Re: Oops,I guess Sendmail wasn't secure after all...
Quoting Dave Sill ([EMAIL PROTECTED]): Anyone want to takes bets on whether qmail has unsafe signal handlers? I've been looking for a sucker.. OK I'll bet a six pack is doesn't. (or, if Bud, I'd demand a case) Aaron
Re: ScanMail Message: To Recipient virus found and action taken.
Quoting Alex Pennace ([EMAIL PROTECTED]): Am I the only one that finds it ironic that a list for a Unix MTA is plagued by a Windows mail trojan and a mail scanner eager to tell recipients about the disposition of the message? which is why I use the following procmail rules given to me at some point by another list member and slightly modified. I decided to put them in after the last round of newbie whining about us being too tough on them ;-) Turns out I don't see any of these virus things. :0: * ^Mailing-List:.*contact [EMAIL PROTECTED]* * X-MSMail-.* /dev/null :0: * ^Mailing-List:.*contact [EMAIL PROTECTED]* * X-Mailer:.*(Internet Mail.*|Microsoft Outlook.*) /dev/null which sent to Mr. Null the following, apparently from an Upchuck user that decided to point out the obvious (which I've gleaned from reply to his mail, pity a procmail rule to filter out replies to trashed mail isn't so easy--maybe extract the message-id, keep it in a file and.. hmmm). From [EMAIL PROTECTED] Mon Apr 23 16:58:35 2001 Subject: VIRUS IN QMAIL-LIST Folder: /dev/null Anyway, those rules are nicely filtering out all the cruft. :) Sorry to those folks that have to use them at work (never find me taking a job like that). Those that use them by choice, well, get a real MUA. The SNR is just too high! Hopefully Dan can rid the list of the morons--before uic's 'net connection gets (more) saturated :) ScanMail is broken. Yep. Aaron
Re: delay before checking mail with outlook
Christian Dressend [EMAIL PROTECTED] wrote: Does anyone know why there is a long delay before Outlook checks and/or send mail through qmail? Yes, the delay is provided by Microsoft so that you have a bit more time to ponder whether you *really* want to risk automatically executing "certain MIME types." Aaron
Re: Forwarding to AOL issue
Quoting Norbert Bollow ([EMAIL PROTECTED]): http://members.aol.com/adamkb/aol/mailfaq/dropped-mail.html How funny is it that an AOL user has written an unofficial FAQ on why his ISP loses mail? In fact, he continues to give them money? "Oh, you're losing mail. Go see http://www.coinet.com/~joeblow/coinet/lostmail.html" I'd about die. Anyway, my FAQ would consist of one line: AOL sucks. Why spend the effort on such a verbose explanation? :) just idly wondering today... Aaron
Re: how do I check on a specific message delivery?
Quoting william f guyton jr ([EMAIL PROTECTED]): I am using multilog for logging qmail-smtp and qmail-send and would like to know how to check the log files for a delivery date and time stamp for a specific user. Maybe you need to be more specific :) Do you mean something other than: $ grep user@somedomain * $ tai64nlocal current | less $ egrep '.*from.[EMAIL PROTECTED].*' current $ egrep '.*to.[EMAIL PROTECTED].*' @* | tai64nlocal ... or the like ? Aaron
Re: News server
Quoting Peter Mitev ([EMAIL PROTECTED]): can you tell me if there is anything written for maintenance of a news server. That is with automatic subscription/unsubscription and maybe even web interface. Hey, you should check out news.software.nntp, or maybe Google. This is a list for qmail, the MTA, which hasn't a thing to do with Usenet. Aaron
Re: pop3d needs SUID root?
Quoting Todd A. Jacobs ([EMAIL PROTECTED]):
When running pop3d, I get an error saying "no $HOME/Maildir" which may be
caused by the directory permissions of 0700 on both the home directory and
Maildir.
qmail-pop3d is run as root by tcpserver, which is running as root. No
suid bit is needed. qmail-pop3d switches to the userid of the user
whose mail it is retrieving.
So, you'll need to start believing that message--qmail-pop3d can't
find the user's Maildir.
In the source of qmail-pop3d we see:
void die_nomaildir() { err("this user has no $HOME/Maildir"); die(); }
...
if (!argv[1]) die_nomaildir();
if (chdir(argv[1]) == -1) die_nomaildir();
So, it dies with that same error if it doesn't get its first argument,
the name of the Maildir, or if it can't change to that Maildir.
Your tcpserver's command line may be goofed up. Should look
something like:
exec tcpserver -c60 -R -H mail.coinet.com pop-3 qmail-popup mail.coinet.com \
checkpassword qmail-popbull /home/p/popbull/popbull qmail-pop3d Maildir
Aaron
Re: pop3d needs SUID root?
Quoting Aaron L. Meehan ([EMAIL PROTECTED]): Quoting Todd A. Jacobs ([EMAIL PROTECTED]): When running pop3d, I get an error saying "no $HOME/Maildir" which may be caused by the directory permissions of 0700 on both the home directory and Maildir. qmail-pop3d is run as root by tcpserver, which is running as root. No suid bit is needed. qmail-pop3d switches to the userid of the user whose mail it is retrieving. Which is, oops, a bit off. Mark Delaney said it: the checkpassword changes uid. my bad, Aaron
Re: WARNING: Worm (?) sending from root@microsoft.com to *@anon.lcs.mit.ed
Quoting Sean Reifschneider ([EMAIL PROTECTED]): Anyone else seeing thousands of messages filling up your queue, apparently from "[EMAIL PROTECTED]" to addresses such as: [EMAIL PROTECTED] I'm pretty sure this is the work of the W95.Hybrid email worm (the sexyfun.net one), sending copies of itself to the mail2news gateway for distribution to news servers worldwide, so that other infected computers can download new plugins. That sure is a nasty bugger. One or more of your users is undoubtedly infected with the worm--plenty of ours are, I'm sorry to say. It would seem that when it was discovered that worm authors intended to use them for worm distribution, the administrators of that gateway shut it down. One point to the miscreants. Aaron
Re: Qmail with 'tcpserver'
Quoting Roger Walker ([EMAIL PROTECTED]): On 30 Jan 2001, Mark Delany wrote: =.rope.net:allow,RELAYCLIENT="" Right? Possibly using -P to avoid unauthorized relay usage by those who control their reverse lookups. I control my class C reverse lookups, also :-) so I would just need to know the proper syntax in order to implement it. He meant that I could, for instance, configure _our_ dns so that a particular IP address reverse resolves to foo.rope.net. Without paranoid checking (both PTR and A record match), then security through hostname checking is lax security. Aaron
Re: Sorry about the size of my prevous e-mail (I have beem flamed on this before).
Quoting Alex Kramarov ([EMAIL PROTECTED]): Markus Stumpf [EMAIL PROTECTED] wrote Why should anyone impose artificial limits on the size of messages to this mailing list, only because a) you use a broken MUA b) you are unable to configure it correctly c) you seem to be the only one that has permanent problems with a) and b) I do not use a broken MUA. Yes, you do. It doesn't even wrap your blasted lines properly; your entire email was on two lines, one for each paragraph. What, you think that when your GUI moves the cursor down a line it's actually putting a carriage return in there? Think again. Broken. It doesn't add a References header to your replies. That messes up web archives. Broken. Your mailer seems to insist on putting a "Re:" in the Subject even when it is already there. Broken. In short, your MUA is broken. Am I starting to sound like a broken record? I think so. You're using a broken mailer and sending html in your email to a mailing list for a UNIX MTA, populated by BOFHs. I can't imagine what on Earth you're thinking... Aaron
Re: smtp to 371.net
Quoting Henning Brauer ([EMAIL PROTECTED]): On Tue, Jan 16, 2001 at 11:33:06AM -0600, Charles Cazabon wrote: Henning Brauer [EMAIL PROTECTED] wrote: dnsmx 371.net gives mx.371.net, so this one is reachable from outside. I meant that "smtp.371.net" might be an internal-only mail relay. Any host named "mx\d" is probably a publically-reachable MX. This is speculation. As mx.371.net is a MX for this domain it must be reachable from outside. For the others we don't have any information. I could have sworn that's what he said, in essence, especially as he qualified his statement with "might." Why quibble over semantics? There's high-enough SNR as it is, and you relatively recent subscribers need to stop arguing all the damn time, please. Aaron
Re: Help decoding a bounce msg
Quoting Martin Langhoff ([EMAIL PROTECTED]): It's not clear to me if (66.60.1.118) is the originator of the msg or the originator of the bounce. Could anyone be so kind as to give me some hints on how should I read this? I'm getting so many double-bounces from this blasted worm, I could scream. I don't think it's going to abate any time soon. The message originated from 66.60.1.118, [EMAIL PROTECTED] is in his lookout express address book. Return-Path: Received: (qmail 15136 invoked from network); 12 Jan 2001 07:35:09 - Received: from h066060001118.isol.net.ar (HELO recepci-n) (66.60.1.118) by scim.com.ar with SMTP; 12 Jan 2001 07:35:09 - From: Hahaha [EMAIL PROTECTED] Subject: Enanito si, pero con que pedazo! MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="--VE2R8D6NKTI7GH67WDMJ89U3WT" Aaron
Re: problem in delivering mails locally...
Quoting vasudeva ([EMAIL PROTECTED]): my host name is: vasu.domain.com my main branch host name is: email.domain.com domain name is: domain.com Last I checked (as in a few seconds ago) domain.com is registered to a US company, in Pennsylvania, that happens to be a domain registrar. You're in India, if I'm not mistaken. Have you purchased domain.com from them? What I'm trying to say is that you should give us real information. It's starting to become neccessary to be creative since we have to keep telling people this, over, and over, and over ... Aaron
Re: thoughts for future qmail
Quoting David Dyer-Bennet ([EMAIL PROTECTED]): Russell Nelson [EMAIL PROTECTED] writes on 5 January 2001 at 01:41:53 -0500 http://qmail.org/qmail-1.03-qmtpc.patch I can't get this via Lynx (so I had to download it on my windows machine and move it over; trivial for a file this size). I can get the file displayed, but I can't save it any way I've tried. Creating my own html with a link would let me download it and save it, but the other workaround was easier. try this: $ lynx -source http://qmail.org/qmail-1.03-qmtpc.patch qmail-1.03-qmtpc.patch Aaron
Re: www.abuse.net test and mail Qmail server - Help
Quoting Vince Vielhaber ([EMAIL PROTECTED]): On Tue, 19 Dec 2000, Russell Nelson wrote: Michael Boyiazis writes: Perhaps Russ can make "SEARCH THE ARCHIVES" appear in large blinking text on www.qmail.org so people will see it. We have the technology, but ... do you really think it would help? Of course not. I've found that the more obvious the item is, the less likely most folks will find it. Maybe we ought to ask John Levine (being a qmail guy himself) if he can add blinking text when it fails on the user%foo.com@[] test, where the test always stops with vanilla qmail: "If you are a qmail luser, CLICK HERE." .. and a web page that briefly tells the luser what's going on. Aaron
Re: [OT] do you know this MTA(not qmail) error msg?
