Re: FYI: FreeBSD 4 and alternate MTAs
On Sat, Mar 18, 2000 at 04:43:26PM -0500, Chris Johnson wrote: FreeBSD 4 is starting to play nice with alternate MTAs. Maybe other systems have had this feature for hundreds of years, but FreeBSD has a new thing that lets you define your MTA and related programs in /etc/mail/mailer.conf; it no longer assumes that everyone uses sendmail. /usr/sbin/sendmail, /usr/bin/mailq, et al are all symlinks to /usr/bin/mailwrapper, which runs the programs you define in /etc/mail/mailer.conf. It's very nice, and does away with the ugly symlinks. I thnk I saw something similar in OpenBSD, and yes, I think this rocks. I about to set up a cluster of FreeBSD 4-qmail boxes so this saves me some trouble... Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: QMAIL Spam and queue handling
On Sun, Mar 19, 2000 at 11:08:25AM +0100, Christophe Lesur wrote: Hi ! This last week, my qmail server was in trouble : One of my user have misconfigured a computer, so that the computer's security scanner mail it a report every second... :((( All was fine because qmail is solid rock software but, the rcpt domain's relayed by my qmail was unable to handle the 79077 mails in 3 days and crash with no warning (it's a TFS SMTP 4 on NT server... Beurk). So qmail start to store all domain's mail (valid and scanner's report). When the TFS restart, the qmail's queue stored about 7000 mails. So this is my questions : HOW TO SELECTIVELY DELETE A LOT OF MESSAGE IN THE QUEUE? Ok, one that might work: Route the domain to 127.0.0.1 in smtproutes create a virtualdomain for it to deliver to nowhere (just a '#' in the .qmail file) No guarantees! :) Note that this will destroy _all_ mail for that domain, including the valid mail for that domain. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: postal
On Sat, Mar 18, 2000 at 12:33:04PM -0500, Russell Nelson wrote: I saw this program announced on Freshmeat today: http://www.coker.com.au/postal/ I intend to use this set of programs to do benchmarking of qmail with and without some patches (like the big-todo patch, and SuSE 16-bit concurrency patch), on Linux and FreeBSD (to see which scales better) over the next 2 months. I will try to get some meaningful results to post to y'all. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
OE4/5 fix
My friend reports: 'increase the smtp server timeout in outlook' (Tools-Services-Internet mail-Advanced). Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: TCPRULES help
On Tue, Mar 14, 2000 at 07:09:59PM +0300, Anand Buddhdev wrote: On Tue, Mar 14, 2000 at 04:43:30PM +0100, Petr Novotny wrote: I would like to add the following to my tcp.smtp file for tcprules: .domain.com:allow,RELAYCLIENT="" My question is can you use domain names with tcprules, or does it have to be IP addresses. In the man page all expamples use Ips and not domains. It has to be IP address. With the new tcpserver v 0.86, you can use hostnames. See the documentation. I have patched tcpserver 0.84 for domainnames and domain wildcards, attached patch is it. This might not be useful anymore since 0.86 now does do domainnames, but for those who do not want to upgrade for whatever reason, here it is. NOTE: this patch has only been tested very lightly, and one other guy looked at it but never tested it. No guarantees. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++ diff -ruN ucspi-tcp-0.84/Makefile ucspi-tcp-domrules/Makefile --- ucspi-tcp-0.84/Makefile Thu Nov 12 06:32:01 1998 +++ ucspi-tcp-domrules/Makefile Tue Dec 21 14:30:38 1999 @@ -397,6 +397,7 @@ man: \ tcpclient.0 tcpserver.0 tcprules.0 tcprulescheck.0 tcp-environ.0 \ +tcpdomrules.0 tcpdomrulescheck.0 \ who@.0 date@.0 finger@.0 http@.0 tcpcat.0 mconnect.0 fixcr.0 addcr.0 \ delcr.0 argv0.0 recordio.0 error.0 error_str.0 alloc.0 case.0 cdb.0 \ env.0 fd_copy.0 fd_move.0 getln.0 getln2.0 sgetopt.0 subgetopt.0 \ @@ -448,6 +449,7 @@ prog: \ tcpclient tcpserver tcprules tcprulescheck who@ date@ finger@ http@ \ +tcpdomrules tcpdomrulescheck \ tcpcat mconnect mconnect-io fixcr addcr delcr argv0 recordio rts recordio: \ @@ -513,7 +515,9 @@ date@.1 date@.sh finger@.1 finger@.sh http@.1 http@.sh tcpcat.1 \ tcpcat.sh mconnect.1 mconnect.sh mconnect-io.c delcr.1 delcr.c \ addcr.1 addcr.c fixcr.1 fixcr.c tcpserver.1 tcpserver.c tcprules.1 \ +tcpdomrules.1 \ tcprules.c tcprulescheck.1 tcprulescheck.c tcp-environ.5 recordio.1 \ +tcpdomrules.c tcpdomrulescheck.1 tcpdomrulescheck.c \ recordio.c argv0.1 argv0.c rts.sh rts.tests rts.exp conf-cc conf-ld \ find-systype.sh trycpp.c warn-auto.sh INSTALL hier.c conf-home \ auto-str.c auto_home.h install.c instcheck.c substdio.h substdio.c \ @@ -757,30 +761,62 @@ stralloc.a substdio.a alloc.a error.a open.a seek.a str.a \ fs.a +tcpdomrules: \ +load tcpdomrules.o cdbmss.o cdbmake.a getln.a strerr.a stralloc.a \ +substdio.a alloc.a error.a open.a seek.a str.a fs.a + ./load tcpdomrules cdbmss.o cdbmake.a getln.a strerr.a \ + stralloc.a substdio.a alloc.a error.a open.a seek.a str.a \ + fs.a + tcprules.0: \ tcprules.1 nroff -man tcprules.1 tcprules.0 +tcpdomrules.0: \ +tcpdomrules.1 + nroff -man tcpdomrules.1 tcpdomrules.0 + tcprules.o: \ compile tcprules.c strerr.h stralloc.h gen_alloc.h getln.h substdio.h \ subfd.h substdio.h exit.h fmt.h byte.h cdbmss.h cdbmake.h uint32.h \ substdio.h ./compile tcprules.c +tcpdomrules.o: \ +compile tcpdomrules.c strerr.h stralloc.h gen_alloc.h getln.h substdio.h \ +subfd.h substdio.h exit.h fmt.h byte.h cdbmss.h cdbmake.h uint32.h \ +substdio.h + ./compile tcpdomrules.c + tcprulescheck: \ load tcprulescheck.o cdb.a stralloc.a alloc.a strerr.a substdio.a \ error.a str.a open.a ./load tcprulescheck cdb.a stralloc.a alloc.a strerr.a \ substdio.a error.a str.a open.a +tcpdomrulescheck: \ +load tcpdomrulescheck.o cdb.a stralloc.a alloc.a strerr.a substdio.a \ +error.a str.a open.a + ./load tcpdomrulescheck cdb.a stralloc.a alloc.a strerr.a \ + substdio.a error.a str.a open.a + tcprulescheck.0: \ tcprulescheck.1 nroff -man tcprulescheck.1 tcprulescheck.0 +tcpdomrulescheck.0: \ +tcpdomrulescheck.1 + nroff -man tcpdomrulescheck.1 tcpdomrulescheck.0 + tcprulescheck.o: \ compile tcprulescheck.c substdio.h subfd.h substdio.h strerr.h \ stralloc.h gen_alloc.h alloc.h cdb.h uint32.h ./compile tcprulescheck.c + +tcpdomrulescheck.o: \ +compile tcpdomrulescheck.c substdio.h subfd.h substdio.h strerr.h \ +stralloc.h gen_alloc.h alloc.h cdb.h uint32.h + ./compile tcpdomrulescheck.c tcpserver: \ load tcpserver.o ip.o ipalloc.o dns.o remoteinfo.o timeoutconn.o \ diff -ruN ucspi-tcp-0.84/tcpdomrules.1 ucspi-tcp-domrules/tcpdomrules.1 --- ucspi-tcp-0.84/tcpdomrules.1Thu Jan 1 01:00:00 1970 +++ ucspi-tcp-domrules/tcpdomrules.1Tue Dec 21 14:26:44 1999 @@ -0,0 +1,208 @@ +.TH tcpdomrules 1 +.SH NAME +tcpdomrules \- compile domain rules for tcpserver +.SH SYNOPSIS +.B tcpdomrules +.I domrules.cdb +.I domrules.tmp +.SH OVERVIEW +.B tcpserver +optionally follows rules to decide whether a TCP connection is acceptable. +For example, a rule of + +.EX +
Re: OE 4/5 smtp timeouts
On Tue, Mar 14, 2000 at 04:46:10PM -0500, Paul Farber wrote: Hello all, Having one heck of a time with Outlook Express 4/5 timeing out when sending mail. Does it give errors like 'missing transport agent' or something similar? If yes, I've seen your problem and I know someone who fixed it. If no, I have said nothing :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: .qmail-root setup
On Tue, Mar 14, 2000 at 03:53:27PM -0600, Aaron Goldblatt wrote: I'd appreciate any pointers to legible documentation, etc., or a how-to on how to fix. Having spent the past five hours searching various archives (egroups.com and ornl.gov), etc., and haven't gotten anywhere useful, so here we go. I've bogus-ized the addresses, but yes, they are all valid in my real life setup. Don't do that. We can't help you if you do. Tell us the truth. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: 2nd qmail-server
On Mon, Mar 13, 2000 at 06:47:41PM +0100, Jan Stifter wrote: hi all, i have a qmail-server, which handles mails for a small company. i would like to setup a second mail-server, with an MX record with lower priority as the first one, so that if the first fails, the second one will receive the mails. after the first one is alife again, the second one should deliver him the received mails. Put it in DNS as you describe here. Put nothing in control/locals, and put all domains you want to fallback for in control/rcpthosts. Done. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Spamming control fails with badmailfrom file
On Fri, Mar 10, 2000 at 10:09:30AM +0100, Antonio Navarro Navarro wrote: 2.- Reject all mail that comes from an specific mail server. This one (misnumbered, btw) could be done with your tcpserver access lists. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: virtual dom: someone else rewriting To header!
