Re: QMAIL CLUSTER with BACKUP
well you have only ldapclusterhosts file and if you modify its content then qmail must reread it i think that ldapmailhost file it don't exist if you modify only ldap atributtes then qmail don't need to reread some control files maybe it's a good ideea to look on this link http://ask.slashdot.org/comments.pl?sid=183639&cid=15170057 --- Antonio Guirado Puerta <[EMAIL PROTECTED]> wrote: > Hello, > > I think it is easier change ldapmailhost or > Ldapclusterhost control > file. Isn't it?. > > Regards > > > El vie, 24-11-2006 a las 05:13 -0800, Mihai Costache > escribió: > > this another link for thist qmail/GFS mix > > > > > http://marc2.theaimsgroup.com/?l=redhat-linux-cluster&m=114605641902158&w=2 > > > > if your SAN not permiting to mount one partition on > twho > > machine then you can think on this suggestion: use > > heartbeat from linux-ha.org with your configuration > from > > last mail > > you need to make an "simple" perl/bash script that, > when > > heatbeat detect that one of you qmail host is down, > must > > do: > > 1)change mailHost attributes on openldap for email > accounts > > "storred" on host down > > 2)mount the other SAN partition used by the qmail host > down > > > > > > this suggestion may have a problem: the time needed > to > > make the changes on openldap side > > > >or .. you could think on other mta solution ... > maybe > > postfix or exim > > > > > > > > > > --- Antonio Guirado Puerta > <[EMAIL PROTECTED]> > > wrote: > > > > > According our SAN partner, it is impossible mount a > same > > > volume > > > with read/write permission in two machines. So it is > > > necessary a > > > middle level, based in network file systems (NFS, > GFS, > > > etc.). We know > > > that there are installations with GFS but googling we > > > found the > > > following link: > > > > > > > > > http://www.redhat.com/archives/linux-cluster/2005-September/msg00220.html > > > > > > Any good/bad experiences about GFS and QMAL? Is a > good > > > mix? > > > > > > Thanks. > > > > > > > > > > > > El vie, 24-11-2006 a las 02:34 -0800, Mihai Costache > > > escribió: > > > > > > > > why you don't use a 2 identical qmail-ldap hosts ? > and > > > this two qmail hosts behind f5 balancer ? > > > > > > > > and you have a single SAN partition ... and this > > > partition is mounted on each qmail-ldap machine > > > (configuration of this qmail-ldap > > > > hosts are identical) > > > > > > > > in this case the email are stock on the same SAN > > > partition, regardless of qmail-ldap hosts > > > > > > > > also the pop3 use the maildir on SAN partition > > > regardless of qmail-ldap hosts > > > > > > > > > > > > > > > > > > > > > > > > - Original Message > > > > From: Antonio Guirado Puerta > > > <[EMAIL PROTECTED]> > > > > To: qmail-ldap@qmail-ldap.org > > > > Cc: [EMAIL PROTECTED] > > > > Sent: Thursday, November 23, 2006 12:17:50 PM > > > > Subject: QMAIL CLUSTER with BACKUP > > > > > > > > Hello, > > > > > > > > We are evaluating qmail-ldap for an ISP > installation. > > > > We need a qmail cluster situated behind a F5 > balancer. > > > > We are going to distribute domains between two > > > different > > > > qmail instances situated in different machines (p.e > > > mx1.domain.com > > > > and mx2.domain.com). > > > > > > > > Maildirs are on a two SAN partitions. Each machine > > > manages > > > > its partition where maildirs associated to > controlled > > > domains are. > > > > > > > > 1. Both machines active. > > > > > > > > Qmail-LDAP-Cluster is interesting when both > machines > > > are up. Mailhost > > > > attribute tell in which machine (mx1 or mx2) > maildir > > > is. If balancer > > > > carries the session to a wrong qmail (where maildir > is > > > not mounted), > > > > QMQP transfers SMTP/POP3/IMAP session to the right > > > insta
Re: QMAIL CLUSTER with BACKUP
his link it is a start point http://ask.slashdot.org/comments.pl?sid=183639&cid=15170057 Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail beta. http://new.mail.yahoo.com
Re: QMAIL CLUSTER with BACKUP
this another link for thist qmail/GFS mix http://marc2.theaimsgroup.com/?l=redhat-linux-cluster&m=114605641902158&w=2 if your SAN not permiting to mount one partition on twho machine then you can think on this suggestion: use heartbeat from linux-ha.org with your configuration from last mail you need to make an "simple" perl/bash script that, when heatbeat detect that one of you qmail host is down, must do: 1)change mailHost attributes on openldap for email accounts "storred" on host down 2)mount the other SAN partition used by the qmail host down this suggestion may have a problem: the time needed to make the changes on openldap side or .. you could think on other mta solution ... maybe postfix or exim --- Antonio Guirado Puerta <[EMAIL PROTECTED]> wrote: > According our SAN partner, it is impossible mount a same > volume > with read/write permission in two machines. So it is > necessary a > middle level, based in network file systems (NFS, GFS, > etc.). We know > that there are installations with GFS but googling we > found the > following link: > > http://www.redhat.com/archives/linux-cluster/2005-September/msg00220.html > > Any good/bad experiences about GFS and QMAL? Is a good > mix? > > Thanks. > > > > El vie, 24-11-2006 a las 02:34 -0800, Mihai Costache > escribió: > > > > why you don't use a 2 identical qmail-ldap hosts ? and > this two qmail hosts behind f5 balancer ? > > > > and you have a single SAN partition ... and this > partition is mounted on each qmail-ldap machine > (configuration of this qmail-ldap > > hosts are identical) > > > > in this case the email are stock on the same SAN > partition, regardless of qmail-ldap hosts > > > > also the pop3 use the maildir on SAN partition > regardless of qmail-ldap hosts > > > > > > > > > > > > - Original Message > > From: Antonio Guirado Puerta > <[EMAIL PROTECTED]> > > To: qmail-ldap@qmail-ldap.org > > Cc: [EMAIL PROTECTED] > > Sent: Thursday, November 23, 2006 12:17:50 PM > > Subject: QMAIL CLUSTER with BACKUP > > > > Hello, > > > > We are evaluating qmail-ldap for an ISP installation. > > We need a qmail cluster situated behind a F5 balancer. > > We are going to distribute domains between two > different > > qmail instances situated in different machines (p.e > mx1.domain.com > > and mx2.domain.com). > > > > Maildirs are on a two