Re: [qmailtoaster] clamav 0.97.4 simscan-toaster-1.4.0-1.4.0
Hi Danny, Am 28.03.2012 um 23:49 schrieb Danny Terweij | LxCenter: So a lot need to be resolved before it builds like it should. like it should is subjective. It still builds the same as it always has, unless I'm missing something here. We could get no new data if there was not a successfull remake of a Makefile. That means it uses a old Makefile. It could work but it can also give problems. Before i ever release a new RPM to the public or testing persons, it has to be free of any kind of errors. Also it is a good point to always follow some rules like SPEC rules. Even if it is a minor change, you can always refactor the SPEC file a bit. It is a kind of a odd thought that you say still builds the same as always .. it can go very wrong at some day that you push a new rpm to the public and odd things going to happen. still builds the same as always refers to the fact that you can follow the wiki article on how to install a new toaster on CentOS 5.x from scratch and it will work. I took the time to test that on a VM because I was curious if anything had changed since the last time I checked. While I agree that QMT package dependencies are a bit of a mess and too tightly coupled, we're not aiming to fix that up quite yet. Simscan in particular might eventually be replaced with amavis-new, so at this time we won't be doing any more with it than getting it as up to date as possible. I think i go stop distributing toaster packages to our community. To much changes in the future and bad/poor written SPEC files. I appreciate the criticism and I think we're all aware that, as Eric put it, the dependencies are indeed a bit messy. However, if you are able to discern what is wrong with the spec files, why don't you contribute to the project and submit n updated version? I am sure everyone would appreciate the help. Thanks for your patience and understanding (and participation). No problem, but the patience is out of stock. Its better for our community that we split here and maintain our own qmail and related packages. I saw a whole new djbdns at githib pushed 3 days ago. Much promising and finaly someone refactored it during the last 3 years. I bet the same happens with qmail and other old packages, at some day. New life in kind of (good) old software. I don't really get where you're coming from, here. Let me state a couple of facts first: - QMT is a group effort. - Participation and contributions are always welcome! - No one here is being paid to work on QMT (although QMT enables some of us to make money). - We have way more things that need fixing than people with time and knowledge to do so. In short: QMT is not a commercial product you bought and can now 'demand' support for, but rather an open source community effort that is open for everyone to help make things better. So why talk about splitting / forking when all that seems missing is your contribution? Best, Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] clamav 0.97.4
Am 25.03.2012 um 05:55 schrieb Eric Shubert: I've been running several days as well, with no problems. If I don't hear of any problems, I'll promote it to production in a few days. Same here. It works very well, indeed. ;-) Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] qtp-backup - ezmlm lists??
Am 13.03.2012 um 13:24 schrieb Eric Shubert: It doesn't appear to me that qtp-backup/qtp-restore handles ezmlm lists. Does anyone know where ezmlm stuff resides?? (FWIW, I expect that we'll be using this to migrate the qmailtoaster lists soon) Hi Eric, ezmlm stuff will appear as an individual user folder within the domain. The folder has the name of the mailing list and all relevant content will be stored in special subfolders. So, backing up all domains will also backup ezmlm! Martin PS: a ezmlm mailing list folder could look like this: drwx-- 3 vpopmail vchkpw 4096 Jan 7 2011 allow drwx-- 2 vpopmail vchkpw 4096 Jan 7 2011 archive -rw--- 1 vpopmail vchkpw0 Jan 7 2011 archived drwx-- 2 vpopmail vchkpw 4096 Jan 7 2011 bounce -rw--- 1 vpopmail vchkpw 96 Jan 7 2011 bouncer -rw--- 1 vpopmail vchkpw 215 Jan 7 2011 config -rw--- 1 vpopmail vchkpw 519 Jan 7 2011 editor -rw--- 1 vpopmail vchkpw 236 Jan 7 2011 headeradd -rw--- 1 vpopmail vchkpw 145 Jan 7 2011 headerremove -rw--- 1 vpopmail vchkpw0 Jan 7 2011 indexed -rw--- 1 vpopmail vchkpw 15 Jan 7 2011 inhost -rw--- 1 vpopmail vchkpw 23 Jan 7 2011 inlocal -rw--- 1 vpopmail vchkpw 268 Jan 7 2011 key -rw--- 1 vpopmail vchkpw0 Jan 7 2011 lock -rw--- 1 vpopmail vchkpw0 Jan 7 2011 lockbounce -rw--- 1 vpopmail vchkpw 908 Jan 7 2011 Log -rw--- 1 vpopmail vchkpw 51 Jan 7 2011 mailinglist -rw--- 1 vpopmail vchkpw 298 Jan 7 2011 manager drwx-- 6 vpopmail vchkpw 4096 Jan 7 2011 mod -rw--- 1 vpopmail vchkpw 158 Jan 7 2011 moderator -rw--- 1 vpopmail vchkpw1 Jan 7 2011 modpost -rw--- 1 vpopmail vchkpw 15 Jan 7 2011 outhost -rw--- 1 vpopmail vchkpw9 Jan 7 2011 outlocal -rw--- 1 vpopmail vchkpw 103 Jan 7 2011 owner -rw--- 1 vpopmail vchkpw 15 Jan 7 2011 prefix drwx-- 2 vpopmail vchkpw 4096 Jan 7 2011 subscribers drwx-- 2 vpopmail vchkpw 4096 Jan 7 2011 text signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] qmailmrtg
Am 02.03.2012 um 22:12 schrieb Casey Price: Martin, I'm just using the dovecot RPM provided with the instructions on the QMT wiki. What exactly is necessary to get qmailmrtg to work with dovecot? qmailmrtg is a c program that scans the log files and creates the mrtg data files from it. It can be called with command line options. Basically it comes down to adding routines that can be used to scan dovecot log files. Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] qmailmrtg
Am 02.03.2012 um 22:12 schrieb Casey Price: Martin, I'm just using the dovecot RPM provided with the instructions on the QMT wiki. What exactly is necessary to get qmailmrtg to work with dovecot? Casey Price This is nowhere near complete, but it gives you a first idea what needs to be done. Please note that the mrtg.conf file (I think for some reason that's contained in the .spec in this package), needs to be adapted as well and the c program of course. The package here was my first attempt to convert things to dovecot - it assumes logs are multilog/daemontools format and located in /var/log/qmail/dovecot/ Also, I did not use dovecot for pop3 back then, so that has also not been taken care of. If you give me some more time, I can easily adapt things so it will work with dovecot using syslog and in standard dovecot location and perfect the config files, etc. As it is, I'd consider this very much beta. Martin qmailmrtg-dovecot-toaster-4.2-1.0.0.src.rpm Description: Binary data signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] qmailmrtg
Am 02.03.2012 um 22:12 schrieb Casey Price: Martin, I'm just using the dovecot RPM provided with the instructions on the QMT wiki. What exactly is necessary to get qmailmrtg to work with dovecot? Casey Price This is nowhere near complete, but it gives you a first idea what needs to be done. Please note that the mrtg.conf file (I think for some reason that's contained in the .spec in this package), needs to be adapted as well and the c program of course. The package here was my first attempt to convert things to dovecot - it assumes logs are multilog/daemontools format and located in /var/log/qmail/dovecot/ Also, I did not use dovecot for pop3 back then, so that has also not been taken care of. If you give me some more time, I can easily adapt things so it will work with dovecot using syslog and in standard dovecot location and perfect the config files, etc. As it is, I'd consider this very much beta. Martin qmailmrtg-dovecot-toaster-4.2-1.0.0.src.rpm Description: Binary data signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] qmailmrtg
Casey, Am 03.03.2012 um 02:32 schrieb Casey Price: I'm basically just looking for an effective way to improve my spam filtering, and allow different configs for different users/domains without having to restructure my whole system. How are other large hosts or ISPs doing things? Any ISP users out here that have an opinion about this? Casey Price If you're looking for a per-user spam filter, you might want to consider something like this: http://www.maiamailguard.com/maia/wiki Although, I guess the best thing would be to separate the filter from the mail server and have it act as a security / ant-spam / anti-malware gateway. Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] qmailmrtg
Am 02.03.2012 um 08:04 schrieb Casey Price: Martin, If you want to hook me up with the package, I could help test it out. Casey Price Casey, it all depends on how you set up dovecot. I had mine done by compiling from source and I am using daemontools to run it. Now, if you run it in a similar environment, it will probably work well. If not, I might have to adapt it to properly recognize the log files, etc. Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] patch utility under Fedora 15
Am 25.02.2012 um 11:46 schrieb qmt: Hello all I do as your method but When I built libdomainkeys-toaster-*.src.rpm ,i got the error as below. Can you help? My system is frdora15_x64. daemontools-toaster-*.src.rpm build pass = changes p0 - p1 ucspi-tcp-toaster-*.src.rpmbuild pass = changes p0 - p1 = one patch had to manually specify target vpopmail-toaster-*.src.rpm build pass = Unsure, think there was one p0 - p1, but made no notes libdomainkeys-toaster-*.src.rpm= no changes error libsrs2-toaster-*.src.rpm= no changes build pass The rpm build command in Fedora forbids *futzz* (e.g. when a patch could be applied, but is e.g. one or two lines off). This means that the patch for that package needs to be re-created (using diff command) against this version. This will eliminate fuzz and everything will work ok. You can do this by installing the source-package, unpacking the source folder, making a copy of the source folder applying the patch manually to ONE of the folders and then using diff to re-create the patch. Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY
You know, Nigel, this whole discussion is not FOR or AGAINST any specific distro, but about how to best move the project forward with the resources and knowledge we have. Since it is way easier to focus on one distribution when about to change things (switch from srpm to rpm, etc.), it just makes sense to (initially at least) trim down the number of supported platforms. There are no hard feelings (or there should not be any, really) invested in this... Whatever your trouble compiling the packages, please just ask on the list and we'll try to help as best we can. Just be patient as it is no one's full time job to support or develop this project. Best, Martin Von meinem iPhone gesendet Am 20.02.2012 um 04:08 schrieb Nigel Reed nel...@yahoo.com: You're right, it's probably about time to migrate away from qmailtoaster. Mandriva is very much alive and kicking, thank you very much. The reason a lot of people are not using qmail, I'm sure, is because Mandriva comes with postfix installed and as you've seen by my experience trying to get this damn thing compiled, it's a pain in the ass. There's too many bits to bolt together for most people. A binary packages would be very welcome, I'm sure...As we speak, I'm having trouble getting the latest clamav to compile. According to this website, Mandriva is more popular then CentOS. Maybe you just don't hear from from Mandriva people because they actually have a clue. I bet most people running CentOS or Ubuntu are just tinkering around with it. http://geektrio.net/?p=1404 - Original Message - Mandriva is on the ropes, struggling to survive. If you presently have a QMT running on Mandy, I would seriously consider a migration in the near future. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Dovecot 2.0.x trouble
Hi all, in case anyone uses dovecot 2.0.16, the errata for the latest (2.0.17) say: http://dovecot.org/releases/2.0/dovecot-2.0.17.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.17.tar.gz.sig Among other changes: + Proxying now supports sending SSL client certificate to server with ssl_client_cert/key settings. + doveadm dump: Added support for dumping dbox headers/metadata. - Fixed memory leaks in login processes with SSL connections - vpopmail support was broken in v2.0.16 Seeing as the last line concerns all of us - please update if you have any trouble! Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] QMT on CentOS 6? Alternatives?
Am 29.01.2012 um 03:12 schrieb Dan McAllister: I successfully run QMT on CentOS 6 (actually, on 4 servers now!) -- and as you note, the toaster-admin (web-based GUI) does not work (the php-generated content does not render). The qmail-admin (GUI admin on e-mail accounts) DOES work, and there are some packages that need some tending to to get the compilations right, but its nothing that's not obvious when you look at the error logs during the build cycle. I am hoping to get a free weekend in about a week, at which time I am hoping to spend some time in the PHP scripts and see if I can fix what ails them… Actually, all parts of the guy work if you switch on short php tags in php.ini… Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] Problem with Clamav-toaster on Centos6
Hi Amir, Am 08.01.2012 um 11:20 schrieb Amir Abbasi: Hi, how are you doing? I have a question; Does Qmail-Toaster support IPv6? Generally, I am investigation IPv6 migration for webhosting servers/services, is there any useful link in this regard? General note: it is best if you ask such questions on the list so that others, who might have the same issue, can get that information as well (e.g. by searching the list archive). Anyway, here's my two cents: there is no support for IPv6 in the current qmailtoaster. This is because qmail itself does not support it out of the box. In fact, qmail's author, Dan Bernstein is rather critical of the whole IPv6 mess (his words): http://cr.yp.to/djbdns/ipv6mess.html That being said, it is *possible* to modify qmail to use IPv6: http://www.bltweb.net/qmail/ That is Brandon Turner's site of qmail patches (based on John Simpson's combined patch). These patches can be reworked and applied to 'our' qmail flavor as well - just takes some time and a bit of coding knowledge.. Note that you'll have to make uscpi-tcp IPv6 aware, too, if you want to use the current qmailtoaster layout. I do not know if (and if yes, when) qmailtoaster will be IPv6 enables, but now at least you have an overview of the situation. Cheers, Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] Qmailtoaster major changes
Am 03.01.2012 um 02:36 schrieb Jake Vickers: I will be changing ownership of the Qmailtoaster project to Eric Shubes. With the new role at work and my rapidly growing toddler, I just really don't have enough spare time to devote to the project. I've spoken with Eric and he has agreed to take the project over and continue with it. Thanks for all your work, Jake! Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] Problem with Clamav-toaster on Centos6
Hi Amir,Am 26.12.2011 um 11:55 schrieb Amir Abbasi:+ echo 'Patch #0 (clamav-0.9x-qmailtoaster.patch.bz2):'Patch #0 (clamav-0.9x-qmailtoaster.patch.bz2):+ /usr/bin/bzip2 -dc /root/rpmbuild/SOURCES/clamav-0.9x-qmailtoaster.patch.bz2+ /usr/bin/patch -s -p1 --fuzz=01 out of 7 hunks FAILED -- saving rejects to file etc/clamd.conf.rejerror: Bad exit status from /var/tmp/rpm-tmp.nI9zZQ (%prep)RPM build errors: Bad exit status from /var/tmp/rpm-tmp.nI9zZQ (%prep)Have you ever faced this error message?Thank you for your assistance.The problem is that the included patch is not 100% rediffed against version 0.97.3 of clamav… e.g. some lines are off.This causes the patch utility to fail, as the allowed amount of 'fuzz' (e.g. allow patches to apply to be a couple lines off the expected place) on CentOS 6 is zero.Anyway,use the attached patch instead of the old one (replace the clamav patch file in the SOURCES folder within your rpm build directory) and try again…Martin --Martin WaschbüschIT-DienstleistungenSchumacherring 2981737 MünchenTelefon: +49 89 57005708Fax: +49 89 57868023Mobil: +49 170 2189794serv...@waschbuesch.ithttp://www.waschbuesch.it clamav-0.9x-qmailtoaster.patch.bz2 Description: BZip2 compressed data signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] Problem with Clamav-toaster on Centos6
Hi Anderson, Am 26.12.2011 um 15:27 schrieb Anderson Alves de Albuquerque: I want go out to this list. How can I do? To remove your address from the list, just send a message to the address in the ``List-Unsubscribe'' header of any list message. If you haven't changed addresses since subscribing, you can also send a message to: qmailtoaster-list-unsubscr...@qmailtoaster.com Cheers, Martin signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] sa-learn-attach
Hi Eric,
Am 21.12.2011 um 19:48 schrieb Eric Shubert:
Here's the script I use with a shared folder to learn ham and spam, fwiw:
#!/bin/sh
#
# learn and remove spam and ham in shared folders
#
# shubes 3/26/08 - created
#
learndir=/home/vpopmail/domains/shubes.net/sa-learn
hambox=.Ham
spambox=.Spam
do_the_learning(){
learnas=$1
maildir=$2
shopt -s extglob
for spamfile in `find $maildir/+(cur|new)/* 2/dev/null`; do
sudo -u vpopmail -H sa-learn --$learnas $spamfile
rc=$?
if [ $? != 0 ]; then
echo sa-learn failed, rc=$rc, spamfile=$spamfile
exit $rc
fi
rm $spamfile
done
}
do_the_learning ham $learndir/$hambox
do_the_learning spam $learndir/$spambox
exit 0
I am using a version of something I found on the wiki (or as part of qtp?).