On Tue, Mar 07, 2000 at 04:03:31PM -0800, Bryan Curnutt wrote: I'm hoping this is off-topic... I'm using fastforward to try to handle virtual domains, and it seems to be working from everywhere except from my ISP... It turns out that my ISP has sendmail configured to rewrite the "To" header using the canonical domain name, i.e. if the mail is sent to "[EMAIL PROTECTED]" and there's an MX record like this virtual.my.domain IN MX 10 canonical.my.domain then the mail is rewritten to be addressed to "[EMAIL PROTECTED]" instead of to "[EMAIL PROTECTED]". It can't be stressed enough: whenever possible, report real domain and hostnames. This will help people figure out your problem. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: virtual dom: someone else rewriting To header!
On Tue, Mar 07, 2000 at 04:03:31PM -0800, Bryan Curnutt wrote: [snip setup] dunkdunk.dev.salu.com has an MX record pointing to web.dev.salu.com. Also an A record pointing to the same IP as web.dev.salu.com (formerly a CNAME record pointing to web.dev.salu.com, temporarily changed to an A record to see whether it made any difference). Well, the CNAME is breaking a couple of rules here: - never have a CNAME and one or more other records on the same hostname - never send mail to a CNAME - never have a MX be a CNAME itself. I think the problems with the A record are related to nameserver cache refresh timeouts. Also, sendmail indeed does rewriting on a CNAME, which might be an explanation. Actually, qmail does that too. It's an RFC rule. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: virtual dom: someone else rewriting To header!
On Wed, Mar 08, 2000 at 01:51:15AM +0100, [EMAIL PROTECTED] wrote: On Tue, Mar 07, 2000 at 04:03:31PM -0800, Bryan Curnutt wrote: I'm hoping this is off-topic... I'm using fastforward to try to handle virtual domains, and it seems to be working from everywhere except from my ISP... It turns out that my ISP has sendmail configured to rewrite the "To" header using the canonical domain name, i.e. if the mail is sent to "[EMAIL PROTECTED]" and there's an MX record like this virtual.my.domain IN MX 10 canonical.my.domain then the mail is rewritten to be addressed to "[EMAIL PROTECTED]" instead of to "[EMAIL PROTECTED]". It can't be stressed enough: whenever possible, report real domain and hostnames. This will help people figure out your problem. I apologize. That data was in the rest of your mail. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Slightly OT: Bcc - who is repsonsible
On Mon, Mar 06, 2000 at 03:29:06PM +0100, Markus Stumpf wrote: Hoi folx, just had a discussion with a support person. Their MUA is not deleting Bcc: Lines from the header. They claim it's within the repsonsibility of the MTA to look at the headers and "do the right thing". IMHO this is wrong. However all I could find about it was RFC1123 section 5.2.1, which says the MUA should construct envelope fields for the SMTP protocol. Who's right? Any references? Any MTA that touches headers (apart from adding Received: and Delivered-To: lines and the like - ON TOP!) is broken. Therefore, you are right :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Slightly OT: Bcc - who is repsonsible
On Mon, Mar 06, 2000 at 09:15:22AM -0600, Bruno Wolff III wrote: On Mon, Mar 06, 2000 at 03:29:06PM +0100, Markus Stumpf [EMAIL PROTECTED] wrote: Hoi folx, just had a discussion with a support person. Their MUA is not deleting Bcc: Lines from the header. They claim it's within the repsonsibility of the MTA to look at the headers and "do the right thing". IMHO this is wrong. However all I could find about it was RFC1123 section 5.2.1, which says the MUA should construct envelope fields for the SMTP protocol. Who's right? Any references? I think it is useful to consider there as being three types of mail programs instead of just two. There MTAs, MUAs and injection programs. I believe it is the injection programs' responsibility to strip bcc headers. The issue is a bit confused by sendmail, becuase the same binary runs in different modes as both an MTA and an injection program. I agree, this changes my original stand a little bit in that indeed _injection_ programs should strip Bcc's. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: question
On Mon, Mar 06, 2000 at 03:38:37PM -0700, Joel Dudley wrote: What does a text mean when it is referring to dot-qmail processing? What are dot-qmail files and what is in them??? Thanks. man dot-qmail Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Message 252 revisited
On Thu, Mar 02, 2000 at 09:35:02AM -0400, Shera wrote: Hello, [snip] secure system possible. There are times that I need to vrfy users from remote and in the past the easiest and only form I knew was through the smtp server, but now using qmail it is impossible. I would just like to understand why qmail does not allow this to be an option as in sendmail. It's the qmail design that makes it impossible - qmail-smtpd (which, obviously, handles SMTP :) has no knowledge of users, because it doesn't need to. Allowing vrfy would require massive patching. RFC --- RFC2505 February 1999 Category: Best Current Practice 2.11. SMTP VRFY and EXPN Both SMTP VRFY and EXPN provide means for a potential spammer to test whether the addresses on his list are valid (VRFY) and even get more addresses (EXPN). Therefore, the MTA SHOULD control who is is allowed to issue these commands. This may be "on/off" or it may use access lists similar to those mentioned previously. MTA SHOULD control. MTA does control. MTA says no :) Note that the "VRFY" command is required according to RFC821, [1]. The response can, though, be "252 Argument not checked" to represent "off" or blocked via an access list. This should be the default. This is what qmail does. Default for the "EXPN" command should be "off". Same here. RFC1123 MAIL -- SMTP RFC-822 October 1989 CNAME. 5.2.3 VRFY and EXPN Commands: RFC-821 Section 3.3 A receiver-SMTP MUST implement VRFY and SHOULD implement EXPN (this requirement overrides RFC-821). However, there MAY be configuration information to disable VRFY and EXPN in a particular installation; this might even allow EXPN to be disabled for selected lists. A new reply code is defined for the VRFY command: 252 Cannot VRFY user (e.g., info is not local), but will take message for this user and attempt delivery. This is what qmail uses. DISCUSSION: SMTP users and administrators make regular use of these commands for diagnosing mail delivery problems. With the increasing use of multi-level mailing list expansion (sometimes more than two levels), EXPN has been increasingly important for diagnosing inadvertent mail loops. On the other hand, some feel that EXPN represents a significant privacy, and perhaps even a security, exposure. The point in qmail isn't even privacy, or the security mentioned here. The whole point is that qmail-smtpd doesn't know about users because it doesn't have to. I hope that sorts it out for you. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: SMTP in distributed DOS
On Thu, Mar 02, 2000 at 01:49:32PM +, James Raftery wrote: On Thu, Mar 02, 2000 at 11:34:11AM -, Lorens Kockum wrote: No they do not need to be open relays. If they are qmail servers that is perfect for the purpose. Why? There is no appreciable gain. To be effective the attacker needs to send a small amount of traffic, which is amplified by a large factor and directed to the victim. Sending a 1K message to qmail with the intention of it bouncing to your victim yields a bounce with your original 1K message plus ~200 bytes of the QSBMF bounce message. If you get a 10K message to bounce, you yield 10K plus ~200 bytes. Those gains are too low to be useful. You're missing a point: the message is sent with a couple of 100 recipients. All these recipients will bounce the message - separately. There's your amplification :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: SMTP in distributed DOS
On Thu, Mar 02, 2000 at 08:03:04AM -0600, Bruno Wolff III wrote: On Thu, Mar 02, 2000 at 02:53:41PM +0100, [EMAIL PROTECTED] wrote: You're missing a point: the message is sent with a couple of 100 recipients. All these recipients will bounce the message - separately. There's your amplification :) This is a gain if you are sending the original message through a small pipe to a mail server that has better connectivity and will relay for you. Which is my point :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: SMTP in distributed DOS
On Thu, Mar 02, 2000 at 02:15:19PM +, James Raftery wrote: On Thu, Mar 02, 2000 at 02:53:41PM +0100, [EMAIL PROTECTED] wrote: You're missing a point: the message is sent with a couple of 100 recipients. All these recipients will bounce the message - separately. No it doesn't :) Try it (with qmail, of course) One message with failed deliveries results in *one* bounce message with a list of the failures enclosed. [See below] What you really want is to have one mailserver deliver your one mail to MXes for all those recipients, and then have those MXes bounce them _theirselves_ - because they're qmail-servers, for example :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: qmail-pop3d not conforming to RFC1939?!
On Tue, Feb 29, 2000 at 10:24:39AM -0500, Russell Nelson wrote: Markus Wuebben writes: Is this known? A complete description of the problem can be found at http://www.inter7.com/vpopmail/exploit.html Yes, it's known. The patch is still given using strlen(), though, which drags in the C library and makes qmail-pop3d gratuitiously bigger. Patching qmail-pop3d is just plain wrong. qmail-pop3d is completely ok, it's vpopmail that should be fixed. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: qmail-pop3d not conforming to RFC1939?!
On Tue, Feb 29, 2000 at 02:44:08PM +0100, Markus Wuebben wrote: Is this known? Yes. Is this true? No. A complete description of the problem can be found at http://www.inter7.com/vpopmail/exploit.html qmail is not at fault here. vpopmail is. qmail-pop3d indeed does not limit the username length, but the way I read RFC1939 it is the client which is not allowed to send a username over 40 characters. It is up to the server to handle these too long usernames. qmail-pop3d conforms to RFC1939 in that it allows usernames of up to 40 characters. That it also supports even longer usernames is not forbidden. vpopmail allows input (indirectly from a user) to overflow a buffer. That is a programming error, and a bad one too. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Qmail and OpenBSD et al.
On Tue, Feb 29, 2000 at 07:47:12AM -0800, [EMAIL PROTECTED] wrote: The OS would be OpenBSD 2.6, and it would help me if I knew from someone who has ever compiled Qmail on OpenBSD (... should be /usr/local/share?) and: Well, according to http://cr.yp.to, the author of qmail is running qmail on OpenBSD 2.6, so your chances are pretty good that it'll compile straight out of the box if you follow the instructions exactly. Last I heard there was one compile option that needed changing, it's in the archives, the person in question was 'Lourens Rozema', that might help you find it :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Will moving system time back lead to bad juju ?
