Re: [qmailtoaster] Heavy qmail queue pls help !!!
On Tue, 30 Jan 2007 02:33:24 +0300, Alexey Loukianov wrote: AFAIK, it chooses the LAST available interface on the system (the last one ifconfig shows). This behavior is something I dislike and I'm thinking about implementing a patch allowing manual selection of outgoing IP/port pair to send a message from for qmail-rspawn. We use iptables to set the source IP address for outgoing smtp traffic. It has happened before that we needed to change IP address if one becomes blacklisted. iptables -t nat -A POSTROUTING -p tcp -m --dport 25 -j SNAT --to-source xxx.xxx.xxx.xxx Quinn - Strangecode :: Internet Consultancy http://www.strangecode.com/ +1 530 624 4410 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] Spamassassin has problem in scanning
Hi Erik,, Can you pls help me in Fine Tuning openprotect [ MailScanner.conf ] , Bcoz I feel openprotect is not using Spamassassin properly. I have integrated FuzzyOCR - reffered below https://www.maiamailguard.com/maia/wiki/FuzzyOCR23 Then performed tests ... Received a SPAM Mail which i viewed full hearders :- From my Webmail :- X-llocom-MailScanner-OpenProtect-SpamCheck: spam, SpamAssassin (score=9.772, required 6, MY_CID_AND_ARIAL2 0.65, MY_CID_AND_CLOSING 0.90, MY_CID_AND_STYLE 0.71, MY_CID_ARIAL2_CLOSING 1.25, MY_CID_ARIAL_STYLE 1.05, SARE_GIF_ATTACH 0.75, TW_AQ 0.08, TW_PR 0.08, TW_QR 0.08, TW_XU 0.08, TW_XX 0.08, TW_YP 0.08, URIBL_AB_SURBL 2.00, URIBL_SC_SURBL 2.00) The same mail i manually scanned in server :- spamassassin -t /home/vpopmail/domains/llo.com/ashok/Maildir/cur/1170237232.M9196P22383V 0902I001DFE2E.mail.ek.com\,S\=12554\:2\, Content analysis details: (15.1 points, 5.0 required) pts rule name description -- -- 0.6 NO_REAL_NAME From: does not include a real name -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -1.4 ALL_TRUSTEDPassed through trusted hosts only via SMTP 1.0 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words 0.0 HTML_MESSAGE BODY: HTML included in message 0.8 SARE_GIF_ATTACHFULL: Email has a inline gif 1.1 URIBL_SBL Contains an URL listed in the SBL blocklist [URIs: qaqap.hk] 3.3 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist [URIs: qaqap.hk] 3.6 URIBL_SC_SURBL Contains an URL listed in the SC SURBL blocklist [URIs: qaqap.hk] 1.2 MY_CID_ARIAL2_CLOSING SARE cid arial2 closing 1.1 MY_CID_ARIAL_STYLE SARE cid arial2 style 0.9 MY_CID_AND_CLOSING SARE cid and closing 0.7 MY_CID_AND_STYLE SARE cid and style 0.7 MY_CID_AND_ARIAL2 SARE CID and Arial2 1.7 SARE_GIF_STOX Inline Gif with little HTML I See the same SPAM mail scores are different [ 9.772 15.1 ], Is this kind okay ?? or do we need to tweak some thing ?? Pls suggest ... -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 31, 2007 2:41 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Spamassassin has problem in scanning I'm using OpenProtect on my QmailToaster. Works beautifully. Erik On 1/30/07, Eric Shubes [EMAIL PROTECTED] wrote: ashok wrote: Dear Alexey,, I did not install simscan-toaster bcoz it gave me some problems ,, So I have used openprotect with my qmail toaster. www.openprotect.com http://www.openprotect.com/ [ include SPAM + Virus filtering ] which can be easily integrated to qmail toaster. I'd be leery of straying this far from the stock toaster. What problem(s) did you have with simscan? I wouldn't expect much help with openprotect from this list. Does openprotect have a community for support? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -- - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spamassassin has problem in scanning
On Tue, 30 Jan 2007 13:31:43 -0800, Erik Espinoza wrote: Updated rules, catches more of the stock spam and what not. It's nice. Read up at http://saupdates.openprotect.com/ I think ashok means he installed OpenProtect's software package (a collection of programs that replaces simscan/spamassassin/clamav): http://www.openprotect.com/doc.html#download This is different than OpenProtect's SpamAssassin sa-update channel, which I too use and is very nice, and is very compatible with all of QT's architecture (although I agree it shouldn't be configured by default in the QT). Quinn - Strangecode :: Internet Consultancy http://www.strangecode.com/ +1 530 624 4410 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] SMTP-AUTH
I have two interfaces: - 1.2.3.4 - incomming messages, rbl, calmav, spamassassin - 1.2.3.5 - messages from our clients, no rbl and spamassassin but REQUIRE_AUTH=1 Mailes send to outer domains by 1.2.3.5 without authorization are blocked with message client not allowed to relay and it's OK. But mails send to my domain are delivered and it's not OK because spam is incoming to client mailboxes. How block all messages but authorized? -- Tuptus System uptime: 41 years 9 months 0 weeks 5 days 7 hours 15 minuts Linux: Ponieważ za błędy w oprogramowaniu nie powinno się płacić pieniędzy. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] spamhaus - what do you think?
