Re: Which RBL replacement?
On Tue, Jul 24, 2001 at 03:43:50PM +0200, Johan Almqvist wrote:
* Paulo Jan [EMAIL PROTECTED] [010724 15:29]:
Starting Jul 31 RBL will start charging for using their services. Which
of the free RBL replacement do people recommend? I have read so far
about ORBL and ORBS...
Take a look at
http://www.almqvist.net/johan/qmail/rbldomains.txt
Ugh. That has some bad info on it. orbS.gst-group.co.uk is the wrong name
(should be orbz.gst-group.co.uk).
The rfc-ignorant zones are at rfc-ignorant.ORG, not com.
Note, also, that the {abuse|dsn|postmaster|whois}.rfc-ignorant.org lists are
'rhsbl' lists (rhs for right-hand side of the envelope sender domain
name), and are useless with rblsmtpd.
Please, when you use these resources, make sure that you use them correctly,
and that you keep informed of recent developments with the various lists. If
you don't, not only will it not help you reduce spam, it will also waste your
resources and those of the volunteers providing the service.
Vince.
Re: Which RBL replacement?
On Tue, Jul 24, 2001 at 03:28:53PM +0200, Paulo Jan wrote: Hi all: Starting Jul 31 RBL will start charging for using their services. Which of the free RBL replacement do people recommend? I have read so far about ORBL and ORBS... ORBS is dead, and has been since the beginning of June. There is no replacement for the RBL or the DUL; all the other ip-based lists are open relay lists, and as such, free replacements for RSS. I think it would be unwise at this point to recommend any of them; none of them have been in operation long enough to establish their credibility. If you're using the MAPS services now, you should really consider subscribing. If you cannot afford to pay according to the published fee schedule, contact MAPS and offer them what you _can_ afford to pay (or, apply for an individual/hobby site subscription if that applies in your case). MAPS does _much_ more than just provide tools to block spam. Vince.
Re: some wierdness with qmail - rbl/rss - dnscache
On Thu, Jul 19, 2001 at 06:03:00PM -0400, Kris von Mach wrote: Something very weird started happening yesterday, and I have been trying to figure out what it might be, and I was unable to narrow it down. I have been running qmail with rbl/rss and also running dnscache on the same machine for a while without any problems. Yesterday my dnscache log started filling up with these error messages: (log excerpts trimmed: ) @40003b574c21126fcb94 query 27874 7f01:e77a:701d 1 @40003b574c2113c47684 query 27875 7f01:fccb:eebc 12 @40003b574c2113eb6744 query 27876 7f01:fccb:eebc 16 @40003b574c2113f087c4 query 27877 7f01:e77a:701d 1 All these request are from localhost; so it could very well be rblsmtpd causing these requests. about 20 or so requests like this a second... about 95% of them are for 150.68.39.208.relays.mail-abuse.org/150.68.39.208.blackholes.mail-abuse.org which is (web01.dc.intira.com, not my server) and the other 5% are for 2.110.10.209.in-addr.arpa (my server) my qmail-smtp and qmail-send logs don't show anything interesting... What does that mean? And how do you know? [re-ordered] exec softlimit -m 1 -t600 tcpserver -S -R -H -c100 -x /home/vpopmail/etc/tcp.smtp.cdb -u $QMAILUID -g $NOFILESGID 0 smtp rblsmtpd \ -r blackholes.mail-abuse.org \ -r 'relays.mail-abuse.org:Open relay problem - see http://www.mail-abuse.com/cgi-bin/nph-rss?%IP%' \ qmail-smtpd splogger smtpd 21 Use '-v' with tcpserver to log connection attempts (which is what would cause rblsmtpd to do lookups). What version of ucspi-tcp do you have? My copy of 0.88 doesn't have an '-S' option. If you are getting connection attempts from this address, try using recordio to see what the host is sending to rblsmtpd (and possibly qmail-smtpd). My antivirus program (kaspersky's) didn't like this at all and was generating this error: Well, then, you must have _something_ interesting in your qmail logs, since something is reaching your antivirus thingy. [...] My qmail setup is done according to Matt Simerson's qmail-vpopmail-freebsd toaster. I'm not familiar with that document. RBL and RSS tests shows that everything is working fine... What does that mean? What sort of tests did you do? What is the 'everything' that is working fine? Obviously, it's not, since you're asking the question here. So the only thing that I can think of that might be different is that MAPS changed something? No yet. I know I haven't changed anything for over a month now (and this is a fairly busy server). The thing that really freaks me out is that I worked on Deloitte Consulting's web site around a year ago, and now my dnscache is filling up with requests for 150.68.39.208.blackholes.mail-abuse.org which the IP address is for web01.dc.intira.com... I hope the two are not related in anyway. We have no way of knowing that. Vince.
Re: orbs
On Thu, Jul 19, 2001 at 10:22:02AM -0400, Kurth Bemis wrote: does any one know why orbs is offline? It appears to be because of a) legal troubles and b) the fact that Alan Brown has sold his ISP business. It is highly unlikely at this point that it will ever come back. It has been down, by the way, since early June. If you are still running rblsmtpd querying any of the ORBS lists, be warned: - The lists are no longer being maintained. The information in those list is *fast* becoming outdated; as time passes, you will be rejecting mail from more and more hosts that are not open relays. - The volunteers who provided DNS service to orbs.org are now seeing a significant increase in bandwidth usage because of the way the orbs lists were shut down. One of them has already turned to answering *every* ORBS request with an A and TXT record; this will lead to loss of _at least_ 1/10th of the mail at hosts still using ORBS. It is possible that others will start doing the same; in which case you will lose even more mail. Stop querying the ORBS lists; you're just wasting your own and others' resources. And if you switch to one of the other DNSBL's, please make sure you keep up with the various anti-spam forums. Most of these services are provided for free; making sure you don't waste the resources is the least you can do. Vince.
Re: sqwebmail and qmail?
