re: relaying
Hi, Is there a way to turn relay a message off a server that has qmail installed? I was trying to send a mail via Net:SMTP through the mail server (QMAIL) but it doesn't seem to do anything. If there is a solution, could anybody give me a detailed way of configuring this set-up? Thanks.
re: relaying
what's exactly your problem ? try telnetting the server and do a smtp conversation by hand if it works, the problem has to searched by perl, if this doesn't work either, tell us some details about your configuration and especially your logs At 13:46 13.07.2001 -0700, ed lim wrote: Hi, Is there a way to turn relay a message off a server that has qmail installed? I was trying to send a mail via Net:SMTP through the mail server (QMAIL) but it doesn't seem to do anything. If there is a solution, could anybody give me a detailed way of configuring this set-up? Thanks. -- Lukas Maverick Beeler / Telematiker Project: D.R.E.A.M / every.de - Your Community Web: http://www.projectdream.org Mail: [EMAIL PROTECTED]
Re: Relaying problem
qmail [EMAIL PROTECTED] wrote: I recently set up a second totally basic qmail installation intented for sending only for a particular project. The return address for bounces and replies is an address on the main server. Fine. Problem. I am getting a lot of bounces that from other services that accuse my system of relaying. Why are they refusing my messages? I suspect it is something to do with having a reply address on a different server. Anybody know for sure? Give us an example of one of the bounces. If they're doing this, they're refusing much legitimate mail (as they are with yours). Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ ---
Re: Relaying problem
On Wed, Jul 04, 2001 at 03:37:31PM +, qmail wrote: A typical bounce message looks like this... Hi. This is the qmail-send program at mms-research3.marketingms.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: 64.75.34.135 does not like recipient. Remote host said: 554 [EMAIL PROTECTED]: Recipient address rejected: Relay access denied Giving up on 64.75.34.135. This is not your problem. The DNS says that 64.75.34.135 is a mail exchanger for quest.net, and yet when you try to deliver quest.net mail to 64.75.34.135, that host claims that it doesn't receive mail from that domain, so as far as it's concerned you're trying to relay mail to quest.net through it. Either 64.75.34.135 is misconfigured, or quest.net's DNS is misconfigured. There's nothing you can do about that. Chris PGP signature
Re: Relaying advice
I need to provide users with the ability to send mail to anywhere. But since that can make my server an open relay, i was thinking of a solution where a user must receive mail before sending, thus proving that he can use the server for relaying. you need of vpopmail http://inter7.com/vpopmail/ se you succeed to install it on a Slack 7.0, tell me, please i don't succeed to install it on my distro hte roberto
Re: Relaying advice
Rodrigo Borges Pereira [EMAIL PROTECTED] wrote: I need to provide users with the ability to send mail to anywhere. But since that can make my server an open relay, i was thinking of a solution where a user must receive mail before sending, thus proving that he can use the server for relaying. What you're looking for is selective relaying. tcpserver can let you do this for fixed IP addresses. If you need it for dynamic/roaming users, the best solution is Bruce Guenter's relay-ctrl, which you can find from qmail.org. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: Relaying advice
On Wed, May 16, 2001 at 09:51:19PM +0200, Roberto Marzialetti wrote: I need to provide users with the ability to send mail to anywhere. But since that can make my server an open relay, i was thinking of a solution where a user must receive mail before sending, thus proving that he can use the server for relaying. you need of vpopmail Sorry, this is nonsense. You need either one of the SMTP-AFTER-POP solutions from qmail.org (relay-ctl for example) or a SMTP AUTH patch - or both. Clients need to support SMTP AUTH if this is the way you want to go. -- * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de * * Roedingsmarkt 14, 20459 Hamburg, Germany * Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
RE: Relaying advice
i guess i'll go for relay-ctrl, as also suggested by Charles Cazabon. Anyway, i'll search for info on SMTP AUTH too, who knows if it might come handy some day. Thank u all for the advice, relay-ctrl here i go :) -Original Message- From: Henning Brauer [mailto:[EMAIL PROTECTED]] Sent: quarta-feira, 16 de Maio de 2001 22:36 To: [EMAIL PROTECTED] Subject: Re: Relaying advice On Wed, May 16, 2001 at 09:51:19PM +0200, Roberto Marzialetti wrote: I need to provide users with the ability to send mail to anywhere. But since that can make my server an open relay, i was thinking of a solution where a user must receive mail before sending, thus proving that he can use the server for relaying. you need of vpopmail Sorry, this is nonsense. You need either one of the SMTP-AFTER-POP solutions from qmail.org (relay-ctl for example) or a SMTP AUTH patch - or both. Clients need to support SMTP AUTH if this is the way you want to go. -- * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de * * Roedingsmarkt 14, 20459 Hamburg, Germany * Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
Re: Relaying and changing servers
Ryan Pape [EMAIL PROTECTED] wrote: I'm moving all mail hosting from one server to another. I will stop SMTP on server 1, move users mail to server 2, change DNS, start SMTP on server 2. However, any mail sent in the time server1 is not receiving mail will be remotely QUEUED. I don't want the mail to be ultimately delivered on server1 ever again, because the users will be checking server2. Instead, set up server 2 now, and have it send all mail for your domain to server 1 (if you want to keep serving users out of that machine) using smtproutes. Then, once DNS changes have had a chance to propagate, you can have server 2 handle the mail locally, and switch your users over. Or, How do I need to setup qmail on server1 to relay messages on to server2. Set them up in rcpthosts but not in virtualdomains? If it's in rcpthosts but not locals or virtualdomains, it will do this by MX. You'll probably want to add an smtproutes entry to get it to send the mail to server 2. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: relaying
On Sun, Mar 04, 2001 at 02:03:21PM -0800, Rohit Gupta wrote: Hello all Gurus I wish to relay to all hosts... i am already authenticating users from tcpserver but is there any way that i dont have to specify hosts , for which i can act as a relay , in the RCPTHOSTS file but simpy relay for ALL Remove the rcpthosts file. Are you sure this is what you want? Greetz, Peter.
RE: relaying
Hi, Rohit Gupta wrote: ...snip... I wish to relay to all hosts... ...snip... if this is not an internal only mailserver you are likely to run into big troubles :) alexander
Re: relaying
"Rohit Gupta" [EMAIL PROTECTED] writes: I wish to relay to all hosts... Soon, you will feel differently. Either you'll think better of this before you implementit, or else you will go ahead and implement it, be found by spammers, get 10 million bounce messages, and get added to ORBS, the RSS, and maybe the RBL. I suggest the first course -- pay attention to the other messages already posted in this thread, and don't do it. -- David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED] SF: http://www.dd-b.net/dd-b/ Minicon: http://www.mnstf.org/minicon/ Photos: http://dd-b.lighthunters.net/
RE: relaying problem, please help
hi, Peter Brezny wrote: I have virtual domains configured using vpopmail and sqwebmail, they are able to send mail to other domains hosted on the bsd 4.2 system i am using to run these mail programs, however they are not allowed to send mail out to other domains on the internet. ...snip... exec softlimit -m 200 tcpserver -H -R -x /home/vpopmail/etc/tcp.smtp.cdb \ -c20 -u81 -g81 0 smtp rblsmtpd qmail-smtpd 21 i am using neither vpopmail nor sqwebmail, so from my general point of understanding (i hope i did), the content of /home/vpopmail/etc/tcp.smtp.cdb is crucial here. since mail to your local domains is accepted, your control-files seem to be well done. you have to put hosts and/or networks you trust into tcp.smtp and generate the tcp.smtp.cdb file. in commandline-world you would do that with vi (or something else - pls do not flame) and with tcprules. i don't know, if vpopmail and/or sqwebmail provide some interfaces for that. hope that helps alexander
Re: relaying restrictions
At 10:22 AM 2/7/2001, [EMAIL PROTECTED] wrote: please read life with qmail by dave sill @ http://www.lifewithqmail.org your looking for something called tcp.smtp ~kurth Hi If anyone could point me in the right direction I would appreciate it. I would like qmail to relay for a user if he/she comes from an allowable IP address and/or from an allowable domain. Right now the server is only allowing relaying for people within allowable IP ranges and from one specific domain. Would I need the whole list of domains we host along with their users corresponding ip address ranges in the tcp.smtp and relaymailfrom files? i would like to set relaying up based almost exclusively on ip address ranges, with the exception of allowing relaying from one particular domain. ideas? thanks brendan
Re: relaying by domain
Have you considered authenticated SMTP? That way clients would have to I hadn't. Thanks. I will look into it as well.
Re: relaying by domain
As you have noted, it's a terrible idea but if you insist http://www.palomine.net/qmail/relaymailfrom.html [ found from http://www.qmail.org/top.html ] Thanks for this. I am going to try Aaron's suggestion of forcing pop before smtp and inserting the roaming ip for a period if it fails out then I will resort to this last.
Re: relaying by domain
I don't think you've considered all the choices. A POP-before-SMTP solution would be as effective, but much more secure. Try Bruce Guenter's relay-ctrl package, which you can find from a link on www.qmail.org. As was pointed out by another poster. I guess it is because I did not know it was possible for a pop before smtp solution but it definitely a much better solution.
