Re: Qpopper 2.53 remote problem
On Wed, 24 May 2000 13:33:11 -0600 (MDT), John Gonzalez/netMDC admin [EMAIL PROTECTED] said: N Are there any known exploits for 2.1b1? CUCIpop has been mentioned on this list before; small, fast, some nifty features, and I don't remember seeing any security warnings about it. ftp://ftp.informatik.rwth-aachen.de/pub/packages/cucipop/ -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] Instead of getting married again, I'm going to find a woman I don't like and give her a house.--Lewis Grizzard
Re: hack for filtering i love you worm
On Thu, 4 May 2000 19:28:32 -0400, "Searcher" [EMAIL PROTECTED] said: R Anyone can rename that .vbs to what ever they want and send it around R again so wouldn't it be more efficient to filter all .vbs attachments? The only safe way to handle this is to check any attachment for a Registry reference or an indication that Visual Basic is being run. Few if any legitimate attachments should be referring to the Registry, and all the mischief seems to be done via VB scripts. Unpacking an infected attachment (different virus) and running strings on it gave me the following: HKEY_CURRENT_USER\Software\Microsoft\Office\ VB_Nam VBProjectOh VBComponents temp\VBE C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VBA\VBA332.DLL \VBE\MSForms.EXD -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED]
Re: Qmail loading down Sun enterprise 450.
On Mon, 27 Mar 2000 10:53:27 -0600, Greg Moeller [EMAIL PROTECTED] said: G Normally it keeps up pretty good, but when there's heavy spamming it can G start to get behind with between 10,000 and 20,000 Email in the queue. If spamming is the main problem, have you looked into tarpitting? Date: Thu, 11 Feb 1999 10:32:36 -0500 To: [EMAIL PROTECTED] Subject: Tarpitting Message-ID: [EMAIL PROTECTED] From: Chris Johnson [EMAIL PROTECTED] There was some discussion a while back about tarpitting. If you don't know what that is (I didn't when it first came up), it's the process of inserting a small sleep in an SMTP session for each RCPT TO after some set number of RCPT TOs. The idea is to thwart spammers who would hand your SMTP server a single message with a long list of RCPT TOs. [...] See http://www.palomine.net/qmail/tarpit.patch. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED]
Spam bill passes House subcommittee
Some good news on the spam front, assuming any of this is enforceable... http://www.computerworld.com/home/print.nsf/CWFlash/000323CD6A 03/23/2000 The House Commerce Subcommittee on Telecommunications, Trade and Consumer Protection passed a bill today requiring spam to be identified as such and allowing individuals to sue spammers, according to a statement. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED]
Re: daemontools
On Thu, 02 Mar 2000 16:33:11 -0500, clifford thurber [EMAIL PROTECTED] said: C I am installing the daemontools package and reading the docs. I was C wondering if anyone is using this to monitor other services besides C qmail and if so anyone had any recomendations on configurations. I'm using daemontools + tcpserver to handle FTP services. We use the FreeBSD version of "ftpd" ported to Solaris, with all syslog() information going to stdout and then being handled by a modified version of cyclog. A modified version of the startup script from "Life with qmail" is used to start and stop the server. As soon as I'm happy with the script and logging setup, I'll do the same for telnet, pop, etc. and then shoot inetd in the head. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] What was the best thing before sliced bread? --George Carlin
Re: A complete log rolling reporting system? (off-topic)
