Re: rblsmtpd and mail-abuse.org's DNS servers
On Thu, 2 Aug 2001, Derek Callaway wrote: > Hi, I'm having a problem with my qmail smtpd server becoming unresponsive > when rblsmtpd cannot communiate with the RBL nameservers. Has anyone else >From the manual page at http://cr.yp.to/ucspi-tcp/rblsmtpd.html: -C: (Default.) Handle RBL lookups in a ``fail-open'' mode. If an RBL lookup fails temporarily, assume that the address is not listed; if an anti-RBL lookup fails temporarily, assume that the address is anti-listed. Unfortunately, a knowledgeable attacker can force an RBL lookup or an anti-RBL lookup to fail temporarily, so that his mail is not blocked. -- Work: It's not just a job, it's an indenture.
New qmail spam-fighting script added
http://www.codegnome.org/scripting/showscript.php?script=qacct.sh -- Work: It's not just a job, it's an indenture.
Re: Im not sure if this is normal?
On Fri, 8 Jun 2001, Mike Jimenez wrote: > Is my mail que stuck or is this normal.Is there also a way to manage the > que? > /var/qmail/bin/qmail-qstat > messages in queue: 243 > messages in queue but not yet preprocessed: 0 Is qmail running? Have you tried sending SIG_ALRM? Have you tried restarting qmail? -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: How can i resolve THIS ?
On Tue, 5 Jun 2001, Adam McKenna wrote: > > Increase your concurrency limit in /var/qmail/control/concurrencyincoming. > > Uh, the last time I checked that was not a valid control file. /var/qmail/control/concurrencyincoming is a control file used by the supervise scripts outlined in LWQ. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: FrontEnd For Qmail
On Tue, 5 Jun 2001, Pyuesh Daya wrote: > 2. Anti-Spam Filters You can use the rblsmtpd utility written by djb. It works well for me using the dialups.mail-abuse.org and blackholes.mail-abuse.org services, although I can't get it to work with the maps anti-relay service even with the appropriate patch from qmail.org. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: How can i resolve THIS ?
On Tue, 5 Jun 2001, Linux wrote: > When a lots of mail arrive to [EMAIL PROTECTED] i receive this error, > then the mail is delivered to .qmail-default alias file that point to > [EMAIL PROTECTED] How can i resolve this problem? Increase your concurrency limit in /var/qmail/control/concurrencyincoming. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: basic question
On Tue, 5 Jun 2001, marco1 wrote: > Fat partion as Linux partition. Is there any problem( security, or > something else)? Performance and reliability. FAT is not an efficient filesystem, especially if you expect to have lots of messages in the queue at any given time. And don't ever expect a FAT partition to be reliable. How many times have you needed to run scandisk? Think about it. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: mail not process
On Tue, 5 Jun 2001, kengheng wrote: > I get nothing result, the mail server is a fresh installation and I > have follow the qmail-HowTo doc Obviously your installation isn't working, or qmail would be running. My best guess is that you *didn't* follow the directions, especially the ones about running the qmail scripts under csh instead of some other shell. Better yet, start over with the www.lifewithqmail.org directions, instead of the ones that come with qmail itself. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: whether original sender can receiver a notic mail when mailcan't send?
On Mon, 4 Jun 2001, george wrote: > 1. I want to know how to process when qmail received a not exist user qmail will automatically return a failure message to the originator if the local recipient does not exist. > 2. About quota ,when user mail sizes execd max quota size,qmail how > to process, or qmail-local error . The same. qmail handles this automatically. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: How filter a special mail address or subject when receiver allmail.
On Sun, 3 Jun 2001, George Xu wrote: > I use qmail+mysql system in SunOS.I want to filter a special mail > address or subject or content when qmail server receiver all mail. Make procmail your MDA, and set up a global procmailrc file that does whatever you like with the mail. As long as the message hasn't been delivered in the global procmailrc, execution falls through to the user's .procmailrc when the recipe falls off the end of the global rc. That said, a dot-qmail file will override any procmail delivery recipes, so this isn't a good solution if you're trying to force something on un-cooperative users, since they can more or less bypass your global configs. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: /var partition, queue size, and sendmail
On Wed, 30 May 2001, Joshua Nichols wrote: > Are there performance concerns here? The main performance issue that springs to my mind is that you might not be able to optimize the partition for qmail (i.e. sync, noatime) if you're running it on a non-dedicated partition. You can try resizing ext2 partitions with the GNU Parted utility (see the GNU software archives), but you'll probably be happier adding another drive as a dedicated qmail partition. Another tip would be to increase the number of inodes on your dedicated /var/qmail partition (defined when you format the filesystem), and the number of available filehandles on your system (defined in /proc/sys/fs/file-max). You didn't say whether you were running out of space, inodes, or filehandles, but if you're going to tackle the problem in a comprehensive way, these items should be considered as well. -- Todd A. Jacobs CodeGnome Consulting, LTD
virtual + real users in same domain
I know a few people have asked this question (including me) and gotten the answer that, yes, it can be done. However, neither LWQ nor qmail.org really have any how-to's that cover this particular type of setup--in particular, a useful discussion of how users can retrieve POP3 mail from both types of accounts using the same daemon. Does anyone know of a useful tutorial or how-to that would explain how to configure such a system, or have some sample configs that I could work off of? -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: Alias not forwading to .qmail-foo-default
On Sun, 18 Mar 2001, Nick (Keith) Fish wrote: > Are your other aliases working properly (ie. root, postmaster, > mailer-daemon, etc.)? Yes. Any alias pointing to a real user (either local or remote) works fine. It's only a problem with forwarding to .qmail-ext names. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: Alias not forwading to .qmail-foo-default
On Sat, 17 Mar 2001, Peter van Dijk wrote: > Try .qmail-15dmziMUy-default instead. It doesn't work, regardless of whether I put it in ~alias or $HOME. I still get "no mailbox." It works fine if I forward to a real user. The point is that I want to forward it to another dot-qmail extension. -- Todd A. Jacobs CodeGnome Consulting, LTD
Alias not forwading to .qmail-foo-default
I'm trying to set up a spam-trap account as follows: ~/alias/.qmail-15dmziMUy nospam-hash ~/.qmail-hash-default so that mail to 15dmziMUy-foo will get delivered to nospam, with plans to put filters into .qmail-hash-default in the future to bounce extensions I no longer want deliverered because they've been used for spam. The problem is that the extentions to the alias seem to be ignored, because I get a bounce saying "no mailbox by that name" when trying to deliver to 15dmziMUy-foo. Am I doing something wrong? Has anyone else gotten something like this to work? -- Todd A. Jacobs CodeGnome Consulting, LTD
virtual users without virtual domains?
