Re: [OT] qmail & php
On Wed, Jun 06 2001, Bill Andersen <[EMAIL PROTECTED]> wrote: > When I installed qmail, I obviously removed sendmail. Now > when I build php(4) and try to use the the mail() function, > I get "mail() not supported in this PHP build" because > sendmail was not found during the configure (I assume). 'ts not just a PHP issue but a sendmail-compatibility issue either. It's safe to link /var/qmail/bin/sendmail to /var/lib/sendmail and /usr/sbin/sendmail (other crack-brained place could be /etc/sendmail) which helps sendmail-aware software (like php and mailx) to run. ---jul
Re: ReiserFs and qmail
On Wed, Jun 20 2001, Peter van Dijk <[EMAIL PROTECTED]> wrote: > On Tue, Jun 19, 2001 at 08:15:11PM +, Nick (Keith) Fish wrote: > [snip] > > I'm not sure on the statement that qmail is unreliable under Linux due to > > its assumptiopn that "link is a synchronous operation". I've never read > > anything about it. Anyone else? > > This is true. I'm not sure, however, if this is ext2fs's or Linux's > fault. If the latter, ReiserFS suffers as well. I don't think it occurs if you mount /var/qmail, especially /var/qmail/queue with sync option. Look at the FAQ: http://cr.yp.to/qmail/faq/reliability.html#filesystems Do not use async or softupdates filesystems. If you do, and if your system crashes at the wrong moment, you will lose mail. Under Linux, make sure that all mail-handling filesystems are mounted sync. The same comments apply to sendmail and other mailers. ---jul
Re: Automatic BCC of all outgoing mail
On Sun, Aug 05 2001, Steve <[EMAIL PROTECTED]> wrote: > Does anyone know how to automatically send a copy of all outgoing email from > all addresses on a qmail machine to a remote address (e.g. for legal > compliance) - or just to save it locally in the log, and to do this without > requiring a recompile of qmail? With no testing: cd /var/qmail/bin mv qmail-rspawn qmail-rspawn.orig echo '#!/bin/sh' > qmail-rspawn echo 'tee /var/log/outgoing-emails | /var/qmail/bin/qmail-rspawn.orig' >> qmail-respawn chown root:qmail qmail-rspawn chmod 711 qmail-rspawn Maybe it does what you want. ---jul
Re: qmail + Courrier-IMAP vs just Courrier-IMAP server (newbie)
#include On Tue, Aug 14 2001, Jean-Christian Imbeault <[EMAIL PROTECTED]> wrote: > My original plan was to install qmail - VMailMgr - Courrier-IMAP. But after > a little reading I find out that Courrier-IMAP has it own email server > implementation. So it seems that qmail is not needed? Yeah, it seams so. > Am I right? If so what are the advantages/disadvantages to either using > qmail with the Courrier-IMAP engine or just using Courrier as the mail and > IMAP server? No, you're wrong. There're some nifty features like userauth and tlsauth in courier, but just look into the source code. I don't say that's a mess but there're some design flaws in that what are missing from qmail. ---jul
Re: Is qmail's log method inefficient?
On Thu, 20 May 1999, Jos Backus wrote: > fifo's are your friend. > > ... errorsto /my/fifo ... > > fifo /my/fifo | splogger I didn't try it out on other platforms (UnixWare 7.1 will be done), but on Linux errorsto didn't work after fifo generated the named pipe. Apparently because of waiting for the fifo process to poll out the log info. I think it's a very good solution (ie. errorsto), but it would be better if the program would be used as 'errorhandler loggerprog -arg1 -arg2 -- program -arg1 -arg2...' as in xinit. BTW as I mentioned earlier, I have compiled qmail successfully on SCO UnixWare 7.1 with *very* small changes. It's still in alpha, but if the results are good, I'll post my changes to Dan. -- Regards: Kevin (Balazs)
Re: Is qmail's log method inefficient?
On Sun, 23 May 1999, Jos Backus wrote: > On Sat, May 22, 1999 at 08:53:42PM +0200, Balazs Nagy wrote: > > I didn't try it out on other platforms (UnixWare 7.1 will be done), but > > on Linux errorsto didn't work after fifo generated the named pipe. > > Apparently because of waiting for the fifo process to poll out the log > > info. Oh, I'm sorry. It doesn't work if I stopped fifo and wanted to use errorsto again ;) -- Regards: Kevin (Balazs)
Re: ~/Mailbox and "you have mail"
On Sat, 29 May 1999, Brian Butler wrote: > Problem is that everything "detecting" mail checks for the > /var/spool/mail/user file, not ~/Mailbox. I can't find documentation about > how to have the "you have mail"/"you have new mail" etc. be based on the > "real" mailbox in the home directory. Give a chance to $MAIL and $MAILPATH variables. $MAIL is intended to specify your primary inbox file and $MAILPATH is a colon separated list of your inbox mail folders (you can specify alternative arrival msg for each element). > Another issue is this: I intend to get procmail (or is there a better way?) > to sort out mailing lists from BOTH the mailboxes written to by qmail, and > the fetchpop'd ones. Has anyone been through this? I'm reading the man > pages and they look good, but I'm looking for pointers in this particular > unique situation. Where can you run procmail? I think you have to put procmail to .forward and to .qmail too. In this case you can specify alternative procmailrc files (for default delivery). -- Regards: Kevin (Balazs)
Re: Bare LF problem
On Wed, 9 Jun 1999, A.Y. Sjarifuddin wrote: > Balazs Nagy wrote: > > A very good answer is at the tips and advice section at > > http://www.qmail.org/top.html by Dan himself. A tricky and cool > > answer actually. > > How to Run fixcr using tcpserver? tcpserver 'fixcr|qmail-smtpd' 2&>1 | cyclog... ... I think. Just replace "qmail-smtpd" with "'fixcr|qmail-smtpd'". -- Regards: Kevin (Balazs)
Re: qmail and > 4,000 users ?
