Re: [qmailtoaster] TLS reason: 503_MAIL_first_(#5.5.1)

[Rajesh M]

hello

it does not work

i get the same error.

 auth: (unknown) encryption: (none) reason: 503_MAIL_first_(#5.5.1)

rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 18 Jun 2019 09:25:59 -0600
Subject:

yes,

tls-level=none

On 6/18/2019 9:19 AM, Rajesh M wrote:
> tls-level=smtp ?

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] TLS reason: 503_MAIL_first_(#5.5.1)

[Rajesh M]

eric

should i comment the line in the spamdyke.conf
tls-level=smtp ?

#tls-certificate-file=/var/qmail/control/servercert.pem
tls-level=smtp

also please do note that this issue is occurring only for emails received from 
one single external domain.

rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 18 Jun 2019 09:14:27 -0600
Subject:

In /etc/spamdyke/spamdyke.conf set 'tls-level' to 'none'.

tls-level=none

allow qmail to do the tls and see if it works.


On 6/18/2019 9:07 AM, Rajesh M wrote:
> eric
>
> in the spamdyke.conf i can see this
> tls-certificate-file=/var/qmail/control/servercert.pem
>
> also i am using the
> /var/qmail/control/servercert.pem
> for domain key signing of outgoing emails.
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Tue, 18 Jun 2019 08:52:13 -0600
> Subject:
>
> So you have spamdyke doing the TLS?
>
> On 6/18/2019 8:38 AM, Rajesh M wrote:
>> Hi
>>
>> ISSUE 1
>> all of a sudden we are receiving error on one of our servers for one 
>> specific sender domain (sending from microsoft server)
>>
>> the sender domain is not able to send emails to the recepient domain on our 
>> server. The email bounces with the following error
>> encryption: TLS reason: 503_MAIL_first_(#5.5.1)
>>
>> 06/18/2019 19:33:16 LOG OUTPUT TLS
>> DENIED_OTHER from: rethish.n...@sender.com to: nominati...@dxb.recepient.com 
>> origin_ip: 40.107.69.126 origin_rdns: 
>> mail-eopbgr690126.outbound.protection.outlook.com auth: (unknown) 
>> encryption: TLS reason: 503_MAIL_first_(#5.5.1)
>> 06/18/2019 19:33:16 FROM REMOTE TO CHILD: 6 bytes TLS
>> QUIT
>> 06/18/2019 19:33:16 LOG OUTPUT TLS
>> ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The 
>> operation failed due to an I/O error, Connection reset by peer
>> ERROR(output_writeln()@log.c:104): unable to write 27 bytes to file 
>> descriptor 1: Connection reset by peer
>> 06/18/2019 19:33:16 FROM CHILD TO REMOTE: 27 bytes TLS
>> 221 ns1.HOSTNAME.com
>> 06/18/2019 19:33:16 LOG OUTPUT TLS
>> ERROR(tls_read()@tls.c:620): unable to read from SSL/TLS stream: The 
>> operation failed due to an I/O error, Unexpected EOF found
>>
>> 06/18/2019 19:33:16 - TLS ended and closed
>>
>>
>> the error log of spamdyke  full-log-dir is give below follows
>>
>>
>> ISSUE 2
>> also i noted that spamdyke log mentions as such
>> reset address space soft limit to infinity: please stop using the softlimit 
>> program
>>
>> What exactly does this mean. What is the alternative to prevent large files 
>> should i disable softlimit program in
>> /usr/bin/softlimit -m 6400 \
>> in the smtp run file
>>
>> require your kind help in resolving the above 2 issues
>>
>> thanks
>> rajesh
>>
>> 06/18/2019 19:32:54 STARTED: VERSION = 5.0.1+TLS+CONFIGTEST+DEBUG, PID = 
>> 19829
>>
>> 06/18/2019 19:32:54 CURRENT ENVIRONMENT
>> PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
>> PWD=/var/qmail/supervise/smtp
>> SHLVL=0
>> PROTO=TCP
>> TCPLOCALIP=103.241.181.154
>> TCPLOCALPORT=25
>> TCPLOCALHOST=ns1.HOSTNAME.com
>> TCPREMOTEIP=40.107.69.126
>> TCPREMOTEPORT=42264
>> BADMIMETYPE=
>> BADLOADERTYPE=M
>> QMAILQUEUE=/var/qmail/bin/simscan
>> CHKUSER_START=ALWAYS
>> CHKUSER_RCPTLIMIT=50
>> CHKUSER_WRONGRCPTLIMIT=10
>> NOP0FCHECK=1
>> DKQUEUE=/var/qmail/bin/qmail-queue.orig
>> DKVERIFY=DEGIJKfh
>> DKSIGN=/var/qmail/control/domainkeys/%/private
>>
>> 06/18/2019 19:32:54 CURRENT CONFIG
>> config-file=/etc/spamdyke/spamdyke.conf
>> dns-blacklist-entry=zen.spamhaus.org
>> full-log-dir=/var/log/spamdyke
>> graylist-dir=/var/spamdyke/graylist
>> graylist-max-secs=2678400
>> graylist-min-secs=180
>> header-blacklist-entry=From:*>,*<*
>> idle-timeout-secs=600
>> ip-blacklist-file=/etc/spamdyke/blacklist_ip
>> ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
>> ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
>> ip-whitelist-file=/etc/spamdyke/whitelist_ip
>> log-level=info
>> max-recipients=100
>> rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
>> rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
>> recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
>> recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
>> reject-empty-rdns=1
>> reject-se

Re: [qmailtoaster] TLS reason: 503_MAIL_first_(#5.5.1)

[Rajesh M]

eric

in the spamdyke.conf i can see this
tls-certificate-file=/var/qmail/control/servercert.pem

also i am using the
/var/qmail/control/servercert.pem
for domain key signing of outgoing emails.

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 18 Jun 2019 08:52:13 -0600
Subject:

So you have spamdyke doing the TLS?

On 6/18/2019 8:38 AM, Rajesh M wrote:
> Hi
>
> ISSUE 1
> all of a sudden we are receiving error on one of our servers for one specific 
> sender domain (sending from microsoft server)
>
> the sender domain is not able to send emails to the recepient domain on our 
> server. The email bounces with the following error
> encryption: TLS reason: 503_MAIL_first_(#5.5.1)
>
> 06/18/2019 19:33:16 LOG OUTPUT TLS
> DENIED_OTHER from: rethish.n...@sender.com to: nominati...@dxb.recepient.com 
> origin_ip: 40.107.69.126 origin_rdns: 
> mail-eopbgr690126.outbound.protection.outlook.com auth: (unknown) encryption: 
> TLS reason: 503_MAIL_first_(#5.5.1)
> 06/18/2019 19:33:16 FROM REMOTE TO CHILD: 6 bytes TLS
> QUIT
> 06/18/2019 19:33:16 LOG OUTPUT TLS
> ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The 
> operation failed due to an I/O error, Connection reset by peer
> ERROR(output_writeln()@log.c:104): unable to write 27 bytes to file 
> descriptor 1: Connection reset by peer
> 06/18/2019 19:33:16 FROM CHILD TO REMOTE: 27 bytes TLS
> 221 ns1.HOSTNAME.com
> 06/18/2019 19:33:16 LOG OUTPUT TLS
> ERROR(tls_read()@tls.c:620): unable to read from SSL/TLS stream: The 
> operation failed due to an I/O error, Unexpected EOF found
>
> 06/18/2019 19:33:16 - TLS ended and closed
>
>
> the error log of spamdyke  full-log-dir is give below follows
>
>
> ISSUE 2
> also i noted that spamdyke log mentions as such
> reset address space soft limit to infinity: please stop using the softlimit 
> program
>
> What exactly does this mean. What is the alternative to prevent large files 
> should i disable softlimit program in
> /usr/bin/softlimit -m 6400 \
> in the smtp run file
>
> require your kind help in resolving the above 2 issues
>
> thanks
> rajesh
>
> 06/18/2019 19:32:54 STARTED: VERSION = 5.0.1+TLS+CONFIGTEST+DEBUG, PID = 19829
>
> 06/18/2019 19:32:54 CURRENT ENVIRONMENT
> PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
> PWD=/var/qmail/supervise/smtp
> SHLVL=0
> PROTO=TCP
> TCPLOCALIP=103.241.181.154
> TCPLOCALPORT=25
> TCPLOCALHOST=ns1.HOSTNAME.com
> TCPREMOTEIP=40.107.69.126
> TCPREMOTEPORT=42264
> BADMIMETYPE=
> BADLOADERTYPE=M
> QMAILQUEUE=/var/qmail/bin/simscan
> CHKUSER_START=ALWAYS
> CHKUSER_RCPTLIMIT=50
> CHKUSER_WRONGRCPTLIMIT=10
> NOP0FCHECK=1
> DKQUEUE=/var/qmail/bin/qmail-queue.orig
> DKVERIFY=DEGIJKfh
> DKSIGN=/var/qmail/control/domainkeys/%/private
>
> 06/18/2019 19:32:54 CURRENT CONFIG
> config-file=/etc/spamdyke/spamdyke.conf
> dns-blacklist-entry=zen.spamhaus.org
> full-log-dir=/var/log/spamdyke
> graylist-dir=/var/spamdyke/graylist
> graylist-max-secs=2678400
> graylist-min-secs=180
> header-blacklist-entry=From:*>,*<*
> idle-timeout-secs=600
> ip-blacklist-file=/etc/spamdyke/blacklist_ip
> ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
> ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
> ip-whitelist-file=/etc/spamdyke/whitelist_ip
> log-level=info
> max-recipients=100
> rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
> rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
> recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
> recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
> reject-empty-rdns=1
> reject-sender=no-mx
> reject-sender=authentication-domain-mismatch
> reject-unresolvable-rdns=1
> relay-level=normal
> sender-blacklist-file=/etc/spamdyke/blacklist_senders
> sender-whitelist-file=/etc/spamdyke/whitelist_senders
> tls-certificate-file=/var/qmail/control/servercert.pem
>
> 06/18/2019 19:32:54 - Remote IP = 40.107.69.126
>
> 06/18/2019 19:32:54 CURRENT CONFIG
> config-file=/etc/spamdyke/spamdyke.conf
> dns-blacklist-entry=zen.spamhaus.org
> dns-server-ip-primary=8.8.8.8
> full-log-dir=/var/log/spamdyke
> graylist-dir=/var/spamdyke/graylist
> graylist-max-secs=2678400
> graylist-min-secs=180
> header-blacklist-entry=From:*>,*<*
> idle-timeout-secs=600
> ip-blacklist-file=/etc/spamdyke/blacklist_ip
> ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
> ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
> ip-whitelist-file=/etc/spamdyke/whitelist_ip
> log-level=info
> max-recipients=100
> rdns-blacklist-file=/etc/spamdyke

[qmailtoaster] TLS reason: 503_MAIL_first_(#5.5.1)

[Rajesh M]

Hi

ISSUE 1
all of a sudden we are receiving error on one of our servers for one specific 
sender domain (sending from microsoft server)

the sender domain is not able to send emails to the recepient domain on our 
server. The email bounces with the following error
encryption: TLS reason: 503_MAIL_first_(#5.5.1)

06/18/2019 19:33:16 LOG OUTPUT TLS
DENIED_OTHER from: rethish.n...@sender.com to: nominati...@dxb.recepient.com 
origin_ip: 40.107.69.126 origin_rdns: 
mail-eopbgr690126.outbound.protection.outlook.com auth: (unknown) encryption: 
TLS reason: 503_MAIL_first_(#5.5.1)
06/18/2019 19:33:16 FROM REMOTE TO CHILD: 6 bytes TLS
QUIT
06/18/2019 19:33:16 LOG OUTPUT TLS
ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The operation 
failed due to an I/O error, Connection reset by peer
ERROR(output_writeln()@log.c:104): unable to write 27 bytes to file descriptor 
1: Connection reset by peer
06/18/2019 19:33:16 FROM CHILD TO REMOTE: 27 bytes TLS
221 ns1.HOSTNAME.com
06/18/2019 19:33:16 LOG OUTPUT TLS
ERROR(tls_read()@tls.c:620): unable to read from SSL/TLS stream: The operation 
failed due to an I/O error, Unexpected EOF found

06/18/2019 19:33:16 - TLS ended and closed


the error log of spamdyke  full-log-dir is give below follows


ISSUE 2
also i noted that spamdyke log mentions as such
reset address space soft limit to infinity: please stop using the softlimit 
program

What exactly does this mean. What is the alternative to prevent large files 
should i disable softlimit program in
/usr/bin/softlimit -m 6400 \
in the smtp run file

require your kind help in resolving the above 2 issues

thanks
rajesh

06/18/2019 19:32:54 STARTED: VERSION = 5.0.1+TLS+CONFIGTEST+DEBUG, PID = 19829

06/18/2019 19:32:54 CURRENT ENVIRONMENT
PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
PWD=/var/qmail/supervise/smtp
SHLVL=0
PROTO=TCP
TCPLOCALIP=103.241.181.154
TCPLOCALPORT=25
TCPLOCALHOST=ns1.HOSTNAME.com
TCPREMOTEIP=40.107.69.126
TCPREMOTEPORT=42264
BADMIMETYPE=
BADLOADERTYPE=M
QMAILQUEUE=/var/qmail/bin/simscan
CHKUSER_START=ALWAYS
CHKUSER_RCPTLIMIT=50
CHKUSER_WRONGRCPTLIMIT=10
NOP0FCHECK=1
DKQUEUE=/var/qmail/bin/qmail-queue.orig
DKVERIFY=DEGIJKfh
DKSIGN=/var/qmail/control/domainkeys/%/private

06/18/2019 19:32:54 CURRENT CONFIG
config-file=/etc/spamdyke/spamdyke.conf
dns-blacklist-entry=zen.spamhaus.org
full-log-dir=/var/log/spamdyke
graylist-dir=/var/spamdyke/graylist
graylist-max-secs=2678400
graylist-min-secs=180
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=600
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
log-level=info
max-recipients=100
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns=1
reject-sender=no-mx
reject-sender=authentication-domain-mismatch
reject-unresolvable-rdns=1
relay-level=normal
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem

06/18/2019 19:32:54 - Remote IP = 40.107.69.126

06/18/2019 19:32:54 CURRENT CONFIG
config-file=/etc/spamdyke/spamdyke.conf
dns-blacklist-entry=zen.spamhaus.org
dns-server-ip-primary=8.8.8.8
full-log-dir=/var/log/spamdyke
graylist-dir=/var/spamdyke/graylist
graylist-max-secs=2678400
graylist-min-secs=180
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=600
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
log-level=info
max-recipients=100
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns=1
reject-sender=no-mx
reject-sender=authentication-domain-mismatch
reject-unresolvable-rdns=1
relay-level=normal
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem

06/18/2019 19:32:54 - Remote rDNS = 
mail-eopbgr690126.outbound.protection.outlook.com

06/18/2019 19:32:54 LOG OUTPUT
DEBUG(filter_rdns_missing()@filter.c:947): checking for missing rDNS; rdns: 
mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_rdns_whitelist_file()@filter.c:1055): searching rDNS whitelist 
file(s); rdns: mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_rdns_blacklist_file()@filter.c:1159): searching rDNS blacklist 
file(s); rdns: mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_ip_whitelist()@f

Re: [qmailtoaster] dovecot error related to test-compression

[Rajesh M]

hello

i am building as a root user  on centos version 6.9,  64 bit

command that is used

rpmbuild --rebuild --define "dist .qt.el6" dovecot-ce-2.3.0-1.qt.el6.src.rpm

error that i got

make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-client'
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-client'
Making check in lib-imap-urlauth
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-urlauth'
make[2]: Nothing to be done for `check'.
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-urlauth'
Making check in lib-compression
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
make  check-local
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
for bin in test-compression; do \
  if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \
done
compression handler gz ... : ok
compression handler bz2 .. : ok
compression handler deflate .. : ok
compression handler xz ... : ok
gz concat  : ok
gz no concat . : ok
gz large header .. : ok
0 / 7 tests failed
==639== Conditional jump or move depends on uninitialised value(s)
==639==at 0x3509A0ACB2: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A0AEA9: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A03121: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A061A0: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A05212: lzma_easy_encoder (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x406ACF: o_stream_create_lzma (ostream-lzma.c:206)
==639==by 0x403D89: test_compression_handler (test-compression.c:36)
==639==by 0x4040BD: test_compression (test-compression.c:96)
==639==by 0x408281: test_run_funcs (test-common.c:244)
==639==by 0x4083E0: test_run (test-common.c:315)
==639==by 0x40398B: main (test-compression.c:308)
==639==
Failed to run: ./test-compression
make[3]: *** [check-local] Error 1
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
make[2]: *** [check-am] Error 2
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
make[1]: *** [check-recursive] Error 1
make[1]: Leaving directory `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src'
make: *** [check-recursive] Error 1
error: Bad exit status from /var/tmp/rpm-tmp.aUYAhV (%check)


RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.aUYAhV (%check)




@eric : while searching i noted that you got a similar error in Jan 2018.
https://www.mail-archive.com/dovecot@dovecot.org/msg72130.html
do you recollect how your fixed it ?

thanks
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 12 Oct 2018 15:27:34 -0600
Subject:

Are you building as not root user?


On 10/12/2018 3:08 PM, Andreas Galatis wrote:
> Hi Rajesh,
>
> what exactly is the error-message?
>
>
> Andreas Galatis
>
> Computerservice & Datenschutz
>
> Am 12.10.2018 um 17:00 schrieb Rajesh M:
>> hello
>>
>> i am using centos 6, 64 bit system -- with the latest updates.
>>
>> i am trying to build a new server with qmailtoaster.
>>
>> all qmail packages installed successfully.
>>
>> however i get an error  while compiling dovecot using the source rpm related 
>> to test-compression
>>
>> i tried this with multiple version of dovecot but still the same error.
>> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.35-19.qt.src.rpm
>>  upto  dovecot-2.2.22-7.qt.src.rpm
>>
>> i am using qmailtoaster for the past over 8 years on 4 of my servers and 
>> have always built from source, but all of a sudden facing the above errors
>>
>> i formatted and reinstalled Centos 3 times but the same error persists.
>>
>> i wonder what i am missing.
>>
>> Could you please help.
>>
>> thanks,
>> rajesh
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>

--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-

[qmailtoaster] dovecot error related to test-compression

[Rajesh M]

hello

i am using centos 6, 64 bit system -- with the latest updates.

i am trying to build a new server with qmailtoaster.

all qmail packages installed successfully.

however i get an error  while compiling dovecot using the source rpm related to 
test-compression

i tried this with multiple version of dovecot but still the same error.
ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.35-19.qt.src.rpm
 upto  dovecot-2.2.22-7.qt.src.rpm

i am using qmailtoaster for the past over 8 years on 4 of my servers and have 
always built from source, but all of a sudden facing the above errors

i formatted and reinstalled Centos 3 times but the same error persists.

i wonder what i am missing.

Could you please help.

thanks,
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] bayes setup

[Rajesh M]

hello all

qmail toaster on centos 6, 64 bit

Please advise concerning steps to be followed for implementing bayes.

should i follow the steps listed here ? or is there anything specific related 
specific to qmail toaster
https://wiki.apache.org/spamassassin/SiteWideBayesSetup

the mail traffic on this server is around 6 emails per day


thanks
rajesh



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Simscan

[Rajesh M]

hi

the temporary resolution is as such

cd /var/lib/clamav

service clamd stop

mv daily.cld daily.cld.BAK
mv main.cld main.cld.BAK
mv bytecode.cld bytecode.cld.BAK

also rename any
main.cvd
daily.cvd
bytecode.cvd


keep foxhole_all and badmacro.ndb unoffical which handles all kinds of bad 
attachments (even if they are zipped / archived) / macros.

also have spam-assassin with oledb macro plugin.

service clamd start

with this config you can have simscan working

clam will work and stop a major amount of viruses which comes in the form of 
attachments and macros.

rajesh



- Original Message -
From: Tommi Järvilehto [mailto:tommi.jarvile...@datavahti.fi]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 26 Jan 2018 17:19:48 +0200
Subject:

Same here one of our servers (CentOs6 64bit). CentOS5 and CentOS7
servers currently ok.
I disabled now simscan temporarily.

On 26.1.2018 16:24, Havrla wrote:
> Hi, Eric
>
> problem = clamav  after update (antivir base)
>
> simscan no problem
>
>
> LOG:
> Jan 26 11:24:50 tonda clamd: LibClamAV Error: cli_gentempfd: Can't
> create temporary file
> /tmp/clamav-4cfa012223685613cbdd51ea20c64a9a.tmp/clamav-696c37f51f984623e21bb7af92cbbf08.tmp:
> Too many open files
> Jan 26 11:24:50 tonda clamd: LibClamAV Warning: fileblobScan, fullname
> == NULL
> Jan 26 11:24:50 tonda clamd: LibClamAV Error: fileblobDestroy: unknown
> not saved: report to http://bugs.clamav.net
> Jan 26 11:24:50 tonda clamd: LibClamAV Error: cli_gentempfd: Can't
> create temporary file
> /tmp/clamav-4cfa012223685613cbdd51ea20c64a9a.tmp/clamav-576c58385e2b2488934fd90e8c45efa4.tmp:
> Too many open files
>
>
> Havrla
>
> Dne 26.1.2018 v 15:11 Eric Broch napsal(a):
>> On 1/26/2018 7:04 AM, Jeff Koch wrote:
>>> Hi Eric - we're having massive problems this morning with soft
>>> rejects. How do we bypass simscan?  I can't find the email in which
>>> you explained
>>>
>>> Jeff
>
>

--
Tommi Järvilehto
DataVahti Oy
040 732 8032


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] how to disable clamav updates

[Rajesh M]

hi all,

how to disable clamav updates

basically i do not want clamav downloading the daily.cvd and other files 
automatically

i removed the following but in sometime these got automatically updated

daily.cld
main.cld
bytecode.cld
mirrors.dat

rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Update clamav

[Rajesh M]

chandran

are you getting the following error all of  a sudden today even ***before*** 
you update clam ?

qmail-smtpd: qq soft reject (mail server temporarily rejected message
(#4.3.0))

rajesh

- Original Message -
From: Chandran Manikandan [mailto:tech2m...@gmail.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 26 Jan 2018 13:02:38 +0800
Subject:

Hi Eric,

Thank you.
I have updated above your link. but i cannot send and receive email and the
logs showing below.

qmail-smtpd: qq soft reject (mail server temporarily rejected message
(#4.3.0))

Please help me to fix this issue
my server is down now

nobody using email.

On Fri, Jan 26, 2018 at 12:50 PM, Eric Broch 
wrote:

> There is clamav-99.2-3 (x86 and x86_64) on the CentOS 6 mirror:
> ftp://ftp.qmailtoaster.com/pub/repo/qmt/CentOS/6/current/
> SRPMS/clamav-0.99.2-3.qt.src.rpm &
>
> ftp://ftp.qmailtoaster.com/pub/repo/qmt/CentOS/6/current/
> i386/clamav-0.99.2-3.qt.el6.i686.rpm
>
> clamav-99.3 just came out today. I'll get it rolled in the next couple of
> days...most likely tomorrow.
>
> On 1/25/2018 9:29 PM, Chandran Manikandan wrote:
>
> Dear Friends,
>
> Clamav is running outdated version in my system when i run the freshclam
> today with the below message.
>
> ClamAV update process started at Fri Jan 26 12:24:24 2018
> WARNING: Your ClamAV installation is OUTDATED!
> WARNING: Local version: 0.99.1 Recommended version: 0.99.3
> DON'T PANIC! Read http://www.clamav.net/documents/upgrading-clamav
>
>
> I am using qmailtoaster in CentOS release 6.7 (Final) 32 bit  in one
> machine and another machine is CentOS release 6.7 (Final) 64 bit.
>
> Kindly help me to provide the procedure without affect our existing
> packages.
>
> Both the server is production server.
>
> Appreciate your help.
>
> --
> *Thanks,*
> *Manikandan.C*
> *System Administrator*
>
>
> --
> Eric Broch
> White Horse Technical Consulting (WHTC)
>
>


--
*Thanks,*
*Manikandan.C*
*System Administrator*


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] qq soft reject

[Rajesh M]

hi

we are getting qq soft reject on one of our server on random basis

this is a busy server

around -- 6000 mails in 1 hour during peak hours

we disabled both spam and clam ie set spam=no, clam=no

but still the error continues till we disable the /var/qmail/simscan from the 
tcp.smtp

softlimit for smtp in the supervise/run file is kept at 100 mb.

rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] simscan in ramdisk

[Rajesh M]

hi eric

i am creating simscan on ramdisk

however there is always 3-4 emails in the folder /var/qmail/simscan

how do i transfer these email to the memory based simscan.

thanks
'rajesh



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: Fwd: Re: [qmailtoaster] dmarc implementation

[Rajesh M]

eric  and jaime

thank you very much for your help

i have dkim, dmarc and simscan on ramdisk implemented.

regds
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 10 Jan 2018 08:32:35 -0700
Subject:

dknewkey domain.tld.key  1024 > domain.tld.txt


On 1/10/2018 6:51 AM, Rajesh M wrote:
> eric
>
> concerning dkim signing
>
> i was testing the records for a sample domain i got messages that the "key is 
> insecure since it is less than 384 characters"
>
> is it advisable to increase this to 1024 bits ?
>
> if yes then how do i do that ?
>
> thanks,
> rajesh
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To:qmailtoaster-list@qmailtoaster.com
> Sent: Tue, 9 Jan 2018 17:05:02 -0700
> Subject:
>
> I'm sure it will, but I don't know how much.
>
>
> On 1/9/2018 9:55 AM, Rajesh M wrote:
>> eric
>>
>> it worked correctly but the dns record generated in the MYDOMAIN.com.txt 
>> file was not correct ... not sure what i was doing wrong.
>>
>> i used this
>>
>> perl -pi -e 's/.key._domainkey//' /var/qmail/control/dkim/otherdomain.com.txt
>>
>> googled a bit and entered in the following in my zone file
>>
>> selector = otherdomain.com
>>
>> _domainkey.otherdomain.com. IN TXT"o=!;r=x...@y.com"
>>
>> otherdomain.com._domainkey.otherdomain.com. IN TXT "v=DKIM1;k=rsa;p="
>>
>>
>> Also  will changing the qmail-remote file increase the load on the server, 
>> especially since qmail-remote is no longer a binary ?  My servers are quite 
>> busy.
>>
>>
>>
>>
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To:qmailtoaster-list@qmailtoaster.com
>> Sent: Tue, 2 Jan 2018 15:09:34 -0700
>> Subject:
>>
>> Rajesh,
>>
>> 1) Yes
>>
>> 2) tcp.smtp
>>
>> 127.:allow,RELAYCLIENT="",RBLSMTPD="",NOP0FCHECK="1"
>> :allow,SPFBEHAVIOR="1",BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="200",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue.orig",NOP0FCHECK="1",SENDER_NOCHECK="1"
>>
>> Eric
>>
>>
>> On 1/2/2018 11:20 AM, Rajesh M wrote:
>>> Eric
>>>
>>> 2 questions please
>>>
>>> Question 1)
>>>
>>> the default qmail install points the symlink for qmailqueue to qmail-dk
>>>
>>> which i have changed to
>>>
>>> qmail-queue -> qmail-queue.orig
>>>
>>> Do keep the same setting which is
>>>
>>> qmail-queue -> qmail-queue.orig
>>>
>>>
>>> Question 2)
>>>
>>> Could you please send me the corresponding settings required in the 
>>> tcp.smtp file ?
>>>
>>> thanks,
>>> rajesh
>>>
>>>
>>>
>>> - Original Message -
>>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>>> To:qmailtoaster-list@qmailtoaster.com
>>> Sent: Tue, 2 Jan 2018 08:51:07 -0700
>>> Subject:
>>>
>>> Hi Rajesh,
>>>
>>> Thank you! I appreciate your sentiments and hope your New Year brings
>>> blessings of health and happiness as well.
>>>
>>> This is a better link:
>>>
>>> http://qmailtoaster.org/dkim.html
>>>
>>> which will show you how to implement per domain.
>>>
>>> Remember this is only signing messages going out. As of yet there is no
>>> dkim checking coming in, I'm looking into that.
>>>
>>> Eric
>>>
>>>
>>> On 1/2/2018 7:50 AM, Rajesh M wrote:
>>>> eric,
>>>>
>>>> Wish you a wonderful New Year, full of health and happiness.
>>>>
>>>> I wish to implement  dmarc on my qmailtoaster servers
>>>>
>>>> i am using centos6 64 bit with the latest versions of qmailtoaster
>>>>
>>>> SPF is already being used on my server
>>>>
>>>> Concerning dkim, currently my  qmail-queue is symlinked to 
>>>> qmail-queue.orig and not pointing to qmail-dk
>>>>
>>>> qmail-queue -> qmail-queue.orig
>>>>
>>>> could you please guide me on the implementation of DMARC
>>>>
>>>> i am planning to implement this for all the domains in my serve

Re: [qmailtoaster] dmarc implementation

[Rajesh M]

eric

concerning dkim signing

i was testing the records for a sample domain i got messages that the "key is 
insecure since it is less than 384 characters"

is it advisable to increase this to 1024 bits ?

if yes then how do i do that ?

thanks,
rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 9 Jan 2018 17:05:02 -0700
Subject:

I'm sure it will, but I don't know how much.


On 1/9/2018 9:55 AM, Rajesh M wrote:
> eric
>
> it worked correctly but the dns record generated in the MYDOMAIN.com.txt file 
> was not correct ... not sure what i was doing wrong.
>
> i used this
>
> perl -pi -e 's/.key._domainkey//' /var/qmail/control/dkim/otherdomain.com.txt
>
> googled a bit and entered in the following in my zone file
>
> selector = otherdomain.com
>
> _domainkey.otherdomain.com. IN TXT "o=!;r=x...@y.com"
>
> otherdomain.com._domainkey.otherdomain.com. IN TXT "v=DKIM1;k=rsa;p="
>
>
> Also  will changing the qmail-remote file increase the load on the server, 
> especially since qmail-remote is no longer a binary ?  My servers are quite 
> busy.
>
>
>
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Tue, 2 Jan 2018 15:09:34 -0700
> Subject:
>
> Rajesh,
>
> 1) Yes
>
> 2) tcp.smtp
>
> 127.:allow,RELAYCLIENT="",RBLSMTPD="",NOP0FCHECK="1"
> :allow,SPFBEHAVIOR="1",BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="200",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue.orig",NOP0FCHECK="1",SENDER_NOCHECK="1"
>
> Eric
>
>
> On 1/2/2018 11:20 AM, Rajesh M wrote:
>> Eric
>>
>> 2 questions please
>>
>> Question 1)
>>
>> the default qmail install points the symlink for qmailqueue to qmail-dk
>>
>> which i have changed to
>>
>> qmail-queue -> qmail-queue.orig
>>
>> Do keep the same setting which is
>>
>> qmail-queue -> qmail-queue.orig
>>
>>
>> Question 2)
>>
>> Could you please send me the corresponding settings required in the tcp.smtp 
>> file ?
>>
>> thanks,
>> rajesh
>>
>>
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To: qmailtoaster-list@qmailtoaster.com
>> Sent: Tue, 2 Jan 2018 08:51:07 -0700
>> Subject:
>>
>> Hi Rajesh,
>>
>> Thank you! I appreciate your sentiments and hope your New Year brings
>> blessings of health and happiness as well.
>>
>> This is a better link:
>>
>> http://qmailtoaster.org/dkim.html
>>
>> which will show you how to implement per domain.
>>
>> Remember this is only signing messages going out. As of yet there is no
>> dkim checking coming in, I'm looking into that.
>>
>> Eric
>>
>>
>> On 1/2/2018 7:50 AM, Rajesh M wrote:
>>> eric,
>>>
>>> Wish you a wonderful New Year, full of health and happiness.
>>>
>>> I wish to implement  dmarc on my qmailtoaster servers
>>>
>>> i am using centos6 64 bit with the latest versions of qmailtoaster
>>>
>>> SPF is already being used on my server
>>>
>>> Concerning dkim, currently my  qmail-queue is symlinked to qmail-queue.orig 
>>> and not pointing to qmail-dk
>>>
>>> qmail-queue -> qmail-queue.orig
>>>
>>> could you please guide me on the implementation of DMARC
>>>
>>> i am planning to implement this for all the domains in my server.
>>>
>>> I saw this link while searching for a solution.
>>>
>>> https://github.com/qmtoaster/dkim
>>>
>>> Should i follow these steps as per the above link or would you like 
>>> recommend some other document.
>>>
>>> thanks as always,
>>> rajesh
>>>
>>>
>>>
>>>
>>>
>>> -
>>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dmarc implementation

[Rajesh M]

eric

it worked correctly but the dns record generated in the MYDOMAIN.com.txt file 
was not correct ... not sure what i was doing wrong.

i used this

perl -pi -e 's/.key._domainkey//' /var/qmail/control/dkim/otherdomain.com.txt

googled a bit and entered in the following in my zone file

selector = otherdomain.com

_domainkey.otherdomain.com. IN TXT "o=!;r=x...@y.com"

otherdomain.com._domainkey.otherdomain.com. IN TXT "v=DKIM1;k=rsa;p="


Also  will changing the qmail-remote file increase the load on the server, 
especially since qmail-remote is no longer a binary ?  My servers are quite 
busy.




rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 2 Jan 2018 15:09:34 -0700
Subject:

Rajesh,

1) Yes

2) tcp.smtp

127.:allow,RELAYCLIENT="",RBLSMTPD="",NOP0FCHECK="1"
:allow,SPFBEHAVIOR="1",BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="200",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue.orig",NOP0FCHECK="1",SENDER_NOCHECK="1"

Eric


On 1/2/2018 11:20 AM, Rajesh M wrote:
> Eric
>
> 2 questions please
>
> Question 1)
>
> the default qmail install points the symlink for qmailqueue to qmail-dk
>
> which i have changed to
>
> qmail-queue -> qmail-queue.orig
>
> Do keep the same setting which is
>
> qmail-queue -> qmail-queue.orig
>
>
> Question 2)
>
> Could you please send me the corresponding settings required in the tcp.smtp 
> file ?
>
> thanks,
> rajesh
>
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Tue, 2 Jan 2018 08:51:07 -0700
> Subject:
>
> Hi Rajesh,
>
> Thank you! I appreciate your sentiments and hope your New Year brings
> blessings of health and happiness as well.
>
> This is a better link:
>
> http://qmailtoaster.org/dkim.html
>
> which will show you how to implement per domain.
>
> Remember this is only signing messages going out. As of yet there is no
> dkim checking coming in, I'm looking into that.
>
> Eric
>
>
> On 1/2/2018 7:50 AM, Rajesh M wrote:
>> eric,
>>
>> Wish you a wonderful New Year, full of health and happiness.
>>
>> I wish to implement  dmarc on my qmailtoaster servers
>>
>> i am using centos6 64 bit with the latest versions of qmailtoaster
>>
>> SPF is already being used on my server
>>
>> Concerning dkim, currently my  qmail-queue is symlinked to qmail-queue.orig 
>> and not pointing to qmail-dk
>>
>> qmail-queue -> qmail-queue.orig
>>
>> could you please guide me on the implementation of DMARC
>>
>> i am planning to implement this for all the domains in my server.
>>
>> I saw this link while searching for a solution.
>>
>> https://github.com/qmtoaster/dkim
>>
>> Should i follow these steps as per the above link or would you like 
>> recommend some other document.
>>
>> thanks as always,
>> rajesh
>>
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dmarc implementation

[Rajesh M]

eric

thank you.

i will check this out and revert.

regds
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 2 Jan 2018 15:09:34 -0700
Subject:

Rajesh,

1) Yes

2) tcp.smtp

127.:allow,RELAYCLIENT="",RBLSMTPD="",NOP0FCHECK="1"
:allow,SPFBEHAVIOR="1",BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="200",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue.orig",NOP0FCHECK="1",SENDER_NOCHECK="1"

Eric


On 1/2/2018 11:20 AM, Rajesh M wrote:
> Eric
>
> 2 questions please
>
> Question 1)
>
> the default qmail install points the symlink for qmailqueue to qmail-dk
>
> which i have changed to
>
> qmail-queue -> qmail-queue.orig
>
> Do keep the same setting which is
>
> qmail-queue -> qmail-queue.orig
>
>
> Question 2)
>
> Could you please send me the corresponding settings required in the tcp.smtp 
> file ?
>
> thanks,
> rajesh
>
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Tue, 2 Jan 2018 08:51:07 -0700
> Subject:
>
> Hi Rajesh,
>
> Thank you! I appreciate your sentiments and hope your New Year brings
> blessings of health and happiness as well.
>
> This is a better link:
>
> http://qmailtoaster.org/dkim.html
>
> which will show you how to implement per domain.
>
> Remember this is only signing messages going out. As of yet there is no
> dkim checking coming in, I'm looking into that.
>
> Eric
>
>
> On 1/2/2018 7:50 AM, Rajesh M wrote:
>> eric,
>>
>> Wish you a wonderful New Year, full of health and happiness.
>>
>> I wish to implement  dmarc on my qmailtoaster servers
>>
>> i am using centos6 64 bit with the latest versions of qmailtoaster
>>
>> SPF is already being used on my server
>>
>> Concerning dkim, currently my  qmail-queue is symlinked to qmail-queue.orig 
>> and not pointing to qmail-dk
>>
>> qmail-queue -> qmail-queue.orig
>>
>> could you please guide me on the implementation of DMARC
>>
>> i am planning to implement this for all the domains in my server.
>>
>> I saw this link while searching for a solution.
>>
>> https://github.com/qmtoaster/dkim
>>
>> Should i follow these steps as per the above link or would you like 
>> recommend some other document.
>>
>> thanks as always,
>> rajesh
>>
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] dmarc implementation

[Rajesh M]

Dan

thanks for your detailed reply.

i will be testing out the communications in between my multiple mailservers 
before i go into production.

regds
rajesh


- Original Message -
From: Dan McAllister - QMT DNS Admin [mailto:q...@it4soho.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 2 Jan 2018 16:54:39 -0500
Subject:

A couple of things:

1) The QMail DKIM solution works well -- EXCEPT when connecting to other QMail 
DKIM enabled systems, at which point it tends to disallow messages. No one has 
found a fix for this, to the standard is to keep DKIM turned OFF.