SAN partitions. Each machine > manages > > its partition where maildirs associated to controlled > domains are. > > > > 1. Both machines active. > > > > Qmail-LDAP-Cluster is interesting when both machines > are up. Mailhost > > attribute tell in which machine (mx1 or mx2) maildir > is. If balancer > > carries the session to a wrong qmail (where maildir is > not mounted), > > QMQP transfers SMTP/POP3/IMAP session to the right > instance of qmail. > > Notice that ldapclusterhost file can not have > > both machine names (mx1.domain.com and mx2.domain.com) > because > > in that case, session is not transfer between qmail > instances. > > > > 2. One machine is down. > > > > At this moment, both partitions are mounted on the > active machine. So, > > only one Qmail must manage all domains. Ldapclusterhost > files should be > > used in this moment. Now Ldapclusterhost should has > mx1.domain.com and > > mx2.domain.com. > > > > > > We think that the same script that mount the partition > in the active > > machine, changes the content of Ldapclusterhost file. > But I'd like to > > ask if someone has a similar scenario or > qmail-ldap-cluster let do a > > backup cluster in an automatic way, using only control > files. > > > > Thanks in advanced. > > Regards. > > > -- > ___ > > Antonio M. Guirado Puerta > Sistemas de Información y Comunicaciones > Fundación Integra. http://www.f-integra.org > > Teléfono: +34 968 355161 > Fax: +34 968 355131 > Correo: [EMAIL PROTECTED] > ___ > Este mensaje y los posibles documentos adjuntos al mismo > son confidenciales y > dirigidos exclusivamente a los destinatarios de los > mismos. Si por un error > de transmisión, o equivocación en la dirección de envío, > usted ha recibido > este mensaje y no es el destinatario de la información, > por favor, notifíqueselo > al remitente y borre este mensaje, sin usar, informar, > distribuir, imprimir, copiar > o difundir el mensaje, total o parcialmente, por ningún > medio. Gracias. > > > Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail beta. http://new.mail.yahoo.com
Re: QMAIL CLUSTER with BACKUP
why you don't use a 2 identical qmail-ldap hosts ? and this two qmail hosts behind f5 balancer ? and you have a single SAN partition ... and this partition is mounted on each qmail-ldap machine (configuration of this qmail-ldap hosts are identical) in this case the email are stock on the same SAN partition, regardless of qmail-ldap hosts also the pop3 use the maildir on SAN partition regardless of qmail-ldap hosts - Original Message From: Antonio Guirado Puerta <[EMAIL PROTECTED]> To: qmail-ldap@qmail-ldap.org Cc: [EMAIL PROTECTED] Sent: Thursday, November 23, 2006 12:17:50 PM Subject: QMAIL CLUSTER with BACKUP Hello, We are evaluating qmail-ldap for an ISP installation. We need a qmail cluster situated behind a F5 balancer. We are going to distribute domains between two different qmail instances situated in different machines (p.e mx1.domain.com and mx2.domain.com). Maildirs are on a two SAN partitions. Each machine manages its partition where maildirs associated to controlled domains are. 1. Both machines active. Qmail-LDAP-Cluster is interesting when both machines are up. Mailhost attribute tell in which machine (mx1 or mx2) maildir is. If balancer carries the session to a wrong qmail (where maildir is not mounted), QMQP transfers SMTP/POP3/IMAP session to the right instance of qmail. Notice that ldapclusterhost file can not have both machine names (mx1.domain.com and mx2.domain.com) because in that case, session is not transfer between qmail instances. 2. One machine is down. At this moment, both partitions are mounted on the active machine. So, only one Qmail must manage all domains. Ldapclusterhost files should be used in this moment. Now Ldapclusterhost should has mx1.domain.com and mx2.domain.com. We think that the same script that mount the partition in the active machine, changes the content of Ldapclusterhost file. But I'd like to ask if someone has a similar scenario or qmail-ldap-cluster let do a backup cluster in an automatic way, using only control files. Thanks in advanced. Regards. -- ___ Antonio M. Guirado Puerta Sistemas de Información y Comunicaciones Fundación Integra. http://www.f-integra.org Teléfono: +34 968 355161 Fax: +34 968 355131 Correo: [EMAIL PROTECTED] ___ Este mensaje y los posibles documentos adjuntos al mismo son confidenciales y dirigidos exclusivamente a los destinatarios de los mismos. Si por un error de transmisión, o equivocación en la dirección de envío, usted ha recibido este mensaje y no es el destinatario de la información, por favor, notifíqueselo al remitente y borre este mensaje, sin usar, informar, distribuir, imprimir, copiar o difundir el mensaje, total o parcialmente, por ningún medio. Gracias. Cheap talk? Check out Yahoo! Messenger's low PC-to-Phone call rates. http://voice.yahoo.com
Re: per users smtp databytes option
from qmail-ldap documentation - mailSizeMax specifies the maximum size of a single message the user may receive. e.g. Dial-up customer prefer a small mailSizeMax. Note: mailSizeMax is used in qmail-lspawn whereas databytes sets the SMTP DATA limit. Therefor having a mailSizeMax bigger than databytes does not make much sense. - Original Message From: Toni Mueller <[EMAIL PROTECTED]> To: qmail-ldap@qmail-ldap.org Sent: Monday, November 13, 2006 7:03:50 PM Subject: Re: per users smtp databytes option Hello, On Mon, 13.11.2006 at 07:02:09 +, satish patel <[EMAIL PROTECTED]> wrote: > is there any option to specify per user smtp databytes > ?? problem is in my company i have specity 5 MB smtp > databytes option for all users but my director want > more databytes caz he is sending 10 MB size attechment > .. so any option to specify databytes 10MB for my > director only...?/ yes. Look at 'mailSizeMax'. Best, --Toni++
Re: Limit messages/smtp per users
one possibility: from qmail-scanner ... add a new scanner function that keep this counts and when the max number is acquire then you remove relay acces for this user/ip - Original Message From: Nicolas de Bari Embriz Garcia Rojas <[EMAIL PROTECTED]> To: qmail-ldap Sent: Sunday, October 22, 2006 9:28:51 AM Subject: Limit messages/smtp per users Is there a way for limiting the number of messages sent per user? for example, to allow 20 msg/hour for some users or to allow 1000 msg every day etc . regards.
