Re: [qmailtoaster] Virus problem
W dniu 29.07.2009 22:01, Natalio Gatti pisze: Maybe I didn'y explain myself. The infected user sends spam using my mail server. Maybe your server is hacked. :( You should check logs, directories with write permission for all. There are many dictionary attacks on ports ssh and pop3. Check ssh daemon (if you're hacked you probably have sshd2), try to find strange directories or binaries. There is possibility that someone has weak password and it was guessed by attacker. OSSEC can help you to protect your server, tripwire is good solution to protect your files. -- Pozdrawiam / Regards, Aleksander Podsiad?y
Re: [qmailtoaster] Message not sent
Dear John, Kindly check your /etc/tcprules.d/tcp.smtp and check that CHKUSER setting. if it is possible then paste your /etc/tcprules.d/tcp.smtp contain.. Regards, Ganesh On Thu, Jul 30, 2009 at 1:27 AM, John Hansen jhan...@winonacotter.orgwrote: Hi, I'm starting to do some testing on a new install. I set up a couple of test accounts and when I log into Squirrelmail and try to send an email from one test account to another on the same server in the same domain, I get this response just after hitting the send button. Message not sent. Server replied: Unknown response 571 sorry, sender address has invalid format (#5.7.1 - chkuser) Please advise. Thanks, John -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmail-queue.orig - where can I find it? OR messages from gmail rejected because they can't be signed
Dear Jose, Kinldy let us know now currently what entry is in /etc/tcprules.d/tcp.smtp if it is possible can put this entry to tcp.smtp instead of qmail-queue.orig to QMAILQUEUE=/var/qmail/bin/simscan Kindly correct me if i am wrong. Regards, Ganesh On Thu, Jul 30, 2009 at 5:41 AM, Eric Shubert e...@shubes.net wrote: I think you have the correct file from that rpm. Check your permissions and ownership: -rws--x--x 1 qmailq qmail 24776 Apr 23 10:28 qmail-queue.orig Jose Mario Pires wrote: Hi, Does anyone know where can I find the /var/qmail/bin/qmail-queue.orig ? I erased it by mistake when I wanted to change the qmail-queue link. I am using qmail-toaster-1.03-1.3.15. I was hoping that it was the qmail-queue found in the qmail-toaster-1.03-1.3.15.x86_64.rpm compiled when I installed QMT, but when I use this file, this appears on the logs: qmail-smtpd: qq soft reject (qq trouble creating files in queue (#4.3.0)): MAILFROM:jose.mario.pi...@gmail.com RCPTTO:x...@xpto.comrcptto%3ax...@xpto.com and the message isn't delivered nor any error message is sent to the sender. I guess that I could just reinstall the RPM's (which ones? just the qmail-toaster*'s?), but in my ignorance I fear that it will change any of the configuration files and that would bring worse troubles than the one I am trying to solve. The reason for using qmail-queue.orig is disabling DK, which seems to be causing the rejection of messages coming from gmail. The IT guys from client tell me that it began happening when some idiot in the client decided to put a spam gateway between the QMT server and the router. Using qmail-dk, any message coming from gmail produces this in the smtp log: 2009-07-23 00:20:38.911531500 qmail-smtpd: qq soft reject (mail server temporarily rejected message (#4.3.0)): MAILFROM:x...@gmail.com rcpttox...@xto.com 2009-07-23 00:20:39.059815500 tcpserver: end 12429 status 0 2009-07-23 00:20:39.059825500 tcpserver: status: 0/100 The error message received by the sender is: The original message was received at Thu, 23 Jul 2009 00:07:07 +0100 from mail-fx0-f222.google.com [209.85.220.222] - The following addresses had permanent fatal errors - x...@xpto.com (reason: 554 qmail-dk: Cannot sign message due to invalid message syntax. (#5.3.0)) - Transcript of session follows - ... while talking to [192.168.1.7]: DATA 554 qmail-dk: Cannot sign message due to invalid message syntax. (#5.3.0) 554 5.0.0 Service unavailable Final-Recipient: RFC822; x...@xpto.com Action: failed Status: 5.0.0 Remote-MTA: DNS; [192.168.1.7] Diagnostic-Code: SMTP; 554 qmail-dk: Cannot sign message due to invalid message syntax. (#5.3.0) Last-Attempt-Date: Thu, 23 Jul 2009 00:20:25 +0100 Any input is welcome. Thank you very much. Jose -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Virus problem
Natalio Gatti wrote: Hi List. I'm having an intermitten virus problem. From time to time a user gets infected with a virus/worm that send tons of spam through the server. All users are behind a NAT, so I can't know exactly which user/PC is the source of the problem. How can I minimize this problem? Natalio in my case, I am blocking .zip attachment you can add it on your /var/qmail/control/simcontrol :clam=yes,spam=yes,spam_hits=12,attach=.3gp:.zip if my users and other parties want to exchange .zip file they should use online file transfer (megaupload/rapidshare) - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Virus problem
Maybe I didn'y explain myself. The infected user sends spam using my mail server. Maybe your server is hacked. :( You should check logs, directories with write permission for all. There are many dictionary attacks on ports ssh and pop3. Check ssh daemon (if you're hacked you probably have sshd2), try to find strange directories or binaries. There is possibility that someone has weak password and it was guessed by attacker. OSSEC can help you to protect your server, tripwire is good solution to protect your files. It has happened before (in other server), but this is not the case. Ssh is restricted only to a group of IPs. Smtp connections come from the natted IP.