On Mon, Jul 16, 2001 at 05:06:04PM -0700, Bill Parker wrote: Hi All, I was wondering, is there a way to make a reply to a message sent from sqwebmail not show the username@FQDN but rather username@domain This purely an sqwebmail issue, and your should really have asked it on the sqwebmail mailing list. You can find the answer in the sqwebmail INSTALL file; look for 'sendit.sh'. Vince.
Re: Please help with bounce
On Tue, Jul 17, 2001 at 02:35:45PM +, Sky wrote: Hello all, I have a problem with qmail bouncing. Here is the problem: I have a provider (demos.su also dol.ru) pop3 account elsewhere and also I have forwarding email at third location. Usually, I send mail using my provider's smtp, in the message I have forwarding From: field, and I collect replies from my pop3 account. [ ... ] [EMAIL PROTECTED]: 194.87.0.16 does not like recipient. Remote host said: 571 [EMAIL PROTECTED] we do not relay Giving up on 194.87.0.16. [snip] Return-Path: [EMAIL PROTECTED] Received: (qmail 6574 invoked from network); 17 Jul 2001 13:34:53 - Received: from mx.demos.su (HELO demos.su) (194.87.0.32) by linux.polisma.net with SMTP; 17 Jul 2001 13:34:53 - Received: from [194.87.5.54] (HELO geisteskrank.demos.su) by demos.su (CommuniGate Pro SMTP 3.4.8/D) with ESMTP id 29014079 for [EMAIL PROTECTED]; Tue, 17 Jul 2001 13:34:32 +0400 Received: by geisteskrank.demos.su with SMTP id f6H9Xuf81758 from atomik (IDENT:[EMAIL PROTECTED] [194.87.5.54]) As these headers show, it is geisteskrank.demos.su that rewrites your envelope-from. That's broken behaviour, especially if they do not accept addresses of that format. Tell demos.su to fix their MTA. P.S. [EMAIL PROTECTED] is my forwarding address - it forwards mail to my pop3 account. Please help me with configuring bounce so that it sends bounce to From: field, and not to what it sends now. No; that would be broken behaviour. Bounces should only go to the envelope-sender. The problem is with your provider. Vince.
Re: Distributed Checksum Clearinghouse (DCC) antispam for qmail?
On Mon, Jul 16, 2001 at 02:35:13PM -0400, Chris Shenton wrote: With ORBS recent demise and the commercialization of MAPS, I started looking for other antispam measures. The most promising I've found is the Distributed Checksum Clearinghouse: http://www.rhyolite.com/dcc/ If I'm reading it correctly, the code computes a variety of checksums on portions of messages coming through your MTA, and sends these to a DCC server which keeps running counts of each reported checksum; ... stored in a database ... spam sent to a wide audience would increment the same sums so you could detect it. Clients can ... send checksums to the server and ... query this and decide what to do with any incoming message. It has whitelists so that large list mail (e.g. inet-access) would be excluded from spam consideration. Yes. It looks extremely cool. Vernon Schryver (the author) has been marketing it saying installation takes only a few minutes - while this is true once you've read and understood the documentation, that part takes a little more time. Seems to be built for integration with sendmail. Anyone using it now with qmail? I am currently working on integrating DCC with qmail and procmail via the 'dccproc' procmail interface to dcc. I have some ideas about integrating it with qmail; probably via a qmail-local wrapper (dccproc adds an X-DCC header to the mail). I'm configuring my spamtraps with | dccproc -t many -o /dev/null in dot-qmail(5); this creates a nice line in my qmail-send log with the report dccproc made. I haven't found anything useful searching google for dcc qmail. DCC wasn't publicly available until July 12th. There has been some activity on the DCC mailing list - but not much. Vince.
Re: tcpserver: end xxxx status 256
On Fri, Jul 06, 2001 at 10:07:11PM -0700, Lists Servers Email wrote: Does any know what causes this error: Server: tcpserver: end status 256 A program that was called by tcpserver exited non-zero. What you obscured is a pid. Client: user xxx +OK pass xx -ERR unable to write pipe Connection to host lost. I'm guessing (since you haven't shown us your tcpserver command-line) that qmail-popup has a problem with whatever problem it's trying to call. Vince.
Re: tcpserver: end xxxx status 256
Please don't Cc: me, I'm on the list. On Sat, Jul 07, 2001 at 01:16:31AM -0700, Lists Servers Email wrote: [...] But I have another problem!!! there is mail in the queue but it's not get deliver local. That sucks. What do the logs say[tm]? Vince.
Re: more startup fun
On Wed, Jul 04, 2001 at 01:41:40AM -0500, David Dahl wrote: I cannot get qmail to startup properly: The examples you showed are from an installation that uses daemontools. Is svscan running? [...] shutdown and error: = [root@mckenna bin]# /etc/init.d/qmailctl stop Stopping qmail... qmail-smtpd svc: warning: unable to control /service/qmail-smtpd: file does not exist qmail-send svc: warning: unable to control /service/qmail-send: file does not exist Those directories aren't being supervised; probably svscan isn't running listing of /service: == [root@mckenna /service]# ls -lia total 16 32618 drwxr-xr-t3 root qmail4096 Jul 3 12:57 ./ 32613 drwxr-xr-x5 root qmail4096 Jul 3 12:16 ../ 32619 drwxr-xr-x2 root qmail4096 Jul 3 10:20 log/ 32623 lrwxrwxrwx1 root root 32 Jul 3 12:57 qmail-send - /var/qmail/supervise/qmail-send// 32624 lrwxrwxrwx1 root root 33 Jul 3 12:57 qmail-smtpd - /var/qmail/supervise/qmail-smtpd// 32620 -rwxr-xr-x1 root qmail 212 Jul 3 10:16 run* Why is there a log directory and a run file in your /service? You have your /service directory configured like it is a service itself; it's not. the /service directory is used to tell svscan where to find services to supervise. Also, the /service directory should be owned root.root, not root.qmail . You should only have symlinks to service directories in /service, like the ones you have for qmail-send and qmail-smtpd . If svscan can't start those, it writes messages to the console. [...] do i even need xinietd with tcpserver? No; tcpserver is a replacement for inetd-like tools. do i have permissions problems up in /service? Apart from it being owned root.qmail, no. Vince.