Erik Espinoza wrote: http://www.corpit.ru/mjt/rbldnsd.html On 1/30/07, Jake Vickers [EMAIL PROTECTED] wrote: Eric Shubes wrote: Jake Vickers wrote: Do you guys think a wiki page should be started so we can all help each other out to find a good mix to replace zen? I'd like to see some collaboration on RBLs in general. I suppose we could use the wiki in addition to this list. At this point I'd even be amicable to running a BL, so that it fit MY needs; it would be nice if it fit other people's needs as well. I took a quick peek on the 'net, but couldn't find anything that had any example scripts/submission pages to run your own BL. Guess I'll look some more later, but I'll probably end up just going with a new set of BLs to filter my connections. Thanks for that. I searched and couldn't find anything useful! smime.p7s Description: S/MIME Cryptographic Signature
[qmailtoaster] BATV and CHKUSER
Hi: Apparently, our toaster doesn't work well with BATV http://mipassoc.org/batv/draft-levine-batv-03.html BATV is used basically for avoiding fake bounces. The sending SMTP server rewrites the mail from like this: MAIL FROM: [EMAIL PROTECTED] to MAIL FROM: prvs=fred/[EMAIL PROTECTED] Being 3423434 a cryptocraphically generated sign. When bounce returns, the server checks that sign and if it doesn't mach, discards it. I've received some complaints of some sysadmin that use this scheme, not being able to send mails to my toaster Some clues? *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* | David Sanchez Martin | [EMAIL PROTECTED] Administrador de Sistemas| http://www.e2000.es E2000 Nuevas Tecnologias | | E2000 Organizacion de Empresarios|Tel : +34 902 19 61 77 Mediadores de Seguros | | Agustin Bravo Esquina Calle C| 33120 Pravia Asturias Spain | | *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* BEGIN:VCARD VERSION:2.1 N:Sánchez Martín;David FN:[EMAIL PROTECTED] ([EMAIL PROTECTED]) ORG:E2000 Financial Investments, S.A.;Centro de Nuevas Tecnologías TITLE:Administrador de Sistemas TEL;WORK;VOICE:902196177 ADR;WORK;ENCODING=QUOTED-PRINTABLE:;;Agust=EDn Bravo 17 2=BA B=0D=0A33120 PRAVIA;Asturias;;;Espa=F1a LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Agust=EDn Bravo 17 2=BA B=0D=0A33120 PRAVIA=0D=0AAsturias=0D=0AEspa=F1a URL;WORK:http://www.e2000.es EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20060705T152542Z END:VCARD smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] SMTP-AUTH
A small error in the run file of the submission port makes this port open for all! The line reads REQUIRE_AUTH=1, but this should be export REQUIRE_AUTH=1 Otherwise it will not be available in the qmail-smtpd Hopefully this can be fixed soon.. For all using submission: For now a manual fix is easy, just edit the /var/qmail/supervise/submission/run file and change that line. JP - Original Message - From: Wojciech Gabor [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 1:19 PM Subject: [qmailtoaster] SMTP-AUTH I have two interfaces: - 1.2.3.4 - incomming messages, rbl, calmav, spamassassin - 1.2.3.5 - messages from our clients, no rbl and spamassassin but REQUIRE_AUTH=1 Mailes send to outer domains by 1.2.3.5 without authorization are blocked with message client not allowed to relay and it's OK. But mails send to my domain are delivered and it's not OK because spam is incoming to client mailboxes. How block all messages but authorized? -- Tuptus System uptime: 41 years 9 months 0 weeks 5 days 7 hours 15 minuts Linux: Ponieważ za błędy w oprogramowaniu nie powinno się płacić pieniędzy. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] UPDATE qmail-toaster-1.03-1.3.13.src.rpm URGENT
Hi, This release fixes a mistake in the run script for the submission port. I suggest everyone using the submission port to upgrade asap to this release. Or to manualy change the run script by changing the line REQUIRE_AUTH=1 to export REQUIRE_AUTH=1 For now you can download the new rpm at : http://iserve01.i-serve.net/qmail-toaster-1.03-1.3.13.src.rpm JP
Re: [qmailtoaster] SMTP-AUTH
Dnia środa, 31 stycznia 2007 14:22, Jean-Paul van de Plasse napisał: A small error in the run file of the submission port makes this port open for all! The line reads REQUIRE_AUTH=1, but this should be export REQUIRE_AUTH=1 Otherwise it will not be available in the qmail-smtpd Hopefully this can be fixed soon.. For all using submission: For now a manual fix is easy, just edit the /var/qmail/supervise/submission/run file and change that line. I've looked sources before send message to the list. I've make this fix but it not fix problem. I think that problem is in require_auth is set in code x = env_get(REQUIRE_AUTH); if(x) { scan_ulong(x,u); if (u0) require_auth = 1; } /code but what is u ? when u0 code if (require_auth) if (!flagauth) { err_authfirst(); return; } /code When flagauth is set? I have two interfaces: - 1.2.3.4 - incomming messages, rbl, calmav, spamassassin - 1.2.3.5 - messages from our clients, no rbl and spamassassin but REQUIRE_AUTH=1 Mailes send to outer domains by 1.2.3.5 without authorization are blocked with message client not allowed to relay and it's OK. But mails send to my domain are delivered and it's not OK because spam is incoming to client mailboxes. How block all messages but authorized? -- Tuptus System uptime: 41 years 9 months 0 weeks 5 days 9 hours 45 minuts Nigdy nie ufaj systemowi operacyjnemu, do którego nie masz kodów źródłowych. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SMTP-AUTH
You really only have to change your run script. (don't forget to restart your toaster) The c-code works, thats for sure. u is the result of the scan_ulong, and if it return 0 require_auth becomes 1. flagauth is set when a user is authenticated (no use todo it 2 times). JP - Original Message - From: Wojciech Gabor [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 3:52 PM Subject: Re: [qmailtoaster] SMTP-AUTH Dnia środa, 31 stycznia 2007 14:22, Jean-Paul van de Plasse napisał: A small error in the run file of the submission port makes this port open for all! The line reads REQUIRE_AUTH=1, but this should be export REQUIRE_AUTH=1 Otherwise it will not be available in the qmail-smtpd Hopefully this can be fixed soon.. For all using submission: For now a manual fix is easy, just edit the /var/qmail/supervise/submission/run file and change that line. I've looked sources before send message to the list. I've make this fix but it not fix problem. I think that problem is in require_auth is set in code x = env_get(REQUIRE_AUTH); if(x) { scan_ulong(x,u); if (u0) require_auth = 1; } /code but what is u ? when u0 code if (require_auth) if (!flagauth) { err_authfirst(); return; } /code When flagauth is set? I have two interfaces: - 1.2.3.4 - incomming messages, rbl, calmav, spamassassin - 1.2.3.5 - messages from our clients, no rbl and spamassassin but REQUIRE_AUTH=1 Mailes send to outer domains by 1.2.3.5 without authorization are blocked with message client not allowed to relay and it's OK. But mails send to my domain are delivered and it's not OK because spam is incoming to client mailboxes. How block all messages but authorized? -- Tuptus System uptime: 41 years 9 months 0 weeks 5 days 9 hours 45 minuts Nigdy nie ufaj systemowi operacyjnemu, do którego nie masz kodów źródłowych. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] Spamassassin has problem in scanning
Yeah exactly my frnd... QT can make it as an Add-on package improve it and publish further. Bcoz as of now with this package I have reduces 90% of SPAM mails. Also I implemented FuzzyOCR for blocking IMAGE SPAM. http://www200.pair.com/mecham/spam/image_spam_fc5.html hope it helps someone who need to implement it.:) Regards ashok -Original Message- From: Quinn Comendant [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 31, 2007 4:16 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Spamassassin has problem in scanning On Tue, 30 Jan 2007 13:31:43 -0800, Erik Espinoza wrote: Updated rules, catches more of the stock spam and what not. It's nice. Read up at http://saupdates.openprotect.com/ I think ashok means he installed OpenProtect's software package (a collection of programs that replaces simscan/spamassassin/clamav): http://www.openprotect.com/doc.html#download This is different than OpenProtect's SpamAssassin sa-update channel, which I too use and is very nice, and is very compatible with all of QT's architecture (although I agree it shouldn't be configured by default in the QT). Quinn - Strangecode :: Internet Consultancy http://www.strangecode.com/ +1 530 624 4410 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -- - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] BATV and CHKUSER