X-PGP-Fingerprint: 8DF5 1D90 18EC A9EF 9EA6 4611 35F4 BC78 D558 F237 --text follows this line-- On Tue, 29 Feb 2000 16:20:04 -0500, "Mark E. Drummond" [EMAIL PROTECTED] said: M Solaris has a newsyslog (/usr/lib/newsyslog) but it would seem to be M relatively impotent compared to the tool you are talking about. It has M no config file, rather it is hard coded to roll /var/adm/messages and M /var/log/syslog only. Of course it can be modified pretty easily. I have the Linux program "logrotate" running under Solaris. Original source is at ftp://ftp.redhat.com/pub/redhat/code/logrotate/logrotate-3.3.tar.gz It handles pre- and post-rotate commands (like restarting syslogd if need be), optional compression, and optional mail notification. Very handy for non-cyclog/multilog applications. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] The typewriting machine, when played with expression, is no more annoying than the piano when played by a sister or near relation. --Oscar Wilde
Re: multilog datestamping
On Thu, 3 Feb 2000 08:26:33 -0600, Charles Cazabon [EMAIL PROTECTED] said: C Russ Allbery [EMAIL PROTECTED] wrote: Unfortunately, multilog still lacks, so far as I can see, the ability to limit by both space *and* time so that you can create clear reporting boundaries for log summaries. I'd love to have it roll to a new log after either one day or the size limit, whichever it hits first. C If I remember correctly, Bruce Guenter wrote a patch to allow one of the C loggers to do exactly this, by having it close and reopen its log upon C receipt of a HUP or some such signal. I have a modified version of cyclog called "daylog" which is used to write date-based logfiles. This was part of a project to make a loghost to collect syslog entries from four other production servers. The loghost includes a drastically stripped-down version of syslogd which is run via supervise. Syslogd reads input from the UDP port, strips the timestamp (if any), and spits it to stdout: syslogd | accustamp | tailocal | daylog /logs/daily The /logs/daily directory contains files in the form -mm-dd. Entries look like this: 2000-02-06 18:26:01.092417 p15 f1 c17mis some message here... "p15" and "f1" hold the priority and facility codes sent to syslog. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] EXCUSE FOR GETTING TO WORK LATE #9: I can't come to work today because the EPA has determined that my house is completely surrounded by wetlands and I have to arrange for helicopter transportation.
Re: Sendmail vs Qmail?
On Sat, 18 Dec 1999 18:00:47 GMT, Sam [EMAIL PROTECTED] said: S Troy Frericks writes: If somebody sent a memo to "A-project" and "Management-A", and I was a member of both lists, I would expect to receive two emails so I could get them archived in my appropriate mail folder (. I would hope you could disable this 'feature' in sendmail if you wanted. S You'll definitely think otherwise if you start getting three or four S copies of every memo. If duplicates are that much of a problem, use something like "formail" from the procmail package (or the moral equivalent from the maildrop package) to weed them out by checking the Message-ID. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED]
Re: AMaViS working ... almost
On Thu, 16 Dec 1999 17:46:16 -0500, "Chris L. Mason" [EMAIL PROTECTED] said: C Another big pain was that the /etc/magic file on Solaris is missing a C whole bunch of stuff which caused most archive formats to be C unrecognized, so I had to add a bunch to that (and swap bytes for C shorts!). A nice version of "file" with a greatly-expanded /etc/magic can be found at ftp://ftp.astron.com/pub/file/file-3.28.tar.gz -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED]
Re: quoted-printable encoding
On Thu, 25 Nov 1999 04:02:12 -0600 (CST), Masuo Gates [EMAIL PROTECTED] said: M Hello, Is there a patch to automatically decode quoted-printable and M remove the: M Content-Transfer-Encoding: quoted-printable M header? I don't know about a patch, but this Perl script does the trick for me. Fair warning: I've only tried it on English text. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] --- #!/usr/local/bin/perl # decode quoted-printable crap from mailing lists. use MIME::Decoder; $decoder = new MIME::Decoder 'quoted-printable' or die "unsupported"; $decoder-decode(\*STDIN, \*STDOUT); exit (0);