Quoting martin langhoff ([EMAIL PROTECTED]): sorry for being OT. I need help to diagnose an errormsg I'm receiving from a remote MTA -- mainly to show it's the other admin who's in fault. Or else repair my error and be humble about it :). To make matters worse, the errormsg is unknown to me: seems to be coming from a box I think is running WinNT. The MTA is sendmail. The problem is that sendmail on that machine does not know it's supposed to handle email for reino.com.ar. This would be analogous to installing qmail but not putting your domain into locals, even though there is an MX record pointing to you. Most people put local domains for sendmail into a file named sendmail.cw, but they can also be specified in sendmail.cf. Aaron - - Transcript of session follows - 451 [EMAIL PROTECTED]... reply: read error from mail1.dacas.com.ar. 553 mail2.dacas.com.ar. config error: mail loops back to me (MX problem?) 554 [EMAIL PROTECTED]... Local configuration error
Re: Outlook Express Prank
Quoting James Stevens ([EMAIL PROTECTED]): Without going into a 20 page technical look at every bug here's some simple tips even biggeners should know. 1. Don't use the 'Preview' plane. 2. Don't let or set Outlook to open messages automatically. 3. Don't open any executable or any other microsoft attachement unless it's from someone you know and trust. VBS bugs are kewl but are a 'PAIN ^^ Well there is precisely the biggest bitch about Lookout: most VBS worms you get _are_ from someone you know and trust, like your mom, since the worms scour Lookout's blasted address book, eh? Note that I could write a shell script to do the same thing to mutt, but the problem is that the unwashed masses are the ones running Upchuck products. We strongly recommend our customers not use it, unfortunately many do. Aaron
Re: problems with GMT vs. local time
Quoting Brian Wilson ([EMAIL PROTECTED]): Well, after searching for sometime to see if anyone else was having this problem, I came to the conclusion that maybe it's just me. I'm I think it is just you, since we have literally hundreds of OE and Outlook users, unfortunately, and they have no problems parsing dates. The Date header is under complete control of the sender's MUA, in any case, and has nothing to do with qmail or its use of GMT in Received headers. From email@domain Fri Dec 08 17:49:04 2000 Received: (qmail 21700 invoked from network); 8 Dec 2000 12:49:04 -0500 Date: Fri, 08 Dec 2000 12:42:24 -0500 The applied patch successfully changes the dates in the "Received" and "Date" headers, but it doesn't change the date in the "From" header that marks the beginning of the new message. I'm assuming this is Wrong assumption--the "From" mbox message delimiter isn't passed to pop3 clients, so you're definitely looking in the wrong place. You don't mention exactly how your clients' software is incorrectly parsing the date. Aaron
Re: problems with GMT vs. local time
Quoting Brian Wilson ([EMAIL PROTECTED]): Wrong assumption--the "From" mbox message delimiter isn't passed to pop3 clients, so you're definitely looking in the wrong place. You don't mention exactly how your clients' software is incorrectly parsing the date. The "From" mbox delimiter is passed to washington imap2000a server. IMAP.. well, that would have been helpful information, indeed. Aaron
Re: HELP! Error of File Descriptos
Quoting Federico Edelman Anaya ([EMAIL PROTECTED]): /proc/sys/fs/file-max: 4096: /proc/sys/fs/file-nr: 1009 246 4096: /proc/sys/fs/inode-max: 16384: /proc/sys/fs/inode-nr: 16385 13846: Looks like you may be running out of inodes. Try increasing them, and read Documentation/sysctl/fs.txt in the kernel source tree. You *need* to familiarize yourself with all of that in order to successfully operate a busy linux box (there are other files in that directory that need perusing, as well). Aaron
Re: Quality of this List
Quoting Michael Maier ([EMAIL PROTECTED]): The Quality of this List Service dramaticly decreased. All I see are Messages containing Newbie Questions already solved about at least ten times. Gz!! Enough already! My .procmailrc is starting to get bloated, and the next person I see bitch and moan is going to come face-to-face with my virtual can o' whoop-ass! Honestly, although many of us sympathize, wasting time writing up complaints about the newbies is pointless. Either unsub or shut up, IOW. Aaron
Re: I'm SO AFRAID!!, NO BODY KNOW RBLSMTPD WORKS????
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): I'm asking the following several time the following questionNO RESPONSE NO RESPONSE. Is there is really somebody already using rblsmtpd? Allright, I'm _not_ going to touch that.. but tempting. I'm running rblsmtpd, according to the response of [EMAIL PROTECTED] my RBL is working. Problem: if any machine in my sub-network (10.1.7.* having it's MAC, DNS) bombarding me all messages are delivred to my mail OK, it seems that English is not your native language. No problem, but please try to rewrite your question above. I'm afraid it is not making any sense to me. Tell us _exactly_ what is happening as best as you can. Aaron
Re: List Courtesy (was Newbie question)
Quoting John W. Lemons III ([EMAIL PROTECTED]):
I've seen this over and over and over. Someone joins the list, probably
because they are having problems (the same reason I joined), posts a
question
Back in the day, it was prudent and _neccessary_ to do thorough
checking of the forum's archives and lurk before posting, unless you
wore fireproof undies. It's still true to this day, although it seems
that someone is complaining about this most basic Internet truth every
week (day?) on this list.
When you have a problem, subscribing to a mailing list and immediately
posting your question is unwise, as your problem has likely been asked
and answered dozens, if not hundreds, of times.
The vast, VAST majority of questions posted to this list in recent
memory have been asked and answered a bazillion times. Some don't
mind seeing them a bazillion times, most do.
This is Internet 101, but I'm afraid the deluge is starting drown us.
Inane questions are costing us all money. You could argue that it's a
fraction of a penny, but still, for those interested in actually
helping out those who pose good questions, it wastes time and money to
have to wade through those asking about shell syntax. Less noise
would mean UIC's 'net connection would be a little less-stressed, as
well. Alas, I expect trends to continue.
Why is it that all of these people are installing their Redhat CD's
and installing qmail without having the foggiest idea how it all fits
together? Why are they not doing their homework? It's all fine and
dandy for your home playground, but many of these questions are coming
from professionals working with production systems!
So many questions posted here really haven't anything to do with email
or qmail, but rather basic Unix administration fundamentals, which is
decidedly lacking among more and more of the world's Unix
"administrators" these days, it would seem (and not just the low-paid
ones, I'm afraid). Without understanding how your shell works, how to
decipher the syntax of your init scripts? There are many other
examples.
You don't just move from NT to any type of Unix without extensive
research and experience, save for your own home boxes or what not, or
unless you are particularly bright (again, obviously lacking among
many newbie posters here). If you can't do it yourself, then it's
wise to hire someone.
Now, when I installed qmail the first time for a production system, I
was subscribed to the qmail list for awhile already--I knew I HAD to
get rid of sendmaul, and I did my homework! I did it using only Dan's
docs in the qmail tarball! Yes. There was no LWQ. I also learned a
great deal just by reading this list for a month or two. It was PIECE
OF CAKE, especially when one has experience with such monstrosities as
INN--the poor souls having trouble with qmail and posting here would
shoot themselves. Some don't have the luxury of that much time or
experience, granted, but still, there's a limit. Having a firm grasp
of Unix and a little common sense goes a long ways. If you don't have
a firm grasp on Unix, then there are resources out there to help you,
on Usenet, the Web, in printed books, whatever.
The keys to success:
- Read the docs, then read more docs.
- Know the software, your OS, your shell, and basic Unix stuff like
file permissions ("my log says the .qmail file has an x bit set and
program delivery, and qmail won't deliver my mail! how do I fix it??"
how many times have I seen that?!) before you decide to put that new
qmail box in production! Argg. Or hire someone who does.
- Attention to detail.
Heck, there are probably others, but I can't stress the latter enough,
since it's apparent that attention to detail is non-existant for most of
those used to point-and-drool and that ask question on this list.
On a side note, I've tried to unsubscribe from the list because of exactly
this kind of crap from self-important jerks who seem to get a charge out of
kicking people when they are down, but the damn server tells me I'm not
subscribed so it can't unsubscribe me. Go figure.
Well, again, attention to detail is the key. Your envelope sender
address does not match the address that you were subscribed as, for
whatever reason. Look at this mail's return-path for a clue.
I've said enough. Pretty close to adding a rule for *Outlook* and
*Inernet Mail Service* (heh, "Service!") into my .procmailrc, though,
for mails to this list, with the SNR getting so bad among you all.
Sigh.
Aaron
Re: removing Delivered-To header...?
Quoting Peter Cavender ([EMAIL PROTECTED]): haha - no, I just host several domains for third parties, and the people on domain3 ask why domain1 shows up in their mail headers... Just trying to make my mail services *completely* virtualized. People at local-bapist-church.org wouldn't want hot-sex-pics.com in their mail headers. ;-) Well, how would that be possible? Non-standard virtual domains set up? Example: You have mail.example.com as MX for virtual.com, which is in virtualdomains as "virtual.com:joe". In ~joe you have .qmail-joe. Mail sent to [EMAIL PROTECTED] will have a delivered-to header like so: Delivered-To: [EMAIL PROTECTED] Unless you have set up your virtualdomains in some way I'm not aware of, it should be irrelevent what other virtual domains you have configured. Maybe you can share this tidbit. We host quite a few virtualdomains, I must say, and don't have your particular problem. Doesn't the Received header also mention what your domain name is? Not an issue for me - I only have incoming POP boxes, no relaying. Well, did you hack qmail-smtpd.c to not add a Received header to the top of each message? How does email get delivered to your POP boxes from the Internet, if not via qmail-smtpd or some other SMTP daemon that follows RFCs? No delivery from via SMTP at all, maybe? Hmmm, but what program will you use to actually do the delivery? You don't mention what mailbox format you're using. Vanilla Maildir delivery on local machine. Maybe you just need to install procmail, get the maildir patches from www.qmail.org (are they still needed? I can't remember) and use formail to cut out that header (a la formail -I) from the user's .procmailrc. Again, though, I would caution against removing Delivered-To. Aaron
Re: removing Delivered-To header...?
