Re: [qmailtoaster] smtproutes and domainkeys, spf, srs

2007-01-17 Thread Erik Espinoza

SRS and SPF can be used if your upstream isp publishes spf records.
You can use the include statement (more info at openspf.org) to
include their spf entries into your spf records. SBC, however, doesn't
publish SPF records as Yahoo handles their infrastructure.

The Qmail DomainKey implementation is to spec, but doesn't implement
the optional h= header that limits the scope of the DomainKey
signature to certain parts. Because of this, DomainKeys will fail if
it is forwarded through a third party server.

Erik

On 1/16/07, Trung Pham [EMAIL PROTECTED] wrote:

I currently have all my outgoing emails forwarded to my ISP server using
smtproutes. So I am curious if I can still use domainkeys, spf, or srs
features since my ISP will definitely modify the email header.

FYI, I am using SBC Business DSL. I had to resolve to smtproutes otherwise
Yahoo will put emails coming from me into the bulk folder.

Please let me know if those features still work if I use my ISP to relay
my mails.

My goal is to stop incoming spams that forge my own address.



-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Erik Espinoza

Might want to check out the wiki. There are a ton of scripts that you
can use to keep the QT up to date.

ES and JV have done some great work on keeping the QmailToaster up to
date. Due to licensing restrictions, we aren't allowed to give out
binary updates, so no yum.

The wiki has an faq entry on this.

Thanks,
Erik

On 1/16/07, Dave Q.T. Newbiw [EMAIL PROTECTED] wrote:

Hi Erik,

Thanks for the reply...   What size VM, memory-wise, does QM Toaster need?
Is 96MB enough?

In anticipation of the fact the that over the next few years _some_
bug/security issues will be found, how exactly does the auto update process
work? Is everything updated, or just the base CentOS files?

Thank you,
David



Erik Espinoza [EMAIL PROTECTED] wrote:
 Hello Dave

 Can QM Toaster be used to turn a default CentOS install into a very basic
 POP3/IMAP/SMTP email server?

It's a lot more than basic, as it comes with antivirus, antispam,
domainkeys, spf and srs. I'd call it thorough rather than basic.

 Our current ISP where we host ~15 domains and ~25+ email accounts has a
 mandatory incoming auto-discard spam filter that is far too strict to
 continue using.

That sucks.

 Unfortunately, switching ISPs is not an option right now.

Good luck!

 I am looking at signing up for a basic low-memory CentOS Virtual
Dedicated
 Server to handle our own incoming ( outgoing) mail.

I wouldn't go too low on the memory unless you don't want antivirus
and antispam.

 There will not be a full-time IT person to maintain the server, so
 simplicity is a must.

The QmailToaster is very simple. This is a no brainer.

 I am perfectly fine with leaving out server-side spam filtering, though I
 suspect that some basic blacklist usage would be a good idea.

I'd recommend against leaving out the spam filtering, as blacklists
are usually too encompassing.

 Most specifically, I don't want to add the performance overhead, security
 liability, and maintenance requirements of a typical default server.
 (Apache, MySQL, Bind, etc.)

In reality, the only thing that requires maintenance is the antispam,
antivirus and webmail.The project keeps those all up to date. The rest
is, for the most part, already a couple of years old and battle tested
on the internet. Known to be secure.

 Basically, I want an ultra-basic server that I can set for automatic
updates
 and let it continue running hands-off until CentOS 4 is no longer
 supported with security patches.

Sounds like the plan. It's how I run mine.

 Will Qmail Toaster do what I need?

Yes. It's not basic, but it is simple. And there is plenty of support
here, on the wiki and on the main site.

Thanks,
Erik

-
 QmailToaster hosted by: VR Hosted
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]




 
Don't be flakey. Get Yahoo! Mail for Mobile and
always stay connected to friends.




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



[qmailtoaster] Changing hostname of the server

2007-01-17 Thread Midhun Ramadas

Hi,

Can anyone guide me how can I change the hostname of a live qmail server? In
which all control files we need to make changes if I change the hostname?

Thanks in advance,
Midhun


[qmailtoaster] compile errors

2007-01-17 Thread Kisakye Alex
Hello

 

1)I have been trying to install Toaster on Fedora Core 5! I have been
getting the error below during installation! can any one point me in the
right direction??

 

2) There was a post earlier on the list on problems experienced while
installing toaster on CentOS server install, was this erectified?? ie can I
move my installation to CentOS?? I have just had enough with Fedora Core

 

Errors below;

 

Installing courier-authlib-toaster-0.59-1.3.4.src.rpm

error: Failed build dependencies

  /usr/include/ltdl.h is needed by
courier-authlib-toaster-0.59-1.3.4.i386

error: File not found by glob:

/usr/src/redhat/RPMS/i386/courier-authlib-toaster*.rpm

 

Installing courier-imap-toaster-4.1.2-1.3.6.src.rpm

error: Failed build dependencies

  courier-authlib-toaster is needed by
courier-imap-toaster-4.1.2-1.3.6.i386

 

error: File not found by glob:

/usr/src/redhat/RPMS/i386/courier-imap-toaster*.rpm

 

 

thanks

ALex

 



[qmailtoaster] Password fail

2007-01-17 Thread Wojciech Gabor
vpopmail[24367]: vchkpw-smtp: password fail 
(pass: '0b3acf566e0899014146fee9fa23f760') [EMAIL PROTECTED]:IP

This connection is from scaner sending its work to email. In tutorial is 
only info that password is coded. Change to send password in plain text is 
not possible.
How resolve it?
 
-- 
Tuptus
System uptime: 41 years 8 months 3 weeks 1 days 9 hours 45 minuts

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Greylisting

2007-01-17 Thread Wojciech Gabor
Dnia wtorek, 16 stycznia 2007 09:43, Erik Espinoza napisał:
 You may want to check this out:

 http://thomas.mangin.me.uk/software/qmail-greylist.html

Simple and effective.
THX Erik.

-- 
System uptime: 41 years 8 months 3 weeks 1 days 9 hours 45 minuts

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Greylisting

2007-01-17 Thread Eric \Shubes\
Wojciech Gabor wrote:
 Dnia wtorek, 16 stycznia 2007 09:43, Erik Espinoza napisał:
 You may want to check this out:

 http://thomas.mangin.me.uk/software/qmail-greylist.html
 
 Simple and effective.
 THX Erik.
 
WG,
I take it you've had success with this? Would you care to elaborate some?

-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



[qmailtoaster] qtp-newmodel sandbox clarification

2007-01-17 Thread Dan Herbon
Just want to see if I understand this fully. The qtp-newmodel script builds
the newest version into a sandbox, once its successfully built and
installed in the sandbox it will then proceed to install it outside the
sandbox to the actual server? Sorry if this is confusing.

 

Dan

 

 



Re: [qmailtoaster] compile errors

2007-01-17 Thread Gabriel Lai
Check whether sendmail is already uninstalled from the system.
issue this command: rpm -e sendmail --nodeps
I have the same problem sometime due to sendmail havent uninstall

- Original Message 
From: Kisakye Alex [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wednesday, January 17, 2007 8:37:12 PM
Subject: [qmailtoaster] compile errors


Hello
 
1)I have been trying to install Toaster on Fedora Core 5! I have been getting 
the error below during installation! can any one point me in the right 
direction??
 
2) There was a post earlier on the list on problems experienced while 
installing toaster on CentOS server install, was this erectified?? ie can I 
move my installation to CentOS?? I have just had enough with Fedora Core
 
Errors below;
 
Installing courier-authlib-toaster-0.59-1.3.4.src.rpm
error: Failed build dependencies
  /usr/include/ltdl.h is needed by courier-authlib-toaster-0.59-1.3.4.i386
error: File not found by glob:
/usr/src/redhat/RPMS/i386/courier-authlib-toaster*.rpm
 
Installing courier-imap-toaster-4.1.2-1.3.6.src.rpm
error: Failed build dependencies
  courier-authlib-toaster is needed by courier-imap-toaster-4.1.2-1.3.6.i386
 
error: File not found by glob:
/usr/src/redhat/RPMS/i386/courier-imap-toaster*.rpm
 
 
thanks
ALex



 

Need Mail bonding?
Go to the Yahoo! Mail QA for great tips from Yahoo! Answers users.
http://answers.yahoo.com/dir/?link=listsid=396546091

Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Dave
What exactly are the licensing issues that prevent
qmail from simply being folded in to the CentOS or
Ubuntu disrabutions?

I'm a little uneasy running a sevrer that requires a
kludge to keep automatically up to date.

Also, the QM Toaster kit seems to force the use of PHP
and MySQL.  (... Both items that are hard to secure
and I would rather keep off this low-volume server.)


Thanks,
David  


--- Erik Espinoza [EMAIL PROTECTED] wrote:

 Might want to check out the wiki. There are a ton of
 scripts that you
 can use to keep the QT up to date.
 
 ES and JV have done some great work on keeping the
 QmailToaster up to
 date. Due to licensing restrictions, we aren't
 allowed to give out
 binary updates, so no yum.
 
 The wiki has an faq entry on this.
 
 Thanks,
 Erik


 

Get your own web address.  
Have a HUGE year through Yahoo! Small Business.
http://smallbusiness.yahoo.com/domains/?p=BESTDEAL

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Changing hostname of the server

2007-01-17 Thread Eric \Shubes\
Midhun Ramadas wrote:
 Hi,
 
 Can anyone guide me how can I change the hostname of a live qmail
 server? In which all control files we need to make changes if I change
 the hostname?
 
 Thanks in advance,
 Midhun

# grep -R `hostname` /etc/* /var/qmail/*
(note, those are back-quotes, not apostrophes)

You can obviously ignore some of the hits, such as those in /var/qmail/queue.
-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Steve Huff


On Jan 17, 2007, at 10:10 AM, Dave wrote:


What exactly are the licensing issues that prevent
qmail from simply being folded in to the CentOS or
Ubuntu disrabutions?


http://cr.yp.to/distributors.html

-steve

--
If this were played upon a stage now, I could condemn it as an  
improbable fiction. - Fabian, Twelfth Night, III,v





-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Dave
  What exactly are the licensing issues that
 prevent
  qmail from simply being folded in to the CentOS or
  Ubuntu disrabutions?
 
 http://cr.yp.to/distributors.html
 


Yeah... I saw that, but I am not sure what the
implications of that are 

Seemingly you could distribute a binary image...
right?

-- David


 

Looking for earth-friendly autos? 
Browse Top Cars by Green Rating at Yahoo! Autos' Green Center.
http://autos.yahoo.com/green_center/

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] compile errors

2007-01-17 Thread Eric \Shubes\
Kisakye Alex wrote:
 Hello
 
  
 
 1)I have been trying to install Toaster on Fedora Core 5! I have been
 getting the error below during installation! can any one point me in the
 right direction??
 
