Re: [qmailtoaster] Authentication to bypass spam checks
pretty smart question John, I also would like to hear the answer for it from the experts. - Original Message - From: Tek Support [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, August 08, 2008 8:37 AM Subject: Re: [qmailtoaster] Authentication to bypass spam checks Hi all, I have a few question. Before I learned of this port 587, my only option was to disable spamhaus. And all I did to disable it was to remove it from my /var/qmail/control/blacklists file. So, the other day I needed some addition reporting and I remembered the toaster plus, so I downloaded the Repo and ran the yum install for it. I then also decided to run the spamdyke filter. So, now that I've realized that port 587 is available for my users to send on, I went back to add the spamhaus. However, it's no longer in the /var/qmail/supervise/smtp/run file. It would appear that spamdyke has removed it. So I have 2 questions: 1) Are spamdyke and spamhaus compatible? Why would or why does spamdyke remove blacklist from the run file. Here are the before and after. ---Begin--- ---End--- 2) Since I've just found out that port 587 is available, and 587 does not run spamhaus the dynamic ip checker, then what is keeping a spammer from trying to use this 587? I mean I'm a little confused. If my port 25 won't allow any non-authenticated users to send smtp (presuming it's not an open relay), then why would I even need port 587? I understand the need to have 587 if I'm using spamhaus on port 25, and 25 is now blocked to my dynamic users (workers from home). So it seems a bit unnecessary to have both ports. And why couldn't a spammer start sending spam to my users on 587 - if it even works that way, which I'm not sure yet if it can? Qmailtoaster is a pretty popular thing, so someone, somewhere would certainly try port 587 in order to get around spamhaus wouldn't they? Thanks for your time on this, I'm not trying to be difficult, only trying to understand how and why. Thanks John - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Authentication to bypass spam checks
The answer to question 2) is quite simple: Only authenticated users can relay via this port. Additionally usage of TLS is suggested. Qmailtoaster is prepeared for it, but each client must enable it; for security reasons (to force man in the middle attacs) each client should not only prefer but force TLS to be used. Best regards, Johannes Weberhofer Anil Aliyan wrote: pretty smart question John, I also would like to hear the answer for it from the experts. - Original Message - From: Tek Support [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, August 08, 2008 8:37 AM Subject: Re: [qmailtoaster] Authentication to bypass spam checks Hi all, I have a few question. Before I learned of this port 587, my only option was to disable spamhaus. And all I did to disable it was to remove it from my /var/qmail/control/blacklists file. So, the other day I needed some addition reporting and I remembered the toaster plus, so I downloaded the Repo and ran the yum install for it. I then also decided to run the spamdyke filter. So, now that I've realized that port 587 is available for my users to send on, I went back to add the spamhaus. However, it's no longer in the /var/qmail/supervise/smtp/run file. It would appear that spamdyke has removed it. So I have 2 questions: 1) Are spamdyke and spamhaus compatible? Why would or why does spamdyke remove blacklist from the run file. Here are the before and after. ---Begin--- ---End--- 2) Since I've just found out that port 587 is available, and 587 does not run spamhaus the dynamic ip checker, then what is keeping a spammer from trying to use this 587? I mean I'm a little confused. If my port 25 won't allow any non-authenticated users to send smtp (presuming it's not an open relay), then why would I even need port 587? I understand the need to have 587 if I'm using spamhaus on port 25, and 25 is now blocked to my dynamic users (workers from home). So it seems a bit unnecessary to have both ports. And why couldn't a spammer start sending spam to my users on 587 - if it even works that way, which I'm not sure yet if it can? Qmailtoaster is a pretty popular thing, so someone, somewhere would certainly try port 587 in order to get around spamhaus wouldn't they? Thanks for your time on this, I'm not trying to be difficult, only trying to understand how and why. Thanks John - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- |- | weberhofer GmbH | Johannes Weberhofer | information technologies | Austria, 1080 Wien, Blindengasse 52/3 | | Firmenbuch: 225566s, Handelsgericht Wien | UID: ATU55277701 | | phone : +43 (0)1 5454421 0| email: [EMAIL PROTECTED] | fax : +43 (0)1 5454421 19 | web : http://weberhofer.at | mobile: +43 (0)699 11998315 |--- - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Authentication to bypass spam checks
Hi, you can check the file /etc/spamdyke/spamdyke.conf here are the rbl servers now. Mario - Mensaje original - De: Tek Support [EMAIL PROTECTED] Para: qmailtoaster-list@qmailtoaster.com Enviado: Jueves, 07 de Agosto de 2008 10:41 p.m. Asunto: Re: [qmailtoaster] Authentication to bypass spam checks Opps, I forgot to add the before and after /var/qmail/supervise/smtp/run file. ---Before Begin--- #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` BLACKLIST=`cat /var/qmail/control/blacklists` SMTPD=/var/qmail/bin/qmail-smtpd TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb RBLSMTPD=/usr/bin/rblsmtpd HOSTNAME=`hostname` VCHKPW=/home/vpopmail/bin/vchkpw REQUIRE_AUTH=0 exec /usr/bin/softlimit -m 8500 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ $RBLSMTPD $BLACKLIST $SMTPD $VCHKPW /bin/true 21 ---Before End--- ---After Begin--- #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SPAMDYKE=/usr/local/bin/spamdyke SPAMDYKE_CONF=/etc/spamdyke/spamdyke.conf SMTPD=/var/qmail/bin/qmail-smtpd TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb HOSTNAME=`hostname` VCHKPW=/home/vpopmail/bin/vchkpw REQUIRE_AUTH=0 exec /usr/bin/softlimit -m 8500 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ $SPAMDYKE --config-file $SPAMDYKE_CONF \ $SMTPD $VCHKPW /bin/true 21 ---After End--- You can see the BLACKLIST=`cat /var/qmail/control/blacklists` is no longer listed. Thanks John On Thu, Aug 7, 2008 at 9:07 PM, Tek Support [EMAIL PROTECTED] wrote: Hi all, I have a few question. Before I learned of this port 587, my