Re: Calendars (was Outlook Groupware Functions)
On Mon, 13 Sep 1999 02:54:58 +0200, Ruben van der Leij [EMAIL PROTECTED] said: R There's an open specification for a calendar file format, vCal, which is R used by Netscape^H^H^H^H^H^H^H^HIplanet for their calendar-thingy. Some references for anyone interested in this: http://people.redhat.com/pbrown/korganizer/korganizer-1.1.tar.gz Has a vCard/vCalendar C interface in the directory ./src/versit http://www.imc.org/pdi/vcal-10.ps vCalendar Exchange Format version 1.0, 18 Sept 1996 http://www.imc.org/rfc2445 Internet Calendaring and Scheduling Core Object Specification, Nov 1998 http://www.imc.org/rfc2446 iCalendar Transport-Independent Interoperability Protocol (iTIP) Scheduling Events, BusyTime, To-dos and Journal Entries http://www.imc.org/rfc2447 iCalendar Message-Based Interoperability Protocol (iMIP) http://www.research.digital.com/SRC/personal/Sanjay_Ghemawat/ical/ Source for Tcl/Tk-based ical program -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED]
Re: qmail and procmail
On Wed, 4 Aug 1999 12:49:56 -0400, [EMAIL PROTECTED] said: J What I'd like to also do is learn how to filter stuff thats not J specifically addressed to me with procmail. I've included a small .procmailrc file which does that below. You can add additional checks, and then make your final disposition decision based on how many "X-Spam" headers you end up with. Good spam and procmail information can be found here: http://www.best.com/~ariel/nospam/ http://www.hrweb.org/spambouncer/spambnc.tar.Z http://www-new.hrweb.org/spambouncer/proctut.shtml J ... it seems that procmail needs some tweaking to work with qmail. I've never had a problem using qmail with procmail, delivering to a regular mailbox. My ~/.qmail file looks like this: | preline /usr/local/bin/procmail If I want a copy of an outgoing message, I include the header "Bcc: vogelke-bcc" which makes use of the ~/.qmail-bcc file: | (preline /bin/cat; echo) $HOME/mail/sentmail This way, I see the actual message as created by qmail. I also like to keep track of messages I've sent recently (even if I don't need a copy of the whole thing), so I include the header "Bcc: vogelke-header" which makes use of the ~/.qmail-header file: | (preline formail -XFrom: -XSubject: -XDate: -XTo: -XMessage-ID: ; echo) $HOME/mail/SENT.`/bin/date +%Yw%W` All on one line, of course. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] The Uniform Commercial Code protects the innocent purchaser, but it is not a shield for the sly conniver, the blindly naive, or the hopelessly gullible. --Ruling in Atlas Auto Rental Corp. v. Weisberg, N.Y. City Civ. Ct. 1967 --- # Search path. PATH=/bin:/usr/bin:/usr/local/bin # Current directory while procmail is executing. All pathnames are # relative to this directory. MAILDIR=$HOME/mail # File containing error messages or diagnostics. If this file does not # exist, then said messages will be bounced back to the message sender. #LOGFILE=$MAILDIR/MAILLOG # If yes, keep an abstract of the From and Subject lines of each delivered # message, the folder it was delivered to, and the size of the message. # If no, skip this abstract. #LOGABSTRACT=yes # If on, describe actions of procmail in detail. #VERBOSE=on # Number of seconds before procmail zaps a lockfile by force. LOCKTIMEOUT=1 # Default shell and umask value. SHELL=/bin/sh UMASK=022 #-- # Flag anything not addressed to me. :0 f * !^TO_.*vogelke | formail -A "X-Spam: not addressed to me" # other rules here...
Re: cyclog, was *sigh* performance issues again. Please help!
