Re: Qmail

[Benjamin Lee]

This is more of a systems admin issue than specifically a qmail one.

If it was my task, I'd just roll a perl or shell script to do the job
of chown-ing.

On Wed, Jul 11, 2001 at 07:35:22PM -0700, Bob Ross wrote:



> Could be a little painful to move them one at a time and chown each user.
> 
> Thanks
> Bob Ross
> 

-- 
B.  http://makelinux.org/"Always real."http://realthought.net/
__
I'm not the person your mother warned you about... her imagination isn't
that good.
-- Amy Gorin

delivery causing trouble

[Peter Klingeberg]

Hi !

I installed qmail 1.03 for mail and listserver purpose but without
ezmlm.
I tried a simple alias-list whith .qmail-liste containing as follows:
---
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
---

I also configured a "smarthost" in smtproutes: ":ganymed.materna.de:25"

Sending a mail to "liste" qmail resolves it like it should but then
delivers the mail to every recipient in the list EACH
I couldn't believe so i watched the traffic on ganymed whit a wrapper,
but qmail sent it 5 times...

Here is the log:
---
@40003b4c49ea19fe51dc new msg 61201
@40003b4c49ea19ff058c info msg 61201: bytes 549 from
<[EMAIL PROTECTED]> qp 1053 uid 1003
@40003b4c49ea1a7143a4 starting delivery 11: msg 61201 to local
[EMAIL PROTECTED]
@40003b4c49ea1a722634 status: local 1/10 remote 0/20
@40003b4c49ea1cb1544c new msg 61202
@40003b4c49ea1cb1e4d4 info msg 61202: bytes 652 from
<[EMAIL PROTECTED]> qp 1055 uid 1002
@40003b4c49ea1d60800c starting delivery 12: msg 61202 to remote
[EMAIL PROTECTED]
@40003b4c49ea1d617df4 status: local 1/10 remote 1/20
@40003b4c49ea1d61df9c delivery 11: success: did_0+5+0/qp_1055/
@40003b4c49ea1d6250e4 status: local 0/10 remote 1/20
@40003b4c49ea1d62aea4 starting delivery 13: msg 61202 to remote
[EMAIL PROTECTED]
@40003b4c49ea1d6352b4 status: local 0/10 remote 2/20
@40003b4c49ea1d63b45c end msg 61201
@40003b4c49ea1d75d4fc starting delivery 14: msg 61202 to remote
[EMAIL PROTECTED]
@40003b4c49ea1d76907c status: local 0/10 remote 3/20
@40003b4c49ea1e850aac starting delivery 15: msg 61202 to remote
[EMAIL PROTECTED]
@40003b4c49ea1e861834 status: local 0/10 remote 4/20
@40003b4c49ea1ed7224c starting delivery 16: msg 61202 to remote
[EMAIL PROTECTED]
@40003b4c49ea1ed81094 status: local 0/10 remote 5/20
@40003b4c49eb16fe5c34 delivery 12: success:
139.2.34.141_accepted_message./Remote_host_said:_250_Submitted_&_queued_(msg.20884-0)/

@40003b4c49eb16ffbbc4 status: local 0/10 remote 4/20
@40003b4c49ec0fd7427c delivery 13: success:
139.2.34.141_accepted_message./Remote_host_said:_250_Submitted_&_queued_(msg.20886-0)/

@40003b4c49ec0fd89e24 status: local 0/10 remote 3/20
@40003b4c49ec119f2d54 delivery 14: success:
139.2.34.141_accepted_message./Remote_host_said:_250_Submitted_&_queued_(msg.20888-0)/

@40003b4c49ec11a0718c status: local 0/10 remote 2/20
@40003b4c49ec19cda8d4 delivery 15: success:
139.2.34.141_accepted_message./Remote_host_said:_250_Submitted_&_queued_(msg.20890-0)/

@40003b4c49ec19cef4dc status: local 0/10 remote 1/20
@40003b4c49ec2a24b434 delivery 16: success:
139.2.34.141_accepted_message./Remote_host_said:_250_Submitted_&_queued_(msg.20892-0)/

@40003b4c49ec2a26080c status: local 0/10 remote 0/20
@40003b4c49ec2a2669b4 end msg 61202
---

How can I configure qmail to send the mail only once (per hop) with all
recipients in one Mail?
If  i had two rules in smtproutes, one for do.materna.de and one for
pop.materna.de it should sent two mails, one tu do and one to pop...

Any ideas ?

Re: delivery causing trouble

[John White]

On Thu, Jul 12, 2001 at 09:42:54AM +0200, Peter Klingeberg wrote:
> How can I configure qmail to send the mail only once (per hop) with all
> recipients in one Mail?

You can't.

John 

rblsmtpd seems to violate RFC1123, 5.2.7

[torben fjerdingstad]

rblsmtpd with qmail does not accept mail from a blacklisted
IP to postmaster@my-qmail-host, does it?

That seems to me like as a violation of rfc1123, 5.2.7 which says:

   5.2.7  RCPT Command: RFC-821 Section 4.1.1

  A host that supports a receiver-SMTP MUST support the reserved
  mailbox "Postmaster".

Well, my postmaster mailbox is supported, but I believe the
intention is that it should be able to receive mail.

One more desirable candidate for unrbl'ing is abuse@my-qmail-host.

