Re: Help me understand "allowed rcpthosts"
On Fri, May 12, 2000 at 02:51:12PM -0700, James wrote: > Chris Johnson wrote: > :What's the output of: > :/var/qmail/bin/qmail-showctl | grep '^SMTP clients may' > > The output is this: > SMTP clients may send messages to recipeints at localhost. > SMTP clients may send messages to recipeints at ns.vivid-eye.com. > SMTP clients may send messages to recipeints at www.vivid-eye.com. > SMTP clients may send messages to recipeints at [EMAIL PROTECTED] > SMTP clients may send messages to recipeints at vivid-eye.com. > > :And why disguise the domain? If you want to receive mail at this domain, > :it can't be that big a secret. > > I've always been warned not to give out information on a static domain > address (especially when requesting help on mail-lists) since this opens > the door for possible attacks on my system by unscrupulous lurkers of any > given mail-list. > > Do you "really" need the domain name? Ok, if so, you've noticed it's > vivid-eye.com. If you'd provided it in the first place it would have shortened this thread considerably: [cjohnson@shemp cjohnson]$ telnet www.vivid-eye.com 25 Trying 63.224.195.57... Connected to ns.vivid-eye.com. Escape character is '^]'. helo mail 220 ns.vivid-eye.com ESMTP 250 ns.vivid-eye.com mail from:<> 250 ok rcpt to:<[EMAIL PROTECTED]> 250 ok quit 221 ns.vivid-eye.com Connection closed by foreign host. So your host certainly appears to be willing to receive mail for this domain. Are you sure you're talking to 63.224.195.57 (which is what's listed as the MX for vivd-eye.com) when you do this test? Chris
Re: Help me understand "allowed rcpthosts"
Chris Johnson wrote: :What's the output of: :/var/qmail/bin/qmail-showctl | grep '^SMTP clients may' The output is this: SMTP clients may send messages to recipeints at localhost. SMTP clients may send messages to recipeints at ns.vivid-eye.com. SMTP clients may send messages to recipeints at www.vivid-eye.com. SMTP clients may send messages to recipeints at [EMAIL PROTECTED] SMTP clients may send messages to recipeints at vivid-eye.com. :And why disguise the domain? If you want to receive mail at this domain, :it can't be that big a secret. I've always been warned not to give out information on a static domain address (especially when requesting help on mail-lists) since this opens the door for possible attacks on my system by unscrupulous lurkers of any given mail-list. Do you "really" need the domain name? Ok, if so, you've noticed it's vivid-eye.com. Is my problem possibly located in the DNS setup? I've not had any problems with receiving email before, when I used sendmail. James
Re: Help me understand "allowed rcpthosts"
On Fri, May 12, 2000 at 02:35:11PM -0700, James wrote: > Chris Johnson wrote: > :So if you're getting that error, you don't have mydomain.com in > :control/rcpthosts. Look for spelling errors, stray characters, whatever. > > I've set up every way I can think of setting in my rcpthosts.. here > is what it contains (with the domain name changed): > __ > localhost > ns.my-domain.com > www.my-domain.com > [EMAIL PROTECTED] > my-domain.com > -- > > Will it mess things up to have multiple listings like this? How about the > - ? Will having a domain name with - in it mess things up? What's the output of: /var/qmail/bin/qmail-showctl | grep '^SMTP clients may' And why disguise the domain? If you want to receive mail at this domain, it can't be that big a secret. Chris
RE: Help me understand "allowed rcpthosts"
If you setup mail by following "Life with qmail" the smtpd logs are in /var/log/qmail/smtp if you are using tcpserver and following "life with qmail" it will show up there. It would still be helpful if you do not log smtp connections to show us an UNEDITED header of a mail that bounces and the contents of your rcpthosts file. If you have not read "life with qmail" I would suggest it as it is pretty good reading and will give you an incredible understanding of how qmail works along with a seamless install. -- Tim -Original Message- From: James [mailto:[EMAIL PROTECTED]] Sent: Friday, May 12, 2000 5:27 PM To: [EMAIL PROTECTED] Subject: RE: Help me understand "allowed rcpthosts" Tim Hunter wrote: :What we really need if you cannot figgure out the problem is a snippet :from your log of an example error, the exact contents of your rcpthosts :file. Which log? I've looked at /var/log/messages, /var/log/maillog, /var/log/qmail and none of those contain any errors pertaining to my allowed rcpthosts problem. The only message I get is from my returned mail which is this (the only thing I've changed here is my domain name): ___ ... while talking to www.mydomain.com.: >>> RCPT To:<[EMAIL PROTECTED]> <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) 550 5.1.1 <[EMAIL PROTECTED]>... User unknown --- I see the "User unknown" part.. but if I send a local mail (using inject) from root to james, it reaches james. Thanks for any help. James
Re: Help me understand "allowed rcpthosts"
Chris Johnson wrote: :So if you're getting that error, you don't have mydomain.com in :control/rcpthosts. Look for spelling errors, stray characters, whatever. I've set up every way I can think of setting in my rcpthosts.. here is what it contains (with the domain name changed): __ localhost ns.my-domain.com www.my-domain.com [EMAIL PROTECTED] my-domain.com -- Will it mess things up to have multiple listings like this? How about the - ? Will having a domain name with - in it mess things up? James