On 28 Jul 1999 11:22:56 -0400, [EMAIL PROTECTED] (John R. Levine) said: J What do you do about daily or weekly log summaries? I still haven't J come up with a good way to do that with cyclog. I munged some of the cyclog code around to make it write to a file based on the current date. We use this for a loghost that holds syslog output from several other Unix systems. The listing is small, so it's enclosed below; it replaces cyclog.c. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] - #include sys/types.h #include sys/time.h #include "direntry.h" #include "substdio.h" #include "subfd.h" #include "exit.h" #include "sgetopt.h" #include "strerr.h" #include "scan.h" #include "fmt.h" #include "now.h" #define FATAL "daylog: fatal: " #define WARNING "daylog: warning: " void die_usage() { strerr_die1x(100,"daylog: usage: daylog dir"); } unsigned long size = 10240; char fn[20 + FMT_ULONG]; int safewrite(fd,buf,len) int fd; char *buf; int len; { int w; for (;;) { w = write(fd,buf,len); if (w 0) return w; strerr_warn4(WARNING,"unable to write to ",fn,", pausing: ",strerr_sys); sleep(60); } } void trace(x1) /* KEV */ char *x1; { strerr_sysinit(); if (x1) substdio_puts(subfderr,x1); substdio_puts(subfderr,"\n"); substdio_flush(subfderr); } char outbuf[1024]; substdio ssout; int flushread(fd,buf,len) int fd; char *buf; int len; { substdio_flush(ssout); return read(fd,buf,len); } char inbuf[1024]; substdio ssin = SUBSTDIO_FDBUF(flushread,0,inbuf,sizeof inbuf); void main(argc,argv) int argc; char **argv; { char *dir; char *fns; char ch; int fd; int flageof; int len; int opt; struct tm *t; unsigned long bytes; unsigned long lastnow; umask(022); while ((opt = getopt(argc,argv,"")) != opteof) switch(opt) { default: die_usage(); } argv += optind; dir = *argv; if (!dir) die_usage(); if (chdir(dir) == -1) strerr_die4sys(111,FATAL,"unable to chdir to ",dir,": "); flageof = 0; while (!flageof) { for (;;) { lastnow = now(); t = localtime(lastnow); fns = fn; len = fmt_ulong(fns,(unsigned long) (1900 + t-tm_year)); fns += len; *fns++ = '-'; len = fmt_uint0(fns,(unsigned int) (1 + t-tm_mon),2); fns += len; *fns++ = '-'; len = fmt_uint0(fns,(unsigned int) t-tm_mday,2); fns += len; *fns = '\0'; fd = open_append(fn); if (fd != -1) break; strerr_warn4(WARNING,"unable to create ",fn,", pausing: ",strerr_sys); sleep(60); } substdio_fdbuf(ssout,safewrite,fd,outbuf,sizeof outbuf); for (bytes = size;bytes 0;--bytes) { if (substdio_get(ssin,ch,1) 1) { flageof = 1; break; } substdio_BPUTC(ssout,ch); if (ch == '\n') break; } substdio_flush(ssout); while (fsync(fd) == -1) { strerr_warn4(WARNING,"unable to sync to ",fn,", pausing: ",strerr_sys); sleep(60); } fchmod(fd,0644); /* if it fails, too bad */ close(fd); } _exit(0); }
Re: Advantages with qmail and using reiserfs???
