[qmailtoaster] smtp binding to seperate ip
hi some of my users need to compulsorily use port 25 for sending outgoing emails with smtp authentication for such users if they use the primary ip for sending then get error that their ip is listed in blacklist - naturally because they are sending from dialup connections. since they cannot use port 587 i was planning to bind qmail smtp service to another ip address (yyy.yyy.yyy.yyy) on the server which could be used by these customers so i created a separate folder /var/qmail/supervise/smtpauth with all the files in it after making changes to the run file, restarted qmail. i was able send emails using alternate ip yyy.yyy.yyy.yyy but the problem is that the server does not ask for authentication even though i specified REQUIRE_AUTH=1. I need some help on this please. my run file is given below yyy.yyy.yyy.yyy -- is my secondary ip #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SMTPD=/var/qmail/bin/qmail-smtpd TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb HOSTNAME=`hostname` VCHKPW=/home/vpopmail/bin/vchkpw REQUIRE_AUTH=1 exec /usr/bin/softlimit -m 1200 \ /usr/bin/tcpserver -v -R -H -l ns2.myserver.net -x $TCP_CDB -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID yyy.yyy.yyy.yyy smtp \ $SMTPD $VCHKPW /bin/true 21 rajesh - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Hello, problem with autentications
From few days my qmailtoaster installation (3 years old, 2 domain, about 600 mailbox) give two or three times at day the request for the password for download the email. Whit this error i recive this mail: Monday, 4 October 2010 at 11:44: ERROR: I guess another mrtg is running. A lockfile (/usr/share/toaster/mrtg/qmailmrtg.cfg_l) aged 376 seconds is hanging around. If you are sure that no other mrtg is running you can remove the lockfile there is no connection whit the mrtg error and the passowrd request, they appened in different time. This errors begin when i shutdown the server (a virtual machine) and upgrade the ram from 1 to 2 giga. Any idea ? thanks a lot - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Traffic monitor / accounting for QMT
Hi all, I was sort of fed up with not having a nice way to do traffic monitoring and accounting on my QMT installation - so I wrote my own. ;-) If you're interested, have a look at it here: http://martin.waschbuesch.de/qtp-traffic-monitor.tar.bz2 There are two components: a script that will gather daily statistics (always for yesterday) and write them into a mysql database and a report-generator that takes arguments such as start date, end date, domain (or list of domains) to generate a report. Reported information include: traffic for MUA (IMAP/POP3), MTA (qmail) and Web (apache) as well as mail web quota. It is tailored to the way I place apache log files for vhosts and also, I use dovecot rather than courier, but it should not be hard to adapt to your own needs. Code is somewhat documented, but not as extensive as it might be, I guess (then again, what code ever is?) Refer to the README file in the archive for more information. Anyway, comments, feedback, etc. is highly appreciated. Enjoy! Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: smtp binding to seperate ip
The simplest solution to this problem is to install spamdyke, which bypasses all filters for authenticated users. The stock rblsmtpd doesn't know about authentication, which is what causes the problem. Use the qtp-install-spamdyke script, and you be good to go in no time. You might want to review the /etc/spamdyke/spamdyke.conf file to be sure that filters are suitable for your environment. You'll also appreciate that spamdyke lightens the load on your server, as there will be much less email to scan. -- -Eric 'shubes' Rajesh M wrote: hi some of my users need to compulsorily use port 25 for sending outgoing emails with smtp authentication for such users if they use the primary ip for sending then get error that their ip is listed in blacklist - naturally because they are sending from dialup connections. since they cannot use port 587 i was planning to bind qmail smtp service to another ip address (yyy.yyy.yyy.yyy) on the server which could be used by these customers so i created a separate folder /var/qmail/supervise/smtpauth with all the files in it after making changes to the run file, restarted qmail. i was able send emails using alternate ip yyy.yyy.yyy.yyy but the problem is that the server does not ask for authentication even though i specified REQUIRE_AUTH=1. I need some help on this please. my run file is given below yyy.yyy.yyy.yyy -- is my secondary ip #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SMTPD=/var/qmail/bin/qmail-smtpd TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb HOSTNAME=`hostname` VCHKPW=/home/vpopmail/bin/vchkpw REQUIRE_AUTH=1 exec /usr/bin/softlimit -m 1200 \ /usr/bin/tcpserver -v -R -H -l ns2.myserver.net -x $TCP_CDB -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID yyy.yyy.yyy.yyy smtp \ $SMTPD $VCHKPW /bin/true 21 rajesh - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Hello, problem with autentications