Re: mulitple ldap - multiple qmail
in your case i think that is more easy to use clustering option of qmail-ldap --- Narayanamoorthy Srinivasan <[EMAIL PROTECTED]> wrote: > Hi List, > I want to setup following scenario. > > 1. Our office has two branches connected to Internet with > static IP. > 2. DNS are configured properly. > 3. Each location will have one LDAP server and one qmail > server. > 4. LDAP servers between branches will be linked. > 5. Requirement: local mails and remote mails should work > fine when > connectivity is up and local mails should work and remote > mails should > go to local queue if connecivity is down. > > I have configured LDAP in following way (fedora directory > server) with > smart referral. > > Server A > > basedn/root suffix: dc=example,dc=com > subsuffix: ou=chennai,dc=example,dc=com with local > database > subsuffix: ou=mumbai,dc=example,dc=com with smart > referral to Server > A's ou=chennai branch > > Server B > > Vice versa in server B > > LDAP queries (ldapsearch) working fine from both > branches. And if > connecty is down only local record is displayed and for > remote records > "time out" error occurs. > > Qmail Configuration (in both brances) > > ldapbasedn: dc=example,dc=com > ldaplogin: (local manager) > ldapserver: 127.0.0.1 > > when connectivity is fine, mails are going properly > between branches. > But when connecvitiy is down, local mails getting > delivered fine and > remote mails getting bounced saying "no such user". > > How to get off the situtation. > > Hope I have explained the situtation clearly. > > TIA > Moorthy > __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com
Re: Re: about clustering (again)
so ... the problem is only when password contain spaces ? or any special characters ? thanks, Mihai --- Claudio Jeker <[EMAIL PROTECTED]> wrote: > On Wed, Jul 20, 2005 at 03:02:23AM -0700, Mihai Costache > wrote: > > > > well ... > > i thing that my password was the problem ... i have 3 > > spaces in my pass ... now i changed with some trivial > > ...like 123456 and it is working ... but i must have > > passwords with at list one space, one digit, one upper > > character etc ... > > it is a bug in auth_imap with passwords containing > spaces > > ? > > > > There is no way that passwords with spaces will work. > > -- > :wq Claudio > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: Re: about clustering (again)
well ... i thing that my password was the problem ... i have 3 spaces in my pass ... now i changed with some trivial ...like 123456 and it is working ... but i must have passwords with at list one space, one digit, one upper character etc ... it is a bug in auth_imap with passwords containing spaces ? thanks a lot, Mihai --- Claudio Jeker <[EMAIL PROTECTED]> wrote: > On Tue, Jul 19, 2005 at 07:11:02AM -0700, Mihai Costache > wrote: > > > > > >i set up ldapclusterhosts and only pop3 forwarding > it is > > working . imap forwading is not working .. > > > > > > from log > > snip --- > > @400042dd0863013b2d8c DEBUG: Connection, > > ip=[192.168.100.10] > > @400042dd086e0abe6784 tcpserver: end 29424 status 0 > > snip --- > > > > cat qmail-imapd.rules > > > > 127.0.0.1:allow,IMAP_CAPABILITY="IMAP4rev1 CHILDREN > > NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT > > QUOTA" > > 192.168.:allow,IMAP_CAPABILITY="IMAP4rev1 CHILDREN > > NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT > > QUOTA" > > :deny > > > > > > How do you start the imap server? > Could you set LOG_LEVEL to 255 so that auth_imap starts > logging and shows > where it fails? > > > -- > :wq Claudio > Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
Re: about clustering (again)
well ... i tried with no firewall between .. qmail-qmqpd.rules on both servers --- 192.168.0.200:allow 192.168.100.1:allow :deny --- and 192.168.0.200 is host1.local.domain.com 192.168.100.1 is host2.local.domain.com ldapclusters on host1 is host1.local.domain.com on host2 is host2.local.domain.com user test.test with mailHost: host1.local.domain.com when is make pop to 192.168.100.1 i can receive mails from 192.168.0.200 i can make imap to 192.168.0.200 but when i make imap to 192.168.100.1 i give an error i cant interpret in some way output from "tcpdump -i eth1 -s 1400 -xXv port 143" --- Bruno Negrao <[EMAIL PROTECTED]> wrote: > Is there a firewall between the machines? > > can you 'tcpdump -s 1400 -xXv port 143' to see what's > happening? > > bnegrao > > > - Original Message - > From: "Mihai Costache" <[EMAIL PROTECTED]> > To: > Sent: Tuesday, July 19, 2005 11:11 AM > Subject: Re: about clustering (again) > > > > > > > > i set up ldapclusterhosts and only pop3 forwarding it > is > > working . imap forwading is not working .. > > > > > > from log > > snip --- > > @400042dd0863013b2d8c DEBUG: Connection, > > ip=[192.168.100.10] > > @400042dd086e0abe6784 tcpserver: end 29424 status 0 > > snip --- > > > > cat qmail-imapd.rules > > > > 127.0.0.1:allow,IMAP_CAPABILITY="IMAP4rev1 CHILDREN > > NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT > > QUOTA" > > 192.168.:allow,IMAP_CAPABILITY="IMAP4rev1 CHILDREN > > NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT > > QUOTA" > > :deny > > > > > > > > > > --- Bruno Negrao <[EMAIL PROTECTED]> wrote: > > > >> mailHost can be equal to ldapclusterhosts, instead of > me. > >> > >> this version of Life with qmail ldap is updated > >> http://www.qmail-ldap.org/wiki/Lwql > >> > >> Read also > >> > > > http://www.qmail-ldap.org/wiki/%7Econtrol/ldapclusterhosts > >> http://www.qmail-ldap.org/wiki/Qmail-lspawn > >> http://www.qmail-ldap.org/wiki/Auth_pop > >> > >> bnegrao > >> > >> - Original Message - > >> From: "Mihai Costache" <[EMAIL PROTECTED]> > >> To: > >> Sent: Tuesday, July 19, 2005 8:45 AM > >> Subject: about clustering > >> > >> > >> > > >> > hi, > >> > > >> > for setting up a cluster with qmail-ldap the value > from > >> > mailHost attribute must be identical with the value > >> from > >> > control file "me" ? or exist another control file > >> > "ldapmailhost" (this control file is docs from > >> www.lwq.org) > >> > > >> > > >> > thanks, > >> > Mihai > >> > Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
