Re: Dan, how do we solve this problem?
After reading some initial responses to this, I thought it was worth asking for clarification: (4) and (5) together would indicate that the user wants to use his "ownership" of the slow connection's IP address as a source for the mail, but wants to deliver it via tha fast DUL-listed connection. Is that the problem we're addressing? If not, please disregard the babble below. If so, it seems that any solution allowing this will cause problems (in this particular case, anyway) at the point his upstream ISP (on the fast side) checks that the packets coming down the pipe are from a valid IP address (i.e. one that is supposed to be located on that side of that pipe). Anything less secure would seem to encourage IP spoofing. On a less technical note, it seems that addressing the state of being listed in a DUL by patching/modifying/changing software won't ever scale well. The purpose of blocking lists and their use by ISPs is to actively and immediately discourage mail abuse AND to make end-users aware of what their ISPs are facilitating. Without knowing all the circumstances involved, I think the user should take (1) a little farther; just because he/she doesn't have a fixed IP doesn't mean that he/she can't pursue the issue with the ISP. It's true that they may be unable to respond adequately, but making some noise about the issue seems like a lower risk than, well, asking Dan to add a feature to qmail. :) Chris On Sun, 5 Aug 2001, Russell Nelson wrote: > A user on this mailing list has a problem. He has a fast non-static > IP ADSL connection, which is listed on the DUL. The non-default route > was a slow second internet connection with a static IP and which was > not listed on the DUL. He has several choices that I can see: > > 1) Try to get his fast connection removed from the DUL. That's not > acceptable since he doesn't have a fixed IP address. > > 2) Let his SMTP client connections go out from the IP address on the > DUL. This isn't acceptable because anybody subscribing to the DUL > will reject his email. > > 3) Use a wildcard smtproutes entry to redirect his email to his ISP's > email relay. This isn't acceptable because he doesn't want to have to > trust his ISP. He wants to be able to look in his log files and know > that the email has been accepted by the recipient's SMTP server. > > 4) He could change the default route to point to the slow connection. > Obviously unacceptable. > > 5) He simply MUST convince qmail-remote to bind to the IP address of > the slow non-DUL interface. Unfortunately, there is no way to do that > short of patching qmail. Why should he have to patch qmail in order > to add a feature he needs? As you've said yourself, the problem with > people offering patches is that you don't get an indication of how > many people are using the patch. > > 6) His only acceptable alternative to patching qmail is to try to > convince you to add this as a feature to qmail. Other people have > tried to get this feature added, and you've called their desire > "frivolous". He doesn't hold out much hope for success. > > What should he do? Give up on convincing you and patch qmail? > > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: Nothing at Port 25?
Depending on what you meant by "OS manipulation", the following troubleshooting steps might be valid: -See what's in your /etc/tcp.smtp file - make sure you're allowing connections and that the tcprules database has been rebuilt properly. -You say you can't telnet, but that you do get some sign of connection. You should clarify what is actually happening here. If the packets are being rejected at the network level, you've got a non-qmail configuration issue. -See what's in your mail logs. If qmail-smtpd is getting the connection, but something is going wrong, it will log an error telling you about it. -If there is something wrong with qmail, a "make setup check" from the source tree will usually do wonders, especially after an OS upgrade with strange manipulation. Hope this helps, Chris On Sun, 5 Aug 2001, Alex Le Fevre wrote: > Hello all, > > This weekend I attempted to upgrade my system from > OpenBSD 2.8 -> 2.9. I had a bit of trouble doing so, > and as such had to do some strange OS manipulation > that does not bear description here. > > In any case, after getting to what I thought was a > fully restored point, my inbound mail is not working. > This despite the fact that I have qmail running under > tcpserver, as revealed by ps: > > qmaild3828 0.0 0.360 444 C0- S 10:36PM >0:00.04 /usr/local/bin/tcpserver -v -u 1012 -g 1011 > -x /etc/tcp.smtp.cdb 0 smtp /var/qmail/bin/qmail-smtpd > > I also have qmail-lspawn, qmail-rspawn, and > qmail-clean running. > > I can't even telnet to port 25 on the system; it tells > me it's connected, then immediately dumps me out. I've > posted to [EMAIL PROTECTED] to see if it could possibly > be the OS shutting down the port, but I suspect > something is wrong with the qmail daemon. > > Does anyone here know if I've got things right from > the Qmail end? Thanks. > > Alex Le Fevre > > ______ > Do You Yahoo!? > Make international calls for as low as $.04/minute with Yahoo! Messenger > http://phonecard.yahoo.com/ > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: rblsmtpd and mail-abuse.org's DNS servers
I list some alternatives to MAPS's RBLs, along with some other
spam-prevention techniques, here:
http://www.summersault.com/chris/techno/qmail/qmail-antispam.html
http://www.summersault.com/chris/techno/qmail/qmail-antispam.html#resources
Chris
On Thu, 2 Aug 2001, Derek Callaway wrote:
> On Thu, 2 Aug 2001, Chin Fang wrote:
>
> Right, I guess I should have said that I already read those pages before I
> posted this message. I'm looking for a _free_ workaround to this problem.
>
> TIA
>
> > You will need to pay MAPS to use one of its three RBLs, or the combined
> > RBL+.
> >
> > Please see http://www.mail-abuse.org/subscription.html and
> >http://www.mail-abuse.org/feestructure.html
> >
> > even you are with an educational institution.