Re: [qmailtoaster] Message not sent
Ganesh wrote: Dear John, Kindly check your /etc/tcprules.d/tcp.smtp and check that CHKUSER setting. if it is possible then paste your /etc/tcprules.d/tcp.smtp contain.. Regards, Ganesh On Thu, Jul 30, 2009 at 1:27 AM, John Hansen jhan...@winonacotter.orgwrote: Hi, I'm starting to do some testing on a new install. I set up a couple of test accounts and when I log into Squirrelmail and try to send an email from one test account to another on the same server in the same domain, I get this response just after hitting the send button. Message not sent. Server replied: Unknown response 571 sorry, sender address has invalid format (#5.7.1 - chkuser) Please advise. Thanks, John Hi, Contents of /etc/tcprules.d/tcp.smtp This is the default entry for the tcp.smtp file, I haven't changed it from the install only added the extra IP range from my network (10.) I was getting the error before I added the extra IP range. 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 10.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 Thanks, John -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Message not sent
John Hansen wrote: John Hansen wrote: Hi, I'm starting to do some testing on a new install. I set up a couple of test accounts and when I log into Squirrelmail and try to send an email from one test account to another on the same server in the same domain, I get this response just after hitting the send button. Message not sent. Server replied: Unknown response 571 sorry, sender address has invalid format (#5.7.1 - chkuser) Please advise. Thanks, John Eric wrote: If you show us the sender's address that would help. -- -Eric 'shubes' sender: t...@cotterschools.org recipient: test...@cotterschools.org The error message showed up in the senders window, not as an email, but as an error message immediately after hitting the send button. Both are test accounts I set up earlier. DNS is pointing internally. Let me know what else will help. Which client program? You need to use the whole email address as the account name (including @cotterschools.org). Did you do so? -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Message not sent
John Hansen wrote: Ganesh wrote: Dear John, Kindly check your /etc/tcprules.d/tcp.smtp and check that CHKUSER setting. if it is possible then paste your /etc/tcprules.d/tcp.smtp contain.. Regards, Ganesh On Thu, Jul 30, 2009 at 1:27 AM, John Hansen jhan...@winonacotter.orgwrote: Hi, I'm starting to do some testing on a new install. I set up a couple of test accounts and when I log into Squirrelmail and try to send an email from one test account to another on the same server in the same domain, I get this response just after hitting the send button. Message not sent. Server replied: Unknown response 571 sorry, sender address has invalid format (#5.7.1 - chkuser) Please advise. Thanks, John Hi, Contents of /etc/tcprules.d/tcp.smtp This is the default entry for the tcp.smtp file, I haven't changed it from the install only added the extra IP range from my network (10.) I was getting the error before I added the extra IP range. 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 10.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 Thanks, John 1) You shouldn't need to touch this file under most circumstances. You should only add your local network if you have an application that needs to submit messages but cannot authenticate. When this is the case, it's best to use a single IP address, not such a big range. This is a security risk. 2) The way you've specified it, the 2nd line will be true so your 3rd line will never take effect. The :allow... line should always be last. I would go back to the stock settings in this file, then redo cdb again. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Message not sent
John Hansen wrote: Hi, I'm starting to do some testing on a new install. I set up a couple of test accounts and when I log into Squirrelmail and try to send an email from one test account to another on the same server in the same domain, I get this response just after hitting the send button. Message not sent. Server replied: Unknown response 571 sorry, sender address has invalid format (#5.7.1 - chkuser) Please advise. Thanks, John Eric wrote: If you show us the sender's address that would help. -- -Eric 'shubes' sender: t...@cotterschools.org recipient: test...@cotterschools.org The error message showed up in the senders window, not as an email, but as an error message immediately after hitting the send button. Both are test accounts I set up earlier. DNS is pointing internally. Let me know what else will help. Eric wrote: Which client program? You need to use the whole email address as the account name (including @cotterschools.org). Did you do so? -- -Eric 'shubes' Squirrelmail. No, I was only using the user name. When I went back and logged in using the whole email address, it worked. Thanks. -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Message not sent