On Thu, 15 Jul 1999 14:38:44 -0700 (PDT), Troy Morrison [EMAIL PROTECTED] said: T We have a fairly ongoing problem with some of the users at work who T don't seem capable of cleaning out their INBOX, so they end up with T 100MB mail spools with 7000 messages in them. T I had theorized that chunking over the 100MB mailbox was slow, and that T using a maildir would be much faster, and it is except that with that T many messages, the OS slows down. That's a political problem rather than a technical one; a faster filesystem won't help because a bigger INBOX will put you back where you were. We ran into this several years ago when we started using NFS drives to share files on a 380-user intranet. The drives would fill, we'd nag people to clean their stuff up, and a day later they'd be full again. The only fix was to put all files older than (say) 6 months into a compressed archive elsewhere. If someone misses the file, they call and ask for it to be restored. Since it's sitting in a compressed archive, it's lots faster than getting a file back from tape. If a few people from the same division complain, my boss gets together with their boss and says, "For X dollars we'll buy Y Gbytes of space for your use only, it's automatically backed up for you every night, and YOU decide what to do when it fills up." -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] The genius of you Americans is that you never make any clear-cut stupid moves, only complicated stupid moves that leave us scratching our heads wondering if we might possibly have missed something. --Gamel Abdel Nasser
Re: Virus scanning with qmail+amavis (Take 2)
On Tue, 13 Jul 1999 13:41:19 -0400, "Adam D . McKenna" [EMAIL PROTECTED] said: A I think the best solution here is to scan for viruses *after* the mail A has been delivered. (Or possibly in a way that is transparent to the A MTA, which scans the file before it is written to disk). This takes the A responsibility away from the MTA. McAfee can already look inside Zip A files for viruses, adding the code to look in UUEncoded emails shouldn't A be much harder. This would be especially good for qmail because the A Maildir delivery format because each message would be a different file A and would be able to be scanned separately by the scanner. I'm trying some experiments along this line with a heavily-modified smap/smapd (from the TIS firewall toolkit) plus either qmail or sendmail. Here's a Cliff-notes version of the setup: 1. "smap" listens on port 25 for incoming mail, and stores each message in a given spool directory based on time. This directory changes every 30 seconds. The delivery log looks like this: 1999-07-13 18:40:30.157247 sd=(/smap0/a) 1999-07-13 18:41:00.174410 sd=(/smap1/a) 1999-07-13 18:41:30.189001 sd=(/smap0/b) 1999-07-13 18:42:00.205318 sd=(/smap1/b) 1999-07-13 18:42:30.230449 sd=(/smap0/c) 1999-07-13 18:43:00.283121 sd=(/smap1/c) 1999-07-13 18:43:30.358441 sd=(/smap0/d) 1999-07-13 18:44:00.364667 sd=(/smap1/d) The spool directories are /var/spool/smap0/[abcde...] and /var/spool/smap1/[abcde...]. 2. "smapd" follows 30 seconds behind "smap"; while "smap" is storing new messages in (say) /var/spool/smap0/b, "smapd" is scanning and handling final delivery of messages in /var/spool/smap1/a. This way, I could have smap0 and smap1 on separate devices. I use a number of queues just in case I want to stop the scanning process for some reason; this way, no one directory gets too full, and I can process an older directory knowing that nothing is writing to it at the time. 3. The scanning part is just a script run from smapd; we do all the virus checking on an NT box, but I wanted to see if I could catch viruses by breaking up MIME messages, running "strings" on binary-type attachments and looking for things like "HKEY" plus an indication that Visual Basic was being used. Most email viruses we've run into seem to rely on VB macros which mess around with the registry. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED]
Re: New qmail list et al
On Wed, 30 Jun 1999 21:45:46 -0600 (MDT), "Scott D. Yelich" [EMAIL PROTECTED] said: S Look at the source you say? I answer I'm not a programmer. You say S then I am not in a position to be installing qmail or any other mta in S the first place -- but, alas, who are you to say this when, in fact, I S am put in just this exact position. Let's step back for a minute and look at the bigger picture. Why do we have to put up with so much crappy software from certain large companies? Because, like it or not, they gained market share by putting up with what we'd call stupid questions. In a better world, users would be more willing to learn, but on this planet, some of them are just too spooked by the machine to even try, especially if they're trying to migrate from Microsloth. If they buy enough cars with the hood welded shut, I don't blame them for