rblsmtpd

[Lars Hansson]

I have some problems with the "-a" option of rblsmtpd. To be more precise, I cant get 
it to work at all.
I have set up rbldns on one of my servers with the intention of using it as an 
"anti-blocked" list. The rbldns is working,
both dig and dnsq can get A records from rbl.unet.net.ph
The problem is that rblsmtpd doesnt seem to do any lookup to it at all. The only 
requests that shows up in the rbldns log is the ones I make with dig and dnsq. 


# dig @rbl.unet.net.ph 142.205.105.202.rbl.unet.net.ph
; <<>> DiG 8.2 <<>> @rbl.unet.net.ph 142.205.105.202.rbl.unet.net.ph 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;  142.205.105.202.rbl.unet.net.ph, type = A, class = IN

;; ANSWER SECTION:
142.205.105.202.rbl.unet.net.ph.  34m8s IN A  127.0.0.2

;; Total query time: 3 msec
;; FROM: mail to SERVER: rbl.unet.net.ph  203.65.246.6
;; WHEN: Thu Aug  2 15:25:57 2001
;; MSG SIZE  sent: 49  rcvd: 65


# dnsq a 142.205.105.202.rbl.unet.net.ph rbl.unet.net.ph
1 142.205.105.202.rbl.unet.net.ph:
65 bytes, 1+1+0+0 records, response, authoritative, noerror
query: 1 142.205.105.202.rbl.unet.net.ph
answer: 142.205.105.202.rbl.unet.net.ph 2048 A 127.0.0.2


/service/qmail-smptd/run
#!/bin/sh
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
QMAILQUEUE=`cat /var/qmail/control/queueprogram`;export QMAILQUEUE
exec /usr/local/bin/softlimit -m 600 /usr/local/bin/tcpserver \
-H -R -v -p -x /etc/tcp.smtp.cdb -c $MAXSMTPD -u $QMAILDUID -g $NOFILESGID 0 smtp \
/usr/local/bin/rblsmtpd -b -a rbl.unet.net.ph -r relays.ordb.org -r or.orbl.org 
/var/qmail/bin/qmail-smtpd 2>&1

-- 
Lars Hansson  Technical Consultant/System Administrator
UNET, Inc.Makati City, Philippines
e-mail: [EMAIL PROTECTED]

Re: Qmail, sooo easy to exploit

[Henning Brauer]

On Wed, Aug 01, 2001 at 09:41:56PM -, Steve Wozniak wrote:
> I'm a little Troll, 

You are. This "exploit" does not work on proper configured qmail servers,
only if you use the broken inetd. It is well known since years. It shows
wonderfully why inetd is broken.

-- 
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany   *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

limiting the inbox size...cjk

[Constantine Koulis]

hello.
I am giving free email to my clients and i would like somehow to limit the 
inbox to 1 mb.I am using Redhat 7 with qmail,vmailmgr,courier-imap

Tks & Best Regards
Koulis Constantine.
Bucharest Romania
Business Phone :+4-093979131


_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

Re: Qmail, sooo easy to exploit

[Peter van Dijk]

On Thu, Aug 02, 2001 at 10:46:54AM +0200, Henning Brauer wrote:
> On Wed, Aug 01, 2001 at 09:41:56PM -, Steve Wozniak wrote:
> > I'm a little Troll, 
> 
> You are. This "exploit" does not work on proper configured qmail servers,
> only if you use the broken inetd. It is well known since years. It shows
> wonderfully why inetd is broken.

You are feeding the troll.

Also, you are wrong. This has nothing to do with inetd. ulimit's are
the fix.

Greetz, Peter
-- 
Against Free Sex!   http://www.dataloss.nl/Megahard_en.html

Re: rblsmtpd

[Adrian Ho]

On Thu, Aug 02, 2001 at 03:33:53PM +0800, Lars Hansson wrote:
> The problem is that rblsmtpd doesnt seem to do any lookup to it at all.

Actually, I'd bet it's a DNS problem, not an rblsmtpd one.  I'd also bet
you made the erroneous assumption that '-a rbl.unet.net.ph' tells
rblsmtpd to send TXT queries directly to rbl.unet.net.ph.

It does no such thing -- all rblsmtpd queries are done via your DNS
resolver, and therefore follow all the normal DNS delegation rules.  If
running 'dig rbl.unet.net.ph ns' from your qmail server returns 0 records,
that's a 50-foot blinking neon sign that your DNS setup needs fixing.

