Re: [qmailtoaster] clamav 0.97.4 & simscan-toaster-1.4.0-1.4.0

[Martin Waschbüsch]

Hi Danny,

Am 28.03.2012 um 23:49 schrieb Danny Terweij | LxCenter:

>>> So a lot need to be resolved before it builds like it should.
>> 
>> "like it should" is subjective. It still builds the same as it always has, 
>> unless I'm missing something here.
>> 
> 
> We could get no new data if there was not a successfull remake of a Makefile. 
> That means it uses a old Makefile. It could work  but it can also give 
> problems.
> Before i ever release a new RPM to the public or testing persons, it has to 
> be free of any kind of errors. Also it is a good point to always follow some 
> rules like SPEC rules. Even if it is a minor change, you can always refactor 
> the SPEC file a bit.
> It is a kind of a odd thought that you say "still builds the same as always" 
> .. it can go very wrong at some day that you push a new rpm to the public and 
> odd things going to happen.

"still builds the same as always" refers to the fact that you can follow the 
wiki article on how to install a new toaster on CentOS 5.x from scratch and it 
will work.
I took the time to test that on a VM because I was curious if anything had 
changed since the last time I checked.

>> While I agree that QMT package dependencies are a bit of a mess and too 
>> tightly coupled, we're not aiming to fix that up quite yet. Simscan in 
>> particular might eventually be replaced with amavis-new, so at this time we 
>> won't be doing any more with it than getting it as up to date as possible.
> 
> I think i go stop distributing toaster packages to our community. To much 
> changes in the future and bad/poor written SPEC files.

I appreciate the criticism and I think we're all aware that, as Eric put it, 
the dependencies are indeed a bit messy.
However, if you are able to discern what is wrong with the spec files, why 
don't you contribute to the project and submit n updated version?
I am sure everyone would appreciate the help.

>> Thanks for your patience and understanding (and participation).
>> 
> 
> No problem, but the patience is out of stock. Its better for our community 
> that we split here and maintain our own qmail and related packages.
> I saw a whole new djbdns at githib pushed 3 days ago. Much promising and 
> finaly someone refactored it during the last 3 years. I bet the same happens 
> with qmail and other old packages, at some day.  New life in kind of (good) 
> old software.

I don't really get where you're coming from, here.
Let me state a couple of facts first:

- QMT is a group effort.
- Participation and contributions are always welcome!
- No one here is being paid to work on QMT (although QMT enables some of us to 
make money).
- We have way more things that need fixing than people with time and knowledge 
to do so.

In short: QMT is not a commercial product you bought and can now 'demand' 
support for, but rather an open source community effort that is open for 
everyone to help make things better.
So why talk about splitting / forking when all that seems missing is your 
contribution?

Best,

Martin

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] clamav 0.97.4

[Martin Waschbüsch]

Am 25.03.2012 um 05:55 schrieb Eric Shubert:

> I've been running several days as well, with no problems. If I don't hear of 
> any problems, I'll promote it to production in a few days.

Same here. It works very well, indeed. ;-)

Martin

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] qtp-backup - ezmlm lists??

[Martin Waschbüsch]

Am 13.03.2012 um 13:24 schrieb Eric Shubert:

> It doesn't appear to me that qtp-backup/qtp-restore handles ezmlm lists. Does 
> anyone know where ezmlm stuff resides??
> 
> (FWIW, I expect that we'll be using this to migrate the qmailtoaster lists 
> soon)

Hi Eric,

ezmlm stuff will appear as an individual user folder within the domain. The 
folder has the name of the mailing list and all relevant content will be stored 
in special subfolders.

So, backing up all domains will also backup ezmlm!

Martin

PS: a ezmlm mailing list folder could look like this:

drwx-- 3 vpopmail vchkpw 4096 Jan  7  2011 allow
drwx-- 2 vpopmail vchkpw 4096 Jan  7  2011 archive
-rw--- 1 vpopmail vchkpw0 Jan  7  2011 archived
drwx-- 2 vpopmail vchkpw 4096 Jan  7  2011 bounce
-rw--- 1 vpopmail vchkpw   96 Jan  7  2011 bouncer
-rw--- 1 vpopmail vchkpw  215 Jan  7  2011 config
-rw--- 1 vpopmail vchkpw  519 Jan  7  2011 editor
-rw--- 1 vpopmail vchkpw  236 Jan  7  2011 headeradd
-rw--- 1 vpopmail vchkpw  145 Jan  7  2011 headerremove
-rw--- 1 vpopmail vchkpw0 Jan  7  2011 indexed
-rw--- 1 vpopmail vchkpw   15 Jan  7  2011 inhost
-rw--- 1 vpopmail vchkpw   23 Jan  7  2011 inlocal
-rw--- 1 vpopmail vchkpw  268 Jan  7  2011 key
-rw--- 1 vpopmail vchkpw0 Jan  7  2011 lock
-rw--- 1 vpopmail vchkpw0 Jan  7  2011 lockbounce
-rw--- 1 vpopmail vchkpw  908 Jan  7  2011 Log
-rw--- 1 vpopmail vchkpw   51 Jan  7  2011 mailinglist
-rw--- 1 vpopmail vchkpw  298 Jan  7  2011 manager
drwx-- 6 vpopmail vchkpw 4096 Jan  7  2011 mod
-rw--- 1 vpopmail vchkpw  158 Jan  7  2011 moderator
-rw--- 1 vpopmail vchkpw1 Jan  7  2011 modpost
-rw--- 1 vpopmail vchkpw   15 Jan  7  2011 outhost
-rw--- 1 vpopmail vchkpw9 Jan  7  2011 outlocal
-rw--- 1 vpopmail vchkpw  103 Jan  7  2011 owner
-rw--- 1 vpopmail vchkpw   15 Jan  7  2011 prefix
drwx-- 2 vpopmail vchkpw 4096 Jan  7  2011 subscribers
drwx-- 2 vpopmail vchkpw 4096 Jan  7  2011 text



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] qmailmrtg

[Martin Waschbüsch]

Casey,

Am 03.03.2012 um 02:32 schrieb Casey Price:

> I'm basically just looking for an effective way to improve my spam filtering, 
> and allow different configs for different users/domains without having to 
> restructure my whole system. How are other large hosts or ISPs doing things?
>> Any ISP users out here that have an opinion about this? 
> Casey Price

If you're looking for a per-user spam filter, you might want to consider 
something like this:

http://www.maiamailguard.com/maia/wiki

Although, I guess the best thing would be to separate the filter from the mail 
server and have it act as a security / ant-spam / anti-malware gateway.

Martin

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] qmailmrtg

[Martin Waschbüsch]

Am 02.03.2012 um 22:12 schrieb Casey Price:

> Martin,
> 
> I'm just using the dovecot RPM provided with the instructions on the QMT 
> wiki. What exactly is necessary to get qmailmrtg to work with dovecot?
> 
> Casey Price


This is nowhere near complete, but it gives you a first idea what needs to be 
done.

Please note that the mrtg.conf file (I think for some reason that's contained 
in the .spec in this package), needs to be adapted as well and the c program of 
course. The package here was my first attempt to convert things to dovecot - it 
assumes logs are multilog/daemontools format and located in 
/var/log/qmail/dovecot/
Also, I did not use dovecot for pop3 back then, so that has also not been taken 
care of.

If you give me some more time, I can easily adapt things so it will work with 
dovecot using syslog and in standard dovecot location and perfect the config 
files, etc.

As it is, I'd consider this very much beta.

Martin



qmailmrtg-dovecot-toaster-4.2-1.0.0.src.rpm
Description: Binary data


signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] qmailmrtg

[Martin Waschbüsch]

Am 02.03.2012 um 22:12 schrieb Casey Price:

> Martin,
> 
> I'm just using the dovecot RPM provided with the instructions on the QMT 
> wiki. What exactly is necessary to get qmailmrtg to work with dovecot?
> 
> Casey Price


This is nowhere near complete, but it gives you a first idea what needs to be 
done.

Please note that the mrtg.conf file (I think for some reason that's contained 
in the .spec in this package), needs to be adapted as well and the c program of 
course. The package here was my first attempt to convert things to dovecot - it 
assumes logs are multilog/daemontools format and located in 
/var/log/qmail/dovecot/
Also, I did not use dovecot for pop3 back then, so that has also not been taken 
care of.

If you give me some more time, I can easily adapt things so it will work with 
dovecot using syslog and in standard dovecot location and perfect the config 
files, etc.

As it is, I'd consider this very much beta.

Martin



qmailmrtg-dovecot-toaster-4.2-1.0.0.src.rpm
Description: Binary data


signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] qmailmrtg

[Martin Waschbüsch]

Am 02.03.2012 um 22:12 schrieb Casey Price:

> Martin,
> 
> I'm just using the dovecot RPM provided with the instructions on the QMT 
> wiki. What exactly is necessary to get qmailmrtg to work with dovecot?

qmailmrtg is a c program that scans the log files and creates the mrtg data 
files from it.
It can be called with command line options.
Basically it comes down to adding routines that can be used to scan dovecot log 
files.

Martin

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] qmailmrtg

[Martin Waschbüsch]

Am 02.03.2012 um 08:04 schrieb Casey Price:

> Martin,
> 
> If you want to hook me up with the package, I could help test it out.
> 
> Casey Price

Casey,

it all depends on how you set up dovecot. I had mine done by compiling from 
source and I am using daemontools to run it.
Now, if you run it in a similar environment, it will probably work well. If 
not, I might have to adapt it to properly recognize the log files, etc.

Martin

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] qmailmrtg

[Martin Waschbüsch]

I have a replacement package that I can put out there after some more testing.. 
;-)

Martin

Am 02.03.2012 um 00:47 schrieb Casey Price:

> Just noticed today that my graphs for IMAP & POP3 in qmailmrtg are blank for 
> the past few months, right about the time I switched to dovecot for both POP3 
> & IMAP. Does anyone know of configuration settings that would need to be 
> changed to get the stats to report for dovecot?
> -- 
> Casey Price
> 
> Smile Global Technical Support
> Submit or check trouble tickets http://billing.smileglobal.com
> www.smileglobal.com
> 
> Follow us on Twitter 
> Find us on Facebook



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] patch utility under Fedora 15

[Martin Waschbüsch]

Am 25.02.2012 um 11:46 schrieb qmt:

>  
> Hello all
> I do as your method but  When I built libdomainkeys-toaster-*.src.rpm ,i  got 
> the error as below.
> Can you help?
> My system is frdora15_x64.
>  
> daemontools-toaster-*.src.rpm build pass
> => changes p0 -> p1
> 
> ucspi-tcp-toaster-*.src.rpmbuild pass
> => changes p0 -> p1
> => one patch had to manually specify target
> 
> vpopmail-toaster-*.src.rpm build pass
> => Unsure, think there was one p0 -> p1, but made no notes
> 
> libdomainkeys-toaster-*.src.rpm=> no changes  error
> libsrs2-toaster-*.src.rpm=> no changes   build pass


The rpm build command in Fedora forbids *futzz* (e.g. when a patch could be 
applied, but is e.g. one or two lines off).
This means that the patch for that package needs to be re-created (using diff 
command) against this version. This will eliminate fuzz and everything will 
work ok.

You can do this by installing the source-package, unpacking the source folder, 
making a copy of the source folder applying the patch manually to ONE of the 
folders and then using diff to re-create the patch.

Martin

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] Future Distros - RHEL/CentOS ONLY

[Martin Waschbüsch IT-Dienstleistungen]

You know, Nigel, this whole discussion is not FOR or AGAINST any specific 
distro, but about how to best move the project forward with the resources and 
knowledge we have. Since it is way easier to focus on one distribution when 
about to change things (switch from srpm to rpm, etc.), it just makes sense to 
(initially at least) trim down the number of supported platforms. There are no 
hard feelings (or there should not be any, really) invested in this...

Whatever your trouble compiling the packages, please just ask on the list and 
we'll try to help as best we can. Just be patient as it is no one's full time 
job to support or develop this project.

Best,

Martin

Von meinem iPhone gesendet

Am 20.02.2012 um 04:08 schrieb Nigel Reed :

> You're right, it's probably about time to migrate away from qmailtoaster. 
> Mandriva is very much alive and kicking, thank you very much. 
> 
> The reason a lot of people are not using qmail, I'm sure, is because Mandriva 
> comes with postfix installed and as you've seen by my experience trying to 
> get this damn thing compiled, it's a pain in the ass. There's too many bits 
> to bolt together for most people. A binary packages would be very welcome, 
> I'm sure...As we speak, I'm having trouble getting the latest clamav to 
> compile.
> 
> According to this website, Mandriva is more popular then CentOS. Maybe you 
> just don't hear from from Mandriva people because they actually have a clue. 
> I bet most people running CentOS or Ubuntu are just tinkering around with it.
> 
> http://geektrio.net/?p=1404 
> 
> 
> 
> - Original Message -
> 
> 
> Mandriva is on the ropes, struggling to survive. If you presently have a QMT 
> running on Mandy, I would seriously consider a migration in the near future.
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot 2.0.x trouble

[Martin Waschbüsch]

Hi all,

in case anyone uses dovecot 2.0.16, the errata for the latest (2.0.17) say:

http://dovecot.org/releases/2.0/dovecot-2.0.17.tar.gz
http://dovecot.org/releases/2.0/dovecot-2.0.17.tar.gz.sig


Among other changes:

+ Proxying now supports sending SSL client certificate to server with
  ssl_client_cert/key settings.
+ doveadm dump: Added support for dumping dbox headers/metadata.
- Fixed memory leaks in login processes with SSL connections
- vpopmail support was broken in v2.0.16


Seeing as the last line concerns all of us - please update if you have any 
trouble!

Martin

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] QMT on CentOS 6? Alternatives?

