Re: no shell for qmail user (qmails, qmaill,...)
On Wed, Mar 07, 2001 at 09:41:29AM -0200, MassimoQuintini wrote: For security reason, can I disable shell in /etc/passwd for qmail users (qmails, qmaill, ...ect,) setting the shell to /bin/false ? /bin/false is a very silly idea. /nonexistent is much better. Greetz, Peter. Hi Peter, This is a post that I pulled out from the archives. I think /nonexistent does seem better than /bin/false. I would like to ask one question to clarify what is probably very obvious, but I want to be certain of this. Is the directory /nonexistent supposed to be created or not? In other words, do you want the directory not to be created so that the login fails due to missing home directory, or do you want the directory to be created, but empty? _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
Re: no shell for qmail user (qmails, qmaill,...)
The /nonexistent is meant to be the user's shell, not his home. You and Peter are absolutely correct. I lost my train of thought as I was typing out that question. Sorry! Thanks for the fast response. I hadn't created /nonexistent, but wanted to be sure that I wasn't overlooking something. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
Re: mailbombed
Add the domain to virtualdomains, like so: domain.com:alias-domain then create ~alias/.qmail-domain-default with a single hash (#) mark in it. then add a smtproute to localhost for the domain and restart qmail-send. The only problem with this is that all messages for that domain will be deleted, not just the person who got mailbombed. What would the solution be if he was running qmail/ldap/courier-imap? _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: Reverse DNS lookups
FYI, my ISP did add the reverse PTR records last night. I appreciate the suggestion from Andreas to get RIPE involved. I think it was my email to RIPE, cc'ing my ISP, that was the key to making this happen. I am really under ARIN, not RIPE. However, my ISP is expanding into Europe, so I thought my ISP would be sensitive to RIPE. Thanks for all of the feedback. From: Andreas Grip [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Reverse DNS lookups Date: Tue, 10 Jul 2001 15:44:36 +0200 I had problems to get my ISP to setup reverse DNS on my IP:s but then I turned to RIPE and they sended an e-mail to my ISP. The day after that the reverse was working :-) So maybe you should try go through RIPE... Andreas _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: Reverse DNS lookups
Wrong mailing list, my apologies, I meant to send this to [EMAIL PROTECTED] From: pop corn [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Reverse DNS lookups Date: Tue, 10 Jul 2001 06:07:59 - I'm dealing with a new ISP that has been pretty much ok until this problem. I realized that they didn't set up the reverse PTR records for my eight IP addresses on a dedicated server. (I will be creating 8 virtual domains - one per IP address). Their staff initially said 1) reverse PTR records were never necessary; 2) delegating my DNS info to my machine are out of the question (they won't admit they don't know how and they won't accept info). They are using BIND and insist that nslookup is never capable of returning the domain name for a given IP address. I've been pounding on them since last week, and just got an email saying that a PTR record is only necessary for the base IP address of the 8 addresses (the hostname is set to this base IP address) and they are going to update their DNS server tonight and promptly closed out the trouble ticket. I've been setting up DNS (classic BIND) for years and simply never heard of setting up A records without the associated PTR record for reverse address mapping. 1) I'm about to open up another trouble ticket to ask them to add PTR records for the remaining seven IP addresses. Am I not correct in telling the ISP that all my virtual domains require reverse DNS resolution? 2) If they don't add reverse PTR records for my virtual domains, I've been debating telling the Internic to change my DNS servers for the virtual domains to the base address of my own dedicated server. It's not as if my virtual domains are subdomains of my ISP's domain. The problem is that I only have the one dedicated machine. The Internic wants two DNS servers per domain. If I leave the existing DNS servers from my ISP, and add my own dedicated server as a third DNS server, will the reverse address search go through all three of my DNS servers until it has success? My hostname is a subdomain of my ISP's domain, so the PTR record for my base address will have to be served by my ISP's dns server and they are in fact doing