It adds the following things:
- loop through all domains and users
- do not touch/learn special files (e.g. dovecot cache, etc.).
- move ham back to inbox (which is safe with dovecot - I asked the author.)
- learn items without syncing *before* making spamassassin sync the database
(if you host several domains with users actively using the ham/spam feature,
you'll be glad to do that, as perl / spam assassin is no lightweight)
# Let's define our folder conventions:
SPAMDIR=.Spam.Lernen
HAMDIR=.Spam.Korrektur
# find and process each SPAMDIR
for directory in $( find /home/vpopmail/domains -type d -name $SPAMDIR );
do
# then find and process each file in SPAMDIR that is not a dovecot special
file
for file in $( find $directory -type f -not \( -name dovecot.index -o -name
dovecot.index.log -o -name dovecot.index.cache -o -name dovecot-keywords -o
-name dovecot-uidlist -o -name maildirfolder \) );
do
# learn the file with sa-learn as Spam (use the vpopmail user so it ends up
in the correct database)
sudo -u vpopmail -H sa-learn --no-sync --spam ${file} /dev/null 21
# Spam belongs to nirvana!
rm -f ${file} /dev/null 21
done
done
# find and process each HAMDIR
for directory in $( find /home/vpopmail/domains -type d -name $HAMDIR );
do
# then find and process each file in HAMDIR that is not a dovecot special file
for file in $( find $directory -type f -not \( -name dovecot.index -o -name
dovecot.index.log -o -name dovecot.index.cache -o -name dovecot-keywords -o
-name dovecot-uidlist -o -name maildirfolder \) );
do
# learn the file with sa-learn as HAM (use the vpopmail user so it ends up
in the correct database)
sudo -u vpopmail -H sa-learn --no-sync --ham ${file} /dev/null 21
# move the file back to the the INBOX.
mv ${file} ${directory}/../cur /dev/null 21
done
done
# to speed up learning, we only sync the journal with the database at the end.
sudo -u vpopmail -H sa-learn --sync /dev/null 21
signature.asc
Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] 553 sorry, invalid HELO hostname
Hi there, Am 12.11.2011 um 10:30 schrieb siva kumar: Dear List, While sending mail to other domains like rediffmail.com, i am receiving error as follows. Please help me to fix it. Hi. This is the qmail-send program at . I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. please ensure that your FQDN is identical to what you announce in /var/qmail/control/me (and possibly /var/qmail/control/smtpgreeting) also, make sure that a reverse lookup of your IP resolves to that very FQDN if not, chances are that mails from your system will be taken for phishing attempts (e.g. pretending to be someone you are not). Cheers, Martin -- Martin Waschbüsch IT-Dienstleistungen Schumacherring 29 81737 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] DENIED_OTHER, no clue - spf still a little buggy?
Hi all, Am 03.11.2011 um 03:27 schrieb Eric Shubert: I thought qmail-smtp had been patched to show a message when spf failed, but I just found an instance when it doesn't. The sending domain had no TXT record at all, and the smtp log simply showed DENIED_OTHER with no other message. After I changed spfbehavior from 3 to 1, the message came through ok. Anyone notice anything like this? I have stopped using the SPF feature in qmail altogether. I set the value to 0. As an alternative, I enabled spamassassin's SPF checker which seems to work much better (and in anyway, just adds to the spam probability instead of outright blocking things. This has worked quite well for me. Martin -- Martin Waschbüsch IT-Dienstleistungen Schumacherring 29 81737 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] env LANG=C /usr/bin/mrtg /usr/share/toaster/mrtg/qmailmrtg.cfg 21
Hi there, Am 11.11.2011 um 18:01 schrieb Javid Freeman: I just simply updated using yum update. I went back and looked at the list of packages updated and found this: perl-IO-Socket-INET6-2.67-1.el5.art.noarch The rest of the email server features are working without issue. However the error is emailed to the catchall every 5 min. If necessary I can provide the entire list of packages updated. I have been running qmail-toaster for several years and I can't remember if I used CPAN or RPM. Javid The package name you gave here is from a 3rd party repository, Atomic. Perhaps you could try to uninstall / reinstall this from another repo (reforge) or downgrade to the original version from CentOS repo (if available there). In any case, I recommend setting all 3rd party repos to enabled=0 in their .repo file (/etc/yum.repos.d/WHATEVER.repo) and only enable on demand by supplying '--enablerepo=reponame' to yum. Cheers, Martin -- Martin Waschbüsch IT-Dienstleistungen Schumacherring 29 81737 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] 553 sorry, invalid HELO hostname
Am 12.11.2011 um 11:05 schrieb siva kumar: Dear Martin, Thanks for you quick support. i can able to send mail to rediffmail. but mail goes to junk mail. In gmail it goes to spam. Please help me to fix it. Let's try this: please send a mail from the server in question to my email address and I'll start by analyzing that. Also, did you verify the settings I mentioned? Martin -- Martin Waschbüsch IT-Dienstleistungen Schumacherring 29 81737 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] How to sign emails with dkim for only some domains?
Hi there, this is rather easy! :-) All you have to do is use the following kind of syntax: dkimsign global types id=none / /global domain1.tld algorithm=rsa-sha1 domain=domain1.tld keyfile=/var/qmail/control/dkim/domain1.tld/keyfile.key method=simple selector=dkim types id=dkim / types id=domainkey method=nofws / /domain1.tld domain2.tld algorithm=rsa-sha1 domain=domain2.tld keyfile=/var/qmail/control/dkim/domain2.tld/keyfile.key method=simple selector=dkim types id=dkim / types id=domainkey method=nofws / /domain2.tld /dkimsign This way, only the individual domains will use signing (and you can have different options and keys per domain, etc.) Everything not mentioned in the file will not be signed. Also note that this config also takes care of domainkeys. so, using this setup you can remove qmail-dk (or whatever the binary was called) and put qmail-queue.orig back as the qmail-queue binary file. Cheers, Martin -- Martin Waschbüsch IT-Dienstleistungen Schumacherring 29 81737 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it Am 25.09.2011 um 06:48 schrieb P.V.Anthony: Hi, Install dkim according to, http://wiki.qmailtoaster.com/index.php/How_to_Setup_DKIM_with_Qmail_Toaster It works well. I was wondering how to only do dkim for some domains and not all domains. Is there some configuration that needs to be done so that only the required domains will be signed by dkim? P.V.Anthony - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] dropped mails..
Hey there, I cannot seem to remember how to do this, but perhaps someone can remind me? From smtp log (/var/log/qmail/smtpd/current), I have mails from a recipient that get just dropped after determining that the sender is valid. e.g. i have lines such as: @40004e6ba8531a65aae4 tcpserver: ok 4396 krabat.waschbuesch.de:80.254.129.249:25 mx.someserver.org:123.123.123.123::36787 @40004e6ba8542f1fe954 CHKUSER accepted sender: from i...@somedomain.org:: remote :mx.someserver.org:123.123.123.123 rcpt : sender accepted But there it just drops. The next line will only be: @40004e6ba8562398a9cc tcpserver: end 4396 status 0 Since I cannot seem to find any additional info on why this mail was dropped, how can I enable additional debugging? E.g. for simscan or chkuser? If anyone has any pointers on how to debug this one... Thanks, Martin -- Martin Waschbüsch IT-Dienstleistungen Schumacherring 29 81737 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] dropped mails..
Hi Eric, - That sounds familiar to me too, but I don't recall what was going on. Something TLS related perhaps. I'd use spamdyke's detailed logging to see what's happening. -- -Eric 'shubes' Thanks for the quick reply, I think I isolated the issue (and to me, it looks like a bug!) I got to testing this thoroughly when I noticed that all amazon.de notifications were dropped for some time now. What I found is this: Disabling spf-checking by setting /var/qmail/control/spfbehaviour to 0 all emails pass. When left on the default (3) I have the problem. Now, amazon plays by the rules: checking amazon.de (! important that this is the German one!) for SPF records yields: v=spf1 include:amazon.com ~all spf2.0/pra include:amazon.com ~all And this is where I think the problem lies. The system is able to interpret the SPF policy, but does not seem to look up the 'include' part... For in amazon.com records, I found The TXT records found for your domain are: v=spf1 ip4:207.171.160.0/19 ip4:87.238.80.0/21 ip4:72.21.192.0/19 ip4:194.154.193.192/27 ip4:194.7.41.152/28 ip4:212.123.28.40/32 ip4:203.81.17.0/24 ip4:72.21.212.0/25 ip4:199.255.192.0/22 ~all spf2.0/pra ip4:207.171.160.0/19 ip4:87.238.80.0/21 ip4:72.21.192.0/19 ip4:194.154.193.192/27 ip4:194.7.41.152/28 ip4:212.123.28.40/32 ip4:203.81.17.0/24 ip4:72.21.212.0/25 ip4:199.255.192.0/22 ~all and the matching IP address is part of the ones listed above. So, where would I look for the SPF-related code in qmail? Or should I disable it and enable in spamassassin instead? (which could be an interim work-around, I guess).. What do you think? Martin - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] CentOS 6 / RHEL 6
Hi there, some of the problems with the admin-pages are due to short open tags in php, which no longer work in php53 (and they are bad style anyway). I also tried to get a toaster running on CentOS 6, but some of the dependencies were tricky. Btw, qtp works, too. But you have to manually install rpmforge for CentOS 6, so that things like qtp-dependencies will run. I decided to wait for QMTv2 for any OS upgrades. Who knows, maybee that'll be out before you get around to looking at the php sources. ;-) - One can always hope. Cheers, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it Am 18.07.2011 um 20:17 schrieb Dan McAllister: Just an FYI -- I have successfully installed QMT (although not QTP) onto CentOS 6 64-bit. However, I did have to manually build the ezmlm package because the gcc-compat-32 package isn't available for CentOS 6 (only compat-34)... never the less, with a little tweaking of the dependencies, I think the toaster is already reasonably compatible. One other issue -- the toaster-admin web pages (which are all php scripted) don't work correctly under php 5.3.3 ... I've not yet looked into this (because I personally prefer to use the vpopmail binaries), but I'll look into the php sources once I get a free weekend... I'm thinking August... 2032! :-) Dan IT4SOHO -- IT4SOHO, LLC PO Box 507 St. Petersburg, FL 33731-0507 CALL TOLL FREE: 877-IT4SOHO 877-484-7646 Phone 727-490-4394 Fax We make IT work for small business! - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] php upgrade and qmail dependancies
Am 06.07.2011 um 16:28 schrieb Jake Vickers: On 07/06/2011 09:50 AM, Digital Instruments wrote: Anyone have an idea about how could I remove php without removing the qmail dependencies? rpm -e --nodeps php.x86_64 You will run into an issue with short open tags on 5.3 as well. Martin rolled some new packages to change the web page coding to work with the full open tag, but I have not posted them to the web page as of yet. I can supply them if you email me offline - I'll post them but it will take some time to replicate to the mirrors. Sadly, they do not fix all the issues involved. I will add detailed descriptions to mantis later, Jake. Martin - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] vpopmail --disable-many-domains option
Hi Jake, Am 28.05.2011 um 17:19 schrieb Jake Vickers: So I'm still curious as to what you think the benefits are. Segregating your data into multiple tables was always the way I learned to obtain performance. The nature of the requests from QMT are probably not those that would require any performance tuning - the only one I've ever run into is the default number of connections. So I'm willing to table that point if there are other mitigating factors. So what are the advantages/benefits you are thinking will be gained from a single table? I agree with Eric that it probably will not make much of a difference with regards to performance. However, a lot of applications that might want to have access to the email user database are not all that flexible and do not support having different domains in different tables. E.g. using courier-auth with mysql or SOGo with mysql-backend, etc. There are other examples. For my own use, I have written an accounting backend that also cycles through domains and users, etc. to produce detail-information to be attached to invoices and that, too, is just way easier when having all in one table. Granted, that may be simplistic design on the parts of those programs, but hey, it works and it is way easier to recompile vpopmail to achieve compatibility than patch those programs. Also, whenever there is any database schema change in order for vpopmail to be upgraded, it is much easier to upgrade that one table than to find all the tables that hold domains and path those. Last but not least, mysql (and other databases) have length-limitations for domain names. I always wondered, but never tried, what would happen if I added a domain with a name longer than 'max-table-name-length' to the database? I think the current limit for mysql is 32 chars and domain names can be longer. Best, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] vpopmail --disable-many-domains option
Hi all! Am 27.05.2011 um 06:10 schrieb Eric Shubert: Apologies for the hijack. I just seem to recall this being discussed a bit, some time ago, and concluding (perhaps with no consensus) that having all domains in a single table made more sense. This was discussed here some time ago in this thread: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg22035.html It appears that chkuser might need multiple tables? I don't see why. I'm guessing that this person simply didn't rebuild qmail-toaster after rebuilding and reinstalling vpopmail-toaster, which would be required (and qtp-newmodel would do automatically). Perhaps Tonino could confirm this. Then on the development list last October: http://comments.gmane.org/gmane.mail.qmail.toaster.devel/638 Here's a reference that indicates performance can be poor with --disable-many-domains (as well as speculation that it may be removed at some point) http://bowe.id.au/michael/isp/webmail-server.htm I have used a version of vpopmail with all domains in one table as this has a number of advantages for me. This works very well and Eric is right in saying that you have to rebuild qmail-toaster after changing this in vpopmail. I have not seen any adverse effects after switching to this model (I use two toasters like this). Though I do not have a system with a huge number of domains, yet there was no performance difference between the two (for what that is worth). Cheers, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Regex for fail2ban - SMTP DDos