Re: about clustering (again)
well ... i tried with no firewall between .. qmail-qmqpd.rules on both servers --- 192.168.0.200:allow 192.168.100.1:allow :deny --- and 192.168.0.200 is host1.local.domain.com 192.168.100.1 is host2.local.domain.com ldapclusters on host1 is host1.local.domain.com on host2 is host2.local.domain.com user test.test with mailHost: host1.local.domain.com when is make pop to 192.168.100.1 i can receive mails from 192.168.0.200 i can make imap to 192.168.0.200 but when i make imap to 192.168.100.1 i give an error i cant interpret in some way output from "tcpdump -i eth1 -s 1400 -xXv port 143" --- Bruno Negrao <[EMAIL PROTECTED]> wrote: > Is there a firewall between the machines? > > can you 'tcpdump -s 1400 -xXv port 143' to see what's > happening? > > bnegrao > > > - Original Message - > From: "Mihai Costache" <[EMAIL PROTECTED]> > To: > Sent: Tuesday, July 19, 2005 11:11 AM > Subject: Re: about clustering (again) > > > > > > > > i set up ldapclusterhosts and only pop3 forwarding it > is > > working . imap forwading is not working .. > > > > > > from log > > snip --- > > @400042dd0863013b2d8c DEBUG: Connection, > > ip=[192.168.100.10] > > @400042dd086e0abe6784 tcpserver: end 29424 status 0 > > snip --- > > > > cat qmail-imapd.rules > > > > 127.0.0.1:allow,IMAP_CAPABILITY="IMAP4rev1 CHILDREN > > NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT > > QUOTA" > > 192.168.:allow,IMAP_CAPABILITY="IMAP4rev1 CHILDREN > > NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT > > QUOTA" > > :deny > > > > > > > > > > --- Bruno Negrao <[EMAIL PROTECTED]> wrote: > > > >> mailHost can be equal to ldapclusterhosts, instead of > me. > >> > >> this version of Life with qmail ldap is updated > >> http://www.qmail-ldap.org/wiki/Lwql > >> > >> Read also > >> > > > http://www.qmail-ldap.org/wiki/%7Econtrol/ldapclusterhosts > >> http://www.qmail-ldap.org/wiki/Qmail-lspawn > >> http://www.qmail-ldap.org/wiki/Auth_pop > >> > >> bnegrao > >> > >> - Original Message - > >> From: "Mihai Costache" <[EMAIL PROTECTED]> > >> To: > >> Sent: Tuesday, July 19, 2005 8:45 AM > >> Subject: about clustering > >> > >> > >> > > >> > hi, > >> > > >> > for setting up a cluster with qmail-ldap the value > from > >> > mailHost attribute must be identical with the value > >> from > >> > control file "me" ? or exist another control file > >> > "ldapmailhost" (this control file is docs from > >> www.lwq.org) > >> > > >> > > >> > thanks, > >> > Mihai > >> > > >> > > >> > > >> > > >> > Start your day with Yahoo! - make it your home page > >> > http://www.yahoo.com/r/hs > >> > > >> > > >> > >> > > > > > > > > > > > > Start your day with Yahoo! - make it your home page > > http://www.yahoo.com/r/hs > > > > > Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
Re: about clustering (again)
i set up ldapclusterhosts and only pop3 forwarding it is working . imap forwading is not working .. from log snip --- @400042dd0863013b2d8c DEBUG: Connection, ip=[192.168.100.10] @400042dd086e0abe6784 tcpserver: end 29424 status 0 snip --- cat qmail-imapd.rules 127.0.0.1:allow,IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA" 192.168.:allow,IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA" :deny --- Bruno Negrao <[EMAIL PROTECTED]> wrote: > mailHost can be equal to ldapclusterhosts, instead of me. > > this version of Life with qmail ldap is updated > http://www.qmail-ldap.org/wiki/Lwql > > Read also > http://www.qmail-ldap.org/wiki/%7Econtrol/ldapclusterhosts > http://www.qmail-ldap.org/wiki/Qmail-lspawn > http://www.qmail-ldap.org/wiki/Auth_pop > > bnegrao > > - Original Message - > From: "Mihai Costache" <[EMAIL PROTECTED]> > To: > Sent: Tuesday, July 19, 2005 8:45 AM > Subject: about clustering > > > > > > hi, > > > > for setting up a cluster with qmail-ldap the value from > > mailHost attribute must be identical with the value > from > > control file "me" ? or exist another control file > > "ldapmailhost" (this control file is docs from > www.lwq.org) > > > > > > thanks, > > Mihai > > > > > > > > > > Start your day with Yahoo! - make it your home page > > http://www.yahoo.com/r/hs > > > > > > Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
Re: about clustering
thanks. --- Bruno Negrao <[EMAIL PROTECTED]> wrote: > mailHost can be equal to ldapclusterhosts, instead of me. > > this version of Life with qmail ldap is updated > http://www.qmail-ldap.org/wiki/Lwql > > Read also > http://www.qmail-ldap.org/wiki/%7Econtrol/ldapclusterhosts > http://www.qmail-ldap.org/wiki/Qmail-lspawn > http://www.qmail-ldap.org/wiki/Auth_pop > > bnegrao > > - Original Message - > From: "Mihai Costache" <[EMAIL PROTECTED]> > To: > Sent: Tuesday, July 19, 2005 8:45 AM > Subject: about clustering > > > > > > hi, > > > > for setting up a cluster with qmail-ldap the value from > > mailHost attribute must be identical with the value > from > > control file "me" ? or exist another control file > > "ldapmailhost" (this control file is docs from > www.lwq.org) > > > > > > thanks, > > Mihai > > > > > > > > > > Start your day with Yahoo! - make it your home page > > http://www.yahoo.com/r/hs > > > > > > Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
about clustering
hi, for setting up a cluster with qmail-ldap the value from mailHost attribute must be identical with the value from control file "me" ? or exist another control file "ldapmailhost" (this control file is docs from www.lwq.org) thanks, Mihai Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