2) DMARC is not a security implementation like SPF or DKIM, it is more of a 
reporting and admin tool, the former being the original intent. Your DMARC 
settings tell other servers that they should send reports about failed connects 
to an email address. That way, should you misconfigure your DKIM or SPF 
settings and someone starts blocking your messages, you don't have to wait for 
USERS to complain to know about it!

Thus, DMARC is a purely DNS setting -- there is nothing to do in QMail to 
manage DMARC. If you follow the project lead and leave DKIM turned off, you 
simply indicate as such in your DMARC setting for your domain.

Finally, to my knowledge, only the "Big Guns" have implemented the email-server 
side of DMARC (that is, the side that generates reports and sends them). 
Hotmail/MSN/Outlook.com, Gmail, and Yahoo being the ones I've received reports 
from.

I hope this helps


Dan



-Original Message-
From: Rajesh M [mailto:24x7ser...@24x7server.net]
Sent: Tuesday, January 2, 2018 1:21 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] dmarc implementation

Eric

2 questions please

Question 1)

the default qmail install points the symlink for qmailqueue to qmail-dk

which i have changed to

qmail-queue -> qmail-queue.orig

Do keep the same setting which is

qmail-queue -> qmail-queue.orig


Question 2)

Could you please send me the corresponding settings required in the tcp.smtp 
file ?

thanks,
rajesh



- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 2 Jan 2018 08:51:07 -0700
Subject:

Hi Rajesh,

Thank you! I appreciate your sentiments and hope your New Year brings blessings 
of health and happiness as well.

This is a better link:

http://qmailtoaster.org/dkim.html

which will show you how to implement per domain.

Remember this is only signing messages going out. As of yet there is no dkim 
checking coming in, I'm looking into that.

Eric


On 1/2/2018 7:50 AM, Rajesh M wrote:
> eric,
>
> Wish you a wonderful New Year, full of health and happiness.
>
> I wish to implement  dmarc on my qmailtoaster servers
>
> i am using centos6 64 bit with the latest versions of qmailtoaster
>
> SPF is already being used on my server
>
> Concerning dkim, currently my  qmail-queue is symlinked to
> qmail-queue.orig and not pointing to qmail-dk
>
> qmail-queue -> qmail-queue.orig
>
> could you please guide me on the implementation of DMARC
>
> i am planning to implement this for all the domains in my server.
>
> I saw this link while searching for a solution.
>
> https://github.com/qmtoaster/dkim
>
> Should i follow these steps as per the above link or would you like recommend 
> some other document.
>
> thanks as always,
> rajesh
>
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail:
> qmailtoaster-list-h...@qmailtoaster.com

--
Eric Broch
White Horse Technical Consulting (WHTC)




-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dmarc implementation

[Rajesh M]

Eric

2 questions please

Question 1)

the default qmail install points the symlink for qmailqueue to qmail-dk

which i have changed to

qmail-queue -> qmail-queue.orig

Do keep the same setting which is

qmail-queue -> qmail-queue.orig


Question 2)

Could you please send me the corresponding settings required in the tcp.smtp 
file ?

thanks,
rajesh



- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 2 Jan 2018 08:51:07 -0700
Subject:

Hi Rajesh,

Thank you! I appreciate your sentiments and hope your New Year brings
blessings of health and happiness as well.

This is a better link:

http://qmailtoaster.org/dkim.html

which will show you how to implement per domain.

Remember this is only signing messages going out. As of yet there is no
dkim checking coming in, I'm looking into that.

Eric


On 1/2/2018 7:50 AM, Rajesh M wrote:
> eric,
>
> Wish you a wonderful New Year, full of health and happiness.
>
> I wish to implement  dmarc on my qmailtoaster servers
>
> i am using centos6 64 bit with the latest versions of qmailtoaster
>
> SPF is already being used on my server
>
> Concerning dkim, currently my  qmail-queue is symlinked to qmail-queue.orig 
> and not pointing to qmail-dk
>
> qmail-queue -> qmail-queue.orig
>
> could you please guide me on the implementation of DMARC
>
> i am planning to implement this for all the domains in my server.
>
> I saw this link while searching for a solution.
>
> https://github.com/qmtoaster/dkim
>
> Should i follow these steps as per the above link or would you like recommend 
> some other document.
>
> thanks as always,
> rajesh
>
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dmarc implementation

[Rajesh M]

eric,

Wish you a wonderful New Year, full of health and happiness.

I wish to implement  dmarc on my qmailtoaster servers

i am using centos6 64 bit with the latest versions of qmailtoaster

SPF is already being used on my server

Concerning dkim, currently my  qmail-queue is symlinked to qmail-queue.orig and 
not pointing to qmail-dk

qmail-queue -> qmail-queue.orig

could you please guide me on the implementation of DMARC

i am planning to implement this for all the domains in my server.

I saw this link while searching for a solution.

https://github.com/qmtoaster/dkim

Should i follow these steps as per the above link or would you like recommend 
some other document.

thanks as always,
rajesh



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] simcan on ramdisk

[Rajesh M]

hi all,

has anyone tried putting the

/var/qmail/simscan folder on ramdisk

how do i do it incase of centos 6

i was checking out this page and found that it significantly increases 
performance
https://qmail.jms1.net/simscan/

if anyone has done it could you please share the details of how to do it and 
the performance improvement.

thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] chkusr settings

[Rajesh M]

tonino, eric

thanks for your help

it looks like setting

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

and CHKUSER_START="NONE"

compels authentication but will not check for other aspects like valid mx, 
recpient /sender format etc

tcp.smtp (tcp.smtp.587.cdb in my case) needs to be recompiled and qmail has to 
be restarted.

rajesh

- Original Message -
From: Tonix - Antonio Nati [mailto:to...@interazioni.it]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 19 Sep 2017 11:57:19 +0200
Subject:

Rajesh,

I don't know which version of chkuser is included in qmailtoaster.
Behaviour has changed sometimes. I always tried to configurations
stable, but sometimes evolutions lead to a change.
So, which is the version in qmailtoaster?

About forcing to authenticate, you need the
*CHKUSER_EXTRA_MUSTAUTH_VARIABLE* feature, but it exists from 2.0.9.

Check documentation in
http://opensource.interazioni.it/qmail/chkuser/documentation/chkuser_settings.html.

Regards,

Tonino

Il 19/09/2017 11:39, Rajesh M ha scritto:
> Tonino,
>
> thanks for the detailed information
>
> just wanted a final clarification
>
> i require chkuser for smtp authentication purpose only on port 587 for my 
> customers who need unrestricted email sending with authentication.
>
> I have compiled a separate cdb file called tcp.smtp.587.cdb exclusively for 
> port 587.
>
> in my chkuser_settings.h i have uncommented and recompiled qmailtoaster
>
> #define CHKUSER_STARTING_VARIABLE "CHKUSER_START"
>
> so in my tcp.smtp, if i set
>
> CHKUSER_START="NONE"
>
> it should allow my customers to authenticate and send out emails without any 
> chkuser checks other than smtp authentication, right ?
>
> thanks,
> rajesh
>
>
>
> will that disable all other aspects for
>
>
> - Original Message -
> From: Tonix - Antonio Nati [mailto:to...@interazioni.it]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Tue, 19 Sep 2017 09:23:01 +0200
> Subject:
>
> Eric,
>
> it looks like I told and wrote wrong instructions (and I remembered
> wrong sequences in last reply).
>
> Let's say there is a potential bug in the application, which I'm seeing
> only now, after years. It is not really a code bug. It is that I wrote
> something in the code and something different in documentation.
>
> Logic (in version 2.0.9 of chkuser code) says:
>
>   1. if CHKUSER_ALWAYS_ON is declared, chkuser is always ON:
>  starting_value = 1 (this option is not compatible in compilation
>  with CHKUSER_STARTING_VARIABLE; only one of them may be defined).
>   2. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
>  declared checkuser works on domain base (starting_value = 0)
>   3. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is declared
>  and NOT assigned, checkuser is disabled (starting_value = -1)
>   4. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
>  ALWAYS, checkuser is always ON (starting_value = 1)
>   5. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
>  DOMAIN, checkuser works on domains base (starting_value = 0)
>   6. if CHKUSER_STARTING_VARIABLE is declared and assigned with values
>  different from ALWAYS and DOMAIN, checkuser works on domains bases
>  (starting_value = 0)
>   7. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
>  declared checkuser works on domains base (starting_value = 0)
>
> So, the real default is chekuser working on domains base. Other options
> lead to different behaviours. If you want to disable it, you must
> declare a variable and not assign it (not assign it is different than
> assigning "" or empty value).
>
> For a better code and a better usage, it should be (in red the code I
> added):
>
>  
>
>  +#if defined CHKUSER_STARTING_VARIABLE
>  +starting_string = env_get (CHKUSER_STARTING_VARIABLE);
>  +if (starting_string) {
>  +if (strcasecmp(starting_string, "ALWAYS") == 0) {
>  +starting_value = 1;
>  +} else if (strcasecmp(starting_string, "DOMAIN") ==
>  0) {
>  +starting_value = 0;
>  +} else if (strcasecmp(starting_string, "NONE") == 0) {
>  +starting_value = -1;
>  +}
>  +} else {
>  +starting_string = "";
>  +starting_value = -1;
>  +}
>  +#endif
>
>  
>
> In such a case value "NONE" and absence of variable assign would disable
> chkuser. ALWAYS would enab

Re: [qmailtoaster] chkusr settings

[Rajesh M]

>
>>> I apologize for the responses that have not been helpful. After
>>> looking at the settings (below) from here
>>> <http://opensource.interazioni.it/qmail/chkuser/documentation/chkuser_settings.html>
>>> and going through the code, I'm convinced that the "NONE" option
>>> will not be helpful or do what you expect or what the documentation
>>> even states (Tonix, please review):
>>>
>>> 
>>>
>>> CHKUSER_STARTING_VARIABLE 2.0.5 commented "CHKUSER_START"
>>> Sets the variable that must be read, at qmail-smtpd start, in order
>>> to understand how to use chkuser for any domain. The variable must
>>> be filled with the following values:
>>>
>>> NONE = chkuser will not work
>>> ALWAYS = chkuser will work always
>>> DOMAIN = chkuser will work depending on single domain settings
>>>
>>> Any other value, or a missing value, will disable chkuser.
>>> Incompatible with CHKUSER_ALWAYS_ON since 2.0.9
>>>
>>> 
>>>
>>> Since you've already defined 'CHKUSER_STARTING_VARIABLE' at compile
>>> time in chkuser_settings.h, I think simply leaving the variable
>>> CHKUSER_START (null) out of both the run file and the tcp.smtp file
>>> you will get what you've been expecting (stop and start qmail of
>>> course). The settings section indicates this as well:
>>> "Any other value, or a missing value, will disable chkuser."
>>> In fact, in my study of the code, I don't think the NONE option does
>>> anything. If Tonix is looking at this thread maybe he could help
>>> *fingers crossed*.
>>>
>>> Please let me know how it goes.
>>>
>>> Eric
>>>
>>> On 9/18/2017 12:33 PM, Eric Broch wrote:
>>>>
>>>> Rajesh,
>>>>
>>>> Can you set this in /var/qmail/supervise/smtp/run
>>>>
>>>> CHKUSER_START="NONE"
>>>> export CHKUSER_START
>>>>
>>>> exec
>>>> /usr/bin/softlimit
>>>>
>>>>
>>>>
>>>> On 9/18/2017 12:10 PM, Eric Broch wrote:
>>>>>
>>>>> Sorry, my mistake, Rajesh,
>>>>>
>>>>> #define CHKUSER_STARTING_VARIABLE "CHKUSER_START"
>>>>>
>>>>> sets CHKUSER_STARTING_VARIABLE to CHKUSER_START
>>>>>
>>>>>
>>>>> On 9/18/2017 11:53 AM, Eric Broch wrote:
>>>>>>
>>>>>> Rajesh,
>>>>>>
>>>>>> In the code there is no check for 'CHKUSER_START' but there is
>>>>>> for 'CHKUSER_STARTING_VARIABLE'. So, in tcp.smtp use
>>>>>> 'CHKUSER_STARTING_VARIABLE' like so:
>>>>>>
>>>>>> CHKUSER_STARTING_VARIABLE="NONE"
>>>>>>
>>>>>> then stop and start qmail.
>>>>>>
>>>>>> Here's the code and the environment variable chkuser checks:
>>>>>>
>>>>>> 
>>>>>>
>>>>>> starting_string = env_get (CHKUSER_STARTING_VARIABLE);
>>>>>> if (starting_string) {
>>>>>> if (strcasecmp(starting_string, "ALWAYS") == 0) {
>>>>>> starting_value = 1;
>>>>>> } else if (strcasecmp(starting_string, "DOMAIN")
>>>>>> == 0) {
>>>>>> starting_value = 0;
>>>>>> }
>>>>>> } else {
>>>>>> starting_string = "";
>>>>>> starting_value = -1;
>>>>>> }
>>>>>>
>>>>>> 
>>>>>>
>>>>>> Eric
>>>>>>
>>>>>> On 9/18/2017 11:38 AM, Eric Broch wrote:
>>>>>>> Sorry to ask this, but did you restart qmail after the change?
>>>>>>>
>>>>>>> On 9/18/2017 8:52 AM, Rajesh M wrote:
>>>>>>>> hi eric
>>>>>>>>
>>>>>>>> i wished to disable chkusr mx check, format check etc .. and turn off 
>>>>>>>> chkuser using CHKUSER_START="NONE"
>>>>>>>>
>>>>>>>> the defaul

[qmailtoaster] chkusr settings

[Rajesh M]

hi eric

i wished to disable chkusr mx check, format check etc .. and turn off chkuser 
using CHKUSER_START="NONE"

the default installation of qmail always keeps chkuser on with no control
so i rebuild chkuser from source

CHANGES FOR CHK USER
EXTRA SOURCE FROM RPM
rpm -Uvh qmail-1.03-1.qt.src.rpm
nano /root/rpmbuild/SPECS/qmail.spec
put a sleep in this for 120 seconds

open 2nd window of ssh
service qmail stop

in first window run
rpmbuild -bb --define "dist .qt.el6" qmail.spec
the process will now for halt for 180 seconds which gives us time to modify 
chkuser_settings.h settings

in second window go to
cd /root/rpmbuild/BUILD/qmail-1.03
nano chkuser_settings.h

UNCOMMENT THIS
#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

comment out the following
/* #define CHKUSER_RCPT_MX */
/* #define CHKUSER_ENABLE_USERS_EXTENSIONS */
/* #define CHKUSER_USERS_DASH '-' */


now the problem is that even if I set CHKUSER_START="NONE" i get errors

here is my tcp.smtp file for submission port (i use separate tcp.smtp files for 
25 and 587)

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_START="NONE"

i still get errors as such

2017-09-18 11:48:08.810159500 CHKUSER rejected rcpt: from 
<a.muruga...@mycustomer.com:a.muruga...@mycustomer.com:> remote 
 rcpt <slncubm...@domain1.com> : max number of 
recipients
2017-09-18 11:48:09.894092500 CHKUSER rejected intrusion: from 
<a.muruga...@mycustomer.com:a.muruga...@mycustomer.com:> remote 
 rcpt <sreecharanbank@domain2> : rcpt ignored, 
session over intrusion threshold
2017-09-18 11:48:11.226284500 CHKUSER rejected intrusion: from 
<a.muruga...@mycustomer.com:a.muruga...@mycustomer.com:> remote 
 rcpt <sreekumarga...@gmail.com> : rcpt 
ignored, session over intrusion threshold

help required please

rajesh



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] simcontrol logic

[Rajesh M]

hi

these are my entries in the simcontrol file

mycustomerdomain.com:clam=yes,spam=no
mydomain.com:clam=yes,spam=yes,spam_hits=20,spam_passthru=yes
:clam=yes,spam=yes,spam_hits=8,spam_passthru=yes,attach=.ace:.arc:.arj:.b64:.bat:.bhx:.cab

my requirement is that mydomain.com should have a spam_hits=20  and  
mycustomerdomain.com should not be scanned by spamassassin at all

however noted that mycustomerdomain.com is always scanned by spamassassin.

the only way to prevent mycustomerdomain.com from being scanned is to remove 
the entry mydomain.com

help required please

thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] chkusr and spamdyke

[Rajesh M]

thanks eric

rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thu, 14 Sep 2017 00:04:55 -0600
Subject:

It looks like you'll need to download the spamdyke source and compile it
as follows:

1) ./configure --with-vpopmail-support VALIAS_PATH=/path/to/valias
VUSERINFO_PATH=/path/to/vuserinfo

2) make

3) make install

4) vi /etc/spamdyke/spamdyke.conf (Add)
recipient-validation-command=/path/to/spamdyke-qrv

I'd ask on the spamdyke mailing list to make sure.

Also, qmail needs to be recompiled to disable chkuser.


On 9/13/2017 9:59 PM, Rajesh M wrote:
> Hi
>
> noted that spamdyke is checking port 25 for the number of emails in one 
> session, mx dns, etc
>
> lot of duplicate functions between spamdyke and chkusr
>
> is there any reason to continue keeping chkusr ?
>
> can spamdyke also handle cases when emails from outside are sent to 
> non-exiting recipients ?
>
> thanks
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] chkusr and spamdyke

[Rajesh M]

Hi

noted that spamdyke is checking port 25 for the number of emails in one 
session, mx dns, etc

lot of duplicate functions between spamdyke and chkusr

is there any reason to continue keeping chkusr ?

can spamdyke also handle cases when emails from outside are sent to non-exiting 
recipients ?

thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] update error : dovecot-2.2.29.1-15.qt.src.rpm

[Rajesh M]

eric

only openssl openssl-devel shows up for updates

i carried out updates on my test server and there were no issues

will try on my production during the weekend and revert.

thanks
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 6 Sep 2017 10:10:45 -0600
Subject:

Rajesh,

I can't be sure whether it would break anything, or not; although, I've
only had an update cause issues only once that I remember. At that time
all I had to do was restart mariadb server.

You could do a 'yum update openssl openssl-devel' and find out what
packages would be updated. If it were only the two and issues did occur
you could always downgrade easily.

Eric


On 9/6/2017 9:28 AM, Rajesh M wrote:
> any chance this may break anything ?
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Wed, 6 Sep 2017 08:26:39 -0600
> Subject:
>
> Looks like you have an older version of openssl and openssl-devel on the
>
> servers that didn't work.
>
> 1.0.1e-16.el6_5.15 (failed)
>
> 1.0.1e-48.el6_8.4 (worked)
>
> can you upgrade?
>
>
> On 9/6/2017 8:16 AM, Rajesh M wrote:
>> eric,
>>
>>
>> 152 -- did not work
>> crypto-utils 2.4.1-24.2.el6
>> mod_ssl 2.2.15-31.el6.centos
>> nss_compat_ossl 0.9.6-1.el6
>> openssl 1.0.1e-16.el6_5.15
>> openssl-devel 1.0.1e-16.el6_5.15
>> perl-Crypt-OpenSSL-Bignum 0.04-8.1.el6
>> perl-Crypt-OpenSSL-Random 0.04-9.1.el6
>> perl-Crypt-OpenSSL-RSA 0.25-10.1.el6
>> perl-IO-Socket-SSL 1.31-2.el6
>> perl-Net-SSLeay 1.35-9.el6
>>
>> 154 - did not work
>> crypto-utils 2.4.1-24.2.el6
>> mod_ssl 2.2.15-31.el6.centos
>> openssl 1.0.1e-16.el6_5.15
>> openssl-devel 1.0.1e-16.el6_5.15
>> perl-Crypt-OpenSSL-Bignum 0.04-8.1.el6
>> perl-Crypt-OpenSSL-Random 0.04-9.1.el6
>> perl-Crypt-OpenSSL-RSA 0.25-10.1.el6
>> perl-IO-Socket-SSL 1.31-2.el6
>> perl-Net-SSLeay 1.35-9.el6
>>
>> 137 -- worked
>> mod_ssl 2.2.15-54.el6.centos
>> nss_compat_ossl 0.9.6-2.el6_7
>> openssl 1.0.1e-48.el6_8.4
>> openssl-devel 1.0.1e-48.el6_8.4
>> perl-Crypt-OpenSSL-Bignum 0.04-8.1.el6
>> perl-Crypt-OpenSSL-Random 0.04-9.1.el6
>> perl-Crypt-OpenSSL-RSA 0.25-10.1.el6
>> perl-Crypt-SSLeay 0.57-17.el6
>> perl-IO-Socket-SSL 1.31-2.el6
>> perl-Net-SSLeay 1.35-9.el6
>> pyOpenSSL 0.13.1-2.el6
>>
>> 153 - worked
>> crypto-utils 2.4.1-24.2.el6
>> mod_ssl 2.2.15-31.el6.centos
>> nss_compat_ossl 0.9.6-1.el6
>> openssl 1.0.1e-48.el6_8.3
>> openssl-devel 1.0.1e-48.el6_8.3
>> perl-Crypt-OpenSSL-Bignum 0.04-8.1.el6
>> perl-Crypt-OpenSSL-Random 0.04-9.1.el6
>> perl-Crypt-OpenSSL-RSA 0.25-10.1.el6
>> perl-Crypt-SSLeay 0.57-16.el6
>> perl-IO-Socket-SSL 1.31-2.el6
>> perl-Net-SSLeay 1.35-9.el6
>> pyOpenSSL 0.10-2.el6
>>
>>
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To: 24x7ser...@24x7server.net
>> Sent: Wed, 6 Sep 2017 06:52:45 -0600
>> Subject:
>>
>> Are those the exact modules on all the servers, the ones that worked and
>> the ones that didn't?
>>
>>
>> On 9/6/2017 1:00 AM, Rajesh M wrote:
>>> eric
>>>
>>> these are the ssl related packages i have on my server which fails to 
>>> compile
>>>
>>> crypto-utils 2.4.1-24.2.el6
>>> mod_ssl 2.2.15-31.el6.centos
>>> nss_compat_ossl 0.9.6-1.el6
>>> openssl 1.0.1e-16.el6_5.15
>>> openssl-devel 1.0.1e-16.el6_5.15
>>> perl-Crypt-OpenSSL-Bignum 0.04-8.1.el6
>>> perl-Crypt-OpenSSL-Random 0.04-9.1.el6
>>> perl-Crypt-OpenSSL-RSA 0.25-10.1.el6
>>> perl-IO-Socket-SSL 1.31-2.el6
>>> perl-Net-SSLeay 1.35-9.el6
>>>
>>> thanks
>>> rajesh
>>>
>>> - Original Message -
>>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>>> To: 24x7ser...@24x7server.net
>>> Sent: Tue, 5 Sep 2017 21:53:35 -0600
>>> Subject:
>>>
>>> What other ssl packages do you have. These are on mine.
>>>
>>> python-backports-ssl_match_hostname-3.4.0.2-5.el6.noarch
>>> mod_ssl-2.2.15-60.el6.centos.4.x86_64
>>> openssl-devel-1.0.1e-57.el6.x86_64
>>> openssl-1.0.1e-57.el6.x86_64
>>>
>>>
>>> On 9/5/2017 7:12 PM, Rajesh M wrote:
>>>> on all my servers
>>>>
>>>> OpenSSL 1.0.1e-fips 11 Feb 2013
>>>>
>>>> it compiled

Re: [qmailtoaster] update error : dovecot-2.2.29.1-15.qt.src.rpm

[Rajesh M]

any chance this may break anything ?

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 6 Sep 2017 08:26:39 -0600
Subject:

Looks like you have an older version of openssl and openssl-devel on the

servers that didn't work.

1.0.1e-16.el6_5.15 (failed)

1.0.1e-48.el6_8.4 (worked)

can you upgrade?


On 9/6/2017 8:16 AM, Rajesh M wrote:
> eric,
>
>
> 152 -- did not work
> crypto-utils 2.4.1-24.2.el6
> mod_ssl 2.2.15-31.el6.centos
> nss_compat_ossl 0.9.6-1.el6
> openssl 1.0.1e-16.el6_5.15
> openssl-devel 1.0.1e-16.el6_5.15
> perl-Crypt-OpenSSL-Bignum 0.04-8.1.el6
> perl-Crypt-OpenSSL-Random 0.04-9.1.el6
> perl-Crypt-OpenSSL-RSA 0.25-10.1.el6
> perl-IO-Socket-SSL 1.31-2.el6
> perl-Net-SSLeay 1.35-9.el6
>
> 154 - did not work
> crypto-utils 2.4.1-24.2.el6
> mod_ssl 2.2.15-31.el6.centos
> openssl 1.0.1e-16.el6_5.15
> openssl-devel 1.0.1e-16.el6_5.15
> perl-Crypt-OpenSSL-Bignum 0.04-8.1.el6
> perl-Crypt-OpenSSL-Random 0.04-9.1.el6
> perl-Crypt-OpenSSL-RSA 0.25-10.1.el6
> perl-IO-Socket-SSL 1.31-2.el6
> perl-Net-SSLeay 1.35-9.el6
>
> 137 -- worked
> mod_ssl 2.2.15-54.el6.centos
> nss_compat_ossl 0.9.6-2.el6_7
> openssl 1.0.1e-48.el6_8.4
> openssl-devel 1.0.1e-48.el6_8.4
> perl-Crypt-OpenSSL-Bignum 0.04-8.1.el6
> perl-Crypt-OpenSSL-Random 0.04-9.1.el6
> perl-Crypt-OpenSSL-RSA 0.25-10.1.el6
> perl-Crypt-SSLeay 0.57-17.el6
> perl-IO-Socket-SSL 1.31-2.el6
> perl-Net-SSLeay 1.35-9.el6
> pyOpenSSL 0.13.1-2.el6
>
> 153 - worked
> crypto-utils 2.4.1-24.2.el6
> mod_ssl 2.2.15-31.el6.centos
> nss_compat_ossl 0.9.6-1.el6
> openssl 1.0.1e-48.el6_8.3
> openssl-devel 1.0.1e-48.el6_8.3
> perl-Crypt-OpenSSL-Bignum 0.04-8.1.el6
> perl-Crypt-OpenSSL-Random 0.04-9.1.el6
> perl-Crypt-OpenSSL-RSA 0.25-10.1.el6
> perl-Crypt-SSLeay 0.57-16.el6
> perl-IO-Socket-SSL 1.31-2.el6
> perl-Net-SSLeay 1.35-9.el6
> pyOpenSSL 0.10-2.el6
>
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: 24x7ser...@24x7server.net
> Sent: Wed, 6 Sep 2017 06:52:45 -0600
> Subject:
>
> Are those the exact modules on all the servers, the ones that worked and
> the ones that didn't?
>
>
> On 9/6/2017 1:00 AM, Rajesh M wrote:
>> eric
>>
>> these are the ssl related packages i have on my server which fails to compile
>>
>> crypto-utils 2.4.1-24.2.el6
>> mod_ssl 2.2.15-31.el6.centos
>> nss_compat_ossl 0.9.6-1.el6
>> openssl 1.0.1e-16.el6_5.15
>> openssl-devel 1.0.1e-16.el6_5.15
>> perl-Crypt-OpenSSL-Bignum 0.04-8.1.el6
>> perl-Crypt-OpenSSL-Random 0.04-9.1.el6
>> perl-Crypt-OpenSSL-RSA 0.25-10.1.el6
>> perl-IO-Socket-SSL 1.31-2.el6
>> perl-Net-SSLeay 1.35-9.el6
>>
>> thanks
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To: 24x7ser...@24x7server.net
>> Sent: Tue, 5 Sep 2017 21:53:35 -0600
>> Subject:
>>
>> What other ssl packages do you have. These are on mine.
>>
>> python-backports-ssl_match_hostname-3.4.0.2-5.el6.noarch
>> mod_ssl-2.2.15-60.el6.centos.4.x86_64
>> openssl-devel-1.0.1e-57.el6.x86_64
>> openssl-1.0.1e-57.el6.x86_64
>>
>>
>> On 9/5/2017 7:12 PM, Rajesh M wrote:
>>> on all my servers
>>>
>>> OpenSSL 1.0.1e-fips 11 Feb 2013
>>>
>>> it compiled in two servers and it threw the same errors in two server.
>>>
>>> rajesh
>>>
>>>
>>>
>>>
>>> - Original Message -
>>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>>> To: 24x7ser...@24x7server.net
>>> Sent: Tue, 5 Sep 2017 15:05:45 -0600
>>> Subject:
>>>
>>> What version of opennssl do you have and what ssl packages do you have?
>>>
>>>
>>> On 9/5/2017 10:13 AM, Rajesh M wrote:
>>>> eric
>>>>
>>>> i am trying to update dovecot to version from
>>>> CentOS6/qmt/srpms/updates/dovecot-2.2.29.1-15.qt.src.rpm
>>>>
>>>> rpmbuild --rebuild --define "dist .qt.el6"  dovecot-2.2.29.1-15.qt.src.rpm
>>>>
>>>>
>>>> but getting error as follows on one server only
>>>>
>>>> make[3]: Leaving directory 
>>>> `/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/quota'
>>>> Making check in quota-clone
>>>> make[3]: Entering directory 
>>>> `/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/quota-clone'
>>>> make[3]: Nothing to be done for `check'.
>>

RE: [qmailtoaster] update error : dovecot-2.2.29.1-15.qt.src.rpm

[Rajesh M]

now two of my servers show the same errors

centos 6, 64 bit

rajesh

- Original Message -
From: Rajesh M [mailto:24x7ser...@24x7server.net]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 5 Sep 2017 21:43:26 +0530
Subject:

eric

i am trying to update dovecot to version from
CentOS6/qmt/srpms/updates/dovecot-2.2.29.1-15.qt.src.rpm

rpmbuild --rebuild --define "dist .qt.el6"  dovecot-2.2.29.1-15.qt.src.rpm


but getting error as follows on one server only

make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/quota'
Making check in quota-clone
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/quota-clone'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/quota-clone'
Making check in imap-quota
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/imap-quota'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/imap-quota'
Making check in pop3-migration
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/pop3-migration'
for bin in test-pop3-migration-plugin; do \
  if !  ./$bin; then exit 1; fi; \
done
pop3 migration get hdr sha1 .. : ok
0 / 1 tests failed
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/pop3-migration'
Making check in replication
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/replication'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/replication'
Making check in snarf
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/snarf'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/snarf'
Making check in stats
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/stats'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/stats'
Making check in imap-stats
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/imap-stats'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/imap-stats'
Making check in mail-crypt
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/mail-crypt'
for bin in test-mail-global-key test-mail-key; do \
  if ! env NOUNDEF=1  ./$bin; then exit 1; fi; \
done
try_load_keys  : ok
test_empty_keyset  : ok
0 / 2 tests failed
generate user key  : ok
generate inbox key ... : ok
cache reset .. : ok
verify keys .. : ok
test-mail-key.c:429: Assert failed: mail_crypt_get_private_key(t, 
mcp_old_box_key_id, FALSE, FALSE, , ) > 0
test: random seed #2 was 2074645272
test-mail-key(root): Error: 
mail_crypt_get_private_key(7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f)
 failed: Cannot decrypt key 
7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f: 
error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group
test-mail-key.c:438: Assert failed: privkey != NULL
old keys . : FAILED
1 / 5 tests failed
make[3]: *** [check-test] Error 1
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/mail-crypt'
make[2]: *** [check-recursive] Error 1
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins'
make[1]: *** [check-recursive] Error 1
make[1]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.29.1/src'
make: *** [check-recursive] Error 1
error: Bad exit status from /var/tmp/rpm-tmp.LDWEGt (%check)


RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.LDWEGt (%check)


thanks
rajesh



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] update error : dovecot-2.2.29.1-15.qt.src.rpm

[Rajesh M]

eric

i am trying to update dovecot to version from
CentOS6/qmt/srpms/updates/dovecot-2.2.29.1-15.qt.src.rpm

rpmbuild --rebuild --define "dist .qt.el6"  dovecot-2.2.29.1-15.qt.src.rpm


but getting error as follows on one server only

make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/quota'
Making check in quota-clone
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/quota-clone'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/quota-clone'
Making check in imap-quota
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/imap-quota'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/imap-quota'
Making check in pop3-migration
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/pop3-migration'
for bin in test-pop3-migration-plugin; do \
  if !  ./$bin; then exit 1; fi; \
done
pop3 migration get hdr sha1 .. : ok
0 / 1 tests failed
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/pop3-migration'
Making check in replication
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/replication'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/replication'
Making check in snarf
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/snarf'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/snarf'
Making check in stats
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/stats'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/stats'
Making check in imap-stats
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/imap-stats'
make[3]: Nothing to be done for `check'.
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/imap-stats'
Making check in mail-crypt
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/mail-crypt'
for bin in test-mail-global-key test-mail-key; do \
  if ! env NOUNDEF=1  ./$bin; then exit 1; fi; \
done
try_load_keys  : ok
test_empty_keyset  : ok
0 / 2 tests failed
generate user key  : ok
generate inbox key ... : ok
cache reset .. : ok
verify keys .. : ok
test-mail-key.c:429: Assert failed: mail_crypt_get_private_key(t, 
mcp_old_box_key_id, FALSE, FALSE, , ) > 0
test: random seed #2 was 2074645272
test-mail-key(root): Error: 
mail_crypt_get_private_key(7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f)
 failed: Cannot decrypt key 
7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f: 
error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group
test-mail-key.c:438: Assert failed: privkey != NULL
old keys . : FAILED
1 / 5 tests failed
make[3]: *** [check-test] Error 1
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins/mail-crypt'
make[2]: *** [check-recursive] Error 1
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.29.1/src/plugins'
make[1]: *** [check-recursive] Error 1
make[1]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.29.1/src'
make: *** [check-recursive] Error 1
error: Bad exit status from /var/tmp/rpm-tmp.LDWEGt (%check)


RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.LDWEGt (%check)


thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: Fwd: Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

i did not yet simulate it using your script

these are errors in my live production server during peak hours today and there 
were mails with and without attachments.

the max processes i got was 47 only.

rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Mon, 4 Sep 2017 11:19:35 -0600
Subject:

Did you hit it with email containing attachments as well?