Re: relaying by domain
Well Then U have No option other than using pop b4 smtp :) E ksemat writes: On Wed, 3 Jan 2001 [EMAIL PROTECTED] wrote: Have U tried the rcpthosts file, that shld do the trick. E Systems Engineer Infocom Uganda Limited Tel:077409672 or 075409672 Well if you had looked at my question you could see that I can't possibly put every domain in the world in my rcpthosts file. here is an example: The domain is domain1.co.ug and it is in rcpthosts: telnet smtp.server 25 220 smtp.server ESMTP helo domain1.co.ug 250 smtp.server mail from:[EMAIL PROTECTED] 250 ok rcpt to: [EMAIL PROTECTED] 553 sorry, that domain isn't in my list of allowed rcpt hosts (#5.7.1) Thus you see the recipients would all have to be in rcpt hosts which is just not workable. I am talking about relaying and not acting as a secondary mx for a domain. Systems Engineer Infocom Uganda Limited Tel:077409672 or 075409672
Re: relaying by domain
Actually I have some options including a patch to qmail-smtpd so that it can relay using envelope sender addresses with tarpitting I think this could be reasonably safe. because I can't guarantee that all my users will pop before smtp besides outlook express has an annoying habit of sending queued messages before fetching mail at times. On Thu, 4 Jan 2001 [EMAIL PROTECTED] wrote: Well Then U have No option other than using pop b4 smtp :) E ksemat writes: On Wed, 3 Jan 2001 [EMAIL PROTECTED] wrote: Have U tried the rcpthosts file, that shld do the trick. E Systems Engineer Infocom Uganda Limited Tel:077409672 or 075409672 Well if you had looked at my question you could see that I can't possibly put every domain in the world in my rcpthosts file. here is an example: The domain is domain1.co.ug and it is in rcpthosts: telnet smtp.server 25 220 smtp.server ESMTP helo domain1.co.ug 250 smtp.server mail from:[EMAIL PROTECTED] 250 ok rcpt to: [EMAIL PROTECTED] 553 sorry, that domain isn't in my list of allowed rcpt hosts (#5.7.1) Thus you see the recipients would all have to be in rcpt hosts which is just not workable. I am talking about relaying and not acting as a secondary mx for a domain. Systems Engineer Infocom Uganda Limited Tel:077409672 or 075409672
Re: relaying by domain
Have you considered authenticated SMTP? That way clients would have to verify themselves each time they sent out a message, similar to the POP login procedure. There is a very good patch for qmail that enables the ESMTP AUTH command, written by Krzysztof Dabrowski, available at www.qmail.org/top.html. Personally I think that ESMTP AUTH is a much cleaner way of doing things than SMTP-after-POP, and most major mail clients support it, including Outlook and Outlook Express. ---Kris
Re: relaying by domain
Have U tried the rcpthosts file, that shld do the trick. E ksemat writes: Hello everyone, Sorry for putting this on the list if it has already been answered however I checked the archives and failed to get an answer to it and although I have read 5.4 in the FAQ it does not help me much. I am using tcpserver and I have set up qmail and done relaying as instructed in the FAQ however the /etc/tcp.smtp file only accepts realying by ip address yet I would like to do it by domain name i.e I have say domain.org hosted by my server and I want the users for this domain to use my server as their smtp server however their ips keep changing and they wander a lot thus I would like to relay by domain kind of the equivalent of relay-domains in sendmail. i.e as long as the from line is [EMAIL PROTECTED] then my server should allow relaying for that domain. I know the dangers but I really have no choice in this matter. Please help. I have tried putting domain names in the place of ips in /etc/tcp.smtp but it has not worked. regards, Sematmba Noah [EMAIL PROTECTED] Systems Engineer Infocom Uganda Limited Tel:077409672 or 075409672
Re: relaying by domain
On Wed, Jan 03, 2001 at 06:32:14PM +0300, ksemat wrote: instructed in the FAQ however the /etc/tcp.smtp file only accepts realying by ip address yet I would like to do it by domain name i.e As you have noted, it's a terrible idea but if you insist http://www.palomine.net/qmail/relaymailfrom.html [ found from http://www.qmail.org/top.html ] james -- James Raftery (JBR54) "Managing 4000 customer domains with BIND has been a lot like herding cats." - Mike Batchelor, on [EMAIL PROTECTED]
Re: relaying by domain
ksemat [EMAIL PROTECTED] wrote: I am using tcpserver and I have set up qmail and done relaying as instructed in the FAQ however the /etc/tcp.smtp file only accepts realying by ip address yet I would like to do it by domain name [...] I know the dangers but I really have no choice in this matter. I don't think you've considered all the choices. A POP-before-SMTP solution would be as effective, but much more secure. Try Bruce Guenter's relay-ctrl package, which you can find from a link on www.qmail.org. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: relaying by domain
Sorry for putting this on the list if it has already been answered however I checked the archives and failed to get an answer to it and although I have read 5.4 in the FAQ it does not help me much. I am using tcpserver and I have set up qmail and done relaying as instructed in the FAQ however the /etc/tcp.smtp file only accepts realying by ip address yet I would like to do it by domain name i.e I have say domain.org hosted by my server and I want the users for this domain to use my server as their smtp server however their ips keep changing and they wander a lot thus I would like to relay by domain kind of the equivalent of relay-domains in sendmail. i.e as long as the from line is [EMAIL PROTECTED] then my server should allow relaying for that domain. I know the dangers but I really have no choice in this matter. Please help. I have tried putting domain names in the place of ips in /etc/tcp.smtp but it has not worked. What you are proposing is impossible, because you are confusing IP/RDNS with the users envelope-sender which cant be detected with TCPSERVER. Besides you do NOT want use the envelope-sender as a relay authenticator, TRUST ME! Far better solution is to search the archives for other more reliable methods, some of them is found here http://www.palomine.net/qmail/relaying.html and this document is worth reading to get a better perspective on relaying. If you still will not listen to reason, there are patches to qmail-smtpd that I believe do just what you want is also included in on this page :) MVH André Paulsberg
Re: Relaying on qmtpd
David Dyer-Bennet [EMAIL PROTECTED] wrote: Is there any reason I should ever enable relaying of messages arriving via qmtp? All the smtp relay cases I have are for clients submitting mail; currently no clients that I know of can submit via qmtp. So no need? This may be jumping the gun, but I imagine Bruce Guenter might just right a qmtp module for nullmailer to go alongside the existing qmqp and smtp modules. He's mentioned on this list once that it would not be an enormous effort. If you have workstations/clients with no need for an SMTP daemon of their own, nullmailer is an excellent choice for an MTA. In the hypothetical future case where some client did submit outbound mail via qmtp, would I ever want a different list of relaying IP's for qmtp than for smtp? For future generality, should I be using the same cdb for both? In general I would say yes, but I can see at least one possible condition which would make you want two separate configurations. If you use Dan's idea of setting the RELAYCLIENT variable to "@fixme" to fix up borken SMTP client conversations (early Eudora, etc), you would probably want to skip it for qmtp clients -- at least until someone perpetrates a braindead qmtp client upon us. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: Relaying on qmtpd
On Wed, Jan 03, 2001 at 04:13:09PM -0600, Charles Cazabon wrote: This may be jumping the gun, but I imagine Bruce Guenter might just right a qmtp module for nullmailer to go alongside the existing qmqp and smtp modules. He's mentioned on this list once that it would not be an enormous effort. Unless I'm misreading the QMTP spec, you can use the qmqp protocol module with it. Just put "qmqp --port=209 remote" in the remotes config file. -- Bruce Guenter [EMAIL PROTECTED] http://em.ca/~bruceg/ PGP signature
Re: Relaying with xinetd
I'm not quite sure what you mean, but if you are asking how do you make
xinetd relay, then it is really simple. You must use the only_from option
and the env option The important one is the env option. My smtp thing
looks like this:
# default: on
service smtp
{
disable = no
socket_type = stream
protocol= tcp
wait= no
user= qmaild
server = /var/qmail/bin/tcp-env
server_args = /var/qmail/bin/qmail-smtpd
only_from = 192.168.0.0
env = RELAYCLIENT=""
}
- Original Message -
From: "Kari Suomela" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, December 30, 2000 6:49 PM
Subject: Relaying with xinetd
I have Qmail working basically fine with Xinetd, but cannot figure out
how to eliminate rcpthosts. Do I really need tcpserver for that?
KS
É»
º KARICO Business Services º
º Toronto, ON Canada http://www.ksbase.com º
ȼ
... Never straighten a good waistline.
Re: Relaying only
On Sun, 24 Dec 2000, Andy Furnell wrote: Hello, Is there a specific way of configuring qmail so that it will only act as a relay/spooling server for backup MX. (ie. when the main server goes down, this one has the next highest DNS MX Pref and holds the mail until the destination server goes back up). I've given the docs a brief looking over, but can't find anything too specific. put the domain name in /var/qmail/control/rcpthosts e.g. if the DNS has: mail.example.com IN MX 10 primary.example.com. IN MX 20 secondary.example.net. then rcpthosts on secondary.example.net. needs a line: mail.example.com so it knows to accpt mail for that domain. As it is not in 'locals' qmail qill then know that it needs to forward mail using SMTP. RjL
Re: relaying?
It should be an IP address. On Wed, 20 Dec 2000, Kurth Bemis wrote: ok well with the qmail-smtp problems outta the way i am confused about relaying rules this is my /etc/tcp.smtp file 127.0.0.1:allow,RELAYCLIENT="" g4.net:allow,RELAYCLIENT="" however this does not work...when i send mail to [EMAIL PROTECTED] i get this message Can't send to ". The server gives this reason: '553 sorry, that domain isn't in my list of allowed rcpthosts(#5.7.1)'. as i understand it rcpthosts is the file that holds all the domains that you have on your machine. can somebody point me in the right direction? ~kurth Kurth Bemis - Network/Systems Administrator, USAExpress.net/Ozone Computer People disagree with me. I just ignore them. -- Linus Torvalds, regarding the use of C++ for the Linux kernel [EMAIL PROTECTED] | http://www.usaexpress.net/kurth PGP key available - http://www.usaexpress.net/kurth/pgp Fight Weak Encryption! Donate your wasted CPU cycles to Distributed.net (http://www.distributed.net)
Re: Relaying Question (Wait! I read the FAQ and searched the archives)
On Tue, Nov 28, 2000 at 11:12:45PM -0800, [EMAIL PROTECTED] wrote: I setup the anti-relaying rules all fine and dandy according to the FAQ with tcpserver.. Everything works fine, *but* i need the ability to filter by DNS hostmask and IP address.. I tried the following test: This setup works: 209.142.1.150:allow,RELAYCLIENT="" :allow This setup does NOT work: vadept.com:allow,RELAYCLIENT="" :allow I need the ability to just wildcard IP's based upon their DNS lookup, I know I can enable paranoid mode to cut down on the spoofing, but will the current anti-relaying rules support a *.vadept.com rather than about 150-200 class C's? Presume your tcpserver invocation is simple: tcpserver 0 smtp qmail-smtpd Insert a call to a script like so: tcpserver 0 smtp shouldirelay qmail-smtpd. Create a script "shouldirelay" that does two things: 1. Uses ucspi-tcp environment variables to decide if RELAYCLIENT should be set. man tcp-environ for details. 2. execs the arguments in $@. PGP signature
Re: Relaying
On Thu, 2 Nov 2000, [EMAIL PROTECTED] wrote: and did tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.temp /etc/tcp.smtp also kill -HUP qmail-send but relaying still fails What could be missing here? Are you calling tcpserver with -x /etc/tcp.smtp.cdb ? (From /var/qmail/supervise/qmail-smtpd/run if you are installing as per LWQ). You might also want to try killall -HUP tcpserver or simply /etc/rc.d/init.d/qmail restart (if using LWQ and the SysVInit approach) Brett. -- "Hey, I know this! This is Unix!" - Jurassic Park
RE: relaying
hi, max wrote: I cant stop it from relaying. I read something in the documentation, and it mentioned some variable named $RELAYCLIENT, but i have no clue where that variable is. Is my assumption correct, anyway? Is that var the only thing i have to change to stop relaying? put domains you want to receive mails for into ~/qmail/controls/rcpthosts and magicaly qmail will stop to relay. and now what with clients who want to send mail to other domains in the internet? here is the point $RELAYCLIENT appears. assuming you start qmail-smtpd with tcpserver, you have to put the ip's of your clients to /etc/smtp.tcp. e.g.: 127.0.0.:allow,RELAYCLIENT="" 172.16.10.:allow,RELAYCLIENT="" :allow convert them with tcprules and call tcpserver with arg -x /etc/tcp.smtp.cdb. man tcpserver and man tcprules will help. i also would suggest dave sill's excelent "life with qmail" for reading http://web.infoave.net/~dsill/lwq.html ;) a
Re: relaying
max [EMAIL PROTECTED] writes on 1 November 2000 at 07:06:44 -0500 im new to qmail and i have a slight problem with it. I cant stop it from relaying. I read something in the documentation, and it mentioned some variable named $RELAYCLIENT, but i have no clue where that variable is. Is my assumption correct, anyway? Is that var the only thing i have to change to stop relaying? No, that var is what you have to change to *allow* relaying. And you probably need to allow *some* relaying; people using POP to read their mail generally need an SMTP server to relay through for outbound as well. What you need to do to stop relaying is create the control/rcpthosts file, and list in it the hosts you want to accept mail for. Normally what you put in rcpthosts is the host names from locals plus the host names from virtualdomains. That's it; having defined which host names are handled by this mail server, everything else is rejected. Now, as I say, you probably *need* to support some relaying. Hosts on the lan, and any other hosts that should be allowed to use you as a "smart host" (which means relay through you) need to be identified. You do that by having tcpserver recognize their IP addresses set RELAYCLIENT before invoking qmail-smtpd. Then those specific IP addresses will be allowed to relay through you, but no other senders will; this, *selective* relaying. All this is explained in great and exact detail in Life With Qmail and also in the FAQ, by the way. -- David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED] SF: http://www.dd-b.net/dd-b/ Minicon: http://www.mnstf.org/minicon/ Photos: http://dd-b.lighthunters.net/
Re: Relaying test on abuse.net postive!?