  
 
 2) There was a post earlier on the list on problems experienced while
 installing toaster on CentOS server install, was this erectified?? ie
 can I move my installation to CentOS?? I have just had enough with
 Fedora Core
 
  
 
 Errors below;
 
  
 
 Installing courier-authlib-toaster-0.59-1.3.4.src.rpm
 
 error: Failed build dependencies
 
   /usr/include/ltdl.h is needed by
 courier-authlib-toaster-0.59-1.3.4.i386
 
 error: File not found by glob:
 
 /usr/src/redhat/RPMS/i386/courier-authlib-toaster*.rpm
 
  
 
 Installing courier-imap-toaster-4.1.2-1.3.6.src.rpm
 
 error: Failed build dependencies
 
   courier-authlib-toaster is needed by
 courier-imap-toaster-4.1.2-1.3.6.i386
 
  
 
 error: File not found by glob:
 
 /usr/src/redhat/RPMS/i386/courier-imap-toaster*.rpm
 
  
 
  
 
 thanks
 
 ALex
 

CentOS is a much better choice for a toaster distro than Fedora in terms of
 stability. You'll have far fewer OS upgrades to do once it's up and
running, and you'll also run into fewer hurdles installing and upgrading the
toaster software. There is no advantage to using Fedora that I'm aware of.
In general, Fedora is good for desktops, CentOS is good for servers.

IIRC, someone was having a problem with a particular SATA drive/controller
with CentOS4 and couldn't get the base distro installed. I've no idea why,
and I'm guessing that the HW was some sort of bleeding edge, which SATA is
generally not.

-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Password fail

2007-01-17 Thread Eric \Shubes\
Wojciech Gabor wrote:
 vpopmail[24367]: vchkpw-smtp: password fail 
 (pass: '0b3acf566e0899014146fee9fa23f760') [EMAIL PROTECTED]:IP
 
 This connection is from scaner sending its work to email. In tutorial is 
 only info that password is coded.

That's a good thing.

 Change to send password in plain text is 
 not possible.

You wouldn't want to do that.

 How resolve it?

Which encoding scheme is used by the scanner? Encoding scheme must match
what vpopmail is using (I'm not sure what that is off hand).


-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Steve Huff


On Jan 17, 2007, at 10:30 AM, Dave wrote:


http://cr.yp.to/distributors.html


Yeah... I saw that, but I am not sure what the
implications of that are

Seemingly you could distribute a binary image...
right?


no; you may not distribute a binary image, you must distribute  
exactly the binary image provided by DJB (which is a tarball of / 
var/qmail, whereas QmailToaster uses RPMs).  the version of qmail in  
QmailToaster includes a number of patches that differentiate it from  
stock qmail.  same with ezmlm, daemontools, etc.


do i have this right, folks?

-steve

--
If this were played upon a stage now, I could condemn it as an  
improbable fiction. - Fabian, Twelfth Night, III,v





-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Error when trying to set a Domain Admin in VqAdmin. Anyone else seeing this? It is occuring on 2 new toaster installs. Thanks Ed

2007-01-17 Thread Ed Morrison

Erik Espinoza wrote:

Have you tried using the command line?

No I hadn't.  Just did and it worked.  Curious that the web interface
didn't.  Any thoughts?

Can you send a list of installed packages?

   I performed a default install of the qmail-toaster:
   [EMAIL PROTECTED] ~]# rpm -qa *toaster
   daemontools-toaster-0.76-1.3.2
   libsrs2-toaster-1.0.18-1.3.2
   courier-imap-toaster-4.1.2-1.3.6
   ezmlm-cgi-toaster-0.53.324-1.3.2
   spamassassin-toaster-3.1.7-1.3.6
   ucspi-tcp-toaster-0.88-1.3.2
   libdomainkeys-toaster-0.68-1.3.2
   qmail-toaster-1.03-1.3.10
   courier-authlib-toaster-0.59-1.3.4
   autorespond-toaster-2.0.4-1.3.2
   ezmlm-toaster-0.53.324-1.3.2
   qmailadmin-toaster-1.2.9-1.3.3
   maildrop-toaster-2.0.3-1.3.4
   isoqlog-toaster-2.1-1.3.2
   squirrelmail-toaster-1.4.9a-1.3.5
   clamav-toaster-0.88.7-1.3.7
   simscan-toaster-1.3.1-1.3.3
   vpopmail-toaster-5.4.13-1.3.3
   qmail-pop3d-toaster-1.03-1.3.10
   control-panel-toaster-0.5-1.3.2
   qmailmrtg-toaster-4.2-1.3.2
   vqadmin-toaster-2.3.4-1.3.2
   ripmime-toaster-1.4.0.6-1.3.2

What distribution are your using?
   CentOS 4.4


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] qtp-newmodel sandbox clarification

2007-01-17 Thread Eric \Shubes\
Dan Herbon wrote:
 Just want to see if I understand this fully. The qtp-newmodel script
 builds the newest version into a “sandbox”,

Yes.

 once its successfully built
 and installed in the sandbox it will then proceed to install it outside
 the sandbox to the actual server?

Yes.
Right before the script is ready to do the 'live' update, it will ask you if
you want to continue, giving you the opportunity to gracefully quit and do
the 'live' upgrade later. When you subsequently rerun the script, it will
recognize what's already been done, allowing you to complete the upgrade in
short order (usually less than 10 minutes).

Note, the script will automatically stop and restart qmail at the
appropriate points to minimize down time.

 Sorry if this is confusing.

No, that's my line! ;)

If you would care to add some clarification to the wiki, please do.

HTH

P.S. Please be sure that you're using the latest qmailtoaster-plus package:
# rpm -q qmailtoaster-plus
qmailtoaster-plus-0.2.7-1.3.9

-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] compile errors

2007-01-17 Thread Vince Callaway
On Wed, 2007-01-17 at 08:34 -0700, Eric Shubes wrote:
 CentOS is a much better choice for a toaster distro than Fedora in terms of
  stability. You'll have far fewer OS upgrades to do once it's up and
 running, and you'll also run into fewer hurdles installing and upgrading the
 toaster software. There is no advantage to using Fedora that I'm aware of.
 In general, Fedora is good for desktops, CentOS is good for servers.

While in general I would agree with you, but not in this case.  Centos
works fine with the exception of spamassassin.  All the people that sent
me the lint outputs only one showed all the modules functioning.
Spamassassin is one of the key elements needed in the spam battle.

I now have five fedora boxes running qmail-toaster, all are stable and
spam free.  It is true that updates come out more often for fedora than
for Centos.  Fedora is used as a test bed before things are available
for Centos and Redhat.  So long as everything is working, there is not
much need to update unless you want to.

I posted my notes previously on this list on fedora installs.  If you
follow those it is a painless install on fdr60.


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] simscan (simscan-toaster-1.3.1-1.3.3) segfaults

2007-01-17 Thread Warren (mailing lists)

Sorry, I have been out of the office for a few days.

There is not much to post.

/var/log/qmail/smtp/current gets this:
@400045acd89036e2684c simscan: connect error 2

Running it gives this:
[EMAIL PROTECTED] simscan]# /var/qmail/bin/simscan
Segmentation fault

Are there any other logs that I am missing?

W

Erik Espinoza wrote:

Could you paste the log output. I've not noticed any problems.

Erik

On 1/12/07, Warren (mailing lists) [EMAIL PROTECTED] wrote:

I noticed that simscan was not able to be called in the logs.  When I
try to run it directly (./simscan in the bin directory) it gives a 
segfault.


Any ideas?

W

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Eric \Shubes\
Dave wrote:
 What exactly are the licensing issues that prevent
 qmail from simply being folded in to the CentOS or
 Ubuntu disrabutions?

Steve has this right in his reply, TTBOMK.

 I'm a little uneasy running a sevrer that requires a
 kludge to keep automatically up to date.

I'm the same way, Dave. I tend to be more comfortable running binary rpms
myself. However that is simply not an option with any derivative of qmail,
including the toaster.

The scripts provided with the toaster (and qmailtoaster-plus) packages
(which *are* rpms), do an adequate job of overcoming this difficulty. The
advantages of using rpms are not lost with the toaster. All packages are
installed using rpm binaries, it's just that they're built on your specific
machine.

If you really wanted to use yum to do the upgrades, you could (but there's
really no point in doing so). Simply build your own yum repository
containing the toaster binary rpms that are produced by the scripts (or
built yourself manually), and you're good to go. You just can't *distribute*
your binary rpms to anyone else.

 Also, the QM Toaster kit seems to force the use of PHP
 and MySQL.  (... Both items that are hard to secure
 and I would rather keep off this low-volume server.)

I cannot speak authoritatively on this.

 Thanks,
 David  
 
 
 --- Erik Espinoza [EMAIL PROTECTED] wrote:
 
 Might want to check out the wiki. There are a ton of
 scripts that you
 can use to keep the QT up to date.

 ES and JV have done some great work on keeping the
 QmailToaster up to
 date. Due to licensing restrictions, we aren't
 allowed to give out
 binary updates, so no yum.

 The wiki has an faq entry on this.

 Thanks,
 Erik
 


-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



RE: [qmailtoaster] compile errors

2007-01-17 Thread Kisakye Alex
 

Sendmail is installed

 

Alex

 

  _  

From: Gabriel Lai [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, January 17, 2007 6:02 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] compile errors

 

Check whether sendmail is already uninstalled from the system.

issue this command: rpm -e sendmail --nodeps

I have the same problem sometime due to sendmail havent uninstall

- Original Message 
From: Kisakye Alex [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wednesday, January 17, 2007 8:37:12 PM
Subject: [qmailtoaster] compile errors

Hello

 

1)I have been trying to install Toaster on Fedora Core 5! I have been
getting the error below during installation! can any one point me in the
right direction??

 

2) There was a post earlier on the list on problems experienced while
installing toaster on CentOS server install, was this erectified?? ie can I
move my installation to CentOS?? I have just had enough with Fedora Core

 

Errors below;

 

Installing courier-authlib-toaster-0.59-1.3.4.src.rpm

error: Failed build dependencies

  /usr/include/ltdl.h is needed by
courier-authlib-toaster-0.59-1.3.4.i386

error: File not found by glob:

/usr/src/redhat/RPMS/i386/courier-authlib-toaster*.rpm

 

Installing courier-imap-toaster-4.1.2-1.3.6.src.rpm

error: Failed build dependencies

  courier-authlib-toaster is needed by
courier-imap-toaster-4.1.2-1.3.6.i386

 

error: File not found by glob:

/usr/src/redhat/RPMS/i386/courier-imap-toaster*.rpm

 

 

thanks

ALex

 

 

 

  _  

Finding fabulous fares is fun.
Let
http://farechase.yahoo.com/promo-generic-14795097;_ylc=X3oDMTFtNW45amVpBF9T
Azk3NDA3NTg5BF9zAzI3MTk0ODEEcG9zAzEEc2VjA21haWx0YWdsaW5lBHNsawNxMS0wNw--%0a
Yahoo! FareChase search your favorite travel sites to find flight and hotel
bargains.



