Re: Outlook 'server pushed' mail notification
John P wrote: I've seen some offices have new mail delivered 'instantly' to their Outlook users - I presume it's when done in conjunction with Exchange. That is, as soon as the server recieves the e-mail, it is put in the user's folder and they are notified with the little envelope (and annoying sound). I think it works over NetBIOS. Will it work via Qmail and a centrally-held POP3 store? Without knowing how it really works, that's hard to say. But if Excange is simply sending a notification to the user to _check_ his/her mail, then you would have to know how to simulate that notification from your mail machine. If you could do that, then you could certainly write a simple script to send that notification whenever new mail arrives. Personally, just I have my MUA check the server every 10 minutes - most MUAs will check as often as 1 minute. I don't really see much difference between getting email notification instantly and getting it up to 59 seconds after it arrives. Eric
Re: dotqmail scripting
Peter Samuel wrote: On Thu, 21 Sep 2000, Eric Cox wrote: Mail is delivered to [EMAIL PROTECTED] ~alias/.qmail-user1 contains: |script that writes a username into ~alias/.qmail-user2 user2 It would work but it's a woefully inefficient way to do it. Especially as qmail comes with a mechanism to do just this - /var/qmail/bin/forward. ~alias/.qmail-user1 contains: | forward `some_script_that_generates_new_addess(es)` See the man page. The man page says that forward is a wrapper around qmail-queue. Doesn't that mean the message makes two complete trips into and out of the queue, while the method I described is handled completely within qmail-local? Granted I haven't looked at the source yet, but what have I missed? Eric
Re: List activity
Mike Hodson wrote: Hey, im just wondering, is the qmail list activity oddly slow, or is my new email setup blocking 90% of all incoming messages? Without any numbers, how would you expect us to know? Eric
Re: Mypoints.com is not nice to us qmail admins (was: C API for queueing messages)
"Aaron L. Meehan" wrote: Quoting Jay Balakrishna ([EMAIL PROTECTED]): [...] Any help will be appreciated. Any other ideas are also most welcome Thanks and Regards, Wow, Mypoints! I think Mark is helping admirably with your question, but I will offer some help myself in another area that Mypoints needs assistance: I will write a program to collect your bounces and weed the stale addresses from your mailing lists--because you never do! [snip.] Got it. Mypoints.com == Evil and/or clueless spammer. Adding their netblock to personal RBL domain now... Call me an ultra hair-trigger reactionary, but I just have no tolerance for spammers of any stripe, and I figure the more IPs in my RBL-style domain, the cleaner and more manageable my mail queues will be... Eric
FAQ Listbot? (was: Re: rcphosts)
On 13-Sep-2000, Jerry Hsieh wrote: " The mail server responded: sorry, that domain isn't in my list of allowed rcphosts. Please check the message receipients and try again" If I add the xyz.com in the rcphosts and it works. My question is how can I edit this file (by addind all the domain? Noo) or there is better way I can do about it? Thanks for your time. (I say this seriously - not to belittle the guy asking the FAQ) I think I'm going to start working on a listbot that attempts to automatically respond (off list) to FAQs. I think I could do a fuzzy regex search on some common qmail error messages (and their mispellings) and send a canned response - it will probably be very simplistic, as I have lots of other irons in my fire... Has anyone started such a project and let it fallow, who might like some help? Any other Pythoneers out there interested in colaborating? Also, is there a downside to this that I just can't see? Am I asking for trouble by having a bot listen in on this list? Eric
Re: Blocking certain mail with no From
"Hubbard, David" wrote: Hi all, I've got a couple of places that like to subscribe non-existant email addresses to mailing lists without confirmation. One of these bastards is winvite.com. The problem I'm having is that they don't send their emails with a "From" header, so control/badmailfrom with an @winvite.com entry is not blocking their mail. The other problem is I can't block them by IP because they seem to have a large amount of outgoing mail servers. I get the emails from mail##.winvite.com where ## can be any number. The servers so far have followed that pattern though, so is there anything I can do? I use rblsmtpd, and a local RBL style domain, which allows me to block off whole netblocks with a 'dig' command and a couple of Python scripts. Also allows me to give a customized "middle finger" bounce message to each domain. New spammers can be blocked off within seconds of popping up. Contact me off-list if you'd like more info. Eric
Re: Monitoring Email - Clarified
"Scott D. Yelich" wrote: Understand? There's just, what I perceive, as a growing tendency for people to answer a question with what they want, regardless of what they were asked. Or perhaps they just don't know the answer to that exact question, so they "nibble around the edges" a bit, and give the questioner the benefit of what knowledge they _do_ have. Is no answer better? ps: have you noticed that LES's address bounces? I wonder if he's having difficulty with qmail. I struggled with qmail yesterday for 3+ hours... I followed a FAQ/HOWTO to the letter... it's faulty. Yes, I finally figured it out and I even resisted asking the list. Which FAQ is faulty? it might make it easier to improve them if you volunteered the information. Eric
Re: Linuxluser thread (Was: linuxpeople thread)
"Robin S. Socha" wrote: * [EMAIL PROTECTED] [EMAIL PROTECTED] [000913 04:32]: Hello I have documented each step up until they fail. Damn, you are *STUPID*. When someone tells you to post a *SHORT* and *PREGNANT* error message, why do you send 600 lines? /compile qmail-local.c qmail-local.c:1: sys/types.h: No such file or directory make: *** [qmail-local.o] Error 1 /usr/src/linux/include/linux/types.h Which part of "did you install your kernel sources" from, like, a day ago, do I have to read out s-l-o-w-l-y to you again? http://www.ornl.gov/its/archives/mailing-lists/qmail/2000/09/msg00774.html "Dave, I really think you ought to sit down, take a stress pill, and think this over." -- HAL9K Eric
Re: sendmail equivalent command on qmail
"Alfredo Batista Rguez, Dpto Informatica" wrote: Helo people: I have a bit question. What is the equivlent command on QMAIL of : sendmail -U -f [EMAIL PROTECTED] [EMAIL PROTECTED] This commnd line are used by X daemon to send messaje to [EMAIL PROTECTED] with statistical resume. I read about Qmail-inject, but I'm not sure that It's correct. See: http://Web.InfoAve.Net/~dsill/lwq.html and look for section 4.2.2. Eric
Re: Mass Mailout Performance Tips
[EMAIL PROTECTED] wrote: Are you using multiple spindes? Can I recommend that you do. Do you mean separate hard disks for the queue? .. The queue resides on a RAID5 hardware controlled array. I seem to remember someone saying that RAID5 is exactly the wrong kind of RAID for a mail queue. As I understand it, RAID5 does read of the same sector(?) of all spindles, recalculates parity, then a write back to all (only one?) spindles. This would be quite a write penalty if the RAID controller honored fsync's. You might want to check the archives for it because my feeble memory may be fooling me, but I've seen lots of people recommend RAID1+0 for mail queues. Eric
Re: how to get off the mailing list?
Sam Carleton wrote: Can someone enlighten me as to how to remove myself from this mailing list? I don't know myself, but I know a guy that does. His email address is [EMAIL PROTECTED] . Drop him a line, and I'm sure he'll be happy to help you... Good luck, Eric
Re: I have a problem
And then mail it to someone. Eric Fabio Pedrazzoli wrote: Please guru write down your problem. Ima Guru wrote: I have a problem with qmail. Can someone tell me how to fix it? Thanks!
Re: Email to SMS
"[EMAIL PROTECTED]" wrote: Is there a add on for qmail to enable email to SMS. Nothing specifically for qmail (that I know of), but for general Unix, it shouldn't be too hard to cobble up a script or two using sms_client: http://freshmeat.net/projects/smsclient/?highlight=sms_client I use it to notify me of major problems on my network, and when my servers detect hackers nosing around. Works very well... Eric
Re: You sure do (was Re: I have a problem)
Stephen Bosch wrote: Ima Guru wrote: I have a problem with qmail. Can someone tell me how to fix it? Thanks! Sure! Reconfigure your frombulator and make sure that the permissions are correct on your flarm scripts. Also, don't forget to thoroughly grease your muffler bearings and tighten your floating magnetronic dialator... Eric
Re: Open relay test.
Sean C Truman wrote: I am adding the non-colors, table feature.. I do not like the colors or tags. GUI people like it.. I will add a Bool for the Graphics and table format.. so that you can switch from either mode.. however as you reported at the bottom it is not considered a open relay.. But if ORBS runs the test and it fails then you are added to the ORBS database.. I don't think that's true. They bad-mouth qmail for doing this in their tech section, but I'm almost certain that the mail has to actually be relayed to get listed. Eric
Re: Open relay test.
"Stephen F. Bosch" wrote: I imagine that more than one person on this list has spoken to ORBS about their misleading relay test? How many people have ended up on the ORBS list simply because their qmail installations accepted emails with "%" or "!" in the To: field? None. ORBS doesn't do this. If none of the mails are relayed back to one of the ORBS recieving machines, the tested machine is not listed. This seems extraordinarily stupid to me... It would be if it were true... Eric
Re: Anyone know how to intercept mail?