Re: Help me understand "allowed rcpthosts"
On Fri, May 12, 2000 at 02:02:38PM -0700, James wrote: > Ok, I might be getting a little closer. I have placed mydomain.com in my > rcpthosts long ago. I've rebooted the system since. When > [EMAIL PROTECTED] sends me an email, I still get the "that domain isn't > in my list of allowed rcpthosts" error. I'm not sure what else to set. That error can only be the result of a remote host saying: RCPT TO:<[EMAIL PROTECTED]> during the SMTP conversation and "mydomain.com" not being in control/rcpthosts. It's that simple. So if you're getting that error, you don't have mydomain.com in control/rcpthosts. Look for spelling errors, stray characters, whatever. Chris
RE: Help me understand "allowed rcpthosts"
Tim Hunter wrote: :What we really need if you cannot figgure out the problem is a snippet :from your log of an example error, the exact contents of your rcpthosts :file. Which log? I've looked at /var/log/messages, /var/log/maillog, /var/log/qmail and none of those contain any errors pertaining to my allowed rcpthosts problem. The only message I get is from my returned mail which is this (the only thing I've changed here is my domain name): ___ ... while talking to www.mydomain.com.: >>> RCPT To:<[EMAIL PROTECTED]> <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) 550 5.1.1 <[EMAIL PROTECTED]>... User unknown --- I see the "User unknown" part.. but if I send a local mail (using inject) from root to james, it reaches james. Thanks for any help. James
Re: Help me understand "allowed rcpthosts"
On Fri, 12 May 2000, James wrote: > Ok.. now I understand that "rcpthosts" contains "domains that we accept > mail for"Huh? Domains that we accept mail for? So, if I want to yes - your domains(s) (somedomain.com). > accept mail for [EMAIL PROTECTED] I have to have that specifically > in my rcpthosts? That's absurd. I know I must be confused about this. > So how do I get mail from any user in the world? > well if your email is [EMAIL PROTECTED], then you will want to accept mail for email addresses to somedomain.com (RCPT To:). thus it goes into rcpthosts. if you want to allow relaying from your local network, or anywhere else then you need to follow the FAQ in /var/qmail/doc/FAQ. this will tell u that u need to setup the tcp wrappers to set an environment variable (RELAYCLIENT) from ceratin hosts that will allow qmail to be used as a relay from these hosts. > All I want is to be able to get mail from anyone, but not allow them to > use my server as a relay (at this point) > > james > >
RE: Help me understand "allowed rcpthosts"
It really looks like a configuration/communication problem What we really need if you cannot figgure out the problem is a snippet from your log of an example error, the exact contents of your rcpthosts file. Please do not edit these at all if you wish to get a good answer. thanks, Tim -Original Message- From: Eric Cox [mailto:[EMAIL PROTECTED]] Sent: Friday, May 12, 2000 5:04 PM To: [EMAIL PROTECTED] Subject: Re: Help me understand "allowed rcpthosts" James wrote: > > I've been mulling through various how-to's and qmail help pages.. but I > still don't quite understand what rcpthosts is about. > > If I am wrong, correct me. rcpthosts is where you place the domain > addresses of the people you want to allow relaying. If this is correct, > then I understand that part. > > But.. what controls the ability for anyone to send me an email at > [EMAIL PROTECTED]? How does joe-blow send me an email?? How does relaying > and receiving mail relate to each other? All I want is to get mail from > anyone, but not have anyone use my server as a relay. If anyone is > sending me an email, I get this error: > > "reason: 553 sorry, that domain isn't in my list of allowed rcpthosts > (#5.7.1)" If you get this error when somene sends mail to a _local_ user, then qmail is confused about which domains are the local ones, and thinks that the recipent's domain is a remote one. It's saying to the SMTP client "hmm...the domain to which you are trying to send mail isn't in my control/locals file, so you must be asking me to relay a message to a remote host for you. Hold on, I'll check my control/rcpthosts file for permission to do that.Hey! That domain isn't in my control/rcpthosts file either! Get outa here you damn spammer!!!" > Of course, I have read up on the FAQ's and all this tells me is that I am > not allowing that domain ([EMAIL PROTECTED]) to use my server as a > relay, right? Nope, when someone tries to send mail to a local user, that's not relaying. I suspect the problem is that you do not have your local domain setup properly in control/locals, so qmail believes your local domain is really a remote one. Eric
Re: Help me understand "allowed rcpthosts"