-- 
Adrian HoTinker, Drifter, Fixer, Bum   [EMAIL PROTECTED]
ListArchive: 
Useful URLs:  
  

Re: limiting the inbox size...cjk

[Magnus Bodin]

On Thu, Aug 02, 2001 at 11:52:45AM +0300, Constantine Koulis wrote:
> hello.
> I am giving free email to my clients and i would like somehow to limit the 
> inbox to 1 mb.I am using Redhat 7 with qmail,vmailmgr,courier-imap

http://www.vmailmgr.org/docs/HOWTO.html

See #3.5.

/magnus

Re: Qmail waits some seconds when connected

[Henning Brauer]

On Thu, Aug 02, 2001 at 12:29:12PM +, Angelo Gelmi wrote:
>  is set with pppd, and a client  tries to send mail to posta.dominio, it
>  hangs
>  up to 1 minute before say OK.

Congratulations. qmail #1 FAQ once more.
Read the f*** archives (search for "SMTP slow" or "pop3 slow") or even life
with qmail, G.10.
-- 
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany   *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Qmail waits some seconds when connected

[Angelo Gelmi]

 Hi all,
 i have a linux server (posta.dominio) as mail server with qmail.

 This accept mail from my intranet and forward it to mail.myprovider.it
 every 30 minutes (with cron and serialmail) through another linux
 server (nuzzo.dominio), working as gateway with masquerading and
 pppd dialondemand.

 But here is my problem:
 When nuzzo.dominio is not connected, posta.dominio accept correctly
 and fastly the mails from local clients (Win OE5), but whe the connection
 is set with pppd, and a client  tries to send mail to posta.dominio, it
 hangs
 up to 1 minute before say OK.

 Who can help me, please?

Angelo

queue 'blocked' by large recipient list

[Christian Rotter]

Hello everybody,

the ORNL search engine is down, and I've run into a little problem,
so please excuse me if the subject has already been discussed

when sending a newsletter to ~450K recipients, the queue fills up,
the server spawns  qmail-remote processes and starts
delivering the newsletter (this takes ~10-14 hours)

at the same time, an online application tries to send a subscribal
message to new users, this should be processed very fast (the new user
is waiting for his account data), but the mail is sent out after the
newsletter processing is done

is there any way to 'split' the remote queue between different
applications (or users) sending mail  to get rid of this problem ?
or are there any other solutions for this ?

regards & thanks in advance,

Chris

Re: queue 'blocked' by large recipient list

[Peter van Dijk]

On Thu, Aug 02, 2001 at 01:07:58PM +0200, Christian Rotter wrote:
[snip]
> is there any way to 'split' the remote queue between different
> applications (or users) sending mail  to get rid of this problem ?
> or are there any other solutions for this ?

Run 2 qmail instances on your server - one for mailinglists, one for
regular mail.

Greetz, Peter
-- 
Against Free Sex!   http://www.dataloss.nl/Megahard_en.html

Re: Q: Using qmail for store and forward

[David Talkington]

-BEGIN PGP SIGNED MESSAGE-

[EMAIL PROTECTED] wrote:

>We have several systems that send email to customers and our local suport
>staff concerning the status of jobs that are being run. The problem is that
>the system they are sending the email to is lately often down and the
>messages get lost. So here is what I would like to do.
>
>The processing systems would send their email to qmail on linux/390 by
>telnetting to port 25. Qmail would then send those messages to the company
>email server, it just happens to be Lotus, for normal distribution. If
>Lotus or that whole system is down then qmail will hold the messages and
>retry sending them every so often.

Forgive me if I'm missing something, but that's precisely how SMTP
already works.  qmail will queue and periodically retry any
unavailable MX for a configured (7 days by default) time period.

Or did I misunderstand what you're trying to do?