-- 
Med venlig hilsen / Regards 
Netdriftgruppen / Network Management Group
UNI-C  

Tlf./Phone   +45 35 87 89 41Mail:  UNI-C
Fax. +45 35 87 89 90   Bygning 304
E-mail: [EMAIL PROTECTED]   DK-2800 Lyngby

Qmail and NAT

[Federico]

The problem is: 
 
I've a public Ip address that is the MX record 
of my domain.
 
the port 25 of this public ip is natted to the port 
25 of a private address (192.168.5.2), on this server I've qmail of 
course.
After that I've a Microsoft Exchange Server 
(192.168.5.4) that holds all the mail.
 
I want to make my qmail like a "mail 
router"
 
now the configuration of my qmail i quite correct, 
tha mail outbound is delivered, the problem is in inbound mail.
 
I've wrote .mydomain.dm:192.168.5.4 in 
smtproutes
 
I note that when a mail from external networks to 
mydomain.dm reaches my qmail, it not send the mail to the exchange server, but 
try to send the mail to the MX record (the public address) tha isn't reachable 
from internal network for nat reasons.
 
 
how i can solve this problem? is a nat or qmail 
problem?

Re: Qmail and NAT

[Adrian Ho]

On Thu, Jul 12, 2001 at 11:51:12AM +0200, Federico wrote:
> I've wrote .mydomain.dm:192.168.5.4 in smtproutes

That doesn't relay mail for [EMAIL PROTECTED]; you need another line:

mydomain.dm:192.168.5.4

- Adrian

Re: Request for advice (qmail-remote) Part II

[Henning Brauer]

On Thu, Jul 12, 2001 at 10:58:33AM +0930, Greg Elliott wrote:
> Next I would like to offer every user in the organization a mail address
> <[EMAIL PROTECTED]>
> (Regardless of where they reside in the organization).
[...]

qmail-ldap may be your favorite here. It has builtin cluster support letting
define you on which mailserver each account is located, regardless of the
address. This will cause your much less administrative overhead than a
.qmail based solution.

Read more at http://www.lifewithqmail.org/ldap/

-- 
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany   *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: delivery causing trouble

[Henning Brauer]

On Thu, Jul 12, 2001 at 09:42:54AM +0200, Peter Klingeberg wrote:
> I tried a simple alias-list whith .qmail-liste containing as follows:
> Sending a mail to "liste" qmail resolves it like it should but then
> delivers the mail to every recipient in the list EACH

That's the way it works with qmail. It's in the archives a thousand times,
and !before replying here! just !read it!. There are good reasons for doing
so.
-- 
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany   *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: rblsmtpd seems to violate RFC1123, 5.2.7

[Adrian Ho]

On Thu, Jul 12, 2001 at 11:27:23AM +0200, torben fjerdingstad wrote:
> rblsmtpd with qmail does not accept mail from a blacklisted
> IP to postmaster@my-qmail-host, does it?

No.

> That seems to me like as a violation of rfc1123, 5.2.7 which says:

Nope.

>5.2.7  RCPT Command: RFC-821 Section 4.1.1
> 
>   A host that supports a receiver-SMTP MUST support the reserved
>   mailbox "Postmaster".

Note the wording.  It says that the receiver-SMTP MUST accept and deliver
mail to postmaster@your-qmail-host.  It doesn't say that the receiver-SMTP
MUST accept such mail /from every possible source/.

What you want requires a RBL-aware mail proxy with destination address
overrides.  rblsmtpd won't do it for you, not without a significant amount
of hacking.

- Adrian

RE: forwarding problem

[GARGIULO Eduardo INGDESI]

> >I have a problem with some messages that are not forwarded 
> and I don't
> >know why. I have the following configuration:
> >
> >echo egargiulo > ~alias/.qmail-root 
> >echo egargiulo > ~alias/.qmail-postmaster 
> >echo egargiulo > ~alias/.qmail-mailer-daemon
> >
> >cat ~egargiulo/.qmail
> >&[EMAIL PROTECTED]
> >./Mailbox
> >
> >Some error messages (for an address not in rcpthost) are delivered to
> >postmaster and stored in ~admin/Mailbox but not forwarded to
> >[EMAIL PROTECTED]
> >How can I fix it? messages to admin, postmaster, root and 
> mailer-daemon
> >are forwarded and stored ok.
> 
> What Do The Logs Say? (tm)
> 
> -Dave
> 

I had attached part of the logfile to this message.
I think, the bogus mail sender is <#@[]> ,so the MTA that receives the
forwarded bogus mail reject it. How can I fix it?

PS: I have edited the original post to show the real usernames and
forward addresses.