That is not true. fail2ban understands tai64n timestamps as used below. Btw., for fail2ban specific questions, it makes more sense to ask on the fail2ban mailing list. :-) Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it Am 06.05.2011 um 08:58 schrieb Finn Buhelt: Hi. Just out of the head I think it's tricky because fail2ban needs a known timestamp to check against, and I cannot recall fail2ban having this timestamp listed as valid. But as said -just out of the head. Regards, Finn On 06-05-2011 08:10, Délsio Cabá wrote: Hi all I am getting a lot of DDOS on smtp connection logs: @40004dc390330ffb50f4 CHKUSER accepted sender: from r...@mydomain.com:: remote demagnify:unknown:173.212.197.14 rcpt : sender accepted @40004dc390340c9e201c CHKUSER rejected rcpt: from r...@mydomain.com:: remote demagnify:unknown:173.212.197.14 rcpt m...@zicel.ru : invalid rcpt MX domain .. @40004dc3905511aba4bc CHKUSER accepted sender: from r...@ns.mozdesigners.com:: remote byte:unknown:173.212.197.14 rcpt : sender accepted @40004dc390562cb394a4 CHKUSER rejected relaying: from r...@ns.mozdesigners.com:: remote byte:unknown:173.212.197.14 rcpt mad...@usc.es : client not allowed to relay I need to block this using fail2ban but the regex is quite complex. I have tried this: HOST\ rcpt \S+ : client not allowed to relay$ But it doesn't seam to be working as expected: fail2ban-regex /var/log/qmail/smtp/current HOST\ rcpt \S+ : client not allowed to relay ... Date template hits: 0 hit(s): MONTH Day Hour:Minute:Second 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second 0 hit(s): Year/Month/Day Hour:Minute:Second 0 hit(s): Day/Month/Year Hour:Minute:Second 0 hit(s): Day/MONTH/Year:Hour:Minute:Second 0 hit(s): Month/Day/Year:Hour:Minute:Second 0 hit(s): Year-Month-Day Hour:Minute:Second 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond] 0 hit(s): Day-Month-Year Hour:Minute:Second 1184 hit(s): TAI64N 0 hit(s): Epoch 0 hit(s): ISO 8601 0 hit(s): Hour:Minute:Second 0 hit(s): Month/Day/Year@Hour:Minute:Second Any help would be very appreciated Thanks! - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Regex for fail2ban - SMTP DDos
You might try: failregex: CHKUSER rejected relaying: from .*: remote .*:.*:HOST rcpt .* : client not allowed to relay when I did fail2ban-regex /var/log/qmail/smtp/current CHKUSER rejected relaying: from .*: remote .*:.*:HOST rcpt .* : client not allowed to relay I got 35 hits. Martin PS: All I did was to replace variable strings in the log line with wildcard .* -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it Am 06.05.2011 um 09:07 schrieb Délsio Cabá: Hi all, I agree, but, fail2ban is being used with qmailtoaster as seen on this guide: http://wiki.qmailtoaster.com/index.php?title=Fail2Banredirect=noprintable=yes But that guide and many others I have found on the net don't include a regex for my case: client not allowed to relay My problem is really to get a valid regex. I will post it on fail2ban mailing list also. But it's important to post this here also Thanks 2011/5/6 Martin Waschbüsch IT-Dienstleistungen serv...@waschbuesch.it That is not true. fail2ban understands tai64n timestamps as used below. Btw., for fail2ban specific questions, it makes more sense to ask on the fail2ban mailing list. :-) Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it Am 06.05.2011 um 08:58 schrieb Finn Buhelt: Hi. Just out of the head I think it's tricky because fail2ban needs a known timestamp to check against, and I cannot recall fail2ban having this timestamp listed as valid. But as said -just out of the head. Regards, Finn On 06-05-2011 08:10, Délsio Cabá wrote: Hi all I am getting a lot of DDOS on smtp connection logs: @40004dc390330ffb50f4 CHKUSER accepted sender: from r...@mydomain.com:: remote demagnify:unknown:173.212.197.14 rcpt : sender accepted @40004dc390340c9e201c CHKUSER rejected rcpt: from r...@mydomain.com:: remote demagnify:unknown:173.212.197.14 rcpt m...@zicel.ru : invalid rcpt MX domain .. @40004dc3905511aba4bc CHKUSER accepted sender: from r...@ns.mozdesigners.com:: remote byte:unknown:173.212.197.14 rcpt : sender accepted @40004dc390562cb394a4 CHKUSER rejected relaying: from r...@ns.mozdesigners.com:: remote byte:unknown:173.212.197.14 rcpt mad...@usc.es : client not allowed to relay I need to block this using fail2ban but the regex is quite complex. I have tried this: HOST\ rcpt \S+ : client not allowed to relay$ But it doesn't seam to be working as expected: fail2ban-regex /var/log/qmail/smtp/current HOST\ rcpt \S+ : client not allowed to relay ... Date template hits: 0 hit(s): MONTH Day Hour:Minute:Second 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second 0 hit(s): Year/Month/Day Hour:Minute:Second 0 hit(s): Day/Month/Year Hour:Minute:Second 0 hit(s): Day/MONTH/Year:Hour:Minute:Second 0 hit(s): Month/Day/Year:Hour:Minute:Second 0 hit(s): Year-Month-Day Hour:Minute:Second 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond] 0 hit(s): Day-Month-Year Hour:Minute:Second 1184 hit(s): TAI64N 0 hit(s): Epoch 0 hit(s): ISO 8601 0 hit(s): Hour:Minute:Second 0 hit(s): Month/Day/Year@Hour:Minute:Second Any help would be very appreciated Thanks! - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Regex for fail2ban - SMTP DDos
Hi, you should get different output. Note that you have 5796 hits for tai64n which means that it recognized that many lines starting with a date / time stamp. There should be a section where it identifies IPs. The important part is a section that looks like this: Results === Failregex |- Regular expressions: | [1] CHKUSER rejected relaying: from .*: remote .*:.*:HOST rcpt .* : client not allowed to relay | `- Number of matches: [1] 35 match(es) If this has matches, then it is matches against your failregex. (35 in my case) my complete output looks like this: snip fail2ban-regex /var/log/qmail/smtp/current CHKUSER rejected relaying: from .*: remote .*:.*:HOST rcpt .* : client not allowed to relay Running tests = Use regex line : CHKUSER rejected relaying: from .*: remote .*: Use log file : /var/log/qmail/smtp/current Results === Failregex |- Regular expressions: | [1] CHKUSER rejected relaying: from .*: remote .*:.*:HOST rcpt .* : client not allowed to relay | `- Number of matches: [1] 35 match(es) Ignoreregex |- Regular expressions: | `- Number of matches: Summary === Addresses found: [1] 186.129.200.133 (Sat Apr 30 02:37:49 2011) 186.129.200.133 (Sat Apr 30 02:38:28 2011) 186.129.200.133 (Sat Apr 30 02:38:49 2011) 186.129.200.133 (Sat Apr 30 02:39:11 2011) 190.149.150.115 (Sat Apr 30 04:44:06 2011) 221.5.15.185 (Sat Apr 30 07:39:00 2011) 173.212.197.14 (Sat Apr 30 21:34:53 2011) 2.89.80.14 (Sun May 01 02:38:23 2011) 221.5.15.185 (Sun May 01 02:38:42 2011) 221.5.15.185 (Sun May 01 22:02:30 2011) 178.187.135.228 (Mon May 02 11:26:18 2011) 178.187.135.228 (Mon May 02 11:26:41 2011) 178.187.135.228 (Mon May 02 11:26:58 2011) 178.187.135.228 (Mon May 02 11:27:15 2011) 180.180.236.216 (Mon May 02 14:39:32 2011) 180.180.236.216 (Mon May 02 14:40:08 2011) 180.180.236.216 (Mon May 02 14:40:45 2011) 180.180.236.216 (Mon May 02 14:41:14 2011) 221.5.15.185 (Mon May 02 17:53:03 2011) 123.19.174.69 (Tue May 03 02:02:36 2011) 190.234.85.198 (Tue May 03 02:12:38 2011) 221.5.13.193 (Tue May 03 16:02:05 2011) 178.95.2.102 (Tue May 03 22:30:23 2011) 178.95.2.102 (Tue May 03 22:31:24 2011) 178.95.2.102 (Tue May 03 22:31:55 2011) 178.95.2.102 (Tue May 03 22:32:59 2011) 190.233.69.51 (Wed May 04 01:16:13 2011) 117.2.140.171 (Wed May 04 02:34:00 2011) 88.185.226.159 (Wed May 04 23:42:27 2011) 88.185.226.159 (Wed May 04 23:43:11 2011) 88.185.226.159 (Wed May 04 23:43:37 2011) 88.185.226.159 (Wed May 04 23:44:01 2011) 186.2.3.244 (Thu May 05 03:13:41 2011) 221.5.14.62 (Thu May 05 17:33:45 2011) 190.239.206.8 (Fri May 06 01:24:38 2011) Date template hits: 0 hit(s): Month Day Hour:Minute:Second 0 hit(s): Weekday Month Day Hour:Minute:Second Year 0 hit(s): Weekday Month Day Hour:Minute:Second 0 hit(s): Year/Month/Day Hour:Minute:Second 0 hit(s): Day/Month/Year:Hour:Minute:Second 0 hit(s): Year-Month-Day Hour:Minute:Second 0 hit(s): Day-Month-Year Hour:Minute:Second[.Millisecond] 8502 hit(s): TAI64N 0 hit(s): Epoch Success, the total number of match is 35 However, look at the above section 'Running tests' which could contain important information. snip Hope this helps? Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it Am 06.05.2011 um 10:08 schrieb Délsio Cabá: Hi, I also do get hits: Date template hits: 0 hit(s): MONTH Day Hour:Minute:Second 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second 0 hit(s): Year/Month/Day Hour:Minute:Second 0 hit(s): Day/Month/Year Hour:Minute:Second 0 hit(s): Day/MONTH/Year:Hour:Minute:Second 0 hit(s): Month/Day/Year:Hour:Minute:Second 0 hit(s): Year-Month-Day Hour:Minute:Second 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond] 0 hit(s): Day-Month-Year Hour:Minute:Second 5796 hit(s): TAI64N 0 hit(s): Epoch 0 hit(s): ISO 8601 0 hit(s): Hour:Minute:Second 0 hit(s): Month/Day/Year@Hour:Minute:Second Success, the total number of match is 134 But they are in TAI64N, isn't that a problem? Will fail2ban be able to get the time from that? 2011/5/6 Martin Waschbüsch IT-Dienstleistungen serv...@waschbuesch.it You might try: failregex: CHKUSER rejected relaying: from .*: remote .*:.*:HOST rcpt .* : client not allowed to relay when I did fail2ban-regex /var/log/qmail/smtp/current CHKUSER rejected relaying: from .*: remote .*:.*:HOST rcpt .* : client not allowed to relay I got 35 hits. Martin PS: All I did was to replace variable strings in the log line with wildcard .* -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv
Re: [qmailtoaster] Regex for fail2ban - SMTP DDos
So, the regex shows matches when you use fail2ban-regex, but it never takes action? please try the attached patch for fail2ban just in case your version does not already incorporate this... Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it 0002-Tai64N-stores-time-in-GMT-we-need-to-convert-to-loca.patch Description: Binary data Am 06.05.2011 um 10:15 schrieb Délsio Cabá: Hi, I have even tried with: timepattern = tai64n and fail2ban simply fails to ban. My Configuration is: qmail-smtp.conf [Definition] failregex = CHKUSER rejected relaying: from .*: remote .*:.*:HOST rcpt .* : client not allowed to relay jail.conf [qmail-smtp] enabled = true filter = qmail action = iptables[name=SMTP, port=smtp, protocol=tcp] logpath = /var/log/qmail/smtp/current maxretry = 5 bantime = 3600 ignoreip = 127.0.0.1 timepattern = tai64n 2011/5/6 Martin Waschbüsch IT-Dienstleistungen serv...@waschbuesch.it You might try: failregex: CHKUSER rejected relaying: from .*: remote .*:.*:HOST rcpt .* : client not allowed to relay when I did fail2ban-regex /var/log/qmail/smtp/current CHKUSER rejected relaying: from .*: remote .*:.*:HOST rcpt .* : client not allowed to relay I got 35 hits. Martin PS: All I did was to replace variable strings in the log line with wildcard .* -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it Am 06.05.2011 um 09:07 schrieb Délsio Cabá: Hi all, I agree, but, fail2ban is being used with qmailtoaster as seen on this guide: http://wiki.qmailtoaster.com/index.php?title=Fail2Banredirect=noprintable=yes But that guide and many others I have found on the net don't include a regex for my case: client not allowed to relay My problem is really to get a valid regex. I will post it on fail2ban mailing list also. But it's important to post this here also Thanks 2011/5/6 Martin Waschbüsch IT-Dienstleistungen serv...@waschbuesch.it That is not true. fail2ban understands tai64n timestamps as used below. Btw., for fail2ban specific questions, it makes more sense to ask on the fail2ban mailing list. :-) Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it Am 06.05.2011 um 08:58 schrieb Finn Buhelt: Hi. Just out of the head I think it's tricky because fail2ban needs a known timestamp to check against, and I cannot recall fail2ban having this timestamp listed as valid. But as said -just out of the head. Regards, Finn On 06-05-2011 08:10, Délsio Cabá wrote: Hi all I am getting a lot of DDOS on smtp connection logs: @40004dc390330ffb50f4 CHKUSER accepted sender: from r...@mydomain.com:: remote demagnify:unknown:173.212.197.14 rcpt : sender accepted @40004dc390340c9e201c CHKUSER rejected rcpt: from r...@mydomain.com:: remote demagnify:unknown:173.212.197.14 rcpt m...@zicel.ru : invalid rcpt MX domain .. @40004dc3905511aba4bc CHKUSER accepted sender: from r...@ns.mozdesigners.com:: remote byte:unknown:173.212.197.14 rcpt : sender accepted @40004dc390562cb394a4 CHKUSER rejected relaying: from r...@ns.mozdesigners.com:: remote byte:unknown:173.212.197.14 rcpt mad...@usc.es : client not allowed to relay I need to block this using fail2ban but the regex is quite complex. I have tried this: HOST\ rcpt \S+ : client not allowed to relay$ But it doesn't seam to be working as expected: fail2ban-regex /var/log/qmail/smtp/current HOST\ rcpt \S+ : client not allowed to relay ... Date template hits: 0 hit(s): MONTH Day Hour:Minute:Second 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second 0 hit(s): Year/Month/Day Hour:Minute:Second 0 hit(s): Day/Month/Year Hour:Minute:Second 0 hit(s): Day/MONTH/Year:Hour:Minute:Second 0 hit(s): Month/Day/Year:Hour:Minute:Second 0 hit(s): Year-Month-Day Hour:Minute:Second 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond] 0 hit(s): Day-Month-Year Hour:Minute:Second 1184 hit(s): TAI64N 0 hit(s): Epoch 0 hit(s): ISO 8601 0 hit(s): Hour:Minute:Second 0 hit(s): Month/Day/Year@Hour:Minute:Second Any help would be very appreciated Thanks! - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support
Re: [qmailtoaster] Regex for fail2ban - SMTP DDos