li...@raniero.net wrote: From few days my qmailtoaster installation (3 years old, 2 domain, about 600 mailbox) give two or three times at day the request for the password for download the email. Whit this error i recive this mail: Monday, 4 October 2010 at 11:44: ERROR: I guess another mrtg is running. A lockfile (/usr/share/toaster/mrtg/qmailmrtg.cfg_l) aged 376 seconds is hanging around. If you are sure that no other mrtg is running you can remove the lockfile there is no connection whit the mrtg error and the passowrd request, they appened in different time. This errors begin when i shutdown the server (a virtual machine) and upgrade the ram from 1 to 2 giga. Any idea ? thanks a lot - Did you change the host or guest from 1 to 2 gig? Which VM platform are you using? Which Distro/versions, on both host and guest? -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: smtp binding to seperate ip
hi i have spamdyke installed already. could you please point me to some guide on this or a sample config file ? if spamdyke is authenticating then i will need to disable qmail authentication mechanism ... right ? my /etc/spamdyke/spamdyke.conf does not mention anything related to smtp authentication rajesh The simplest solution to this problem is to install spamdyke, which bypasses all filters for authenticated users. The stock rblsmtpd doesn't know about authentication, which is what causes the problem. Use the qtp-install-spamdyke script, and you be good to go in no time. You might want to review the /etc/spamdyke/spamdyke.conf file to be sure that filters are suitable for your environment. You'll also appreciate that spamdyke lightens the load on your server, as there will be much less email to scan. -- -Eric 'shubes' Rajesh M wrote: hi some of my users need to compulsorily use port 25 for sending outgoing emails with smtp authentication for such users if they use the primary ip for sending then get error that their ip is listed in blacklist - naturally because they are sending from dialup connections. since they cannot use port 587 i was planning to bind qmail smtp service to another ip address (yyy.yyy.yyy.yyy) on the server which could be used by these customers so i created a separate folder /var/qmail/supervise/smtpauth with all the files in it after making changes to the run file, restarted qmail. i was able send emails using alternate ip yyy.yyy.yyy.yyy but the problem is that the server does not ask for authentication even though i specified REQUIRE_AUTH=1. I need some help on this please. my run file is given below yyy.yyy.yyy.yyy -- is my secondary ip #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SMTPD=/var/qmail/bin/qmail-smtpd TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb HOSTNAME=`hostname` VCHKPW=/home/vpopmail/bin/vchkpw REQUIRE_AUTH=1 exec /usr/bin/softlimit -m 1200 \ /usr/bin/tcpserver -v -R -H -l ns2.myserver.net -x $TCP_CDB -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID yyy.yyy.yyy.yyy smtp \ $SMTPD $VCHKPW /bin/true 21 rajesh - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: smtp binding to seperate ip
Rajesh M wrote: hi i have spamdyke installed already. Which version? How did you install it? could you please point me to some guide on this or a sample config file ? Here is a spamdyke.conf file I'm presently using: dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=bl.spamcop.net graylist-dir=/var/spamdyke/graylist graylist-level=always graylist-max-secs=2678400 graylist-min-secs=180 greeting-delay-secs=5 idle-timeout-secs=180 ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords ip-whitelist-file=/etc/spamdyke/whitelist_ip local-domains-file=/var/qmail/control/rcpthosts log-level=info log-target=stderr max-recipients=15 rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients reject-empty-rdns reject-ip-in-cc-rdns reject-missing-sender-mx reject-unresolvable-rdns sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders tls-certificate-file=/var/qmail/control/servercert.pem tls-level=smtp if spamdyke is authenticating then i will need to disable qmail authentication mechanism ... right ? No, spamdyke simply passes authentication on to qmail, and trusts qmail's response. This is the default behavior for authentication, which is equivalent to: smtp-auth-level=observe Refer to http://www.spamdyke.org/documentation/README.html#SMTP_AUTH my /etc/spamdyke/spamdyke.conf does not mention anything related to smtp authentication You don't need anything specific in your spamdyke.conf file. The default behavior is fine. If you're running spamdyke, you should not be seeing rbl rejections for authenticated users. If your users are seeing rbl rejections, then I would suspect that they're not authenticating successfully. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Sender's address not getting a copy of aliased mail