[Martin Waschbüsch]

Am 29.01.2012 um 03:12 schrieb Dan McAllister:

> I successfully run QMT on CentOS 6 (actually, on 4 servers now!) -- and as 
> you note, the toaster-admin (web-based GUI) does not work (the php-generated 
> content does not render).
> 
> The qmail-admin (GUI admin on e-mail accounts) DOES work, and there are some 
> packages that need some tending to to get the compilations right, but its 
> nothing that's not obvious when you look at the error logs during the build 
> cycle.
> 
> I am hoping to get a free weekend in about a week, at which time I am hoping 
> to spend some time in the PHP scripts and see if I can fix what ails them…

Actually, all parts of the guy work if you switch on short php tags in php.ini…

Martin



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] Problem with Clamav-toaster on Centos6

[Martin Waschbüsch]

Hi Amir,

Am 08.01.2012 um 11:20 schrieb Amir Abbasi:

> Hi,
> how are you doing?
> I have a question; Does Qmail-Toaster support IPv6? Generally, I am 
> investigation IPv6 migration for webhosting servers/services, is there any 
> useful link in this regard?

General note: it is best if you ask such questions on the list so that others, 
who might have the same issue, can get that information as well (e.g. by 
searching the list archive).
Anyway, here's my two cents:

there is no support for IPv6 in the current qmailtoaster. This is because qmail 
itself does not support it out of the box. In fact, qmail's author, Dan 
Bernstein is rather critical of the whole IPv6 mess (his words): 
http://cr.yp.to/djbdns/ipv6mess.html

That being said, it is *possible* to modify qmail to use IPv6:
http://www.bltweb.net/qmail/

That is Brandon Turner's site of qmail patches (based on John Simpson's 
combined patch).
These patches can be reworked and applied to 'our' qmail flavor as well - just 
takes some time and a bit of coding knowledge..
Note that you'll have to make uscpi-tcp IPv6 aware, too, if you want to use the 
current qmailtoaster layout.

I do not know if (and if yes, when) qmailtoaster will be IPv6 enables, but now 
at least you have an overview of the situation.

Cheers,

Martin

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] How to update spamassassin

[Martin Waschbüsch]

such a package already exists. Jake had provided one on the development list.

You can download it here:

http://qmailtoaster.com/testing/spamassassin-toaster-3.3.2-1.3.18.src.rpm

Please be aware that this is not an official release yet, but I for once did 
not have trouble with this package whatsoever.

Cheers,

Martin

Am 05.01.2012 um 13:35 schrieb Juan Carlos:

> hi,
> How to update spamassassin 3.2.5 to 3.3.2 ?
> thanks!
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] Qmailtoaster major changes

[Martin Waschbüsch]

Am 03.01.2012 um 02:36 schrieb Jake Vickers:

> I will be changing ownership of the Qmailtoaster project to Eric Shubes. With 
> the new role at work and my rapidly growing toddler, I just really don't have 
> enough spare time to devote to the project. I've spoken with Eric and he has 
> agreed to take the project over and continue with it.

Thanks for all your work, Jake!

Martin



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] Problem with Clamav-toaster on Centos6

[Martin Waschbüsch IT-Dienstleistungen]

Hi Anderson,

Am 26.12.2011 um 15:27 schrieb Anderson Alves de Albuquerque:

> 
>  I want go out to this list. How can I do?
> 


To remove your address from the list, just send a message to
the address in the ``List-Unsubscribe'' header of any list
message. If you haven't changed addresses since subscribing,
you can also send a message to:
  

Cheers,

Martin

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] Problem with Clamav-toaster on Centos6

[Martin Waschbüsch IT-Dienstleistungen]

Hi Amir,Am 26.12.2011 um 11:55 schrieb Amir Abbasi:+ echo 'Patch #0 (clamav-0.9x-qmailtoaster.patch.bz2):'Patch #0 (clamav-0.9x-qmailtoaster.patch.bz2):+ /usr/bin/bzip2 -dc /root/rpmbuild/SOURCES/clamav-0.9x-qmailtoaster.patch.bz2+ /usr/bin/patch -s -p1 --fuzz=01 out of 7 hunks FAILED -- saving rejects to file etc/clamd.conf.rejerror: Bad exit status from /var/tmp/rpm-tmp.nI9zZQ (%prep) RPM build errors:    Bad exit status from /var/tmp/rpm-tmp.nI9zZQ (%prep) Have you ever faced this error message?Thank you for your assistance.The problem is that the included patch is not 100% rediffed against version 0.97.3 of clamav… e.g. some lines are off.This causes the patch utility to fail, as the allowed amount of 'fuzz' (e.g. allow patches to apply to be a couple lines off the expected place) on CentOS 6 is zero.Anyway,use the attached patch instead of the old one (replace the clamav patch file in the SOURCES folder within your rpm build directory) and try again…Martin
--Martin WaschbüschIT-DienstleistungenSchumacherring 2981737 MünchenTelefon: +49 89 57005708Fax: +49 89 57868023Mobil: +49 170 2189794serv...@waschbuesch.ithttp://www.waschbuesch.it



clamav-0.9x-qmailtoaster.patch.bz2
Description: BZip2 compressed data


signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] sa-learn-attach

[Martin Waschbüsch IT-Dienstleistungen]

Hi Eric,


Am 21.12.2011 um 19:48 schrieb Eric Shubert:

> Here's the script I use with a shared folder to learn ham and spam, fwiw:
> #!/bin/sh
> #
> # learn and remove spam and ham in shared folders
> #
> # shubes 3/26/08 - created
> #
> 
> learndir="/home/vpopmail/domains/shubes.net/sa-learn"
> hambox=.Ham
> spambox=.Spam
> 
> do_the_learning(){
> 
> learnas=$1
> maildir=$2
> 
> shopt -s extglob
> for spamfile in `find $maildir/+(cur|new)/* 2>/dev/null`; do
>  sudo -u vpopmail -H sa-learn --$learnas $spamfile
>  rc=$?
>  if [ $? != "0" ]; then
>echo "sa-learn failed, rc=$rc, spamfile=$spamfile"
>exit $rc
>  fi
>  rm $spamfile
> done
> }
> 
> do_the_learning ham  "$learndir/$hambox"
> do_the_learning spam "$learndir/$spambox"
> 
> exit 0

I am using a version of something I found on the wiki (or as part of qtp?).

It adds the following things:
- loop through all domains and users
- do not touch/learn special files (e.g. dovecot cache, etc.).
- move ham back to inbox (which is safe with dovecot - I asked the author.)
- learn items without syncing *before* making spamassassin sync the database 
(if you host several domains with users actively using the ham/spam feature, 
you'll be glad to do that, as perl / spam assassin is no lightweight)


# Let's define our folder conventions:
SPAMDIR=".Spam.Lernen"
HAMDIR=".Spam.Korrektur"

# find and process each SPAMDIR

for directory in $( find /home/vpopmail/domains -type d -name $SPAMDIR );
do
  # then find and process each file in SPAMDIR that is not a dovecot special 
file

  for file in $( find $directory -type f -not \( -name dovecot.index -o -name 
dovecot.index.log -o -name dovecot.index.cache -o -name dovecot-keywords -o 
-name dovecot-uidlist -o -name maildirfolder \) );
  do

# learn the file with sa-learn as Spam (use the vpopmail user so it ends up 
in the correct database)
   sudo -u vpopmail -H sa-learn --no-sync --spam ${file}  >/dev/null 2>&1

# Spam belongs to nirvana!
rm -f ${file}  >/dev/null 2>&1

  done
done

# find and process each HAMDIR
for directory in $( find /home/vpopmail/domains -type d -name $HAMDIR );
do

  # then find and process each file in HAMDIR that is not a dovecot special file
  for file in $( find $directory -type f -not \( -name dovecot.index -o -name 
dovecot.index.log -o -name dovecot.index.cache -o -name dovecot-keywords -o 
-name dovecot-uidlist -o -name maildirfolder \) );
  do

# learn the file with sa-learn as HAM (use the vpopmail user so it ends up 
in the correct database)
sudo -u vpopmail -H sa-learn --no-sync --ham ${file} >/dev/null 2>&1

# move the file back to the the INBOX.
mv ${file} ${directory}/../cur >/dev/null 2>&1

  done
done

# to speed up learning, we only sync the journal with the database at the end.
sudo -u vpopmail -H sa-learn --sync >/dev/null 2>&1

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] 553 sorry, invalid HELO hostname

[Martin Waschbüsch IT-Dienstleistungen]

Am 12.11.2011 um 11:05 schrieb siva kumar:

> Dear Martin,
> 
> Thanks for you quick support. i can able to send mail to rediffmail. but 
> mail goes to junk mail. In gmail it goes to spam.
> Please help me to fix it.

Let's try this: please send a mail from the server in question to my email 
address and I'll start by analyzing that.
Also, did you verify the settings I mentioned?

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Schumacherring 29
81737 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it



signature.asc
Description: Message signed with OpenPGP using GPGMail

qmailtoaster-list@qmailtoaster.com

[Martin Waschbüsch IT-Dienstleistungen]

Hi there,


Am 11.11.2011 um 18:01 schrieb Javid Freeman:

> I just simply updated using yum update. I went back and looked at the list of 
> packages updated and found this:
> perl-IO-Socket-INET6-2.67-1.el5.art.noarch
> The rest of the email server features are working without issue. However the 
> error is emailed to the catchall every 5 min.
> 
> If necessary I can provide the entire list of packages updated. I have been 
> running qmail-toaster for several years and I can't remember if I used CPAN 
> or RPM.
> 
> Javid


The package name you gave here is from a 3rd party repository, Atomic. Perhaps 
you could try to uninstall / reinstall this from another repo (reforge) or 
downgrade to the original version from CentOS repo (if available there).

In any case, I recommend setting all 3rd party repos to enabled=0 in their 
.repo file (/etc/yum.repos.d/WHATEVER.repo) and only enable on demand by 
supplying '--enablerepo=reponame' to yum.

Cheers,

Martin
--
Martin Waschbüsch
IT-Dienstleistungen
Schumacherring 29
81737 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] DENIED_OTHER, no clue - spf still a little buggy?

[Martin Waschbüsch IT-Dienstleistungen]

Hi all,


Am 03.11.2011 um 03:27 schrieb Eric Shubert:

> I thought qmail-smtp had been patched to show a message when spf failed, but 
> I just found an instance when it doesn't. The sending domain had no TXT 
> record at all, and the smtp log simply showed DENIED_OTHER with no other 
> message. After I changed spfbehavior from 3 to 1, the message came through ok.
> 
> Anyone notice anything like this?

I have stopped using the SPF feature in qmail altogether. I set the value to 0.
As an alternative, I enabled spamassassin's SPF checker which seems to work 
much better (and in anyway, just adds to the spam probability instead of 
outright blocking things.

This has worked quite well for me.

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Schumacherring 29
81737 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] 553 sorry, invalid HELO hostname

[Martin Waschbüsch IT-Dienstleistungen]

Hi there,

Am 12.11.2011 um 10:30 schrieb siva kumar:

> Dear List,
> 
>While sending mail to other domains like rediffmail.com, i am 
> receiving error as follows. Please help me to fix it.
> 
> Hi. This is the qmail-send program at .
> 
> I'm afraid I wasn't able to deliver your message to the following addresses.
> 
> This is a permanent error; I've given up. Sorry it didn't work out.
> 


please ensure that your FQDN is identical to what you announce in

/var/qmail/control/me
(and possibly
/var/qmail/control/smtpgreeting)

also, make sure that a reverse lookup of your IP resolves to that very FQDN

if not, chances are that mails from your system will be taken for phishing 
attempts (e.g. pretending to be someone you are not).

Cheers,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Schumacherring 29
81737 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it



signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] How to sign emails with dkim for only some domains?

[Martin Waschbüsch IT-Dienstleistungen]

Hi there,

this is rather easy! :-)

All you have to do is use the following kind of syntax:
















This way, only the individual domains will use signing (and you can have 
different options and keys per domain, etc.)
Everything not mentioned in the file will not be signed.

Also note that this config also takes care of domainkeys. so, using this setup 
you can remove qmail-dk (or whatever the binary was called) and put 
qmail-queue.orig back as the qmail-queue binary file.

Cheers,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Schumacherring 29
81737 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it

Am 25.09.2011 um 06:48 schrieb P.V.Anthony:

> Hi,
> 
> Install dkim according to,
> http://wiki.qmailtoaster.com/index.php/How_to_Setup_DKIM_with_Qmail_Toaster
> 
> It works well.
> 
> I was wondering how to only do dkim for some domains and not all domains. Is 
> there some configuration that needs to be done so that only the required 
> domains will be signed by dkim?
> 
> P.V.Anthony
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
>To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dropped mails..

[Martin Waschbüsch IT-Dienstleistungen]

Hi Eric,


>> 
>> -
> 
> That sounds familiar to me too, but I don't recall what was going on. 
> Something TLS related perhaps.
> 
> I'd use spamdyke's detailed logging to see what's happening.
> 
> -- 
> -Eric 'shubes'


Thanks for the quick reply, I think I isolated the issue (and to me, it looks 
like a bug!)

I got to testing this thoroughly when I noticed that all amazon.de 
notifications were dropped for some time now.
What I found is this:

Disabling spf-checking by setting /var/qmail/control/spfbehaviour to 0

all emails pass. When left on the default (3) I have the problem.

Now, amazon plays by the rules:

checking amazon.de (! important that this is the German one!) for SPF records 
yields:

v=spf1 include:amazon.com ~all 
spf2.0/pra include:amazon.com ~all 

And this is where I think the problem lies.
The system is able to interpret the SPF policy, but does not seem to look up 
the 'include' part...

For in amazon.com records, I found

The TXT records found for your domain are:
v=spf1 ip4:207.171.160.0/19 ip4:87.238.80.0/21 ip4:72.21.192.0/19 
ip4:194.154.193.192/27 ip4:194.7.41.152/28 ip4:212.123.28.40/32 
ip4:203.81.17.0/24 ip4:72.21.212.0/25 ip4:199.255.192.0/22 ~all 

spf2.0/pra ip4:207.171.160.0/19 ip4:87.238.80.0/21 ip4:72.21.192.0/19 
ip4:194.154.193.192/27 ip4:194.7.41.152/28 ip4:212.123.28.40/32 
ip4:203.81.17.0/24 ip4:72.21.212.0/25 ip4:199.255.192.0/22 ~all 

and the matching IP address is part of the ones listed above.