Quoting Peter Cavender ([EMAIL PROTECTED]): Hi- I have a qmail server hosting several virtual domains, and all mail delivered to recipients in the virtual domains have a Delivered-To header line indicating the "main" domain name of the server. Fascinating. Is that a government secret, or something? Doesn't the Received header also mention what your domain name is? I want to delete this line, and I understand that the -d option to preline is the way to do this, but *where* do do do this? Hmmm, but what program will you use to actually do the delivery? You don't mention what mailbox format you're using. Anyway, Delivered-To is there to prevent mail loops. Not all that terrific an idea to cut them out. Aaron
Re: Am I relaying?
Quoting Al Sparks ([EMAIL PROTECTED]): I immediately added this host to my /etc/hosts.deny file for tcp-env and the connections stopped after the first two refusals. A good security practice is to deny everything in your hosts.deny file, and make specific exceptions to that policy in your hosts.allow file. Indeed. But think again about what you just said and its implications for accepting _email_ from the Internet. Aaron __ Do You Yahoo!? Dozens of mail servers. Millions of subscribers. Email delivery in six hours or less! Thank goodness, no! Aaron
Re: Fwd: Re: More trouble
Quoting Howard Miller ([EMAIL PROTECTED]): Oh and I posted this to the mailing list as well. I am sure everybody will be interested! in your behaviour!! Excuse me, Howie, but STOP posting private messages to the list just to spite people. We have some real work to do here. Goodness. Aaron
Re: Wildcard MX Obsolescence
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): i know that the problem is at my machine, and not on the remote email server. ( i xxx'd out the relevant things as i'm a contractor, and the company has very specific policies of my using their name... i like to work, if you know what i mean s) anyway, i know it is at my machine as when to problem showed up under sendmail, i checked internally, and was given the fix in the form of a sendmail.cf file for my machine, not the remote server. so, naturally, i suspect the fix is local for qmail as well. Important point: qmail is not sendmail, not by a long shot. The point I tried to make in my response was that qmail did everything exactly as its supposed to, however the _remote mail server_, running sendmail, rejected your message. So, it begs the question, "what does this have to do with qmail?" The answer is: nothing. qmail-remote connected to the remote mail server, it tried to deliver a message, the remote mail server rejected it. Simple as that. You stated in your last mail that the company you work for has a policy of "no wildcard MXs." I'm having trouble understanding exactly why on Earth anyone would care. Do you know exactly what a wildcard MX is? This is the part that is confusing: you are sending mail to atoka-software.com. It's MX record looks like: atoka-software.com MX 10 mail1.best.com atoka-software.com MX 10 mail2.best.com atoka-software.com MX 20 mail3.best.com atoka-software.com MX 20 mail4.best.com further, mail[1234].best.com each has multiple IP addresses, which is returned round-robin by the name server. They do this for the sake of redundancy. That is not wildcard MX'ing. Unless you are using a smarthost, a la smtproutes, then qmail will check the DNS for the MX for atoka-software.com, then connect to the IP address returned by the name server. If you are using a smarthost, and it rejects relaying your mail to one of best.com's mail servers, then the smarthost is not configured properly. The bounce qmail sent you points this out clearly. [EMAIL PROTECTED]: 1.2.3.4 does not like recipient. Remote host said: 554 myclient.server.domain.com[1.2.3.4]: Client host rejected: Will not relay via wildcard MX records - reference http://www.server.domain.com/DNS/wildmx.html Giving up on 1.2.3.4. I'd sure like to know what that web page says. So, like I said previously, more information is needed, unfortunately your employer's dubious "security through obscurity" mentality, and your acceptance of it, makes it much more difficult to decipher the exact nature of this problem. Aaron
Re: Wildcard MX Obsolescence
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): [EMAIL PROTECTED]: 1.2.3.4 does not like recipient. Remote host said: 554 myclient.server.domain.com[1.2.3.4]: Client host rejected: Will not relay via wildcard MX records - reference http://www.server.domain.com/DNS/wildmx.html Giving up on 1.2.3.4. atoka-software.com does not have any wildcard MXs. I'm pretty confused as to what that mail server is thinking. I think some more info is needed. so far as i can determine, it is not that the receiving domain has wildcard mx's; it is the dependence of the mail server on the local machine that is somehow depending on a wildcard mx. (pardon me, i am ignorant here! s) anyway, it does not matter where the destination mailbox is (other than *.domain.com). Hmm, no that doesn't make any sense at all. As an addendum to my latest message, I see that best.com has indeed set up wildcard MX for your domain: $ host -t mx blah.atoka-software.com blah.atoka-software.com MX 10 mail1.best.com blah.atoka-software.com MX 10 mail2.best.com blah.atoka-software.com MX 20 mail3.best.com blah.atoka-software.com MX 20 mail4.best.com Even so, the wildcard only means anything when sending to *.atoka-software.com. There isn't anything you can do on the qmail machine to work-around your employer's mail server's rejecting of your mail. I can't see what you could do on a sendmail machine, either, other than bypass the smarthost. Personally, I simply would not use their mail server as a smarthost. I can't see any advantage to rejecting mail simply because there are wildcard MX records associated with it. Maybe someone else can enlighten me. Aaron
Re: Yahoo delivery failure - short test and proposal
Quoting Peter van Dijk ([EMAIL PROTECTED]): On Thu, Nov 02, 2000 at 06:47:43PM +1100, Brett Randall wrote: [snip] I am putting forward a proposal that, to help ourselves, our staff, and the hundreds of thousands of Yahoo Mail patrons, we should contact Yahoo and pester them to get their system working. These failures are all too common on their global system, and have been occurring for months now. Please give me any feedback, flames, comments, etc, and if they are personal, direct them to me personally. If they are useful for others to see (not just for your ego but for general list education about this problem), post them to the list. I have logfiles with several deferred deliveries, either 'connected to blah but connection died' or just plainly 'wasnt able to establish an SMTP connection'. I'm seeing a lot of this junk, lately, as well: [EMAIL PROTECTED]: Sorry, I wasn't able to establish an SMTP connection. (#4.4.1) I'm not going to try again; this message has been in the queue too long. lots o' messages from reply.yahoo.com, which never seems to accept our SMTP connections, and which is sending email to long-dead accounts. Typical. The inet-access list has a regular contributor from Yahoo, by the name of Derek Balling. I can't find his official yahoo address, but he posts to Usenet as dredd at megacity.org (he has some posts in alt.sysadmin.recovery, perhaps he will be able to empathize with us :). We only handle around 5,000 deliveries, local and remote, per day, yet there are dozens of queued messages to yahoo.com. Quite annoying. Aaron
Re: Wildcard MX Obsolescence
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): i am installing qmail on my linux 6.1 machine inside of the company What is "linux 6.1?" (did you mean Redhat 6.1 by chance, hmm?). A minor point, but be careful if you slip up like that on a list devoted to linux. i work for. it is currently running sendmail that comes with redhat. the company has a policy of no wildcard mx's. a "sendmail.cf" is provided to not use a wildcard mx. within that file are the two lines that seem to pertinent (as i feebly understand sendmail!) # Smart host DSmail.server.domain.com They might be even more pertinent if you had not decided to munge all the useful data! my question is how do i avoid the "wilcard mx" problem with qmail? whenever i attempt a send to outside of my system using: You are sending mail remotely from a qmail system to an alleged sendmail system (I say alleged since you've again munged all useful data, so I can't double-check), and the remote system is rejecting the mail after the recipient is specified. Assuming that the remote system is _not_ qmail, and I'm pretty sure it isn't, your problem has absolutely nothing to do with qmail. [EMAIL PROTECTED]: 1.2.3.4 does not like recipient. Remote host said: 554 myclient.server.domain.com[1.2.3.4]: Client host rejected: Will not relay via wildcard MX records - reference http://www.server.domain.com/DNS/wildmx.html Giving up on 1.2.3.4. atoka-software.com does not have any wildcard MXs. I'm pretty confused as to what that mail server is thinking. I think some more info is needed. Aaron
Re: Relaying test on abuse.net postive!?
Quoting Leonard Tulipan ([EMAIL PROTECTED]): Now the thing ist, that relay test number six still goes thru. Is this some issue? Did I do something wrong? Yes, you did. You failed to read the web page, especially the bold blinking text. Aaron - THIS MAY OR MAY NOT MEAN THAT IT'S AN OPEN RELAY. Some systems appear to accept relay mail, but then reject messages internally rather than delivering them, but you cannot tell at this point whether the message will be relayed or not. If it is really an open relay, the test message will be delivered to you. If you do not receive the test message in your e-mail in the next few hours, it IS NOT an open relay.
Re: smtp speed limit??
Quoting Austad, Jay ([EMAIL PROTECTED]): I'm looking here: http://cr.yp.to/docs/smtplf.html Maybe one of the messages contains an lf not preceded by a cr. Where would this be logged on the qmail box? Unfortunately, in the stock qmail, nowhere. However, you may start up your favorite packet capturing software, sniffit or its equivilent, and see what is going on between the two servers easily enough. I've never used it, but there is a djb piece of software known as recordio that you can use to log every smtp command sent or received by qmail-smtpd. Again, though, if this is the problem the exchange server should be logging qmail's smtp response! If there's a stray newline, qmail-smtpd will spit out a 4xx error code and the URL quoted above. Aaron
Re: Redhat 7
Quoting Graphic Rezidew ([EMAIL PROTECTED]): On Wed, Oct 11, 2000 at 02:20:22AM +0800, Mark Lo wrote: Should I run qmail under Redhat Linux 7 or Redhat Linux 6.2?? No. After reading this, I would have to agree (re: redhat 7.0 buggy daemon causing crash after 3 weeks): http://slashdot.org/article.pl?sid=00/10/11/1341237 Aaron
Re: smtp speed limit??