Re: [qmailtoaster] simscan (simscan-toaster-1.3.1-1.3.3) segfaults

2007-01-17 Thread Eric \Shubes\
The connect error 2 message is simply a warning regarding the new P0F
checking in simscan. The toaster does not (yet) implement a P0F daemon, so
this feature is turned off. Add ,NOP0FCHECK=1 to your
/etc/tcprules.d/tcp.smtp file (not needed on the 127. line) and the message
will go away. (Don't forget to qmailctl cdb after making your change)

Warren (mailing lists) wrote:
 Sorry, I have been out of the office for a few days.
 
 There is not much to post.
 
 /var/log/qmail/smtp/current gets this:
 @400045acd89036e2684c simscan: connect error 2
 
 Running it gives this:
 [EMAIL PROTECTED] simscan]# /var/qmail/bin/simscan
 Segmentation fault
 
 Are there any other logs that I am missing?
 
 W
 
 Erik Espinoza wrote:
 Could you paste the log output. I've not noticed any problems.

 Erik

 On 1/12/07, Warren (mailing lists) [EMAIL PROTECTED] wrote:
 I noticed that simscan was not able to be called in the logs.  When I
 try to run it directly (./simscan in the bin directory) it gives a
 segfault.

 Any ideas?

 W



-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] compile errors

2007-01-17 Thread Eric \Shubes\
Vince Callaway wrote:
 On Wed, 2007-01-17 at 08:34 -0700, Eric Shubes wrote:
 CentOS is a much better choice for a toaster distro than Fedora in terms of
  stability. You'll have far fewer OS upgrades to do once it's up and
 running, and you'll also run into fewer hurdles installing and upgrading the
 toaster software. There is no advantage to using Fedora that I'm aware of.
 In general, Fedora is good for desktops, CentOS is good for servers.
 
 While in general I would agree with you, but not in this case.  Centos
 works fine with the exception of spamassassin.  All the people that sent
 me the lint outputs only one showed all the modules functioning.
 Spamassassin is one of the key elements needed in the spam battle.

This seems to indicate that some extra work needs to be done to get SA
working 100% on CentOS, which is indeed the case.
.) no less true on Fedora
.) SA does not need to be 100% operative to be effective. E.g. the stock
toaster has only local rules enabled.

 I now have five fedora boxes running qmail-toaster, all are stable and
 spam free.

spam free is relative at best. ;)
Congratulations though!

 It is true that updates come out more often for fedora than
 for Centos.  Fedora is used as a test bed before things are available
 for Centos and Redhat.  So long as everything is working, there is not
 much need to update unless you want to.

This comes down to stability/security. With CentOS, only security updates
are released and should be applied. With Fedora, you get security and
development updates, which increases the risk of instability.

 I posted my notes previously on this list on fedora installs.  If you
 follow those it is a painless install on fdr60.

I'm sure that it is. Unfortunately, Kisakye was starting with FC5! :(

Thank you for your trail blazing work, Vince. Will you kindly take the time
to post your fdr60 notes on the wiki? I'm sure it would be a valuable addition.

-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] compile errors

2007-01-17 Thread Erik Espinoza

yum install libtool-ltdl libtool-ltdl-devel

Try again.

Erik

On 1/17/07, Kisakye Alex [EMAIL PROTECTED] wrote:





Hello



1)I have been trying to install Toaster on Fedora Core 5! I have been
getting the error below during installation! can any one point me in the
right direction??



2) There was a post earlier on the list on problems experienced while
installing toaster on CentOS server install, was this erectified?? ie can I
move my installation to CentOS?? I have just had enough with Fedora Core



Errors below;



Installing courier-authlib-toaster-0.59-1.3.4.src.rpm

error: Failed build dependencies

  /usr/include/ltdl.h is needed by
courier-authlib-toaster-0.59-1.3.4.i386

error: File not found by glob:

/usr/src/redhat/RPMS/i386/courier-authlib-toaster*.rpm



Installing courier-imap-toaster-4.1.2-1.3.6.src.rpm

error: Failed build dependencies

  courier-authlib-toaster is needed by
courier-imap-toaster-4.1.2-1.3.6.i386



error: File not found by glob:

/usr/src/redhat/RPMS/i386/courier-imap-toaster*.rpm





thanks

ALex




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



[qmailtoaster] Re: Accepting mail from local mail servers

2007-01-17 Thread alex
Hi,

I am not sure what the problem is and how to resolve it. I am hosting my
company qmailtoaster server in the datacenter on an external ip, I also
have some development machines inside the company behind the nat on
internal ips.

When an internal application sends email out to [EMAIL PROTECTED] using
sendmail on localhost, I am not getting that email at [EMAIL PROTECTED]

I am pretty sure qmail rejects these emails because they come from a
mailserver behind nat which doesnt resolve to anything.

What do I need to configure on qmailtoaster so I can allow my development
machines to send me email to [EMAIL PROTECTED] Is there a setting where I
can just specify my company external ip to allow all the mail from my
internal subnet without being rejected?

Thank you


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Re: Accepting mail from local mail servers

2007-01-17 Thread Jean-Paul van de Plasse

Hi,

Any messages in the logfiles (on both qmailtoaster server and development 
machines)
What do you get when you telnet from the development machine to the 
qmailtoaster on port 25 and type something like

helo
mail from:[EMAIL PROTECTED]
rcpt to:[EMAIL PROTECTED]
data
subject: test
test
.

Simply said, more info is needed to solve this for you.

Regards,

JP

- Original Message - 
From: [EMAIL PROTECTED]

To: qmailtoaster-list@qmailtoaster.com
Sent: Wednesday, January 17, 2007 8:29 PM
Subject: [qmailtoaster] Re: Accepting mail from local mail servers



Hi,

I am not sure what the problem is and how to resolve it. I am hosting my
company qmailtoaster server in the datacenter on an external ip, I also
have some development machines inside the company behind the nat on
internal ips.

When an internal application sends email out to [EMAIL PROTECTED] using
sendmail on localhost, I am not getting that email at [EMAIL PROTECTED]

I am pretty sure qmail rejects these emails because they come from a
mailserver behind nat which doesnt resolve to anything.

What do I need to configure on qmailtoaster so I can allow my development
machines to send me email to [EMAIL PROTECTED] Is there a setting where I
can just specify my company external ip to allow all the mail from my
internal subnet without being rejected?

Thank you


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Re: Accepting mail from local mail servers

2007-01-17 Thread Erik Espinoza

You can disable sender checking by adding the nat public IP to
tcp.smtp with the RELAYCLIENT option

On 1/17/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:

Hi,

I am not sure what the problem is and how to resolve it. I am hosting my
company qmailtoaster server in the datacenter on an external ip, I also
have some development machines inside the company behind the nat on
internal ips.

When an internal application sends email out to [EMAIL PROTECTED] using
sendmail on localhost, I am not getting that email at [EMAIL PROTECTED]

I am pretty sure qmail rejects these emails because they come from a
mailserver behind nat which doesnt resolve to anything.

What do I need to configure on qmailtoaster so I can allow my development
machines to send me email to [EMAIL PROTECTED] Is there a setting where I
can just specify my company external ip to allow all the mail from my
internal subnet without being rejected?

Thank you


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Re: Accepting mail from local mail servers

2007-01-17 Thread Eric \Shubes\
What JP says would certainly help.

Given what you *have* said though, and making a few presumptions, I might
have a fix for you. Since your internal machines are being nat'd, I'm
thinking that the smtp sessions for these will appear to the toaster to be
coming from the external address of the natting device.

Simply add that address (the external address of your natting device) to
/etc/tcprules.d/tcp.smtp file like so:
external.address.of.nat:allow,RELAYCLIENT=
Regenerate your cdb file:
# qmailctl cdb
and you should be good to go.

Note, this solution is a tad bit insecure. If someone were able to spoof
this address (while unlikely it *is* possible), they could use your toaster
as an open relay. Not much of an issue if it's a private address, somewhat
more so if it's public. The best solution, while not as easy but more
secure, would be to configure the sendmail clients to authenticate themselves.

Jean-Paul van de Plasse wrote:
 Hi,
 
 Any messages in the logfiles (on both qmailtoaster server and
 development machines)
 What do you get when you telnet from the development machine to the
 qmailtoaster on port 25 and type something like
 helo
 mail from:[EMAIL PROTECTED]
 rcpt to:[EMAIL PROTECTED]
 data
 subject: test
 test
 .
 
 Simply said, more info is needed to solve this for you.
 
 Regards,
 
 JP
 
 - Original Message - From: [EMAIL PROTECTED]
 To: qmailtoaster-list@qmailtoaster.com
 Sent: Wednesday, January 17, 2007 8:29 PM
 Subject: [qmailtoaster] Re: Accepting mail from local mail servers
 
 
 Hi,

 I am not sure what the problem is and how to resolve it. I am hosting my
 company qmailtoaster server in the datacenter on an external ip, I also
 have some development machines inside the company behind the nat on
 internal ips.

 When an internal application sends email out to [EMAIL PROTECTED] using
 sendmail on localhost, I am not getting that email at [EMAIL PROTECTED]

 I am pretty sure qmail rejects these emails because they come from a
 mailserver behind nat which doesnt resolve to anything.

 What do I need to configure on qmailtoaster so I can allow my development
 machines to send me email to [EMAIL PROTECTED] Is there a setting where I
 can just specify my company external ip to allow all the mail from my
 internal subnet without being rejected?

 Thank you



-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Re: Accepting mail from local mail servers

2007-01-17 Thread Erik Espinoza

ES,

Only udp and icmp connections can be spoofed. The tcp handshake makes
spoofing tcp impossible.

The only way for such an attach to be feasible would be to hack a few
different routers in between their link. At that point, they got
bigger problems than an open relya.

Erik

On 1/17/07, Eric Shubes [EMAIL PROTECTED] wrote:

What JP says would certainly help.

Given what you *have* said though, and making a few presumptions, I might
have a fix for you. Since your internal machines are being nat'd, I'm
thinking that the smtp sessions for these will appear to the toaster to be
coming from the external address of the natting device.

Simply add that address (the external address of your natting device) to
/etc/tcprules.d/tcp.smtp file like so:
external.address.of.nat:allow,RELAYCLIENT=
Regenerate your cdb file:
# qmailctl cdb
and you should be good to go.

Note, this solution is a tad bit insecure. If someone were able to spoof
this address (while unlikely it *is* possible), they could use your toaster
as an open relay. Not much of an issue if it's a private address, somewhat
more so if it's public. The best solution, while not as easy but more
secure, would be to configure the sendmail clients to authenticate themselves.