I realize this may sound like a silly question, but I'm trying to wrap my head around the whole virtual users facility, and am trying to understand whether I can set up virtual users without also setting up virtual domains. In my current setup, all account are real users delivered to codegnome.org. I'm also interested in setting up virtual users (i.e. users without a login account) that are still part of the same domain as the real users (e.g. codegnome.org). Is this possible, and if so, can the virtual users and real users all get their pop mail from the same pop daemon? -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: rotated multilogs are u+x?
On Thu, 15 Mar 2001, Alex Pennace wrote: > > The "current" log does not have this bit set. Why do the old logs need the > > executable bit set? > > http://cr.yp.to/daemontools/multilog.html Yes, Alex, I *know* the documentation says it will do this. I was wondering *why* the executable bit is necessary. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: filtering
On Thu, 15 Mar 2001, Yves Caetano wrote: > but there some filtering that i don't know how to do them like: You can use the .qmail file by creating an if/then pipe: |if grep 'foo@bar'; then bouncesaying 'I don't like you!'; fi Of course, using procmail is easier. Either use procmail as your default delivery method, or add '|preline procmail' to your user's dot-qmail file. -- Todd A. Jacobs CodeGnome Consulting, LTD
rotated multilogs are u+x?
I was noticing that all the saved multilog files have the following permissions: -rwxr--r-- The "current" log does not have this bit set. Why do the old logs need the executable bit set? -- Todd A. Jacobs CodeGnome Consulting, LTD
Confused about virtual users and pop3
As I understand it, as virtual user is just a .qmail-foo mailbox under the main user account. However, my reading has suggested that users can't use qmail-pop3d to access their accounts, because checkpassword is only looking at the main account. Is this right? Basically, I'm trying to find a way to provide easy pop3 access to the end-user, with a web interface for adding or deleting users, and the ability to manipulate per-user quotas. At the moment, I'm creating each user as a system account, which allows me to set the quotas with whatever granularity I like. But most of the web admin interfaces seem to be focused on virtual users, so I'm not sure what my alternatives are for a web front-end. Any suggestions? -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: How to use qmailanalog?
On Mon, 12 Mar 2001 ling@mail.hnytnet.com wrote: > What should I do next? > How to use other command in qmailanalog to analog the outout file? Pipe the output through any of the z* commands provided by the qmailanalog package. Each one is a shell script that you can read for information on what it does. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: Starting qmail from /etc/init.d/...
On Mon, 12 Mar 2001, Eric Pretorious wrote: > # Change the major functions into functions. > start() { > echo -n "Starting qmail: " > daemon ${qmail} > RETVAL=$? > echo > [ $RETVAL = 0 ] && touch /var/lock/subsys/smtp > return $RETVAL > } Replace "daemon ${qmail}" with "csh -cf '/var/qmail/rc'" and see what happens. The fact that qmail doesn't run right from sh/bash is mentioned in the docs. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: Quota Exceeded and Procmail
On Sat, 10 Mar 2001, Greg White wrote: > 1. Modify procmail to exit status 100 on quota exceeded. I did. It works--mostly. Instead of standard bounce text, the message is bounced with the following explaination: procmail: Quota exceeded while \ writing "Maildir/tmp/zOD.nTq6.mail.themeco.com" instead of a more standard: Recipient's mailbox is full, message returned to sender. (#5.2.2) Not a huge deal, in the grand scheme of things. For anyone else dealing with the same issue, you can put the following in your /etc/procmailrc or in $HOME/.procmailrc: # Needed if running from /etc/procmailrc. Otherwise, messages # will be unreadable by the user since they will be owned by # root as mode 0600. DROPPRIVS=yes # Deliver to user's maildir folder. :0 Maildir/ # Bounce mail if delivery fails. EXITCODE=100 Hope this saves someone an afternoon. :) -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: About splogger's fac? 2? 3?
On Mon, 12 Mar 2001, Adrian Ho wrote: > The facility code defines the type of program that's logging the > message (kernel, mail, etc.). Look in /usr/include/syslog.h for the > possible facility codes. Quite right. The correct answer was: /* facility codes */ #define LOG_KERN(0<<3) /* kernel messages */ #define LOG_USER(1<<3) /* random user-level messages */ #define LOG_MAIL(2<<3) /* mail system */ #define LOG_DAEMON (3<<3) /* system daemons */ #define LOG_AUTH(4<<3) /* security/authorization messages */ #define LOG_SYSLOG (5<<3) /* messages generated internally by syslogd */ #define LOG_LPR (6<<3) /* line printer subsystem */ #define LOG_NEWS(7<<3) /* network news subsystem */ #define LOG_UUCP(8<<3) /* UUCP subsystem */ #define LOG_CRON(9<<3) /* clock daemon */ #define LOG_AUTHPRIV(10<<3) /* security/authorization messages (private) */ #define LOG_FTP (11<<3) /* ftp daemon */ -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: concurrency
Okay, so I increased concurrencyremote to 60, and concurrecyincoming (for tcpserver) to 40. Concurrencylocal is still at 10, though, and I'm wondering if there's any real point to increasing it. Am I correct in thinking that leaving this at 10 is harmless, since the queue will be serviced fairly quickly anyway? Or is there a performance gain to be had in increasing this? My uninformed opinion is that there wouldn't be, since both the queue and the delivery parition are on the same physical drive, and both mounted sync. To me, that seems to say that higher local concurrency might actually slow the drive down, but I'm not really sure. Opinions, anyone? -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: About splogger's fac? 2? 3?