On Sun, Feb 27, 2000 at 12:00:50AM +0800, Yusuf Goolamabbas wrote: Hi, One of my machines is out of sync by approx an 1.5 hrs (I thought there was ntpd running but it wasn't). It's ahead by 1.5 hrs This box runs a few moderated mailing lists and some unmoderated mailing lists. Thus the queue is not fairly full though there may be a a few messages in there due to remote hosts down or timeouts etc If I were to sync the clock via ntpdate/xntp. Will this lead to any bad juju. Under what conditions are time shifts acceptable/valid for qmail IIRC qmail will leave messages from the past in the queue, so any messages that look like they're "from the future" will stay in the queue unless they don't look that way anymore. Therefore, I think that any mail injected in the queue before you set your time back might experience a 1.5hr delay, any mail injected after the change will be just fine. I would just go ahead, but no guarantees from me :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Encryption and t-shirts
On Fri, Feb 25, 2000 at 04:25:47PM -0500, Greg Owen wrote: Or how about Front: "Don't queue mail with sendmail" Back: "Send mail with qmail" ROTFL. I'd buy that one. Count me in too! Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Encryption and t-shirts
On Fri, Feb 25, 2000 at 03:26:27PM -0600, [EMAIL PROTECTED] wrote: On Fri, Feb 25, 2000 at 04:16:05PM -0500, Dave Kitabjian wrote: Let's face it. We're not just fans of qmail, we're fans of djb. I think we need some t-shirts printed. Let's see: "I'm with djb" "cr.yp.to" Front: "Don't queue mail with sendmail" Back: "Send mail with qmail" i would (seriously) send someone a money order for any one of these. I don't like the 1st one, too little people would get it... The 3rd one is _very_ good, I'll shell out $25 anytime for that one. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Ok...just about to fire it up...a few questions
On Thu, Feb 24, 2000 at 05:18:18PM -0800, Jon Newman wrote: Thanks for those who replied to my last email, I got it working. Before I fire up qmail and replace sendmail (ew, sendmail sucks so I want to rid my life of it) I have a few more questions. 1) We have several domains which have addresses I would like to be forwarded to more than one local user (mail sent to [EMAIL PROTECTED] is sent to local user jblow and tom). I have seen in the FAQ how you can forward it to one person (nowhere.mil:bob), can I just add a comma and add the other local user to the list (nowhere.mil:bob,joe,etc)? No, instead, do nowhere.mil:alias-nowhere, and create ~alias/.qmail-nowhere containing the addresses (in the form 'user@domain'), one per line. 2) How can I tell qmail to allow relaying from certain domains (otherdomain.com, qmailrules.com, etc)? Either per subnet (from tcpserver), or based on rcpthosts (man qmail-smtpd). 3) We also have an alias for root going to several local users. How do I tell qmail to forward it to several people, and not just one (It looks like I have to setup a mailing list to do this, is there a better/quicker way I am overlooking)? Just put the forwards one per line in the .qmail file. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: databytes file?
On Wed, Feb 23, 2000 at 11:47:37AM +0200, TAG wrote: HI ALL, Sorry me again :) Can someone assist me in setting the databytes file so that it uses different values for different IP addresses?? You can set the DATABYTES variable from tcpserver, just like RELAYCLIENT. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: databytes file?
On Wed, Feb 23, 2000 at 12:46:44PM +0200, TAG wrote: Hi, OK - this means that I can add a line as follows into /etc/tcp.smtp : 192.168.1.:allow,DATA-INTERNAL="" and have a control/data-internal file with the databytes limit set?? No. Instead, try: 192.168.1.:allow,DATABYTES="1048576" Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Web gateway to pop mail
On Sat, Feb 19, 2000 at 06:23:16PM +, Marek Narkiewicz wrote: [snip] I'd love to discuss this with you but your lines are way too long making your mail virtually unreadable. Could you please repost in less than 80 columns? Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Bad Return-Path: Qmail bag?
On Tue, Feb 15, 2000 at 10:20:32AM +0100, Pavel Kankovsky wrote: On Tue, 15 Feb 2000, Ilya wrote: From: =?koi8-r?B?5/Xz8CBcIuLB28jMxcLP0NTJw8XQ0s/NXCI=?= [EMAIL PROTECTED] Qmail generate: Return-Path: "?Ó?? Á???ë?áî???ö???î? Gusp"@ufatel.ru Are you sure this piece of junk was generated by qmail? Return-Path: "?Ó?? Á???ë?áî???ö???î? Gusp"@ufatel.ru Received: (qmail 9238 invoked from network); 12 Jan 2000 04:21:21 - Received: from unknown (HELO rustam) (192.168.110.3) by ms.ufatel.ru with SMTP; 12 Jan 2000 04:21:21 - Message-ID: 000e01bf5cc5$50964000$036ea8c0@rustam From: =?koi8-r?B?5/Xz8CBcIuLB28jMxcLP0NTJw8XQ0s/NXCI=?= [EMAIL PROTECTED] The message was received via SMTP. The bogus return path was supplied by SMTP client (MS Outlook? oh, what surprise!). Hmm...yes, it is somewhat questionable whether it is a good thing that qmail is willing to accept such garbage at all and waste resources trying to deliver it (and be blamed for breaking it in the end). Well how would qmail decide that that address is potentially bogus? I don't know. That address is, even, potentially _valid_. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Qmail Majordomo
On Tue, Feb 15, 2000 at 01:41:13AM -0800, Russ Allbery wrote: Andrew Scott [EMAIL PROTECTED] writes: I have just switched my majordomo list over to a new host. I have found that when I subscribe a name and address together, e.g.: "Andrew Scott" [EMAIL PROTECTED] that there are problems sending out the mail. I have been told that the problem is that the host is using qmail instead of sendmail, and that qmail does not like to see names. It interprets the whole thing as one address. 1. Is this true? Yup. 2. If it is, is there a way around it (besides dropping the names from the list)? You would need to fix the program that's being used to send outgoing mail so that it strips the name out of the address before passing it to qmail. I don't know of anyone who's already done this work for the general case; my mjinject script handles it for the simpler case of: [EMAIL PROTECTED] (John Doe) though, and could probably be extended to handle the more general case. You can get it from ftp://ftp.eyrie.org/pub/software/majordomo/mjinject. I think djb's mess822 lib could help out a lot here... Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Bad Return-Path: Qmail bag?
On Tue, Feb 15, 2000 at 10:45:43AM +0100, Pavel Kankovsky wrote: On Tue, 15 Feb 2000 [EMAIL PROTECTED] wrote: Return-Path: "?Ó?? Á???ë?áî???ö???î? Gusp"@ufatel.ru Well how would qmail decide that that address is potentially bogus? I don't know. That address is, even, potentially _valid_. It is not. "ufatel.ru" has never been a valid domain name. And I hope it will never be a valid name. Hmm I was only looking at the part before the @. Indeed, this address is invalid. But qmail can hardly know that, apart from the at the end. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Bad Return-Path: Qmail bag?
On Tue, Feb 15, 2000 at 12:30:59PM +0300, Ilya wrote: Pavel Kankovsky wrote: On Tue, 15 Feb 2000, Ilya wrote: From: =?koi8-r?B?5/Xz8CBcIuLB28jMxcLP0NTJw8XQ0s/NXCI=?= [EMAIL PROTECTED] Qmail generate: Return-Path: " ? Gusp"@ufatel.ru Are you sure this piece of junk was generated by qmail? Return-Path is generated by server, not client! Return-Path is a direct copy of the SMTP 'MAIL FROM' part, which is supplied by the client. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Big and/or famous sites using qmail?
On Tue, Feb 15, 2000 at 10:39:28AM +0100, Jenny Holmberg wrote: Bruce Guenter [EMAIL PROTECTED] writes: On Wed, Feb 09, 2000 at 12:02:17PM +0800, Michael Boman wrote: Wouldn't it great if there was a list of big/famous sites that uses qmail as their MTA? I just compiled a list of these from searching through the qmail mailing list archives: [snip] Algonet (Sweedish ISP with 50,000+ users) Actually, Algonet is part of Telenordia, and has in all about 300,000 users or so. All mail is run on qmail, though we're now using the Bluetail Mail Robustifier as frontend for the qmail boxen. They make an extremely good, fast and stable combination. What does Bluetail Mail Robustifier do? Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Custom mail directories
On Tue, Feb 15, 2000 at 11:57:32AM +, John P. Looney wrote: I have all must users account details stored in an SQL database, not in /etc/password. I found the checkpassword program, and modified it so it fills out the requesite information, and it seems to be working, for POP mail. However, what do I do to allow qmail to *deliver* into the custom Mail directories ? Create users/assign from SQL. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Big and/or famous sites using qmail?
On Wed, Feb 09, 2000 at 10:38:54PM -0600, Bruce Guenter wrote: On Wed, Feb 09, 2000 at 11:55:04AM -0600, Bruce Guenter wrote: Wouldn't it great if there was a list of big/famous sites that uses qmail as their MTA? I just compiled a list of these from searching through the qmail mailing list archives: I've made a web page out of this. Check out http://em.ca/~bruceg/qmail-sites.html One correction: casema.net is dutch :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Big and/or famous sites using qmail?
On Wed, Feb 09, 2000 at 01:52:55PM -0500, Dave Sill wrote: Bruce Guenter [EMAIL PROTECTED] wrote: I just compiled a list of these from searching through the qmail mailing list archives: OneList Yahoo egroups InterNIC And Network Solutions, of course. I think he meant those :) RIPE (European research organiziation, I believe) RIPE is like ARIN, RIPE manages EU IP adress space. xoom.com (heavily modified) USA.net USA.net is not using qmail now, as far as I can tell. I thought they were using it for outgoing mail, just like hotmail. MatchLogic Algonet (Sweedish ISP with 50,000+ users) gmx.de (German ISP) NetZero Critical Path Add PayPal/Confinity and Red Hat. And hypermart.net, free hosting (lots of sites), casema.net (cable ISP in The Netherlands. They have a distributed setup based on LDAP). Also, my employer, vuurwerk.nl (web+mailhosting of 20-30.000 domains) will be migrating to qmail [my project] over the next months. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Big and/or famous sites using qmail?
On Wed, Feb 09, 2000 at 11:57:22AM -0800, Russ Allbery wrote: Bruce [EMAIL PROTECTED] writes: Not something to be proud of, as 2 days ago Jon Rust claimed in message v0421013fb4c4c040b1e4@[209.239.239.22] that Network Solutions runs an open relay. I think he was saying that they were on ORBS instead, wasn't he? There are lots of things on ORBS that aren't open relays; this is one of them (to my knowledge Network Solutions isn't actually relaying, only spamming their customer base on a depressingly regular basis). I have seen false positives on ORBS, but only due to cluelessness: ORBSing the insertion point of a relay-abusable setup instead of the machine that actually sends the mail out. But nothing more than that. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Big and/or famous sites using qmail?