On 9/4/2017 10:58 AM, Rajesh M wrote:
> eric
>
> the max i saw was 47 connections using the shell script you gave me.
>
> there were a few errors related to qq soft reject but they got delivered.
>
> rajesh
>
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Sat, 2 Sep 2017 12:35:14 -0600
> Subject:
>
> Rajesh,
>
> I'm still not sure the process limit is being reached.
>
> I'm testing a COS6/QMT server now and haven't been able to bring about
> 'qq soft reject' or failure of any sort. I'm hitting it with email using
> a delivery script from two servers with attachment size of 320KB.
>
> try the script below (psmem) to monitor:
>
> 
>
> #!/bin/bash
> ps -C $1 -O rss | gawk '{ count ++; sum += $2 }; END {count --; print
> "Number of processes =",count; print "Memory usage per process
> =",sum/1024/count, "MB"; print "Total memory usage =", sum/1024, "MB" ;};'
>
> 
>
> # chmod 755 psmem
>
> # watch -n 1 ./psmem simscan
>
>
> Not sure I should change anything until we figure out what's going on.
>
> Eric
>
>
>
> On 9/2/2017 12:03 PM, Rajesh M wrote:
>> eric
>>
>> i could not get the bash script working with either of the two options. 
>> still gives error
>>line 23: `return-limits': not a valid identifier.
>>
>>
>>
>> can the limits issue in simscan be fixed ?
>>
>> thanks,
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To:qmailtoaster-list@qmailtoaster.com
>> Sent: Fri, 1 Sep 2017 23:46:15 -0600
>> Subject:
>>
>> Rajesh,
>>
>> It has something to do with #!/bin/bash or #!/bin/sh.
>>
>> At top of script, when I use #!/bin/sh I get the same error you do, but
>> when I use #!/bin/bash script works fine.
>>
>>
>> Eric
>>
>>
>> On 9/1/2017 11:07 PM, Rajesh M wrote:
>>> eric
>>>
>>> 1) is their any resolution for this issue ?
>>>
>>> 2) if i run the script it throws error as such
>>> .
>>> /limits.sh: line 23: `return-limits': not a valid identifier
>>>
>>> #!/bin/bash
>>> if [ "$#" -ne "1" ]; then
>>>   echo ""
>>>   echo -e "\033[01;32mLimit checker\033[00m"
>>>   echo -e "\033[01;37mUsage:\033[01;33m $0 process_name\033[00m"
>>>   echo ""
>>>   exit 0
>>> fi
>>>
>>> return-limits(){
>>>   for process in $@; do
>>>  process_pids=`ps -C $process -o pid --no-headers | cut -d " " -f 2`
>>>
>>>  if [ -z $@ ]; then
>>> echo "[no $process running]"
>>>  else
>>> for pid in $process_pids; do
>>>echo "[$process #$pid -- limits]"
>>>cat /proc/$pid/limits
>>>  done
>>>  fi
>>>   done
>>> }
>>> return-limits $1
>>>
>>> rajesh
>>>
>>>
>>>
>>> - Original Message -
>>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>>> To:qmailtoaster-list@qmailtoaster.com
>>> Sent: Fri, 1 Sep 2017 17:28:40 -0600
>>> Subject:
>>>
>>> I sent myself a large file so that I could examine simscan with the
>>> below script (limits.sh). Here's the output:
>>>
>>> [root@pet105 simscan-1.4.0]# ./limits simscan
>>> [simscan #31535 -- limits]
>>> Limit   
>>>    
>>>    
>>>    
>>>    
>>>    
>>>    Soft LimitÂÃ

Re: Fwd: Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

i got 3 types of errors like earlier.

failure to fork, ripmime
and  /var/qmail/simscan/1simscan: check_spam had an error ret: -1

what exactly would be  /var/qmail/simscan/1simscan ... there is no such file

do want me to send you a few of my log files directly to your email id ?

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Mon, 4 Sep 2017 11:19:04 -0600
Subject:

What kind of qq soft reject errors were there? Failure to fork or ripmime?


On 9/4/2017 10:58 AM, Rajesh M wrote:
> eric
>
> the max i saw was 47 connections using the shell script you gave me.
>
> there were a few errors related to qq soft reject but they got delivered.
>
> rajesh
>
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Sat, 2 Sep 2017 12:35:14 -0600
> Subject:
>
> Rajesh,
>
> I'm still not sure the process limit is being reached.
>
> I'm testing a COS6/QMT server now and haven't been able to bring about
> 'qq soft reject' or failure of any sort. I'm hitting it with email using
> a delivery script from two servers with attachment size of 320KB.
>
> try the script below (psmem) to monitor:
>
> 
>
> #!/bin/bash
> ps -C $1 -O rss | gawk '{ count ++; sum += $2 }; END {count --; print
> "Number of processes =",count; print "Memory usage per process
> =",sum/1024/count, "MB"; print "Total memory usage =", sum/1024, "MB" ;};'
>
> 
>
> # chmod 755 psmem
>
> # watch -n 1 ./psmem simscan
>
>
> Not sure I should change anything until we figure out what's going on.
>
> Eric
>
>
>
> On 9/2/2017 12:03 PM, Rajesh M wrote:
>> eric
>>
>> i could not get the bash script working with either of the two options. 
>> still gives error
>>line 23: `return-limits': not a valid identifier.
>>
>>
>>
>> can the limits issue in simscan be fixed ?
>>
>> thanks,
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To:qmailtoaster-list@qmailtoaster.com
>> Sent: Fri, 1 Sep 2017 23:46:15 -0600
>> Subject:
>>
>> Rajesh,
>>
>> It has something to do with #!/bin/bash or #!/bin/sh.
>>
>> At top of script, when I use #!/bin/sh I get the same error you do, but
>> when I use #!/bin/bash script works fine.
>>
>>
>> Eric
>>
>>
>> On 9/1/2017 11:07 PM, Rajesh M wrote:
>>> eric
>>>
>>> 1) is their any resolution for this issue ?
>>>
>>> 2) if i run the script it throws error as such
>>> .
>>> /limits.sh: line 23: `return-limits': not a valid identifier
>>>
>>> #!/bin/bash
>>> if [ "$#" -ne "1" ]; then
>>>   echo ""
>>>   echo -e "\033[01;32mLimit checker\033[00m"
>>>   echo -e "\033[01;37mUsage:\033[01;33m $0 process_name\033[00m"
>>>   echo ""
>>>   exit 0
>>> fi
>>>
>>> return-limits(){
>>>   for process in $@; do
>>>  process_pids=`ps -C $process -o pid --no-headers | cut -d " " -f 2`
>>>
>>>  if [ -z $@ ]; then
>>> echo "[no $process running]"
>>>  else
>>> for pid in $process_pids; do
>>>echo "[$process #$pid -- limits]"
>>>cat /proc/$pid/limits
>>>  done
>>>  fi
>>>   done
>>> }
>>> return-limits $1
>>>
>>> rajesh
>>>
>>>
>>>
>>> - Original Message -
>>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>>> To:qmailtoaster-list@qmailtoaster.com
>>> Sent: Fri, 1 Sep 2017 17:28:40 -0600
>>> Subject:
>>>
>>> I sent myself a large file so that I could examine simscan with the
>>> below script (limits.sh). Here's the output:
>>>
>>> [root@pet105 simscan-1.4.0]# ./limits simscan
>>> [simscan #31535 -- limits]
>>> Limit   
>>>    
>>>    
>>>    
>>>    
>>>   Ãââ

RE: Fwd: Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

the max i saw was 47 connections using the shell script you gave me.

there were a few errors related to qq soft reject but they got delivered.

rajesh



- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sat, 2 Sep 2017 12:35:14 -0600
Subject:

Rajesh,

I'm still not sure the process limit is being reached.

I'm testing a COS6/QMT server now and haven't been able to bring about
'qq soft reject' or failure of any sort. I'm hitting it with email using
a delivery script from two servers with attachment size of 320KB.

try the script below (psmem) to monitor:



#!/bin/bash
ps -C $1 -O rss | gawk '{ count ++; sum += $2 }; END {count --; print
"Number of processes =",count; print "Memory usage per process
=",sum/1024/count, "MB"; print "Total memory usage =", sum/1024, "MB" ;};'



# chmod 755 psmem

# watch -n 1 ./psmem simscan


Not sure I should change anything until we figure out what's going on.

Eric



On 9/2/2017 12:03 PM, Rajesh M wrote:
> eric
>
> i could not get the bash script working with either of the two options. still 
> gives error
>   line 23: `return-limits': not a valid identifier.
>
>
>
> can the limits issue in simscan be fixed ?
>
> thanks,
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To:qmailtoaster-list@qmailtoaster.com
> Sent: Fri, 1 Sep 2017 23:46:15 -0600
> Subject:
>
> Rajesh,
>
> It has something to do with #!/bin/bash or #!/bin/sh.
>
> At top of script, when I use #!/bin/sh I get the same error you do, but
> when I use #!/bin/bash script works fine.
>
>
> Eric
>
>
> On 9/1/2017 11:07 PM, Rajesh M wrote:
>> eric
>>
>> 1) is their any resolution for this issue ?
>>
>> 2) if i run the script it throws error as such
>> .
>> /limits.sh: line 23: `return-limits': not a valid identifier
>>
>> #!/bin/bash
>> if [ "$#" -ne "1" ]; then
>>  echo ""
>>  echo -e "\033[01;32mLimit checker\033[00m"
>>  echo -e "\033[01;37mUsage:\033[01;33m $0 process_name\033[00m"
>>  echo ""
>>  exit 0
>> fi
>>
>> return-limits(){
>>  for process in $@; do
>> process_pids=`ps -C $process -o pid --no-headers | cut -d " " -f 2`
>>
>> if [ -z $@ ]; then
>>echo "[no $process running]"
>> else
>>for pid in $process_pids; do
>>   echo "[$process #$pid -- limits]"
>>   cat /proc/$pid/limits
>> done
>> fi
>>  done
>> }
>> return-limits $1
>>
>> rajesh
>>
>>
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To:qmailtoaster-list@qmailtoaster.com
>> Sent: Fri, 1 Sep 2017 17:28:40 -0600
>> Subject:
>>
>> I sent myself a large file so that I could examine simscan with the
>> below script (limits.sh). Here's the output:
>>
>> [root@pet105 simscan-1.4.0]# ./limits simscan
>> [simscan #31535 -- limits]
>> Limit        
>>         
>>      Soft Limit   
>>         Hard 
>> Limit        
>>    Units
>> Max cpu time       
>>        unlimited 
>> unlimited       
>>      seconds
>> Max file size       
>>       unlimited unlimited 
>>         
>>    bytes
>> Max data size       
>>       unlimited unlimited 
>>         
>>    bytes
>> Max stack size 10485760 unlimited    
>>         bytes
>> Max core file size     ÂÂÂ

Re: [qmailtoaster] using dovecot seive

[Rajesh M]

remo

everything is working fine, thanks

there was no error only some fine tuning

since the mail_location was not specified dovecot was searching for various 
types of locations in a sequence
https://wiki.dovecot.org/MailLocation

once we specified the same then dovecot directly looked into the Maildir only

rajesh


- Original Message -
From: Remo Mattei [mailto:r...@mattei.org]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 3 Sep 2017 20:26:04 -0700
Subject:

I thought you had it working. What’s happening now ?

Inviato da iPhone

Il giorno 03 set 2017, alle ore 19:46, Eric Broch <ebr...@whitehorsetc.com> ha 
scritto:

Rajesh,

I don't touch anything in conf.d. All my settings are in 
/etc/dovecot/toaster.conf and /etc/dovecot/local.conf. Anything in these files 
overrides anything in /etc/dovecot/conf.d.

I put mail_location in the local.conf file.

# 2.2.29.1 (e0b76e3): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d)
# OS: Linux 2.6.32-642.13.1.el6.x86_64 x86_64 CentOS release 6.9 (Final)
auth_cache_size = 32 M
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
disable_plaintext_auth = no
first_valid_uid = 89
listen = *
log_path = /var/log/dovecot.log
login_greeting = Dovecot toaster ready.
mail_location = maildir:~/Maildir
mail_max_userip_connections = 20
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date index ihave duplicate 
mime foreverypart extracttext
namespace {
  inbox = yes
  location =
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Junk {
auto = create
special_use = \Junk
  }
  mailbox Sent {
auto = create
special_use = \Sent
  }
  mailbox "Sent Items" {
auto = subscribe
special_use = \Sent
  }
  mailbox Trash {
auto = subscribe
special_use = \Trash
  }
  mailbox spam {
auto = subscribe
special_use = \Junk
  }
  prefix =
  separator = .
  type = private
}
passdb {
  args = cache_key=%u%r webmail=127.0.0.1
  driver = vpopmail
}
plugin {
  quota = maildir
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/.sieve
}
protocols = imap pop3 sieve
service imap-login {
  service_count = 0
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
}
ssl_cert = -<%e> :: Subject:<%s> :: Status:<%$> :: 
MsgID:<%m> :: Size<%p> :: vSize<%w>
  info_log_path = /var/log/dovecot-lda/lda.log
  log_path = /var/log/dovecot-lda/lda-err.log
  mail_debug = yes
  mail_plugins = " sieve"
}
Eric

> On 9/3/2017 8:37 PM, Rajesh M wrote:
> eric
>
> could you please let me know where you specified the mail_location
>
> i am using the configurations as specified by remo, excepting that i have 
> added the debugging for lda
>
> if you could send me your dovecot -n it would be great.
>
> thanks
> rajesh
>
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Sun, 3 Sep 2017 16:14:59 -0600
> Subject:
>
> It worked for me, and ended the sdbox and mdbox failed access errors.
>
> On 9/3/2017 1:40 PM, Rajesh M wrote:
>> eric
>>
>> i got the dovecot lda working in production. i saw this in the log files
>>
>> as per the dovecot docs dovecot searchs in a sequence mdbox, sdbox and then 
>> Maildir (as per lda logs below)
>>
>> so should i specify the mail_location ?
>> mail_location = maildir:~/Maildir
>>
>> https://wiki2.dovecot.org/MailLocation/Maildir
>>
>> Sep 04 00:01:28 lda(n...@xxx.com): Debug: Quota grace: root=ignore=Trash 
>> bytes=0 (10%)
>> Sep 04 00:01:28 lda(n...@xxx.com): Debug: Namespace : type=private, prefix=, 
>> sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=
>> Sep 04 00:01:28 lda(n...@xxx.com): Debug: mdbox: 
>> access(/home/vpopmail/domains/xxx.com/noc/mdbox, rwx): failed: No such file 
>> or directory
>> Sep 04 00:01:28 lda(n...@xxx.com): Debug: mdbox: couldn't find root dir
>> Sep 04 00:01:28 lda(n...@xxx.com): Debug: sdbox: 
>> access(/home/vpopmail/domains/xxx.com/noc/sdbox, rwx): failed: No such file 
>> or directory
>> Sep 04 00:01:28 lda(n...@xxx.com): Debug: sdbox: couldn't find root dir
>> Sep 04 00:01:28 lda(n...@xxx.com): Debug: maildir: root exists 
>> (/home/vpopmail/domains/xxx.com/noc/Maildir)
>> Sep 04 00:01:28 lda(n...@xxx.com): Debug: maildir++: 
>> root=/home/vpopmail/domains/xxx.com/noc/Maildir, index=, indexpvt=, 
>> control=, inbox=/home/v$
>> Sep 04 00:01:28 lda(n...@xxx.com): Debug: Quota root: name=ignore=Trash 
>> bac

Re: [qmailtoaster] using dovecot seive

[Rajesh M]

eric

could you please let me know where you specified the mail_location

i am using the configurations as specified by remo, excepting that i have added 
the debugging for lda

if you could send me your dovecot -n it would be great.

thanks
rajesh



- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 3 Sep 2017 16:14:59 -0600
Subject:

It worked for me, and ended the sdbox and mdbox failed access errors.

On 9/3/2017 1:40 PM, Rajesh M wrote:
> eric
>
> i got the dovecot lda working in production. i saw this in the log files
>
> as per the dovecot docs dovecot searchs in a sequence mdbox, sdbox and then 
> Maildir (as per lda logs below)
>
> so should i specify the mail_location ?
> mail_location = maildir:~/Maildir
>
> https://wiki2.dovecot.org/MailLocation/Maildir
>
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: Quota grace: root=ignore=Trash 
> bytes=0 (10%)
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: Namespace : type=private, prefix=, 
> sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: mdbox: 
> access(/home/vpopmail/domains/xxx.com/noc/mdbox, rwx): failed: No such file 
> or directory
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: mdbox: couldn't find root dir
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: sdbox: 
> access(/home/vpopmail/domains/xxx.com/noc/sdbox, rwx): failed: No such file 
> or directory
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: sdbox: couldn't find root dir
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: maildir: root exists 
> (/home/vpopmail/domains/xxx.com/noc/Maildir)
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: maildir++: 
> root=/home/vpopmail/domains/xxx.com/noc/Maildir, index=, indexpvt=, control=, 
> inbox=/home/v$
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: Quota root: name=ignore=Trash 
> backend=maildir args=
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: Quota rule: root=ignore=Trash 
> mailbox=? bytes=0 messages=0
> Sep 04 00:01:28 lda(n...@xxx.com): Debug: Quota grace: root=ignore=Trash 
> bytes=0 (10%)
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Thu, 31 Aug 2017 19:35:30 -0600
> Subject:
>
> Hi Rajesh,
>
> I'm not sure if you've gotten this working yet. I tried some
> experimentation and I got this working on my host albeit that roundcube
> created my files and directories under the user.
>
> Notice especially the 'tmp' directory under ~/.sieve, you may need
> it...not sure. Anyway here's everything I did.
>
> # ls -la /home/vpopmail/domains/mydomain.com/user/
> total 24
> drwx--  4 vpopmail vchkpw 4096 Aug 31 19:11 .
> drwx--  5 vpopmail vchkpw 4096 Aug 31 19:06 ..
> -rw---  1 vpopmail vchkpw  300 Aug 31 19:11 .dovecot.lda-dupes
> lrwxrwxrwx  1 vpopmail vchkpw   22 Aug 31 07:16 .dovecot.sieve ->
> .sieve/roundcube.sieve
> -rw---  1 vpopmail vchkpw  278 Aug 31 19:09 .dovecot.svbin
> drwx-- 14 vpopmail vchkpw 4096 Aug 31 19:13 Maildir
> drwx--  3 vpopmail vchkpw 4096 Aug 31 19:08 .sieve
>
> --
>
> # ls -la /home/vpopmail/domains/mydomain.com/user/.sieve
> total 16
> drwx-- 3 vpopmail vchkpw 4096 Aug 31 19:08 .
> drwx-- 4 vpopmail vchkpw 4096 Aug 31 19:11 ..
> -rw--- 1 vpopmail vchkpw  120 Aug 31 19:08 roundcube.sieve
> drwx-- 2 vpopmail vchkpw 4096 Aug 31 19:08 tmp
>
> --
>
> # cat /home/vpopmail/domains/mydomain.com/user/.dovecot.sieve
> # rule:[ToUserOtherDomain]
> if header :contains "from" "u...@mydomain2.com"
> {
>           redirect "u...@myotherdomain.com";
> }
>
> --
>
> It all came out in the log file /var/log/dovecot-lda/lda.log correctly
>
> ------
>
> Dovecot settings: /etc/dovecot/local.conf :
>
> protocol lda {
>     mail_debug=yes
>     mail_plugins = $mail_plugins sieve
>     deliver_log_format = From:<%f>-<%e> :: Subject:<%s> :: Status:<%$> ::
> MsgID:<%m> :: Size<%p> :: vSize<%w>
>     log_path = /var/log/dovecot-lda/lda-err.log
>     info_log_path = /var/log/dovecot-lda/lda.log
>     #postmaster_address = postmaster@
> }
> plugin {
>         sieve = ~/.dovecot.sieve
>         sieve_dir = ~/.sieve
> }
>
> 

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

the logs are not in that simscan directory..

they re in the /var/log which is also in the same partition.

the files in the ls -l /var/qmail/simscan are temp ones which keep coming and 
going


rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 3 Sep 2017 13:13:47 -0600
Subject:

Rajesh,


Those shouldn't be log files in that directory, but directories of this
form...

[root@mail ~]# ls -l /var/qmail/simscan
total 7
drwxr-x--- 2 clamav vchkpw 4096 Apr 12  2016 1460525628.43125.19212
drwxr-x--- 2 clamav vchkpw 4096 Apr 12  2016 1460525917.767516.19248
drwxr-x--- 2 clamav vchkpw  131 Apr 12  2016 1460525934.725762.19262
drwxr-x--- 2 clamav vchkpw  131 Apr 12  2016 1460525934.728000.19263
drwxr-x--- 2 clamav vchkpw  131 Apr 12  2016 1460525934.730011.19264
drwxr-x--- 2 clamav vchkpw 4096 Apr 12  2016 1460525959.679164.19279
drwxr-x--- 2 clamav vchkpw  131 Apr 12  2016 1460525972.624759.19287

in which messages are broken into their respective parts (below)...

/var/qmail/simscan/1493074576.527224.5829:
total 1472

-rw-r- 1 clamav vchkpw     37 Apr 24 16:56 addr.1493074576.527224.5829
-rw-r- 1 clamav vchkpw  20719 Apr 24 16:56 __If_
-rw-r- 1 clamav vchkpw 846597 Apr 24 16:56 msg.1493074576.527224.5829
-rw-r- 1 clamav vchkpw      0 Apr 24 16:56 textfile0
-rw--- 1 clamav vchkpw   9090 Apr 24 16:56 textfile1
-rw--- 1 clamav vchkpw  47495 Apr 24 16:56 textfile2
-rw--- 1 clamav vchkpw 362496 Apr 24 16:56 WGS-VRV Indoor Units.doc
-rw--- 1 clamav vchkpw 203264 Apr 24 16:56 WGS-VRV IV 208-230V Heat
Pump.doc

for examination.

There should be no log files in /var/qmail/simscan and their should be
no old files there either.

Eric


On 9/3/2017 12:54 PM, Rajesh M wrote:
> eric
>
> around 1 gb spare.
>
> there are a lot of log files.
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Sun, 3 Sep 2017 11:21:24 -0600
> Subject:
>
> Rajesh,
>
> How much  available space is on the /var/qmail/simscan directory?
>
> Eric
> On 9/3/2017 12:19 AM, Rajesh M wrote:
>> eric
>>
>> i would like to conduct more load intensive tests.
>>
>> is it possible to provide me the shell script that you use for this purpose.
>>
>> rajesh
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

i have over 50 gb of log files which can be deleted

rajesh

- Original Message -
From: Remo Mattei [mailto:r...@mattei.org]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 3 Sep 2017 12:13:28 -0700
Subject:

1gb is not very much!

Il giorno 03 set 2017, alle ore 11:54, Rajesh M <24x7ser...@24x7server.net> ha 
scritto:

eric

around 1 gb spare.

there are a lot of log files.

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 3 Sep 2017 11:21:24 -0600
Subject:

Rajesh,

How much  available space is on the /var/qmail/simscan directory?

Eric
> On 9/3/2017 12:19 AM, Rajesh M wrote:
> eric
>
> i would like to conduct more load intensive tests.
>
> is it possible to provide me the shell script that you use for this purpose.
>
> rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

around 1 gb spare.

there are a lot of log files.

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 3 Sep 2017 11:21:24 -0600
Subject:

Rajesh,

How much  available space is on the /var/qmail/simscan directory?

Eric
On 9/3/2017 12:19 AM, Rajesh M wrote:
> eric
>
> i would like to conduct more load intensive tests.
>
> is it possible to provide me the shell script that you use for this purpose.
>
> rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

i would like to conduct more load intensive tests.

is it possible to provide me the shell script that you use for this purpose.

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sat, 2 Sep 2017 14:04:36 -0600
Subject:

My testing was at about 1/2 that rate with 320K attachments, almost
double that rate with 1/2 email 320K attachments, and 1/2 email with no
attachments. No soft rejects. Ugh!...difficult to troubleshoot if not
repeatable.


On 9/2/2017 1:36 PM, Rajesh M wrote:
> eric
>
> thanks for the info. the script you sent works
>
> the server processes roughly around 8 emails per day during week days and 
> around 80 percent of it comes during around 12 hours. So during peak hours it 
> is around 8000 emails per hour.
>
> i will test this out monday morning peak hours and revert.
>
> thanks
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Sat, 2 Sep 2017 12:35:14 -0600
> Subject:
>
> Rajesh,
>
> I'm still not sure the process limit is being reached.
>
> I'm testing a COS6/QMT server now and haven't been able to bring about
> 'qq soft reject' or failure of any sort. I'm hitting it with email using
> a delivery script from two servers with attachment size of 320KB.
>
> try the script below (psmem) to monitor:
>
> 
>
> #!/bin/bash
> ps -C $1 -O rss | gawk '{ count ++; sum += $2 }; END {count --; print
> "Number of processes =",count; print "Memory usage per process
> =",sum/1024/count, "MB"; print "Total memory usage =", sum/1024, "MB" ;};'
>
> 
>
> # chmod 755 psmem
>
> # watch -n 1 ./psmem simscan
>
>
> Not sure I should change anything until we figure out what's going on.
>
> Eric
>
>
>
> On 9/2/2017 12:03 PM, Rajesh M wrote:
>> eric
>>
>> i could not get the bash script working with either of the two options. 
>> still gives error
>>line 23: `return-limits': not a valid identifier.
>>
>>
>>
>> can the limits issue in simscan be fixed ?
>>
>> thanks,
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To:qmailtoaster-list@qmailtoaster.com
>> Sent: Fri, 1 Sep 2017 23:46:15 -0600
>> Subject:
>>
>> Rajesh,
>>
>> It has something to do with #!/bin/bash or #!/bin/sh.
>>
>> At top of script, when I use #!/bin/sh I get the same error you do, but
>> when I use #!/bin/bash script works fine.
>>
>>
>> Eric
>>
>>
>> On 9/1/2017 11:07 PM, Rajesh M wrote:
>>> eric
>>>
>>> 1) is their any resolution for this issue ?
>>>
>>> 2) if i run the script it throws error as such
>>> .
>>> /limits.sh: line 23: `return-limits': not a valid identifier
>>>
>>> #!/bin/bash
>>> if [ "$#" -ne "1" ]; then
>>>   echo ""
>>>   echo -e "\033[01;32mLimit checker\033[00m"
>>>   echo -e "\033[01;37mUsage:\033[01;33m $0 process_name\033[00m"
>>>   echo ""
>>>   exit 0
>>> fi
>>>
>>> return-limits(){
>>>   for process in $@; do
>>>  process_pids=`ps -C $process -o pid --no-headers | cut -d " " -f 2`
>>>
>>>  if [ -z $@ ]; then
>>> echo "[no $process running]"
>>>  else
>>> for pid in $process_pids; do
>>>echo "[$process #$pid -- limits]"
>>>cat /proc/$pid/limits
>>>  done
>>>  fi
>>>   done
>>> }
>>> return-limits $1
>>>
>>> rajesh
>>>
>>>
>>>
>>> - Original Message -
>>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>>> To:qmailtoaster-list@qmailtoaster.com
>>> Sent: Fri, 1 Sep 2017 17:28:40 -0600
>>> Subject:
>>>
>>> I sent myself a large file so that I could examine simscan with the
>>> below script (limits.sh). Here's the output:
>>>
>>> [root@pet105 simscan-1.4.0]# ./limits simscan
>>> [simscan #31535 -- limits]
>>> Limit   
>>>    
>>>    
>>>  ÃÃ

RE: Fwd: Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

thanks for the info. the script you sent works

the server processes roughly around 8 emails per day during week days and 
around 80 percent of it comes during around 12 hours. So during peak hours it 
is around 8000 emails per hour.

i will test this out monday morning peak hours and revert.

thanks
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sat, 2 Sep 2017 12:35:14 -0600
Subject:

Rajesh,

I'm still not sure the process limit is being reached.

I'm testing a COS6/QMT server now and haven't been able to bring about
'qq soft reject' or failure of any sort. I'm hitting it with email using
a delivery script from two servers with attachment size of 320KB.

try the script below (psmem) to monitor:



#!/bin/bash
ps -C $1 -O rss | gawk '{ count ++; sum += $2 }; END {count --; print
"Number of processes =",count; print "Memory usage per process
=",sum/1024/count, "MB"; print "Total memory usage =", sum/1024, "MB" ;};'



# chmod 755 psmem

# watch -n 1 ./psmem simscan


Not sure I should change anything until we figure out what's going on.

Eric



On 9/2/2017 12:03 PM, Rajesh M wrote:
> eric
>
> i could not get the bash script working with either of the two options. still 
> gives error
>   line 23: `return-limits': not a valid identifier.
>
>
>
> can the limits issue in simscan be fixed ?
>
> thanks,
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To:qmailtoaster-list@qmailtoaster.com
> Sent: Fri, 1 Sep 2017 23:46:15 -0600
> Subject:
>
> Rajesh,
>
> It has something to do with #!/bin/bash or #!/bin/sh.
>
> At top of script, when I use #!/bin/sh I get the same error you do, but
> when I use #!/bin/bash script works fine.
>
>
> Eric
>
>
> On 9/1/2017 11:07 PM, Rajesh M wrote:
>> eric
>>
>> 1) is their any resolution for this issue ?
>>
>> 2) if i run the script it throws error as such
>> .
>> /limits.sh: line 23: `return-limits': not a valid identifier
>>
>> #!/bin/bash
>> if [ "$#" -ne "1" ]; then
>>  echo ""
>>  echo -e "\033[01;32mLimit checker\033[00m"
>>  echo -e "\033[01;37mUsage:\033[01;33m $0 process_name\033[00m"
>>  echo ""
>>  exit 0
>> fi
>>
>> return-limits(){
>>  for process in $@; do
>> process_pids=`ps -C $process -o pid --no-headers | cut -d " " -f 2`
>>
>> if [ -z $@ ]; then
>>echo "[no $process running]"
>> else
>>for pid in $process_pids; do
>>   echo "[$process #$pid -- limits]"
>>   cat /proc/$pid/limits
>> done
>> fi
>>  done
>> }
>> return-limits $1
>>
>> rajesh
>>
>>
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To:qmailtoaster-list@qmailtoaster.com
>> Sent: Fri, 1 Sep 2017 17:28:40 -0600
>> Subject:
>>
>> I sent myself a large file so that I could examine simscan with the
>> below script (limits.sh). Here's the output:
>>
>> [root@pet105 simscan-1.4.0]# ./limits simscan
>> [simscan #31535 -- limits]
>> Limit        
>>         
>>      Soft Limit   
>>         Hard 
>> Limit        
>>    Units
>> Max cpu time       
>>        unlimited 
>> unlimited       
>>      seconds
>> Max file size       
>>       unlimited unlimited 
>>         
>>    bytes
>> Max data size       
>>       unlimited unlimited 
>>         
>>    bytes
>> Max stack size 10485760 unlimited   ÂÂ

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

i could not get the bash script working with either of the two options. still 
gives error
 line 23: `return-limits': not a valid identifier.



can the limits issue in simscan be fixed ?

thanks,
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 1 Sep 2017 23:46:15 -0600
Subject:

Rajesh,

It has something to do with #!/bin/bash or #!/bin/sh.