> >
> > Dr. Dan Bernstein himself has given up on MAPS's RBLs:
> >
> > Please see: http://cr.yp.to/ucspi-tcp/rblsmtpd.html
> >
> > Regards,
> >
> > Chin Fang
> > [EMAIL PROTECTED]
> >
> > > Hi, I'm having a problem with my qmail smtpd server becoming unresponsive
> > > when rblsmtpd cannot communiate with the RBL nameservers. Has anyone else
> > > had this problem? I'd like to blindy accept e-mail if the RBL nameservers
> > > cannot be contacted. Here's how I'm starting the SMTP server:
> > >
> > > /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -u 7791 -g 2108 -v 0 smtp fixcrio
>/usr/local/bin/rblsmtpd -t 7 /usr/local/bin/rblsmtpd -t 7 -r dialups.mail-abuse.org
>/usr/local/bin/rblsmtpd -t 7 -r 'relays.mail-abuse.org:Open relay problem - see
>http://www.mail-abuse.org/cgi-bin/nph-rss?%IP%>' /var/qmail/bin/qmail-smtpd 2>&1
>| /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t n100 s100
>/var/log/smtp &
> > >
> > > --
> > > //Derek Callaway <[EMAIL PROTECTED]> * Programmer: CISC, LLC - S@IRC
> > > char *sites[]={"http://www.freezersearch.com/index.cfm?aff=dhc";,
> > > "http://www.ciscllc.com","http://www.freezemail.com",0}; /*KDR AB 249*/
> > >
> > >
> > >
> >
>
-- Chris Hardie -
- mailto:[EMAIL PROTECTED] --
http://www.summersault.com/chris/ --
Re: avoiding multi-rcpt duplicates with fetchmail-like system
Unfortunately, I know they're not using fetchmail, and I think they may be using an NT-based solution. Does this mean we're leaning towards "tell your user to get a clue"? :) Thanks, Chris On Tue, 13 Feb 2001, Peter van Dijk wrote: > On Tue, Feb 13, 2001 at 04:48:31PM -0500, Chris Hardie wrote: > [snip] > > they'll get three copies of the message in the monolithic Mailbox file on > > our server (I tested this and they will with default setup). This is bad > > for them because apparently their re-routing software only looks at "To:" > > lines and not "Delivered-To:" lines - I don't know if that's standard or > > not. > > Using 'To:' for this purpose is inherently broken. fetchmail can read > Delivered-To headers just fine. > > Greetz, Peter. > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
avoiding multi-rcpt duplicates with fetchmail-like system
Greetings. I apologize in advance if this question has been answered in docs or previous discussion - it seems like it should have been. :) I *have* read LWQ, the Howto, man qmail-local, man dot-qmail, and info about fastforward and similar packages, and still haven't found the clarification I need: We have some virtual domains on our server (FreeBSD 4.2, qmail 1.03, tcpserver, daemontools, etc). For one of them, the user wants to have all the mail sent to any address @domain.com piled into one Mailbox file (we're using Mailbox, not Maildir) so they can then download it via POP and route it internally at their organization. Seems pretty standard, prepped easily on our side via .qmail-default. The concern they have is that if a message is From: [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] they'll get three copies of the message in the monolithic Mailbox file on our server (I tested this and they will with default setup). This is bad for them because apparently their re-routing software only looks at "To:" lines and not "Delivered-To:" lines - I don't know if that's standard or not. So, the desired solution is to find a way to only deposit *one* copy of the message in the monolithic Mailbox file, but with headers intact such that their software can re-deliver the message to all the appropriate recipients. I found this script: http://www.qmail.org/eliminate-dups but I'm not sure this is its intended (or possible) use. I'm hoping someone can say "drop X into a .qmail-default file and you're off to the races" or, less preferably, "tell your user to get a clue, because of X" (or the even less preferable "you should get a clue, period."). Thanks in advance for your help. Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
seeking rblsmtpd -r option clarification
Greetings. I'm seeking clarification on use of the "-r" option of
rblsmtpd, described here:
http://cr.yp.to/ucspi-tcp/rblsmtpd.html
The issue at hand is whether or not you can specify multiple blackhole
lists with one call, or if you have to chain calls to rblsmtpd.
I've had some reports that you can use multiple -r's, e.g.
rblsmtpd -rrelays.orbs.org -rrbl.maps.vix.com
However, user Mike Silbersack had a different experience and did some
further research into the issue and sent me this:
On Wed, 1 Nov 2000, Mike Silbersack wrote:
> I'm sure that multiple -rs don't work now. See main():
>
>
> void main(argc,argv)
> int argc;
> char **argv;
> {
> int opt;
>
> while ((opt = getopt(argc,argv,"t:r:Rb")) != opteof)
> switch(opt) {
> case 't': scan_uint(optarg,&timeout); break;
> case 'R': flagrblsafe = 1; break;
> case 'b': flagbounce = 1; break;
> case 'r': rbldomain = optarg; break;
> default: usage();
> }
> argv += optind;
> if (!*argv) usage();
>
> res_init();
> check();
> execvp(*argv,argv);
> strerr_die4sys(111,FATAL,"unable to run ",*argv,": ");
> }
>
> As you can see, the last -r is the one that'll stick. This is true for
> both the patched and unpatched rblsmtpd. So, it looks like chaining
> rblsmtpds is the only way to use multiple blackhole lists for now.
>
> Mike "Silby" Silbersack
I think this would indicate that repeating use of -r wouldn't work as
expected.
Can anyone clarify what's really supposed to happen, what really
does happen, and what it all means in a larger existential context?
Thanks,
Chris
-- Chris Hardie -
- mailto:[EMAIL PROTECTED] --
http://www.summersault.com/chris/ --
Re: Per user RBL or RSS
In particular, the details of how to set this up are on my HOWTO: http://www.summersault.com/chris/techno/qmail/qmail-antispam.html#useroption1 Chris On Sat, 28 Oct 2000, Ricardo Cerqueira wrote: > On Fri, Oct 27, 2000 at 05:01:21PM -0400, Robert J. Adams wrote: > > Hello all, > > > > Anyone know if it's possible to do per user RBL/RSS spam checks? I.e.. > > something out of .qmail maybe? > > Search for rblchk. It's a cute little perl script which you can use with > procmail or maildrop. > > RC > > -- > +--- > | Ricardo Cerqueira > | PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42 > | Novis - Engenharia ISP / Rede Técnica > | Pç. Duque Saldanha, 1, 7º E / 1050-094 Lisboa / Portugal > | Tel: +351 2 1010 - Fax: +351 2 1010 4459 > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
qmail.org site down?
It's quite possible that I missed something, but: When I visit http://www.qmail.org, I am redirected to http://www.qmail.org/vbn/unreachable.vbn and get a message saying "Welcome to Elastic Networks. Sorry the file that you have requested is not reachable from this side of the network..." Sometimes I can't get to the site at all. Am I delerious? Did someone pee in my DNS stream? Anyone else having this problem? (Sorry for the relatively-insignificant-meta-nature of this message.) Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
rblsmtpd lookup timeouts for slow/broken networks
Hi folks. I've got ucspi-tcp-0.88 with rblsmtpd and qmail-1.03 on FreeBSD 4.0. We recently had some problems where a large part of our area network was working fine, but our link to the outside world was having problems and periodically went down. This meant that when an smtp connection was made to our server, the conversation couldn't happen because rblsmtpd couldn't connect to the RBL server to do the lookup. Despite not having an internet connection, there were still lots of messages that could be delivered locally, and it would have been nice if they'd gone through. I looked through the rblsmptd documentation and related sites and couldn't find anything that mentions this sort of behavior. A few questions, then: -If rblsmtpd can't talk to the RBL server, what sort of error does it issue to the connecting server? Temporary or permanent? Is it just the default 60 second timeout? -Is there a way to tell rblsmtpd to "carry on like normal" if the lookup doesn't happen in the first X seconds? The "-t" option appears to be a timeout related option, but doesn't seem to do this particular thing. -Any other bits of advice/strategy for rblsmtpd being used in that sort of situation? Thanks, Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
RFC: web interface to manage user dot-qmail files
Hi folks. I'm interested in creating a web interface to manage user dot-qmail files. I'm ready to start coding :) but thought I'd would solicit the sagacious and smooth advice of this list about some of the architecture/design issues. My proposal is here: http://www.summersault.com/chris/techno/qmail/dqm/proposal.html If you can do no other, help me answer these questions: -Has anyone else already done this? -Have any similar projects been started and then stopped due to particular technical issues? I look forward to any comments/insights you might have. As mentioned on the link above, you're welcome to send them directly to me, post them on the page's comment section, or discuss them on this list. Thanks, Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: Blocking Spam, badmailfrom not working