Re: more startup fun
On Wed, Jul 04, 2001 at 03:05:44AM -0500, David Dahl wrote: On Wed, Jul 04, 2001 at 01:41:40AM -0500, David Dahl wrote: I cannot get qmail to startup properly: The examples you showed are from an installation that uses daemontools. Is svscan running? Yes, it is installed and can run. i guess i just realized that i did not activate svscan in inittab... do i need to reboot now? Yes, or do # kill -HUP 1 As in section 2.7 of Life With Qmail. shutdown and error: = qmail-send svc: warning: unable to control /service/qmail-send: file does not exist Those directories aren't being supervised; probably svscan isn't running I guess I do not understand how supervise works... http://cr.yp.to/daemontools/supervise.html supervise switches to the directory named service and starts ./run. It restarts ./run if ./run exits. It pauses for a second before starting ./run, so that it does not loop too quickly if ./run exits immediately. supervise is used to manage a service; svscan is used to manage the 'supervise'rs. [...] Why is there a log directory and a run file in your /service? You have your /service directory configured like it is a service itself; it's not. the /service directory is used to tell svscan where to find services to supervise. Also, the /service directory should be owned root.root, not root.qmail I have been following Life with qmail all night. It says to setup the log dir and run file in that directory. I just searched Life With Qmail looking for that instruction; it doesn't say that. Vince.
Re: more startup fun
On Wed, Jul 04, 2001 at 10:23:28AM +0200, Vincent Schonau wrote: On Wed, Jul 04, 2001 at 03:05:44AM -0500, David Dahl wrote: do i need to reboot now? Yes, or do # kill -HUP 1 Correction; don't do this now; do it after you've corrected your installation. Vince.
Re: more startup fun
On Wed, Jul 04, 2001 at 03:47:33AM -0500, David Dahl wrote: On Wed, Jul 04, 2001 at 03:05:44AM -0500, David Dahl wrote: i finally looked at the console after rebooting: env: SQUARE ICON: No such file or directory env: SQUARE ICON: No such file or directory env: SQUARE ICON: No such file or directory env: SQUARE ICON: No such file or directory env: SQUARE ICON: No such file or directory env: SQUARE ICON: No such file or directory INIT: Id SV respawning too fast: disabled for 5 minutes (SQUARE ICON is actually a white square) h... i am really lost now, but i assume this means that svscan is really not running... Your SV line in /etc/inittab is broken. The inittab line as shown on http://cr.yp.to/daemontools/svscan.html should be _all on one line_ Vince. (thanks for not Ccing me)
Re: sending mail via MS Exchange
On Wed, Jul 04, 2001 at 10:45:39AM +0200, Bymark, Jan wrote: Hi, I want my Qmail to be able only to send mail, NOT recieve. My smtp server is a MS Exchange, but that shouldn't be a problem, I hope. I've been looking at smtproutes If the IP address of your Exchange SMTP server is 192.168.1.1, do # echo :192.168.1.1 control/smtproutes into smtproutes. Only start qmail-send, not qmail-smtpd (or qmail-qmtpd or qmail-qmqpd) and your host will not be able to receive mail from remote hosts. Vince.
Re: RFC complience
On Tue, Jul 03, 2001 at 12:47:30PM +0200, [EMAIL PROTECTED] wrote: [...] i myself has tested this tool(mail client for tv for broadband network) with other ISP's , other mail servers on internet but its working with all those accept out mail server , so please suggest how to debug/resolve this problem , Look in your logs. If your logs do not have any information pertaining to this problem, use recordio to see what's going over the wire. Vince.
Re: LWQ question..cjk
On Tue, Jul 03, 2001 at 06:24:42PM +0300, Constantine Koulis wrote: [...] Note: qmail-local can deliver mail to maildir mailboxes, but it can't create them. Maildir mailboxes should be created with the maildirmake program that comes with qmail. E.g., maildirmake ~/Maildir. Be sure to run maildirmake as the owner of the maildir, not as root. Your useradd or adduser command might support a skeleton directory, e.g. /etc/skel, where you can create a maildir that will be copied for all new users. THAT MEANS THAT FOR EVERY VIRTUAL USER I HAVE TO DO MAILDIRMAKE Please don't yell. For every (virtual or otherwise) user you have to specifiy a delivery method. If you want to deliver the mail to your virtual users locally, yes, you have to do maildirmake for each of them. This can of course easily be automated if you have a database of your virtual users somewhere. If you don't deliver the mail locally, you do have to specify some delivery method, e.g. through .qmail files. and what is SKELETON? On some systems, when you do a 'useradd' that creates a home directory, the useradd program will copy the files in /etc/skel to the newly created home directory. You don't need this for virtual users. Vince.
Re: Help about mail-abuse testing
On Sun, Jul 01, 2001 at 02:03:34PM +0800, [EMAIL PROTECTED] wrote: Hi, I have some problems when using qmail-ldap. My qmail server was be listed on mail-abuse.org. I did the test from my mailserver by telnet to relay-test.mail-abuse.org. The test stopped at the Test 11. The result as below: :Relay test: #Test 11 mail from: spamtest@ 250 ok rcpt to: nobody%mail-abuse.org 250 ok QUIT How can I pass the test! You passed the test. That message didn't get delivered. Vince.