On Mon, 12 Mar 2001 ling@mail.hnytnet.com wrote: > What's the meaning of "fac"? Is it use in syslog? Facility. It's the log level used by syslogd. According to syslog.2: #define KERN_EMERG"<0>" /* system is unusable */ #define KERN_ALERT"<1>" /* action must be taken immediately */ #define KERN_CRIT "<2>" /* critical conditions */ #define KERN_ERR "<3>" /* error conditions */ #define KERN_WARNING "<4>" /* warning conditions */ #define KERN_NOTICE "<5>" /* normal but significant condition */ #define KERN_INFO "<6>" /* informational*/ #define KERN_DEBUG"<7>" /* debug-level messages */ -- Todd A. Jacobs CodeGnome Consulting, LTD
RE: Redirect email!
On Sun, 11 Mar 2001, Kirti S. Bajwa wrote: > My original question was "How can I re-direct the email messages > generated on ns1.mydomain.com?". Your answer will make sense if I have > qmail loaded on ns1.mydomain.com. In my original message, I said that > ns1.mydomain.com does not have any mail application on it. > ns2.mydomain.com does have qmail. You can't. If you don't have an MTA on the system (qmail, sendmail, postfix, whatever), mail will never leave the localhost. -- Todd A. Jacobs CodeGnome Consulting, LTD
RE: Redirect email!
On Sun, 11 Mar 2001, Kirti S. Bajwa wrote: > When you refer to "desired address", is it the UID (which is "root") > or something else? I have setup .qmail files and would appreciate > which folder this particular .qmail file you are referring to? No, I mean an actual, deliverable email address. "[EMAIL PROTECTED]" is a deliverable email address. You put it in $HOME/.qmail for whichever user you want to forward mail for. Please read http://www.lifewithqmail.org/ before asking these sorts of questions. It's one thing to be confused about something in the docs (I often am, since they aren't very extensive), but it helps to at least have a foundation to understand the answers people give you. -- Todd A. Jacobs CodeGnome Consulting, LTD
concurrency
I have a dedicated dual-processor server with 384 MB of RAM and a single SCSI drive. I'm running qmail and pop3d supervised according the LWQ, which sets softlimit to 200. Available inodes in the 2GB /var/qmail partition is 131,616, with split set to 23. Max file descriptors is 4,096. Local mail is being delivered to $HOME/Maildir/ on a seperate partition on the same drive, mounted sync (as is /var/qmail). As described in LWQ, I have remote concurrency set to 20 and local concurrency set to 10. Is this too low, given the specs? Or, considering the performance hit of running qmail-pop3d against a sync-mounted single drive, should I leave this alone? If I *do* bump up the concurrency, what rule-of-thumb should I apply to softlimit? I don't really have a good feel for what the concurrency does to memory requirements. Do I even need to adjust it at all? Basically, I have RAM and CPU cycles out the wazoo, but am a little constrained by drive speed and resources, and want to shuffle things in and out of the queue as quickly as possible so that there's room for the things that linger due to disk quota problems or whatever. All this assumes that Something Bad (tm) happens when the queue is filled (out of descriptors, inodes, or blocks). Maybe it doesn't--enlightenment is always welcome. -- Todd A. Jacobs CodeGnome Consulting, LTD
file descriptors
I'm not 100% sure I understand what file descriptors have to do with the queue's performance. Does qmail require one or more file descriptors for every message in the queue, or only for the "concurrent" messages it's sending or delivering? If I have 4096 descriptors available to the system, will I run into any problems if more than 4,000 messages are in the queue? -- Todd A. Jacobs CodeGnome Consulting, LTD
RE: How to add big-todo and big-concurrency patch ?
On Sun, 11 Mar 2001 [EMAIL PROTECTED] wrote: > How can I check whether the patch was successfully installed or not ? Patch will exit with no errors. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: Redirect email!
On Sat, 10 Mar 2001, Kirti S. Bajwa wrote: > How can I setup qmail so that any system message generated on the > first server ns1.mydomain.com are automatically directed to my mail > server, which is mail.mydomain.com (located on ns2.mydomain.com)? Put your desired address into your .qmail file. -- Todd A. Jacobs CodeGnome Consulting, LTD
Quota Exceeded and Procmail
I applied the "permanent failure" quota patch from jhayward yesterday, and realized that if the qmail-start is calling "|preline procmail" the patch doesn't come into play. Does anyone know of a way for qmail to trap the procmail "quota exceeded" error, and immediately bounce the message? I'd like to avoid having these messages age in the queue, if possible. -- Todd A. Jacobs CodeGnome Consulting, LTD
pop3d needs SUID root?
When running pop3d, I get an error saying "no $HOME/Maildir" which may be caused by the directory permissions of 0700 on both the home directory and Maildir. On Red Hat, procmail is the MDA, and is SUID/SGID root. Other than making pop3d run as root, what are my options? If I chmod the directories, what's the least privelege that will allow pop3d to run, without allowing users to clobber or access each other's Maildir files? -- Todd A. Jacobs CodeGnome Consulting, LTD
supervised pop3d
Does anyone have an example of calling pop3d from the supervise startup script (/etc/init.d/qmail) from LWQ? I'd really like to run it supervised, if possible. -- Todd A. Jacobs CodeGnome Consulting, LTD
RE: How to add big-todo and big-concurrency patch ?