- -d

- -- 
David Talkington
http://www.spotnet.org

PGP key: http://www.prairienet.org/~dtalk/dt000823.asc

-BEGIN PGP SIGNATURE-
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.75-6

iQEVAwUBO2l21b1ZYOtSwT+tAQHGjAf+K0BFTAZP/KN+xurs/oTgIGcL8Itoc3xD
aD20BVAeU4r8dJvjh6GwgPT4IlyhTyNC1RX0smictJKEPfyhUE5lk4wnYgCo/jID
u/hEGzq4hl+QC9yj4n9k9/JHRSS3LzOxyPWwvFfrVw/tNW2hg/H2ZuJSgA1kIhTZ
hvHdaYXSn0KciArmLNm+4W84KaualFGuqRKqeG654llCuoptJBnHITbHSmBytTAa
gFjUY71KKZUpvtBNFiv5H2ogJncpC0fZvoRxXUVXY5kSuf4KvPOrt17wjHx0r/eJ
qB+kT8wMJ4Tig4w7Ak4RELNopBuB55+/LtO1cSpQ/0eLSMu2CzvC9g==
=pPCb
-END PGP SIGNATURE-

RE: rblsmtpd and mail-abuse.org's DNS servers

[Hubbard, David]

Derek, 
I see a number of problems with the text you copied in
there, it's very confusing.  Here's the questions and issues:

1) On line 2,  you're calling rblsmtpd and having it call
rblsmtpd, which then calls rblsmtpd for a third time on
line 3.  The first instance doesn't even have arguments so
I have no idea why you're doing that.  Combine all of those
into one rblsmtpd with multiple -r arguments for all the
servers to test against.

2) Did you actually pay MAPS for use of their mail-abuse.org
servers?  They started charging on August 1st so you are
not going to have much luck using them to block spam if you
aren't paying them.

3)  You will need to call rblsmtpd with a -C argument to
allow email through if it can't do the lookups against
the servers you specify.  This is the default so having it
or not is okay.

Dave

-Original Message-
From: Derek Callaway [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 02, 2001 2:58 PM
To: [EMAIL PROTECTED]
Subject: rblsmtpd and mail-abuse.org's DNS servers


Hi, I'm having a problem with my qmail smtpd server becoming unresponsive
when rblsmtpd cannot communiate with the RBL nameservers. Has anyone else
had this problem? I'd like to blindy accept e-mail if the RBL nameservers
cannot be contacted. Here's how I'm starting the SMTP server:

/usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -u 7791 -g 2108 -v 0 smtp
fixcrio /usr/local/bin/rblsmtpd -t 7 /usr/local/bin/rblsmtpd -t 7 -r
dialups.mail-abuse.org /usr/local/bin/rblsmtpd -t 7 -r
'relays.mail-abuse.org:Open relay problem - see
http://www.mail-abuse.org/cgi-bin/nph-rss?%IP%>'
/var/qmail/bin/qmail-smtpd 2>&1 | /usr/local/bin/setuidgid qmaill
/usr/local/bin/multilog t n100 s100 /var/log/smtp &

-- 
//Derek Callaway <[EMAIL PROTECTED]> * Programmer: CISC, LLC - S@IRC
 char *sites[]={"http://www.freezersearch.com/index.cfm?aff=dhc";,
 "http://www.ciscllc.com","http://www.freezemail.com",0}; /*KDR AB 249*/

Re: installing qmail

[Philipp Steinkrüger]

Jonathan X Peers writes:

> I am tring to install qmail
> and I am here in the INSTALL doc ... as  i run the following I get this 
> error can some point me in the right direction . PLEASE 
> 
> ---
> 8. Copy /var/qmail/boot/home (or proc) to /var/qmail/rc.
> To test qmail deliveries (won't interfere with sendmail):
> 9. Enable deliveries of messages injected into qmail:
>   # csh -cf '/var/qmail/rc &'
> 10. Read TEST.deliver.
>  
> 
> root@alpha:/usr/src/qmail-1.03# csh -cf '/var/qmail/rc &'
> [1] 2328
> /var/qmail/rc: Permission denied.
> [1]Exit 1/var/qmail/rc
> root@alpha:/usr/src/qmail-1.03#

you have to make /var/qmail/rc executable:
 chmod +x /var/qmail/rc 

but you should know that, that are basics. perhaps you should
first learn about linux before trying to run a mailserver. 


regards,
philipp 

 

 
Philipp Steinkrüger 

Technik
Oberberg Online
Tel.: +49 2261 814240
Fax: +49 2261 814919
www.oberberg.net
[EMAIL PROTECTED] 

virtualdomains vs. VERP and Delivered-To

[Charles M. Hannum]

I have a mail host -- call it netbsd.org -- that's been running qmail
1.03 for rather a long time.  It uses VERP heavily to do automatic
bounce handling for mailing lists.  It also uses virtualdomains to
serve a couple of personal vanity domains.