Re: Help about mail-abuse testing
On Sun, Jul 01, 2001 at 08:55:47AM +0200, Vincent Schonau wrote: On Sun, Jul 01, 2001 at 02:03:34PM +0800, [EMAIL PROTECTED] wrote: [ percenthack ] How can I pass the test! You passed the test. That message didn't get delivered. Correction. Do $ cat /var/qmail/control/percenthack If you get 'No such file or directory' the message didn't get delivered, and you passed the test. Vince.
Re: Logs
On Sun, Jul 01, 2001 at 12:00:03AM +0200, NDSoftware wrote: Hello, I have for exemple: @40003b3e495c2ec85f2c info msg 195881: bytes 2951 from [EMAIL PROTECTED] qp 13962 uid 503 How i can get date and time ? $ /usr/local/bin/tai64nlocal (part of the daemontools package). Can i customise logs of qmail for get more informations like IP, date, time,... The remote IP address will be in your qmail-smtpd log, not the qmail-send log, if you run qmail-smtpd from tcpserver with -v. How work the logrotate of qmail ? See URL:http://cr.yp.to/daemontools/multilog.html How i can like the logotate program send the logs by e-mail ? See that same page, look for '!processor'. Vince.
Re: Portable RPM for qmail
[ Please make your MUA understand Mail-Followup-To ] On Thu, Jun 28, 2001 at 12:12:14PM +1000, John Newbigin wrote: You may distribute a precompiled package if [ ... ] installing your package produces exactly the same files, in exactly the same locations, that a user would obtain by installing one of my packages listed above; My RPM produces exactly the same file and directory structure with the exception that I have removed the cat pages. If that is a problem then they could be added back in. The RPM spec was generated by the hier.c code and I have verified the installed package with instcheck. I have applied my own patch which removes the uid/gid problems and I have added a redhat 6.2 style rc script. The source rpm contains the original qmail-1.03.tar.gz and my 2 patch files. A source RPM is not a precompiled package; so I don't see a problem with this, especially since Bruce Guenter is also distributing one. Bruce may have obtained permission from Dan, however, you'll have to ask him. your package behaves correctly, i.e., the same way as normal installations of my package on all other systems; and What exactly is meant by that? There is no standard installation procedure and there is no reference package so what constitutes correct behaviour? It means tbat if you apply patches that modify the behaviour of qmail, you can't redistribute the _binary_ package. In my interpretation, this excludes modifications to the installation procedure. [...] All installations must work the same way; any variation is a bug. If there's something about a system (compiler, libraries, kernel, hardware, whatever) that changes the behavior of my package, then that platform is not supported, and you are not permitted to distribute binaries for it. All installations must work the same way as what? My RPM is built for RedHat 6.2 only. All installations must work the same way as an installation from source, without modifications on a supported platform. So adding an rc script in /etc/rc.d is not a problem, but installing a modified qmail-send that sends obscene bounce-messages is not. I have built the RPM's for my own use but I would like to do what I see a a service to the community and make them available to help rid the world of sendmail. I hope that the barrier to doing this is not too great. While I appreciate the sentiment, I think this specific community will not benefit from additional (packaged) distributions. There is already a wide variation of installation instructions and a fairly major modified distribution, all of which are supported in this forum. I fear that adding another one (that doesn't add any significant features to Bruce's version) will only add to the support load here. It is my opinion that the best way to install qmail, _especially_ for inexperienced qmail users, is to build from source, using either Dan's instructions or Life With Qmail. Mailservers in general and qmail especially are not trivial software; they're network-accessible services that have significant operational and security-implications. This means that making new users read a lot of documentation is a _feature_, not a bug. If you really want to do this, I think your safest choice is to only distribute the source RPM, or obtain specific permission from Dan to distribute the binary RPM. Vince.
Re: Portable RPM for qmail
On Thu, Jun 28, 2001 at 09:17:29AM +0200, Vincent Schonau wrote: [ minor correction ] All installations must work the same way as an installation from source, without modifications on a supported platform. So adding an rc script in /etc/rc.d is not a problem, but installing a modified qmail-send that sends obscene bounce-messages is not. ^^^ Scratch that: the last case _is_ a problem. Vince.
Re: Portable RPM for qmail
On Wed, Jun 27, 2001 at 04:33:43PM +1000, John Newbigin wrote: My second question is about the licence for qmail. Despite all my looking I can't find it. Can someone point me to the licence or summarise what I can do with a binary RPM. URL:http://cr.yp.to/distributors.html Vince.
Re: Problem with conf-split config
On Wed, Jun 27, 2001 at 10:42:26AM +0530, D Rajesh wrote: Hi there, I have done the conf-split configuration and after make setup It created directory /var/qmail. I have moved the original /var/qmail to /var/qmail2 before the make setup. After finishing the installation, I have started /var/qmail/rc in background. It got started successfully. Then if I try to start /var/qmail2/rc then it gives error saying qmail-send already running... If you want two separate copies of qmail running, you have to put /var/qmail2 into conf-qmail and recompile. If you don't change conf-qmail, the /var/qmail path will still be compiled into your binaries. Vince.
Re: badmailfrom
On Wed, Jun 27, 2001 at 10:09:00AM -, [EMAIL PROTECTED] wrote: Hi, I have the following in control/badmailfrom as shown by qmail-showctl: badmailfrom: [EMAIL PROTECTED] not accepted in MAIL FROM. Hahaha [EMAIL PROTECTED] not accepted in MAIL FROM. Yet messages with the following headers still get through: --- Below this line is the original bounce. Return-Path: Received: (qmail 24147 invoked from network); 27 Jun 2001 09:32:49 - Received: from 046.ro00.dial.iqnet.net.au (HELO default) (203.132.93.46) by mail-x1.iqnet.net.au with SMTP; 27 Jun 2001 09:32:49 - From: Hahaha [EMAIL PROTECTED] Subject: Snowhite and the Seven Dwarfs - The REAL story! MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=--VEOD2BWLUV Is this due to the Return-Path: or is badmailfrom not behaving? It is due to the Return-Path; badmailfrom works on the envelope-sender, not the From: header. Vince.