Delsio, perhaps we can take this off the list - email me your qmail-smtp.conf from filters.d and your jail.conf. Once we find what was up, we can still let everyone on the list know the problem solution Also, if you could add a sample of your /var/log/qmail/smtp/current for me to test with? Thanks, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it Am 06.05.2011 um 14:10 schrieb Délsio Cabá: Hi Martin, Instead of applying your patch i just downloaded the latest snapshop, which already has that patch and the behavior is exactly the same: the regex gets the hit but it never blocks the IP. [delsio@ns fail2ban-0.8.4-SVN]# tail -f /var/log/fail2ban.log 2011-05-06 14:07:43,587 fail2ban.actions: INFO Set banTime = 6 2011-05-06 14:07:43,597 fail2ban.jail : INFO Jail 'qmail' started 2011-05-06 14:07:43,602 fail2ban.jail : INFO Jail 'ssh-iptables' started 2011-05-06 14:07:43,607 fail2ban.jail : INFO Jail 'password-fail' started 2011-05-06 14:07:43,616 fail2ban.jail : INFO Jail 'username-notfound' started 2011-05-06 14:07:43,629 fail2ban.jail : INFO Jail 'qmail-smtp' started 2011-05-06 14:07:43,627 fail2ban.actions.action: ERROR iptables -N fail2ban-SSH iptables -A fail2ban-SSH -j RETURN iptables -I INPUT -p tcp --dport ssh -j fail2ban-SSH returned 200 2011-05-06 14:07:43,653 fail2ban.jail : INFO Jail 'named-refused-tcp' started 2011-05-06 14:08:05,672 fail2ban.actions: WARNING [named-refused-tcp] Ban 200.184.124.226 2011-05-06 14:08:05,682 fail2ban.actions: WARNING [named-refused-tcp] Ban 76.76.11.241 2011-05-06 14:08:05,693 fail2ban.actions: WARNING [named-refused-tcp] Ban 67.228.118.3 [delsio@ns etc]# fail2ban-client status qmail-smtp Status for the jail: qmail-smtp |- filter | |- File list:/var/log/qmail/smtp/current | |- Currently failed: 0 | `- Total failed: 0 `- action |- Currently banned: 0 | `- IP list: `- Total banned: 0 Any other recommendation? 2011/5/6 Martin Waschbüsch IT-Dienstleistungen serv...@waschbuesch.it OK, it definitely is the patch I sent - fail2ban fails to recognize the local time zone you use. This causes times to never fall into the specified period you use for checking if the attempt occurs multiple times. Once you replace date = list(time.gmtime(int(seconds_since_epoch, 16))) with date = list(time.localtime(int(seconds_since_epoch, 16))) in /usr/share/fail2ban/server/datetemplate.py (near end of file), all should be fine. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it Am 06.05.2011 um 10:17 schrieb Délsio Cabá: Hi, Same behavior, it does get some hits, but it doesn't ban. Other fail2ban filters are working except the one from qmail. fail2ban-regex /var/log/qmail/smtp/current /etc/fail2ban/filter.d/qmail-smtp.conf Date template hits: 0 hit(s): MONTH Day Hour:Minute:Second 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second 0 hit(s): Year/Month/Day Hour:Minute:Second 0 hit(s): Day/Month/Year Hour:Minute:Second 0 hit(s): Day/MONTH/Year:Hour:Minute:Second 0 hit(s): Month/Day/Year:Hour:Minute:Second 0 hit(s): Year-Month-Day Hour:Minute:Second 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond] 0 hit(s): Day-Month-Year Hour:Minute:Second 6347 hit(s): TAI64N 0 hit(s): Epoch 0 hit(s): ISO 8601 0 hit(s): Hour:Minute:Second 0 hit(s): Month/Day/Year@Hour:Minute:Second Success, the total number of match is 168 [delsio@ns ~]# fail2ban-client status qmail-smtp Status for the jail: qmail-smtp |- filter | |- File list:/var/log/qmail/smtp/current | |- Currently failed: 0 | `- Total failed: 0 `- action |- Currently banned: 0 | `- IP list: `- Total banned: 0 2011/5/6 Toma Bogdan tbog...@direkt.ro On 5/6/2011 9:10 AM, Délsio Cabá wrote: Hi all I am getting a lot of DDOS on smtp connection logs: @40004dc390330ffb50f4 CHKUSER accepted sender: from r...@mydomain.com:: remote demagnify:unknown:173.212.197.14 rcpt : sender accepted @40004dc390340c9e201c CHKUSER rejected rcpt: from r...@mydomain.com:: remote demagnify:unknown:173.212.197.14 rcpt m...@zicel.ru : invalid rcpt MX domain .. @40004dc3905511aba4bc CHKUSER accepted sender: from r...@ns.mozdesigners.com:: remote byte:unknown:173.212.197.14 rcpt : sender accepted @40004dc390562cb394a4 CHKUSER rejected relaying: from r...@ns.mozdesigners.com:: remote byte:unknown:173.212.197.14 rcpt mad...@usc.es : client not allowed to relay I need to block this using fail2ban but the regex
Re: [qmailtoaster] Re: SpamAssassin Version
Am 30.04.2011 um 05:40 schrieb David Bray: Thanks for the Feedback Understand about the Fedora Lifetime etc. I use VM's and Fedora 13 is the current Fedora. Tried Ubuntu, CentOS and keep coming back to Fedora - mainly because the php is more up to date The driving line is not so much SA - SpamAssassin as Clam, on my last server - Fedora 12 based, there was an issue with spam and the update to SA 3.3 did get me into later rule sets (via sa-update) You can - in the Fedora 13 case, substitute in yum install spamassassin with little difficulty, basically install the package, it pulls in what it needs, then create the scripts to run under daemontools. The clamav is harder, but I have it running, though untested. The end aim is just to let the rpm system update clam, rather than having to recompile to src rpm so why is that so bad ? well the toaster works fine on a VM with 20Gb HDD and 512k ram but to recompile the clam package you have to stop the services to free up memory ... so having a recipe for utilizing then yum package is nice ... which brings you back to your argument, Fedora 13 will only have a short life for clamav updates via yum David Bray http://www.brayworth.com.au da...@brayworth.com.au Not everything is perfect with QMT, I would agree, but at the same time: it works! And as Eric pointed out, CentOS / RHEL 5.x is the most current version of the recommended OS for QMT. Jake is working on QMTv2 which will incorporate some changes and it will actually address some of the things you mention (like an option to just install binary packages instead of compile from source). That being said, if you'd like to help with QMT, please join the qmailtoaster-devel list as well! Cheers, Martin - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: patch utility under Fedora 13
Am 15.04.2011 um 02:17 schrieb David Bray: Did Jake have some thoughts on this - or should I just unpack, adjust the patch switch and compile ? - any shortcuts ? David Bray http://www.brayworth.com.au da...@brayworth.com.au On 12/04/2011 12:59 AM, Eric Shubert wrote: Jake can answer you question best. He manages the patch files. I gotta ask though, why F13? F14 is current, and F15 release is right around the corner (scheduled for 2011-05-24), which means that F13 will no longer be maintained in only a couple months (2011-06-24). See http://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Maintenance_Schedule Fedora is generally not a good choice for a production server, due to its relatively short lifetime. CentOS is a more stable platform, and is recommended for production QMT use. CentOS5.6 just came out this past weekend, and will not reach end of life for another 3 years (2014-03-31). By then, Fedora will be up to release 20. I think you get the picture. At the same time, we do appreciate people who install QMT on Fedora, so we can get things like this worked out well in advance of them arriving in CentOS. Thanks. Hi, The problem is not the patch utility itself, but the patch included in the package. It likely includes some fuzziness and the patch utility in Fedora is not tolerant when it comes to this. Personally, I think this is a good idea. The problem happens when you apply a patch that was calculated against e.g. software version 2 and is now applied to software version 2.1. If the file to patch has the lines to patch on different line numbers, some systems allow (by default) applying the patch with the offset (=fuzziness) while others do not. Hope that helps, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Checking you DKIM/DomainKeys/SPF/ etc
Another useful link is this: http://www.brandonchecketts.com/ Martin Von meinem iPhone gesendet Am 11.04.2011 um 21:05 schrieb Scott Hughes sc...@renshawauto.net: Just for everyone's general knowledge, you can send an email to: check-a...@verifier.port25.com and it will email you back with a lot of valuable information. This is a free and fast service. The reply was back within 10 seconds of my clicking the send button. Scott - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Automatic Account Expirations
The command posted in your mail needs to be in one line. Apparently, you have a
line feed character in the script which causes the mysql command to fail.
Martin
Von meinem iPhone gesendet
Am 11.04.2011 um 20:48 schrieb Gilbert T. Gutierrez, Jr.
mailing-li...@phoenixinternet.net:
I was looking at the script in the qmailtoaster wiki for Automatic account
expirations. The script is not working for me and I am not all that great
with bash scripts. Has anyone run this script on the list? When I modify
the script with my server info and run the script, it logs me into mysql and
then stops. when I press ctrl-c I get the following notice.
mysql Aborted
./autodelete.sh: line 128: syntax error near unexpected token `newline'
./autodelete.sh: line 128: `$MYSQL_DATABASE -E -e $SQL_QUERY | $GREP email
| $GAWK -F' ' '{print $2}' '
Can someone help me please or push me an alternative direction?
Thank you,
Gilbert Gutierrez
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: RES: [qmailtoaster] Re: Qmail-inject issue
Hi all, I sometimes have the same kind of entry in the logs: grep -R -i 'inject' /var/log/qmail/send/* comes up with entries such as this: /var/log/qmail/send/@40004cac830228d80ff4.s:@40004ca982cb35955a94 delivery 291: failure: qmail-inject:_fatal:_unable_to_parse_this_line:/Cc:_cdshummar...@waschbuesch.de,/_mar...@waschbuesch.de;_Mon,_4_Oct_2010_09:31:12_+0200/system_error_calling_qmail-inject/ The interesting thing is that I always have that when mails seem to have multiple recipients and one of them is clearly fake: cdshummar...@waschbuesch.de is not one of my users while mar...@waschbuesch.de is. I also attached an error message that goes with such errors. Please note that I have never yet seen this if it was not a spam mail anyway, so I never investigated further. Perhaps that helps? Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 serv...@waschbuesch.it http://www.waschbuesch.it ---BeginMessage--- Hi. This is the qmail-send program at hydra.waschbuesch.de. I tried to deliver a bounce message to this address, but the bounce bounced! er...@mailfrom.com: Sorry, I wasn't able to establish an SMTP connection. (#4.4.1) I'm not going to try again; this message has been in the queue too long. --- Below this line is the original bounce. Return-Path: Received: (qmail 2830 invoked for bounce); 4 Oct 2010 07:31:13 - Date: 4 Oct 2010 07:31:13 - From: mailer-dae...@hydra.waschbuesch.de To: er...@mailfrom.com Subject: failure notice Hi. This is the qmail-send program at hydra.waschbuesch.de. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. i...@waschbuesch.de: qmail-inject: fatal: unable to parse this line: Cc: cdshummar...@waschbuesch.de, mar...@waschbuesch.de; Mon, 4 Oct 2010 09:31:12 +0200 system error calling qmail-inject --- Below this line is a copy of the message. Return-Path: er...@mailfrom.com Received: (qmail 2806 invoked by uid 89); 4 Oct 2010 07:31:13 - Received: by simscan 1.4.0 ppid: 2799, pid: 2800, t: 23.6234s scanners: attach: 1.4.0 clamav: 0.96.3/m:52/d:12005 spam: 3.2.5 X-Spam-Flag: YES X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on serv01.waschbuesch.de X-Spam-Level: *** X-Spam-Status: Yes, score=3.6 required=2.0 tests=BAYES_99,HTML_MESSAGE, RDNS_NONE autolearn=no version=3.2.5 X-Spam-Report: * 3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100% * [score: 1.] * 0.0 HTML_MESSAGE BODY: HTML included in message * 0.1 RDNS_NONE Delivered to trusted network by a host with no rDNS Received: from unknown (HELO ?95.86.101.2?) (95.86.101.2) by hydra.waschbuesch.de with SMTP; 4 Oct 2010 07:30:50 - Received-SPF: none (hydra.waschbuesch.de: domain at mailfrom.com does not designate permitted sender hosts) Received: from [132.51.125.15] (helo=ybqmocxuyk.jmznfn.va) by with esmtpa (Exim 4.69) (envelope-from ) id 1MMNII-6917ai-41 for andre...@waschbuesch.de, andrea...@waschbuesch.de, andr...@waschbuesch.de, i...@waschbuesch.de Cc: cdshummar...@waschbuesch.de, mar...@waschbuesch.de; Mon, 4 Oct 2010 09:31:12 +0200 From: Benjamin Lay carterzotyv...@imperial-software.de To: andre...@waschbuesch.de, andrea...@waschbuesch.de, andr...@waschbuesch.de, i...@waschbuesch.de Cc: cdshummar...@waschbuesch.de, mar...@waschbuesch.de Subject: Die Armbanduhren sind viel billiger online! Date: Mon, 4 Oct 2010 09:31:12 +0200 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary==_fxxoamnvl_49_47_27 X-Priority: 3 X-Mailer: rmhuzwmu.96 Message-ID: 2033986661.weil69lr106...@pvurl.pbmgh.va --=_fxxoamnvl_49_47_27 Content-Type: text/plain; charset=iso-8859-2 Content-Transfer-Encoding: quoted-printable Die Brand Original Chronometer aus der Schweiz sind zu teuer geldfressend= , aber Menschen respektieren achten deren Besitzer. erwerben Sie eine Kop= ie von einer Brand und kriegen Sie alle Privilegien der Elite ohne ein ga= nzes Vermoegen zu bezahlen.http://bit.ly/95d0yz --=_fxxoamnvl_49_47_27 Content-Type: text/html; charset=iso-8859-2 Content-Transfer-Encoding: quoted-printable !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN HTMLHEAD META http-equiv=3DContent-Type content=3Dtext/html; charset=3Diso-8859-= 2 STYLE/STYLE /HEAD BODY html body bgcolor=3D#FF link=3Dgreen font face=3DVerdana size=3D2Die Brand Original Chronometer aus der = Schweiz sind zu teuer geldfressend, aber Menschen respektieren achten der= en Besitzer. erwerben Sie eine Kopie von einer Brand und kriegen Sie alle= Privilegien der Elite ohne ein ganzes Vermoegen zu bezahlen./fontbr= br font face=3DVerdana size=3D2a href=3Dhttp://bit.ly/95d0yz; target= =3D_blankbhttp
Re: [qmailtoaster] Re: DKIM and DomainKeys and the Toaster
Hi Eric, Am 18.02.2011 um 17:07 schrieb Eric Shubert: Great. So the only piece that's missing is checking inbound messages. Anyone care to look into this? I don't know if Jake has already or not. -- -Eric 'shubes' I have been using SpamAssassin to do inbound verification. Obviously, this is not the ideal solution, but it works. -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: DKIM and DomainKeys and the Toaster
Eric, Jake's instructions work like a charm and also note: that implementation can take care of both DKIM and DK (both of which I am making use of on my toaster). Martin Von meinem iPhone gesendet Am 18.02.2011 um 16:34 schrieb Eric Shubert e...@shubes.net: qmail-dk (aka DomainKeys), I'm sad to say, has some bugs in the inbound (checking) area. Someone (I'm sorry I don't remember the name) spent some time on it a couple years ago, and ran out of time fixing the outbound portion. I recommend removing all DK* variables in the tcp.smtp file, except for DKSIGN. I believe DKSIGN works ok (I have it configured), but I wouldn't bet my life on it. I believe DKIM is preferred (a successor to DK). I haven't used it yet, but I believe Jake and Amit have implemented DKIM successfully. See http://wiki.qmailtoaster.com/index.php/How_to_Setup_DKIM_with_Qmail_Toaster I don't know how well DK and DKIM play together, but if I implemented DKIM, I would disable DK entirely, either by removing DKSIGN in tcp.smtp, or (better) change the /var/qmail/bin/qmail-queue symlink to point to qmail-queue.orig instead of qmail-dk. It appears to me that this DKIM implementation is for outbound only. I'm not aware of any implementation of inbound checking of DK (which works reliably) or DKIM for QMT. It'd be nice if someone would come up with a DKIM checking patch of some sort. -- -Eric 'shubes' On 02/17/2011 07:39 PM, Dan McAllister wrote: Greeting QMT and QTP affectionados... I endeavored to help PV Anthony resolve his SpamDyke issues a little bit ago and discovered to my dismay that my DomainKeys system was rejecting messages for no good reason -- ESPECIALLY if the sending domain had NO DomainKeys DNS entries! Needless to say, this is problematic, so I've temporarily suspended checking for DomainKeys Has anyone else experienced this recently? (I've used DomainKeys for quite some time without reason to suspect it was problematic! Was I just blind to the issues all this time??) Thanks in advance to any who choose to discuss this... Dan IT4SOHO - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: DNS temporary failure if one DNS server dont work.