On Fri, 9 Mar 2001 [EMAIL PROTECTED] wrote: > It's a text file, rite. But the 1st few lines looks like a readme. why > ? Can i just save the file as 'big-todo.103.patch' in my qmail server > and run the patch. Yes. Patch is pretty smart about that sort of thing. :) -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: How to add big-todo and big-concurrency patch ?
On Fri, 9 Mar 2001 [EMAIL PROTECTED] wrote: > 1. Where to get it ? http://qmail.valueclick.com/qmail/big-todo.103.patch > 2. How to install it ? Halt qmail. Run patch on the patchfile (probably 'patch -p0 < big-todo.103.patch' from within your qmail-1.03 source directory) and then 'make && make setup check' to recompile. -- Todd A. Jacobs CodeGnome Consulting, LTD
apop and authenticated smtp
I've seen a couple of patches on qmail.org relating to this, but they either don't list the version they relate to, or are described as experimental/unstable. I'd appreciate some recommendations from anyone who's tried some of these patches, including some pointers on which ones work with qmail 1.03, and which ones I should stay away from. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: Problem with rss?
On Sun, 4 Mar 2001, Russell Nelson wrote: > Quite right, not when you use relays.orbs.org. That zone has been > shut down. It has been replaced by a set of zones. You might want to > add just one, or multiple zones. See http://www.orbs.org for more > information. I used inputs.orbs.org and outputs.orbs.org, and still didn't get a successful block from your auto-tester. The other address, relays.mail-abuse.org, doesn't work either, but that has nothing to do with the change of service on ORBS afaik. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: rblsmtpd not recognizing -R flag
On Sat, 3 Mar 2001, Chris Johnson wrote: > If you're using the latest version of rblsmtpd--the one that comes > with ucspi-tcp--there's no -R option. See > http://cr.yp.to/ucspi-tcp/rblsmtpd.html I guess the new syntax didn't make it into the man pages. Thanks for the URL. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: Problem with rss?
On Sat, 3 Mar 2001, Chris Johnson wrote: > rblsmtpd -r 'relays.mail-abuse.org:Open relay problem - see > http://www.mail-abuse.org/cgi-bin/nph-rss?query=%IP%>' Where are you invoking this? If I put it in /var/qmail/supervise/qmail-smtpd/run, I get an error. -- Todd A. Jacobs CodeGnome Consulting, LTD
rblsmtpd not recognizing -R flag
I'm trying to run rblsmtd with protection if the lookup fails. According to both the rblsmtpd usage output and the man page, the -R flag should do this. However, tcpserver contains this log fragment: @40003aa185e70678a39c rblsmtpd: illegal option -- R @40003aa185e70678c2dc rblsmtpd: usage: rblsmtpd [ -b ] [ -R ] [ -t timeout ] [ -r base ] [ -a base ] smtpd [ arg ... ] And the undocumented -a flag is presumably the A record lookup enabled by the patch for rblsmtpd, right? My /var/qmail/supervise/qmail-smtpd/run now looks like: #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -p -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u $QMAILDUID -g $NOFILESGID 0 smtp /usr/local/bin/rblsmtpd \ -rblackholes.mail-abuse.org -rdialups.mail-abuse.org \ -rinput.orbs.org -routput.orbs.org \ -arelays.mail-abuse.org /var/qmail/bin/qmail-smtpd 2>&1 And RSS and ORBS are still failing to block, but RBL and DUL work fine. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: Problem with rss?
On Sat, 3 Mar 2001, Timothy Legant wrote: > Well, first, you could try simplifying it a bit I folowed your suggestion here. So far, so good. > Next, you need to get a patch for rblsmtpd. MAPS removed all the TXT > records in the RSS zone and now only replies to A record queries. > rblsmtpd only understands TXT records. See the second bullet at > http://www.qmail.org/top.html#spam I applied the patch, ran 'make && make setup check', and had exactly the same results as before. DUL and RBL work, RSS doesn't. Argh! -- Todd A. Jacobs CodeGnome Consulting, LTD
Problem with rss?
I'm running the following script as /var/qmail/supervise/qmail-smtpd/run. As you can see, rblsmtpd is setup to query all three mail-abuse.org services. However, when testing using [EMAIL PROTECTED], the RSS lookup is apparently failing. Has anyone else had a similar problem, or have some ideas about how I can debug this further? #!/bin/sh # This is /var/qmail/supervise/qmail-smtpd/run QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -p -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u $QMAILDUID -g $NOFILESGID 0 smtp /usr/local/bin/rblsmtpd \ /usr/local/bin/rblsmtpd -rdialups.mail-abuse.org \ /usr/local/bin/rblsmtpd -rrelays.mail-abuse.org \ /var/qmail/bin/qmail-smtpd 2>&1 -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: Problems with qmailanalog
On Fri, 2 Mar 2001, Dave Sill wrote: > You're trying to analyze tcpserver's logs, not qmail-send's logs. You're right. I changed /var/log/qmail/smtpd/current to /var/log/qmail/current and it works fine. Thanks. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: Log
On Fri, 2 Mar 2001, NDSoftware wrote: > 4/ RBL > What is the best solution for use many blacklist like RBL witch qmail ? You can specify multiple instances of rblsmtpd. For example, to use all the mail-abuse lists, edit /var/qmail/supervise/qmail-smtpd/run as follows: #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -p -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u $QMAILDUID -g $NOFILESGID 0 smtp /usr/local/bin/rblsmtpd \ /usr/local/bin/rblsmtpd -rdialups.mail-abuse.org \ /usr/local/bin/rblsmtpd -rrelays.mail-abuse.org \ /var/qmail/bin/qmail-smtpd 2>&1 This should take care of things for you. -- Todd A. Jacobs CodeGnome Consulting, LTD
