/etc/qmail permissions
Hi! I'm using bruce guenter's qmail RPM for some time now. I'd like to know if it's possible to chmod 750 the directories under /etc/qmail so that no one can go in there and check my configuration files, without disrupting qmail's functioning. Here are the directories as they are now: drwxr-sr-x2 aliasqmail4096 Jun 18 23:42 alias drwxr-xr-x2 root qmail4096 May 30 20:28 control drwxr-xr-x2 root qmail4096 Apr 30 01:03 owners drwxr-xr-x2 root qmail4096 Apr 30 01:03 users Thanks in advance.
RE: /etc/qmail permissions
Rodrigo Borges Pereira [EMAIL PROTECTED] wrote: I'd like to know if it's possible to chmod 750 the directories under [/var/qmail/] so that no one can go in there and check my configuration files, without disrupting qmail's functioning. Why don't you try it and see? Any problems should show up very quickly in the qmail-send or qmail-smtpd logs. Personally, I don't see it being a problem for qmail-send -- qmail-smtpd depends on which user and group you run qmail-smtpd as. However, there's no security-critical data in there -- why do you want to keep this data secret? What problem are you trying to solve? If you have local users who could use this (fairly innocuous) data to subvert your system, you've got bigger problems. It's not that it's a problem.. i know the data is innocuous, but there's always some users who like to check the configs.. and browse around, see for what domains i treat mail.. i just don't want to give them that pleasure/possibility :) I asked this on the list because i didn't want to disrupt the mail system, since this box is in production.. i just wanted to be sure it would be ok or not ok before doing it.
RE: /etc/qmail permissions
-Original Message- From: Drew Raines [mailto:[EMAIL PROTECTED]] Sent: quinta-feira, 5 de Julho de 2001 5:44 To: [EMAIL PROTECTED] Subject: Re: /etc/qmail permissions * Rodrigo Borges Pereira [EMAIL PROTECTED]: It's not that it's a problem.. i know the data is innocuous, but there's always some users who like to check the configs.. and browse around, see for what domains i treat mail.. i just don't want to give them that pleasure/possibility :) I asked this on the list because i didn't want to disrupt the mail system, since this box is in production.. Why do your users need shell accounts for a production mail server? -- This is not a dedicated mail server. It also works as a mail server, but provides shell accounts too, along with web hosting.
RE: Selective relaying
u can use relay-ctrl. what it does is smtp only after pop3. a local user retrieves mail via pop3. relay-ctrl saves his IP for 15minutes. during those 15minutes, he can use peculiar for smtp. After thosee 15mins, relay-ctrl deletes the IP. this way, your box will never be an open relay. U just have to instruct your users that they can only send after retrieving. i use this, and works great. check qmail's page for where to find the program. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: quinta-feira, 21 de Junho de 2001 23:37 To: [EMAIL PROTECTED] Subject: Selective relaying I've got a box (peculiar.differentpla.net) running qmail, and qmail-pop3d. It's working fine when delivering email to local users, and users can collect their email via POP3. However, certain of my users connect via an ISP (Pipex Dial), and that ISP doesn't seem to allow you to send email via their server, unless you've authenticated with the POP server. This could be an erroneous assumption -- I'm trying to diagnose this problem over the phone, and it's entirely possible that ir's something else entirely. So, to recap: The user in question is using peculiar as the POP3 server, and smtp.dial.pipex.com as the SMTP server. They can't send email. I've suggested changing the SMTP server to peculiar, also. Now, as I understand it, this is effectively making myself an open relay -- which is a bad thing. What solutions are there to this problem? I'd like to allow people with local mailboxes (and POP3 access) to send email via peculiar as well. Hopefully, I'll be able to diagnose the problem more fully this weekend, but I'm still interested in how people do this. Cheers, Roger.
Allusers
Hello! In my university student's machines (using sendmail), there's a system alias called 'allusers'. Any e-mail sent to this address is forwarded to every local account on the machine. I'd like to know what's the best way to use something like this with qmail. TIA Rodrigo
qmail + mailman
Hi! I'm doing some testing with qmail and mailman, and i stumbled into this problem: I have this list with 20 members.. 3 of them have mail accounts on the same machine where i run qmail and mailman. The other 17 are around the internet. Problem is: only the local 3 receive messages posted to the list. Checking logs reveals that qmail completely ignores the other 17. I see qmail happily sending just 3 messages, nothing more. I'm posting this here because i do not believe this is mailman related, i think it's something with my mail subsystem configuration. I think i should note that i'm using Bruce Guenter's relay-ctrl package too, just in case. Using other programs to send mail to external addresses works just fine (i.e. local pine, users with outlook, etc) What could be the problem here? Thanks in advance.
