piling up in the Maildirs. My mail client reports: A timeout occurred while communicating with the server. (Account: '[EMAIL PROTECTED]', POP3 Server: 'mail.idma.com', Error Number: 0x800ccc19). At which point, doing 'sh -x /var/qmail/supervise/qmail-pop3d/run' gives me: tcpserver: fatal: unable to bind: address already used My /qmail-pop3d/run file looks like: #!/bin/sh exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -R 0 pop3 /var/qmail/bin/qmail-popup \ idma.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir 21 Doing 'ps auxw | grep pop3' gives me: root 593 0.0 0.4 1272 344 ?SN 08:06 0:00 supervise qmail-pop3d root 601 0.0 0.6 1344 512 ?SN 08:06 0:00 /usr/local/bin/tcpserver -v -R 0 pop3 /var/qmail/bin/qmail-popup idma root 10162 0.0 0.6 1344 516 ?SN 08:24 0:00 /usr/local/bin/tcpserver -v -R 0 pop3 /var/qmail/bin/qmail-popup idma root 31977 0.0 0.7 1556 616 pts/0S08:38 0:00 grep pop3 Doing 'cd /var/qmail/supervise svstat qmail-smtpd' gives me: qmail-smtpd: up (pid 596) 1962 seconds Doing 'ls -l ~/* | grep Maildir --after-context=4' gives me: /home/steven/Maildir: total 16 drwxrwxr-x2 steven steven 4096 Apr 21 23:22 cur drwxrwxr-x2 steven steven 8192 Apr 23 08:36 new drwxrwxr-x2 steven steven 4096 Apr 23 08:36 tmp -Original Message- From: Steven Katz [EMAIL PROTECTED] Sent: Monday, April 23, 2001 9:32 AM To: [EMAIL PROTECTED] Subject: RE: qmail-pop3d not working? Uh oh-- I may have celebrated too soon. For some reason, I can send but can't receive 15 minutes after rebooting. Does that sound familiar to anyone? Steven
Re: qmail-pop3d not working?
Steven Katz [EMAIL PROTECTED] wrote: Does anyone have any idea why pop would stop delivering 15 minutes after rebooting? It sounds odd. I can't think of a reason offhand which would cause this. However, something else odd struck me: Doing 'ps auxw | grep pop3' gives me: [...] /usr/local/bin/tcpserver -v -R 0 pop3 /var/qmail/bin/qmail-popup idma root 10162 0.0 0.6 1344 516 ?SN 08:24 0:00 /usr/local/bin/tcpserver -v -R 0 pop3 /var/qmail/bin/qmail-popup idma root 31977 0.0 0.7 1556 616 pts/0S08:38 0:00 You have two tcpserver instances, both trying to bind to the same interface(s) and port. At least one of those _has_ to be failing, and it should be showing up in your logs. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: qmail-pop3d not handling enough messages
On Tue, Apr 24, 2001 at 01:44:32PM +, Thomas Ackermann wrote: i've gat a qmail-system with vpopmail, using the qmail-pop3d as popper. my problem is, that the number of messages in my cur grew up to 23240 and now i cant get them anymore, the pop3d gives out an error like cant change to $Home/Maildir.. You mean -ERR unable to scan $HOME/Maildir, right? Oh, well. It's been a year, so i might just repeat it completely. See below. I don't remember getting feedback whether the suggested change to prioq.c really made a difference. the adjust your resource limit is done with softlimit, if you use daemontools. Regards, Uwe Date: Tue, 28 Mar 2000 18:20:01 + From: Uwe Ohse [EMAIL PROTECTED] To: Gary Richardson [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: qmail-pop3 problems with 'large' accounts Message-ID: [EMAIL PROTECTED] References: [EMAIL PROTECTED] In-Reply-To: [EMAIL PROTECTED]; from [EMAIL PROTECTED] on Tue, Mar 28, 2000 at 09:25:26AM -0800 On Tue, Mar 28, 2000 at 09:25:26AM -0800, Gary Richardson wrote: I'm having problems with a pop user checking their. There are around 12000 emails in their MailDir directory and I get the following error when I try to download them: -ERR unable to scan $HOME/Maildir Connection closed by foreign host. out of memory. qmail-pop3d needs space for 12000 filenames, with maybe 30 characters each (depending on the length of the hostname part of the file name), plus 5 (new/\0), plus another 8 bytes for meta information, accounting for about 50 bytes of memory, plus whatever your C library needs, plus whatever the kernel needs. Unfortunately qmail-pop3d suffers from memory fragmentation, so the actual memory usage is somewhat higher. You might get a far better behaviour if you change the number 100 in the line GEN_ALLOC_readyplus(prioq,struct prioq_elt,p,len,a,i,n,x,100,prioq_readyplus) in prioq.c to, say, 5000, and recompile qmail-pop3d, and install that and only that - the change will eat 5000*8 bytes in qmail-send. Or: Adjust your resource limits. Or: clean up your mail dir. pop3 wasn't designed to deal with that number of messages anyway (as wasn't maildir). Regards, Uwe
Re: .qmail alias file with an underscore in the entry...