Re: New qmail version request
On Fri, 2 Mar 2001, Balazs Nagy wrote: > - /var/qmail/man/: man pages should be eliminated in favor to html > pages, but it would be great if there would have a correct html2man > generator (it must not to be the part of the package) Um, man is a standard. Man is searchable. Man doesn't require an administrator to install lynx or some other program just to view the help. And no one should EVER be forced to use a GUI on a server platform (unless you like running MS OSes), especially not for the sole "privelege" of running Netscape in order to read documentation. > It's not exactly qmail-related, but a rblsmtpd should be configured > more sophisticated (eg. not from command line). sophisticated != GUI Since qmail doesn't have a controlling TTY, how can rblsmtpd be a non-CLI utility? Or did you have something else in mind? -- Todd A. Jacobs CodeGnome Consulting, LTD
Problems with qmailanalog
I'm running this following command: tai64nfrac < /var/log/qmail/smtpd/current | \ /usr/local/qmailanalog/bin/matchup And getting output like the following: ? 983523225.508134500 tcpserver: status: 0/20 ? 983523463.720841500 tcpserver: status: 1/20 ? 983523463.721270500 tcpserver: pid 17201 from 128.138.192.83 ? 983523463.799878500 tcpserver: ok 17201 \ cyrix.codegnome.org:63.195.51.16:25 \ openbsd.cs.colorado.edu:128.138.192.83::37694 ? 983523465.498049500 tcpserver: end 17201 status 0 ? 983523465.498068500 tcpserver: status: 0/20 ? 983523504.614741500 tcpserver: status: 1/20 ? 983523504.615165500 tcpserver: pid 17213 from 209.226.175.40 ? 983523530.649234500 tcpserver: ok 17213 \ cyrix.codegnome.org:63.195.51.16:25 \ tomts7.bellnexxia.net:209.226.175.40::50922 ? 983523531.142105500 tcpserver: end 17213 status 0 ? 983523531.142123500 tcpserver: status: 0/20 But when I pipe it through any of the z* commands, I get nothing except the column headers from the z* command itself. What am I doing wrong? -- Todd A. Jacobs CodeGnome Consulting, LTD
rblsmtpd and inetd
I'm getting a lot of errors like the following in my syslog: Feb 27 20:09:51 cyrix inetd[925]: pid 27274: exit status 1 which I suspect are coming from rblsmtpd. The problem is that I don't know how to redirect the stderr to a log file where I can see what the actual problem is. My inetd line is as follows: smtp stream tcp nowait qmaild /usr/sbin/tcpd \ /var/qmail/bin/tcp-env /usr/local/bin/rblsmtpd \ /var/qmail/bin/qmail-smtpd According to the rblsmtpd man page, the errors are being sent to stderr, but they're apparently not getting logged to syslog. What can I do? -- Todd A. Jacobs CodeGnome Consulting, LTD
Command + Delivery?
I'm struggling to understand something in the dot-qmail files. If I want to run something, and use the error code to determine if the mail should be delivered, how do I do that? At the moment, I have a .qmail-test file that contains a call to an RBL lookup utilityi that returns 100 if it's a blocked IP, and 0 otherwise. It reads: |ck4spam &nospam The problem is that the mail disappears into the bitbucket regardless of the errorlevel returned. What I'd like it to do is run the script, then deliver normally if the script doesn't return an error. How do I do that? -- Todd A. Jacobs Senior Network Consultant
qmail/rblsmtpd error
I have the following line in /etc/inetd.conf: smtp stream tcp nowait qmaild /usr/sbin/tcpd /var/qmail/bin/tcp-env /usr/local/bin/rblsmtpd /var/qmail/bin/qmail-smtpd I'm getting oodles of the following errors in my logs: Jul 3 14:12:12 cyrix inetd[810]: pid 31351: exit status 1 Jul 3 14:27:41 cyrix inetd[810]: pid 31420: exit status 1 Jul 3 14:43:22 cyrix inetd[810]: pid 31458: exit status 1 Jul 3 14:59:00 cyrix inetd[810]: pid 31481: exit status 1 Since qmail isn't restarting all the time, the problem seems to point to rblsmtpd. I did a grep of all the source files, but only found exit(1) in subgetopt.3, and am not sure how this applies. Can anyone help? -- Todd A. Jacobs Senior Network Consultant
Re: rblsmtp compilation error
On Mon, 3 Jul 2000, Peter Green wrote: > I've found that, occasionally, installing the kernel-source RPM after > the kernel-headers RPM breaks stuff. Re-install the kernel-headers RPM > (rpm -Uhv --force kernel-headers-2.2.16-3.i386.rpm) and try again. This is pretty much what happened. Thanks. :) -- Todd A. Jacobs Senior Network Consultant
Re: rblsmtp compilation error
On Sun, 2 Jul 2000, Ben Beuchler wrote: > Do you have the linux source tree installed on your box? I'm guessing > not. Yes, I do: kernel-source-2.2.16-3. -- Todd A. Jacobs Senior Network Consultant
Re: rblsmtp compilation error
On Sun, 2 Jul 2000, Ronny Haryanto wrote: > Installing the package kernel-headers will suffice. It's not necessary > to install the whole kernel source tree just to compile. I have those, too: kernel-headers-2.2.16-3 -- Todd A. Jacobs Senior Network Consultant
Problem resolved
The compile problem has been resolved. Even though rpm confirmed that all the files where there, and working, things were still broken until I forced an upgrade of the identical packages. *shrug* Who knows why? The point is it works now. I'm still curious to know what those exit 1 and exit 111 messages are, though. -- Todd A. Jacobs Senior Network Consultant
rblsmtp compilation error