Wilson Henriquez wrote: Hey all! I really need to intercept mail coming from outside users that are trying to contact an unknown user on my mail system. Does anyone know how to do it? If i understand you correctly, you should be able to do: echo "wilson" ~alias/.qmail-default to send all mail bound for unknown local users to your account. Also, I do not know how to reply to this list, can someone just give me quick instructions? Not quite sure what you mean. Everything sent to [EMAIL PROTECTED] gets sent out to everyone on the list. Send any message to [EMAIL PROTECTED] to get instructions from ezmlm, the guy that manages the list... Eric
Re: Sending an email to all users of my system
Roberto Samarone Araújo (RSA) wrote: I would like to know how can I create an email , so when I send a message using this email it will send a copy of it to all users in my email system including virtual emails but , if an user try to make a reply of this email , it only will send a email to the email that I use to send to all user and not to all users in my server . I don't want to create a moderated mailing list to do it . I have a ~alias/.qmail-all with all of my user's names in it, and this allows me to send messages out to the entire company by sending one message to [EMAIL PROTECTED] Works great, but one caveat: you should put in a script at the top that checks to make sure the sender is local, and returns an error code (man dot-qmail) if not. This is to prevent outside users from sending emails to everyone on your system. Eric
Re: user getting mailing list
Petre Rodan wrote: Hi folks! I have the following dilema: peter is a user on my system. peter subscribes to this mailing list. how can I make sure peter getts the messages from this list? I ask this because the 'TO:' field doesn't point to the local user but to [EMAIL PROTECTED] MTAs route mail by the envelope-sender, not the To: header. If ezmlm at list.cr.yp.to has Peter's correct email address, Peter should get his mail. Eric
Re: Timezone
"Stephen F. Bosch" wrote: Daniel Augusto Fernandes wrote: Yes, I agree with the MUA being responsible for doing the translation. But some doesn't do that. Like Mickeysoft's Outlook Excess, for example. Outlook is not standards compliant. What you're essentially asking for a way to break qmail so that it will work with Microsoft's mediocre product. =) Actually neither Netscape 4.72 nor Pine 4.10 do it either. Anyone know of an MUA that _does_ translate the Date: header? Eric
[Fwd: Re: Timezone]
Return-Path: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: (qmail 8713 invoked from network); 30 Aug 2000 03:20:52 - Received: from muncher.math.uic.edu (131.193.178.181)by 192.dsl7839.rcsis.com with SMTP; 30 Aug 2000 03:20:52 - Received: (qmail 31869 invoked by uid 1002); 30 Aug 2000 03:19:49 - Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk Delivered-To: mailing list [EMAIL PROTECTED] Received: (qmail 24239 invoked from network); 30 Aug 2000 03:19:48 - Received: from dsl-cap-209-115-249-138-cgy.nucleus.com (HELO dsl-ch-l15-c80-n249-i138-cgy.nucleus.com) (209.115.249.138)by muncher.math.uic.edu with SMTP; 30 Aug 2000 03:19:48 - Received: (qmail 19854 invoked from network); 29 Aug 2000 21:19:18 -0600 Received: from dsl-cap-209-115-249-136-cgy.nucleus.com (HELO vodacomm.ca) ([EMAIL PROTECTED])by dsl-cap-209-115-249-138-cgy.nucleus.com with SMTP; 29 Aug 2000 21:19:18 -0600 Sender: sfbosch Message-ID: [EMAIL PROTECTED] Date: Tue, 29 Aug 2000 21:14:15 -0600 From: "Stephen F. Bosch" [EMAIL PROTECTED] X-Mailer: Mozilla 4.72 [en] (X11; U; Linux 2.2.16 i586) X-Accept-Language: en MIME-Version: 1.0 CC: Qmail Mailing List [EMAIL PROTECTED] Subject: Re: Timezone References: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mozilla-Status: 8011 X-Mozilla-Status2: X-UIDL: 967605652.8716.dream Eric Cox wrote: "Stephen F. Bosch" wrote: Daniel Augusto Fernandes wrote: Yes, I agree with the MUA being responsible for doing the translation. But some doesn't do that. Like Mickeysoft's Outlook Excess, for example. Outlook is not standards compliant. What you're essentially asking for a way to break qmail so that it will work with Microsoft's mediocre product. =) Actually neither Netscape 4.72 nor Pine 4.10 do it either. Then why does my version of 4.72 do it correctly? Are you sure? I've quoted the all the headers above to show you my Netscape clearly does not do it. Here are some dates from other messages, all in Netscape: Date: Tue, 29 Aug 2000 22:34:04 GMT Date: Tue, 29 Aug 2000 22:51:22 +0200 Date: Tue, 29 Aug 2000 18:04:11 -0400 (EDT) If Netscape is translating them, should they not all be a common timezone? Eric
Re: Weird Problems.
Sean C Truman wrote: Hey guys, Ok I am to my wits end on a problem. 1) tcpserver hangs for 2-4 min after 4-10 min of operations. Looking at the problem it looks like the TCPSERVER hangs and svscan restarts it after 2-4 mins. If I Kill the tcpserver processes ever 5 min I dont have any problems.. (This one is really killing me..) I know its not a DNS issue, I know its not equipment issues (After replacing a 2500 series Cisco with 2600 series, and replacing old BAY networks switch with new Cisco Castlyst 2900 series) This problem just started happening last week. (The machine has been processing mail fine for last 230 days) I also have tried to recompile tcpserver to no avail. And it is completely random, tcpserver locks up when there is a Heavy Load and when there is no load on the machine. Chances are I'm not going to be the one answering this question, it's a bit out of my area of expertise. But I do feel compelled to give some advice: you would be much more likely to actually get an answer if you provide some (any) info about your setup. At this point we know there are a few Cisco switches on your network, but we don't even know which OS you're running. Here are some questions: What OS? What hardware? (espesially network hardware) How (exactly) is your machine connected to the internet? What else is running on the machine? Those are just the ones that popped into my head in a few seconds. Something tells me the guru that answers this question is going to need alot more info than that... Good Luck, Eric
Re: Qmail starts dropping email all of a sudden and SLOWWWW attachment upload
Daniel Ceregatti wrote: Chris Johnson wrote: On Thu, Aug 24, 2000 at 11:37:15AM -0700, Daniel Ceregatti wrote: Recently, some weird stuff has been happening. All of a sudden, mail to certain users gets dropped (i.e. /dev/null). It simply vanishes. No bounce, nothing. But other users are unaffected. To fix this situation I have to restart qmail. What Do the Logs Say? (copyright 1998, Dave Sill) [root@mail qmail]# tail -f /var/log/maillog Aug 24 12:24:55 mail qmail: 967145095.820766 new msg 932290 Aug 24 12:24:55 mail qmail: 967145095.821360 info msg 932290: bytes 722 from [EMAIL PROTECTED] qp 7274 uid 401 Aug 24 12:24:55 mail qmail: 967145095.912351 starting delivery 321: msg 932290 to local [EMAIL PROTECTED] Aug 24 12:24:55 mail qmail: 967145095.912855 status: local 1/50 remote 1/50 Aug 24 12:24:56 mail qmail: 967145096.852530 delivery 321: success: did_1+0+1/ Aug 24 12:24:56 mail qmail: 967145096.852955 status: local 0/50 remote 1/50 Aug 24 12:24:56 mail qmail: 967145096.853062 end msg 932290 Yet... [root@mail qmail]# ls -l /var/qmail/users/miken/Maildir/new/ total 0 His Maildir is empty... Is there some other log I'm not aware of? What are the contents of his .qmail file? Eric
Re: Qmail starts dropping email all of a sudden and SLOWWWW attachment upload
Daniel Ceregatti wrote: Yes, it was delivered to the Mailbox file in their directory. Thing is, this is a spool type file, mails are concatenated. Do you know a way to make this available to the user without parsing it and placing it into their regular directory? I tried simply placing the file in that directory but imapd doesn't seem to like it. Remember to fix your default delivery setup, so that if your users rm their .qmail files, mail will get delivered properly by default. The default delivery setup is given on the commandline after qmail-start. Eric "Timothy L. Mayo" wrote: Ok, so ldap lookup is failing user doesn't exist.. what are the contents of /var/qmail/alias/.qmail-default? qmail delivered the message to something and did it successfully. On Thu, 24 Aug 2000, Daniel Ceregatti wrote: OK! Made some progress! Turns out the users that stop receiving email all have no .qmail file in their dir! It looks like it starts to crap out if it loses connectivity to ldap then it doesn't know what to do with the mail since there's no .qmail file. Well, 1 problem down, 1 to go! Thanks "Timothy L. Mayo" wrote: On Thu, 24 Aug 2000, Daniel Ceregatti wrote: Chris Johnson wrote: On Thu, Aug 24, 2000 at 11:37:15AM -0700, Daniel Ceregatti wrote: Recently, some weird stuff has been happening. All of a sudden, mail to certain users gets dropped (i.e. /dev/null). It simply vanishes. No bounce, nothing. But other users are unaffected. To fix this situation I have to restart qmail. What Do the Logs Say? (copyright 1998, Dave Sill) [root@mail qmail]# tail -f /var/log/maillog Aug 24 12:24:55 mail qmail: 967145095.820766 new msg 932290 Aug 24 12:24:55 mail qmail: 967145095.821360 info msg 932290: bytes 722 from [EMAIL PROTECTED] qp 7274 uid 401 Aug 24 12:24:55 mail qmail: 967145095.912351 starting delivery 321: msg 932290 to local [EMAIL PROTECTED] Aug 24 12:24:55 mail qmail: 967145095.912855 status: local 1/50 remote 1/50 Aug 24 12:24:56 mail qmail: 967145096.852530 delivery 321: success: did_1+0+1/ This line shows that it did more than just a delivery to the local user. Is there a .qmail file for this user and if so, what are its contents? - Timothy L. Mayo mailto:[EMAIL PROTECTED] Senior Systems Administrator localconnect(sm) http://www.localconnect.net/ The National Business Network Inc. http://www.nb.net/ One Monroeville Center, Suite 850 Monroeville, PA 15146 (412) 810- Phone (412) 810-8886 Fax - Timothy L. Mayo mailto:[EMAIL PROTECTED] Senior Systems Administrator localconnect(sm) http://www.localconnect.net/ The National Business Network Inc. http://www.nb.net/ One Monroeville Center, Suite 850 Monroeville, PA 15146 (412) 810- Phone (412) 810-8886 Fax
Re: Queue Time
[EMAIL PROTECTED] wrote: On Thu, 17 Aug 2000, Eric Cox wrote: [EMAIL PROTECTED] wrote: If you only go to an hour granularity and assume a queuelifetime of no more than seven days, then you only need 168 instances. I was kinda thinking of something a little more elegant than that... How about using Netscape's X-Priority header to set the queue lifetime according to the admin's wishes. Set 5 different queue lifetimes according to based on the 5 settings of the X-Priority header. This could be accomplished with Ian's patch, and some preprocessing before qmail-inject. qmail-send doesn't read the contents of the mesdsage, Yep, hence the "preprocessing". Considering the case of 'this mail message is no longer of use unless delivered to the recipient BY time X'. On a qmail system we only have control of the retry schedule on suystems which we control: Agreed - no system is perfect. I was just pointing out that some of the MUAs had already come halfway, and with some scripting and Ian's patch, one might be able to meet them in the middle. Personally I don't have any use for this functionality, but thought I'd throw it into the mix... Eric
Re: Is This Annoying Enough?