On Mon, 6 Sep 1999, Chris McCarthy wrote: > My company wants to provide users on the internet with a free email > service ([EMAIL PROTECTED]). We'll be starting off with about > 3,000 users, potentially growing up to 10,000 in the next 12 months. It's quite common nowadays. Just keep in mind that Linux (and SCO OpenServer) supports only 32767 userids (~32200 users by default) due of uid_t's definition (signed short). Other systems (as Sun Solaris, HP/HPUX, IBM/AIX) supports much more (2147483648) because of defining uid_t as int. Thus, if your planned system would use more than 3 users, you could decide if you want to use a tougher system, or use virtual hosting. > How feasible is it to create a passwd/shadow entry for each user, > providing them with POP/IMAP access ? (or maybe just pop if imap puts > too much load on the server). In modern systems this data is cached or accessed by a database manager. For example if you turn off pam in RedHat 6.0, you can use the database feature of /var/db (it hashes /etc/group, /etc/passwd, /etc/shadow and rpc, protocols, services list). You can turn'em on and off by /etc/nsswitch.conf. If you want to use these gdbm hashes, I recommend you to use a non-pam distribution of Linux. Or you can use LDAP or SQL authentication system for virtual serving. This sounds OK, but beware of spreading out authorization and authentication data. This way you can easily set up a POP3 daemon on an ethernet alias port with your special checkpassword (with PAM and the pam_ldap module). Maybe this is the most cost-effective way if you want to give complete solution to your users (POP3, maybe IMAP, central address book). > Does this sound OK, or should we look at buying (or developing) hotmail > style software instead ? The web interface is the bottleneck. If you have enough resources to build one, or you can hire someone to who has, that's good. There are a lot of this kind of interface on the net, whcih can be good for you. BTW I don't encourage you to use web interface, unless it's a requirement. I like an IMAP-like service much better. -- Regards: Kevin (Balazs)
Re: Check the RCPT TO: against
On Mon, 6 Sep 1999, Einar Bordewich wrote: > I must confess that I'm a little unsure what I really want.. My > problem is that 95% of bounced mail, is typical doublebounce, where a user > that don't exist anymore (at my servers) has received mail and that bounce > at my side. A spamer don't use a correct address, so I then get the > doublebounce back. Another problem I then get, is the overview of > "correct" bounces where there is a misspellings of some sort, that I then > could correct. Today I don't do this a 100%, since most of the "correct" > bounce mail drowns with the rest. I have a patch for qmail which denies posting to nonexisting host names. It does with an extra DNS query. A lot of people say that this kind of check is obsolete but I found it very useful for this kind of bounce. > I can't see that I'm helping anybody with ignoring mail to non-existing > (known) users. I think I would be more help to my customers by getting the > bounces down. Then again, I can concentrate more on the issue about open > relays, by have my users (that exist) to report back to us about SPAM mail > they have received. Here I can use some more energy to block SPAM. Well, denying posting to nonexisting users is a security hole. Denying nonexisting hosts isn't - you can get this info yourself. -- Regards: Kevin (Balazs)
Re: rewrite From: header
On Thu, 26 Aug 1999, Dave Sill wrote: > "x" <[EMAIL PROTECTED]> wrote: > > > Send to mail on W/S: > > > > From: header = "user-1" <[EMAIL PROTECTED]> (on F/S) > > > > How to change From: header into : "user-1" <[EMAIL PROTECTED]> > > The best way to do this is to inject messages with the desired From > field. See the qmail-inject man page for various ways to accomplish > that. Your mailer may/should also let you configure the From field. You have two choices: 1| You send the mail locally. You can set environment variables such USER and HOST (or QMAILUSER, QMAILHOST). 2| You use SMTP service. MUAs have the header writing feature and you don't have to do header rewriting. Basically, Dave Sill is right. The question isn't "how to rewrite" but "how can i solve it". -- Regards: Kevin (Balazs)
Any benchmarks?
Hiyas,
Is there anyone who did benchmarks with MTAs? I cannot convince people who
know only sendmail or exim ;-)
Regards: Balazs
--
#!/usr/bin/perl -export-a-crypto-system-sig -http://dcs.ex.ac.uk/~aba/rsa
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0
abuse@... vs rblsmtpd
Hiyas,
I have a little cosmetic problem with spam handling. I'd like to make a
controlled account where the handled-as-spammer-hosts can post mail. This
account can be practically [EMAIL PROTECTED]
Well, I understand that RBL lists are a solution of today's problems and it
have to be isolated from smtpd, but it would be good if some spammer could
send complaining letters to my host.
Before some of you suggest me to use another IP address I have to tell that
we currently own 32 addresses and I cannot give one just for spam complains.
I think I musn't isolate myself from spammers completely because it's
generally a bad idea.
