Re: [qmailtoaster] Cleaning house
Its done already, did it late yesterday. Thanks On 12/13/2011 8:43 PM, Pak Ogah wrote: Dave, please go ahead add your adjustments to wiki and inform us again after you finish it. On 12/14/11 0:34, Dave wrote: Found this on the wiki: http://wiki.qmailtoaster.com/index.php/Maintain_Trash_and_Spam_folder maybe I should add my adjustments to the wiki? Modified the qtp-clean-trash to add a clean up of old emails. As recently our backups have been taking over 14 hours, and are around 30 Gb. So I modified the script to delete any email in the users CUR folder, older than 31 days . If doing this, make sure you send a server wide email, to alert all users what you are doing. I gave then 2 weeks notice, and ran it last night. Worked like a charm. +++ #!/bin/bash # 09/11/09 - Eric e...@shubes.net # changed -ctime to -mtime # refactored to simplify a bit # # 07/06/07 - Jake j...@v2gnu.com # This is a modified version of Erik Espinoza's espin...@forcenetworks.com # # # 23/10/2007 - Davide bu...@synhack.it # Added the possibility to use an external file to configure the deltrash value # just put in DELTIME_FILE the path of the file which contain the value # 12/12/11 # Modified again by Dave MacDonald d...@techyguru.com # It has been modified to be used as an email cleaner. # It will delete files in the users CUR folder that are older than 31 # days, and can be modified by adjusting the DELTIME variable. # default DELTIME value DELTIME=31 # config file for deltrash DELTIME_FILE=/var/qmail/control/deltrash # see if there is a configuration file for DELTIME if [ -e $DELTIME_FILE ] ; then DELTIME_TMP=`cat $DELTIME_FILE` if [ $(echo $DELTIME_TMP | grep ^[[:digit:]]*$) ] ; then DELTIME=$DELTIME_TMP fi fi # find and process each Domain user accounts # then find and process each file in the CUR directory for directory in $(find /home/vpopmail/domains -type d -name cur); do for file in $(find $directory -type f -mtime +$DELTIME); do rm -f ${file} /dev/null 21 done done +++ - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] smtp with droid motorola x phone problem
Has anyone had any issues with sending email with motorola x cell phones? Thanks -- Aaron Powell IT Manager ST Communications Office: 785-460-7300 Fax: 785-460-7301 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: smtp with droid motorola x phone problem
On 12/14/2011 09:10 AM, apow...@st-tel.net wrote: Has anyone had any issues with sending email with motorola x cell phones? Thanks Not that I'm aware of. I know some other droids work ok, but I'm not positive I've seen/used a Motorola. Should work ok though. I've seen the 'stock' droid mail app work, as well as the k9 mail app. Sometimes it's a little tricky getting the settings configured right, and secure. First, be sure to use authentication with the user/account name being the full email address (including @domain.com). Then try port 587 w/ TLS and plain login first. If TLS isn't supported, then try 587 w/ encrypted/secure login (cram-md5). Having said that, what sort of problem are you experiencing? -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] smtp with droid motorola x phone problem
I have no issues sending with my Motorola Photon. Gilbert - Original Message - From: apow...@st-tel.net To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, December 14, 2011 9:10 AM Subject: [qmailtoaster] smtp with droid motorola x phone problem Has anyone had any issues with sending email with motorola x cell phones? Thanks -- Aaron Powell IT Manager ST Communications Office: 785-460-7300 Fax: 785-460-7301 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] smtp with droid motorola x phone problem
On 12/14/11 11:45 AM, Gilbert T. Gutierrez, Jr. wrote: I have no issues sending with my Motorola Photon. Gilbert - Original Message - From: apow...@st-tel.net To: qmailtoaster-list@qmailtoaster.com Sent: Wednesday, December 14, 2011 9:10 AM Subject: [qmailtoaster] smtp with droid motorola x phone problem Has anyone had any issues with sending email with motorola x cell phones? Thanks -- Aaron Powell IT Manager ST Communications Office: 785-460-7300 Fax: 785-460-7301 I'm using a Motorola Droid X without any issues using the stock mail client. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com Casey Price Smile Global Technical Support Submit or check trouble tickets http://billing.smileglobal.com www.smileglobal.com http://www.smileglobal.com Follow us on Twitter https://twitter.com/#%21/SmileInternet Like us on Facebook https://www.facebook.com/smileglobal
Re: [qmailtoaster] Re: smtp with droid motorola x phone problem