So, where would I look for the SPF-related code in qmail?

Or should I disable it and enable in spamassassin instead? (which could be an 
interim work-around, I guess)..


What do you think?

Martin
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dropped mails..

[Martin Waschbüsch IT-Dienstleistungen]

Hey there,

I cannot seem to remember how to do this, but perhaps someone can remind me?

From smtp log (/var/log/qmail/smtpd/current), I have mails from a recipient 
that get just dropped after determining that the sender is valid.
e.g. i have lines such as:

@40004e6ba8531a65aae4 tcpserver: ok 4396 
krabat.waschbuesch.de:80.254.129.249:25 mx.someserver.org:123.123.123.123::36787
@40004e6ba8542f1fe954 CHKUSER accepted sender: from  
remote <:mx.someserver.org:123.123.123.123> rcpt <> : sender accepted

But there it just drops. The next line will only be:

@40004e6ba8562398a9cc tcpserver: end 4396 status 0


Since I cannot seem to find any additional info on why this mail was dropped, 
how can I enable additional debugging? E.g. for simscan or chkuser?

If anyone has any pointers on how to debug this one...

Thanks,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Schumacherring 29
81737 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] app to tag emails that fail RBL

[Martin Waschbüsch IT-Dienstleistungen]

Hi there,

Am 05.09.2011 um 21:33 schrieb Bharath Chari:

> On 09/05/2011 09:16 PM, Eric Shubert wrote:
>> On 09/04/2011 10:29 PM, Pak Ogah wrote:
>>> On 09/03/11 16:13, P.V.Anthony wrote:
>>>> ...
>>>> 
>>>> Often I hope gmail will get more strict and stop accepting emails for
>>>> not properly setup servers. This will would really make my life easier.
>>>> 
>>>> P.V.Anthony
>>>> 
>>> I agree with this. gmail can rcvd email from sender domain that use
>>> IP.Add.re.ss as MX record rather than MX hostname.
>>> While other email-related applications, like Exim and ASSP can't as they
>>> obeying the RFC
>>> 
>>> - From: http://en.wikipedia.org/wiki/MX_record
>>> The characteristic payload information of an MX record is the fully
>>> qualified domain name of a mail host and a preference value. The host
>>> name must map directly to one or more address record (A, or ) in the
>>> DNS, and must not point to any CNAME records.[1]
>>> 
>>> -
>>>  
>> 
>> Thanks for this, Pak. For some time I've wondered where it's specified that 
>> MX records must not point to CNAME records. I see now that it's in RFC 2181, 
>> Section 10.3.
>> 
> I haven't thought this through, but could it be that some services honour SPF 
> records more than others? Even if my MX record is an IP, not an A record, but 
> I explicitly define that IP as an acceptable sender in my SPF record, that 
> could be helping.
> 
> eg: My MX record is X.X.X.X instead of an A record, but my SPF record in DNS 
> explicitly states : "v=spf1 a mx ip4:X.X.X.X -all", which means I authorise 
> sending mail from my domain's A record, my MX and also from the IP X.X.X.X 
> but none other.

first of all, RFC demands that MX HAS to be a fully qualified domain name and 
neither an A record nor a CNAME. (As has been pointed out previously - thanks 
for the wiki reference, Eric, by the way).
Secondly, some services actually ignore SPF completely (same goes for DKIM), so 
using either technology is no guarantee that SMTP servers accept mail from you.
That is because both SPF and DKIM are optional gimmicks and thus you cannot 
rely on them to help you achieve good deliverability. They can only help if the 
receiving mail server is aware of these protocols.
Also keep in mind that from the two, SPF is the weaker technology as spoofing 
IP addresses is much easier than forging a DKIM signature.

Are you having trouble getting mails delivered to remote hosts?

Regards,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Schumacherring 29
81737 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] CentOS 6 / RHEL 6

[Martin Waschbüsch IT-Dienstleistungen]

Hi there,

some of the problems with the admin-pages are due to short open tags in php, 
which no longer work in php53 (and they are bad style anyway).
I also tried to get a toaster running on CentOS 6, but some of the dependencies 
were tricky.

Btw, qtp works, too. But you have to manually install rpmforge for CentOS 6, so 
that things like qtp-dependencies will run.

I decided to wait for QMTv2 for any OS upgrades. Who knows, maybee that'll be 
out before you get around to looking at the php sources. ;-) - One can always 
hope.

Cheers, 

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it

Am 18.07.2011 um 20:17 schrieb Dan McAllister:

> Just an FYI --
> 
> I have successfully installed QMT (although not QTP) onto CentOS 6 64-bit. 
> However, I did have to manually build the ezmlm package because the 
> gcc-compat-32 package isn't available for CentOS 6 (only compat-34)... never 
> the less, with a little tweaking of the dependencies, I think the toaster is 
> already reasonably compatible.
> 
> One other issue -- the toaster-admin web pages (which are all php scripted) 
> don't work correctly under php 5.3.3 ... I've not yet looked into this 
> (because I personally prefer to use the vpopmail binaries), but I'll look 
> into the php sources once I get a free weekend... I'm thinking August... 
> 2032! :-)
> 
> Dan
> IT4SOHO
> 
> 
> -- 
> 
> IT4SOHO, LLC
> PO Box 507
> St. Petersburg, FL 33731-0507
> 
> CALL TOLL FREE:
> 877-IT4SOHO
> 
> 877-484-7646 Phone
> 727-490-4394 Fax
> 
> "We make IT work for small business!"
> 
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>  Vickers Consulting Group offers Qmailtoaster support and installations.
>If you need professional help with your setup, contact them today!
> -
>   Please visit qmailtoaster.com for the latest news, updates, and packages.
>To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>   For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] php upgrade and qmail dependancies

[Martin Waschbüsch IT-Dienstleistungen]

Am 06.07.2011 um 16:28 schrieb Jake Vickers:

> On 07/06/2011 09:50 AM, Digital Instruments wrote:
>> 
>> 
>> Anyone have an idea about how could I remove php without removing the qmail 
>> dependencies?
> 
> 
> rpm -e --nodeps php.x86_64
> 
> You will run into an issue with short open tags on 5.3 as well. Martin rolled 
> some new packages to change the web page coding to work with the full open 
> tag, but I have not posted them to the web page as of yet. I can supply them 
> if you email me offline - I'll post them but it will take some time to 
> replicate to the mirrors.
>  

Sadly, they do not fix all the issues involved. I will add detailed 
descriptions to mantis later, Jake.

Martin
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] vpopmail --disable-many-domains option

[Martin Waschbüsch IT-Dienstleistungen]

Hi Jake,

Am 28.05.2011 um 17:19 schrieb Jake Vickers:
> 
> So I'm still curious as to what you think the benefits are. Segregating your 
> data into multiple tables was always the way I learned to obtain performance. 
> The nature of the requests from QMT are probably not those that would require 
> any performance tuning - the only one I've ever run into is the default 
> number of connections.  So I'm willing to table that point if there are other 
> mitigating factors.
> 
> So what are the advantages/benefits you are thinking will be gained from a 
> single table?


I agree with Eric that it probably will not make much of a difference with 
regards to performance.
However, a lot of applications that might want to have access to the email user 
database are not all that flexible and do not support having different domains 
in different tables.
E.g. using courier-auth with mysql or SOGo with mysql-backend, etc. There are 
other examples.
For my own use, I have written an accounting backend that also cycles through 
domains and users, etc. to produce detail-information to be attached to 
invoices and that, too, is just way easier when having all in one table.

Granted, that may be simplistic design on the parts of those programs, but hey, 
it works and it is way easier to recompile vpopmail to achieve compatibility 
than patch those programs.
Also, whenever there is any database schema change in order for vpopmail to be 
upgraded, it is much easier to upgrade that one table than to find all the 
tables that hold domains and path those.

Last but not least, mysql (and other databases) have length-limitations for 
domain names. I always wondered, but never tried, what would happen if I added 
a domain with a name longer than 'max-table-name-length' to the database?
I think the current limit for mysql is 32 chars and domain names can be longer.

Best,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] vpopmail --disable-many-domains option

[Martin Waschbüsch IT-Dienstleistungen]

Hi all!

Am 27.05.2011 um 06:10 schrieb Eric Shubert:

> Apologies for the hijack.
> 
> I just seem to recall this being discussed a bit, some time ago, and 
> concluding (perhaps with no consensus) that having all domains in a single 
> table made more sense.
> 
> This was discussed here some time ago in this thread:
> http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg22035.html
> It appears that chkuser might need multiple tables? I don't see why. I'm 
> guessing that this person simply didn't rebuild qmail-toaster after 
> rebuilding and reinstalling vpopmail-toaster, which would be required (and 
> qtp-newmodel would do automatically). Perhaps Tonino could confirm this.
> 
> Then on the development list last October:
> http://comments.gmane.org/gmane.mail.qmail.toaster.devel/638
> 
> Here's a reference that indicates performance can be poor with 
> --disable-many-domains (as well as speculation that it may be removed at some 
> point)
> http://bowe.id.au/michael/isp/webmail-server.htm

I have used a version of vpopmail with all domains in one table as this has a 
number of advantages for me.
This works very well and Eric is right in saying that you have to rebuild 
qmail-toaster after changing this in vpopmail.
I have not seen any adverse effects after switching to this model (I use two 
toasters like this).

Though I do not have a system with a huge number of domains, yet there was no 
performance difference between the two (for what that is worth).

Cheers,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] SSL Certificates

[Martin Waschbüsch IT-Dienstleistungen]

Hi there,

Am 19.05.2011 um 22:38 schrieb apow...@st-tel.net:

> Is it possible to have a certificate for pop3.domain.com and one for 
> smtp.domain.com?

Sure,

since the former is provided by courier (or dovecot) and the latter is provided 
by qmail, you can definitely point those programs to different certificates.
The only thing that does not work (in a straightforward way, anyway) is having 
separate certificates for e.g. smtp.domain1.com and smtp.domain2.net if they 
are both taken care of by the same toaster.

Cheers,

Martin
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Regex for fail2ban - SMTP DDos

[Martin Waschbüsch IT-Dienstleistungen]

Delsio,

perhaps we can take this off the list - email me your qmail-smtp.conf from 
filters.d and your jail.conf. Once we find what was up, we can still let 
everyone on the list know the problem & solution
Also, if you could add a sample of your /var/log/qmail/smtp/current for me to 
test with?

Thanks,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it

Am 06.05.2011 um 14:10 schrieb Délsio Cabá:

> Hi Martin,
> 
> Instead of applying your patch i just downloaded the latest snapshop, which 
> already has that patch and the behavior is exactly the same: the regex gets 
> the hit but it never blocks the IP.
> 
> [delsio@ns fail2ban-0.8.4-SVN]# tail -f /var/log/fail2ban.log
> 2011-05-06 14:07:43,587 fail2ban.actions: INFO   Set banTime = 6
> 2011-05-06 14:07:43,597 fail2ban.jail   : INFO   Jail 'qmail' started
> 2011-05-06 14:07:43,602 fail2ban.jail   : INFO   Jail 'ssh-iptables' started
> 2011-05-06 14:07:43,607 fail2ban.jail   : INFO   Jail 'password-fail' started
> 2011-05-06 14:07:43,616 fail2ban.jail   : INFO   Jail 'username-notfound' 
> started
> 2011-05-06 14:07:43,629 fail2ban.jail   : INFO   Jail 'qmail-smtp' started
> 2011-05-06 14:07:43,627 fail2ban.actions.action: ERROR  iptables -N 
> fail2ban-SSH
> iptables -A fail2ban-SSH -j RETURN
> iptables -I INPUT -p tcp --dport ssh -j fail2ban-SSH returned 200
> 2011-05-06 14:07:43,653 fail2ban.jail   : INFO   Jail 'named-refused-tcp' 
> started
> 2011-05-06 14:08:05,672 fail2ban.actions: WARNING [named-refused-tcp] Ban 
> 200.184.124.226
> 2011-05-06 14:08:05,682 fail2ban.actions: WARNING [named-refused-tcp] Ban 
> 76.76.11.241
> 2011-05-06 14:08:05,693 fail2ban.actions: WARNING [named-refused-tcp] Ban 
> 67.228.118.3
> 
> [delsio@ns etc]# fail2ban-client status qmail-smtp
> Status for the jail: qmail-smtp
> |- filter
> |  |- File list:/var/log/qmail/smtp/current
> |  |- Currently failed: 0
> |  `- Total failed: 0
> `- action
>|- Currently banned: 0
>|  `- IP list:
>`- Total banned: 0
> 
> 
> Any other recommendation?
> 
> 2011/5/6 Martin Waschbüsch IT-Dienstleistungen 
> OK, it definitely is the patch I sent - fail2ban fails to recognize the local 
> time zone you use. This causes times to never fall into the specified period 
> you use for checking if the attempt occurs multiple times.
> Once you replace
> date = list(time.gmtime(int(seconds_since_epoch, 16)))
> with
> date = list(time.localtime(int(seconds_since_epoch, 16)))
> 
> in /usr/share/fail2ban/server/datetemplate.py (near end of file), all should 
> be fine.
> 
> Martin
> 
> --
> Martin Waschbüsch
> IT-Dienstleistungen
> Lautensackstr. 16
> 80687 München
> 
> Telefon: +49 89 57005708
> Fax: +49 89 57868023
> Mobil: +49 170 2189794
> serv...@waschbuesch.it
> http://www.waschbuesch.it
> 
> Am 06.05.2011 um 10:17 schrieb Délsio Cabá:
> 
> > Hi,
> >
> > Same behavior, it does get some hits, but it doesn't ban. Other fail2ban 
> > filters are working except the one from qmail.
> >
> > fail2ban-regex /var/log/qmail/smtp/current 
> > /etc/fail2ban/filter.d/qmail-smtp.conf
> >
> > Date template hits:
> > 0 hit(s): MONTH Day Hour:Minute:Second
> > 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year
> > 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second
> > 0 hit(s): Year/Month/Day Hour:Minute:Second
> > 0 hit(s): Day/Month/Year Hour:Minute:Second
> > 0 hit(s): Day/MONTH/Year:Hour:Minute:Second
> > 0 hit(s): Month/Day/Year:Hour:Minute:Second
> > 0 hit(s): Year-Month-Day Hour:Minute:Second
> > 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond]
> > 0 hit(s): Day-Month-Year Hour:Minute:Second
> > 6347 hit(s): TAI64N
> > 0 hit(s): Epoch
> > 0 hit(s): ISO 8601
> > 0 hit(s): Hour:Minute:Second
> > 0 hit(s): 
> >
> > Success, the total number of match is 168
> >
> >
> > [delsio@ns ~]# fail2ban-client status qmail-smtp
> > Status for the jail: qmail-smtp
> > |- filter
> > |  |- File list:/var/log/qmail/smtp/current
> > |  |- Currently failed: 0
> > |  `- Total failed: 0
> > `- action
> >|- Currently banned: 0
> >|  `- IP list:
> >`- Total banned: 0
> >
> >
> > 2011/5/6 Toma Bogdan 
> > On 5/6/2011 9:10 AM, Délsio Cabá wrote:
> >> Hi all
> >>
> >> I am getting a lot of DDOS on smtp connection logs:
> >>
> >> @40004dc390330ffb50f4 C