Quoting Austad, Jay ([EMAIL PROTECTED]): We have a little script that sends 5 different messages in rapid succession to one email address. When it gets pointed at our mailserver running MS Exchange, it works fine, however, when pointed at the qmail box, only the first message makes it through, the other 4 get delayed or deffered and put back into the queue (MS Exchange or some MS mailserver thing). Fascinating. I wonder if your exchange server bothers to log the response from the remote mail server upon delivery, failure, or deferral? That would help (and even more to show them to us -- I think that shall be my mantra from now on). Does qmail limit how fast one host can send messages via smtp? Here's my tcpserver line: tcpserver -q -c 500 -x /etc/smtp.cdb -H -l mail.marketwatchmail.com -R -u 503 -g 503 0 smtp /var/qmail/bin/qmail-smtpd 21 | /var/qmail/bin/splogger smtpd 3 Since tcpserver is handling the smtp connection, the proper question would be whether tcpserver itself can limit how fast it will receive mail. The answer to the question as you put it is "no." However, tcpserver can limit the number of smtp connections it will accept. The default is 40 simultaneous connections, and you have actually specified 500. You would not seem to be crossing that threshold, but I'm just guessing without seeing any logs--tcpserver's logging will show if you're going over 500 connections. Personally, my bet is that the exchange server is puking. Five messages in rapid succession.. that must put real stress on the bloatware. Aaron
Re: Qmail not sending to Certain Servers
Quoting Kathleen Farber ([EMAIL PROTECTED]): Here's the log: @400039da1c2001c01114 delivery 329: success: 154.11.89.182_accepted_message. /Remote_host_said:_250_ok_970598885_qp_18301/ This is very unambiguous. Delivery 329 was successful to 154.11.89.182 (mx.total.net). The remote server is even running qmail, no less. What happens after that is up to total.net. Again, the logs tell all. Aaron
Re: Mailbox file problems
Quoting Rob Hines Jr. ([EMAIL PROTECTED]): I am running qmail on a Solaris system, and have had nothing but good luck with it. I installed Mrs. Brisby's smtp_auth patch, and all is good delivering to homedir Mailboxes. I am having a problem though. Occasionally users will retrieve their mail to find one message appended to the end of the previous one. I am at a loss as to why this might happen. Ahem, you forget something: what pop3 server are you using? Since qmail-pop3d only reads Maildirs, then you're using something else. Indeed, since we know that qmail-local does write correctly to mbox-format, then that would probably preclude qmail from being the problem. Hence, you're almost off-topic :-) In an mbox-style mailbox, each email is seperated by a newline then "From " -- so if you're really using qmail-local for delivery, then your POP3 server is misbehaving. OTOH, if you'are using something else for delivery, like procmail for instance, then it might not be writing properly. Perhaps, also, the mailbox isn't properly being locked while another process is reading it, which can result in corrupt mailboxes--a good argument for Maildir delivery. Since it would appear to be infrequent, then the latter seems likely. Anyway, I'm just guessing. In short, more info is needed! Aaron
Re: No Transport Provider Available
Quoting Ben Beuchler ([EMAIL PROTECTED]): It ain't qmail. http://support.microsoft.com/support/kb/articles/Q197/4/17.ASP?LN=EN-USSD=gnFR=0 Do you see that crap under the heading "Mail Server Expects Addresses to Be in Angle Bracket?" baahahaha. You have to put angle brackets in there in order for Outlook to use them when speaking SMTP. What a joke... and the rest is plain bull. No wonder 7 out of 10 tech support calls regarding email are outlook users (and we give our customers a CD with Netscape.. that says something). sorry for the rant! Aaron
Re: Help with Local Relaying
Quoting Edward Carr ([EMAIL PROTECTED]): Here are my config files ... Edited for anonymity ... /var/qmail/control/defaultdomain: domain.net /var/qmail/control/defaulthost: domain.net heh.. what the heck good do you think this does? Might at well say: Here are my config files ... Deleted for security ... /var/qmail/control/defaultdomain: [censored] /var/qmail/control/defaulthost: [censored] Anyway, what do you see in your log files? If the messages are in your queue, then the mail logs will tell you *why* they are still there. Aaron
Re: Help with Local Relaying
Quoting Edward Carr ([EMAIL PROTECTED]): There are no entries in the log files ... I checked that ... The messages are in /var/qmail/queue/mess/?? (??=somenumber) No entries in your logs, at all? You need to fix your mail logging then. Without logs you'll be scratching your head for weeks. The way I displayed my files makes perfect sense syntax wise! You can see if I should have more or less info entered in them. :) OK, you should have a hundred more entries of "example.com" in them. That still doesn't tell us if you have the *correct* stuff in there, but if they are in your queue already it's probably a moot point. You need to figure out why the messages are being deferred, and only qmail-send's log files are going to tell you without unneccessary steps like using strace. When you have your next mail emergency, you'll be thankful you took the time to get proper logging. Aaron
Re: [OT] Achieving Time-Synch at mailserver
Quoting martin langhoff ([EMAIL PROTECTED]): The other machine has a intermittent connection, so I'm looking for a way to synchronize on a command (instead of a daemon). I checked CPAN for NTP and found nothing. The Net::Time module doesn't seem to help as it's looking for a time server, and not a NTP server. You might check for the commands "rdate" or "netdate" -- both will get the time from another machine. On our PC's with linux, we further need to use the "clock" or "hwclock" commands to set the hardware clock to match the system clock. We run these out of a cron job every so often, and only run ntpd on one computer in the network. Aaron
Re: Mypoints.com is not nice to us qmail admins (was: C API for
Quoting Frank Tegtmeyer ([EMAIL PROTECTED]): hadn't got around to complaining to them yet. it appears that they don't care anyway. pitty i may just have to block them too. The world is full of such sites. For the case of "gone users still receiving mail" the badrcptto-patch is very useful. This is true, I've used it before for some old addresses, but such places as mypoints.com get a ton of subscribers (why is beyond me, really). When you average ~80 messages in the queue, and one day see 120 queued and *40* destined for mypoints.com, it raises my eyebrows. Aaron
Re: PLEASE, PLEASE : qmail is rebooting my box
Quoting Gustavo Vieira Goncalves Coelho Rios ([EMAIL PROTECTED]): do anyone here already faced qmail rebooting your box? I am running freebsd 4.1Stable and qmail 1-03 and after sending too many message to domains outside locals i got my box reboot and in /var/log/messages a line telling that qmail-remote received sigsev signal! Userland programs not running as root can't reboot your machine. I should say, they should not be able to. If qmail-remote is segfaulting and your machine is rebooting I would look into the hardware, i.e. proper cooling, or even try replacing the RAM. Bad RAM can cause programs to segfault, and other very undesirable behavior. Aaron
Re: ? - Delivery Status Notification (Failure)
Quoting Brian Ghidinelli ([EMAIL PROTECTED]): I'm not sure yet if this is Qmail specific, but I thought that someone here might have experienced this before and thus would have an idea since we're all email Admins. Users who are sending our mail servers mail from large sites such as prontomail or hotmail occasionally get the following error: Final-Recipient: rfc822;[EMAIL PROTECTED] Action: failed Status: 4.4.2 Huh, once again someone mails the list with a hotmail-generated mail error report and it doesn't say damn thing at all! Why even send error reports to users when they don't mention _what_ the blasted problem is? (note, I'm ranting at hotmail, not you). Users don't know to look up in RFC 1893 for extended status codes! Anyway, the status code 4.4.2 is telling us it should have been deferred. It seems like hotmail doesn't like to have any messages in its queue :) Are you sure this isn't a deferral notice? I guess since it says "Failure" in the Subject we have to assume it's not. X.4.2 Bad connection The outbound connection was established, but was otherwise unable to complete the message transaction, either because of time-out, or inadequate connection quality. This is useful only as a persistent transient error. The odd thing about this is that we have two mail servers - one in New Jersey on an occasionally unstable link and one in California at Above.net which is always online and both trigger this error (randomly). Interesting, but I can only find one MX record in the DNS for vfive.com. $ host -t mx vfive.com vfive.com MX 10 bmw.vfive.com Therefore, if that is the machine in New Jersey, that could be the source of your delivery failures. Reasonable MTAs will defer the message until it can be delivered (when the link comes back up, presumably). Aaron
Re: bare LF - bizarre behaviour
Quoting Adam McKenna ([EMAIL PROTECTED]): 451 Put ,E=\r\n at the end of Mether, Mtcp, or Msmtp in sendmail.cf if you are using Solaris 2.5 (fixed in 2.5.1). I cannot accept messages with stray newlines. Many SMTP servers will time out waiting for \r\n.\r\n. ... 1. Where could that be coming from? not qmail, unless someone edited the source. qmail replies with the following: 451 See http://pobox.com/~djb/docs/smtplf.html. There is a workaround called "fixcr" that will enable qmail to accept email with bare LF's in it, I believe that procedure is outlined in the FAQ. Oops, but that error message is from qmail--version 1.01 and earlier if my memory serves. I'll bet djb decided it was too verbose and put up a web page instead. Aaron
Re: ORBS doesn't like me :(
Quoting Andy Meuse ([EMAIL PROTECTED]): I created a rcpthosts file populated with my domain. Now the error I'm recieving after sending remote mail is .. "No transport provider was available for delivery to this recipient." Heh.. that doesn't say anything. That's an Outlookism that it spits out when it really does not know what is going on (like all of the time). "No transport provider .." bah! If you could provide the actual error message that qmail-smtpd spits out, and that reasonable mailers will show you, that certainly would help a lot. In any case, the problem is (almost) certainly that RELAYCLIENT is not set for the connection, hence qmail does not allow you to relay to any domain not in rcpthosts. Aaron
Re: deferral message 451
Quoting Christopher Tolley ([EMAIL PROTECTED]): Damn...Since I messed that up completely, here is another try: OK. Well I know you're trying to help the guy with his DNS issues, but I'm afraid I read your mail and decided I had to comment. Your IP reverses back to this: 42.147.30.206.in-addr.arpa. 1D IN PTR server.lsbsolutions.com. Same potential problem. The PTR should point to lsbsolutions.com, not server.lsbsolutions.com How is that? There is an A record for server.lsbsolutions.com in the DNS. Also, you should be using CNAMEs instead of multiple A records. The only time you need more than one A record in a zone is when it's different. I don't think your advice is going to solve his problem, nor do I quite understand your reasoning. Granted that using CNAMEs can be convenient when services are moved, but there is absolutely no harm in not using CNAMEs at all. CNAME lookups take longer, even. For spam-checking, the remote host will do a lookup on the A and MX record for your domain name. If it gets neither, but there are NS records for the domain, the message is deferred. If no NS records, it's not in the root servers, it gets rejected. I don't see how messing around with all of his records is going to change the result. In my mind, what is likely happening is that the lookups are merely timing out, so the message is deferred. I noted a peculiar delay when querying those name servers. When the records are expired from the cache on the name server those machines are using, it could be they aren't getting any answer from teoi.net in a timely manner, so the mail is deferred. It could also be true that the name servers those mail servers are using just plain suck or the mail servers themselves need to be reconfigured (perhaps they are using name servers in a seperate collision domain and the link in between is congested, hell I dunno). Forward and reverse lookups match just fine. I don't see a thing wrong with that zone, really. smtp1D IN CNAME serveryou are doing nested lookups here That CNAME points to a valid A record, so do the others. How does that create a "nested lookup?" localhost 1D IN A 127.0.0.1 ---localhost.lsbsolutions.com? ppl can't get to it, so why in DNS? Hmm, why indeed? Well, how about for software that doesn't use /etc/hosts, like qmail? If it weren't in the DNS, they would not even know what the IP address for "localhost" is! That's but one argument in favor of a "localhost" A record. I think geographical and network-diverse name servers are what he needs. If you note, they are both within the same network, which we know can lead to DNS outage. :) Aaron
stray newlines (was Re: effectiveness of DUL)
Quoting Markus Stumpf ([EMAIL PROTECTED]): On Thu, Aug 24, 2000 at 09:33:49PM -0700, Jon Rust wrote: Must be a spam house, or MS software is really just THAT broken. :-) I have sometimes more than 10 tries a day from one host because of temp rejects for stray newlines. I usually place those in my local RBL for a permanent reject. ... P.P.S. Not accepting stray newlines is IMHO good for SPAM protection *smile* Most of the servers that get rejected this way are relay open ;-) The above smtp01.sohu.com:202.106.185.36 is relay open, too. 452 additional rejects within the last 20hs *smile* Interesting, yes. Well, I got tired long ago of that nonsense, so I changed the error code for the stray newline to 551, in qmail-smtpd.c. Suggested by someone else (forgot who, sorry), and wondered why I hadn't thought of it myself sooner! Aaron
Re: effectiveness of DUL
Quoting M.B. ([EMAIL PROTECTED]): Occasionally someone will ask how well the DUL or RBL works and some people throw out: DUL caught 105 items RBL caught 33 items Just how do you determine how many it caught? Do these denies get logged to tcpserver's log?? (when tcpserver is of course run w/ -v option) They get logged like so, wherever you put the stdout of the chain that starts qmail-smtpd. Ours is piped to accustamp then cyclog. 965989289.871913 rblsmtpd: 32.101.147.178 pid 12452: 553 See URL:http://mail-abuse.org/dul/ 965999356.889116 rblsmtpd: 158.252.97.199 pid 23932: 553 See URL:http://mail-abuse.org/dul/ 965999365.185936 rblsmtpd: 158.252.97.199 pid 23937: 553 See URL:http://mail-abuse.org/dul/ 966005127.412208 rblsmtpd: 158.252.30.194 pid 3172: 553 See URL:http://mail-abuse.org/dul/ 966005221.904910 rblsmtpd: 158.252.30.194 pid 3367: 553 See URL:http://mail-abuse.org/dul/ 966005661.426485 rblsmtpd: 194.149.167.138 pid 4353: 553 See URL:http://mail-abuse.org/dul/ 966017246.944041 rblsmtpd: 4.4.162.159 pid 7390: 553 See URL:http://mail-abuse.org/dul/
Re: SPAM From (was Re: Re: from: ???)