Regards: Balazs
--
#!/usr/bin/perl -export-a-crypto-system-sig -http://dcs.ex.ac.uk/~aba/rsa
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0
Qmail architecture / performance
Hiyas,
I'm just wondering how can I use the mini-qmail server and how can I handle
a large list of deliveries. OK, let's say I'm using multiple A addresses
for a name, for example mail.isp.org has six IP addresses and it receives
mails (with mini-qmail) and handle the http requests. It can be a 'same
data in each computer' style. All of the machines send to a mail handling
center (eg. deliver.isp.org) to handle qmail queue. BUT I heard about a
machine which local mails went through about two hours! Isn't this (ie. the
centralized queue) a bottleneck of qmail performance?
Regards: Balazs
--
#!/usr/bin/perl -export-a-crypto-system-sig -http://dcs.ex.ac.uk/~aba/rsa
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0
Spawn limit
Hiyas,
Why the spawn limit is hardcoded to 255? Gives this some performance lost?
Or this is just for lower load? I hope not the second one.
Regards: Kevin (Balazs)
--
#!/usr/bin/perl -export-a-crypto-system-sig -http://dcs.ex.ac.uk/~aba/rsa
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0
`Original source' verification idea
Hiyas, Iam thinking about DJB's request to Qmail's original distribution. I think it can check *source files* instead of the produced binary as in RCS ident. I mean Makefile would md5sums the .c and .h files (or so) and it would be a global static const char in "global.ver". Then you can include this file to any runnable. There would be an qmail ident which can extract this version string from these executables and it would match'em against an md5sum list distributed by DJB. Regards: Jul -- Linux Supporting Center -- Red Hat Qmail packages -- http://lsc.kva.hu PGP 0x1DE3631D / A8 B4 92 EE 1F 55 27 C8 86 64 9C 42 41 A4 BD B8 PCMCIA: People Can't Memorize Computer Industry Acronyms
Re: max concurrency remote
On Wed, 3 Mar 1999, Anand Buddhdev wrote: > On Tue, Mar 02, 1999 at 05:43:52PM -0800, Tracy R Reed wrote: > > AFAIK, it's something about the concurrency variable being 8 bits long, and > 8 bits allow 256 possible values (from 0-255). there's in auto_spawn.c: int auto_spawn = 255; AFAIK int isn't 8 bits long. BTW I had asked it a day or two before. -- Regards: Kevin (Balazs)
Re: Qmail, IMAP, POP
On Sun, 11 Apr 1999, Brad (Senior Systems Administrator - Americanisp, LLC.) wrote: > I have qmail with pop3 and Maildir's. > Would like it if we can run IMAP, along with the pop3 and > smtp. Use Maildir-powered pine and pine's imapd. -- Regards: Kevin (Balazs)
Re: System w/o /etc/passwd
On Wed, 20 Jan 1999, Robert Adams wrote: > user on the system. Anyone know of a way to get around this? Say, to tell > qmail to drop all mail to something like /mail/u/s/username? Virtual hosting. I do the same. Regards: Jul -- #!/bin/perl -sp0777i
qmtp issue
Hiyas,
I want to write an article about Qmail for a Linux related special issue of
the Hungarian Chip and it's work but I don't know whether I can give my
readers a solution for send letters via QMTP protocol.
There's a qmail-qmtpd which accepts connections from qmtp-capable clients
but I cannot find any client for this task.
Is QMTP a hypothetical protocol?
Regards: Jul
--
#!/usr/bin/perl -export-a-crypto-system-sig -http://dcs.ex.ac.uk/~aba/rsa
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0
Re: qmtp issue
On Sun, 24 Jan 1999, Balazs Nagy wrote: > Is QMTP a hypothetical protocol? Except of serialmail. Regards: Jul
[PATCH] Resolving MAIL FROM domain
Hiyas,
Nowadays I just bored to get mail from illegal hostnames and I created a
diff against vanilla qmail-1.03 (see attachment).
It is simple. It checks for a DNS entry for the MAIL FROM domain if
control/mfcheck or the MFCHECK environment variable is set to nonzero.
Please check it out. Any comments/bugfixes/etc are welcomed.
--
Regards: Kevin (Balazs)
diff -ruN qmail-1.03.orig/Makefile qmail-1.03/Makefile
--- qmail-1.03.orig/MakefileMon Jun 15 12:53:16 1998
+++ qmail-1.03/Makefile Thu May 6 13:02:37 1999
@@ -1536,13 +1536,13 @@
timeoutwrite.o ip.o ipme.o ipalloc.o control.o constmap.o received.o \
date822fmt.o now.o qmail.o cdb.a fd.a wait.a datetime.a getln.a \
open.a sig.a case.a env.a stralloc.a alloc.a substdio.a error.a str.a \
-fs.a auto_qmail.o socket.lib
+fs.a auto_qmail.o socket.lib dns.o dns.lib
./load qmail-smtpd rcpthosts.o commands.o timeoutread.o \
timeoutwrite.o ip.o ipme.o ipalloc.o control.o constmap.o \
received.o date822fmt.o now.o qmail.o cdb.a fd.a wait.a \
datetime.a getln.a open.a sig.a case.a env.a stralloc.a \
alloc.a substdio.a error.a str.a fs.a auto_qmail.o `cat \
- socket.lib`
+ socket.lib` dns.o `cat dns.lib`
qmail-smtpd.0: \
qmail-smtpd.8
diff -ruN qmail-1.03.orig/qmail-control.9 qmail-1.03/qmail-control.9
--- qmail-1.03.orig/qmail-control.9 Mon Jun 15 12:53:16 1998
+++ qmail-1.03/qmail-control.9 Thu May 6 13:00:45 1999
@@ -55,6 +55,7 @@
.I idhost \fIme \fRqmail-inject
.I localiphost \fIme \fRqmail-smtpd
.I locals \fIme \fRqmail-send
+.I mfcheck \fR0\fRqmail-smtpd
.I morercpthosts \fR(none) \fRqmail-smtpd
.I percenthack \fR(none) \fRqmail-send
.I plusdomain \fIme \fRqmail-inject
diff -ruN qmail-1.03.orig/qmail-smtpd.8 qmail-1.03/qmail-smtpd.8
--- qmail-1.03.orig/qmail-smtpd.8 Mon Jun 15 12:53:16 1998
+++ qmail-1.03/qmail-smtpd.8Thu May 6 12:12:31 1999
@@ -97,6 +97,12 @@
This is done before
.IR rcpthosts .