Re: slapd.conf and SMTP_AUTH
thanks. i make qmaild owner for ldappassword and chmoded 400 ... and now it works --- Claudio Jeker <[EMAIL PROTECTED]> wrote: > On Mon, Jul 11, 2005 at 02:50:02AM -0700, Mihai Costache > wrote: > > > >hi, > > > > i have a little problem with smtp-auth when i want > > to put some access policies to my ldap base. > > > > all works great when i don't put access policies in > > my slapd.conf, but when i added it only pop > > connection work, smtp-auth doesn't work > > > > thanks > > > > here is my setting from qmail-ldap: > > > > #cat /var/qmail/control/ldaplogin > > cn=qmail,o=domain,c=com > > > > #cat /var/qmail/control/ldappassword > > secretpass > > > > auth_smtp does not run as root so make sure that it is > able to read > ldappassword else it will bind as anonymous user. > It is possible to use ldaprebind to restrict the access a > bit more. > > -- > :wq Claudio > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
slapd.conf and SMTP_AUTH
hi, i have a little problem with smtp-auth when i want to put some access policies to my ldap base. all works great when i don't put access policies in my slapd.conf, but when i added it only pop connection work, smtp-auth doesn't work thanks here is my setting from qmail-ldap: #cat /var/qmail/control/ldaplogin cn=qmail,o=domain,c=com #cat /var/qmail/control/ldappassword secretpass #cat /var/qmail/control/qmail-smtpd.rules :allow,SMTPAUTH="TLSREQUIRED",BLOCKRELAYPROBE="",RCPTCHECK="",SANITYCHECK="",NOPBS="",RETURNMXCHECK="" from my slapd.conf --- snip --- access to attr=userPassword by self write by anonymous auth by dn.base="cn=root,o=domain,c=com" write by dn.base="cn=qmail,o=domain,c=com" read by * none access to * by self read by dn.base="cn=root,o=domain,c=com" write by dn.base="cn=qmail,o=domain,c=com" read by anonymous auth snip --- Sell on Yahoo! Auctions no fees. Bid on great items. http://auctions.yahoo.com/
Re: REQUEST FOR NEW FEATURE: INTERNAL-ONLY ACCOUNTS
yep ... that would be a verry nice feature ! i vote fot his :))) --- Bruno Negrão <[EMAIL PROTECTED]> wrote: > Occured to me a new idea now. > > Qmail-ldap would smoothly implement this feature if it > was added as a new > functionality to qmail-verify (the process invoked by > qmail-smtpd to check out > things inside the directory). > > Just like SENDERCHECK and RCPTCHECK, qmail-smtpd could > receive a, say, > MAILCLASSCHECK that would trigger qmail-verify to check > inside the directory > what permissions the involved local user account has. > > With the use of a new user attribute, mailClass (as > suggested by Fernando M.), > qmail-verify could answer to qmail-smtpd if that message > was allowed or denied > to pass. > > The mailClass attribute would accept 3 values: > - interNet => receives/sends only from/to Internet > - intraNet => receives/sends only from/to Internal mail > - all => receives/sends from/to Internet and > Internal mail > > For me this would be a very clean implementation of this > feature by qmail-ldap. > > What do you think about it? Any drawback? > > Regards, > - > Bruno Negrao - Network Manager > Engepel Teleinformática. 55-31-34812311 > Belo Horizonte, MG, Brazil > > Yahoo! Sports Rekindle the Rivalries. Sign up for Fantasy Football http://football.fantasysports.yahoo.com
Re: REQUEST FOR NEW FEATURE: INTERNAL-ONLY ACCOUNTS
but in this way you know if the mail may be delivered or not after you reveice the mail, if you do that at smtp level you save bandwidth ... --- Bruno Negrão <[EMAIL PROTECTED]> wrote: > Hi Fernando, > > Very good idea. > > Have you ever thougth about adding a program to intercept > the passing messages > with QMAILQUEUE patch, which would query the ldap > directory for the the user's > mailClass attribute, and based on it, allow or deny the > passing message? > > This way you wouldn't need the Postfix server. > > Can you understand this idea? If yes, can you see > drawbacks on it? > > Regards, > bruno > > > > I have exactly the same problem. I worked a solution > by: > > > > 1) Installing Postfix as my frontline smtpd, bounded > > to eth0-ip-address:25 > > 2) Creating a openldap schema with an attribute called > > mailClass, which can have values like: > > interNet= receives/sends only from/to Internet > > intraNet= receives/sends only from/to Internal mail > > all= receives/sends from/to Internet and Internal > mail > > 3) Installing qmail-ldap as backstage smtpd, same > machine > > as Postfix, bounded to 127.0.0.1:25 > > > > Configuration for Postfix looks at the recipient and > > retrieves attribute mailClass. Then, it looks at the > > sender and proceeds accordingly, relaying the email to > > qmail-ldap at 127.0.0.1 or returning a non-authorized > > email message to the sender. > > > > If authorized, qmail-ldap receives the email and > proceed > > to remote or local delivery. > > > > Pros: Postfix can be very good at blocking SPAM, so I > > inserted anti-spam rules in it, besides the rules > > for filtering out non-authorized mails. > > > > Cons: One more smtp service to maintain. Not that > dificult, > > but it means using more resources, like memory, > cpu > > and disks. > > > > -- > > Bye, > > Fernando Maciel Souto Maior > > [EMAIL PROTECTED] > > http://www.araujo.com.br > > +55+31 3270-5886 > > LPIC/1 # 31908 > > > > > AVISO- > > Esta mensagem pode conter informacao confidencial ou > privilegiada. > > Se voce nao for o destinatario ou a pessoa autorizada a > receber > > esta mensagem, nao pode usar, copiar ou divulgar as > informacoes > > nela contidas ou tomar qualquer acao baseada nessas > informacoes. > > Se voce recebeu esta mensagem por engano, favor avisar > o remetente > > imediatamente, respondendo o e-mail e em seguida > apagando-o. > > Obrigado pela cooperacao. > > > > > DISCLAIMER > > This message may contain confidential and/or privileged > information. > > If you are not the addressee or authorized to receive > this for the > > addressee, you must not use, copy, disclose or take any > action based > > on any information herein. If you have received this > message in > > error, please advise the sender immediately by replying > to this > > e-mail and delete this message. Thank you for your > cooperation. > > > > > -- > > This email was sent using SquirrelMail - > http://squirrelmail.org > > > > __ Discover Yahoo! Find restaurants, movies, travel and more fun for the weekend. Check it out! http://discover.yahoo.com/weekend.html