I get the following errors when attempting to compile rblsmtpd-0.70 on Red Hat 6.2 running kernel 2.2.16-3. Any ideas about how I can get this to compile? In file included from /usr/include/bits/posix1_lim.h:126, from /usr/include/limits.h:30, from /usr/lib/gcc-lib/i386-redhat-linux/egcs-2.91.66/include/limits.h:117, from /usr/lib/gcc-lib/i386-redhat-linux/egcs-2.91.66/include/syslimits.h:7, from /usr/lib/gcc-lib/i386-redhat-linux/egcs-2.91.66/include/limits.h:11, from /usr/include/bits/socket.h:31, from /usr/include/sys/socket.h:34, from /usr/include/netdb.h:31, from txt.c:2: /usr/include/bits/local_lim.h:27: linux/limits.h: No such file or directory In file included from /usr/include/sys/socket.h:34, from /usr/include/netdb.h:31, from txt.c:2: /usr/include/bits/socket.h:295: asm/socket.h: No such file or directory In file included from /usr/include/arpa/nameser.h:87, from txt.c:5: /usr/include/sys/param.h:24: linux/limits.h: No such file or directory /usr/include/sys/param.h:25: linux/param.h: No such file or directory In file included from /usr/include/errno.h:36, from txt.c:7: /usr/include/bits/errno.h:25: linux/errno.h: No such file or directory make: *** [txt.o] Error 1 -- Todd A. Jacobs Senior Network Consultant
rblsmtpd error
A previously-compiled version is on my system. Qmail with rblsmtpd is the only thing running from inetd, and I'm getting the following errors (a lot of them): Jul 2 20:21:31 cyrix inetd[810]: pid 27892: exit status 1 That seems to point to rblsmtpd. When I tried to recompile, thinking perhaps something in RHL had changed, it refused to compile. So, aside from the compiling issue, does this error means something was found in the RBL, or does it mean that the rblsmtpd program is failing? -- Todd A. Jacobs Senior Network Consultant
ORBS + MAPS + DUL
Is it possible to use rblsmtpd to check more than one source at a time? For example, I'd like to set it up to consult all of the above services before accepting incoming mail. At the moment, I've got the following in inetd.conf: smtp stream tcp nowait qmaild /usr/sbin/tcpd \ /var/qmail/bin/tcp-env /usr/local/bin/rblsmtpd\ /var/qmail/bin/qmail-smtpd which only consults MAPS. Advice, please. -- Todd A. Jacobs Network Systems Engineer
Re: 3 quickies!
On Wed, 22 Dec 1999, Marc-Adrian Napoli wrote: > 1. anyone have any suggestions as to what to use for anti-spam > measures? there seems to be a number of options. http://cr.yp.to/rblsmtpd.html -- Todd A. Jacobs Network Systems Engineer
Re: Permissions problem
On Wed, 22 Dec 1999, Russell Nelson wrote: > Read the source of instcheck. It'll point you to hier.c Or else just > run install ("make setup") again. Any chance that re-running the installation could clobber something? -- Todd A. Jacobs Network Systems Engineer
Permissions problem
Running 'make check' returns the following: instcheck: warning: /var/qmail/alias has wrong permissions instcheck: warning: .../bin/sendmail has wrong group instcheck: warning: .../bin/sendmail has wrong permissions How can I find out what the "right" permissions are? -- Todd A. Jacobs Network Systems Engineer
Re: Forwarding
On Wed, 22 Dec 1999, Carsten Witt wrote: > How can I forward a mail to another adress. Must I compile another > modul. Or can I put this in /var/qmail/aliases/ ? echo forwardee > ~alias/.qmail-forwarding:address -- Todd A. Jacobs Network Systems Engineer
Re: Mail abuse in syslog
On Thu, 11 Nov 1999, Subba Rao wrote: > Why am I getting this message? All the outbound/inbound mail is > transfering fine. Somehow your IP address has ended up on the RBL. You are being actively blocked as a spammer. If you are not a spammer, follow the directions to have yourself removed from the RBL. -- Todd A. Jacobs Network Systems Engineer
cdb owned by root?
My /var/qmail/users/ files (assign and cdb) are owned by root:root. The system seems to work fine in that configuration, but I wanted to know if those were the proper permissions, or if those files are supposed to be owned by the qmail group instead. -- Todd A. Jacobs Network Systems Engineer
Usage of /var/qmail/users/assign (fwd)
I thought I'd repost this, in case the original (or any replies) got lost in the bitstream. The gist if my question is: when would I need to use assign instead of an alias? -- Todd A. Jacobs Network Systems Engineer -- Forwarded message -- Date: Sat, 6 Nov 1999 12:42:05 -0800 (PST) From: Todd A. Jacobs <[EMAIL PROTECTED]> To: QMAIL List <[EMAIL PROTECTED]> Subject: Usage of /var/qmail/users/assign I'm not 100% sure I understand the difference in intended usage between setting up a ~/alias/.qmail-whatever file and setting up a virtual user in /var/qmail/users/assign. As far as I can tell, the former uses forwarding, whereas the latter is acting like a true alias. Am I understanding this correctly? If so, what are the practical implications? They seem almost interchangeable to me. -- Todd A. Jacobs Network Systems Engineer
Re: Forwarding Root email
On Fri, 5 Nov 1999, G. Ryan Fawcett wrote: > I was wondering if it was possible to forward root email to an out side > address. For echo "&[EMAIL PROTECTED]" > ~alias/.qmail-root -- Todd A. Jacobs Network Systems Engineer
Re: ezmlm problem
On Fri, 5 Nov 1999, john wrote: > I installed ezmlm and after finishing the installation when I tested > like ezmlm-make command it gave me an error message file not found. How about posting the error? My guess is that ezmlm's files aren't in your path. -- Todd A. Jacobs Network Systems Engineer
Usage of /var/qmail/users/assign
I'm not 100% sure I understand the difference in intended usage between setting up a ~/alias/.qmail-whatever file and setting up a virtual user in /var/qmail/users/assign. As far as I can tell, the former uses forwarding, whereas the latter is acting like a true alias. Am I understanding this correctly? If so, what are the practical implications? They seem almost interchangeable to me. -- Todd A. Jacobs Network Systems Engineer
Re: /bin/mail, what exactly should one do to it?