Duh! Do I feel stupid! Of course! I turned off the Inbox Protector feature on the Hotmail account, and sure enough, there is the forwaded message. Thanks a lot! -Cleo Cleo Macy [EMAIL PROTECTED] wrote: I have taken a look at my maillog and strangely enough, I do get a report that the delivery proceeded without any problems. Yet I never get the email... BUT if I try sending an email directly to the Hotmail address using pine (sending it to [EMAIL PROTECTED] instead of root@ for example), the message gets there OK (the maillog for both methods are identical, though). It's the Hotmail Inbox protector feature. If you send mail directly to a Hotmail address with your MUA, the recipient's address shows up in both the envelope, and in the headers of the message (in the To: or cc: header). If instead you have a forward directive going to a Hotmail account, the hotmail address doesn't show up in the To: or cc: headers, and Hotmail accepts but silently drops the message, if the recipient has the Inbox protector feature enabled. In short, it's not qmail's fault. Charles -- -- - Charles Cazabon [EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. -- -
Re: It's not my list but ... (AV Bots)
Robin S. Socha([EMAIL PROTECTED])@2001.04.24 09:59:25 +: we have a clear case of MCSE, but that's no reason to punish the users of that server. MCSE = management can't send email (?) ;-) Again: the problem is on the server side (i.e. administrators running Exchange on Win2k or whatever the the lates hype is) here, not on the users'. yup, but software that sends mail on it's own behalf to arbitrary adresses is considered broken and therefor has to be removed. ah, yes, there actually is an application for actually using exchange (imho the only one): X.400 based messaging services for legacy backend networks. /k -- The idea that Bill Gates has appeared like a knight in shining armour to lead all customers out of a mire of technological chaos neatly ignores the fact that it was he who, by peddling second-rate technology, led them into it in the first place. -- Douglas Adams in Guardian, August 25, 1995 KR433/KR11-RIPE -- http://www.webmonster.de -- ftp://ftp.webmonster.de [Key] [KeyID---] [Created-] [Fingerprint-] GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46
issue receiving email
I have a couple of clients that are experiencing a strange problem when checking mail on our server. When they click send/receive sometimes it immediately downloads their email, but other times it brings up a dialog box asking them for their user name and password. The user name and password are already filled in. When they click ok, it sometimes takes 5 or 6 times before it goes through. Other times they click ok once and it connects fine. Any suggestions? Robert.
ezmlm-idx? (was: ScanMail Message: To Recipient virus found and action taken.)
* Aaron L Meehan [EMAIL PROTECTED] writes: Quoting Alex Pennace ([EMAIL PROTECTED]): Am I the only one that finds it ironic that a list for a Unix MTA is plagued by a Windows mail trojan and a mail scanner eager to tell recipients about the disposition of the message? which is why I use the following procmail rules given to me at some point by another list member and slightly modified. I decided to put them in after the last round of newbie whining about us being too tough on them ;-) Turns out I don't see any of these virus things. [/dev/null recipe] What would that look like as a maildrop rule or filter rule for Courier? Anyway, those rules are nicely filtering out all the cruft. :) Well, yes, but... Personally, I think it would be nice if the cr.yp.to lists were running ezmlm-idx with at least vcard, html, and everything MS-binary in mimeremove. That would rid them of these braindamages once and for all. For the uninitiated: , | (robin@radioactive):(~/lists)$ head -n3 test/mimeremove | application/excel | application/rtf | application/msword ` Sorry to those folks that have to use them at work (never find me taking a job like that). Those that use them by choice, well, get a real MUA. The SNR is just too high! More or less true. The clueful people here are using mutt, VM and Gnus. I wonder what DJB himself uses, but it appears to be mutt as well (pretty obvious choice - it would take him days to tweak cc-mode in Emacs }:-). -- Robin S. Socha http://my.gnus.org/ - To boldly frobnicate what no newbie has grokked before.
Re: Vulnerable MUAs ...
* David Talkington [EMAIL PROTECTED] writes: Charles Cazabon wrote: I daresay the majority of people on this list are clueful enough to not run vulnerable email clients. In a quick not-quite-scientific survey of 6,757 messages in my qmail-list folder: pnet4:djb 522 $ grep -i ^X-Mailer: qmail \ |grep -iE 'microsoft|eudora' |wc -l 1757 You forgot something, David... Message-ID: [EMAIL PROTECTED] -- find pine4.33 -type f | xargs egrep '(sprintf|strcpy|strcat)' | wc -l 3817 Now, why on earth are *you* running qmail instead of sendmail? }:- -- Robin S. Socha http://my.gnus.org/ - To boldly frobnicate what no newbie has grokked before.