Re: [qmailtoaster] Regex for fail2ban - SMTP DDos

[Martin Waschbüsch IT-Dienstleistungen]

OK, it definitely is the patch I sent - fail2ban fails to recognize the local 
time zone you use. This causes times to never fall into the specified period 
you use for checking if the attempt occurs multiple times.
Once you replace
date = list(time.gmtime(int(seconds_since_epoch, 16)))
with
date = list(time.localtime(int(seconds_since_epoch, 16)))

in /usr/share/fail2ban/server/datetemplate.py (near end of file), all should be 
fine.

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it

Am 06.05.2011 um 10:17 schrieb Délsio Cabá:

> Hi,
> 
> Same behavior, it does get some hits, but it doesn't ban. Other fail2ban 
> filters are working except the one from qmail.
> 
> fail2ban-regex /var/log/qmail/smtp/current 
> /etc/fail2ban/filter.d/qmail-smtp.conf
> 
> Date template hits:
> 0 hit(s): MONTH Day Hour:Minute:Second
> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year
> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second
> 0 hit(s): Year/Month/Day Hour:Minute:Second
> 0 hit(s): Day/Month/Year Hour:Minute:Second
> 0 hit(s): Day/MONTH/Year:Hour:Minute:Second
> 0 hit(s): Month/Day/Year:Hour:Minute:Second
> 0 hit(s): Year-Month-Day Hour:Minute:Second
> 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond]
> 0 hit(s): Day-Month-Year Hour:Minute:Second
> 6347 hit(s): TAI64N
> 0 hit(s): Epoch
> 0 hit(s): ISO 8601
> 0 hit(s): Hour:Minute:Second
> 0 hit(s): 
> 
> Success, the total number of match is 168
> 
> 
> [delsio@ns ~]# fail2ban-client status qmail-smtp
> Status for the jail: qmail-smtp
> |- filter
> |  |- File list:/var/log/qmail/smtp/current
> |  |- Currently failed: 0
> |  `- Total failed: 0
> `- action
>|- Currently banned: 0
>|  `- IP list:
>`- Total banned: 0
> 
> 
> 2011/5/6 Toma Bogdan 
> On 5/6/2011 9:10 AM, Délsio Cabá wrote:
>> Hi all
>> 
>> I am getting a lot of DDOS on smtp connection logs:
>> 
>> @40004dc390330ffb50f4 CHKUSER accepted sender: from 
>>  remote  rcpt <> : 
>> sender accepted
>> @40004dc390340c9e201c CHKUSER rejected rcpt: from  
>> remote  rcpt  : invalid 
>> rcpt MX domain
>> ..
>> @40004dc3905511aba4bc CHKUSER accepted sender: from 
>>  remote  rcpt <> : 
>> sender accepted
>> @40004dc390562cb394a4 CHKUSER rejected relaying: from 
>>  remote  rcpt 
>>  : client not allowed to relay
>> 
>> I need to block this using fail2ban but the regex is quite complex. I have 
>> tried this:
>> "\> rcpt \S+ : client not allowed to relay$"
>> 
>> But it doesn't seam to be working as expected:
>> fail2ban-regex /var/log/qmail/smtp/current "\> rcpt \S+ : client not 
>> allowed to relay"
>> ...
>> Date template hits:
>> 0 hit(s): MONTH Day Hour:Minute:Second
>> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year
>> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second
>> 0 hit(s): Year/Month/Day Hour:Minute:Second
>> 0 hit(s): Day/Month/Year Hour:Minute:Second
>> 0 hit(s): Day/MONTH/Year:Hour:Minute:Second
>> 0 hit(s): Month/Day/Year:Hour:Minute:Second
>> 0 hit(s): Year-Month-Day Hour:Minute:Second
>> 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond]
>> 0 hit(s): Day-Month-Year Hour:Minute:Second
>> 1184 hit(s): TAI64N
>> 0 hit(s): Epoch
>> 0 hit(s): ISO 8601
>> 0 hit(s): Hour:Minute:Second
>> 0 hit(s): 
>> 
>> Any help would be very appreciated
>> Thanks!
> try this
> failregex = CHKUSER .* <\w*:\w*:> .* : client not allowed to relay$
> 
> check it with :
> fail2ban-regex /var/log/qmail/smtp/current 
> /etc/fail2ban/filters/qmail-smtp-filter.conf
> 
> 
> -- 
> T. Bogdan
> Network/Systems Security
> 
> www.direkt.ro
> 
> 
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Regex for fail2ban - SMTP DDos

[Martin Waschbüsch IT-Dienstleistungen]

So, the regex shows matches when you use fail2ban-regex, but it never takes 
action?

please try the attached patch for fail2ban just in case your version does not 
already incorporate this...

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it


0002-Tai64N-stores-time-in-GMT-we-need-to-convert-to-loca.patch
Description: Binary data

Am 06.05.2011 um 10:15 schrieb Délsio Cabá:

> Hi, I have even tried with:
> timepattern = tai64n
> 
> and fail2ban simply fails to ban. My Configuration is:
> qmail-smtp.conf
> [Definition]
> failregex = CHKUSER rejected relaying: from <.*:> remote <.*:.*:> rcpt 
> <.*> : client not allowed to relay
> 
> jail.conf
> [qmail-smtp]
> enabled = true
> filter = qmail
> action = iptables[name=SMTP, port=smtp, protocol=tcp]
> logpath = /var/log/qmail/smtp/current
> maxretry = 5
> bantime = 3600
> ignoreip = 127.0.0.1
> timepattern = tai64n
> 
> 
> 
> 2011/5/6 Martin Waschbüsch IT-Dienstleistungen 
> You might try:
> 
> failregex: CHKUSER rejected relaying: from <.*:> remote <.*:.*:> rcpt 
> <.*> : client not allowed to relay
> 
> when I did
> 
> fail2ban-regex /var/log/qmail/smtp/current "CHKUSER rejected relaying: from 
> <.*:> remote <.*:.*:> rcpt <.*> : client not allowed to relay"
> 
> I got 35 hits.
> 
> Martin
> 
> PS: All I did was to replace variable strings in the log line with wildcard .*
> 
> 
> --
> Martin Waschbüsch
> IT-Dienstleistungen
> Lautensackstr. 16
> 80687 München
> 
> Telefon: +49 89 57005708
> Fax: +49 89 57868023
> Mobil: +49 170 2189794
> serv...@waschbuesch.it
> http://www.waschbuesch.it
> 
> Am 06.05.2011 um 09:07 schrieb Délsio Cabá:
> 
> > Hi all,
> >
> > I agree, but, fail2ban is being used with qmailtoaster as seen on this 
> > guide: 
> > http://wiki.qmailtoaster.com/index.php?title=Fail2Ban&redirect=no&printable=yes
> > But that guide and many others I have found on the net don't include a 
> > regex for my case: "client not allowed to relay"
> > My problem is really to get a valid regex.
> >
> > I will post it on fail2ban mailing list also. But it's important to post 
> > this here also
> >
> > Thanks
> >
> >
> > 2011/5/6 Martin Waschbüsch IT-Dienstleistungen 
> > That is not true. fail2ban understands tai64n timestamps as used below.
> >
> > Btw., for fail2ban specific questions, it makes more sense to ask on the 
> > fail2ban mailing list. :-)
> >
> > Martin
> >
> > --
> > Martin Waschbüsch
> > IT-Dienstleistungen
> > Lautensackstr. 16
> > 80687 München
> >
> > Telefon: +49 89 57005708
> > Fax: +49 89 57868023
> > Mobil: +49 170 2189794
> > serv...@waschbuesch.it
> > http://www.waschbuesch.it
> >
> > Am 06.05.2011 um 08:58 schrieb Finn Buhelt:
> >
> > > Hi.
> > >
> > > Just out of the head I think it's tricky because fail2ban needs a known 
> > > timestamp to check against, and I cannot recall fail2ban having this 
> > > timestamp listed as valid.
> > >
> > > But as said  -just out of the head.
> > > Regards,
> > > Finn
> > >
> > >
> > >
> > > On 06-05-2011 08:10, Délsio Cabá wrote:
> > >> Hi all
> > >>
> > >> I am getting a lot of DDOS on smtp connection logs:
> > >>
> > >> @40004dc390330ffb50f4 CHKUSER accepted sender: from 
> > >>  remote  rcpt <> 
> > >> : sender accepted
> > >> @40004dc390340c9e201c CHKUSER rejected rcpt: from 
> > >>  remote  rcpt 
> > >>  : invalid rcpt MX domain
> > >> ..
> > >> @40004dc3905511aba4bc CHKUSER accepted sender: from 
> > >>  remote  rcpt 
> > >> <> : sender accepted
> > >> @40004dc390562cb394a4 CHKUSER rejected relaying: from 
> > >>  remote  rcpt 
> > >>  : client not allowed to relay
> > >>
> > >> I need to block this using fail2ban but the regex is quite complex. I 
> > >> have tried this:
> > >> "\> rcpt \S+ : client not allowed to relay$"
> > >>
> > >> But it doesn't seam to be working as expected:
> > >> fail2ban-regex /var/log/qmail/smtp/current "\> rcpt \S+ : client 
> > >> not allowed to relay"
>

Re: [qmailtoaster] Regex for fail2ban - SMTP DDos

[Martin Waschbüsch IT-Dienstleistungen]

Hi,

you should get different output.

Note that you have 5796 hits for tai64n which means that it recognized that 
many lines starting with a date / time stamp.
There should be a section where it identifies IPs.

The important part is a section that looks like this:

Results
===

Failregex
|- Regular expressions:
|  [1] CHKUSER rejected relaying: from <.*:> remote <.*:.*:> rcpt <.*> : 
client not allowed to relay
|
`- Number of matches:
   [1] 35 match(es)

If this has matches, then it is matches against your failregex. (35 in my case)

my complete output looks like this:


snip

fail2ban-regex /var/log/qmail/smtp/current "CHKUSER rejected relaying: from 
<.*:> remote <.*:.*:> rcpt <.*> : client not allowed to relay"

Running tests
=

Use regex line : CHKUSER rejected relaying: from <.*:> remote <.*:
Use log file   : /var/log/qmail/smtp/current


Results
===

Failregex
|- Regular expressions:
|  [1] CHKUSER rejected relaying: from <.*:> remote <.*:.*:> rcpt <.*> : 
client not allowed to relay
|
`- Number of matches:
   [1] 35 match(es)

Ignoreregex
|- Regular expressions:
|
`- Number of matches:

Summary
===

Addresses found:
[1]
186.129.200.133 (Sat Apr 30 02:37:49 2011)
186.129.200.133 (Sat Apr 30 02:38:28 2011)
186.129.200.133 (Sat Apr 30 02:38:49 2011)
186.129.200.133 (Sat Apr 30 02:39:11 2011)
190.149.150.115 (Sat Apr 30 04:44:06 2011)
221.5.15.185 (Sat Apr 30 07:39:00 2011)
173.212.197.14 (Sat Apr 30 21:34:53 2011)
2.89.80.14 (Sun May 01 02:38:23 2011)
221.5.15.185 (Sun May 01 02:38:42 2011)
221.5.15.185 (Sun May 01 22:02:30 2011)
178.187.135.228 (Mon May 02 11:26:18 2011)
178.187.135.228 (Mon May 02 11:26:41 2011)
178.187.135.228 (Mon May 02 11:26:58 2011)
178.187.135.228 (Mon May 02 11:27:15 2011)
180.180.236.216 (Mon May 02 14:39:32 2011)
180.180.236.216 (Mon May 02 14:40:08 2011)
180.180.236.216 (Mon May 02 14:40:45 2011)
180.180.236.216 (Mon May 02 14:41:14 2011)
221.5.15.185 (Mon May 02 17:53:03 2011)
123.19.174.69 (Tue May 03 02:02:36 2011)
190.234.85.198 (Tue May 03 02:12:38 2011)
221.5.13.193 (Tue May 03 16:02:05 2011)
178.95.2.102 (Tue May 03 22:30:23 2011)
178.95.2.102 (Tue May 03 22:31:24 2011)
178.95.2.102 (Tue May 03 22:31:55 2011)
178.95.2.102 (Tue May 03 22:32:59 2011)
190.233.69.51 (Wed May 04 01:16:13 2011)
117.2.140.171 (Wed May 04 02:34:00 2011)
88.185.226.159 (Wed May 04 23:42:27 2011)
88.185.226.159 (Wed May 04 23:43:11 2011)
88.185.226.159 (Wed May 04 23:43:37 2011)
88.185.226.159 (Wed May 04 23:44:01 2011)
186.2.3.244 (Thu May 05 03:13:41 2011)
221.5.14.62 (Thu May 05 17:33:45 2011)
190.239.206.8 (Fri May 06 01:24:38 2011)

Date template hits:
0 hit(s): Month Day Hour:Minute:Second
0 hit(s): Weekday Month Day Hour:Minute:Second Year
0 hit(s): Weekday Month Day Hour:Minute:Second
0 hit(s): Year/Month/Day Hour:Minute:Second
0 hit(s): Day/Month/Year:Hour:Minute:Second
0 hit(s): Year-Month-Day Hour:Minute:Second
0 hit(s): Day-Month-Year Hour:Minute:Second[.Millisecond]
8502 hit(s): TAI64N
0 hit(s): Epoch

Success, the total number of match is 35

However, look at the above section 'Running tests' which could contain important
information.


snip


Hope this helps?