On Wed, Feb 09, 2000 at 02:20:37PM -0800, Russ Allbery wrote: petervd [EMAIL PROTECTED] writes: On Wed, Feb 09, 2000 at 11:57:22AM -0800, Russ Allbery wrote: I think he was saying that they were on ORBS instead, wasn't he? There are lots of things on ORBS that aren't open relays; this is one of them (to my knowledge Network Solutions isn't actually relaying, only spamming their customer base on a depressingly regular basis). I have seen false positives on ORBS, but only due to cluelessness: ORBSing the insertion point of a relay-abusable setup instead of the machine that actually sends the mail out. But nothing more than that. It's not a false positive per se; I think I remember this one. MAPS refused to list Network Solutions for spamming due to the disruption it could cause with processing domain registrations, despite the fact that they *are* spamming, and ORBS said "well screw it, if you won't list them, we will." Or at least that's what's surfacing from the murky depths of my uncertain memory. I don't really think you remember this one, I administer the host that got falsely (as in 'host properly configured') listed. ORBS is not strictly an open-relay list. Hmm I see your point. Anyway, after the bugtraq-issue we removed ORBS from our servers.. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: LEAVE
On Wed, Jan 05, 2000 at 06:53:37PM +0100, Carles Latorre wrote: LEAVE No, I think I'll stay ;) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Filtering out email addresses with pipe symbol
On Mon, Jan 31, 2000 at 04:19:21PM -0500, Russell Nelson wrote: Charles Leeds writes: We were audited and one of the findings was that our qmail server allowed addresses with the pipe symbol in them, which was reported in our audit as a bad practice. Sounds like a good time to pick new auditors. I wholeheartedly agree. They stink. Really. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Linux kernel turning for mail performance?
On Tue, Feb 01, 2000 at 04:46:32PM -0500, Jeremy Hansen wrote: Is there any kernel sysctl or otherwise parameters suggested for performance using qmail on Linux? Open file handle limits, share memory, whatever? I have a goal to send at least 1 million emails in a 24 hour period from a single machine. The qmail-server I built recently has been benchmarked at 2-3million a day, with a stock redhat 1000fd kernel (it's on their ftp-site as an rpm). concurrencylocal/remote are both 255, machine hums along nicely. Most critical factor besides fd's is probably memory, and perhaps CPU. I think I had 512mbyte in this one and something along the lines of a PII-450. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: 451 DNS temporary failure (#4.3.0)
On Wed, Feb 02, 2000 at 01:40:36PM +0100, torben fjerdingstad wrote: A customer at sbi.dk has no luck delivering mail to mail.k.tera-house.ac.jp through our mail relay, mail.net.uni-c.dk. Currently there are 875 letters queued for a user @mail.k.tera-house.ac.jp. It has no MX, but an A record. mail.net.uni-c.dk has no trouble resolving it. I just tried to generate a bounce by writing to [EMAIL PROTECTED], but after three hours it has not appeared here. It is not an A record, it's a CNAME. That's not quite allowed. When reporting problems to the qmail list, at least try to be exact in your info ;) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: MIME
On Wed, Feb 02, 2000 at 09:12:16AM -0500, Jeff Russell, AIT wrote: Quick question? Does qmail support MIME? Why should it? Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: what makes ezmlm fast?
On Wed, Feb 02, 2000 at 11:08:41AM -0500, Dave Sill wrote: [EMAIL PROTECTED] wrote: On Tue, Feb 01, 2000 at 03:03:22PM -0500, Jeremy Hansen wrote: Can someone explain to me what exactly makes ezmlm fast? I would like to try to adapt some of its functionality and speed to a customized list processor. Thanks for any input. One word: qmail. Another word: cdb. MLM performance consists of two components: updating list databases, and sending message to subscribers. With ezmlm, the sending part is entirely the responsibility of the MTA (qmail). Maintaining the databases is ezmlm's job. Because ezmlm uses an indexed database format (cdb) it's able to do lookups much faster. ezmlm doesn't use cdb. It uses a directory-based hashing which is indeed much better than a flat list like majordomo uses, so you do have a bit of a point. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Linux kernel turning for mail performance?
On Wed, Feb 02, 2000 at 09:44:02AM -0500, Len Budney wrote: Jeremy Hansen [EMAIL PROTECTED] wrote: Is there any kernel sysctl or otherwise parameters suggested for performance using qmail on Linux? Open file handle limits, share memory, whatever? I have a goal to send at least 1 million emails in a 24 hour period from a single machine. The main suggestion has already been made: raise concurrencyremote to 255 and buy lots of memory. If money is not an object, you can also install several SCSI drives and stripe /var/qmail/queue across those disks. (Mount the filesystems with the "sync" option, for reliability.) Disk I/O is a potential queue bottleneck, especially on one-disk Linux boxen. Also, you might want to look for faster filesystems than ext2--but what, I'm not sure. I strongly _dis_recommend mounting ext2fs filesystems sync. The system I described earlier had _terrible_ performance at first, it turned out this was because I followed the FAQ and mounted it sync. Yes, mounting it async is bad for reliability, so decide for yourself. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Filtering out email addresses with pipe symbol
On Tue, Feb 01, 2000 at 12:43:59AM +0100, Martin Lesser wrote: "Charles Leeds" [EMAIL PROTECTED] writes: We were audited and one of the findings was that our qmail server allowed addresses with the pipe symbol in them, which was reported in our audit as a bad practice. IIRC this test is sendmail-specific. I.e. Nessus reports problems with the pipe symbol addressing (AFAIK was the pipe symbol important for mailing with uucp). The test results positive if the MTA accepts RCPT TO: |[EMAIL PROTECTED] I don't know whether other auditing tools use the same way, but in any case you won't have a problem with qmail - it delivers such false adressed mails to the postmaster. The pipe-symbol is not UUCP-related. The problem is that sendmail doesn't (or at least didn't) do enough checks on program delivery so that every once in a while a hole is found that allows remote users to do program delivery as root. Very old sendmails accept the '|blah@domain' syntax to have stuff executed. Perhaps the auditor doesn't know the qmail-features as well? The actual 'feature' that he's barfing on, is qmail not reporting 'User not found' when somebody mails to a non-existing/invalid address. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: mail to all@domain.com password protected
On Tue, Feb 01, 2000 at 08:19:20PM +0100, Marco Leeflang wrote: is it possible to secure mail to [EMAIL PROTECTED] with a password so only people who knows the user/password or just the password could mail to this emailaddress. .qmail-all will hold all users within this domain. i use vchkpwd/vpopmail with qmailadmin. i can use vpopbull , which works ok with plain text, but i also want send attachements to everyone. Where do you intend to put the password-check dialog? Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Blocking Spam in qmail?
On Tue, Feb 01, 2000 at 09:40:45AM -0800, Bill Parker wrote: Hello All, I have the following addresses which generate some periodic spam to my system: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] How does one go about dealing with this mess, as much as I would love to block the aol.com domain 8^), I can't do it cause we have customers who use AOL to get to our website..:( Put 'm in /var/qmail/control/badmailfrom p.s. - Where is the qmail book? (hint, hint) I went looking for it at ora.com yesterday, all I could find was 'second half of next year' in a message from 1998.. the book is late, therefore.. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: mail to all@domain.com password protected
On Tue, Feb 01, 2000 at 08:33:38PM +0100, Marco Leeflang wrote: First a pop validation and then mail to this account. First of all: don't Cc me, I'm on the list. Second: http://leerquoten.nijntje.net/ (Dutch). And then, to quote djb: 'What problem are you trying to solve?' Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: bogus mail from??
On Tue, Feb 01, 2000 at 12:25:01PM -0600, Ronny Haryanto wrote: Hi, I'm just wondering if MAIL FROM: in SMTP session is valid or not? From what I understand is that qmail Yes it's valid, it's actually even the required sender of a bounce. uses that to send bounce messages. However some sites (particulary ones using IMail v5) rejects that sender saying "501 bogus mail from". They suck. I don't care if the sender doesn't receive the bounce back, heck I tried to send bounce message but they rejects it. It's just annoying, especially if this is valid, not bogus. It is valid, and required, to prevent bounces bouncing :) I have contacted a rep from IMail, but no response. Here's the website: http://www.ipswitch.com/products/IMail_Server/index.asp It's ipswitch. It ends with .asp. I'm not touching that with a forty-foot pole (no don't start a holy war on me now :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: bogus mail from??
On Tue, Feb 01, 2000 at 01:47:22PM -0600, Ronny Haryanto wrote: On 01-Feb-2000, Adam McKenna wrote: This is _not_ an IMail problem. This is a user-configurable setting. If mail from is bouncing that means the admin of that site has chosen to enable that setting. (It might be the default, but I'm pretty sure it's not.) But if is valid, what is the reason to make this behaviour user-configurable in the first place? In other words, when is not valid? Never. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: bogus mail from??
On Tue, Feb 01, 2000 at 02:28:56PM -0600, Ronny Haryanto wrote: On 01-Feb-2000, Timothy L. Mayo wrote: On Tue, 1 Feb 2000, Ronny Haryanto wrote: On 01-Feb-2000, Adam McKenna wrote: This is _not_ an IMail problem. This is a user-configurable setting. But if is valid, what is the reason to make this behaviour user-configurable in the first place? In other words, when is not valid? It is being blocked because some SPAMers took advantage of the fact that the RFCs require bounce messages to use the envelope sender for error messages. It should NEVER be blocked, period. If a spammer is sending email with an envelope sender, block their IP. So it _IS_ an IMail problem because it allows rejecting . The program is not foolproof, and those people are fools. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: mail to all@domain.com password protected
On Tue, Feb 01, 2000 at 07:58:03PM +, Ricardo Cerqueira wrote: i don't want everyone to send mail to [EMAIL PROTECTED], just selected people. mail to [EMAIL PROTECTED] will be delivered to all popboxen in this domain. so thats why Instead of searching for far-fetched solutions, why don't you just install a mailing-list manager (like ezmlm, http://www.ezmlm.org/) and set up [EMAIL PROTECTED] as a moderated/limited list? That is what I was going to suggest indeed, when I understood his problem :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: what makes ezmlm fast?