Dave, There's some general info on anti-spam with qmail here: http://www.summersault.com/chris/techno/qmail/qmail-antispam.html Hope this helps, Chris On Sun, 30 Jul 2000, Hubbard, David wrote: > Hi everyone, > I've been noticing a lot of spam coming in to users on my qmail > server from popsite.net addresses. I guess they're just a big dialup > provider that obviously lets their users relay whatever they want > through their server. But anyway, the Helo, From, To, and Return-Path > are all garbage. The only thing that is consistent across emails is the > path it took to get to me, and it always starts with a popsite.net address. > I tried to put @popsite.net in my badmailfrom but that didn't work. > Is there any way to block all popsite.net connections? They always seem > to come from different addresses and subnets. > > Thanks, > > Dave > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: Newbe question
Hello! First of all, newbie is typically spelled N-E-W-B-I-E :) Details, details. Your assessment of possible problems with inetd.conf seems likely. Note that it is no longer recommended that you run smtp services under inetd, and that you use tcpserver instead. You can find out everything you need to know about tcpserver here: http://web.infoave.net/~dsill/lwq.html and here: http://www.flounder.net/qmail/qmail-howto.html As for POP3, you can run it under tcpserver as well, but if you want to leave it in inetd, you should have a line that looks something like this: pop3stream tcp nowait root/usr/local/libexec/popper popper where popper is a POP3 server that you know to work with your config. The other avenue to explore is making sure that you're not blocking access to your mail services from the outside world with tcp wrappers. Chances are your system has tcp wrappers installed, so you want to look for /usr/local/etc/hosts.allow or /etc/hosts.allow and then read # man 5 hosts_access (or the equivalent on your system) to make sure the proper traffic can get through. This should at least get you started in the right direction. Unlikely as it might seem, your problem can probably be solved by some or all of the qmail documentation. Chris On Mon, 10 Jul 2000, [windows-1255] çééí äìôøï wrote: > Hello > I hope im doing this right :-) > i'm new to qmail, in fact i just installed it... > i read all the faqs and guides, and i still have some questions: > (bare in mind im not that genius with unix, so forgive me if those r stupid > questions) > i want to be able to use qmail as my mail server software. > as such, i want it to be able to answer both smtp and pop3 requests. > while inside the unix box, my config works fine, im not able to use it, from > outside > i guess thats because i havent configured properly the services in the > inetd.conf file > now, i saw the line about configuring the smtp service, and did that > but no text was given about the pop3 service, which is also needed by me... > perhaps i got it all wrong > can someone please shed some light on this subject? > > thanks a bunch in advance > > Haim > > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: HELP... I got attacked by Spammers
General qmail anti-spam howto that might be useful: http://www.summersault.com/chris/techno/qmail/qmail-antispam.html Chris On Fri, 7 Jul 2000, Sally Cheng wrote: > Hi > > > I am using Qmail 1.03 and today i noticed that my > server is attacked by spammers and I got notice from > other servers that my host is put in their BLACK list > for spamming. I have looked in the FAQ but tried to > fix but couldn't make it done. I had to delete all teh > message in /var/qmail/queue. Could anybody help me to > stop these SPAMMING and RELAYING. > > > Moreover I would like to control the relay through my > host in following way: > > > [My host name is myhost.mudomain.com and domain is > mydomain.com] > > 1. I need to allow my users ([EMAIL PROTECTED] and > [EMAIL PROTECTED]) send emails to anywhere > through my server. ie my server is a SMTP gateway for > my client-hosts. > > 2. I need to allow other hosts to send email to my > users. So that my server will receive email from other > servers fr local users and put it in their mailbox. > > 3. I need to REJECT all the other hosts or mails from > other host NOT addressed to our local users. > > 4. I need to REJECT all the foreign hosts to use my > hosts use as relay. Ie direct SMTP connection can be > given only to my users or same network 10.0.0.0 > > Any help is highly appreciated. > > Thanks in Advance. > > Sally > > > > ______ > Do You Yahoo!? > Send instant messages & get email alerts with Yahoo! Messenger. > http://im.yahoo.com/ > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: Adding a new Domian
The links I sent you are still relevant, you just need to read more about qmail and what it can do before you proceed. Read about qmail-control files, virtual domains, and the like. Adam McKenna's HOWTO and Dave Sill's Life with qmail will also come in handy. One standard way to do what you want is to create two user accounts on your system, one for each domain (or maybe you just need to create one, for the new "imported" domain), create entries for it in rcpthosts and virtualdomains, and then create some dot-qmail files in that account for that domain. But really, read the docs before you get into this any further or ask any more general questions about virtual domain setup. Chris On Fri, 28 Apr 2000, Bert Beaudin wrote: > Maybe I did not explain my self enough. > I need to be able to receive and send mail as two different domains > niaom.edu and domain2.edu. I also need to process two aliases with the > same names but different domains. > > [EMAIL PROTECTED] > and > [EMAIL PROTECTED] > > How do I do this on the same server? > > Thanks > > > At 05:28 PM 4/28/00 -0500, Chris Hardie wrote: > > >The keywords here are "qmail" and "alias". > > > >http://www.qmail.org/man/misc/INSTALL.alias.txt > >http://www.qmail.org/man/man9/dot-qmail.html > > > >You could have gotten to these on your own by looking at the qmail.org > >site and then looking at the documentation section. > > > >Hope this helps! > >Chris > > > >On Fri, 28 Apr 2000, Bert Beaudin wrote: > > > > > Hello all > > > I have qmail installed on our mail systems and it has been > > working great. > > > The school is now merging with another school and I need to host the > > second > > > domain on my server. The one problem I have is I need to create some of > > the > > > same email aliases that I allready have, i.e. admissions, dean etc. How do > > > I do this? Can someone point me to some doc's. > > > > > > Thanks for your time and help. > > > > > > Bert Beaudin > > > Computer Support Specialist > > > 206-633-2419 > > > http://www.niaom.edu > > > [EMAIL PROTECTED] This is a test > > > > > > > > > > > > > >-- Chris Hardie - > >- mailto:[EMAIL PROTECTED] -- > > http://www.summersault.com/chris/ -- > > Bert Beaudin > Computer Support Specialist > 206-633-2419 > http://www.niaom.edu > [EMAIL PROTECTED] This is a test > > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: Adding a new Domian
The keywords here are "qmail" and "alias". http://www.qmail.org/man/misc/INSTALL.alias.txt http://www.qmail.org/man/man9/dot-qmail.html You could have gotten to these on your own by looking at the qmail.org site and then looking at the documentation section. Hope this helps! Chris On Fri, 28 Apr 2000, Bert Beaudin wrote: > Hello all > I have qmail installed on our mail systems and it has been working great. > The school is now merging with another school and I need to host the second > domain on my server. The one problem I have is I need to create some of the > same email aliases that I allready have, i.e. admissions, dean etc. How do > I do this? Can someone point me to some doc's. > > Thanks for your time and help. > > Bert Beaudin > Computer Support Specialist > 206-633-2419 > http://www.niaom.edu > [EMAIL PROTECTED] This is a test > > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: "Multi-RCPT vs. Single RCPT delivery" - logic error?
On Fri, 28 Apr 2000, Dirk Harms-Merbitz wrote: > I have customers who regularly send 100+MB attachements. > > Email is the most convenient way for them to do this. > Especially with a local SMTP server in their network. > > Why waste time tyring to convince them otherwise? > > Dirk > E-mail protocols and software are not well equipped, by default, to deal with this kind of message size. (They're certainly getting better!) When a message bounces, some mailers send back the whole thing. If it is delayed in a queue, that's a 100 MB message being shuffled around (i.e. copied, transferred over a network, etc) using up system resources. Receiving a 100 MB attachment may be easy for you, but what about someone who happens to be checking their e-mail over a 56K modem for the weekend while their away from the office? Their mail client starts downloading a 100 MB attachment and all sorts of problems could result if the connection is lost or interrupted. FTP is much simpler, and much more binary in its success/failure. In general, you and your net contacts may all have the right infrastructure in place to use e-mail to send large files, but most of the rest of the world probably still doesn't, and when they go on using e-mail for such purposes uneducated about the implications, it can create a huge burden on system administrators. Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: "Multi-RCPT vs. Single RCPT delivery" - logic error?