Re: open relay
On Tue, Jun 26, 2001 at 03:50:20PM +0530, C P wrote: we are having problem regarding open relay. the tcp.smtp file looks like 20x.xx.xxx.x:allow,RELAYCLIENT= 127.0.0.1:allow,RELAYCLIENT= tcp server has been started as tcpserver -x /etc/tcp.smtp.cdb -u 501 -g 2108 0 smtp /var/qmail/bin/qmail-smtpd where uid and gid of qmaild are 501 and 2108 the problem is that even after running tcpserver it's allowing open relay... what could be the possible reasons Did you run tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.cdb.tmp /etc/tcp.smtp ? Does control/rcpthosts exist? Vince.
Re: open relay
On Tue, Jun 26, 2001 at 12:58:22PM +0100, Tanuj Shah wrote: Use something like this: 127.0.0.1:allow,RELAYCLIENT= 20x.x.x.:allow,RELAYCLIENT= :DENY I just presume it's because there's no ':DENY' which blocks all else. No, that will refuse connections from everywhere except the hosts explicitly allowed. While this is a valid configuration, it will not work for servers that are expected to receive email from the Internet. Vince.
Re: Alter bounce messages?
On Tue, Jun 26, 2001 at 04:19:53PM -0700, Amanda wrote: Who can tell me how to alter the bounce messages in the qmail-send file without blowing it up? Edit qmail-send.c . I tried hexeditor, but I musta not done a very good job. Ouch. Are you sure you're qualified to adminster a mailserver responsibly? Vince.
Re: OT: RBL false positives (Follow-up from: Spam IP master list?)
On Thu, Jun 21, 2001 at 02:09:31PM -0400, Roger Merchberger wrote: [...] My main concern is rejecting real email using RBL... I recall hearing folks having problems with that in the past. Has RBL improved on the false positives problem? There is no such thing as an RBL false positive; any collateral damage (rejecting real email) is fully intentional. The RBL is a political tool, not a technical one. Rejecting email because of an RBL listing tells the sender: The owner of the host you sent this email through (which may be you) has refused to adopt minimal standards for responsible email interaction on the Internet. We do not accept mail fro such hosts. Vince.
Re: OT - Problems with daemontools 0.70
On Mon, May 14, 2001 at 11:38:54AM -0500, Michael Geier wrote: I had no problems with installing this package until today... in make: ./compile tai64nlocal.c tai64nlocal.c: In function `main': tai64nlocal.c:54: warning: assignment makes pointer from integer without a does anyone know why this might be crashing??? Many people know. See, for example: URL:http://marc.theaimsgroup.com/?l=logm=98874659608501w=2 or URL:http://marc.theaimsgroup.com/?l=logm=98868025514431w=2 or URL:http://marc.theaimsgroup.com/?l=logm=98756905027969w=2 (they're all the same answer). Vince.
Re: ScanMail Message: To Recipient virus found and action taken.
On Mon, Apr 23, 2001 at 10:36:44AM -0400, Alex Pennace wrote: Am I the only one that finds it ironic that a list for a Unix MTA is plagued by a Windows mail trojan and a mail scanner eager to tell recipients about the disposition of the message? Not likely, although you mispelled 'a bunch of scanners'. Warning to recipient. ScanMail detected a virus in an email attachment and has been removed! If this mail is from Internet, the sender don't know his/her mail consists of virus and has been removed. Please ask the sender to clean and re-send. ScanMail is broken. That's ok. According to the above, it's been removed. Vince.
Re: Tcpserver
On Tue, Mar 27, 2001 at 04:34:04AM -0500, Robin S. Socha wrote: Keep in mind that a) this is not a support forum Huh? URL:http://cr.yp.to/djb.html * qmail support questions. Send them to the qmail mailing list instead. Maybe you're getting carried away a bit. If this list is not a support forum for qmail, what _is_? Vince.
Re: Tcpserver
On Tue, Mar 27, 2001 at 06:22:58PM +0530, Sumith wrote: Thanks Vincent! Mr. Robin is trying to discourage newbies like me from asking for help. No, he's not. FWIW: I agreed with most of what Robin wrote, but to claim that this is not a support forum for qmail is simply wrong. Vince.
Re: redundant mail servers
On Fri, Mar 23, 2001 at 11:01:51AM -0500, Russell Nelson wrote: Gopi Sundaram writes: I'm reluctant to move to Maildir until we can get more MUAs to support them (specifically Pine and Netscape). Wrong idea. Never expose your mailboxes to your users. Always use a virtual mailbox system -- either pop3 or imap. Why? Vince.
Re: qmail-send dependent on log?
On Thu, Mar 22, 2001 at 12:36:16PM +0530, Sumith wrote: Hello No deliveries were happening on our qmail server, since I changed the qmail/log/run file installed from qmail rpms to that required by "isoqlog" (qmail-loganalyzer) #!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t !isoqlogappend ./main Mails started coming in once I reverted back to the original log file. What went wrong, does qmail-send require proper log files to deliver the mails. From URL:http://cr.yp.to/daemontools/multilog.html: Note that running processor may block any program feeding input to multilog. If isoqlogappend blocks; multilog blocks, which blocks qmail-send. Vince.
Re: Repeated Identical Messages
On Thu, Mar 15, 2001 at 09:06:45AM -0800, Greg White wrote: On Thu, Mar 15, 2001 at 11:39:38AM -0500, [EMAIL PROTECTED] wrote: FWIW We see this very, very, very rarely. I've never seen it in email from this list. Funny -- I just got this one twice. ;) In this case, [EMAIL PROTECTED] was listed in both To: and Cc:. Vince.