~edu



--
Jul 11 16:48:35 masq qmail: 994880915.696263 new msg 24267
Jul 11 16:48:35 masq qmail: 994880915.703443 info msg 24267: bytes 4442 from <> qp 
12824 uid 538
Jul 11 16:48:35 masq qmail: 994880915.713270 starting delivery 3813: msg 24267 to 
remote [EMAIL PROTECTED]
Jul 11 16:48:35 masq qmail: 994880915.720037 status: local 0/10 remote 1/20
Jul 11 16:48:36 masq qmail: 994880916.503213 delivery 3813: failure: 
Connected_to_200.16.224.213_but_sender_was_rejected./Remote_host_said:_501_bogus_mail_from/
Jul 11 16:48:36 masq qmail: 994880916.510713 status: local 0/10 remote 0/20
Jul 11 16:48:36 masq qmail: 994880916.532645 bounce msg 24267 qp 12826
Jul 11 16:48:36 masq qmail: 994880916.539301 end msg 24267
Jul 11 16:48:36 masq qmail: 994880916.547476 new msg 24263
Jul 11 16:48:36 masq qmail: 994880916.554718 info msg 24263: bytes 4951 from <#@[]> qp 
12826 uid 538
Jul 11 16:48:36 masq qmail: 994880916.566128 starting delivery 3814: msg 24263 to 
local [EMAIL PROTECTED]
Jul 11 16:48:36 masq qmail: 994880916.573062 status: local 1/10 remote 0/20
Jul 11 16:48:36 masq qmail: 994880916.624017 new msg 24262
Jul 11 16:48:36 masq qmail: 994880916.631180 info msg 24262: bytes 5062 from <#@[]> qp 
12829 uid 532
Jul 11 16:48:36 masq qmail: 994880916.641999 starting delivery 3815: msg 24262 to 
local [EMAIL PROTECTED]
Jul 11 16:48:36 masq qmail: 994880916.648953 status: local 2/10 remote 0/20
Jul 11 16:48:36 masq qmail: 994880916.657513 delivery 3814: success: 
did_0+1+0/qp_12829/
Jul 11 16:48:36 masq qmail: 994880916.664898 status: local 1/10 remote 0/20
Jul 11 16:48:36 masq qmail: 994880916.672353 end msg 24263
Jul 11 16:48:36 masq qmail: 994880916.724537 new msg 24263
Jul 11 16:48:36 masq qmail: 994880916.731369 info msg 24263: bytes 5174 from <#@[]> qp 
12832 uid 502
Jul 11 16:48:36 masq qmail: 994880916.742864 starting delivery 3816: msg 24263 to 
remote [EMAIL PROTECTED]
Jul 11 16:48:36 masq qmail: 994880916.749255 status: local 1/10 remote 1/20
Jul 11 16:48:36 masq qmail: 994880916.756521 delivery 3815: success: 
did_1+1+0/qp_12832/
Jul 11 16:48:36 masq qmail: 994880916.764078 status: local 0/10 remote 1/20
Jul 11 16:48:36 masq qmail: 994880916.771080 end msg 24262
Jul 11 16:48:39 masq qmail: 994880919.950715 delivery 3816: failure: 
Connected_to_200.0.218.99_but_sender_was_rejected./Remote_host_said:_501_<#@[]>..._Sender_domain_must_exist/
Jul 11 16:48:39 masq qmail: 994880919.958017 status: local 0/10 remote 0/20
Jul 11 16:48:39 masq qmail: 994880919.958941 triple bounce: discarding bounce/24263
Jul 11 16:48:39 masq qmail: 994880919.959667 end msg 24263
---

Re: Request for advice (qmail-remote) Part II

[Mike Jackson]

Chris Garrigues wrote:
> 
> > From:  Greg Elliott <[EMAIL PROTECTED]>
> > Date:  Thu, 12 Jul 2001 10:58:33 +0930
> >
> > The problem I am trying to resolve is where  mails  at the
> > address <[EMAIL PROTECTED]>
> > I do not want the mail to be sent back to the central mail server and then
> > returned to the address
> > <[EMAIL PROTECTED]>.
> > Instead I would like the branch mail server to realise that  is a
> > local user and just deliver the mail to 's
> > local mail store.
> 
> I suspect the easiest thing to do would be to get the qmail-ldap patches and
> install ldap.
> 
> Keep the master LDAP database on the central server and run replica databases on
> each on the branch servers.

I have a master LDAP server on it's own machine, because I use it for
alot more than just email accounts. I have a replica LDAP server on all
mail servers. LDAP replication is done real-time via SSL, only the
master accepts modifications. Mail authentication is pointed to the
local LDAP server on the mail server, so imap/pop passwords never fly in
the clear. If you have failover LDAP and the local server dies for some
reason, it will pick up a remote server and you will be in the clear
unless you are on a vpn. I have asked Sam Varshavchik to implement SSL
in Courier's authldap module. 
 
> Each server would then be able to use LDAP to determine where the mail really
> belongs.

 The mail routing works very well to remote offices in US, Japan, and
Germany. You also need Henning's dash-trick patch. This is required so
that you can store aliases and pointers to ezmlm lists in LDAP,
otherwise you have to use the same outgoing mail server for all offices
and that is not too cool. I can provide details on how to do this if
needed.
 
> I haven't used all the functionality that this would require, but I'm fairly
> certain that qmail-ldap has everything you'd need.

And alot more. Join the qmail-ldap mailing list from www.nrg4u.com.

Regards,
Mike

Re: forwarding problem

[Henning Brauer]

On Thu, Jul 12, 2001 at 08:56:30AM -0300, GARGIULO Eduardo INGDESI wrote:
> I think, the bogus mail sender is <#@[]> ,so the MTA that receives the

This is a double bounce that never should get delivered outside your host.

-- 
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany   *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: Qmail and NAT

[Steve]

The easiest way is to make the qmail server think that the machine
yourdomain.com is your excchange server.  Just add a line to the etc/hosts
on the qmail server...  If you are running your own DNS you could fix it
there.