don't worry about test nr. 6, it is testing a known weakness in old sendmail versions that qmail is not subject to (sendmail would treat % as a special sign). The reason why it appears to fail is that qmail interprets the RCPT address correctly and thus the mail is for a localy controled domain, for which relaying is allowed :) If you are in doubt see the output of the test i did below. Ofcause the server accepts the RCPT since it is for localhost (the message might bounce though, but that is another issue :) /Martin SNIP Connecting to mother.mbj.dk for anonymous test ... 220 Lets send some mail :) ESMTP HELO www.abuse.net 250 Lets send some mail :) Relay test 1 RSET 250 flushed MAIL FROM:[EMAIL PROTECTED] 250 ok RCPT TO:[EMAIL PROTECTED] 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) Relay test 2 RSET 250 flushed MAIL FROM:spamtest 250 ok RCPT TO:[EMAIL PROTECTED] 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) Relay test 3 RSET 250 flushed MAIL FROM: 250 ok RCPT TO:[EMAIL PROTECTED] 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) Relay test 4 RSET 250 flushed MAIL FROM:[EMAIL PROTECTED] 250 ok RCPT TO:[EMAIL PROTECTED] 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) Relay test 5 RSET 250 flushed MAIL FROM:spamtest@[195.215.112.237] 250 ok RCPT TO:[EMAIL PROTECTED] 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) Relay test 6 RSET 250 flushed MAIL FROM:[EMAIL PROTECTED] 250 ok RCPT TO:[EMAIL PROTECTED] 250 ok SNIP Leonard Tulipan wrote: So, after my hassle with RELAYCLIENT, and us beeing used as a spam relay, I tested the new setup with http://www.abuse.net/relay.html Now the thing ist, that relay test number six still goes thru. Is this some issue? Did I do something wrong? citing abuse.net: Relay test 6 RSET 250 flushed MAIL FROM:spamtest@[193.154.31.82] 250 ok RCPT TO:relaytest%abuse.net@[193.154.31.82] 250 ok Relay test result Hmmn, at first glance, host appeared to accept a message for relay. end cite Any help/info appreciated Leo
Re: Relaying test on abuse.net postive!?
Quoting Leonard Tulipan ([EMAIL PROTECTED]): Now the thing ist, that relay test number six still goes thru. Is this some issue? Did I do something wrong? Yes, you did. You failed to read the web page, especially the bold blinking text. Aaron - THIS MAY OR MAY NOT MEAN THAT IT'S AN OPEN RELAY. Some systems appear to accept relay mail, but then reject messages internally rather than delivering them, but you cannot tell at this point whether the message will be relayed or not. If it is really an open relay, the test message will be delivered to you. If you do not receive the test message in your e-mail in the next few hours, it IS NOT an open relay.
Re: Relaying control
Gustavo Schroeder [EMAIL PROTECTED] wrote: But in qmail, i'm a little bit confused, as i read in Dave Sill's Life with Qmail, "If you follow the installation instructions in this document, selective relaying will be enabled by default. To give a client relay access, add an entry to /etc/tcp.smtp like: IP address of client:allow,RELAYCLIENT="" Then rebuild the SMTP access database by doing: tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp /etc/tcp.smtp chmod 644 /etc/tcp.smtp* OK, but I don't have /etc/tcp.smtp I only have the file /etc/tcprules.d/qmail-smtp and /etc/tcprules.d/qmail-smtp.cdb Right, because you didn't follow the LWQ installation instructions, but perhaps installed RPM's that set it up differently. [root@localhost]# more /etc/tcprules.d/qmail-smtp 127.0.0.1:allow,RELAYCLIENT="" 192.168.15.200:allow,RELAYCLIENT="" [root@localhost]# ps ax|grep qmail-smtp.cdb 877 pts/0S 0:00 tcpserver -v -c40 -x /etc/tcprules.d/qmail-smtpd.cdb -u100 -g502 0 smtp qmail-smtpd I understand that qmail-smtpd is using the file qmail-smtpd.cdb for relay control, right? Right. So i decided to test in another IP. The IP was 192.168.15.201, and i sent a message trough qmail host sucessfully. So what did you do, exactly? *How* did you add in the IP? *How* did you send the test message? From which host you send it? What I don't understand is: How come I could send mail from a different IP listed in qmail-smtp if /etc/tcprules.d/qmail-smtp is set for allowing relay to loopback and my machine only? I could only guess without more details. I'm not in a guessing mood. How can I correct this situation? Provide more information. Am I missing something crucial? Almost certainly. -Dave
Re: relaying
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28 Sep 2000, at 19:20, Alan Chung wrote: I am trying to setup some relaying for tcp.smtp server. Can I put domain name instead of IP address in /etc/tcp.smtp-rules? No, unless you do some serious patching. And do I need to add an entry in /var/qmail/control/rcpthosts for those relaying too? I don't understand the question; if RELAYCLIENT is set, rcpthosts is ignored. If you want to receive e-mail *from* those people, RELAYCLIENT is what you need, no changes to rcpthosts. If you want to receive e- mail *for* those people, add their domain names to rcpthosts. These two changes are completely independent. -BEGIN PGP SIGNATURE- Version: PGP 6.5.2 -- QDPGP 2.61a Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOdMPClMwP8g7qbw/EQI3UwCfW6PwIyPkHXxRGT+gMff3ya5vmTwAoPhX kzNkLOtwLqTVtuTQQSX9cLlD =MZEJ -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: relaying
On Thu, 28 Sep 2000, Petr Novotny wrote: On 28 Sep 2000, at 19:20, Alan Chung wrote: I am trying to setup some relaying for tcp.smtp server. Can I put domain name instead of IP address in /etc/tcp.smtp-rules? No, unless you do some serious patching. mee@host:/local/src/ucspi-tcp-0.88 grep hostname CHANGES ui: tcpserver supports hostname rules. Am I missing something? Mads
Re: Relaying and /control/rcpthosts
Hi Dan, On Wed, Aug 30, 2000 at 03:16:39PM -0700, net admin wrote: I allowed his office IP block in my /etc/tcp.smtp file as follows xxx.yyy.zzz.:allow,RELAYCLIENT="" This I assume this will let him relay as long as he comes from the IP address pool above regardles of what his email address is. Yes, provided three things are true: - the source IP must be in the xxx.yyy.zzz network - you have used tcprules to make the rules into the cdb that tcpserver uses - your tcpserver process was started with the -x option which specifies the cdb file you made in the previous step But relay fails until I also put his domain in the /control/rcpthosts file! I don't want everybody in his domain to relay just him. rcpthosts lists *destinations* you will accept mail for. Setting RELAYCLIENT in the environment tells qmail-smtpd to accept mail for any destination, in that session. Regards, james -- James Raftery (JBR54) - Programmer Hostmaster - IE TLD Hostmaster IE Domain Registry - www.domainregistry.ie - (+353 1) 706 2375 "Managing 4000 customer domains with BIND has been a lot like herding cats." - Mike Batchelor, on [EMAIL PROTECTED]
Re: relaying going into the bit bucket
On Thu, Aug 31, 2000 at 04:39:39PM -0400, Matt Sherer wrote: First off, I've read the FAQ. :) Basically, I've got relaying set up for a selected range of subnets, using ucspi-tcp. That looks good - attempting to send messages from within the right range allow the RCPT line, remote attempts fail, as expected. The issue is that qmail takes the message from the right host, says ok, and nothing happens with it. Doesn't bounce, get to the destination, anything. Locally spooled mail works fine - I've been using that for a while. I have a feeling it's something extremely simple, but I can't find it. The mail goes in, just never gets queued to be delivered (or something to that effect.) Any ideas? Not without unadulterated logs.