that for me tonight. My virtual domains are independent domains immediately under .com and registered to the Internic. I'll use the exact same IP addresses that my ISP was serving on their DNS servers, just add the reverse DNS info. My ISP's info about my virtual domains will just be ignored once the Internic makes the change, right? I've been resisting this route because I don't want to create a loop of some kind. 3) If I proceed with step 2, I could use dnscache on 127.0.0.1, tinydns on one IP, and walldns on another IP, right? It doesn't matter which external IP, just so long as they are different IPs because dnscache, tinydns, and walldns are all looking at port 53, right? There is no firewall with this solution in 2) and 3), but these virtual domains don't have any national secrets anyway. However, I will be serving qmail to these domains, so it won't be the safest environment for the email. I'm sorry this post is so long, it's hard for me to verbalize these DNS issues succinctly. _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: Reverse DNS lookups
This was the best advice! I emailed RIPE and cc'd my ISP, then called my ISP to make sure they saw my email to RIPE. My ISP just emailed me to say that my PTR records would be put on their DNS servers tonight at midnight. I don't know if RIPE emailed them, but I think my ISP didn't want to risk being on any possible nonconforming ISP lists. Before I sent the email to RIPE, I also called the Internic, but they told me that I would have to change to an Internic sponsored ISP to get PTR records. I'll see if my ISP actually did it tomorrow, but it was terrific to have an authority like RIPE on my side. After all, I did pay for that IP address block. The least they can do is put both A and PTR records in their DNS servers. From: Andreas Grip [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Reverse DNS lookups Date: Tue, 10 Jul 2001 15:44:36 +0200 I had problems to get my ISP to setup reverse DNS on my IP:s but then I turned to RIPE and they sended an e-mail to my ISP. The day after that the reverse was working :-) So maybe you should try go through RIPE... Andreas _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: Qmail logging problems with Lifewithqmail directions
Yes, please: 1) post the run files 2) show the directory permissions/owners 3) show ps output to see what processes are running (sometimes people get mutiple smtpd's running, for instance) From: Gary Townsend [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Qmail logging problems with Lifewithqmail directions Date: Sat, 30 Jun 2001 10:29:39 -0700 hi there i setup qmail according to the directions on life with qmail and i seem to be having an odd difficulty my qmail -send and qmail-smtpd seem to be logging to stdout yet my qmailpop is logging to a file. the log files are both supposed to be outputting to a log file and i am using multilog as per the instructions on lifewithqmail any ideas i can post the run files whihc implement the logging if that might be helpful. _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: qmail-ldap questions
Thanks for answering my questions about vmailmgr, Kerberos, and pop. I've just signed up on the qmail-ldap list and will try to post further qmail-ldap questions there rather than here. From: Henning Brauer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: qmail-ldap questions Date: Fri, 29 Jun 2001 08:32:10 +0200 On Fri, Jun 29, 2001 at 03:38:53AM -, pop corn wrote: I'm trying to head towards a setup with: qmail/qmail-pop3/courier-imap/vmailmgr/ldap/squirrelmail makes no sense IMHO tun run qmailp-ldap AND vmailmgr. (1) I've been going over the life with qmail-ldap documentation and would like to know if I am assuming correctly that this documentation assumes that for the Linux 7.0 host: Well, that depends. I've written this document without any respect to a special OS (but be sure it's always accurate for OpenBSD ;-) ) 1) openssl-0.9.5a-14 is installed If you enable SSL, yes, of course. 