thinking that's the way all cars are built. I don't feel obligated to do their thinking for them, but I don't call them stupid, either; no one was born knowing this stuff. I treat MS refugees like someone climbing over the (former) Berlin Wall; asking them why they didn't get over faster is not productive and doesn't show them why "software that doesn't suck" is better. If I see too many questions from someone, I treat it like spam and press 'd' for delete. If I see an easy question I've answered or seen before, I send a canned reply which I store in ~/mail/replies. The procmail list sends out a "mini-faq" every 2-3 weeks (no more than 40-50 lines) which holds the main resources for learning that package; perhaps we could do the same? Or, better yet, ezmlm could do that for us by appending one line to the header or body of our postings; Quick help: Send mail with subject "minifaq" to [EMAIL PROTECTED] I've worked on a help-desk in the same organization since 1988, so I am in touch with the experience of getting the same questions a dozen times. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] Spock! That's negatory on "daisy dancing." You are out, repeat, out of character. Do you read me? Spock? --Bloom County
Re: Melissa Virus
On Mon, 29 Mar 1999 15:01:37 -0500, Mark E Drummond [EMAIL PROTECTED] said: M Here we have a serious problem folks. Sendmail had a "fix" out for M Melissa very shortly after it came out, and we are sitting pretty. I M made a big push here to move our org to qmail because qmail seemed to be M way superior. Now I am really ticked by my inability to write/use simple M rulesets to solve this problem. M If anyone knows how to insert a filter of some sort into the qmail M stream I'd love to hear about it, else I can see qmail getting the boot, M and I _really_ don't want to have to go back to sendmail! FWIW, I use procmail to handle local mail delivery and filtering. Here's my ~/.qmail file: | preline /usr/local/bin/procmail Some procmail rules for sanitizing mail in general (including a specific mail recipe for Melissa) can be found here: http://www.wolfenet.com/~jhardin/html-trap.procmail -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED]
Re: Sendmail for NT
On Thu, 25 Mar 1999 16:58:58 -0800, Kai MacTane [EMAIL PROTECTED] said: K "Bill Gates? Isn't he the guy who invented the Internet, back in 1995?" Nah, that was Al Gore. K shudder Ditto. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED] Dijon vu - the same mustard as before. --bumper sticker
Re: Rewriting the Date: field
Harald Hanche-Olsen wrote: H Why not use the Received: header fields for that purpose? On Mon, 08 Mar 1999 15:15:41 -0300, Juan Carlos Castro y Castro [EMAIL PROTECTED] said: J Those flocks of Received: are somewhat confusing, and what I want is J something that shows screaming in my face. The Date: field would be J ideal for that because Netscape can sort on it. The Date: line can be forged. I realize that this also applies to Received: lines, but all you can do is add a forgery, not prevent a server from adding a valid Received: line. Since the same argument applies to adding a special-purpose header via the user-agent, would it be better to (say) replace qmail-inject with a small filter that adds a header and then passes the message along to the real qmail-inject? The only advantage to this approach is not having to parse through multiple Received: lines. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED]
Re: 500.000+ users mailserver
On Wed, 03 Mar 1999 17:44:47 +0100, Krzysztof Dabrowski [EMAIL PROTECTED] said: K Hello. We are in the planing stage of a 500.000+ users mailserver (pop K smtp only, no shell's or anything). During our brainstorm we've came K to few questions: K We assume that every account will run on the same UID (to break 65k K uid's limit). If you're looking to handle this many mail accounts, I'd strongly recommend you use multiple servers. PCs aren't that expensive, especially since you don't need super-fast CPUs; you do need multiple fast drives and a decent network connection. If you had a "server farm" with (say) 10 PCs, you don't have to worry about UID limits, even with versions of Unix that don't support 32-bit UIDs. You also don't have to worry about putting all of your users out of business if one server goes down, and chores like backups become much easier. I don't know much about proxies; is there some nifty way for a user to connect to a large mail-server, have the server tell the user's machine "your mail is actually on server03", and then redirect the POP/SMTP requests to the correct PC without having all of the resulting traffic pass through one machine? This would allow you to load-balance by moving mail accounts around without inconveniencing the user. -- Karl Vogel ASC/YCOA, Wright-Patterson AFB, OH 45433, USA [EMAIL PROTECTED] or [EMAIL PROTECTED]