From: Dave Sill [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 17, 2000 5:43 AM Subject: Re: Is This Annoying Enough? Bruno Prior [EMAIL PROTECTED] wrote: A short while before the self-righteous thread on How To Annoy People Whose Help You Need, I posted a request for help with a problem I was experiencing. Pardon me for trying to humorously and constructively address a problem the list has been having. Hey Dave, If you come across some free time :-), I have some ideas Re: "HOWTO: How to get yourself into as many killfiles as possible" (without typing a single curse word - I figure that would be too easy. :-) Eric
Re: qmail prefered platform??
TAG wrote: Hi ALL, What is the prefered platform for qmail to run on - say I have a 100 000 mailboxes that are VERY busy - what do I want to run this on . Your advise is greatly appreciated... Unix. Badoomboom-Crash! *roaring laughter* But, seriously folks I've heard that Linux can have more of a tendency to fold-up-and-die under extremely high loads, and that on *BSD this behavior is much less pronounced - but I've personally never seen it, and use Linux exclusively. You really should look through the archives - I've seen platform specific problems on the list, but not many. It really comes down to how much you're willing to spend on hardware, then what OS supports your hardware the best, what you want in the way of support, etc... Eric
Re: Queue Time
[EMAIL PROTECTED] wrote: If you only go to an hour granularity and assume a queuelifetime of no more than seven days, then you only need 168 instances. I was kinda thinking of something a little more elegant than that... How about using Netscape's X-Priority header to set the queue lifetime according to the admin's wishes. Set 5 different queue lifetimes according to based on the 5 settings of the X-Priority header. This could be accomplished with Ian's patch, and some preprocessing before qmail-inject. Eric
Re: Filtering Spamming
Baltazar Quinterno wrote: Can anyone give me some tips for filtering incomming mails from certain hosts or e-mails adresses. Tons of info on the qmail site. Search for "rblsmtpd". Once that is installed, check out www.mail-abuse.org, and www.orbs.org. Im running Qmail+tcpserver, does anyone have a script from deleting messages from queue, following some match, for cleaning spamm from spool. Spammer gotcha, eh? Know the feeling... Again, there's info on the qmail site. I believe you can just stop qmail, delete the messages (from the spammer! :), and then restart qmail. But don't quote me on that. In any case, this very scenario has been discussed every week or so of the few months that I've been on the list. A good place to start is Dave's (?) mailing list archive search page: http://www-archive.ornl.gov:8000/ . Hoping that helps, Eric
Re: converting tai64n to something readable
Ben Beuchler wrote: Since I do not know C, I do not have the luxury of using libtai. So I guess I would need a way of converting a specific time to it's tai64n equivalent. First, like some people have already said, learn C. If you ever need to write something that handles large amounts of data effeciently on a *nix machine, C is the s**t. Not to mention you may need to modify one of your programs to suit your tastes. That being said, i'm working on a Python module as an interface to libtai. I believe I've figured out most of the intricacies of Python modules, and have a few functions coded. But with my schedule it will be at least a few days until I can use it in a program to test it out. I'll post a webpage at www.ericcox.com when it does something useful... Eric
Re: Someone have a bad experience with qmail once.
Sean, my friend, you are venturing into dangerous waters :) Check the mailing list archives to find out why... Eric Sean C Truman wrote: This was taken straight from the www.orbs.org site. http://www.orbs.org/otherresources.html "Qmail admins: Qmail's current version is insecure by default. Most admins [blah, blah...]
Re: local email stuck in que until i restart qmailsend?? help
J wrote: For some odd reason... one of my qmail machines is "blind" to mail going to the same domain! smtpd just places them in the que and qmailsend doesn't see them until I kill/restart qmailsend. After I restart, it sends them and then becomes stupid again and doesn't send any more that are que'd up after the fact. It does howeever see mail going to other "domains" and sends it off right away. Check out: http://Web.InfoAve.Net/~dsill/lwq.html#trigger Eric
Re: Protection
Brett Randall wrote: Set up an automatic revenge flood? Maybe not... : It depends if it is mailing lists or spam. First start by unsubscribing from REAL mailing lists. Then the mailing-list admins will never learn to use authenticating managers. Slider: Mailing lists, I say bounce it, definately. ezmlm will simply auto-unsub you, but other, non-authenicating mailing lists will get the spam. Let the mailing list admins unsub you - after all, it's their unsecure lists that allowed this to happen. As for the spammers, start using RBL,RSS, etc,etc,etc... Also, if you're this user's ISP, don't you already have all of his info? Maybe you should threaten to post his credit card number (just kidding!!!) Eric P.s. Just a thought: Once you get rblsmtpd set up, you could write a script to scan for the first Recieved: line with an IP, add the sending IP to your own RBL-style domain. Mail will pile up on the sending end without your intervention, and without loading down your server (to recieve the mails and generate bounces). Then, when it all dies down a bit, take the IPs out of the domain, and you're back to normal... If it is spam, change your domain name...I would personally sue the ex user for breaching your 'reasonable use policy' (what? you don't have one? doh!) or at least for ongoing damages since you are now virtually permanently committed to wasting bandwidth on unsolicited e-mails. Only other option is to refuse the e-mails (ie using common spam killing techniques) at the last relay before it is transferred over your link. Hi all, Please can you help with advise about protecting my mail servers from one of my on ex users!! He/She has subscribed to about 30 mailing lists with the address that falls under my mail service! I am now recieving about 10 mails a minute for that user! Removing the maildir and letting them bounce is not helping as I thought it would... any other suggestions?? Slider
Re: spambot subscribed to qmail list recently
Charles Cazabon wrote: Hi, all, I think someone has recently subscribed an email harvester to the qmail list. Two messages I've sent today have both resulted in almost immediate spam with subject "Have a GREAT day on me.". The mail appears to be forged to look like it was relayed through a hotmail server. Anyone else experiencing this today? I've run the messages through spamcop, but I'm not hopeful. Unless this spammer is a complete dumbass, (which I suppose is likely), his domain appears to have been created for the sole purpose of messing with people: Non-authoritative answer: Name:frankiefantastic.20m.com Address: 127.0.0.1 Aliases: www.frankiefantastic.20m.com Sheesh. I LARTed 20m.com, hopefully they have some on-the-ball people there that will squash this guy... Eric
Re: one SMTP Server Backup
Luis wrote: Hello Everyone, I have a pretty situation in my ISP: I Have to SMTP Server for one domain: the first has de MX=1 the second has the MX=2 I need to create one solution where when the second server is up, all the incoming messages on the first server would be moved to the second server and, when the second server is down, all the incomming messages on the first server would be locked internally and, when the second server goes up, would be moved to the second server. SendMail works good on this situation. yep, do it at work, with one smtproutes line. "man qmail-remote" should provide the appropriate syntax (which escapes me at the moment). Eric
Re: tai64n -- why?