Jean-Paul van de Plasse wrote:
 Hi,

 Any messages in the logfiles (on both qmailtoaster server and
 development machines)
 What do you get when you telnet from the development machine to the
 qmailtoaster on port 25 and type something like
 helo
 mail from:[EMAIL PROTECTED]
 rcpt to:[EMAIL PROTECTED]
 data
 subject: test
 test
 .

 Simply said, more info is needed to solve this for you.

 Regards,

 JP

 - Original Message - From: [EMAIL PROTECTED]
 To: qmailtoaster-list@qmailtoaster.com
 Sent: Wednesday, January 17, 2007 8:29 PM
 Subject: [qmailtoaster] Re: Accepting mail from local mail servers


 Hi,

 I am not sure what the problem is and how to resolve it. I am hosting my
 company qmailtoaster server in the datacenter on an external ip, I also
 have some development machines inside the company behind the nat on
 internal ips.

 When an internal application sends email out to [EMAIL PROTECTED] using
 sendmail on localhost, I am not getting that email at [EMAIL PROTECTED]

 I am pretty sure qmail rejects these emails because they come from a
 mailserver behind nat which doesnt resolve to anything.

 What do I need to configure on qmailtoaster so I can allow my development
 machines to send me email to [EMAIL PROTECTED] Is there a setting where I
 can just specify my company external ip to allow all the mail from my
 internal subnet without being rejected?

 Thank you



--
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Re: Accepting mail from local mail servers

2007-01-17 Thread Eric \Shubes\
Thanks for that insight, EE!
I love it when I learn new stuff.
(If I could only remember more of it!) :)

Erik Espinoza wrote:
 ES,
 
 Only udp and icmp connections can be spoofed. The tcp handshake makes
 spoofing tcp impossible.
 
 The only way for such an attach to be feasible would be to hack a few
 different routers in between their link. At that point, they got
 bigger problems than an open relya.
 
 Erik
 
 On 1/17/07, Eric Shubes [EMAIL PROTECTED] wrote:
 What JP says would certainly help.

 Given what you *have* said though, and making a few presumptions, I might
 have a fix for you. Since your internal machines are being nat'd, I'm
 thinking that the smtp sessions for these will appear to the toaster
 to be
 coming from the external address of the natting device.

 Simply add that address (the external address of your natting device) to
 /etc/tcprules.d/tcp.smtp file like so:
 external.address.of.nat:allow,RELAYCLIENT=
 Regenerate your cdb file:
 # qmailctl cdb
 and you should be good to go.

 Note, this solution is a tad bit insecure. If someone were able to spoof
 this address (while unlikely it *is* possible), they could use your
 toaster
 as an open relay. Not much of an issue if it's a private address,
 somewhat
 more so if it's public. The best solution, while not as easy but more
 secure, would be to configure the sendmail clients to authenticate
 themselves.

 Jean-Paul van de Plasse wrote:
  Hi,
 
  Any messages in the logfiles (on both qmailtoaster server and
  development machines)
  What do you get when you telnet from the development machine to the
  qmailtoaster on port 25 and type something like
  helo
  mail from:[EMAIL PROTECTED]
  rcpt to:[EMAIL PROTECTED]
  data
  subject: test
  test
  .
 
  Simply said, more info is needed to solve this for you.
 
  Regards,
 
  JP
 
  - Original Message - From: [EMAIL PROTECTED]
  To: qmailtoaster-list@qmailtoaster.com
  Sent: Wednesday, January 17, 2007 8:29 PM
  Subject: [qmailtoaster] Re: Accepting mail from local mail servers
 
 
  Hi,
 
  I am not sure what the problem is and how to resolve it. I am
 hosting my
  company qmailtoaster server in the datacenter on an external ip, I
 also
  have some development machines inside the company behind the nat on
  internal ips.
 
  When an internal application sends email out to [EMAIL PROTECTED] using
  sendmail on localhost, I am not getting that email at [EMAIL PROTECTED]
 
  I am pretty sure qmail rejects these emails because they come from a
  mailserver behind nat which doesnt resolve to anything.
 
  What do I need to configure on qmailtoaster so I can allow my
 development
  machines to send me email to [EMAIL PROTECTED] Is there a setting
 where I
  can just specify my company external ip to allow all the mail from my
  internal subnet without being rejected?
 
  Thank you
 


 -- 
 -Eric 'shubes'



-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



[qmailtoaster] tcpserver-limits-patch

2007-01-17 Thread Philip Nix Guru

Hello EE
would it be possible to integrate the tcpserver-limits-patch into the 
ucspi-tcp-toaster ?
It is pretty useful to have MAXLOAD MAXCONNIP MAXCONNC  DIEMSG in the 
tcp.smtp cdb file


I am already doing that trough my iptables setup but it could be useful
Thx
-Philip


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] tcpserver-limits-patch

2007-01-17 Thread Jean-Paul van de Plasse

Hi Philip,

Just curious but what good does it do when you can allready do this with 
iptables?
When I changed ucspi-tcp-toaster last week I figured they  were not very 
usefull..


Regards,

JP

- Original Message - 
From: Philip Nix Guru [EMAIL PROTECTED]

To: qmailtoaster-list@qmailtoaster.com
Sent: Wednesday, January 17, 2007 10:24 PM
Subject: [qmailtoaster] tcpserver-limits-patch



Hello EE
would it be possible to integrate the tcpserver-limits-patch into the 
ucspi-tcp-toaster ?
It is pretty useful to have MAXLOAD MAXCONNIP MAXCONNC  DIEMSG in the 
tcp.smtp cdb file


I am already doing that trough my iptables setup but it could be useful
Thx
-Philip


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Re: Accepting mail from local mail servers

2007-01-17 Thread alex
Thank you for all the replys. Eric, you are right. The toaster is seeing
my internal localhost sendmail session as coming from the public nat ip.

My next question is, am i adding the tcp.smtp settings you mentioned to be
able to use mail.company.com from my internal app behind nat to send mail
through the mail.company.com instead of the localhost sendmail?

Basically with allow and relayclient settings in tcp.smtp my internal app
behind nat should be able to send email through the external toaster
without authenticating?

I think i want to do that, but would it be more secure being able to
authenticate from the internal php app to mail.company.com through a
specific account without any tcp.smtp settings?

 What JP says would certainly help.

 Given what you *have* said though, and making a few presumptions, I might
 have a fix for you. Since your internal machines are being nat'd, I'm
 thinking that the smtp sessions for these will appear to the toaster to be
 coming from the external address of the natting device.

 Simply add that address (the external address of your natting device) to
 /etc/tcprules.d/tcp.smtp file like so:
 external.address.of.nat:allow,RELAYCLIENT=
 Regenerate your cdb file:
 # qmailctl cdb
 and you should be good to go.

 Note, this solution is a tad bit insecure. If someone were able to spoof
 this address (while unlikely it *is* possible), they could use your
 toaster
 as an open relay. Not much of an issue if it's a private address, somewhat
 more so if it's public. The best solution, while not as easy but more
 secure, would be to configure the sendmail clients to authenticate
 themselves.

 Jean-Paul van de Plasse wrote:
 Hi,

 Any messages in the logfiles (on both qmailtoaster server and
 development machines)
 What do you get when you telnet from the development machine to the
 qmailtoaster on port 25 and type something like
 helo
 mail from:[EMAIL PROTECTED]
 rcpt to:[EMAIL PROTECTED]
 data
 subject: test
 test
 .

 Simply said, more info is needed to solve this for you.

 Regards,

 JP

 - Original Message - From: [EMAIL PROTECTED]
 To: qmailtoaster-list@qmailtoaster.com
 Sent: Wednesday, January 17, 2007 8:29 PM
 Subject: [qmailtoaster] Re: Accepting mail from local mail servers


 Hi,

 I am not sure what the problem is and how to resolve it. I am hosting
 my
 company qmailtoaster server in the datacenter on an external ip, I also
 have some development machines inside the company behind the nat on
 internal ips.

 When an internal application sends email out to [EMAIL PROTECTED] using
 sendmail on localhost, I am not getting that email at [EMAIL PROTECTED]

 I am pretty sure qmail rejects these emails because they come from a
 mailserver behind nat which doesnt resolve to anything.

 What do I need to configure on qmailtoaster so I can allow my
 development
 machines to send me email to [EMAIL PROTECTED] Is there a setting where I
 can just specify my company external ip to allow all the mail from my
 internal subnet without being rejected?

 Thank you



 --
 -Eric 'shubes'

 -
  QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]




-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] tcpserver-limits-patch

2007-01-17 Thread Philip Nix Guru

Hi JP
I was just thinking in a general setup.
Not everyone knows how to set iptables.
And I often see spammers connecting to some of my smtps with 30-40 
connections (at least trying ..) :)
that would easily get your server down for your customers, the max 
concurrencyincoming wont allow any new connections


I use that kind of template (you can easily add -s and -d to filter)
iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m 
recent --set
iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m 
recent --update --seconds 60 --hitcount 10 -j DROP


QToaster should add either the option through tcp.smtp or some basic 
iptables rules
it would help a few users I think. Too often you see 30-100 connections 
from the same source and that just blocks your server for your real users


Just an idea :)
Jean-Paul van de Plasse wrote:

Hi Philip,

Just curious but what good does it do when you can allready do this 
with iptables?
When I changed ucspi-tcp-toaster last week I figured they  were not 
very usefull..


Regards,

JP

- Original Message - From: Philip Nix Guru [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wednesday, January 17, 2007 10:24 PM
Subject: [qmailtoaster] tcpserver-limits-patch



Hello EE
would it be possible to integrate the tcpserver-limits-patch into the 
ucspi-tcp-toaster ?
It is pretty useful to have MAXLOAD MAXCONNIP MAXCONNC  DIEMSG in 
the tcp.smtp cdb file


I am already doing that trough my iptables setup but it could be useful
Thx
-Philip


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] smtproutes and domainkeys, spf, srs

2007-01-17 Thread Trung Pham
So in my case, I am forwarding my mail through Yahoo. I should not bother
setting up SPF, SRS, and Domainkeys since I won't see any benefit at all.

Supposed if I handle my own outbound email and setup all those features
properly. Do you think Yahoo will still put my mails in the Bulk folder?

Another question, is it necessary for us to setup reverse IP DNS? Because
I think SBC will not help me do it.

 SRS and SPF can be used if your upstream isp publishes spf records.
 You can use the include statement (more info at openspf.org) to
 include their spf entries into your spf records. SBC, however, doesn't
 publish SPF records as Yahoo handles their infrastructure.

 The Qmail DomainKey implementation is to spec, but doesn't implement
 the optional h= header that limits the scope of the DomainKey
 signature to certain parts. Because of this, DomainKeys will fail if
 it is forwarded through a third party server.