only option was to disable spamhaus. And all I did to disable it was to remove it from my /var/qmail/control/blacklists file. So, the other day I needed some addition reporting and I remembered the toaster plus, so I downloaded the Repo and ran the yum install for it. I then also decided to run the spamdyke filter. So, now that I've realized that port 587 is available for my users to send on, I went back to add the spamhaus. However, it's no longer in the /var/qmail/supervise/smtp/run file. It would appear that spamdyke has removed it. So I have 2 questions: 1) Are spamdyke and spamhaus compatible? Why would or why does spamdyke remove blacklist from the run file. Here are the before and after. ---Begin--- ---End--- 2) Since I've just found out that port 587 is available, and 587 does not run spamhaus the dynamic ip checker, then what is keeping a spammer from trying to use this 587? I mean I'm a little confused. If my port 25 won't allow any non-authenticated users to send smtp (presuming it's not an open relay), then why would I even need port 587? I understand the need to have 587 if I'm using spamhaus on port 25, and 25 is now blocked to my dynamic users (workers from home). So it seems a bit unnecessary to have both ports. And why couldn't a spammer start sending spam to my users on 587 - if it even works that way, which I'm not sure yet if it can? Qmailtoaster is a pretty popular thing, so someone, somewhere would certainly try port 587 in order to get around spamhaus wouldn't they? Thanks for your time on this, I'm not trying to be difficult, only trying to understand how and why. Thanks John - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.12/1599 - Release Date: 07/08/2008 20:49 - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] relaying in Centos5
Hi all, I increassed (more) the smtp softlimit from 85000... to 185000... I think that was the problem. Apparently It could not load the vckpw process dinamically but no message was logged. Now I have a new error (error 554 from spanhaus). (DENIED_RBL_MATCH) I´ll check this. best regards Gabriel - Original Message - From: Gaby Kule [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, August 07, 2008 7:11 PM Subject: Re: [qmailtoaster] relaying in Centos5 Thanks Eric, I have a static IP, If I add my public static IP into the /etc/tcprules.d/tcp.smtp it works fine, but I need it for sending emails from dimamic IPs, for all the users hosted in my server. I dont understand why must be 587 port opened. I know it is closed cause the firewall is not administered by me (I have a hardware firewall in that server), but must I request this port to be opened to the administrator ? why ? Is there other usefull test that ou recommend? regards Gabriel - Original Message - From: Eric Shubert [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, August 07, 2008 4:53 PM Subject: Re: [qmailtoaster] relaying in Centos5 Gaby Kule wrote: Hi all, I installed las week latest versions of qmt + spamdyke on Centos5 updated, x86_64, My problem is than I can not send outgoing emails from this server, I get 5.5.3 error. I can do pop3 login, I can send email from localhost (squirredmail) I can telnet from localhost and smtp auth looks good. telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 Welcome to Bob Esponja ESMTP ESMTP ehlo localhost 250-Welcome to Bob Esponja ESMTP 250-STARTTLS 250-PIPELINING 250-8BITMIME 250-SIZE 20971520 250 AUTH LOGIN PLAIN CRAM-MD5 quit 221 Welcome to Bob Esponja ESMTP Connection closed by foreign host. If I telnet from other host, it opens connection but does not prints welcome message. It prints: telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 ** This is my /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/var/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 This is my tail /var/log/qmail/smtp/current @4000489b41282bec2dc4 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote GabyK:unknown:xxx.xxx.xxx.xxx rcpt : sender accepted @4000489b412a281c97c4 CHKUSER rejected relaying: from [EMAIL PROTECTED]:: remote GabyK:unknown:xxx.xxx.xxx.xxx rcpt [EMAIL PROTECTED] : client not allowed to relay @4000489b412b2b1e816c tcpserver: end 26060 status 0 @4000489b412b2b1e8554 tcpserver: status: 0/100 I have another server with an older version working on Centos4 and this works good. I dont know what else to check. Do you have some ideas ? best regards Gabriel Are you trying to send from a dynamic IP address? That would most likely be blocked. Try sending on port 587. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] Issue upgrading Spamassassin
All , I tried update spamassassin at Centos 4.2 using qtp-newmodel And I get this message : Installing spamassassin-toaster-3.2.5-1.3.14 in the sandbox ... error: Failed dependencies: perl(HTTP::Date) is needed by spamassassin-toaster-3.2.5-1.3.14.i686 perl(LWP::UserAgent) is needed by spamassassin-toaster-3.2.5-1.3.14.i686 but , this perl modules are up to date ! any idea ??? tks.Marco -Original Message- From: Eric Shubert [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 06, 2008 2:00 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Issue upgrading Spamassassin The official spamassassin-toaster versions don't work with MakeMaker 6.44+ yet. I've modified the spamassassin-toaster.spec file to work with MakeMaker 6.44+, and Erik Espinoza's in the process of testing it for official release. I can send you the unofficial source rpm if you'd like. Please contact me off list for that. Ben King wrote: I have MakeMaker.pm version 6.44 revision 54639 on CentOS 5.2 I have the same exact error that person in the message I quoted is getting. + rm -f /var/tmp/spamassassin-toaster-root/etc/mail/spamassassin/v310.pre + install -m 0644 /usr/src/redhat/SOURCES/qmailtoaster.local.cf.bz2 /var/tmp/spamassassin-toaster-root/etc/mail/spamassassin/local.cf.bz2 install: cannot create regular file `/var/tmp/spamassassin-toaster-root/etc/mail/spamassassin/local.cf.bz2': No such file or directory error: Bad exit status from /var/tmp/rpm-tmp.37388 (%install) The rpm build fails at the local.cf.bz2 file. I tried doing a cpan bundle update and then loaded IO::Compress::Bzip2. CPAN doesn't fail or load this as a dependency. If you don't watch the build then you could easily miss the note on the screen about it missing. This didn't help me either. - Original Message - From: Eric Shubert [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Monday, August 