Re: It's not my list but ... (AV Bots)
At 09:54 AM 4/24/01, Brett Randall wrote: Or simply strip the attachments to any messages... That'd be my ideal choice. Keep the list relatively text-only (HTML to some degree), have no virii problems and keep total bandwidth usage down. Overheads are obvious, but at least for each e-mail to the list, the attachment would just have to be stripped when it arrived (a relatively simple Perl script could do it, or a compiled C program if you're after efficiency). On an ezmlm list, stripping MIME attachments is as simple as saying 'Hey, don't let any MIME attachments through'. Stripping uuencoded attachments is equally simple - you just add |/usr/bin/uudecode -o /dev/stdout /dev/null 21 { echo Attachments Prohibi ted; exit 100; }; exit 0 to DIR/editor. I'm not sure what kind of overhead this generates, but we host several lists that all have volumes equal to or greater than this list, and I've never noticed a problem. Setting a maximum message size helps also. That's probably not a good idea on a tech list, though, as messages including debugging information can be rather long sometimes. The real answer, of course, is lose Outlook, and stop double-clicking things, but I suppose we're ignoring that for the purposes of this discussion. Todd
Re: Ban These Exchange Server Users
Hi, I have trouble understanding that you mean. ..., but there are nicer ways to be a Nazi than this... Sorry but this seems for my you are thinking not bad over rassism and the things, that were done in the time from 1993 to 1945. If it is so, this mailinglist is the wrong place to say such things. In germany the isp have to cancel the internetconnection from a user if the hear that the user is providing neonazistic stuff and postings that contains material like that. Regards, Ruprecht
Re: Vulnerable MUAs ...
-BEGIN PGP SIGNED MESSAGE- Robin S. Socha wrote: You forgot something, David... find pine4.33 -type f | xargs egrep '(sprintf|strcpy|strcat)' | wc -l 3817 Now, why on earth are *you* running qmail instead of sendmail? }:- *gulp* Fair enough. =) - -d - -- David Talkington http://www.spotnet.org PGP key: http://www.prairienet.org/~dtalk/dt000823.asc -BEGIN PGP SIGNATURE- Version: PGP 6.5.8 Comment: Made with pgp4pine 1.75-6 iQEVAwUBOuW7Cb1ZYOtSwT+tAQGUagf/QqZh6XreI8cHWX7E4FhKIDLqJDJCHsgo MYLIV5DUwVYl/MgqRdc32ZRXq5MjQU9G8OJ1FjP1lLgMY225RGudNdjnib8moHxI Wov0LQ2jTtzAC9irSF1GUjlRnY+5lOSeRjs54emzpfeAFswwDehQ1EcHOK0qOjgk wbtpH7IkaqLF+4UgkiNmaPNLaGs5K1fLBIQrBltcAqtKbxwbbBv6DYjTkrDt1ody 9lrPndeMu/u66R2WhuhBmkWuYvuTJ6x1qG2xAUKK1lGg6YvE8CVzWH26gSzAPxTz MGrT/GiezmpCJsPRxAPGavEW099UNJ59Hr/TbWw1XZM70V5D4E+efA== =U2rT -END PGP SIGNATURE-
Re: Ban These Exchange Server Users
On Tue, Apr 24, 2001 at 06:50:30PM +0200, Ruprecht Helms wrote: [Brett's comments about being Nazi towards retarded mail servers and their users] Sorry but this seems for my you are thinking not bad over rassism and the things, that were done in the time from 1993 to 1945. If it is so, this mailinglist is the wrong place to say such things. In germany the isp have to cancel the internetconnection from a user if the hear that the user is providing neonazistic stuff and postings that contains material like that. Luckily [EMAIL PROTECTED] and Brett Randall aren't in Germany, and don't have to contend with such drastic restrictions of expression. That being said, he was talking about Nazi-like actions, not Nazis themselves.