Steve

Re: Qmail and NAT

[Henning Brauer]

On Thu, Jul 12, 2001 at 10:37:26AM -0400, Steve wrote:
> The easiest way is to make the qmail server think that the machine
> yourdomain.com is your excchange server.  Just add a line to the etc/hosts
> on the qmail server...  

This doesn't buy you anything. qmail never uses /etc/hosts but always DNS.
-- 
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany   *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: Request for advice (qmail-remote) Part II

[David Talkington]

-BEGIN PGP SIGNED MESSAGE-

Mike Jackson wrote:

>If you have failover LDAP and the local server dies for some
>reason, it will pick up a remote server and you will be in the clear
>unless you are on a vpn. I have asked Sam Varshavchik to implement SSL
>in Courier's authldap module.

I use stunnel to avoid this.  Works well, low overhead.

- -d


- -- 
David Talkington
http://www.spotnet.org

PGP key: http://www.prairienet.org/~dtalk/dt000823.asc

-BEGIN PGP SIGNATURE-
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.75-6

iQEVAwUBO023mr1ZYOtSwT+tAQFNkgf/fq7vYFDrL+wKKhxEIDQKKkimiFMooUjl
jdBqC8G7IvxkBlrgHjoiZtguzTliebbNRmW/a9Q+VXKIqYNc4ZUjj/Igbemf3ivt
UTjDUMVA7P74qGJTOBTWhAvPRmCjGnNnvk8ADvhJ5boLUq9lVzKnG2o95CZQpuGV
36N7O2lKc4z77Eu1aUTGDwf4my2hy9c4XBiUhPffuxjFiOhTmyf6ghzCrOfPEhMO
qxOmcmANZScFl7PZLSZKlccA9pHytcPvRXl2aCr2JhJW0ypGTG/Ku7ZQvQB7bdK9
78F/QEo1F8hOlhYAyJrIWQRKAy3Z/0bQSebYo6L3wP3lZ7nrIa4Sag==
=e7TX
-END PGP SIGNATURE-

Re: Qmail and NAT

[Steve]

Sorry... I thought it was working on my system that way.  I guess the
difference for me is that I have qmail accepting the mail itself.

Steve

> On Thu, Jul 12, 2001 at 10:37:26AM -0400, Steve wrote:
>> The easiest way is to make the qmail server think that the machine
>> yourdomain.com is your excchange server.  Just add a line to the
>> etc/hosts on the qmail server...  
> 
> This doesn't buy you anything. qmail never uses /etc/hosts but always
> DNS. -- 
> * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
> * Roedingsmarkt 14, 20459 Hamburg, Germany   *
> Unix is very simple, but it takes a genius to understand the
> simplicity. (Dennis Ritchie)


--- wherever you go, there you are

Re: Qmail and NAT

[Keary Suska]

That certainly could be the case, but that means that qmail uses its own
resolver and not the OS's, which doesn't sound very smart. Unless an
application can specify what means to resolve names regardless of system
settings, which doesn't seem very smart either. I would try it anyway, but
make sure that the system refers to "files" first (usu. nsswitch.conf).

-K

> From: Henning Brauer <[EMAIL PROTECTED]>
> Date: Thu, 12 Jul 2001 16:42:47 +0200
> To: [EMAIL PROTECTED]
> Subject: Re: Qmail and NAT
> 
> On Thu, Jul 12, 2001 at 10:37:26AM -0400, Steve wrote:
>> The easiest way is to make the qmail server think that the machine
>> yourdomain.com is your excchange server.  Just add a line to the etc/hosts
>> on the qmail server...
> 
> This doesn't buy you anything. qmail never uses /etc/hosts but always DNS.
> -- 
> * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
> * Roedingsmarkt 14, 20459 Hamburg, Germany   *
> Unix is very simple, but it takes a genius to understand the simplicity.
> (Dennis Ritchie)
> 

Re: Qmail and NAT

[Q]

I just thought that I would add that it also seems to me that qmail always
uses DNS.  I always had problems with sending mail slow (all entries in host
file for internal network, sendmail worked fine), but then I put in a
reverse DNS zone for my internal network on the DNS server and BAM, man was
it fast...



- Original Message -
From: "Keary Suska" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, July 12, 2001 10:26 AM
Subject: Re: Qmail and NAT


That certainly could be the case, but that means that qmail uses its own
resolver and not the OS's, which doesn't sound very smart. Unless an
application can specify what means to resolve names regardless of system
settings, which doesn't seem very smart either. I would try it anyway, but
make sure that the system refers to "files" first (usu. nsswitch.conf).

-K

> From: Henning Brauer <[EMAIL PROTECTED]>
> Date: Thu, 12 Jul 2001 16:42:47 +0200
> To: [EMAIL PROTECTED]
> Subject: Re: Qmail and NAT
>
> On Thu, Jul 12, 2001 at 10:37:26AM -0400, Steve wrote:
>> The easiest way is to make the qmail server think that the machine
>> yourdomain.com is your excchange server.  Just add a line to the
etc/hosts
>> on the qmail server...
>
> This doesn't buy you anything. qmail never uses /etc/hosts but always DNS.
> --
> * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
> * Roedingsmarkt 14, 20459 Hamburg, Germany   *
> Unix is very simple, but it takes a genius to understand the simplicity.
> (Dennis Ritchie)
>

blocking from-addresses (badmailfrom)

[Q]

We have been getting some e-mails sent from a virus some people have.  I am
trying to block them out using the badmailfrom file, but it doesn't seem to
be working the way I need it to.  The e-mail has a:

From: Hahaha <[EMAIL PROTECTED]>

in the header, so I put [EMAIL PROTECTED] in the badmailfrom file.
Whenever I try to send a test message with the from address of
"[EMAIL PROTECTED]" it gets blocked like it should.  However when the
actual mail gets sent from someone that has the virus, it does not get
blocked.  I checked the logs and this seems to be because qmail is saying
that it is from <> because there is a:

Return-Path: <>

in the header too.  Is there any way I can block messages that have a null
Return-Path or a way to have qmail check the badmailfrom against the From:
header instead of the Return-Path one?