2) krb5-libs-1.2.1-0 is installed (but no Kerberos server in stalled) no 3) cyrus-sasl-1.5.24-6 is installed no 4) db-3.2.9 (Berkeley DB) is installed no 5) openldap.2.0.11 is installed no. just ldap client libs. You'll need an ldap server of course... (2) In particular, I am trying to make sure that I am not expected to set up a Kerberos master/slave server environment to make qmail-ldap work. You don't need Kerberos for qmail-ldap. It's qmail-ldap, not qmail-kerberos... (3) I am confused about the authorizations. I don't understand if qmail-pop3d will continue to use checkvpw after qmail-ldap. qmail-pop3d itself is no program. qmail-ldap's auth_pop replaces checkpassword (or checkvpw in your example) (4) I don't understand how the virtual domains and the FQDN name of the physical host are stored in the LDAP. No need for Virtual Domains in qmail-ldap. There are just users having email addresses. the servers FQDN isn't stored in LDAP. Just user records are in LDAP. (5) Should I be trying to start ldap with the new /service method recommended by Life with Qmail? You shoud not try anything else... (6) I am using the following scripts at present (no ldap install done yet). I'm still not sure how these scripts will change or what the effect is on vmailmgr. /usr/local/bin/rblsmtpd -b -rblackholes.mail-abuse.org \ -rmail.services.net \ /usr/local/bin/fixcrio /home/qmail/bin/qmail-smtpd 21 qnail-ldap has builtin rbl support. /var/qmail/supervise/qmail-pop3d/run #!/bin/sh exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -H -P -R -l 0 -u0 -g0 0 110 \ /home/qmail/bin/qmail-popup FQDN \ /usr/local/bin/checkvpw /home/qmail/bin/qmail-pop3d Maildir 21 ^^^ /var/qmail/bin/auth_pop -- * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de * * Roedingsmarkt 14, 20459 Hamburg, Germany * Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie) _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: Integrating the logs
ISOQLOG looks terrific, but: 1) It solves a different problem than the one I am trying to solve. It appears to provide traffic summaries. 2) The problem I am trying to solve is to create a detailed trace from start to finish about the entire life cycle of a single email message. I dislike s**dmail just as much as everyone else here, but being a monolithic program, it did have a detailed trace for a given message. I'm fine with qmail being broken up into components, but I need an integrated log for debugging. 3) There are several posts in the archives about isoqlog not running if the multilog is under 100k and not rotating. I am only testing now, so my multilogs are quite small. The solutions are not clear to me. One is to find a patch for multilog which rotates the logfile, whenever it receives a HUP. A) where is the patch? B) exactly how am I supposed to supply the HUP in my scripts? From: hari_bhr [EMAIL PROTECTED] Reply-To: hari_bhr [EMAIL PROTECTED] To: pop corn [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Integrating the logs Date: Thu, 28 Jun 2001 10:54:03 +0530 look for ISOQLOG nice - Original Message - From: pop corn [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, June 28, 2001 10:00 AM Subject: Integrating the logs I have my different daemons logging into the various log subdirectories via multilog. My problem now is integrating them so that I have a continuous line of activity from the beginning to end for a given email. For example, I can do a tail -f current log for qmail-pop3 while running tests. However, I would like to know what related activities are occurring in other logs for this same email test. I have pulled the following info about qmail-analog from the following length thread in the archives. It includes an example script. I cut/paste quickly, so not everyone gets the credit they deserve for their posts in this thread. I have at minimum two questions after reading all of the info below: 1) what are all the z... files in the example script? for ana in zoverall zddist zdeferrals zfailures zrhosts zsuids zrxdelay; 2) where is a real working example of qmail-mrtg? == I want to know how many messages were sent/failed etc. for a given period of time (say the last three days). I have done the following in both /var/log/qmail/qmail-send and /var/log/qmail/qmail-smtpd (I'll admit my ignorance and say that I don't know the difference between the two. Is qmail-send local deliveries and qmail-smtpd remote deliveries?): 1) Ran matchup on /var/log/qmail/qmail-send(smtpd)/current 2) Converted the matchedup version of current into human readable format using tai64nlocal 3) Pulled out dates for which I want to see log results from the file created above 4) Convert the data above to tai64 format using tai64n 5) Ran this data through zoverall to see qmailanalog results Regardless of whether I run it against /var/log/qmail/qmail-send or /var/log/qmail/qmail-smtpd I get the following: Completed messages: 0 Total delivery attempts: 0 Am I anywhere near doing this right? Here are my actual commands 1) cat /var/log/qmail/qmail-smtpd/current | /usr/local/qmailanalog/bin/matchup /var/log/qmail/qmail-smtpd/matchedup 2) cat /var/log/qmail/qmail-smtpd/matchedup | /usr/local/bin/tai64nlocal human_readable_current 3) vi human_readable_current (remove all unneeded data) 4) cat /var/log/qmail/qmail-send/human_readable_current | /usr/local/bin/tai64n tai64_current 5) cat ./tai64_current | /usr/local/qmailanalog/bin/zoverall overall_log No. qmail-smtpd is incoming mail via SMTP. qmail-send is all deliveries, local and remote. No. Instead of converting the tai64n timestamps to human-readable, you need to convert them to the fractional seconds (tai) that qmail-analog expects. You can do this with tai64n2tai, included in Bruce Guenter's qlogtools package if I remember correctly. His software is at untroubled.org. Thanks for the info Charles, but I'm confused. How do most of you folks pull out information from your logs? Log files generated by qmail are unreadable/unusable in the current (multilog) format. In order for them to make sense to me, and in order to sift them for specific dates I have to convert them to human readable format. I can do this with tai64nlocal. Once I have removed data that is not pertinent I then have to change them back into multilog format using tai64n, and then convert them into the older TAI64 format that qmailanalog understands, then run them through the qmailanalog scripts. Wow, that's a convoluted process using tools that until now had worked together to provide a graceful solution to my email needs. Thanks for the info Charles, but I'm confused. How do most of you folks pull out information from your logs? With qmail
Re: qmail-pop3 and vmailmgr
No. The vmailmgr daemon is only needed for some of the administration tasks when using the web interface. Great! Go to http://lists.em.ca/?list=vmailmgr , and then click the link near the top-left corner of the screen which looks like [-] -- that'll take you back a month at a time. Will do! _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: Integrating the logs
These are the actual statistical analysis programs from qmail-analog. See the documentation in qmail-analog for details about what they do, and the reports they generate. Will do! _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: Problem with VAR directory during install
1) So, no one knows of any definitive ownership rules for all of qmail? 2) Why is it ok for /var/qmail to be owned by root:root? From: pop corn [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Problem with VAR directory during install Date: Thu, 28 Jun 2001 00:20:25 - I have the same question about ownership/permissions for all of /var/qmail directories and files. I made some changes manually, but am very uncomfortable with my current settings. When I first got into qmail, I thought that making the custom qmail accounts were part of making it bulletproof, but there doesn't seem to be much requirement to keep things from being owned by root. $ cd /var/qmail $ ls -las total 68 4 drwxr-xr-x 12 aliasnofiles 4096 4 drwxr-xr-x 18 root root 4096 4 -rw-r--r--1 qmails qmail 24 .bash_logout 4 -rw-r--r--1 qmails qmail 230 .bash_profile 4 -rw-r--r--1 qmails qmail 124 .bashrc 4 drwxr-sr-x2 aliasnofiles 4096 alias 4 drwxr-xr-x2 root qmail4096 bin 4 drwxr-xr-x2 root qmail4096 boot 4 drwxr-xr-x2 root qmail4096 control 4 drwxr-xr-x2 root qmail4096 doc 4 drwxr-xr-x6 root root 4096 log 4 drwxr-xr-x 10 root qmail4096 man 4 drwxr-x--- 11 qmailq qmail4096 queue 4 -rwxr-xr-x1 root root 212 rc 4 drwxr-xr-x6 root root 4096 supervise 4 drwxr-xr-x2 root qmail4096 users $ ls -las supervise total 24 4 drwxr-xr-x6 root root 4096 4 drwxr-xr-x 12 aliasnofiles 4096 4 drwxr-xr-t4 root root 4096 courier-imap 4 drwxr-xr-t4 root root 4096 qmail-pop3d 4 drwxr-xr-t4 root root 4096 qmail-send 4 drwxr-xr-t4 root root 4096 qmail-smtpd $ $ ls -las /service total 8 4 drwxr-xr-x2 root root 4096 4 drwxr-xr-x 18 root root 4096 0 lrwxrwxrwx1 root root 34 courier-imap - /var/qmail/supervise/courier-imap 0 lrwxrwxrwx1 root root 33 qmail-pop3d - /var/qmail/supervise/qmail-pop3d 0 lrwxrwxrwx1 root root 32 qmail-send - /var/qmail/supervise/qmail-send 0 lrwxrwxrwx1 root root 33 qmail-smtpd - /var/qmail/supervise/qmail-smtpd From: Steve Reed [EMAIL PROTECTED] To: Yvette 'Tina' Martinez [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Problem with VAR directory during install Date: Wed, 27 Jun 2001 19:37:05 -0400 Excuse me while I go bang my head against the wall. OK, there now that that's over withhas anyone else had trouble installing qmail on Mandrake 8? I'm following the instructions to the letter and the darn thing won't install. I'd much rather find the reason for it and fix it than install an older version of the operating system, which can present other issues. -Steve I am also new at this and the first thing I had to do was stop using linuxconf. Linuxconf seems to have a mind of its own and it will regularly change ownership based on its