.TP 5
+.I mfcheck
+If set,
+.B qmail-smtpd
+tries to resolve the domain of the envelope from address. It can be
+handy when you want to filter out spamhosts.
+.TP 5
.I morercpthosts
Extra allowed RCPT domains.
If
diff -ruN qmail-1.03.orig/qmail-smtpd.c qmail-1.03/qmail-smtpd.c
--- qmail-1.03.orig/qmail-smtpd.c Mon Jun 15 12:53:16 1998
+++ qmail-1.03/qmail-smtpd.cThu May 6 13:23:14 1999
@@ -26,6 +26,7 @@
#define MAXHOPS 100
unsigned int databytes = 0;
+unsigned int mfchk = 0;
int timeout = 1200;
int safewrite(fd,buf,len) int fd; char *buf; int len;
@@ -50,6 +51,7 @@
void straynewline() { out("451 See http://pobox.com/~djb/docs/smtplf.html.\r\n");
flush(); _exit(1); }
void err_bmf() { out("553 sorry, your envelope sender is in my badmailfrom list
(#5.7.1)\r\n"); }
+void err_mf() { out("553 sorry, your envelope sender domain must exist
+(#5.7.1)\r\n"); }
void err_nogateway() { out("553 sorry, that domain isn't in my list of allowed
rcpthosts (#5.7.1)\r\n"); }
void err_unimpl() { out("502 unimplemented (#5.5.1)\r\n"); }
void err_syntax() { out("555 syntax error (#5.5.4)\r\n"); }
@@ -112,6 +114,10 @@
if (rcpthosts_init() == -1) die_control();
+ if (control_readint(&mfchk,"control/mfcheck") == -1) die_control();
+ x = env_get("MFCHECK");
+ if (x) { scan_ulong(x,&u); mfchk = u; }
+
bmfok = control_readfile(&bmf,"control/badmailfrom",0);
if (bmfok == -1) die_control();
if (bmfok)
@@ -208,6 +214,23 @@
return 0;
}
+int mfcheck()
+{
+ stralloc sa = {0};
+ ipalloc ia = {0};
+ int j;
+
+ if (!mfchk) return 0;
+ j = byte_rchr(addr.s,addr.len,'@') + 1;
+ if (j < addr.len) {
+stralloc_copys(&sa, addr.s + j);
+dns_init(0);
+if (dns_ip(&ia,&sa) < 0)
+ return 1;
+ }
+ return 0;
+}
+
int addrallowed()
{
int r;
@@ -219,6 +242,7 @@
int seenmail = 0;
int flagbarf; /* defined if seenmail */
+int flagmf; /* defined if seenmail */
stralloc mailfrom = {0};
stralloc rcptto = {0};
@@ -241,6 +265,7 @@
{
if (!addrparse(arg)) { err_syntax(); return; }
flagbarf = bmfcheck();
+ flagmf = mfcheck();
seenmail = 1;
if (!stralloc_copys(&rcptto,"")) die_nomem();
if (!stralloc_copys(&mailfrom,addr.s)) die_nomem();
@@ -251,6 +276,7 @@
if (!seenmail) { err_wantmail(); return; }
if (!addrparse(arg)) { err_syntax(); return; }
if (flagbarf) { err_bmf(); return; }
+ if (flagmf) { err_mf(); return; }
if (relayclient) {
--addr.len;
if (!stralloc_cats(&addr,relayclient)) die_nomem();
Re: Where to find the MAIL FROM - DNS patch?
On Thu, 6 May 1999, Petr Novotny wrote: > Hi, > > you said today that writing a patch to refuse mails where the MAIL > FROM domain does not resolve is reinventing the wheel. Now I was > looking for it at www.qmail.org and didn't find it - please tell me the > URL. I am curious too. Today Sam wrote: sam A) It's been done before. Where? I have rechecked the www page and I just didn't find it. sam B) You've implemented it wrong. Your patch will reject mail from sam @vix.com, for example. You're only checking for A records. You also sam need to check for MX records. Yeah, you're right. I should use dns_mxip instead of dns_ip. My new patch is downloadable from http://lsc.kva.hu/dl/qmail-1.03-mfcheck.patch -- Regards: Kevin (Balazs)
Re: Where to find the MAIL FROM - DNS patch?