Ben Beuchler wrote: On Fri, Aug 04, 2000 at 07:11:52PM -0700, Russ Allbery wrote: syslog timestamps are amazingly annoying to try to parse. TAI64 is trivial to parse. This is a significant improvement. ISO date/time format would also have been easy to parse, and I would have been slightly happier with that, but TAI64 is definitely a *huge* improvement over syslog if you want to do anything at all automated with the logs. OK. I can see where that is a strong argument for TAI64n. I have tried to develop a way of converting from TAI64n to a human readable format but I'm afraid I'm having difficulty comprehending the format. Has anyone written any perl/python code that translates to a human readable format? Or can offer a brief "pseudo-code" algorithm? Or even a more clear description of the format would be helpful. Dan's writeup left me a bit lost... Have you looked into using libtai in your app? It's Dan's library for using tai, and could be linked with your application. I currently trying to write a Python wrapper for it so I can use it from my Python scripts... Eric
Re: tai64n -- why?
Ben Beuchler wrote: On Sat, Aug 05, 2000 at 11:54:41AM -0700, Eric Cox wrote: Have you looked into using libtai in your app? It's Dan's library for using tai, and could be linked with your application. I currently trying to write a Python wrapper for it so I can use it from my Python scripts... You're my hero! The reason I don't use libtai is that I don't program in C. I program in Python. How much headway have you made? Is it usable? Heh, no way... :( But I'm getting back into it. When I get it into a usable state I'll post it on my website at www.ericcox.com. Keep checking back... Eric
Re: Editing error messages
Bryan Ischo wrote: The people who read bounce mails are typically those who sent it, which, 99% of the time, is a person who is completely unfamiliar with mail systems. To them, something like, "You cannot sent mail to that site using this mail server", or somesuch, would be less confusing and more personable. Another possibility is putting personal, domain-specific info into the bounce messages, like who to contact for help, etc... Eric
Re: Anti Virus
Alexander Pennace wrote: Not all binary attachments are bad. PGP/MIME signed messages (such as this one) put the PGP signature in a MIME attachment, see http://www.rfc-editor.org/rfc/rfc2015.txt. I would be very unhappy if someone was removing the PGP signatures from my messages. What PGP signatures? :-) Eric
Re: rblsmtpd
Jon Rust wrote: See 'man rblsmtpd'. :-) No man page for rblsmtpd, at least on my 6-month old package. Docs are actually on the rblsmtpd download page. [snip.] Some rather basic questions How do I set the $RBLSMTPD environment variable in order for rblsmtpd to block incoming rbl mails? Does rblsmtpd need it's own daemon or can it be integrated with the smtpd daemon if so how?
Re: Asking again: rcpthosts, relaying, and tcp-env 7.6
Todd Finney wrote: Hi again, No one seems to have an answer on this, which leads me to believe that my question is either (1) a dumb question well covered in a doc somewhere, or (2) an extremely difficult question that has everyone stumped. Could someone at least clue me in on which one it is? Hi Todd, I couldn't find anything in your post that looked any different than the FAQ - the answer to the FAQ should fix your problem. Why don't you post your hosts.allow (inetd) or tcp.smtp (tcpwrappers) file. Here's the relevent line from my home box: tcp-env: 192.168., 127.0.0. : setenv = RELAYCLIENT I'm using inetd for SMTP - if you're using tcpwrappers the tcp.smtp file would be different but similar: 192.168.0.0:allow,RELAYCLIENT="" 127.:allow,RELAYCLIENT="" (those are the example lines - I don't use them so I don't know if they're correct) Basically, anytime one of your local machines connects to the SMTP port, set RELAYCLIENT before running qmail-smtpd. Eric
Re: How to requeue messages?
Albert Hopkins wrote: How do I requeue message files that are in a users Maildir. I had changed the user's .qmail file to forward to another address and I want the items in the user's Maildir/new to be requeued. If the messages have already been delivered to a Maildir then you need not run them back though qmail. Just move (mv) the messages to the new user's ~/Maildir/new directory, and do a chown to change their ownership. Assuming users olduser and newuser: chown newuser.users ~olduser/Maildir/new/* mv ~olduser/Maildir/new/* ~newuser/Maildir/new Eric
Re: Returned mail: User unknown * from this list!
Yeah, I've gotten about 10 of these. I put them into my RBL domain with a message that should (hopefully) let the admin of this busted mailer know something is wrong. 'Course now his mailer is constantly beating on mine trying unsuccessfully to deliver all those bounces. I hope this guy pulls his head out soon... Eric Brett Randall wrote: Does anybody else get this bounceback when posting to this qmail list? I get it for EVERY e-mail I send to here! And I'm not bcc'ing or cc'ing to this or any other user... Whichever gateway is having trouble here is also probably defying a few internet standards by the incorrect use of a nonexistant FQDN, wouldn't you say? Brett. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 25, 2000 8:33 PM To: [EMAIL PROTECTED] Subject: Returned mail: User unknown *** This message originated by GCS Client Services *** - Delivery could not be made to the following recipients - Invalid Recipient: MichaelG [EMAIL PROTECTED] (unrecoverable error) Invalid Recipient: qmail [EMAIL PROTECTED] (unrecoverable error)
Re: orbs.org accuses qmail of mailbomb relaying!
Russ Allbery wrote: David Dyer-Bennet [EMAIL PROTECTED] writes: And either ORBS is blowing *amazing* clouds of smoke or MAPS is really putting the boot in in their private way, in ways I can't approve of. ORBS is blowing *amazing* clouds of smoke. Either that, or Alan Brown has literally no clue whatsoever how Internet routing works. This is one of the things that's rather annoying those of us who have heard a lot of the story from various sides. Hi Russ! I can't comment on this latest battle of wills between MAPS and ORBS, because I know nothing of BGP routing. But in the last one, when ORBS listed in the RBL, ORBS was totally in the right. I saw grown men, (admins!) trying to defend the position that by ORBS sending up to 16 messages through their servers a few times a _year_, ORBS was abusing the email system. Mind you, these were servers that relayed 200K to a million messages a day - the ORBS tests amounted to a tiny fraction a of fraction of the spam it would have prevented. And, as a result of above.net blocking ORBS, I find myself having to play whack-a-mole with spammers within above.net more and more each week - just reported one yesterday. I suppose neither side is right, they're both being very childish about all this. (My apologies to the list for keeping this OT thread going - I'll shut up now) Eric
Re: problem with virtual user
Jens Georg wrote: hi, i have a little confusing problem with qmail: i can send email to [EMAIL PROTECTED] (where bob is a real user), but i cannot send email to i.e. [EMAIL PROTECTED] where bobby is a virtual user. somebody can help me please ? this works sometimes, but after rebooting the machine i.e. sometimes i get a "sorry, no mailbox " message. What does your config look like? Eric
Re: orbs.org accuses qmail of mailbomb relaying!
Russ Allbery wrote: Eric Cox [EMAIL PROTECTED] writes: But in the last one, when ORBS listed in the RBL, ORBS was totally in the right. I saw grown men, (admins!) trying to defend the position that by ORBS sending up to 16 messages through their servers a few times a _year_, ORBS was abusing the email system. You're aware that some machines *which didn't relay* were being tested by ORBS as frequently as once a *day*, aren't you? Or are you just going by Alan Brown's account of what he does, which tends to be a little... sanitized? Once a day? Doesn't the test take almost a week? It did in my case. And no, I don't believe anything unless I test it myself. During the last bruhaha, I reported my own mailer as an open relay, so I could have it tested. After it was tested, I reported it again, to which ORBS responded that it had been tested recently, and could not be tested again for 30/60/90 days (I don't remember which). During the original test, I recieved 2 of the 16 or so test messages in my admin box. Considering the ORBS list blocks between 10 and 30 spams a day, even at my puny corporate site, I don't mind one bit. (RBL blocks somewhere between 0 and 5 per day) And, here are the results of my latest test, on the 7th of this month: -- Database Check - 63.78.39.192 63.78.39.192 is not in the main automated open relay database -- and, if I try to get it checked again: -- -- 63.78.39.192 has previously been tested by ORBS and doesn't seem to permit relay. -- It seems to me that if ORBS is testing every day, there's some kind of problem. Why not try to work with them to get the problem fixed, instead of declaring "nuke the site from orbit" immediately? You're also aware that ORBS continues to spam the postmasters of machines which have never relayed in their entire existence? Wasn't aware of that. You're also aware that ORBS provides a service to spammers, providing a downloadable database of open relays and essentially inviting spammers to please use them? All of which are blocked by ORBS. RBL provides a similar list of spam-friendly domains, all of which are blocked by RBL. What's your point? That, all by itself, is entirely and completely within the domain of spam support services and should get them put directly on the RBL. I think it's actually rather inconsistent of the RBL that they're *not* on it for doing that, although I can understand the political reasons for not doing so given that Alan Brown seems to have an endless capacity for duping people like yourself who aren't looking at what's actually going on and are buying his stories hook, line, and sinker. Hardly. You've got it completely backwards. I'm looking at my own spam numbers (that's what going on), and seeing that ORBS is helping much more than MAPS. Whatever happened to helping other people make their services better, rather than declaring all-out war on them and trying to destroy them? We're misplacing all of the anger that we have for spammers onto ORBS simply because a few test messages find their way in just like spam, and declaring war without even thinking it through. Eric
Re: orbs.org accuses qmail of mailbomb relaying!