David Sánchez Martín wrote: Hi: Apparently, our toaster doesn't work well with BATV http://mipassoc.org/batv/draft-levine-batv-03.html BATV is used basically for avoiding fake bounces. The sending SMTP server rewrites the mail from like this: MAIL FROM: [EMAIL PROTECTED] to MAIL FROM: prvs=fred/[EMAIL PROTECTED] Being 3423434 a cryptocraphically generated sign. When bounce returns, the server checks that sign and if it doesn't mach, discards it. I've received some complaints of some sysadmin that use this scheme, not being able to send mails to my toaster Some clues? I'm guessing that CHKUSER is rejecting it due to the '/'. I don't see where a '/' is introduced into the MailFrom according to the BATV spec, but it's possible that I'm missing something there. If this is indeed your problem, you'll need to tell CHKUSER that '/' is allowed. You'll need to unomment CHKUSER_ALLOW_SENDER_CHAR_3 in chkuser_settings.h and specify the '/' value there. For instructions on how to modify chkuser_settings.h, see http://wiki.qmailtoaster.com/index.php/Chkuser Let us know how you make out. If a '/' is now valid, the stock toaster might need to be changed. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Switching from pop3 to IMAP and how to backup e.mails archives
Massimiliano Fontana wrote: Hi there ! I'm about to switch my 50 users-single domain from pop3 to IMAP4 . Now all desktops ( Xp os with Outlook 2003 ) have their .pst files on a server shared folder . This solution works but now I'd prefer to have all e-mails resident on server plus giving my users the option to replicate their database on local client hard disk (local pst file). Now the question is : how do I move all the e-mails from their pst files to new IMAP folders? In order to have a recoverable backup , is it enough to backup , let's say , daily , /home/vpopmail ? Many many thanks Max Italy I don't know the answer to your question for sure, but I think that would do it. I've been (slowly) migrating a few accounts from pop3 to imap too. From what I've seen on the internet though, I'm leery to use Outlook as an IMAP client with Courier. I hear that Outlook does well with Exchange (to be expected), but there have been problems getting it to work well with other IMAP servers. I don't recall any specifics, and YMMV depending on the Outlook version. I'd recommend doing a prototype test with it though before committing to a domain-wide change. What benefit are you trying to achieve? Are there roaming users who need to access their email outside of the office? If so, they could continue to use pop3 and simply leave the email on the server for a period of time (configured in Outlook). Please let us know how you make out. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] one question
Hi, Exist any program that permit conect to mail server by httpmail with the client aoutlook, like to hotmail. Thanks
Re[2]: [qmailtoaster] Heavy qmail queue pls help !!!
Greetings, Quinn. 31 января 2007 г., 13:16:20 you have wrote: On Tue, 30 Jan 2007 02:33:24 +0300, Alexey Loukianov wrote: AFAIK, it chooses the LAST available interface on the system (the last one ifconfig shows). This behavior is something I dislike and I'm thinking about implementing a patch allowing manual selection of outgoing IP/port pair to send a message from for qmail-rspawn. We use iptables to set the source IP address for outgoing smtp traffic. It has happened before that we needed to change IP address if one becomes blacklisted. iptables -t nat -A POSTROUTING -p tcp -m --dport 25 -j SNAT --to-source xxx.xxx.xxx.xxx That's ok, if all of your traffic is of the same 'type'. Sometimes it's required to generate mail traffic from one host serving different purposes. Good example from real life are out corporate mailing list servers. Their mail queue rarely gets lower that 10 mails in it, resulting in relatively slow message delivery (it takes long enough for qmail-send to check up status of all the messages in queue). But it required for us to have some of the messages in queue to be delivered ASAP - most notably this are urgent messages for root about errors in Cron jobs, or notifications from Nagios-like services. Best approach in this case is to fork another QT installation, placed let's say in /var/qmaillist, that is only serving outgoing mailing lists. Then, I need to route mail traffic for these two instances of QT differently, which can only be done on router/firewall if outgoing mail traffic gets sent from different IPs on the same server. ATM there's no way in qmail-send to specify which interface to use. That's what brings me into thinking about implementing a patch for this task. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] rebuild tcp
I've made changes to my tcp.smtp file, after a restart the setting don't seem to take. Do i need to rebuild the .cdb? if so what is the command? Thanks for all the help and great toaster product. Dan - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] BATV and CHKUSER
I'm guessing that CHKUSER is rejecting it due to the '/'. I don't see where a '/' is introduced into the MailFrom according to the BATV spec, but it's possible that I'm missing something there. If this is indeed your problem, you'll need to tell CHKUSER that '/' is allowed. You'll need to unomment CHKUSER_ALLOW_SENDER_CHAR_3 in chkuser_settings.h and specify the '/' value there. For instructions on how to modify chkuser_settings.h, see http://wiki.qmailtoaster.com/index.php/Chkuser Let us know how you make out. If a '/' is now valid, the stock toaster might need to be changed. Hi Eric: I simply disable sender checking, adding SENDER_NOCHECK= in tcp.smtp and then qmailctl cdb I do not see any advantages, and many inconveniences, in checking sender's address format. Maybe i'm missing something :-S *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* | David Sanchez Martin | [EMAIL PROTECTED] Administrador de Sistemas| http://www.e2000.es E2000 Nuevas Tecnologias | | E2000 Organizacion de Empresarios|Tel : +34 902 19 61 77 Mediadores de Seguros | | Agustin Bravo Esquina Calle C| 33120 Pravia Asturias Spain | | *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* BEGIN:VCARD VERSION:2.1 N:Sánchez Martín;David FN:[EMAIL PROTECTED] ([EMAIL PROTECTED]) ORG:E2000 Financial Investments, S.A.;Centro de Nuevas Tecnologías TITLE:Administrador de Sistemas TEL;WORK;VOICE:902196177 ADR;WORK;ENCODING=QUOTED-PRINTABLE:;;Agust=EDn Bravo 17 2=BA B=0D=0A33120 PRAVIA;Asturias;;;Espa=F1a LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Agust=EDn Bravo 17 2=BA B=0D=0A33120 PRAVIA=0D=0AAsturias=0D=0AEspa=F1a URL;WORK:http://www.e2000.es EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20060705T152542Z END:VCARD smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] rebuild tcp
Greetings, Dan. 31 января 2007 г., 20:52:49 you have wrote: I've made changes to my tcp.smtp file, after a restart the setting don't seem to take. Do i need to rebuild the .cdb? if so what is the command? Yes. You need to issue: # qmailctl cdb There's no need in restarting qmail completely, cdb gets read each time new SMTP connection arise. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] one question
Greetings, Daniel. 31 ?? 2007 ?., 20:49:41 you have wrote: Exist any program that permit conect to mail server by httpmail with the client aoutlook, like to hotmail. You know, your question is a bit unrelated to QmailToaster, so I think that you will not get any valuable answer here. Well, who knows... -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] BATV and CHKUSER
Greetings, David. 31 ?? 2007 ?., 16:17:48 you have wrote: I've received some complaints of some sysadmin that use this scheme, not being able to send mails to my toaster Some clues? Check up logs for rejections due to bad mailfrom, coming from IP of those servers admins were complaining about. Try to send a message with mail from address containing forward slash sign (/) to your QT yourself, check if it works. Basically, characters like dot and slashes are not allowed in QT due to they are so-called directory and path related characters. It might be safe to enable them for mail from: and mail to: addressed for incoming and outgoing messages respectively, but to be sure in it we need to do total QT codebase audit, which is a very big deal, and thus is not possible ATM. To enable / for mail from addresses you will have to modify chkuser sources and recompile it. Search this list archives for precise instructions how to do it. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re[2]: [qmailtoaster] How do you suspend an email box or several email boxes?
