[qmailtoaster] Re: CNAME lookup failed temporarily.... again.
Hey, I havent fixed this yet, but i've found that the system im running is missing the following patch, so ignore my message. 23 - remove cname lookup from qmail-remote (https://lists.gt.net/qmail/users/138190) - carryover Thanks, J On Wed, Mar 31, 2021 at 1:21 AM Jaime Ventura wrote: > Hey all, > > A couple of days ago, my server was complaining with "CNAME lookup failed > temporarily" when delivering emails to domain "repsol.com". > > At first i couldn't understand what the problem was. Querying MX records > for that domain returned valid results. > > I turned to the dns caching server, and noticed that qmail is making a "IN > ANY" query before actually doing a "IN MX". > > For instance, when delivering an email to google: > > Mar 31 01:03:24 mail named[24968]: client 127.0.0.1#53542: query: > gmail.com IN ANY + (127.0.0.1) > Mar 31 01:03:24 mail named[24968]: client 127.0.0.1#57416: query: > gmail.com IN MX + (127.0.0.1) > > I noticed that the same query for "repsol.com" resulted in failure. > > $dig @8.8.8.8 in any repsol.com > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.8 <<>> @8.8.8.8 in any > repsol.com > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 27672 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;repsol.com. IN ANY > > ;; Query time: 2036 msec > ;; SERVER: 8.8.8.8#53(8.8.8.8) > ;; WHEN: Wed Mar 31 01:13:42 2021 > ;; MSG SIZE rcvd: 28 > > > > I wonder why qmail is issuing a "IN ANY" query. > > Also, I'm finding some info on the internet referring to the idea of > deprecating the support to "in any" queries, like this one: > https://blog.cloudflare.com/deprecating-dns-any-meta-query-type/ > > > So, any thoughts about this? Am i wrong about qmail doing "IN ANY" queries > before "IN MX" queries? Im afraid this may this pose a problem in the > (near) future in case everybody starts deprecating the "IN ANY" queries. > > cheers, > > J > >
[qmailtoaster] CNAME lookup failed temporarily.... again.
Hey all, A couple of days ago, my server was complaining with "CNAME lookup failed temporarily" when delivering emails to domain "repsol.com". At first i couldn't understand what the problem was. Querying MX records for that domain returned valid results. I turned to the dns caching server, and noticed that qmail is making a "IN ANY" query before actually doing a "IN MX". For instance, when delivering an email to google: Mar 31 01:03:24 mail named[24968]: client 127.0.0.1#53542: query: gmail.com IN ANY + (127.0.0.1) Mar 31 01:03:24 mail named[24968]: client 127.0.0.1#57416: query: gmail.com IN MX + (127.0.0.1) I noticed that the same query for "repsol.com" resulted in failure. $dig @8.8.8.8 in any repsol.com ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.8 <<>> @8.8.8.8 in any repsol.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 27672 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;repsol.com. IN ANY ;; Query time: 2036 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Wed Mar 31 01:13:42 2021 ;; MSG SIZE rcvd: 28 I wonder why qmail is issuing a "IN ANY" query. Also, I'm finding some info on the internet referring to the idea of deprecating the support to "in any" queries, like this one: https://blog.cloudflare.com/deprecating-dns-any-meta-query-type/ So, any thoughts about this? Am i wrong about qmail doing "IN ANY" queries before "IN MX" queries? Im afraid this may this pose a problem in the (near) future in case everybody starts deprecating the "IN ANY" queries. cheers, J
[qmailtoaster] disabling address extensions for specific users
Hey all, does anyone know if there's a way to disable address extensions for specific users? As far as i can understand from reading dot-qmail files documentation ( http://www.qmail.org/man/man5/dot-qmail.html), if an email is sent to myuser-st...@mydomain.com, and not existing a ~mysuser/.qmail-stuff file, the email will be handled by ~mysuser/.qmail-local or ~mysuser/.qmail. This enables the user 'myu...@mydomain.com' to receive email (spam, mostly) from myuse...@mydomain.com, myuse...@mydomain.com, ... I would like to disable this feature, so that any email to myuser-st...@mydomain.com would result on a "user/mailbox not found". I've also read about "--*enable*-*qmail*-*ext*" vpopmail option, but i didn't figure out the implications of removing this option (as this seems to be a stock qmail feature). I know this feature exist to ease mailing-lists usage. I wonder if disabling this feature would break ezmlm. Cheers, Jaime
Re: [qmailtoaster] QMT/CentOS 6