I think you are right, Eric, What I do for my main box is have the caching nameserver on it and use as forwarders the default that came with the caching name server (djbdns) and added the name servers of my ISP (the box is COLO, so even that is really fast when it comes to lookups). Those also are the authoritative ones for my domains. I have always had great experience when splitting caching and auth name servers. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 14.02.2011 um 20:58 schrieb Eric Shubert: Hey Marek, Using Bind is fine, but using a single server/process for both authoritative and resolver purposes is not a good practice. It can be done, but I would try very hard to keep them separate before endeavoring to put them together. It can be done, but it's a bit tricky to do well (accurately and securely). If at all possible, I would use an authoritative DNS server that's external to QMT, then simply install the caching-nameserver package on QMT to use as a resolver. You should also modify the resolver's configuration to use forwarders, but that's not absolutely necessary. caching-nameserver configuration should work ok as is. Martin, do you have anything to add? (Sorry for jumping in again) -- -Eric 'shubes' On 02/14/2011 12:14 PM, d...@demod.pl wrote: Thank You for advice. I think, I must learn about DNS much more as I thought before i wrote these emails. I'm using BIND (named). Yes it's authoritative DNS server and i think it's a local resolver. Now I understand it's wrong practice? Now i'm going to try apply you advices and read something more about DNS server. I will let you know about my progress regards Marek - Original Message - From: Eric Shubert e...@shubes.net To: qmailtoaster-list@qmailtoaster.com Sent: Monday, February 14, 2011 4:24 PM Subject: [qmailtoaster] Re: DNS temporary failure if one DNS server dont work. I agree whole heartedly with Martin (whatever that's worth). Two key questions which haven't been answered yet by Marek: 1) which software is he using (bind or djbdns) 2) is he using the local resolver as an authoritative DNS server as well? (I would hope not, but you never know). I gotta chuckle regarding Marek's name, as there is a commercial email server called Marek Mail. :) Thanks, Martin. I'll let you finish up with this one. -- -Eric 'shubes' On 02/14/2011 01:39 AM, Martin Waschbüsch wrote: Seeing as it does not work right now, I don't know where the servers are listed on his system. Clearly there must be some configuration issue. But at the same time, IMHO it is the best solution to ensure there is a properly configured local DNS server. Such a local DNS server has a config where you can list forwarding DNS servers and that is where his name servers should be configured. Imagine resolv.conf lists the two outside DNS servers directly. Let's assume that the first entry (will be queried first) is down. Although the system tries to send 50 individual mails to some...@googlemail.com, the mail server will experience a timeout for the first name server and only then query the secondary server. All that happens 50 times(!) Now, if you have a working caching DNS server, as soon as the first timeout happened and the secondary DNS server was queried, the local server has the DNS entry stored and the remaining 49 messages do not encounter any timeout at all. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 14.02.2011 um 09:06 schrieb Tony White: Hi, So what/where are the two dns servers Marek says he is using? On 14/02/2011 7:02 PM, Martin Waschbüsch wrote: That is not correct! If localhost runs a caching DNS server, it will fetch DNS information from forwarding DNS servers, which can be the ISP's, Google's, whatever. The whole point of having a local caching DNS server is that it not only takes care of using all DNS servers it knows about to fetch data, but also to store that data and prevent DNS-lookup-heavy applications (like E-Mail servers) to generate lots of additional traffic and overhead. So, if Marek runs a local DNS server and still gets problems, then we need to look at that config. If not, he really should install a caching DNS server (named, djbdns, etc.) In any case, resolv.conf is just fine only pointing to the local server. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 14.02.2011 um 07:59 schrieb Bruno De
Re: [qmailtoaster] Re: DNS temporary failure if one DNS server dont work.
Exactly,
for djbdns, I have (in /var/djbdns/dnscache/root/servers/@):
80.254.130.4
80.254.140.9
198.41.0.4
128.9.0.107
192.33.4.12
128.8.10.90
192.203.230.10
192.5.5.241
192.112.36.4
128.63.2.53
192.36.148.17
198.41.0.10
193.0.14.129
198.32.64.12
202.12.27.33
The first two are the ones of my ISP. The rest came with the djbdns config and
can be extended to use whatever else you want to add.
This way, too, the local box will get answers for DNS requests from the first
server that responds.
Martin
--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München
Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de
Am 15.02.2011 um 02:23 schrieb Eric Shubert:
On 02/14/2011 01:57 PM, Scott Hughes wrote:
I use a caching name server on my QMT server. Here is what I have in my
/etc/resolv.conf file:
nameserver 127.0.0.1
nameserver 4.2.2.3
nameserver 4.2.2.4
This way if it does not resolve it locally, it will resolve it using one
of the other DNS servers listed. Once it is resolved once, my local
server will hold onto it for a period of time so that future look-ups
will be faster.
I don't believe that's quite right, Scott. I believe it will only cache hits
that are satisfied by the localhost (127.0.0.1) resolver. I think it would be
better to specify forwarders in the named.conf file. Then, indeed, hits from
alternate resolvers would be cached.
This is what I have in my named.conf:
//
// named.conf
//
options {
forward first;
forwarders {
205.171.3.25;
208.67.222.220;
205.171.2.25;
208.67.222.222;
};
};
logging {
category lame-servers { null; };
};
These IPs are for my ISP (Qwest) and OpenDNS. I think that by specifying
forwarders, it relieves some stress on the root name servers, which is a good
thing.
Martin, am I off base on this? I could be.
Hope this helps.
Scott
On Mon, Feb 14, 2011 at 1:58 PM, Eric Shubert e...@shubes.net
mailto:e...@shubes.net wrote:
Hey Marek,
Using Bind is fine, but using a single server/process for both
authoritative and resolver purposes is not a good practice. It can
be done, but I would try very hard to keep them separate before
endeavoring to put them together. It can be done, but it's a bit
tricky to do well (accurately and securely).
If at all possible, I would use an authoritative DNS server that's
external to QMT, then simply install the caching-nameserver package
on QMT to use as a resolver. You should also modify the resolver's
configuration to use forwarders, but that's not absolutely
necessary. caching-nameserver configuration should work ok as is.
Martin, do you have anything to add? (Sorry for jumping in again)
--
-Eric 'shubes'
On 02/14/2011 12:14 PM, d...@demod.pl mailto:d...@demod.pl wrote:
Thank You for advice.
I think, I must learn about DNS much more as I thought before i
wrote
these emails.
I'm using BIND (named).
Yes it's authoritative DNS server and i think it's a local
resolver. Now
I understand it's wrong practice?
Now i'm going to try apply you advices and read something more
about DNS
server.
I will let you know about my progress
regards
Marek
- Original Message - From: Eric Shubert
e...@shubes.net mailto:e...@shubes.net
To: qmailtoaster-list@qmailtoaster.com
mailto:qmailtoaster-list@qmailtoaster.com
Sent: Monday, February 14, 2011 4:24 PM
Subject: [qmailtoaster] Re: DNS temporary failure if one DNS
server dont
work.
I agree whole heartedly with Martin (whatever that's worth).
Two key questions which haven't been answered yet by Marek:
1) which software is he using (bind or djbdns)
2) is he using the local resolver as an authoritative DNS
server as
well? (I would hope not, but you never know).
I gotta chuckle regarding Marek's name, as there is a
commercial email
server called Marek Mail. :)
Thanks, Martin. I'll let you finish up with this one.
--
-Eric 'shubes'
On 02/14/2011 01:39 AM, Martin Waschbüsch wrote:
Seeing as it does not work right now, I don't know where
the servers
are listed on his system. Clearly there must be some
configuration
issue.
But at the same time, IMHO it is the best solution to
ensure there is
a properly configured local DNS server.
Such a local DNS server has a config where you can list
forwarding
Re: [qmailtoaster] Re: DNS temporary failure if one DNS server dont work.
Am 15.02.2011 um 16:06 schrieb Maxwell Smart: I have a 1.25 book on DNS. I'll lend it to anyone who wants to read it and compile some wiki notes on DNS. DNS is very complex in itself and you need to read much more than good be put on a wiki to get a full understanding of the complexities. Very true. Personally, I find that the information given on the wikipedia page http://en.wikipedia.org/wiki/Domain_Name_System plus the long (but by no means exhaustive) list of links on the subject at the bottom of the article are a good starting point for online reading. Martin - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] DNS temporary failure if one DNS server dont work.
That is not correct! If localhost runs a caching DNS server, it will fetch DNS information from forwarding DNS servers, which can be the ISP's, Google's, whatever. The whole point of having a local caching DNS server is that it not only takes care of using all DNS servers it knows about to fetch data, but also to store that data and prevent DNS-lookup-heavy applications (like E-Mail servers) to generate lots of additional traffic and overhead. So, if Marek runs a local DNS server and still gets problems, then we need to look at that config. If not, he really should install a caching DNS server (named, djbdns, etc.) In any case, resolv.conf is just fine only pointing to the local server. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 14.02.2011 um 07:59 schrieb Bruno De Leone: That means your only DNS is your local DNS so the qmail will never find any server outside it's network... You should add the DNS of your preference. For example, to add google's DNS, edit the file /etc/resolv.conf and add these lines at the end of the file: nameserver 8.8.8.8 nameserver 4.4.4.4 On Mon, Feb 14, 2011 at 4:39 AM, d...@demod.pl wrote: In resolv.conf I have only: search localdomain nameserver 127.0.0.1 - Original Message - From: Tony White t...@ycs.com.au To: qmailtoaster-list@qmailtoaster.com Sent: Monday, February 14, 2011 2:55 AM Subject: Re: [qmailtoaster] DNS temporary failure if one DNS server dont work. Marek, What order are the dns servers in /etc/resolv.conf? If they are the failing one on line one then reverse them. On 14/02/2011 9:03 AM, d...@demod.pl wrote: Thanks for fast reply. I use 2 named servers. everyone in different locations. One DNS server is on the same machine as qmailtoaster and always on. But when secondary DNS on the other location die i canot send email outside. - Original Message - From: Carlos Herrera Polo carlos.herrerap...@gmail.com To: qmailtoaster-list@qmailtoaster.com Sent: Sunday, February 13, 2011 10:02 PM Subject: Re: [qmailtoaster] DNS temporary failure if one DNS server dont work. Djbdns or named 2011/2/13, Martin Waschbüsch mar...@waschbuesch.de: What you could try is this: Have a local caching DNS server and that takes care of resolving to as many 'real' DNS servers as you like. Doing so means that your DNS server (local) is ALWAYS on (unless the daemon dies) and this problem won't occur again. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 13.02.2011 um 19:48 schrieb d...@demod.pl d...@demod.pl: Hello everyone I have a problem with my qmailtoster. When one of my DNS server is down i cant send email. When i try send email outside i have an error message: DNS temporary failure. This hapen even if one DNS server works correctly. Does anyone know how can I solve it? Thanx for you help. Marek __ Informacja programu ESET NOD32 Antivirus, wersja bazy sygnatur wirusow 5835 (20110131) __ Wiadomosc zostala sprawdzona przez program ESET NOD32 Antivirus. http://www.eset.pl lub http://www.eset.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com __ Informacja programu ESET NOD32 Antivirus, wersja bazy sygnatur wirusow 5835 (20110131) __ Wiadomosc zostala sprawdzona przez program ESET NOD32 Antivirus. http://www.eset.pl lub http://www.eset.com
Re: [qmailtoaster] DNS temporary failure if one DNS server dont work.