in the /var/log/maillog we get: vchkpw-smtp: password fail (pass: '2df40d2d35ae182da9d89045d2f18226') I have verified the settings on the phone. We have had a lot of these. The weird thing is that some Motorola x phones work and some don't, and they all have the same software version. -- Aaron Powell IT Manager ST Communications Office: 785-460-7300 Fax: 785-460-7301 Quoting Eric Shubert e...@shubes.net: On 12/14/2011 09:10 AM, apow...@st-tel.net wrote: Has anyone had any issues with sending email with motorola x cell phones? Thanks Not that I'm aware of. I know some other droids work ok, but I'm not positive I've seen/used a Motorola. Should work ok though. I've seen the 'stock' droid mail app work, as well as the k9 mail app. Sometimes it's a little tricky getting the settings configured right, and secure. First, be sure to use authentication with the user/account name being the full email address (including @domain.com). Then try port 587 w/ TLS and plain login first. If TLS isn't supported, then try 587 w/ encrypted/secure login (cram-md5). Having said that, what sort of problem are you experiencing? -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Account Break-in Attempts
Great work guys. I just implemented this on a few of my servers (just using the dos-hosts, sshd, vpopmail, and username-notfound rules at the moment). One quick question though, by default the SSH rule sends an email alert when an IP address is blocked and it runs a whois query against that IP (kind of a nice little feature, especially if you want to get in touch with the network admins for the network to alert them of malicious activity) - while this is a nice feature, it can lead to quite a few emails throughout the day (especially if you are running it on multiple servers)...anyone know if a way to setup some sort of digest that would send an email once per day per server (or for all servers for that matter) that would have a summary of the IPs that were blocked, and how to get in touch with the owners? On a side note, one thing I also noticed is that throughout the day I'll get a few emails stating that the pop3 ssh jails were stopped and then another that they were started. I know this happens when you start and stop the fail2ban-client or iptables, but why would it be stopping those jails on its own? Its not really hurting anything (that I'm aware of), but its more of an annoyance. Thanks, Casey Price Smile Global Technical Support Submit or check trouble tickets http://billing.smileglobal.com www.smileglobal.com http://www.smileglobal.com Follow us on Twitter https://twitter.com/#%21/SmileInternet Like us on Facebook https://www.facebook.com/smileglobal On 12/9/11 1:01 AM, Pak Ogah wrote: On 12/09/11 14:44, Domenico Fortunato wrote: You can configure fail2ban for Squirrelmail login attempts if you install the squirrel_logger plugin into Squirrelmail. Tune up the configuration files: in my /etc/fail2ban/jail.conf [squirrelmail-iptables] enabled = true filter = squirrelmail action = iptables[name=SquirrelMail, port=http, protocol=tcp] sendmail-whois[name=SquirrelMail,dest=root, sender=fail2...@example.it] logpath = /var/log/squirrelmail.log maxretry = 5 Also, the squirrelmail.conf: # Fail2Ban configuration file # # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named host. The tag HOST can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?Phost[\w\-.^_]+) # Values: TEXT # failregex = \[LOGIN_ERROR\].*from HOST: Utente sconosciuto o password errata # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex = *Warning:* the failregex value must match the line written in squirrelmail.log (it's in italian language for me :-) ) For more info search for squirrelmail fail2ban in your preferred search engine. I hope it help. Domenico Fortunato. added to http://wiki.qmailtoaster.com/index.php/Fail2Ban while tidying it up, please check it again to make sure your rule is correctly written
Re: [qmailtoaster] Account Break-in Attempts
Is you SSH on a standard port? On 12/14/2011 12:23 PM, Casey Price wrote: Great work guys. I just implemented this on a few of my servers (just using the dos-hosts, sshd, vpopmail, and username-notfound rules at the moment). One quick question though, by default the SSH rule sends an email alert when an IP address is blocked and it runs a whois query against that IP (kind of a nice little feature, especially if you want to get in touch with the network admins for the network to alert them of malicious activity) - while this is a nice feature, it can lead to quite a few emails throughout the day (especially if you are running it on multiple servers)...anyone know if a way to setup some sort of digest that would send an email once per day per server (or for all servers for that matter) that would have a summary of the IPs that were blocked, and how to get in touch with the owners? On a side note, one thing I also noticed is that throughout the day I'll get a few emails stating