In virtualdomains, I have:

spamalicious.com:mycroft-spamalicious
.spamalicious.com:mycroft-spamalicious

When mail is sent to `[EMAIL PROTECTED]' -- e.g. from majordomo
(please spare me the majordomo vs. ezmlm flames) -- I see:

>From [EMAIL PROTECTED] Thu Aug 
>02 20:13:30 2001
...
Delivered-To: [EMAIL PROTECTED]
...

This seems very wrong.  The Delivered-To: address here isn't even
correct; it should be something the actually exists -- either
`[EMAIL PROTECTED]' or `[EMAIL PROTECTED]'.
For VERP to be useful, the VERP address needs to be the latter;
otherwise my mailing list manager won't be able to handle the bounces
correctly, since it will have the wrong address.

Has anyone fixed this problem already?

Qmail process under root...

[NDSoftware]

Hello,
It'sn normal this (qmail process under root):

[root@ns207 /root]# ps -fe
UIDPID  PPID  C STIME TTY  TIME CMD
root  8248 1  0 12:38 ?00:00:00 sh /command/svscanboot
root  8253  8248  0 12:38 ?00:00:00 svscan /service
root  8254  8248  0 12:38 ?00:00:00 readproctitle service
errors: ..
root  8255  8253  0 12:38 ?00:00:00 supervise qmail-send
root  8256  8253  0 12:38 ?00:00:00 supervise log
root  8257  8253  0 12:38 ?00:00:00 supervise qmail-smtpd
root  8258  8253  0 12:38 ?00:00:00 supervise log
root  8259  8253  0 12:38 ?00:00:00 supervise qmail-pop3d
root  8260  8253  0 12:38 ?00:00:00 supervise log
qmaill8261  8260  0 12:38 ?00:00:00 /usr/local/bin/multilog
t /var/l
qmails8262  8255  0 12:38 ?00:00:00 qmail-send
qmaill8263  8256  0 12:38 ?00:00:00 /usr/local/bin/multilog
t /var/l
root  8264  8259  0 12:38 ?00:00:00 /usr/local/bin/tcpserver
-v -R -
qmaild8265  8257  0 12:38 ?00:00:00 /usr/local/bin/tcpserver
-v -R -
qmaill8266  8258  0 12:38 ?00:00:00 /usr/local/bin/multilog
t /var/l
qmaill8273  8262  0 12:38 ?00:00:00 splogger qmail
root  8274  8262  0 12:38 ?00:00:00 qmail-lspawn ./Mailbox
qmailr8275  8262  0 12:38 ?00:00:00 qmail-rspawn
qmailq8276  8262  0 12:38 ?00:00:00 qmail-clean

Thanks

installing qmail

[Jonathan X Peers]

I am tring to install qmail
and I am here in the INSTALL doc ... as  i run the following I get this 
error can some point me in the right direction . PLEASE

---
 8. Copy /var/qmail/boot/home (or proc) to /var/qmail/rc.
To test qmail deliveries (won't interfere with sendmail):
 9. Enable deliveries of messages injected into qmail:
   # csh -cf '/var/qmail/rc &'
10. Read TEST.deliver.


root@alpha:/usr/src/qmail-1.03# csh -cf '/var/qmail/rc &'
[1] 2328
/var/qmail/rc: Permission denied.
[1]Exit 1/var/qmail/rc
root@alpha:/usr/src/qmail-1.03#

unable to find user alias

[David Loszewski]

When I try to install qmail this
is what I get.

 