Quoting Brian Baquiran ([EMAIL PROTECTED]): Hmm. Not too long a go, we were getting a lot of spam with "From: " and "Are you ready to GRADUATE" in the subject. We ended up denying all incoming SMTP from 4.48.43.* . Yes, well, in my experience the cons of blocking null senders far outweigh the pros. The vast majority of spam is sent with forged addresses, or take-your-pick blasted free email provider addresses. I've been trying to convice once particular NT ISP here in Oregon of this fact for nearly three years. How they can allow their users to send lots of mail--to such places as AOL, any network for that matter that has external mail gateways that forward to internal hosts--and when it bounces NOT know about it is beyond me. I think it must just be ignorance of how SMTP works. Aaron
Re: UCSPI-TCP
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): One question friends Is the ucspi-tcp-0.88 version stable? or is the version 0.84 best? Interesting question. One can be very sure that software Dan Bernstein releases is stable. Idle wish I just feel like expressing: I wish Dan had coded an ftp daemon that did more than anon logins (I wish I was one-twentieth the coder Dan is). Aaron
Re: 4.7.1 error reported to netscape mail client
Quoting Dale Miracle ([EMAIL PROTECTED]): "Ihnen, David" wrote: [...] SO - My conclusion is that the system *MUST* be talking to some other service, than qmail-smtpd, or it would say something more like "syntax error (#5.5.4)" or "out of memory (#4.3.0)", rather than just "4.7.1". Troubleshoot the client's settings and the IP path. Maybe its trading off to different smtp servers? Maybe the dns or IP he's going to maps to more than one server? Of course, my source analysis may be flawed, and I invite all to look it over. Netscape source: http://lxr.mozilla.org/seamonkey/search David (who is having more fun that he probably is allowed to.) Thanks for looking that up. I set my concurrency remote to 120 so that should take care of the back log during busy periods. Hopefully that will also get rid of this problem. I talked with the user and he ok Your concurrency remote setting has no bearing on how many smtp connections tcpserver will allow. Also, tcpserver does not output smtp status codes when it reaches its configured connection limit (set with the "-c" switch). That's why I feel special attention should be paid to the paragraph written by Mr. Ihnen that I've quoted above. Aaron
Re: Relaying stopped. How to remove SPAMMER status?
Quoting Tim Jones ([EMAIL PROTECTED]): As I replied to Aaron out of band, I was not having a relay problem with QMail. The problem was an old sendmail installation. I spend a bit of time Ahh, sendmaul. Gotta love it. Well, congrats and welcome to the elite :) Aaron
Re: Relaying stopped. How to remove SPAMMER status?
Quoting Tim Jones ([EMAIL PROTECTED]): Hi Folks, Well, I've successfully installed and configured QMail on my homebrewed Linux server. As such, the rampant SPAM relay that my system allowed over the past month has been stopped. Fascinating. qmail is relay-proof by default, so you almost have to purposefully mess up, unless doing something really dumb like allowing percent hack or something, to allow it to relay. Then, having messed up and knew it, you let it be a "rampant spam relay" for a month? I hope I'm not reading that correctly--perhaps it was rampant for a month and you just happened to not notice and only did *today*. Excuse me, but administrators of spam relays get me worked up. Especially qmail relays! Ugh. What are the steps I should take to get my mail host removed from the "provider of SPAM relay" lists? What "provider of SPAM relay" lists do you think you are on? How is it you know you are on them and not know how to get off? (for example, if you're on RSS, your bounces will have a URL to see. Have you gone to see it??). Aaron
Re: Relaying stopped. How to remove SPAMMER status?
Quoting M.B. ([EMAIL PROTECTED]): -Original Message- From: Aaron L. Meehan [mailto:[EMAIL PROTECTED]] Fascinating. qmail is relay-proof by default, so you almost have to purposefully mess up, unless doing something really dumb like allowing percent hack or something, to allow it to relay. Then, having messed up and knew it, you let it be a "rampant spam relay" for a month? I hope I'm not reading that correctly--perhaps it was rampant for a month and you just happened to not notice and only did *today*. or perhaps he didn't understand the relay control stuff w/ tcpserver and didn't have rcpthosts in place or some such. there have been plenty of people who have innocently not understood that process and removed the file. i would not call it a purposeful breaking of qmail. and if you don't know that the percent hack stuff removal is "dumb", you may do it not knowing any better. inexperienced is not dumb. Heck, I am being harsh, however "back in the day" when I first tackled qmail and then switched our network from sendmail, anti-relay was first and foremost in my mind. There was not anything in the way of Dave Sill's "Life With qmail." Somehow I managed to muddle through without us becoming among the vilified spam relays. I suppose attention to detail is the key. Understanding your software thouroughly *before* making the box available to the Internet-at-large is essential. Allowing smtp connections, IMAP connections, POP3 connections, etc., without understanding the ramifications.. well I guess there are just many more inexperienced administrators out there nowadays. Disclaimer: I ain't perfect--but I try to pay attention to detail :) If you don't, your network has just become a menace to the rest. Aaron
Re: misconfigured zones.
Quoting Jesús Arnáiz ([EMAIL PROTECTED]): De: Sean C Truman [mailto:[EMAIL PROTECTED]] That is a misconfigured Zone file.. That is not a bug in qmail.. that should not have the . at the end of it unless it is pointed to a FQDN. Yes but if other servers work with this zone I think some may be changed in qmail in order to work with this misconfigured zones. OK, how about keeping all these messages regarding your DNS troubles in one thread? Anyway... Tell us which version of qmail you are using. I do believe Dan relaxed qmail's strictness of MX pointing to IP addresses in 1.03. Some bitched loudly about it since "sendmail does it." Blah! It just allowed administrators that don't know squat about DNS to get their mail :) So, if you're using 1.02 or earlier then qmail will indeed bounce the mail. You still should email the administrators of that zone and clue them into the fact that MX's are supposed to be FQDN's. Aaron dig .xx mx xxx.xxx.es. 6h54m46s IN MX 10 999.99.999.99.
Re: How to requeue messages?
Quoting Albert Hopkins ([EMAIL PROTECTED]): The new location is on another (non-qmail) server. Basically this user is wanting her currently delivered email to be send to the other email address (the one I put in her .qmail). I'm not sure if it's called requeuing or what but basically I want qmail to re-process the delivered mail according to the new .qmail file. How I would do it is to fire up mutt (cd ~user; mutt -f Maildir) then bounce (aka resend) the messages to her new address. Delete them after confirming delivery. If you don't have an MUA that does Maildir, perhaps something like the following: for mess in *; do /var/qmail/bin/qmail-inject [EMAIL PROTECTED] $mess; done Aaron
Re: Relaying dialup mail users for qmail.
Quoting Chris, the Young One ([EMAIL PROTECTED]): !How do I allow this to happen, if I dont know the IP address of ! the user wishing to relay?? Yikes, I see I will have to modify my quoted text regexp. Oh, the heck with it... I'm not putting an exclamation mark in it. Put rules of the form =.foo.bar, if the domain name you wish to allow relay is foo.bar. Then any client whose IP address reverse-resolves to *.foo.bar can relay. A malicious individual who has control over his reverse DNS could then also relay mail via your server. Assuming you're not checking IP addresses in "paranoid" mode, of course. A low risk, to be sure, as most spammers are clueless. Something to think about, though, since it's not always just plain ol' spammers that spam. Aaron
Re: Relationship between qmail and root named servers
Quoting Luis Bezerra ([EMAIL PROTECTED]): Yesterday, when my international backbone goes down, my DNS goes down too because the named root servers are located in USA. And I suspect that exists one relationship between the problems. Actually, not all the root name servers are in the US. There is at least one in England and one in Japan, and perhaps elsewhere. I'm pretty sure the GTLD servers (global top-level domain, i.e. .br, .uk, etc.) are geographically diverse as well, but I haven't the motivation right now to find out :) anyone already worked with one problem like this? I think Russ Nelson said it as well as it can be: Brazilian networks probably should have a name server serving the root domains. Otherwise, *everything* that relies on DNS has the potential to fail if your international routing fails. Your problem really has not a thing to do with qmail specifically. Aaron
Re: another broken mailer [MAILER-DAEMON@infoteen.com: Returned Mail: user qmail@list.cr.yp.to unknown!]