Re: relaying going into the bit bucket
Matt Sherer [EMAIL PROTECTED] wrote: First off, I've read the FAQ. :) If so, you didn't follow it. You gave us no config files, no output of qmail-showctl, didn't show us your tcp.rules file, and quoted no logs. Basically, I've got relaying set up for a selected range of subnets, using ucspi-tcp. That looks good - attempting to send messages from within the right range allow the RCPT line, remote attempts fail, as expected. The issue is that qmail takes the message from the right host, says ok, and nothing happens with it. Doesn't bounce, get to the destination, anything. Locally spooled mail works fine - I've been using that for a while. What Do The Logs Say? (tm) Charles "What Do The Logs Say" is a trademark of Dave Sill. Used without permission. -- -- Charles Cazabon [EMAIL PROTECTED] QCC Communications Corporation Saskatoon, SK My opinions do not necessarily represent those of my employer. --
Re: relaying going into the bit bucket
On Thu, Aug 31, 2000 at 04:39:39PM -0400, Matt Sherer wrote: First off, I've read the FAQ. :) Congratulations! I think you're maybe the third person to do that... I have a feeling it's something extremely simple, but I can't find it. The mail goes in, just never gets queued to be delivered (or something to that effect.) Any ideas? Before anyone else says it: What Do the Logs Say? (tm) The logs are your best friend. They are helpful and verbose. Ben -- Ben Beuchler [EMAIL PROTECTED] MAILER-DAEMON (612) 321-9290 x101 Bitstream Underground www.bitstream.net
RE: Relaying and /control/rcpthosts
Have you rebuilt the tcp.smtp.cdb file? See the cdb) entry in the qmail rc file in Life With Qmail (links to it in www.qmail.org) for more... /BR Manager InterPlanetary Solutions http://ipsware.com/
Re: Relaying and /control/rcpthosts
net admin wrote: Hi; I am trying to setup selective relaying for a client who wants to send email through our Qmail server from his office LAN. I allowed his office IP block in my /etc/tcp.smtp file as follows xxx.yyy.zzz.:allow,RELAYCLIENT="" . . . :allow This I assume this will let him relay as long as he comes from the IP address pool above regardles of what his email address is. But relay fails until I also put his domain in the /control/rcpthosts file! I don't want everybody in his domain to relay just him. How to do that? You could try a pop before smtp program that you use with qmail. It will in real time add and remove (based on a time limit) ip's to the relay control file for people who have pop accounts your system. The way it works is a person would check their mail which involves their mail client contacting the server's pop daemon. The pop before smtp program would let the user get verified and logged in then record their IP address to the relay file so that when they go to send mail via smtp it will allow his ip address. I have it working with Vpopmail (which is a virtual mail add-on to qmail but also has the above feature) and it works fine. Another program which doesn't do virtual mail it just does the pop before smtp is by Bruce Guenter and can be downloaded and etc from em.ca/~bruceg/relay-ctrl/ . I haven't personally tried it but I have heard it mentioned many times here in the list. Take Care, -- Dale Miracle System Administrator Teoi Virtual Web Hosting
Re: Relaying stopped. How to remove SPAMMER status?
Quoting Tim Jones ([EMAIL PROTECTED]): As I replied to Aaron out of band, I was not having a relay problem with QMail. The problem was an old sendmail installation. I spend a bit of time Ahh, sendmaul. Gotta love it. Well, congrats and welcome to the elite :) Aaron
Re: Relaying stopped. How to remove SPAMMER status?
Tim Jones [EMAIL PROTECTED] wrote: Well, I've successfully installed and configured QMail on my homebrewed Linux server. As such, the rampant SPAM relay that my system allowed over the past month has been stopped. What are the steps I should take to get my mail host removed from the "provider of SPAM relay" lists? Change your name, your domain name, your IP address, and move to a new country. On a more serious note, check the FAQ pages of ORBS, MAPS, etc, for instructions on how to confirm your non-relaying status. Only they can tell you how to get off of the lists they administer. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: Relaying stopped. How to remove SPAMMER status?
Tim Jones wrote: Hi Folks, Well, I've successfully installed and configured QMail on my homebrewed Linux server. As such, the rampant SPAM relay that my system allowed over the past month has been stopped. What are the steps I should take to get my mail host removed from the "provider of SPAM relay" lists? Thanks for the help with my controlled Relay questions. Tim Jones You will have check out these two sites, they are the main black list sites Orbs and MAPS . www.orbs.org maps.vix.com They both have a page where you can type in your ip address of your mail server and it will tell you if you are listed and what to do. I use to frequent them quite a bit when I was running a bbs years back because the smtp/pop3 in the bbs software was bad at preventing spam. Take Care, Dale
Re: Relaying stopped. How to remove SPAMMER status?
Quoting Tim Jones ([EMAIL PROTECTED]): Hi Folks, Well, I've successfully installed and configured QMail on my homebrewed Linux server. As such, the rampant SPAM relay that my system allowed over the past month has been stopped. Fascinating. qmail is relay-proof by default, so you almost have to purposefully mess up, unless doing something really dumb like allowing percent hack or something, to allow it to relay. Then, having messed up and knew it, you let it be a "rampant spam relay" for a month? I hope I'm not reading that correctly--perhaps it was rampant for a month and you just happened to not notice and only did *today*. Excuse me, but administrators of spam relays get me worked up. Especially qmail relays! Ugh. What are the steps I should take to get my mail host removed from the "provider of SPAM relay" lists? What "provider of SPAM relay" lists do you think you are on? How is it you know you are on them and not know how to get off? (for example, if you're on RSS, your bounces will have a URL to see. Have you gone to see it??). Aaron
Re: Relaying stopped. How to remove SPAMMER status?
Quoting M.B. ([EMAIL PROTECTED]): -Original Message- From: Aaron L. Meehan [mailto:[EMAIL PROTECTED]] Fascinating. qmail is relay-proof by default, so you almost have to purposefully mess up, unless doing something really dumb like allowing percent hack or something, to allow it to relay. Then, having messed up and knew it, you let it be a "rampant spam relay" for a month? I hope I'm not reading that correctly--perhaps it was rampant for a month and you just happened to not notice and only did *today*. or perhaps he didn't understand the relay control stuff w/ tcpserver and didn't have rcpthosts in place or some such. there have been plenty of people who have innocently not understood that process and removed the file. i would not call it a purposeful breaking of qmail. and if you don't know that the percent hack stuff removal is "dumb", you may do it not knowing any better. inexperienced is not dumb. Heck, I am being harsh, however "back in the day" when I first tackled qmail and then switched our network from sendmail, anti-relay was first and foremost in my mind. There was not anything in the way of Dave Sill's "Life With qmail." Somehow I managed to muddle through without us becoming among the vilified spam relays. I suppose attention to detail is the key. Understanding your software thouroughly *before* making the box available to the Internet-at-large is essential. Allowing smtp connections, IMAP connections, POP3 connections, etc., without understanding the ramifications.. well I guess there are just many more inexperienced administrators out there nowadays. Disclaimer: I ain't perfect--but I try to pay attention to detail :) If you don't, your network has just become a menace to the rest. Aaron
Re: Relaying stopped. How to remove SPAMMER status?
At 06:55 PM 8/15/00, Aaron L. Meehan wrote: Quoting Tim Jones ([EMAIL PROTECTED]): Well, I've successfully installed and configured QMail on my homebrewed Linux server. As such, the rampant SPAM relay that my system allowed over the past month has been stopped. Fascinating. qmail is relay-proof by default, so you almost have to purposefully mess up, unless doing something really dumb like allowing percent hack or something, to allow it to relay. Then, having messed up and knew it, you let it be a "rampant spam relay" for a month? I hope I'm not reading that correctly--perhaps it was rampant for a month and you just happened to not notice and only did *today*. Excuse me, but administrators of spam relays get me worked up. Especially qmail relays! Ugh. I think that you're reading him incorrectly. I believe that he meant to say that he had been using some other mail package, and the relaying was happening. He has now switched to qmail and the relaying has, of course, stopped. Todd
Re: Relaying stopped. How to remove SPAMMER status?
As I replied to Aaron out of band, I was not having a relay problem with QMail. The problem was an old sendmail installation. I spend a bit of time on the road and monitoring a home network is not high on my priorities. When I finally discovered the sendmail problem, I switched over to QMail and had things resolved immediatly. My question was simply "Now that I have the relay hole corked for good, where do I turn to get my IP removed from the 'this machine allows SPAM relay' lists?" That question has been answered by a number of helpful folks here on the qmail list. I thank you all from the bottom of my heart. Tim "Aaron L. Meehan" wrote: Quoting M.B. ([EMAIL PROTECTED]): -Original Message- From: Aaron L. Meehan [mailto:[EMAIL PROTECTED]] Fascinating. qmail is relay-proof by default, so you almost have to purposefully mess up, unless doing something really dumb like allowing percent hack or something, to allow it to relay. Then, having messed up and knew it, you let it be a "rampant spam relay" for a month? I hope I'm not reading that correctly--perhaps it was rampant for a month and you just happened to not notice and only did *today*. or perhaps he didn't understand the relay control stuff w/ tcpserver and didn't have rcpthosts in place or some such. there have been plenty of people who have innocently not understood that process and removed the file. i would not call it a purposeful breaking of qmail. and if you don't know that the percent hack stuff removal is "dumb", you may do it not knowing any better. inexperienced is not dumb. Heck, I am being harsh, however "back in the day" when I first tackled qmail and then switched our network from sendmail, anti-relay was first and foremost in my mind. There was not anything in the way of Dave Sill's "Life With qmail." Somehow I managed to muddle through without us becoming among the vilified spam relays. I suppose attention to detail is the key. Understanding your software thouroughly *before* making the box available to the Internet-at-large is essential. Allowing smtp connections, IMAP connections, POP3 connections, etc., without understanding the ramifications.. well I guess there are just many more inexperienced administrators out there nowadays. Disclaimer: I ain't perfect--but I try to pay attention to detail :) If you don't, your network has just become a menace to the rest. Aaron
Re: Relaying dialup mail users for qmail.
On Tue, Jul 25, 2000 at 02:12:17PM +0100, Daniel Cave wrote: ! 1. If someone tries to relay an email from an IP address (ISP dialup) which ! is not listed in /etc/tcp.smtp, and who's domainname happens to be listed in ! rcpthosts, desined for a recipient 'somewhere' on the internet, am I right ! in thinking that this connection/request to relay will be blocked by ! tcpserver? If RELAYCLIENT is not set when qmail-smtpd is invoked, then they can't relay. !How do I allow this to happen, if I dont know the IP address of ! the user wishing to relay?? Put rules of the form =.foo.bar, if the domain name you wish to allow relay is foo.bar. Then any client whose IP address reverse-resolves to *.foo.bar can relay. =.foo.bar:allow,RELAYCLIENT="" ! This in essence is the same as [EMAIL PROTECTED] ! sending an email to [EMAIL PROTECTED], isnt it?? Not sure I understood you here, sorry. ! 2. What is the significance of using qmail-qmqpd over the above method. ! Which is better.?? QMQP (628/tcp) is really only used for ``null-client'' setups. You were referring to dialup users, so I must presume you are referring to tools in the serialmail package, in which case SMTP and QMTP are the options. QMTP (209/tcp) is similar to SMTP, but more efficient. Set it up if you have dialup users using qmail. qmail-qmtpd has as much relay protection as qmail-smtpd. ---Chris K. -- Chris, the Young One |_ but what's a dropped message between friends? Auckland, New Zealand |_ this is UDP, not TCP after all ;) ---John H. http://cloud9.hedgee.com/ |_ Robinson, IV PGP: 0xCCC6114E/0x706A6AAD |_
Re: Relaying dialup mail users for qmail.