"Michael T. Babcock" wrote: You've just missed a point of Qmail though. If a major point of Qmail's existence is to provide reliable E-mail delivery, then this _must_ include cooperating with other MTAs (without violating standards) at least enough to keep from crashing / giving them headaches so that we don't 'encourage' them to lose mail ... (through failures of their own). As long as qmail is going to be expected to handle connection-management for remote MTAs, shouldn't we also handle security on the client, rather than the server, as well? In my view, if an MTA crashes, for any reason, it's the MTA's fault - no discussion about it. Doesn't matter how many connections were opened to it, or how fast. If it can't handle more connections, it should start refusing them, period. Another point is that if qmail "fixes" this "problem", it leaves the flawed MTAs alone to be crashed by a attacker - they need not fix their connection-management problems - they're left in, silently waiting for and attacker to exploit. Eric
Re: qmail died again... 3x in 3 weeks
Paul Farber wrote: telnetting to port 25 and 110 just timed out. This usually means (when it has happened to me anyway) that the server is listening on the port you're telnetting to, but is stalled doing a reverse DNS lookup of the client's IP address. Perhaps a munged reverse DNS zonefile? DNS was fine... it means just that, I could ping via hostname and the dns logs show it was running. That could still happen under the above scenario... Eric
Re: many mails to same user
Henrik Gemal wrote: What is the easiest way to acomplish this forwarding in qmail: [EMAIL PROTECTED] - [EMAIL PROTECTED] [EMAIL PROTECTED] - [EMAIL PROTECTED] [EMAIL PROTECTED] - [EMAIL PROTECTED] [EMAIL PROTECTED] - [EMAIL PROTECTED] @gemal.dk - [EMAIL PROTECTED] Do I really have to have 5 .qmail files??? Isn't there a way to say: [bla1|bla2]@gemal.dk - [EMAIL PROTECTED] [kill|spam]@gemal.dk - [EMAIL PROTECTED] Hi Henrik! Do these users actually exist? Or to be more precise: Is there any reason for these users to have valid accounts? If not, then you could do the following: echo "[EMAIL PROTECTED]" ~alias/.qmail-bla1 echo "[EMAIL PROTECTED]" ~alias/.qmail-bla2 echo "[EMAIL PROTECTED]" ~alias/.qmail-kill echo "[EMAIL PROTECTED]" ~alias/.qmail-spam for the first four. Not sure if "@gemal.dk" would be delivered at all - maybe to the account in ~alias/.qmail-default? Eric
Re: qmail accepting mails for unknown rcpt to (fwd)
qmail doesn't do VRFY/EXPN. It just says: eric@dream:~ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 mail.erictech.com ESMTP VRFY 252 send some mail, i'll try my best Irwan Hadi wrote: At 01:43 AM 7/16/00 -0400, [EMAIL PROTECTED] wrote: is there any way by which i can tell qmail to first check for that UID in LDAP directory server before accepting mails ?? I think it is the right behaviour, otherwise, spammer can collect valid username at your server, for example by using command EXPN or VRFY, right ? And you don't want this to be happened right ?
Re: logging
Steffan Hoeke wrote: On Fri, Jul 14, 2000 at 07:38:52PM -0700, Eric Cox wrote: P.s. I would love it if someone would modify it to read tai timestamps, (i.e. splogger logs) looks like I'm not going to get back to it for awhile. Don't you mean multilogger logs ;) Uh, yeah, somethin like dat Whatever that log sample you gave me was. :) Unfortunately I'm so busy I just can't find the time. Why else would I be sitting at my computer on a Friday night, while my girlfriend pesters me to go out? :( Eric
Re: Domain forwarding
From the qmail server's point of view, it's outgoing mail. The message comes in from outside, sits in the queue for a few hundred milliseconds, then it needs to know where to send it, either local or remote. If it finds a smtproute (to the MS server) for the destination, it sends it there... Eric Michael Hinds wrote: I'm still struggling. According to http://www.ornl.gov/its/archives/mailing-lists/qmail/1998/10/msg00119.ht ml, smtproutes is only for outgoing mail. I want to redirect incoming mail, presumably using virtualdomains? -Original Message- From: JuanE [SMTP:[EMAIL PROTECTED]] Sent: Saturday, July 15, 2000 3:24 PM To: [EMAIL PROTECTED] Subject: Re: Domain forwarding This sounds to me like a job for smtproutes. JES Michael Hinds writes: Hello, Our company has always used MS-Exchange for internet e-mail, but we are trying to add a Linux/qmail server to the configuration. We're currently using a Raptor firewall to route all SMTP transmissions to the MS box. For the sake of example, we'll call our original domain first.com. What we want to do is host a separate domain on the qmail server (say, second.com). The problem is, our firewall can't decide where mail is destined for, it can only recognise the protocol. So we either have to route all mail to qmail and make qmail accept mail for second.com and forward all first.com mail to the MS server, or route all mail to the MS server and make that accept mail for first.com and forward all second.com mail to qmail. The first option would be preferrable, but by now I'm willing to try anything. I'm having trouble finding any concrete examples or documents describing how to do this. I've found lots of ways to forward mail for particular e-mail addresses, but not for whole domains. I don't want to set up users on the qmail server for all the e-mail users on the MS box. I've installed fastforward, but the documentation is skimpy! It points me to the aliases docs, which don't appear to tell me how to do this either. Somebody, please, point me in the right direction! Many thanks, Michael Hinds
Re: a new kind of spam?
Mate Wierdl wrote: On Tue, Jul 11, 2000 at 01:28:17PM -0600, Charles Cazabon wrote: Mate Wierdl [EMAIL PROTECTED] wrote: I do run rblsmtpd with dul. The IP (207.100.21.156) does not exist---this is why I thought it is a dynamic IP. How do I figure out which domain owns it? As others have pointed out, the IP address does exist. Two other gentlemen were kind enough to post the name of the ISP that owns it. Have you tried reporting this to that ISP's abuse desk? I meant to say I cannot ping the above IP. Thx for the help. I think my main question was to find out if I can rely on qmail's identification of the connecting IP. The IP is passed to qmail by your TCP/IP protocol stack. To the exent that is reliable, so is qmail. P.s. If you haven't already contacted the ISP, you should so it soon - some ISPs don't keep logs very long, and if the log for that day is gone, so is any hope of identifying the spammer. Eric
Re: logging
I wrote one of these in python - it's rough and the only documentation is the source. I keep meaning to get back to it but, well, you know how it is. I threw together a simple web page for it at: http://www.ericcox.com/projects/mailstat/ Eric P.s. I would love it if someone would modify it to read tai timestamps, (i.e. splogger logs) looks like I'm not going to get back to it for awhile. Jeff Jones wrote: Has anyone here implemented a feature where the postmaster of a domain view a summary of the amount of e-mails sent for the last month or some time frame? If you have, what package did you use or did you just write it yourself? Thanks in advance. Jeff Jones
Re: rblsmtpd
Aaron Nowalk wrote: On Tue, 11 Jul 2000, Peter Green wrote: also sprach amnowalk: root@xx:/usr/local/bin# env TCPREMOTEIP=127.0.0.2 rblsmtpd -r maps.vix.com echo whoops whoops The zone is ``rbl.maps.vix.com'', NOT simply ``maps.vix.com''. :) Tried that with no luck. Its still getting through. ARGH! Once again, any suggestions?!? You said you tried env TCPREMOTEIP=127.0.0.2 rblsmtpd echo "got thru" but have you specifically tried env TCPREMOTEIP=127.0.0.2 rblsmtpd -r rbl.maps.vix.com echo "got thru" and got the "blackholed" notice? Eric
Re: please help
TAG wrote: Hi, Does anyone have an idea: I am running qmail-mysql - also the home directory does exist - and the user is valid. [ID 748625 mail.info] 963244334.794925 delivery 32: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ Please help!! If you're seeing this in your logs, then I think this is an error coming from the other side, on outgoing mail. If so, then you need to talk to the sysadmin of the other site. If you have, and that's what you are referring to above, then it's not your problem, it's his/hers. If you're wondering why there are so many "if"s in this answer, it's because you included far too little info in your post to be certain of anything. Include some context and we might be able to help - at this point I don't know if the above message is incoming or outgoing. Eric
Re: rblsmtpd
Aaron Nowalk wrote: Hi! I'm in dire need of some help here. I've been working on getting rblsmtpd up and running with tcpserver and am having no luck at all. I've searched the mailing list back and fourth and still can't find a thing. Heres what I got: tcpserver invocation: /usr/local/bin/tcpserver -x /usr/local/etc/ip/tcp.smtp.cdb /usr/local/b in/rblsmtpd -rrelays.radparker.com /var/qmail/bin/qmail-smtpd 21 ^ You may need a space here (where I've marked with ^), at least that's the way mine is configured - of course I'm not running tcpserver so you may have another problem. Eric
Re: Not receiving from all domains - is it DNS?