On Fri, 28 Apr 2000, Andy Bradford wrote: > I may be rehashing old topics, and I may sound a little bit old > fashioned (even at age 26), but I don't believe email was ever meant to > handle that large amount of traffic. Or, in other words SMTP != FTP > I am still of the opinion that one should instruct users to use the > right protocols for the right reasons. Hence, put the 10MB PowderPoint > file in a public or private ftp directory and then include a URL to > fetch it in the email. I agree with this sentiment, but it's becoming increasingly difficult to find good ways to enforce it. Case in point: we do web development for an organization that has a PR firm develop brochures and then send them to us for posting on their website. The files are often 7-10 MB in size, large enough to be cumbersome for e-mail, small enough to make overnighting a ZIP disk seem a little excessive. The organization hosts their site with us, and so we could obviously instruct them to upload the files through FTP, but the PR firm shouldn't necessarily be able to do this. It gets more complicated when you think that it's not always going to be the same person at the PR firm sending the files, and that there are many cases where other third parties need to send us materials related to the site. Clearly it's a complicated issue, but it seems that as broadband access to the net becomes more common, businesses are going to expect to be able to use one "interface" to do all their communications, be it plain text messages or large multi-megabyte file transfers. I cringe every time someone sends me a 7 MB mail message, but it's difficult to explain to them why this is a bad idea. I'd be interested to hear if anyone's found a good general solution to this in a production/business environment. Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: temporary failure warning message
On 24 Apr 2000, Ian Lance Taylor wrote: > First, a minor point. I don't think that changing queuelifetime is > good enough. It affects all messages globally. It doesn't let me say > ``I need to know about this message, but not about this other > message.'' It doesn't tell me ``it's been a hour to deliver this > message--I'm still trying, but you might want to think about fixing > something.'' There's a link from the qmail website to Brian Wightman's delayed-mail notifier, which serves this purpose quite faithfully (runs on cron, scans the queue and sends a message to the sender letting them know about the delay) and seems to be the piece of software several folks are looking for. Unfortunately, that link appears to be broken. Brian Wightman, please pick up the nearest courtesy phone. I have a copy from Feb 99; it's the one we've been using in production for some time now and it's never let us down. 9K download: http://www.summersault.com/chris/techno/qmail/qmail_bounce-0.0alpha6.tar.gz Note that it's an alpha release, and that I didn't write it, and that I won't support it, and that I probably won't answer questions about it, and that I don't want to be the primary download site for it. I hope this helps. Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: OT: Help with SPAM
On Tue, 18 Apr 2000, Abdul Rehman Gani wrote: > Hi, > > We are in the process of moving to qmail from Mailsite (on NT), but I face a > problem with SPAM that I do not think will be solved by QMail. The sender of > the spam is using a fake address on our domain as the from address in the > spam. Although the spam itself is forwarded through AOL/concentric and > possibly via other free/cheap access points (our server is not a relay or > originator), the bounces and complaints do reach us. > > 1. Is there a way to get qmail to reject mail sent to a specified address on > one of the domains for which it does accept mail - sort of a BADMAILTO > entry? Ideally the mail should be rejected during the SMTP receipt session. You can use "bouncesaying" in a dot-qmail file to bounce mail sent to a specific address with a specific return message. Note that qmail will accept the message for delivery before encountering this, so if the envelope is bad, the message will double-bounce to you. If you really want to do the bouncing during the SMTP conversation, which can be a bad idea for several reasons (see earlier threads on this topic), check out one of the anti-spam patches available from qmail.org or here: http://www.summersault.com/chris/techno/qmail/qmail-antispam.html > > 2. A better solution would be to stop mail with fake from addresses from > exiting a system altogether. Any one know about such a system or how it can > be implemented - it certainly would seem to be a major task to convince mail > admins to do so, and they all would have to to be able to prevent this from > happening. I'm not sure all mail admins would agree that this is a good solution. Some consider it a feature that one can send mail from a "physical" address on one machine with an envelope pointing to another account. This is what makes POP client mailers so flexible (e.g. if I use earthlink to dial up to the net but want to use my university mail account to "send and receive" mail.) But, as you have seen, that feature comes with some hassles too. > > 3. The spam messages contain only US based toll free numbers (1-888-258-4753 > and 888-533-1018). I am not in the US so I need some help in tracking the > owners of these numbers. Can someone help in that regard? US 1-800-555-1212? infospace.com reverse lookup? Call the numbers and tell them you're interested in their product and need a mailing address? Hope this helps, Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: Move qmail and directories to new system - how...?
On Mon, 17 Apr 2000, Anthony White wrote:
> My server has outgrown itself and now needs to be put on larger
> drives.
>
> Are there any problem moving ./Maildir/ directories
> in the users home dirs to a new drive?
>
> Are there any issues moving qmail itself?
>
> I plan to move from my RedHat system from
> 2 2.1G drives to 2 9.1G drives that will
> be running in RAID 1 configuration.
I once had to move the qmail queue to another device/disk drive, and wrote
the below step-by-step. It could probably use some reviewing, and makes
some assumptions that might not be true (that you're using inetd, that you
can wait until all the messages in your queue have been delivered,
etc). In short, it's very rough, but might be of help:
Wait till late at night
Make sure there are no messages in the queue
/var/qmail/bin/qmail-qread
If there are, wait until they are delivered! Very important.
Modify /etc/inetd.conf to stop incoming mail (comment out smptd)
Kill -HUP inetd
Kill -KILL qmail-send
backup the queue, probably the whole qmail directory for that matter.
Create a symbolic link from /var/qmail/queue to the new directory
cd /usr/src/qmail-1.03
Remake the queue structure (you should not do this by hand, puny mortal):
# make setup check
Startup qmail
/var/qmail/rc
Re-allow incoming connections through inetd
TEST IT OUT!
--
I also used the below script (don't have the original author info, sorry -
anyone want to own up to it?) to readjust the queue directory after the
move. qmail names the files in the queue directory based on the file's
inode number, so this script moves the old files in ./queue.old/ (which is
on the old device) to ./queue/ (which is on the new device) with the
proper names. Again, use at your own risk, and could probably use some
refining:
#!/bin/sh -x
cd /var/qmail || exit 1
find queue.old/mess -type f -printf '%f %i\n' |
awk '{print $1, $1%23, $2, $2%23}' |
while read oldi oldd newi newd; do
mv queue.old/mess/$oldd/$oldi queue/mess/$newd/$newi
mv queue.old/info/$oldd/$oldi queue/info/$newd/$newi
test -f queue.old/local/$oldd/$oldi &&
mv queue.old/local/$oldd/$oldi queue/local/$newd/$newi
test -f queue.old/remote/$oldd/$oldi &&
mv queue.old/remote/$oldd/$oldi queue/remote/$newd/$newi
test -f queue.old/bounce/$oldi &&
mv queue.old/bounce/$oldi queue/bounce/$newi
test -f queue.old/todo/$oldi &&
mv queue.old/todo/$oldi queue/todo/$newi
done
I'm not sure about the Maildir directories. I believe they too have some
sort of inode number dependency built in - anyone have advice for Anthony
on moving these?