04, 2008 11:37 AM Subject: Re: [qmailtoaster] Issue upgrading Spamassassin There's a good chance that there's a fix to your problem, but it's a good idea to verify that you're having the problem which the fix fixes. ;) Please post the error you're getting, along with the version of your MakeMaker.pm module. Ben King wrote: I'm having the same trouble updating spamassassin on Centos5.2. Does anybody know if there an updated package to try? - Original Message - From: Erik A. Espinoza [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Saturday, July 12, 2008 5:15 PM Subject: Re: [qmailtoaster] Issue upgrading Spamassassin This issue appears to be caused by a mismatch of a perl module between the source and destination. Eric Schubes has created a work around that I haven't had a chance to validate on all the platforms yet, but once done I will release it. Thanks, EE On Sat, Jul 12, 2008 at 4:57 PM, James Palmer [EMAIL PROTECTED] wrote: Hi all, Ran into an issue when upgrading SA to the latest version. I removed the package (as I always do) rpm -e spamassassin-toaster And whilst building the new spamassassin src.rpm (rpmbuild --rebuild --with cnt50 spamassassin-toaster-3.2.5-1.3.14.src.rpm) I get the following error: + rm -f /var/tmp/spamassassin-toaster-root/etc/mail/spamassassin/local.cf + rm -f /var/tmp/spamassassin-toaster-root/etc/mail/spamassassin/v310.pre + install -m 0644 /usr/src/redhat/SOURCES/qmailtoaster.local.cf.bz2 /var/tmp/spamassassin-toaster-root/etc/mail/spamassassin/local.cf.bz2 install: cannot create regular file `/var/tmp/spamassassin-toaster-root/etc/mail/spamassassin/local.cf.bz2': No such file or directory error: Bad exit status from /var/tmp/rpm-tmp.47733 (%install) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.47733 (%install) Probably something really simple..but hey! Also, I inadvertently got QTP to create a qtp sandbox - how can I get rid of that? Cheers, James -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Issue upgrading Spamassassin
Marco Cordeiro wrote: All , I tried update spamassassin at Centos 4.2 using qtp-newmodel And I get this message : Installing spamassassin-toaster-3.2.5-1.3.14 in the sandbox ... error: Failed dependencies: perl(HTTP::Date) is needed by spamassassin-toaster-3.2.5-1.3.14.i686 perl(LWP::UserAgent) is needed by spamassassin-toaster-3.2.5-1.3.14.i686 but , this perl modules are up to date ! any idea ??? It's in the archives. You have to install the perl modules via a RPM repo - the spamassassin RPM file does not check the see if the files are installed (via CPAN), it only looks to see if the RPMs for them are installed. That was coded by the Spamassassin people. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Authentication to bypass spam checks
To answer #1, spamdyke will definitely use Spamhaus' DNS RBLs. The default configuration of spamdyke (as installed by QTP) does not include Spamhaus, however. If you are using spamdyke version 3.1.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: check-dnsrbl=zen.spamhaus.org If you are using spamdyke version 4.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: dns-blacklist-entry=zen.spamhaus.org To add multiple DNS RBLs, simply repeat the line with different values. -- Sam Clippinger Anil Aliyan wrote: pretty smart question John, I also would like to hear the answer for it from the experts. - Original Message - From: Tek Support [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, August 08, 2008 8:37 AM Subject: Re: [qmailtoaster] Authentication to bypass spam checks Hi all, I have a few question. Before I learned of this port 587, my only option was to disable spamhaus. And all I did to disable it was to remove it from my /var/qmail/control/blacklists file. So, the other day I needed some addition reporting and I remembered the toaster plus, so I downloaded the Repo and ran the yum install for it. I then also decided to run the spamdyke filter. So, now that I've realized that port 587 is available for my users to send on, I went back to add the spamhaus. However, it's no longer in the /var/qmail/supervise/smtp/run file. It would appear that spamdyke has removed it. So I have 2 questions: 1) Are spamdyke and spamhaus compatible? Why would or why does spamdyke remove blacklist from the run file. Here are the before and after. ---Begin--- ---End--- 2) Since I've just found out that port 587 is available, and 587 does not run spamhaus the dynamic ip checker, then what is keeping a spammer from trying to use this 587? I mean I'm a little confused. If my port 25 won't allow any non-authenticated users to send smtp (presuming it's not an open relay), then why would I even need port 587? I understand the need to have 587 if I'm using spamhaus on port 25, and 25 is now blocked to my dynamic users (workers from home). So it seems a bit unnecessary to have both ports. And why couldn't a spammer start sending spam to my users on 587 - if it even works that way, which I'm not sure yet if it can? Qmailtoaster is a pretty popular thing, so someone, somewhere would certainly try port 587 in order to get around spamhaus wouldn't they? Thanks for your time on this, I'm not trying to be difficult, only trying to understand how and why. Thanks John - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] Issue upgrading Spamassassin
I'm using perl repository already ... yum upgrade perl* Loading fastestmirror plugin Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: centos.oi.com.br * updates: centos.oi.com.br * addons: centos.oi.com.br * extras: centos.oi.com.br Setting up Upgrade Process Could not find update match for perl* No Packages marked for Update All perl packages are up to date using repository Marco. -Original Message- From: Jake Vickers [mailto:[EMAIL PROTECTED] Sent: Friday, August 08, 2008 11:08 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Issue upgrading Spamassassin Marco Cordeiro wrote: All , I tried update spamassassin at Centos 4.2 using qtp-newmodel And I get this message : Installing spamassassin-toaster-3.2.5-1.3.14 in the sandbox ... error: Failed dependencies: perl(HTTP::Date) is needed by spamassassin-toaster-3.2.5-1.3.14.i686 perl(LWP::UserAgent) is needed by spamassassin-toaster-3.2.5-1.3.14.i686 but , this perl modules are up to date ! any idea ??? It's in the archives. You have to install the perl modules via a RPM repo - the spamassassin RPM file does not check the see if the files are installed (via CPAN), it only looks to see if the RPMs for them are installed. That was coded by the Spamassassin people. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Issue upgrading Spamassassin