that the pop3 ssh jails were stopped and then another that they were started. I know this happens when you start and stop the fail2ban-client or iptables, but why would it be stopping those jails on its own? Its not really hurting anything (that I'm aware of), but its more of an annoyance. Thanks, Casey Price Smile Global Technical Support Submit or check trouble tickets http://billing.smileglobal.com www.smileglobal.com http://www.smileglobal.com Follow us on Twitter https://twitter.com/#%21/SmileInternet Like us on Facebook https://www.facebook.com/smileglobal On 12/9/11 1:01 AM, Pak Ogah wrote: On 12/09/11 14:44, Domenico Fortunato wrote: You can configure fail2ban for Squirrelmail login attempts if you install the squirrel_logger plugin into Squirrelmail. Tune up the configuration files: in my /etc/fail2ban/jail.conf [squirrelmail-iptables] enabled = true filter = squirrelmail action = iptables[name=SquirrelMail, port=http, protocol=tcp] sendmail-whois[name=SquirrelMail,dest=root, sender=fail2...@example.it] logpath = /var/log/squirrelmail.log maxretry = 5 Also, the squirrelmail.conf: # Fail2Ban configuration file # # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named host. The tag HOST can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?Phost[\w\-.^_]+) # Values: TEXT # failregex = \[LOGIN_ERROR\].*from HOST: Utente sconosciuto o password errata # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex = *Warning:* the failregex value must match the line written in squirrelmail.log (it's in italian language for me :-) ) For more info search for squirrelmail fail2ban in your preferred search engine. I hope it help. Domenico Fortunato. added to http://wiki.qmailtoaster.com/index.php/Fail2Ban while tidying it up, please check it again to make sure your rule is correctly written -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com
[qmailtoaster] how to only enable smtp authentication
Hi, Just a small question: if I want that all users that send emails through my server are authenticated before sending... do I just need to put REQUIRE_AUTH=1 (+ export) in /var/qmail/supervise/smtp/run Thx, Christian - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Account Break-in Attempts
Yep Casey Price Smile Global Technical Support Submit or check trouble tickets http://billing.smileglobal.com www.smileglobal.com http://www.smileglobal.com Follow us on Twitter https://twitter.com/#%21/SmileInternet Like us on Facebook https://www.facebook.com/smileglobal On 12/14/11 1:28 PM, Cecil Yother, Jr. wrote: Is you SSH on a standard port? On 12/14/2011 12:23 PM, Casey Price wrote: Great work guys. I just implemented this on a few of my servers (just using the dos-hosts, sshd, vpopmail, and username-notfound rules at the moment). One quick question though, by default the SSH rule sends an email alert when an IP address is blocked and it runs a whois query against that IP (kind of a nice little feature, especially if you want to get in touch with the network admins for the network to alert them of malicious activity) - while this is a nice feature, it can lead to quite a few emails throughout the day (especially if you are running it on multiple servers)...anyone know if a way to setup some sort of digest that would send an email once per day per server (or for all servers for that matter) that would have a summary of the IPs that were blocked, and how to get in touch with the owners? On a side note, one thing I also noticed is that throughout the day I'll get a few emails stating that the pop3 ssh jails were stopped and then another that they were started. I know this happens when you start and stop the fail2ban-client or iptables, but why would it be stopping those jails on its own? Its not really hurting anything (that I'm aware of), but its more of an annoyance. Thanks, Casey Price Smile Global Technical Support Submit or check trouble tickets http://billing.smileglobal.com www.smileglobal.com http://www.smileglobal.com Follow us on Twitter https://twitter.com/#%21/SmileInternet Like us on Facebook https://www.facebook.com/smileglobal On 12/9/11 1:01 AM, Pak Ogah wrote: On 12/09/11 14:44, Domenico Fortunato wrote: You can configure fail2ban for Squirrelmail login attempts if you install the squirrel_logger plugin into Squirrelmail. Tune up the configuration files: in my /etc/fail2ban/jail.conf [squirrelmail-iptables] enabled = true filter = squirrelmail action = iptables[name=SquirrelMail, port=http, protocol=tcp] sendmail-whois[name=SquirrelMail,dest=root, sender=fail2...@example.it] logpath = /var/log/squirrelmail.log maxretry = 5 Also, the squirrelmail.conf: # Fail2Ban configuration file # # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named host. The tag HOST can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?Phost[\w\-.^_]+) # Values: TEXT # failregex = \[LOGIN_ERROR\].*from HOST: Utente sconosciuto o password errata # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex = *Warning:* the failregex value must match the line written in squirrelmail.log (it's in italian language for me :-) ) For more info search for squirrelmail fail2ban in your preferred search engine. I hope it help. Domenico Fortunato. added to http://wiki.qmailtoaster.com/index.php/Fail2Ban while tidying it up, please check it again to make sure your rule is correctly written -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 |http://yother.com Check out the new Volvo classified resourcehttp://www.volvoclassified.com