Re: It's not my list but ... (AV Bots)
On Tue, 24 Apr 2001 08:35:10 CDT, Bruno Wolff III wrote: It isn't my list, but if it was I would add the IP addresses of any servers that sent a virus warning to my list into my tcp rules block list. Unfortunately that won't work. The email is sent to a list exploder and never directly delivered to your mail server. So, this would only be useful on the list server. :-) Andy
Re: Ban These Exchange Server Users
On Tue, Apr 24, 2001 at 06:50:52PM +0200, Ruprecht Helms wrote: If it is so, this mailinglist is the wrong place to say such things. In germany the isp have to cancel the internetconnection from a user if the hear that the user is providing neonazistic stuff and postings that contains material like that. Ähhh ... no. Not even close. Even germans may discuss about nazis. And even german ISPs don't cancel accounts if they hear that Please stop spreading misinformation. And please stop partitiating in discussings in which somebody refered to nazis if these discussions aren't about nazis. It's common knowledge that anybody who reaches that level will have his karma reduced to 0 and will receive all the misfortune he deserves. Apart from that he'll be killfiled. Regards, Uwe (working for a german ISP) P.S.: regarding $subject: sounds tempting
Re: Ban These Exchange Server Users
On Tue, Apr 24, 2001 at 01:44:23PM -0400, Alex Pennace wrote: Luckily [EMAIL PROTECTED] and Brett Randall aren't in Germany, and don't have to contend with such drastic restrictions of expression. There aren't. we have to make websites unavailable once we get informed that they are violating german law (and they really do). Using Nazi-symbols or telling people KZ's weren't existing are against laws, for example. Most providers in germany ar explicitely stating they won't host any nazi-stuff, and that's good IMHO. We don't need to make people using the word nazi or something like that disconnected or so. And that's also good IMHO. Ruprecht just didn't get the meaning right. But that's _far_ OT, so let's stop the discussion. -- Henning Brauer | BS Web Services Hostmaster BSWS| Roedingsmarkt 14 [EMAIL PROTECTED] | 20459 Hamburg http://www.bsws.de | Germany
Re: Ban These Exchange Server Users
* Ruprecht Helms [EMAIL PROTECTED] writes: Hi, I have trouble understanding that you mean. No. You are trying to be a particularly Good German(tm). The only thing more embarrassing than a Funny German is quite possibly a Good German, though. ..., but there are nicer ways to be a Nazi than this... Sorry but this seems for my you are thinking not bad over rassism and the things, that were done in the time from 1993 to 1945. Get a life, tree-hugger: http://www.tuxedo.org/jargon/html/entry/fascist.html If it is so, this mailinglist is the wrong place to say such things. In germany the isp have to cancel the internetconnection from a user if the hear that the user is providing neonazistic stuff and postings that contains material like that. Don't meddle in the affairs of wiza^Wpolitical scientists, Ruprecht. You are wrong, and - what's worse - you know it. But, eh, you kinda invoked Godwin, and that's good. -- Robin S. Socha http://my.gnus.org/ - To boldly frobnicate what no newbie has grokked before.
Re: Ban These Exchange Server Users
On 24 Apr 2001 06:57:45 PDT, Russ Allbery wrote: I know you all are so against it... but don't you think it's time to re-consider installing a scanner on Mailing Lists? No, I think it's time to kick everyone running one of those broken scanners that mails the mailing list off of the mailing list. Maybe it's time subscriber-only posting was enabled. :-) All of this would have been prevented in this case because non of the AV addresses are subscribers. Andy
Re: how to _delay_ failed authentication
On Tue, Apr 24, 2001 at 11:48:09AM +0700, Kittiwat Manosuthi wrote: Anybody know how to delay failed authentication attempts to prevent brute force pwd cracking on POP3 server using qmail vpopmail? IMHO not out of the box. But you surely could construct something in checkpassword that uses a (process independent) ip related counter and just as you use POP after SMTP to enable relaying you could add ip:deny lines to your tcpserver control file. \Maex -- SpaceNet AG| Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0 Research Development | D-80807 Muenchen| Fax: +49 (89) 32356-299 Stress is when you wake up screaming and you realize you haven't fallen asleep yet.
Re: It's not my list but ... (AV Bots)
On Tue, Apr 24, 2001 at 11:51:02AM -0600, Andy Bradford [EMAIL PROTECTED] wrote: On Tue, 24 Apr 2001 08:35:10 CDT, Bruno Wolff III wrote: It isn't my list, but if it was I would add the IP addresses of any servers that sent a virus warning to my list into my tcp rules block list. Unfortunately that won't work. The email is sent to a list exploder and never directly delivered to your mail server. So, this would only be useful on the list server. :-) That is what I was suggesting. DJB can see what server sent the virus warning messages to the list and block further messages of any kind from being injected from that server. I don't agree that blocking the server is unacceptable because it punishes people forced to use that server. For one thing, people may be using a different server to send mail to the list than the server sending the virus warnings. I don't know that blocking attachments on this list is a great idea. It may be reasonable to send small examples to the list as attachments rather than asking people to go to a web site to see them. Also, not including attachments isn't a guarenty that some virus scanner won't like the subject of your message or find some other reason to send a message to the sender and all recipients of a message.