[root@sp qmail-1.03]# make setup check

./auto-str auto_qmail `head -1 conf-qmail` > auto_qmail.c

./compile auto_qmail.c

./load qmail-local qmail.o quote.o now.o gfrom.o
myctime.o \

slurpclose.o case.a getln.a getopt.a sig.a open.a seek.a \

lock.a fd.a wait.a env.a
stralloc.a alloc.a strerr.a \

substdio.a error.a str.a fs.a
datetime.a auto_qmail.o \

auto_patrn.o  `cat socket.lib`

( ./auto-uid auto_uida `head -1
conf-users` \

&&./auto-uid auto_uidd `head -2 conf-users
| tail -1` \

&&./auto-uid auto_uidl `head -3 conf-users
| tail -1` \

&&./auto-uid auto_uido `head -4 conf-users
| tail -1` \

&&./auto-uid auto_uidp `head -5 conf-users
| tail -1` \

&&./auto-uid auto_uidq `head -6 conf-users
| tail -1` \

&&./auto-uid auto_uidr `head -7 conf-users
| tail -1` \

&&./auto-uid auto_uids `head -8 conf-users
| tail -1` \

&&./auto-gid auto_gidq `head -1
conf-groups` \

&&./auto-gid auto_gidn `head -2
conf-groups | tail -1` \

) > auto_uids.c.tmp && mv auto_uids.c.tmp auto_uids.c

fatal: unable to
find user alias

make: *** [auto_uids.c] Error 111

 

How do I fix that??

 

Thx, 

Dave

Re: rblsmtpd and mail-abuse.org's DNS servers

[Derek Callaway]

On Thu, 2 Aug 2001, Chin Fang wrote:

Right, I guess I should have said that I already read those pages before I
posted this message. I'm looking for a _free_ workaround to this problem.

TIA

> You will need to pay MAPS to use one of its three RBLs, or the combined
> RBL+.
> 
> Please see http://www.mail-abuse.org/subscription.html and
>http://www.mail-abuse.org/feestructure.html
> 
> even you are with an educational institution.
> 
> Dr. Dan Bernstein himself has given up on MAPS's RBLs:
> 
> Please see: http://cr.yp.to/ucspi-tcp/rblsmtpd.html
> 
> Regards,
> 
> Chin Fang
> [EMAIL PROTECTED]
> 
> > Hi, I'm having a problem with my qmail smtpd server becoming unresponsive
> > when rblsmtpd cannot communiate with the RBL nameservers. Has anyone else
> > had this problem? I'd like to blindy accept e-mail if the RBL nameservers
> > cannot be contacted. Here's how I'm starting the SMTP server:
> > 
> > /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -u 7791 -g 2108 -v 0 smtp fixcrio 
>/usr/local/bin/rblsmtpd -t 7 /usr/local/bin/rblsmtpd -t 7 -r dialups.mail-abuse.org 
>/usr/local/bin/rblsmtpd -t 7 -r 'relays.mail-abuse.org:Open relay problem - see 
>http://www.mail-abuse.org/cgi-bin/nph-rss?%IP%>' /var/qmail/bin/qmail-smtpd 2>&1 
>| /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t n100 s100 
>/var/log/smtp &
> > 
> > -- 
> > //Derek Callaway <[EMAIL PROTECTED]> * Programmer: CISC, LLC - S@IRC
> >  char *sites[]={"http://www.freezersearch.com/index.cfm?aff=dhc";,
> >  "http://www.ciscllc.com","http://www.freezemail.com",0}; /*KDR AB 249*/
> > 
> > 
> > 
> 

Re: [Fwd: queue 'blocked' by large recipient list]

[Peter van Dijk]

On Thu, Aug 02, 2001 at 02:52:01PM +0200, Christian Rotter wrote:
> Hi Peter,
> 
> yep, this works
> 
> reconfigured conf-qmail for a new QMAILHOME and reinstalled the
> package, added the second rc script to the qmail script in init.d
> and got it running
> 
> such a shame - missed that KISS approach :-)
> 
> thanks (one beer for you),

qmail gd. KISS gd. beer gd. :)

Greetz, Peter
-- 
Against Free Sex!   http://www.dataloss.nl/Megahard_en.html

Re: Qmail process under root...

[Adrian Ho]

On Thu, Aug 02, 2001 at 12:40:39PM +0200, NDSoftware wrote:
> It'sn normal this (qmail process under root):

What, qmail-lspawn?  Certainly -- it must be able to set the appropriate
[ug]id when spawning qmail-local to do local deliveries, else all your
users' mail will be owned by qmail.  8-)

-- 
Adrian HoTinker, Drifter, Fixer, Bum   [EMAIL PROTECTED]
ListArchive: 
Useful URLs:  
  

Re: rblsmtpd and mail-abuse.org's DNS servers

[Mads Eilertsen]

> Hi, I'm having a problem with my qmail smtpd server becoming unresponsive
> when rblsmtpd cannot communiate with the RBL nameservers.

http://www.mail-abuse.org/subscription.html

Mads

Re: rblsmtpd and mail-abuse.org's DNS servers

[John Gonzalez/netMDC admin]

On Thu, 2 Aug 2001, Derek Callaway wrote:

> Right, I guess I should have said that I already read those pages before I
> posted this message. I'm looking for a _free_ workaround to this problem.
> 
> TIA

There is no workaround. The resolver is going to wait for the connection
to time out, thus causing your delay. The workaround is to either find
another RBL list source that runs a reliable, free network, or when it
does have hiccups, remove them, or suffer through the delays.