James wrote: > > I've been mulling through various how-to's and qmail help pages.. but I > still don't quite understand what rcpthosts is about. > > If I am wrong, correct me. rcpthosts is where you place the domain > addresses of the people you want to allow relaying. If this is correct, > then I understand that part. > > But.. what controls the ability for anyone to send me an email at > [EMAIL PROTECTED]? How does joe-blow send me an email?? How does relaying > and receiving mail relate to each other? All I want is to get mail from > anyone, but not have anyone use my server as a relay. If anyone is > sending me an email, I get this error: > > "reason: 553 sorry, that domain isn't in my list of allowed rcpthosts > (#5.7.1)" If you get this error when somene sends mail to a _local_ user, then qmail is confused about which domains are the local ones, and thinks that the recipent's domain is a remote one. It's saying to the SMTP client "hmm...the domain to which you are trying to send mail isn't in my control/locals file, so you must be asking me to relay a message to a remote host for you. Hold on, I'll check my control/rcpthosts file for permission to do that.Hey! That domain isn't in my control/rcpthosts file either! Get outa here you damn spammer!!!" > Of course, I have read up on the FAQ's and all this tells me is that I am > not allowing that domain ([EMAIL PROTECTED]) to use my server as a > relay, right? Nope, when someone tries to send mail to a local user, that's not relaying. I suspect the problem is that you do not have your local domain setup properly in control/locals, so qmail believes your local domain is really a remote one. Eric
Re: Help me understand "allowed rcpthosts"
Kai wrote: :f you have the domains red.com and green.org, you just put the following :in rcpthosts: :red.com :green.org :.red.com :.green.org :The last two lines are only necessary if you're using subhost names, such :as mail.red.com or smtp.green.org. Ok, I might be getting a little closer. I have placed mydomain.com in my rcpthosts long ago. I've rebooted the system since. When [EMAIL PROTECTED] sends me an email, I still get the "that domain isn't in my list of allowed rcpthosts" error. I'm not sure what else to set. james
Re: Help me understand "allowed rcpthosts"
Ok.. now I understand that "rcpthosts" contains "domains that we accept mail for"Huh? Domains that we accept mail for? So, if I want to accept mail for [EMAIL PROTECTED] I have to have that specifically in my rcpthosts? That's absurd. I know I must be confused about this. So how do I get mail from any user in the world? All I want is to be able to get mail from anyone, but not allow them to use my server as a relay (at this point) james
Re: Help me understand "allowed rcpthosts"
At 5/12/2000 01:43 PM -0700, James wrote or quoted: >If I am wrong, correct me. rcpthosts is where you place the domain >addresses of the people you want to allow relaying. If this is correct, >then I understand that part. No, rcpthosts is where you place the list of hosts and domain names that *you want to receive mail for*. If your rcpthosts contains: .foobar.com whangdoodle.net wombat.mammal.org then you can receive mail for any address in the entire foobar com domain ([EMAIL PROTECTED] *and* [EMAIL PROTECTED], for example). You can also receive mail for any address @whangdoodle.net, and any address @wombat.mammal.org, but mail for, say, [EMAIL PROTECTED], or [EMAIL PROTECTED], will be rejected. >But.. what controls the ability for anyone to send me an email at >[EMAIL PROTECTED]? The rcpthosts file. >All I want is to get mail from anyone, but not have anyone use my server >as a relay. A good thing to desire. If you have the domains red.com and green.org, you just put the following in rcpthosts: red.com green.org .red.com .green.org The last two lines are only necessary if you're using subhost names, such as mail.red.com or smtp.green.org. Then, you can receive mail for any address in those domains, but nobody can send mail out through your server, except by using MUAs that are *on that server* (such as Elm, Mutt and Pine). If you need to allow remote users (say, using Windows mail clients) to send mail from your server, look at the stuff on selective relaying in Dave Sill's Life With Qmail, at http://Web.InfoAve.Net/~dsill/lwq.html#relaying . You might also want to see Dave's link to Chris Johnson's selective relaying guide, at http://www.palomine.net/qmail/relaying.html . - Kai MacTane System Administrator Online Partners.com, Inc. - From the Jargon File: (v4.0.0, 25 Jul 1996) finger trouble /n./ Mistyping, typos, or generalized keyboard incompetence (this is surprisingly common among hackers, given the amount of time they spend at keyboards). "I keep putting colons at the end of statements instead of semicolons", "Finger trouble again, eh?".
Help me understand "allowed rcpthosts"
I've been mulling through various how-to's and qmail help pages.. but I still don't quite understand what rcpthosts is about. If I am wrong, correct me. rcpthosts is where you place the domain addresses of the people you want to allow relaying. If this is correct, then I understand that part. But.. what controls the ability for anyone to send me an email at [EMAIL PROTECTED]? How does joe-blow send me an email?? How does relaying and receiving mail relate to each other? All I want is to get mail from anyone, but not have anyone use my server as a relay. If anyone is sending me an email, I get this error: "reason: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)" Of course, I have read up on the FAQ's and all this tells me is that I am not allowing that domain ([EMAIL PROTECTED]) to use my server as a relay, right? But I don't care, at this point, that he can't use my server as a relay.. all I want is to get his mail. I don't want him to use my server as a relay, but I do want to get his mail in my Mailbox. How come I can't get his mail? James