Seeing as it does not work right now, I don't know where the servers are listed on his system. Clearly there must be some configuration issue. But at the same time, IMHO it is the best solution to ensure there is a properly configured local DNS server. Such a local DNS server has a config where you can list forwarding DNS servers and that is where his name servers should be configured. Imagine resolv.conf lists the two outside DNS servers directly. Let's assume that the first entry (will be queried first) is down. Although the system tries to send 50 individual mails to some...@googlemail.com, the mail server will experience a timeout for the first name server and only then query the secondary server. All that happens 50 times(!) Now, if you have a working caching DNS server, as soon as the first timeout happened and the secondary DNS server was queried, the local server has the DNS entry stored and the remaining 49 messages do not encounter any timeout at all. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 14.02.2011 um 09:06 schrieb Tony White: Hi, So what/where are the two dns servers Marek says he is using? On 14/02/2011 7:02 PM, Martin Waschbüsch wrote: That is not correct! If localhost runs a caching DNS server, it will fetch DNS information from forwarding DNS servers, which can be the ISP's, Google's, whatever. The whole point of having a local caching DNS server is that it not only takes care of using all DNS servers it knows about to fetch data, but also to store that data and prevent DNS-lookup-heavy applications (like E-Mail servers) to generate lots of additional traffic and overhead. So, if Marek runs a local DNS server and still gets problems, then we need to look at that config. If not, he really should install a caching DNS server (named, djbdns, etc.) In any case, resolv.conf is just fine only pointing to the local server. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 14.02.2011 um 07:59 schrieb Bruno De Leone: That means your only DNS is your local DNS so the qmail will never find any server outside it's network... You should add the DNS of your preference. For example, to add google's DNS, edit the file /etc/resolv.conf and add these lines at the end of the file: nameserver 8.8.8.8 nameserver 4.4.4.4 On Mon, Feb 14, 2011 at 4:39 AM,d...@demod.pl wrote: In resolv.conf I have only: search localdomain nameserver 127.0.0.1 - Original Message - From: Tony Whitet...@ycs.com.au To:qmailtoaster-list@qmailtoaster.com Sent: Monday, February 14, 2011 2:55 AM Subject: Re: [qmailtoaster] DNS temporary failure if one DNS server dont work. Marek, What order are the dns servers in /etc/resolv.conf? If they are the failing one on line one then reverse them. On 14/02/2011 9:03 AM, d...@demod.pl wrote: Thanks for fast reply. I use 2 named servers. everyone in different locations. One DNS server is on the same machine as qmailtoaster and always on. But when secondary DNS on the other location die i canot send email outside. - Original Message - From: Carlos Herrera Polocarlos.herrerap...@gmail.com To:qmailtoaster-list@qmailtoaster.com Sent: Sunday, February 13, 2011 10:02 PM Subject: Re: [qmailtoaster] DNS temporary failure if one DNS server dont work. Djbdns or named 2011/2/13, Martin Waschbüschmar...@waschbuesch.de: What you could try is this: Have a local caching DNS server and that takes care of resolving to as many 'real' DNS servers as you like. Doing so means that your DNS server (local) is ALWAYS on (unless the daemon dies) and this problem won't occur again. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 13.02.2011 um 19:48 schriebd...@demod.pl d...@demod.pl: Hello everyone I have a problem with my qmailtoster. When one of my DNS server is down i cant send email. When i try send email outside i have an error message: DNS temporary failure. This hapen even if one DNS server works correctly. Does anyone know how can I solve it? Thanx for you help. Marek __ Informacja programu ESET NOD32 Antivirus, wersja bazy sygnatur wirusow 5835 (20110131) __ Wiadomosc zostala sprawdzona przez program ESET NOD32 Antivirus. http://www.eset.pl lub http://www.eset.com - Qmailtoaster is sponsored by Vickers Consulting Group
Re: [qmailtoaster] DNS temporary failure if one DNS server dont work.
What you could try is this: Have a local caching DNS server and that takes care of resolving to as many 'real' DNS servers as you like. Doing so means that your DNS server (local) is ALWAYS on (unless the daemon dies) and this problem won't occur again. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 13.02.2011 um 19:48 schrieb d...@demod.pl d...@demod.pl: Hello everyone I have a problem with my qmailtoster. When one of my DNS server is down i cant send email. When i try send email outside i have an error message: DNS temporary failure. This hapen even if one DNS server works correctly. Does anyone know how can I solve it? Thanx for you help. Marek __ Informacja programu ESET NOD32 Antivirus, wersja bazy sygnatur wirusow 5835 (20110131) __ Wiadomosc zostala sprawdzona przez program ESET NOD32 Antivirus. http://www.eset.pl lub http://www.eset.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Strange Behavior of Domainkey
Hi all, The problem with the stock domainkey configuration is that it will only sign things when they enter the queue. If any application uses qmail as sendmail replacement (e.g. a locally installed squirrelmail or horde webmail can be configured to do it), then the message will not be signed. The DKIM replacement (there was a video Jake did on that) is much better - it will sign messages when they LEAVE the system and it can be configured to do DKIM and Domainkeys. I'd really recommend replacing the stock domainkeys config by the dkim enhancement. There should also be a page on the wiki about it. Thanks, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 28.12.2010 um 18:53 schrieb Eric Shubert: The stock qmail-dk is just plain broken. It sometimes works, but it also fails to sign properly in some (unpredictable AFAICT) circumstances. I recommmend using DKIM if you really need to sign messages with a key. -- -Eric 'shubes' On 12/28/2010 10:34 AM, ya...@ardmail.com wrote: SPF is configured and not causing any problem in both cases. I was contemplating the possibility that it could be some difference in the config line for localhost vs anything else, but i made them identical as well. and it doesn't help :( 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 192.168.1.60:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,DKSIGN=/var/qmail/control/domainkeys/%/private On 12/28/2010 02:36 AM, Anil Aliyan wrote: Is your tcp.smtp configuration for localhost or mailserver and you client has the same configuration? This is on the right track. The 'stock' configuration for squirrelmail presently uses an open relay configuration for localhost, with no authentication (this will hopefully change in v2). For the sake of consistency (and a little better security), I change my SM config to submit via port 587 and authenticate, and remove the 127.: line from tcp.smtp. See http://wiki.qmailtoaster.com/index.php/Fetchmail for such SM configuration. I expect that this will not fix your problem, and will cause the problem to exist with SM as well as Outlook. There's something to be said for consistency. ;) How have you implemented DK? The 'stock' configuration is a bit flakey. I think that there is a DKIM implementation that works well, although I haven't used it personally yet. I would look into DKIM (as opposed to using DK) if you haven't already. Have you configured SPF records for your clients network in your DNS records? Shouldn't need this, as SPF has to do with the server which sends the message, not client (origin) addresses. Regards, Anil Aliyan Thanks for your input, Anil. I'll let you help Yuri on this further. -Original Message- From: ya...@ardmail.com [mailto:ya...@ardmail.com] Sent: 28 December 2010 14:36 To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Strange Behavior of Domainkey Hello, I noticed very strange behavior of domainkey with yahoo :( if i am sending the mail from squirrelmail everything works and yahoo passing the signature. if i am sending the same mail from outlook client yahoo says the signature is bad. is this a problem of my configuration? Any help will be appreciated. Thanks, ~yuri - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today
Re: [qmailtoaster] horde question
Hi Rajesh, I think what you are referring to is easily explained: Horde will by default display attachments inline (e.g. in the message) if it understands the mime-type. That way, you can see pictures and PDF, etc. in the email without opening it, but only if horde has been configured to understand the mime-type. For a list of types that are supported, check out: horde/imp/config/mime_drivers.php It lists message/partial as one of the supported mime-types and in the detailed section on that mime-type, it says: 'inline' = true and will therefore display that inline in messages. You can change the inline option of each mime-type by changing 'inline' = true to 'inline' = false This would then force the attachment to be displayed as attachment only. Cheers, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 22.12.2010 um 17:42 schrieb Rajesh M: hi i am testing out horde due html mail issues in squirrelmail had a quesions when i forward an email as an attachment (not message body forward) then the email gets delivered but when the email is opened the recipient who is also using horde entire email is displayed in the form of email headers and source code in squirrelmail the same shows up as an attachment and on opening it shows the correct formatting and can be forwarded / replied to etc. it also shows up correctly in outlook and Thunderbird as an attachment i want horde to display this like squirrelmail does ie as an attachment which can be forwarded, replied to etc has anybody experienced such a problem what can be the possible solution to this ? thanks rajesh - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] New to List and Qmail-Toaster
Am 09.12.2010 um 23:50 schrieb keith smith: Also can you point me to the latest and / or best instruction for CentOS/RHEL Thanks! Keith Smith That would be http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install And welcome to the list! ;-) Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] errors
Hi, Can you verify if the content of /var/qmail/control//me is indeed a FQDN that resolves into your IP and also matches the greeting in /var/qmail/control/smtpgreeting? Thanks, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 08.12.2010 um 23:10 schrieb sysad...@tricubemedia.com: Hi List Getting this error from one domain. *.*.*.* does not like recipient. Remote host said: 554 5.7.1 This message has been blocked because the HELO/EHLO domain is invalid. Giving up on *.*.*.* does this mean the recipient sis blocking our emails? Thanks - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Blackberry
Perhaps z-push would be a possible solution? I installed z-push on my box. It will allow for push-mail if you treat it as an Exchange account. (Will also work with iPhones). Some useful information: http://www.hoshuha.com/blog/dovecot-and-iphone-push.html This information assumes that you use dovecot, though. Since I had replaced courier with dovecot anyway, it was no real issue for me. Generic information / Download of source code is here: https://developer.berlios.de/project/showfiles.php?group_id=8963 Cheers, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 01.12.2010 um 17:45 schrieb Emmanuel Buamah: So how can I make qmailtoaster push the mails to blackberry? --- On Wed, 12/1/10, Carlos Herrera Polo carlos.herrerap...@gmail.com wrote: From: Carlos Herrera Polo carlos.herrerap...@gmail.com Subject: Re: [qmailtoaster] Blackberry To: qmailtoaster-list@qmailtoaster.com Date: Wednesday, December 1, 2010, 2:15 AM Blackberry BIS download the mails from qmailtoaster by pop3 or imap4. 2010/12/1 Emmanuel Buamah wasa...@yahoo.com Hi, I can receive and send email on my blackberry alright. But I want to know if it is blackberry that is downloading the mails from qmailtoaster or qmailtoaster is pushing it. In case qmailtoaster is not pushing it, how can I make it push the mails to the blackberry rather than blackberry downloading it? Cheers Emmauel - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] max recipients
Hi Tony, check your tcp.smtp file and see if it has a value for chkuser... CHKUSER_RCPTLIMIT=50 Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 27.11.2010 um 06:31 schrieb Tony White: Hi folks, I am a little confused! I have set the spamdyke max recipients to 50 but emails are stopped at 10! Is there somewhere else I need to make a change please? -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: POP3 Authentication on CentOS 5.5 64Bit
Kevin, you are confusing me here: the Ports you mention are not pop3, but smtp. can you clarify? Martin Von meinem iPhone gesendet Am 18.11.2010 um 09:00 schrieb Kevin Qiu kevin_...@foxitsoftware.com: Hello Erik, I had built the version 5.4.32 of vpopmail, and upgraded it. It has same errors with pop3. I don't know how to fix them. I'd like to work on 64bit Linux. But it doesn't work well. There are some errors below. telnet localhost 587 @40004ce4d4cb1b7f67e4 tcpserver: ok 18614 mail.foxitsoftware.com:127.0.0.1:587 :127.0.0.1::52021 @40004ce4d4cb1b962c04 /var/qmail/bin/qmail-smtpd: error while loading shared libraries: libselinux.so.1: failed to map segment from shared object: Cannot allocate memory cat /var/qmail/supervise/submission/run |grep softlimit exec /usr/bin/softlimit -m 4800 \ It looks same error when telnet localhost 465, but 25 work fine. @40004ce4c31b390f4eb4 tcpserver: ok 17788 mail.foxitsoftware.com:127.0.0.1:465 :127.0.0.1::36508 @40004ce4c31b3918fb44 /var/qmail/bin/qmail-smtpd: error while loading shared libraries: libmysqlclient.so.16: failed to map segment from shared object: Cannot allocate memory cat /var/qmail/supervise/smtp-ssl/run |grep softlimit exec /usr/bin/softlimit -m 6400 \ free -m total used free sharedbuffers cached Mem: 7997 1409 6587 0 47824 -/+ buffers/cache:537 7459 Swap:10239 0 10239 When I use mail client to connect pop3, there is an error. It can not be found in the logs. /home/vpopmail/bin/vchkpw:error while loading shared libraries:libselinux.so.1:failed to map segment from shared object: cannot allocate memory The others ports (25, 143, 993, 995) look well. I can send and receive email. Kevin 于 2010年11月18日 14:16, Kevin Qiu 写道: Hello Erik, I'd like try the new package. The old version doesn't work under 64bit Linux. Where could I download it? Kevin 于 2010年11月12日 18:58, Eric Shubert 写道: TTBOMK the plan is presently to jump to vpopmail 5.5 with QMTv2. Going from 5.4.32 from 5.4.17 would be nice. It involves a database change, which qtp-convert is already able to handle. I believe that Jake's too busy to take this on. If someone would like to update the spec file and package an SRPM, I expect that Jake would entertain putting it up on the site if/when people have tested it out. Anyone care to take this on? - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: POP3 Authentication on CentOS 5.5 64Bit
Ps: did you use the 64bit specific packages to install the toaster? Von meinem iPhone gesendet Am 18.11.2010 um 09:00 schrieb Kevin Qiu kevin_...@foxitsoftware.com: Hello Erik, I had built the version 5.4.32 of vpopmail, and upgraded it. It has same errors with pop3. I don't know how to fix them. I'd like to work on 64bit Linux. But it doesn't work well. There are some errors below. telnet localhost 587 @40004ce4d4cb1b7f67e4 tcpserver: ok 18614 mail.foxitsoftware.com:127.0.0.1:587 :127.0.0.1::52021 @40004ce4d4cb1b962c04 /var/qmail/bin/qmail-smtpd: error while loading shared libraries: libselinux.so.1: failed to map segment from shared object: Cannot allocate memory cat /var/qmail/supervise/submission/run |grep softlimit exec /usr/bin/softlimit -m 4800 \ It looks same error when telnet localhost 465, but 25 work fine. @40004ce4c31b390f4eb4 tcpserver: ok 17788 mail.foxitsoftware.com:127.0.0.1:465 :127.0.0.1::36508 @40004ce4c31b3918fb44 /var/qmail/bin/qmail-smtpd: error while loading shared libraries: libmysqlclient.so.16: failed to map segment from shared object: Cannot allocate memory cat /var/qmail/supervise/smtp-ssl/run |grep softlimit exec /usr/bin/softlimit -m 6400 \ free -m total used free sharedbuffers cached Mem: 7997 1409 6587 0 47824 -/+ buffers/cache:537 7459 Swap:10239 0 10239 When I use mail client to connect pop3, there is an error. It can not be found in the logs. /home/vpopmail/bin/vchkpw:error while loading shared libraries:libselinux.so.1:failed to map segment from shared object: cannot allocate memory The others ports (25, 143, 993, 995) look well. I can send and receive email. Kevin 于 2010年11月18日 14:16, Kevin Qiu 写道: Hello Erik, I'd like try the new package. The old version doesn't work under 64bit Linux. Where could I download it? Kevin 于 2010年11月12日 18:58, Eric Shubert 写道: TTBOMK the plan is presently to jump to vpopmail 5.5 with QMTv2. Going from 5.4.32 from 5.4.17 would be nice. It involves a database change, which qtp-convert is already able to handle. I believe that Jake's too busy to take this on. If someone would like to update the spec file and package an SRPM, I expect that Jake would entertain putting it up on the site if/when people have tested it out. Anyone care to take this on? - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