At top of script, when I use #!/bin/sh I get the same error you do, but
when I use #!/bin/bash script works fine.


Eric


On 9/1/2017 11:07 PM, Rajesh M wrote:
> eric
>
> 1) is their any resolution for this issue ?
>
> 2) if i run the script it throws error as such
> .
> /limits.sh: line 23: `return-limits': not a valid identifier
>
> #!/bin/bash
> if [ "$#" -ne "1" ]; then
> echo ""
> echo -e "\033[01;32mLimit checker\033[00m"
> echo -e "\033[01;37mUsage:\033[01;33m $0 process_name\033[00m"
> echo ""
> exit 0
> fi
>
> return-limits(){
> for process in $@; do
>process_pids=`ps -C $process -o pid --no-headers | cut -d " " -f 2`
>
>if [ -z $@ ]; then
>   echo "[no $process running]"
>else
>   for pid in $process_pids; do
>  echo "[$process #$pid -- limits]"
>  cat /proc/$pid/limits
>done
>fi
> done
> }
> return-limits $1
>
> rajesh
>
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Fri, 1 Sep 2017 17:28:40 -0600
> Subject:
>
> I sent myself a large file so that I could examine simscan with the
> below script (limits.sh). Here's the output:
>
> [root@pet105 simscan-1.4.0]# ./limits simscan
> [simscan #31535 -- limits]
> Limit                  
>    Soft Limit           Hard Limit  
>          Units
> Max cpu time              unlimited 
> unlimited            seconds
> Max file size             unlimited 
> unlimited            bytes
> Max data size             unlimited 
> unlimited            bytes
> Max stack size 10485760 unlimited            
> bytes
> Max core file size        0 unlimited     
>        bytes
> Max resident set          unlimited unlimited 
>            bytes
> Max processes 1024 31121             
>    processes
> Max open files            1024 4096  
>                files
> Max locked memory         65536 65536    
>             bytes
> Max address space         unlimited unlimited  
>           bytes
> Max file locks            unlimited 
> unlimited            locks
> Max pending signals       31121 31121     
>            signals
> Max msgqueue size         819200 819200   
>             bytes
> Max nice priority         0      
>               0
> Max realtime priority     0         
>            0
> Max realtime timeout      unlimited unlimited    
>         us
>
> Notice the 'Max processes' and 'Max stack size', this could very well be
> the issue for our simscan failures.
>
> Eric
>
> On 9/1/2017 5:20 PM, Eric Broch wrote:
>> This looks like a decent script:
>>
>> 
>> #!/bin/bash
>> if [ "$#" -ne "1" ]; then
>> echo ""
>> echo -e "\033[01;32mLimit checker\033[00m"
>> echo -e "\033[01;37mUsage:\033[01;33m $0 process_name\033[00m"
>> echo ""
>> exit 0
>> fi
>>
>> return-limits(){
>> for process in $@; do
>>       process_pids=`ps -C $pro

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

1) is their any resolution for this issue ?

2) if i run the script it throws error as such
.
/limits.sh: line 23: `return-limits': not a valid identifier

#!/bin/bash
if [ "$#" -ne "1" ]; then
   echo ""
   echo -e "\033[01;32mLimit checker\033[00m"
   echo -e "\033[01;37mUsage:\033[01;33m $0 process_name\033[00m"
   echo ""
   exit 0
fi

return-limits(){
   for process in $@; do
  process_pids=`ps -C $process -o pid --no-headers | cut -d " " -f 2`

  if [ -z $@ ]; then
 echo "[no $process running]"
  else
 for pid in $process_pids; do
echo "[$process #$pid -- limits]"
cat /proc/$pid/limits
  done
  fi
   done
}
return-limits $1

rajesh



- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 1 Sep 2017 17:28:40 -0600
Subject:

I sent myself a large file so that I could examine simscan with the
below script (limits.sh). Here's the output:

[root@pet105 simscan-1.4.0]# ./limits simscan
[simscan #31535 -- limits]
Limit                     Soft Limit           
Hard Limit           Units
Max cpu time              unlimited unlimited           
 seconds
Max file size             unlimited unlimited            
bytes
Max data size             unlimited unlimited            
bytes
Max stack size 10485760 unlimited            bytes
Max core file size        0 unlimited            bytes
Max resident set          unlimited unlimited            
bytes
Max processes 1024 31121                processes
Max open files            1024 4096                 
files
Max locked memory         65536 65536                
bytes
Max address space         unlimited unlimited            
bytes
Max file locks            unlimited unlimited            
locks
Max pending signals       31121 31121                
signals
Max msgqueue size         819200 819200               
bytes
Max nice priority         0                    0
Max realtime priority     0                    0
Max realtime timeout      unlimited unlimited            us

Notice the 'Max processes' and 'Max stack size', this could very well be
the issue for our simscan failures.

Eric

On 9/1/2017 5:20 PM, Eric Broch wrote:
>
> This looks like a decent script:
>
> 
> #!/bin/bash
> if [ "$#" -ne "1" ]; then
> echo ""
> echo -e "\033[01;32mLimit checker\033[00m"
> echo -e "\033[01;37mUsage:\033[01;33m $0 process_name\033[00m"
> echo ""
> exit 0
> fi
>
> return-limits(){
> for process in $@; do
>       process_pids=`ps -C $process -o pid --no-headers | cut -d " " -f 2`
>
> if [ -z $@ ]; then
> echo "[no $process running]"
> else
> for pid in $process_pids; do
> echo "[$process #$pid -- limits]"
>             cat /proc/$pid/limits
>       done
>       fi
>    done
> }
>
> return-limits $1
> 
>
> Example:
> # ./limits.sh tcpserver
> or
> # ./limits.sh simscan
>
> Eric
>
>
> On 9/1/2017 2:51 PM, Rajesh M wrote:
>> eric
>>
>> how do i check the number of user processes being consumed and by which user
>>
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To:qmailtoaster-list@qmailtoaster.com
>> Sent: Fri, 1 Sep 2017 14:25:36 -0600
>> Subject:
>>
>> Number of user processes.
>>
>>
>> On 9/1/2017 1:57 PM, Rajesh M wrote:
>>> eric
>>>
>>> what is RLIMIT ? is it related to memory ?
>>>
>>> rajesh
>>>
>>> - Original Message -
>>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>>> To:qmailtoaster-list@qmailtoaster.com
>>> Sent: Fri, 1 Sep 2017 13:25:49 -0600
>>> Subject:
>>>
>>> Here's a section of code in simscan.c that controls the number of processes.
>>>
>>> #ifdef HAS_ULIMIT_NPROC
>>>  /* Set ulimits to prevent hangs if it forks too many processes 
>>> */
>>>  getrlimit(RLIMIT_NPROC, );
>>>  limits.rlim_cur = 1024;
>>>  setrlimit(RLIMIT_NPROC, );
>>> #endif
>>>
>>> The RLIMIT is set to 1024.
>>>
>>> I think this may

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

how do i check the number of user processes being consumed and by which user

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 1 Sep 2017 14:25:36 -0600
Subject:

Number of user processes.


On 9/1/2017 1:57 PM, Rajesh M wrote:
> eric
>
> what is RLIMIT ? is it related to memory ?
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Fri, 1 Sep 2017 13:25:49 -0600
> Subject:
>
> Here's a section of code in simscan.c that controls the number of processes.
>
> #ifdef HAS_ULIMIT_NPROC
>     /* Set ulimits to prevent hangs if it forks too many processes */
>     getrlimit(RLIMIT_NPROC, );
>     limits.rlim_cur = 1024;
>     setrlimit(RLIMIT_NPROC, );
> #endif
>
> The RLIMIT is set to 1024.
>
> I think this may be the issue and would explain why there would be
> forking issues with qmail-queue, ripmime, and others. This is in place
> to prevent hangs...could be a good thing.
>
>
> On 9/1/2017 1:04 PM, Remo Mattei wrote:
>> interesting...
>>
>> mine was an easy fix by changing the owner and permissions so
>> underline has some other triggering to the kernel and how it reads
>> those layers.
>>
>> On 9/1/17 11:18 AM, Eric Broch wrote:
>>> 1)  Problem forking
>>>
>>> vfork() is used to execute qmail-queue
>>>
>>> The error 'simscan: error forking qmail-queue' will happen for either
>>> of the following reasons:
>>>
>>> a) [EAGAIN]
>>>  The system-wide limit on the total number of processes under
>>>  execution would be exceeded, or the system-imposed limit on the
>>>  total number of processes under execution by a single user would
>>>  be exceeded.
>>> b) [ENOMEM]
>>>  There is insufficient swap space for the new process.
>>>
>>>
>>> On 9/1/2017 11:53 AM, Eric Broch wrote:
>>>> Are there any errors in /var/log/messages that correspond?
>>>>
>>>>
>>>> On 9/1/2017 11:39 AM, Jeff Koch wrote:
>>>>> Eric / Remo / Rajesh - we reported this same problem a number of
>>>>> months ago and thought we had fixed it. But alas, it's still with
>>>>> us. The good news is that we haven't had any customer complaints.
>>>>> I'll be very interested if it can be resolved.
>>>>>
>>>>> Jeff Koch
>>>>>
>>>>>
>>>>> On 9/1/2017 12:01 PM, Eric Broch wrote:
>>>>>> I'm not sure what's going on here. Is this a relatively new
>>>>>> phenomenon?
>>>>>>
>>>>>> I wonder if it's a memory, or even a disk speed, issue since it
>>>>>> only happens at peak hours?
>>>>>>
>>>>>> I think I'll appy Johannes Weberhofer's patch and put it out there
>>>>>> for you...and cross or fingers.
>>>>>>
>>>>>>
>>>>>> On 9/1/2017 6:28 AM, Rajesh M wrote:
>>>>>>> remo / eric
>>>>>>>
>>>>>>> i have still not being able to resolve the qq soft reject error.
>>>>>>>
>>>>>>> these are my findings
>>>>>>>
>>>>>>> 1) the errors i see are "error forking qmail-queue" and "ripmime error" 
>>>>>>> which causes the qq soft reject.
>>>>>>>
>>>>>>> 2) the max concurrent connections in the logs is around 35.
>>>>>>>
>>>>>>> 3)  These errors come up during peak working hours when the server is 
>>>>>>> under a  load of 4 - 8, and they increase the load even more to over 
>>>>>>> 10-15.
>>>>>>>
>>>>>>> 4) i came across this link (not sure if this is related)
>>>>>>> https://github.com/qmail/simscan/blob/master/simscan.c
>>>>>>>
>>>>>>> 5) i can share with you my live smtp logs with simscan debug.
>>>>>>>
>>>>>>> have extracted some lines below
>>>>>>>
>>>>>>>
>>>>>>> Error forking qmail-queue
>>>>>>>
>>>>>>> @400059a8fa7b0a2ed1b4 tcpserver: status: 31/200
>>>>>>> @400059a8fa7b13162584 simscan: cdb looking up version spam
>>

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

what is RLIMIT ? is it related to memory ?

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 1 Sep 2017 13:25:49 -0600
Subject:

Here's a section of code in simscan.c that controls the number of processes.

#ifdef HAS_ULIMIT_NPROC
   /* Set ulimits to prevent hangs if it forks too many processes */
   getrlimit(RLIMIT_NPROC, );
   limits.rlim_cur = 1024;
   setrlimit(RLIMIT_NPROC, );
#endif

The RLIMIT is set to 1024.

I think this may be the issue and would explain why there would be
forking issues with qmail-queue, ripmime, and others. This is in place
to prevent hangs...could be a good thing.


On 9/1/2017 1:04 PM, Remo Mattei wrote:
> interesting...
>
> mine was an easy fix by changing the owner and permissions so
> underline has some other triggering to the kernel and how it reads
> those layers.
>
> On 9/1/17 11:18 AM, Eric Broch wrote:
>>
>> 1)  Problem forking
>>
>> vfork() is used to execute qmail-queue
>>
>> The error 'simscan: error forking qmail-queue' will happen for either
>> of the following reasons:
>>
>> a) [EAGAIN]
>> The system-wide limit on the total number of processes under
>> execution would be exceeded, or the system-imposed limit on the
>> total number of processes under execution by a single user would
>> be exceeded.
>> b) [ENOMEM]
>> There is insufficient swap space for the new process.
>>
>>
>> On 9/1/2017 11:53 AM, Eric Broch wrote:
>>>
>>> Are there any errors in /var/log/messages that correspond?
>>>
>>>
>>> On 9/1/2017 11:39 AM, Jeff Koch wrote:
>>>>
>>>> Eric / Remo / Rajesh - we reported this same problem a number of
>>>> months ago and thought we had fixed it. But alas, it's still with
>>>> us. The good news is that we haven't had any customer complaints.
>>>> I'll be very interested if it can be resolved.
>>>>
>>>> Jeff Koch
>>>>
>>>>
>>>> On 9/1/2017 12:01 PM, Eric Broch wrote:
>>>>>
>>>>> I'm not sure what's going on here. Is this a relatively new
>>>>> phenomenon?
>>>>>
>>>>> I wonder if it's a memory, or even a disk speed, issue since it
>>>>> only happens at peak hours?
>>>>>
>>>>> I think I'll appy Johannes Weberhofer's patch and put it out there
>>>>> for you...and cross or fingers.
>>>>>
>>>>>
>>>>> On 9/1/2017 6:28 AM, Rajesh M wrote:
>>>>>> remo / eric
>>>>>>
>>>>>> i have still not being able to resolve the qq soft reject error.
>>>>>>
>>>>>> these are my findings
>>>>>>
>>>>>> 1) the errors i see are "error forking qmail-queue" and "ripmime error" 
>>>>>> which causes the qq soft reject.
>>>>>>
>>>>>> 2) the max concurrent connections in the logs is around 35.
>>>>>>
>>>>>> 3)  These errors come up during peak working hours when the server is 
>>>>>> under a  load of 4 - 8, and they increase the load even more to over 
>>>>>> 10-15.
>>>>>>
>>>>>> 4) i came across this link (not sure if this is related)
>>>>>> https://github.com/qmail/simscan/blob/master/simscan.c
>>>>>>
>>>>>> 5) i can share with you my live smtp logs with simscan debug.
>>>>>>
>>>>>> have extracted some lines below
>>>>>>
>>>>>>
>>>>>> Error forking qmail-queue
>>>>>>
>>>>>> @400059a8fa7b0a2ed1b4 tcpserver: status: 31/200
>>>>>> @400059a8fa7b13162584 simscan: cdb looking up version spam
>>>>>> @400059a8fa7b13166bd4 simscan: runned_scanners is  attach: 1.4.0 
>>>>>> clamav: 0.98.6/m: spam: 3.3.2
>>>>>> @400059a8fa7b13166fbc simscan: found 3.3.2
>>>>>> @400059a8fa7b13168efc simscan:[10757]:CLEAN 
>>>>>> (5.00/30.00):9.7712s:-Possible Spam- RE_ REQUIRE BOOKING // 1X20  //
>>>>>> ICD TKD TO 
>>>>>> BANDARABASS:103.241.181.228:cs@atlasdecargo.com:rathe...@radiant-india.net
>>>>>> @400059a8fa7b1316cd7c simscan: done, execing qmail-queue
>>>>>> @400059a8fa7b1316fc5c simscan: error forking qmail-queue
>>>>>> @40

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

jeff

could you please let me know the cpu details of your machine

is it a dell machine or some other with  intel E5 processor ?

rajesh


- Original Message -
From: Jeff Koch [mailto:jeffk...@intersessions.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 1 Sep 2017 13:39:37 -0400
Subject:

Eric / Remo / Rajesh - we reported this same problem a number of months
ago and thought we had fixed it. But alas, it's still with us. The good
news is that we haven't had any customer complaints. I'll be very
interested if it can be resolved.

Jeff Koch


On 9/1/2017 12:01 PM, Eric Broch wrote:
>
> I'm not sure what's going on here. Is this a relatively new phenomenon?
>
> I wonder if it's a memory, or even a disk speed, issue since it only
> happens at peak hours?
>
> I think I'll appy Johannes Weberhofer's patch and put it out there for
> you...and cross or fingers.
>
>
> On 9/1/2017 6:28 AM, Rajesh M wrote:
>> remo / eric
>>
>> i have still not being able to resolve the qq soft reject error.
>>
>> these are my findings
>>
>> 1) the errors i see are "error forking qmail-queue" and "ripmime error" 
>> which causes the qq soft reject.
>>
>> 2) the max concurrent connections in the logs is around 35.
>>
>> 3)  These errors come up during peak working hours when the server is under 
>> a  load of 4 - 8, and they increase the load even more to over 10-15.
>>
>> 4) i came across this link (not sure if this is related)
>> https://github.com/qmail/simscan/blob/master/simscan.c
>>
>> 5) i can share with you my live smtp logs with simscan debug.
>>
>> have extracted some lines below
>>
>>
>> Error forking qmail-queue
>>
>> @400059a8fa7b0a2ed1b4 tcpserver: status: 31/200
>> @400059a8fa7b13162584 simscan: cdb looking up version spam
>> @400059a8fa7b13166bd4 simscan: runned_scanners is  attach: 1.4.0 clamav: 
>> 0.98.6/m: spam: 3.3.2
>> @400059a8fa7b13166fbc simscan: found 3.3.2
>> @400059a8fa7b13168efc simscan:[10757]:CLEAN 
>> (5.00/30.00):9.7712s:-Possible Spam- RE_ REQUIRE BOOKING // 1X20  //
>> ICD TKD TO 
>> BANDARABASS:103.241.181.228:cs@atlasdecargo.com:rathe...@radiant-india.net
>> @400059a8fa7b1316cd7c simscan: done, execing qmail-queue
>> @400059a8fa7b1316fc5c simscan: error forking qmail-queue
>> @400059a8fa7b13199854 simscan: exit error code: 71
>> @400059a8fa7b131c4004 qmail-smtpd: qq soft reject (mail server 
>> temporarily rejected message (#4.3.0)): MAILFROM:<cs@x.com>
>> RCPTTO:rathe...@y.net
>>
>>
>> Error in ripmime
>>
>> @400059a8fa98045a4bc4 simscan: pelookup: domain is aissamaritime.in
>> @400059a8fa98045a4bc4 simscan: cdb looking up aissamaritime.in
>> @400059a8fa98045a4fac simscan: pelookup: local part is shailesh_k_bom
>> @400059a8fa98045a4fac simscan: lpart: local part is **
>> @400059a8fa98045a5394 simscan: cdb looking 
>> upshailesh_k_...@aissamaritime.in
>> @400059a8fa98045a5394 simscan: ripmime error
>> @400059a8fa98045a6334 simscan: exit error code: 71
>> @400059a8fa98045a95fc qmail-smtpd: qq soft reject (mail server 
>> temporarily rejected message (#4.3.0)):
>> MAILFROM:<imp...@xxx.in>  RCPTTO:shailesh_k_...@yy.in
>>
>>
>> Wierd error logs
>>
>> @400059a9032f3aa79a24 simscan: clamdscan: --- SCAN SUMMARY 
>> ---
>> @400059a9032f3aa7b964 simscan: clamdscan: 
>> /var/qmail/simscan/1504248613.321653.5221: OK
>> @400059a9032f3aa86d14 simscan: clamdscan:
>> @400059a9032f3aa870fc simscan: clamdscan: ---simscan: cdb looking up 
>> version clamav
>> @400059a9032f3aa8a3c4  SCAN simscan: clamdscan: SIUnMfMeAcRtYe 
>> d- -fsimscan: runned_scanners is  attach: 1.4.0 clamav: 0.98.6/m:
>> @400059a9032f3aa8c304 -isimscan: found 0.98.6/m:
>> @400059a9032f3aa8c6ec -l-e-s-:- -0
>> @400059a9032f3aa8f1e4 --simscan: normal clamdscan return code: 0
>> @400059a9032f3aa8f1e4
>> @400059a9032f3aa8f5cc simscan: clamdscan: Infected fsimscan: clamdscan: 
>> iTliemes::  00
>> @400059a9032f3aa93834 .simscan: clamdscan: 1T1i8m es:e c0 .1(002  ms 
>> e0simscan: calling spamc
>> @400059a9032f3aa96ee4 c  s(0)simscan: calling /usr/bin/spamc simscan: 
>> clamdscan:
>> @400059a9032f3aa999dc  spamcm
>> @400059a9032f3aa999dc 0 s)
>> @400059a9032f3aa9ad64 /var/qmail/simscan/1simscan: check_spam had an 
>> error ret: -1
>> @400059a9032f3aa9e02c 504248613.307311.5215: OK
>

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

the machine i have is a dell,  hex core with hyperthreading, 16 gb ram -- 
hardly 4 gb being used, 600 gb 15krpm drive, 2 drives of 2000 gb each 
separately handling data.

rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 1 Sep 2017 10:01:01 -0600
Subject:

I'm not sure what's going on here. Is this a relatively new phenomenon?

I wonder if it's a memory, or even a disk speed, issue since it only
happens at peak hours?

I think I'll appy Johannes Weberhofer's patch and put it out there for
you...and cross or fingers.


On 9/1/2017 6:28 AM, Rajesh M wrote:
> remo / eric
>
> i have still not being able to resolve the qq soft reject error.
>
> these are my findings
>
> 1) the errors i see are "error forking qmail-queue" and "ripmime error" which 
> causes the qq soft reject.
>
> 2) the max concurrent connections in the logs is around 35.
>
> 3)  These errors come up during peak working hours when the server is under a 
>  load of 4 - 8, and they increase the load even more to over 10-15.
>
> 4) i came across this link (not sure if this is related)
> https://github.com/qmail/simscan/blob/master/simscan.c
>
> 5) i can share with you my live smtp logs with simscan debug.
>
> have extracted some lines below
>
>
> Error forking qmail-queue
>
> @400059a8fa7b0a2ed1b4 tcpserver: status: 31/200
> @400059a8fa7b13162584 simscan: cdb looking up version spam
> @400059a8fa7b13166bd4 simscan: runned_scanners is  attach: 1.4.0 clamav: 
> 0.98.6/m: spam: 3.3.2
> @400059a8fa7b13166fbc simscan: found 3.3.2
> @400059a8fa7b13168efc simscan:[10757]:CLEAN 
> (5.00/30.00):9.7712s:-Possible Spam- RE_ REQUIRE BOOKING // 1X20  //
> ICD TKD TO 
> BANDARABASS:103.241.181.228:cs@atlasdecargo.com:rathe...@radiant-india.net
> @400059a8fa7b1316cd7c simscan: done, execing qmail-queue
> @400059a8fa7b1316fc5c simscan: error forking qmail-queue
> @400059a8fa7b13199854 simscan: exit error code: 71
> @400059a8fa7b131c4004 qmail-smtpd: qq soft reject (mail server 
> temporarily rejected message (#4.3.0)): MAILFROM:<cs@x.com>
> RCPTTO:rathe...@y.net
>
>
> Error in ripmime
>
> @400059a8fa98045a4bc4 simscan: pelookup: domain is aissamaritime.in
> @400059a8fa98045a4bc4 simscan: cdb looking up aissamaritime.in
> @400059a8fa98045a4fac simscan: pelookup: local part is shailesh_k_bom
> @400059a8fa98045a4fac simscan: lpart: local part is **
> @400059a8fa98045a5394 simscan: cdb looking 
> upshailesh_k_...@aissamaritime.in
> @400059a8fa98045a5394 simscan: ripmime error
> @400059a8fa98045a6334 simscan: exit error code: 71
> @400059a8fa98045a95fc qmail-smtpd: qq soft reject (mail server 
> temporarily rejected message (#4.3.0)):
> MAILFROM:<imp...@xxx.in>  RCPTTO:shailesh_k_...@yy.in
>
>
> Wierd error logs
>
> @400059a9032f3aa79a24 simscan: clamdscan: --- SCAN SUMMARY 
> ---
> @400059a9032f3aa7b964 simscan: clamdscan: 
> /var/qmail/simscan/1504248613.321653.5221: OK
> @400059a9032f3aa86d14 simscan: clamdscan:
> @400059a9032f3aa870fc simscan: clamdscan: ---simscan: cdb looking up 
> version clamav
> @400059a9032f3aa8a3c4  SCAN simscan: clamdscan: SIUnMfMeAcRtYe d- 
> -fsimscan: runned_scanners is  attach: 1.4.0 clamav: 0.98.6/m:
> @400059a9032f3aa8c304 -isimscan: found 0.98.6/m:
> @400059a9032f3aa8c6ec -l-e-s-:- -0
> @400059a9032f3aa8f1e4 --simscan: normal clamdscan return code: 0
> @400059a9032f3aa8f1e4
> @400059a9032f3aa8f5cc simscan: clamdscan: Infected fsimscan: clamdscan: 
> iTliemes::  00
> @400059a9032f3aa93834 .simscan: clamdscan: 1T1i8m es:e c0 .1(002  ms 
> e0simscan: calling spamc
> @400059a9032f3aa96ee4 c  s(0)simscan: calling /usr/bin/spamc simscan: 
> clamdscan:
> @400059a9032f3aa999dc  spamcm
> @400059a9032f3aa999dc 0 s)
> @400059a9032f3aa9ad64 /var/qmail/simscan/1simscan: check_spam had an 
> error ret: -1
> @400059a9032f3aa9e02c 504248613.307311.5215: OK
> @400059a9032f337c simscan: clamdscan:
> @400059a9032f3764 simscan: clamdscan: --- SCAN SUMMARY 
> ---
> @400059a9032f3aab3fbc simscan: clamdscan: Infected files: 0
> @400059a9032f3aaba164 simscan: clamdscan: Time: 0.135 sec (0 m 0 s)
> @400059a9032f3aac39bc simscan: clamdscan: /var/qmail/simscan/15simscan: 
> exit error code: 71
> @400059a9032f3aaca334 04248613.308469.5216: OK
> @400059a9032f3aacddcc simscan: clamdscan:
> @400059a9032f3aace984 simscan: clamdscan: --- SCAN SUMMARY 
> ---
> @400059a9
>
>
> 
>
> 

Re: [qmailtoaster] using dovecot seive

[Rajesh M]

eric,

i followed the instructions you gave below and it worked perfectly.

the syntax error was in my dovecot.sieve file

once i used your setting the logs gave me the error, which i could fix and get 
it working.

dovecot created the following

[root@ns1 rajesh]# ls -la
total 24
drwx-- 4 vpopmail vchkpw 4096 Sep  1 21:01 .
drwx-- 5 vpopmail vchkpw 4096 Aug 30 23:37 ..
-rw--- 1 vpopmail vchkpw  265 Sep  1 21:01 .dovecot.lda-dupes --- created 
by dovecot
lrwxrwxrwx 1 vpopmail vchkpw   20 Aug 31 21:45 .dovecot.sieve -> 
.sieve/dovecot.sieve
drwx-- 8 vpopmail vchkpw 4096 Sep  1 20:55 Maildir
-rw--- 1 vpopmail vchkpw   74 Aug 31 23:21 .qmail
drwx-- 2 vpopmail vchkpw 4096 Sep  1 21:01 .sieve

[root@ns1 .sieve]# ls -la
total 20
drwx-- 2 vpopmail vchkpw 4096 Sep  1 21:01 .
drwx-- 4 vpopmail vchkpw 4096 Sep  1 21:01 ..
-rw--- 1 vpopmail vchkpw  261 Sep  1 21:00 dovecot.sieve
-rw--- 1 vpopmail vchkpw  203 Sep  1 20:55 dovecot.sieve.log --- created by 
dovecot
-rw--- 1 vpopmail vchkpw  273 Sep  1 21:01 dovecot.svbin --- created by 
dovecot -- compiled version of dovecot.sieve


btw it gave me a message as such in the /var/log/dovecot-lda/dovecot-lda.log

nothing in the /var/log/dovecot-lda/dovecot-lda-errors.log

Sep 01 20:55:29 lda(raj...@aaaonlinux.com): Info: sieve: Failed to compile 
script `/home/vpopmail/domains/x.com/rajesh/.sieve/dovecot.sieve'
(view user logfile 
`/home/vpopmail/domains/x.com/rajesh/.sieve/dovecot.sieve.log' for more 
information)

i have placed all the configurations in dovecot.conf file (am not using any of 
the files in conf.d) arranged sequentially as per the conf.d numbering


regds
rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thu, 31 Aug 2017 19:35:30 -0600
Subject:

Hi Rajesh,

I'm not sure if you've gotten this working yet. I tried some
experimentation and I got this working on my host albeit that roundcube
created my files and directories under the user.

Notice especially the 'tmp' directory under ~/.sieve, you may need
it...not sure. Anyway here's everything I did.

# ls -la /home/vpopmail/domains/mydomain.com/user/
total 24
drwx--  4 vpopmail vchkpw 4096 Aug 31 19:11 .
drwx--  5 vpopmail vchkpw 4096 Aug 31 19:06 ..
-rw---  1 vpopmail vchkpw  300 Aug 31 19:11 .dovecot.lda-dupes
lrwxrwxrwx  1 vpopmail vchkpw   22 Aug 31 07:16 .dovecot.sieve ->
.sieve/roundcube.sieve
-rw---  1 vpopmail vchkpw  278 Aug 31 19:09 .dovecot.svbin
drwx-- 14 vpopmail vchkpw 4096 Aug 31 19:13 Maildir
drwx--  3 vpopmail vchkpw 4096 Aug 31 19:08 .sieve

--

# ls -la /home/vpopmail/domains/mydomain.com/user/.sieve
total 16
drwx-- 3 vpopmail vchkpw 4096 Aug 31 19:08 .
drwx-- 4 vpopmail vchkpw 4096 Aug 31 19:11 ..
-rw--- 1 vpopmail vchkpw  120 Aug 31 19:08 roundcube.sieve
drwx-- 2 vpopmail vchkpw 4096 Aug 31 19:08 tmp

--

# cat /home/vpopmail/domains/mydomain.com/user/.dovecot.sieve
# rule:[ToUserOtherDomain]
if header :contains "from" "u...@mydomain2.com"
{
         redirect "u...@myotherdomain.com";
}

--

It all came out in the log file /var/log/dovecot-lda/lda.log correctly

--

Dovecot settings: /etc/dovecot/local.conf :

protocol lda {
   mail_debug=yes
   mail_plugins = $mail_plugins sieve
   deliver_log_format = From:<%f>-<%e> :: Subject:<%s> :: Status:<%$> ::
MsgID:<%m> :: Size<%p> :: vSize<%w>
   log_path = /var/log/dovecot-lda/lda-err.log
   info_log_path = /var/log/dovecot-lda/lda.log
   #postmaster_address = postmaster@
}
plugin {
       sieve = ~/.dovecot.sieve
       sieve_dir = ~/.sieve
}

--

Dovecot settings: /etc/dovecot/toaster.conf

protocols = imap pop3 sieve

service managesieve-login {
    inet_listener sieve {
    port = 4190
    }
}

--

# ls -ld /var/log/dov*lda*
drwxrwx--- 2 vpopmail vchkpw 4096 Nov 10  2016 /var/log/dovecot-lda

--

# ls -l /var/log/dov*lda*
total 136
-rw--- 1 vpopmail vchkpw    418 Nov 12  2016 lda-err.log
-rw--- 1 vpopmail vchkpw 129882 Aug 31 19:12 lda.log

--

# cat /home/vpopmail/domains/mydomain.com/.qmail-default

|/var/qmail/bin/preline -f /usr/libex

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

remo / eric

i have still not being able to resolve the qq soft reject error.

these are my findings

1) the errors i see are "error forking qmail-queue" and "ripmime error" which 
causes the qq soft reject.

2) the max concurrent connections in the logs is around 35.

3)  These errors come up during peak working hours when the server is under a  
load of 4 - 8, and they increase the load even more to over 10-15.