Hope this helps,
Chris
-- Chris Hardie -
- mailto:[EMAIL PROTECTED] --
http://www.summersault.com/chris/ --
Re: SPAMCONTROL not work properly
More info on this here: http://www.faqts.com/knowledge-base/view.phtml/aid/1198/fid/206/lang/en and here: http://www.summersault.com/chris/techno/qmail/qmail-antispam.html Another Chris On Mon, 10 Apr 2000, Chris Johnson wrote: > On Mon, Apr 10, 2000 at 04:59:14PM -0300, Luis Bezerra wrote: > > I am having problems with my qmail MTA: > > > > when mail-abuse.org tests my site, qmail is accepting MAIL FROM and RCPT > > TO with PERCENTHACK. > > Arrrggh! > > Just after the test seemed to indicate that your MTA failed the test, did it > say anything else? (Hint: yes, it did.) > > Chris > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: Subs Pager Service for Qmail Users
The qpage (QuickPage) package, which can do text and/or alphanumeric paging, knows how to only send the From/Date/Subject lines in its page. I've been using it reliably for almost a year now. http://www.qpage.org/ Chris On Thu, 6 Apr 2000, Martin Paulucci wrote: > Hi all, > > I was required to add a service to Qmail, a subscription service (over the web) that >could forward the user the From,Date, Subject of the message to his cell phone/pager. > Here in Argentina, the cell phones and pagers have email addresses to I would just >have to mail them that info. > Any idea how to tell Qmail to do the forward, but only those 3 fields of the >message?. > Should I have to add a .qmail file somewhere? (I need to let the message get >delivered in the account too) > > Anybody did this before? > > Thanks! > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: RFC: Qmail Anti-Spam HOWTO
On Mon, 3 Apr 2000, Jonathan McDowell wrote: > I want to check all incoming messages to see if they're on DUL, ORBS, > RSS, RBL or whatever and if so add a header to the message, say an > "X-Spam-Warning: DUL" or the like. I know this is a trivial one line > config option for Exim, but I haven't seen anything for qmail to do > this. > > I know I could do something with procmail, but I want this to work even > for mail that's being forwarded or stored in a Maildir or whatever, > without the user having to do anything special. > > Anybody any ideas? I think you'll have to implement some sort of filtering program. Without modifying the source of your smptd program, I think the first chance you have to modify the message is in a dot-qmail file. You can use things like procmail or maildrop as a local delivery agent for an entire system. From "man procmail": If running suid root or with root privileges, procmail will be able to perform as a functionally enhanced, back- wards compatible mail delivery agent. Procmail can also be used as a general purpose mail fil- ter, i.e. provisions have been made to enable procmail to be invoked in a special sendmail rule. It seems you should be able to set things up so that all incoming mail is passed through an "rblcheck" and additional headers appended when appropriate. I'm not sure about exact syntax, but man procmail seems like a good start. Anyone else here done this before? If you do come up with something, do let me know and I'll include it in the HOWTO. Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
RFC: Qmail Anti-Spam HOWTO
All, In response to the "Poor Documentation of Anti-Spam Options" thread (that I started) and ones like it on the mailing list, I've written what I hope is the most comprehensive document available on anti-spam methodologies from a qmail perspective. http://www.summersault.com/chris/techno/qmail/qmail-antispam.html I think it would be great to have a definitive resource on the topic that could be available from the main Qmail page, and I think this is a pretty good start, so I'd like your feedback and suggestions for improvement. (There is a comment section on the page itself, but if you can send your comments to me/the list until it gets refined a little, that would be great.) Biased perspectives, spelling errors, bad syntax, poor form, missing info; I want it all! :) Thanks, Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: Poor documentation of anti-spam options?
On Sun, 2 Apr 2000, Patrick Bihan-Faou wrote: > I guess it's time to close the debate on that issue. > Actually, since I asked the original question, I'd like to clarify what I think the main point is: "The lack of clear and concise documentation about anti-spam/security options for the novice and/or average qmail user." I'm encouraged by the discussion that took place in this thread, but it will obviously only benefit the folks who happen to be reading the list at this time, or the folks who happen to find the discussion in an archive search. I still think it would be very useful to document the following on the Qmail site: 1) All of the known issues (philosophical, religious, technical) of anti-spam options; you've covered most of these in the discussion 2) All of the known solutions for qmail users (including the various combinations of mailer, filter, and third party setups) 3) Detailed HOWTOs for setting up at least a few of these. The last seems most relevant and pressing; even after all of this, I still have no good leads on how to implement any sort of DNS checks for enveolopes/From addresses. I would be happy to make an attempt at this documentation, as long as folks agree that it would be useful, and would be willing to provide feedback on what I come up with. Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Poor documentation of anti-spam options?
Folks, I've been observing what seems to be a lack of clear and concise documentation about anti-spam/security options for the novice and/or average qmail user. In my particular situation, I've recently moved to the tcpserver/rblsmtpd way of doing things, and now I'm interested in blocking mail based on invalid/bad-DNS hosts in envelopes/From: headers. Only after scouring the mailing list archive was I able to determine that that "DENYMAIL" patch is the apparently recommended way of doing this, and of course everyone says "get it from the qmail website". There's no mention of "DENYMAIL" on the main qmail page, and the only link to "an anti-spam patch" (in the "Yet More Qmail Addons" section) is broken. I was finally able to find this link http://www.geocities.com/SiliconValley/Peaks/5799/qmail-uce.html which appears to be the DENYMAIL patch, but I had to use lots of third party search engines to find it, and I'm still not sure of what I've got. Whether or not this particular example is valid, it definitely seems like one has to do a lot of work to figure out the best way to set up a secure (but not draconian) and spam-unfriendly (but not malicious) qmail system. I realize that mail system administrators are supposed to be knowledgable about their software and resourceful in finding new features, but it also seems that offering a concise guide to the available options and how to use them would benefit many folks. I've been using and refining qmail for several years now, and while I can usually find what I want in one doc or another, it always takes a long time to figure out what conventionally works and what is conventionally recommended. I just wonder if one should have to spend so much time searching the mailing list archives. I know this is a sensitive subject, and that in many cases it depends on your "philosophy of mail delivery" (to use ORBS or not, to block at system level or user level, etc), but I wonder if anyone else has thoughts on what is probably a frustrating situation for many? Spam and privacy are big issues nowadays, and it seems to the qmail project's advantage to address them adequately. And, of course, I would love it if anyone had a bold and decisive document about how to patch qmail with DENYMAIL. Thanks for your time, Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: spam/orbs, tcp-env, TCPREMOTEIP, and procmail -p
Strike that, there's one included with the rblcheck package, it just didn't install by default with FreeBSD's /usr/ports make. Sorry for the laziness and sloth exhibited here on my part. :) Chris On Fri, 17 Mar 2000, Chris Hardie wrote: > These things being said, does anyone have a good origip script to > suggest? > -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: spam/orbs, tcp-env, TCPREMOTEIP, and procmail -p
On Fri, 17 Mar 2000, Petr Novotny wrote:
> Sure. Please think about how qmail works:
> qmail-smtpd gets message, passes to qmail-queue, message gets
> queued, stop.
> qmail-send wakes up, passes message to qmail-local, it passes
> message to procmail.