Attach
Hi everyone!!! How can I put limits for my qmail's user on attached files ? Thanks, Alexandre Gonçalves Jacarandá
Re: Attach
Alexandre Gonçalves Jacarandá [EMAIL PROTECTED] wrote: How can I put limits for my qmail's user on attached files ? This is handled in the qmail mailing list archives, and in the various FAQs. In short, to limit incoming mail sizes, check the manual page for qmail-smtpd. For outgoing mail, it's a lot trickier, but see the archives. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: It's not my list but ... (AV Bots)
Todd Finney [EMAIL PROTECTED] writes: On an ezmlm list, stripping MIME attachments is as simple as ... To be exact: that's only possible with ezmlm-idx. Regards, Frank
Re: Ban These Exchange Server Users
Ruprecht Helms [EMAIL PROTECTED] writes: I have trouble understanding that you mean. Then don't write such nonsense. Frank (also from Germany)
Re: It's not my list but ... (AV Bots)
At 03:44 PM 4/24/01, Frank Tegtmeyer wrote: Todd Finney [EMAIL PROTECTED] writes: On an ezmlm list, stripping MIME attachments is as simple as ... To be exact: that's only possible with ezmlm-idx. Yes, my bad. Todd
timeout downloading mail while connecting to the server using dial-up
Hi! I have a strange problem: I can connect to the qmail server using the internal lan without any problems, but when I am using the dial-up to connect to the server I am getting a timeout error after starting download messages. Outlook is reporting a 60 sec timeout error and doesn't resume the connection. I'm using qmail-smtpd and qmail-pop3 with tcpserver with the ususal tcpserver switches (-l0, -R etc.) Does anywhone know an answer? Please help! The server runs linux mandrake with kernel 2.4.3 and was a clean install with a clean qmail 1.03 installation. Christian
Re: timeout downloading mail while connecting to the server using dial-up
Christian Dressend [EMAIL PROTECTED] wrote: [...] I can connect to the qmail server using the internal lan without any problems, but when I am using the dial-up to connect to the server I am getting a timeout error after starting download messages. Outlook is reporting a 60 sec timeout error and doesn't resume the connection. I'm using qmail-smtpd and qmail-pop3 with tcpserver with the ususal tcpserver switches (-l0, -R etc.) Could be one of numerous problems with Outlook, could be reverse (and possibly forward) DNS lookups. You didn't tell us exactly how you're invoking qmail-smtpd. Check the FAQs and the archives. Chances are this is actually the #1 FAQ on this list. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: incorrect_user@correct_domain accepted
well the issues have been resolved, ( learnt a lot about how different servers handle bounces !!): I was using qmail only for outgoing emails and had a rcpthosts file lying in my /var/qmail/control i hpe you can guess the rest, the bounces from domains aol, schwab were being refused. On fixing the above, the bounces were again getting bounced, and i couldn't send emails from an aol account to an account on my qmail server. The reverse lookup for the external ip address i had wasn't working, fixing that things are running smoothly now! thanks, Ketan - Original Message - From: Ketan Bajaj [EMAIL PROTECTED] To: Ketan Bajaj [EMAIL PROTECTED]; Greg White [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Monday, April 23, 2001 2:32 PM Subject: Re: incorrect_user@correct_domain accepted probably this is what is going wrong: this time i used qmail-remote directly : /var/qmail/bin/qmail-remote schwab.com sender-envelope [EMAIL PROTECTED] qmail-remote exits with the report rK: * rRecipient report: acceptance. KMessage report: success. host has taken responsibility for delivering the message to each acceptable recipient. * Now if sender-envelope address is at my qmail-server, the bounce never comes back. If i change the sender-envelope address to some another address as [EMAIL PROTECTED], a bounce is received at that address!! which may mean either the remote hosts like aol.com and schwab.com are either not able to send the bounce message to the sender-envelope address at my qmail server, which i have been using. (they don't like my server name/ip, but i checked that reverse lookup are fine !) or they are sending the bounce to the envelope, but qmail is not accepting them due to some reasons.. -ketan - Original Message - From: Ketan Bajaj [EMAIL PROTECTED] To: Greg White [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Monday, April 23, 2001 12:26 PM Subject: Re: incorrect_user@correct_domain accepted i tried something more : sent messages to bad_user_names @yahoo.com, hotmail.com. My qmail logs show that they bounce back immediately, with a error code 554 and 550 respectively. which is the correct and expected behaviour. No i try again to [EMAIL PROTECTED] and [EMAIL PROTECTED], i get a 250_ok (remote accepted message) !!! (they should have bounced back). is it that schwab.com, aol.com are delaying the bounce back and sending the bounce back after sending the accept message .. and my qmail logs when it gets the 250_ok message, doesn't write any other error