On Thu, 6 May 1999, Markus Stumpf wrote: >ftp://ftp.fmp.com/pub/linux/qmail/ I had a look to that patch and I found that I don't want to patch my qmail with that unconceptious patch. Syslog? Badrcptto? Denymail parsing? These solutions aren't what I saw in the qmail code. -- Regards: Kevin (Balazs)
Re: [PATCH] Resolving MAIL FROM domain
On Fri, 7 May 1999, olli wrote: > Could you give an url then? I wanna disallow receiving/sending mail from > _some_ illegal domains too.. On Monday I'll go working and I'll upload the most recent version to a public site. I've put the error sending directly after checking (eg. into the MAIL FROM: parsing) and implemented distinguish between DNS hard and soft errors. Film at 11. -- Regards: Kevin (Balazs)
Re: qmail-popup/qmail-pop3d logging patch?
On Tue, 11 May 1999, Dan Peterson wrote:
> hi. at www.qmail.org(/top.html), there is a mention of a patch to
> qmail-popup and qmail-pop3d to make the log stuff to splogger, but the link is
> broken (it points to http://www.pharos.com.au/mbp/). anyone have any idea
> where i can pick this patch up? any help would be greatly appreciated! :)
I do have a logger patch but it's broken. AFAIK it's a waste of time to
talk about logging qmail-pop* until we cannot do logging with tcpserver.
The problem is:
supervise tcpserver qmail-popup 2>&1 | {some logger}
This tcpserver opens stderr to print its log messages and opens a pipe to
stdin-stdout for qmail-popup's connection. In fact there isn't a way to do
logging right now.
--
Regards: Kevin (Balazs)
[PATCH] MAIL FROM:... 2nd. ed
Hiyas, My second edition of MAIL FROM: checking is accessible3 from now from http://lsc.kva.hu/dl/qmail-1.03-mfcheck.2.patch BTW I think this can be very useful in the main qmail src too. About qmail-antispam4.patch: a patch must contain exactly one extension. In this patch some extensions are unneccessary or badly designed. Flames to me, please. -- Regards: Kevin (Balazs)
Re: qmail-popup/qmail-pop3d logging patch?
On Wed, 12 May 1999, Lars Uffmann wrote: > Balazs Nagy wrote: > > > > This tcpserver opens stderr to print its log messages and opens a pipe to > > stdin-stdout for qmail-popup's connection. In fact there isn't a way to do > > logging right now. > > Try commenting out line 91 in qmail-popup.c: > > 91 /* if (fd_copy(2,1) == -1) die_pipe(); */ Why DJB put this line in? If you run this program from command line, 0,1,2 are open. If you run from inetd, it dups 2 and 1 fom 0 (eg. 2 is alive). Tcpserver does a good emulation of command line. I don't know why this line exists in the code. > Now checkpasswords and qmail-pop3d's SDTERR should go where tcpservers > STDERR goes. Set a environment variable in qmail-popup, say LOGID to > provide a session wide unique tag to use in the popup -> checkpassword -> > pop3d pipeline. Sounds reasonable. Error catch points: login, stat, commands: qmail-pop3d bad passwords: checkpassword -- Regards: Kevin (Balazs)
Re: qmail-popup/qmail-pop3d logging patch?
On Wed, 12 May 1999, Lars Uffmann wrote: > Balazs Nagy wrote: > > > Why DJB put this line in? If you run this program from command line, > > 0,1,2 are open. If you run from inetd, it dups 2 and 1 fom 0 (eg. 2 is > > alive). Tcpserver does a good emulation of command line. I don't know > > why this line exists in the code. > > To be compatible with inetd qmail-popup HAS to dup STDERR 2 STDIN. If you > will patch checkpassword/pop3d to log to STDERR, you will no longer be > able to run them from inetd, because the log messages would be redirected > to the mail client. The same with qmail-smtpd. I guess this is one reason > qmail-smtpd does no logging at all. But you should use tcp-env to run qmail-popup and you should open a pipe to a logger (esp. the stderr fd) which can be specified in command line. Other solution: use errorsto(daemontools). -- Regards: Kevin (Balazs)
Is qmail's log method inefficient?
Hi, I read Qmail's documentation again and I realized that DJB didn't mention logging other than qmail-send. Is logging obsolete? I don't think so. But why other (smtpd, qmtpd, but most importantly pop3d) services lack the support of logging? IMHO the technology behind qmail logging is wrong. These inetd-controlled services cannot use stderr for logging (as tcpserver), and none of DJB's software use syslog. Therefore no logging is applied to these softwares. Anyone who say 'when a connection is made it's enough to log it's remote ip number' is wrong. A customer of mine wanted to log the time, remote IP, password checking failure, status informations about any POP3 connections just because they wanted to track down their would-be hacker employees. It was just a bit of hack in the source code. But here? Here is no way to do it. I see two solutions. The first one is not likely to be realized: use syslog. The another one is much better. My idea is the same as in qmail-start: tcpserver should open a file descriptor for piping through a logger program. The service program (qmail-pop3d for example) should check if this fixed fd number is exists. Any comments? -- Regards: Kevin (Balazs)
Re: Is qmail's log method inefficient?