Quoting Peter van Dijk ([EMAIL PROTECTED]): And my previous message about a broken mailer generated a bounce from *another* broken mailer... - Forwarded message from Mail Delivery Subsystem [EMAIL PROTECTED] - My mail to [EMAIL PROTECTED] bounced, so I malleted them into badmailfrom--they are kind enough to send their bounces with a non-null return-path :) I think it would be nice if Mr. Bernstein could unsub these dweebs from the list. Aaron The following email has been returned to you. Error 550: User [EMAIL PROTECTED] is not an existing InfoTeen.com account. Please make sure that the email address you specified, [EMAIL PROTECTED]@infoteen.com is valid.
Re: Unable to send a huge file
Quoting Ismal Hisham Darus ([EMAIL PROTECTED]): Hi, I don't know where the problem is .. but in my my case, we have two qmail servers server0 and server1 (not using inetd.. of course :)). When somebody send files exceeding 2.5mb, he get a bouce mail stating that : Remote host said: 552 Requested mail action aborted: exceeded storage allocation. Ismal, showing us the mail logs in such situations is usually a good idea. If others had seen the recipient address, you would have had your answer very quickly. Anyway, as others stated, that message isn't output by qmail. I _have_ seen that particular annoying message before: it's output by hotmail.com's mail servers when you send an email to someone there that has exceeded their mail quota. The quota is quite small at hotmail and other free mail providers, and they outright *bounce* mail when it's exceeded. Aaron
Re: the bounce bounced!
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): Hello, when I mail for an unknown user arraived a bounce message is generated. But this message bounce, my smarthost wont deliver that: [EMAIL PROTECTED]: 195.20.224.204 said: 503 Valid RCPT TO recipient must precede DATA Well, the way I read it is that it's saying the *recipient* is not valid. Your whole mail situation seems to be complicated by you using a smarthost that doesn't behave properly, but we can only guess as to what is really going on with the limited information available. As an observation, in my opinion, that error message, although technically correct to a fault, is not worded in such a way that the average user could understand. Exim, hmm. Return-Path: Received: (qmail 2419 invoked for bounce); 20 Jul 2000 16:31:09 - cut-- I see the problem: The empty Return-Path, but I don`t know where to fix this! The Return-Path is *supposed to be empty* if the message is a delivery notification (like a bounce). Your smarthost should not be caring whether you send mail with null return-paths. Aaron
Re: from-adresse in bounce-mail
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): all mails written or delivered to my server ruppert.terramenta.de are adress masqueraded, that they have the form [EMAIL PROTECTED]. That works fine. But when a mail bounce because the adress is not existent (e.g. [EMAIL PROTECTED]) the mailadresse from the mailer-daemon is still [EMAIL PROTECTED] See the man page for qmail-control. You want to put terramenta.de into control/bouncehost. The smarthost I use only transport mail with adresses from terramenta.de, so the mail from [EMAIL PROTECTED] bounce. MAILER-DAEMON@ is what you see in the mail's From header, and has nothing to do with the sender address, which for a bounce would be NULL--maybe that is why your mail is being rejected, hmm? I don't know your particular situation, of course, but your smarthost should be allowing relaying based on your IP address, and not what's in From or the envelope sender, otherwise it's basically an open relay (and spammers will find it, eventually). You might point that out to the machine's adminstrator, if my analysis of the situation is correct. Aaron
Re: Defining as local and not remote
Quoting Robert Spraggs ([EMAIL PROTECTED]): I have been successful stopping relaying to outside hosts using tcpserver, but any message starting with a Message ID can be delivered to an Do you mean anything with a null return path? qmail doesn't give a whit what's in the message-id, nor does it relay to anywhere just because the return path is null. Only connections that have RELAYCLIENT set or to recipients in rcpthosts are accepted for relay. If this is really the behavior you see, you need to provide information on your qmail setup--any patches, addons, etc that you have applied or using that may cause this sort of behavior. The results of qmail-showctl and the IP address of the server in question would be nice, too, so others can test it. Results of your relay tests (telnet to port 25, for example) may be helpful. To be sure, I've never seen such behavior by stock qmail, so something is rotten in Denmark. :) Aaron
Re: Defining as local and not remote
Quoting Robert Spraggs ([EMAIL PROTECTED]): I am using the out-of-the-box configuration of qmail 1.0.3. Jul 11 13:43:10 noif qmail: 963348190.748946 info msg 2654625: bytes 1426 from qp 17024 uid 7774 Jul 11 13:43:10 noif qmail: 963348190.760341 starting delivery 9163: msg 2654625 to remote [EMAIL PROTECTED] I would have thought that this message should have failed since it is not in my rcpthosts, or listed in my tcp.smtp.cbd file, and therefore not considered local. Here is my tcp.smtp: 192.168.2.:allow,RELAYCLIENT"" :allow Hmm, well the output of tcpserver's logfile would help more with determining whether this connection comes from an IP address that is allowed relaying. Second, that rule 192.168.2.:allow,RELAYCLIENT"" is not formatted properly. It should be RELAYCLIENT="" -- although I must say the formatting error would not cause unauthorized relay. It would seem you're obfuscating your IP addresses, or else really using reserved IP space? If the IP address isn't in your rules file and setting RELAYCLIENT, with stock qmail and a working tcpserver with rules, I can only think of one thing: the message is accepted by another mail server in the 192.168.2.0/24 network with your qmail server as its smarthost. There's no other way to relay through stock qmail if you have a rcpthosts file present. RELAYCLIENT *has* to be set, period. So, what was the IP address of the connection that initiated that mail transfer? Don't obfuscate, show us the real stuff, and the tcpserver logs. Aaron
Re: How do I stop this spam test from failing?
Quoting Robert Spraggs ([EMAIL PROTECTED]): But why does qmail allow for this type of address to be accepted as ok? RCPT TO:[EMAIL PROTECTED]@[199.175.103.1] What normal use would there be for such a message construct? Back in the day with sendmaul, this would send a message to [EMAIL PROTECTED] via 199.175.103.1. Nowadays, I'd say use is pretty much restricted to spammers who try to get around anti-relay configurations, and who are often successful due to MTA bugs and admin-induced holes, hence the need to test servers for such flaws. qmail will bounce the mail after it fails to find a local user named "[EMAIL PROTECTED]". qmail accepts all local deliveries unless not allowed by badmailfrom or similiar. Like Adam said, it's nothing for you to worry about, since the relay tester will never get a reply back. Aaron
Re: bounce management
Quoting Thomas Duterme ([EMAIL PROTECTED]): I'm new to managing bounces, so please bear with me. I've had a very tough time finding any good documentation which could guide me to building some scripts to parse through my bounces and semi-automate them. I do fairly large mailings at a time, and I'd like to properly manage my bounces. Basically, I'm curious to what everyone else is doing for managing bounces and if anyone has any good online documentation they could point me to. Man, don't even worry about parsing all those different bounces. Another poor soul on this list has said he needs to parse 70,000 or so of them--that sounds awfully painful. Use the method that djb pioneered to handle bounces: VERP. Details at http://cr.yp.to/proto/verp.txt. Set QMAILINJECT="r" in your environment when sending the mail to generate VERP return paths (see the return path of this list message to see what VERP does to the return address). See qmail-inject's man page for details on the QMAILINJECT environment variable. Aaron
Re: smtp forwarding works, but delivery fails.
Quoting Nathan Weyer ([EMAIL PROTECTED]): ... I have the relaying up and running and the messages pass though, but messages are bounced saying it couldn't find the host. This goes for addresses within our subnet, the gateway/smtp server, and the outside world. I've doubleckecked with nslookup, and we are getting name resolution. A quick piece of maillog (gw=gateway/smtp/dns machine): mydomain.net is our block of ips (sends to inside still fail) ... gw qmail: 963586031.155406 delivery 2: failure: Sorry,_I_couldn't_find_any_host_named_outside.net?._(#5.1.2)/ Hmm, my guess is that in your tcprules you have RELAYCLIENT=" " or similiar in the rule for the IP address of this connection. Did you not notice in the logs that an extra character is being appended to the end of your recipient's address? To allow relaying, set RELAYCLIENT with an empty string, or else what's there gets appended to the address. That's my guess, anyway. Why don't you copy paste the relevent rule from your tcprules text file. Aaron
Re: security issue
Quoting John Steniger ([EMAIL PROTECTED]): Running a network test against my recent qmail installation, I get reports on the mailto programs hole, which allows users to telnet to port 25 and issue: MAIL FROM: root@this_host RCPT: any program Huh. I've never heard of this exploit! Now, that doesn't mean the exploit doesn't exist, or didn't, at some particular time, regarding some particular MTA. I could believe sendmaul would have an exploit like that. heh. This allows users to potentially execute any command with root authority. The warning came with the caveat that this may not be an issue, as some MTA's simply drop these messages silently. It's probably assuming that since qmail didn't return an error code that it could be vulnerable. That's not relevent with qmail since, as you know, stock qmail will accept all messages unless some other rule blocks you, i.e. badmailfrom. Does anyone know how qmail handles this? Is this an issue with qmail, or is qmail one of the exceptions? qmail would not be vulnerable to any exploit like that unless you made yourself vulnerable, and most would argue that you then not classify it as a qmail vulnerability. Perhaps you have "| hackme" in ~alias/.qmail-hackme, so a rcpt to:hackme gets you in trouble. Of course hackme will only run as user alias unless its setuid something, so program deliveries are limited unless you or your software really goof up. qmail doesn't deliver to root, so nothing in ~root/.qmail can get you clobbered, either. good luck, Aaron
Re: How to do a reverse DNS lookup in Qmail ?
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): If you use tcpserver (ucspi package), simply add the -p parameter to tcpserver command line. This will force the "paranoid" mode and tcpserver will do a reverse DNS check. This will force tcpserver to make sure the A and PTR records are a match. tcpserver does reverse lookups by default -- the -h and -H switches control this. In addition, setting -p only tells tcpserver to set a particular environment variable if the connection is deemed "paranoid." You need another switch to actually get it to reject the connection outright. This wasn't what he was asking about. He wants to reject connections, if I understand his english properly, that come from IP addresses that don't resolve to a name (reverse dns lookup). I think that's a bad idea. You didn't quote or attribute the message to which you were replying. Tisk -- this is a mailing list, after all. I'd be able to show better that you answered without understanding exactly what he meant. Aaron
Re: Open Relay
Quoting Bolivar Diaz Galarza ([EMAIL PROTECTED]): Thanks for the tip, I read everything in the links you gave me, but still doesn't work. I checked the tcprules using tcprulescheck: tcprulescheck /etc/tcp.smtp.cdb 200.38.239.65 and the response is: rule 200.38.239.: set environment variable RELAYCLIENTE= allow connection Well, it looks like you misspelled "RELAYCLIENT." Remove the "E" there at the end and you should be fine. Aaron
Re: 501 Syntax Error
Quoting Ben Beuchler ([EMAIL PROTECTED]):
[EMAIL PROTECTED]:
Connected to 209.46.71.115 but sender was rejected.