Re: qmail-pop3d bug
On Sun, Mar 11, 2001 at 07:37:06PM +, Mark Delany wrote: [...] A more sensible strategy might be to introduce a new "info" flag (say '3' equals POP wire size) on the filename, eg, a 10,000 byte email has a name something like this: Maildir/new/980195114.16740.geex:2,RS3,1 From reading URL:http://cr.yp.to/proto/maildir.html, it is not clear to me that this would be the proper format for such an 'info' extension. I would worry that MUAs and other software dealing with maildir (scripts!) would expect info semantics in the 2, series to be at the end of the filenames. Optimally the wire-size is calculated when the mail is written to Maildir/tmp/ and then applied as an "info" flag when the file is moved to Maildir/new/. A possible complication with this approach is that my reading of Maildir infers that "info" can only be set when the file moves from Maildir/new/ to Maildir/cur/. No, this is not what that document says. It says "When you move a file from new to cur, you have to change it's name [...]" You *have* to change the name when the file move from new/ to cur/ , but there is no specification of other cases; in fact, lots of MUA's will change info when the file has been in cur/ for a while: mutt, for example, moves the file from new/ to cur/, adds :2, and only modifies that to be 2,S after the user has read the message (it is no longer 'N'ew). Vince.
Re: qmail-pop3d bug
On Mon, Mar 12, 2001 at 11:03:33AM +, Mark Delany wrote: To me that implies that a file in new cannot have an "info" section. You're right. I didn't think the original point throuhgh. Regards, Vince.
Re: qmtp and spammers.
Faried Nawaz writes: QMTP may be faster than SMTP for sending mail, but it seems less powerful in our spam-happy Internet era. I think you mean Dan's implementation is 'less powerful'; it has nothing to do with the protocol. Has anyone seen spam enter their network via qmail-qmtpd? Vince.
[OT] Re: Newbie: Which Dist Linux, Best?
SF writes: I have access to pretty much any dist and wanted to know what the opinion is on the most recommended distribution... I've heard Debian, FreeBSD, etc in other areas, but wasn't sure. I intend this box to be super secure with qmail (for multiple domains) and bind/dns running, thus I don't want the frills of an Xwin sys or any added visual toys, or to run a telnet or ftp server. I have learned how to login remotely using SSH and that's about all I need. Any Linux or FreeBSD system you install is going to suffer from your lack of Un*x systems administration experience. This is not a flame, it is a warning. You *must* be aware that the security of your system ends at the same place your knowledge of the system does. The fact that you appear to think that FreeBSD is a distribution of Linux and (especially this week) think you can run a 'super secure' server with BIND on it are good indicators. Fortunately, you do realize that security is vital for an Internet-connected system. My advice would be to pick a system, and experiment with it in a secure environment (ie: not internet-connected), and read as much as you can (books, online, discussion groups). You should not expose your systems to the world until you're confident that you *know* what the risks are. DJB develops his software on OpenBSD, and for a standard installation (no patches), one of the *BSDs is optimal (because of the filesystem sync issue). You should really be asking this question in a general Un*x newbie forum rather than here. Vince.
Re: mail loops back to me (MX problem?)
Michel Boucey writes: SYSERR(the_sender_on_the_machine): the_virtual_vpopdomain_on_the_machine. config error: mail loops back to me (MX problem?) Feb 1 14:56:28 yoda sendmail[23266]: OAA23264: to=toto@the_virtual_vpopdomain_on_the_machine, ctladdr=the_sender_on_the_machine (50011/50012), delay=00:00:00, xdelay=00:00:00, mailer=esmtp, relay=the_virtual_vpopdomain_on_the_machine. [xxx.xxx.xxx.xxx], stat=Local configuration error That's not a qmail log. help ! and thanks for help ... How could we help? Vince.
Re: ucspi-rss.diff
Mate Wierdl writes: Does this patch to rblsmtpd result in a dropin replacement to the original rblsmtpd? In other words, can I just use it as rblsmtpd -r rss.mail-abuse.org No, you use rblsmtpd -r 'relays.mail-abuse.org:Open relay problem - see URL:http://www.mail-abuse.org/cgi-bin/nph-rss?query=%IP%' This also answers your earlier question. Vince.
Re: Install went fine, but won't work
Miles Scruggs writes: Sorry if this is a repeat to the list but I just subscribed The install went just find but I have a problem 1.) I can't seem to to set the enviroment variable to allow me to have certain hosts relay. Below is the contents of my tcp.smtp 127.0.0.1:allow,RELAYCLIENT="" 192.168.1.:allow,RELAYCLIENT="" This allows anything in the 192.168.1.* subnet to relay through your host. 192.:allow,RELAYCLIENT="" This allows anything in the 192.* net to relay through your host. I'm sure you do not mean that. 65.193.90.:allow,RELAYCLIENT="" And I have a feeling yo do not mean this, either (all hosts in 65.193.90.*? Do you trust them all to relay through you?) :allow Then I ran the tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp /etc/tcp.smtp And here is my tcpserver startup line which is in /var/qmail/supervise/qmail-smtp/run exec /usr/local/bin/softlimit -m 200 /usr/local/bin/tcpserver -v -p -x /etc/tcp.smtp.cdb -u 1003 -g 102 0 smtp rblsmtpd /var/qmail/bin/qmail-smtpd 21 You're only using rbl.maps.vix.com for rblsmtpd (since you don't supply any options). I have restarted smtpd just to make sure the changes took, I don't know if this is nessary or if they are on the fly. You do not need to restart tcpserver to activate changes to /etc/tcp.smtp.cdb. However, you're not telling us what the problem is; from which IP you're connecting to the smtpd, or what the error message was, or what the logs say. Can you connect to port 25 on that machine? Can you send mail to a user local to that machine (via smtp)? Vince.
Re: thanx so much, but ezmlm fatal: address does not contain @
[EMAIL PROTECTED] writes: thanx so much, but ^^ in command line I did it # ezmlm-sub /home/accounts/list/subscribers biz --biz is my address file name result -- "fatal: address does not contain @" Ezmlm-sub thinks 'biz' is the address you want to add. of course my "biz" file contains [EMAIL PROTECTED] [EMAIL PROTECTED] and so on. if you say exact command and arguments it 'll help me. The exact command was in the response, you just didn't follow it. Vince.