Also it is interesting to note that my test messages bounce back to
[EMAIL PROTECTED] and they get accepted by their mail server.

Re: blocking from-addresses (badmailfrom)

[Chris Johnson]

On Thu, Jul 12, 2001 at 10:41:54AM -0500, Q wrote:
> We have been getting some e-mails sent from a virus some people have.  I am
> trying to block them out using the badmailfrom file, but it doesn't seem to
> be working the way I need it to.  The e-mail has a:
> 
> From: Hahaha <[EMAIL PROTECTED]>
> 
> in the header, so I put [EMAIL PROTECTED] in the badmailfrom file.

qmail-smtpd doesn't look at the header. It looks at the envelope sender, and
the envelope sender on these messages is empty.

> Whenever I try to send a test message with the from address of
> "[EMAIL PROTECTED]" it gets blocked like it should.  However when the
> actual mail gets sent from someone that has the virus, it does not get
> blocked.  I checked the logs and this seems to be because qmail is saying
> that it is from <> because there is a:
> 
> Return-Path: <>
> 
> in the header too.  Is there any way I can block messages that have a null
> Return-Path or a way to have qmail check the badmailfrom against the From:
> header instead of the Return-Path one?

You must not block messages with a null envelope sender; this is the way
bounces are delivered. And qmail-smtpd will not check the From: header under
any circumstances.

If you want to block this kind of mail, you'll probably want to look at one of
the various anti-virus packages. See http://www.qmail.org.

Chris

 PGP signature

Re: blocking from-addresses (badmailfrom)

[Charles Cazabon]

Q <[EMAIL PROTECTED]> wrote:
> 
> Is there any way I can block messages that have a null
> Return-Path or a way to have qmail check the badmailfrom against the From:
> header instead of the Return-Path one?

No, and it's a bad idea.  Bounces are required to have a null envelope
sender (<>), and MTAs are required to accept them.

Charles
-- 
---
Charles Cazabon<[EMAIL PROTECTED]>
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
---

Re: blocking from-addresses (badmailfrom)

[Q]

OK, I understand.  I will look into that.  Does anyone have any personal
recommendations as far as the AV software on the page goes?  Are there any
that you know about that aren't on the page that work well?  Also, we would
need the software to be free as we can't afford a commercial version.

Thanks!

- Original Message -
From: "Chris Johnson" <[EMAIL PROTECTED]>
To: "Q" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, July 12, 2001 10:49 AM
Subject: Re: blocking from-addresses (badmailfrom)

Re: Qmail and NAT

[Henning Brauer]

On Thu, Jul 12, 2001 at 09:26:46AM -0600, Keary Suska wrote:
> That certainly could be the case, but that means that qmail uses its own
> resolver and not the OS's, 

it does. Ever noticed dns.c?

> which doesn't sound very smart. 

It is.

-- 
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany   *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: blocking from-addresses (badmailfrom)

[Henning Brauer]

Read the f*** archives.
-- 
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany   *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: blocking from-addresses (badmailfrom)

[dale]

Install a virus scanner.. that is the only good way I have found
to stop those. I use the amavirus scan and it works great...
there is a link to it on the qmail home page.

On Thu, Jul 12, 2001 at 10:41:54AM -0500, Q wrote:
> We have been getting some e-mails sent from a virus some people have.  I am
> trying to block them out using the badmailfrom file, but it doesn't seem to
> be working the way I need it to.  The e-mail has a:
> 
> From: Hahaha <[EMAIL PROTECTED]>
> 
> in the header, so I put [EMAIL PROTECTED] in the badmailfrom file.
> Whenever I try to send a test message with the from address of
> "[EMAIL PROTECTED]" it gets blocked like it should.  However when the
> actual mail gets sent from someone that has the virus, it does not get
> blocked.  I checked the logs and this seems to be because qmail is saying
> that it is from <> because there is a:
> 
> Return-Path: <>
> 
> in the header too.  Is there any way I can block messages that have a null
> Return-Path or a way to have qmail check the badmailfrom against the From:
> header instead of the Return-Path one?
> 
> 
> Also it is interesting to note that my test messages bounce back to
> [EMAIL PROTECTED] and they get accepted by their mail server.
> 

virtualdomains recipients

[GARGIULO Eduardo INGDESI]

Hi all.

I have configured virtualdomains like this

[EMAIL PROTECTED]:yapedu
[EMAIL PROTECTED]:yapedu

and dot-qmail

echo ./IN.ezmlm/ > ~yapedu/.qmail-ezmlm
echo ./IN.qmail/ > ~yapedu/.qmail-qmail

to sore messages from different list in differents Maildirs.