own set of rules. BTW, I don't know exactly why. The second thing I did was rebuild my machine with Mandrake 7.2 (from 8.0) I had all kinds of trouble with mandrake 8 in all different apps. So far with mandrake 7.2 back online all my installs have been clean. I use the command line mostly and webmin to look at users and groups... Tina --- Steve Reed [EMAIL PROTECTED] wrote: Well I think I may have located the source of the trouble but it's still puzzling. Both the Life With Qmail and the Running qmail book want the /var/qmail directory created while logged in as root. That gives ownership to the user root in the group root. Then, the qmail-specific groups and users are added. The problem is that when I run linuxconf and look at the created users, I receive a warning that the home directory of /var/qmail has an invalid owner and group. Could this be the cause of my problems? I'm not exactly a newbie to file and directory permissions, but in reading all the qmail documentation I can lay my hands on I see nothing that indicates I need to change the ownership and group of /var/qmail from root/root. Nevertheless, linuxconf is whining and my compile goes nowhere, and this all smells like a permissions issue. I'm running Mandrake 8. Thanks for your patient help. Steve. On Mon, Jun 25, 2001 at 02:43:15PM +1200, Steve Reed wrote: So, I'm stumped. Why is config (or config-fast) unhappy? Because it's expecting dirs and stuff in /var/qmail that aren't there. Run strings - install | grep / and look for a fully- qualified path (ie. starting with a slash) that doesn't look system-related. In your
Re: qmail-pop3 and vmailmgr
1) Sounds good, I'll use the real, canonical name 2) I didn't realize the password replacement could do all that work by itself. It apparently doesn't need the vmailmgrd daemon to run? 3) I agree that the pop3 clients can be configured to leave things on the server. It's reassuring to know that my users are in fact able to switch between webmail/pop clients. I've looked at the vmailmgr archives for all of June (I didn't seem to find an archive for prior to June). They have very few posts compared to this list and not many replies to the posts. I appreciate the help I am receiving here about qmail-pop3 and vmailmgr. From: Charles Cazabon [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: qmail-pop3 and vmailmgr Date: Wed, 27 Jun 2001 07:53:30 -0600 pop corn [EMAIL PROTECTED] wrote: FQDN is very clear if the Unix host is serving a single domain. However, what is recommended if the host is serving multiple virtual domains? The POP3 server should identify itself by it's real/canonical name, not by one of its virtualdomains -- although this is personal preference. It doesn't have any particular effect on mail service anyways. understand that this setup script is going to monitor port 110, but how will it know how to distribute from port 110 to the various virtual domains? It doesn't know anything about domains -- that's your virtual domain manager's job (in this case, through the vcheckpw checkpassword replacement). Am I correct in thinking that the same user is going to be able to dynamically choose whether to download the email or leave the email on the server, depending on whether they use an MUA that downloads (for example, Microsoft Outlook) or whether they use a webmail MUA (for example, squirrelmail); and they can simply choose to use one MUA one day and the other MUA a few minutes later in mix and match style? If you run vmailmgr-assisted qmail-pop3d, Courier-IMAP, and (say) oMail, then yes, users will be able to use any method they like. By the way, all POP3 clients can be configured to leave mail on the server. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ --- _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: qmail-pop3 and vmailmgr
1) Sounds good, I'll use the real, canonical name 2) I didn't realize the password replacement could do all that work by itself. It apparently doesn't need the vmailmgrd daemon to run? 3) I agree that the pop3 clients can be configured to leave things on the server. It's reassuring to know that my users are in fact able to switch between webmail/pop clients. I've looked at the vmailmgr archives for all of June (I didn't seem to find an archive for prior to June). They have very few posts compared to this list and not many replies to the posts. I appreciate the help I am receiving here about qmail-pop3 and vmailmgr. From: Charles Cazabon [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: qmail-pop3 and vmailmgr Date: Wed, 27 Jun 2001 07:53:30 -0600 pop corn [EMAIL PROTECTED] wrote: FQDN is very clear if the Unix host is serving a single