info into logs for the same message id / delivery id. or maybe qmail-remote closes connection with the remote server after seeing a 250_ok message and thus doesn't get the delayed bounce ??? ( i'm sending the email using mailto address, and putting a subject with no message body) as you've mentioned : you see the accept message and followed by a bounce. what i could be possibly missing? is it some sort of qmail-remote configuration?? thanks, Ketan - Original Message - From: Greg White [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, April 22, 2001 1:43 AM Subject: Re: incorrect_user@correct_domain accepted On Sat, Apr 21, 2001 at 01:52:54PM -0700, Ketan Bajaj wrote: i think i haven't been clear enough in explaining the problem... again, A (local smtp server)B (remote smtp server) B is at domain schwab.com, about which i do not know anything, whether it has qmail, sendmail, exchange or anything else. 1. when A is setup as qmail, and remote address is incorrect@B there is no bounce from B and the message is accepted at B. I see this at the qmail logs on A. In sending them a test message, I too see the remote host accept the message, but it promptly bounces it with '550 User Unknown'. Your qmail server is likely configured incorrectly -- you should be seeing the bounces. Please send a message, _headers and all_, that you sent to [EMAIL PROTECTED] from your qmail server... GW
qmail + ezmlm + mysql + linux
Dear All: who have the experience with qmail + ezmlm + mysql + linux? best regards, hongtao
RSS LIST
Dear All: because an american use my mail server (qmail) to spam, the ip of my mail server is now in the RSS list, i have refused some ip to use our smtp to relay, if my smtp server now is not open-relay smtp server. who can help me in this aspect? thank you very much! hongtao
Re: qmail + ezmlm + mysql + linux
uh.. i dont have close experience w/ ezmlm.. its installed.. i never tryed any thing from it though.. but everything else is working fine... be more specific - Original Message - From: hongtao [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, April 24, 2001 5:47 PM Subject: qmail + ezmlm + mysql + linux Dear All: who have the experience with qmail + ezmlm + mysql + linux? best regards, hongtao
Re: RSS LIST
hongtao [EMAIL PROTECTED] wrote: because an american use my mail server (qmail) to spam, the ip of my mail server is now in the RSS list, i have refused some ip to use our smtp to relay, if my smtp server now is not open-relay smtp server. You've got it backwards; you shouldn't be denying relaying to some IP addresses, you should be restricting relaying to only your IP address(es). See the archives and FAQs for how to set up selective relaying properly. If you're asking how to test if your machine is an open relay, see the archives. If you're asking how to be removed from the RSS, see http://mail-abuse.org/rss/ . Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
RE: RSS LIST
Logs? -Original Message- From: hongtao [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 24, 2001 5:53 PM To: [EMAIL PROTECTED] Subject: RSS LIST Dear All: because an american use my mail server (qmail) to spam, the ip of my mail server is now in the RSS list, i have refused some ip to use our smtp to relay, if my smtp server now is not open-relay smtp server. who can help me in this aspect? thank you very much! hongtao
Re: CAN'T Send to lists!
On 24-Apr-2001 Johan Almqvist wrote: Seemingly, your problem is with sender domains in the message and the envelope, not with which SMTP host you use... Using q(mail)sendmail and smtproutes as for above I had this kind of responses: -- Hi. This is the qmail-send program at linux.ik5bcu.ampr.org. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: Connected to 199.183.24.194 but sender was rejected. Remote host said: 553 5.4.3 For MAIL FROM address [EMAIL PROTECTED] the policy analysis reports DNS error with your source domain. This is pretty clear, isn't it? It appears to me (excuse my ignorance) that my domain is not valid so message is rejected.Infact mantaining the same configuration: passing mail via qmail-sendmail but changing my ../defaulthost to my amprnet domain=ik5bcu.ampr.org,mail was accepted regularly. The problem on this case was that qmail sent MAILER-DAEMON infos to ik5bcu(that is another separate machine)... and not as I want to linux.ik5bcu(qmail machine). Another unanderstable thing (to my low knowledge) is that if I use qmail via SMTP all the problem disappears. My MUA is set to show [EMAIL PROTECTED] in the FROM field,but I guess this is not the cause of not accepted mail at vger that apparently is a DNS cause. Use qmail-inject with the -f option to set the sender to the same thing that your MUA gives to qmail on SMTP... Johan,using qmail with my MUA via SMTP I never had problems, they happen if *I switch MUA to use sendmail* I've seen a similar script here to use qmail-inject -f but it appears not very simple to replicate here. The big question now is :better with qmail-sendmail or qmail-SMTP? TKS,Marco. -Johan -- Johan Almqvist http://www.almqvist.net/johan/qmail/
Re: CAN'T Send to lists!