Marco Cordeiro wrote: I'm using perl repository already ... yum upgrade perl* Loading fastestmirror plugin Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: centos.oi.com.br * updates: centos.oi.com.br * addons: centos.oi.com.br * extras: centos.oi.com.br Setting up Upgrade Process Could not find update match for perl* No Packages marked for Update All perl packages are up to date using repository What does rpm -qa | grep perl- show? (I'm on my way out, so I'll check back later) - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] Issue upgrading Spamassassin
Jake, You're right, I don't have perl-HTTP-Date and perl-LWP-UserAgent installed from repo ;-( And worse I can't find this packages using yum list ! How can I get this packages for centos5 ?? Tks, Marco. rpm -qa | grep perl- perl-Digest-HMAC-1.01-15 perl-HTML-Tagset-3.20-1.el5.rf perl-PlRPC-0.2020-1.el5.rf perl-Sys-Hostname-Long-1.4-1.2.el5.rf perl-IO-Zlib-1.09-1.el5.rf perl-5.8.8-10.el5_2.3 perl-IO-Compress-Zlib-2.011-1.el5.rf perl-String-CRC32-1.4-2.fc6 perl-Net-IP-1.25-2.fc6 perl-Digest-SHA1-2.11-1.2.1 perl-Socket6-0.20-1.el5.rf perl-Net-Daemon-0.43-1.el5.rf perl-Crypt-PasswdMD5-1.3-1.2.el5.rf perl-Net-CIDR-Lite-0.20-1.2.el5.rf perl-Crypt-OpenSSL-RSA-0.25-1.el5.rf perl-TimeDate-1.16-5.el5 perl-LWP-UserAgent-Determined-1.03-1.2.el5.rf perl-Compress-Raw-Zlib-2.011-1.el5.rf perl-Compress-Zlib-2.011-1.el5.rf perl-IO-Socket-INET6-2.54-1.el5.rf perl-Archive-Tar-1.38-1.el5.rf perl-Mail-DomainKeys-1.0-1.el5.rf perl-DBI-1.605-1.el5.rf perl-DBD-MySQL-3.0007-1.fc6 perl-HTML-Parser-3.56-1.el5.rf perl-Net-DNS-0.63-1.el5.rf perl-URI-1.35-3 perl-Mail-SPF-Query-1.999.1-2.el5.rf perl-MailTools-2.03-1.el5.rf perl-libwww-perl-5.805-1.1.1 perl-IO-Compress-Base-2.011-1.el5.rf -Original Message- From: Jake Vickers [mailto:[EMAIL PROTECTED] Sent: Friday, August 08, 2008 11:20 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Issue upgrading Spamassassin Marco Cordeiro wrote: I'm using perl repository already ... yum upgrade perl* Loading fastestmirror plugin Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: centos.oi.com.br * updates: centos.oi.com.br * addons: centos.oi.com.br * extras: centos.oi.com.br Setting up Upgrade Process Could not find update match for perl* No Packages marked for Update All perl packages are up to date using repository What does rpm -qa | grep perl- show? (I'm on my way out, so I'll check back later) - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
FW: [qmailtoaster] Issue upgrading Spamassassin
Jake, You're right, I don't have perl-HTTP-Date and perl-LWP-UserAgent installed from repo ;-( And worse I can't find this packages using yum list ! How can I get this packages for centos5 ?? Tks, Marco. rpm -qa | grep perl- perl-Digest-HMAC-1.01-15 perl-HTML-Tagset-3.20-1.el5.rf perl-PlRPC-0.2020-1.el5.rf perl-Sys-Hostname-Long-1.4-1.2.el5.rf perl-IO-Zlib-1.09-1.el5.rf perl-5.8.8-10.el5_2.3 perl-IO-Compress-Zlib-2.011-1.el5.rf perl-String-CRC32-1.4-2.fc6 perl-Net-IP-1.25-2.fc6 perl-Digest-SHA1-2.11-1.2.1 perl-Socket6-0.20-1.el5.rf perl-Net-Daemon-0.43-1.el5.rf perl-Crypt-PasswdMD5-1.3-1.2.el5.rf perl-Net-CIDR-Lite-0.20-1.2.el5.rf perl-Crypt-OpenSSL-RSA-0.25-1.el5.rf perl-TimeDate-1.16-5.el5 perl-LWP-UserAgent-Determined-1.03-1.2.el5.rf perl-Compress-Raw-Zlib-2.011-1.el5.rf perl-Compress-Zlib-2.011-1.el5.rf perl-IO-Socket-INET6-2.54-1.el5.rf perl-Archive-Tar-1.38-1.el5.rf perl-Mail-DomainKeys-1.0-1.el5.rf perl-DBI-1.605-1.el5.rf perl-DBD-MySQL-3.0007-1.fc6 perl-HTML-Parser-3.56-1.el5.rf perl-Net-DNS-0.63-1.el5.rf perl-URI-1.35-3 perl-Mail-SPF-Query-1.999.1-2.el5.rf perl-MailTools-2.03-1.el5.rf perl-libwww-perl-5.805-1.1.1 perl-IO-Compress-Base-2.011-1.el5.rf -Original Message- From: Jake Vickers [mailto:[EMAIL PROTECTED] Sent: Friday, August 08, 2008 11:20 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Issue upgrading Spamassassin Marco Cordeiro wrote: I'm using perl repository already ... yum upgrade perl* Loading fastestmirror plugin Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: centos.oi.com.br * updates: centos.oi.com.br * addons: centos.oi.com.br * extras: centos.oi.com.br Setting up Upgrade Process Could not find update match for perl* No Packages marked for Update All perl packages are up to date using repository What does rpm -qa | grep perl- show? (I'm on my way out, so I'll check back later) - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] relaying in Centos5
Your public IP address has apparently been blacklisted at spamhaus. Dynamic addresses would be listed there too. You can either use port 587 (which doesn't check RBLs but does require authentication), or install spamdyke. Spamdyke bypasses RBL checking for authenticated users. I highly recommend spamdyke. It does a terrific job blocking spam before the message is even sent, which saves on bandwidth and scanning resources. Gaby Kule wrote: Hi all, I increassed (more) the smtp softlimit from 85000... to 185000... I think that was the problem. Apparently It could not load the vckpw process dinamically but no message was logged. Now I have a new error (error 554 from spanhaus). (DENIED_RBL_MATCH) I´ll check this. best regards Gabriel - Original Message - From: Gaby Kule [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, August 07, 2008 7:11 PM Subject: Re: [qmailtoaster] relaying in Centos5 Thanks Eric, I have a static IP, If I add my public static IP into the /etc/tcprules.d/tcp.smtp it works fine, but I need it for sending emails from dimamic IPs, for all the users hosted in my server. I dont understand why must be 587 port opened. I know it is closed cause the firewall is not administered by me (I have a hardware firewall in that server), but must I request this port to be opened to the administrator ? why ? Is there other usefull test that ou recommend? regards Gabriel - Original Message - From: Eric Shubert [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Thursday, August 07, 2008 4:53 PM Subject: Re: [qmailtoaster] relaying in Centos5 Gaby Kule wrote: Hi all, I installed las week latest versions of qmt + spamdyke on Centos5 updated, x86_64, My problem is than I can not send outgoing emails from this server, I get 5.5.3 error. I can do pop3 login, I can send email from