domain. However, what is recommended if the host is serving multiple virtual domains? The POP3 server should identify itself by it's real/canonical name, not by one of its virtualdomains -- although this is personal preference. It doesn't have any particular effect on mail service anyways. understand that this setup script is going to monitor port 110, but how will it know how to distribute from port 110 to the various virtual domains? It doesn't know anything about domains -- that's your virtual domain manager's job (in this case, through the vcheckpw checkpassword replacement). Am I correct in thinking that the same user is going to be able to dynamically choose whether to download the email or leave the email on the server, depending on whether they use an MUA that downloads (for example, Microsoft Outlook) or whether they use a webmail MUA (for example, squirrelmail); and they can simply choose to use one MUA one day and the other MUA a few minutes later in mix and match style? If you run vmailmgr-assisted qmail-pop3d, Courier-IMAP, and (say) oMail, then yes, users will be able to use any method they like. By the way, all POP3 clients can be configured to leave mail on the server. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ --- _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: Help with qmail-smtpd logging
I'm no expert, but since I've just been setting up my own qmail, some of this is still freshly confusing for me! Did you remember to do all of the following? chmod +t /var/qmail/supervise/qmail-smtpd chown qmaill:nofiles /var/log/qmail/smtpd chmod 2700 /var/log/qmail/smtpd chmod 755 (both of your run files) From: Dave Fallon [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Help with qmail-smtpd logging Date: Wed, 27 Jun 2001 20:18:36 -0700 I have qmail, qmail-smtpd, and qmail-pop3d running on my system, all in default configurations (in /var/qmail/*, using daemontools/tcpserver, etc.). Qmail-pop3d is nicely running and logging things, but qmail-smtpd is dumping all messages to the console (tty1) - can anyone help me fix this? It's driving me nuts, as I obviously now have no log of what's going on with my smtp server. Here's the /service/qmail-smtpd/run script: #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -R -H -l 0 -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21 and the /service/qmail-smtpd/log/run script: #!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd and for comparison (the working config, I can read logfiles/whatnot) the qmail-pop3d/run and log/run files: #!/bin/sh exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -R -H -l 0 0 pop3 /var/qmail/bin/qmail-popup \ iron.tetsubo.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir 21 #!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t \ /var/log/qmail/pop3d Please note I'm not subscribed to the mailing list. Thanks for any help! dave _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Integrating the logs
I have my different daemons logging into the various log subdirectories via multilog. My problem now is integrating them so that I have a continuous line of activity from the beginning to end for a given email. For example, I can do a tail -f current log for qmail-pop3 while running tests. However, I would like to know what related activities are occurring in other logs for this same email test. I have pulled the following info about qmail-analog from the following length thread in the archives. It includes an example script. I cut/paste quickly, so not everyone gets the credit they deserve for their posts in this thread. I have at minimum two questions after reading all of the info below: 1) what are all the z... files in the example script? for ana in zoverall zddist zdeferrals zfailures zrhosts zsuids zrxdelay; 2) where is a real working example of qmail-mrtg? == I want to know how many messages were sent/failed etc. for a given period of time (say the last three days). I have done the following in both /var/log/qmail/qmail-send and /var/log/qmail/qmail-smtpd (I'll admit my ignorance and say that I don't know the difference between the two. Is qmail-send local deliveries and qmail-smtpd remote deliveries?): 1) Ran matchup on /var/log/qmail/qmail-send(smtpd)/current 2) Converted the matchedup version of current into human readable format using tai64nlocal 3) Pulled out dates for which I want to see log results from the file created above 4) Convert the data above to tai64 format using tai64n 5) Ran this data through zoverall to see qmailanalog results Regardless of whether I run it against /var/log/qmail/qmail-send or /var/log/qmail/qmail-smtpd I get the following: Completed