4) i came across this link (not sure if this is related)
https://github.com/qmail/simscan/blob/master/simscan.c

5) i can share with you my live smtp logs with simscan debug.

have extracted some lines below


Error forking qmail-queue

@400059a8fa7b0a2ed1b4 tcpserver: status: 31/200
@400059a8fa7b13162584 simscan: cdb looking up version spam
@400059a8fa7b13166bd4 simscan: runned_scanners is  attach: 1.4.0 clamav: 
0.98.6/m: spam: 3.3.2
@400059a8fa7b13166fbc simscan: found 3.3.2
@400059a8fa7b13168efc simscan:[10757]:CLEAN (5.00/30.00):9.7712s:-Possible 
Spam- RE_ REQUIRE BOOKING // 1X20  //
ICD TKD TO BANDAR 
ABASS:103.241.181.228:cs@atlasdecargo.com:rathe...@radiant-india.net
@400059a8fa7b1316cd7c simscan: done, execing qmail-queue
@400059a8fa7b1316fc5c simscan: error forking qmail-queue
@400059a8fa7b13199854 simscan: exit error code: 71
@400059a8fa7b131c4004 qmail-smtpd: qq soft reject (mail server temporarily 
rejected message (#4.3.0)): MAILFROM:<cs@x.com>
RCPTTO:rathe...@y.net


Error in ripmime

@400059a8fa98045a4bc4 simscan: pelookup: domain is aissamaritime.in
@400059a8fa98045a4bc4 simscan: cdb looking up aissamaritime.in
@400059a8fa98045a4fac simscan: pelookup: local part is shailesh_k_bom
@400059a8fa98045a4fac simscan: lpart: local part is **
@400059a8fa98045a5394 simscan: cdb looking up 
shailesh_k_...@aissamaritime.in
@400059a8fa98045a5394 simscan: ripmime error
@400059a8fa98045a6334 simscan: exit error code: 71
@400059a8fa98045a95fc qmail-smtpd: qq soft reject (mail server temporarily 
rejected message (#4.3.0)):
MAILFROM:<imp...@xxx.in> RCPTTO:shailesh_k_...@yy.in


Wierd error logs

@400059a9032f3aa79a24 simscan: clamdscan: --- SCAN SUMMARY 
---
@400059a9032f3aa7b964 simscan: clamdscan: 
/var/qmail/simscan/1504248613.321653.5221: OK
@400059a9032f3aa86d14 simscan: clamdscan:
@400059a9032f3aa870fc simscan: clamdscan: ---simscan: cdb looking up 
version clamav
@400059a9032f3aa8a3c4  SCAN simscan: clamdscan: SIUnMfMeAcRtYe d- 
-fsimscan: runned_scanners is  attach: 1.4.0 clamav: 0.98.6/m:
@400059a9032f3aa8c304 -isimscan: found 0.98.6/m:
@400059a9032f3aa8c6ec -l-e-s-:- -0
@400059a9032f3aa8f1e4 --simscan: normal clamdscan return code: 0
@400059a9032f3aa8f1e4
@400059a9032f3aa8f5cc simscan: clamdscan: Infected fsimscan: clamdscan: 
iTliemes::  00
@400059a9032f3aa93834 .simscan: clamdscan: 1T1i8m es:e c0 .1(002  ms 
e0simscan: calling spamc
@400059a9032f3aa96ee4 c  s(0)simscan: calling /usr/bin/spamc simscan: 
clamdscan:
@400059a9032f3aa999dc  spamcm
@400059a9032f3aa999dc 0 s)
@400059a9032f3aa9ad64 /var/qmail/simscan/1simscan: check_spam had an error 
ret: -1
@400059a9032f3aa9e02c 504248613.307311.5215: OK
@400059a9032f337c simscan: clamdscan:
@400059a9032f3764 simscan: clamdscan: --- SCAN SUMMARY 
---
@400059a9032f3aab3fbc simscan: clamdscan: Infected files: 0
@400059a9032f3aaba164 simscan: clamdscan: Time: 0.135 sec (0 m 0 s)
@400059a9032f3aac39bc simscan: clamdscan: /var/qmail/simscan/15simscan: 
exit error code: 71
@400059a9032f3aaca334 04248613.308469.5216: OK
@400059a9032f3aacddcc simscan: clamdscan:
@400059a9032f3aace984 simscan: clamdscan: --- SCAN SUMMARY 
---
@400059a9




@400059a9032f3aa86d14 simscan: clamdscan:
@400059a9032f3aa870fc simscan: clamdscan: ---simscan: cdb looking up 
version clamav
@400059a9032f3aa8a3c4  SCAN simscan: clamdscan: SIUnMfMeAcRtYe d- 
-fsimscan: runned_scanners is  attach: 1.4.0 clamav: 0.98.6/m:
@400059a9032f3aa8c304 -isimscan: found 0.98.6/m:
@400059a9032f3aa8c6ec -l-e-s-:- -0
@400059a9032f3aa8f1e4 --simscan: normal clamdscan return code: 0
@400059a9032f3aa8f1e4
@400059a9032f3aa8f5cc simscan: clamdscan: Infected fsimscan: clamdscan: 
iTliemes::  00
@400059a9032f3aa93834 .simscan: clamdscan: 1T1i8m es:e c0 .1(002  ms 
e0simscan: calling spamc
@400059a9032f3aa96ee4 c  s(0)simscan: calling /usr/bin/spamc simscan: 
clamdscan:
@400059a9032f3aa999dc  spamcm
@400059a9032f3aa999dc 0 s)
@400059a9032f3aa9ad64 /var/qmail/simscan/1simscan: check_spam had an error 
ret: -1
@400059a9032f3aa9e02c 504248613.307311.5215: OK
@400059a9032f337c simscan: clamdscan:
@400059a9032f3764 simscan: clamdscan: --- SCAN SUMMARY 
---
@400059a9032f3aab3fbc simsc

Re: [qmailtoaster] using dovecot seive

[Rajesh M]

eric / remo

will be working on remo's config over the weekend and will definitely revert 
with the step by step process

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thu, 31 Aug 2017 19:35:30 -0600
Subject:

Hi Rajesh,

I'm not sure if you've gotten this working yet. I tried some
experimentation and I got this working on my host albeit that roundcube
created my files and directories under the user.

Notice especially the 'tmp' directory under ~/.sieve, you may need
it...not sure. Anyway here's everything I did.

# ls -la /home/vpopmail/domains/mydomain.com/user/
total 24
drwx--  4 vpopmail vchkpw 4096 Aug 31 19:11 .
drwx--  5 vpopmail vchkpw 4096 Aug 31 19:06 ..
-rw---  1 vpopmail vchkpw  300 Aug 31 19:11 .dovecot.lda-dupes
lrwxrwxrwx  1 vpopmail vchkpw   22 Aug 31 07:16 .dovecot.sieve ->
.sieve/roundcube.sieve
-rw---  1 vpopmail vchkpw  278 Aug 31 19:09 .dovecot.svbin
drwx-- 14 vpopmail vchkpw 4096 Aug 31 19:13 Maildir
drwx--  3 vpopmail vchkpw 4096 Aug 31 19:08 .sieve

--

# ls -la /home/vpopmail/domains/mydomain.com/user/.sieve
total 16
drwx-- 3 vpopmail vchkpw 4096 Aug 31 19:08 .
drwx-- 4 vpopmail vchkpw 4096 Aug 31 19:11 ..
-rw--- 1 vpopmail vchkpw  120 Aug 31 19:08 roundcube.sieve
drwx-- 2 vpopmail vchkpw 4096 Aug 31 19:08 tmp

--

# cat /home/vpopmail/domains/mydomain.com/user/.dovecot.sieve
# rule:[ToUserOtherDomain]
if header :contains "from" "u...@mydomain2.com"
{
         redirect "u...@myotherdomain.com";
}

--

It all came out in the log file /var/log/dovecot-lda/lda.log correctly

--

Dovecot settings: /etc/dovecot/local.conf :

protocol lda {
   mail_debug=yes
   mail_plugins = $mail_plugins sieve
   deliver_log_format = From:<%f>-<%e> :: Subject:<%s> :: Status:<%$> ::
MsgID:<%m> :: Size<%p> :: vSize<%w>
   log_path = /var/log/dovecot-lda/lda-err.log
   info_log_path = /var/log/dovecot-lda/lda.log
   #postmaster_address = postmaster@
}
plugin {
       sieve = ~/.dovecot.sieve
       sieve_dir = ~/.sieve
}

--

Dovecot settings: /etc/dovecot/toaster.conf

protocols = imap pop3 sieve

service managesieve-login {
    inet_listener sieve {
    port = 4190
    }
}

--

# ls -ld /var/log/dov*lda*
drwxrwx--- 2 vpopmail vchkpw 4096 Nov 10  2016 /var/log/dovecot-lda

--

# ls -l /var/log/dov*lda*
total 136
-rw--- 1 vpopmail vchkpw    418 Nov 12  2016 lda-err.log
-rw--- 1 vpopmail vchkpw 129882 Aug 31 19:12 lda.log

--

# cat /home/vpopmail/domains/mydomain.com/.qmail-default

|/var/qmail/bin/preline -f /usr/libexec/dovecot/deliver -d $EXT@$USER -o
postmaster_address=postmas...@mydomain.com


--

Hope this helps!

Eric


On 8/31/2017 12:12 PM, Rajesh M wrote:
> eric / remo
>
> do we need to make any changes to the files inside conf.d ?
>
> rajesh
>
> - Original Message -
> From: Rajesh M [mailto:24x7ser...@24x7server.net]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Thu, 31 Aug 2017 23:33:59 +0530
> Subject:
>
> nothing at all in /var/log/dovecot-lda/dovecot-lda.log
>
> looks like i am missing something crucial.
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Thu, 31 Aug 2017 11:55:28 -0600
> Subject:
>
> Nothing/Anything in /var/log/dovecot-lda/dovecot-lda-errors.log ???
>
>
> On 8/31/2017 11:50 AM, Rajesh M wrote:
>> this is what i have done
>>
>> 2a) Add the following lines to /etc/dovecot/local.conf:
>>   protocol lda {
>> log_path = /var/log/dovecot-lda/dovecot-lda-errors.log
>> info_log_path = /var/log/dovecot-lda/dovecot-lda.log
>>  }
>>  Create and change the permissions on the directory /var/log/dovecot-lda
>>  # mkdir /var/log/dovecot-lda
>>  # chmod 770 /var/log/dovecot-lda
>>  # chown vpopmail.vchkpw /var/log/dovecot-lda
>>  Add /etc/logrotate.d/dovecot-lda and settings appropriate
>>
>> i am sending email from host

Re: [qmailtoaster] using dovecot seive

[Rajesh M]

eric / remo

do we need to make any changes to the files inside conf.d ?

rajesh

- Original Message -
From: Rajesh M [mailto:24x7ser...@24x7server.net]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thu, 31 Aug 2017 23:33:59 +0530
Subject:

nothing at all in /var/log/dovecot-lda/dovecot-lda.log

looks like i am missing something crucial.

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thu, 31 Aug 2017 11:55:28 -0600
Subject:

Nothing/Anything in /var/log/dovecot-lda/dovecot-lda-errors.log ???


On 8/31/2017 11:50 AM, Rajesh M wrote:
> this is what i have done
>
> 2a) Add the following lines to /etc/dovecot/local.conf:
>  protocol lda {
>log_path = /var/log/dovecot-lda/dovecot-lda-errors.log
>info_log_path = /var/log/dovecot-lda/dovecot-lda.log
> }
> Create and change the permissions on the directory /var/log/dovecot-lda
> # mkdir /var/log/dovecot-lda
> # chmod 770 /var/log/dovecot-lda
> # chown vpopmail.vchkpw /var/log/dovecot-lda
> Add /etc/logrotate.d/dovecot-lda and settings appropriate
>
> i am sending email from host...@.com to raj...@.com and a there is a 
> sieve rule to forward the email to ad...@.com
> email is being correctly delivered to raj...@.com but not being forwarded 
> to ad...@.com
>
> [root@ns1 rajesh]# tail -f /var/log/dovecot-lda/dovecot-lda.log
> Aug 31 21:46:56 lda(raj...@.com): Info: 
> msgid=<8d066ea0-cea3-c45d-1899-39e36e6a4...@.com>: saved mail to INBOX
> Aug 31 21:50:54 lda(raj...@.com): Info: 
> msgid=<cd64dca6-f5f9-b6c2-4d0e-5ebb04eee...@.com>: saved mail to INBOX
> Aug 31 22:19:26 lda(raj...@.com): Info: 
> msgid=<e1805e35-5fcb-bfd6-5ca2-c1d673a32...@.com>: saved mail to INBOX
> Aug 31 22:22:59 lda(raj...@.com): Info: 
> msgid=<356e1818-2a24-6402-0e20-ddcf03325...@.com>: saved mail to INBOX
> Aug 31 23:03:15 lda(raj...@.com): Info: 
> msgid=<83df1f93-fe93-fbd4-c079-1dd319a98...@.com>: saved mail to INBOX
>
> rajesh
>
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Thu, 31 Aug 2017 11:41:00 -0600
> Subject:
>
> Rajesh,
>
> Have a look at my notes, are you looking in the correct log file and/or
> how do you have logging set up for Dovecot LDA
>
> http://www.qmailtoaster.org/notes.html
>
> Eric
>
>
> On 8/31/2017 11:37 AM, Rajesh M wrote:
>> eric
>>
>> what is puzzling is that there is nothing in the dovecot error log
>>
>> [root@ns1 rajesh]# doveconf -n | grep sieve
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope encoded-character 
>> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags 
>> copy include variables body enotify environment mailbox date index ihave 
>> duplicate mime foreverypart extracttext spamtest spamtestplus imapflags 
>> notify vnd.dovecot.duplicate
>> sieve = ~/.sieve/dovecot.sieve
>> sieve_before = /etc/dovecot/sieve/
>> sieve_dir = ~/.sieve
>> sieve_extensions = +notify +imapflags +vnd.dovecot.duplicate +spamtest 
>> +spamtestplus +relational +comparator-i;ascii-numeric
>> protocols = imap pop3 sieve
>> service managesieve-login {
>> inet_listener sieve {
>>
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To: qmailtoaster-list@qmailtoaster.com
>> Sent: Thu, 31 Aug 2017 11:33:45 -0600
>> Subject:
>>
>> Can you dump dovecot
>>
>> #  doveconf -n | grep sieve
>>
>> And post?
>>
>>
>> On 8/31/2017 11:16 AM, Rajesh M wrote:
>>> eric / remo
>>>
>>> still not getting dovecot lda to forward emails based on rules. have copied 
>>> below my configurations.
>>>
>>> /home/vpopmail/domains/x.com/rajesh
>>> [root@ns1 rajesh]# ls -la
>>> total 20
>>> drwx-- 4 vpopmail vchkpw 4096 Aug 31 21:45 .
>>> drwx-- 5 vpopmail vchkpw 4096 Aug 30 23:37 ..
>>> lrwxrwxrwx 1 vpopmail vchkpw   20 Aug 31 21:45 .dovecot.sieve -> 
>>> .sieve/dovecot.sieve
>>> drwx-- 8 vpopmail vchkpw 4096 Aug 31 22:23 Maildir
>>> -rw--- 1 vpopmail vchkpw   85 Aug 30 23:47 .qmail
>>> drwx-- 2 vpopmail vchkpw 4096 Aug 30 17:38 .sieve
>>>
>>>
>>> [root@ns1 rajesh]# ls -la .sieve
>>> total 12
>>> drwx-- 2 vpopmail vchkpw 4096 Aug 30 17:38 .
>>> drwx-- 4 vpopma

Re: [qmailtoaster] using dovecot seive

[Rajesh M]

nothing at all in /var/log/dovecot-lda/dovecot-lda.log

looks like i am missing something crucial.

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thu, 31 Aug 2017 11:55:28 -0600
Subject:

Nothing/Anything in /var/log/dovecot-lda/dovecot-lda-errors.log ???


On 8/31/2017 11:50 AM, Rajesh M wrote:
> this is what i have done
>
> 2a) Add the following lines to /etc/dovecot/local.conf:
>  protocol lda {
>log_path = /var/log/dovecot-lda/dovecot-lda-errors.log
>info_log_path = /var/log/dovecot-lda/dovecot-lda.log
> }
> Create and change the permissions on the directory /var/log/dovecot-lda
> # mkdir /var/log/dovecot-lda
> # chmod 770 /var/log/dovecot-lda
> # chown vpopmail.vchkpw /var/log/dovecot-lda
> Add /etc/logrotate.d/dovecot-lda and settings appropriate
>
> i am sending email from host...@.com to raj...@.com and a there is a 
> sieve rule to forward the email to ad...@.com
> email is being correctly delivered to raj...@.com but not being forwarded 
> to ad...@.com
>
> [root@ns1 rajesh]# tail -f /var/log/dovecot-lda/dovecot-lda.log
> Aug 31 21:46:56 lda(raj...@.com): Info: 
> msgid=<8d066ea0-cea3-c45d-1899-39e36e6a4...@.com>: saved mail to INBOX
> Aug 31 21:50:54 lda(raj...@.com): Info: 
> msgid=<cd64dca6-f5f9-b6c2-4d0e-5ebb04eee...@.com>: saved mail to INBOX
> Aug 31 22:19:26 lda(raj...@.com): Info: 
> msgid=<e1805e35-5fcb-bfd6-5ca2-c1d673a32...@.com>: saved mail to INBOX
> Aug 31 22:22:59 lda(raj...@.com): Info: 
> msgid=<356e1818-2a24-6402-0e20-ddcf03325...@.com>: saved mail to INBOX
> Aug 31 23:03:15 lda(raj...@.com): Info: 
> msgid=<83df1f93-fe93-fbd4-c079-1dd319a98...@.com>: saved mail to INBOX
>
> rajesh
>
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Thu, 31 Aug 2017 11:41:00 -0600
> Subject:
>
> Rajesh,
>
> Have a look at my notes, are you looking in the correct log file and/or
> how do you have logging set up for Dovecot LDA
>
> http://www.qmailtoaster.org/notes.html
>
> Eric
>
>
> On 8/31/2017 11:37 AM, Rajesh M wrote:
>> eric
>>
>> what is puzzling is that there is nothing in the dovecot error log
>>
>> [root@ns1 rajesh]# doveconf -n | grep sieve
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope encoded-character 
>> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags 
>> copy include variables body enotify environment mailbox date index ihave 
>> duplicate mime foreverypart extracttext spamtest spamtestplus imapflags 
>> notify vnd.dovecot.duplicate
>> sieve = ~/.sieve/dovecot.sieve
>> sieve_before = /etc/dovecot/sieve/
>> sieve_dir = ~/.sieve
>> sieve_extensions = +notify +imapflags +vnd.dovecot.duplicate +spamtest 
>> +spamtestplus +relational +comparator-i;ascii-numeric
>> protocols = imap pop3 sieve
>> service managesieve-login {
>> inet_listener sieve {
>>
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To: qmailtoaster-list@qmailtoaster.com
>> Sent: Thu, 31 Aug 2017 11:33:45 -0600
>> Subject:
>>
>> Can you dump dovecot
>>
>> #  doveconf -n | grep sieve
>>
>> And post?
>>
>>
>> On 8/31/2017 11:16 AM, Rajesh M wrote:
>>> eric / remo
>>>
>>> still not getting dovecot lda to forward emails based on rules. have copied 
>>> below my configurations.
>>>
>>> /home/vpopmail/domains/x.com/rajesh
>>> [root@ns1 rajesh]# ls -la
>>> total 20
>>> drwx-- 4 vpopmail vchkpw 4096 Aug 31 21:45 .
>>> drwx-- 5 vpopmail vchkpw 4096 Aug 30 23:37 ..
>>> lrwxrwxrwx 1 vpopmail vchkpw   20 Aug 31 21:45 .dovecot.sieve -> 
>>> .sieve/dovecot.sieve
>>> drwx-- 8 vpopmail vchkpw 4096 Aug 31 22:23 Maildir
>>> -rw--- 1 vpopmail vchkpw   85 Aug 30 23:47 .qmail
>>> drwx-- 2 vpopmail vchkpw 4096 Aug 30 17:38 .sieve
>>>
>>>
>>> [root@ns1 rajesh]# ls -la .sieve
>>> total 12
>>> drwx-- 2 vpopmail vchkpw 4096 Aug 30 17:38 .
>>> drwx-- 4 vpopmail vchkpw 4096 Aug 31 21:45 ..
>>> -rw--- 1 vpopmail vchkpw  160 Aug 30 17:38 dovecot.sieve
>>>
>>>
>>> .dovecot.sieve
>>>
>>> # rule:[globalpay-forwarder - move]
>>> if anyof (head

Re: [qmailtoaster] using dovecot seive

[Rajesh M]

this is what i have done

2a) Add the following lines to /etc/dovecot/local.conf:
protocol lda {
  log_path = /var/log/dovecot-lda/dovecot-lda-errors.log
  info_log_path = /var/log/dovecot-lda/dovecot-lda.log
   }
   Create and change the permissions on the directory /var/log/dovecot-lda
   # mkdir /var/log/dovecot-lda
   # chmod 770 /var/log/dovecot-lda
   # chown vpopmail.vchkpw /var/log/dovecot-lda
   Add /etc/logrotate.d/dovecot-lda and settings appropriate

i am sending email from host...@.com to raj...@.com and a there is a 
sieve rule to forward the email to ad...@.com
email is being correctly delivered to raj...@.com but not being forwarded 
to ad...@.com

[root@ns1 rajesh]# tail -f /var/log/dovecot-lda/dovecot-lda.log
Aug 31 21:46:56 lda(raj...@.com): Info: 
msgid=<8d066ea0-cea3-c45d-1899-39e36e6a4...@.com>: saved mail to INBOX
Aug 31 21:50:54 lda(raj...@.com): Info: 
msgid=<cd64dca6-f5f9-b6c2-4d0e-5ebb04eee...@.com>: saved mail to INBOX
Aug 31 22:19:26 lda(raj...@.com): Info: 
msgid=<e1805e35-5fcb-bfd6-5ca2-c1d673a32...@.com>: saved mail to INBOX
Aug 31 22:22:59 lda(raj...@.com): Info: 
msgid=<356e1818-2a24-6402-0e20-ddcf03325...@.com>: saved mail to INBOX
Aug 31 23:03:15 lda(raj...@.com): Info: 
msgid=<83df1f93-fe93-fbd4-c079-1dd319a98...@.com>: saved mail to INBOX

rajesh



- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thu, 31 Aug 2017 11:41:00 -0600
Subject:

Rajesh,

Have a look at my notes, are you looking in the correct log file and/or
how do you have logging set up for Dovecot LDA

http://www.qmailtoaster.org/notes.html

Eric


On 8/31/2017 11:37 AM, Rajesh M wrote:
> eric
>
> what is puzzling is that there is nothing in the dovecot error log
>
> [root@ns1 rajesh]# doveconf -n | grep sieve
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character 
> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags 
> copy include variables body enotify environment mailbox date index ihave 
> duplicate mime foreverypart extracttext spamtest spamtestplus imapflags 
> notify vnd.dovecot.duplicate
>sieve = ~/.sieve/dovecot.sieve
>sieve_before = /etc/dovecot/sieve/
>sieve_dir = ~/.sieve
>sieve_extensions = +notify +imapflags +vnd.dovecot.duplicate +spamtest 
> +spamtestplus +relational +comparator-i;ascii-numeric
> protocols = imap pop3 sieve
> service managesieve-login {
>inet_listener sieve {
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Thu, 31 Aug 2017 11:33:45 -0600
> Subject:
>
> Can you dump dovecot
>
> #  doveconf -n | grep sieve
>
> And post?
>
>
> On 8/31/2017 11:16 AM, Rajesh M wrote:
>> eric / remo
>>
>> still not getting dovecot lda to forward emails based on rules. have copied 
>> below my configurations.
>>
>> /home/vpopmail/domains/x.com/rajesh
>> [root@ns1 rajesh]# ls -la
>> total 20
>> drwx-- 4 vpopmail vchkpw 4096 Aug 31 21:45 .
>> drwx-- 5 vpopmail vchkpw 4096 Aug 30 23:37 ..
>> lrwxrwxrwx 1 vpopmail vchkpw   20 Aug 31 21:45 .dovecot.sieve -> 
>> .sieve/dovecot.sieve
>> drwx-- 8 vpopmail vchkpw 4096 Aug 31 22:23 Maildir
>> -rw--- 1 vpopmail vchkpw   85 Aug 30 23:47 .qmail
>> drwx-- 2 vpopmail vchkpw 4096 Aug 30 17:38 .sieve
>>
>>
>> [root@ns1 rajesh]# ls -la .sieve
>> total 12
>> drwx-- 2 vpopmail vchkpw 4096 Aug 30 17:38 .
>> drwx-- 4 vpopmail vchkpw 4096 Aug 31 21:45 ..
>> -rw--- 1 vpopmail vchkpw  160 Aug 30 17:38 dovecot.sieve
>>
>>
>> .dovecot.sieve
>>
>> # rule:[globalpay-forwarder - move]
>> if anyof (header :contains "From" "host...@x.com") {
>>   redirect :copy "ad...@yy.com";
>>   stop;
>> }
>>
>>
>> i have not created any global sieve script, only personal.
>>
>> # A path to a global sieve script file, which gets executed ONLY
>> # if user's private Sieve script doesn't exist. Be sure to
>> # pre-compile this script manually using the sievec command line
>> # tool.
>> #sieve_global_path = /var/lib/dovecot/sieve/default.sieve
>> #sieve_global_path = /etc/dovecot/globalsieverc
>>
>>
>> ### in the toaster.conf file under plugin
>>
>> plugin {
>> quota = maildir:ignore=Trash
>> quota_rule = ?:storage=0
>> sieve_global_path = /etc/dovecot/globalsieverc
>> # Directory for :personal include scripts f

Re: [qmailtoaster] using dovecot seive

[Rajesh M]

eric / remo

still not getting dovecot lda to forward emails based on rules. have copied 
below my configurations.

/home/vpopmail/domains/x.com/rajesh
[root@ns1 rajesh]# ls -la
total 20
drwx-- 4 vpopmail vchkpw 4096 Aug 31 21:45 .
drwx-- 5 vpopmail vchkpw 4096 Aug 30 23:37 ..
lrwxrwxrwx 1 vpopmail vchkpw   20 Aug 31 21:45 .dovecot.sieve -> 
.sieve/dovecot.sieve
drwx-- 8 vpopmail vchkpw 4096 Aug 31 22:23 Maildir
-rw--- 1 vpopmail vchkpw   85 Aug 30 23:47 .qmail
drwx-- 2 vpopmail vchkpw 4096 Aug 30 17:38 .sieve


[root@ns1 rajesh]# ls -la .sieve
total 12
drwx-- 2 vpopmail vchkpw 4096 Aug 30 17:38 .
drwx-- 4 vpopmail vchkpw 4096 Aug 31 21:45 ..
-rw--- 1 vpopmail vchkpw  160 Aug 30 17:38 dovecot.sieve


.dovecot.sieve

# rule:[globalpay-forwarder - move]
if anyof (header :contains "From" "host...@x.com") {
redirect :copy "ad...@yy.com";
stop;
}


i have not created any global sieve script, only personal.

# A path to a global sieve script file, which gets executed ONLY
# if user's private Sieve script doesn't exist. Be sure to
# pre-compile this script manually using the sievec command line
# tool.
#sieve_global_path = /var/lib/dovecot/sieve/default.sieve
#sieve_global_path = /etc/dovecot/globalsieverc


### in the toaster.conf file under plugin

plugin {
  quota = maildir:ignore=Trash
  quota_rule = ?:storage=0
sieve_global_path = /etc/dovecot/globalsieverc
# Directory for :personal include scripts for the include extension.
sieve = ~/.sieve/dovecot.sieve
sieve_before = /etc/dovecot/sieve/
sieve_dir = ~/.sieve
sieve_extensions = +notify +imapflags +vnd.dovecot.duplicate +spamtest 
+spamtestplus +relational +comparator-i;ascii-numeric
}

had a question -- how does dovecot know that ~/.sieve is the
/home/vpopmail/domains/x.com/rajesh directory

thanks
rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thu, 31 Aug 2017 07:25:50 -0600
Subject:

Hi Rajesh,

I use roundcube and it automatically creates the stuff, hopefully
correctly, when you open the Settings->Filters in the same with a
roundcube filter file. Here's what it looks like permissions and all:

# ls -la /home/vpopmail/domains/domain.tld/user
total 16
drwx--  4 vpopmail vchkpw 4096 Aug 31 07:16 .
drwx--  5 vpopmail vchkpw 4096 Feb  8  2017 ..
lrwxrwxrwx  1 vpopmail vchkpw   22 Aug 31 07:16 .dovecot.sieve ->
.sieve/roundcube.sieve
drwx-- 14 vpopmail vchkpw 4096 Aug 31 07:14 Maildir
drwx--  3 vpopmail vchkpw 4096 Aug 31 07:16 .sieve

# ls -la /home/vpopmail/domains/domain.tld/user/.sieve
total 16
drwx-- 3 vpopmail vchkpw 4096 Aug 31 07:16 .
drwx-- 4 vpopmail vchkpw 4096 Aug 31 07:16 ..
-rw--- 1 vpopmail vchkpw   18 Aug 31 07:16 roundcube.sieve
drwx-- 2 vpopmail vchkpw 4096 Aug 31 07:16 tmp


I imagine you could rename the filter file whatever you wanted (other
than .sieve/roundcube.sieve) and change the symlink (.dovecot.sieve) to
point to the same.

Hopefully this works for you else you'll need to experiment or invoke
Remo for help.

Eric





On 8/31/2017 6:52 AM, Rajesh M wrote:
> eric
>
> yes, that is correct. that is how i set up. sorry typo in my email ... ie 
> basically along with the .qmail file
>
> /home/vpopmail/domains/domain.tld/user/.sieve/
> /home/vpopmail/domains/domain.tld/user/.sieve/dovecot.sieve
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: 24x7ser...@24x7server.net
> Sent: Thu, 31 Aug 2017 06:45:59 -0600
> Subject:
>
> Rajesh,
>
> shouldn't the folder and file be
>
> /home/vpopmail/domains/domain.tld/user/.sieve/
> /home/vpopmail/domains/domain.tld/user/.sieve/dovecot.sieve
>
> not
>
>
> /home/vpopmail/domains/domain.tld/user/Maildir/.sieve/
> /home/vpopmail/domains/domain.tld/user/Maildir/.sieve/dovecot.sieve
>
> Eric
>
>
>
> On 8/31/2017 5:12 AM, Rajesh M wrote:
>> eric /
>>
>> still not able to get the routing done
>>
>> i don't use roundcube
>>
>> i manually create the .sieve folder and the dovecot.sieve in
>>
>> domain.com/user/Maildir folder
>>
>> what should the permissions be ?
>>
>> I receive no errors in the lda log file
>>
>> thanks
>> rajesh
>>
>> my dovecot file.
>>
>> [root@ns1 dovecot]# dovecot -n
>> # 2.2.25 (7be1766): /etc/dovecot/dovecot.conf
>> # Pigeonhole version 0.4.15 (97b3da0)
>> # OS: Linux 2.6.32-642.13.1.el6.x86_64 x86_64 CentOS release 6.7 (Final)
>> auth_cache_negative_ttl = 0
>> auth_cache_ttl = 0
>> auth_mechanisms = plain login digest-md5 cram-md5
>> default_login_user = vpopmail
>> disable_plaintext_auth = no
>> first_valid_gid = 89
>> fir

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

thank for sharing your experience remo,

so would the following be correct ?

chmod 2750  simscan
chown clamav.clamav simscan

do i need to stop qmail while applying this ?

rajesh


- Original Message -
From: Remo Mattei [mailto:r...@mattei.org]
To: qmailtoaster-list@qmailtoaster.com,24x7ser...@24x7server.net
Sent: Thu, 31 Aug 2017 07:23:20 -0700
Subject:

I had the same issue with qq.

I changed the permissions and all good. I also raised the value of the
softlimits exec /usr/bin/softlimit -m 104000

and my permissions are drwxr-s---   2 clamav clamav 4096 Aug 31 07:19
simscan

So hopefully this helps.

Remo


On 8/31/17 6:51 AM, Rajesh M wrote:
> eric
>
> on my qmailtoaster server (centos 6 64 bit)  there are several domains --- 
> high traffic
>
> about 80 percent of them are routed via the sophos antispam filter and then 
> passed on to the mailserver with spamassassin/clam disabled by adding the ip 
> of the sophos server to the tcp.smtp file to exclude the line 
> /var/qmail/bin/simscan
>
> the balance 20 are directly reaching the mailserver ie mx pointed to 
> mailserver instead of sophos server and are scanned with clam / spamassassin.
>
> today i turned on the spamassassin / clam for the above 80 percent domains 
> too and this started throwing qq reject errors on  a large scale but randomly.
>
> spamassassin child-processes was set to 20 to handle the load
>
> i checked the log files for the last 30 days till yesterday and found that 
> the same qq reject errors were present but very rarely ie 3 to 4 times on a 
> single day (occasional high load ??)
> so it seems that this error comes up only when the load on the server is 
> high, all take place when there are attachments.
>
> reading the thread you sent me, i am not sure whether it applies to my case 
> but i can try out.
>
> #
> drwxr-x---  2 clamav root 6 May  6 17:57 simscan/
>
> changing this to the following fixed the problem:
> drwxr-s---  2 clamav clamav 6 May  6 17:57 simscan/
> ###
>
> should i just
> chown clamav.clamav simscan
>
>
> thanks
> rajesh
>
>
>
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: 24x7ser...@24x7server.net
> Sent: Thu, 31 Aug 2017 06:42:08 -0600
> Subject:
>
> Have a look here, Rajesh, I'm not sure if it will help:
>
> https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg40456.html
>
>
> On 8/31/2017 4:51 AM, Rajesh M wrote:
>> hi
>>
>> centos 6 64 bit
>> SpamAssassin version 3.3.2
>> ClamAV 0.98.6/23745/Thu Aug 31 14:07:08 2017
>>
>> we have a sophos antispam firewall which receives our emails and then routes 
>> them to our mail server (qmailtoaster, dovecot, spamassassin, clam)
>>
>> in the mail server we had stopped spamassassin
>>
>> however due to some custom requirements by our clients we enabled the same
>>
>> however we get the following error when the load on the server is high on a 
>> random basis.
>>
>> 2017-08-31 14:48:05.753994500 simscan: calling spamc
>> 2017-08-31 14:48:05.754001500 simscan: calling /usr/bin/spamc  spamc
>> 2017-08-31 14:48:05.754010500 simscan: check_spam had an error ret: -1
>> 2017-08-31 14:48:05.754101500 simscan: exit error code: 71
>> 2017-08-31 14:48:05.754220500 qmail-smtpd: qq soft reject (mail server 
>> temporarily rejected message (#4.3.0)): MAILFROM:<sunil.saharan@@.com> 
>> RCPTTO:c...@.com
>>
>>
>> 2017-08-31 14:48:05.956137500 simscan: ripmime error
>> qmail-smtpd: qq soft reject (mail server temporarily rejected message
>>
>>
>>
>> if i disable simscan in tcp.smtp then errors do not take place.
>>
>> i enabled simscan debug and this is the result.
>>
>> 2017-08-31 14:48:05.956144500 qmail-smtpd: qq soft reject (mail server 
>> temporarily rejected message (#4.3.0)): MAILFROM:<sunil.saha...@.com> 
>> RCPTTO:inv1...@.net
>>
>>
>> clam=yes,spam=yes,spam_hits=30,spam_passthru=yes,attach=.ace:.arc:.arj:.b64:.bat:.bhx:.cab:.chm:.com:.cpl:.dll:.exe:.gz:.hqx:.hta:.inf:.ins:.iso:.isp:.jse:.lib:.lnk:.lzh:.mim:.msp:.mst:.pif:.reg:.scf:.scr:.sct:.shb:.shs:.sys:.taz:.tgz:.tz:.url:.uu:.uue:.vb:.vbe:.vbs:.wsc:.wsf:.wsh:.xxe:.docm:.z:.jar
>> 2017-08-31 14:48:05.746592500 simscan: pelookup clam = yes
>> 2017-08-31 14:48:05.746593500 simscan: pelookup spam = yes
>> 2017-08-31 14:48:05.746593500 simscan: pelookup spam_hits = 30
>> 2017-08-31 14:48:05.746595500 simscan: Per Domain Hits set to : 30.00
>> 2017-08-31 14:48:05.746595500 simscan: pelookup spam_passthru = yes
>> 2017-08-31 14:48:05.746596500 sim

Re: [qmailtoaster] qq soft reject errors on high load

[Rajesh M]

eric

on my qmailtoaster server (centos 6 64 bit)  there are several domains --- high 
traffic

about 80 percent of them are routed via the sophos antispam filter and then 
passed on to the mailserver with spamassassin/clam disabled by adding the ip of 
the sophos server to the tcp.smtp file to exclude the line 
/var/qmail/bin/simscan

the balance 20 are directly reaching the mailserver ie mx pointed to mailserver 
instead of sophos server and are scanned with clam / spamassassin.

today i turned on the spamassassin / clam for the above 80 percent domains too 
and this started throwing qq reject errors on  a large scale but randomly.

spamassassin child-processes was set to 20 to handle the load

i checked the log files for the last 30 days till yesterday and found that the 
same qq reject errors were present but very rarely ie 3 to 4 times on a single 
day (occasional high load ??)
so it seems that this error comes up only when the load on the server is high, 
all take place when there are attachments.

reading the thread you sent me, i am not sure whether it applies to my case but 
i can try out.

