Re: [qmailtoaster] Stuck with upgrade
Definitely some problems in script with djbdns LOG.. Creating /opt/qtp-sandbox/home/vpopmail ... Creating /opt/qtp-sandbox/ misc directories ... Sandbox has been built successfully! Starting to build the binary rpms ...(pizza anyone?) If you want to view compile messages, you can open another terminal and: # tail -f /opt/qtp-sandbox/usr/src/qtp-upgrade/log/build-recent.log qtp-build-rpms v0.2.4 qtp-remove-pkgs v0.2 Building libsrs2-toaster-1.0.18-1.3.2 ... Installing libsrs2-toaster-1.0.18-1.3.2 in the sandbox ... Building qmail-toaster-1.03-1.3.10 ... Installing qmail-toaster-1.03-1.3.10 in the sandbox ... Building courier-authlib-toaster-0.59-1.3.4 ... Installing courier-authlib-toaster-0.59-1.3.4 in the sandbox ... Building courier-imap-toaster-4.1.2-1.3.6 ... Installing courier-imap-toaster-4.1.2-1.3.6 in the sandbox ... Building maildrop-toaster-2.0.3-1.3.4 ... Installing maildrop-toaster-2.0.3-1.3.4 in the sandbox ... Building squirrelmail-toaster-1.4.9a-1.3.5 ... Installing squirrelmail-toaster-1.4.9a-1.3.5 in the sandbox ... Building clamav-toaster-0.88.7-1.3.7 ... Installing clamav-toaster-0.88.7-1.3.7 in the sandbox ... Building simscan-toaster-1.3.1-1.3.3 ... Installing simscan-toaster-1.3.1-1.3.3 in the sandbox ... Building djbdns-1.05-1.0.3 ... Installing djbdns-1.05-1.0.3 in the sandbox ... qtp-build-rpms - rpm -Uvh failed for djbdns-1.05-1.0.3 qtp-build-rpms - see /opt/qtp-sandbox/usr/src/qtp-upgrade/log/build- recent.log Build failed, Exiting. -- Need advice, what is BEST way to remove djbdns pakage from upgrade procedure? On 2007.01.21, at 05:39, Eric Shubes wrote: Igor Vukotic' wrote: On 2007.01.21, at 05:10, Eric Shubes wrote: Igor Vukotic' wrote: On 2007.01.21, at 04:24, Eric Shubes wrote: Igor Vukotic' wrote: I installed QTP, and run qtp-newmodel. Ok. Script build sandbox and everything is inside, but script is finish, and i'm stuck. What were the last few messages you got before the script finished? Script finish regularly [--HIT ENTER..--], i found error (djbdns) and i'm correct that rignt now, but please advice me, i'd like to start procedure from beginning, shut i delete /opt/qtp-sandbox or not? There is usually no need to delete and recreate the sandbox, but that depends on what you had to do to fix djbdns. If you used rpm to modify anything (which would change the rpm database), you should rebuild the sandbox. Rebuilding the sandbox is the safest, but it'll take some time of course. I start from beginning, the problem is because script try install djbdns (not localcache) and that was scrue, ater i remove ALL djbdns components with rpm -e and install only djbdns-localcache everything works fine. Perhaps I should remove djbdns from qtp-newmodel altogether (it already removes it if bind is installed) until it's thoroughly tested. If you write up the steps necessary for installing djbdns-localcache, I'll see if I can get in included in qtp-newmodel. Sorry about your problem with djbdns. I use bind, so haven't been able to test djbdns. If you tell me what you did to fix the problem, I can better advise whether or not to rebuild the sandbox. Also, I'd like to know what the problem was so it can be fixed if possible. Thanks for your help with this. After i finish upgrade i will post my story to the wiki, because i'm not a expert, maybe i see problem where is not to you.. That will be great. Thanks. After scripts finish, is script automatically update running system from sandbox? Yes. It will pause just before the live running system is updated, at which point you can simply quit. Then you can come back later, rerun qtp-newmodel, and it will remember everything that's already been done. That means if everything works fine sandbox is not need any more, can be cleaned or not? ---Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: qmailtoaster-list- [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Stuck with upgrade
-- Need advice, what is BEST way to remove djbdns pakage from upgrade procedure? Is that OK? (part of qtp-newmodel script) ### ## remove djbdns from package lists if bind is installed # #c252_check_bind_vs_djbdns(){ #rpm -q bind /dev/null #rc=$? #if [ $rc == 0 ]; then pkglist=`echo $pkglist | sed -e 's,djbdns-[^-]*-[^-]*.src.rpm$,,'` devlist=`echo $devlist | sed -e 's,djbdns-[^-]*-[^-]*.src.rpm$,,'` devlist=`echo $devlist | sed -e 's,djbdns$,,'` #fi #} ### - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Stuck with upgrade