Barry Dwyer wrote: Would this reverse-DNS entry (apparently there for the convenience of the ISP's reseller) be preventing some mail servers from forwarding to ours? I noticed that your provider is a backup mailserver for you: dream:/usr/src # nslookup -type=MX nethan.com nethan.com preference = 500, mail exchanger = mail2.sohoskyway.net nethan.com preference = 1, mail exchanger = mail.nethan.com You may have the same problem I did at one time. Our provider was a backup mailer for us, and they didn't have their MS Exchange server setup to correctly route mail to me (I had to research the subject and TEACH them how to do this, btw, UGH...) - which would normally not be a problem since our Frame Relay is (supposed to be) up all the time - the backup mailer is _supposed_ to come into play only when the primary one is down. The normal way a mailer is supposed work is to try contacting the best preferrence mailserver, and if that doesn't work, the next preference, and so on... Well, MS Exchange doesn't do that - MS uses the get-mail-the-hell-out-as-fast-as-possible-and-screw-the-consquences approach: it opens a connection to _all_ mailers for a given domain, and hands off the mail to whichever mailer responds the fastest. So domains running MS Exchains servers were sending mail through my provider (because his connection to the outside is naturally much faster than mine), and the provider wasn't setup to relay for me, so the mail never got through. Some domains, running other mailers, got through just fine. And the really frustrating aspect was that even the domains that _were_ running MS Exchains would get mail through some of the time, when they happened to get directly into my server faster. It was horrible... Anyway, I dunno if this is your problem, but to check, try going to a machine outside your provider's domain, telnet to your provider's SMTP port, and try relaying mail through it into your domain. If his mailer refuses to relay for you, it might be the cause (it's a problem in any case). Eric
Re: spam and well known smtp servers
clemensF wrote: wolfgang zeikat: http://spamcop.net offers handy online forms i have used all sorts of anti-spam tricks, but presently i just look at the headers of a spam-mail trying to spot from which domain it really originated by scanning the recieved-lines and use "[EMAIL PROTECTED]" as well as postmaster for chinese or mexican or whatever open relay domains without abuse adresses. this procedure is faster then any automatix. Um, sadly, no. Not unless you're an _extremely_ fast typist. All you do is paste the text of the email, including headers, into a textbox, click a button, and in five seconds (instantly if you're a member) it pops up a screen with the abuse addresses of all the abuse depts. to be notified - click another button, and you've sent them a standardized complaint, and spamcop is very accurate. Many large abuse departments have automation to accept spamcop complaints, and automatically act on them - like immediately freezing outgoing email of a given account upon reciept of complaints, until a human can look into it and nuke the account if warranted. Spamcop also maintains a database of the _proper_ abuse addresses for a given domain - I would never have guessed [EMAIL PROTECTED] for AOL - if I had used postmaster or abuse, it would have taken longer for them to nuke the account. Oh, and it will also tell you if the provider has already nuked the account, i.e. no complaints neccesary. Eric
Re: Not receiving from all domains - is it DNS?
Barry Dwyer wrote: I don't know what server software our ISP is using. Doesn't matter - what matters is if the sending domains are running MS Echange, and the backup mailserver isn't properly setup to relay... I have to admit to being new to this, which is frustrating. I need to do some homework on what happens with mail servers set to what I've heard described as "paranoid mode". qmail will not discard _any_ message without a bounce or log entry. If it is qmail, you'll see evidence of what is causing it. Eric
Re: OT: can't unsubscribe
I notice all of these people have uppercase letters in their usernames. Could this be related? Eric "Hand, Brian C." wrote: I have the same problem. I did this over two weeks ago and I am still getting messages. Can someone make the bad list stop!!! :) Brian [snip.]
Re: mail flood
Hi! Do a web search on "tiergrubing" (Something like that anyway - the german term for "tar pit"). I've never done it before but it involves slightly slowing down the connection the more messages that are sent, thereby tieing up the spammer. I think I remember reading some people talking about doing this with qmail... Eric KUDLAC Tomas wrote: Hello, is there any way how to prevent mail floods with qmail? I can imagine that it's impossible to implement such protection that would function in all cases (maybe some expert system ;-)), however I need to protect our server against cases when somebody decides to send let's say 10 mails to some internal address. Is there any way how to tell qmail to send alarm (or perform some action) when number of mails per time interval from one address (or domain) grows more than certain limit? note: I am using qmail at the gateway, it's forwarding mails between internet and our internal mail system. Thanx, -- Tomas Kudlac
Re: spam and well known smtp servers
Markus Stumpf wrote: On Tue, Jul 04, 2000 at 01:17:46PM -0600, Charles Cazabon wrote: This would block a lot of valid mail as well. I frequently send mail from a given machine using a different (but valid) envelope sender -- and I will sometimes use my Hotmail address if I am afraid that I might end up on the recipient's mailing list(s). I know. But my alternative in the moment (we do receive at most one legitimite email from hotmail.com a month) - as we have now - is to put hotmail.com in badmailfrom. I use ORBS (orbs.org) here and at work, although some people have said it has too many false positives and other problems (but let's not rehash that issue, okay folks?) But I also use my own RBL-style spammer domain, myrbl.com, and feed it to rblsmtpd its command line. Then just put the rIP of the offending machine in the domain, and presto! It's gone. This allows me to add any spammer/open relay to the list in a matter of seconds. (I wrote some simple python scripts to make it easier - email me if interested). Also, with BIND 8, you can have the domain appear only on your mail machine's nameserver too - so if someone else runs the main nameserver, he/she won't have to deal with it. Eric
Re: Qmail performance question...
[EMAIL PROTECTED] wrote: On Thu, Jun 29, 2000 at 11:54:55AM -0500, Ian Layton wrote: Hello. Your solution is to put your queue on a disk subsystem that can sync at the rate you want to submit (and deliver). Some do this with a faster disk, some do this with a partition that is spread across multiple spindles. How you do this depends on your OS type and what sort of hardware you are willing to throw at it. Just out of curiosity, has anyone tried loading up a machine with gobs of RAM and then placing the queue on a ramdisk? I know this would be dangerous for a production machine though, and I don't even know if the whold consept of inodes is the same on a ramdisk... Eric
Re: dial on demand (wvdial) and internal mails
Make certain that your nameserver can resolve all of the domain names qmail might need to lookup (sender,recipient, etc) without going to an external namesever. You can see what queries are being sent to your nameserver like this: killall -WINCH named then your logs will show what domain names your nameserver is being asked to look up during the course of a delivery. If any of them are outside your domain, your nameserver will try to contact an external namesever to resolve it, and your modem will dial out. Eric Mirco Jeske wrote: Hi again, Under qmail 1.03 I have the problem that the server goes online - even when I send a mail to someone in my internal net. My mail server is server.home.net and there are two users : mirco and cloudy sending a mail to [EMAIL PROTECTED] causes wvdial to dial. So it must be, that qmail sends the impuls, although my /var/qmail/control/locals is server.home.net mirco.home.net cloudy.home.net the log reports : @40003951ed69334870dc new msg 766948 @40003951ed693348f1c4 info msg 766948: bytes 1697 from [EMAIL PROTECTED] qp 884 uid 101 @40003951ed6933afdd6c starting delivery 28: msg 766948 to local [EMAIL PROTECTED] @40003951ed6933b08d34 status: local 1/10 remote 0/20 @40003951ed6934101e0c delivery 28: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/ It tells me, that this adress is local, but still a connection is made. (by the way : the last line reports of an other problem I have, please read "using ./Maildir/ problems") I want the computer to deliver internal mails without going online, as you guess. In which way am I wrong thanx, Mirco Jeske -- _ there is no attachment today. Have a nice day.
Re: For Qmail List Owner
I suppose you're looking to do filtering, right? Netscape will filter messages for you, and put them into a different folder, etc. Just click on Edit-Message Filters, and create a filter that puts any message with "[EMAIL PROTECTED]" in the To: or Cc: headers into a different folder. Presto! Hope that helps, Eric System Administrator wrote: Hi can we have a prefix set for our list. for example : Subject line of each mail on the list has something as follows : Subject : [Qmail] the dots signify the actual subject. Note : == Sorry to post this mail directly to the list, but i do not have the lsit owner's email id, hence the mail to the list. regards, Parag Mehta[EMAIL PROTECTED] System Administrator. Puretech Internet Pvt. Ltd.http://puretech.co.in/ 77 Atlanta. Nariman Point. Mumbai - 400021. India.Tel: +91-22-2833158 Support is now available thru our Web Based Support System. http://support.puretech.co.in
Re: Interesting disclosure of domains subscribed to qmail list
I'm seeing the same thing here whenever I post to the list. I logged about 1000 hits to my nameserver in about an hour, and went slightly into "curious" mode because I never get that kind of traffic on my small home LAN. I wondered at first if it was some sort of stealth attack because the queries seemed to be coming from all over the world - until I realized that it was just other list members' spam filters, probably scanning the Recieved: lines or some such. I guess it's just one of those interesting things about the internet... Eric [EMAIL PROTECTED] wrote: I know, I know, posting to both lists? But, tinydns made this easy and qmail is the list in question, so... I was just watching the tinydns logs when I mailed a message to the qmail mailing list. All of a sudden the query rate on my reply-address domain shot up as the log tail slid across the screen. It occurred to me that a lot of those queries are probably doing reverse lookups or anti-spam checks ensuring a valid reply domain. The reason I'm pointing this out is that I find it interesting that it indirectly exposes some domains which are likely to be subscribed to the list.