John Hansen wrote: Ganesh wrote: Dear John, Kindly check your /etc/tcprules.d/tcp.smtp and check that CHKUSER setting. if it is possible then paste your /etc/tcprules.d/tcp.smtp contain.. Regards, Ganesh On Thu, Jul 30, 2009 at 1:27 AM, John Hansen jhan...@winonacotter.orgwrote: Hi, I'm starting to do some testing on a new install. I set up a couple of test accounts and when I log into Squirrelmail and try to send an email from one test account to another on the same server in the same domain, I get this response just after hitting the send button. Message not sent. Server replied: Unknown response 571 sorry, sender address has invalid format (#5.7.1 - chkuser) Please advise. Thanks, John Hi, Contents of /etc/tcprules.d/tcp.smtp This is the default entry for the tcp.smtp file, I haven't changed it from the install only added the extra IP range from my network (10.) I was getting the error before I added the extra IP range. 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 10.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1 Thanks, John Eric wrote: 1) You shouldn't need to touch this file under most circumstances. You should only add your local network if you have an application that needs to submit messages but cannot authenticate. When this is the case, it's best to use a single IP address, not such a big range. This is a security risk. 2) The way you've specified it, the 2nd line will be true so your 3rd line will never take effect. The :allow... line should always be last. I would go back to the stock settings in this file, then redo cdb again. -- -Eric 'shubes' Thanks. I will do that. The settings for 127. are stock settings. I will remove the settings that start with 10., which are the lines I added. John -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Hight Availability
How or what kind of tools i need to configure a QmailToaster for FailOver Thanks Este correo electronico puede conteneder informacion confindencial y protegida legalmente bajo secreto profesional. La informacion esta dirigida solamente a la persona o entidad indicada como destinatario y su acceso por cualquier otra persona no esta autorizado. si ud recibio este mensaje electronico por error, informeselo al remitente y borrelo. Aclaramos que los conceptos y opiniones comprendidos en este correo electronico, deben atribuirse exclusivamente a su auntor y no deben entenderse como necesariamente coincidentes con las de AIMAR, S.A. y en consecuencia, absolutamente ajenos a la responsabilidad de sus directores y ejecutivos. en tanto no hayan participado de su confension y/o emision y quede esta participacion expresamente consignada en el mensaje La divulgacion publica de este correo electronico, como asi su copia, reproduccion total o parcial queda prohibida, dando lugar en caso de inobservancia de estas y todas las acciones legales que pudiesen corresponder.
Re: [qmailtoaster] Hight Availability
Robin W. Sanchez C. wrote: How or what kind of tools i need to configure a QmailToaster for FailOver Thanks There's an article on the wiki. On a commercial side I also offer high-availability and replication services (suitable for ISPs or corporate scenarios). I'll also eventually do a video on some of these types of setups in the future.
[qmailtoaster] Re: Bulk user import script
Halo John, I am replied to qmailtoaster list so everyone can also use it as reference for future use or correct me If I am making an error. In your case, I have modified the script into below === #!/bin/sh # # BULK USER ADDING FOR QMAIL TOASTER # # Created after I ran into an issue of creating 20,000 users on my toaster! # Initial ideas come from a script that PakOgah pako...@pala.bo-tak.info # helped me with. # Still very manual, but Work in Progress # # Suggestions to akisa...@ucu.ac.ug # # Change a few variables and you are good to go # # # Location of the users file # Rememeber that the users file is in the format # Firstname Lastname Username Password USERS_FILE=/path/to/file.txt # The mail domain to which users are created # MAILDOMAIN=@domain.com # the vadduser command QMAILADD=/home/vpopmail/bin/vadduser # Select a default password for all users #PASS=mypass #Specify the Default Quota_in_bytes for your Users # 10 MB = 10 x 1024 x 1024 QUOTA=10485760 #Fun starts here No more variables to change below this line cat ${USERS_FILE} | \ while read FIRSTNAME LASTNAME USERNAME PASSWORD do echo adding the user: $USERNAME $QMAILADD -q $QUOTA -c $FIRSTNAME $LASTNAME $USERNAME$MAILDOMAIN $PASSWORD done # === John Hansen wrote: Hi, I'm looking at using this script for a bulk user import, but the users have passwords all ready, so I don't want to use the same default password for everyone. What changes would I need in the script so I can use it with a separate password for each user? I was thinking the format for the users file could just include the extra line for the password. Firstname Lastname Username Password #!/bin/sh # # BULK USER ADDING FOR QMAIL TOASTER # # Created after I ran into an issue of creating 20,000 users on my toaster! # Initial ideas come from a script that PakOgah pako...@pala.bo-tak.info # helped me with. # Still very manual, but Work in Progress # # Suggestions to akisa...@ucu.ac.ug # # Change a few variables and you are good to go # # # Location of the users file # Rememeber that the users file is in the format # Firstname Lastname Username USERS_FILE=/path/to/file.txt # The mail domain to which users are created # MAILDOMAIN=@domain.com # the vadduser command QMAILADD=/home/vpopmail/bin/vadduser # Select a default password for all users PASS=mypass #Specify the Default Quota_in_bytes for your Users # 10 MB = 10 x 1024 x 1024 QUOTA=10485760 #Fun starts here No more variables to change below this line cat ${USERS_FILE} | \ while read FIRSTNAME LASTNAME USERNAME do echo adding the user: $USERNAME $QMAILADD -q $QUOTA -c $FIRSTNAME $LASTNAME $USERNAME$MAILDOMAIN $PASS done # Thanks, John - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com