Re: alias account problem, pls help!
mok swee loong writes: [...] and i have no problem with all the alias accounts all this while. BUT one particular alias account does give me this weird problem! when someone send mail to this alias account - some of the users in this list will receive MULTIPLE copies of the same mail, and some dun receive any copy at all!! and in the log i found something suspicious: starting delivery 74: msg 32174 to local [EMAIL PROTECTED] status: local 1/10 remote 0/20 delivery 74: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/ status: local 0/10 remote 0/20 - obviously an alias account doesnt have any real maildir, any idea what could cause this error? What's in /home/vpopmail/domains/mydomainname.com/.qmail-aliasname? Are there no duplicates, and do all Maildirs exist and have correct permissions? - and this particular alias acount contains 65 entries, is the biggest alias in my setup, could this be a problem? Only to manage them. If you have that many subscribers you might want to look into using ezmlm-idx with vpopmail. Vince.
Re: daemon mode VS tcpserver
Linux writes: Hi all. I have a heavly hit mail server with qmail. It's better to use qmail in DAEMON MODE or using TCPSERVER ? Can anyone give me and advice??? I'm not sure what you mean by 'daemon mode'. Qmail-smtpd needs tcpserver or inetd to supply it with tcp connections; it cannot run independently. DJB recommends running qmail-smtpd from tcpserver, not inetd.` Vince.
Re: www.abuse.net test and mail Qmail server - Help
Roberto Samarone Araujo \(RSA\) writes: I saw that message but, I was worried ... The default installation of qmail block spam ?? I set up rblsmtp but, I don't know how to use it right .. I'd like to block some emails using rblsmtp. I created tcp.smtp and put some rules there but, I don't know how to put a specific rule to rblstmp ... Does anyone know any rblsmtp tutorial ?? Yes. It comes with the distribution. There's also several useful links at www.qmail.org. For your smtp-accepting qmail host not to be an open relay, you must meet (at least) the following conditions: 1. control/percenthack is empty and/or does not exist 2. control/rcpthosts exists. 3. In your tcprules file for the tcpserver you use for rblsmtpd or qmail-smtpd, you have RELAYCLIENT="" *only* for IP addresses which are supposed to relay through your server. If you do not meet any of these, your server will relay. If you do not understand the statements above, you should go back to the documentation and ask for clarification on the specific statements you do not understand. Vince.
Re: badmailfrom
Matthew Harrell writes: ` : : Instead, you might want to prohibit mail from : :200.189.209.130 : : instead. Of course this will stop all mail from that IP address and : you might want that other mail. : I've got a question about this. I still get mail from an old work address and occasionally get spam from that address. tcp.smtp seems to only deny mail from the machine directly sending to you - do you know a way to drop mail that's been passed through a trusted server? Yes. Configure the 'trusted' server to block mail from that host. If you can't do that, use procmail (with a recipe that parses Received: lines). Vince.
Re: I'm SO AFRAID!!, NO BODY KNOW RBLSMTPD WORKS????
[EMAIL PROTECTED] writes: I'm asking the following several time the following questionNO RESPONSE NO RESPONSE. Is there is really somebody already using rblsmtpd? Many qmail users use rblsmtpd. I'm running rblsmtpd, according to the response of [EMAIL PROTECTED] my RBL is working. Problem: if any machine in my sub-network (10.1.7.* having it's MAC, DNS) bombarding me all messages are delivred to my mail server. The sub-network of my mail server is 10.1.6.* with differents MAC, DNS, but using the same local router with the first sub-network to go internet. Apparently you have not understood the purpose of RBL and lists like it (and the purpose of rblsmtpd to use them). The RBL is a list of IP addresses that belong to known spammers or spam supporters. RSS is a list of mailservers that are open to relay and have relayed actual spam. DUL is a list op dialup IP-addresses that should be sending email through their providers mail server. What rblsmtpd does with this is to check if $TCPREMOTEIP (the ip address of the SMTP client connecting to your mailserver) is on the lists you have configured. If it is, it will not start qmail-smtpd, but instead carry out a limited SMTP conversation just to (permanently or temporarily) reject that particular email from that particular host. This is what rblsmtpd does, and it is all rblsmtpd does. The addresses you refer to (10.*) are private address space, so these addresses will never appear on the rbl. In most rblsmtpd configurations, you will have your local address space excluded from RBL checking. It appears you think rblsmtpd would help you if a host inside your network started spamming. It will not. Vince.
Re: Help with setting up qmail
Amar writes: Here is the output [of qmail-showctl] qmails7389 0.0 0.3 1096 384 pts/3S02:17 0:00 qmail-send qmaill7390 0.0 0.3 1068 412 pts/3S02:17 0:00 splogger qmail root 7391 0.0 0.2 1056 328 pts/3S02:17 0:00 qmail-lspawn |pre qmailr7392 0.0 0.2 1056 328 pts/3S02:17 0:00 qmail-rspawn qmailq7393 0.0 0.2 1048 344 pts/3S02:17 0:00 qmail-clean root 7410 0.0 0.3 1164 420 pts/3S02:18 0:00 grep qmail This looks like you're not running qmail-smtpd (but if you use inetd, it wouldn't show). What do you have for smtp in inetd.conf? Did you HUP inetd? Does netstat -ta show a line for smtp[1]? Can you telnet to port 25 on your machine? What happens? (see step 16 an 17 in the INSTALL file) What did you do when executing the tests in TEST.receive? Vince.