localhost (squirredmail) I can telnet from localhost and smtp auth looks good. telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 Welcome to Bob Esponja ESMTP ESMTP ehlo localhost 250-Welcome to Bob Esponja ESMTP 250-STARTTLS 250-PIPELINING 250-8BITMIME 250-SIZE 20971520 250 AUTH LOGIN PLAIN CRAM-MD5 quit 221 Welcome to Bob Esponja ESMTP Connection closed by foreign host. If I telnet from other host, it opens connection but does not prints welcome message. It prints: telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 ** This is my /etc/tcprules.d/tcp.smtp 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/var/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 This is my tail /var/log/qmail/smtp/current @4000489b41282bec2dc4 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote GabyK:unknown:xxx.xxx.xxx.xxx rcpt : sender accepted @4000489b412a281c97c4 CHKUSER rejected relaying: from [EMAIL PROTECTED]:: remote GabyK:unknown:xxx.xxx.xxx.xxx rcpt [EMAIL PROTECTED] : client not allowed to relay @4000489b412b2b1e816c tcpserver: end 26060 status 0 @4000489b412b2b1e8554 tcpserver: status: 0/100 I have another server with an older version working on Centos4 and this works good. I dont know what else to check. Do you have some ideas ? best regards Gabriel Are you trying to send from a dynamic IP address? That would most likely be blocked. Try sending on port 587. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Authentication to bypass spam checks
Sam Clippinger wrote: To answer #1, spamdyke will definitely use Spamhaus' DNS RBLs. The default configuration of spamdyke (as installed by QTP) does not include Spamhaus, however. I beg your pardon. ;) Here are the default RBLs as installed by QTP: check-dnsrbl=zen.spamhaus.org check-dnsrbl=bl.spamcop.net check-dnsrbl=list.dsbl.org If you are using spamdyke version 3.1.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: check-dnsrbl=zen.spamhaus.org If you are using spamdyke version 4.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: dns-blacklist-entry=zen.spamhaus.org To add multiple DNS RBLs, simply repeat the line with different values. -- Sam Clippinger QTP only installs/upgrades spamdyke 3.1.x at this time. I hope to add 4.x capability soon. It'll likely be a couple weeks before I get to it though. Anil Aliyan wrote: pretty smart question John, I also would like to hear the answer for it from the experts. - Original Message - From: Tek Support [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, August 08, 2008 8:37 AM Subject: Re: [qmailtoaster] Authentication to bypass spam checks Hi all, I have a few question. Before I learned of this port 587, my only option was to disable spamhaus. And all I did to disable it was to remove it from my /var/qmail/control/blacklists file. So, the other day I needed some addition reporting and I remembered the toaster plus, so I downloaded the Repo and ran the yum install for it. I then also decided to run the spamdyke filter. So, now that I've realized that port 587 is available for my users to send on, I went back to add the spamhaus. However, it's no longer in the /var/qmail/supervise/smtp/run file. It would appear that spamdyke has removed it. So I have 2 questions: 1) Are spamdyke and spamhaus compatible? Why would or why does spamdyke remove blacklist from the run file. Here are the before and after. ---Begin--- ---End--- 2) Since I've just found out that port 587 is available, and 587 does not run spamhaus the dynamic ip checker, then what is keeping a spammer from trying to use this 587? I mean I'm a little confused. If my port 25 won't allow any non-authenticated users to send smtp (presuming it's not an open relay), then why would I even need port 587? I understand the need to have 587 if I'm using spamhaus on port 25, and 25 is now blocked to my dynamic users (workers from home). So it seems a bit unnecessary to have both ports. And why couldn't a spammer start sending spam to my users on 587 - if it even works that way, which I'm not sure yet if it can? Qmailtoaster is a pretty popular thing, so someone, somewhere would certainly try port 587 in order to get around spamhaus wouldn't they? Thanks for your time on this, I'm not trying to be difficult, only trying to understand how and why. Thanks John -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Issue upgrading Spamassassin
I might suggest that you search the list archives, but I'll save you the effort if you promise to update the wiki faqs with this one. ;) It seems to come up quite a bit lately. Simply follow the directions http://dag.wieers.com/rpm/FAQ.php#B2 for your distro, then you'll be able to use yum to install/upgrade them. Marco Cordeiro wrote: Jake, You're right, I don't have perl-HTTP-Date and perl-LWP-UserAgent installed from repo ;-( And worse I can't find this packages using yum list ! How can I get this packages for centos5 ?? Tks, Marco. rpm -qa | grep perl- perl-Digest-HMAC-1.01-15 perl-HTML-Tagset-3.20-1.el5.rf perl-PlRPC-0.2020-1.el5.rf perl-Sys-Hostname-Long-1.4-1.2.el5.rf perl-IO-Zlib-1.09-1.el5.rf perl-5.8.8-10.el5_2.3 perl-IO-Compress-Zlib-2.011-1.el5.rf perl-String-CRC32-1.4-2.fc6 perl-Net-IP-1.25-2.fc6 perl-Digest-SHA1-2.11-1.2.1 perl-Socket6-0.20-1.el5.rf perl-Net-Daemon-0.43-1.el5.rf perl-Crypt-PasswdMD5-1.3-1.2.el5.rf perl-Net-CIDR-Lite-0.20-1.2.el5.rf perl-Crypt-OpenSSL-RSA-0.25-1.el5.rf perl-TimeDate-1.16-5.el5 perl-LWP-UserAgent-Determined-1.03-1.2.el5.rf perl-Compress-Raw-Zlib-2.011-1.el5.rf perl-Compress-Zlib-2.011-1.el5.rf perl-IO-Socket-INET6-2.54-1.el5.rf perl-Archive-Tar-1.38-1.el5.rf perl-Mail-DomainKeys-1.0-1.el5.rf perl-DBI-1.605-1.el5.rf perl-DBD-MySQL-3.0007-1.fc6 perl-HTML-Parser-3.56-1.el5.rf perl-Net-DNS-0.63-1.el5.rf perl-URI-1.35-3 perl-Mail-SPF-Query-1.999.1-2.el5.rf perl-MailTools-2.03-1.el5.rf perl-libwww-perl-5.805-1.1.1 perl-IO-Compress-Base-2.011-1.el5.rf -Original Message- From: Jake Vickers [mailto:[EMAIL PROTECTED] Sent: Friday, August 08, 2008 11:20 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Issue upgrading Spamassassin Marco Cordeiro wrote: I'm using perl repository already ... yum upgrade perl* Loading fastestmirror plugin Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: centos.oi.com.br * updates: centos.oi.com.br * addons: centos.oi.com.br * extras: centos.oi.com.br Setting up Upgrade Process Could not find update match for perl* No Packages marked for Update All perl packages are up to date using repository What does rpm -qa | grep perl- show? (I'm on my way out, so I'll check back later) -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Issue upgrading Spamassassin