Quoting Chris, the Young One ([EMAIL PROTECTED]): !How do I allow this to happen, if I dont know the IP address of ! the user wishing to relay?? Yikes, I see I will have to modify my quoted text regexp. Oh, the heck with it... I'm not putting an exclamation mark in it. Put rules of the form =.foo.bar, if the domain name you wish to allow relay is foo.bar. Then any client whose IP address reverse-resolves to *.foo.bar can relay. A malicious individual who has control over his reverse DNS could then also relay mail via your server. Assuming you're not checking IP addresses in "paranoid" mode, of course. A low risk, to be sure, as most spammers are clueless. Something to think about, though, since it's not always just plain ol' spammers that spam. Aaron
Re: Relaying once again...
On Fri, Jul 07, 2000 at 04:21:53PM +0200, Kwasniewski Piotr wrote: I have Qmail installed. It properly sends and acepts mail. It is also supposed to do relaying for a group of users. In the FAQ it said, how to enable relaying for a group of machines, but I'd like to accomplish something like: My local domain is domain.com. If an user tries to send mail from a machine with relaying enabled, qmail should check if the sender adress is [EMAIL PROTECTED] If it is for example [EMAIL PROTECTED], qmail should deny relying. My question is: how can I do it ??? Without creating your own tools, it can't be done. And it's not a good idea. It would take me about 10s to modify my mail client so that I can relay through your server. Ben -- The spectre of a polity controlled by the fads and whims of voters who actually believe that there are significant differences between Bud Lite and Miller Lite, and who think that professional wrestling is for real, is naturally alarming to people who don't. -- Neal Stephenson
Re: Relaying once again...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 7 Jul 00, at 16:21, Kwasniewski Piotr wrote: My local domain is domain.com. If an user tries to send mail from a machine with relaying enabled, qmail should check if the sender adress is [EMAIL PROTECTED] If it is for example [EMAIL PROTECTED], qmail should deny relying. My question is: how can I do it ??? No: The question is "Why on Earth would you want to do it?" Anyway, if you need to accomplish this, write a simple wrapper around qmail-queue or patch qmail-smtpd... -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOWXcW1MwP8g7qbw/EQKdRwCg9DIQOhXN201bXYsWHAP2RYYh5I4An1vz h1gUALvnZDe+EgvwIiP73NHg =aFRe -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: Relaying once again...
2000-07-07, at 16:21:53, Kwasniewski Piotr wrote: Hello! I have Qmail installed. It properly sends and acepts mail. It is also supposed to do relaying for a group of users. In the FAQ it said, how to enable relaying for a group of machines, but I'd like to accomplish something like: My local domain is domain.com. If an user tries to send mail from a machine with relaying enabled, qmail should check if the sender adress is [EMAIL PROTECTED] If it is for example [EMAIL PROTECTED], qmail should deny relying. My question is: how can I do it ??? Waiting for reply. /var/qmail/control/rcpthosts here you define which machines you allow to be your relay clients. You can check "From:" in header using i.e. Mark Delany's patch. You can get it from nearest Qmail mirror site (in your situation the nearest will be http://qmail.obeer.com): Yet more Qmail addons Mark Delany has a patch to qmail-smtpd which lets you match the envelope sender against a regex and accept or reject the mail accordingly. ftp://ftp.mira.net/unix/mail/qmail/wildmat-0.2.patch -- pozdrawiam, Sylwester S. Biernacki [EMAIL PROTECTED]
Re: Relaying once again...
Sylwester S. Biernacki writes: /var/qmail/control/rcpthosts here you define which machines you allow to be your relay clients. No, that file lists the destination hosts and domains that qmail accepts mail for via SMTP and QMTP. To allow certain senders to relay though you to any destination, use RELAYCLIENT. man tcprules, man qmail-smtpd. paul
RE: relaying questions.
Now, my problem is related to relaying . I have read "The qmail newbie's quide to relaying" which comes with life with qmail as a URL. It states that "qmail's rcpthosts file, which gets its name from the RCPT TO command, determines whether the recipient will be accepted; it will be accepted if and only if the domain of the address given in the RCPT TO command is listed in rcpthosts." This only affects SMTP relaying. When you inject mail into the queue via a local process, that does not involve SMTP relaying. So if your web programs call /usr/lib/sendmail (the qmail version) or /var/qmail/bin/qmail-inject, then there are no relaying controls; that is a local user sending mail, and that local user is allowed to send out to anyone. I need to put their domain in my rcphosts file before sending them a password. Is this correct ?? if yes, how to overcome this problem?? Any suggestion is helpful.!!! No, this is not correct. For local users/programs sending mail, the rcpthosts file doesn't come into play. If your local user agent is injecting the mail using SMTP, or if you have a series of web servers using a single mail hub for sending mail, then you need to add them to the list of hosts allowed to relay. This is covered in section 3.2.3 of Life With Qmail. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
Re: Relaying to different hosts
Chris Johnson wrote: I can use the .qmail files to forward e-mail to another address, but how do you relay a messages onto another server without changing the envelope. I don't think you'll be able to. You can use smtproutes to override DNS and send a whole domain's mail somewhere else without changing the envelope, but I don't know of a way to do it with different addresses in the same domain. Why do you care if the envelope is changed? What you propose is trivial with .qmail files if you use forwarding, but the envelope recipient will change. Chris OK. Even if the envelope isn't changed I can't find a solution to this problem using .qmail files. If anyone can shed any light on this, it would be appreciated. Joolsie
Re: Relaying to different hosts
On Wed, Jun 07, 2000 at 09:43:16AM +0100, Jules Desforges wrote: Chris Johnson wrote: I can use the .qmail files to forward e-mail to another address, but how do you relay a messages onto another server without changing the envelope. I don't think you'll be able to. You can use smtproutes to override DNS and send a whole domain's mail somewhere else without changing the envelope, but I don't know of a way to do it with different addresses in the same domain. Why do you care if the envelope is changed? What you propose is trivial with .qmail files if you use forwarding, but the envelope recipient will change. Chris OK. Even if the envelope isn't changed I can't find a solution to this problem using .qmail files. If anyone can shed any light on this, it would be appreciated. I assume you mean "even if the envelope is changed." The example in your initial post was: I would like to send :- [EMAIL PROTECTED] to server [x.y.z] [EMAIL PROTECTED] to server [p.q.r] . and finally any aliases that do not match are forwarded onto another server [d.e.f] You might try this: # echo '[EMAIL PROTECTED]' ~alias/.qmail-bill # echo '[EMAIL PROTECTED]' ~alias/.qmail-ted # echo '| forward "$DEFAULT"@example3.dom' ~alias/.qmail-default This assumes that blah.com is a local domain. You'll need to make the appropriate adjustments if it's virtual (maybe use .qmail-blah-bill, .qmail-blah-ted, and .qmail-blah-default). This does use forwarding and the envelope recipient will change, but who cares? Chris
Re: Relaying to different hosts
On Wed, Jan 05, 2000 at 08:12:35PM +, Jules Desforges wrote: I need to be able to redirect e-mail from particular addresses to different servers. (NOT forwarding). e.g. if I host the domain :- blah.com I would like to send :- [EMAIL PROTECTED] to server [x.y.z] [EMAIL PROTECTED] to server [p.q.r] . and finally any aliases that do not match are forwarded onto another server [d.e.f] I can use the .qmail files to forward e-mail to another address, but how do you relay a messages onto another server without changing the envelope. I don't think you'll be able to. You can use smtproutes to override DNS and send a whole domain's mail somewhere else without changing the envelope, but I don't know of a way to do it with different addresses in the same domain. Why do you care if the envelope is changed? What you propose is trivial with .qmail files if you use forwarding, but the envelope recipient will change. Chris
Re: Relaying with FreeInternet?
On Tue, 9 May 2000, James wrote: What if I have a client that will be using Free-i (http://www.freei.com/) or any of the current free Internet connections for his Internet connection to get and send mail? How do I allow relaying from that server? Is this possible without an open relay? Look at smtp-poplock. There's a pointer at www.qmail.org. Vince. -- == Vince Vielhaber -- KA8CSHemail: [EMAIL PROTECTED]http://www.pop4.net 128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking Online Campground Directoryhttp://www.camping-usa.com Online Giftshop Superstorehttp://www.cloudninegifts.com ==
RE: Relaying problem..
Now for the obvious question, what does your /var/qmail/control/rcpthosts
file look like ? Is beachassociates.com in it ? Is it a virtual server (if
so, is it in /var/qmail/control/virtualservers and NOT in
/var/qmail/control/locals) or is it a local domain ?
Matt Soffen
Web Intranet Developer
http://www.iso-ne.com/
==
Boss- "My boss says we need some eunuch programmers."
Dilbert - "I think he means UNIX and I already know UNIX."
Boss- "Well, if the company nurse comes by, tell her I said
never mind."
- Dilbert -
==
-Original Message-
From: Chad Day [SMTP:[EMAIL PROTECTED]]
Sent: Tuesday, April 04, 2000 3:49 PM
To: '[EMAIL PROTECTED]'
Subject: Relaying problem..
First off, yes, I've read life with qmail and everything I can about
rcpthosts. :)
The error message I'm receiving is:
Error sending to [EMAIL PROTECTED] (553 sorry, that domain isn't
in
my list of allowed rcpthosts (#5.7.1))
[Tue Apr 4 17:24:48 2000] [error] Error sending to
[EMAIL PROTECTED] (553 sorry, that domain isn't in my list of
allowed rcpthosts (#5.7.1))
What I am trying to do is e-mail a user a login/pw from a webpage..