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it

Am 06.05.2011 um 10:08 schrieb Délsio Cabá:

> Hi,
> I also do get hits:
> 
> Date template hits:
> 0 hit(s): MONTH Day Hour:Minute:Second
> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year
> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second
> 0 hit(s): Year/Month/Day Hour:Minute:Second
> 0 hit(s): Day/Month/Year Hour:Minute:Second
> 0 hit(s): Day/MONTH/Year:Hour:Minute:Second
> 0 hit(s): Month/Day/Year:Hour:Minute:Second
> 0 hit(s): Year-Month-Day Hour:Minute:Second
> 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond]
> 0 hit(s): Day-Month-Year Hour:Minute:Second
> 5796 hit(s): TAI64N
> 0 hit(s): Epoch
> 0 hit(s): ISO 8601
> 0 hit(s): Hour:Minute:Second
> 0 hit(s): 
> 
> Success, the total number of match is 134
> 
> 
> But they are in TAI64N, isn't that a problem? Will fail2ban be able to get 
> the time from that?
> 
> 
> 
> 2011/5/6 Martin Waschbüsch IT-Dienstleistungen 
> You might try:
> 
> failregex: CHKUSER rejected relaying: from <.*:> remote <.*:.*:> rcpt 
> <.*> : client not allowed to relay
> 
> when I did
> 
> fail2ban-regex /var/log/qmail/smtp/current "CHKUSER rejected relaying: from 
> <.*:> remote <.*:.*:> rcpt <.*> : client not allowed to relay"
> 
> I got 35 hits.

Re: [qmailtoaster] Regex for fail2ban - SMTP DDos

[Martin Waschbüsch IT-Dienstleistungen]

You might try:

failregex: CHKUSER rejected relaying: from <.*:> remote <.*:.*:> rcpt 
<.*> : client not allowed to relay

when I did 

fail2ban-regex /var/log/qmail/smtp/current "CHKUSER rejected relaying: from 
<.*:> remote <.*:.*:> rcpt <.*> : client not allowed to relay"

I got 35 hits.

Martin

PS: All I did was to replace variable strings in the log line with wildcard .*


--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it

Am 06.05.2011 um 09:07 schrieb Délsio Cabá:

> Hi all,
> 
> I agree, but, fail2ban is being used with qmailtoaster as seen on this guide: 
> http://wiki.qmailtoaster.com/index.php?title=Fail2Ban&redirect=no&printable=yes
> But that guide and many others I have found on the net don't include a regex 
> for my case: "client not allowed to relay"
> My problem is really to get a valid regex.
> 
> I will post it on fail2ban mailing list also. But it's important to post this 
> here also
> 
> Thanks
> 
> 
> 2011/5/6 Martin Waschbüsch IT-Dienstleistungen 
> That is not true. fail2ban understands tai64n timestamps as used below.
> 
> Btw., for fail2ban specific questions, it makes more sense to ask on the 
> fail2ban mailing list. :-)
> 
> Martin
> 
> --
> Martin Waschbüsch
> IT-Dienstleistungen
> Lautensackstr. 16
> 80687 München
> 
> Telefon: +49 89 57005708
> Fax: +49 89 57868023
> Mobil: +49 170 2189794
> serv...@waschbuesch.it
> http://www.waschbuesch.it
> 
> Am 06.05.2011 um 08:58 schrieb Finn Buhelt:
> 
> > Hi.
> >
> > Just out of the head I think it's tricky because fail2ban needs a known 
> > timestamp to check against, and I cannot recall fail2ban having this 
> > timestamp listed as valid.
> >
> > But as said  -just out of the head.
> > Regards,
> > Finn
> >
> >
> >
> > On 06-05-2011 08:10, Délsio Cabá wrote:
> >> Hi all
> >>
> >> I am getting a lot of DDOS on smtp connection logs:
> >>
> >> @40004dc390330ffb50f4 CHKUSER accepted sender: from 
> >>  remote  rcpt <> : 
> >> sender accepted
> >> @40004dc390340c9e201c CHKUSER rejected rcpt: from 
> >>  remote  rcpt 
> >>  : invalid rcpt MX domain
> >> ..
> >> @40004dc3905511aba4bc CHKUSER accepted sender: from 
> >>  remote  rcpt <> 
> >> : sender accepted
> >> @40004dc390562cb394a4 CHKUSER rejected relaying: from 
> >>  remote  rcpt 
> >>  : client not allowed to relay
> >>
> >> I need to block this using fail2ban but the regex is quite complex. I have 
> >> tried this:
> >> "\> rcpt \S+ : client not allowed to relay$"
> >>
> >> But it doesn't seam to be working as expected:
> >> fail2ban-regex /var/log/qmail/smtp/current "\> rcpt \S+ : client not 
> >> allowed to relay"
> >> ...
> >> Date template hits:
> >> 0 hit(s): MONTH Day Hour:Minute:Second
> >> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year
> >> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second
> >> 0 hit(s): Year/Month/Day Hour:Minute:Second
> >> 0 hit(s): Day/Month/Year Hour:Minute:Second
> >> 0 hit(s): Day/MONTH/Year:Hour:Minute:Second
> >> 0 hit(s): Month/Day/Year:Hour:Minute:Second
> >> 0 hit(s): Year-Month-Day Hour:Minute:Second
> >> 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond]
> >> 0 hit(s): Day-Month-Year Hour:Minute:Second
> >> 1184 hit(s): TAI64N
> >> 0 hit(s): Epoch
> >> 0 hit(s): ISO 8601
> >> 0 hit(s): Hour:Minute:Second
> >> 0 hit(s): 
> >>
> >> Any help would be very appreciated
> >> Thanks!
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Regex for fail2ban - SMTP DDos

[Martin Waschbüsch IT-Dienstleistungen]

That is not true. fail2ban understands tai64n timestamps as used below.

Btw., for fail2ban specific questions, it makes more sense to ask on the 
fail2ban mailing list. :-)

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it

Am 06.05.2011 um 08:58 schrieb Finn Buhelt:

> Hi.
> 
> Just out of the head I think it's tricky because fail2ban needs a known 
> timestamp to check against, and I cannot recall fail2ban having this 
> timestamp listed as valid.
> 
> But as said  -just out of the head.
> Regards,
> Finn
> 
> 
> 
> On 06-05-2011 08:10, Délsio Cabá wrote:
>> Hi all
>> 
>> I am getting a lot of DDOS on smtp connection logs:
>> 
>> @40004dc390330ffb50f4 CHKUSER accepted sender: from 
>>  remote  rcpt <> : 
>> sender accepted
>> @40004dc390340c9e201c CHKUSER rejected rcpt: from  
>> remote  rcpt  : invalid 
>> rcpt MX domain
>> ..
>> @40004dc3905511aba4bc CHKUSER accepted sender: from 
>>  remote  rcpt <> : 
>> sender accepted
>> @40004dc390562cb394a4 CHKUSER rejected relaying: from 
>>  remote  rcpt 
>>  : client not allowed to relay
>> 
>> I need to block this using fail2ban but the regex is quite complex. I have 
>> tried this:
>> "\> rcpt \S+ : client not allowed to relay$"
>> 
>> But it doesn't seam to be working as expected:
>> fail2ban-regex /var/log/qmail/smtp/current "\> rcpt \S+ : client not 
>> allowed to relay"
>> ...
>> Date template hits:
>> 0 hit(s): MONTH Day Hour:Minute:Second
>> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year
>> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second
>> 0 hit(s): Year/Month/Day Hour:Minute:Second
>> 0 hit(s): Day/Month/Year Hour:Minute:Second
>> 0 hit(s): Day/MONTH/Year:Hour:Minute:Second
>> 0 hit(s): Month/Day/Year:Hour:Minute:Second
>> 0 hit(s): Year-Month-Day Hour:Minute:Second
>> 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond]
>> 0 hit(s): Day-Month-Year Hour:Minute:Second
>> 1184 hit(s): TAI64N
>> 0 hit(s): Epoch
>> 0 hit(s): ISO 8601
>> 0 hit(s): Hour:Minute:Second
>> 0 hit(s): 
>> 
>> Any help would be very appreciated
>> Thanks!


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: SpamAssassin Version

[Martin Waschbüsch IT-Dienstleistungen]

Am 30.04.2011 um 05:40 schrieb David Bray:

> Thanks for the Feedback
> 
> Understand about the Fedora Lifetime etc. I use VM's and Fedora 13 is the 
> current Fedora. Tried Ubuntu, CentOS and keep coming back to Fedora - mainly 
> because the php is more up to date
> 
> The driving line is not so much SA - SpamAssassin as Clam, on my last server 
> - Fedora 12 based, there was an issue with spam and the update to SA 3.3 did 
> get me into later rule sets (via sa-update)
> 
> You can - in the Fedora 13 case, substitute in yum install spamassassin with 
> little difficulty, basically install the package, it pulls in what it needs, 
> then create the scripts to run under daemontools.
> 
> The clamav is harder, but I have it running, though untested. The end aim is 
> just to let the rpm system update clam, rather than having to recompile to 
> src rpm
> 
> so why is that so bad ?
> 
> well the toaster works fine on a VM with 20Gb HDD and 512k ram  but to 
> recompile the clam package you have to stop the services to free up memory 
> ... so having a recipe for utilizing then yum package is nice ...
> 
> which brings you back to your argument, Fedora 13 will only have a short life 
> for clamav updates via yum 
> 
> 
> David Bray
> http://www.brayworth.com.au
> da...@brayworth.com.au

Not everything is perfect with QMT, I would agree, but at the same time: it 
works! And as Eric pointed out, CentOS / RHEL 5.x is the most current version 
of the recommended OS for QMT.
Jake is working on QMTv2 which will incorporate some changes and it will 
actually address some of the things you mention (like an option to just install 
binary packages instead of compile from source).
That being said, if you'd like to help with QMT, please join the 
qmailtoaster-devel list as well!

Cheers,

Martin
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: patch utility under Fedora 13

[Martin Waschbüsch IT-Dienstleistungen]

Am 15.04.2011 um 02:17 schrieb David Bray:

> Did Jake have some thoughts on this - or should I just unpack, adjust the 
> patch switch and compile ? - any shortcuts ?
> 
> David Bray
> http://www.brayworth.com.au
> da...@brayworth.com.au
> 
> On 12/04/2011 12:59 AM, Eric Shubert wrote:
>> Jake can answer you question best. He manages the patch files. 
>> 
>> I gotta ask though, why F13? F14 is current, and F15 release is right around 
>> the corner (scheduled for 2011-05-24), which means that F13 will no longer 
>> be maintained in only a couple months (2011-06-24). 
>> See 
>> http://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Maintenance_Schedule
>> 
>> Fedora is generally not a good choice for a production server, due to its 
>> relatively short lifetime. CentOS is a more stable platform, and is 
>> recommended for production QMT use. CentOS5.6 just came out this past 
>> weekend, and will not reach end of life for another 3 years (2014-03-31). By 
>> then, Fedora will be up to release 20. 
>> 
>> I think you get the picture. 
>> 
>> At the same time, we do appreciate people who install QMT on Fedora, so we 
>> can get things like this worked out well in advance of them arriving in 
>> CentOS. 
>> 
>> Thanks. 

Hi,

The problem is not the patch utility itself, but the patch included in the 
package. It likely includes some fuzziness and the patch utility in Fedora is 
not tolerant when it comes to this. Personally, I think this is a good idea.
The problem happens when you apply a patch that was calculated against e.g. 
software version 2 and is now applied to software version 2.1.
If the file to patch has the lines to patch on different line numbers, some 
systems allow (by default) applying the patch with the offset (=fuzziness) 
while others do not.

Hope that helps,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Automatic Account Expirations

[Martin Waschbüsch IT-Dienstleistungen]

The command posted in your mail needs to be in one line. Apparently, you have a 
line feed character in the script which causes the mysql command to fail.