My question is what happen when there are more than on address
in the to: header and list address is not the first or if the 
list address is in CC?

~edu

remote relay, multiple forwarding

[~darkage]

 Im trying to setup mutliple forwarding for only ONE user account in the
domain (ie. jim@defaultdomain forwards to jim@domain1 & to jim@domain2)   on
a qmail server that just does inbound/outbound relaying, only remote
deliverys no local ones.  I've been reading the life with qmail guide &
experimenting a bit..  I understand how to do this with local deliverys with
a .qmail file in a users directory..  If you dont have user accounts
setup on your qmail server with a home dir for users & all that,  I assume
you can use ie.  /var/qmail/alias/.qmail-jim(with or without the domain
specified) as if it was a ~jim/.qmail file with a few differences

Basically what I wanna know is if I'm heading in the right direction.. Is
there a better way to do this?   like using fastforward?

many thanxs

d.

Re: rblsmtpd seems to violate RFC1123, 5.2.7

[Roger Walker]

>rblsmtpd with qmail does not accept mail from a blacklisted
>IP to postmaster@my-qmail-host, does it?
>
>That seems to me like as a violation of rfc1123, 5.2.7 which says:
>
>   5.2.7  RCPT Command: RFC-821 Section 4.1.1
>
>  A host that supports a receiver-SMTP MUST support the reserved
>  mailbox "Postmaster".
>
>Well, my postmaster mailbox is supported, but I believe the
>intention is that it should be able to receive mail.
>
>One more desirable candidate for unrbl'ing is abuse@my-qmail-host.

Unfortunate situation, isn't it? The reality is that there are far
to many places that do not have (or ignore) the postmaster account for even
legitimate stuff. The other part of the reality is that rblsmtpd is
intended to drop the connection at the earliest sign of trouble. If you are
going to all a complete transaction to take place, just so you can look for
postmaster recipients, then there is no reason to use rbsmtpd :-/

Life in an imperfect world...

-- 
Roger Walker
Tier III Messaging/News Team
Internet Applications, National Consumer IP
TELUS Corporation 780-493-2471

qmail and analog

[Miranda Gomez Miguel Angel]

hi , do you know if there are some HOW TO'S or similar for analog ???, the
man pages are difficult,
thanks

Re: virtualdomains recipients

[Charles Cazabon]

GARGIULO Eduardo INGDESI <[EMAIL PROTECTED]> wrote:
> 
> My question is what happen when there are more than on address
> in the to: header and list address is not the first or if the 
> list address is in CC?

The contents of the message (including the headers) don't matter.  Only
the envelope recipient address matters, and that can only be a single
address.

Charles
-- 
---
Charles Cazabon<[EMAIL PROTECTED]>
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
---

Re: remote relay, multiple forwarding

[Charles Cazabon]

~darkage <[EMAIL PROTECTED]> wrote:
> Im trying to setup mutliple forwarding for only ONE user account in
> the domain (ie. jim@defaultdomain forwards to jim@domain1 & to
> jim@domain2)   on a qmail server that just does inbound/outbound
> relaying, only remote deliverys no local ones.

If you're not doing local/virtual delivery, qmail can't do this -- all
it does then is store & forward.

> I understand how to do this with local deliverys with a .qmail file in
> a users directory..

This is the way to do it.  What you could do is make a domain virtual,
and create a couple of .qmail files to handle it.  In virtual domains,
do

  defaultdomain:alias-defaultdomain

then have ~alias/.qmail-defaultdomain-jim, which forwards to two
addresses, and ~alias.qmail-defaultdomain-default, which just contains

  |forward "$DEFAULT"@otherdomain

where otherdomain is an alias that will get the mail to the right MTA,
either through an MX record, or an entry in smtproutes.

Charles
-- 
---
Charles Cazabon<[EMAIL PROTECTED]>
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
---

Re: qmail and analog

[John Hogan]

i was just there this pm...

http://www.lifewithqmail.org/lwq.html#qmailanalog

- hogan

At 11:52 AM 7/12/2001, Miranda Gomez Miguel Angel wrote:
>hi , do you know if there are some HOW TO'S or similar for analog ???, the
>man pages are difficult,
>thanks

qmail - /var/mail - autofs - NIS+

[Christopher J. Connor]

Hey,

I am trying to setup qmail in server based environment, and I have run
into a few issues.  I was wondering if anyone would like to volunteer
solutions to my problems.

Here is the infrastructure.

I am supporting a few hundred solaris workstations, that use
automount/autofs to mount the users home directory when they login.

All of the home directories are stored on a massive file server
(Auspex), that only serves files and cannot be used as a application
server.

The mail server in another server that is actually also a NIS+ master.

a) Security is not that much of an issue as we are behind a few
firewalls. b) /var/mail/username is the required delivery location. c)
the file server cannot be allowed to run apps.

Again, the desired mail delivery is to /var/mail/$username on the mail
server.  I have tried both procmail and /bin/mail, and my issues seem to
be with qmail itself.


Here is my issue:

When I am trying to deliver mail to the mail server, qmail seems to try
to check and see if /home/$username exists, before it will deliver the
mail.  As a result, the error message I get is...