Greetings, Erik. 31 ?? 2007 ?., 6:36:55 you have wrote: How do you suspend an email box or several email boxes? Change their passwords. Also, this might be helpfull: [EMAIL PROTECTED] qmail-dk]# ~vpopmail/bin/vmoduser --help /home/vpopmail/bin/vmoduser: invalid option -- - vmoduser: usage: [options] email_addr or domain (for each user in domain) options: -v ( display the vpopmail version number ) -n ( don't rebuild the vpasswd.cdb file ) -q quota ( set quota ) -c comment (set the comment/gecos field ) -e encrypted_passwd (set the password field ) -C clear_text_passwd (set the password field ) the following options are bit flags in the gid int field -x ( clear all flags ) -d ( don't allow user to change password ) -p ( disable POP access ) -s ( disable SMTP AUTH access ) -w ( disable webmail [IMAP from localhost*] access ) ( * full list of webmail server IPs in vchkpw.c ) -i ( disable non-webmail IMAP access ) -b ( bounce all mail ) -o ( user is not subject to domain limits ) -r ( disable roaming user/pop-before-smtp ) -a ( grant qmailadmin administrator privileges) -S ( system administrator privileges - access all domains ) -E ( expert privileges - edit .qmail files ) [The following flags aren't used directly by vpopmail, but are] [included for other programs that share the user database.] -u ( set no dialup flag ) -0 ( set V_USER0 flag ) -1 ( set V_USER1 flag ) -2 ( set V_USER2 flag ) -3 ( set V_USER3 flag ) -f ( disable spamassassin) -F ( delete spam) -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re[2]: [qmailtoaster] Controlling SMTP access to mail server.
Greetings, Erik. 31 ?? 2007 ?., 6:02:20 you have wrote: Separate tcprules file for submission port seems to me as a better approach. It keeps administration of QT flexible and unified, and also it is more cross-platforming way, as tcpserver works on any platform qmail can run on, while iptables is available only on linux systems based on kernels 2.4.x and later. Who cares? We don't even support Debian. . . :) Me, for example ;-D. A friend of mine, also a system engineer, administer small FreeBSD based cluster, and he uses QT in his setup. Accordingly to his words, it wasn't too hard to build and install RPM system on his BSD boxes, and then to correct specs so basic QT parts builds up and install successfully. Well, in any case we can always create tcp.submission ourselves, just like I do it for tcp.pop3 ;-D. But the laziness of sysadmin is the thing that makes me want tcp.submission to be included in stock toaster. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] possible inclusion in toaster
Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
Alexey Loukianov wrote: Greetings, Erik. 31 ?? 2007 ?., 6:02:20 you have wrote: Separate tcprules file for submission port seems to me as a better approach. It keeps administration of QT flexible and unified, and also it is more cross-platforming way, as tcpserver works on any platform qmail can run on, while iptables is available only on linux systems based on kernels 2.4.x and later. Who cares? We don't even support Debian. . . :) Me, for example ;-D. A friend of mine, also a system engineer, administer small FreeBSD based cluster, and he uses QT in his setup. Accordingly to his words, it wasn't too hard to build and install RPM system on his BSD boxes, and then to correct specs so basic QT parts builds up and install successfully. Well, in any case we can always create tcp.submission ourselves, just like I do it for tcp.pop3 ;-D. But the laziness of sysadmin is the thing that makes me want tcp.submission to be included in stock toaster. I agree with Alexey on this. Besides which, wouldn't it be nice to have QT on BSD as well? I wonder if Alexey's friend would care to contribute in this area. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
Greetings, Dan. 31 января 2007 г., 21:54:03 you have wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Don't think that it's worth including in QT, as a can barely see the relation between normal administration tasks for server (like preventing intrusion) and the maintenance of qmail toaster codebase. Hadn't you tried to place your mail servers behind firewall/router box in DMZ, and to restrict connections to SSH only for internal subnet? Also, as a general measure, it is always wise to use other that standard 22 port for SSH, and to permit root plain text passord logins over it. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
Dan Page wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ I suppose it's easy enough to yum. Being a noarch script, I could include it in the qmailtoaster-plus package. I think it might fit well there. What do you think? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[2]: [qmailtoaster] Controlling SMTP access to mail server.
A BSD admin that can take qmailtoaster and make it run on BSD can implmenet a firewall policy using ipf. I don't think having two tcp.smtp's is going to help, it doesn't seem to solve any problems we are having. Erik On 1/31/07, Alexey Loukianov [EMAIL PROTECTED] wrote: Greetings, Eric. 31 января 2007 г., 22:05:38 you have wrote: Alexey Loukianov wrote: Greetings, Erik. 31 ?? 2007 ?., 6:02:20 you have wrote: Separate tcprules file for submission port seems to me as a better approach. It keeps administration of QT flexible and unified, and also it is more cross-platforming way, as tcpserver works on any platform qmail can run on, while iptables is available only on linux systems based on kernels 2.4.x and later. Who cares? We don't even support Debian. . . :) Me, for example ;-D. A friend of mine, also a system engineer, administer small FreeBSD based cluster, and he uses QT in his setup. Accordingly to his words, it wasn't too hard to build and install RPM system on his BSD boxes, and then to correct specs so basic QT parts builds up and install successfully. Well, in any case we can always create tcp.submission ourselves, just like I do it for tcp.pop3 ;-D. But the laziness of sysadmin is the thing that makes me want tcp.submission to be included in stock toaster. I agree with Alexey on this. Besides which, wouldn't it be nice to have QT on BSD as well? I wonder if Alexey's friend would care to contribute in this area. It is not so easy, as BSD way is not to use RPMS, while main toaster advantage is it's RPM nature. A friend of mine came to BSD world from RedHad based linux distros, that is why he uses RPM even on BSD - it is just a matter of habbit. Well, it is still possible to port QT on BSD and distribute is as a bunch of tarballs if we will find some BSD geek who will want to maintenance it. But I don't think it is a urgent task for qt-dev team ;-D. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
DMZ, *scoff* real men (er administrators) don't need fancy firewalls, iptables and some magic is good enough. But really this program is great, I use it on all our linux servers. It works on BSD macOS X and Debian (probably more but these are all I've access too). anyway, I'm not gonna press the issue, but anyway it works great with toaster. Dan On Wed, 2007-01-31 at 22:14 +0300, Alexey Loukianov wrote: Greetings, Dan. 31 января 2007 г., 21:54:03 you have wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Don't think that it's worth including in QT, as a can barely see the relation between normal administration tasks for server (like preventing intrusion) and the maintenance of qmail toaster codebase. Hadn't you tried to place your mail servers behind firewall/router box in DMZ, and to restrict connections to SSH only for internal subnet? Also, as a general measure, it is always wise to use other that standard 22 port for SSH, and to permit root plain text passord logins over it. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] BATV and CHKUSER