On Tue, Feb 01, 2000 at 03:03:22PM -0500, Jeremy Hansen wrote: Can someone explain to me what exactly makes ezmlm fast? I would like to try to adapt some of its functionality and speed to a customized list processor. Thanks for any input. One word: qmail. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: bogus mail from??
On Tue, Feb 01, 2000 at 03:36:50PM -0500, Adam McKenna wrote: On Tue, Feb 01, 2000 at 01:47:22PM -0600, Ronny Haryanto wrote: On 01-Feb-2000, Adam McKenna wrote: This is _not_ an IMail problem. This is a user-configurable setting. If mail from is bouncing that means the admin of that site has chosen to enable that setting. (It might be the default, but I'm pretty sure it's not.) But if is valid, what is the reason to make this behaviour user-configurable in the first place? In other words, when is not valid? That's not the point. Giving the user an option to break the RFC is not the same as breaking the RFC. Indeed. What IMail does wrong is allowing the user to do so with one click of the mouse. qmail can be configured to break lots of RFCs, that's not even hard. But nothing that can happen 'incidentally'. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Logging information about each email.
On Tue, Feb 01, 2000 at 12:44:30PM -0800, Qmail wrote: Hi Folks, I'm wondering the best place/way to log details about each email to a database of some sort. Specifically I need to log, from address, to address, and email size. Any hints on where to start? Your maillogs. They contain all this information. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: big fat qmail-command hole
On Wed, Jan 26, 2000 at 09:41:34PM -0800, Faried Nawaz wrote: Russell Nelson wrote: Faried Nawaz writes: And how does someone with /bin/false as their shell put commands in their .qmail files? The sysadmin put /bin/false into /etc/shells, and now ftp lets them deposit files in their home directory. Well, yes -- that's what I imagine happened. An admin error. The only time I saw someone place /bin/false in /etc/shells was when they had a sendmail-based mailhost and wanted to allow people to run procmail from their .forwards. Home directories and /var/mail were shared between the client machines and the mailhost. Perhaps this sysadmin upgraded from sendmail and didn't fix /etc/shells. Oh and procmail doesn't allow people to execute stuff thru /bin/sh? :) (Though "| xterm -display myhost:0" worked great, too!) :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Failed Relay test 6 ?
On Thu, Jan 27, 2000 at 11:46:19AM +0100, [EMAIL PROTECTED] wrote: On Thu, Jan 27, 2000 at 11:38:20AM +0100, Erwin van Kroonenburg wrote: Hi, I received a message from orbs.org that our mailhost is relay server. I thought I fixed the problem by installing ucspi-tcp-0.84 but when I checked our mailhost on http://www.abuse.net/relay.html I got the following relay error: Relay test 6 RSET 250 flushed MAIL FROM:spamtest@[193.58.204.195] 250 ok RCPT TO:relaytest%abuse.net@[193.58.204.195] 250 ok Can anyone help me on this because I don't know what to do. [snip] So, get an abuse.net account and use _that_ to test, only to see that your host _is_ secure now :) Luckily, the ORBS-tester is a bit more reliable than this. I marked your host 'secure' at ORBS (after doing a bit of testing myself) and it's now marked 'closed but pending retest', which is good :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Timezone
On Thu, Jan 20, 2000 at 01:32:53PM -0500, Ian Lance Taylor wrote: From: Russell Nelson [EMAIL PROTECTED] Date: Thu, 20 Jan 2000 13:22:56 -0500 (EST) Mark Delany writes: I walk around http://physics.nist.gov/GenInt/Time/world.html might be instructive. Instructive, yes, but it says nothing about TAI. TAI is simply a counting of seconds, without UTC being taken into account. TAI + leap seconds == UTC. Unix machines claim to run on UTC but really operate on TAI. This is one of those statement which punches my personal pedant button. I believe that machines which follow POSIX run on a mixture. I wouldn't want to run any 100% POSIX-compliant OS. Why? POSIX says 2000 is not a leap year :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Timezone
On Thu, Jan 20, 2000 at 01:48:35PM -0500, Ian Lance Taylor wrote: Date: Thu, 20 Jan 2000 19:42:49 +0100 From: [EMAIL PROTECTED] Why? POSIX says 2000 is not a leap year :) What makes you say that? I read something along those lines somewhere.. POSIX is incorrect because it says that 2100 is a leap year (just in case you were worried that there wouldn't be a Y2.1K problem). POSIX does not say that 2000 is not a leap year. Ah.. then that was the problem :) Here is the conversion rule that POSIX specifies: time_t == tm_sec + tm_min * 60 + tm_hour * 3600 + tm_yday * 86400 + (tm_year - 70) * 31536000 + ((tm_year - 69) / 4) * 86400 Kewl. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Negatives in grammar
On Thu, Jan 20, 2000 at 02:23:54PM -0500, Dave Sill wrote: "Len Budney" [EMAIL PROTECTED] wrote: You are being pedantic, are you not? Yes--and you're mistaken. I was clearly being pedantic. Next time I'll use a pedantic tag. This particular use of 'not' is purely idiomatic. Just because a particular grammatical butchery is in wide use and fits the definition if "idiom" doesn't mean it's conducive to communication. Amen! PS We New Englanders use negatives in other contexts as particles of emphasis. For example, if you boast, ``I can build a Linux mail server in under an hour,'' I might reply, ``So can't my mother.'' I kinda like this one. It's not so ambiguous if you read the cinicism. Which most of the English speaking world would interpret as "My mother can't do that", possibly with an implied "(but just about anyone else can)". This type of idiom leads to ambiguity, and is a barrier to communication--its only purpose is to be cute. Correct. I wholeheartedly agree with you about the "isn't it" thing, although in English this thing is more widely accepted than in Dutch. I'm training my co-workers to understand me when I say 'no' to a negative question. They're fast learners :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Relaying for selective users, keeping address constant
On Wed, Jan 19, 2000 at 10:40:30AM -0500, Dave Sill wrote: "James Berry" [EMAIL PROTECTED] wrote: So, for messages to "james" I need to forward the message on to salsa, but the address given to the SMTP server on salsa needs to be "[EMAIL PROTECTED]" as before. Why? And this, my dear James, is the essence of the learning curve. By just stating 'Why?', Dave has drawn your attention from the answer to your question to the question itself, because your question is based on false preassumptions. Just had to say that :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Maildir format
On Tue, Jan 18, 2000 at 12:11:16AM -0600, Bruce Guenter wrote: On Tue, Jan 18, 2000 at 12:53:37AM -0500, Russell Nelson wrote: Um, am I missing something? I thought the whole point of the "info" portion of the filename of the message in the maildir? Right, and do you want the filename changing all the time? Instead of a simple "open()", you have to do a "opendir(), readdir(), string match, closedir()" set of syscalls. I suppose that you could attempt a simple open() first, and then only if that fails do you go searching. I saw that from another message. Valid point. Perhaps the server would treat the observed filenames as a "cache" mapped by the unchanging portion. Any miss would cause a revalidation of all of them (since readdir typically issues only one syscall per many directory entries). This is basically what you described. I'd say, indeed, a cache based on the unchanging part of the filename, always doing full readdir() [or getdents(), depending on your UNIX], and then gathering info from files that aren't in the cache already. Note that this is from a MUA point of view (not even POP3, just MUA, that wants to work with headers). I don't very much favor the idea of extending the Maildir structure just to add flags like that. On the other hand, such extensions are ideal for storing other persistent client (configuration) data. I don't see the need for that.. On the subject of extensions of Maildir, though, I had a bit of a radical thought: make each message a directory, containing one file for the headers, and one file per attachment. This has the benefit of pre-parsing attachments for processes like IMAP that want to be able to fetch just one of the parts, but at a significant cost. Fetching the entire message would cause quite a bit of conversion and repackaging. Searching now touches even more files. Every message now uses at least 3 inodes now instead of just one, with the side effect of increasing the amount of wasted (slack) space. More disk accesses to examine a mailbox. Hmmm... I don't like this one: - IMAP-stuff is still as complicated, delivery is _more_ complicated now. - wasting inodes and therefore hindering NFS performance which is isn't so good already for Maildir. I see no benefits. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Maildir format (indexing)
On Tue, Jan 18, 2000 at 10:15:31AM -0600, Jeff Hayward wrote: On Fri, 14 Jan 2000, Russell Nelson wrote: One way to do that would be for Dan to change the Maildir specification so that a Maildir may have multiple "cur" directories. Then, keep a CDB containing a subset of the message headers. Why multiple "cur" directories? I'm guessing that you're trying to avoid rebuilding a large CDB when any cachable item changes. Why not simply use multiple CDB's in a single directory instead? Select a CDB by hashing the file names. CDB is hashed itself. Using multiple CDB's to share one load is useless. The multiple "cur" directory idea helps performance on average filesystems. I'm also presuming that the CDB will be indexed by something like the message file name. How efficient are things like string searches going to be in that case? My dream states include things like results of previous searches being cached (I have several large folders that I search on the same subset of strings frequently). How would you do that with a CDB? Well the CDB (in my idea, at least) will be indexed to the unchanging part of a message filename (without new/ or cur/ in front), and contain the headers that mutt normally reads from the file itself while opening. [Yes, I am targeting mutt specifically, don't flame me ;)] For searches thru headers, the cdb can be used. For body-text-searches my solution won't help much. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Guidelines for large mail installations
On Mon, Jan 17, 2000 at 09:40:39PM +0800, Brian Baquiran wrote: Hi, We're setting up a big Qmail installation. It is projected that the number of users will be in the hundreds of thousands within a couple of months. Our current idea is to have one big NFS server, and a lot of lightweight SMTP/POP3 servers that mount their /var/qmail/ and /home/vpopmail from the NFS server. Is this OK? How should I go about this? I sincerely recall a posting about this very same subject about 2, 3, 4 and 5 days ago. Anyway: sounds good to me, if you do decide to use NFS. Just one thing: /var/qmail can't be NFS mounted, or, to be exact, at least /var/qmail/queue can't. Some people favor a non-NFS approach. I do too but I have no choice for the big system I'm setting up, somebody else decided for NFS... Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Maildir format
On Fri, Jan 14, 2000 at 02:21:47PM -0600, Charles Cazabon wrote:
Russell Nelson [EMAIL PROTECTED] wrote:
Right, and any scalable email system is going to use NFS. Therefore
the question in my mind is not "What should be used for large folders
instead of Maildirs?" but instead "What must be done to make Maildirs
more efficient"? One way to do that would be for Dan to change the
Maildir specification so that a Maildir may have multiple "cur"
directories. Then, keep a CDB containing a subset of the message
headers.