Marco, have you tried to use cpan ? maybe it resolve your problem Cheers Thiago Marco Cordeiro escreveu: Jake, You're right, I don't have perl-HTTP-Date and perl-LWP-UserAgent installed from repo ;-( And worse I can't find this packages using yum list ! How can I get this packages for centos5 ?? Tks, Marco. rpm -qa | grep perl- perl-Digest-HMAC-1.01-15 perl-HTML-Tagset-3.20-1.el5.rf perl-PlRPC-0.2020-1.el5.rf perl-Sys-Hostname-Long-1.4-1.2.el5.rf perl-IO-Zlib-1.09-1.el5.rf perl-5.8.8-10.el5_2.3 perl-IO-Compress-Zlib-2.011-1.el5.rf perl-String-CRC32-1.4-2.fc6 perl-Net-IP-1.25-2.fc6 perl-Digest-SHA1-2.11-1.2.1 perl-Socket6-0.20-1.el5.rf perl-Net-Daemon-0.43-1.el5.rf perl-Crypt-PasswdMD5-1.3-1.2.el5.rf perl-Net-CIDR-Lite-0.20-1.2.el5.rf perl-Crypt-OpenSSL-RSA-0.25-1.el5.rf perl-TimeDate-1.16-5.el5 perl-LWP-UserAgent-Determined-1.03-1.2.el5.rf perl-Compress-Raw-Zlib-2.011-1.el5.rf perl-Compress-Zlib-2.011-1.el5.rf perl-IO-Socket-INET6-2.54-1.el5.rf perl-Archive-Tar-1.38-1.el5.rf perl-Mail-DomainKeys-1.0-1.el5.rf perl-DBI-1.605-1.el5.rf perl-DBD-MySQL-3.0007-1.fc6 perl-HTML-Parser-3.56-1.el5.rf perl-Net-DNS-0.63-1.el5.rf perl-URI-1.35-3 perl-Mail-SPF-Query-1.999.1-2.el5.rf perl-MailTools-2.03-1.el5.rf perl-libwww-perl-5.805-1.1.1 perl-IO-Compress-Base-2.011-1.el5.rf -Original Message- From: Jake Vickers [mailto:[EMAIL PROTECTED]] Sent: Friday, August 08, 2008 11:20 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Issue upgrading Spamassassin Marco Cordeiro wrote: I'm using perl repository already ... yum upgrade perl* Loading "fastestmirror" plugin Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: centos.oi.com.br * updates: centos.oi.com.br * addons: centos.oi.com.br * extras: centos.oi.com.br Setting up Upgrade Process Could not find update match for perl* No Packages marked for Update All perl packages are up to date using repository What does "rpm -qa | grep perl-" show? (I'm on my way out, so I'll check back later) - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Issue upgrading Spamassassin
No, cpan is part of the problem, not the solution. When packages are updated with cpan, rpm doesn't see them. That's the problem. These packages are specified (rightly so) as dependencies, and rpm doesn't know that they're installed when cpan installs them. Thiago - TI - Realeza wrote: Marco, have you tried to use cpan ? maybe it resolve your problem Cheers Thiago Marco Cordeiro escreveu: Jake, You're right, I don't have perl-HTTP-Date and perl-LWP-UserAgent installed from repo ;-( And worse I can't find this packages using yum list ! How can I get this packages for centos5 ?? Tks, Marco. rpm -qa | grep perl- perl-Digest-HMAC-1.01-15 perl-HTML-Tagset-3.20-1.el5.rf perl-PlRPC-0.2020-1.el5.rf perl-Sys-Hostname-Long-1.4-1.2.el5.rf perl-IO-Zlib-1.09-1.el5.rf perl-5.8.8-10.el5_2.3 perl-IO-Compress-Zlib-2.011-1.el5.rf perl-String-CRC32-1.4-2.fc6 perl-Net-IP-1.25-2.fc6 perl-Digest-SHA1-2.11-1.2.1 perl-Socket6-0.20-1.el5.rf perl-Net-Daemon-0.43-1.el5.rf perl-Crypt-PasswdMD5-1.3-1.2.el5.rf perl-Net-CIDR-Lite-0.20-1.2.el5.rf perl-Crypt-OpenSSL-RSA-0.25-1.el5.rf perl-TimeDate-1.16-5.el5 perl-LWP-UserAgent-Determined-1.03-1.2.el5.rf perl-Compress-Raw-Zlib-2.011-1.el5.rf perl-Compress-Zlib-2.011-1.el5.rf perl-IO-Socket-INET6-2.54-1.el5.rf perl-Archive-Tar-1.38-1.el5.rf perl-Mail-DomainKeys-1.0-1.el5.rf perl-DBI-1.605-1.el5.rf perl-DBD-MySQL-3.0007-1.fc6 perl-HTML-Parser-3.56-1.el5.rf perl-Net-DNS-0.63-1.el5.rf perl-URI-1.35-3 perl-Mail-SPF-Query-1.999.1-2.el5.rf perl-MailTools-2.03-1.el5.rf perl-libwww-perl-5.805-1.1.1 perl-IO-Compress-Base-2.011-1.el5.rf -Original Message- From: Jake Vickers [mailto:[EMAIL PROTECTED] Sent: Friday, August 08, 2008 11:20 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Issue upgrading Spamassassin Marco Cordeiro wrote: I'm using perl repository already ... yum upgrade perl* Loading fastestmirror plugin Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: centos.oi.com.br * updates: centos.oi.com.br * addons: centos.oi.com.br * extras: centos.oi.com.br Setting up Upgrade Process Could not find update match for perl* No Packages marked for Update All perl packages are up to date using repository What does rpm -qa | grep perl- show? (I'm on my way out, so I'll check back later) -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Authentication to bypass spam checks
So if I understand correctly, spamdyke can use spamhaus, and I do see it in my /etc/spamdyke/spamdyke.conf file (uncommented). Which means I don't need the BLACKLIST= in my run file, is this correct? And if I might ask a followup question, it was said in another post that spamdyke allows authenticated users in past spamhaus. Ok, but if spamdyke allows authenticated users in, while using spamhaus, then why do I need port 587? And just out of curiosity, if spamdyke is a more versitile product, allowing my dynamic users to authenticate and send mail on port 25 while also using spamhaus dynamic blocking, why isn't spamdyke installed by default? Thanks John On Fri, Aug 8, 2008 at 10:02 AM, Eric Shubert [EMAIL PROTECTED] wrote: Sam Clippinger wrote: To answer #1, spamdyke will definitely use Spamhaus' DNS RBLs. The default configuration of spamdyke (as installed by QTP) does not include Spamhaus, however. I beg your pardon. ;) Here are the default RBLs as installed by QTP: check-dnsrbl=zen.spamhaus.org check-dnsrbl=bl.spamcop.net check-dnsrbl=list.dsbl.org If you are using spamdyke version 3.1.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: check-dnsrbl=zen.spamhaus.org If you are using spamdyke version 4.