David Sánchez Martín wrote: I'm guessing that CHKUSER is rejecting it due to the '/'. I don't see where a '/' is introduced into the MailFrom according to the BATV spec, but it's possible that I'm missing something there. If this is indeed your problem, you'll need to tell CHKUSER that '/' is allowed. You'll need to unomment CHKUSER_ALLOW_SENDER_CHAR_3 in chkuser_settings.h and specify the '/' value there. For instructions on how to modify chkuser_settings.h, see http://wiki.qmailtoaster.com/index.php/Chkuser Let us know how you make out. If a '/' is now valid, the stock toaster might need to be changed. Hi Eric: I simply disable sender checking, adding SENDER_NOCHECK= in tcp.smtp and then qmailctl cdb I do not see any advantages, and many inconveniences, in checking sender's address format. Maybe i'm missing something :-S The chkuser web page says: This define enable usage of a variable excluding any check on the sender. The variable should be set in tcp.smtp for known clients, with static IP, whose mailer is composing bad sender addresses From what I can tell, SENDER_MX will not be checked either. Might not be a big deal for you. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
Dan Page wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] I just change my ssh port. That stops most all of the breakin attempts. Set the new port in /etc/ssh/sshd_config and change the firewall script /etc/sysconfig/iptables to match. W - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
Problem: controlling/configuring smtp and submission independently is difficult, if not impossible. Is there are reason why there *shouldn't* be separate tcprules files? I see no advantage to having them share the same one. Erik Espinoza wrote: A BSD admin that can take qmailtoaster and make it run on BSD can implmenet a firewall policy using ipf. I don't think having two tcp.smtp's is going to help, it doesn't seem to solve any problems we are having. Erik On 1/31/07, Alexey Loukianov [EMAIL PROTECTED] wrote: Greetings, Eric. 31 января 2007 г., 22:05:38 you have wrote: Alexey Loukianov wrote: Greetings, Erik. 31 ?? 2007 ?., 6:02:20 you have wrote: Separate tcprules file for submission port seems to me as a better approach. It keeps administration of QT flexible and unified, and also it is more cross-platforming way, as tcpserver works on any platform qmail can run on, while iptables is available only on linux systems based on kernels 2.4.x and later. Who cares? We don't even support Debian. . . :) Me, for example ;-D. A friend of mine, also a system engineer, administer small FreeBSD based cluster, and he uses QT in his setup. Accordingly to his words, it wasn't too hard to build and install RPM system on his BSD boxes, and then to correct specs so basic QT parts builds up and install successfully. Well, in any case we can always create tcp.submission ourselves, just like I do it for tcp.pop3 ;-D. But the laziness of sysadmin is the thing that makes me want tcp.submission to be included in stock toaster. I agree with Alexey on this. Besides which, wouldn't it be nice to have QT on BSD as well? I wonder if Alexey's friend would care to contribute in this area. It is not so easy, as BSD way is not to use RPMS, while main toaster advantage is it's RPM nature. A friend of mine came to BSD world from RedHad based linux distros, that is why he uses RPM even on BSD - it is just a matter of habbit. Well, it is still possible to port QT on BSD and distribute is as a bunch of tarballs if we will find some BSD geek who will want to maintenance it. But I don't think it is a urgent task for qt-dev team ;-D. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] rebuild tcp
Peter Peltonen wrote: BTW: When running the command one get's the following output: Reloaded /etc/tcprules.d/tcp.smtp Reloaded /var/qmail/control/badmimetypes.cdb Reloaded /var/qmail/control/badloadertypes.cdb Reloaded /var/qmail/control/simversions.cdb Reloaded /var/qmail/control/simcontrol.cdb Is there a typo at the first line -- shouldn't it be: Reloaded /etc/tcprules.d/tcp.smtp.cdb ? Yep. You can edit /usr/bin/qmailctl if you'd like. ;) -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
ES, port 587 is all about SMTP-AUTH, meaning that tcprules shouldn't really matter as it's all done through auth. Port 25 doesn't require auth, therefore it would need independent control. What possible scenario would we need to control port 587 independently of port 25 and why? This seems like unnecessary complication, with no pay off at all. Erik On 1/31/07, Eric Shubes [EMAIL PROTECTED] wrote: Problem: controlling/configuring smtp and submission independently is difficult, if not impossible. Is there are reason why there *shouldn't* be separate tcprules files? I see no advantage to having them share the same one. Erik Espinoza wrote: A BSD admin that can take qmailtoaster and make it run on BSD can implmenet a firewall policy using ipf. I don't think having two tcp.smtp's is going to help, it doesn't seem to solve any problems we are having. Erik On 1/31/07, Alexey Loukianov [EMAIL PROTECTED] wrote: Greetings, Eric. 31 января 2007 г., 22:05:38 you have wrote: Alexey Loukianov wrote: Greetings, Erik. 31 ?? 2007 ?., 6:02:20 you have wrote: Separate tcprules file for submission port seems to me as a better approach. It keeps administration of QT flexible and unified, and also it is more cross-platforming way, as tcpserver works on any platform qmail can run on, while iptables is available only on linux systems based on kernels 2.4.x and later. Who cares? We don't even support Debian. . . :) Me, for example ;-D. A friend of mine, also a system engineer, administer small FreeBSD based cluster, and he uses QT in his setup. Accordingly to his words, it wasn't too hard to build and install RPM system on his BSD boxes, and then to correct specs so basic QT parts builds up and install successfully. Well, in any case we can always create tcp.submission ourselves, just like I do it for tcp.pop3 ;-D. But the laziness of sysadmin is the thing that makes me want tcp.submission to be included in stock toaster. I agree with Alexey on this. Besides which, wouldn't it be nice to have QT on BSD as well? I wonder if Alexey's friend would care to contribute in this area. It is not so easy, as BSD way is not to use RPMS, while main toaster advantage is it's RPM nature. A friend of mine came to BSD world from RedHad based linux distros, that is why he uses RPM even on BSD - it is just a matter of habbit. Well, it is still possible to port QT on BSD and distribute is as a bunch of tarballs if we will find some BSD geek who will want to maintenance it. But I don't think it is a urgent task for qt-dev team ;-D. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SMTP-AUTH
Any news on this? I am curious if it works correctly for you now. JP - Original Message - From: Jean-Paul van de Plasse [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 3:57 PM Subject: Re: [qmailtoaster] SMTP-AUTH You really only have to change your run script. (don't forget to restart your toaster) The c-code works, thats for sure. u is the result of the scan_ulong, and if it return 0 require_auth becomes 1. flagauth is set when a user is authenticated (no use todo it 2 times). JP - Original Message - From: Wojciech Gabor [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 3:52 PM Subject: Re: [qmailtoaster] SMTP-AUTH Dnia środa, 31 stycznia 2007 14:22, Jean-Paul van de Plasse napisał: A small error in the run file of the submission port makes this port open for all! The line reads REQUIRE_AUTH=1, but this should be export REQUIRE_AUTH=1 Otherwise it will not be available in the qmail-smtpd Hopefully this can be fixed soon.. For all using submission: For now a manual fix is easy, just edit the /var/qmail/supervise/submission/run file and change that line. I've looked sources before send message to the list. I've make this fix but it not fix problem. I think that problem is in require_auth is set in code x = env_get(REQUIRE_AUTH); if(x) { scan_ulong(x,u); if (u0) require_auth = 1; } /code but what is u ? when u0 code if (require_auth) if (!flagauth) { err_authfirst(); return; } /code When flagauth is set? I have two interfaces: - 1.2.3.4 - incomming messages, rbl, calmav, spamassassin - 1.2.3.5 - messages from our clients, no rbl and spamassassin but REQUIRE_AUTH=1 Mailes send to outer domains by 1.2.3.5 without authorization are blocked with message client not allowed to relay and it's OK. But mails send to my domain are delivered and it's not OK because spam is incoming to client mailboxes. How block all messages but authorized? -- Tuptus System uptime: 41 years 9 months 0 weeks 5 days 9 hours 45 minuts Nigdy nie ufaj systemowi operacyjnemu, do którego nie masz kodów źródłowych. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] UPDATE qmail-toaster-1.03-1.3.13.src.rpm URGENT