Doesn't the CDB file then require some trickery to avoid the necessity of
locks for multiple writers? Locks for the CDB would defeat the main benefit
of Maildirs. Or perhaps I misunderstand.
cdb are always updated atomically. One can open the cdb, acquiring a safe
path to the file (even if it is updated in between, it will still be reading
the old copy then), read it in, build a new cdb in a tmpfile and rename()
it over the real one. Only risk here is that in very concurrent updates,
one of the two will just miss. This is from the delivery-agent perspective.
When used from a useragent, the story is much easier: read directory listings,
check if all files are in the CDB already, and if they're not, add them.
I have actually been considering such a feature for mutt, since opening a
2500-message Maildir over NFS does take some time with the linux 2.0 client
NFS-implementation ('request' 'ack' 'request' etc., no paralellism) over a
25km glasfibre ethernet to a NetApp. Since cdb-updates are atomic, and in this
case, the updating process actually checks reality [as opposed to reading the
cdb and applying the known-made changes] when updating, so that the cdb
will be a performance improvement, but no PITA. Only glitch I can see is
someone actually editing files in a Maildir and the cdb not catching up..
doing a check on headers when a message is actually opened should fix most
of this, storing a datestamp in the cdb might help also.
Hmm.. I'm discussing user-agent cdb features now... lemme think about this over
the weekend :)
Note that I don't really see the benefit in multiple cur-directories, apart
from the performance advantages on sub-optimal [most] filesystems, for which
same reason the queue directories are split up.
Greetz, Peter.
--
Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder
|
| 'C makes it easy to shoot yourself in the foot;
| C++ makes it harder, but when you do it blows your whole leg off.'
| Bjarne Stroustrup, Inventor of C++
Re: MUA's, Maildir and folder formats
On Wed, Jan 12, 2000 at 12:38:55PM -, Lorens Kockum wrote: On the qmail list [EMAIL PROTECTED] wrote: On the other hand, I have thought maildir a _good_ folder format; it It is deathly slow on big folders. When you want to get the subject of all the mails, for example, it still has to open and read every single mail. I think a seperate index file would be a good idea, shouldn't be too hard to do correctly. That would require locking, which goes against the Maildir-philosophy. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: MUA's, Maildir and folder formats
On Wed, Jan 12, 2000 at 06:27:59PM -0500, Sam wrote: On 12 Jan 2000, (Lorens Kockum) wrote: On the qmail list [EMAIL PROTECTED] wrote: On the other hand, I have thought maildir a _good_ folder format; it It is deathly slow on big folders. When you want to get the subject of all the mails, for example, it still has to open and read every single mail. I think a seperate index file would be a good idea, shouldn't be too hard to do correctly. Or, you need an intelligent IMAP client. Pine, for example, never asks for all the headers at the same time. It will only ask for headers for 20 messages at a time, only as many as necessary to show the current section of the folder index. The same intelligence could be applied to Maildir, obviously. But since most MUAs like to sort messages for you, they have to read them all anyway... Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Why many .qmail files in $HOME?
On Tue, Jan 11, 2000 at 08:05:16AM +1100, Giles Lean wrote: [I'm sure this has been discussed before. If someone is better than I am at nagivating the archives and can find a discussion, please point me at it. Thanks.] One regular sticking point for user (rather than administrator) acceptance of qmail is that all the .qmail-* files a user creates go in $HOME. Personally I've "just got used to it", but wonder if anyone has worked out if there is a good reason for this that would not be addressed by putting the per-user control files into a subdirectory? Perhaps a possible syntax could be: .qmailfile, as currently used .qmail-/directory, containing files as currently named but with the extra "/" e.g. $HOME/.qmail-/default Check out the -/ option of qmail-pw2u, is quite close to what you want :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Slow delivery of large message
On Thu, Jan 06, 2000 at 06:09:05PM -0700, Monte Mitzelfelt wrote: I've got a fairly large (45k+ message) being sent to a mailing list of about 1100 people. It is getting "qmail-spawn unable to create pipe" errors each time the message hits the delivery stage. At this point, I also can't seem to ALRM it into sending for some reason. It is running on Solaris 7 (SunOS 5.7 is what uname -a reports anyway). Anybody have any ideas about what I can do? I've got some irritated customers I need to help as soon as I can. You're out of file descriptors. Probably this problem never occurred to you with small messages becuase qmail-remote delivers them faster than qmail-rspawn could spawn 'm. Now, with this big message, qmail-remote takes some time to finish, so qmail-rspawn has time to spawn a lot of these creatures and runs out of file descriptors.. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Slow delivery of large message
On Fri, Jan 07, 2000 at 04:02:20AM -0700, [EMAIL PROTECTED] wrote: On Fri, Jan 07, 2000 at 11:46:12AM +0100, [EMAIL PROTECTED] wrote: You're out of file descriptors. Probably this problem never occurred to you with small messages becuase qmail-remote delivers them faster than qmail-rspawn could spawn 'm. Now, with this big message, qmail-remote takes some time to finish, so qmail-rspawn has time to spawn a lot of these creatures and runs out of file descriptors.. Doesn't concurrencyremote limit the number of processes forked? Yes. Surely he has enough file descriptors for the default of 20 processes. 20*2*2+5 filedescriptors is about the number he needs then. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: 7 bit ascii qmail
On Tue, Jan 04, 2000 at 02:43:08PM +0200, Mikko Hänninen wrote: Holger Hug [EMAIL PROTECTED] wrote on Tue, 04 Jan 2000: Is there any possibility to cause qmail to convert a deliberate character set into "US-ASCII" before sending them off ? Not in qmail itself, I believe. At the moment, I don't have an idea where to start. Perhaps there is a possibility to install a script ? How are the emails created? By injecting them into the queue with qmail-inject? If that's the case, you could insert another script in front of that, which changes the emails accordingly before calling qmail-inject. If the emails are sent "remotely", via SMTP, then you need to fix the sending the end. Or perhaps set up a special SMTP port or something which runs a script on the emails, but that sounds like it's getting complex. Find the @fixup stuff in the FAQ. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Domain relaying (host relaying?) or something
On Mon, Jan 03, 2000 at 11:02:51AM +0100, Marthe Nesøen Gangfløt wrote: Hello all, I need to know where I can find info on how to solve domain relaying (one main mail server that sends all known mail to the right host). mail.domain.com will automatically send mail to [EMAIL PROTECTED] to host1.domain.com and mail to [EMAIL PROTECTED] to host2.domain.com (guess you get the picture).. and I just need to know where there are docs on that, or just how it's done. :) I've tried to find about it in the howto and life with qmail, but maybe I'm mixing names or something, because all I can find is relaying for user, not domain :/ control/smtproutes and control/rcpthosts should have all the stuff you need, look at man qmail-control for references to the relevant manpages. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Server cluster
On Mon, Dec 27, 1999 at 07:06:36PM +0800, Michael Boman wrote: I am writing to you all looking for some answers for a future project.. Is it possible to do a cluster of qmail servers using DNS and NFS? This is what I am planning to do: DNS: Add serveral MX records in the DNS Add a few mashines with different IP but the same hostname in the DNS (So the DNS will switch between the servers). I'm doing the same thing with one MX record which points to a name with multiple IPs on it. Same idea, more transparent. The computers: == mail00: The master server, using raid 5, have allot of diskspace, memory etc.. Like our comin-up NetApp :) mail01-xx: Slave servers. Same software configuration except that the /home/vpopmail and /var/qmail/ is NFS mounted from mail00. Running on a cheaper computer (no raid). I am running: qmail 1.03 ezmlm 0.53 vpopmail 3.4.10 sqwebmail 0.26 qmailadmin 0.25 Services provided: SMTP/POP3/IMAP(?)/WebBased mail Can you see any problems with this setup? What should I think about? The big problem is your mail00 - if that one goes down, all is gone. There are basically 2 ways to solve your problem: this one, or having front-end mailservers that know which users are on which system, and something similar to that for POP. casema.net is running this, for example. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: How to give a greeting message
On Sat, Dec 25, 1999 at 11:21:59AM -0700, Irwan Hadi wrote: I want to know, how to give a greeting message to a person when s/he connect to port 25 , and not just ESMTP . For example, Welcome to xxx, mm/dd/yy,hh:mm:ss , this mailserver is using QMAIL version 1.03 (I protest to writing qmail in capitals, so this one includes my version :) The date-part is not possible, by the way. What might help you is: echo 'Welcome to blah' /var/qmail/control/smtpgreeting Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: How to give a greeting message
On Sat, Dec 25, 1999 at 10:14:58AM -0500, Russell Nelson wrote: Stefan Paletta writes: [EMAIL PROTECTED] wrote/schrieb/scribsit: On Sat, Dec 25, 1999 at 11:21:59AM -0700, Irwan Hadi wrote: For example, Welcome to xxx, mm/dd/yy,hh:mm:ss , this mailserver is using QMAIL version 1.03 The date-part is not possible, by the way. Of course it is - just use Unix! # cd /var/qmail/control # mkfifo smtpgreeting # while :; do date smtpgreeting ; done I'd suggest this instead: while :; do date smtpgreeting.new mv smtpgreeting smtpgreeting.net; sleep 1 ; done This is the first _working_ suggestion I see. Stefan: your solution is probably quite portable, but not reliable: it can cause hanging qmail-smtpd's when 2 of 'm try to read the FIFO at the same time. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: qmail routing
On Wed, Dec 22, 1999 at 02:04:41AM -0500, Leonid Massarsky wrote: Hi, How do I get a host running qmail-smtpd to route (forward) all incoming mail to another smtp host? Clear out control/locals and control/virtualdomains. Put all domains you want to relay for in control/rcpthosts. Put ':anothersmtphost' in control/smtproutes. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Tidbit..