Igor Vukotic' wrote: Definitely some problems in script with djbdns LOG.. Creating /opt/qtp-sandbox/home/vpopmail ... Creating /opt/qtp-sandbox/ misc directories ... Sandbox has been built successfully! Starting to build the binary rpms ...(pizza anyone?) If you want to view compile messages, you can open another terminal and: # tail -f /opt/qtp-sandbox/usr/src/qtp-upgrade/log/build-recent.log qtp-build-rpms v0.2.4 qtp-remove-pkgs v0.2 Building libsrs2-toaster-1.0.18-1.3.2 ... Installing libsrs2-toaster-1.0.18-1.3.2 in the sandbox ... Building qmail-toaster-1.03-1.3.10 ... Installing qmail-toaster-1.03-1.3.10 in the sandbox ... Building courier-authlib-toaster-0.59-1.3.4 ... Installing courier-authlib-toaster-0.59-1.3.4 in the sandbox ... Building courier-imap-toaster-4.1.2-1.3.6 ... Installing courier-imap-toaster-4.1.2-1.3.6 in the sandbox ... Building maildrop-toaster-2.0.3-1.3.4 ... Installing maildrop-toaster-2.0.3-1.3.4 in the sandbox ... Building squirrelmail-toaster-1.4.9a-1.3.5 ... Installing squirrelmail-toaster-1.4.9a-1.3.5 in the sandbox ... Building clamav-toaster-0.88.7-1.3.7 ... Installing clamav-toaster-0.88.7-1.3.7 in the sandbox ... Building simscan-toaster-1.3.1-1.3.3 ... Installing simscan-toaster-1.3.1-1.3.3 in the sandbox ... Building djbdns-1.05-1.0.3 ... Installing djbdns-1.05-1.0.3 in the sandbox ... qtp-build-rpms - rpm -Uvh failed for djbdns-1.05-1.0.3 qtp-build-rpms - see /opt/qtp-sandbox/usr/src/qtp-upgrade/log/build-recent.log Build failed, Exiting. -- Need advice, what is BEST way to remove djbdns pakage from upgrade procedure? Simply don't select it during the package selection process, near the beginning of the script. There are no package dependencies that require it. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Stuck with upgrade
Igor Vukotic' wrote: -- Need advice, what is BEST way to remove djbdns pakage from upgrade procedure? Is that OK? (part of qtp-newmodel script) ### ## remove djbdns from package lists if bind is installed # #c252_check_bind_vs_djbdns(){ #rpm -q bind /dev/null #rc=$? #if [ $rc == 0 ]; then pkglist=`echo $pkglist | sed -e 's,djbdns-[^-]*-[^-]*.src.rpm$,,'` devlist=`echo $devlist | sed -e 's,djbdns-[^-]*-[^-]*.src.rpm$,,'` devlist=`echo $devlist | sed -e 's,djbdns$,,'` #fi #} ### That would do it too. Don't neglect to re-select packages for upgrading. The script gives you an option to keep the list that was already selected but not completed. Do not use the old list, and your change will make the script not prompt you for selection of djbdns. I'm curious, what were the error messages you got (dependencies, from what you've said) when trying to install it? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Invalid recipient bounces
So basically no one should be using catch-all mailboxes? On 1/21/07, Alexey Loukianov [EMAIL PROTECTED] wrote: George Sweetnam wrote: You shouldn't set the catchall to bounce though... select delete. The dictionary attacks will harvest the valid users if you select bounce! Agreed. Accordingly to the latest SMTP/MTA RFCs, all mail, directed to the non-existing addresses should be bounced in SMTP session. To prevent harvest attacks SMTP daemons may implement tarpeting. In case catchall address is used, NO bounces should be sent back? but RFCs recommends against using catchall, as it makes your mailserver act as a black hole. Violating the rules above will shortly result in blacklisting your server by services like SpamCop and RFC-Ignorant. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Stuck with upgrade
On 2007.01.21, at 22:25, Eric Shubes wrote: That should make it a little easier, but I'm trying to keep qtp- newmodel in such a state that it can be used on new installations too (as it is now, as long as djbdns isn't used!). In that case ok, but i found again one anoying error in run script in /var/qmail/supervise/imap4/run after upgrade i have --- /usr/bin/tcpserver -v -R -H -l $HOSTNAME 0 143 \ --- and if we dont modify this line IMAP4 will server only 40 connections and (/var/qmail/control/concurrencyincoming and concurrencyremote) is actualy usless, because only SMTP run script actualy read config information. Based on var/qmail/supervise/smtp/run i modify imap4 run script to also read /var/qmail/control/concurrencyincoming MAXIMAP4=`cat /var/qmail/control/concurrencyincoming` /usr/bin/tcpserver -c $MAXIMAP4 -v -R -H -l $HOSTNAME 0 143 \ --- it's necessary not to put -c at the end because will not work P.S this problem is also in IMAP4-SSL and POP3-SSL, POP3 is fixed on 200 connections..