was the vpopmail-toaster rpm compiled on centos5? When compiled against centos6, the dependenvy you'll get is for libmysqlclient.so.16 Not libmysqlclient.so.15 [root@mailbuilder ~]# strings /home/vpopmail/bin/vchkpw | grep libmysqlclient libmysqlclient.so.16 libmysqlclient_16 [root@mailbuilder ~]# rpm -qf /usr/lib64/mysql/libmysqlclient.so.16 mysql-libs-5.1.73-3.el6_5.x86_64 [root@mailbuilder ~]# Cheers, Jaime On Fri, Mar 27, 2015 at 7:22 PM, Eric Broch wrote: > QMT/CentOS6 users, > > have any of you seen the issue I've described in previous posts: > > "One issue that I've run into with QMT/CentOS6 on my failover host is > the inability to send email after a restart of the named service when > the nameserver address in /etc/resolv.conf is the IP address of the QMT > host itself. The error in my submission file looks like this:" > > /home/vpopmail/bin/vchkpw: error while loading shared libraries: > libmysqlclient.so.15: cannot open shared object file: No such file or > directory > > Before I wade in over my head does anyone have any ideas why this would > be happening? > > Eric > > On 3/27/2015 1:00 PM, Dan McAllister wrote: > > Yup - several > > > > On 3/27/2015 2:04 PM, Eric Broch wrote: > >> Is there anyone in the QMT community using QMT/CentOS6 in a production > >> environment? > >> > >> - > >> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > >> For additional commands, e-mail: > qmailtoaster-list-h...@qmailtoaster.com > >> > > > > > > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > >
Re: [qmailtoaster] QMT/CentOS 6
Yes. On Fri, Mar 27, 2015 at 6:04 PM, Eric Broch wrote: > Is there anyone in the QMT community using QMT/CentOS6 in a production > environment? > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > >
Re: [qmailtoaster] Error - message "451 qq write error or disk full (#4.3.0)"
Have you tried reverting the change? On Wed, Dec 31, 2014 at 4:33 AM, Tony White wrote: > Hi all, > Desperate here please. > Tried to remove domainkeys from the server following this page > > http://wiki.qmailtoaster.com/index.php/Disabling_Domain_Keys > > Since doing it I have not been able to store any emails for anyone. > > Have replace DK but still not joy. > > There is 459GB free on the drive and all the permissions seem fine. > > Any help greatly appreciated. > > Tony White > PS sending email from Yahoo as email server will not do it. > > Thanks in advance. >
Re: [qmailtoaster] Send/Receive quotas in QMT
Hey, I've been trying to get this working on a dev QMT instance: http://hmonteiro.net/howtos/qmail/qmail_envelope_scanning But currently its not a priority for me, so its stalled for the moment. The ideia is to be able do use http://wiki.policyd.org/ Cheers, On Thu, Oct 9, 2014 at 6:07 PM, Tonix - Antonio Nati wrote: > Il 09/10/2014 18:39, Dan McAllister ha scritto: > > QMT Enthusiasts: > > I am in DESPERATE need of a way to rate-limit certain users on my system. > Not only would it help me stop a sometimes well-intentioned, but otherwise > abusive user, but it would also help limit the impact of virus-infected > clients as well. > > Specifically, I would like for there to be a way to limit users to, say, > 250 messages a day. (We're talking outbound messages here, not inbound) > > If it means moving this client away from QMT, so be it -- but I don't know > of any other mail program that would do this either... > > Any ideas? > > Dan McAllister > > > I have some ideas on how to do that on qmail/vpopmail, but it means to add > custom code to qmail or vpopmail (it should be a payed job). > > Regards, > > Tonino > > > -- > > Inter@zioniInterazioni di Antonio Nati >http://www.interazioni.it to...@interazioni.it > > >
Re: [qmailtoaster] Re: smtp greeting
Hey, Did you tried googling it? "telnet smtp 220 asterisks"? Looks like is a cisco feature. Cheers, On Thu, Sep 18, 2014 at 1:03 AM, Eric Shubert wrote: > On 09/17/2014 02:35 PM, Eric Broch wrote: > >> Hello list, >> >> Can anyone tell me why, when I telnet to one of my email servers over >> port 25 that the SMTP greeting is starred (*) out, but if I telnet to >> the same server over the submission port I get the standard greeting. As >> follows: >> >> # telnet host.domain.com 25 >> Trying 'host address' >> Connected to 'host address' >> Escape character is '^]' >> 220 * >> >> # telnet host.domain.com 587 >> Trying 'host address' >> Connected to 'host address' >> Escape character is '^]' >> 220 smtp server greeting >> >> > Looks to me like there is some other host that's receiving the port 25 > traffic, like a firewall/proxy device of some sort, that's either > intercepting or altering the 220 reply. If you're not seeing any tcpserver > lines in the smtp log, then it'd be the former. If you do see corresponding > tcpserver log messages, then it'd be the later. > > >> And, will this affect my SMTP email reception in any way? >> > > I wouldn't think so. It would keep your server from being counted in some > polling that's done to see what kind of mail servers people are using. It's > for that reason that I encourage people to leave the "Qmail Toaster Ver. > 1.3" string in there. I probably should bump up that version for the new > packages. ;) > > > -- > -Eric 'shubes' > > > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > >
[qmailtoaster] CHKUSER variables in tcp.rules
Hello, I know this inst a new topic. I've found several informations related to it. As far as I've understood the variables controlling CHKUSER behavior have to be set harcoded on qmailtoaster instalations, as instructed here: http://wiki.qmailtoaster.com/index.php/Chkuser Can someone tell me why? It seams that CHKUSER allow variable setting in tcp.rules. Why doesn't this apply to qmailtoaster? Thanks Jaime - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SPF SRS, forward and FOPE