On Mon, Dec 20, 1999 at 09:59:18PM -0700, Philip Gabbert wrote: I was looking over the Qmail homepage and I found that you can create a rcpthosts file with the following shell command: sed 's/:.*//' virtualdomains | cat - locals | sort rcpthosts by Russ Nelson. This is pretty kewl, incase you all didn't know, but one thing was wrong. One: I'm ordered and sorted my virtualdomains file in a matter I like. Two: It picked up my address: [EMAIL PROTECTED] - Not needed in rcpthosts. So, I did a little change to it: sed 's/^[^@]*@//' virtualdomains | sed 's/:.*//' \ | cat - locals rcpthosts (line wrapped due to email max line length) This will filter out everything in front of and including the @. The only bug I see in this one liner is that if you have multiple [EMAIL PROTECTED] addresses, it will place multiple myhost.com lines. It's a bug I won't mind hearing how to fix, but it won't affect how qmail runs. Without having tested your line: replacing the second line with ' | cat - locals | sort -u rcpthosts' should do the job. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: problem qmail / checkpassword
On Tue, Dec 21, 1999 at 08:40:06PM +0100, bert hubert wrote: On Tue, Dec 21, 1999 at 08:36:07PM +0100, bert hubert wrote: You probably have shadow passwords. These cannot be read by any user but root. This means that checkpassword needs to be 'set user id root', suid root for short. Try this: chown root:root /bin/checkpassword chmod +s /bin/checkpassword DO NOT DO THIS. Sorry. Braino on my part. checkpassword needs to be invoked by root, it should not be suid. And, as ahu and I discussed on irc, a suid checkpassword is just a /bin/su with a difficult interface and no logging :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Here are your coupons
On Sat, Dec 18, 1999 at 11:26:32AM -0200, Rogerio Brito wrote: On Dec 17 1999, Andy Bradford wrote: How did this email creep in? Is the list setup to allow posts from non-subscribers? That's the "correct" way to setup a mailing list which provides support for a program -- people will usually just send bug reports or ask about unexpected behaviour without having to go thru the entire subscribe, send the message, wait for responses, unsubscribe cycle. This is (or, actually, should be) usually the case for open source program mailing lists. The drawback is that you get spam once in a while... On the other hand, if your mailing list is just, say, a music mailing list, then there's just no need for keeping it open. If you mean 'open' as opposed to 'closed', where 'closed' says "don't accept mail with From-addresses that are not on the list", I wholeheartedly disagree. The address I post from at home ([EMAIL PROTECTED]) is different from my subscribed address ([EMAIL PROTECTED]). If this list were 'closed' as defined above, I wouldn't be able to post. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Do you see in the FROM field - From: To: qmail ...
On Sat, Dec 18, 1999 at 08:58:18PM -0200, Rogerio Brito wrote: On Dec 18 1999, Diego A. Puertas F. wrote: When I see my own message coming back from the list here, what appears in the FROM field is actually the TO field, it only happens on my messages. Do you see the same? No, that's not the problem. That's the default behaviour that some programs (like Pine -- which you are using, BTW -- and mutt) have when displaying messages that YOU sent. It's not their behaviour, it's just them telling the truth: It's a posting _from_ you _to_ the mailinglist, and even tho the mailinglist is sending it back to you, the headers are kept original to prevent confusion. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Limit POP3 and SMTP service !
On Sun, Dec 19, 1999 at 06:57:56PM +0100, bert hubert wrote: On Mon, Dec 20, 1999 at 01:02:00AM +0800, Michael Boman wrote: If you have for an example a C net of computers (common when it comes to ISP's (doh!) use the ':allow,RELAYCLIENT=""' in the tcpserver settings. If your users are floating around (a'la hotmail etc) you might wanna do Is anybody aware of patches that would allow me to specify for example '.casema.net:,RELAYCLIENT=""'? It would make administration easier for us. I actually thought of that today on a boring train-trip (train-trips are mentally and intellectually _very_ productive for me), I was thinking of something along these lines: right now, you probably have a line like: tcpserver -x /etc/tcp.smtp.cdb -u 31 -g 30 0 smtp /var/qmail/bin/qmail-smtpd (logging and some paths left out) We could replace that with something similar to: tcpserver -x /etc/tcp.smtp.cdb -u 31 -g 30 o smtp /var/qmail/bin/tcp-domcheck -x /etc/dom.smtp.cdb /var/qmail/bin/qmail-smtpd where tcp-domcheck is a small tool that does the domain checking as you describe. Perhaps a bit easier than patching it in. If it isn't out there, and other people want it, I'm willing to write this for tcpserver. Hmm then we have 2 dutch ISPs actively coding qmail stuff :) (we're the other one :) I think it'd be dead easy to do. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Limit POP3 and SMTP service !
On Sun, Dec 19, 1999 at 07:23:28PM +0100, bert hubert wrote: On Sun, Dec 19, 1999 at 07:04:38PM +0100, [EMAIL PROTECTED] wrote: tcpserver -x /etc/tcp.smtp.cdb -u 31 -g 30 o smtp /var/qmail/bin/tcp-domcheck -x /etc/dom.smtp.cdb /var/qmail/bin/qmail-smtpd where tcp-domcheck is a small tool that does the domain checking as you describe. Perhaps a bit easier than patching it in. While more modular, I think that it should be integrated in tcpserver, as this already does forward and reverse name lookups. With the volumes of mail we transfer, I don't want to involve yet another process. The results of those lookups are saved in env.vars, so that other process takes hardly any time to run. Hmm then we have 2 dutch ISPs actively coding qmail stuff :) (we're the other one :) Our (public) coding efforts have so far mostly been directed to OpenLDAP. I'm working hard on a checkpassword replacement to do multi-domain stuff - one UID per domain for all popboxes (and also FTP and shell on that UID, for website maintenance), instead of one UID per popbox (our current sendmail setup). qmail is almost perfect as it is :-) That's true, I applied just the bigdns patch, and I had the todo patch for a while but I removed it in the investigation of a performance problem. The todo patch had nothing to do with it, but I never put it back in. I did hack qmail-smtpd a little bit to call an external program for the ETRN command. Still need to code that external program tho :) I also made qmail-send a little more verbose, to report if an 'out of filehandles' error was due to the processlimit or the systemwide limit. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Limit POP3 and SMTP service !
On Sun, Dec 19, 1999 at 07:23:28PM +0100, bert hubert wrote: On Sun, Dec 19, 1999 at 07:04:38PM +0100, [EMAIL PROTECTED] wrote: tcpserver -x /etc/tcp.smtp.cdb -u 31 -g 30 o smtp /var/qmail/bin/tcp-domcheck -x /etc/dom.smtp.cdb /var/qmail/bin/qmail-smtpd where tcp-domcheck is a small tool that does the domain checking as you describe. Perhaps a bit easier than patching it in. While more modular, I think that it should be integrated in tcpserver, as this already does forward and reverse name lookups. With the volumes of mail we transfer, I don't want to involve yet another process. Code done, I'll put it online in a few minutes. It's a terribly ugly hack, it's not as flexible as tcpserver, all it can do is either leave RELAYCLIENT alone or set it to "" if: [example, assume TCPREMOTEHOST="blah.casema.net"] it can find 'blah.casema.net' it can find '.casema.net' or it can find '.net' in it's cdbfile. This should do it for you. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: [code!] Limit POP3 and SMTP service !
On Sun, Dec 19, 1999 at 12:46:28PM -0600, [EMAIL PROTECTED] wrote: On Sun, 19 Dec 1999 19:23:28 +0100 , bert hubert writes: On Sun, Dec 19, 1999 at 07:04:38PM +0100, [EMAIL PROTECTED] wrote: tcpserver -x /etc/tcp.smtp.cdb -u 31 -g 30 o smtp /var/qmail/bin/tcp-domche ck -x /etc/dom.smtp.cdb /var/qmail/bin/qmail-smtpd where tcp-domcheck is a small tool that does the domain checking as you describe. Perhaps a bit easier than patching it in. While more modular, I think that it should be integrated in tcpserver, as this already does forward and reverse name lookups. With the volumes of mail we transfer, I don't want to involve yet another process. Well, it *is* just one other process -- the extra fork() will be pretty cheap compared to the number of fsync()s that the message will incur on its way through your server. If you're worried about the exec() cost, statically link it. It's not even a fork(). It's just an extra exec, with a couple of lookups in a cdb database. I'm not sure that checking TCPREMOTEHOST and TCPREMOTEIP belong in the same program -- they're semantically different. For example, does an empty key refer to a default IP, or a default hostname? What if you want the two to have different default behaviors? Good points. Code is now online at http://www.dataloss.net/tcp-domcheck.tar.gz Check it out, and report back to the qmail list please! :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Limit POP3 and SMTP service !
On Sun, Dec 19, 1999 at 08:02:02PM +0100, bert hubert wrote: On Sun, Dec 19, 1999 at 07:29:34PM +0100, [EMAIL PROTECTED] wrote: this already does forward and reverse name lookups. With the volumes of mail we transfer, I don't want to involve yet another process. The results of those lookups are saved in env.vars, so that other process takes hardly any time to run. That is not the issue. Launching the other program is what takes time, especially on 'heavy' unixes like Solaris. I'm working hard on a checkpassword replacement to do multi-domain stuff - one UID per domain for all popboxes (and also FTP and shell on that UID, for website maintenance), instead of one UID per popbox (our current sendmail setup). We already have this (based on our own LDAP/qmail setup). Works like a charm. We currenly host ~30.000 cablemodem users per Sun Enterprise 250 (single cpu). A whole lot more than sendmail+cucipop could handle. Yeah but suppose you had 20.000 domains with between 1 and 500 popboxes per domain, does that fit into your setup? My drpop-solution (yes I am proud :) does all that, and more :) Btw have a look at http://www.dataloss.net/tcp-domcheck.tar.gz If that does the job, integrating it into tcpserver shouldn't be that hard... Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Limit POP3 and SMTP service !