Re: Help on qmail-qstat
It means there are 760 messages currently in the queue, all of which have been preprocessed and are awaiting delivery. Eric System Administrator wrote: Hi can any anybody explain the following message by qmail-qstat : messages in queue: 760 messages in queue but not yet preprocessed: 0
Re: Maildir prob
Ben Beuchler wrote: On Wed, Jun 14, 2000 at 04:24:47PM -0700, Eric Cox wrote: your ~/.qmail file must contain ``./Mailbox'' (relative to the user's home directory, or the full path, e.g. ``/home/username/Mailbox''. I think it's ./Mailbox/ (i.e. with the trailing slash) I believe if you include a trailing slash it delivers as if it were a Maildir. I assumed the original poster wanted Maildir due to the subject line. Eric
Re: Maildir prob
Manfred Bartz wrote: Z [EMAIL PROTECTED] writes: I want it send to ~/Mailbox your ~/.qmail file must contain ``./Mailbox'' (relative to the user's home directory, or the full path, e.g. ``/home/username/Mailbox''. I think it's ./Mailbox/ (i.e. with the trailing slash) Eric -- NEEDHAM'S ELECTRONICS Device Programmers (916) 924-8037 (Voice) http://www.needhams.com
Re: Fixing open relay
Dewald Strauss wrote: In /etc/qmail/locals I have just the domainname of the server. In /etc/qmail/control/rcpthosts I have the names of the 7 domains In /etc/tcpcontrol there are 2 files: pop-3.rules and smtp.rules both these files have all 7 domainnames with :allow,RELAYCLIENT="" after each domainname (this was installed with qmail?) But with this the server still relays mail for anyone. What did I miss here ? The default control directory for qmail is /var/qmail/control, but your control files are in /etc/qmail. I figured it was probably possible to change the control dir location, but I've never read any docs on the subject. If you didn't purposefully change the default location, perhaps your qmail is still looking in /var/qmail/control? Also, you might do a /var/qmail/bin/qmail-showctl and verify its output. Eric -- NEEDHAM'S ELECTRONICS Device Programmers (916) 924-8037 (Voice) http://www.needhams.com
Re: catch multiple mails
Anzej Becan wrote: I would like to catch multiple mails of standard form... [EMAIL PROTECTED] ... [EMAIL PROTECTED] into one mailbox [EMAIL PROTECTED] Yes. Make mydomain.net a virtual domain. For instance: In /var/qmail/control/virtualdomains : mydomain.net:mydomain And in ~mydomain/.qmail-default : ./Maildir/ Ronny thanks for your reply, but your solution doesn't suit my requirements because I'm not admin of the host and acc [EMAIL PROTECTED] already exist. Then what you ask cannot be done exactly. However, you can catch all of the mail to anzej-*@mydomain.net very simply: echo "otheruser" ~anzej/.qmail-default or, if you only want addresses like [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]: for n in 100 101 102; do echo "otheruser" ~anzej/.qmail-mail$n; done (there's probably a much better way to do this) Users are not allowed to take over or change the mail accounts of other users, specifically because this would be a huge security hole. Also the other emails should be delivered to other recipient on mydomain.net. I have only permission to create .qmail-xxx files with commands. Probably I should create perl script for filtering emails. Can someone advise me some examples - major problem seems to me how to forward emails without parsing and sending them again - problem with attachemnts? Sorry for annoying! Anzej -- NEEDHAM'S ELECTRONICS Device Programmers (916) 924-8037 (Voice) http://www.needhams.com
Psuedo-benchmarks?
Hi All! Okay, here's a chance for all of you guys that run huge sites to brag a little. I run several smallish qmail installations and am trying to convince a couple of larger MS-Centric ISPs (that get ALOT of spam) to let me switch them over to qmail - and increase my cash-flow in the process of course. :) And I need a favor... What I'm looking for are not really benchmarks; I realize the futility of accurately benchmarking an MTA. But if I could get a rough idea of how much volume a real-world qmail system can handle on a given set of hardware, it would go a long way toward making my case for qmail. So, if you're so inclined, could you send me a message with your basic setup (like CPU/Speed,RAM,OS,HDs,connection in/out), approx. number of users, approx. volume of mail, and a rough idea of how well the machine(s) are handling the volume, etc... It's probably a good idea to refrain from cluttering up the list with this kind of traffic, so you should send them directly to me - if there's any demand for the data I can post a synopsis to the list for all to enjoy. Thanks very much in advance, Eric
Re: qmail inquiry
Verna Vergara wrote: hi how can set up a quota to all my users mailbox? please help Seems to me you can just use the normal unix per-user quota mechanism. qmail-local runs _as_ the user to which it's delivering. Eric
Re: tcpserver: unable to bind
if you telnet to port 25 of the machine, you might be able to figure out what is running on that port: telnet localhost 25 Eric Luca Zancan wrote: Thank you, Clemence, for your support, but I'm not automatically starting qmail... and no qmail process is visible with "ps -ef" before I start qmail with "/etc/rc.d/svscan start"... I've followed the instructions in "Qmail 2 HOW-TO" and "A life with Qmail", downloaded from www.qmail.org. In any case I will re-check my configuration. Thank you again, luca clemensF wrote: Luca Zancan: What should I verify??? you have set up qmail somehow, so there is a line w.r.t. qmail in your start up files. you must have started two server processes, usually due to a commandline ending in '' where it shouldn't. clemens -- __ Luca Zancan Logica S.r.l. e-mail [EMAIL PROTECTED] URL http://www.logicaonline.com __ -- NEEDHAM'S ELECTRONICS Device Programmers (916) 924-8037 (Voice) http://www.needhams.com
Re: No log??
Goran Blazic wrote: Hi... After installing qmail on my system, suddenly there was no logging activity anymore... Nothing new gets written into /var/log/messages anymore?!!? Does anyone have any ideas? What have you checked so far? Is syslogd still running? Friends are those who, when you must inconvenience them, are less bothered by it than you. Friends will help you move; real friends will help you move a body. Eric
Re: qmail+maildrop+amavis
Nuno Ferreira wrote: Hi, Two questions. Seems my ~/.qmail never gets executed by Qmail, so I am not able to have a functional maildrop or procmail. BTW, is ~/.qmail a script that gets executed by QMail or is it a file that is read by it to know how to perform to specific users. Nope, ~/.qmail isn't a script... There are copious numbers of man pages that come with the default installation. The one you want is 'man dot-qmail'. Hope that helps, Eric
Re: Qmail and conf-spawn
clemensF wrote: David Dyer-Bennet: identical program invocations get to run their own copy of the program text. I don't believe this last bit is the case. It's clearly not the case on Linux, anyway, as displayed by the various size numbers in 'top'. but linux processes don't share one copy of, say, top, when it is called twice by different users, do they? I'm pretty sure they do. Since programs can't modify their own code space on a Linux system, there's really no reason to have multiple images of any given program code in memory. Multiple stacks, heaps, and sets of file descriptors, etc, but not program code. Your system is probably just thrashing with higher concurrencies because it's swapping out chunks of the dynamic data of all those processes... Eric
Re: Does someone knows what is this about?