Em 19-09-2011 18:01, Eric Shubert escreveu: > On 09/19/2011 04:51 AM, Jaime Ventura wrote: >> Hello. >> Im experiencing the following problem. >> >> Im using forefront online protection for exchange (FOPE) as anti-spam >> system. >> MX records points to FOFE. >> FOPE receives the email and if its clean forwards it to a on-premise >> mail server. >> Im this case the on-premise mail server runs qmailtoaster. >> This works very well until SPF comes in. >> The qmail complains because it sees mail from a server (FOPE) that isnt >> SPF allowed to send emails ... The old SPF forward problem. >> >> Since i believe FOFE doesn't support SPF-SRS (cant find any info on >> documentation), the solution would be to create a special rule on >> tcp.rules and trust mails from FOPE IP addresses by disabling SPF >> checks. >> The problem is i dont have those ips. >> >> Any ideas? >> >> Thanks >> >> - >> > > Can you obtain the FOPE IP addresses from the smtp log? (Presuming > it's been operational already) > I got the IPs (there are several) and created a rule in tcp.rules in order to skip spf test. Its working, but if the ips change... Anyway, thank for your replies - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SPF SRS, forward and FOPE
Actually im running a multi domain installation and only one of then is using FOPE temporarily for backward compatibility :P . So, I cant just turn off SPF checking. Em 19-09-2011 17:23, Eric Shubert escreveu: > If you want to keep using the FOPE, I think you'll need to back off > SPF checking in QMT (echo 1 > /var/qmail/control/spfbehavior). > > Think about it. If FOPE is doing it's job, why does QMT need to check > SPF? ;) > > On the other hand, what's FOPE buying you? I would expect that QMT > (with spamdyke) would do just as good a job (if not better) at > handling spam as FOPE. I know that others here are using QMT as a > front end to Exchange with good success. At least that's my impression. > > The only caution about spamdyke is that to be effective it needs to be > on the edge or forefront. Putting spamdyke behind FOPE (or any other > device that handles the smtp session) will defeat spamdyke's > effectiveness. > - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] SPF SRS, forward and FOPE
No, i dont think so. The problem isnt when im sending email, but receiving. 1) a...@bbb.com (foreign domain) send an email to c...@ddd.com (my domain) 2) FOPE receives the email, checks it and forwards it to my qmail server (my domain). 3) my qmail server (my domain) checks the SPF record of domain bbb.com and notices that the IP adress (which is from FOPE) is not on allowed senders for domain bbb.com and reject it. Thanks m 19-09-2011 15:43, Maxwell Smart escreveu: > Don't you just add an entry in your DNS SPF line that the FOPE servers > are allowed to send mail? I had the same problem with a credit card > processing company that sent receipts to customers with my from address. > > On 09/19/2011 04:51 AM, Jaime Ventura wrote: >> Hello. >> Im experiencing the following problem. >> >> Im using forefront online protection for exchange (FOPE) as anti-spam >> system. >> MX records points to FOFE. >> FOPE receives the email and if its clean forwards it to a on-premise >> mail server. >> Im this case the on-premise mail server runs qmailtoaster. >> This works very well until SPF comes in. >> The qmail complains because it sees mail from a server (FOPE) that isnt >> SPF allowed to send emails ... The old SPF forward problem. >> >> Since i believe FOFE doesn't support SPF-SRS (cant find any info on >> documentation), the solution would be to create a special rule on >> tcp.rules and trust mails from FOPE IP addresses by disabling SPF >> checks. >> The problem is i dont have those ips. >> >> Any ideas? >> >> Thanks >> >> - >> >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com) >> Vickers Consulting Group offers Qmailtoaster support and >> installations. >>If you need professional help with your setup, contact them >> today! >> - >> >> Please visit qmailtoaster.com for the latest news, updates, and >> packages. >> >>To unsubscribe, e-mail: >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: >> qmailtoaster-list-h...@qmailtoaster.com >> >> > - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] SPF SRS, forward and FOPE
Hello. Im experiencing the following problem. Im using forefront online protection for exchange (FOPE) as anti-spam system. MX records points to FOFE. FOPE receives the email and if its clean forwards it to a on-premise mail server. Im this case the on-premise mail server runs qmailtoaster. This works very well until SPF comes in. The qmail complains because it sees mail from a server (FOPE) that isnt SPF allowed to send emails ... The old SPF forward problem. Since i believe FOFE doesn't support SPF-SRS (cant find any info on documentation), the solution would be to create a special rule on tcp.rules and trust mails from FOPE IP addresses by disabling SPF checks. The problem is i dont have those ips. Any ideas? Thanks - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com