 Erik

 On 1/16/07, Trung Pham [EMAIL PROTECTED] wrote:
 I currently have all my outgoing emails forwarded to my ISP server using
 smtproutes. So I am curious if I can still use domainkeys, spf, or srs
 features since my ISP will definitely modify the email header.

 FYI, I am using SBC Business DSL. I had to resolve to smtproutes
 otherwise
 Yahoo will put emails coming from me into the bulk folder.

 Please let me know if those features still work if I use my ISP to relay
 my mails.

 My goal is to stop incoming spams that forge my own address.



 -
  QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



 -
  QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]





-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] tcpserver-limits-patch

2007-01-17 Thread Eric \Shubes\
While doing this w/ iptables is certainly doable, I'd like to see a simple
way of handling it with the toaster too. The patch would be nice (imho).

Philip Nix Guru wrote:
 Hi JP
 I was just thinking in a general setup.
 Not everyone knows how to set iptables.
 And I often see spammers connecting to some of my smtps with 30-40
 connections (at least trying ..) :)
 that would easily get your server down for your customers, the max
 concurrencyincoming wont allow any new connections
 
 I use that kind of template (you can easily add -s and -d to filter)
 iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m
 recent --set
 iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m
 recent --update --seconds 60 --hitcount 10 -j DROP
 
 QToaster should add either the option through tcp.smtp or some basic
 iptables rules
 it would help a few users I think. Too often you see 30-100 connections
 from the same source and that just blocks your server for your real users
 
 Just an idea :)
 Jean-Paul van de Plasse wrote:
 Hi Philip,

 Just curious but what good does it do when you can allready do this
 with iptables?
 When I changed ucspi-tcp-toaster last week I figured they  were not
 very usefull..

 Regards,

 JP

 - Original Message - From: Philip Nix Guru [EMAIL PROTECTED]
 To: qmailtoaster-list@qmailtoaster.com
 Sent: Wednesday, January 17, 2007 10:24 PM
 Subject: [qmailtoaster] tcpserver-limits-patch


 Hello EE
 would it be possible to integrate the tcpserver-limits-patch into the
 ucspi-tcp-toaster ?
 It is pretty useful to have MAXLOAD MAXCONNIP MAXCONNC  DIEMSG in
 the tcp.smtp cdb file

 I am already doing that trough my iptables setup but it could be useful
 Thx
 -Philip



-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] smtproutes and domainkeys, spf, srs

2007-01-17 Thread Vince Callaway
On Wed, 2007-01-17 at 14:30 -0800, Trung Pham wrote:
 So in my case, I am forwarding my mail through Yahoo. I should not bother
 setting up SPF, SRS, and Domainkeys since I won't see any benefit at all.

EVERYONE should use SPF.

Forwarding mail through yahoo does not negate the benefits.  My own
email forwards through centurytel (my isp).

My SPF record is v=spf1 a include:centurytel.net ~all.  Pretty simple
and effective.  My /var/qmail/control/spfbehavior value is set to 4.
Keeps the fraud down.


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] smtproutes and domainkeys, spf, srs

2007-01-17 Thread Eric \Shubes\
Vince Callaway wrote:
 On Wed, 2007-01-17 at 14:30 -0800, Trung Pham wrote:
 So in my case, I am forwarding my mail through Yahoo. I should not bother
 setting up SPF, SRS, and Domainkeys since I won't see any benefit at all.
 
 EVERYONE should use SPF.
 
 Forwarding mail through yahoo does not negate the benefits.  My own
 email forwards through centurytel (my isp).
 
 My SPF record is v=spf1 a include:centurytel.net ~all.  Pretty simple
 and effective.  My /var/qmail/control/spfbehavior value is set to 4.
 Keeps the fraud down.
 

Thanks for clearing this up, Vince. That was my understanding too.

-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] smtproutes and domainkeys, spf, srs

2007-01-17 Thread Eric \Shubes\
Trung,
Is your toaster on a dynamic or static IP address?

Trung Pham wrote:
 So in my case, I am forwarding my mail through Yahoo. I should not bother
 setting up SPF, SRS, and Domainkeys since I won't see any benefit at all.

 Supposed if I handle my own outbound email and setup all those features
 properly. Do you think Yahoo will still put my mails in the Bulk folder?

TTBOMK, yahoo will not put your mail in bulk folders if you have DK
configured properly.

 Another question, is it necessary for us to setup reverse IP DNS? Because
 I think SBC will not help me do it.
 
 SRS and SPF can be used if your upstream isp publishes spf records.
 You can use the include statement (more info at openspf.org) to
 include their spf entries into your spf records. SBC, however, doesn't
 publish SPF records as Yahoo handles their infrastructure.

 The Qmail DomainKey implementation is to spec, but doesn't implement
 the optional h= header that limits the scope of the DomainKey
 signature to certain parts. Because of this, DomainKeys will fail if
 it is forwarded through a third party server.

 Erik

 On 1/16/07, Trung Pham [EMAIL PROTECTED] wrote:
 I currently have all my outgoing emails forwarded to my ISP server using
 smtproutes. So I am curious if I can still use domainkeys, spf, or srs
 features since my ISP will definitely modify the email header.

 FYI, I am using SBC Business DSL. I had to resolve to smtproutes
 otherwise
 Yahoo will put emails coming from me into the bulk folder.

 Please let me know if those features still work if I use my ISP to relay
 my mails.

 My goal is to stop incoming spams that forge my own address.





-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] tcpserver-limits-patch

2007-01-17 Thread Jean-Paul van de Plasse

I could not agree more on this.
Will do this today!

JP
- Original Message - 
From: Eric Shubes [EMAIL PROTECTED]

To: qmailtoaster-list@qmailtoaster.com
Sent: Thursday, January 18, 2007 12:24 AM
Subject: Re: [qmailtoaster] tcpserver-limits-patch



While doing this w/ iptables is certainly doable, I'd like to see a simple
way of handling it with the toaster too. The patch would be nice (imho).

Philip Nix Guru wrote:

Hi JP
I was just thinking in a general setup.
Not everyone knows how to set iptables.
And I often see spammers connecting to some of my smtps with 30-40
connections (at least trying ..) :)
that would easily get your server down for your customers, the max
concurrencyincoming wont allow any new connections

I use that kind of template (you can easily add -s and -d to filter)
iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m
recent --set
iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m
recent --update --seconds 60 --hitcount 10 -j DROP

QToaster should add either the option through tcp.smtp or some basic
iptables rules
it would help a few users I think. Too often you see 30-100 connections
from the same source and that just blocks your server for your real 
users


Just an idea :)
Jean-Paul van de Plasse wrote:

Hi Philip,

Just curious but what good does it do when you can allready do this
with iptables?
When I changed ucspi-tcp-toaster last week I figured they  were not
very usefull..

Regards,

JP

- Original Message - From: Philip Nix Guru [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wednesday, January 17, 2007 10:24 PM
Subject: [qmailtoaster] tcpserver-limits-patch



Hello EE
would it be possible to integrate the tcpserver-limits-patch into the
ucspi-tcp-toaster ?
It is pretty useful to have MAXLOAD MAXCONNIP MAXCONNC  DIEMSG in
the tcp.smtp cdb file

I am already doing that trough my iptables setup but it could be useful
Thx
-Philip




--
-Eric 'shubes'

-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] smtproutes and domainkeys, spf, srs

2007-01-17 Thread Erik Espinoza

SPF will not work in this case. Reread my earlier email. Yahoo doesn't
publish records for one to include. In addition DK usually fails when
you use a smarthost.

On 1/17/07, Eric Shubes [EMAIL PROTECTED] wrote:

Trung,
Is your toaster on a dynamic or static IP address?

Trung Pham wrote:
 So in my case, I am forwarding my mail through Yahoo. I should not bother
 setting up SPF, SRS, and Domainkeys since I won't see any benefit at all.

 Supposed if I handle my own outbound email and setup all those features
 properly. Do you think Yahoo will still put my mails in the Bulk folder?

TTBOMK, yahoo will not put your mail in bulk folders if you have DK
configured properly.

 Another question, is it necessary for us to setup reverse IP DNS? Because
 I think SBC will not help me do it.

 SRS and SPF can be used if your upstream isp publishes spf records.
 You can use the include statement (more info at openspf.org) to
 include their spf entries into your spf records. SBC, however, doesn't
 publish SPF records as Yahoo handles their infrastructure.

 The Qmail DomainKey implementation is to spec, but doesn't implement
 the optional h= header that limits the scope of the DomainKey
 signature to certain parts. Because of this, DomainKeys will fail if
 it is forwarded through a third party server.

 Erik

 On 1/16/07, Trung Pham [EMAIL PROTECTED] wrote:
 I currently have all my outgoing emails forwarded to my ISP server using
 smtproutes. So I am curious if I can still use domainkeys, spf, or srs
 features since my ISP will definitely modify the email header.

 FYI, I am using SBC Business DSL. I had to resolve to smtproutes
 otherwise
 Yahoo will put emails coming from me into the bulk folder.

 Please let me know if those features still work if I use my ISP to relay
 my mails.

 My goal is to stop incoming spams that forge my own address.





--
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Jake Vickers

Dave wrote:

What exactly are the licensing issues that prevent
qmail from simply being folded in to the CentOS or
Ubuntu disrabutions?

I'm a little uneasy running a sevrer that requires a
kludge to keep automatically up to date.

Also, the QM Toaster kit seems to force the use of PHP
and MySQL.  (... Both items that are hard to secure
and I would rather keep off this low-volume server.)
  
The writer of the software (Bernstein) requires that it be distributed 
as source code so that you know you're getting EXACTLY what he wrote, 
which is secure. If you read on his site, he's had a running reward for 
anyone who could find a security hole in his software. It's never been 
claimed as far as I know. I am not aware of any security patches 
released for QMail itself since the early 90's, which means that no one 
has found any.
You *COULD* give out RPMs if Bernstein gives you permission, but I know 
several people that have asked (repeatedly in some cases) but he does 
not answer any of those emails. As such, we use patches to add 
functionality to the whole affair, much as everyone else does. Yahoo! 
runs a patched version of QMail for their whole email system, if that 
gives you any reassurance to it's stability and security.
The PHP and MySQL portions are pretty secure, and I have not heard of 
too many security problems with either. If you're really worried, I'd 
suggest bocking incoming connections on port 3306, which will stop 
outside people from accessing MySQL, and then shutting down Apache 
(httpd). It's not needed for anything if you're not using webmail as all 
of the commands can be run from the command line. Then there's no real 
need to update anything besides spamassassin or clamav if you even 
decide to use those, and then it's usually only for updates for rules 
and virus signatures. If you don't use those there's no need to update 
Toaster anymore (in theory) since the code itself hasn't changed (even 
the patches) in a long time for security reasons - only for features.
If it's still that much of a concern you may look at having someone else 
run your email, and allow them to deal with updates and security issues. 
I (as well as several other people on this list, like Erik) run servers 
like this as part of our businesses so we try and stay on top of all the 
latest/greatest updates and patches.