separate logs
Hi! I'd like to have separate pop3 and imapd logs, instead of getting it all on maillog, like i do now. What's the best approach to this? I'm using qmail-pop3d and courier-imapd. TIA
Relaying advice
Hi! I need to provide users with the ability to send mail to anywhere. But since that can make my server an open relay, i was thinking of a solution where a user must receive mail before sending, thus proving that he can use the server for relaying. At this moment, qmail only accepts mail for domains listed on rcpthosts. I need some advice on how can this be implemented. If there is a better solution, also let me know. If this is well documented somewhere, let me know. TIA
RE: Relaying advice
i guess i'll go for relay-ctrl, as also suggested by Charles Cazabon. Anyway, i'll search for info on SMTP AUTH too, who knows if it might come handy some day. Thank u all for the advice, relay-ctrl here i go :) -Original Message- From: Henning Brauer [mailto:[EMAIL PROTECTED]] Sent: quarta-feira, 16 de Maio de 2001 22:36 To: [EMAIL PROTECTED] Subject: Re: Relaying advice On Wed, May 16, 2001 at 09:51:19PM +0200, Roberto Marzialetti wrote: I need to provide users with the ability to send mail to anywhere. But since that can make my server an open relay, i was thinking of a solution where a user must receive mail before sending, thus proving that he can use the server for relaying. you need of vpopmail Sorry, this is nonsense. You need either one of the SMTP-AFTER-POP solutions from qmail.org (relay-ctl for example) or a SMTP AUTH patch - or both. Clients need to support SMTP AUTH if this is the way you want to go. -- * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de * * Roedingsmarkt 14, 20459 Hamburg, Germany * Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
Deferral for host lookup failure
Hi! One question.. I sent a test message to a bogus e-mail. Here's the log of it. May 17 02:14:59 picasso qmail: 990080099.492678 starting delivery 7: msg 40356 to remote [EMAIL PROTECTED] May 17 02:14:59 picasso qmail: 990080099.492865 status: local 0/10 remote 1/20 May 17 02:15:19 picasso qmail: 990080119.533009 delivery 7: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/ Qmail already tried to send this two times. What i want to know is: when will it stop trying and when it stops? will i get a bounce? TIA
Qmail + Mailman
Hello all. Although this may seem off-topic (regarding mailman) i think the problem here is more qmail'ish, so i thought of giving a try on this list too. I'm trying to make qmail work together with Mailman. Mailman comes with a python script for the purpose, that is called from a .qmail-default file under /var/mailman (mailman's user home dir), like this: |/user/bin/python /var/mailman/qmail-to-mailman.py. This script is supposed to eliminate the need to create any aliases files for the lists to work. Problem is, after any list created, i am able to receive administrative mail from the list (i.e. welcoming, password reminder, etc) and the addresses look fine, but when i send mail to the list, i see on the logs that qmail complains that it cannot found such mailbox ([EMAIL PROTECTED]), but i do receive mail from testlist-owner and testlist-admin. I created a virtual domain for the lists as u can see (lists.domain.com) and added that domain to rcpthosts and an entry like this to virtualdomains: lists.domain.com:mailman. So, i'm not sure what the problem is and would appreciante some help, if any of you has mailman working with qmail using a virtual domain. (i didn't get any reply about this on the Mailman list :( TIA, Rodrigo Borges Pereira
RE: Qmail + Mailman
It did not work :( i keep getting this: May 15 01:55:12 picasso qmail: 989906112.543715 info msg 39916: bytes 647 from [EMAIL PROTECTED] qp 3792 uid 101 May 15 01:55:12 picasso qmail: 989906112.555758 starting delivery 21: msg 39916 to local [EMAIL PROTECTED] May 15 01:55:12 picasso qmail: 989906112.555948 status: local 1/10 remote 0/20 May 15 01:55:12 picasso qmail: 989906112.556026 starting delivery 22: msg 39916 to local [EMAIL PROTECTED] May 15 01:55:12 picasso qmail: 989906112.556092 status: local 2/10 remote 0/20 May 15 01:55:12 picasso smtpd: 989906112.557550 tcpserver: end 3790 status 0 May 15 01:55:12 picasso smtpd: 989906112.557754 tcpserver: status: 0/20 May 15 01:55:12 picasso qmail: 989906112.583466 delivery 21: success: did_0+0+0/ May 15 01:55:12 picasso qmail: 989906112.583675 status: local 1/10 remote 0/20 May 15 01:55:12 picasso qmail: 989906112.583753 delivery 22: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ getting desperate.. i would use ezmlm-idx.. but it lacks the fabulous web interface that mailman has. -Original Message- From: Charles Cazabon [mailto:[EMAIL PROTECTED]] Sent: segunda-feira, 14 de Maio de 2001 22:28 To: [EMAIL PROTECTED] Subject: Re: Qmail + Mailman Rodrigo Borges Pereira [EMAIL PROTECTED] wrote: I'm trying to make qmail work together with Mailman. Mailman comes with a python script for the purpose, that is called from a .qmail-default file under /var/mailman (mailman's user home dir), like this: |/user/bin/python /var/mailman/qmail-to-mailman.py. This script is supposed to eliminate the need to create any aliases files for the lists to work. Problem is, after any list created, i am able to receive administrative mail from the list (i.e. welcoming, password reminder, etc) and the addresses look fine, but when i send mail to the list, i see on the logs that qmail complains that it cannot found such mailbox ([EMAIL PROTECTED]), but i do receive mail from testlist-owner and testlist-admin. If user joe has a .qmail file named joe-default, it will control mail addressed to joe-foo and joe-bar, but _not_ just joe. His .qmail file named .qmail will control address joe. `man dot-qmail` for details. I suspect that simply symlinking .qmail-default to .qmail will fix your problems. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---