Remote host said: 501 Syntax Error
They are rejecting the NULL ("") sender address. Tell 'em to go
read RFC 821 and 1123!
However, when I manually try it, it works:
mail from:[EMAIL PROTECTED]
250 OK
Ahh, but you didn't try it as :)
Aaron
Re: 501 Syntax Error
Quoting Ben Beuchler ([EMAIL PROTECTED]):
On Fri, Jun 09, 2000 at 02:23:22PM -0700, Aaron L. Meehan wrote:
They are rejecting the NULL ("") sender address. Tell 'em to go
read RFC 821 and 1123!
Ah HA! And I'm assuming qmail only uses NULL senders on bounces? As RFC
821 suggests, of course...
Naturally... :) If they balk, clue them in to the fact that they
aren't getting bounces from any network that has external mail
gateways that forward _all_ email to internal hosts, ala AOL. A lot
of dimwitted admins seem to think our mail server is broken, since
they get bounces from "everyone else." :)
RFC1123:
5.3.3 Reliable Mail Receipt
When the receiver-SMTP accepts a piece of mail (by sending a
"250 OK" message in response to DATA), it is accepting
responsibility for delivering or relaying the message. It must
take this responsibility seriously, i.e., it MUST NOT lose the
message for frivolous reasons, e.g., because the host later
crashes or because of a predictable resource shortage.
If there is a delivery failure after acceptance of a message,
the receiver-SMTP MUST formulate and mail a notification
message. This notification MUST be sent using a null ("")
reverse path in the envelope; see Section 3.6 of RFC-821. The
recipient of this notification SHOULD be the address from the
envelope return path (or the Return-Path: line). However, if
this address is null (""), the receiver-SMTP MUST NOT send a
notification. If the address is an explicit source route, it
SHOULD be stripped down to its final hop.
Re: Does someone knows what is this about?
Quoting Peter van Dijk ([EMAIL PROTECTED]): On Mon, Jun 05, 2000 at 10:48:24AM -0500, Mate Wierdl wrote: More evidence that the person running ORBS is incompetent. He's not. I've spoken to him on several occasions and he is quite clueful. I don't believe Alan Brown incompetent, either. That little missive about qmail on his web site is plain ignorance, however. What I do know about him is that he's very aggressive about whatever he perceives as network abuse. He's very conscious of bandwidth usage; as operator of an ISP in New Zealand he has had to think much harder than most of the rest of us about what's using his bandwidth. It's somewhat ironic that his role on the net these days causes his bandwidth-starved network to be attacked pretty regularly ;) I don't know for sure but I wonder if his net connection has been upgraded recently. He detests spam and spammers. Spammers of any kind. As an IRC operator on Undernet -- his network hosts an Undernet server -- he is very aggressive against any network abusers, espcecially spammers. He's been known to ban entire domains much more often than any other oper (one in particular I remember, all of uu.net was banned. Big-time collateral damage :-). I did a couple year stint as an oper there (glad I'm done with IRC), so this is all first-hand experience. He's often quite ruthless! Anyway, sorry for the off-topic nature. This is just FYI based on my experience with the man currently behind ORBS. I generally respect him, but he often does not engender good feelings torward him from others. Aaron
Re: Disable telnet to port 110
Quoting Daniel J. Zaccariello ([EMAIL PROTECTED]): You could: 1. Disable telnetd telnetd listens on port 23, by default. 2. Make the user's shell /usr/nologin or something (depends on your OS). If you think about this some more, you'll realize this isn't going to do anything for this person, either :) It's difficult to answer a nonsensical question. Aaron At 05/14/2000 05:48 AM Sunday, Mark Lo wrote: Hi, I would like to know how to disable telnet to port 110, but still let my user to retrive mail via mail client at port 110?? (using tcpserver)
Re: Virtual Domain User not receiving mail
Quoting James ([EMAIL PROTECTED]): I have finally been able to get Qmail to work with local users and receiving mail from outside my server. My next step is to try to get mail to my virtual domain users. I am using Mandrake 7.02. Here are the steps I have taken, but still cannot get mail to my virtual domain user: 1. I've created a user called "pony" whom I wish to have administrative control for "ponyexpressdelivery.com" 2. I have configured my virtualdomains file to look like this: @ponyexpressdelivery.com:pony Remove the @ before the domain name. 3. I've configured my locals file to include pony, and kevin, but not ponyexpressdelivery.com Virtual domains do not go into the control/locals. 4. I've configured my rcpthosts file to include the following: ponyexpressdelivery.com [EMAIL PROTECTED] [EMAIL PROTECTED] Only domain names go into control/rcpthosts. Remove the email addresses. After completing these steps, restart qmail-send. Aaron
Re: temporary failure warning message
Quoting Russell Nelson ([EMAIL PROTECTED]): Chris Hardie writes: Unfortunately, that link appears to be broken. Brian Wightman, please pick up the nearest courtesy phone. It's also temporarily available as http://www.qmail.org/qmail_bounce-0.0alpha6.tar.gz . If Brian doesn't show up too soon, I'll change the link to point to my server. I'm pretty sure I remember seeing a post from Brian some time back where he stated he was no longer working on the notifier. He asked for volunteers to pick up the slack, I think. Aaron
Re: Sender domain must resolve error for some sites...
Quoting Anthony White ([EMAIL PROTECTED]): Duncan Watson wrote: From my point of view the bouncing programs are broken. Having no address record for a domain but having MX records as you do is 100% valid. I have That is what I thaught... You're not getting it, dude. Your DNS setup is broken. Your nameservers return server failure when looking up an A record for movielink.net.au. It's OK to not have an A record for a domain you want to receive mail. It's not OK to return SERVFAIL when looking up an A record. 'guestmail.net' and 'is.com.fj' I have got my ISP to change the reverse lookup to 'movielink.net.au'. Your problem has nothing to do with reverse lookups. Those machines should not be rejecting your email outright, however you do need to fix something in the dns for the movielink.net.au zone. I dont know if this is valid but at least it the IP '139.130.11.172' should reverse lookup to 'movielink.net.au' (Qmail still says HELO 'mail.movielink.net.au' which results in a message that it may be forged but at least it should not stop things) Put the domain name it resolves to into control/helohost. Aaron
Re: You have mail problems...
Quoting John W. Lemons III ([EMAIL PROTECTED]): (If I'm being stupid, just slap my hand and put me to bed without my dinner) "You have mail." appears every time I log into my server. This would normally be no big deal, except that the only mail message is the "Mail system internal data" message. Before QMail, this one message wouldn't set off the "You have mail" message. Do I have something mis-configured? Well, it's your shell that displays that message. Has nothing to do with qmail. It's just reads the modification time of the file. "You have mail" is different than "You have new mail." I'm clueless as to how a qmail install could change this behavior. Aaron
Re: Sender domain must resolve error for some sites...
Quoting Duncan Watson ([EMAIL PROTECTED]): On Fri, Apr 14, 2000 at 11:50:52AM -0700, Anthony White wrote: There is no record pointing to the domain itself. It points to 'mail.movielink.net.au' From my point of view the bouncing programs are broken. Having no address record for a domain but having MX records as you do is 100% valid. I have Yes this is true, however his DNS setup is indeed broken. Trying to get an A record for movielink.net.au returns SERVFAIL, not merely NXDOMAIN (no such domain). ; DiG 8.2 movielink.net.au a ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: SERVFAIL, id: 4 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUERY SECTION: ;; movielink.net.au, type = A, class = IN Even our qmail server (with UCE patches) would reject his mail. It's arguable... Aaron used that setup many times. You want mail.movielink.net.au to reverse resolve to the domain it claims to be (mail.movielink.net.au) for other reasons and for filters that do checking correctly. There is nothing wrong with mascarading either ethically or technically. Some zeolots are preaching that all should resolve in their ideologically correct way but unfortunately many of their ideologies are flawed in that they do not handle: 1. dialup users needs 2. certain types of firewall needs (yours) 3. basically anything past a certain level of complexity. Who is doing the bouncing? /Duncan -- Duncan Watson nCube -- Aaron L. Meehan [EMAIL PROTECTED] System AdministratorCentral Oregon Internet http://www.coinet.com/
Vapormail (was: Re: Problem: 552 max. message size exceeded)
Quoting Jeremy Hansen ([EMAIL PROTECTED]): This is true, yet I don't understand why Wietse claims so many more people are using Postfix. I don't have the link to the thread off hand, but I remember reading something along the lines of "No one uses qmail, a few people are using Postfix" which boggled my mind because all the places I've visited in the past month or so in the Silicon Valley, about 10 - 15 companies all use qmail, none use Postfix. So where is he getting his information? The proverbial ether, probably! I really think he should have left the name as Vapormail, which DJB suggested he should name is "vaporware" MTA. Heh. Well, hmm, if I remember correctly. It was awhile ago Wietse came here trolling for a name for his new qmail replacement. I remember getting a laugh out of it, whatever the name was ;-) I like Vapormail better than ``Postfix.'' What does that mean, anyway? :) Aaron
Re: locking out mail accounts ...
Quoting Shaun Gibson ([EMAIL PROTECTED]): - lock a mailbox (without deleting it or the mail contained in it) How do you normally lock an account on your particular flavor of unix? What's your authentication scheme? - if a user tries to access a mailbox locked like this all they get back when trying to collect mail is a preset 'call support to re-enable this mailbox'. You didn't say what pop-3 server you're using. qmail-pop3d could be easily hacked to return "-ERR Mail account locked. Call tech support." Whether the MUA actually displays to the user the server's response is another question. Aaron
Re: locking out mail accounts ...