I understand that this (the sender not getting a copy when sent to an alias if they are on that alias) is the intended behavior but is there a way to override it to that the sender receives a copy of the message that they sent as well? Thanks - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] CHKUSER accepting for non existant accounts
Hello all, Can someone suggest what might be going on here please? 2010-10-05 01:37:28.913508500 CHKUSER accepted sender: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcpt : sender accepted 2010-10-05 01:37:29.427863500 tcpserver: ok 27040 x.x.x.x:25 :190.71.212.250::62480 2010-10-05 01:37:29.458675500 CHKUSER accepted rcpt: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcptarmstr...@domain.net : found existing recipient 2010-10-05 01:37:29.458697500 policy_check: localarmstr...@domain.net - localarmstr...@domain.net (UNAUTHENTICATED SENDER) 2010-10-05 01:37:29.458719500 policy_check: policy allows transmission 2010-10-05 01:37:29.459963500 tcpserver: end 27029 status 0 2010-10-05 01:37:29.459964500 tcpserver: status: 3/100 2010-10-05 01:37:29.509451500 rblsmtpd: 190.71.212.250 pid 27040: 451http://www.spamhaus.org/query/bl?ip=190.71.212.250 What I am unsure of is that if the userarmstr...@domain.net does not exist anywhere on my server how can CHKUSER accept it? This is pretty much a vanilla install of QMT? -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: CHKUSER accepting for non existant accounts
Tony White wrote: Hello all, Can someone suggest what might be going on here please? 2010-10-05 01:37:28.913508500 CHKUSER accepted sender: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcpt : sender accepted 2010-10-05 01:37:29.427863500 tcpserver: ok 27040 x.x.x.x:25 :190.71.212.250::62480 2010-10-05 01:37:29.458675500 CHKUSER accepted rcpt: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcptarmstr...@domain.net : found existing recipient 2010-10-05 01:37:29.458697500 policy_check: localarmstr...@domain.net - localarmstr...@domain.net (UNAUTHENTICATED SENDER) 2010-10-05 01:37:29.458719500 policy_check: policy allows transmission 2010-10-05 01:37:29.459963500 tcpserver: end 27029 status 0 2010-10-05 01:37:29.459964500 tcpserver: status: 3/100 2010-10-05 01:37:29.509451500 rblsmtpd: 190.71.212.250 pid 27040: 451http://www.spamhaus.org/query/bl?ip=190.71.212.250 What I am unsure of is that if the userarmstr...@domain.net does not exist anywhere on my server how can CHKUSER accept it? This is pretty much a vanilla install of QMT? -- best wishes Tony White - Any address will be accepted if there's a CatchAll account defined. You can check that setting either on the qmailadmin Email Accounts page, or by looking at the contents of the /home/vpopmail/domains/domain/.qmail-default file. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: CHKUSER accepting for non existant accounts
On 05/10/2010 10:59 AM, Eric Shubert wrote: Tony White wrote: Hello all, Can someone suggest what might be going on here please? 2010-10-05 01:37:28.913508500 CHKUSER accepted sender: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcpt : sender accepted 2010-10-05 01:37:29.427863500 tcpserver: ok 27040 x.x.x.x:25 :190.71.212.250::62480 2010-10-05 01:37:29.458675500 CHKUSER accepted rcpt: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcptarmstr...@domain.net : found existing recipient 2010-10-05 01:37:29.458697500 policy_check: localarmstr...@domain.net - localarmstr...@domain.net (UNAUTHENTICATED SENDER) 2010-10-05 01:37:29.458719500 policy_check: policy allows transmission 2010-10-05 01:37:29.459963500 tcpserver: end 27029 status 0 2010-10-05 01:37:29.459964500 tcpserver: status: 3/100 2010-10-05 01:37:29.509451500 rblsmtpd: 190.71.212.250 pid 27040: 451http://www.spamhaus.org/query/bl?ip=190.71.212.250 What I am unsure of is that if the userarmstr...@domain.net does not exist anywhere on my server how can CHKUSER accept it? This is pretty much a vanilla install of QMT? -- best wishes Tony White - Any address will be accepted if there's a CatchAll account defined. You can check that setting either on the qmailadmin Email Accounts page, or by looking at the contents of the /home/vpopmail/domains/domain/.qmail-default file. Thank you for the reply Erik but I do not have any catchall accounts set in the domain in question! In fact I do not have a catchall for any domain. my .qmail-default default is | /home/vpopmail/bin/vdelivermail '' delete -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: CHKUSER accepting for non existant accounts