need help with
hi, i need some help with slapd.conf access control list and qmail-ldap smtp-auth. how my access list must look ? here is my access lists (and i can not do smtp authentification) - openldap 2.2.23 access to attr=userPassword by self write by dn="cn=superuser,o=domain,c=net" write by dn="cn=qmail,o=domain,c=net" read by anonymous auth by users read access to * by self write by dn="cn=superuser,o=domain,c=net" write by dn="cn=qmail,o=domain,c=net" read by anonymous auth by users read here is my qmail control files - ldaplogin cn=qmail,o=domain,c=net - ldappassword secret - ldapbasedn o=domain,c=net - qmail-smtp.rules :allow,SMTPAUTH="TLSREQUIRED",BLOCKRELAYPROBE="",RCPTCHECK="",SANITYCHECK="",SENDERCHECK="",NOPBS="",RETURNMXCHECK="" __ Celebrate Yahoo!'s 10th Birthday! Yahoo! Netrospective: 100 Moments of the Web http://birthday.yahoo.com/netrospective/
pop3s connection forwarding
hi, can tell me anyone how can i have pop3s and imaps and still have connection forwarding in a qmail-ldap cluster environment ? thnaks, mihai __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
Re: qmail-pop3d-ssl and qmail-imapd-ssl
--- Mihai Costache <[EMAIL PROTECTED]> wrote: > > hi, > > i have an qmail-ldap cluster environment and recently i > switch from pop3(and imap) to pop3s(and imaps) and to > 20041201 patch ... and now forwarding connection it's not > working. every qmail-ldap server from this cluster > environment use a unique openssl certificate . i must use > a > single openssl certificat for all servers ? > > > thanks, > Mihai > > > > __ > Do you Yahoo!? > Take Yahoo! Mail with you! Get it on your mobile phone. > http://mobile.yahoo.com/maildemo > __ Do you Yahoo!? All your favorites on one personal page Try My Yahoo! http://my.yahoo.com
qmail-pop3d-ssl and qmail-imapd-ssl
hi, i have an qmail-ldap cluster environment and recently i switch from pop3(and imap) to pop3s(and imaps) and to 20041201 patch ... and now forwarding connection it's not working. every qmail-ldap server from this cluster environment use a unique openssl certificate . i must use a single openssl certificat for all servers ? thanks, Mihai __ Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. http://mobile.yahoo.com/maildemo
Re: password expire time
it can be done this thing ? --- Mihai Costache <[EMAIL PROTECTED]> wrote: > > > can i make that email password to expire at some time > perriod ? and if yes how ? > >thnaks > > > > __ > Do you Yahoo!? > Yahoo! Mail - now with 250MB free storage. Learn more. > http://info.mail.yahoo.com/mail_250 > __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail
password expire time
can i make that email password to expire at some time perriod ? and if yes how ? thnaks __ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250
about SMTPAUTH
what user/password you must use if you want to use smtpauth for relaying ? __ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250
Re: questions about qmail-smtpd
i am not angry, just verry tired so i'm going home i am not "guru" in qmail-ldap ... i am working with it just for 1 year ... so ... i want to do this "verification" to the smtp connection level from bandwidth reasons i can't (for now) to use more than one authentication database because i have a large number of users/accounts and more than 10 slave ldap servers and more than 10 regional mail servers and i have only one web interface for users/accounts management ... and to finish say only that i am not a C programmer and aprox all workstation have random IP from dhcp servers (only servers have static IP) thanks to all. --- Fabio Gomes <[EMAIL PROTECTED]> wrote: > Em Qua 24 Nov 2004 16:32, você escreveu: > > i don't want relying based on sender's domain > > are you angry? > > > > > i have a lot o users/accounts and some of them must > not > > can sending mail to the "internet" .. just to local > domain > > so i thing to something like this: > > 1) have another ldap attribute and qmail-smtpd look > for > > this attribute and if it set just do onother > verification > > on recipient domain and if not in rcpthosts drop the > > connection > > or > > 2) qmail-smtpd look into another control file > > (~controls/) and if sender's address is > listed > > in this file check recipient domain and if is not in > > rcpthosts drop connection > > > > something like postfix is doing ! > > > > The best way to selectively authorize users to send mails > out of your domain > is based on IP address using TCPSERVER and RELAYCLIENT > env or some kind of > authentication (AUTH SMTP, SMTP-AFTER-POP). > Some people uses different databases for SMTP > authentication and POP. Putting > on the SMTP authentication database, only the users > authorized to relay. > > You also could write a wrapper for qmail-queue to > determine, based on sender > address, if the mail is allowed to relay or not. But as > already said, address > can be forged. > > Look in qmail list. That issue was actively discussed > before in that list. > > > --- Brian Reichert <[EMAIL PROTECTED]> wrote: > > > On Sun, Nov 21, 2004 at 11:37:13PM -0800, Mihai > Costache > > > > > > wrote: > > > > second: can somebody tell me how to make > qmail-smtpd to > > > > check domain sender, sender email address