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: dns-blacklist-entry=zen.spamhaus.org To add multiple DNS RBLs, simply repeat the line with different values. -- Sam Clippinger QTP only installs/upgrades spamdyke 3.1.x at this time. I hope to add 4.x capability soon. It'll likely be a couple weeks before I get to it though. Anil Aliyan wrote: pretty smart question John, I also would like to hear the answer for it from the experts. - Original Message - From: Tek Support [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, August 08, 2008 8:37 AM Subject: Re: [qmailtoaster] Authentication to bypass spam checks Hi all, I have a few question. Before I learned of this port 587, my only option was to disable spamhaus. And all I did to disable it was to remove it from my /var/qmail/control/blacklists file. So, the other day I needed some addition reporting and I remembered the toaster plus, so I downloaded the Repo and ran the yum install for it. I then also decided to run the spamdyke filter. So, now that I've realized that port 587 is available for my users to send on, I went back to add the spamhaus. However, it's no longer in the /var/qmail/supervise/smtp/run file. It would appear that spamdyke has removed it. So I have 2 questions: 1) Are spamdyke and spamhaus compatible? Why would or why does spamdyke remove blacklist from the run file. Here are the before and after. ---Begin--- ---End--- 2) Since I've just found out that port 587 is available, and 587 does not run spamhaus the dynamic ip checker, then what is keeping a spammer from trying to use this 587? I mean I'm a little confused. If my port 25 won't allow any non-authenticated users to send smtp (presuming it's not an open relay), then why would I even need port 587? I understand the need to have 587 if I'm using spamhaus on port 25, and 25 is now blocked to my dynamic users (workers from home). So it seems a bit unnecessary to have both ports. And why couldn't a spammer start sending spam to my users on 587 - if it even works that way, which I'm not sure yet if it can? Qmailtoaster is a pretty popular thing, so someone, somewhere would certainly try port 587 in order to get around spamhaus wouldn't they? Thanks for your time on this, I'm not trying to be difficult, only trying to understand how and why. Thanks John -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Issue upgrading Spamassassin
hmm Eric... good to know that. thanks man! Thiago Eric Shubert escreveu: No, cpan is part of the problem, not the solution. When packages are updated with cpan, rpm doesn't see them. That's the problem. These packages are specified (rightly so) as dependencies, and rpm doesn't know that they're installed when cpan installs them. Thiago - TI - Realeza wrote: Marco, have you tried to use cpan ? maybe it resolve your problem Cheers Thiago Marco Cordeiro escreveu: Jake, You're right, I don't have perl-HTTP-Date and perl-LWP-UserAgent installed from repo ;-( And worse I can't find this packages using yum list ! How can I get this packages for centos5 ?? Tks, Marco. rpm -qa | grep perl- perl-Digest-HMAC-1.01-15 perl-HTML-Tagset-3.20-1.el5.rf perl-PlRPC-0.2020-1.el5.rf perl-Sys-Hostname-Long-1.4-1.2.el5.rf perl-IO-Zlib-1.09-1.el5.rf perl-5.8.8-10.el5_2.3 perl-IO-Compress-Zlib-2.011-1.el5.rf perl-String-CRC32-1.4-2.fc6 perl-Net-IP-1.25-2.fc6 perl-Digest-SHA1-2.11-1.2.1 perl-Socket6-0.20-1.el5.rf perl-Net-Daemon-0.43-1.el5.rf perl-Crypt-PasswdMD5-1.3-1.2.el5.rf perl-Net-CIDR-Lite-0.20-1.2.el5.rf perl-Crypt-OpenSSL-RSA-0.25-1.el5.rf perl-TimeDate-1.16-5.el5 perl-LWP-UserAgent-Determined-1.03-1.2.el5.rf perl-Compress-Raw-Zlib-2.011-1.el5.rf perl-Compress-Zlib-2.011-1.el5.rf perl-IO-Socket-INET6-2.54-1.el5.rf perl-Archive-Tar-1.38-1.el5.rf perl-Mail-DomainKeys-1.0-1.el5.rf perl-DBI-1.605-1.el5.rf perl-DBD-MySQL-3.0007-1.fc6 perl-HTML-Parser-3.56-1.el5.rf perl-Net-DNS-0.63-1.el5.rf perl-URI-1.35-3 perl-Mail-SPF-Query-1.999.1-2.el5.rf perl-MailTools-2.03-1.el5.rf perl-libwww-perl-5.805-1.1.1 perl-IO-Compress-Base-2.011-1.el5.rf -Original Message- From: Jake Vickers [mailto:[EMAIL PROTECTED]] Sent: Friday, August 08, 2008 11:20 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Issue upgrading Spamassassin Marco Cordeiro wrote: I'm using perl repository already ... yum upgrade perl* Loading "fastestmirror" plugin Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: centos.oi.com.br * updates: centos.oi.com.br * addons: centos.oi.com.br * extras: centos.oi.com.br Setting up Upgrade Process Could not find update match for perl* No Packages marked for Update All perl packages are up to date using repository What does "rpm -qa | grep perl-" show? (I'm on my way out, so I'll check back later) - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Authentication to bypass spam checks
Tek Support wrote: So if I understand correctly, spamdyke can use spamhaus, and I do see it in my /etc/spamdyke/spamdyke.conf file (uncommented). Which means I don't need the BLACKLIST= in my run file, is this correct? Yes. Spamdyke does everything that rblsmtpd used to do (and a lot more). And if I might ask a followup question, it was said in another post that spamdyke allows authenticated users in past spamhaus. Ok, but if spamdyke allows authenticated users in, while using spamhaus, then why do I need port 587? You don't need port 587 if you're using spamdyke. You do need port 587 if you're not using spamdyke. And just out of curiosity, if spamdyke is a more versitile product, allowing my dynamic users to authenticate and send mail on port 25 while also using spamhaus dynamic blocking, why isn't spamdyke installed by default? spamdyke is fairly new to the toaster. I expect that it will become part of the stock toaster at some point, but that's up to Erik Espinoza, who is the toaster maintainer. Thanks John On Fri, Aug 8, 2008 at 10:02 AM, Eric Shubert [EMAIL PROTECTED] wrote: Sam Clippinger wrote: To answer #1, spamdyke will definitely use Spamhaus' DNS RBLs. The default configuration of spamdyke (as installed by QTP) does not include Spamhaus, however. I beg your pardon. ;) Here are the default RBLs as installed by QTP: check-dnsrbl=zen.spamhaus.org check-dnsrbl=bl.spamcop.net check-dnsrbl=list.dsbl.org If you are using spamdyke version 3.1.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: check-dnsrbl=zen.spamhaus.org If you are using spamdyke version 4.