Re: Limit outgoing messages
Charles Cazabon writes: Ari Arantes Filho [EMAIL PROTECTED] wrote: Is it possible to limit only outgoing messages? I so databytes, but I only want to limit the messages that my users send, not receive. [...] Use tcpserver to set the DATABYTES variable on a per-IP basis. Set it to some limit for your user's IP addresses (or localhost, if they're injecting via SMTP), and to 0 for the rest of the net at large. Hm. That would work for outgoing messages via SMTP. I guess a (perl?) wrapper around qmail-inject that looks at the size of stdin would work for local users. Vince.
Re: Frustrated, please help.
Louis Mushandu writes: All, I cannot get qmail to accept messages from the outside, i posted a missive before and the replies that I got whilst swift and appreciated have not resolved by problem. The recieved error message is Hi. This is the qmail-send program at mail.mongrel.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: Sorry. Although I'm listed as a best-preference MX or A for that host, it isn't in my control/locals file, so I don't treat it as local. (#5.4.6) (same error message as before) I was using ./Maildir/ but I have now changed to Mailbox in desperation. My locals files is populated with mail.wonder.com, but still no cigar for me. Did you send qmail-send a HUP signal, or restart it? man qmail-send mentions that a HUP signal will cause qmail-send to reread locals and virtualdomains. Vince.
Re: Webmail utility for Qmail
[EMAIL PROTECTED] writes: Dear all, Will any one of u pls tell me the simple webmail utility available designed specially for qmail( not uses any database ). Pls mention few of them. Sqwebmail: URL:http://www.inter7.com/sqwebmail/ Designed specifically for systems using _maildir_, including qmail. Vince.
Re: linuxpeople thread
On Wed, Sep 13, 2000 at 03:22:17PM -0400, Peter Green wrote: [...] Finally, if you *still* had questions on the RPM install (sorry I'm harping on it, but I've used it extensively, what the rpm? Yes, Bruce Guenter's qmail+patches RPM. Note that the qmail RPM's that are linked to at the top of URL:http://www.qmail.org/top.html are in fact the "Memphis" RPMs. Vince.
Re: SMTP in distributed DOS
At 11:04 AM 2/20/00 -0800, Dirk Harms-Merbitz wrote: SMTP bounces can be used in yet another form of Denial Of Service attack. This is nothing new. Just imagine what happens when some script kiddie uses a few ten thousand trojaned cable/dsl connected home computers to send email to tens of thousands of domains and they all bounce back to your mail server! Those hosts would need to be open relays. Why don't we all just turn SMTP bounces OFF? Like return-receipts, the information content in bounces is very low. I disagree. If my domainname is being forged in a spam, I'd like to know about it. Bounces will get to me hours before any of the complaints do. A database would be much more efficient if you just want to know wether an email address is spelled correctly. Resending the entire message after adding a few hundred bytes is just idiotic. Escpecially if the attacker only has to send one message to generate 100 bounces. I don't see how 'a database' would solve this problem. How would a sending mailserver know who to ask? And what would it do when the emailaddress doesn't exist? We are currently seeing this first hand: Our real mail.power.net is at 207.151.19.8. The attacker is sending individualized emails with faked headers that contain "mail.power.net (unverified [209.26.14.22])". The recipient computers are dumb enough to send their bounces to the real mail.power.net. You don't show the return-path, but they're also forging From:, and one of those is causing your bounces, not the Received: line. This is a DOS because the innocent mail server a) gets millions of bounces and Agreed. Relay-rape is criminal. b) might get black listed on various "anti-spam" lists. Any admin that would blacklist mail.power.net on the basis of the header below might as well turn SMTP off altogether. Blocking the open relays used in the spam will alleviate some of the load; mee.yjapt.co.kr is in RSS and ORBS. Dirk Received: from mail.power.net (unverified [209.26.14.22]) by mee.yjapt.co.kr (EMWAC SMTPRS 0.83) with SMTP id [EMAIL PROTECTED]; Mon, 21 Feb 2000 01:20:18 +0900 Message-ID: [EMAIL PROTECTED] From: [EMAIL PROTECTED] [EMAIL PROTECTED] Bcc: Subject: Private Consultants Needed for Venture Capital Firm Date: Mon, 30 Mar 1998 10:04:48 -0400 (EDT) Vince.
Re: init script svc issue
At 11:19 AM 1/2/2000 -0800, you wrote: At LWQ 2.8.5, I ran into a problem where I couldn't get sv to do anythign useful with QMail. I'm certain this is a pretty boneheaded mistake, but for some reason, svc won't recognize the run scripts. For example, this is what I get. I include the first entry in the interest of being thorough. # svc -d /var/qmail/supervise/qmail-smtpd svc: warning: unable to control /var/qmail/supervise/qmail-smtpd: file does not exist I've seen this when daemontools-0.53 was in the path before daemontools-0.61. Vince.
Re: Daemontools.61 initscripts?
At 12:47 AM 27/1/2000 +0100, you wrote: At 03:22 PM 26/1/2000 -0800, Bill Rogers wrote: Installing qmail and thought it would be a breeze just to install daemontools and use old scripts. WRONG. Could someone point me to some standard qmail-* scripts using daemontools .61 I wouldn't call them 'standard', but I've been working on some flexible scripts for both qmail and dnscache. ... well, anything you want to run with daemontools, really. If you're interested, drop me a line and I'll document them and make them available somewhere. Its is at URL:http://www.xs4all.nl/%7Evinces/software/daemontools-iniscripts.html Please direct your comments directly at me. Thanx, Vince.
Re: Daemontools.61 initscripts?
At 03:22 PM 26/1/2000 -0800, Bill Rogers wrote: Installing qmail and thought it would be a breeze just to install daemontools and use old scripts. WRONG. Could someone point me to some standard qmail-* scripts using daemontools .61 I wouldn't call them 'standard', but I've been working on some flexible scripts for both qmail and dnscache. If you're interested, drop me a line and I'll document them and make them available somewhere. Vince.
Memphis RPMS?
Has anyone been able to reach Mate's site of RPMs recently? FTP connects but times out. Alternatively, does anyone have a copy of his installation instructions? Thanks, Vince.