messages: 0 Total delivery attempts: 0 Am I anywhere near doing this right? Here are my actual commands 1) cat /var/log/qmail/qmail-smtpd/current | /usr/local/qmailanalog/bin/matchup /var/log/qmail/qmail-smtpd/matchedup 2) cat /var/log/qmail/qmail-smtpd/matchedup | /usr/local/bin/tai64nlocal human_readable_current 3) vi human_readable_current (remove all unneeded data) 4) cat /var/log/qmail/qmail-send/human_readable_current | /usr/local/bin/tai64n tai64_current 5) cat ./tai64_current | /usr/local/qmailanalog/bin/zoverall overall_log No. qmail-smtpd is incoming mail via SMTP. qmail-send is all deliveries, local and remote. No. Instead of converting the tai64n timestamps to human-readable, you need to convert them to the fractional seconds (tai) that qmail-analog expects. You can do this with tai64n2tai, included in Bruce Guenter's qlogtools package if I remember correctly. His software is at untroubled.org. Thanks for the info Charles, but I'm confused. How do most of you folks pull out information from your logs? Log files generated by qmail are unreadable/unusable in the current (multilog) format. In order for them to make sense to me, and in order to sift them for specific dates I have to convert them to human readable format. I can do this with tai64nlocal. Once I have removed data that is not pertinent I then have to change them back into multilog format using tai64n, and then convert them into the older TAI64 format that qmailanalog understands, then run them through the qmailanalog scripts. Wow, that's a convoluted process using tools that until now had worked together to provide a graceful solution to my email needs. Thanks for the info Charles, but I'm confused. How do most of you folks pull out information from your logs? With qmail-analog, tai64nlocal, and less, in my case. Most people here probably use something similar. Log files generated by qmail are unreadable/unusable in the current (multilog) format. tai64n timestamps aren't supposed to be human readable. They're supposed to be easily parsable by programs. That's the whole point of tai64nlocal -- you log with tai64n timestamps, and if you want to read the log with human-readable timestamps, you do: tai64nlocal log | pager_of_choice Don't run the logs through tai64nlocal before they hit the disk. In order for them to make sense to me, and in order to sift them for specific dates I have to convert them to human readable format. No, it's much simpler than that. A program to filter a log with tai64nlocal timestamps for particular dates is trivial; Bruce's qlogtools probably includes one (though I haven't checked). After you've filtered them, you run it through tai64nlocal before reading it. Once I have removed data that is not pertinent I then have to change them back into multilog format using tai64n, and then convert them into the older TAI64 format that qmailanalog understands, then run them through the qmailanalog scripts. Don't remove any data. What isn't pertinent? qmail-analog needs all of the various data that qmail-send logs to be able to accurately summarize it. I have a script that runs every night to give me a summary of the day's
qmail-pop3 and vmailmgr
I am planning a qmail/pop3/vmailmgr/courier-imap/squirrelmail installation (with almost no user logins allowed on this host) and would appreciate guidance on one particular point at this time: In Life with Qmail, the following setup script is recommended: = 4. Create a /var/qmail/supervise/qmail-pop3d/run script containing: #!/bin/sh exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -R -H -l 0 0 110 /var/qmail/bin/qmail-popup \ FQDN /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir 21 where FQDN is the fully qualified domain name of the POP server you're setting up, e.g., pop.example.net. = FQDN is very clear if the Unix host is serving a single domain. However, what is recommended if the host is serving multiple virtual domains? I understand that this setup script is going to monitor port 110, but how will it know how to distribute from port 110 to the various virtual domains? I've been going through the www.vmailmgr.org documentation, but am thoroughly confused. Am I correct in thinking that the same user is going to be able to dynamically choose whether to download the email or leave the email on the server, depending on whether they use an MUA that downloads (for example, Microsoft Outlook) or whether they use a webmail MUA (for example, squirrelmail); and they can simply choose to use one MUA one day and the other MUA a few minutes later in mix and match style? Thanks in advance _ Get your FREE download of MSN Explorer at http://explorer.msn.com