Hope that helps some.


smime.p7s
Description: S/MIME Cryptographic Signature


Re: [qmailtoaster] Error when trying to set a Domain Admin in VqAdmin. Anyone else seeing this? It is occuring on 2 new toaster installs. Thanks Ed

2007-01-17 Thread Jake Vickers

Ed Morrison wrote:

Erik Espinoza wrote:

Have you tried using the command line?

No I hadn't.  Just did and it worked.  Curious that the web interface
didn't.  Any thoughts?
VQAdmin has been lame for a while now. It's released by Inter7 who is no 
longer doing any support/development for it. They're supposed to come 
out with a replacement, but it's still on the horizon. The interface you 
were using is alright to do some things like recovering lost passwords, 
but I don't think too many people rely on it anymore since it only half 
works anymore. There's been some talk of people contributing to recode 
it (actually write a new package entirely) but it's always a 
side-project that falls to the wayside.




smime.p7s
Description: S/MIME Cryptographic Signature


Re: [qmailtoaster] tcpserver-limits-patch

2007-01-17 Thread Erik Espinoza

Hey JP,

Please ensure that the patch defaults to the original behavior of the
QmailToaster if no settings are added to the tcp.smtp. I don't want to
accept a patch that changes the default behavior of the default
install.

Thanks,
Erik

On 1/17/07, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote:

I could not agree more on this.
Will do this today!

JP
- Original Message -
From: Eric Shubes [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thursday, January 18, 2007 12:24 AM
Subject: Re: [qmailtoaster] tcpserver-limits-patch


 While doing this w/ iptables is certainly doable, I'd like to see a simple
 way of handling it with the toaster too. The patch would be nice (imho).

 Philip Nix Guru wrote:
 Hi JP
 I was just thinking in a general setup.
 Not everyone knows how to set iptables.
 And I often see spammers connecting to some of my smtps with 30-40
 connections (at least trying ..) :)
 that would easily get your server down for your customers, the max
 concurrencyincoming wont allow any new connections

 I use that kind of template (you can easily add -s and -d to filter)
 iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m
 recent --set
 iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m
 recent --update --seconds 60 --hitcount 10 -j DROP

 QToaster should add either the option through tcp.smtp or some basic
 iptables rules
 it would help a few users I think. Too often you see 30-100 connections
 from the same source and that just blocks your server for your real
 users

 Just an idea :)
 Jean-Paul van de Plasse wrote:
 Hi Philip,

 Just curious but what good does it do when you can allready do this
 with iptables?
 When I changed ucspi-tcp-toaster last week I figured they  were not
 very usefull..

 Regards,

 JP

 - Original Message - From: Philip Nix Guru [EMAIL PROTECTED]
 To: qmailtoaster-list@qmailtoaster.com
 Sent: Wednesday, January 17, 2007 10:24 PM
 Subject: [qmailtoaster] tcpserver-limits-patch


 Hello EE
 would it be possible to integrate the tcpserver-limits-patch into the
 ucspi-tcp-toaster ?
 It is pretty useful to have MAXLOAD MAXCONNIP MAXCONNC  DIEMSG in
 the tcp.smtp cdb file

 I am already doing that trough my iptables setup but it could be useful
 Thx
 -Philip



 --
 -Eric 'shubes'

 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]




-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] tcpserver-limits-patch

2007-01-17 Thread Jean-Paul van de Plasse

Hey Erik,

Thats the only way I would do this..

:)

JP

- Original Message - 
From: Erik Espinoza [EMAIL PROTECTED]

To: qmailtoaster-list@qmailtoaster.com
Sent: Thursday, January 18, 2007 1:54 AM
Subject: Re: [qmailtoaster] tcpserver-limits-patch



Hey JP,

Please ensure that the patch defaults to the original behavior of the
QmailToaster if no settings are added to the tcp.smtp. I don't want to
accept a patch that changes the default behavior of the default
install.

Thanks,
Erik

On 1/17/07, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote:

I could not agree more on this.
Will do this today!

JP
- Original Message -
From: Eric Shubes [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thursday, January 18, 2007 12:24 AM
Subject: Re: [qmailtoaster] tcpserver-limits-patch


 While doing this w/ iptables is certainly doable, I'd like to see a 
 simple
 way of handling it with the toaster too. The patch would be nice 
 (imho).


 Philip Nix Guru wrote:
 Hi JP
 I was just thinking in a general setup.
 Not everyone knows how to set iptables.
 And I often see spammers connecting to some of my smtps with 30-40
 connections (at least trying ..) :)
 that would easily get your server down for your customers, the max
 concurrencyincoming wont allow any new connections

 I use that kind of template (you can easily add -s and -d to filter)
 iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m
 recent --set
 iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m
 recent --update --seconds 60 --hitcount 10 -j DROP

 QToaster should add either the option through tcp.smtp or some basic
 iptables rules
 it would help a few users I think. Too often you see 30-100 
 connections

 from the same source and that just blocks your server for your real
 users

 Just an idea :)
 Jean-Paul van de Plasse wrote:
 Hi Philip,

 Just curious but what good does it do when you can allready do this
 with iptables?
 When I changed ucspi-tcp-toaster last week I figured they  were not
 very usefull..

 Regards,

 JP

 - Original Message - From: Philip Nix Guru [EMAIL PROTECTED]
 To: qmailtoaster-list@qmailtoaster.com
 Sent: Wednesday, January 17, 2007 10:24 PM
 Subject: [qmailtoaster] tcpserver-limits-patch


 Hello EE
 would it be possible to integrate the tcpserver-limits-patch into 
 the

 ucspi-tcp-toaster ?
 It is pretty useful to have MAXLOAD MAXCONNIP MAXCONNC  DIEMSG in
 the tcp.smtp cdb file

 I am already doing that trough my iptables setup but it could be 
 useful

 Thx
 -Philip



 --
 -Eric 'shubes'

 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: 
 [EMAIL PROTECTED]





-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Dave
Thank you for the explanation... :)

I do have some specific config questions, but I'll
read through the wiki first.

Also, is there a basic post-install walk through that
shows how to configure things like log rotation,
mailbox quotas,  auto-updates of signatures, etc...
plus what ever else is needed to set up the server for
 hands free use. 


Thanks again,
David

--- Jake Vickers [EMAIL PROTECTED] wrote:

 Dave wrote:
  What exactly are the licensing issues that
 prevent
  qmail from simply being folded in to the CentOS or
  Ubuntu disrabutions?
 
  I'm a little uneasy running a sevrer that requires
 a
  kludge to keep automatically up to date.
 
  Also, the QM Toaster kit seems to force the use of
 PHP
  and MySQL.  (... Both items that are hard to
 secure
  and I would rather keep off this low-volume
 server.)

 The writer of the software (Bernstein) requires that
 it be distributed 
 as source code so that you know you're getting
 EXACTLY what he wrote, 
 which is secure. If you read on his site, he's had a
 running reward for 
 anyone who could find a security hole in his
 software. It's never been 
 claimed as far as I know. I am not aware of any
 security patches 
 released for QMail itself since the early 90's,
 which means that no one 
 has found any.
 You *COULD* give out RPMs if Bernstein gives you
 permission, but I know 
 several people that have asked (repeatedly in some
 cases) but he does 
 not answer any of those emails. As such, we use
 patches to add 
 functionality to the whole affair, much as everyone
 else does. Yahoo! 
 runs a patched version of QMail for their whole
 email system, if that 
 gives you any reassurance to it's stability and
 security.
 The PHP and MySQL portions are pretty secure, and I
 have not heard of 
 too many security problems with either. If you're
 really worried, I'd 
 suggest bocking incoming connections on port 3306,
 which will stop 
 outside people from accessing MySQL, and then
 shutting down Apache 
 (httpd). It's not needed for anything if you're not
 using webmail as all 
 of the commands can be run from the command line.
 Then there's no real 
 need to update anything besides spamassassin or
 clamav if you even 
 decide to use those, and then it's usually only for
 updates for rules 
 and virus signatures. If you don't use those there's
 no need to update 
 Toaster anymore (in theory) since the code itself
 hasn't changed (even 
 the patches) in a long time for security reasons -
 only for features.
 If it's still that much of a concern you may look at
 having someone else 
 run your email, and allow them to deal with updates
 and security issues. 
 I (as well as several other people on this list,
 like Erik) run servers 
 like this as part of our businesses so we try and
 stay on top of all the 
 latest/greatest updates and patches.
 Hope that helps some.
 



 

Cheap talk?
Check out Yahoo! Messenger's low PC-to-Phone call rates.
http://voice.yahoo.com

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Jake Vickers

Dave wrote:

Thank you for the explanation... :)

I do have some specific config questions, but I'll
read through the wiki first.

Also, is there a basic post-install walk through that
shows how to configure things like log rotation,
mailbox quotas,  auto-updates of signatures, etc...
plus what ever else is needed to set up the server for
 hands free use. 

  
Everyone is trying to add these things as we think of them. Some is 
usually just answered on the list.
Log rotation is done automatically, and the size of the log files before 
rotation is defined in /var/qmail/control/logcount and logsize (the wiki 
will explain some more).
Not really much to do post-install besides add domains and users. There 
are some spam things you can add in if your needs require them, and some 
other customizations (such as smtproutes) but it's only if you need them.
Updates of signatures is done automatically (cron job), so just about 
everything should be hands-free unless you need to change something to 
fit your environment.


smime.p7s
Description: S/MIME Cryptographic Signature


Re: [qmailtoaster] tcpserver-limits-patch

2007-01-17 Thread Philip Nix Guru

Hi JP
I was just thinking in a general setup.
Not everyone knows how to set iptables.
And I often see spammers connecting to some of my smtps with 30-40 
connections (at least trying ..) :)
that would easily get your server down for your customers, the max 
concurrencyincoming wont allow any new connections


I use that kind of template (you can easily add -s and -d to filter)
iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m 
recent --set
iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m 
recent --update --seconds 60 --hitcount 10 -j DROP


QToaster should add either the option through tcp.smtp or some basic 
iptables rules
it would help a few users I think. Too often you see 30-100 connections 
from the same source and that just blocks your server for your real users


Just an idea :)

Jean-Paul van de Plasse wrote:

Hi Philip,

Just curious but what good does it do when you can allready do this 
with iptables?
When I changed ucspi-tcp-toaster last week I figured they  were not 
very usefull..