The package has been moved to the devel site. Thanks, Erik On 1/31/07, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote: Hi, This release fixes a mistake in the run script for the submission port. I suggest everyone using the submission port to upgrade asap to this release. Or to manualy change the run script by changing the line REQUIRE_AUTH=1 to export REQUIRE_AUTH=1 For now you can download the new rpm at : http://iserve01.i-serve.net/qmail-toaster-1.03-1.3.13.src.rpm JP - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] one question
HI Alexey, I use QmailToaster, sorry for this, i no wirte any more here. Thanks - Original Message - From: Alexey Loukianov [EMAIL PROTECTED] To: Daniel R. Hdez qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 12:16 PM Subject: Re: [qmailtoaster] one question Greetings, Daniel. 31 ?? 2007 ?., 20:49:41 you have wrote: Exist any program that permit conect to mail server by httpmail with the client aoutlook, like to hotmail. You know, your question is a bit unrelated to QmailToaster, so I think that you will not get any valuable answer here. Well, who knows... -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] one question
Hey Daniel, Here is a link to a modified squirrelmail that may fit your need. http://sourceforge.net/projects/squirreloutlook/ In general this list is about the QmailToaster. We will try to help with other things, but Alexey was just letting you know that you may not find the info you seek on this list. Thanks, Erik On 1/31/07, Daniel R. Hdez [EMAIL PROTECTED] wrote: HI Alexey, I use QmailToaster, sorry for this, i no wirte any more here. Thanks - Original Message - From: Alexey Loukianov [EMAIL PROTECTED] To: Daniel R. Hdez qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 12:16 PM Subject: Re: [qmailtoaster] one question Greetings, Daniel. 31 ?? 2007 ?., 20:49:41 you have wrote: Exist any program that permit conect to mail server by httpmail with the client aoutlook, like to hotmail. You know, your question is a bit unrelated to QmailToaster, so I think that you will not get any valuable answer here. Well, who knows... -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
Nice suggestion, but seriously it's not worth us supporting more packages than we already support. Dag does a great job with his packaging, it'd be best to use his package if it works for you. We're concentrating on making a mail system as best as it can be. We're not trying to handle every aspect of the system you are running. That's for the admin to determine. Thanks, Erik On 1/31/07, Dan Page [EMAIL PROTECTED] wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] UPDATE qmail-toaster-1.03-1.3.13.src.rpm URGENT
On Wed, 31 Jan 2007 15:13:46 +0100, Jean-Paul van de Plasse wrote: Or to manualy change the run script by changing the line REQUIRE_AUTH=1 to export REQUIRE_AUTH=1 The smtp/run script maybe also has this but as it only has: REQUIRE_AUTH=0 Quinn - Strangecode :: Internet Consultancy http://www.strangecode.com/ +1 530 624 4410 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] one question
Erik Espinoza wrote: In general this list is about the QmailToaster. We will try to help with other things, but Alexey was just letting you know that you may not find the info you seek on this list. That is exactly I was meaning by that sentence. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] bad-loader-reject
One of our clients is attempting to send one of my employees a PDF file but it keeps getting rejected with the following message: --- qmail-smtpd: bad-loader-reject: MAILFROM:[EMAIL PROTECTED] RCPTTO:[EMAIL PROTECTED] --- I believe this logging was recently added and I'm trying to figure out what this means.
Re: [qmailtoaster] UPDATE qmail-toaster-1.03-1.3.13.src.rpm URGENT
Quinn Comendant wrote: On Wed, 31 Jan 2007 15:13:46 +0100, Jean-Paul van de Plasse wrote: Or to manualy change the run script by changing the line REQUIRE_AUTH=1 to export REQUIRE_AUTH=1 The smtp/run script maybe also has this but as it only has: REQUIRE_AUTH=0 This is not fatal, as if REQUIRE_AUTH is not set, qmail-smtpd defaults not to require auth. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] UPDATE qmail-toaster-1.03-1.3.13.src.rpm URGENT
Ah thats the problem with only quick checking and not looking further This does not make a difference tho since default = 0.. Just looks silly :P JP - Original Message - From: Quinn Comendant [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 10:11 PM Subject: Re: [qmailtoaster] UPDATE qmail-toaster-1.03-1.3.13.src.rpm URGENT On Wed, 31 Jan 2007 15:13:46 +0100, Jean-Paul van de Plasse wrote: Or to manualy change the run script by changing the line REQUIRE_AUTH=1 to export REQUIRE_AUTH=1 The smtp/run script maybe also has this but as it only has: REQUIRE_AUTH=0 Quinn - Strangecode :: Internet Consultancy http://www.strangecode.com/ +1 530 624 4410 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
Erik Espinoza wrote: A BSD admin that can take qmailtoaster and make it run on BSD can implmenet a firewall policy using ipf. Sure ;-D. But you're not taking into account admin laziness. ES, port 587 is all about SMTP-AUTH, meaning that tcprules shouldn't really matter as it's all done through auth. Port 25 doesn't require auth, therefore it would need independent control. What possible scenario would we need to control port 587 independently of port 25 and why? This seems like unnecessary complication, with no pay off at all. You know, that is the reason I'd like to see that files separated. Submission service and SMTP service in fact serve for totally different purposes. One is used for MUA-MTA message submission, other is used for MTA-to-MTA message transfer. I can hardly see why should I use same tcprules for totally different services? In ideal world I would enable things like SPF and simscan only on SMTP service, and domainkeys or dkim signing only on SUBMISSION service. And I would never-ever add IP ranges with RELAYCLIENT= to the tcprules for SUBMISSION service as it will look like nonsence there - I always want my users to auth themselves to use SUBMISSION service. That is why I use separate rulesets for SMTP and SUBMISSION. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] one question
I think he means he wants to access his mail by using a different connector then imap/pop3. Like there is a hotmail connector in outlook over http/https. I really doubt there is anything that does this , and also I see no good reason you would want it. JP - Original Message - From: Erik Espinoza [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 9:39 PM Subject: Re: [qmailtoaster] one question Hey Daniel, Here is a link to a modified squirrelmail that may fit your need. http://sourceforge.net/projects/squirreloutlook/ In general this list is about the QmailToaster. We will try to help with other things, but Alexey was just letting you know that you may not find the info you seek on this list. Thanks, Erik On 1/31/07, Daniel R. Hdez [EMAIL PROTECTED] wrote: HI Alexey, I use QmailToaster, sorry for this, i no wirte any more here. Thanks - Original Message - From: Alexey Loukianov [EMAIL PROTECTED] To: Daniel R. Hdez qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 12:16 PM Subject: Re: [qmailtoaster] one question Greetings, Daniel. 31 ?? 2007 ?., 20:49:41 you have wrote: Exist any program that permit conect to mail server by httpmail with the client aoutlook, like to hotmail. You know, your question is a bit unrelated to QmailToaster, so I think that you will not get any valuable answer here. Well, who knows... -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] bad-loader-reject
It seems you have something in /var/qmail/control/badloadertypes But this file has been empty (commented) for a long time now. So make sure you run an up to date qmail-toaster. Or manually change the file and run qmailctl cdb JP - Original Message - From: Dan Herbon To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 10:15 PM Subject: [qmailtoaster] bad-loader-reject One of our clients is attempting to send one of my employees a PDF file but it keeps getting rejected with the following message: --- qmail-smtpd: bad-loader-reject: MAILFROM:[EMAIL PROTECTED] RCPTTO:[EMAIL PROTECTED] --- I believe this logging was recently added and I'm trying to figure out what this means.