[qmailtoaster] Re: how to only enable smtp authentication
On 12/14/2011 03:47 PM, Christian wrote: Hi, Just a small question: if I want that all users that send emails through my server are authenticated before sending... do I just need to put REQUIRE_AUTH=1 (+ export) in /var/qmail/supervise/smtp/run Thx, Christian - That is correct. You'll notice that this is how port 587 (submission) is configured. Note, your server will no longer be able to accept email from external domains if you do this. What is it that you're trying to achieve? -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Account Break-in Attempts
Anything preventing you from using a non standard port? It will reduce hacking attempts 99+ % On 12/14/2011 02:51 PM, Casey Price wrote: Yep Casey Price Smile Global Technical Support Submit or check trouble tickets http://billing.smileglobal.com www.smileglobal.com http://www.smileglobal.com Follow us on Twitter https://twitter.com/#%21/SmileInternet Like us on Facebook https://www.facebook.com/smileglobal On 12/14/11 1:28 PM, Cecil Yother, Jr. wrote: Is you SSH on a standard port? On 12/14/2011 12:23 PM, Casey Price wrote: Great work guys. I just implemented this on a few of my servers (just using the dos-hosts, sshd, vpopmail, and username-notfound rules at the moment). One quick question though, by default the SSH rule sends an email alert when an IP address is blocked and it runs a whois query against that IP (kind of a nice little feature, especially if you want to get in touch with the network admins for the network to alert them of malicious activity) - while this is a nice feature, it can lead to quite a few emails throughout the day (especially if you are running it on multiple servers)...anyone know if a way to setup some sort of digest that would send an email once per day per server (or for all servers for that matter) that would have a summary of the IPs that were blocked, and how to get in touch with the owners? On a side note, one thing I also noticed is that throughout the day I'll get a few emails stating that the pop3 ssh jails were stopped and then another that they were started. I know this happens when you start and stop the fail2ban-client or iptables, but why would it be stopping those jails on its own? Its not really hurting anything (that I'm aware of), but its more of an annoyance. Thanks, Casey Price Smile Global Technical Support Submit or check trouble tickets http://billing.smileglobal.com www.smileglobal.com http://www.smileglobal.com Follow us on Twitter https://twitter.com/#%21/SmileInternet Like us on Facebook https://www.facebook.com/smileglobal On 12/9/11 1:01 AM, Pak Ogah wrote: On 12/09/11 14:44, Domenico Fortunato wrote: You can configure fail2ban for Squirrelmail login attempts if you install the squirrel_logger plugin into Squirrelmail. Tune up the configuration files: in my /etc/fail2ban/jail.conf [squirrelmail-iptables] enabled = true filter = squirrelmail action = iptables[name=SquirrelMail, port=http, protocol=tcp] sendmail-whois[name=SquirrelMail,dest=root, sender=fail2...@example.it] logpath = /var/log/squirrelmail.log maxretry = 5 Also, the squirrelmail.conf: # Fail2Ban configuration file # # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named host. The tag HOST can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?Phost[\w\-.^_]+) # Values: TEXT # failregex = \[LOGIN_ERROR\].*from HOST: Utente sconosciuto o password errata # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex = *Warning:* the failregex value must match the line written in squirrelmail.log (it's in italian language for me :-) ) For more info search for squirrelmail fail2ban in your preferred search engine. I hope it help. Domenico Fortunato. added to http://wiki.qmailtoaster.com/index.php/Fail2Ban while tidying it up, please check it again to make sure your rule is correctly written -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 |http://yother.com Check out the new Volvo classified resourcehttp://www.volvoclassified.com -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com