Regards,

JP

- Original Message - From: Philip Nix Guru [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wednesday, January 17, 2007 10:24 PM
Subject: [qmailtoaster] tcpserver-limits-patch



Hello EE
would it be possible to integrate the tcpserver-limits-patch into the 
ucspi-tcp-toaster ?
It is pretty useful to have MAXLOAD MAXCONNIP MAXCONNC  DIEMSG in 
the tcp.smtp cdb file


I am already doing that trough my iptables setup but it could be useful
Thx
-Philip


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Dave
Thanks for pointers

Perhaps there should be a post install guide section
on the wiki?

-- David


--- Jake Vickers [EMAIL PROTECTED] wrote:

 Dave wrote:
  Thank you for the explanation... :)
 
  I do have some specific config questions, but I'll
  read through the wiki first.
 
  Also, is there a basic post-install walk through
 that
  shows how to configure things like log rotation,
  mailbox quotas,  auto-updates of signatures,
 etc...
  plus what ever else is needed to set up the server
 for
   hands free use. 
 

 Everyone is trying to add these things as we think
 of them. Some is 
 usually just answered on the list.
 Log rotation is done automatically, and the size of
 the log files before 
 rotation is defined in /var/qmail/control/logcount
 and logsize (the wiki 
 will explain some more).
 Not really much to do post-install besides add
 domains and users. There 
 are some spam things you can add in if your needs
 require them, and some 
 other customizations (such as smtproutes) but it's
 only if you need them.
 Updates of signatures is done automatically (cron
 job), so just about 
 everything should be hands-free unless you need to
 change something to 
 fit your environment.
 



 

Food fight? Enjoy some healthy debate 
in the Yahoo! Answers Food  Drink QA.
http://answers.yahoo.com/dir/?link=listsid=396545367

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Jake Vickers

Dave wrote:

Thanks for pointers

Perhaps there should be a post install guide section
on the wiki?
  
No reason there can't be. I just can't think of what to put in it. Do 
you have any suggestions to help us get started?

Thanks.


smime.p7s
Description: S/MIME Cryptographic Signature


Re: [qmailtoaster] Re: Accepting mail from local mail servers

2007-01-17 Thread Eric \Shubes\
[EMAIL PROTECTED] wrote:
 Thank you for all the replys. Eric, you are right. The toaster is seeing
 my internal localhost sendmail session as coming from the public nat ip.

Lucky guess. ;)

 My next question is, am i adding the tcp.smtp settings you mentioned to be
 able to use mail.company.com from my internal app behind nat to send mail
 through the mail.company.com instead of the localhost sendmail?

Sort of, but not exactly. The tcp.smtp settings will allow mail.company.com
(the server, not necessarily the domain) to be used as an open relay (to
anywhere, as far as the toaster's concerned) for any smtp connection coming
from from your internal lan. The internal hosts still use their localhost
sendmail. It's just that when localhost sendmail on each of their computers
tries to send an email to company.com, it looks up the DNS MX record for
company.com and tries to connect there.

Question is, why is the toaster at company.com rejecting the message? I'm
not quite sure. A look at /var/log/qmail/smtp/current on the toaster should
tell. I'm curious to know exactly why the message is failing (I'm still
learning this stuff too!). In any case, the changes to tcp.smtp should give
a green light (open relay) for any session coming from the specified address.

 Basically with allow and relayclient settings in tcp.smtp my internal app
 behind nat should be able to send email through the external toaster
 without authenticating?

TTBOMK, yes.

 I think i want to do that, but would it be more secure being able to
 authenticate from the internal php app to mail.company.com through a
 specific account without any tcp.smtp settings?

TTBOMK, yes.

From what I know (and there's a lot that I don't), I'd try using postfix in
place of sendmail on the internal hosts, and have them route all (or just
company.com) mail to the toaster, with authentication. I've seen this type
of configuration before, and it works quite well. From what I understand
postfix is a bit better (easier to configure, more secure) than sendmail.
Postfix is a drop-in replacement for sendmail, so you shouldn't have to
modify any of your apps.

Best of luck!

 What JP says would certainly help.

 Given what you *have* said though, and making a few presumptions, I might
 have a fix for you. Since your internal machines are being nat'd, I'm
 thinking that the smtp sessions for these will appear to the toaster to be
 coming from the external address of the natting device.

 Simply add that address (the external address of your natting device) to
 /etc/tcprules.d/tcp.smtp file like so:
 external.address.of.nat:allow,RELAYCLIENT=
 Regenerate your cdb file:
 # qmailctl cdb
 and you should be good to go.

 Note, this solution is a tad bit insecure. If someone were able to spoof
 this address (while unlikely it *is* possible), they could use your
 toaster
 as an open relay. Not much of an issue if it's a private address, somewhat
 more so if it's public. The best solution, while not as easy but more
 secure, would be to configure the sendmail clients to authenticate
 themselves.

 Jean-Paul van de Plasse wrote:
 Hi,

 Any messages in the logfiles (on both qmailtoaster server and
 development machines)
 What do you get when you telnet from the development machine to the
 qmailtoaster on port 25 and type something like
 helo
 mail from:[EMAIL PROTECTED]
 rcpt to:[EMAIL PROTECTED]
 data
 subject: test
 test
 .

 Simply said, more info is needed to solve this for you.

 Regards,

 JP

 - Original Message - From: [EMAIL PROTECTED]
 To: qmailtoaster-list@qmailtoaster.com
 Sent: Wednesday, January 17, 2007 8:29 PM
 Subject: [qmailtoaster] Re: Accepting mail from local mail servers


 Hi,

 I am not sure what the problem is and how to resolve it. I am hosting
 my
 company qmailtoaster server in the datacenter on an external ip, I also
 have some development machines inside the company behind the nat on
 internal ips.

 When an internal application sends email out to [EMAIL PROTECTED] using
 sendmail on localhost, I am not getting that email at [EMAIL PROTECTED]

 I am pretty sure qmail rejects these emails because they come from a
 mailserver behind nat which doesnt resolve to anything.

 What do I need to configure on qmailtoaster so I can allow my
 development
 machines to send me email to [EMAIL PROTECTED] Is there a setting where I
 can just specify my company external ip to allow all the mail from my
 internal subnet without being rejected?

 Thank you


 --
 -Eric 'shubes'



-- 
-Eric 'shubes'


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Eric \Shubes\
That would be great! Care to write one?

Dave wrote:
 Thanks for pointers
 
 Perhaps there should be a post install guide section
 on the wiki?
 
 -- David
 
 
 --- Jake Vickers [EMAIL PROTECTED] wrote:
 
 Dave wrote:
 Thank you for the explanation... :)

 I do have some specific config questions, but I'll
 read through the wiki first.

 Also, is there a basic post-install walk through
 that
 shows how to configure things like log rotation,
 mailbox quotas,  auto-updates of signatures,
 etc...
 plus what ever else is needed to set up the server
 for
  hands free use. 

   
 Everyone is trying to add these things as we think
 of them. Some is 
 usually just answered on the list.
 Log rotation is done automatically, and the size of
 the log files before 
 rotation is defined in /var/qmail/control/logcount
 and logsize (the wiki 
 will explain some more).
 Not really much to do post-install besides add
 domains and users. There 
 are some spam things you can add in if your needs
 require them, and some 
 other customizations (such as smtproutes) but it's
 only if you need them.
 Updates of signatures is done automatically (cron
 job), so just about 
 everything should be hands-free unless you need to
 change something to 
 fit your environment.



-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Eric \Shubes\
Jake Vickers wrote:
 Dave wrote:
 Thanks for pointers

 Perhaps there should be a post install guide section
 on the wiki?
   
 No reason there can't be. I just can't think of what to put in it. Do
 you have any suggestions to help us get started?
 Thanks.

Aw, cm'on Jake. ;)
I'd start with qmailtoaster-plus ;) (if it wasn't used to do the install in
the first place). Then there's:
.) caching nameserver verification
.) backups (always dreaded, but pretty simple with QTP)
.) rbls (the stock toaster doesn't do much in this arena)
.) spamassassin
  - turn off local rules only
  - turn on SURBLs
  - rules-du-jour (if desired)
  - turn autoexpire off and run from cron
.) SPF, SRS, DK configuration

The list isn't endless, but that's a start.
-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Re: Accepting mail from local mail servers

2007-01-17 Thread Erik Espinoza

Question is, why is the toaster at company.com rejecting the message? I'm
not quite sure. A look at /var/log/qmail/smtp/current on the toaster should
tell. I'm curious to know exactly why the message is failing (I'm still
learning this stuff too!). In any case, the changes to tcp.smtp should give
a green light (open relay) for any session coming from the specified address.



I'd wager that the relay was denied because the internal machines
hostnames aren't resolve-able in DNS on the real Internet.

Suppose my public internet is kabewm.com and my internal
infrastructure runs on internal.kabewm.com. Since my public DNS
records don't have any A, MX or other entries for internal.kabewm.com,
then the QmailToaster will reject e-mail coming from
[EMAIL PROTECTED] since it couldn't possibly be a real return
e-mail.

shamelessplugBy the way, my blog is http://www.kabewm.com/ and
contains info on things going on with QmailToaster. :)/shamelessplug

Erik

-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



[qmailtoaster] SMTP connection failed all of a sudden

2007-01-17 Thread Yi-Lei Wu

Hi list,

My Qmail server was working fine until 2 days ago I suddenly couldn't
connect to the SMTP service externally. The service is running, and I can
connect from localhost. At first I thought it's a firewall issue and I
turned off firewall as well as iptables. However, the same thing is still
happening.


From the log I see that a few other connections got to make through from

other countries. However, for mine, the server log just says there is a
connection, and the telnet client simply says connection failed. Then the
connection on the server would time out.

This is so strange... can someone help me here?


Best regards,

Peter Wu


Re: [qmailtoaster] compile errors

2007-01-17 Thread Gabriel Lai
Hi Alex,

try removing sendmail:

command: rpm -e sendmail --nodeps

then try running the script again I've the same problem before.


- Original Message 
From: Kisakye Alex [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thursday, January 18, 2007 12:21:50 AM
Subject: RE: [qmailtoaster] compile errors


 
Sendmail is installed
 
Alex
 



From: Gabriel Lai [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, January 17, 2007 6:02 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] compile errors
 
Check whether sendmail is already uninstalled from the system.
issue this command: rpm -e sendmail --nodeps
I have the same problem sometime due to sendmail havent uninstall
- Original Message 
From: Kisakye Alex [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wednesday, January 17, 2007 8:37:12 PM
Subject: [qmailtoaster] compile errors
Hello
 
1)I have been trying to install Toaster on Fedora Core 5! I have been getting 
the error below during installation! can any one point me in the right 
direction??
 