>
> The TCPREMOTEIP is present only in the first part - ie. qmail-
> smtpd (and wrappers) and qmail-queue (and wrappers).
>
Makes perfect sense. Many of the docs on the ORBS and Qmail sites and
related lists/sites provide examples (that I pretty much copy/pasted) that
would indicate the variable is populated when Procmail runs, so I guess I
was assuming that the qmail environment was transferred to any script
invoked from a .qmail file.
These things being said, does anyone have a good origip script to
suggest?
Someone posted the below script to a list a while ago, but it's a
little too simple (recognizes 127.0.0.1) and failed on the test message I
requested from "[EMAIL PROTECTED]", the ORBS test address:
#!/usr/bin/perl
# Specifically for pulling the remote IP address out of Sendmail
# Received: headers. Supplied by Ophir Ronen ,
# ever-so-slightly modified by Edward S. Marshall .
#
# $Id: origip.pl,v 1.1.1.1 1998/01/09 20:42:50 emarshal Exp $
#
# $Log: origip.pl,v $
# Revision 1.1.1.1 1998/01/09 20:42:50 emarshal
# Initial import into CVS.
#
@msg = ;
foreach $line ( @msg )
{
chop $line;
if( $line =~ /.*\[(\d+.*)\]/ )
{
$REMOTEIP = $1;
last;
}
}
print STDOUT ( $REMOTEIP );
-- Chris Hardie -
- mailto:[EMAIL PROTECTED] --
http://www.summersault.com/chris/ --
spam/orbs, tcp-env, TCPREMOTEIP, and procmail -p
Hi. I'm currently implementing the "spam blocking on a per user basis"
solution using rblcheck and procmail. I've got everything in place and
all the command line tests pass just fine, but for some reason, by the
time procmail has gotten a hold of the message, the TCPREMOTEIP
environment variable is not populated.
I've been desperately pouring over the configuration and doing research
and can't seem to find an explanation for this. Is there a trick to
keeping this variable populated? Should I be using some version of an
"origip" script instead? Any insights?
Here's my config:
FreeBSD 3.3-RELEASE
inetd.conf:
smtpstream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env
/var/qmail/bin/qmail-smtpd
--
.qmail:
| preline /usr/local/bin/procmail -p
--
.procmailrc:
:0
* ! ? if [ -n "$TCPREMOTEIP" ]; then /usr/local/bin/rblcheck -q "$TCPREMOTEIP"; fi
{
EXITCODE=100
LOGABSTRACT=all
LOG="Filter: RBL-filtered address: \"$TCPREMOTEIP\"\n"
:0:
$SPAMFOLDER
}
Thanks,
Chris
-- Chris Hardie -
- mailto:[EMAIL PROTECTED] --
http://www.summersault.com/chris/ --
Re: SetEnv QMAILSUSER not working in Apache conf
On 26 Jan 2000, Frank D. Cringle wrote: > Chris Hardie <[EMAIL PROTECTED]> writes: > > I tested the env setting by printing out the ENV variable to a log file > > from within the CGI script, and it came up empty...this held true with > > non-QMAIL environment variables. > > > > So I suppose this might be more of an apache question, but surely one > > of you has dealt with this. :) > > Read about the PassEnv configuration directive in the Apache > documentation. I did this already - PassEnv is for passing an existing environment variable through to the CGI environment, e.g. PassEnv VARIABLE, whereas SetEnv is for setting the value, e.g. SetEnv VARAIABLE VALUE. In my case, I believe I want to use SetEnv. Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
RE: SetEnv QMAILSUSER not working in Apache conf
On Tue, 25 Jan 2000, Vince Vielhaber wrote: > > I have apache 1.3.11 (suexec) running on FreeBSD. mod_env is compiled in. > > The Virtual host entry has the proper SetEnv lines in it: > > > > SetEnv QMAILSUSER silas > > SetEnv QMAILSHOST hotzp.com > > > > And yet, qmail-inject is seemingly unaffected, and all messages generated > > have the "[EMAIL PROTECTED]" header. > > > > I tested the env setting by printing out the ENV variable to a log file > > from within the CGI script, and it came up empty...this held true with > > non-QMAIL environment variables. > > > > So I suppose this might be more of an apache question, but surely one > > of you has dealt with this. :) > > > > Anyone know the trick? > > SetEnv QMAILINJECT ? > > I don't remember if it's an 'f' or something else where the question > mark goes. man qmail-inject will tell you the letter to use. > I've tried this to no avail. As the above part of my message indicates, it seems the environment variables aren't even being set, let alone used. Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
SetEnv QMAILSUSER not working in Apache conf
Hi. I'm tackling the old problem of having "Return-Path" headers generated by CGI scripts set to something other than "[EMAIL PROTECTED]". I believe I understand what needs to be done, after reading these: http://www.ornl.gov/its/archives/mailing-lists/qmail/1997/02/msg00853.html http://www.ornl.gov/its/archives/mailing-lists/qmail/1999/06/msg00528.html http://www.ornl.gov/its/archives/mailing-lists/qmail/1998/11/msg00094.html I have apache 1.3.11 (suexec) running on FreeBSD. mod_env is compiled in. The Virtual host entry has the proper SetEnv lines in it: SetEnv QMAILSUSER silas SetEnv QMAILSHOST hotzp.com And yet, qmail-inject is seemingly unaffected, and all messages generated have the "[EMAIL PROTECTED]" header. I tested the env setting by printing out the ENV variable to a log file from within the CGI script, and it came up empty...this held true with non-QMAIL environment variables. So I suppose this might be more of an apache question, but surely one of you has dealt with this. :) Anyone know the trick? Thanks, Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Re: qmail-send hogging resources on upgraded FreeBSD system (resolved)
On Mon, 15 Nov 1999, Jos Backus wrote: > I have a feeling that you will need to do > > rm -f `cat TARGETS` > make > make setup check > > in the qmail source directory This seems to have fixed things, thanks. > What does > > # cd /var/tmp; ktrace -p 12849; sleep 10; ktrace -C; kdump | less > > say about what qmail-send is doing? It was basically this kind of "stuff" over and over again: 12849 qmail-send CALL gettimeofday(0xbfbfddb4,0) 12849 qmail-send RET gettimeofday 0 12849 qmail-send CALL select(0x9,0xbfbfde14,0xbfbfddf4,0,0xbfbfdde0) 12849 qmail-send RET select 1 12849 qmail-send CALL gettimeofday(0xbfbfddb4,0) 12849 qmail-send RET gettimeofday 0 12849 qmail-send CALL close(0x8) 12849 qmail-send RET close 0 12849 qmail-send CALL open(0x6070,0x4,0xbfbfdcc4) 12849 qmail-send NAMI "lock/trigger" 12849 qmail-send RET open 8 12849 qmail-send CALL stat(0x4262,0xbfbfdc60) 12849 qmail-send NAMI "todo" 12849 qmail-send RET stat 0 12849 qmail-send CALL open(0x4262,0x4,0x) 12849 qmail-send NAMI "todo" 12849 qmail-send RET open 9 12849 qmail-send CALL fstat(0x9,0xbfbfdc60) 12849 qmail-send RET fstat 0 12849 qmail-send CALL fcntl(0x9,0x2,0x1) 12849 qmail-send RET fcntl 0 12849 qmail-send CALL getdirentries(0x9,0x18000,0x1000,0x11174) 12849 qmail-send RET getdirentries 512/0x200 12849 qmail-send CALL gettimeofday(0xbfbfddb4,0) 12849 qmail-send RET gettimeofday 0 12849 qmail-send CALL select(0x9,0xbfbfde14,0xbfbfddf4,0,0xbfbfdde0) 12849 qmail-send RET select 1 12849 qmail-send CALL gettimeofday(0xbfbfddb4,0) 12849 qmail-send RET gettimeofday 0 12849 qmail-send CALL gettimeofday(0xbfbfddb4,0) 12849 qmail-send RET gettimeofday 0 12849 qmail-send CALL select(0x9,0xbfbfde14,0xbfbfddf4,0,0xbfbfdde0) 12849 qmail-send RET select 1 12849 qmail-send CALL gettimeofday(0xbfbfddb4,0) 12849 qmail-send RET gettimeofday 0 12849 qmail-send CALL getdirentries(0x9,0x18000,0x1000,0x11174) 12849 qmail-send RET getdirentries 0 12849 qmail-send CALL lseek(0x9,0,0,0,0) 12849 qmail-send RET lseek 0 12849 qmail-send CALL close(0x9) 12849 qmail-send RET close 0 Primitive observation tells me it was something to do with the trigger file and it's relationship with the upgrade kernel and system binaries, but I'll leave the final analysis to the more qmail-knowledgable. Thanks for your help. Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