On 24-Apr-2001 Charles Cazabon wrote: Marco Calistri [EMAIL PROTECTED] wrote: Hello,sorry to disturb for so stupid questions but I cannot send messages to some mailing list servers: [EMAIL PROTECTED] I can't speak to the other hosts you mentioned, but vger is run with some very interesting policies for accepting mail, primarily because they host the linux-kernel mailing list (among others). The admins there have all sorts of filtering rules, and they use the RBL (and possibly RSS, and maybe ORBS, I can't remember) to stop the huge amount of spam people try to get through to the lists there. If you have specific questions about what parts of their policies might be dropping your submissions, try writing to Matti Arnio (sp?). I don't have an email address for him at the moment, but he's easy to find by searching the l-k archives. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. --- Hello Charles OT(I've tested getmail,it's very good)/OT my problems start if I use MUA through qmail-sendmail option messages FROM fields appear as sent from unknown domain so vger reject them(this is right because my qmail domain is not FQDN). I have to use MUA through qmail-SMTP if I want my messages be accepted. The test with smtproutes doesn't works here: LOGS say mail is accepted but I never seen it on mailing-lists. I thank you for your instructions but I switched back to qmail-SMTP also if I'd like the qmail-sendmail features, but I'm not able to set them up to works with servers as vger.kernel.org. -- Regards,: Marco Calistri [EMAIL PROTECTED] gpg key available on http://www.qsl.net/ik5bcu Xfmail 1.4.7p2 on linux RedHat 6.2 kernel-2.4.2 -- An organization dries up if you don't challenge it with growth. -- Mark Shepherd, former President and CEO of Texas Instruments
RE: qmail + ezmlm + mysql + linux
Hongtao, I currently use qmail, ezmlm, vpopmail and mySQL (and other mail tools also) running on a FreeBSD box and they work pretty good together. If you are able to read Portuguese, I can send you a step-by-step tutorial to install and setup all these packs from scratch. Cheers, Wagner. -Original Message- From: hongtao [mailto:[EMAIL PROTECTED]] Sent: Ter?a-feira, 24 de Abril de 2001 18:48 To: [EMAIL PROTECTED] Subject: qmail + ezmlm + mysql + linux Dear All: who have the experience with qmail + ezmlm + mysql + linux? best regards, hongtao
Re: RSS LIST
You've got it backwards; you shouldn't be denying relaying to some IP addresses, you should be restricting relaying to only your IP address(es). See the archives and FAQs for how to set up selective relaying properly. *** i do as you told me, but i can not received mails for [EMAIL PROTECTED] from other servers. *** /etc/rc.d/init.d/qmail tcpserver -v -x/etc/tcp.smtp.cdb -u7770 -g2108 0 smtp \ qmail-smtpd 21 | splogger smtpd 3 *** /etc/tcp.smtp :deny,RELAYCLIENT= #if no this line, all ip will be allowed to relay 202.106.184.99:allow,RELAYCLIENT= *** /var/qmail/control/rcpthosts nie-go.com staff.nie-go.com hongtao.com hongtao [EMAIL PROTECTED] wrote: because an american use my mail server (qmail) to spam, the ip of my mail server is now in the RSS list, i have refused some ip to use our smtp to relay, if my smtp server now is not open-relay smtp server.
re: issues receiving email
I have a couple of clients that are experiencing a strange problem when checking mail on our server. When they click send/receive sometimes it immediately downloads their email, but other times it brings up a dialog box asking them for their user name and password. The user name and password are already filled in. When they click ok, it sometimes takes 5 or 6 times before it goes through. Other times they click ok once and it connects fine. Any suggestions? Robert.
RE: issues receiving email
Anything in the logs? What util are you using to check passwords? Just because you asked the same question the same way twice its not gonna help anyone answer you. -Original Message- From: Robert Lech [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 24, 2001 7:39 PM To: [EMAIL PROTECTED] Subject: re: issues receiving email I have a couple of clients that are experiencing a strange problem when checking mail on our server. When they click send/receive sometimes it immediately downloads their email, but other times it brings up a dialog box asking them for their user name and password. The user name and password are already filled in. When they click ok, it sometimes takes 5 or 6 times before it goes through. Other times they click ok once and it connects fine. Any suggestions? Robert.
Just a little question
Hey all, I have added a couple of new IP addresses to my /etc/tcp_smtp file and issued the following command. tcpserver /etc/tcp_smtp /etc/tcp_smtp.cdb /etc/tcp_smtp.tmp I get the following error code and I was wondering if anyone could point me in the right direction. I have used this command before (some time ago) and it worked fine. tcpserver:fatal: unable to figure out port number for /etc/tcp_smtp.tmp Thanks for any help you can provide. Travis
Re: Just a little question
On Tue, Apr 24, 2001 at 04:58:54PM -0700, Travis Turner wrote: I have added a couple of new IP addresses to my /etc/tcp_smtp file and issued the following command. tcpserver /etc/tcp_smtp /etc/tcp_smtp.cdb /etc/tcp_smtp.tmp Oops. I get the following error code and I was wondering if anyone could point me in the right direction. I have used this command before (some time ago) and it worked fine. Pointing man tcprules Tim
Fwd: Just a little question
made a correction to my last email in way of a Hey all, I have added a couple of new IP addresses to my /etc/tcp_smtp file and issued the following command. tcpserver /etc/tcp_smtp /etc/tcp_smtp.cdb /etc/tcp_smtp.tmp I get the following error code and I was wondering if anyone could point me in the right direction. I have used this command before (some time ago) and it worked fine. tcpserver:fatal: unable to figure out port number for /etc/tcp_smtp.tmp Thanks for any help you can provide. Travis
Re: Vulnerable MUAs ...