Markus Stumpf wrote: - ORBS blocks "unfriendly" sites criticising ORBS Is there a site with documentation on this? I'd like to check it out for myself. - ORBS does not notify blocked sites about the blockage - ORBS has IMHO too much false positives I've experienced at least one signifigant false-positive with ORBS. One of my users with a home account at pacbell.net was trying to send an email to his work account, and pacbell.net was listed in ORBS for about 2 weeks. Again, is there anyone who has documented ORBS' false positives? Eric
Re: Error message Q
Judy Simon wrote: 4. if by manually editing the files, how to i return them to their previous state? [i did try to cp the older rcpthost~ back onto the rcpthosts file. I use a CVS server (http://www.cvshome.org/) for this - works really well too. I have it setup to automatically send a SIGHUP to qmail-send a few minutes after I change a file, and if I make a mistake, I just rm the file, and do a cvs update on it. Also, I can "go back in time" on the whole config, or maintain more than one config for different setups. Again, I'm sorry for sounding like such a newbie, but I need to get these emails up and running soon and I was getting a bit confused by all the howto's online... We've all been there... :) Eric
Re: Purpose of this list
Ralf Günthner wrote: My 2 cents: Dave Sill [EMAIL PROTECTED] 17.05.2000 16.25 Uhr not as "How would I know?". We deal with people whose experiences and abilities are all over the spectrum, from complete newbie to kernel hacker, and we don't know where you fall. Based on past experience: Most of the readers of this list seem to lean toward the developer's side and when someone who's "only" a qmail-admin as a side-effect of his main job, like myself, (we use qmail purely as a relay system in our DMZ, because it's secure) I often get short, cryptic answers from a programmer's perspective. The vast majority of my knowledge pertains to IT security, but I wouldn't expect anyone asking me for advice to be familiar with the ins-and-outs of the TCP/IP suite. I explain a new term before throwing it at the questioner. The same attitude would make this list friendlier at times ("put it in a .qmail file") Of course I don't encourage not reading any FAQs or man pages but shooting all questions to the list instead. I think the reason repeated rtfm-style questions are so frustrating (for me, anyway) is that qmail itself has some of the best "newbie" documentation I think I've ever seen - it's all of the "do this, then this, then this" variety - which was extremely friendly to me the first time I installed qmail. Whether it was DJB, or whoever wrote it went to great pains to aim it straight at the newbie. I didn't even need Dave's excellent LWQ the first time I installed it - and that reflects far more on the person that wrote the INSTALL.* files than my mediocre prowess as an admin. Eric
Re: Port 25
James wrote: With some help from Jerry, I was able to narrow down a problem I am having with receiving mail from outside servers through Qmail. It's apparent that my port 25 is closed off to outside connections. I don't know how or why it's closed off.. TCPwrappers? Why would port 25 be closed off anyway. Perhaps there is a security feature in Mandrake 7.02 that closes this port? I was able to receive mail through sendmail before I installed qmail, so I am guessing qmail somehow closed port 25. How do I open that port? Have you set up qmail-smtpd in your /etc/inetd.conf ? (qmail-smtpd is not a standalone daemon, it needs to be called by inetd) Eric -- NEEDHAM'S ELECTRONICS Device Programmers (916) 924-8037 (Voice) http://www.needhams.com
Re: Help me understand allowed rcpthosts
James wrote: I've been mulling through various how-to's and qmail help pages.. but I still don't quite understand what rcpthosts is about. If I am wrong, correct me. rcpthosts is where you place the domain addresses of the people you want to allow relaying. If this is correct, then I understand that part. But.. what controls the ability for anyone to send me an email at [EMAIL PROTECTED]? How does joe-blow send me an email?? How does relaying and receiving mail relate to each other? All I want is to get mail from anyone, but not have anyone use my server as a relay. If anyone is sending me an email, I get this error: "reason: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)" If you get this error when somene sends mail to a _local_ user, then qmail is confused about which domains are the local ones, and thinks that the recipent's domain is a remote one. It's saying to the SMTP client "hmm...the domain to which you are trying to send mail isn't in my control/locals file, so you must be asking me to relay a message to a remote host for you. Hold on, I'll check my control/rcpthosts file for permission to do that.Hey! That domain isn't in my control/rcpthosts file either! Get outa here you damn spammer!!!" Of course, I have read up on the FAQ's and all this tells me is that I am not allowing that domain ([EMAIL PROTECTED]) to use my server as a relay, right? Nope, when someone tries to send mail to a local user, that's not relaying. I suspect the problem is that you do not have your local domain setup properly in control/locals, so qmail believes your local domain is really a remote one. Eric
Re: qmail-smtpd problem
Your qmail-smtpd doesn't seem to know that the client you are connecting from is a local machine, and therfore it should relay mail from from that client. (When the recipient's address is outside your local domain, that's relaying) To tell qmail-smtpd to automatically relay anything that comes in from a particular SMTP session, qmail-smtpd needs to see a RELAYCLIENT variable in it's environment. if smtp line in your /etc/inetd.conf has tcp-env in it, something like this: smtp stream tcp nowait.200 qmaild /usr/sbin/tcpd /var/qmail/bin/tcp-env /var/qmail/bin/qmail-smtpd Then, you need to tell tcp-env to setup that variable before it calls qmail-smtp. Add this to your /etc/hosts.allow file to do that: tcp-env: 192.168.1., 127.0.0. : setenv = RELAYCLIENT (Change the IP addresses to the IP's of clients whose mail you want to relay, and don't forget their trailing dots.) Eric kapil sharma wrote: I am running qmail with redhat 6.1. When I try to send a message to some outside domain then it gives me the error "553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)" Folowing is the session : bash$ telnet 216.6.15.209 25 Trying 216.6.15.209... Connected to 216.6.15.209. Escape character is '^]'. 220 whlinux021.webhosting.com ESMTP mail from:[EMAIL PROTECTED] 250 ok rcpt to:[EMAIL PROTECTED] 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) I have also make entry for baniya.com in rcpthosts! Please advise? -- Kapil Sharma Acube-software [EMAIL PROTECTED] http://www.acubesoftware.com -- NEEDHAM'S ELECTRONICS Device Programmers (916) 924-8037 (Voice) http://www.needhams.com
Re: Manage QMail Queue manually
I'm hope some of the gurus here will let me know if this is a bad idea, but perhaps you could delete the /var/qmail/queue/lock/trigger file? I read in Dave Sill's excellent "Life with qmail" that qmail doesn't react immediately when this file isn't correct, and will instead sweep through the queue every 30 minutes. And then you could use a script to send qmail-send a SIGALRM whenever the router comes up, to get it to start sending mail. Just throwing this out as an idea - have no idea how smart it really is. Eric Carlo Manuali wrote: Hi to all, I work at University and I have this problem: I've configured QMail Mail Server. My purpose is send mail not immediately, but I would that the messages stay in the queue for a few time. I would that when a ISDN router comes up, the "E-Mail start". In actual scenario, every time that I send a message the router comes up!!! I'm looking for an option like "-q15m" of sendmail. Best Regards, P.S. Sorry, but my English is not very well. Carlo Manuali Centro d'Ateneo per i Servizi Informatici (CASI) University Of Perugia ITALY -- NEEDHAM'S ELECTRONICS Device Programmers (916) 924-8037 (Voice) http://www.needhams.com
Re: location of Unsent messages
Mark Lo wrote: Hi, I would like to know where is the location of unsent messages. As I have read this from the manual...it should be placed under /var/qmail/queue. But, in that directory, i couldn't find anything but i know i have some messages in the queue dir..by looking at my log file. Also, under /var/qmail/queue/...i have some sub-directory...such as info, local, mess, remote.etc...and under those directory i got some directories...and the name is 0 10 12 15..etc.. I wonder what is it..?? Those are the queue directories. One thing I had to get used to with qmail is the fact that (on our lightly-loaded server) messages don't stay in the queue for any length of time. They immediately fly through the queue to thier destination. I think if you look in the ~user/Maildir directories, you'll find your missing messages. If not, then qmail should have printed something in the logs to let you know where they went. Eric -- NEEDHAM'S ELECTRONICS Device Programmers (916) 924-8037 (Voice) http://www.needhams.com
Re: qmail script.....
Hi All! Well, since we're posting scripts, I guess I'll post a simple one I whippedup to give me a quick idea of how many messages were delivered, bounced, deferred, etc. You need the HTMLGen python module if you want it to be fancy. Otherwise, just hack out the HTML stuff at the bottom and format the contents of the "datapoints" variable however you like... Also, it's python, so don't expect it to be lightning fast if you have 100MB of logfiles. :) All I ask is that if the inevitable happens, and someone improves on it, send me a copy, k? CUT HERE #!/usr/bin/python import string,time # -- Change stuff in here to your liking # Location of your logfile LOGFILE='/var/log/maillog' OUTPUTFILE='' # Messages per day FORMAT='%B %d' CHARTTITLE='Number of messages per day' # -OR- # Messages per hour #FORMAT='%B %d %H:00-%H:59' #CHARTTITLE='Number of messages per hour' PAGETITLE='Mail Stats' # -- Shouldn't need to change anything below here logfile = open(LOGFILE, 'r') loglines = logfile.readlines() logfile.close() # Here's the Data set we're going to populate DELIVERED=0 DEFERRED=1 BOUNCED=2 datapoints = {} # Pull the data out of the mail log file for line in loglines: fields = string.split(line) if fields[6] == 'delivery': tfields = string.split(fields[5], '.') ltime = time.localtime(int(tfields[0])) dp = time.strftime(FORMAT, ltime) dp = time.strftime(FORMAT, ltime) if not datapoints.has_key(dp): datapoints[dp] = [0,0,0] if fields[8] == 'success:': datapoints[dp][DELIVERED] = datapoints[dp][DELIVERED]+1 elif fields[8] == 'deferral:': datapoints[dp][DEFERRED] = datapoints[dp][DEFERRED]+1 elif fields[8] == 'failure:': datapoints[dp][BOUNCED] = datapoints[dp][BOUNCED]+1 # Okay, now make it pretty from HTMLgen import * import barchart Document = BasicDocument(title=PAGETITLE,VLINK="White",ALINK="White",LINK="White") tl = [] for n in datapoints.keys(): s2 = (n, datapoints[n][DELIVERED],datapoints[n][DEFERRED],datapoints[n][BOUNCED]) tl.append(s2) dl = barchart.DataList() dl.segment_names = ('DELIVERED','DEFERRED','BOUNCED') dl.load_tuples(tl) dl.sort() ch = barchart.StackedBarChart(dl) ch.title = CHARTTITLE Document.append(ch) Document.write(OUTPUTFILE) END OF ATTACHMENT
Re: pop clients.
Mark Lo wrote: Hi, I am using qmail as my MTA and qmail-pop3 as my MUA. For client to send and receive e-mail from my qmail server by using Netscape or Microsoft Outlook as their pop client. They have to fill out the incoming mail server and outgoing mail server. Does the incoming and outgoing mail servers imply that I need to set up two different server for them so that they can send and receive e-mail, is that true ??... For example, .one qmail server is for outgoing purpose and the other one is for incoming purpose !!! As a result, I need two qmail server located at two different machines !!! Not neccessarily. You can have them set incoming and outgoing to the same name, but don't - if your incoming and outgoing machine are the same one, give the machine two names. That way, if you want to separate the incoming or outgoing servers someday, it's nothing more than changing a DNS entry. Eric -- NEEDHAM'S ELECTRONICS Device Programmers (916) 924-8037 (Voice) http://www.needhams.com
Re: Emergency with the queue
Why not just nuke the user? clifford thurber wrote: Hello, I have a user who is spamming. Is there a way to stop qmail and delete everything from the queue? Thanks. -- NEEDHAM'S ELECTRONICS Device Programmers (916) 924-8037 (Voice) (916) 924-8065 (Fax) 4630 Beloit Drive, #20 Sacramento, CA 95838 http://www.needhams.com