SPF and domainkeys can be used to do this. The policy for SPF could be set to designating only your ip as valid and the skim/domainkeys policy be set to 'all messages are signed'. That should guarantee that your server will correctly identify these mails as forgery. However, check your rules in tcp.smtp - if one of your clients spams due to virus etc., that might bypass all protections depending on the settings... Von meinem iPhone gesendet Am 16.11.2010 um 04:43 schrieb Tony White t...@ycs.com.au: Hello, Is there a way of verifying the From address that claims to be from one of the domains hosted here is a valid email address? There has been an increase of spam using one or more the domains hosted on my servers. I am still searching the web but no searches found yet! -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients
What's the SPF record say? It should list the IPs and some options... Von meinem iPhone gesendet Am 16.11.2010 um 07:26 schrieb Tony White t...@ycs.com.au: Hello Martin, Thank you for your reply! I will investigate domainkeys now but the SPF has been implemented for some time now... On 16/11/2010 5:11 PM, Martin Waschbüsch wrote: SPF and domainkeys can be used to do this. The policy for SPF could be set to designating only your ip as valid and the skim/domainkeys policy be set to 'all messages are signed'. That should guarantee that your server will correctly identify these mails as forgery. However, check your rules in tcp.smtp - if one of your clients spams due to virus etc., that might bypass all protections depending on the settings... Von meinem iPhone gesendet Am 16.11.2010 um 04:43 schrieb Tony Whitet...@ycs.com.au: Hello, Is there a way of verifying the From address that claims to be from one of the domains hosted here is a valid email address? There has been an increase of spam using one or more the domains hosted on my servers. I am still searching the web but no searches found yet! -- best wishes Tony White - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- best wishes Tony White Yea Computing Services http://www.ycs.com.au 4 The Crescent Yea Victoria Australia 3717 Telephone No's VIC : 03 5797 3344 VIC : 03 9008 5614 TAS : 03 6107 9099 NT : 08 8921 4049 SA : 08 7123 0847 NSW : 02 8014 5547 QLD : 07 3123 6647 WA : 08 6365 2199 FAX : 03 9008 5610 (FAX2Email) FAX : 03 5797-3288 IMPORTANT NOTICE This communication including any file attachments is intended solely for the use of the individual or entity to whom it is addressed. If you are not the intended recipient, or the person responsible for delivering this communication to the intended recipient, please immediately notify the sender by email and delete the original transmission and its contents. Any unauthorised use, dissemination, forwarding, printing or copying of this communication including file attachments is prohibited. It is your responsibility to scan this communication including any file attachments for viruses and other defects. To the extent permitted by law, Yea Computing Services and its associates will not be liable for any loss or damage arising in any way from this communication including any file attachments. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Please tell me how to accomplish these features
Hi Randy, To my knowledge, there is currently no straightforward way to adjust thresholds on a per user (or even per domain) basis. Maybe recent/future versions of simscan have that? I don't know. On the bright side: It is very easy to adjust the score above which simscan will throw mail away: In '/var/qmail/control/simcontrol' you might have a line in there that looks roughly like this: :clam=yes,spam=yes,attach=.mp3:.src:.bat:.pif just modify it to read something like this: :clam=yes,spam=yes,spam_hits=8,attach=.mp3:.src:.bat:.pif The number after spam_hits is the threshold for throwing away mail. After editing that file, you would have to run qmailctl cdb to bring the changes over to the simcontrol.cdb file. Cheers, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 31.10.2010 um 03:59 schrieb Randy Katz: Hi, I am sorry if these are on the list but I cannot find the latest and good instructions. I want to know how to do the following: 1. Automatically delete spam that is over a certain threshold as it comes into the server. 2. Set per user thresholds. Thank you in advance, Randy Katz - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Please tell me how to accomplish these features
Actually, I was wrong: According to http://www.qmailwiki.org/Simscan/Guide you can set per domain and per email address settings in the simcontrol file. However, it requires recompiling simscan. But we seem to already be using the latest simscan version (1.4.0) in QMT. Thanks, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 31.10.2010 um 03:59 schrieb Randy Katz: Hi, I am sorry if these are on the list but I cannot find the latest and good instructions. I want to know how to do the following: 1. Automatically delete spam that is over a certain threshold as it comes into the server. 2. Set per user thresholds. Thank you in advance, Randy Katz - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: qtp-newmodel failure
Hi, Do you have the fuse utilities installed? yum install fuse Perhaps that's what you're missing... Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 28.10.2010 um 10:34 schrieb Maxwell Smart: I have a fresh install of the QMTISO with yum updates completed and qtp installed. I tried to update the toaster using the newmodel and got this error. Would you like a unionfs/overlay sandbox? (recommended) [y]/n: Using FUSE union filesystem ... qtp-mount-sandbox v0.3.3 qtp-mount-sandbox - updating dependencies ... Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * addons: mirror.san.fastserv.com * base: centos.promopeddler.com * extras: mirror.hmc.edu * rpmforge: apt.sw.be * updates: mirrors.cat.pdx.edu Setting up Update Process No Packages marked for Update fuse: device not found, try 'modprobe fuse' first FATAL: Module fuse not found. fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first mount: mount point /mnt/qtp-sandbox/var/lib/rpm does not exist cp: target `/mnt/qtp-sandbox/var/lib/rpm' is not a directory qtp-mount-sandbox: sandbox was not mounted successfully qtp-newmodel - qtp-mount-sandbox failed, exiting # modprobe fuse FATAL: Module fuse not found. -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: smtp greeting banner frustration
Hi Eric, Please don't take this the wrong way but we appear to be talking at cross purposes. You reference the EHLO string which is of course the outbound string, used to identify a server to the recipient host. I am referring to the SMTP Greeting String used to identify the local Receiving sever to the remotely connecting sending server. It is also called the SMTP Banner depending upon the tech used. The EHLO String, in operational terms, has to be both correctly authorised for the sending domain (present in SPF and/or listed as an MX server) and reverse resolvable to the same FQDN. I agree that this is not in the RFCs but it is certainly affecting sending reputation when this is not the case. Therefore the sending 'servers' for a given domain, if they are themselves within that domain, in practical terms, must forward and reverse resolve mirroring each other and offer both the correct banner greeting EHLO and SMTP Greeting in order to be considered complete within the domain space itself. See, that is what I don't understand. Imagine you have three domains, domain1/2/3.tld. all of them could have an MX entry like this: IN MX 10 server.yetanotherdomain.org and that would be 100% correct and compliant with the RFCs. You can then add the IP of that server to those domains SPF record, add domainkeys and whatnot. IF any receiving mail server has a problem with server.yetanotherdomain.org sending in the name of either of your three domains, then I would argue that that receiving mail server does not conform to the RFCs in question. Granted, if, for any reason, someone explicitly wants that sort of setup where the MX for domain1.tld is of that domain, then that is a different story. But that is just a (valid) subset of the more generic (also 100% valid) way this can be implemented. So, I guess it really comes down to a decision of: Do you want to comply with the, let's say not really necessary, but of course valid request of your clients or do you fall back on the more generic way the RFCs specify how mail works? Or in other words: To my knowledge, there is nothing in the RFCs that prevents you from doing what I described above. Of course, it's still your choice. Martin - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmail security questions
Hi there, As to the first question, qmailadmin allows for that. It is included with qmailtoaster and allows people to set various settings such as autorespond, forwarding, password, etc. People log in using their email (split in local part and domain part) email password. As to the second, I am unsure. I know that for instance dovecot v2.x (not part of QMT) is able to store all mails in compressed format, so it is conceivable it could also use encryption. But let me ask: to what end? Somewhere on the server the password must be stored in order for the mail server to be able to de/encrypt the mail? But of course, you could use e.g. filesystem encryption. E.g. when installing CentOS, you have an option to do so. Or, you could probably move /home/vpopmail/domains to an encrypted filesystem. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 15.10.2010 um 09:53 schrieb Digital Instruments: Greetings List, I have 2 questions i couldn't find a reply, may you please help me? 1) I'd like to know if it's possible for the users of a domain change their e-mail password (and if yes, how). 2) Is it possible to crypt (and encrypt) all the e-mail on the server? (and if yes, how) Thanks in advance Cheers, Alberto. Nessun virus nel messaggio in uscita. Controllato da AVG - www.avg.com Versione: 9.0.862 / Database dei virus: 271.1.1/3197 - Data di rilascio: 10/14/10 20:34:00 - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmail logfile archiving
Hi there, the two values are just variables used to do this: The s command is used to specify the maximum size of each file before it gets renamed, and the n command to specify the maximum number of old log files which may exist before they are deleted. For example... multilog t n16 s1048576 ./main This allows each file to grow up to 1MB (1048576 bytes) and allows up to 16 files to exist before the oldest files are deleted. So, the way you currently have it, you could have 'logcount' files of a 'logsize' file size before overwriting old log data, Your main problem is going to be that neither of these values has anything whatsoever to do with timestamps - how far your log reaches into the past totally depends on the amount of data logged. You could try setting logcount to something *really* large, though and then periodically delete all log files older than the desired amount of time logged... like: find /path/to/files* -mtime +30 -delete Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 12.10.2010 um 18:44 schrieb PJF: Hi, I need to keep at least 1 month of all mail logs, everything that logs via: /var/qmail/supervise/*/log I'm hoping I can use something like logrotate to rotate out logfiles, or have the same functionality of rotated out logs... Looking at the log/run files I see it reads some settings for multilog from: LOGSIZE=`cat /var/qmail/control/logsize` LOGCOUNT=`cat /var/qmail/control/logcount` Should I just up the logsize? I've got plenty of disk space. I'm going over the miltilog man page and it is not obvious to me what the most efficient way of accomplishing this is :) Any suggestions or a point in the right direction would be appreciated. Thanks in advance. -- PJF - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Global Address List in QmailToaster...
Horde supports many backends including LDAP. It is the official web client for the kolab groupware server, btw. But of course it also offers its own calendar and contact list sharing backends (through one of a list of database servers such as oracle, postgresql, mysql, etc.). Also, it offers syncml out of the box, so in connection with e.g. Funambol, you can have tight integration with Outlook. Martin Von meinem iPhone gesendet Am 07.10.2010 um 16:51 schrieb Eric Shubert e...@shubes.net: Bilgehan Poyraz (Telcoset) wrote: Hello everyone, Our customer want to Global Address list in outlook 2010. Can we use LDAP integration with Qmailtoaster? Or have you any other ideas for this situation? Bilgehan POYRAZ - Thanks for the question, Bilgehan. This capability has become a higher priority for me as well lately. LDAP can of course be used for many things. As Jake alluded to, LDAP use for account management (in place of MySQL) is not presently implemented. I hope that with vpopmail 5.5, an LDAP back end will be an option. We'll have to wait and see how that goes. The OpenLDAP authentication module for vpopmail v5.5 is nearing completion according to the developer, as of last Friday. I hope to help test it when it becomes available. Any other testers will be welcomed I'm sure. Regarding using LDAP for address books (contact information), that's another matter (different data being stored). The only intersection of this with QMT would be with Client apps, which is presently just squirrelmail-toaster. I don't know about an LDAP address book for SM, but I expect there probably is a SM addon for that. Does anyone here know know about how SM implements such a thing? Are there any Horde users here that are familiar with how Horde implements global/shared address books? AFA a Global Address list for Outlook is concerned, that would be outside of QMT's scope. However, I would very much like to see a Global Address Book package (based on OpenLDAP) which could be used with any number of client programs. Sort of an Address Book Server package. Perhaps this could be released as part of QTP. Ideas? -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Problem using qtp-newmodel on fedora 11
Actually, I wonder about that one: Both the patch and the source tarball come in the SRPM, so why would the patch command behave differently on this setup? What is the content of the clamd.conf.rej file? E.g. you should find that in e.g. BUILD/clamav-0.96.3/etc/ the BUILD dir, according to your output, is in /root/rpmbuild/ Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 06.10.2010 um 18:38 schrieb Eric Shubert: petrus wrote: qtp-whatami returns qtp-whatami v0.3.6 DISTRO=Fedora OSVER=11 QTARCH=i686 QTKERN=2.6.30.10-105.2.23.fc11.i586 BUILD_DIST=fedora_11 BUILD_DIR=/root/rpmbuild This machine's OS is supported and has been tested so using fedora_11, still produces the same error. Patch #0 (clamav-0.96.0.patch.bz2): + /usr/bin/bzip2 -dc /root/rpmbuild/SOURCES/clamav-0.96.0.patch.bz2 + /usr/bin/patch -s -p1 --fuzz=0 1 out of 8 hunks FAILED -- saving rejects to file etc/clamd.conf.rej error: Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep) So we need to find out why that patch is failing on fedora. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Problem using qtp-newmodel on fedora 11
Something weird is going on. When I try the following: cd SOURCES tar xjvf clamav-0.96.3.tar.bz2 bunzip2 clamav-0.96.0.patch.bz2 cd clamav-0.96.3 patch -p1 ../clamav-0.96.0.patch I get some warnings about offsets / fuzz, but it is alright. Now, if I use the command options that show up for you (forcing fuzz to be 0): /usr/bin/patch -s -p1 --fuzz=0 ../clamav-0.96.0.patch I get the same error message. Then I wondered why on Centos, it does not use these options and searched fro them in the SOURCE folder: grep -R -l -i 'fuzz=0' * No file contains that. Now, this looks like there is some ENV variable set on your system that adds parameters to patch by default that does not exist on other systems. After some google, I found that indeed 'fuzz=0' is indeed part of the default rpmbuild environment on Fedora. Now, there are two possible solutions for it, we could re-base the patch (e.g. make sure no fuzz occurs) and repackage the thing, OR you could try adding %define _default_patch_fuzz 2 to the spec file and see if that helps! I'll work on the no-fuzz package in the meantime - perhaps Jake can put that on the server... Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 06.10.2010 um 19:12 schrieb petrus: The contents off clamd.conf.rej --- etc/clamd.conf 2010-03-31 08:17:12.0 -0400 +++ etc/clamd.conf 2010-04-09 01:34:54.0 -0400 @@ -49,7 +49,7 @@ # Enable verbose logging. # Default: no -#LogVerbose yes +LogVerbose yes # This option allows you to save a process identifier of the listening # daemon (main thread). On Wed, Oct 6, 2010 at 6:38 PM, Eric Shubert e...@shubes.net wrote: petrus wrote: qtp-whatami returns qtp-whatami v0.3.6 DISTRO=Fedora OSVER=11 QTARCH=i686 QTKERN=2.6.30.10-105.2.23.fc11.i586 BUILD_DIST=fedora_11 BUILD_DIR=/root/rpmbuild This machine's OS is supported and has been tested so using fedora_11, still produces the same error. Patch #0 (clamav-0.96.0.patch.bz2): + /usr/bin/bzip2 -dc /root/rpmbuild/SOURCES/clamav-0.96.0.patch.bz2 + /usr/bin/patch -s -p1 --fuzz=0 1 out of 8 hunks FAILED -- saving rejects to file etc/clamd.conf.rej error: Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep) So we need to find out why that patch is failing on fedora. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Problem using qtp-newmodel on fedora 11