The code is:
# Takes the address, subject and an email, and does what it says
# used by dailyStuff, users.pl, and someday submit.pl
sub sendEmail {
my( $addr, $subject, $content, $smtp_server ) = @_;
my %mail = (
smtp= $smtp_server,
To = $addr,
From= $I{adminmail},
Subject = $subject,
Message = $content
);
sendmail( %mail ) or die $Mail::Sendmail::error;
}
$smtp_server is defined in another file to be my smtp server.. set
correctly.
Regular local - remote, remote - local, and local - local mail delivery
all works.
My tcp.smtp line is:
208.246.80.:allow,RELAYCLIENT=""
which I thought would be the solution, but I'm still hitting that error.
There must be something I'm not understanding or am missing somewhere.. I
don't think it's the script thats a problem, because if I telnet to port
25
and try to rcpt to anywhere else, it gives me the same problem.. what is
wrong with my tcp.smtp?
Thanks,
Chad Day
Beach Associates
- I heard if you play the NT CD backwards, you can hear satanic messages?
- That's NOTHING. If you play it forwards, it installs NT 4.0.
RE: Relaying problem..
Make sure that the primay IP address of the web server is in your
/etc/tcp.smtp file and then do a "qmail cdb" and "qmail restart". Basically
when your web server sends data via email Qmail doesn't like who it is
coming from. You need to identify the IP address and domain that your web
server sends from.
Travis Rail
-Original Message-
From: Chad Day [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 04, 2000 2:49 PM
To: '[EMAIL PROTECTED]'
Subject: Relaying problem..
First off, yes, I've read life with qmail and everything I can about
rcpthosts. :)
The error message I'm receiving is:
Error sending to [EMAIL PROTECTED] (553 sorry, that domain isn't in
my list of allowed rcpthosts (#5.7.1))
[Tue Apr 4 17:24:48 2000] [error] Error sending to
[EMAIL PROTECTED] (553 sorry, that domain isn't in my list of
allowed rcpthosts (#5.7.1))
What I am trying to do is e-mail a user a login/pw from a webpage..
The code is:
# Takes the address, subject and an email, and does what it says
# used by dailyStuff, users.pl, and someday submit.pl
sub sendEmail {
my( $addr, $subject, $content, $smtp_server ) = @_;
my %mail = (
smtp= $smtp_server,
To = $addr,
From= $I{adminmail},
Subject = $subject,
Message = $content
);
sendmail( %mail ) or die $Mail::Sendmail::error;
}
$smtp_server is defined in another file to be my smtp server.. set
correctly.
Regular local - remote, remote - local, and local - local mail delivery
all works.
My tcp.smtp line is:
208.246.80.:allow,RELAYCLIENT=""
which I thought would be the solution, but I'm still hitting that error.
There must be something I'm not understanding or am missing somewhere.. I
don't think it's the script thats a problem, because if I telnet to port 25
and try to rcpt to anywhere else, it gives me the same problem.. what is
wrong with my tcp.smtp?
Thanks,
Chad Day
Beach Associates
- I heard if you play the NT CD backwards, you can hear satanic messages?
- That's NOTHING. If you play it forwards, it installs NT 4.0.
Re: Relaying problem..
Chad Day [EMAIL PROTECTED] wrote: First off, yes, I've read life with qmail and everything I can about rcpthosts. :) The error message I'm receiving is: Error sending to [EMAIL PROTECTED] (553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)) [Tue Apr 4 17:24:48 2000] [error] Error sending to [EMAIL PROTECTED] (553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)) What I am trying to do is e-mail a user a login/pw from a webpage.. My tcp.smtp line is: 208.246.80.:allow,RELAYCLIENT="" which I thought would be the solution, but I'm still hitting that error. Perhaps try adding 127.:allow,RELAYCLIENT="" as another line. You should also have a default :allow at the end of that file. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: relaying
On Fri, Feb 25, 2000 at 09:47:55PM -0700, Michael Anderson wrote: Strange question, got Qmail all up and running, and can't seem to get the silly thing to send mail out to the rest of the Internet. I can send mail to the server, send mail from one user to another, but nothing outside. http://www.palomine.net/qmail/selectiverelay.html Chris
Re: Relaying for selective users, keeping address constant
On Wed, Jan 19, 2000 at 10:40:30AM -0500, Dave Sill wrote: "James Berry" [EMAIL PROTECTED] wrote: So, for messages to "james" I need to forward the message on to salsa, but the address given to the SMTP server on salsa needs to be "[EMAIL PROTECTED]" as before. Why? And this, my dear James, is the essence of the learning curve. By just stating 'Why?', Dave has drawn your attention from the answer to your question to the question itself, because your question is based on false preassumptions. Just had to say that :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Re: Relaying based on mail size !
control/databytes jon At 8:20 PM +0330 11/22/99, Seyyed Hamid Reza Hashemi Golpayegani wrote: Hi , I have installed Redhat 6.1 and Qmail 1.03 on it ! works good :) Wanna have some relaying based on message size . For example wanna check messages if larger that 5000 KB don't send it to remote host and reject it . How can I do that ? Any man pages and document are usefull . Thanx Hamid Morva.net Admin
Re: Relaying.
On Mon, Oct 18, 1999 at 09:34:01AM +0200, Tony Wade wrote: I put all the relevant domain details in /var/qmail/control/rcpthosts what happens is in both instances a Exchange server forwards the mail to the Qmail server. The Qmail server then rejects the mail saying, "Domain not in rcpthosts" tcpserver runs with the following command ( not sure if this is actually what controls the Relaying) tcpserver -c 1000 -u 71 -g 80 0 smtp /var/qmail/bin/qmail-smtpd x /etc/tcp.smtp.cdb in the file /etc/tcp.smtp That line is wrong. All the tcpserver options must come first, before the qmail-smtpd invocation. Try instead: tcpserver -c1000 -u71 -g80 -x/etc/tcp.smtp.cdb 0 smtp /var/qmail/bin/qmail-smtpd 123.123.123.:allow,RELAYCLIENT="" If i remove the rcpthosts file. Do i not make the server an Open Relay server again ? _Don't_ do that. A server with no rcpthosts file is an open relay!! -- See complete headers for more info
Re: Relaying after POP
On Mon, Oct 04, 1999 at 06:28:02PM +0200, Paulo Jan wrote: I've just installed Bruce Guenter's system to allow mail relaying after checking mail (http://em.ca/~bruceg/relay-ctrl/), and it doesn't work. Basically, what happens is: 1) The "relay-ctrl" file, that the program uses to cache the IPs of the people who have checked their mail, doesn't get updated. /var/spool/relay-ctrl is a directory, not a file. It should contain a single entry for each host that successfully authenticates. Unfortunately the makefile does not currently set this directory up. You may need to do this yourself. 2) The instructions tell me to put an invocation to "relay-ctrl-age", the program that has to update said file, in the crontab and run it every 5 minutes. I put it, and after half an hour or so, I see several zombie "relay-ctrl-age" processes with ps -auxw. Could you run "strace -o strace -ff relay-ctrl-age" and send me the resulting strace files (there should be two). I start my POP service with: tcpserver 0 pop3 /usr/local/qmail/bin/qmail-popup mail.ddnet.es /bin/checkpassword \ /usr/local/bin/logpop /usr/local/qmail/bin/qmail-pop3d ./Maildir You need to add relay-ctrl-allow before qmail-pop3d here, as stated in the README file. Anything else...? Oh yes: qmail 1.03, Slackware Linux 3.5 with several packages upgraded... Tell me if you need to know anything else. -- Bruce Guenter [EMAIL PROTECTED] http://em.ca/~bruceg/
Re: relaying question
Did you remove your /var/qmail/control/rcpthosts file? This MUST be in place! On Mon, 27 Sep 1999, Edward Castillo-Jakosalem wrote: :deny This means don't let ANY OTHER host connect. What you want as your last rule is ":allow". That will allow connections from all other hosts, but will not let them relay. Yes but I already tried setting that to 'allow' and tested sending mail using another ISP and it allowed relay. What am I still missing here? Thanks again Anand! -- Edward Castillo-Jakosalem - Timothy L. Mayo mailto:[EMAIL PROTECTED] Senior Systems Administrator localconnect(sm) http://www.localconnect.net/ The National Business Network Inc. http://www.nb.net/ One Monroeville Center, Suite 850 Monroeville, PA 15146 (412) 810- Phone (412) 810-8886 Fax
Re: relaying question
Yup. It's still there. "Timothy L. Mayo" wrote: Did you remove your /var/qmail/control/rcpthosts file? This MUST be in place! On Mon, 27 Sep 1999, Edward Castillo-Jakosalem wrote: :deny This means don't let ANY OTHER host connect. What you want as your last rule is ":allow". That will allow connections from all other hosts, but will not let them relay. Yes but I already tried setting that to 'allow' and tested sending mail using another ISP and it allowed relay. What am I still missing here? Thanks again Anand! -- Edward Castillo-Jakosalem - Timothy L. Mayo mailto:[EMAIL PROTECTED] Senior Systems Administrator localconnect(sm) http://www.localconnect.net/ The National Business Network Inc. http://www.nb.net/ One Monroeville Center, Suite 850 Monroeville, PA 15146 (412) 810- Phone (412) 810-8886 Fax -- 0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0 Edward Castillo-Jakosalem Systems Administrator Access Net (Phils.), Inc. http://www.access.net.ph/ecj [EMAIL PROTECTED] 0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0
Re: relaying question
So now I removed that deny line in my tcp.smtp file, issued the tcprule command, and restarted my tcpserver. Does it mean that hosts can now connect to my server without using it as a relay? Oh and do we still need the rcpthosts file eventhough we are running tcpserver? Sorry but am quite a newbie to qmail! Thanks Timothy! "Timothy L. Mayo" wrote: Remove your last line. It is what is causing your problem. You want to allow but without setting the RELAYCLIENT environment variable which is the default behavior. On Mon, 27 Sep 1999, Edward Castillo-Jakosalem wrote: Hi to all! I recently configured our smtp to point to another machine running qmail-1.03. No problem with that. Now, what I see in our log file is that it says 'deny' to all the hosts except the 2 ip blocks I configured to be relayclients. I just need some help if what I did in my tcp.smtp file is correct. xxx.xxx.xxx.:allow,RELAYCLIENT="" yyy.yyy.yyy.:allow,RELAYCLIENT="" :deny Does this config mean that it will allow relaying from xxx and yyy domains and deny from anywhere else? What about other hosts sending mail to one of our handled domains? Is this the deny that I see in our log files? I hope I sent the complete details. Thanks very much in advance for any help! Edward Castillo-Jakosalem - Timothy L. Mayo mailto:[EMAIL PROTECTED] Senior Systems Administrator localconnect(sm) http://www.localconnect.net/ The National Business Network Inc. http://www.nb.net/ One Monroeville Center, Suite 850 Monroeville, PA 15146 (412) 810- Phone (412) 810-8886 Fax -- 0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0 Edward Castillo-Jakosalem Systems Administrator Access Net (Phils.), Inc. http://www.access.net.ph/ecj [EMAIL PROTECTED] 0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0
Re: relaying question
On Mon, Sep 27, 1999 at 09:32:07PM +0800, Edward Castillo-Jakosalem wrote: So now I removed that deny line in my tcp.smtp file, issued the tcprule command, and restarted my tcpserver. Does it mean that hosts can now connect to my server without using it as a relay? Yes. Incidentally, you don't need to restart tcpserver. The rules database is read afresh for every incoming connection. Oh and do we still need the rcpthosts file eventhough we are running tcpserver? the rcpthosts file is still needed. This is so that non-relay clients can only send mail to domains that you want to receive mail for. -- See complete headers for more info
Re: relaying question
Thanks a lot Anand. You've been a great help! Anand Buddhdev wrote: On Mon, Sep 27, 1999 at 09:32:07PM +0800, Edward Castillo-Jakosalem wrote: So now I removed that deny line in my tcp.smtp file, issued the tcprule command, and restarted my tcpserver. Does it mean that hosts can now connect to my server without using it as a relay? Yes. Incidentally, you don't need to restart tcpserver. The rules database is read afresh for every incoming connection. Oh and do we still need the rcpthosts file eventhough we are running tcpserver? the rcpthosts file is still needed. This is so that non-relay clients can only send mail to domains that you want to receive mail for. -- See complete headers for more info -- 0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0 Edward Castillo-Jakosalem Systems Administrator Access Net (Phils.), Inc. http://www.access.net.ph/ecj [EMAIL PROTECTED] 0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0
Re: Relaying problem
Hi again. I have managed to get tcpserver to work with my qmail installation and am now testing relaying. I have set up tcpserver to allow from 212.: How? Is the line in your tcp.smtp file like the following? 212.:allow,RELAYCLIENT="" I first tried a message to a remote host which was refused saying this is not in my list of allowed rcpthosts. Well if your file tcp.smtp.cdb is not correctly written from the correct smtp.tcp then you'll always run into trouble. (I use the parameter -x/etc/tcp.smtp.cdb in the startupscript of tcpserver for qmail-smtp) I checked my assigned IP and it began with 212. I messed about for a while before deleting the rcpthosts file. Now qmail is accepting the mails with no error message Whenever you delete the rcpthosts file you open your host as an open relay! Of course it doesn't complain. but they aren't coming out the other end. My computer does not have a DNS server locally but I do have access to a lan one. Does this have something to do with it? IMHO it shouldn't. But I'm not too sure about that.