Martin

Von meinem iPhone gesendet

Am 11.04.2011 um 20:48 schrieb "Gilbert T. Gutierrez, Jr." 
:

> I was looking at the script in the qmailtoaster wiki for Automatic account 
> expirations.  The script is not working for me and I am not all that great 
> with bash scripts.  Has anyone run this script on the list?  When I modify 
> the script with my server info and run the script, it logs me into mysql and 
> then stops.  when I press ctrl-c I get the following notice.
> 
> mysql> Aborted
> ./autodelete.sh: line 128: syntax error near unexpected token `newline'
> ./autodelete.sh: line 128: `$MYSQL_DATABASE -E -e "$SQL_QUERY" | $GREP email 
> | $GAWK -F' ' '{print $2}' >'
> 
> 
> Can someone help me please or push me an alternative direction?
> 
> Thank you,
> Gilbert Gutierrez
> 
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Checking you DKIM/DomainKeys/SPF/ etc

[Martin Waschbüsch IT-Dienstleistungen]

Another useful link is this:

http://www.brandonchecketts.com/

Martin

Von meinem iPhone gesendet

Am 11.04.2011 um 21:05 schrieb "Scott Hughes" :

> Just for everyone's general knowledge, you can send an email to:
> check-a...@verifier.port25.com  and it will email you back with a lot of
> valuable information.  This is a free and fast service. The reply was back
> within 10 seconds of my clicking the send button.
> 
> Scott
> 
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: RES: [qmailtoaster] Re: Qmail-inject issue

[Martin Waschbüsch IT-Dienstleistungen]

Hi all,

I sometimes have the same kind of entry in the logs:

grep -R -i 'inject' /var/log/qmail/send/*

comes up with entries such as this:

/var/log/qmail/send/@40004cac830228d80ff4.s:@40004ca982cb35955a94 
delivery 291: failure: 
qmail-inject:_fatal:_unable_to_parse_this_line:/Cc:_,/_;_Mon,_4_Oct_2010_09:31:12_+0200/system_error_calling_qmail-inject/

The interesting thing is that I always have that when mails seem to have 
multiple recipients and one of them is clearly fake: 
 is not one of my users while 
 is.

I also attached an error message that goes with such errors.

Please note that I have never yet seen this if it was not a spam mail anyway, 
so I never investigated further.

Perhaps that helps?

Martin


--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it
--- Begin Message ---
Hi. This is the qmail-send program at hydra.waschbuesch.de.
I tried to deliver a bounce message to this address, but the bounce bounced!

:
Sorry, I wasn't able to establish an SMTP connection. (#4.4.1)
I'm not going to try again; this message has been in the queue too long.

--- Below this line is the original bounce.

Return-Path: <>
Received: (qmail 2830 invoked for bounce); 4 Oct 2010 07:31:13 -
Date: 4 Oct 2010 07:31:13 -
From: mailer-dae...@hydra.waschbuesch.de
To: er...@mailfrom.com
Subject: failure notice

Hi. This is the qmail-send program at hydra.waschbuesch.de.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

:
qmail-inject: fatal: unable to parse this line:
Cc: ,
; Mon, 4 Oct 2010 09:31:12 +0200
system error calling qmail-inject

--- Below this line is a copy of the message.

Return-Path: 
Received: (qmail 2806 invoked by uid 89); 4 Oct 2010 07:31:13 -
Received: by simscan 1.4.0 ppid: 2799, pid: 2800, t: 23.6234s
 scanners: attach: 1.4.0 clamav: 0.96.3/m:52/d:12005 spam: 3.2.5
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
serv01.waschbuesch.de
X-Spam-Level: ***
X-Spam-Status: Yes, score=3.6 required=2.0 tests=BAYES_99,HTML_MESSAGE,
RDNS_NONE autolearn=no version=3.2.5
X-Spam-Report: 
*  3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
*  [score: 1.]
*  0.0 HTML_MESSAGE BODY: HTML included in message
*  0.1 RDNS_NONE Delivered to trusted network by a host with no rDNS
Received: from unknown (HELO ?95.86.101.2?) (95.86.101.2)
  by hydra.waschbuesch.de with SMTP; 4 Oct 2010 07:30:50 -
Received-SPF: none (hydra.waschbuesch.de: domain at mailfrom.com does not 
designate permitted sender hosts)
Received: from [132.51.125.15] (helo=ybqmocxuyk.jmznfn.va)
by  with esmtpa (Exim 4.69)
(envelope-from )
id 1MMNII-6917ai-41
for ,
,
,

Cc: ,
; Mon, 4 Oct 2010 09:31:12 +0200
From: Benjamin Lay  
To: <,
,
,

Cc: ,
>
Subject: Die Armbanduhren sind viel billiger online!
Date: Mon, 4 Oct 2010 09:31:12 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="=_fxxoamnvl_49_47_27"
X-Priority: 3
X-Mailer: rmhuzwmu.96
Message-ID: <2033986661.weil69lr106...@pvurl.pbmgh.va>

--=_fxxoamnvl_49_47_27
Content-Type: text/plain;
charset="iso-8859-2"
Content-Transfer-Encoding: quoted-printable

Die Brand Original Chronometer aus der Schweiz sind zu teuer geldfressend=
, aber Menschen respektieren achten deren Besitzer. erwerben Sie eine Kop=
ie von einer Brand und kriegen Sie alle Privilegien der Elite ohne ein ga=
nzes Vermoegen zu bezahlen.http://bit.ly/95d0yz
--=_fxxoamnvl_49_47_27
Content-Type: text/html;
charset="iso-8859-2"
Content-Transfer-Encoding: quoted-printable









Die Brand Original Chronometer aus der =
Schweiz sind zu teuer geldfressend, aber Menschen respektieren achten der=
en Besitzer. erwerben Sie eine Kopie von einer Brand und kriegen Sie alle=
 Privilegien der Elite ohne ein ganzes Vermoegen zu bezahlen.<=
br>
http://bit.ly/95d0yz"; target=
=3D"_blank">http://bit.ly/95d0yz




--=_fxxoamnvl_49_47_27--

--- End Message ---

Am 29.03.2011 um 04:59 schrieb Atalibio Frederico Schneider Junior:

> Dear Eric,
> 
> The message presented here is taken from e-mail returned to sender.
> 
> It also appears in /var/log/qmail/send/current
> 
> @40004d80079808d3e14c info msg 10083300: bytes 76237 from <
> x...@xxx.com.br > qp 4600 uid 89
> @40004d8007980934877c starting delivery 3364: msg 10083300 to local
> digiall.com.br-...@yyy.com.br
> @40004d80079809349eec status: local 1/10 remote 0/60
> @40004d8007980a9728a4 delivery 3364: deferral:
>

Re: [qmailtoaster] Re: DKIM and DomainKeys and the Toaster

[Martin Waschbüsch]

Hi Eric,

Am 18.02.2011 um 17:07 schrieb Eric Shubert:

> Great.
> 
> So the only piece that's missing is checking inbound messages. Anyone care to 
> look into this? I don't know if Jake has already or not.
> 
> -- 
> -Eric 'shubes'

I have been using SpamAssassin to do inbound verification. Obviously, this is 
not the ideal solution, but it works.

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: DKIM and DomainKeys and the Toaster

[Martin Waschbüsch]

Eric, Jake's instructions work like a charm and also note: that implementation 
can take care of both DKIM and DK (both of which I am making use of on my 
toaster).

Martin

Von meinem iPhone gesendet

Am 18.02.2011 um 16:34 schrieb Eric Shubert :

> qmail-dk (aka DomainKeys), I'm sad to say, has some bugs in the inbound 
> (checking) area. Someone (I'm sorry I don't remember the name) spent some 
> time on it a couple years ago, and ran out of time fixing the outbound 
> portion.
> 
> I recommend removing all DK* variables in the tcp.smtp file, except for 
> DKSIGN. I believe DKSIGN works ok (I have it configured), but I wouldn't bet 
> my life on it.
> 
> I believe DKIM is preferred (a successor to DK). I haven't used it yet, but I 
> believe Jake and Amit have implemented DKIM successfully. See
> http://wiki.qmailtoaster.com/index.php/How_to_Setup_DKIM_with_Qmail_Toaster
> 
> I don't know how well DK and DKIM play together, but if I implemented DKIM, I 
> would disable DK entirely, either by removing DKSIGN in tcp.smtp, or (better) 
> change the /var/qmail/bin/qmail-queue symlink to point to qmail-queue.orig 
> instead of qmail-dk.
> 
> It appears to me that this DKIM implementation is for outbound only. I'm not 
> aware of any implementation of inbound checking of DK (which works reliably) 
> or DKIM for QMT. It'd be nice if someone would come up with a DKIM checking 
> patch of some sort.
> 
> -- 
> -Eric 'shubes'
> 
> On 02/17/2011 07:39 PM, Dan McAllister wrote:
>> Greeting QMT and QTP affectionados...
>> 
>> I endeavored to help PV Anthony resolve his SpamDyke issues a little bit
>> ago and discovered to my dismay that my DomainKeys system was rejecting
>> messages for no good reason -- ESPECIALLY if the sending domain had NO
>> DomainKeys DNS entries!
>> 
>> Needless to say, this is problematic, so I've temporarily suspended
>> checking for DomainKeys
>> 
>> Has anyone else experienced this recently? (I've used DomainKeys for
>> quite some time without reason to suspect it was problematic! Was I just
>> blind to the issues all this time??)
>> 
>> Thanks in advance to any who choose to discuss this...
>> 
>> Dan
>> IT4SOHO
>> 
>> -
>> 
>> Qmailtoaster is sponsored by Vickers Consulting Group
>> (www.vickersconsulting.com)
>> Vickers Consulting Group offers Qmailtoaster support and installations.
>> If you need professional help with your setup, contact them today!
> 
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: DNS temporary failure if one DNS server dont work.

[Martin Waschbüsch]

Am 15.02.2011 um 16:06 schrieb Maxwell Smart:

> I have a 1.25" book on DNS.  I'll lend it to anyone who wants to read it and 
> compile some wiki notes on DNS.
> 
> DNS is very complex in itself and you need to read much more than good be put 
> on a wiki to get a full understanding of the complexities.
> 

Very true.
Personally, I find that the information given on the wikipedia page
http://en.wikipedia.org/wiki/Domain_Name_System
plus the long (but by no means exhaustive) list of links on the subject at the 
bottom of the article are a good starting point for online reading.

Martin


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: DNS temporary failure if one DNS server dont work.

[Martin Waschbüsch]

Exactly,

for djbdns, I have (in /var/djbdns/dnscache/root/servers/@):

80.254.130.4
80.254.140.9
198.41.0.4
128.9.0.107
192.33.4.12
128.8.10.90
192.203.230.10
192.5.5.241
192.112.36.4
128.63.2.53
192.36.148.17
198.41.0.10
193.0.14.129
198.32.64.12
202.12.27.33


The first two are the ones of my ISP. The rest came with the djbdns config and 
can be extended to use whatever else you want to add.
This way, too, the local box will get answers for DNS requests from the first 
server that responds.

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 15.02.2011 um 02:23 schrieb Eric Shubert:

> On 02/14/2011 01:57 PM, Scott Hughes wrote:
>> I use a caching name server on my QMT server.  Here is what I have in my
>> /etc/resolv.conf file:
>> 
>> nameserver 127.0.0.1
>> nameserver 4.2.2.3
>> nameserver 4.2.2.4
>> 
>> This way if it does not resolve it locally, it will resolve it using one
>> of the other DNS servers listed. Once it is resolved once, my local
>> server will hold onto it for a period of time so that future look-ups
>> will be faster.
> 
> I don't believe that's quite right, Scott. I believe it will only cache hits 
> that are satisfied by the localhost (127.0.0.1) resolver. I think it would be 
> better to specify forwarders in the named.conf file. Then, indeed, hits from 
> alternate resolvers would be cached.
> 
> This is what I have in my named.conf:
> //
> // named.conf
> //
> options {
>forward first;
>forwarders {
>205.171.3.25;
>208.67.222.220;
>205.171.2.25;
>208.67.222.222;
>};
> };
> logging {
>category lame-servers { null; };
> };
> 
> These IPs are for my ISP (Qwest) and OpenDNS. I think that by specifying 
> forwarders, it relieves some stress on the root name servers, which is a good 
> thing.
> 
> Martin, am I off base on this? I could be.
> 
>> Hope this helps.
>> 
>> Scott
>> 
>> 
>> On Mon, Feb 14, 2011 at 1:58 PM, Eric Shubert > <mailto:e...@shubes.net>> wrote:
>> 
>>Hey Marek,
>> 
>>Using Bind is fine, but using a single server/process for both
>>authoritative and resolver purposes is not a good practice. It can
>>be done, but I would try very hard to keep them separate before
>>endeavoring to put them together. It can be done, but it's a bit
>>tricky to do well (accurately and securely).
>> 
>>If at all possible, I would use an authoritative DNS server that's
>>external to QMT, then simply install the caching-nameserver package
>>on QMT to use as a resolver. You should also modify the resolver's
>>configuration to use forwarders, but that's not absolutely
>>necessary. caching-nameserver configuration should work ok as is.
>> 
>>Martin, do you have anything to add? (Sorry for jumping in again)
>> 
>>--
>>-Eric 'shubes'
>> 
>> 
>>On 02/14/2011 12:14 PM, d...@demod.pl <mailto:d...@demod.pl> wrote:
>> 
>>Thank You for advice.
>> 
>>I think, I must learn about DNS much more as I thought before i
>>wrote
>>these emails.
>> 
>>I'm using BIND (named).
>> 
>>Yes it's authoritative DNS server and i think it's a local
>>resolver. Now
>>I understand it's wrong practice?
>> 
>>Now i'm going to try apply you advices and read something more
>>about DNS
>>server.
>> 
>>I will let you know about my progress
>> 
>> 
>> 
>>regards
>> 
>>Marek
>> 
>> 
>> 
>>- Original Message - From: "Eric Shubert"
>>mailto:e...@shubes.net>>
>>To: ><mailto:qmailtoaster-list@qmailtoaster.com>>
>>Sent: Monday, February 14, 2011 4:24 PM
>>Subject: [qmailtoaster] Re: DNS temporary failure if one DNS
>>server dont
>>work.
>> 
>> 
>>I agree whole heartedly with Martin (whatever that's worth).
>> 
>>Two key questions which haven't been answered yet by Marek:
>>1) which software is he using (bind or djbdns)
>>2) is he using the local resolver as an authoritative DNS
>>server as
>>

Re: [qmailtoaster] Re: DNS temporary failure if one DNS server dont work.

[Martin Waschbüsch]

I think you are right, Eric,

What I do for my main box is have the caching nameserver on it and use as 
forwarders the default that came with the caching name server (djbdns) and 
added the name servers of my ISP (the box is COLO, so even that is really fast 
when it comes to lookups). Those also are the authoritative ones for my domains.
I have always had great experience when splitting caching and auth name servers.