Quoting Aled Treharne ([EMAIL PROTECTED]): Ok, here's a random idea that suddenly occurred to me: When the account is locked, the POP daemon recognises this, and when a user tries to get their mail, only send 1 message, which is a standard message from tech Support telling the user that their account is locked and instructions on what to do next. Yes, an obvious flaw to hacking the server's error response is that the account may not neccessarily be locked. The user may have entered an incorrect password. Anyway, more details from the guy who posted would be nice. Aaron
Re: Problem: 552 max. message size exceeded
Quoting Peter van Dijk ([EMAIL PROTECTED]): On Thu, Mar 30, 2000 at 11:17:16AM -0800, Aaron L. Meehan wrote: [snip] Yes, this same thing happens when sending messages larger than 1Mb to hotmail.com nowadays. There was a good thread about it, if I remember. The deal was that hotmail is expecting the peer to implement ESMTP SIZE if it gets "EHLO blah." qmail-remote says HELO, not EHLO. Ahh, yes, that was why hotmail's behavior was so utterly broken! I didn't recall that fact. Thanks. Aaron
Re: Problem: 552 max. message size exceeded
Quoting Dave Sill ([EMAIL PROTECTED]): [EMAIL PROTECTED] wrote: Locally I get: 03-29-2000.00:19:27.702631 delivery 4: deferral: Connected_to_192.168.1.1_but_connection_died._(#4.4.2)/ Looks like the remote MTA is sending that 552 message while qmail is still transmitting data, which I think violates the SMTP protocol. I'm not an SMTP expert, but I really doubt qmail is misbehaving. Dan is just too careful to miss something like that. Yes, this same thing happens when sending messages larger than 1Mb to hotmail.com nowadays. There was a good thread about it, if I remember. The deal was that hotmail is expecting the peer to implement ESMTP SIZE if it gets "EHLO blah." Aaron
Re: Qmail Relay Question
Quoting Lee Trotter ([EMAIL PROTECTED]): I am also on an IIS list and not once has someone been put down for not ^^^ Well, that explains it. searching the archives or reading one of the manuals, which are not nearly as cryptic as the liunx/qmail documentation. Frankly I don't have the time to search though hundreds of emails in the archive Man, that's a bad sign. A Bad Sign indeed. Don't have time to read docs? A script kiddie's dream to find a network operated with the assumption that help is merely an outlook express click-and-drool session away. You're connected via DSL, so I guess you're not an access provider, thank goodness. But, how am I to tell, I can't see your website! So as to not seem like a complete flame, here's some advice: 1 - Don't assume qmail has anything to do with linux (I had to put that in). 2 - Don't assume others have time to help you. 3 - Assume your problem is answered somewhere already. The latter two are so obvious you probably know it already. The original poster had ``Network Administrator'' in his sig -- IMO that implies a certain level of knowledge and common sense that is so lacking in his mails to this list. So why is your webserver not sending data? Might want to click-and-drool an emergency help request to the IIS list. Ohh, ouch! good luck, Aaron
Re: relay question
Quoting Jonathan Fortin ([EMAIL PROTECTED]): Ive read webwave qmail faq and another qmail faq, and i was wondering how to i setup relay so only users can send email thru our smtp if its going to a user from our domain... Hey, looks like you have been reading that thread :) edit /etc/tcp.smtp and add 207.61.176.194:allow:RELAYCLIENT="" So, this is close, but no cigar. Attention to detail and all that. If your network is 207.61.176.0/24 then you'll want this: 207.61.176.:allow,RELAYCLIENT="" Listing a specific IP address will only allow relaying from exactly that address. and then ran tcpmakectl to transfer that into a tcp.smtp.cdb and then in rc, i added /usr/local/bin/tcpcontrol /etc/tcp.smtp.cdb, That's the wrong program (don't know what that is...). Should be: /usr/local/bin/tcpserver -x/etc/tcp.smtp.cdb [ rest of command line args ] Aaron
Re: AOL Problem - Looked in archive ....
Quoting Jim Arnott ([EMAIL PROTECTED]): I had this problem once. It had nothing to do with qmail. AOL, earthlink ... check the From: and/or Reply-To: domain to make sure it is valid. In which case the mail would be blocked after MAIL FROM, as in: 250 rly-yg04.mx.aol.com OK mail from:[EMAIL PROTECTED] 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE The gentleman who wrote posted a log excerpt showing his email being accepted by AOL. Aaron p.s. why did you quote his entire mail?
Re: Effective anti spamming
Quoting Mark E. Drummond ([EMAIL PROTECTED]): I am currently using rblsmtpd to block spammers on the RBL. I may add ORBS as well. Think I'll wait, gather some stats on how much is being blocked by RBL, and then compare with RBL+ORBS. My anti-spam mantra is "RSS+RBL+DUL" I hardly ever get spam these days. Perhaps an average of one a week. Am I just lucky? I dunno for sure, but I opened a hotmail account just for grins, never used it, and a month later already have 30+ spams. Wierd. Since djb's quotes are hip right now, I'll invoke the "Profile, don't speculate" rule (I think that was the quote...? ). I really wanted to see just how things were going and this thread is my excuse. These stats are for Feb 24, 9:15pm local until now. RSS has blocked 2294 smtp connections. DUL has blocked 306 smtp connections. RBL has blocked 3767 smtp connections. note: RBL rejections output 421 error code, DUL and RSS 553. That does seem strange, don't ask my why I did that now, because I don't know I have a particular reason. It would seem more logical to have RSS hosts receive a deferral, but there are a lot more hosts on RSS, which would result in quite a few deferrals. I *think* that was my reasoning... qmailanalog stats for the time period, and the actual hosts rejected, are at http://defiant.coinet.com/rss.html for those who are interested in looking. Our local cable company got listed in RSS a couple weeks ago, resulting in only the second time, I know of that is, that legit email may have been affected (been using RSS since before it was affiliated with MAPS). The bozos got relay-raped by a viagra spammer. Aaron
Re: Encryption and t-shirts
Quoting Mullen, Patrick ([EMAIL PROTECTED]): ... "Send mail with Q-Mail." I think it's generally accepted that qmail is spelled "qmail." No caps, no hyphens or other extraneous characters. Aaron
Re: users/assign Bad format?
Quoting Daniel ([EMAIL PROTECTED]):
qmail-newu says "fatal: bad format in users/assign"
when users/assign has a single line reading
"=tech:daniel:1000:100:/home/daniel:-:tech:"
The file's last line needs to contain a dot (".") and
only a dot. That's in the man page for qmail-users(5) ...
Aaron
Re: dos attacks
Quoting Marek Narkiewicz ([EMAIL PROTECTED]): Would it be possible to lmit the number of spawns that tcpserver can make from one ip address concurrently to preven one ip spawning up to the limit of concurrent daemons and denying access to that daemon? I can't think of a way to do it from what i've read of the docs but it seems like quite a useful feature so i was wondering if there was a patch or a plan to add that functionality? If not can someone give me a few pointers on what would be involved in such a modification so I can have a go myselgf? cheers You might try IPLimit: http://www.jedi.claranet.fr I used it successfully against those broken, PITA, bare-linefeed-sending MS mail servers. A Gotcha that got me: IPLimit's docs mention putting its data file into /var/run. If your particular *nix (esp linux distributions such as debian, which we run) removes files in /var/run on bootup, make sure to touch it and chmod so that it's writable by the userid tcpserver switches to, because it doesn't create the file itself. Alternatively, hack the code to put it elsewhere or open the file for writing. Aaron
Re: workaround for port 25 block?
Quoting Racer X ([EMAIL PROTECTED]): if you mean the ISP blocks inbound port 25 connections to your machine: yell at your ISP. they're being too nazi with their firewall rules. if they don't open the port find a new ISP. this is assuming, btw, that you have a The reason they took this draconian measure was to protect the rest of us from their customers. Hundreds, if not thousands, of their customers are running proxies and mail servers with little or no security. The vast majority of these proxies and relays were allowing mail relaying and proxied usenet posting (proxy everything, for that matter). Very nasty. They were facing UDP and probably other sanctions. @home: scourge of the internet. Aaron
Re: workaround for port 25 block?
Quoting Aaron L. Meehan ([EMAIL PROTECTED]): sanctions. @home: scourge of the internet. Bleh, of course we're talking about road runner! I get all these mega cable co's confused, I guess. Perhaps they learned from @home's problems and took proactive measures. Aaron
Re: pop3 email access for root?
Quoting Liu Zehua ([EMAIL PROTECTED]): I've setup qmail to provide pop3 serves. I can access emails of all accounts except root.. can any body tell me why? Perhaps your checkpassword denies root logins? You didn't mention anything about your setup. In any case, it's not a good idea, perhaps even dumb, to login as root via pop3. Your password is sent in the clear. You don't want any root passwords sent anywhere unencrypted! Aaron
Re: SetEnv QMAILSUSER not working in Apache conf
Quoting Chris Hardie ([EMAIL PROTECTED]): Hi. I'm tackling the old problem of having "Return-Path" headers generated by CGI scripts set to something other than "[EMAIL PROTECTED]". I believe I understand what needs to be done, after reading these: And yet, qmail-inject is seemingly unaffected, and all messages generated have the "[EMAIL PROTECTED]" header. I've always used the 'f' switch to qmail-inject to do that in scripts and such. qmail-inject [EMAIL PROTECTED] [EMAIL PROTECTED] ... Aaron
Re: qmail vs. sendmail weirdness
Quoting jay ([EMAIL PROTECTED]): I added that pop user to my mail client, and sent out a few messages to test. When I send a message to a domain that uses sendmail, I get a bounce saying: [EMAIL PROTECTED] ... Domain must exist Well, it can't be mydomain.com, because that exists: mydomain.comA 216.34.89.70 So, I _assume_ that you're sending email with some other domain in your envelope address, and that domain does not resolve properly. Aaron
Re: Using mutt and qmail.
Quoting Magnus Bodin ([EMAIL PROTECTED]): On Mon, Dec 27, 1999 at 05:57:30PM +0100, Arne Hanssen wrote: Anyone who wants to comment on this (and perhaps explaing "things" to me)? ;-) Perhaps there are better ways to set the correct Return-Path. In your .muttrc: set hostname = go.telia.no Hmmm that didn't really work for me. I've had to take care of this by setting QMAILSHOST in my environment. Aaron
Re: Hotmail
Quoting Monte Mitzelfelt ([EMAIL PROTECTED]): On Fri, 10 Dec 1999, Aaron L. Meehan wrote: I would think that if a 500 code were sent, then qmail would see it and the email would be deferred. All queued messages are over 2Mb. Looks like anything larger than that is causing hotmail to choke. That's what it looks like, anyway. Only if it thought its turn was over (ie DATA ... . was finished) as far as I can tell from the code. They are timing me out and giving me 500 messages when it is my turn to talk. I haven't check the RFC's yet to see if this turn notion is correct or not, but it's the working theory around the office right now. OK got it. It's now Monday morning and I've got 15 messages with attachments queued for hotmail, all dying in the middle somewhere. This is quite the waste of our bandwidth, I do think. I don't think that behavior is compliant myself, but not sure what to do about it at this point. Aaron