Re: Relaying problem
Marek Narkiewicz [EMAIL PROTECTED] wrote: I have set up tcpserver to allow from 212.: which is the group of IPs my ISP uses. That's not good enough. You also need to set the RELAYCLIENT environment variable. Let's see your tcp.smtp file. I first tried a message to a remote host which was refused saying this is not in my list of allowed rcpthosts. That's proof that RELAYCLIENT isn't being set. I checked my assigned IP and it began with 212. I messed about for a while before deleting the rcpthosts file. Now qmail is accepting the mails with no error message but they aren't coming out the other end. How do you know that? What to the logs show? -Dave
Re: Relaying to an external host
Barry Dwyer [EMAIL PROTECTED] wrote: Next wrinkle: I need to set up relaying so that (1) any mail *not* for our local domain gets sent to our ISP's smtp server echo ":mail.isp.net" /var/qmail/control/smtproutes and (2) the ISP's machine will forward to us any mail destined for us (the ISP hosts our actual internet mail domain). The ISP has to configure this on their end. -Dave
Re: relaying based on MX records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 8 Sep 99, at 10:52, Jan Stanik wrote: In Sendmail, I can define the feature "relay based on MX". Is it possible configure qmail to work similar way? It is possible, I would think. It means you need to read the RCPT TO: part, get the "remote host" part and check if you're and mx for that host. A few lines in qmail-smtpd should solve that. I would not consider this an option though: You have no control whatsoever about individuals listing you as their backup MX. Very simple DoS (overfilling the queue partition) are straightforward - I'll list you as my secondary MX, shut down my primary MX and get many e-mails sent to me (from many places). Your queue overfills. Human control is desirable. It's not too difficult to put a line in rcpthosts (or morercpthosts and rebuild). -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBN9Yz8FMwP8g7qbw/EQIyPQCePoJrLbIIULEZlxxm5vKfNoqyIUcAoMVG PpCtYENwknSXPCFYntgerLcd =c7bT -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: relaying based on MX records
On Wed, 8 Sep 1999, Jan Stanik wrote: Hi, In Sendmail, I can define the feature "relay based on MX". Is it possible configure qmail to work similar way? List all the names you're an MX for in rcpthosts. Shouldn't be difficult to make a script to munge your zone file to produce the necessary records and update rcpthosts if you manage your own DNS records. If not, just update rcpthosts whenever you tell your DNS people to add the MX records. As I'm sure someone will tell you in more detail, you don't really want to do a lookup for MX records pointing at you, as anyone can make such records. -- Jan Stanik [EMAIL PROTECTED] Telenor Internet,s.r.o -- "Life is much too important to be taken seriously." Thomas Erskine[EMAIL PROTECTED](613) 998-2836
Re: Relaying large attachments
Chris McCarthy writes: My company has 2 qmail servers, one is a dialup, the other is online permanently in another office. When a user in the dialup office sends an email with a large attachment to a large number of recipients, is it possible to configure the dialup qmail server to send one copy to the other qmail server to relay, so that the dialup line is not being used to transfer the same attachment to all recipients ? The short answer is no. With a lot of pain, you can probably find some way to hack around it, like dumping all mail into a Maildir, detecting duplicate messages and combining them together, then unloading the combined messages into the relay when the line comes up. If this represents your typical mail traffic, Qmail isn't the right mail server for you. -- Sam
Re: Relaying large attachments
On Wed, Aug 18, 1999 at 04:26:19PM +, Sam wrote: Chris McCarthy writes: My company has 2 qmail servers, one is a dialup, the other is online permanently in another office. When a user in the dialup office sends an email with a large attachment to a large number of recipients, is it possible to configure the dialup qmail server to send one copy to the other qmail server to relay, so that the dialup line is not being used to transfer the same attachment to all recipients ? The short answer is no. With a lot of pain, you can probably find some way to hack around it, like dumping all mail into a Maildir, detecting duplicate messages and combining them together, then unloading the combined messages into the relay when the line comes up. If this represents your typical mail traffic, Qmail isn't the right mail server for you. What about using qmtp/qmqp? Wouldn't this accomplish what he needs? --Adam -- Sam
RE: Relaying large attachments
Why not have the user send via an alternate account that uses the smtp server of the main office directly that way it is only sent once. This is very easy to do in Outlook, Outlook Express, Eudora, Netscape, etc. and it requires virtually no effort on your part. Cris Daniluk MicroStrategy -Original Message- From: Chris McCarthy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 18, 1999 1:58 PM To: [EMAIL PROTECTED] Subject: Relaying large attachments My company has 2 qmail servers, one is a dialup, the other is online permanently in another office. When a user in the dialup office sends an email with a large attachment to a large number of recipients, is it possible to configure the dialup qmail server to send one copy to the other qmail server to relay, so that the dialup line is not being used to transfer the same attachment to all recipients ? ..Chris.
Re: Relaying large attachments
I have thought of that, the disadvantage is that it takes longer to upload. Sending to the server on the LAN takes hardly no time, the subsequent uploading from server to server is of course transparent to the user. I guess I'll just leave things as they are and suffer an occasional drop in bandwidth. A possible workaround (on a slightly different topic)... is it possible to prioritize ppp traffic so that SMTP traffic is given a lower priority than web browsing etc. Taking this even further, is it possible to get qmail to prioritize email without attachments ? Thanks for the help, ..Chris. "Daniluk, Cris" wrote: Why not have the user send via an alternate account that uses the smtp server of the main office directly that way it is only sent once. This is very easy to do in Outlook, Outlook Express, Eudora, Netscape, etc. and it requires virtually no effort on your part.