and > domain > > > > recipient when mails came from relay hosts ... and > if > > > > domain sender is not in ~control/rcpthosts(.cdb) to > > > > > > reject > > > > > > > this emails and to can to do some like this : to > have a > > > > list of local email address who can send mails only > to > > > > locals domain (aka domain listed in > > > > ~control/rcpthosts(.cdb) or ~control/locals(.cdb)) > > > > > > It depends on what you're trying to accomplish. > > > > > > Bear in mind that the sender's domain can be forged. > > > Relying on > > > the sender's domain to control relaying isnt' very > > > useful. > > > > > > It _sounds_ like what you want is known people from > known > > > hosts to > > > be able to relay. > > > > > > If that's the case, you should look into SMTP AUTH; > that > > > forces > > > force's people's mail clients to provide a password, > such > > > that when > > > they've authenticated, they're allowed to relay > though > > > that mail > > > server... > > > > > > > thanks, > > > > Mihai > > > > > > -- > > > Brian Reichert<[EMAIL PROTECTED]> > > > 37 Crystal Ave. #303 Daytime number: (603) 434-6842 > > > Derry NH 03038-1713 USA BSD admin/developer at > large > > > > __ > > Do you Yahoo!? > > Yahoo! Mail - You care about security. So do we. > > http://promotions.yahoo.com/new_mail > > GL, > -- > Fábio Gomes > <[EMAIL PROTECTED]> > __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail
Re: Re: questions about qmail-smtpd
i don't want relying based on sender's domain i have a lot o users/accounts and some of them must not can sending mail to the "internet" .. just to local domain so i thing to something like this: 1) have another ldap attribute and qmail-smtpd look for this attribute and if it set just do onother verification on recipient domain and if not in rcpthosts drop the connection or 2) qmail-smtpd look into another control file (~controls/) and if sender's address is listed in this file check recipient domain and if is not in rcpthosts drop connection something like postfix is doing ! --- Brian Reichert <[EMAIL PROTECTED]> wrote: > On Sun, Nov 21, 2004 at 11:37:13PM -0800, Mihai Costache > wrote: > > second: can somebody tell me how to make qmail-smtpd to > > check domain sender, sender email address and domain > > recipient when mails came from relay hosts ... and if > > domain sender is not in ~control/rcpthosts(.cdb) to > reject > > this emails and to can to do some like this : to have a > > list of local email address who can send mails only to > > locals domain (aka domain listed in > > ~control/rcpthosts(.cdb) or ~control/locals(.cdb)) > > It depends on what you're trying to accomplish. > > Bear in mind that the sender's domain can be forged. > Relying on > the sender's domain to control relaying isnt' very > useful. > > It _sounds_ like what you want is known people from known > hosts to > be able to relay. > > If that's the case, you should look into SMTP AUTH; that > forces > force's people's mail clients to provide a password, such > that when > they've authenticated, they're allowed to relay though > that mail > server... > > > thanks, > > Mihai > > -- > Brian Reichert<[EMAIL PROTECTED]> > 37 Crystal Ave. #303 Daytime number: (603) 434-6842 > Derry NH 03038-1713 USA BSD admin/developer at large > __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
Re: questions about qmail-smtpd
nobody can help me ? --- Mihai Costache <[EMAIL PROTECTED]> wrote: > > hi, > > firts: if ~control/relaymailfrom is used the RELAYCLIENT > from tcpserver is used, too ... who has the higher > priority > ? tcpserver ? > > second: can somebody tell me how to make qmail-smtpd to > check domain sender, sender email address and domain > recipient when mails came from relay hosts ... and if > domain sender is not in ~control/rcpthosts(.cdb) to > reject > this emails and to can to do some like this : to have a > list of local email address who can send mails only to > locals domain (aka domain listed in > ~control/rcpthosts(.cdb) or ~control/locals(.cdb)) > > > thanks, > Mihai > > > > > > __ > Do you Yahoo!? > The all-new My Yahoo! - Get yours free! > http://my.yahoo.com > > > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
questions about qmail-smtpd
hi, firts: if ~control/relaymailfrom is used the RELAYCLIENT from tcpserver is used, too ... who has the higher priority ? tcpserver ? second: can somebody tell me how to make qmail-smtpd to check domain sender, sender email address and domain recipient when mails came from relay hosts ... and if domain sender is not in ~control/rcpthosts(.cdb) to reject this emails and to can to do some like this : to have a list of local email address who can send mails only to locals domain (aka domain listed in ~control/rcpthosts(.cdb) or ~control/locals(.cdb)) thanks, Mihai __ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com
Re: some filtering stuff, again
hi, can you give me more information about how works your configuration ? i asking you because i haven't been working so far with postfix and because i want to do more than this first filter ... one more thing :) my actual qmail-ldap configuration offers pop-ssl, smtp-after-pop and smtp-auth. my interes is to preserve this things. thanks, mihai --- Fernando Maior <[EMAIL PROTECTED]> wrote: > > hi, > > > > i come back with same question about a filter need with > > qmail-ldap beacause i doesn't find a satisfactory > solution > > for this. > > the most important thing/ how can i specify than some > email > > addresses can not send mails to "internet" ... and can > only > > send to local domains (domains listed in > ~/control/locals) > > > > thanks, > > mihai > > Mihai, > > Unfortunately, qmail-ldap does not provide support for > that. > I use two smtp services for doing all my stuff: > > Postfix is very good for doing what you want and > anti-spam/ > anti-virus things. So, Postfix is installed in my mail > server > and listening to port 25. It sends all local mail to > qmail-ldap. > > Than you have qmail-ldap for local and remote delivery. > It is > great for a bunch of things like controlling size of > mails per > user, for example. It is installed in the same machine, > and > is listening to port 1025. > > That kind of configuration permits me to split the > services > between two or more machines, if necessary. Until now, it > was > not, because both services are really fast and light. > > -- > Bye, > Fernando Maciel Souto Maior > [EMAIL PROTECTED] > http://www.araujo.com.br > +55+31 3270-5886 > LPIC/1 # 31908 > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