qmail-send hogging resources on upgraded FreeBSD system
Howdy. We've been successfully and happily running qmail for a while now. This weekend we upgraded our system from FreeBSD 2.2.8 to FreeBSD 3.3. Since the upgrade (which went smoothly, thanks), the qmail-send process has been constantly running "at full steam", taking up as much CPU time as it can get. USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND qmails 12849 95.6 0.8 820 464 p6 R11:57AM 1234:39.21 qmail-send It's not really *doing* anything, though. There's very low mail volume, no repeating SMTP connections, and generally nothing to do. So I can't figure out why it's running in that manner. I realize this could be fixed with a call to ulimit in the rc file, but I hope to understand the problem before fixing it like that, especially since it's never behaved this way before. Any ideas? Thanks, Chris -- Chris Hardie - - mailto:[EMAIL PROTECTED] -- http://www.summersault.com/chris/ --
Bad return-path header, majordomo-inject, and rabid monkeys
Hi. We're having some problems with qmail and majordomo. I've read the FAQs on using the two together, the docs on majordomo-inject, the man pages for qmail-inject and qmail-header, and I still don't quite know what to do. The problem occurs when a message sent to a mailing list bounces on one or more of the mailing list addresses. The return path included in the message to the list is always invalid, often in the form: Return-Path: <[EMAIL PROTECTED]> Summersault.com is our domain, the rest of that is related to the invalid mailing list address. The result, as you can imagine, is that the bounce bounces, and everything ends up getting dumped to postmaster. I'm looking for A) someone to tell me which piece of software is writing that bad return-path header and why, and B) how to fix things so the the return path is properly set to the owner of the list. I know this has probably been discussed/answered before, but in reading all of the related docs I've become more confused rather than get closer to a solution, so I'd appreciate your help. I've included a sample bounced message below for your examination. System specs: qmail 1.03, majordomo 1.94.4, majordomo-inject. Thanks in advance! Chris Original Message Return-Path: <#@[]> Delivered-To: [EMAIL PROTECTED] Received: (qmail 18102 invoked by alias); 1 Oct 1999 12:31:22 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 18099 invoked by alias); 1 Oct 1999 12:31:22 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 18094 invoked for bounce); 1 Oct 1999 12:31:21 - Date: 1 Oct 1999 12:31:21 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the qmail-send program at summersault.com. I tried to deliver a bounce message to this address, but the bounce bounced! <[EMAIL PROTECTED]>: Sorry, no mailbox here by that name. (#5.1.1) --- Below this line is the original bounce. Return-Path: <> Received: (qmail 18090 invoked from network); 1 Oct 1999 12:31:21 - Received: from mail11.lax.netzero.net (209.247.162.44) by nollie.summersault.com with SMTP; 1 Oct 1999 12:31:21 - Received: (qmail 26871 invoked for bounce); 1 Oct 1999 12:31:09 - Date: 1 Oct 1999 12:31:09 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the NetZero mail server. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. <[EMAIL PROTECTED]>: Sorry, no mailbox here by that name. (#5.1.1) --- Below this line is a copy of the message. Return-Path: <[EMAIL PROTECTED]> Received: (qmail 26846 invoked by uid 0); 1 Oct 1999 12:31:09 - Received: from nollie.summersault.com (HELO summersault.com) (199.120.185.41) by mail11.lax.netzero.net with SMTP; 1 Oct 1999 12:31:09 - Received: (qmail 17847 invoked by uid 54); 1 Oct 1999 12:30:38 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 17840 invoked from network); 1 Oct 1999 12:30:35 - Received: from f318.hotmail.com (HELO hotmail.com) (207.82.250.238) by nollie.summersault.com with SMTP; 1 Oct 1999 12:30:35 - Received: (qmail 14000 invoked by uid 0); 1 Oct 1999 12:28:46 - Message-ID: <[EMAIL PROTECTED]> Received: from 63.24.87.146 by www.hotmail.com with HTTP; Fri, 01 Oct 1999 05:28:45 PDT X-Originating-IP: [63.24.87.146] From: "T. Eric Monroe" <[EMAIL PROTECTED]> To: Subject: NYC (9/26) results/ USA regionals and championship Date: Fri, 01 Oct 1999 05:28:45 PDT Mime-Version: 1.0 Content-Type: text/plain; format=flowed Sender: [EMAIL PROTECTED] Precedence: bulk
Qmail, Majordomo oddity
Greetings. I'm having a weird problem with qmail and majordomo. The "Return-Path" header on messages sent to a majordomo list is not being set properly, and I can't seem to figure out why. The list is named "[EMAIL PROTECTED]". The system user is "webacct" and so the majordomo forwarding takes place in .qmail files in that user's home directory, named ".qmail-developer" and ".qmail-developer-owner" and so on. The "owner" alias forwards to "[EMAIL PROTECTED]" (that's me). In one post, the following header was present: Return-Path: <[EMAIL PROTECTED]> In another: Return-Path: <[EMAIL PROTECTED]> In both cases there was an invalid e-mail address on the list and so when it tried to bounce, the bounce bounced. I've included a full e-mail message example below. My configuration is T-Tom Terrific as far as I can tell, and the majordomo code doesn't seem to explicitly set that header anywhere that I can find. I'm assuming it's related to the kludgy way of dealing with having a "-" in the list name, but can't really point to the exact problem. Any ideas? Thanks in advance, Chris -- Forwarded message -- Date: 5 Mar 1999 02:10:56 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the qmail-send program at summersault.com. I tried to deliver a bounce message to this address, but the bounce bounced! <[EMAIL PROTECTED]>: Sorry, no mailbox here by that name. (#5.1.1) --- Below this line is the original bounce. Return-Path: <> Received: (qmail 3620 invoked for bounce); 5 Mar 1999 02:10:56 - Date: 5 Mar 1999 02:10:56 - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: failure notice Hi. This is the qmail-send program at summersault.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. <[EMAIL PROTECTED]>: 209.1.112.253 failed after I sent the message. Remote host said: 550 System resource error: 104 --- Below this line is a copy of the message. Return-Path: <[EMAIL PROTECTED]> Received: (qmail 2098 invoked by uid 54); 5 Mar 1999 00:24:14 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 2091 invoked from network); 5 Mar 1999 00:24:12 - Received: from smtp.nz.eyi.com (HELO nzanote6.nz.eyi.com) (210.55.175.219) by summersault.com with SMTP; 5 Mar 1999 00:24:12 - Received: by nzanote6.nz.eyi.com(Lotus SMTP MTA v1.2 (600.1 3-26-1998)) id 4C25672B.00073352 ; Fri, 5 Mar 1999 13:18:38 +1200 X-Lotus-FromDomain: EYI-AP From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> Date: Fri, 5 Mar 1999 13:18:04 +1200 Subject: Re: What's next with WebAccountant Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Sender: [EMAIL PROTECTED] Precedence: bulk