#
drwxr-x---  2 clamav root 6 May  6 17:57 simscan/

changing this to the following fixed the problem:
drwxr-s---  2 clamav clamav 6 May  6 17:57 simscan/
###

should i just
chown clamav.clamav simscan


thanks
rajesh





- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: 24x7ser...@24x7server.net
Sent: Thu, 31 Aug 2017 06:42:08 -0600
Subject:

Have a look here, Rajesh, I'm not sure if it will help:

https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg40456.html


On 8/31/2017 4:51 AM, Rajesh M wrote:
> hi
>
> centos 6 64 bit
> SpamAssassin version 3.3.2
> ClamAV 0.98.6/23745/Thu Aug 31 14:07:08 2017
>
> we have a sophos antispam firewall which receives our emails and then routes 
> them to our mail server (qmailtoaster, dovecot, spamassassin, clam)
>
> in the mail server we had stopped spamassassin
>
> however due to some custom requirements by our clients we enabled the same
>
> however we get the following error when the load on the server is high on a 
> random basis.
>
> 2017-08-31 14:48:05.753994500 simscan: calling spamc
> 2017-08-31 14:48:05.754001500 simscan: calling /usr/bin/spamc  spamc
> 2017-08-31 14:48:05.754010500 simscan: check_spam had an error ret: -1
> 2017-08-31 14:48:05.754101500 simscan: exit error code: 71
> 2017-08-31 14:48:05.754220500 qmail-smtpd: qq soft reject (mail server 
> temporarily rejected message (#4.3.0)): MAILFROM:<sunil.saharan@@.com> 
> RCPTTO:c...@.com
>
>
> 2017-08-31 14:48:05.956137500 simscan: ripmime error
> qmail-smtpd: qq soft reject (mail server temporarily rejected message
>
>
>
> if i disable simscan in tcp.smtp then errors do not take place.
>
> i enabled simscan debug and this is the result.
>
> 2017-08-31 14:48:05.956144500 qmail-smtpd: qq soft reject (mail server 
> temporarily rejected message (#4.3.0)): MAILFROM:<sunil.saha...@.com> 
> RCPTTO:inv1...@.net
>
>
> clam=yes,spam=yes,spam_hits=30,spam_passthru=yes,attach=.ace:.arc:.arj:.b64:.bat:.bhx:.cab:.chm:.com:.cpl:.dll:.exe:.gz:.hqx:.hta:.inf:.ins:.iso:.isp:.jse:.lib:.lnk:.lzh:.mim:.msp:.mst:.pif:.reg:.scf:.scr:.sct:.shb:.shs:.sys:.taz:.tgz:.tz:.url:.uu:.uue:.vb:.vbe:.vbs:.wsc:.wsf:.wsh:.xxe:.docm:.z:.jar
> 2017-08-31 14:48:05.746592500 simscan: pelookup clam = yes
> 2017-08-31 14:48:05.746593500 simscan: pelookup spam = yes
> 2017-08-31 14:48:05.746593500 simscan: pelookup spam_hits = 30
> 2017-08-31 14:48:05.746595500 simscan: Per Domain Hits set to : 30.00
> 2017-08-31 14:48:05.746595500 simscan: pelookup spam_passthru = yes
> 2017-08-31 14:48:05.746596500 simscan: unimplemented flag spam_passthru = yes
> 2017-08-31 14:48:05.746596500 simscan: pelookup attach = 
> .ace:.arc:.arj:.b64:.bat:.bhx:.cab:.chm:.com:.cpl:.dll:.exe:.gz:.hqx:.hta:.inf:.ins:.iso:.isp:.jse:.lib:.lnk:.lzh:.mim:.msp:.mst:.pif:.reg:.scf:.scr:.sct:.shb:.shs:.sys:.taz:.tgz:.tz:.url:.uu:.uue:.vb:.vbe:.vbs:.wsc:.wsf:.wsh:.xxe:.docm:.z:.jar
> 2017-08-31 14:48:05.746599500 simscan: attachment flag attach = 
> .ace:.arc:.arj:.b64:.bat:.bhx:.cab:.chm:.com:.cpl:.dll:.exe:.gz:.hqx:.hta:.inf:.ins:.iso:.isp:.jse:.lib:.lnk:.lzh:.mim:.msp:.mst:.pif:.reg:.scf:.scr:.sct:.shb:.shs:.sys:.taz:.tgz:.tz:.url:.uu:.uue:.vb:.vbe:.vbs:.wsc:.wsf:.wsh:.xxe:.docm:.z:.jar
> 2017-08-31 14:48:05.746602500 simscan: add_attach called with 
> .ace:.arc:.arj:.b64:.bat:.bhx:.cab:.chm:.com:.cpl:.dll:.exe:.gz:.hqx:.hta:.inf:.ins:.iso:.isp:.jse:.lib:.lnk:.lzh:.mim:.msp:.mst:.pif:.reg:.scf:.scr:.sct:.shb:.shs:.sys:.taz:.tgz:.tz:.url:.uu:.uue:.vb:.vbe:.vbs:.wsc:.wsf:.wsh:.xxe:.docm:.z:.jar
> 2017-08-31 14:48:05.746606500 simscan: .ace is attachment number 0
> 2017-08-31 14:48:05.746607500 simscan: .arc is at

RE: Fwd: Re: [qmailtoaster] using dovecot seive

[Rajesh M]

eric /

still not able to get the routing done

i don't use roundcube

i manually create the .sieve folder and the dovecot.sieve in

domain.com/user/Maildir folder

what should the permissions be ?

I receive no errors in the lda log file

thanks
rajesh

my dovecot file.

[root@ns1 dovecot]# dovecot -n
# 2.2.25 (7be1766): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.15 (97b3da0)
# OS: Linux 2.6.32-642.13.1.el6.x86_64 x86_64 CentOS release 6.7 (Final)
auth_cache_negative_ttl = 0
auth_cache_ttl = 0
auth_mechanisms = plain login digest-md5 cram-md5
default_login_user = vpopmail
disable_plaintext_auth = no
first_valid_gid = 89
first_valid_uid = 89
log_path = /var/log/dovecot.log
login_greeting = ready.
mail_plugins = " quota"
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date index ihave duplicate 
mime foreverypart extracttext spamtest spamtestplus imapflags notify 
vnd.dovecot.duplicate
namespace {
  inbox = yes
  location =
  prefix =
  separator = .
  type = private
}
passdb {
  args = cache_key=%u webmail=127.0.0.1
  driver = vpopmail
}
plugin {
  quota = maildir:ignore=Trash
  quota_rule = ?:storage=0
  sieve = ~/.sieve/dovecot.sieve
  sieve_before = /etc/dovecot/sieve/
  sieve_dir = ~/.sieve
  sieve_extensions = +notify +imapflags +vnd.dovecot.duplicate +spamtest 
+spamtestplus +relational +comparator-i;ascii-numeric
}
protocols = imap pop3 sieve
sendmail_path = /var/qmail/bin/sendmail
service imap-login {
  process_min_avail = 12
  service_count = 0
  vsz_limit = 512 M
}
service imap {
  process_limit = 2048
  process_min_avail = 50
  service_count = 1
  vsz_limit = 512 M
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
  service_count = 1
  vsz_limit = 64 M
}
service pop3-login {
  process_min_avail = 12
  service_count = 0
  vsz_limit = 512 M
}
service pop3 {
  process_limit = 256
  process_min_avail = 25
  service_count = 1
}
ssl_cert = mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 30 Aug 2017 15:39:42 -0600
Subject:

Rajesh,

Not to but in, but it looks like with Remo's configuration

   sieve = ~/.sieve/dovecot.sieve
   sieve_dir = ~/.sieve

you'll put your rule in

/home/vpopmail/domains/your.domain/your.user/.sieve/dovecot.sieve

Please correct if mistaken

Eric


On 8/30/2017 1:09 PM, Rajesh M wrote:
> Hi remo
>
> i have dovecot lda working. i could see from the log files that email is 
> being delivered.
>
> now the next step is configuring custom delivery rules per user ie if email 
> is from a specific email id then copy to another email id.
>
> i have the following in the dovecot.sieve file.
>
> # rule:[globalpay-forwarder - move]
> if anyof (header :contains "From""u...@xyz.com") {
>  redirect :copy"ad...@pqr.com";
>  stop;
> }
>
> question is where do i copy this file for every user who requires custom 
> rules.
>
> i read thru thehttps://wiki1.dovecot.org/LDA/Sieve/Dovecot
> but found a bit confusing
>
> what changes do i need to make in the dovecot,conf file
>
> what should the permissions be for the per user script file
>
> thanks
> rajesh
>
>
>
>
>
> - Original Message -
> From: Remo Mattei [mailto:r...@mattei.org]
> To:24x7ser...@24x7server.net
> Sent: Tue, 29 Aug 2017 10:37:43 -0700
> Subject:
>
> # 2.2.24 (a82c823): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.14 (099a97c)
> # OS: Linux 3.10.0-514.26.2.el7.x86_64 x86_64 CentOS Linux release
> 7.3.1611 (Core)
> auth_cache_size = 64 M
> auth_mechanisms = plain login digest-md5 cram-md5
> default_client_limit = 100
> first_valid_gid = 89
> first_valid_uid = 89
> hostname = qmail7.italy1.com
> log_path = /var/log/dovecot.log
> login_greeting = Italy1 Mail ready.
> mail_plugins = " quota"
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacation subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy include variables body enotify
> environment mailbox date index ihave duplicate mime foreverypart
> extracttext spamtest spamtestplus imapflags notify vnd.dovecot.duplicate
> namespace {
>    inbox = yes
>    location =
>    prefix =
>    separator = .
>    type = private
> }
> passdb {
>    args = cache_key=%u webmail=127.0.0.1
>    driver = vpopmail
> }
> plugin {
>    quota = maildir:ignore=Trash
>    quota_rule = ?:storage=0
>    sieve = ~/.sieve/dovecot.sieve
>    sieve_before = /etc/dovecot/sieve/
>    sieve_dir = ~/.sieve
>    sieve_extensions = +notify +imapflag

[qmailtoaster] qq soft reject errors on high load

[Rajesh M]

ile1 against 
.ace
2017-08-31 14:48:05.747446500 simscan: checking attachment textfile1 against 
.arc
2017-08-31 14:48:05.747446500 simscan: checking attachment textfile1 against 
.arj
2017-08-31 14:48:05.747447500 simscan: checking attachment textfile1 against 
.b64
2017-08-31 14:48:05.747447500 simscan: checking attachment textfile1 against 
.bat
2017-08-31 14:48:05.747448500 simscan: checking attachment textfile1 against 
.bhx
2017-08-31 14:48:05.747449500 simscan: checking attachment textfile1 against 
.cab
2017-08-31 14:48:05.747452500 simscan: checking attachment textfile1 against 
.chm
2017-08-31 14:48:05.747458500 simscan: checking attachment textfile1 against 
.com
2017-08-31 14:48:05.747459500 simscan: checking attachment textfile1 against 
.cpl
2017-08-31 14:48:05.747460500 simscan: checking attachment textfile1 against 
.dll
2017-08-31 14:48:05.747460500 simscan: checking attachment textfile1 against 
.exe
2017-08-31 14:48:05.747461500 simscan: checking attachment textfile1 against .gz
2017-08-31 14:48:05.747461500 simscan: checking attachment textfile1 against 
.hqx
2017-08-31 14:48:05.747465500 simscan: checking attachment textfile1 against 
.hta
2017-08-31 14:48:05.747466500 simscan: checking attachment textfile1 against 
.inf
2017-08-31 14:48:05.747467500 simscan: checking attachment textfile1 against 
.ins
2017-08-31 14:48:05.747467500 simscan: checking attachment textfile1 against 
.iso
2017-08-31 14:48:05.747468500 simscan: checking attachment textfile1 against 
.isp
2017-08-31 14:48:05.747469500 simscan: checking attachment textfile1 against 
.jse
2017-08-31 14:48:05.747477500 simscan: checking attachment textfile1 against 
.lib
2017-08-31 14:48:05.747477500 simscan: checking attachment textfile1 against 
.lnk
2017-08-31 14:48:05.747478500 simscan: checking attachment textfile1 against 
.lzh
2017-08-31 14:48:05.747478500 simscan: checking attachment textfile1 against 
.mim
2017-08-31 14:48:05.747478500 simscan: checking attachment textfile1 against 
.msp
2017-08-31 14:48:05.747479500 simscan: checking attachment textfile1 against 
.mst
2017-08-31 14:48:05.747481500 simscan: checking attachment textfile1 against 
.pif
2017-08-31 14:48:05.747482500 simscan: checking attachment textfile1 against 
.reg
2017-08-31 14:48:05.747485500 simscan: checking attachment textfile1 against 
.scf
2017-08-31 14:48:05.747486500 simscan: checking attachment textfile1 against 
.scr
2017-08-31 14:48:05.747486500 simscan: checking attachment textfile1 against 
.sct
2017-08-31 14:48:05.747487500 simscan: checking attachment textfile1 against 
.shb
2017-08-31 14:48:05.747487500 simscan: checking attachment textfile1 against 
.shs
2017-08-31 14:48:05.747487500 simscan: checking attachment textfile1 against 
.sys
2017-08-31 14:48:05.747489500 simscan: checking attachment textfile1 against 
.taz
2017-08-31 14:48:05.747490500 simscan: checking attachment textfile1 against 
.tgz
2017-08-31 14:48:05.747490500 simscan: checking attachment textfile1 against .tz
2017-08-31 14:48:05.747491500 simscan: checking attachment textfile1 against 
.url
2017-08-31 14:48:05.747491500 simscan: checking attachment textfile1 against .uu
2017-08-31 14:48:05.747491500 simscan: checking attachment textfile1 against 
.uue
2017-08-31 14:48:05.747493500 simscan: checking attachment textfile1 against .vb
2017-08-31 14:48:05.747494500 simscan: checking attachment textfile1 against 
.vbe
2017-08-31 14:48:05.747494500 simscan: checking attachment textfile1 against 
.vbs
2017-08-31 14:48:05.747495500 simscan: checking attachment textfile1 against 
.wsc
2017-08-31 14:48:05.747495500 simscan: checking attachment textfile1 against 
.wsf
2017-08-31 14:48:05.747495500 simscan: checking attachment textfile1 against 
.wsh
2017-08-31 14:48:05.747497500 simscan: checking attachment textfile1 against 
.xxe
2017-08-31 14:48:05.747501500 simscan: checking attachment textfile1 against 
.docm
2017-08-31 14:48:05.747502500 simscan: checking attachment textfile1 against .z
2017-08-31 14:48:05.747502500 simscan: checking attachment textfile1 against 
.jar
2017-08-31 14:48:05.747502500 simscan: cdb looking up version attach
2017-08-31 14:48:05.747503500 simscan: runned_scanners is  attach: 1.4.0
2017-08-31 14:48:05.747503500 simscan: found 1.4.0
2017-08-31 14:48:05.747503500 simscan: calling clamdscan
2017-08-31 14:48:05.753721500 simscan: clamdscan: 
/var/qmail/simscan/1504171085.205836.36767: OK
2017-08-31 14:48:05.753754500 simscan: clamdscan:
2017-08-31 14:48:05.753754500 simscan: clamdscan: --- SCAN SUMMARY 
---
2017-08-31 14:48:05.753768500 simscan: clamdscan: Infected files: 0
2017-08-31 14:48:05.753771500 simscan: clamdscan: Time: 0.004 sec (0 m 0 s)
2017-08-31 14:48:05.753957500 simscan: cdb looking up version clamav
2017-08-31 14:48:05.753968500 simscan: runned_scanners is  attach: 1.4.0 
clamav: 0.98.6/m:
2017-08-31 14:48:05.753969500 simscan: found 0.98.6/m:
2017-08-31 14:48:05.753974500 simscan: normal clamdscan return code: 0
2017

Re: [qmailtoaster] using dovecot seive

[Rajesh M]

could you please share the dovecot -n

rajesh

- Original Message -
From: Remo Mattei [mailto:r...@mattei.org]
To: qmailtoaster-list@qmailtoaster.com,24x7ser...@24x7server.net
Sent: Tue, 29 Aug 2017 09:42:37 -0700
Subject:

Hello Rajesh,
I have it running and it works fine. let me know if you have questions.
I am swamped  but I will try to help.

Remo

On 8/29/17 9:38 AM, Rajesh M wrote:
> hi
>
> are there any step by step instructions for using dovecot sieve.
>
> i require this for conditional forwarding rules like if email is from user 
> a...@domain.com then forward email to specific email id.
>
> i checked out a few messages on the forum and also followed instructions here
> https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg40536.html
>
> but am still not successful.
>
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] Change Default folder vpopmail

[Rajesh M]

one more point

in your rc.local

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local


## to be added

/etc/rc.d/init.d/dovecot stop
/etc/rc.d/init.d/qmail stop
/etc/rc.d/init.d/mysqld stop

/bin/mount --bind   /highcapacity   /home/vpopmail/domains

/etc/rc.d/init.d/mysqld start
/etc/rc.d/init.d/qmail start
/etc/rc.d/init.d/dovecot start

##

rajesh

- Original Message -
From: Rajesh M [mailto:24x7ser...@24x7server.net]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 29 Aug 2017 21:51:00 +0530
Subject:

stop qmail mysql dovecot spamassassin clam etc

/bin/mount --bind/highcapacity/home/vpopmail/domains

restart the above services

create a sample domain ; testdomain.com  and then check if folder is correctly 
created by
dir /highcapacity

dir /home/vpopmail/domains will also show the same folder.

this is how we use

you can even mount a one or more domain to another drive by

/bin/mount --bind /highcapacity/largesizedomain.com 
/home/vpopmail/domains/largesizedomain.com

we use in the above manner

rajesh

- Original Message -
From: Agni Isador H [mailto:agniisa...@gmail.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 29 Aug 2017 23:10:37 +0700
Subject:

Dear All,

Need your help, how to change default folder vpopmail to the other
folder, because
i want to use the other centos with high capacity disk.
Thanks.

regards,

Agni Isador H

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] using dovecot seive

[Rajesh M]

hi

are there any step by step instructions for using dovecot sieve.

i require this for conditional forwarding rules like if email is from user 
a...@domain.com then forward email to specific email id.

i checked out a few messages on the forum and also followed instructions here
https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg40536.html

but am still not successful.

rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] blocking phishing spam

[Rajesh M]

hi

we are constantly getting spam which has the following in the body of the email

dear u...@domain.com

where u...@domain.com is the mailto email id ie our customer's email id

is there a way to mark emails containing the mailto email id in the body of the 
email as spam ?

normal email communications never has such a scenario.

rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] spamming on server

[Rajesh M]

thanks all

figured this out.

i had recently updated qmail and it reinstalled sendmail binary.

i have removed this and also taken necessary precautions for tracking the 
culprits

rajesh


- Original Message -
From: Jaime Lerner [mailto:jaimeler...@geekgoddess.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 16 Aug 2017 09:25:09 -0400
Subject:

My guess is the spammer is using php's mail() function and you have your
server set up so the mail function goes into qmail rather than something
else. As long as you have your localhost allowed (as you do), any script
using the local mail() function will have full access.

From:  Rajesh M <24x7ser...@24x7server.net>
Reply-To:  <qmailtoaster-list@qmailtoaster.com>
Date:  Wednesday, August 16, 2017 at 9:22 AM
To:  <qmailtoaster-list@qmailtoaster.com>
Subject:  [qmailtoaster] spamming on server

hi

i have a few websites along with qmailtoaster

i noted that one of the websites with wordpress was hacked and using a php
script the spammer was injecting emails into the qmail queue ie there is
nothing in the smtp logs, but the send logs contained 1000s of remote
delivery entries.

i use squirrelmail but with smtp authentication only, ie email sent to
external domains from my server has to smtp authenticate first.

my tcp.smtp is as follows

127.0.0.1:allow
:allow,BADMIMETYPE="",QMAILQUEUE="/var/qmail/bin/simscan",BADLOADERTYPE="M",
CHKUSER_START="ALWAYS",
CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",
DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/q
mail/control/domainkeys/%/private"

how could the spammer directly inject email to the qmail queue ?

what am i missing here ?

thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] spamming on server

[Rajesh M]

hi

i have a few websites along with qmailtoaster

i noted that one of the websites with wordpress was hacked and using a php 
script the spammer was injecting emails into the qmail queue ie there is 
nothing in the smtp logs, but the send logs contained 1000s of remote delivery 
entries.

i use squirrelmail but with smtp authentication only, ie email sent to external 
domains from my server has to smtp authenticate first.

my tcp.smtp is as follows

127.0.0.1:allow
:allow,BADMIMETYPE="",QMAILQUEUE="/var/qmail/bin/simscan",BADLOADERTYPE="M",CHKUSER_START="ALWAYS",
CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",
DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

how could the spammer directly inject email to the qmail queue ?

what am i missing here ?

thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] statistics for qmailtoaster

[Rajesh M]

eric

i need to generate stats for emails rejected by rbl,
antivirus and spamassassin

i am starting out with spamassassin.

is there any ready script to process /var/log/spamd.log

rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] message sending fails in outlook

[Rajesh M]

eric

i have a specific scenario which is relevant only when outlook is used

outlook, in some rare cases, adds quotes and arrow brackets to the beginning 
and end of email ids while saving to the local address book .

Please see example below. When the sender sends an email to accou...@abc.net, 
there is a single quote at the end which is also considered as a part of the 
email id by qmail and hence is rejected

<'accou...@abc.net'>:
Sorry, I couldn't find any host named abc.net'. (#5.1.2)

how do i resolve this, ie qmail should trim arrow brackets and single quotes 
from both ends.

thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: Re[2]: [qmailtoaster] detect macros in ms documents

[Rajesh M]

hi,

i have implemented this plugin in all my production machines and it works 
smoothly with no noticeable cpu overhead.

anything document that downloads from a third partly location or calls the 
shell command is automatically detected as a virus whether a malware/virus is 
involved or not ... which is exactly what is required.

i created a "safe" macro word document which downloads a harmless file and the 
same was detected and rejected by the plugin.

many many thanks to person who developed this plugin.

rajesh


- Original Message -
From: Rajesh M [mailto:24x7ser...@24x7server.net]
To: ebr...@whitehorsetc.com,qmailtoaster-list@qmailtoaster.com
Sent: Sun, 6 Aug 2017 10:24:50 +0530
Subject:

eric

have implemented this in my production machines.

it seems to be working correctly.

will revert after a few days.

thank you,
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sat, 05 Aug 2017 07:21:41 +
Subject:

Sorry, didn't see the other files

# yum install perl-Archive-Zip
# yum install perl-IO-String
# cd /etc/spamassassin (or your spamassassin directory)
# wget -O ./OLEMacro.pm
https://raw.githubusercontent.com/fmbla/spamassassin-olemacro/master/OLEMacro.pm
# wget -O ./OLEMacro.cf
https://raw.githubusercontent.com/fmbla/spamassassin-olemacro/master/OLEMacro.cf
# wget -O ./OLEMacro.pre
https://raw.githubusercontent.com/fmbla/spamassassin-olemacro/master/OLEMacro.pre
# vi local.cf
Add:
include OLEMacro.cf
Save

# spamassassin --lint -D
Look for OLE




-- Original Message --
From: "Eric Broch" <ebr...@whitehorsetc.com>
To: qmailtoaster-list@qmailtoaster.com
Sent: 8/5/2017 12:44:12 AM
Subject: Re: [qmailtoaster] detect macros in ms documents

>Rajesh,
>
>I don't use it but wouldn't it be easy to apply?
>
># wget -O
>/usr/share/perl5/vendor_perl/Mail/SpamAssassin/Plugin/OLEMacro.pm
>https://raw.githubusercontent.com/fmbla/spamassassin-olemacro/master/OLEMacro.pm
>
># chmod 444
>/usr/share/perl5/vendor_perl/Mail/SpamAssassin/Plugin/OLEMacro.pm
>
>Add  the below line to /etc/spamassassin/local.cf
>
>loadplugin Mail::SpamAssassin::Plugin::OLEMacro
>
># spamassassin --lint -D  &> sadump.txt
>
>search sadump.txt for OLEMacro
>
>Eric
>
>
>-- Original Message --
>From: "Rajesh M" <24x7ser...@24x7server.net>
>To: qmailtoaster-list@qmailtoaster.com
>Sent: 8/4/2017 10:57:35 PM
>Subject: [qmailtoaster] detect macros in ms documents
>
>>hi
>>
>>there are rising number of incidences with ms .doc and .xls being
>>transmitted with embedded macro virus
>>
>>i found a tool here which will detect such files containing macro
>>virus and mark them as spam
>>https://github.com/fmbla/spamassassin-olemacro/blob/master/OLEMacro.pm
>>
>>i dont wish rely on antivirus -- in the last incident sophos,
>>kaspersky (i am seeing it fail for the first time) and clam did not
>>detect it.
>>
>>does anybody use the above spamassassin module or something equivalent
>>?
>>
>>rajesh
>>
>>



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: Re[2]: [qmailtoaster] detect macros in ms documents

[Rajesh M]

eric

have implemented this in my production machines.

it seems to be working correctly.

will revert after a few days.

thank you,
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sat, 05 Aug 2017 07:21:41 +
Subject:

Sorry, didn't see the other files

# yum install perl-Archive-Zip
# yum install perl-IO-String
# cd /etc/spamassassin (or your spamassassin directory)
# wget -O ./OLEMacro.pm
https://raw.githubusercontent.com/fmbla/spamassassin-olemacro/master/OLEMacro.pm
# wget -O ./OLEMacro.cf
https://raw.githubusercontent.com/fmbla/spamassassin-olemacro/master/OLEMacro.cf
# wget -O ./OLEMacro.pre
https://raw.githubusercontent.com/fmbla/spamassassin-olemacro/master/OLEMacro.pre
# vi local.cf
Add:
include OLEMacro.cf
Save

# spamassassin --lint -D
Look for OLE




-- Original Message --
From: "Eric Broch" <ebr...@whitehorsetc.com>
To: qmailtoaster-list@qmailtoaster.com
Sent: 8/5/2017 12:44:12 AM
Subject: Re: [qmailtoaster] detect macros in ms documents

>Rajesh,
>
>I don't use it but wouldn't it be easy to apply?
>
># wget -O
>/usr/share/perl5/vendor_perl/Mail/SpamAssassin/Plugin/OLEMacro.pm
>https://raw.githubusercontent.com/fmbla/spamassassin-olemacro/master/OLEMacro.pm
>
># chmod 444
>/usr/share/perl5/vendor_perl/Mail/SpamAssassin/Plugin/OLEMacro.pm
>
>Add  the below line to /etc/spamassassin/local.cf
>
>loadplugin Mail::SpamAssassin::Plugin::OLEMacro
>
># spamassassin --lint -D  &> sadump.txt
>
>search sadump.txt for OLEMacro
>
>Eric
>
>
>-- Original Message --
>From: "Rajesh M" <24x7ser...@24x7server.net>
>To: qmailtoaster-list@qmailtoaster.com
>Sent: 8/4/2017 10:57:35 PM
>Subject: [qmailtoaster] detect macros in ms documents
>
>>hi
>>
>>there are rising number of incidences with ms .doc and .xls being
>>transmitted with embedded macro virus
>>
>>i found a tool here which will detect such files containing macro
>>virus and mark them as spam
>>https://github.com/fmbla/spamassassin-olemacro/blob/master/OLEMacro.pm
>>
>>i dont wish rely on antivirus -- in the last incident sophos,
>>kaspersky (i am seeing it fail for the first time) and clam did not
>>detect it.
>>
>>does anybody use the above spamassassin module or something equivalent
>>?
>>
>>rajesh
>>
>>


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] detect macros in ms documents

[Rajesh M]

hi

there are rising number of incidences with ms .doc and .xls being transmitted 
with embedded macro virus

i found a tool here which will detect such files containing macro virus and 
mark them as spam
https://github.com/fmbla/spamassassin-olemacro/blob/master/OLEMacro.pm

i dont wish rely on antivirus -- in the last incident sophos, kaspersky (i am 
seeing it fail for the first time) and clam did not detect it.

does anybody use the above spamassassin module or something equivalent ?

rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] lot of cname lookup failed

[Rajesh M]

eric

thanks a lot

yes i am running qmailtoaster on centos6

now the next question is how do i patch ?

would need detailed steps please so that i don't go wrong anywhere

regds
rajesh





- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Thu, 20 Apr 2017 09:27:25 -0600
Subject:

Hi Rajesh,

I think you're still running QMT/CentOS 6, correct?

If so, I've uploaded a qmail update
<ftp://ftp.qmailtoaster.com/pub/repo/qmt/CentOS/6/testing/x86_64/qmail-1.03-1.qt.el6.x86_64.rpm>
to the QMT/CentOS 6 repository that incorporates the DNS patch you
referenced (any-to-cname.patch) and the starttls flush io patch
<http://www.kb.cert.org/vuls/id/555316> which I've been derelict in
implementing.

It has not been tested. If you do install it and something goes wrong,
it most likely won't, you can always downgrade which I've been doing
regularly with success (of late) on CentOS 7 with qmail while testing
other patches. Be mindful that I haven't downgraded on CentOS 6

The patch (below) has relatively minor, yet very helpful, coding changes.

Eric



diff -uNr qmtqmail-1.03/dns.c qmtqmail-1.03-new/dns.c
--- qmtqmail-1.03/dns.c 2017-04-20 08:54:53.142832827 -0600
+++ qmtqmail-1.03-new/dns.c 2017-04-20 08:59:46.309633810 -0600
@@ -256,7 +256,7 @@
 if (!sa->len) return loop;
 if (sa->s[sa->len - 1] == ']') return loop;
 if (sa->s[sa->len - 1] == '.') { --sa->len; continue; }
-   switch(resolve(sa,T_ANY))
+   switch(resolve(sa,T_CNAME))
  {
   case DNS_MEM: return DNS_MEM;
   case DNS_SOFT: return DNS_SOFT;
diff -uNr qmtqmail-1.03/qmail-smtpd.c qmtqmail-1.03-new/qmail-smtpd.c
--- qmtqmail-1.03/qmail-smtpd.c 2017-04-20 08:54:52.848840048 -0600
+++ qmtqmail-1.03-new/qmail-smtpd.c 2017-04-20 08:58:23.299671749 -0600
@@ -723,7 +723,9 @@

  char ssinbuf[1024];
  substdio ssin = SUBSTDIO_FDBUF(saferead,0,ssinbuf,sizeof ssinbuf);
-
+#ifdef TLS
+void flush_io() { ssin.p = 0; flush(); }
+#endif

  stralloc line = {0};
  stralloc base64types = {0};
@@ -1398,7 +1400,7 @@
  , { "rset", smtp_rset, 0 }
  , { "help", smtp_help, flush }
  #ifdef TLS
-, { "starttls", smtp_tls, flush }
+, { "starttls", smtp_tls, flush_io }
  #endif
  , { "noop", err_noop, flush }
  , { "vrfy", err_vrfy, flush }





On 4/20/2017 1:12 AM, Rajesh M wrote:
> hi eric
>
> we are receiving a lot of cname lookup failed.
>
> this happens on a random basis on all our qmailtoaster servers.
>
> our resolv.conf contains
>
> 127.0.0.1
> 8.8.8.8
> 8.8.4.4
>
> we use bind locally within the mail server and google's dns which is also set 
> as cache records and allow lookups from local ips only.
>
> Had a quick question
>
> there are supposedly two different patches.
>
> https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35981.html
>
> is qmailtoaster on whitehorse patched with both these two patches related to 
> dns.?
>
> DNS-related Patches by Jonathan de Boyne Pollard
> http://www.memoryhole.net/qmail/any-to-cname.patch
>
> thanks
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

--
Eric Broch, IMSO, DAM, NGOO, DITH, URTS
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] lot of cname lookup failed

[Rajesh M]

hi eric

we are receiving a lot of cname lookup failed.

this happens on a random basis on all our qmailtoaster servers.

our resolv.conf contains

127.0.0.1
8.8.8.8
8.8.4.4

we use bind locally within the mail server and google's dns which is also set 
as cache records and allow lookups from local ips only.