On Thu, 28 Oct 1999, Chris Green wrote: > Having moved my qmail installation from a RedHat 5.2 setup to Mandrake > Linux 6.1 the one remaining thing I haven't sorted out is what exactly > one is supposed to to with /bin/mail. I run RH 6.0 with qmail and /bin/mail left as-is. It works fine for me. YMMV. -- Todd A. Jacobs Network Systems Engineer
Re: Completely Off-topic: A "good" MUA for Windows?
On Tue, 26 Oct 1999, Rogerio Brito wrote: > I know this is VERY off-topic, but do you know any "good" MUA > for Windows? Pegasus is manual-ware. It's very solid, feature-rich, and powerful. Not the most user-friendly, though--but then, that wasn't your question. :) -- Todd A. Jacobs Network Systems Engineer
Re: [OT] Any thoughts on instant messaging vs. smtp
On Fri, 22 Oct 1999, Eric Dahnke wrote: > I understand the pros and cons of each, but am interested in knowing if > there is anyone on this list who thinks instant messaging has a chance > of upseating smtp. This is a silly question. They are completely different. SMTP is a store-and-forward protocol. IM is not. QED. -- Todd A. Jacobs Network Systems Engineer
Re: Problems with trigger? (was: Re: qmail only delivers whenrestarted)
On Mon, 18 Oct 1999, David Dyer-Bennet wrote: > > I copied the qmail installation basically by doing:- > > cp -R /oldvar/qmail/* /var/qmail Hmmm. I tarred my qmail directory and moved it to another partition. Doesn't tar preserve permissions by default? -- Todd A. Jacobs Network Systems Engineer
Re: Wrong date when qmail is called from /bin/mail
On Sun, 17 Oct 1999, David Dyer-Bennet wrote: > qmail uses GMT for any header timestamps it adds because: When > tracing mail across timezones, it's easier if they're all displayed in > the same timezone, and because if you want them displayed any > particular way that's a good task to assign to the displaying program, > *and* because by not trying to find the local timezone, Dan avoids > having to reimplement that part of the standard C library (he avoids > using the standard C library because it's insecure and buggy on too > many systems). Ah! That's a reason I can understand, and can live with. :) Security is a big issue at my site, so anything that enhances security is okay by me. I just like having a reason. Thanks for the info. -- Todd A. Jacobs Network Systems Engineer
Re: Wrong date when qmail is called from /bin/mail
On Sun, 17 Oct 1999 [EMAIL PROTECTED] wrote: > /bin/mail is not putting the headers on your mail.. the MTA/MUA is (ie > sendmail/qmail and pine). But it used to when running under sendmail. Someone else told me that qmail defaults to using zulu. Is there a way to force it to use local time, instead of GMT? -- Todd A. Jacobs Network Systems Engineer
Re: qmail only delivers when restarted
On Sun, 17 Oct 1999, David Dyer-Bennet wrote: > > Check the permissions on /var/qmail/queue/lock/trigger. They should look like > > this: > > > > prw--w--w- 1 qmails qmail 0 Oct 16 17:39 trigger That was definitely the problem in my case. I'm not sure how it changed, though. If I find out, I promise you'll be the second one to know. :) I couldn't find any info on the trigger file. Can you explain how qmail is using this named pipe, and why it has to be world-writable? -- Todd A. Jacobs Network Systems Engineer
Re: Wrong date when qmail is called from /bin/mail
On Sat, 16 Oct 1999 [EMAIL PROTECTED] wrote: > Look at the end of the timestamps one is ZULU or GMT.. the other is > your "local" time PDT (Pacific Daylight Time). So /bin/mail doesn't recognize the local time format? -- Todd A. Jacobs Network Systems Engineer
Frequency of queue processing
How can I modify the frequency at which qmail processes the queue? -- Todd A. Jacobs Network Systems Engineer
qmail only delivers when restarted
For some reason, qmail has gotten into a state where it will only deliver mail when killed and then restarted. After a restart, it refuses to deliver local mail after the first batch has been processed. -- Todd A. Jacobs Network Systems Engineer
Wrong date when qmail is called from /bin/mail
My date offset seems to have aquired a problem since I moved from sendmail to qmail when mailing from the command-line using /bin/mail under Red Hat 6.0. I get the following date: Date: 16 Oct 1999 23:55:55 - while sending from pine returns: Date: Sat, 16 Oct 1999 16:57:35 -0700 (PDT) Any ideas as to what's wrong, and how I can fix it? -- Todd A. Jacobs Network Systems Engineer
Re: Understanding virtual addresses
On Fri, 15 Oct 1999, Russell Nelson wrote: > [EMAIL PROTECTED]:bill > [EMAIL PROTECTED]:mary > [EMAIL PROTECTED]:john This would be fine, but when I ran qmail-pw2u, I got a lot of bounced messages saying no such user mailboxes existed. The idea is to deliver the mail directly to a stated user, rather than forwarding it via a dot-file. As I understand it, the mystic incantation is to run qmail-pw2u, pipe the output to /var/qmail/users/assign, run qmail-newu, and restart qmail-send. This didn't work for me. I was wondering if I'd misunderstood, or if there was some other secret spell I was supposed to incant. :) -- Todd A. Jacobs Network Systems Engineer
Directory permissions changed on mount
I made a small goof when setting a new mount point for /var/qmail. Can anyone tell me what the default permissions of /var/qmail are? The subdirectories are unchanged; it;s just /var/qmail that might have been modified. -- Todd A. Jacobs Network Systems Engineer
Directory permissions on /var/qmail?