@40003b4dd3ce390addfc new msg 5835
@40003b4dd3ce39122d14 info msg 5835: bytes 735 from
<[EMAIL PROTECTED]> qp 981 uid 10001
@40003b4dd3cf03139edc starting delivery 1: msg 5835 to local
[EMAIL PROTECTED]
@40003b4dd3cf0318f9f4 status: local 1/10 remote 0/20
@40003b4dd3cf072fdddc delivery 1: failure:
Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/
@40003b4dd3cf094e4d24 status: local 0/10 remote 0/20
@40003b4dd3cf0f8d3574 bounce msg 5835 qp 986
@40003b4dd3cf10cf1f9c end msg 5835


Now, if I go ahead and cd to the users home directory (thus causing an
automount on the mail server to the home directory file server), and
then send mail to the mail server.  Qmail seems to be happy to see the
home directory and send the mail fine.

I would like for qmail to just not stat for a home directory, and just
go head and let me deliver the email to /var/mail/username.

I was wondering if anyone has deployed qmail in a similar
infrastructure, and what solutions might be recommended.


thanks,


/c

qmail-smtpd.c

[Renato Dobelin]

Olá for all, 
I looked for of some forms to prevent leaving the 
qmail with the opened Relay, used patch of the Mrs. Brisby's to legalize the 
together smtp with the RPM of the qmail of Bruce Guenter (obviously I created a 
new package RPM), but exactly thus the qmail still was disapproved in the test 
with the " telnet relay-test.mail-abuse.org ", the Wildmat I I did not obtain to 
make to function in my system, I decided to look at qmail-smtpd.c inside and to 
look a reply of as to prevent the not authorized Relay and found the function 
"smtp_rcpt(arg)" and includes the following strings: 
 
void smtp_rcpt(arg) char *arg; {
  int x=0; /* new code  for(x=0; 
arg[x]!=0; x++) if ((arg[x]==37) || (arg[x]==34) || (arg[x]==91) || 
(arg[x]==33)) { err_syntax(); return; } */new code  if 
(!seenmail) { err_wantmail(); return; }  if (!addrparse(arg)) { 
err_syntax(); return; }  if (flagbarf) { err_bmf(); return; }  
if (relayclient) {    --addr.len;    if 
(!stralloc_cats(&addr,relayclient)) die_nomem();    if 
(!stralloc_0(&addr)) die_nomem();  }
...
 
After to compile the qmail and to restart the job 
again, I run the " telnet again relay-test.mail-abuse.org " and now it 
passed in all the tests. The code looks for the characters ",[,!,% in 
rcpt.
I am not programmer and therefore I was with the 
following one doubts: It will be that I will have problems with emails we 
legitimos with this alteration? 
 
Renato Dobelin

Re: qmail - /var/mail - autofs - NIS+

[Charles Cazabon]

Christopher J. Connor <[EMAIL PROTECTED]> wrote:
> 
> When I am trying to deliver mail to the mail server, qmail seems to try
> to check and see if /home/$username exists, before it will deliver the
> mail.  As a result, the error message I get is...
> 
> @40003b4dd3ce390addfc new msg 5835
> @40003b4dd3ce39122d14 info msg 5835: bytes 735 from
> <[EMAIL PROTECTED]> qp 981 uid 10001
> @40003b4dd3cf03139edc starting delivery 1: msg 5835 to local
> [EMAIL PROTECTED]
> @40003b4dd3cf0318f9f4 status: local 1/10 remote 0/20
> @40003b4dd3cf072fdddc delivery 1: failure:
> Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/

The qmail-users mechanism is designed to work around problems like this.
`man qmail-users` for details, or see the FAQ, etc.

Charles
-- 
---
Charles Cazabon<[EMAIL PROTECTED]>
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
---

Re: qmail-smtpd.c

[Greg White]

On Thu, Jul 12, 2001 at 06:01:10PM -0300, Renato Dobelin wrote:
> Olá for all, 
> I looked for of some forms to prevent leaving the qmail with the opened Relay, used 
>patch of the Mrs. Brisby's to legalize the together smtp with the RPM of the qmail of 
>Bruce Guenter (obviously I created a new package RPM), but exactly thus the qmail 
>still was disapproved in the test with the " telnet relay-test.mail-abuse.org ", the 
>Wildmat I I did not obtain to make to function in my system, I decided to look at 
>qmail-smtpd.c inside and to look a reply of as to prevent the not authorized Relay 
>and found the function "smtp_rcpt(arg)" and includes the following strings: 
> 
> void smtp_rcpt(arg) char *arg; {
> 
>   int x=0; /* new code
>   for(x=0; arg[x]!=0; x++) if ((arg[x]==37) || (arg[x]==34) || (arg[x]==91) || 
>(arg[x]==33)) { err_syntax(); return; } */new code
>   if (!seenmail) { err_wantmail(); return; }
>   if (!addrparse(arg)) { err_syntax(); return; }
>   if (flagbarf) { err_bmf(); return; }
>   if (relayclient) {
> --addr.len;
> if (!stralloc_cats(&addr,relayclient)) die_nomem();
> if (!stralloc_0(&addr)) die_nomem();
>   }
> ...
> 
> After to compile the qmail and to restart the job again, I run the " telnet again 
>relay-test.mail-abuse.org " and now it passed in all the tests. The code looks for 
>the characters ",[,!,% in rcpt.
> I am not programmer and therefore I was with the following one doubts: It will be 
>that I will have problems with emails we legitimos with this alteration? 
> 
> Renato Dobelin

I cannot see that it would be a problem, unless legtimate mail actually
used some of these characters (which most does not, precisely because of
sendmail's dirty UUCP hacks ;)  ). You may have a problem with refusing
mail to postmaster@[your.ip.add.ress], which IIRC is an RFC requirement.
You're also trying to solve a problem that doesn't exist -- qmail will
_never_ deliver mail differently because of a bangpath style address
'!', nor will it relay for '%', unless you specifically tell it to. Try
to actually relay mail using any of the methods that are reported to
'fail' -- you cannot, unless you've configured percenthack, or set
RELAYCLIENT for the connecting IP address. Period. Accepting these
characters in an SMTP conversation _does not_ allow relay.