Help ASAP: queued message, disk full, general chaos
Howdy; please help ASAP: We're running Qmail on FreeBSD 2.2.8. Someone sent a 17 MB message to one of our users. /var, where qmail is located, is only a 30 MB partition, and with that message sitting in the queue, only has about 3 MB left on it. In the maillog, the message deferral: Unable_to_forward_message :_qq_write_error_or_disk_full_(#4.3.0)./ appears repeatedly. There's plenty of space on the user's partition and their quota will allow for the message just fine. It appears that qmail somehow needs to re-write the message somewhere in it's own hierarchy on the same partition before it can forward it on. I tried reducing the queue lifetime so the message would bounce, but qmail can't bounce it either, the same messages of "file system full" keep appearing. I tried (much to your dismay) to move the queue directory to another partition, and got an error message at startup about "cannot start: unable to open mutex" so I didn't pursue that any further (can anyone say what "mutex" is?) So, I'd *really* like to know: 1) In the short term, is there a way to deliver or bounce this message without just deleting the queue file manually? 2) In general, did this problem arise because we improperly installed qmail to a small partition, or is there something about qmail that should be better in handling large messages (i.e. file system full problems) that it can't really handle? 3) If it's a disk space issue, is there a way to have the queue directory somewhere else or do we need to move the whole ball of wax? 4) Is there a way to restrict incoming/outgoing message size? Thanks very much for your help, Chris - Chris Hardie[EMAIL PROTECTED] http://www.summersault.com/chris Vote Picard/Riker in 2000 -
Re: .qmail file oddities
On Wed, 20 Jan 1999, Harald Hanche-Olsen wrote: > > But wait! I have an idea! It just occured to me that "lindgren" is > exactly 8 characters long, which is exactly the maximum length of a > username on many systems. So here is my conjecture: When your > system's getpwnam() is fed anything longer than 8 characters, it chops > it down to 8 characters and looks up the remainder in the database. > In fact, looking at the code in qmail-getpw.c, this is the only > reasonable explanation I can come up with (for some unreasonable > definition of "reasonable"). > > To help verify my hypothesis, try compiling and running the appended > program. Running it as ./getpwnam lindgren-pat will then return > > lindgren-pat: name="lindgren", uid=1021, gid=1021, homedir=/home/lindgren It returned: lindgren-pat: name="lindgren", uid=1021, gid=1021, homedir=/home/lindgren I think you're on to something here; I tested this on another virtual domain with an 8-char username, and got the same results (sorry that I claimed this was the only domain on which this happened, I only tested on non-8-char username domains and made an assumption). > So what system is this happening on? I am sure Dan will be > interested, so he can try to harden qmail against this kind of > silliness. This is on FreeBSD 2.2.8. So, um, what do I/we do now? Thanks very much! Chris - Chris Hardie[EMAIL PROTECTED] http://www.summersault.com/chris great is the power of truth -
Re: .qmail file oddities
On Wed, 20 Jan 1999, Harald Hanche-Olsen wrote:
> | su-2.01# /var/qmail/bin/qmail-getpw lindgren-pat | tr '\000' :
> | lindgren:1021:1021:/home/lindgren:::
> |
> | Does this look right?
>
> No!
>
> | What are the last two fields in the printed results
> | ("-" and "joe" in your example above)?
>
> They are the dash and extension. Together, they are what qmail-local
> adds after ".qmail" to find out what .qmail file to use, thus ending
> with .qmail-joe. It's divided up into dash and extension so the
> latter can be put into $EXT for use by any commands run from the
> .qmail file.
>
> In your example, the expected output would be
>
> lindgren:1021:1021:/home/lindgren:-:pat:
>
> whereas /var/qmail/bin/qmail-getpw lindgren | tr '\000' :
> ought to print what you did get.
>
> So this is your problem, right there. Now, do you run qmail's
> standard qmail-getpw or not?
Yes, we haven't changed anything with the default qmail configuration, and
we experienced a clean install. As I said, this behavior is only present
with this one domain, and no others, for no apparent reason.
> If you do, I must conclude that
> getpwnam() behaves rather strangely on your system. (Or that there is
> another user actually named lindgren-pat in the passwd database.)
Is there any state information stored by qmail in terms of usernames and
domains? That is, at one time there was a .qmail-default in that
directory, but I've since removed it, but the functionality hasn't gone
away.
Thanks for your help.
-
Chris Hardie[EMAIL PROTECTED]
http://www.summersault.com/chris
great is the power of truth
-
Re: .qmail file oddities
On Wed, 20 Jan 1999, James Smallacombe wrote: > > Are you SURE the domain is NOT listed in locals? If it is, it could cause > this... Positive. ----- Chris Hardie[EMAIL PROTECTED] http://www.summersault.com/chris great is the power of truth -
Re: .qmail file oddities
On Wed, 20 Jan 1999, Harald Hanche-Olsen wrote: > - Chris Hardie <[EMAIL PROTECTED]>: > > | It's as if there's an invisible .qmail-default file at work, but I can't > | find what's causing this. Any ideas? > > Do you employ the users/assign mechanism at all? If so, maybe there > is a clue there. Also, take a look at the topmost Delivered-To: > header field in the incoming messages for possible clues. There's nothing in the users/ directory, so I don't think that would come into play. The topmost delivered-to is always either the contents of .qmail (if that file exists) or [EMAIL PROTECTED] or something else that seems very reasonable. But if it was really delivering to user-joe, it should be paying attention to .qmail-joe, which it is not. Chris - Chris Hardie[EMAIL PROTECTED] http://www.summersault.com/chris great is the power of truth -
.qmail file oddities
Greetings. I'm experiencing an oddity with .qmail files in qmail-1.03. In /var/qmail/control/virtualdomains: domain.com:user In the past, messages sent to "[EMAIL PROTECTED]" were sent to ~user/.qmail-joe, and if that file didn't exist, they were bounced back to the sender. This still happens, except on one domain. This domain is set up like all the others, with no detectable differences in configuration or permissions, but messages sent to "[EMAIL PROTECTED]" are delivered to ~user/Mailbox If I put *no* .qmail files in ~user, all messages to any user are delivered to ~user/MailboxIf I put a .qmail file in ~user, all messages are piped throgh that file, even if I add a ~user/.qmail-joe file, it still goes through ~user/.qmail. It's as if there's an invisible .qmail-default file at work, but I can't find what's causing this. Any ideas? Thanks, Chris ----- Chris Hardie[EMAIL PROTECTED] http://www.summersault.com/chris great is the power of truth -