On Sun, Dec 19, 1999 at 08:02:02PM +0100, bert hubert wrote: On Sun, Dec 19, 1999 at 07:29:34PM +0100, [EMAIL PROTECTED] wrote: this already does forward and reverse name lookups. With the volumes of mail we transfer, I don't want to involve yet another process. The results of those lookups are saved in env.vars, so that other process takes hardly any time to run. That is not the issue. Launching the other program is what takes time, especially on 'heavy' unixes like Solaris. I'm working hard on a checkpassword replacement to do multi-domain stuff - one UID per domain for all popboxes (and also FTP and shell on that UID, for website maintenance), instead of one UID per popbox (our current sendmail setup). We already have this (based on our own LDAP/qmail setup). Works like a charm. We currenly host ~30.000 cablemodem users per Sun Enterprise 250 (single cpu). A whole lot more than sendmail+cucipop could handle. Hmm did you write that POP3proxy yourself, or does the 'ahu' stand for some of your patches? It's kewl nonetheless :) We're prolly going for a distributed approach based on NFS, the good thing about that is that we just add another popserver and load is halved, given that the NFS server (soon to be NetApp prolly) can take the load. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: [code!] Limit POP3 and SMTP service !
On Sun, Dec 19, 1999 at 07:48:20PM +0100, [EMAIL PROTECTED] wrote: [snip] Code is now online at http://www.dataloss.net/tcp-domcheck.tar.gz Check it out, and report back to the qmail list please! :) You might want to comment out the printf and fflush, not sure how hard they would f*ck stuff up, I haven't actually tried this thing in a tcpserver invocation, just from the commandline (as explained in README.short). Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Limit POP3 and SMTP service !
On Sun, Dec 19, 1999 at 09:00:44PM +0100, bert hubert wrote: On Sun, Dec 19, 1999 at 08:08:48PM +0100, [EMAIL PROTECTED] wrote: Hmm did you write that POP3proxy yourself, or does the 'ahu' stand for some of your patches? It's homegrown and currently owned by Casema. IC. Not open source? It's kewl nonetheless :) We think so :-) Hehe same here.. We're prolly going for a distributed approach based on NFS, the good thing about that is that we just add another popserver and load is halved, given that the NFS server (soon to be NetApp prolly) can take the load. I would advise against that for several reasons. NFS is a bad idea most of the time and it also turns out that most OSes have trouble with certain NFS operations, like doing softquotas on Maildir boxes. I know for a fact that this causes problems. Hmm... NFS is kind of a legacy thing in our company, I'd rather get rid of it too, but I'm not the one deciding stuff like that. So I just build a qmail solution that fits perfectly :) With Maildir and a virtual user setup, combined with the popproxy, it's very easy to continue adding boxes. Also lots cheaper than the NetCrap approach. Well on our system there's also a website 'n stuff for each user, which makes it a bit more complicated. But you did get me thinking... quotas are not my problem, or my cup of tea, but that might be a problem than. If it applies to most OSes, let's just hope it doesn't apply to Linux. Our setup is not hybrid whatsoever (not yet, perhaps) so we don't need to worry about different OSes. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: local address used as spam sender
On Fri, Dec 17, 1999 at 09:53:53AM -0800, Kai MacTane wrote: At 11:55 AM 12/17/99 +0100, you wrote: [EMAIL PROTECTED] wrote: Tried putting /dev/null in the .qmail but I get this error: Error_while_writing_message._(#4.3.0) Any ideas? Haven't had time to search the docs/web though. make .qmail an empty file, or a file with only comments. Comments. Empty file will trigger default instructions. .qmail-devnull: /dev/null Should work theoretically, I think... [snip] .qmail-devnull: |/dev/null Is complete and utter bullshit. [snip] .qmail-devnull: # Comment. Deliver to /dev/null? Discards the message as requested. Dec 17 09:44:24 gateway qmail: 945452664.275136 starting delivery 3165: msg 1194 6 to local [EMAIL PROTECTED] Dec 17 09:44:24 gateway qmail: 945452664.275647 status: local 1/10 remote 0/20 Dec 17 09:44:24 gateway qmail: 945452664.332010 delivery 3165: success: did_0+0+0/ Dec 17 09:44:24 gateway qmail: 945452664.363332 status: local 0/10 remote 0/20 Dec 17 09:44:24 gateway qmail: 945452664.363701 end msg 11946 I did not try an empty file, as man dot-qmail states: If .qmail is completely empty (0 bytes long), or does not exist, qmail-local follows the defaultdelivery instruc tions set by your system administrator; normally default delivery is ./Mailbox, so qmail-local appends the mail message to Mailbox in mbox format. However, the documentation doesn't say anything about delivering to /dev/null if it finds only a comment line. (Indeed, I suspect that qmail-local is simply silently discarding the message, rather than explicitly attempting delivery to /dev/null.) I don't know where I've read it, but it's true :) While it may be deducible that a .qmail file consisting of only one comment line (or of only comment lines) would result in silent discarding of messages, perhaps it should be made explicitly clear in the documentation? I think that would be a good idea :) It isn't intuitively obvious, especially since it differs from qmail-local's behavior in the case of an empty (but present) .qmail file. Correct. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Failed a relay test?
On Thu, Dec 16, 1999 at 11:10:01AM -0600, Dustin Miller wrote: This is strange. It's the third time I've received a similar message from someone. I wasn't aware that, in the default config of qmail, you COULD relay mail. Can someone tell me what I'm going wrong, or that their test for relaying is faulty? As Dave said: Arrrh More clearly: their test is faulty :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: status bar
On Wed, Dec 15, 1999 at 12:51:31PM -0600, Robert wrote: Hello, I'm the sysadmin for a small ISP. I've recently switched my mail server from an NT based email server, and I've noticed something peculiar. Before, when my users would download their email they would get a status bar showing the percentage of the messages they were retrieving. Since I've switched they no longer get a total percentage of the message/messages. Have I missed something in the setup for this? Thank you in advance for any light you may be able to shed on this. This is a bug in some Netscape clients, there's a patch for qmail-pop3d on www.qmail.org. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: multiple queues?
On Fri, Dec 10, 1999 at 03:22:57PM -0500, Peter Green wrote: On Fri, Dec 10, 1999 at 02:59:10PM -0500, Dave Sill wrote: Peter Green [EMAIL PROTECTED] wrote: I've search LWQ, the qmail home page, and my for: 'multiple', 'instance', and 'queue'. Yet, I can't find the links (that I know I've seen!) to step-by-step instructions for setting up multiple, concurrent qmail queues/installations. Does anyone have any pointers? Just build and install more qmails with different conf-qmail's pointing to their homes, e.g., /var/qmail1, /var/qmail2, ..., /var/qmail/N. To inject a mesage into "qmail1", use /var/qmail1/bin/qmail-inject. You'll have to pick one to listen to port 25, or come up with some mechanism for round-robin'ing it. Just to clarify, I want the queues to be 'cascading'. The first queue has extremely short timeouts and retries set to 0. Upon failure to deliver from the first queue, the message is then forwarded to the second queue, where timeouts and retries are more sane. I guess the part I can't figure out is how to make qmail do precisely this, especially in the forwarding from one queue to the other. I have yet to find out how, I also can't seem to find how to make it deliver to a smart host after first failure, something very welcome on dialups. This is just about the only thing I miss in qmail that sendmail does have :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: /var/qmail/users/assign
On Thu, Dec 09, 1999 at 09:10:55AM -0800, Jose de Leon wrote: Okay, but I'm unable to make an assign file. qmail-newu complains of invalid format. I can't seem to find any mention of what the format should be. I have only one line in it and it is exactly what serialmail instructions say to put into it. Put a '.' on the last line, all by itself. Read man qmail-users for more info. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: How to send a message after
On Fri, Dec 10, 1999 at 12:48:20AM -0700, Andy Bradford wrote: Thus said "Ari Arantes Filho" on Thu, 09 Dec 1999 19:14:54 -0200: Supose I'm supervising the qmail queue and see a message with (2 attachments of 2mb each for 5 different addresses). This message will consume a lot of my link, so I want to send this message during the night. How to do this? You could always write a simple cronjob that would suspend qmail-send until an hour that you deem proper for sending such large emails and then have another cronjob that reactivates it at the specified time. This might involve control/concurrencyremote by setting the value to 0 and then HUP'ing qmail-send. I'm not qmail expert by any means but this might work. qmail-send needs a real restart to reread concurrency info. There is a patch that allows you to start/stop delivery without restarting qmail, it's somewhere on www.qmail.org. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: [Fwd: Re: Attachments]
On Mon, Dec 06, 1999 at 06:18:35AM -0500, Bill Hults wrote: Hi The file doesn't exist. Then that's not the problem. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: [Fwd: Re: Attachments]
On Tue, Dec 07, 1999 at 08:44:32PM -0500, Bill Hults wrote: Hi I created it put 200 in it. I get UNABLE_TO_WRITE ./Mailbox DISK_QUOTA_EXCEEDED. Any thoughts anyone. Ehm... quota? Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: How to get your qmail server into ORBS
On Sun, Dec 05, 1999 at 08:07:21PM -0500, John R. Levine wrote: | forward "$LOCAL"@bigbang.af.mil I will think of a better fix in a couple of days, hints are welcome. My first urge was to just have it bounce everything with a % in it, First answer: so long as you're not relaying spam, there's no reason to worry about being in ORBS since almost nobody uses it. Alan listed me for spite a couple of times, the amount of mail that bounced as a result was infinitesimal, two messages out of many thousands, other than to my anti-spam fanatic pals on my spamtools list. Well thanks for this one, you made my day :) Second answer: tell your friends who run sendmail to fig their config to turn off the percent hack, since it's a security hole there whether or not the mail is relayed from your host. The fixes are well known, see www.sendmail.org for links. Ehm it's a security hole only from internal hosts, the sendmailhost doesn't accept the percenthack from outside hosts. But I will talk to them. Third answer: if your sendmail manager isn't up to the task of managing sendmail (most aren't), it's really easy to add a little bit to your .qmail to bounce mail with addresses that are likely to provoke sendmail bugs: (put this on one line, of course) | case "$LOCAL" in '*[%"@]*') bouncesaying 'Go away,' ;; *) forward "$LOCAL"@bigbang.af.mil ;; esac I was planning to do something similar to this. Is there any chance of sendmail acting funny with banged addresses (with '!' in them)? Any other tricks I should watch out for? Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Attachments
On Sun, Dec 05, 1999 at 05:56:20PM -0500, Bill Hults wrote: Hi Is there a default maximum size for attachments? Users on one of my qmail sites can't receive attachments larger than 1 MB. No quotas on the file system Is there anything in /var/qmail/control/databytes? Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/womanizer/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