Re: Relaying large attachments
On Wed, Aug 18, 1999 at 12:43:25PM -0400, Dave Sill wrote: "Adam D . McKenna" [EMAIL PROTECTED] wrote: What about using qmtp/qmqp? Wouldn't this accomplish what he needs? No, SMTP already has a mechanism to handle this (multiple RCPT's), and QMTP doesn't add anything there. The "problem" is that qmail doesn't try to minimize bandwidth by using multiple RCPT's [1]. Also, I believe he said he's unlikely to get the server to run anything special for him. I thought that qmtp supported multiple RCPT's.. Anyway.. I thought he said that he was in control of both servers. my bad. --Adam
Re: relaying redundancy
I wish smtproutes could take a prioritized list of destinations. Our workstations has jam.net.uni-c.dk defined as "smarthost", using smtproutes, which contains :jam.net.uni-c.dk If that host is down, my outgoing mail is deferred, and I am not notified. It would be nice if having :jam.net.uni-c.dk :nn.net.uni-c.dk in smtproutes would try jam first, then nn. What are my options? I cannot send mail out directly because of a firewall. -- Med venlig hilsen / Regards Netdriftgruppen / Network Management Group UNI-C Tlf./Phone +45 35 87 89 41Mail: UNI-C Fax. +45 35 87 89 90 Bygning 304 E-mail: [EMAIL PROTECTED] DK-2800 Lyngby
Re: relaying redundancy
On Mon, 26 Jul 1999, torben fjerdingstad wrote: I wish smtproutes could take a prioritized list of destinations. Our workstations has jam.net.uni-c.dk defined as "smarthost", using smtproutes, which contains :jam.net.uni-c.dk If that host is down, my outgoing mail is deferred, and I am not notified. It would be nice if having :jam.net.uni-c.dk :nn.net.uni-c.dk in smtproutes would try jam first, then nn. What are my options? I cannot send mail out directly because of a firewall. a little simplistic, but I'd run a script on cron once, say, every 10 minutes that will ping a packet to Jam, and swap to a backup version of smtproutes and notify you if there's no echo, only to be swapped back and check again in the next execution. pinging when up will return exit code of 0, ping timed out will return 1 and host doesn't exist gives 2 (DNS dead?). I'm not aware of an internal qmail solution. taking it a step forward, you could use serialmail and check the load balances on those two relays before releasing outgoing mail once a minute, but that's just an overkill and delays mail :)
Re: relaying redundancy
torben fjerdingstad wrote: I wish smtproutes could take a prioritized list of destinations. [snip] If that host is down, my outgoing mail is deferred, and I am not notified. [snip] What are my options? I cannot send mail out directly because of a firewall. Assuming your firewall also runs qmail you can also use qmqp. You can specify several qmqp servers and if the primary server is not responding for some reason qmqp client will fall back to backup server(s). Hope this helps. sgk
Re: relaying redundancy
torben fjerdingstad writes: I wish smtproutes could take a prioritized list of destinations. Point smtproutes at a domain name which has multiple A record. Not exactly what you asked for, but a reasonable facsimile. -- -russ nelson [EMAIL PROTECTED] http://crynwr.com/~nelson Crynwr sells support for free software | PGPok | Government schools are so 521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
Re: relaying redundancy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have a qmail server set up such that it's being used as a relay (all incoming mail just gets dumped to whatever is in smtproutes). anyway, sometimes the machine that my qmail box is relaying to goes down or crashes, whatever. Is there a hack to allow qmail to relay somewhere else if that host is down or if the queue builds up to a certain number (which usually also means that the host its trying to relay to is down)? Yes, it's called secondary MX server in DNS configuration :-) Other than that, no without serious hacking. -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBN5csUlMwP8g7qbw/EQJ1jwCgiVOEcVYs/mRu3rZatshkrUC7ZMsAmwSw ojXFwLbk+BCZycn5INsyvnZO =/s/d -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: relaying redundancy
[EMAIL PROTECTED] wrote: I have a qmail server set up such that it's being used as a relay (all incoming mail just gets dumped to whatever is in smtproutes). anyway, sometimes the machine that my qmail box is relaying to goes down or crashes, whatever. Is there a hack to allow qmail to relay somewhere else if that host is down or if the queue builds up to a certain number (which usually also means that the host its trying to relay to is down)? regards, Jason If you were somehow able to route the email thru qmtp to a qmtp server, you can specify multiple qmtp servers. If the first connection is dead it tries the next line in the file. That would allow you to send to a backup machine. Of course all three machines would have to be running qmail. And the relay machine would have to use the mini-qmail install. From what I read of qmtp, it will not store the email on disk before sending to the next machine. It will envoke a network connection immediately and try to send it there. You might have to setup two qmail queues. -- Ken Jones mailto:[EMAIL PROTECTED] http://www.inter7.com/qmailadmin/ - web based qmail adminstration
Re: relaying redundancy
Ken Jones [EMAIL PROTECTED] wrote: If you were somehow able to route the email thru qmtp to a qmtp server, you can specify multiple qmtp servers. If the first connection is dead it tries the next line in the file. I think you're thinking of qmQp, not qmTp. The file is qmqpservers. See the qmail-qmqpc and qmail-qmqpd man pages. From what I read of qmtp, it will not store the email on disk before sending to the next machine. It will envoke a network connection immediately and try to send it there. Right a qmqp client doesn't queue messages. If it can't contact one of the listed servers, the injection fails. You might have to setup two qmail queues. Hm? -Dave
Re: relaying redundancy
On Thu, Jul 22, 1999 at 08:48:52AM -0500, Ken Jones wrote: [EMAIL PROTECTED] wrote: I have a qmail server set up such that it's being used as a relay (all incoming mail just gets dumped to whatever is in smtproutes). anyway, sometimes the machine that my qmail box is relaying to goes down or crashes, whatever. Is there a hack to allow qmail to relay somewhere else if that host is down or if the queue builds up to a certain number (which usually also means that the host its trying to relay to is down)? regards, Jason If you were somehow able to route the email thru qmtp to a qmtp server, you can specify multiple qmtp servers. If the first connection is dead it tries the next line in the file. That'd be qmqp, not qmtp. That would allow you to send to a backup machine. Of course all three machines would have to be running qmail. And the relay machine would have to use the mini-qmail install. From what I read of qmtp, it will not store the email on disk before sending to the next machine. It will envoke a network connection immediately and try to send it there. That's true (of qmqp). But Bruce Guenter's nullmailer (http://em.ca/~bruceg/nullmailer/) allows you to use qmqp and still have queueing. I don't know much about it, but I think it supports smtp too. Chris
Re: relaying redundancy
yeah, but the host im relaying to is a Lotus Notes box.. So I guess theres no good way to do it? anyone know if sendmail has this capability? Dave Sill [EMAIL PROTECTED] on 07/22/99 09:57:27 AM To: [EMAIL PROTECTED] cc: (bcc: Jason Welsh/QRTP/Quintiles) Subject: Re: relaying redundancy Ken Jones [EMAIL PROTECTED] wrote: If you were somehow able to route the email thru qmtp to a qmtp server, you can specify multiple qmtp servers. If the first connection is dead it tries the next line in the file. I think you're thinking of qmQp, not qmTp. The file is qmqpservers. See the qmail-qmqpc and qmail-qmqpd man pages. From what I read of qmtp, it will not store the email on disk before sending to the next machine. It will envoke a network connection immediately and try to send it there. Right a qmqp client doesn't queue messages. If it can't contact one of the listed servers, the injection fails. You might have to setup two qmail queues. Hm? -Dave
Re: relaying redundancy
[EMAIL PROTECTED] writes: I have a qmail server set up such that it's being used as a relay (all incoming mail just gets dumped to whatever is in smtproutes). anyway, sometimes the machine that my qmail box is relaying to goes down or crashes, whatever. Is there a hack to allow qmail to relay somewhere else if that host is down or if the queue builds up to a certain number (which usually also means that the host its trying to relay to is down)? Changes to control/smtproutes take effect immediately. Write a simple shell script to ping your primary host, and run it from cron, every couple of minutes. If it doesn't ping, have the shell script rewrite control/smtproutes to point to the backup IP address. Afterwards, kick qmail-send in the ass to flush out the built up queue (that's optional). A five minute programming job. -- Sam
RE: relaying setup
Looks like you have the SMTP port already running in /etc/inetd Tony Wade -Original Message- From: Denis Voitenko [mailto:[EMAIL PROTECTED]] Sent: 19 July 1999 09:46 To: [EMAIL PROTECTED] Subject: relaying setup I am in a process of setting up my linux box to relay mail for clients on a 192.168.0.X LAN. I am trying to follow the directions from http://www.palomine.net/qmail/selectiverelay.html and here is something that gives me trouble. linux:/etc# tcpserver -x/etc/tcp.smtp.cdb -u1003 -g103 0 smtp /var/qmail/bin/qma il-smtpd [2] 1405 tcpserver: fatal: unable to bind: address already used What would that mean exactly? Also, do I have to add the line tcpserver -x/etc/tcp.smtp.cdb -u102 -g101 0 smtp /var/qmail/bin/qmail-smtpd to my start up scripts or it is one-time procedure? Denis Voitenko O3M Cretative Director [EMAIL PROTECTED] 215 386-3923
Re: relaying setup
On Mon, Jul 19, 1999 at 03:46:10AM -0400, Denis Voitenko wrote: I am in a process of setting up my linux box to relay mail for clients on a 192.168.0.X LAN. I am trying to follow the directions from http://www.palomine.net/qmail/selectiverelay.html and here is something that gives me trouble. linux:/etc# tcpserver -x/etc/tcp.smtp.cdb -u1003 -g103 0 smtp /var/qmail/bin/qma il-smtpd [2] 1405 tcpserver: fatal: unable to bind: address already used What would that mean exactly? It means that you already have something listening on the SMTP port. You probably have sendmail running or you have something in /etc/inetd.conf set to listen on the SMTP port. You'll have to find out what it is and disable it. Also, do I have to add the line tcpserver -x/etc/tcp.smtp.cdb -u102 -g101 0 smtp /var/qmail/bin/qmail-smtpd to my start up scripts or it is one-time procedure? You need to add it to a startup script. Chris
Re: relaying almost fixed...
On Mon, Jul 19, 1999 at 05:25:54AM -0400, Denis Voitenko wrote: tcpserver is normally installed in /usr/local/bin. However, this directory is not usually found the system startup scripts' PATH. Try using the full pathname in /etc/rc.d/rc.local, like this: /usr/local/bin/tcpserver -x . This might sound silly, but the line: tcpserver -x/etc/tcp.smtp.cdb -u1003 -g102 0 smtp /var/qmail/bin/qmail smtpd takes action only if I run it after the system is booted and I logged in as root. The entry in /etc/rc.d/rc.local does not take effect for some reason. Has anyone encountered this problem before? How do I solve it? -- See complete headers for more info
re-relaying mail for a a user
hi i have qmail setup in our office to relay internet mail for users and to deliver local mail to the users pop account on the same server. the problem is that one of our users is in a remote office, so i need his mail (outgoing form our office here) to be deliverd via a different smtp server (our isp's server). so what i would like is that any mail for [EMAIL PROTECTED] is "re-relayed" to a remote smtp server but mail to [EMAIL PROTECTED] is deliverd localy with out a dial up i would very grateful for an answer as i have been banging my head against the wall on this one for a week now j
Re: re-relaying mail for a a user
hi i have qmail setup in our office to relay internet mail for users and to deliver local mail to the users pop account on the same server. the problem is that one of our users is in a remote office, so i need his mail (outgoing form our office here) to be deliverd via a different smtp server (our isp's server). so what i would like is that any mail for [EMAIL PROTECTED] is "re-relayed" to a remote smtp server but mail to [EMAIL PROTECTED] is deliverd localy with out a dial up Simply: If bobo is a local user (and you're not using qmail-users mechanism), put [EMAIL PROTECTED] into ~bobo/.qmail If he's not local, do the same with ~alias/.qmail-bobo If you're using fastworward (aliases), put it there If you're using qmail-users mechanism, simply point bobo to the right .qmail file containing the line above mm..i not sure if it is that i'm explaining it wrong or that i don't fully the solution above. both our users here and our guy in the remote office have the same address suffix ie @bobo.com. our linux server is set up to "trap" any mail going to [EMAIL PROTECTED] and deliver it to users local pop a/c because the guy in the remote office has no access to "our" linux server he gets no mail from our office. he recives his mail direct from our internet pop a/c ... maybe this makes more sense as to the problem ... but from the solution that was suggested it seems that .qmail files or ailias's only work for mail going to a different domain ie it would forward mail for [EMAIL PROTECTED] to [EMAIL PROTECTED] but this is not what i want j