Re: [qmailtoaster] Invalid recipient bounces
slamp slamp wrote: In case catchall address is used, NO bounces should be sent back? but RFCs recommends against using catchall, as it makes your mailserver act as a black hole. Violating the rules above will shortly result in blacklisting your server by services like SpamCop and RFC-Ignorant. So basically no one should be using catch-all mailboxes? That is recommended, but not mandatory. You may use catchall mailbox, but then you should NOT send any bounce about any mail your SMTP server accepted for catchall address. P.S. Please, don't do top-posting. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] testing
Eric Shubes wrote: Philip Nix Guru wrote: Eric Shubes wrote: This is just a test. It's been uncommonly quite here lately, and Alexey is reporting a problem posting. Issue resolved. That was my fault, I had misconfigured my Thunderbird mail client. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Yahoo bulk folder and domainkeys
Trung Pham wrote: Is there anyone who is able to setup reverse DNS having SBC as their ISP? Some general info about reverse DNS. First of all, if you own a subrange of static IPs, and this subrange is a part of SBC's IP range, then you should contact SBC to set up in-addr.arpa zone remapping the way it's described in aprop. RFC, settling your DNS server to be authoritative (and master) for the IP subrange you own. The detailed explanation is here: ftp://ftp.ripe.net/rfc/rfc2317.txt In case, the IP you use is the only IP SBC gived to you, it's easier to ask them to setup the PTR record you need in their zone file. It will free you from settling up DNS reverse zone, avoiding a lot of headaches ;-). -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to reset spamassasin
Eric Shubes wrote: Guillermo Villasana wrote: Hi guys, how can one reset what spamassasin has learned so it restarts its learning process? Simply remove or rename the /home/vpopmail/.spamassassin directory. It'll recreate everything from scratch automatically. The Right Way (TM) is this: # su vpopmail -c 'sa-learn --clear' It will clear up bayest database no matter the backend used to store it. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Invalid recipient bounces
slamp slamp wrote: So basically no one should be using catch-all mailboxes? On 1/21/07, *Alexey Loukianov* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: George Sweetnam wrote: You shouldn't set the catchall to bounce though... select delete. The dictionary attacks will harvest the valid users if you select bounce! Depends on the situation. I run some domains that use a catchall (and someone goes through just to make sure that an email address didn't get mispelled) and others that do not (I bounce here). I think it really comes down to what you need for a particular situation. smime.p7s Description: S/MIME Cryptographic Signature
Re: [qmailtoaster] Securing a QmailToaster ONLY dedicated server
ModSecurity! I have modsecurity in one of my boxes which is a mixed server with qmailtoaster and other web sites. Anyone using Mod_Security in their dedicated qmailtoaster only server? Positive / Negative experience? Yay or Nay? --- Eric Shubes wrote: Edwin Casimero wrote: Hello, I want to setup a dedicated QmailToaster only box. I want to exchange notes with how you suggest to go about securing this qmailtoaster only box. My current resources point to: - Bastille Linux - APF Firewall - Mod Security - PHP.ini hardening, disallowing certain functions - making /tmp noexec - http://www.michael-and-mary.net/intro/node/12 Any other tips? TTBOMK (which isn't exhaustive by any means), the stock toaster is fairly (adequately in most instances) secure. It includes a nice iptables firewall configuration. Since a dedicated QmailToaster box has no real users, many traditional security concerns are avoided. If you come up with any changes to the stock toaster which would make it more secure, please be sure to share them here. They would likely be integrated in the stock toaster. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to reset spamassasin
Alexey Loukianov wrote: Eric Shubes wrote: Guillermo Villasana wrote: Hi guys, how can one reset what spamassasin has learned so it restarts its learning process? Simply remove or rename the /home/vpopmail/.spamassassin directory. It'll recreate everything from scratch automatically. The Right Way (TM) is this: # su vpopmail -c 'sa-learn --clear' It will clear up bayest database no matter the backend used to store it. This looks like a good FAQ, Guillermo. Would you care to add it to the wiki? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Site to Site QT Server Replication - 24 hours
Joseph, Have you tried with the QMT Setup steps? I tested previously, but failed at certain level. If you have tested before, maybe you can help me out with the errors Thanks - Original Message From: Joseph Lundgren [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, January 19, 2007 2:41:59 AM Subject: RE: [qmailtoaster] Site to Site QT Server Replication - 24 hours Gabriel, Please look at http://wiki.qmailtoaster.com/index.php/QMT_Failover_replication_Setup This page gives you a procedure to configure a backup qmt server that will be available for failover in the event of primary server failure. The backup server will only ever be 1 minute out from the primary. I believe that it covers what youre trying to achieve. Sincerely, -- Joseph Lundgren Systems Engineer Peak Internet, LLC [EMAIL PROTECTED] From: Gabriel Lai [mailto:[EMAIL PROTECTED] Sent: Thursday, January 18, 2007 1:12 AM To: Qmail Toaster List 2 Subject: [qmailtoaster] Site to Site QT Server Replication - 24 hours Hello all, I would like to setup a QT site where the 2 email servers will be doing replication to each other 24 hours live. eg: when mail coming from Internet to Mail Server 1, it will automatically replicate to Mail Server 2. Jake has point me the backup restore script guides, but that needs manual job when Mail Server 1 is down, someone have to manually restore the backup in Mail Server 2, then only can replace Mail Server 1. Have anyone tried to do so? Please assist. Sucker-punch spam with award-winning protection. Try the free Yahoo! Mail Beta. Be a PS3 game guru. Get your game face on with the latest PS3 news and previews at Yahoo! Games. http://videogames.yahoo.com/platform?platform=120121