some filtering stuff, again
hi, i come back with same question about a filter need with qmail-ldap beacause i doesn't find a satisfactory solution for this. the most important thing/ how can i specify than some email addresses can not send mails to "internet" ... and can only send to local domains (domains listed in ~/control/locals) thanks, mihai __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: setup a qmail-ldap server for standy mode
look at www.linux-ha.org or/and www.linuxvirtualserver.org --- Hiu Yen Onn <[EMAIL PROTECTED]> wrote: > hi, > > i wish to configure a server such that when my duty-mode > server was > down, then, the stanby-mode server will take place. and > then, the > duty-mode server is doing replication to the standy-mode > server. thanks. > > Cheers, > yenonn > -- > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: different size limits on incoming and outgoing mails
--- Claudio Jeker <[EMAIL PROTECTED]> wrote: > On Tue, Oct 19, 2004 at 12:12:18AM -0700, Mihai Costache > wrote: > > > >hi, > > > > can anyone tell me how to set different size limits on > > incoming and outgoing mails ? > > > > Use two different set of SMTP servers. One for incoming > and one for > outgoing. > > You can also use the DATABYTES env variable and a tcp > rules file to set it > based on IP. > -- > :wq Claudio > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
different size limits on incoming and outgoing mails
hi, can anyone tell me how to set different size limits on incoming and outgoing mails ? thanks, Mihai ___ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com
some filtering for outgoing mails
hi, i'm working with qmail-ldap and qmail-scanner by two years and all it is working great ... but now i must to do some filtering for outgoing mails (filtering per user or per group of users). 1/. i want that some local email addresses cannot send mails to internet ... can only send to local email addresses. 2/. i want that some local email addresses can send and receive (or just sending) .exe (and other types) attachment and the others can not. can you give me some advices ? thanks, Mihai __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
RE: hi, qmail-ldap and some filtering
yes Spamassassin is good for all incoming mails, but i want to do some filtering on all outgoing mail on all ips with relay access, too --- Milind Nanal <[EMAIL PROTECTED]> wrote: > Go for Qmail + Spamassain > > > -Original Message----- > From: Mihai Costache [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 07, 2004 5:09 PM > To: [EMAIL PROTECTED] > Subject: hi, qmail-ldap and some filtering > > > > > hi, > > i'm working with qmail-ldap and qmail-scanner by two > years > and all it is working great ... but now i must do some > delicate filtering and please give me some tips. > first i want that some local email addresses cannot > send > mails to internet ... only to local email addresses. > second i want that some local email addresses can > send/receive .exe attachment and the others can not. > > thanks, > Mihai > > > > ___ > Do you Yahoo!? > Declare Yourself - Register online to vote today! > http://vote.yahoo.com > ___ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com
Re: Re: hi, qmail-ldap and some filtering
--- Scott Ryan <[EMAIL PROTECTED]> wrote: > On Thursday 07 October 2004 13:39, Mihai Costache shaped > the electrons to say: > > hi, > > > > i'm working with qmail-ldap and qmail-scanner by two > years > > and all it is working great ... but now i must do some > > delicate filtering and please give me some tips. > > first i want that some local email addresses cannot > send > > mails to internet ... only to local email addresses. > > second i want that some local email addresses can > > send/receive .exe attachment and the others can not. > > > > thanks, > > Mihai > > Your best bet is to use maildrop. In your users' ldap > entry, specify the > DeliveryProgramPath to use maildrop followed by a file > that contains a set of > filtering rules. eg: > > DeliveryProgramPath:maildrop > > Then in your ~control/ldapdefaultdotmode specify > ldaponly. > > -- > > Kind regards, 1) if in ~control/ldapdefaultdormode is specified ldaponly then ldap attribut deliveryProgramPath is silently ignored. 2) deliveryProgramPath is not only for incoming emails ? and if is only for incoming how can i limit the possibility of sending emails to internet by some local address or how deny (or accept) the possibility of sending emails with .exe attachment for one or more local address ? thanks, Mihai ___ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com
hi, qmail-ldap and some filtering
hi, i'm working with qmail-ldap and qmail-scanner by two years and all it is working great ... but now i must do some delicate filtering and please give me some tips. first i want that some local email addresses cannot send mails to internet ... only to local email addresses. second i want that some local email addresses can send/receive .exe attachment and the others can not. thanks, Mihai ___ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com