Had a quick question

there are supposedly two different patches.

https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35981.html

is qmailtoaster on whitehorse patched with both these two patches related to 
dns.?

DNS-related Patches by Jonathan de Boyne Pollard
http://www.memoryhole.net/qmail/any-to-cname.patch

thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] ssl/tls for iphones and mac

[Rajesh M]

hi

we recently purchased wildcard ssl for our mailserver and updated our 
servercert.pem file with rsa key and the certificates (domain certs and the 
chain)

*.myhostname.com

problem installing the ssl, iphones and macbooks are giving message that : 
certificate cannot be verified.

found out that iphones and mac use ssl/tls only and not starttls.

i configured slsl/tls using the following steps

http://wiki.qmailtoaster.com/index.php/SSL

1) Stop qmail:
# service qmail stop
2) Create the supervise directories for smtps
# mkdir -p /var/qmail/supervise/smtp-ssl/supervise 
/var/qmail/supervise/smtp-ssl/log/supervise"
3) Create a file named /var/qmail/supervise/smtp-ssl/run containing:
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
export SMTPS=1
exec /usr/bin/softlimit -m 1200 \
/usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 465 \
$SMTPD $VCHKPW /bin/true 2>&1

4) Create a file named /var/qmail/supervise/smtp-ssl/log/run containing:
#!/bin/sh
LOGSIZE=`cat /var/qmail/control/logsize`
LOGCOUNT=`cat /var/qmail/control/logcount`
exec /usr/bin/setuidgid qmaill /usr/bin/multilog \
 t s$LOGSIZE n$LOGCOUNT /var/log/qmail/smtp-ssl 2>&1

5) Execute the following commands:
# chmod +x /var/qmail/supervise/smtp-ssl/run 
/var/qmail/supervise/smtp-ssl/log/run
# chown -R qmaill:qmail /var/qmail/supervise/smtp-ssl
6) Start qmail:
# service qmail start
7) Open port tcp/465 in firewall if necessary.
8) Configure the client to use smtp-ssl via port 465.


now my worry is that i need to provide for smtp authentication also for 
outgoing messages

i tried adding export REQUIRE_AUTH=1 after export SMTPS=1, in the run file but 
it does not work.

help required please

thanks
rajesh



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] notlshosts

[Rajesh M]

eric

purchased a digital cert on my hostname  still does not work. so it does 
not seem a ssl cert related issue.

surprisingly --- 2 of the domains (smtp.hp.com and smtp.hpe.com) have started 
working from all the servers.

however mx02.emas.dbschenker.com still does not work (dbschenker.com)

something really weird.

rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 4 Apr 2017 22:29:35 -0600
Subject:

Rajesh,

Do you think the remote servers require a certificate signed by a
certificate authority (rather than self-signed)? I had to get one so
that some client's phones could connect to my qmailtoasters.

Eric


On 4/4/2017 9:16 PM, Rajesh M wrote:
> hi
>
> i am getting problems sending emails to specific domains
>
> i wish to enable notlshosts for such domain
>
> saw the wiki but not much use
> http://wiki.qmailtoaster.com/index.php/Notlshosts/FQDN
>
> saw a few examples in qmail forum but am not clear on the instructions.
>
> i require the detailed steps please.
>
> thanks
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

--
Eric Broch, IMSO, DAM, NGOO, DITH, URTS
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] notlshosts

[Rajesh M]

eric

i will give this a try and revert

these servers were accepting emails perfectly just 10 days ago and all of a 
sudden issues cropped up.

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 4 Apr 2017 22:29:35 -0600
Subject:

Rajesh,

Do you think the remote servers require a certificate signed by a
certificate authority (rather than self-signed)? I had to get one so
that some client's phones could connect to my qmailtoasters.

Eric


On 4/4/2017 9:16 PM, Rajesh M wrote:
> hi
>
> i am getting problems sending emails to specific domains
>
> i wish to enable notlshosts for such domain
>
> saw the wiki but not much use
> http://wiki.qmailtoaster.com/index.php/Notlshosts/FQDN
>
> saw a few examples in qmail forum but am not clear on the instructions.
>
> i require the detailed steps please.
>
> thanks
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

--
Eric Broch, IMSO, DAM, NGOO, DITH, URTS
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] notlshosts

[Rajesh M]

eric

i followed these instructions and it worked. the only problem is permissions. 
it works only if give 777 permissions.

thanks for your timely help.

however need to find out exact user/group and permissions.

tried giving ownership as root:qmail and rw-r-r permissions like other control 
files but did not work.

any clues ?

rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 4 Apr 2017 22:02:16 -0600
Subject:

Good documentation here as well
https://talk.plesk.com/threads/plesk-12-odin-script-to-disable-sslv3-problems.333574/


On 4/4/2017 9:16 PM, Rajesh M wrote:
> hi
>
> i am getting problems sending emails to specific domains
>
> i wish to enable notlshosts for such domain
>
> saw the wiki but not much use
> http://wiki.qmailtoaster.com/index.php/Notlshosts/FQDN
>
> saw a few examples in qmail forum but am not clear on the instructions.
>
> i require the detailed steps please.
>
> thanks
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

--
Eric Broch, IMSO, DAM, NGOO, DITH, URTS
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] notlshosts

[Rajesh M]

hi

i am getting problems sending emails to specific domains

i wish to enable notlshosts for such domain

saw the wiki but not much use
http://wiki.qmailtoaster.com/index.php/Notlshosts/FQDN

saw a few examples in qmail forum but am not clear on the instructions.

i require the detailed steps please.

thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] TLS connect failed: timed out

[Rajesh M]

eric

that is what is did.
first stop  wait for a minute and then start.

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 4 Apr 2017 08:35:13 -0600
Subject:

There is a difference between restart and stop/start. Try a stop/start.


On 4/4/2017 8:33 AM, Rajesh M wrote:
> eric
>
> yes, i restarted qmail.
>
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Tue, 4 Apr 2017 06:14:59 -0600
> Subject:
>
> Rajesh,
>
> Did you (restart)
>
> # qmailctl restart
>
> or
>
> (stop/start)
>
> # qmailctl stop
>
> # qmailctl start
>
> ?
>
> Eric
>
>
> On 4/4/2017 12:13 AM, Rajesh M wrote:
>> eric
>>
>> here are the details
>>
>> [root@ns1 control]# openssl version
>> OpenSSL 1.0.1e-fips 11 Feb 2013
>>
>> [root@ns1 control]# openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 
>> -cipher "AES256-SHA" -debug -msg -connect mx01.emas.dbschenker.com:25
>> CONNECTED(0003)
>> read from 0x1777e10 [0x17b9ae0] (4096 bytes => 75 (0x4B))
>>  - 32 32 30 20 6d 74 61 31-31 2e 65 6d 61 73 2e 64   220 mta11.emas.d
>> 0010 - 62 73 63 68 65 6e 6b 65-72 2e 63 6f 6d 20 45 53   bschenker.com ES
>> 0020 - 4d 54 50 20 53 6d 74 70-64 3b 20 54 75 65 2c 20   MTP Smtpd; Tue,
>> 0030 - 34 20 41 70 72 20 32 30-31 37 20 30 38 3a 31 32   4 Apr 2017 08:12
>> 0040 - 3a 33 30 20 2b 30 32 30-30 0d 0a  :30 +0200..
>> write to 0x1777e10 [0x17baaf0] (25 bytes => 25 (0x19))
>>  - 45 48 4c 4f 20 6f 70 65-6e 73 73 6c 2e 63 6c 69   EHLO openssl.cli
>> 0010 - 65 6e 74 2e 6e 65 74 0d-0aent.net..
>> read from 0x1777e10 [0x17b9ae0] (4096 bytes => 230 (0xE6))
>>  - 32 35 30 2d 6d 74 61 31-31 2e 65 6d 61 73 2e 64   250-mta11.emas.d
>> 0010 - 62 73 63 68 65 6e 6b 65-72 2e 63 6f 6d 20 48 65   bschenker.com He
>> 0020 - 6c 6c 6f 20 6e 73 31 2e-61 61 61 6f 6e 6c 69 6e   llo ns1.aaaonlin
>> 0030 - 75 78 2e 63 6f 6d 20 5b-31 30 33 2e 32 34 31 2e   ux.com [103.241.
>> 0040 - 31 38 31 2e 31 33 37 5d-2c 20 70 6c 65 61 73 65   181.137], please
>> 0050 - 64 20 74 6f 20 6d 65 65-74 20 79 6f 75 0d 0a 32   d to meet you..2
>> 0060 - 35 30 2d 45 4e 48 41 4e-43 45 44 53 54 41 54 55   50-ENHANCEDSTATU
>> 0070 - 53 43 4f 44 45 53 0d 0a-32 35 30 2d 50 49 50 45   SCODES..250-PIPE
>> 0080 - 4c 49 4e 49 4e 47 0d 0a-32 35 30 2d 38 42 49 54   LINING..250-8BIT
>> 0090 - 4d 49 4d 45 0d 0a 32 35-30 2d 53 49 5a 45 20 32   MIME..250-SIZE 2
>> 00a0 - 36 32 31 34 34 30 30 0d-0a 32 35 30 2d 41 55 54   6214400..250-AUT
>> 00b0 - 48 20 4c 4f 47 49 4e 20-50 4c 41 49 4e 0d 0a 32   H LOGIN PLAIN..2
>> 00c0 - 35 30 2d 53 54 41 52 54-54 4c 53 0d 0a 32 35 30   50-STARTTLS..250
>> 00d0 - 2d 44 45 4c 49 56 45 52-42 59 0d 0a 32 35 30 20   -DELIVERBY..250
>> 00e0 - 48 45 4c 50 0d 0a HELP..
>> write to 0x1777e10 [0x7ffd0b0c4880] (10 bytes => 10 (0xA))
>>  - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS..
>> read from 0x1777e10 [0x16aad00] (8192 bytes => 30 (0x1E))
>>  - 32 32 30 20 32 2e 30 2e-30 20 52 65 61 64 79 20   220 2.0.0 Ready
>> 0010 - 74 6f 20 73 74 61 72 74-20 54 4c 53 0d 0a to start TLS..
>> write to 0x1777e10 [0x17b9ae0] (99 bytes => 99 (0x63))
>>  - 16 03 01 00 5e 01 00 00-5a 03 03 58 e3 38 52 5c   ^...Z..X.8R\
>> 0010 - d3 37 8b 23 86 92 e6 63-2f e7 dd f9 ed 42 df 2b   .7.#...c/B.+
>> 0020 - 45 51 06 1e f2 f3 38 b1-36 c7 d4 00 00 04 00 35   EQ8.6..5
>> 0030 - 00 ff 01 00 00 2d 00 23-00 00 00 0d 00 20 00 1e   .-.#. ..
>> 0040 - 06 01 06 02 06 03 05 01-05 02 05 03 04 01 04 02   
>> 0050 - 04 03 03 01 03 02 03 03-02 01 02 02 02 03 00 0f   
>> 0060 - 00 01 01  ...
>>>>> TLS 1.2 Handshake [length 005e], ClientHello
>>   01 00 00 5a 03 03 58 e3 38 52 5c d3 37 8b 23 86
>>   92 e6 63 2f e7 dd f9 ed 42 df 2b 45 51 06 1e f2
>>   f3 38 b1 36 c7 d4 00 00 04 00 35 00 ff 01 00 00
>>   2d 00 23 00 00 00 0d 00 20 00 1e 06 01 06 02 06
>>   03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 03
>>   02 03 03 02 01 02 02 02 03 00 0f 00 01 01
>>
>>
>> thank you,
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To: qmailtoaster-list@qmailtoaster.com
>> Sent: Tue, 4 Apr 2017 00:09:04 -0600
>> Subject:
>>
>> Also run command with -de

Re: [qmailtoaster] TLS connect failed: timed out

[Rajesh M]

eric

yes, i restarted qmail.

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 4 Apr 2017 06:14:59 -0600
Subject:

Rajesh,

Did you (restart)

# qmailctl restart

or

(stop/start)

# qmailctl stop

# qmailctl start

?

Eric


On 4/4/2017 12:13 AM, Rajesh M wrote:
> eric
>
> here are the details
>
> [root@ns1 control]# openssl version
> OpenSSL 1.0.1e-fips 11 Feb 2013
>
> [root@ns1 control]# openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 
> -cipher "AES256-SHA" -debug -msg -connect mx01.emas.dbschenker.com:25
> CONNECTED(0003)
> read from 0x1777e10 [0x17b9ae0] (4096 bytes => 75 (0x4B))
>  - 32 32 30 20 6d 74 61 31-31 2e 65 6d 61 73 2e 64   220 mta11.emas.d
> 0010 - 62 73 63 68 65 6e 6b 65-72 2e 63 6f 6d 20 45 53   bschenker.com ES
> 0020 - 4d 54 50 20 53 6d 74 70-64 3b 20 54 75 65 2c 20   MTP Smtpd; Tue,
> 0030 - 34 20 41 70 72 20 32 30-31 37 20 30 38 3a 31 32   4 Apr 2017 08:12
> 0040 - 3a 33 30 20 2b 30 32 30-30 0d 0a  :30 +0200..
> write to 0x1777e10 [0x17baaf0] (25 bytes => 25 (0x19))
>  - 45 48 4c 4f 20 6f 70 65-6e 73 73 6c 2e 63 6c 69   EHLO openssl.cli
> 0010 - 65 6e 74 2e 6e 65 74 0d-0aent.net..
> read from 0x1777e10 [0x17b9ae0] (4096 bytes => 230 (0xE6))
>  - 32 35 30 2d 6d 74 61 31-31 2e 65 6d 61 73 2e 64   250-mta11.emas.d
> 0010 - 62 73 63 68 65 6e 6b 65-72 2e 63 6f 6d 20 48 65   bschenker.com He
> 0020 - 6c 6c 6f 20 6e 73 31 2e-61 61 61 6f 6e 6c 69 6e   llo ns1.aaaonlin
> 0030 - 75 78 2e 63 6f 6d 20 5b-31 30 33 2e 32 34 31 2e   ux.com [103.241.
> 0040 - 31 38 31 2e 31 33 37 5d-2c 20 70 6c 65 61 73 65   181.137], please
> 0050 - 64 20 74 6f 20 6d 65 65-74 20 79 6f 75 0d 0a 32   d to meet you..2
> 0060 - 35 30 2d 45 4e 48 41 4e-43 45 44 53 54 41 54 55   50-ENHANCEDSTATU
> 0070 - 53 43 4f 44 45 53 0d 0a-32 35 30 2d 50 49 50 45   SCODES..250-PIPE
> 0080 - 4c 49 4e 49 4e 47 0d 0a-32 35 30 2d 38 42 49 54   LINING..250-8BIT
> 0090 - 4d 49 4d 45 0d 0a 32 35-30 2d 53 49 5a 45 20 32   MIME..250-SIZE 2
> 00a0 - 36 32 31 34 34 30 30 0d-0a 32 35 30 2d 41 55 54   6214400..250-AUT
> 00b0 - 48 20 4c 4f 47 49 4e 20-50 4c 41 49 4e 0d 0a 32   H LOGIN PLAIN..2
> 00c0 - 35 30 2d 53 54 41 52 54-54 4c 53 0d 0a 32 35 30   50-STARTTLS..250
> 00d0 - 2d 44 45 4c 49 56 45 52-42 59 0d 0a 32 35 30 20   -DELIVERBY..250
> 00e0 - 48 45 4c 50 0d 0a HELP..
> write to 0x1777e10 [0x7ffd0b0c4880] (10 bytes => 10 (0xA))
>  - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS..
> read from 0x1777e10 [0x16aad00] (8192 bytes => 30 (0x1E))
>  - 32 32 30 20 32 2e 30 2e-30 20 52 65 61 64 79 20   220 2.0.0 Ready
> 0010 - 74 6f 20 73 74 61 72 74-20 54 4c 53 0d 0a to start TLS..
> write to 0x1777e10 [0x17b9ae0] (99 bytes => 99 (0x63))
>  - 16 03 01 00 5e 01 00 00-5a 03 03 58 e3 38 52 5c   ^...Z..X.8R\
> 0010 - d3 37 8b 23 86 92 e6 63-2f e7 dd f9 ed 42 df 2b   .7.#...c/B.+
> 0020 - 45 51 06 1e f2 f3 38 b1-36 c7 d4 00 00 04 00 35   EQ8.6..5
> 0030 - 00 ff 01 00 00 2d 00 23-00 00 00 0d 00 20 00 1e   .-.#. ..
> 0040 - 06 01 06 02 06 03 05 01-05 02 05 03 04 01 04 02   
> 0050 - 04 03 03 01 03 02 03 03-02 01 02 02 02 03 00 0f   
> 0060 - 00 01 01  ...
>>>> TLS 1.2 Handshake [length 005e], ClientHello
>  01 00 00 5a 03 03 58 e3 38 52 5c d3 37 8b 23 86
>  92 e6 63 2f e7 dd f9 ed 42 df 2b 45 51 06 1e f2
>  f3 38 b1 36 c7 d4 00 00 04 00 35 00 ff 01 00 00
>  2d 00 23 00 00 00 0d 00 20 00 1e 06 01 06 02 06
>  03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 03
>  02 03 03 02 01 02 02 02 03 00 0f 00 01 01
>
>
> thank you,
> rajesh
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Tue, 4 Apr 2017 00:09:04 -0600
> Subject:
>
> Also run command with -debug and -msg options in red below.
>
> # openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 -cipher
> "AES256-SHA" -debug -msg -connect mx01.emas.dbschenker.com:25
>
>
> On 4/4/2017 12:03 AM, Eric Broch wrote:
>> Rajesh,
>>
>> Please disregard my last question (Does it connect and get full cert
>> details if you use IP address?).
>>
>> "here too, the issue is server side. My mail server is not able to
>> connect to the mail server of hpe.com and send the emails of my clients"
>>
>> Your server is acting as a client in this case by initiating a TLS
>> connection to the domains in question...to deliver mail, correct? Do
>> you have settings in one 

Re: [qmailtoaster] TLS connect failed: timed out

[Rajesh M]

eric

here are the details

[root@ns1 control]# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013

[root@ns1 control]# openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 -cipher 
"AES256-SHA" -debug -msg -connect mx01.emas.dbschenker.com:25
CONNECTED(0003)
read from 0x1777e10 [0x17b9ae0] (4096 bytes => 75 (0x4B))
 - 32 32 30 20 6d 74 61 31-31 2e 65 6d 61 73 2e 64   220 mta11.emas.d
0010 - 62 73 63 68 65 6e 6b 65-72 2e 63 6f 6d 20 45 53   bschenker.com ES
0020 - 4d 54 50 20 53 6d 74 70-64 3b 20 54 75 65 2c 20   MTP Smtpd; Tue,
0030 - 34 20 41 70 72 20 32 30-31 37 20 30 38 3a 31 32   4 Apr 2017 08:12
0040 - 3a 33 30 20 2b 30 32 30-30 0d 0a  :30 +0200..
write to 0x1777e10 [0x17baaf0] (25 bytes => 25 (0x19))
 - 45 48 4c 4f 20 6f 70 65-6e 73 73 6c 2e 63 6c 69   EHLO openssl.cli
0010 - 65 6e 74 2e 6e 65 74 0d-0aent.net..
read from 0x1777e10 [0x17b9ae0] (4096 bytes => 230 (0xE6))
 - 32 35 30 2d 6d 74 61 31-31 2e 65 6d 61 73 2e 64   250-mta11.emas.d
0010 - 62 73 63 68 65 6e 6b 65-72 2e 63 6f 6d 20 48 65   bschenker.com He
0020 - 6c 6c 6f 20 6e 73 31 2e-61 61 61 6f 6e 6c 69 6e   llo ns1.aaaonlin
0030 - 75 78 2e 63 6f 6d 20 5b-31 30 33 2e 32 34 31 2e   ux.com [103.241.
0040 - 31 38 31 2e 31 33 37 5d-2c 20 70 6c 65 61 73 65   181.137], please
0050 - 64 20 74 6f 20 6d 65 65-74 20 79 6f 75 0d 0a 32   d to meet you..2
0060 - 35 30 2d 45 4e 48 41 4e-43 45 44 53 54 41 54 55   50-ENHANCEDSTATU
0070 - 53 43 4f 44 45 53 0d 0a-32 35 30 2d 50 49 50 45   SCODES..250-PIPE
0080 - 4c 49 4e 49 4e 47 0d 0a-32 35 30 2d 38 42 49 54   LINING..250-8BIT
0090 - 4d 49 4d 45 0d 0a 32 35-30 2d 53 49 5a 45 20 32   MIME..250-SIZE 2
00a0 - 36 32 31 34 34 30 30 0d-0a 32 35 30 2d 41 55 54   6214400..250-AUT
00b0 - 48 20 4c 4f 47 49 4e 20-50 4c 41 49 4e 0d 0a 32   H LOGIN PLAIN..2
00c0 - 35 30 2d 53 54 41 52 54-54 4c 53 0d 0a 32 35 30   50-STARTTLS..250
00d0 - 2d 44 45 4c 49 56 45 52-42 59 0d 0a 32 35 30 20   -DELIVERBY..250
00e0 - 48 45 4c 50 0d 0a HELP..
write to 0x1777e10 [0x7ffd0b0c4880] (10 bytes => 10 (0xA))
 - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS..
read from 0x1777e10 [0x16aad00] (8192 bytes => 30 (0x1E))
 - 32 32 30 20 32 2e 30 2e-30 20 52 65 61 64 79 20   220 2.0.0 Ready
0010 - 74 6f 20 73 74 61 72 74-20 54 4c 53 0d 0a to start TLS..
write to 0x1777e10 [0x17b9ae0] (99 bytes => 99 (0x63))
 - 16 03 01 00 5e 01 00 00-5a 03 03 58 e3 38 52 5c   ^...Z..X.8R\
0010 - d3 37 8b 23 86 92 e6 63-2f e7 dd f9 ed 42 df 2b   .7.#...c/B.+
0020 - 45 51 06 1e f2 f3 38 b1-36 c7 d4 00 00 04 00 35   EQ8.6..5
0030 - 00 ff 01 00 00 2d 00 23-00 00 00 0d 00 20 00 1e   .-.#. ..
0040 - 06 01 06 02 06 03 05 01-05 02 05 03 04 01 04 02   
0050 - 04 03 03 01 03 02 03 03-02 01 02 02 02 03 00 0f   
0060 - 00 01 01  ...
>>> TLS 1.2 Handshake [length 005e], ClientHello
01 00 00 5a 03 03 58 e3 38 52 5c d3 37 8b 23 86
92 e6 63 2f e7 dd f9 ed 42 df 2b 45 51 06 1e f2
f3 38 b1 36 c7 d4 00 00 04 00 35 00 ff 01 00 00
2d 00 23 00 00 00 0d 00 20 00 1e 06 01 06 02 06
03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 03
02 03 03 02 01 02 02 02 03 00 0f 00 01 01


thank you,
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 4 Apr 2017 00:09:04 -0600
Subject:

Also run command with -debug and -msg options in red below.

# openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 -cipher
"AES256-SHA" -debug -msg -connect mx01.emas.dbschenker.com:25


On 4/4/2017 12:03 AM, Eric Broch wrote:
> Rajesh,
>
> Please disregard my last question (Does it connect and get full cert
> details if you use IP address?).
>
> "here too, the issue is server side. My mail server is not able to
> connect to the mail server of hpe.com and send the emails of my clients"
>
> Your server is acting as a client in this case by initiating a TLS
> connection to the domains in question...to deliver mail, correct? Do
> you have settings in one of your control files to initiate TLS
> connections with certain domains?
>
> "openssl s_client -starttls smtp -no_ssl3 -no_ssl2 -cipher
> "AES256-SHA" -connect mx01.emas.dbschenker.com:25"
>
> This command works from my COS6 and COS7 hosts. So I don't think it's
> on their end.
>
> which openssl version are you running?
>
> Eric
>

--
Eric Broch, IMSO, DAM, NGOO, DITH, URTS
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] TLS connect failed: timed out

[Rajesh M]

eric

here too, the issue is server side. My mail server is not able to connect to 
the mail server of hpe.com and send the emails of my clients

i changed the certificates and use your ciphers (restarted qmail), however it 
still does not connect.


it says CONNECTED but no further response.

[root@ns1 control]# openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 -cipher 
"AES256-SHA" -connect mx01.emas.dbschenker.com:25
CONNECTED(0003)

[root@ns1 control]# openssl s_client -connect mx01.emas.dbschenker.com:25 
-starttls smtp
CONNECTED(0003)

if i connect to localhost
openssl s_client -connect localhost:25 -starttls smtp
i get the full cert details and
250 AUTH LOGIN PLAIN CRAM-MD5

rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Mon, 3 Apr 2017 22:20:42 -0600
Subject:

Yes, test with your certificate and ciphers. Also use the domain name
NOT the IP address. There was a problem several months back that I
thought was a TLS issue but ended up being a dns/edns issue. Check the
below thread out. It was a server, not client, side issue but might be
the problem in your case, just the same:

https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg40185.html


On 4/3/2017 10:15 PM, Rajesh M wrote:
> eric
>
> thanks for your reply
>
> these the responses
>
> to the mx of hpe.com
> [root@ns1 domains]# openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 
> -cipher "AES256-SHA" -connect 15.233.44.29:25
> CONNECTED(0003)
>
> to the mx of dbschenker.com
> [root@ns1 domains]# openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 
> -cipher "AES256-SHA" -connect 62.180.229.52:25
> CONNECTED(0003)
>
>
> shall i replace the tlsciphers and check out ?
>
> rajesh
>
>
>
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Mon, 3 Apr 2017 21:49:05 -0600
> Subject:
>
> Hi Rajesh,
>
> Could you test something like this from qmail host:
>
> openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 -cipher "AES256-SHA"
> -connect a...@domain.com:25
>
> BTW these are the ciphers on my my COS 6 host:
>
> DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:ADH-SEED-SHA:SEED-SHA:IDEA-CBC-SHA:KRB5-IDEA-CBC-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:AECDH-AES256-SHA:ADH-AES256-GCM-SHA384:ADH-AES256-SHA256:ADH-AES256-SHA:ADH-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:AECDH-AES128-SHA:ADH-AES128-GCM-SHA256:ADH-AES128-SHA256:ADH-AES128-SHA:ADH-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA:PSK-AES128-CBC-SHA
>
>
> Eric
>
>
> On 4/3/2017 8:23 PM, Rajesh M wrote:
>> hi
>>
>> os ; centos 6
>> qmailtoaster, spamassassin, mysql, dovecot, clam
>>
>> we are suddenly receiving TLS connect failed: timed out error on all our 
>> servers running qmail
>>
>> when emails are sent by our customer to the following domains hp.com, 
>> hpe.com, dbschenker.com, kamyn.co.ke
>>
>> the authentication by the customer is done correctly, email gets sent from 
>> the email client of the customer and emails recd by the server. however the 
>> mail lies in the queue till finally it bounces back to the sender with the 
>> message  TLS connect failed.
>>
>> 2017-04-03 15:21:40.916522500 bounce msg 4468196 qp 33696
>> 2017-04-03 15:21:40.916589500 end msg 4468196
>> 2017-04-03 15:01:34.006986500 starting delivery 56232: msg 4468196 to remote 
>> a...@hpe.com
>> 2017-04-03 15:21:40.869716500 delivery 56232: failure: 
>> TLS_connect_failed:_timed_out;_connected_to_15.241.48.71./I'm_not_going_to_try_again;
>> _this_message_has_been_in_the_queue_too_long./
>> 2017-04-03 15:01:34.007035500 starting delivery 56233:

Re: [qmailtoaster] TLS connect failed: timed out

[Rajesh M]

eric

thanks for your reply

these the responses

to the mx of hpe.com
[root@ns1 domains]# openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 -cipher 
"AES256-SHA" -connect 15.233.44.29:25
CONNECTED(0003)

to the mx of dbschenker.com
[root@ns1 domains]# openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 -cipher 
"AES256-SHA" -connect 62.180.229.52:25
CONNECTED(0003)


shall i replace the tlsciphers and check out ?

rajesh



- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Mon, 3 Apr 2017 21:49:05 -0600
Subject:

Hi Rajesh,

Could you test something like this from qmail host:

openssl s_client -starttls smtp  -no_ssl3 -no_ssl2 -cipher "AES256-SHA"
-connect a...@domain.com:25

BTW these are the ciphers on my my COS 6 host:

DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:ADH-SEED-SHA:SEED-SHA:IDEA-CBC-SHA:KRB5-IDEA-CBC-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:AECDH-AES256-SHA:ADH-AES256-GCM-SHA384:ADH-AES256-SHA256:ADH-AES256-SHA:ADH-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:AECDH-AES128-SHA:ADH-AES128-GCM-SHA256:ADH-AES128-SHA256:ADH-AES128-SHA:ADH-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA:PSK-AES128-CBC-SHA


Eric


On 4/3/2017 8:23 PM, Rajesh M wrote:
> hi
>
> os ; centos 6
> qmailtoaster, spamassassin, mysql, dovecot, clam
>
> we are suddenly receiving TLS connect failed: timed out error on all our 
> servers running qmail
>
> when emails are sent by our customer to the following domains hp.com, 
> hpe.com, dbschenker.com, kamyn.co.ke
>
> the authentication by the customer is done correctly, email gets sent from 
> the email client of the customer and emails recd by the server. however the 
> mail lies in the queue till finally it bounces back to the sender with the 
> message  TLS connect failed.
>
> 2017-04-03 15:21:40.916522500 bounce msg 4468196 qp 33696
> 2017-04-03 15:21:40.916589500 end msg 4468196
> 2017-04-03 15:01:34.006986500 starting delivery 56232: msg 4468196 to remote 
> a...@hpe.com
> 2017-04-03 15:21:40.869716500 delivery 56232: failure: 
> TLS_connect_failed:_timed_out;_connected_to_15.241.48.71./I'm_not_going_to_try_again;
> _this_message_has_been_in_the_queue_too_long./
> 2017-04-03 15:01:34.007035500 starting delivery 56233: msg 4468196 to remote 
> xxx...@hpe.com
> 2017-04-03 15:21:40.851782500 delivery 56233: failure: 
> TLS_connect_failed:_timed_out;_connected_to_15.241.48.71./I'm_not_going_to_try_again;
> _this_message_has_been_in_the_queue_too_long./
> 2017-04-03 15:01:34.007150500 starting delivery 56234: msg 4468196 to remote 
> dfdf...@hpe.com
> 2017-04-03 15:21:40.876609500 delivery 56234: failure: 
> TLS_connect_failed:_timed_out;_connected_to_15.241.48.71./I'm_not_going_to_try_again;
> _this_message_has_been_in_the_queue_too_long./
>
>
> this is happening since the last 10 days. There are no error details in the 
> qmail logs.
>
> however emails sent from two of our window servers using mailenable, go 
> through correctly to these domains.
>
> we have not changed anything on our qmail servers and all servers are 
> identical in config.
>
> so it seems that there is common issue between all our qmail servers.
>
> our ssl certificates are the self signed ones (validity 10 years)  created
>
> openssl genrsa -out x.key 2048
> openssl req -new -key x.key -out x.csr
> openssl x509 -req -days 36500 -in x.csr -signkey x.key -out x.crt
> cat x.crt x.key > fqdn.crt
>
> tlsciphers file
>
> DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:KRB5-DES-CBC3-MD5:KRB5-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:KRB5-RC4-MD5:KRB5-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:KRB5-DES-CBC-MD5:KRB5-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CB

[qmailtoaster] TLS connect failed: timed out

[Rajesh M]

hi

os ; centos 6
qmailtoaster, spamassassin, mysql, dovecot, clam

we are suddenly receiving TLS connect failed: timed out error on all our 
servers running qmail

when emails are sent by our customer to the following domains hp.com, hpe.com, 
dbschenker.com, kamyn.co.ke

the authentication by the customer is done correctly, email gets sent from the 
email client of the customer and emails recd by the server. however the mail 
lies in the queue till finally it bounces back to the sender with the message  
TLS connect failed.

2017-04-03 15:21:40.916522500 bounce msg 4468196 qp 33696
2017-04-03 15:21:40.916589500 end msg 4468196
2017-04-03 15:01:34.006986500 starting delivery 56232: msg 4468196 to remote 
a...@hpe.com
2017-04-03 15:21:40.869716500 delivery 56232: failure: 
TLS_connect_failed:_timed_out;_connected_to_15.241.48.71./I'm_not_going_to_try_again;
_this_message_has_been_in_the_queue_too_long./
2017-04-03 15:01:34.007035500 starting delivery 56233: msg 4468196 to remote 
xxx...@hpe.com
2017-04-03 15:21:40.851782500 delivery 56233: failure: 
TLS_connect_failed:_timed_out;_connected_to_15.241.48.71./I'm_not_going_to_try_again;
_this_message_has_been_in_the_queue_too_long./
2017-04-03 15:01:34.007150500 starting delivery 56234: msg 4468196 to remote 
dfdf...@hpe.com
2017-04-03 15:21:40.876609500 delivery 56234: failure: 
TLS_connect_failed:_timed_out;_connected_to_15.241.48.71./I'm_not_going_to_try_again;
_this_message_has_been_in_the_queue_too_long./


this is happening since the last 10 days. There are no error details in the 
qmail logs.

however emails sent from two of our window servers using mailenable, go through 
correctly to these domains.

we have not changed anything on our qmail servers and all servers are identical 
in config.

so it seems that there is common issue between all our qmail servers.

our ssl certificates are the self signed ones (validity 10 years)  created

openssl genrsa -out x.key 2048
openssl req -new -key x.key -out x.csr
openssl x509 -req -days 36500 -in x.csr -signkey x.key -out x.crt
cat x.crt x.key > fqdn.crt

tlsciphers file

DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:KRB5-DES-CBC3-MD5:KRB5-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:KRB5-RC4-MD5:KRB5-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:KRB5-DES-CBC-MD5:KRB5-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-KRB5-RC4-MD5:EXP-KRB5-RC4-SHA:EXP-RC4-MD5:EXP-RC4-MD5

could somebody help please

rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] strange and puzzling occurance

[Rajesh M]

eric

am giving it a try now by commenting.

concerning the routing of emails... is getting routed to the Junk folder 
created on the server

outlook and thunderbird is not involved because the entire night, while testing 
we had changed the password so that no email client could access it.