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 14.02.2011 um 20:58 schrieb Eric Shubert:

> Hey Marek,
> 
> Using Bind is fine, but using a single server/process for both authoritative 
> and resolver purposes is not a good practice. It can be done, but I would try 
> very hard to keep them separate before endeavoring to put them together. It 
> can be done, but it's a bit tricky to do well (accurately and securely).
> 
> If at all possible, I would use an authoritative DNS server that's external 
> to QMT, then simply install the caching-nameserver package on QMT to use as a 
> resolver. You should also modify the resolver's configuration to use 
> forwarders, but that's not absolutely necessary. caching-nameserver 
> configuration should work ok as is.
> 
> Martin, do you have anything to add? (Sorry for jumping in again)
> 
> -- 
> -Eric 'shubes'
> 
> On 02/14/2011 12:14 PM, d...@demod.pl wrote:
>> Thank You for advice.
>> 
>> I think, I must learn about DNS much more as I thought before i wrote
>> these emails.
>> 
>> I'm using BIND (named).
>> 
>> Yes it's authoritative DNS server and i think it's a local resolver. Now
>> I understand it's wrong practice?
>> 
>> Now i'm going to try apply you advices and read something more about DNS
>> server.
>> 
>> I will let you know about my progress
>> 
>> 
>> 
>> regards
>> 
>> Marek
>> 
>> 
>> 
>> - Original Message - From: "Eric Shubert" 
>> To: 
>> Sent: Monday, February 14, 2011 4:24 PM
>> Subject: [qmailtoaster] Re: DNS temporary failure if one DNS server dont
>> work.
>> 
>> 
>>> I agree whole heartedly with Martin (whatever that's worth).
>>> 
>>> Two key questions which haven't been answered yet by Marek:
>>> 1) which software is he using (bind or djbdns)
>>> 2) is he using the local resolver as an authoritative DNS server as
>>> well? (I would hope not, but you never know).
>>> 
>>> I gotta chuckle regarding Marek's name, as there is a commercial email
>>> server called "Marek Mail". :)
>>> 
>>> Thanks, Martin. I'll let you finish up with this one.
>>> --
>>> -Eric 'shubes'
>>> 
>>> On 02/14/2011 01:39 AM, Martin Waschbüsch wrote:
>>>> Seeing as it does not work right now, I don't know where the servers
>>>> are listed on his system. Clearly there must be some configuration
>>>> issue.
>>>> 
>>>> But at the same time, IMHO it is the best solution to ensure there is
>>>> a properly configured local DNS server.
>>>> Such a local DNS server has a config where you can list forwarding
>>>> DNS servers and that is where his name servers should be configured.
>>>> 
>>>> Imagine resolv.conf lists the two outside DNS servers directly.
>>>> Let's assume that the first entry (will be queried first) is down.
>>>> 
>>>> Although the system tries to send 50 individual mails to
>>>> some...@googlemail.com, the mail server will experience a timeout for
>>>> the first name server and only then query the secondary server. All
>>>> that happens 50 times(!)
>>>> Now, if you have a working caching DNS server, as soon as the first
>>>> timeout happened and the secondary DNS server was queried, the local
>>>> server has the DNS entry stored and the remaining 49 messages do not
>>>> encounter any timeout at all.
>>>> 
>>>> Martin
>>>> 
>>>> 
>>>> --
>>>> Martin Waschbüsch
>>>> IT-Dienstleistungen
>>>> Lautensackstr. 16
>>>> 80687 München
>>>> 
>>>> Telefon: +49 89 57005708
>>>> Fax: +49 89 57868023
>>>> Mobil: +49 170 2189794
>>>> mar...@waschbuesch.de
>>>> http://martin.waschbuesch.de
>>>> 
&

Re: [qmailtoaster] DNS temporary failure if one DNS server dont work.

[Martin Waschbüsch]

Seeing as it does not work right now, I don't know where the servers are listed 
on his system. Clearly there must be some configuration issue.

But at the same time, IMHO it is the best solution to ensure there is a 
properly configured local DNS server.
Such a local DNS server has a config where you can list forwarding DNS servers 
and that is where his name servers should be configured.

Imagine resolv.conf lists the two outside DNS servers directly.
Let's assume that the first entry (will be queried first) is down.

Although the system tries to send 50 individual mails to 
some...@googlemail.com, the mail server will experience a timeout for the first 
name server and only then query the secondary server. All that happens 50 
times(!)
Now, if you have a working caching DNS server, as soon as the first timeout 
happened and the secondary DNS server was queried, the local server has the DNS 
entry stored and the remaining 49 messages do not encounter any timeout at all.

Martin


--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 14.02.2011 um 09:06 schrieb Tony White:

> Hi,
>  So what/where are the two dns servers Marek
> says he is using?
> 
> 
> On 14/02/2011 7:02 PM, Martin Waschbüsch wrote:
>> That is not correct!
>> If localhost runs a caching DNS server, it will fetch DNS information from 
>> forwarding DNS servers, which can be the ISP's, Google's, whatever.
>> The whole point of having a local caching DNS server is that it not only 
>> takes care of using all DNS servers it knows about to fetch data, but also 
>> to store that data and prevent DNS-lookup-heavy applications (like E-Mail 
>> servers) to generate lots of additional traffic and overhead.
>> 
>> So, if Marek runs a local DNS server and still gets problems, then we need 
>> to look at that config.
>> If not, he really should install a caching DNS server (named, djbdns, etc.)
>> 
>> In any case, resolv.conf is just fine only pointing to the local server.
>> 
>> Martin
>> 
>> --
>> Martin Waschbüsch
>> IT-Dienstleistungen
>> Lautensackstr. 16
>> 80687 München
>> 
>> Telefon: +49 89 57005708
>> Fax: +49 89 57868023
>> Mobil: +49 170 2189794
>> mar...@waschbuesch.de
>> http://martin.waschbuesch.de
>> 
>> Am 14.02.2011 um 07:59 schrieb Bruno De Leone:
>> 
>>> That means your only DNS is your local DNS so the qmail will never find any 
>>> server outside it's network...
>>> 
>>> You should add the DNS of your preference. For example, to add google's 
>>> DNS, edit the file /etc/resolv.conf and add these lines at the end of the 
>>> file:
>>> 
>>> nameserver 8.8.8.8
>>> nameserver 4.4.4.4
>>> 
>>> On Mon, Feb 14, 2011 at 4:39 AM,  wrote:
>>> In resolv.conf  I have only:
>>> "search localdomain
>>> nameserver 127.0.0.1"
>>> 
>>> 
>>> 
>>> 
>>> - Original Message - From: "Tony White"
>>> 
>>> To:
>>> Sent: Monday, February 14, 2011 2:55 AM
>>> 
>>> Subject: Re: [qmailtoaster] DNS temporary failure if one DNS server dont 
>>> work.
>>> 
>>> 
>>> Marek,
>>>  What order are the dns servers in /etc/resolv.conf?
>>> If they are the failing one on line one then reverse them.
>>> 
>>> On 14/02/2011 9:03 AM, d...@demod.pl wrote:
>>> Thanks for fast reply.
>>> I use 2  named servers.
>>> everyone in different locations. One DNS server is on the same machine as 
>>> qmailtoaster and always on. But when secondary DNS on the other location 
>>> die i canot send email outside.
>>> 
>>> 
>>> - Original Message - From: "Carlos Herrera 
>>> Polo"
>>> To:
>>> Sent: Sunday, February 13, 2011 10:02 PM
>>> Subject: Re: [qmailtoaster] DNS temporary failure if one DNS server dont 
>>> work.
>>> 
>>> 
>>> Djbdns or named
>>> 
>>> 2011/2/13, Martin Waschbüsch:
>>> What you could try is this:
>>> 
>>> Have a local caching DNS server and that takes care of resolving to as many
>>> 'real' DNS servers as you like.
>>> Doing so means that your DNS server (local) is ALWAYS on (unless the daemon
>>> dies) and this problem won't occur again.
>>> 
>>> Martin
>>> 
>>> -- 
>>> Martin Waschbüsch
>>&

Re: [qmailtoaster] DNS temporary failure if one DNS server dont work.

[Martin Waschbüsch]

That is not correct!
If localhost runs a caching DNS server, it will fetch DNS information from 
forwarding DNS servers, which can be the ISP's, Google's, whatever.
The whole point of having a local caching DNS server is that it not only takes 
care of using all DNS servers it knows about to fetch data, but also to store 
that data and prevent DNS-lookup-heavy applications (like E-Mail servers) to 
generate lots of additional traffic and overhead.

So, if Marek runs a local DNS server and still gets problems, then we need to 
look at that config.
If not, he really should install a caching DNS server (named, djbdns, etc.)

In any case, resolv.conf is just fine only pointing to the local server.

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 14.02.2011 um 07:59 schrieb Bruno De Leone:

> That means your only DNS is your local DNS so the qmail will never find any 
> server outside it's network...
> 
> You should add the DNS of your preference. For example, to add google's DNS, 
> edit the file /etc/resolv.conf and add these lines at the end of the file:
> 
> nameserver 8.8.8.8
> nameserver 4.4.4.4
> 
> On Mon, Feb 14, 2011 at 4:39 AM,  wrote:
> In resolv.conf  I have only:
> "search localdomain
> nameserver 127.0.0.1"
> 
> 
> 
> 
> - Original Message - From: "Tony White" 
> 
> To: 
> Sent: Monday, February 14, 2011 2:55 AM
> 
> Subject: Re: [qmailtoaster] DNS temporary failure if one DNS server dont work.
> 
> 
> Marek,
>  What order are the dns servers in /etc/resolv.conf?
> If they are the failing one on line one then reverse them.
> 
> On 14/02/2011 9:03 AM, d...@demod.pl wrote:
> Thanks for fast reply.
> I use 2  named servers.
> everyone in different locations. One DNS server is on the same machine as 
> qmailtoaster and always on. But when secondary DNS on the other location die 
> i canot send email outside.
> 
> 
> - Original Message - From: "Carlos Herrera Polo" 
> 
> To: 
> Sent: Sunday, February 13, 2011 10:02 PM
> Subject: Re: [qmailtoaster] DNS temporary failure if one DNS server dont work.
> 
> 
> Djbdns or named
> 
> 2011/2/13, Martin Waschbüsch :
> What you could try is this:
> 
> Have a local caching DNS server and that takes care of resolving to as many
> 'real' DNS servers as you like.
> Doing so means that your DNS server (local) is ALWAYS on (unless the daemon
> dies) and this problem won't occur again.
> 
> Martin
> 
> -- 
> Martin Waschbüsch
> IT-Dienstleistungen
> Lautensackstr. 16
> 80687 München
> 
> Telefon: +49 89 57005708
> Fax: +49 89 57868023
> Mobil: +49 170 2189794
> mar...@waschbuesch.de
> http://martin.waschbuesch.de
> 
> Am 13.02.2011 um 19:48 schrieb  :
> 
> Hello everyone
> 
> I have a problem with my qmailtoster. When one of my DNS server is down i
> cant send email. When i try send email outside i have an error message:
> DNS temporary failure. This hapen even  if one DNS server  works
> correctly.
> Does anyone know how can I solve it?
> 
> Thanx for you help.
> Marek
> 
> 
> __ Informacja programu ESET NOD32 Antivirus, wersja bazy sygnatur
> wirusow 5835 (20110131) __
> 
> Wiadomosc zostala sprawdzona przez program ESET NOD32 Antivirus.
> http://www.eset.pl lub http://www.eset.com
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and
> packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail:
> qmailtoaster-list-h...@qmailtoaster.com
> 
> 
> 
> 
> 
> -- 
> best wishes
>  Tony White
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
>To uns

Re: [qmailtoaster] DNS temporary failure if one DNS server dont work.

[Martin Waschbüsch]

What you could try is this:

Have a local caching DNS server and that takes care of resolving to as many 
'real' DNS servers as you like.
Doing so means that your DNS server (local) is ALWAYS on (unless the daemon 
dies) and this problem won't occur again.

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 13.02.2011 um 19:48 schrieb  :

> Hello everyone
>  
> I have a problem with my qmailtoster. When one of my DNS server is down i 
> cant send email. When i try send email outside i have an error message:  DNS 
> temporary failure. This hapen even  if one DNS server  works  correctly.
> Does anyone know how can I solve it?
>  
> Thanx for you help.
> Marek
> 
> 
> __ Informacja programu ESET NOD32 Antivirus, wersja bazy sygnatur 
> wirusow 5835 (20110131) __
> 
> Wiadomosc zostala sprawdzona przez program ESET NOD32 Antivirus. 
> http://www.eset.pl lub http://www.eset.com 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Strange Behavior of Domainkey

[Martin Waschbüsch]

Hi all,

The problem with the stock domainkey configuration is that it will only sign 
things when they enter the queue. If any application uses qmail as sendmail 
replacement (e.g. a locally installed squirrelmail or horde webmail can be 
configured to do it), then the message will not be signed.
The DKIM replacement (there was a video Jake did on that) is much better - it 
will sign messages when they LEAVE the system and it can be configured to do 
DKIM and Domainkeys.

I'd really recommend replacing the stock domainkeys config by the dkim 
enhancement. There should also be a page on the wiki about it.