-- 
John Gonzalez / [EMAIL PROTECTED] / [EMAIL PROTECTED]
Tularosa Communications, Inc. (505) 439-0200 voice / (505) 443-1228 fax
http://www.tularosa.net / ASN 11711 / JG6416
[--[ sys info ]---]
  1:45pm  up 329 days, 19:14,  5 users,  load average: 0.07, 0.18, 0.15

script filter before qmail-local

[Jozef Hitzinger]

Hi, 

I'm quite sure this is near FAQ, but I didn't succeed trying guessing it
myself, nor looking through archives, so pls forgive my asking here -

What I'm trying to do, is put a perl filter just before qmail-local puts
its hands on mail. I moved qmail-local to qmail-local-orig and put in a
script named qmail-local, which calls the filter first. 

Could you please tell me if it is possible to do this with a sh or perl
script? If yes, any hint will be highly appreciated, an example of script
which just does nothing and forwards mail to qmail-local-orig would be
great. I know I could write qmail-local replacement in C (qmail-lspawn.c &
qmail-local.c as inspiration), but I'd prefer the script solution now, if
possible.

The resulting flow would be like this:

qmail-lspawn --origmsg-> qmail-local --filteredmsg-> qmail-local-orig

The filter itself is simple one-pass always-success script, which just
scans attachements for .exe, .vbs, .. and adds .VIRUS extension, so that
nobody can simply click through the worms (yes I have such users here).
Yes, I'll make the script available (BSD) after some more testing.

Thanks, 
-- 
jozef  :-)  

Re: Q: Using qmail for store and forward

[Henning Brauer]

On Thu, Aug 02, 2001 at 09:39:36AM -0500, [EMAIL PROTECTED] wrote:
> The processing systems would send their email to qmail on linux/390 by
> telnetting to port 25. Qmail would then send those messages to the company
> email server, it just happens to be Lotus, for normal distribution. 

man qmail-remote, look for smtproutes.

-- 
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany   *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: Dial-up Fails to Connect to SMTP Server

[Jeff Hill]

>Lukas Beeler wrote:
> > But I don't see how rblsmtpd, which works on incoming mail, would affect
> > outgoing mail?
> itdoesnt.. was just a fast thought, because MAPS now demands money
> and you talked about outlook express connecting to your smtp server

Perhaps it is possible that rblsmtpd was somehow locking up the server
because of the change in MAPS so that a remote SMTP connection would
fail but a local one would succeed? 

I've just removed rmlsmptd and I'm trying to get the people with the
remote machines to test (no Windoze in the office ;). It is quite a
conincidence that this all started yesterday, just as MAPS switched.

MarkD wrote:
> Is your ISP blocking port 25 outbound traffic?
> What happens if you try to telnet directly to those smtp servers, eg:
> telnet serveraddress 25
> Numerous ISPs only let you send outbound SMTP via there SMTP server as
> a measure against spammers - if that's the case with you then you'll
> need to look into smtproutes.

Well, telneting port 25 from machines on the local network is fine, but
I have been unable to test telnet from remote dial-up machines. Our
upstream (Worldcom) hasn't said anything about starting to control
outbound SMTP, and I think they'd let us know if they did (I'd hope).

Jeff Palmer wrote:
> > The only thing I see in the qmail-send logs is quite a few
> > "I_wasn't_able_to_establish_an_SMTP_connection", but the mail seems to
> > go through eventually.
> >From the FAQ:
>Does qmail back off from dead hosts?
>Answer: Yes. qmail has three backoff features:
>  * Each message is automatically retried on a quadratic schedule,
>with longer and longer intervals between delivery attempts.
>  * If a remote host does not respond to two connection attempts
>(separated by at least two minutes with no intervening successful
>connections), qmail automatically leaves the host alone for an
>hour. At the end of the hour it ``slow-starts,'' allowing one
>connection through to see whether the host is up.
>  * Some mailers opportunistically bombard a host with deferred
>messages as soon as the host comes back online. qmail does not do
>this. Each message waits until the appropriate retry time.
> The problem you are seeing is,  qmail cannot send to the destination while
> you are offline.  It 'backs off' when you connect to the net,  a while
> goes by,  qmail tries to send 1,  it works,  it sends the rest.
> 

Sorry, maybe I wasn't clear. The qmail server is on a dedicated 128K
ISDN; the dial-ups are directly to the qmail server. 