We were using webmail to access the mailbox and check if anything has been 
routed the Junk folder.

So what remains is the MDA  which is qmail / vdelivermail  so that is 
the second puzzling part because even mails from within the same domain were 
being routed to the junk folder on the server  no logic at all.

rajesh


- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 9 Nov 2016 10:10:29 -0700
Subject:

Also, The routing of mail to the Junk folder should be addressed in
Outlook, as it is in Thunderbird for other folders, or in your MDA.


On 11/9/2016 10:04 AM, Eric Broch wrote:
>
> I would think so, caveat being that 'inbox' is defined (and it is).
> I'd try commenting it and see what happens.
>
> This is the comment in the file 15-mailboxes.conf :  "These mailboxes
> are widely used and could perhaps be created automatically"
>
> I'm not sure what "perhaps" means. In my mind, they/it WILL or WILL
> NOT be created. "Perhaps" instills a vagueness in my mind.
>
>
> On 11/9/2016 9:46 AM, Rajesh M wrote:
>> eric
>>
>> i happened to grep for Junk in /etc folder and found the term in
>>
>> /etc/dovecot/conf.d/15-mailboxes.conf
>>
>> would this have any part to play in the creation of the .Junk folder ?
>>
>> thanks
>> rajesh
>>
>> - Original Message -
>> From: Eric Broch [mailto:ebr...@whitehorsetc.com]
>> To:qmailtoaster-list@qmailtoaster.com
>> Sent: Wed, 9 Nov 2016 08:49:51 -0700
>> Subject:
>>
>> CentOS 6.8?
>>
>>
>> On 11/9/2016 5:36 AM, Rajesh M wrote:
>>> hi
>>>
>>> centos 8
>>> qmailtoaster, spamassassin, clam, dovecot
>>>
>>> we are facing a weird and puzzling scenario, occurring on all 4 of our 
>>> servers
>>>
>>> out of several thousands of mailboxes around 10 to 33 mailboxes on each 
>>> server has a folder called .Junk created (for different email users of 
>>> different domains) in the same level as Inbox along with Sent, Draft and 
>>> Trash
>>>
>>> ./aaa.in/sunil/Maildir/.Junk
>>> ./.com/ani/Maildir/.Junk
>>> ./.com/rishiraj.sethi/Maildir/.Junk
>>> ./.com/kumar/Maildir/.Junk
>>> ./.com/kamlakar/Maildir/.Junk
>>>
>>> we are unable to figure out how exactly these were created
>>>
>>> further on in case of one email id genuine emails, from both external and 
>>> sometimes even internal domains from within the same domain are getting 
>>> moved to the .Junk folder
>>>
>>> the user uses outlook pop3, but the creation of the .Junk is not done by 
>>> outlook since this happens automatically even the night when the user does 
>>> not use outlook and we had changed the password of the account
>>>
>>> even if we delete the .Junk folder the same gets automatically recreated.
>>>
>>> this is not done by maildrop since these email are not checked for spam at 
>>> all and they are internal emails.
>>>
>>> there is no .qmail file under the user's mailbox
>>>
>>> this is not done by webmail since mailbox is not access over webmail
>>>
>>> so my question is what could be causing this ?
>>>
>>> rajesh
>>>
>>>
>>>
>>>
>>> -
>>> To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com
>>> For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com
>>
>>
>> -
>> To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com
>


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] strange and puzzling occurance

[Rajesh M]

eric

i happened to grep for Junk in /etc folder and found the term in

/etc/dovecot/conf.d/15-mailboxes.conf

would this have any part to play in the creation of the .Junk folder ?

thanks
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 9 Nov 2016 08:49:51 -0700
Subject:

CentOS 6.8?


On 11/9/2016 5:36 AM, Rajesh M wrote:
> hi
>
> centos 8
> qmailtoaster, spamassassin, clam, dovecot
>
> we are facing a weird and puzzling scenario, occurring on all 4 of our servers
>
> out of several thousands of mailboxes around 10 to 33 mailboxes on each 
> server has a folder called .Junk created (for different email users of 
> different domains) in the same level as Inbox along with Sent, Draft and Trash
>
> ./aaa.in/sunil/Maildir/.Junk
> ./.com/ani/Maildir/.Junk
> ./.com/rishiraj.sethi/Maildir/.Junk
> ./.com/kumar/Maildir/.Junk
> ./.com/kamlakar/Maildir/.Junk
>
> we are unable to figure out how exactly these were created
>
> further on in case of one email id genuine emails, from both external and 
> sometimes even internal domains from within the same domain are getting moved 
> to the .Junk folder
>
> the user uses outlook pop3, but the creation of the .Junk is not done by 
> outlook since this happens automatically even the night when the user does 
> not use outlook and we had changed the password of the account
>
> even if we delete the .Junk folder the same gets automatically recreated.
>
> this is not done by maildrop since these email are not checked for spam at 
> all and they are internal emails.
>
> there is no .qmail file under the user's mailbox
>
> this is not done by webmail since mailbox is not access over webmail
>
> so my question is what could be causing this ?
>
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] strange and puzzling occurance

[Rajesh M]

centos 6.5 on 3 servers and centos 6.6 on one server

rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 9 Nov 2016 08:49:51 -0700
Subject:

CentOS 6.8?


On 11/9/2016 5:36 AM, Rajesh M wrote:
> hi
>
> centos 8
> qmailtoaster, spamassassin, clam, dovecot
>
> we are facing a weird and puzzling scenario, occurring on all 4 of our servers
>
> out of several thousands of mailboxes around 10 to 33 mailboxes on each 
> server has a folder called .Junk created (for different email users of 
> different domains) in the same level as Inbox along with Sent, Draft and Trash
>
> ./aaa.in/sunil/Maildir/.Junk
> ./.com/ani/Maildir/.Junk
> ./.com/rishiraj.sethi/Maildir/.Junk
> ./.com/kumar/Maildir/.Junk
> ./.com/kamlakar/Maildir/.Junk
>
> we are unable to figure out how exactly these were created
>
> further on in case of one email id genuine emails, from both external and 
> sometimes even internal domains from within the same domain are getting moved 
> to the .Junk folder
>
> the user uses outlook pop3, but the creation of the .Junk is not done by 
> outlook since this happens automatically even the night when the user does 
> not use outlook and we had changed the password of the account
>
> even if we delete the .Junk folder the same gets automatically recreated.
>
> this is not done by maildrop since these email are not checked for spam at 
> all and they are internal emails.
>
> there is no .qmail file under the user's mailbox
>
> this is not done by webmail since mailbox is not access over webmail
>
> so my question is what could be causing this ?
>
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] strange and puzzling occurance

[Rajesh M]

CentOS Linux 6.5

thanks
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 9 Nov 2016 08:49:51 -0700
Subject:

CentOS 6.8?


On 11/9/2016 5:36 AM, Rajesh M wrote:
> hi
>
> centos 8
> qmailtoaster, spamassassin, clam, dovecot
>
> we are facing a weird and puzzling scenario, occurring on all 4 of our servers
>
> out of several thousands of mailboxes around 10 to 33 mailboxes on each 
> server has a folder called .Junk created (for different email users of 
> different domains) in the same level as Inbox along with Sent, Draft and Trash
>
> ./aaa.in/sunil/Maildir/.Junk
> ./.com/ani/Maildir/.Junk
> ./.com/rishiraj.sethi/Maildir/.Junk
> ./.com/kumar/Maildir/.Junk
> ./.com/kamlakar/Maildir/.Junk
>
> we are unable to figure out how exactly these were created
>
> further on in case of one email id genuine emails, from both external and 
> sometimes even internal domains from within the same domain are getting moved 
> to the .Junk folder
>
> the user uses outlook pop3, but the creation of the .Junk is not done by 
> outlook since this happens automatically even the night when the user does 
> not use outlook and we had changed the password of the account
>
> even if we delete the .Junk folder the same gets automatically recreated.
>
> this is not done by maildrop since these email are not checked for spam at 
> all and they are internal emails.
>
> there is no .qmail file under the user's mailbox
>
> this is not done by webmail since mailbox is not access over webmail
>
> so my question is what could be causing this ?
>
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] strange and puzzling occurance

[Rajesh M]

hi

centos 8
qmailtoaster, spamassassin, clam, dovecot

we are facing a weird and puzzling scenario, occurring on all 4 of our servers

out of several thousands of mailboxes around 10 to 33 mailboxes on each server 
has a folder called .Junk created (for different email users of different 
domains) in the same level as Inbox along with Sent, Draft and Trash

./aaa.in/sunil/Maildir/.Junk
./.com/ani/Maildir/.Junk
./.com/rishiraj.sethi/Maildir/.Junk
./.com/kumar/Maildir/.Junk
./.com/kamlakar/Maildir/.Junk

we are unable to figure out how exactly these were created

further on in case of one email id genuine emails, from both external and 
sometimes even internal domains from within the same domain are getting moved 
to the .Junk folder

the user uses outlook pop3, but the creation of the .Junk is not done by 
outlook since this happens automatically even the night when the user does not 
use outlook and we had changed the password of the account

even if we delete the .Junk folder the same gets automatically recreated.

this is not done by maildrop since these email are not checked for spam at all 
and they are internal emails.

there is no .qmail file under the user's mailbox

this is not done by webmail since mailbox is not access over webmail

so my question is what could be causing this ?

rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] error while installing dovecot-2.2.25-12.qt.src.rpm

[Rajesh M]

eric

this got resolved after i updated openssl.

thanks
rajesh

- Original Message -
From: Rajesh M [mailto:24x7ser...@24x7server.net]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 6 Nov 2016 08:45:36 +0530
Subject:

hi eric

i am getting an error while installing the latest version dovecot
i am receiving the same error on 3 of my servers

this is what i am doing
wget 
ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/updates/dovecot-2.2.25-12.qt.src.rpm
rpmbuild --rebuild --define "dist .qt.el6"  dovecot-2.2.25-12.qt.src.rpm

during make i get the error

make  check-am
make[3]: Entering directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib'
make[3]: Nothing to be done for `check-am'.
make[3]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib'
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib'
Making check in lib-settings
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-settings'
make[2]: Nothing to be done for `check'.
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-settings'
Making check in lib-auth
make[2]: Entering directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-auth'
make[2]: Nothing to be done for `check'.
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-auth'
Making check in lib-master
make[2]: Entering directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-master'
for bin in test-master-service-settings-cache; do \
if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \
  done
0 / 0 tests failed
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-master'
Making check in lib-charset
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-charset'
for bin in test-charset; do \
if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \
  done
charset_is_utf8 .. : ok
charset utf8 . : ok
charset iconv  : ok
charset iconv crashes  : ok
charset iconv utf7 state . : ok
0 / 5 tests failed
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-charset'
Making check in lib-ssl-iostream
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-ssl-iostream'
make[2]: Nothing to be done for `check'.
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-ssl-iostream'
Making check in lib-dcrypt
make[2]: Entering directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-dcrypt'
for bin in test-crypto test-stream; do \
if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \
  done
test_cipher_test_vectors . : ok
test_cipher_aead_test_vectors  : ok
test_hmac_test_vectors ... : ok
test-crypto.c:269: Assert failed: ret == TRUE
test-crypto.c:270: Assert failed: error == NULL
Panic: file dcrypt-openssl.c: line 880 
(dcrypt_openssl_load_private_key_dovecot_v1): assertion failed: (dec_key != 
NULL)
test: random seed #2 was 1478388283
Error: Raw backtrace: ./test-crypto() [0x412e7a] -> 
./test-crypto(default_fatal_handler+0x32) [0x4136b2] -> ./test-crypto() 
[0x40a90a] -> .libs/libdcrypt_openssl.so(+0x1ca0b) [0x503ca0b] -> 
.libs/libdcrypt_openssl.so(+0x1ccf7) [0x503ccf7] -> ./test-crypto() [0x40ebee] 
-> ./test-crypto() [0x4102b1] -> ./test-crypto(test_run+0x11) [0x4103b1] -> 
./test-crypto(main+0x1e) [0x40e24e] -> /lib64/libc.so.6(__libc_start_main+0xfd) 
[0x342001ed5d] -> ./test-crypto() [0x40a935]
../../run-test.sh: line 21: 22465 Aborted (core dumped) 
valgrind -q --trace-children=yes --leak-check=full --suppressions="$supp_path" 
--log-file=test.out.$$ $*
==22465== 96 (24 direct, 72 indirect) bytes in 1 blocks are definitely lost in 
loss record 541 of 611
==22465==at 0x4A069EE: malloc (vg_replace_malloc.c:270)
==22465==by 0x503DA78: dovecot_openssl_malloc (dovecot-openssl-common.c:17)
==22465==by 0x3428068B2D: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.1e)
==22465==by 0x34280A5229: BN_new (in /usr/lib64/libcrypto.so.1.0.1e)
==22465==by 0x503C684: dcrypt_openssl_load_private_key_dovecot_v1 
(dcrypt-openssl.c:864)
==22465==by 0x503CCF6: dcrypt_openssl_load_private_key 
(dcrypt-openssl.c:1212)
==22465==by 0x40EBA9: test_load_v1_keys (test-crypto.c:268)
==22465==by 0x4102B0: test_run_funcs (test-common.c:354)
==22465==by 0x4103B0: test_run (test-common.c:404)
==22465==by 0x40E24D: main (test-crypto.c:554)
==22465==
Failed to run: ./test-crypto
make[2]: *** [check-test] Error 1
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-dcrypt'
make[1]: *** [check-recursive] 

[qmailtoaster] error while installing dovecot-2.2.25-12.qt.src.rpm

[Rajesh M]

hi eric

i am getting an error while installing the latest version dovecot
i am receiving the same error on 3 of my servers

this is what i am doing
wget 
ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/updates/dovecot-2.2.25-12.qt.src.rpm
rpmbuild --rebuild --define "dist .qt.el6"  dovecot-2.2.25-12.qt.src.rpm

during make i get the error

make  check-am
make[3]: Entering directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib'
make[3]: Nothing to be done for `check-am'.
make[3]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib'
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib'
Making check in lib-settings
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-settings'
make[2]: Nothing to be done for `check'.
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-settings'
Making check in lib-auth
make[2]: Entering directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-auth'
make[2]: Nothing to be done for `check'.
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-auth'
Making check in lib-master
make[2]: Entering directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-master'
for bin in test-master-service-settings-cache; do \
if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \
  done
0 / 0 tests failed
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-master'
Making check in lib-charset
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-charset'
for bin in test-charset; do \
if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \
  done
charset_is_utf8 .. : ok
charset utf8 . : ok
charset iconv  : ok
charset iconv crashes  : ok
charset iconv utf7 state . : ok
0 / 5 tests failed
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-charset'
Making check in lib-ssl-iostream
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-ssl-iostream'
make[2]: Nothing to be done for `check'.
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-ssl-iostream'
Making check in lib-dcrypt
make[2]: Entering directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-dcrypt'
for bin in test-crypto test-stream; do \
if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \
  done
test_cipher_test_vectors . : ok
test_cipher_aead_test_vectors  : ok
test_hmac_test_vectors ... : ok
test-crypto.c:269: Assert failed: ret == TRUE
test-crypto.c:270: Assert failed: error == NULL
Panic: file dcrypt-openssl.c: line 880 
(dcrypt_openssl_load_private_key_dovecot_v1): assertion failed: (dec_key != 
NULL)
test: random seed #2 was 1478388283
Error: Raw backtrace: ./test-crypto() [0x412e7a] -> 
./test-crypto(default_fatal_handler+0x32) [0x4136b2] -> ./test-crypto() 
[0x40a90a] -> .libs/libdcrypt_openssl.so(+0x1ca0b) [0x503ca0b] -> 
.libs/libdcrypt_openssl.so(+0x1ccf7) [0x503ccf7] -> ./test-crypto() [0x40ebee] 
-> ./test-crypto() [0x4102b1] -> ./test-crypto(test_run+0x11) [0x4103b1] -> 
./test-crypto(main+0x1e) [0x40e24e] -> /lib64/libc.so.6(__libc_start_main+0xfd) 
[0x342001ed5d] -> ./test-crypto() [0x40a935]
../../run-test.sh: line 21: 22465 Aborted (core dumped) 
valgrind -q --trace-children=yes --leak-check=full --suppressions="$supp_path" 
--log-file=test.out.$$ $*
==22465== 96 (24 direct, 72 indirect) bytes in 1 blocks are definitely lost in 
loss record 541 of 611
==22465==at 0x4A069EE: malloc (vg_replace_malloc.c:270)
==22465==by 0x503DA78: dovecot_openssl_malloc (dovecot-openssl-common.c:17)
==22465==by 0x3428068B2D: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.1e)
==22465==by 0x34280A5229: BN_new (in /usr/lib64/libcrypto.so.1.0.1e)
==22465==by 0x503C684: dcrypt_openssl_load_private_key_dovecot_v1 
(dcrypt-openssl.c:864)
==22465==by 0x503CCF6: dcrypt_openssl_load_private_key 
(dcrypt-openssl.c:1212)
==22465==by 0x40EBA9: test_load_v1_keys (test-crypto.c:268)
==22465==by 0x4102B0: test_run_funcs (test-common.c:354)
==22465==by 0x4103B0: test_run (test-common.c:404)
==22465==by 0x40E24D: main (test-crypto.c:554)
==22465==
Failed to run: ./test-crypto
make[2]: *** [check-test] Error 1
make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src/lib-dcrypt'
make[1]: *** [check-recursive] Error 1
make[1]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.25/src'
make: *** [check-recursive] Error 1
error: Bad exit status from /var/tmp/rpm-tmp.esEALP (%check)


RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.esEALP (%check)


thanks
rajesh

Re: [qmailtoaster] how to block a complete tld

[Rajesh M]

hi eric

thanks, that worked

for the same in qmail's badmailfrom i used
@.*\.land\>


rajesh


- Original Message -
From: Eric [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 31 Aug 2016 20:58:13 -0600
Subject:

Rajesh,

You could try @.tld or @tld

I'm not sure.

You could test it out, or ask on the spamdyke mailing list.

Eric

On 8/31/2016 8:39 PM, Rajesh M wrote:
> eric
>
> i need to block an entire tld
>
> ie .link or .land or .cf .ml etc.
>
> not just on a per domain basis since spammers keep changing their domain.
>
> is there any solution for this ?
>
> thanks,
> rajesh
>
> - Original Message -
> From: Eric [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Wed, 31 Aug 2016 12:27:11 -0600
> Subject:
>
> I'd use spamdyke
>
>  From spamdyke.org:
>
> One form of wildcard address is supported. All usernames within a domain
> (and its subdomains) may be blocked by a line starting with @. For
> example, if the file contained the following entry:
>
>  @example.com
>
> spamdyke will block mail to f...@example.com, f...@mail.example.com,
> bar...@mail.internal.example.com, etc.
>
>
>
> On 8/31/2016 11:17 AM, Rajesh M wrote:
>> hi
>>
>> we are getting a lot of spam from tlds like : .link, .cricket, .land etc and 
>> wish to block these tlds using wildcard.
>>
>> i tried to use the qmail badmailfrom and put a sample
>>
>> @*.land
>>
>> but this started blocking a customer : landsmartconsultants.com
>>
>> i was also thinking of using spamdyke blacklists.
>>
>> what would be the correct syntax to block such tlds.
>>
>> and whether to use spamdyke or qmail badmailfrom.
>>
>> thanks
>> rajesh
>>
>>
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] how to block a complete tld

[Rajesh M]

eric

i need to block an entire tld

ie .link or .land or .cf .ml etc.

not just on a per domain basis since spammers keep changing their domain.

is there any solution for this ?

thanks,
rajesh

- Original Message -
From: Eric [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Wed, 31 Aug 2016 12:27:11 -0600
Subject:

I'd use spamdyke

 From spamdyke.org:

One form of wildcard address is supported. All usernames within a domain
(and its subdomains) may be blocked by a line starting with @. For
example, if the file contained the following entry:

 @example.com

spamdyke will block mail to f...@example.com, f...@mail.example.com,
bar...@mail.internal.example.com, etc.



On 8/31/2016 11:17 AM, Rajesh M wrote:
> hi
>
> we are getting a lot of spam from tlds like : .link, .cricket, .land etc and 
> wish to block these tlds using wildcard.
>
> i tried to use the qmail badmailfrom and put a sample
>
> @*.land
>
> but this started blocking a customer : landsmartconsultants.com
>
> i was also thinking of using spamdyke blacklists.
>
> what would be the correct syntax to block such tlds.
>
> and whether to use spamdyke or qmail badmailfrom.
>
> thanks
> rajesh
>
>
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] how to block a complete tld

[Rajesh M]

hi

we are getting a lot of spam from tlds like : .link, .cricket, .land etc and 
wish to block these tlds using wildcard.

i tried to use the qmail badmailfrom and put a sample

@*.land

but this started blocking a customer : landsmartconsultants.com

i was also thinking of using spamdyke blacklists.

what would be the correct syntax to block such tlds.

and whether to use spamdyke or qmail badmailfrom.

thanks
rajesh




-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] handling email spoofing

[Rajesh M]

eric

spf checks the envelope sender (reply to) and not the "mailfrom" email id

the spammer is sending an email with "mail from" as some user on my server

example c...@mycustomer.com to emplo...@mycustomer.com

but email is sent not from within my server but from some other external server.

the scammer however has the envelope-sender / reply to as his legitimate email 
id and correctly configured. the qmailtoaster spf check is done not on the 
mailfrom but on the reply-to and the email gets delivered safely to the inbox 
of the employee.

now what happens is that the employee sees that the email is from the ceo and 
immediately takes action which leads to a phishing scam.

i wish to block emails where the mailfrom domain is on my server but the scam 
email is sent by a spammer from an external server posing as 
c...@mycustomer.com ... in other words email spoofing.

thanks,
rajesh




- Original Message -
From: Eric [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 28 Aug 2016 13:03:16 -0600
Subject:

Do you have an spf text record set up for domain_on_my_server.com?
SPF should check the 'a' and 'mx' record for the domain,
domain_on_my_server.com, against the sender IP address (the one that
actually connected to you server). Are you saying that the spam sender
is spoofing the originating IP address?

On 8/28/2016 7:14 AM, Rajesh M wrote:
> hi
>
> facing issue with email spoofing
>
> example spammer sends an email with "mailfrom" as : 
> user@domain_on_my_server.com
>
> and the envelope sender is the spammer's email id which has spf records 
> correctly in place
>
> and hence spf is not able to catch such spammers.
>
> how do i handle this ?
>
> thanks
> rajesh
>
>
>
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] handling email spoofing

[Rajesh M]

hi

facing issue with email spoofing

example spammer sends an email with "mailfrom" as : user@domain_on_my_server.com

and the envelope sender is the spammer's email id which has spf records 
correctly in place

and hence spf is not able to catch such spammers.

how do i handle this ?

thanks
rajesh





-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] concerning updates to qmailtoaster

[Rajesh M]

eric

i am using spamdyke5

a new spamdyke.conf was generated which i am using and the qmail services are 
working like normal

my idea was to block email ids where the reply-to (envelope sender) were 
different from authentication domain.

so in my config file i have this since as per spamdyke config it will go 
through all the aspects

reject-sender=not-local
reject-sender=authentication-domain-mismatch
reject-sender=no-mx

however in my thunderbird when using a different reply-to email id it does not 
work.

in whitelist_ip i have only one ip : 127.0.0.0.1

in my whitelist_senders i do  not have the sending domain listed

rajesh

- Original Message -
From: Eric [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 24 Jul 2016 11:57:17 -0600
Subject:

Rajesh,

It would be just like any other RPM update. The RPM install will stop
and start services. With Spamdyke, if you're upgrading to 5, you'll have
to run a script (below) I provided, but until you run it you're toaster
will be rejecting email (it only takes a second to run).

Remember if you have special settings in spamdyke.conf backup!


#!/bin/sh
sed -i \
-e 's/reject-missing-sender-mx/reject-sender=no-mx/g' \
-e 's/rejection-text-missing-sender-mx/rejection-text-sender-no-mx/g' \
-e 's/reject-identical-sender-recipient/reject-recipient=same-as-sender/g' \
-e
's/rejection-text-identical-sender-recipient/rejection-text-recipient-same-as-sender/g'
\
-e 's/local-domains-file/qmail-rcpthosts-file/g' \
-e 's/local-domains-entry=/#local-domains-entry=(Add these entries to
qmail-rcpthosts-file)/g' \
-e 's/morercpthosts/qmail-morercpthosts-cdb/'g /etc/spamdyke/spamdyke.conf


Eric

On 7/24/2016 5:32 AM, Rajesh M wrote:
> hi
>
> i am using qmailtoaster on centos 6
>
> the SRPMS i have are from the old qmail site and a few from ftp.whitehorse
>
> my question was whether i can update dovecot, spamassassin and spamdyke
> without causing intereference with existing working qmailtoaster, similar to 
> the manner in which i update clam.
>
> i would be shutting down the qmailserver during the updates
>
>
> thanks
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] concerning updates to qmailtoaster

[Rajesh M]

hi

i am using qmailtoaster on centos 6

the SRPMS i have are from the old qmail site and a few from ftp.whitehorse

my question was whether i can update dovecot, spamassassin and spamdyke
without causing intereference with existing working qmailtoaster, similar to 
the manner in which i update clam.

i would be shutting down the qmailserver during the updates


thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qmailtoaster perl modules

[Rajesh M]

eric

is it possible to add outgoing spam check ie number of emails per hour etc .. 
to qmail

i am currently running a script that analyses smtp and submission log file 
files and blocks the email id which sends more than x number of emails per day.

but unfortunately it is not very effective because it checks the mailfrom 
(instead of authentication email id) and also if one email contains multiple 
recipients the same is not handled correctly.

rajesh

- Original Message -
From: Eric [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 8 May 2016 05:08:16 -0600
Subject: Re: [qmailtoaster] qmailtoaster perl modules

Good to hear!!

On 5/8/2016 2:28 AM, Rajesh M wrote:
> thanks
>
> this worked
>
> rajesh
>
> - Original Message -
> From: Eric [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Sun, 1 May 2016 23:13:43 -0600
> Subject: Re: [qmailtoaster] qmailtoaster perl modules
>
> Hi Rajesh,
>
> Try it now
> (ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/updates/dovecot-2.2.24-11.qt.src.rpm).
>
> Eric
>
> On 5/1/2016 8:42 AM, Rajesh M wrote:
>> hi eric
>>
>> that worked correctly
>>
>> had another question
>>
>> while installing dovecot (fresh new install of qmailtoaster)
>>
>> the package from this link
>> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/updates/dovecot-2.2.24-11.qt.src.rpm
>> throws error
>> qmailtoaster  error while loading shared libraries: libdovecot.so.0: cannot 
>> open shared object file: No such file or directory
>>
>> while this works
>> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.22-7.qt.src.rpm
>>
>> could you please help me
>>
>> rajesh
>>
>>
>> - Original Message -
>> From: Eric [mailto:ebr...@whitehorsetc.com]
>> To: qmailtoaster-list@qmailtoaster.com
>> Sent: Mon, 25 Apr 2016 08:37:16 -0600
>> Subject: Re: [qmailtoaster] qmailtoaster perl modules
>>
>> Hi Rajesh,
>>
>> These modules should have been installed initially (when you first
>> installed QMT/COS6).
>>
>> They are, at least on my QMT/COS6, from the following repos.
>>
>> perl-Mail-SPF-Query: rpmforge
>> perl-Mail-DomainKeys:rpmforge
>> perl-Sys-Hostname-Long: epel
>>
>> Eric
>>
>>
>> On 4/25/2016 7:49 AM, Rajesh M wrote:
>>> hi
>>>
>>> i need to install perl modules on centos 6.
>>>
>>> where do i find the following perl modules (the ones below are from 
>>> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS7/qmt/srpms/ for CENTOS 7)
>>>
>>> perl-Sys-Hostname-Long-1.4-1.2.el7.centos.noarch.rpm 
>>> perl-Mail-DomainKeys-1.0-1.el7.centos.noarch.rpm 
>>> perl-Mail-SPF-Query-1.999.1-2.el7.centos.noarch.rpm
>>>
>>> thanks
>>> rajesh
>>>
>>>
>>>
>>>
>>> -
>>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>

--
Eric C. Broch
White Horse Technical Consulting
ebr...@whitehorsetc.com
406-214-6802
_
ASCII ribbon campaign ( )
  against HTML e-mail   X
   / \

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qmailtoaster perl modules

[Rajesh M]

thanks

this worked

rajesh

- Original Message -
From: Eric [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 1 May 2016 23:13:43 -0600
Subject: Re: [qmailtoaster] qmailtoaster perl modules

Hi Rajesh,

Try it now
(ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/updates/dovecot-2.2.24-11.qt.src.rpm).

Eric

On 5/1/2016 8:42 AM, Rajesh M wrote:
> hi eric
>
> that worked correctly
>
> had another question
>
> while installing dovecot (fresh new install of qmailtoaster)
>
> the package from this link
> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/updates/dovecot-2.2.24-11.qt.src.rpm
> throws error
> qmailtoaster  error while loading shared libraries: libdovecot.so.0: cannot 
> open shared object file: No such file or directory
>
> while this works
> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.22-7.qt.src.rpm
>
> could you please help me
>
> rajesh
>
>
> - Original Message -
> From: Eric [mailto:ebr...@whitehorsetc.com]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Mon, 25 Apr 2016 08:37:16 -0600
> Subject: Re: [qmailtoaster] qmailtoaster perl modules
>
> Hi Rajesh,
>
> These modules should have been installed initially (when you first
> installed QMT/COS6).
>
> They are, at least on my QMT/COS6, from the following repos.
>
> perl-Mail-SPF-Query: rpmforge
> perl-Mail-DomainKeys:rpmforge
> perl-Sys-Hostname-Long: epel
>
> Eric
>
>
> On 4/25/2016 7:49 AM, Rajesh M wrote:
>> hi
>>
>> i need to install perl modules on centos 6.
>>
>> where do i find the following perl modules (the ones below are from 
>> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS7/qmt/srpms/ for CENTOS 7)
>>
>> perl-Sys-Hostname-Long-1.4-1.2.el7.centos.noarch.rpm 
>> perl-Mail-DomainKeys-1.0-1.el7.centos.noarch.rpm 
>> perl-Mail-SPF-Query-1.999.1-2.el7.centos.noarch.rpm
>>
>> thanks
>> rajesh
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>

--
Eric C. Broch
White Horse Technical Consulting
ebr...@whitehorsetc.com
406-214-6802
_
ASCII ribbon campaign ( )
  against HTML e-mail   X
   / \

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qmailtoaster perl modules

[Rajesh M]

hi eric

that worked correctly

had another question

while installing dovecot (fresh new install of qmailtoaster)

the package from this link
ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/updates/dovecot-2.2.24-11.qt.src.rpm
throws error
qmailtoaster  error while loading shared libraries: libdovecot.so.0: cannot 
open shared object file: No such file or directory

while this works
ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.22-7.qt.src.rpm

could you please help me

rajesh


- Original Message -
From: Eric [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Mon, 25 Apr 2016 08:37:16 -0600
Subject: Re: [qmailtoaster] qmailtoaster perl modules

Hi Rajesh,

These modules should have been installed initially (when you first
installed QMT/COS6).

They are, at least on my QMT/COS6, from the following repos.

perl-Mail-SPF-Query: rpmforge
perl-Mail-DomainKeys:rpmforge
perl-Sys-Hostname-Long: epel

Eric


On 4/25/2016 7:49 AM, Rajesh M wrote:
> hi
>
> i need to install perl modules on centos 6.
>
> where do i find the following perl modules (the ones below are from 
> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS7/qmt/srpms/ for CENTOS 7)
>
> perl-Sys-Hostname-Long-1.4-1.2.el7.centos.noarch.rpm 
> perl-Mail-DomainKeys-1.0-1.el7.centos.noarch.rpm 
> perl-Mail-SPF-Query-1.999.1-2.el7.centos.noarch.rpm
>
> thanks
> rajesh
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] qmailtoaster perl modules

[Rajesh M]

hi

i need to install perl modules on centos 6.

where do i find the following perl modules (the ones below are from 
ftp://ftp.whitehorsetc.com/pub/qmail/CentOS7/qmt/srpms/ for CENTOS 7)

perl-Sys-Hostname-Long-1.4-1.2.el7.centos.noarch.rpm 
perl-Mail-DomainKeys-1.0-1.el7.centos.noarch.rpm 
perl-Mail-SPF-Query-1.999.1-2.el7.centos.noarch.rpm

thanks
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] failed installing spamassassin

[Rajesh M]

hi

centos 6 - 64 bit
qmailtoaster latest version

i downloaded spamassassin-3.4.1-0.qt.el6.x86_64.rpm from
ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/spamassassin-3.4.1-0.qt.src.rpm

rpm -Uvh /root/rpmbuild/RPMS/x86_64/spamassassin-3.4.1-0.qt.el6.x86_64.rpm

error: Failed dependencies:
perl(Mail::DomainKeys) is needed by spamassassin-3.4.1-0.qt.el6.x86_64
perl(Mail::SPF::Query) is needed by spamassassin-3.4.1-0.qt.el6.x86_64

i downloaded these modules from cpan and tried to install these but make test 
fails in both cases

i went ahead with a "make install" which

however i am still getting error concerning Failed dependencies: when i try to 
run
rpm -Uvh /root/rpmbuild/RPMS/x86_64/spamassassin-3.4.1-0.qt.el6.x86_64.rpm

help required please

thanks
rajesh



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com