Re: [qmailtoaster] bad-loader-reject
Dan Herbon wrote: One of our clients is attempting to send one of my employees a PDF file but it keeps getting rejected with the following message: --- qmail-smtpd: bad-loader-reject: MAILFROM:[EMAIL PROTECTED] RCPTTO:[EMAIL PROTECTED] --- I believe this logging was recently added and I’m trying to figure out what this means. A message was rejected because it contains some of the strings found in /var/qmail/controls/badloadertypes. Check your /etc/tcprules.d/tcp.smtp for BADLOADERTYPE value. qmail-smtpd looks in a message for any sting starting with letter specified by BADLOADERTYPE value and is listed in /var/qmail/controls/badloadertypes. If it founds any - it rejects a message. That was implemented by DJB as a poor-mans style of content filtering, allowing to reject messages containing stings like '32.dll', e.t.c. Now it is not needed anymore, as clamav scanning in general gives better results and less false positives. To disable badloader scanning, set BADLOADERTYPE= in tcp.smtp, and comment out all lines in /var/qmail/controls/badloadertypes by placing hash character to the beginning of each line. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] SPF causing delivery failures
Hi Everyone: I have a qmail toaster that sits behind a SPAM and virus filter. All incoming email is first routed through the filter before getting handed off to the toaster. Unfortunately the toaster is rejecting some email due to SPF issues? How do I stop this? Is there a way to disable SPF without re-installing toaster? Or is there a way to keep SPF running in this type of environment? Thanks! - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SPF causing delivery failures SOLVED
Ed Morrison wrote: Hi Everyone: I have a qmail toaster that sits behind a SPAM and virus filter. All incoming email is first routed through the filter before getting handed off to the toaster. Unfortunately the toaster is rejecting some email due to SPF issues? How do I stop this? Is there a way to disable SPF without re-installing toaster? Or is there a way to keep SPF running in this type of environment? Thanks! I found it here: /var/qmail/control/spfbehavior - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] Greylist for qmailtoaster
Hi, I am thinking about trying out greylist for the qmailtoaster currently running on our server. I heard great reports from my friend who is using it on sendmail. Is there any patch that I could use and just compile only the smtp? Is that even possible? Or do I have to recompile everything? Then run the smtp-grey on another ip so that it can be tested on a domain to see if it works. I know I will have to add a MX record for the testing domain. Any advice is greatly appreciated. P.V.Anthony - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Greylist for qmailtoaster
Hello PV Very basic greylisting available here: http://www.kabewm.com/?p=19 I recommend against greylisting in general as many spam appliances and firewalls that people use as proxies for their Exchange server (or other servers) do not handle error 4xx as temporary errors. Instead they kick back an error to the user and reject all mail from those sites. Sure they are not following the standard, but you're the one that's going to hear about it and deal with troubleshooting sites with little/no information. Thanks, Erik On 1/31/07, P.V.Anthony [EMAIL PROTECTED] wrote: Hi, I am thinking about trying out greylist for the qmailtoaster currently running on our server. I heard great reports from my friend who is using it on sendmail. Is there any patch that I could use and just compile only the smtp? Is that even possible? Or do I have to recompile everything? Then run the smtp-grey on another ip so that it can be tested on a domain to see if it works. I know I will have to add a MX record for the testing domain. Any advice is greatly appreciated. P.V.Anthony - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] one question
Definitely outside the scope of QmailToaster. That said: http://ypopsemail.com/ I don't know about Hotmail though. On 1/31/07, Jean-Paul van de Plasse [EMAIL PROTECTED] wrote: I think he means he wants to access his mail by using a different connector then imap/pop3. Like there is a hotmail connector in outlook over http/https. I really doubt there is anything that does this , and also I see no good reason you would want it. JP - Original Message - From: Erik Espinoza [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 9:39 PM Subject: Re: [qmailtoaster] one question Hey Daniel, Here is a link to a modified squirrelmail that may fit your need. http://sourceforge.net/projects/squirreloutlook/ In general this list is about the QmailToaster. We will try to help with other things, but Alexey was just letting you know that you may not find the info you seek on this list. Thanks, Erik On 1/31/07, Daniel R. Hdez [EMAIL PROTECTED] wrote: HI Alexey, I use QmailToaster, sorry for this, i no wirte any more here. Thanks - Original Message - From: Alexey Loukianov [EMAIL PROTECTED] To: Daniel R. Hdez qmailtoaster-list@qmailtoaster.com Sent: Wednesday, January 31, 2007 12:16 PM Subject: Re: [qmailtoaster] one question Greetings, Daniel. 31 ?? 2007 ?., 20:49:41 you have wrote: Exist any program that permit conect to mail server by httpmail with the client aoutlook, like to hotmail. You know, your question is a bit unrelated to QmailToaster, so I think that you will not get any valuable answer here. Well, who knows... -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
I'd like to see it under TT for now. Thanks, Dan. dan page wrote: Okay, You've Convinced me to do a HOWTO. I like the idea of giving something back, because honestly I know ALOT of people who would have spent 5k or better on M$ exchange if weren't for the toaster (have I Mentioned I like QMT?) Just tell me where you want it. from the main page under 2. FAQ or additional resoures? could be user tips and tricks. Just say where and i'll throw somthing up Thanks for all the great work. Dan Page Erik Espinoza wrote: A wiki entry would be nice though, if you want to add one I'm sure the community would appreciate your howto. Thanks, Erik On 1/31/07, Erik Espinoza [EMAIL PROTECTED] wrote: Nice suggestion, but seriously it's not worth us supporting more packages than we already support. Dag does a great job with his packaging, it'd be best to use his package if it works for you. We're concentrating on making a mail system as best as it can be. We're not trying to handle every aspect of the system you are running. That's for the admin to determine. Thanks, Erik On 1/31/07, Dan Page [EMAIL PROTECTED] wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