-- 
Greg White

Re: blocking from-addresses (badmailfrom)

[Adrian Ho]

On Thu, Jul 12, 2001 at 10:53:31AM -0500, Q wrote:
> Does anyone have any personal recommendations as far as the AV software
> on the page goes?

Check the archives: , search for
"anti-virus".  Also .

- Adrian

qmail-spawn errors

[Joshua Nichols]

My logs are filling up with these errors:

starting delivery 14152: msg 582933 to remote [EMAIL PROTECTED]
status: local 0/10 remote 394/400
delivery 14150: deferral: qmail-spawn_unable_to_open_message._(#4.3.0)/
status: local 0/10 remote 393/400
starting delivery 14153: msg 582933 to remote [EMAIL PROTECTED]
status: local 0/10 remote 394/400
delivery 14152: deferral: qmail-spawn_unable_to_create_pipe._(#4.3.0)/
status: local 0/10 remote 393/400
delivery 14146: failure: Unable_to_run_qmail-remote./
alert: unable to append to bounce message; HELP! sleeping...

(timestamps removed for readability - cut and paste otherwise)

And the only thing unusual that has happened is that /var filled up during
an ezmlm-send.

Should I run queue-fix?  Does it look like a queue problem?

I'm not sure what other information would be helpful.  I'm convinced it must
have something to do with the full /var (now cleaned up a bit) but I'm not
sure how, if at all, to fix it.  I'd prefer to not lose the current queue.
No, I did not mess with the queue at all.


Thanks,

--joshua.

supervise sucking cycles

[Jon Rust]

I just restructured my supervise directory to the new method outlined in
LWQ and LWDJBDNS. After restarting the svscan process, I noticed that
the load on the machine has increased dramatically. Top shows supervise
running pretty hot:

last pid: 85737;  load averages:  4.44,  2.95,  1.98  up

  PID USERNAME  PRI NICE  SIZERES STATETIME   WCPUCPU COMMAND
64185 root   10   0   860K   420K nanslp   0:12  3.47%  3.47% supervise
64191 root   10   0   860K   420K nanslp   0:08  2.00%  2.00% supervise


help?! None of the services loigs say anything. The run files are the
same, I just symlinked the directories into /service and ran

   #!/bin/sh
   env - PATH=/usr/local/bin:/usr/sbin:/usr/bin:/bin csh -cf 'svscan /service &'

how can I track down the problem?

jon

please help me, a problem about mail box!!

[cool dragon]

Title: ÇçÀÊ




Hi,
 
I install the qmail and can start it, but when 
i send a mail to a user from the mail server, the maillog will say:  

 " delivery 3: failure: 
Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ " 

 
and i cannot  get 
the mai;
 
If i send a mail to 
myself from remote site, the maillog will say nothing, and i cant get the mail 
too.
 
what's the problem, 
please help me! it trouble me a long 
time!!!
 

Re: supervise sucking cycles

[Jon Rust]

Godamnit. I hate replying to myself. I had checked the logs... but only
briefly I guess, or the process was happy for a bit? I dunno. But when I
looked at them again later (AFTER sending pointless mail to the list of
course), qmail-send's log was going nuts. Turns out I failed to properly
kill qmail-send before restarting svscan in the new directory.

Self-LARTing commenced...

jon

Fw: blocking from-addresses (badmailfrom)

[mtaylor]

I'm new to this list and have spent untold hours reading the archives for
solutions regarding my problems. I was aware that this list is in place for
helping each other to overcome our personify problems. I have noticed that
some one cant be bothered to share his experienced to a newbee or some one
that has not got the time to spend hours searching the list or should I say
as sent to this list " read the f archives " So my question to you Mr
Heenning Brauer if you are not willing to help in a polite manner then don't
comment at all. Or should I say us in South Africa would say ( jy mout
youself gaan naai )

So to the person trying to solve his/her problem I haven't a clue what your
talking about but I'm sure some of the more intelligent people on this list
will help you gladly


- Original Message -
From: "Henning Brauer" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, July 12, 2001 4:55 PM
Subject: Re: blocking from-addresses (badmailfrom)


> Read the f*** archives.
> --
> * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
> * Roedingsmarkt 14, 20459 Hamburg, Germany   *
> Unix is very simple, but it takes a genius to understand the simplicity.
> (Dennis Ritchie)
>

time to delivery in qmail

[KY Lui]

Title: time to delivery in qmail





Hello


i want to send a number of mail out using qmail.
i am wondering how can i determine the time used to send all the mail out?
is there any log i can check? so that i can know the sent time of the last mail and the sent time of the first mail


thanks thanks


regards
KY