Tony White wrote: On 05/10/2010 10:59 AM, Eric Shubert wrote: Tony White wrote: Hello all, Can someone suggest what might be going on here please? 2010-10-05 01:37:28.913508500 CHKUSER accepted sender: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcpt : sender accepted 2010-10-05 01:37:29.427863500 tcpserver: ok 27040 x.x.x.x:25 :190.71.212.250::62480 2010-10-05 01:37:29.458675500 CHKUSER accepted rcpt: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcptarmstr...@domain.net : found existing recipient 2010-10-05 01:37:29.458697500 policy_check: localarmstr...@domain.net - localarmstr...@domain.net (UNAUTHENTICATED SENDER) 2010-10-05 01:37:29.458719500 policy_check: policy allows transmission 2010-10-05 01:37:29.459963500 tcpserver: end 27029 status 0 2010-10-05 01:37:29.459964500 tcpserver: status: 3/100 2010-10-05 01:37:29.509451500 rblsmtpd: 190.71.212.250 pid 27040: 451http://www.spamhaus.org/query/bl?ip=190.71.212.250 What I am unsure of is that if the userarmstr...@domain.net does not exist anywhere on my server how can CHKUSER accept it? This is pretty much a vanilla install of QMT? -- best wishes Tony White - Any address will be accepted if there's a CatchAll account defined. You can check that setting either on the qmailadmin Email Accounts page, or by looking at the contents of the /home/vpopmail/domains/domain/.qmail-default file. Thank you for the reply Erik but I do not have any catchall accounts set in the domain in question! In fact I do not have a catchall for any domain. my .qmail-default default is | /home/vpopmail/bin/vdelivermail '' delete In that case, did the account ever exist? If so, I would check the vpopmail database for anything that might be left over. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: CHKUSER accepting for non existant accounts
On 05/10/2010 11:43 AM, Eric Shubert wrote: Tony White wrote: On 05/10/2010 10:59 AM, Eric Shubert wrote: Tony White wrote: Hello all, Can someone suggest what might be going on here please? 2010-10-05 01:37:28.913508500 CHKUSER accepted sender: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcpt : sender accepted 2010-10-05 01:37:29.427863500 tcpserver: ok 27040 x.x.x.x:25 :190.71.212.250::62480 2010-10-05 01:37:29.458675500 CHKUSER accepted rcpt: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcptarmstr...@domain.net : found existing recipient 2010-10-05 01:37:29.458697500 policy_check: localarmstr...@domain.net - localarmstr...@domain.net (UNAUTHENTICATED SENDER) 2010-10-05 01:37:29.458719500 policy_check: policy allows transmission 2010-10-05 01:37:29.459963500 tcpserver: end 27029 status 0 2010-10-05 01:37:29.459964500 tcpserver: status: 3/100 2010-10-05 01:37:29.509451500 rblsmtpd: 190.71.212.250 pid 27040: 451http://www.spamhaus.org/query/bl?ip=190.71.212.250 What I am unsure of is that if the userarmstr...@domain.net does not exist anywhere on my server how can CHKUSER accept it? This is pretty much a vanilla install of QMT? -- best wishes Tony White - Any address will be accepted if there's a CatchAll account defined. You can check that setting either on the qmailadmin Email Accounts page, or by looking at the contents of the /home/vpopmail/domains/domain/.qmail-default file. Thank you for the reply Erik but I do not have any catchall accounts set in the domain in question! In fact I do not have a catchall for any domain. my .qmail-default default is | /home/vpopmail/bin/vdelivermail '' delete In that case, did the account ever exist? If so, I would check the vpopmail database for anything that might be left over. No the user never existed. I now now watching the logs and seeing a lot of CHKUSER accepted for users that never existed or existed 10 years ago. -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: CHKUSER accepting for non existant accounts