OK, Please give this one a try: http://martin.waschbuesch.de/clamav-toaster-0.96.3-1.3.38.src.rpm Cheers, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 06.10.2010 um 19:57 schrieb Martin Waschbüsch: Something weird is going on. When I try the following: cd SOURCES tar xjvf clamav-0.96.3.tar.bz2 bunzip2 clamav-0.96.0.patch.bz2 cd clamav-0.96.3 patch -p1 ../clamav-0.96.0.patch I get some warnings about offsets / fuzz, but it is alright. Now, if I use the command options that show up for you (forcing fuzz to be 0): /usr/bin/patch -s -p1 --fuzz=0 ../clamav-0.96.0.patch I get the same error message. Then I wondered why on Centos, it does not use these options and searched fro them in the SOURCE folder: grep -R -l -i 'fuzz=0' * No file contains that. Now, this looks like there is some ENV variable set on your system that adds parameters to patch by default that does not exist on other systems. After some google, I found that indeed 'fuzz=0' is indeed part of the default rpmbuild environment on Fedora. Now, there are two possible solutions for it, we could re-base the patch (e.g. make sure no fuzz occurs) and repackage the thing, OR you could try adding %define _default_patch_fuzz 2 to the spec file and see if that helps! I'll work on the no-fuzz package in the meantime - perhaps Jake can put that on the server... Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 06.10.2010 um 19:12 schrieb petrus: The contents off clamd.conf.rej --- etc/clamd.conf 2010-03-31 08:17:12.0 -0400 +++ etc/clamd.conf 2010-04-09 01:34:54.0 -0400 @@ -49,7 +49,7 @@ # Enable verbose logging. # Default: no -#LogVerbose yes +LogVerbose yes # This option allows you to save a process identifier of the listening # daemon (main thread). On Wed, Oct 6, 2010 at 6:38 PM, Eric Shubert e...@shubes.net wrote: petrus wrote: qtp-whatami returns qtp-whatami v0.3.6 DISTRO=Fedora OSVER=11 QTARCH=i686 QTKERN=2.6.30.10-105.2.23.fc11.i586 BUILD_DIST=fedora_11 BUILD_DIR=/root/rpmbuild This machine's OS is supported and has been tested so using fedora_11, still produces the same error. Patch #0 (clamav-0.96.0.patch.bz2): + /usr/bin/bzip2 -dc /root/rpmbuild/SOURCES/clamav-0.96.0.patch.bz2 + /usr/bin/patch -s -p1 --fuzz=0 1 out of 8 hunks FAILED -- saving rejects to file etc/clamd.conf.rej error: Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep) So we need to find out why that patch is failing on fedora. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Problem using qtp-newmodel on fedora 11
Hi Eric, The way I see it, this happened: Jake created the updated package using the same patch he had used for the original 0.96 build. It is still valid, but the conf file to patch changed slightly, so the patch hunks have some offset. Now, for some reason, Fedora's build system enforces patch to run with fuzz=0, which causes this to break. All I did was expand the current clamav package, apply the patch without the fuzzy option and created a new patch by using 'diff -Naur' just like the original patch from Jake's package. The only thing that changed is line numbers in the .patch file. The content is otherwise identical. So, yes, it is 100% compatible, it works for all distros and I guess re-creating the patch in this way should always be done to keep these problems from appearing. However, it does mean one or two more steps for the packager and, unless you use a system that enforces fuzzy=0, you'd not ever notice it in the first place. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 06.10.2010 um 22:14 schrieb Eric Shubert: Next question is, does it work with other distros? (Is it backwards compatible?) Is there one setting that that works for all, or does this need to be a per-distro setting? -- -Eric 'shubes' Martin Waschbüsch wrote: Any Time! :-) Von meinem iPhone gesendet Am 06.10.2010 um 21:34 schrieb petrus petr...@gmail.com mailto:petr...@gmail.com: 2010/10/6 Martin Waschbüsch mailto:mar...@waschbuesch.demar...@waschbuesch.de mailto:mar...@waschbuesch.de OK, Please give this one a try: http://martin.waschbuesch.de/clamav-toaster-0.96.3-1.3.38.src.rpmhttp://martin.waschbuesch.de/clamav-toaster-0.96.3-1.3.38.src.rpm Cheers, Yes this works. Thank you! /p - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Traffic monitor / accounting for QMT
Hi all, I was sort of fed up with not having a nice way to do traffic monitoring and accounting on my QMT installation - so I wrote my own. ;-) If you're interested, have a look at it here: http://martin.waschbuesch.de/qtp-traffic-monitor.tar.bz2 There are two components: a script that will gather daily statistics (always for yesterday) and write them into a mysql database and a report-generator that takes arguments such as start date, end date, domain (or list of domains) to generate a report. Reported information include: traffic for MUA (IMAP/POP3), MTA (qmail) and Web (apache) as well as mail web quota. It is tailored to the way I place apache log files for vhosts and also, I use dovecot rather than courier, but it should not be hard to adapt to your own needs. Code is somewhat documented, but not as extensive as it might be, I guess (then again, what code ever is?) Refer to the README file in the archive for more information. Anyway, comments, feedback, etc. is highly appreciated. Enjoy! Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: Web Mail Interface
Hi all, I have created a preliminary tarball to install horde on a stock toaster. Even takes care of the horde config. http://martin.waschbuesch.de/horde-toaster.tar.bz2 Anyone willing to test and/or contribute by adapting some parts - please let me know. I am working with Eric on making this into a horde-toaster package. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 29.09.2010 um 00:57 schrieb Gilbert T. Gutierrez, Jr.: I have ran through this instruction set and I have to say that it is great. The following additional rpms need to be installed... 1. php-devel 2. php-imap The pecl command needs to be changed to the following,,, pecl install Imagick json LZF geoip If pecl fails like it did for me with ImageMagick you should refer to the following bug... http://pecl.php.net/bugs/bug.php?id=18057 After running the pecl command and answering with defaults you need to add the following 4 lines into the php.ini file. extension=imagick.so extension=geoip.so extension=lzf.so extension=json.so I also found that you have to add the user to the database server, I thought it would do it when I adjusted the sql script with my prefered password, but I was wrong. In some of my searches on the web to fill in holes in my knowledge, I found the following security settings are recommended... Security configuration Secure config files: chown apache:root -R /var/www/html/horde/config chown apache:root -R /var/www/html/horde/*/config chmod -R go-rwx /var/www/html/horde/config chmod -R go-rwx /var/www/html/horde/*/config Secure scripts: chown -R root:root /var/www/html/horde/scripts chown -R root:root /var/www/html/horde/*/scripts chmod -R go-rwx /var/www/html/horde/scripts chmod -R go-rwx /var/www/html/horde/*/scripts Secure test.php: chmod a-rwx /var/www/html/horde/test.php chmod a-rwx /var/www/html/horde/*/test.php Thanks for the help list. Gilbert - Original Message - From: Scott Hughes To: qmailtoaster-list@qmailtoaster.com Sent: Monday, September 27, 2010 5:42 PM Subject: Re: [qmailtoaster] Re: Web Mail Interface On 9/27/10 3:29 PM, Eric Shubert wrote: Gilbert T. Gutierrez, Jr. wrote: I need a good web interface for my Qmail Toaster. I know it has been discussed on this list many times before, but I have to ask. I would like a nice Commercial looking interface to direct my customers to, what would the group suggest? I do not care if it is a squirelmail skin that I have to pay for or some other completely different application. Thank you, Gilbert T. Gutierrez, Jr. - I presume you mean a mail client application, not an administrative one. There will be a Horde webmail package available for QMT at some point in the not too distant future, I expect by the end of the year. Egroupware also has a nice webmail app (from what I've heard). There are also skins for squirrelmail, some of which would require you to use their package instead of squirrelmail-toaster, which only means that you might have a little configuration to do with it. The squirrelmail configuration isn't difficult. Basically, any web app that's imap/smtp compatible should work just fine. Take your pick. I couldn't locate the Horde install guide on the wiki site, but here is Anil's guide that should take care of you! Horde Configuration Guide: (Assuming you are using Centos 5 or RHEL 5 distro but horde installation steps will remain same in all linux distros) Step 1: Download horde tar file into any downloads folder wget ftp://ftp.horde.org/pub/horde-webmail/horde-webmail-latest.tar.gz go to the www root folder. # cd /var/www/html # tar -zxvf /path to you horde download folder/horde-webmail-latest.tar.gz # mv horde-webmail-1.2.6 horde # cd horde Install Required PHP modules: # yum -y install GeoIP geoip-devel gd ImageMagick ImageMagick-devel ImageMagick-perl # yum -y install php-mbstring php-gettext php-gd php-xml php-mcrypt php-pecl-Fileinfo # pecl install Imagic json LZF geoip edit /etc/httpd/conf/httpd.conf and add the following: Directory /var/www/html/horde Options Includes SymLinksIfOwnerMatch AllowOverride All Order allow,deny Allow from all AcceptPathInfo On php_flag track_vars On #php_admin_value memory_limit 384M php_admin_value post_max_size 20M /Directory # service httpd restart http://your-server-ip/horde/test.php check if all required php modules are installed Step 2. Step 2: Now Configure Horde: # cd /var/www/html/horde Before executing the setup.php script we need to change the default password for user horde in the sql script for horde database
[qmailtoaster] qmail logs
Hi all, I was looking into isoqlog and noticed that it does not (for me) generate accurate stats. But that is not what interests me right now. This is: Trying to analyze the log file (/var/log/qmail/send/current) to follow what's going on, I realized something that seems totally whacko to me: a usual line announcing the processing of a new mail coming into the queue (regardless of whether it will be sent locally or remotely) looks like this: @40004c9f086f31f0149c new msg 6744317 As far as I know, the number after 'msg' is supposed to be used to identify that message so that you can follow up on it in the logs. I might be wrong, though. And I hope I am, because this is an excerpt of my log file: @40004c9f086f31f01884 info msg 6744317: bytes 23947 from finder_itnu614...@members.ebay.de qp 1 uid 89 @40004c9f086f333ceba4 starting delivery 188: msg 6744317 to local waschbuesch.de-jo...@waschbuesch.de @40004c9f086f333cf374 status: local 1/10 remote 0/60 @40004c9f086f36b9be24 delivery 188: success: did_0+0+1/ @40004c9f086f36b9c20c status: local 0/10 remote 0/60 @40004c9f086f36b9c5f4 end msg 6744317 @40004c9f08a328fa41dc new msg 6744317 @40004c9f08a328fa45c4 info msg 6744317: bytes 5700 from d...@daniel-dietzfelbinger.de qp 20026 uid 89 @40004c9f08a32a50cd44 starting delivery 189: msg 6744317 to local waschbuesch.de-andr...@waschbuesch.de @40004c9f08a32a50d514 status: local 1/10 remote 0/60 @40004c9f08a32db295e4 delivery 189: success: did_0+0+1/ @40004c9f08a32db299cc status: local 0/10 remote 0/60 @40004c9f08a32db29db4 end msg 6744317 The same msg id is used twice in a row. Have I misunderstood how the send log works, or is this really as weird as I believe it to be? Thanks, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: qmail logs
Thanks for the explanation! -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 28.09.2010 um 20:29 schrieb Tonix (Antonio Nati): Il 28/09/2010 20:24, Eric Shubert ha scritto: Martin Waschbüsch wrote: Hi all, I was looking into isoqlog and noticed that it does not (for me) generate accurate stats. But that is not what interests me right now. This is: Trying to analyze the log file (/var/log/qmail/send/current) to follow what's going on, I realized something that seems totally whacko to me: a usual line announcing the processing of a new mail coming into the queue (regardless of whether it will be sent locally or remotely) looks like this: @40004c9f086f31f0149c new msg 6744317 As far as I know, the number after 'msg' is supposed to be used to identify that message so that you can follow up on it in the logs. I might be wrong, though. And I hope I am, because this is an excerpt of my log file: @40004c9f086f31f01884 info msg 6744317: bytes 23947 from finder_itnu614...@members.ebay.de qp 1 uid 89 @40004c9f086f333ceba4 starting delivery 188: msg 6744317 to local waschbuesch.de-jo...@waschbuesch.de @40004c9f086f333cf374 status: local 1/10 remote 0/60 @40004c9f086f36b9be24 delivery 188: success: did_0+0+1/ @40004c9f086f36b9c20c status: local 0/10 remote 0/60 @40004c9f086f36b9c5f4 end msg 6744317 @40004c9f08a328fa41dc new msg 6744317 @40004c9f08a328fa45c4 info msg 6744317: bytes 5700 from d...@daniel-dietzfelbinger.de qp 20026 uid 89 @40004c9f08a32a50cd44 starting delivery 189: msg 6744317 to local waschbuesch.de-andr...@waschbuesch.de @40004c9f08a32a50d514 status: local 1/10 remote 0/60 @40004c9f08a32db295e4 delivery 189: success: did_0+0+1/ @40004c9f08a32db299cc status: local 0/10 remote 0/60 @40004c9f08a32db29db4 end msg 6744317 The same msg id is used twice in a row. Have I misunderstood how the send log works, or is this really as weird as I believe it to be? Thanks, Martin - I see several numbers being used repeatedly, but never more than one at a time. I expect this is normal. You might have a look at the qmail-send.c source to see what the value actually represents. Might be an inode number? qmail follows a crazy way of logging. each message number comes from the inode number of message file, so the same number is used for several messages in different times (sometimes seconds of difference). So, message number is useless for serious logs. The same applies to delivery number. Regards, Tonino -- in...@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] spamhaus news...
They're starting a whitelisting service - might be interesting... Details: http://www.spamhaus.org/news.lasso?article=662 Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Toaster on Debian
Hi there, I am new to the list and looking for hints and tips to install this toaster on Debian? Also, I am no programmer, but still willing to help. (be it testing or translating, etc.) Can anyone give me pointers where to start? I saw that some people obviously have done some work creating .deb packages? Thanks for your help! Martin -- The nice thing about being a celebrity is that when you bore people, they think it's their fault. Henry Kissinger - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Toaster on Debian
Thanks everyone for your answers. In fact, the last toaster I installed was Bill Shupp's outline, but I had trouble updating some of the portions to current versions - most notably clamav, simscan and spamassassin, so I started to look around for other approaches. Martin -- However beautiful the strategy, you should occasionally look at the results. Winston Churchill Am 02.10.2008 um 21:29 schrieb Jake Vickers: Martin Waschbüsch wrote: Hi there, I am new to the list and looking for hints and tips to install this toaster on Debian? Also, I am no programmer, but still willing to help. (be it testing or translating, etc.) Can anyone give me pointers where to start? I saw that some people obviously have done some work creating .deb packages? Thanks for your help! Lucian did port the packages over to Debian, but I do not know what the status is. Erik (the current maintainer) has stated that Qmailtoaster is only supported on CentOS at this point so unless Lucian has gotten the packages all ported over or you want to learn programming you'll be out of luck at this point. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