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: dns-blacklist-entry=zen.spamhaus.org To add multiple DNS RBLs, simply repeat the line with different values. -- Sam Clippinger QTP only installs/upgrades spamdyke 3.1.x at this time. I hope to add 4.x capability soon. It'll likely be a couple weeks before I get to it though. Anil Aliyan wrote: pretty smart question John, I also would like to hear the answer for it from the experts. - Original Message - From: Tek Support [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, August 08, 2008 8:37 AM Subject: Re: [qmailtoaster] Authentication to bypass spam checks Hi all, I have a few question. Before I learned of this port 587, my only option was to disable spamhaus. And all I did to disable it was to remove it from my /var/qmail/control/blacklists file. So, the other day I needed some addition reporting and I remembered the toaster plus, so I downloaded the Repo and ran the yum install for it. I then also decided to run the spamdyke filter. So, now that I've realized that port 587 is available for my users to send on, I went back to add the spamhaus. However, it's no longer in the /var/qmail/supervise/smtp/run file. It would appear that spamdyke has removed it. So I have 2 questions: 1) Are spamdyke and spamhaus compatible? Why would or why does spamdyke remove blacklist from the run file. Here are the before and after. ---Begin--- ---End--- 2) Since I've just found out that port 587 is available, and 587 does not run spamhaus the dynamic ip checker, then what is keeping a spammer from trying to use this 587? I mean I'm a little confused. If my port 25 won't allow any non-authenticated users to send smtp (presuming it's not an open relay), then why would I even need port 587? I understand the need to have 587 if I'm using spamhaus on port 25, and 25 is now blocked to my dynamic users (workers from home). So it seems a bit unnecessary to have both ports. And why couldn't a spammer start sending spam to my users on 587 - if it even works that way, which I'm not sure yet if it can? Qmailtoaster is a pretty popular thing, so someone, somewhere would certainly try port 587 in order to get around spamhaus wouldn't they? Thanks for your time on this, I'm not trying to be difficult, only trying to understand how and why. Thanks John -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL
Re: [qmailtoaster] Authentication to bypass spam checks
Thanks Eric, I realize I don't need 587 at all with spamdyke, I was trying to ask if I needed 587 if spamdyke was using spamhaus. Since spamhaus used by itself was causing rejections to my at home dynamic users it seemed strange that spamhaus was blocking my dynamic users but it was not blocking them when run with spamdyke. Since I don't fully understand the internals, I was asking about that specifically so I don't screw up my at home users. And I believe it is true, that if I have dynamic IP users, and I'm using spamhaus by itself, then I do require port 587. Isn't that true? And again if I have dynamic IP users, and I'm using spamdyke which includes spamhaus, then I don't need to use 587. Is that right? Thanks again, I'm just trying to be clear. John On Fri, Aug 8, 2008 at 1:33 PM, Eric Shubert [EMAIL PROTECTED] wrote: Tek Support wrote: So if I understand correctly, spamdyke can use spamhaus, and I do see it in my /etc/spamdyke/spamdyke.conf file (uncommented). Which means I don't need the BLACKLIST= in my run file, is this correct? Yes. Spamdyke does everything that rblsmtpd used to do (and a lot more). And if I might ask a followup question, it was said in another post that spamdyke allows authenticated users in past spamhaus. Ok, but if spamdyke allows authenticated users in, while using spamhaus, then why do I need port 587? You don't need port 587 if you're using spamdyke. You do need port 587 if you're not using spamdyke. And just out of curiosity, if spamdyke is a more versitile product, allowing my dynamic users to authenticate and send mail on port 25 while also using spamhaus dynamic blocking, why isn't spamdyke installed by default? spamdyke is fairly new to the toaster. I expect that it will become part of the stock toaster at some point, but that's up to Erik Espinoza, who is the toaster maintainer. Thanks John On Fri, Aug 8, 2008 at 10:02 AM, Eric Shubert [EMAIL PROTECTED] wrote: Sam Clippinger wrote: To answer #1, spamdyke will definitely use Spamhaus' DNS RBLs. The default configuration of spamdyke (as installed by QTP) does not include Spamhaus, however. I beg your pardon. ;) Here are the default RBLs as installed by QTP: check-dnsrbl=zen.spamhaus.org check-dnsrbl=bl.spamcop.net check-dnsrbl=list.dsbl.org If you are using spamdyke version 3.1.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: check-dnsrbl=zen.spamhaus.org If you are using spamdyke version 4.x, edit the configuration file /etc/spamdyke/spamdyke.conf and add the following line: dns-blacklist-entry=zen.spamhaus.org To add multiple DNS RBLs, simply repeat the line with different values. -- Sam Clippinger QTP only installs/upgrades spamdyke 3.1.x at this time. I hope to add 4.x capability soon. It'll likely be a couple weeks before I get to it though. Anil Aliyan wrote: pretty smart question John, I also would like to hear the answer for it from the experts. - Original Message - From: Tek Support [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, August 08, 2008 8:37 AM Subject: Re: [qmailtoaster] Authentication to bypass spam checks Hi all, I have a few question. Before I learned of this port 587, my only option was to disable spamhaus. And all I did to disable it was to remove it from my /var/qmail/control/blacklists file. So, the other day I needed some addition reporting and I remembered the toaster plus, so I downloaded the Repo and ran the yum install for it. I then also decided to run the spamdyke filter. So, now that I've realized that port 587 is available for my users to send on, I went back to add the spamhaus. However, it's no longer in the /var/qmail/supervise/smtp/run file. It would appear that spamdyke has removed it. So I have 2 questions: 1) Are spamdyke and spamhaus compatible? Why would or why does spamdyke remove blacklist from the run file. Here are the before and after. ---Begin--- ---End--- 2) Since I've just found out that port 587 is available, and 587 does not run spamhaus the dynamic ip checker, then what is keeping a spammer from trying to use this 587? I mean I'm a little confused. If my port 25 won't allow any non-authenticated users to send smtp (presuming it's not an open relay), then why would I even need port 587? I understand the need to have 587 if I'm using spamhaus on port 25, and 25 is now blocked to my dynamic users (workers from home). So it seems a bit unnecessary to have both ports. And why couldn't a spammer start sending spam to my users on 587 - if it even works that way, which I'm not sure yet if it can? Qmailtoaster is a pretty popular thing, so someone, somewhere would certainly try port 587 in order to get around spamhaus wouldn't they? Thanks for your time on this, I'm not trying to be difficult, only trying to understand how and why. Thanks John -- -Eric 'shubes'