2) There was a post earlier on the list on problems experienced while 
installing toaster on CentOS server install, was this erectified?? ie can I 
move my installation to CentOS?? I have just had enough with Fedora Core
 
Errors below;
 
Installing courier-authlib-toaster-0.59-1.3.4.src.rpm
error: Failed build dependencies
  /usr/include/ltdl.h is needed by courier-authlib-toaster-0.59-1.3.4.i386
error: File not found by glob:
/usr/src/redhat/RPMS/i386/courier-authlib-toaster*.rpm
 
Installing courier-imap-toaster-4.1.2-1.3.6.src.rpm
error: Failed build dependencies
  courier-authlib-toaster is needed by courier-imap-toaster-4.1.2-1.3.6.i386
 
error: File not found by glob:
/usr/src/redhat/RPMS/i386/courier-imap-toaster*.rpm
 
 
thanks
ALex
 
 
 



Finding fabulous fares is fun.
Let Yahoo! FareChase search your favorite travel sites to find flight and hotel 
bargains.


 

Need a quick answer? Get one in minutes from people who know.
Ask your question on www.Answers.yahoo.com

Re: [qmailtoaster] SMTP connection failed all of a sudden

2007-01-17 Thread Bill Kwok

Hi Peter,

  1. Please check if your /var/qmail/control/blacklists contains any
  obsolete servers and make sure they can respond to you wihtin a resonable
  time.  You can also minimize your blacklist.  Currently, I have only one
  entry:
  -r zen.spamhaus.org
  2. If you connect to the email server by using your ISP's dynamic IP,
  make sure it is not blacklisted.  If that's the problem you are facing, you
  may consider creating the submission port (port 587) for authenticated users
  to send email.  I suppose the stable version should have already had such
  feature built-in (Would anybody correct me if I am wrong).

Best regards,
Bill

On 1/18/07, Yi-Lei Wu [EMAIL PROTECTED] wrote:


Hi list,

My Qmail server was working fine until 2 days ago I suddenly couldn't
connect to the SMTP service externally. The service is running, and I can
connect from localhost. At first I thought it's a firewall issue and I
turned off firewall as well as iptables. However, the same thing is still
happening.

From the log I see that a few other connections got to make through from
other countries. However, for mine, the server log just says there is a
connection, and the telnet client simply says connection failed. Then the
connection on the server would time out.

This is so strange... can someone help me here?


Best regards,

Peter Wu



Re: [qmailtoaster] SMTP connection failed all of a sudden

2007-01-17 Thread Yi-Lei Wu

Hi Bill,

Thank you so much for your help. Apparently it's related to issue #1 you
mentioned. The server could not find the blacklist server, and this is still
due to the earthquake's damage of lines in Asia.

It also could not find zen.spamhaus.org

Oh well, nevertheless I cleared out the blacklist and now connections are
restored. Thank you again for the prompt help. If you ever come by
Guangzhou, China, drop me an email and I'll invite you to dinner :-)


Best regards,

Peter Wu

On 1/18/07, Bill Kwok [EMAIL PROTECTED] wrote:


Hi Peter,

   1. Please check if your /var/qmail/control/blacklists contains any
   obsolete servers and make sure they can respond to you wihtin a resonable
   time.  You can also minimize your blacklist.  Currently, I have only one
   entry:
   -r zen.spamhaus.org
   2. If you connect to the email server by using your ISP's dynamic
   IP, make sure it is not blacklisted.  If that's the problem you are facing,
   you may consider creating the submission port (port 587) for authenticated
   users to send email.  I suppose the stable version should have already had
   such feature built-in (Would anybody correct me if I am wrong).

Best regards,
Bill

On 1/18/07, Yi-Lei Wu [EMAIL PROTECTED] wrote:

 Hi list,

 My Qmail server was working fine until 2 days ago I suddenly couldn't
 connect to the SMTP service externally. The service is running, and I can
 connect from localhost. At first I thought it's a firewall issue and I
 turned off firewall as well as iptables. However, the same thing is still
 happening.

 From the log I see that a few other connections got to make through from
 other countries. However, for mine, the server log just says there is a
 connection, and the telnet client simply says connection failed. Then the
 connection on the server would time out.

 This is so strange... can someone help me here?


 Best regards,

 Peter Wu





Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Dave
  
  No reason there can't be. I just can't think of
 what to put in it. Do
  you have any suggestions to help us get started?
  Thanks.
 

Hmm

As a new user, I guess even after the install guides,
I would still view the system as a fresh OS-esque
install

Given that most users are probably not experienced
Linux admins, the ideal post-install guide would
clearly explain the full range and sequence of tasks
needed to prepare the server for a long term
deployment as an e-mail appliance. (Even addressing
non-qmail specific items.)
 
Here are some things that come to mind, but I am sure
you folks can think of much more:

- Network ACL's
- System backups
- User data and config backups
- Daemon lockdown
- Removal of unneeded services
- Auto-updates of anything possible. (Think
Apache/PHP/SSH/etc... or, even more important,
SquirrelMail.)
- Basic health reporting / stats to someone.

... and so on...  

:)

-- David





 

TV dinner still cooling? 
Check out Tonight's Picks on Yahoo! TV.
http://tv.yahoo.com/

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Erik Espinoza

Hi Dave,

There are projects about Network ACL's (IPTables), System backups
(Amanda), Daemon Lockdowns (Bastille) and so on. In addition there are
plenty of books on the subject matter. That said I mean absolutely no
offense to anyone by this next comment. This community isn't here to
teach you (or anyone) how to be a network and system admin.

We're here about the QmailToaster Project. Don't get me wrong, this
community always goes above and beyond to help out a straggled user,
but come on . . .

My apologies if anyone is offended.

Thanks,
Erik


Here are some things that come to mind, but I am sure
you folks can think of much more:

- Network ACL's
- System backups
- User data and config backups
- Daemon lockdown
- Removal of unneeded services
- Auto-updates of anything possible. (Think
Apache/PHP/SSH/etc... or, even more important,
SquirrelMail.)
- Basic health reporting / stats to someone.


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Dave
Hi Erik,

 
 We're here about the QmailToaster Project. Don't get
 me wrong, this
 community always goes above and beyond to help out a
 straggled user,
 but come on . . .
 
 My apologies if anyone is offended.
 

No offense taken   

The impressive amount of customization and packaging
effort that has been put into QmailToaster project
solves some of the biggest problems that a new
sysadmin would face in setting up an email server.

As you rightly point out, much of remaining points are
not at all about qmail. 

This project almost provides a turn-key  solution
that even the most harried office administrator could
use to set up a small email server. 

The suggestions, if implemented, would simply move the
project further down the appliance path. 

-- David



 

Sucker-punch spam with award-winning protection. 
Try the free Yahoo! Mail Beta.
http://advision.webevents.yahoo.com/mailbeta/features_spam.html

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: [qmailtoaster] Should I use qmail toaster?

2007-01-17 Thread Erik Espinoza

For that we have the QmailToaster Virtual Appliance for VMware
Server/Player/Workstation.

:)

Erik

On 1/17/07, Dave [EMAIL PROTECTED] wrote:

Hi Erik,


 We're here about the QmailToaster Project. Don't get
 me wrong, this
 community always goes above and beyond to help out a
 straggled user,
 but come on . . .

 My apologies if anyone is offended.


No offense taken

The impressive amount of customization and packaging
effort that has been put into QmailToaster project
solves some of the biggest problems that a new
sysadmin would face in setting up an email server.

As you rightly point out, much of remaining points are
not at all about qmail.

This project almost provides a turn-key  solution
that even the most harried office administrator could
use to set up a small email server.

The suggestions, if implemented, would simply move the
project further down the appliance path.

-- David





Sucker-punch spam with award-winning protection.
Try the free Yahoo! Mail Beta.
http://advision.webevents.yahoo.com/mailbeta/features_spam.html

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



[qmailtoaster] reason: 554 : Relay access denied / Returned mail: see transcript for details

2007-01-17 Thread Harry Zink
At this point, this problem is really paralizing, so I implore anyone  
for some help and assistance.


Okay, this is a repeat, and a renewed effort to try to get to the  
bottom of this - I am starting to believe that there is something  
screwed up on my qmail toaster, as this odd behavior seems to have  
started around the same time I performed the last update - but that's  
speculation.


Anyway, here's the scenario:

QmailToaster installed on a Centos 4.4 box (frequently updated via yum)

Pre-existing accounts work just fine.

When creating a new domain (either via vqadmin, or vadddomain), and  
subsequently setting up new accounts using qmailadmin, the error  
below happens every single time when someone tries to send mail *TO*  
those accounts.


Anyone else on the same server can send and receive mail from those  
accounts.


Someone from an outside server, say Yahoo, dot-mac, or gmail, for  
example, will get the error message below back, claiming inability to  
deliver.


Other domains and accounts on that same server, that existed  
previously, work just fine. Only new domains and accounts act that way.


Essentially, it acts as if someone tried to relay through it, but in  
fact, how would that pop up if one is just sending mail, simply, from  
an outside account?


Only additional piece of that puzzle might be that this is a separate  
mail server box, from the domain's web-server, and DNS server. Within  
the DNS record, it simply points properly to the IP of the web- 
server, and the one from the mail server - just as the others are  
doing. Is there something in DNS I should be checking out?


Anyway, from Yahoo.com sent mail gets the error message below:

[EMAIL PROTECTED]:
216.193.231.146 does not like recipient.
Remote host said: 554 [EMAIL PROTECTED]: Relay access
denied
Giving up on 216.193.231.146.

All other accounts get the error message as follows:


Begin forwarded message:


From: Mail Delivery Subsystem [EMAIL PROTECTED]
Date: January 17, 2007 11:30:23 PM PST
To: [EMAIL PROTECTED]
Subject: Returned mail: see transcript for details

The original message was received at Wed, 17 Jan 2007 23:30:23  
-0800 (PST)

from smtpin05-en2 [10.13.10.150]

   - The following addresses had permanent fatal errors -
[EMAIL PROTECTED]
(reason: 554 [EMAIL PROTECTED]: Relay access denied)

   - Transcript of session follows -
... while talking to realasia-services.com.:

DATA

 554 [EMAIL PROTECTED]: Relay access denied
554 5.0.0 Service unavailable
 554 Error: no valid recipients
Reporting-MTA: dns; smtpout.mac.com
Received-From-MTA: DNS; smtpin05-en2
Arrival-Date: Wed, 17 Jan 2007 23:30:23 -0800 (PST)

Final-Recipient: RFC822; [EMAIL PROTECTED]
Action: failed
Status: 5.0.0
Remote-MTA: DNS; realasia-services.com
Diagnostic-Code: SMTP; 554 [EMAIL PROTECTED]: Relay  
access denied

Last-Attempt-Date: Wed, 17 Jan 2007 23:30:23 -0800 (PST)

From: Harry Zink [EMAIL PROTECTED]
Date: January 17, 2007 11:30:20 PM PST
To: Dr. Harald K. Zink [EMAIL PROTECTED]
Subject: new test (from mac.com)