On Tue, 18 May 1999, Andre Oppermann wrote: > Balazs Nagy wrote: > > > > I see two solutions. The first one is not likely to be realized: use > > syslog. The another one is much better. My idea is the same as in > > qmail-start: tcpserver should open a file descriptor for piping through a > > logger program. The service program (qmail-pop3d for example) should check > > if this fixed fd number is exists. > > > > Any comments? > > If you run under tcpserver it's no problem to log to stderr. Everthing > you print to stderr will appear in tcpserver's logfile. In fact I'm > implementing that right now for qmail-smptd and qmail-pop3d. Yeah, but you *should* give a non-sensitive solution. If you use stderr for logging, you should remove the dup2ing fd 1 to fd 2 line, but it's for compatibility reasons among various inetd's. By the way inetd (from netkit-base) actually dup2s fd 1 to fd 2, which will happily puts your logs to the socket. Why do you want to determine qmail services whether it runs under tcpserver or not? It's a very heavy compatibility issue. I'd like to see if DJB himself says anything about the subject. If we want logging, we should want to do it the official way. -- Regards: Kevin (Balazs)
Re: Is qmail's log method inefficient?
On Tue, 18 May 1999, Andre Oppermann wrote: > Feel free to roll your own patch which send's all it's stuff to syslog. Well, I think if I hack syslog support into qmail, it won't be qmail anymore as DJB said before. > Anyway, who cares about inetd? Anyone who don't want to install ucspi-tcp. You cannot say 'qmail-smtpd is not inetd conform' because it's not true. This is a bigger issue than patching qmail - you cannot sell a qmail-solution without move a step back and check it's integrity. IMHO qmail itself is a robust server, without patches. Patches can add more functionality but more weaknesses too. I cannot belive in patches which are will remain just as patches. > > I'd like to see if DJB himself says anything about the subject. If we want > > logging, we should want to do it the official way. > > He say's use recordio. Call me stupid but I don't know what recordio is. -- Regards: Kevin (Balazs)
Re: Is qmail's log method inefficient?
On Tue, 18 May 1999, Fred Lindberg wrote: > On Tue, 18 May 1999 17:35:09 +0200 (CEST), Balazs Nagy wrote: > > >Anyone who don't want to install ucspi-tcp. You cannot say 'qmail-smtpd is > >not inetd conform' because it's not true. This is a bigger issue than > >patching qmail - you cannot sell a qmail-solution without move a step back > >and check it's integrity. IMHO qmail itself is a robust server, without > >patches. Patches can add more functionality but more weaknesses too. I > >cannot belive in patches which are will remain just as patches. > > Don't patch qmail, use ucspi-tcp/daemontools. You can't blame Dan for, > after giving you a perfect solution, not being willing to make a poor > one slightly better. Well, you're right. I don't want to blame DJB, because he's a brilliant programmer. BTW I don't think this is a *perfect* solution. He made just the *best* solution. I just want to extend this to a *better* solution. Without the need of writing patches but with the help of Dan. He wrote qmail to be usable by almost everybody who knows his/her machine well and not for the ones who just pick up a package and install it without a base knowledge what s/he is doing. If you like inetd, use inetd. If you like xinetd, just use it. It's not the developer's choice but the administrator's. I (as a coder) don't want to be your sysadm. Be your own sysadmin. As you see, I merely want to respect my users' claims and want to keep the software as flexible as (possible || it was). [sorry for the precedence] PS I use ucspi-tcp and daemontools. My fellow sysadmins don't want to use them and they use procmail instead of Maildir, anyways. -- Regards: Kevin (Balazs)
Re: Is qmail's log method inefficient?
On Tue, 18 May 1999, Vince Vielhaber wrote: > Actually it extends into a support issue as well. There are regular issues > that come up with inetd and tcpwrappers and a few other things and switching > to tcpserver solves all of them and in a more robust fashion. So in this > case it really is developer's choice. If you want to use an alternate method > you'll find very little support. It's in the FAQ. What else do you want? BTW if someone wants to do something another way, maybe s/he knows the solution better. -- Regards: Kevin (Balazs)
Re: Bare LF problem
On Tue, 18 May 1999, John Gonzalez/netMDC admin wrote: > The question is now how to fix it. A very good answer is at the tips and advice section at http://www.qmail.org/top.html by Dan himself. A tricky and cool answer actually. -- Regards: Kevin (Balazs)
Re: Is qmail's log method inefficient?
On Tue, 18 May 1999, Vince Vielhaber wrote: > Not in this one: ftp://koobera.math.uic.edu/www/qmail/faq.html Well, I don't check that faq requlary. I use the /var/qmail/doc/FAQ. > Support was dropped for inetd configurations a few months ago. Excusez moi, but you meant 'support was dropped *from the faq*' and not from qmail. Qmail 1.03 'is shipped' with inetd support. -- Regards: Kevin (Balazs)
Re: Is qmail's log method inefficient?