Robin S. Socha([EMAIL PROTECTED])@2001.04.24 08:07:51 +: -- find pine4.33 -type f | xargs egrep '(sprintf|strcpy|strcat)' | wc -l 3817 even if the quantitative analysis does not make _that_ much sense...: rohrbach@WM:datasink[~/src/stdbuild.mua]59% find mutt-1.2.5 -type f | xargs egrep '(sprintf|strcpy|strcat)' | wc -l 96 actually there's a difference, yes ;-) /k -- The path of excess leads to the tower of wisdom. -- W. Blake KR433/KR11-RIPE -- http://www.webmonster.de -- ftp://ftp.webmonster.de [Key] [KeyID---] [Created-] [Fingerprint-] GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46
Re: how to _delay_ failed authentication
Markus Stumpf([EMAIL PROTECTED])@2001.04.24 19:47:37 +: On Tue, Apr 24, 2001 at 11:48:09AM +0700, Kittiwat Manosuthi wrote: Anybody know how to delay failed authentication attempts to prevent brute force pwd cracking on POP3 server using qmail vpopmail? IMHO not out of the box. But you surely could construct something in checkpassword that uses a (process independent) ip related counter and just as you use POP after SMTP to enable relaying you could add ip:deny lines to your tcpserver control file. maybe add it to tcpserver? okay, it would have to have a scoreboard or whatever you might call it and so fopen() is invoked (maybe) too often... comments? /k -- What's the best part of getting a blowjob? Five minutes of silence. KR433/KR11-RIPE -- http://www.webmonster.de -- ftp://ftp.webmonster.de [Key] [KeyID---] [Created-] [Fingerprint-] GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46
Re: how to _delay_ failed authentication
Well.. that's probably the way to go. Unfortunately, it's getting out of my league now. Anyone think this is an interesting thing to do? -Kittiwat From: Karsten W. Rohrbach [EMAIL PROTECTED] Markus Stumpf([EMAIL PROTECTED])@2001.04.24 19:47:37 +: On Tue, Apr 24, 2001 at 11:48:09AM +0700, Kittiwat Manosuthi wrote: Anybody know how to delay failed authentication attempts to prevent brute force pwd cracking on POP3 server using qmail vpopmail? IMHO not out of the box. But you surely could construct something in checkpassword that uses a (process independent) ip related counter and just as you use POP after SMTP to enable relaying you could add ip:deny lines to your tcpserver control file. maybe add it to tcpserver? okay, it would have to have a scoreboard or whatever you might call it and so fopen() is invoked (maybe) too often... comments? /k
Re: qmail-pop3d not working?
Charles Cazabon said, You have two tcpserver instances, both trying to bind to the same interface(s) and port. At least one of those _has_ to be failing, and it should be showing up in your logs. Steve said, At which point, doing 'sh -x /var/qmail/supervise/qmail-pop3d/run' gives me: I use this to check for status on supervised processes. bash-2.04# cd /var/qmail/supervise; svstat * */log qmail-pop3d: up (pid 658) 178697 seconds qmail-send: up (pid 9480) 178696 seconds qmail-smtpd: up (pid 3846) 178697 seconds qmail-pop3d/log: up (pid 11946) 178697 seconds qmail-send/log: up (pid 7901) 178697 seconds qmail-smtpd/log: up (pid 13335) 178697 seconds When you supervise, and one of the seconds columns stays at 0 seconds, you definitely have a problem. After you reboot, or better yet, when your pop stops working, try that and see what happens. Also, do not start pop3d from the command line if you are starting it in your boot scripts, even if pop3 is not working properly. Hope that helped Rick Up
Re: Ban These Exchange Server Users
Hi, we have an expression for your case here in Hungary which could be translated as "if it is not your shirt, do not wear it" I am sure that Brett (Brett Randall [EMAIL PROTECTED]) did not mean anything wrong, he just wanted to express the dark side of banning someone who is not responsible for this long-spoke spam. Csaba Original Message On 2001.04.24, 18:50:52, Ruprecht Helms [EMAIL PROTECTED] wrote regarding Re: Ban These Exchange Server Users: Hi, I have trouble understanding that you mean. ..., but there are nicer ways to be a Nazi than this... Sorry but this seems for my you are thinking not bad over rassism and the things, that were done in the time from 1993 to 1945. If it is so, this mailinglist is the wrong place to say such things. In germany the isp have to cancel the internetconnection from a user if the hear that the user is providing neonazistic stuff and postings that contains material like that. Regards, Ruprecht __ This message went through virus scan at Trend Ltd. which stated the message was clean of viri appeared before 2001.04.18. __ This message went through virus scan at Trend Ltd. which stated the message was clean of viri appeared before 2001.04.18.
VIRUS TROUVE : Re: tcpserver help
Panda Antivirus a trouvé les virus suivants dans le message : Envoyé par :Forrest Sutton Adresse : [EMAIL PROTECTED] Pour : [EMAIL PROTECTED] Sujet : Re: tcpserver help Date : 24/04/2001 04:57:09 THIS MESSAGE CONTENT VIRUS !!! Fichier : Emanuel.exe Virus : W32/Navidad.B Renommé http://www.pandasoftware.com winmail.dat