Erik Espinoza wrote: ES, port 587 is all about SMTP-AUTH, meaning that tcprules shouldn't really matter as it's all done through auth. Port 25 doesn't require auth, therefore it would need independent control. This sounds to me like a good argument *for* separating them. The processes are inherently (naturally) different. Saying that tcprules shouldn't really matter for submission isn't really the case. It's true that there should essentially be no rules, but that's different. If you need to put constraints on MTA sessions, as Stephen needed to do (remember what started this thread?), they would be inappropriate for MSA sessions (which would need to be wide open), which causes a problem. What possible scenario would we need to control port 587 independently of port 25 and why? Any time that an admin might need to control MTA traffic/access independently of MSA. The MSA rules would be simple and static (practically non existent, because SMTP-AUTH is handling everything, and would rarely need to change), while most of the tailoring (allowing only MTA from a limited set of servers, for instance) would exist in the MTA rules. This seems like unnecessary complication, with no pay off at all. I guess what you see as complication I see as simplicity. The payoff is being able to change MTA behavior without impacting the MSA. This is the same reason that MSA was separated to begin with, was it not? Erik On 1/31/07, Eric Shubes [EMAIL PROTECTED] wrote: Problem: controlling/configuring smtp and submission independently is difficult, if not impossible. Is there are reason why there *shouldn't* be separate tcprules files? I see no advantage to having them share the same one. Erik Espinoza wrote: A BSD admin that can take qmailtoaster and make it run on BSD can implmenet a firewall policy using ipf. I don't think having two tcp.smtp's is going to help, it doesn't seem to solve any problems we are having. Erik On 1/31/07, Alexey Loukianov [EMAIL PROTECTED] wrote: Greetings, Eric. 31 января 2007 г., 22:05:38 you have wrote: Alexey Loukianov wrote: Greetings, Erik. 31 ?? 2007 ?., 6:02:20 you have wrote: Separate tcprules file for submission port seems to me as a better approach. It keeps administration of QT flexible and unified, and also it is more cross-platforming way, as tcpserver works on any platform qmail can run on, while iptables is available only on linux systems based on kernels 2.4.x and later. Who cares? We don't even support Debian. . . :) Me, for example ;-D. A friend of mine, also a system engineer, administer small FreeBSD based cluster, and he uses QT in his setup. Accordingly to his words, it wasn't too hard to build and install RPM system on his BSD boxes, and then to correct specs so basic QT parts builds up and install successfully. Well, in any case we can always create tcp.submission ourselves, just like I do it for tcp.pop3 ;-D. But the laziness of sysadmin is the thing that makes me want tcp.submission to be included in stock toaster. I agree with Alexey on this. Besides which, wouldn't it be nice to have QT on BSD as well? I wonder if Alexey's friend would care to contribute in this area. It is not so easy, as BSD way is not to use RPMS, while main toaster advantage is it's RPM nature. A friend of mine came to BSD world from RedHad based linux distros, that is why he uses RPM even on BSD - it is just a matter of habbit. Well, it is still possible to port QT on BSD and distribute is as a bunch of tarballs if we will find some BSD geek who will want to maintenance it. But I don't think it is a urgent task for qt-dev team ;-D. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Controlling SMTP access to mail server.
ES, port 587 is all about SMTP-AUTH, meaning that tcprules shouldn't really matter as it's all done through auth. Port 25 doesn't require auth, therefore it would need independent control. This sounds to me like a good argument *for* separating them. The processes are inherently (naturally) different. Saying that tcprules shouldn't really matter for submission isn't really the case. It's true that there should essentially be no rules, but that's different. If you need to put constraints on MTA sessions, as Stephen needed to do (remember what started this thread?), they would be inappropriate for MSA sessions (which would need to be wide open), which causes a problem. I don't see how tcprules would fix Stephen's problem. He's basically ticked that spammers are hitting his hidden server directly. I say don't just hide it, firewall it. What possible scenario would we need to control port 587 independently of port 25 and why? Any time that an admin might need to control MTA traffic/access independently of MSA. The MSA rules would be simple and static (practically non existent, because SMTP-AUTH is handling everything, and would rarely need to change), while most of the tailoring (allowing only MTA from a limited set of servers, for instance) would exist in the MTA rules. This seems like unnecessary complication, with no pay off at all. I guess what you see as complication I see as simplicity. The payoff is being able to change MTA behavior without impacting the MSA. This is the same reason that MSA was separated to begin with, was it not? Show me one scenario where this would make sense? I can't think of one. Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] received blank e-mail
Hello all I have a problem with one of my customer he said he got a blank e-mail when receiving mail using outlook express. Do anyone experience same problem like this? and how to handle problem like this? for the answer i apreciate it. Regards Opik note: Qmailtoaster version 1.03-1.2.11 OS SuSE 10.0 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Switching from pop3 to IMAP and how to backup e.mails archives
I don't know the answer to your question for sure, but I think that would do it. I've been (slowly) migrating a few accounts from pop3 to imap too. From what I've seen on the internet though, I'm leery to use Outlook as an IMAP client with Courier. I hear that Outlook does well with Exchange (to be expected), but there have been problems getting it to work well with other IMAP servers. I don't recall any specifics, and YMMV depending on the Outlook version. I'd recommend doing a prototype test with it though before committing to a domain-wide change. What benefit are you trying to achieve? Are there roaming users who need to access their email outside of the office? If so, they could continue to use pop3 and simply leave the email on the server for a period of time (configured in Outlook). Yes , we have 4 sales manager who are often abroad and we recently bought blackberry devices with a wordlwide flatrate contract . What they want is to have a central repository .I mean , if they erase a msg while they are away (i.e with their blackberry) , they don't want to find it again on their desktop pc's once they are in the office. I don't think or better , I wouldn't know how to handle a situation like that with pop3 protocol. About outlook , I've read there were problems with earlier version of this client but fortunately we use the latest version . I'll let you know as soon as possible. Thanks ! Max - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Switching from pop3 to IMAP and how to backup e.mails archives
Yes , we have 4 sales manager who are often abroad and we recently bought blackberry devices with a wordlwide flatrate contract . What they want is to have a central repository .I mean , if they erase a msg while they are away (i.e with their blackberry) , they don't want to find it again on their desktop pc's once they are in the office. Buy Blackberry Enterprise Server. Thanks, Erik - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]