On Wed, 19 May 1999, Vince Vielhaber wrote: > I'll repeat myself only once more. Go back and check the mail archives. I checked the archives last night and just now. Dan didn't mention anything about stopping the support of inetd. Iam sorry, but I don't belive in others, anything they say. -- Regards: Kevin (Balazs)
Re: MAIL FROM: somedamnuser@notvalid.dom
On Wed, 13 Oct 1999, Russell Nelson wrote: > Einar Bordewich writes: > > Has anyone made som MX/A/PTR checking on MAIL FROM: in qmail-smtpd? > > Yes, there's a patch for it on www.qmail.org. Well, actually it doesn't work. Please use qmail-1.03-mfcheck.3.patch instead (URL: http://lsc.kva.hu/dl/qmail-1.03-mfcheck.3.patch ). Oh, by the way, Russ, could you update this patch's URL and local copy at www.qmail.org please? -- Regards: Kevin (Balazs)
Header Skelter (was: Re: this dam(N)(ED) list)
On Wed, 20 Oct 1999, Dave Sill wrote: > However, if your address has changed, and you're not sure which > address you subscribed under, you'll need to look at the Delivered-To > and/or Received fields of a message from the list, then plug the > correct address (e.g., [EMAIL PROTECTED]) into the following: > > [EMAIL PROTECTED] Please tell me which address I specified when I subscribed. Here's your mail's (the mailing list's one) header (just the significant first two screens): Return-Path: <> Delivered-To: [EMAIL PROTECTED] Received: (qmail 3187 invoked from network); 20 Oct 1999 17:59:24 - Received: from sun.synergon.hu (172.23.130.1) by zweiblumen.sun.synergon.hu with SMTP; 20 Oct 1999 17:59:24 - Received: (qmail 18119 invoked by uid 113); 20 Oct 1999 17:59:22 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 18110 invoked from network); 20 Oct 1999 17:59:22 - Received: from optont.synergon.hu (172.23.1.33) by sun.synergon.hu with SMTP; 20 Oct 1999 17:59:22 - Received: by optont.synergon.hu with Internet Mail Service (5.5.2650.10) id ; Wed, 20 Oct 1999 19:57:27 +0200 Received: from cache1.synergon.hu ([194.149.60.26]) by optont.synergon.hu with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.10) id VCSB42R9; Wed, 20 Oct 1999 19:57:18 +0200 Received: (qmail 27828 invoked from network); 20 Oct 1999 17:58:57 - Received: from grumpy.math.uic.edu (HELO muncher.math.uic.edu) (131.193.178.181) by cache1.synergon.hu with SMTP; 20 Oct 1999 17:58:57 - Received: (qmail 24048 invoked by uid 1002); 20 Oct 1999 17:56:44 - Received: (qmail 17524 invoked from network); 20 Oct 1999 17:56:44 - Received: from sws5.ctd.ornl.gov (128.219.128.125) by muncher.math.uic.edu with SMTP; 20 Oct 1999 17:56:44 - Received: (qmail 739434 invoked by uid 3995); 20 Oct 1999 17:58:46 - Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk Delivered-To: mailing list [EMAIL PROTECTED] As you see, this mail did the long way. Bonus question: which email address I used when I wrote this mail? -- Regards: Kevin (Balazs) @ synergon
Re: qmail vs. sendmail weirdness
On Tue, 11 Jan 2000, jay wrote: > I added that pop user to my mail client, and sent out a few > messages to test. When I send a message to a domain that > uses sendmail, I get a bounce saying: > > <[EMAIL PROTECTED]> ... Domain must exist Is that mydomain.com exists? Has it a valid MX or A dns record? -- Regards: Kevin (Balazs)
Re: qmail 1.04
On Mon, 13 Nov 2000, Peter van Dijk wrote: > On Mon, Nov 13, 2000 at 10:13:44AM +0100, Markus Stumpf wrote: > > > > It probably would also be cool to have a cdb for vitualdomains, just > > like morercpthosts. > > That would mean that virtualdomains updates are instantly instead of > only happening at SIGHUP? > > There is no performance benefit in having virtualdomains as a cdb. Heh. I have 75 domains managed and the virtualhost file contains about the same number of lines. It's not a performance issue but a management one. -- Nagy Balazs, LSC http://www.lsc.hu/
New qmail version request
In my humble opinion Qmail is riped to a new version. Here're my
suggestions. These tips aren't enough for a 2.0 version but for a 1.04 or
1.1.
- djblib changes
new library functions
- daemontools
service configurator like in djbdns
- patches
big-dns patch
- new features
per-user handling of /var/qmail/users/
using ~/.qmail/... instead of .qmail-... (or it should check each)
qmail-remote QMTP and QMQP handling (smtproutes, qmtproutes, qmqproutes,
or just routes which can handle all of them)
introducing qmail-filter placed just before qmail-queue, which can be
configured to run virus scanners, mail rewriters, measuring tools or
other kind of stuff.
- new architecture
/var/qmail is outdated. These files should place to
- /var/qmail/bin to {conf-home}/bin
- /var/qmail/alias: maybe it's the right place, but I should put it to
a {sysconfdir}/alias dir.
- /var/qmail/users: it should be handled with ~alias/ (maybe as
.users.data and .users.cdb)
- /var/qmail/control: /service//env
- /var/qmail/queue: /var/spool/qmail (it should be put to /var/spool,
but it's just a cosmetic change).
- /var/qmail/man/: man pages should be eliminated in favor to html
pages, but it would be great if there would have a correct html2man
generator (it must not to be the part of the package)
It's not exactly qmail-related, but a rblsmtpd should be configured more
sophisticated (eg. not from command line).
Any opinions?
--
Nagy Balazs, LSC
Re: QMail Problems
On Fri, Mar 02 2001, Leon Mergen <[EMAIL PROTECTED]> wrote:
> If I want to send an email to [EMAIL PROTECTED] with PHP, it works fine.
> If I want to send an email to [EMAIL PROTECTED] with Outlook, it works fine.
> If I want to send an email to [EMAIL PROTECTED] with PHP, it doesn't work.
> If I want to send an email to [EMAIL PROTECTED] with Outlook, it *DOES* work. (this
>is the strange part)
PHP uses /usr/sbin/sendmail instead of sending it via SMTP.