I made a small goof when setting a new mount point for /var/qmail. Can anyone tell me what the default permissions of /var/qmail are? The subdirectories are unchanged; it;s just /var/qmail that might have been modified. -- Todd A. Jacobs Network Systems Engineer
Re: Understanding virtual addresses
On Fri, 15 Oct 1999, Magnus Bodin wrote: > What do you need to do? I'm trying to set up aliases that are directly delivered rather than forwarded. In other words, I'd like them to be true aliases. For example, I'd like to set up [EMAIL PROTECTED] to go directly to a user without adding the forward line that creating ~alias/.qmail-contract would add. Is that possible, or is what I'm trying to do outside the realm of what qmail does? -- Todd A. Jacobs Network Systems Engineer
Understanding virtual addresses
I understand the .qmail forward files, for the most part, but I'm not entirely sure I understand how to make use of virtual addresses. My forways into playing with /var/qmail/users was highly unsuccessful. Can someone point me to some reasources on how to effectively set this sort of thing up? While I could set up everything with an ~/alias/.qmail-foo forward, I would really prefer not to have to do so. -- Todd A. Jacobs Network Systems Engineer
Yes, inetd DOES work!
Inetd works fine. Nowhere in the FAQ does it say it doesn't. And I got it to work on my system...eventually. The problem seems to have been that inetd (or possibly tcpd) is very picky about spacing when parsing certain command lines. The following (from the FAQ, BTW) worked fine: smtp stream tcp nowait qmaild /usr/sbin/tcpd /var/qmail/bin/tcp-env /var/qmail/bin/qmail-smtpd For some reason, spacing it with tabs like other lines in inetd.conf caused it to misbehave. Luckily, that's all finished now, and it's been a very polite daemon ever since. Remember today's lesson: perseverence! :) -- Todd A. Jacobs Network Systems Engineer
inetd
The problem seems to lie somewhere with tcp-env. Here is a line from my logs: Oct 10 23:23:57 tjacobs tcp-env[1184]: refused connect from shell11.ba.best.com So, it seems like tcp-env is actually refusing the connection. Any ideas on how to debug this further? -- Todd A. Jacobs Network Systems Engineer
Re: inetd
On Mon, 11 Oct 1999 [EMAIL PROTECTED] wrote: > One feature of inetd which is heavily used by tcp-wrappers is that it > passes the first argument as argv[0] which is usually the command > itself. Therefore you have to remove the single tcp-env after the > command line, this will read: smtp stream tcp nowait qmaild > /path/to/tcpd /var/qmail/bin/tcp-env /var/qmail/bin/qmail-smtpd I tried your suggestion, but the same thing happened as before: the remote site connects, but the localhost closes the connection after about 3 seconds. I *did* read the install guides, and while it recommends tcpserver for heavily-used environments, my needs aren't so great. I really don't want to have to run a seperate service for this. -- Todd A. Jacobs Network Systems Engineer
Re: virtual email problem
On Mon, 11 Oct 1999, Benjamin de los Angeles Jr. wrote: > I noticed that all virtual emails with '.' (i.e. civil.engg) has this error. > Is there a work-around on this? I just migrated from Sendmail to Qmail and > never expected this would happen. It's documented. Use ':' instead of '.' when setting up local aliases, and the incoming dots will get handled properly. -- Todd A. Jacobs Network Systems Engineer
inetd
As instructed by the installation guide, I placed an entry for smtp into inetd.conf. However, the entry: smtpstream tcp nowait qmaild /var/qmail/bin/tcp-env \ tcp-env /var/qmail/bin/qmail-smtpd doesn't seem to pay any attention to /etc/hosts.deny. I tried prefacing it with tcpd, but that didn't do much good either. Suggestions? -- Todd A. Jacobs Network Systems Engineer
Re: Address Substitution
On Sun, 10 Oct 1999, Subba Rao wrote: > What if I have different email address at different service providers? > This account has ibm.net, while I have an account at yahoo.com, netscape.com etc. > How do I append different domainname to different accounts? It's easier to rewrite the From: header in your email. Just set up your MUA to write what you want in that header, and qmail shouldn't overwrite it. The default is just that: a default, in case nothing is specified. -- Todd A. Jacobs Network Systems Engineer
Re: Address Substitution
Put your "real" email address into /var/qmail/control/defaultdomain. That should create all new emails as being from that domain. -- Todd A. Jacobs Network Systems Engineer
Re: No man pages installed?
On Sun, 10 Oct 1999, Markus Stumpf wrote: > They probably are, but they go to >/var/qmail/man > Add this directory to your MANPATH environemt variable and the "man" > command will find them. Thanks. It worked like a charm. :) -- Todd A. Jacobs Network Systems Engineer
No man pages installed?
The man pages were not installed by default. How can I install them? -- Todd A. Jacobs Network Systems Engineer
Security considerations of chown qmaill
In the web site at http://web.infoave.net/%7Edsill/lwq.html.proxymate.qs#install-daemontools, there's a point where one is directed to create a directory and chown qmaill. Part of the init.d script seems to rely on this step. My question is whether there is a security consideration, because qmaill is part of the nofiles group. Isn't security being compromised by allowing qmaill to own files? -- Todd A. Jacobs Network Systems Engineer
Starting as a daemon in rc*
I'm new to qmail, and have been playing around with trying to get the qmail-send process to start and stop in certain runlevels. I've found that SIGTERM send to qmail-send will kill all the qmail processes. I can't seem to write a usable rc-style script to automate this, though. Does anyone has such a beast? Is it even a good idea? -- Todd A. Jacobs Network Systems Engineer
Re: OT: saturating a T1 with e-mail
On Sat, 2 Oct 1999, Eric Dahnke wrote: > A T1 would be ~ 80% utilized passing 22,000msgs/hr if the average msg > size was 23K. Not really. You need to differentiate peak load from sustained. (average message size) * (number of messages per hour) - = peak seconds 1544 So, assuming your numbers are accurate, you could clear 22,000 queued messages of that size is 327.72 seconds of maximum throughput. That's only an average sustained throughput of about 9.2%. -- Todd A. Jacobs Network Systems Engineer