However backlogged qmail-send gets trying to send out mail, it should be
able to establish a connection with a dial-up machine trying to pass it
mail, no? Otherwise, why have a queue?

Thanks to everyone for the ideas.

Regards,

Jeff Hill

-- 

--  HR On-Line:  The Network for Workplace Issues --
http://www.hronline.com - Ph:416-604-7251 - Fax:416-604-4708

routing mail with user-specific tokens in addresses

[Bela Lubkin]

I've just subscribed to the list.  I read the FAQ and got some hints,
also searched the mailing list archives as well as the HTML docs.

The situation: my company has been bought.  We were (and still are)
using MMDF for mail transport.  I, and several other employees, have
been using an MMDF feature whereby mail to "user=token@domain" gets
routed to "user@domain".  We then parse the mail when it's delivered to
our local mailbox.  This allows us to route mailing list mail to
specific mailboxes.  We also use it when giving addresses to sites we
don't really trust -- if I start getting spam to "user=amazon@domain",
I'll be pretty sure who to blame.

[sendmail apparently has a similar feature for routing
"user+token@domain"]

Now, our IS department is switching our MTA to qmail.  I have nothing to
do with it, so I have little control over what's going to happen.  I'm
trying to research how they can configure qmail to do this sort of
thing, without it being a big hassle for them.

We have one (probably more) bastion host(s) running qmail, transporting
mail inbound to the company.  These are already set up; mail to our old
company name is still being routed via MMDF, while mail to the new
company goes via qmail.  Internal routing beyond the bastion host is
fairly complex, with several hundred users, thousands of mutual-interest
aliases, and dozens of mail hosts (mail to user1@domain ends up in
mailhost1.domain:~user1/.mailbox while mail to user2@domain ends up in
someotherhost.domain:/usr/spool/mail/user2).  I don't know how that part
is currently being handled.

I've been able to test for certain that none of "user=token@domain",
"user+token@domain", "user-token@domain", or "user.token@domain" are
being processed in the desired manner.  All of them return bounces
similar to:

  From mail.caldera.cozz!orphanage Thu Aug  2 18:20:18 2001
  Date: 3 Aug 2001 01:22:53 -
  From: [EMAIL PROTECTED]
  To: [EMAIL PROTECTED]
  Subject: failure notice

  Hi. This is the qmail-send program at calderasystems.cozz.
  I'm afraid I wasn't able to deliver your message to the following addresses.
  This is a permanent error; I've given up. Sorry it didn't work out.

  <[EMAIL PROTECTED]>:
  Sorry, no mailbox here by that name. (#5.1.1)

  --- Below this line is a copy of the message.
  [...]

(old-domain = sco.com, new-domain = caldera.com; I'm trying not to
include any real, complete addresses in this message, in case evil
people mine the list archives for spam targets.  I changed "com" to
"cozz" above to avoid them being correct addresses.)

In the qmail docs, I can see how to set this sort of thing up for one
user at a time.  qmail-users(5) describes the file
/var/qmail/users/assign and how it could presumably be configured with:

  +belal=:belal:(I don't know what goes here when it's being used as a relay)
  +bela.lubkin=:belal:(relay)

MY QUESTION: is there any way this could be set up in a global fashion,
rather than listing every single user in some config file?

That is, I want to instruct qmail that for _all_ addresses
"user=token@domain", it should relay (according to all other relay
configuration) as if the mail were addressed to "user@domain".  If
possible I'd like to set up several different characters for this, so
that "user+token@domain" and "user-token@domain" would also work (I
frequently encounter web pages which will not accept "=" as an email
address character; I'm sure other characters are similarly burdened -- I
want a whole pallette of choices to try.)

And I want this all to be so easy that even the most overworked,
uninterested and half-competent IS person would be able to set it up in
five minutes.  ;-}

So, what can I do?

Thanks,

>Bela<