> Mar 2 06:24:40 localhost qmail: 983535880.872563 new msg 572816
> Mar 2 06:24:40 localhost qmail: 983535880.874820 info msg 572816: bytes 1413 fr
> om <#@[]> qp 29028 uid 2522
> Mar 2 06:24:40 localhost qmail: 983535880.881470 starting delivery 19432: msg 5
> 72816 to remote postmaster@localdomain
It's a bounced message and not the real one. BTW Use
setenv("QMAILHOST=yourhost.com");
setenv("QMAILUSER=someuser");
mail(...);
in PHP.
--
Nagy Balazs, LSC
Re: New qmail version request
On Fri, Mar 02 2001, Peter van Dijk <[EMAIL PROTECTED]> wrote:
> On Fri, Mar 02, 2001 at 01:44:16PM +0100, Balazs Nagy wrote:
> [snip]
> > - new features
> > per-user handling of /var/qmail/users/
> > using ~/.qmail/... instead of .qmail-... (or it should check each)
>
> This is configurable. man qmail-users
Yes, you're right, but I don't want to put every user into qmail-users.
Why? It's not for user administration but for special case handling.
> > qmail-remote QMTP and QMQP handling (smtproutes, qmtproutes, qmqproutes,
> > or just routes which can handle all of them)
>
> qmail-remote shouldn't do QMQP. There are patches for QMTP.
Yup, but I'd like to see an official QMTP-aware solution. Maybe
QMQP-handling is not a good thing in qmail-remote
> > - new architecture
> > /var/qmail is outdated. These files should place to
> > - /var/qmail/bin to {conf-home}/bin
>
> conf-home=/var/qmail
'ts no an answer. If you set conf-home to /haha/qmail, the installer will
put everything under /hehe/qmail instead of /var/qmail. Again: I don't want
to configure the installer, I just want to see an official release what can
handle this.
> > - /var/qmail/alias: maybe it's the right place, but I should put it to
> > a {sysconfdir}/alias dir.
> > - /var/qmail/users: it should be handled with ~alias/ (maybe as
> > .users.data and .users.cdb)
>
> No, /var/qmail/users works essentially different than ~alias.
Oh, I just forgot that. Sorry.
> > - /var/qmail/control: /service//env
>
> Lots of files in control can be several 1000's of lines long.
What about .cdb files? You can put it to /service//cdb/.cdb
It's just a small problem I think.
> > - /var/qmail/queue: /var/spool/qmail (it should be put to /var/spool,
> > but it's just a cosmetic change).
>
> Why? /var is /var. All of qmail lives in /var/qmail. Feel free to
> ln -s /var/spool/qmail /var/qmail/queue
Not /var/spool/qmail is the point. /var/qmail structure is.
--
Nagy Balazs, LSC
http://www.lsc.hu/
Re: New qmail version request
On Fri, Mar 02 2001, Charles Cazabon <[EMAIL PROTECTED]> wrote: > impressed with the modularity of qmail. The only patches I see as > necessary anywhere are big-concurrency and big-todo. Everything else is > just sugar. Yes. In the past I wrote patches to qmail but these are just salted the otherwise tasty meal. I wrote additions what can improves qmail and can make it more modular, but I think patches should be gone. Extensions *are* the way. I understood that DJB written qmail not for us, but for the idea of creating a standards-compliant, secure mta. In other words, features aren't in the first line in the extension lists, and weird features aren't in the list at all. LDAP queries are can be handled by extensions, by replacing qmail-getpw. The whole local user lookup can be replaced this way. And yes, big-concurrency and big-todo can be an included patch candidate, but I think only the dns patch is neccessary to work correctly. -- Nagy Balazs, LSC http://www.lsc.hu/
Re: New qmail version request
Sorry for the late reply. It's my fault. On Fri, Mar 02 2001, Todd A. Jacobs <[EMAIL PROTECTED]> wrote: > On Fri, 2 Mar 2001, Balazs Nagy wrote: > > > - /var/qmail/man/: man pages should be eliminated in favor to html > > pages, but it would be great if there would have a correct html2man > > generator (it must not to be the part of the package) > > Um, man is a standard. Man is searchable. Man doesn't require an > administrator to install lynx or some other program just to view the help. > And no one should EVER be forced to use a GUI on a server platform (unless > you like running MS OSes), especially not for the sole "privelege" of > running Netscape in order to read documentation. For example SCO stores man pages in html. I don't think it's a question of GUI but a question of storing information. > > It's not exactly qmail-related, but a rblsmtpd should be configured > > more sophisticated (eg. not from command line). I think there's a little confusion here. sophisticated configuration means configuration file or configuration dir to me. -- Nagy Balazs, LSC http://www.lsc.hu/
per-recipient VERP with other MTAs
Hi,
I use a PERL script to send out a daily newsletter. Here's the send
fragment:
if (!defined $dry) {
$ENV{"QMAILUSER"} = $mailuser;
$ENV{"QMAILHOST"} = $mailhost;
$ENV{"QMAILINJECT"} = "r";
foreach $email (@subscribers) {
open MAIL, "|/var/qmail/bin/qmail-inject $email";
print MAIL "From: $mailfrom\n";
print MAIL "To: $email\n";
print MAIL "Subject: $header\n\n";
print MAIL $letter;
close MAIL;
}
print $letter;
}
As you can see, it's a very easy method which does only the crucial steps.
Of course I catch -default@, but some of the bounced
messages says they got the mail from -@ instead of
-=@.
In addition there's a mail server which refuses my newsletter just because
the envelope sender's address has a dash in it.
Anyone have such experience?
---jul