Tony White wrote: On 05/10/2010 11:43 AM, Eric Shubert wrote: Tony White wrote: On 05/10/2010 10:59 AM, Eric Shubert wrote: Tony White wrote: Hello all, Can someone suggest what might be going on here please? 2010-10-05 01:37:28.913508500 CHKUSER accepted sender: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcpt : sender accepted 2010-10-05 01:37:29.427863500 tcpserver: ok 27040 x.x.x.x:25 :190.71.212.250::62480 2010-10-05 01:37:29.458675500 CHKUSER accepted rcpt: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcptarmstr...@domain.net : found existing recipient 2010-10-05 01:37:29.458697500 policy_check: localarmstr...@domain.net - localarmstr...@domain.net (UNAUTHENTICATED SENDER) 2010-10-05 01:37:29.458719500 policy_check: policy allows transmission 2010-10-05 01:37:29.459963500 tcpserver: end 27029 status 0 2010-10-05 01:37:29.459964500 tcpserver: status: 3/100 2010-10-05 01:37:29.509451500 rblsmtpd: 190.71.212.250 pid 27040: 451http://www.spamhaus.org/query/bl?ip=190.71.212.250 What I am unsure of is that if the userarmstr...@domain.net does not exist anywhere on my server how can CHKUSER accept it? This is pretty much a vanilla install of QMT? -- best wishes Tony White - Any address will be accepted if there's a CatchAll account defined. You can check that setting either on the qmailadmin Email Accounts page, or by looking at the contents of the /home/vpopmail/domains/domain/.qmail-default file. Thank you for the reply Erik but I do not have any catchall accounts set in the domain in question! In fact I do not have a catchall for any domain. my .qmail-default default is | /home/vpopmail/bin/vdelivermail '' delete In that case, did the account ever exist? If so, I would check the vpopmail database for anything that might be left over. No the user never existed. I now now watching the logs and seeing a lot of CHKUSER accepted for users that never existed or existed 10 years ago. That's unusual indeed. Perhaps Tonix can shed some light on this. My next step would be to have a look at the chkuser source to see how it's making that determination. I expect that the chkuser code is probably ok, but there's something in your setup that's not quite right. Perhaps something that chkuser/vpopmail isn't anticipating. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: CHKUSER accepting for non existant accounts
On 05/10/2010 12:13 PM, Eric Shubert wrote: Tony White wrote: On 05/10/2010 11:43 AM, Eric Shubert wrote: Tony White wrote: On 05/10/2010 10:59 AM, Eric Shubert wrote: Tony White wrote: Hello all, Can someone suggest what might be going on here please? 2010-10-05 01:37:28.913508500 CHKUSER accepted sender: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcpt : sender accepted 2010-10-05 01:37:29.427863500 tcpserver: ok 27040 x.x.x.x:25 :190.71.212.250::62480 2010-10-05 01:37:29.458675500 CHKUSER accepted rcpt: fromarmstr...@domain.net:: remoteBenQ-PC:unknown:112.192.3.115 rcptarmstr...@domain.net : found existing recipient 2010-10-05 01:37:29.458697500 policy_check: localarmstr...@domain.net - localarmstr...@domain.net (UNAUTHENTICATED SENDER) 2010-10-05 01:37:29.458719500 policy_check: policy allows transmission 2010-10-05 01:37:29.459963500 tcpserver: end 27029 status 0 2010-10-05 01:37:29.459964500 tcpserver: status: 3/100 2010-10-05 01:37:29.509451500 rblsmtpd: 190.71.212.250 pid 27040: 451http://www.spamhaus.org/query/bl?ip=190.71.212.250 What I am unsure of is that if the userarmstr...@domain.net does not exist anywhere on my server how can CHKUSER accept it? This is pretty much a vanilla install of QMT? -- best wishes Tony White - Any address will be accepted if there's a CatchAll account defined. You can check that setting either on the qmailadmin Email Accounts page, or by looking at the contents of the /home/vpopmail/domains/domain/.qmail-default file. Thank you for the reply Erik but I do not have any catchall accounts set in the domain in question! In fact I do not have a catchall for any domain. my .qmail-default default is | /home/vpopmail/bin/vdelivermail '' delete In that case, did the account ever exist? If so, I would check the vpopmail database for anything that might be left over. No the user never existed. I now now watching the logs and seeing a lot of CHKUSER accepted for users that never existed or existed 10 years ago. That's unusual indeed. Perhaps Tonix can shed some light on this. My next step would be to have a look at the chkuser source to see how it's making that determination. I expect that the chkuser code is probably ok, but there's something in your setup that's not quite right. Perhaps something that chkuser/vpopmail isn't anticipating. I have been watching logs for too long now but there really seems to be an issue to attend to with CHKUSER. The number of accounts that are NOT stopped by CHKUSER is surprising. I have built a list of all email addresses in my system and check the more obvious wrong ones via grep. It appears that CHKUSER is accepting emails regardless! Is it possible I might have to rebuild it for some reason? -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com