Thanks,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 28.12.2010 um 18:53 schrieb Eric Shubert:

> The stock qmail-dk is just plain broken. It sometimes works, but it also 
> fails to sign properly in some (unpredictable AFAICT) circumstances. I 
> recommmend using DKIM if you really need to sign messages with a key.
> -- 
> -Eric 'shubes'
> 
> On 12/28/2010 10:34 AM, ya...@ardmail.com wrote:
>> SPF is configured and not causing any problem in both cases.
>> I was contemplating the possibility that it could be some difference in
>> the config line for localhost vs anything else, but i made them identical
>> as well. and it doesn't help :(
>> 
>> 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",RBLSMTPD="",NOP0FCHECK="1"
>> 192.168.1.60:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",RBLSMTPD="",NOP0FCHECK="1"
>> :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKSIGN="/var/qmail/control/domainkeys/%/private"
>> 
>> 
>> 
>> 
>>> On 12/28/2010 02:36 AM, Anil Aliyan wrote:
>>>> Is your tcp.smtp configuration for localhost or mailserver and you
>>>> client
>>>> has the same configuration?
>>> 
>>> This is on the right track. The 'stock' configuration for squirrelmail
>>> presently uses an open relay configuration for localhost, with no
>>> authentication (this will hopefully change in v2). For the sake of
>>> consistency (and a little better security), I change my SM config to
>>> submit via port 587 and authenticate, and remove the 127.: line from
>>> tcp.smtp. See http://wiki.qmailtoaster.com/index.php/Fetchmail for such
>>> SM configuration.
>>> 
>>> I expect that this will not fix your problem, and will cause the problem
>>> to exist with SM as well as Outlook. There's something to be said for
>>> consistency. ;)
>>> 
>>> How have you implemented DK? The 'stock' configuration is a bit flakey.
>>> I think that there is a DKIM implementation that works well, although I
>>> haven't used it personally yet. I would look into DKIM (as opposed to
>>> using DK) if you haven't already.
>>> 
>>>> Have you configured SPF records for your clients network in your DNS
>>>> records?
>>> 
>>> Shouldn't need this, as SPF has to do with the server which sends the
>>> message, not client (origin) addresses.
>>> 
>>>> Regards,
>>>> 
>>>> Anil Aliyan
>>> 
>>> Thanks for your input, Anil. I'll let you help Yuri on this further.
>>> 
>>>> -Original Message-
>>>> From: ya...@ardmail.com [mailto:ya...@ardmail.com]
>>>> Sent: 28 December 2010 14:36
>>>> To: qmailtoaster-list@qmailtoaster.com
>>>> Subject: [qmailtoaster] Strange Behavior of Domainkey
>>>> 
>>>> 
>>>> Hello,
>>>> 
>>>> I noticed very strange behavior of domainkey with yahoo :( if i am
>>>> sending
>>>> the mail from squirrelmail everything works and yahoo passing the
>>>> signature.
>>>> if i am sending the same mail from outlook client yahoo says the
>>>> signature
>>>> is bad.
>>>> 
>>>> is this a problem of my configuration?
>>>> Any help will be appreciated.
>>>> 
>>>> Thanks,
>>>> 
>>>> ~yuri
>>>> 
>>>> 
>>>> 
>>>> 
>>>> -
>>>> Qmailtoaster is sponsored by V

Re: [qmailtoaster] horde question

[Martin Waschbüsch]

Hi Rajesh,

I think what you are referring to is easily explained: Horde will by default 
display attachments inline (e.g. in the message) if it understands the 
mime-type. That way, you can see pictures and PDF, etc. in the email without 
opening it, but only if horde has been configured to understand the mime-type.
For a list of types that are supported, check out:

horde/imp/config/mime_drivers.php

It lists message/partial as one of the supported mime-types and in the detailed 
section on that mime-type, it says:

'inline' => true

and will therefore display that inline in messages.
You can change the inline option of each mime-type by changing

'inline' => true
to
'inline' => false

This would then force the attachment to be displayed as attachment only.

Cheers,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 22.12.2010 um 17:42 schrieb Rajesh M:

> hi
> 
> i am testing out horde due html mail issues in squirrelmail
> 
> had a quesions
> 
> when i forward an email as an attachment (not message body forward) then
> the email gets delivered but when the email is opened the recipient who is
> also using horde entire email is displayed in the form of email headers
> and source code
> 
> in squirrelmail the same shows up as an attachment and on opening it shows
> the correct formatting and can be forwarded / replied to etc. it also
> shows up correctly in outlook and Thunderbird as an attachment
> 
> i want horde to display this like squirrelmail does ie as an attachment
> which can be forwarded, replied to etc
> 
> has anybody experienced such a problem what can be the possible solution
> to this ?
> 
> thanks
> rajesh
> 
> 
> 
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] errors

[Martin Waschbüsch]

Hi,

Can you verify if the content of /var/qmail/control//me is indeed a FQDN that 
resolves into your IP and also matches the greeting in 
/var/qmail/control/smtpgreeting?

Thanks,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 08.12.2010 um 23:10 schrieb sysad...@tricubemedia.com:

> Hi List
> 
> Getting this error from one domain.
> 
> *.*.*.* does not like recipient.
> Remote host said: 554 5.7.1 This message has been blocked because the
> HELO/EHLO domain is invalid.
> Giving up on *.*.*.*
> 
> does this mean the recipient sis blocking our emails?
> 
> Thanks
> 
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] New to List and Qmail-Toaster

[Martin Waschbüsch]

Am 09.12.2010 um 23:50 schrieb keith smith:

> 
> Also can you point me to the latest and / or best instruction for CentOS/RHEL 
>  Thanks!
> 
> 
> Keith Smith

That would be

http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install

And welcome to the list! ;-)

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Blackberry

[Martin Waschbüsch]

Perhaps z-push would be a possible solution?

I installed z-push on my box. It will allow for push-mail if you treat it as an 
Exchange account. (Will also work with iPhones).

Some useful information: 

http://www.hoshuha.com/blog/dovecot-and-iphone-push.html

This information assumes that you use dovecot, though. Since I had replaced 
courier with dovecot anyway, it was no real issue for me.

Generic information / Download of source code is here:

https://developer.berlios.de/project/showfiles.php?group_id=8963

Cheers,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 01.12.2010 um 17:45 schrieb Emmanuel Buamah:

> 
> So how can I make qmailtoaster push the mails to blackberry?
> 
> --- On Wed, 12/1/10, Carlos Herrera Polo  wrote:
> 
> From: Carlos Herrera Polo 
> Subject: Re: [qmailtoaster] Blackberry
> To: qmailtoaster-list@qmailtoaster.com
> Date: Wednesday, December 1, 2010, 2:15 AM
> 
> Blackberry BIS download the mails from qmailtoaster by pop3 or imap4. 
> 
> 2010/12/1 Emmanuel Buamah 
> Hi,
> 
> I can receive and send email on my blackberry alright. But I want to know if 
> it is blackberry that is downloading the mails from qmailtoaster or 
> qmailtoaster is pushing it.
> 
> In case qmailtoaster is not pushing it, how can I make it push the mails to 
> the blackberry rather than blackberry downloading it?
> 
> 
> Cheers
> 
> Emmauel
> 
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] max recipients

[Martin Waschbüsch]

Hi Tony,

check your tcp.smtp file and see if it has a value for chkuser...

CHKUSER_RCPTLIMIT="50"

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 27.11.2010 um 06:31 schrieb Tony White:

> Hi folks,
>  I am a little confused! I have set the spamdyke
> max recipients to 50 but emails are stopped at
> 10!
>  Is there somewhere else I need to make a change
> please?
> 
> -- 
> best wishes
>  Tony White
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: POP3 Authentication on CentOS 5.5 64Bit

[Martin Waschbüsch]

Ps: did you use the 64bit specific packages to install the toaster?

Von meinem iPhone gesendet

Am 18.11.2010 um 09:00 schrieb Kevin Qiu :

> Hello Erik,
> 
> I had built the version 5.4.32 of vpopmail, and upgraded it. It has same 
> errors with pop3.  I don't know how to fix them.
> 
> I'd like to work on 64bit Linux. But it doesn't work well. There are some 
> errors below.
> 
> telnet localhost 587
> 
> @40004ce4d4cb1b7f67e4 tcpserver: ok 18614 
> mail.foxitsoftware.com:127.0.0.1:587 :127.0.0.1::52021
> @40004ce4d4cb1b962c04 /var/qmail/bin/qmail-smtpd: error while loading 
> shared libraries: libselinux.so.1: failed to map segment from shared object: 
> Cannot allocate memory
> 
> cat /var/qmail/supervise/submission/run |grep softlimit
> exec /usr/bin/softlimit -m 4800 \
> 
> It looks same error when telnet localhost 465, but 25 work fine.
> 
> @40004ce4c31b390f4eb4 tcpserver: ok 17788 
> mail.foxitsoftware.com:127.0.0.1:465 :127.0.0.1::36508
> @40004ce4c31b3918fb44 /var/qmail/bin/qmail-smtpd: error while loading 
> shared libraries: libmysqlclient.so.16: failed to map segment from shared 
> object: Cannot allocate memory
> 
> cat /var/qmail/supervise/smtp-ssl/run |grep softlimit
> exec /usr/bin/softlimit -m 6400 \
> 
> free -m
> total   used   free sharedbuffers cached
> Mem:  7997   1409   6587  0 47824
> -/+ buffers/cache:537   7459
> Swap:10239  0  10239
> 
> When I use mail client to connect pop3, there is an error. It can not be 
> found in the logs.
> 
> /home/vpopmail/bin/vchkpw:error while loading shared 
> libraries:libselinux.so.1:failed to map segment from shared object:
> cannot allocate memory
> 
> The others ports (25, 143, 993, 995) look well. I can send and receive email.
> 
> Kevin
> 
> 于 2010年11月18日 14:16, Kevin Qiu 写道:
>> Hello Erik,
>> 
>> I'd like try the new package. The old version doesn't work under 64bit 
>> Linux. Where could I download it?
>> 
>> Kevin
>> 
>> 于 2010年11月12日 18:58, Eric Shubert 写道:
>>> TTBOMK the plan is presently to jump to vpopmail 5.5 with QMTv2.
>>> 
>>> Going from 5.4.32 from 5.4.17 would be nice. It involves a database change, 
>>> which qtp-convert is already able to handle.
>>> 
>>> I believe that Jake's too busy to take this on. If someone would like to 
>>> update the spec file and package an SRPM, I expect that Jake would 
>>> entertain putting it up on the site if/when people have tested it out.
>>> 
>>> Anyone care to take this on?
>>> 
>> 
>> -
>>  
>> Qmailtoaster is sponsored by Vickers Consulting Group 
>> (www.vickersconsulting.com)
>>   Vickers Consulting Group offers Qmailtoaster support and installations.
>> If you need professional help with your setup, contact them today!
>> -
>>  
>>Please visit qmailtoaster.com for the latest news, updates, and packages.
>> To unsubscribe, e-mail: 
>> qmailtoaster-list-unsubscr...@qmailtoaster.com
>>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>> 
>> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: POP3 Authentication on CentOS 5.5 64Bit

[Martin Waschbüsch]

Kevin, you are confusing me here: the Ports you mention are not pop3, but smtp. 
can you clarify?

Martin

Von meinem iPhone gesendet

Am 18.11.2010 um 09:00 schrieb Kevin Qiu :

> Hello Erik,
> 
> I had built the version 5.4.32 of vpopmail, and upgraded it. It has same 
> errors with pop3.  I don't know how to fix them.
> 
> I'd like to work on 64bit Linux. But it doesn't work well. There are some 
> errors below.
> 
> telnet localhost 587
> 
> @40004ce4d4cb1b7f67e4 tcpserver: ok 18614 
> mail.foxitsoftware.com:127.0.0.1:587 :127.0.0.1::52021
> @40004ce4d4cb1b962c04 /var/qmail/bin/qmail-smtpd: error while loading 
> shared libraries: libselinux.so.1: failed to map segment from shared object: 
> Cannot allocate memory
> 
> cat /var/qmail/supervise/submission/run |grep softlimit
> exec /usr/bin/softlimit -m 4800 \
> 
> It looks same error when telnet localhost 465, but 25 work fine.
> 
> @40004ce4c31b390f4eb4 tcpserver: ok 17788 
> mail.foxitsoftware.com:127.0.0.1:465 :127.0.0.1::36508
> @40004ce4c31b3918fb44 /var/qmail/bin/qmail-smtpd: error while loading 
> shared libraries: libmysqlclient.so.16: failed to map segment from shared 
> object: Cannot allocate memory
> 
> cat /var/qmail/supervise/smtp-ssl/run |grep softlimit
> exec /usr/bin/softlimit -m 6400 \
> 
> free -m
> total   used   free sharedbuffers cached
> Mem:  7997   1409   6587  0 47824
> -/+ buffers/cache:537   7459
> Swap:10239  0  10239
> 
> When I use mail client to connect pop3, there is an error. It can not be 
> found in the logs.
> 
> /home/vpopmail/bin/vchkpw:error while loading shared 
> libraries:libselinux.so.1:failed to map segment from shared object:
> cannot allocate memory
> 
> The others ports (25, 143, 993, 995) look well. I can send and receive email.
> 
> Kevin
> 
> 于 2010年11月18日 14:16, Kevin Qiu 写道:
>> Hello Erik,
>> 
>> I'd like try the new package. The old version doesn't work under 64bit 
>> Linux. Where could I download it?
>> 
>> Kevin
>> 
>> 于 2010年11月12日 18:58, Eric Shubert 写道:
>>> TTBOMK the plan is presently to jump to vpopmail 5.5 with QMTv2.
>>> 
>>> Going from 5.4.32 from 5.4.17 would be nice. It involves a database change, 
>>> which qtp-convert is already able to handle.
>>> 
>>> I believe that Jake's too busy to take this on. If someone would like to 
>>> update the spec file and package an SRPM, I expect that Jake would 
>>> entertain putting it up on the site if/when people have tested it out.
>>> 
>>> Anyone care to take this on?
>>> 
>> 
>> -
>>  
>> Qmailtoaster is sponsored by Vickers Consulting Group 
>> (www.vickersconsulting.com)
>>   Vickers Consulting Group offers Qmailtoaster support and installations.
>> If you need professional help with your setup, contact them today!
>> -
>>  
>>Please visit qmailtoaster.com for the latest news, updates, and packages.
>> To unsubscribe, e-mail: 
>> qmailtoaster-list-unsubscr...@qmailtoaster.com
>>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>> 
>> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients

[Martin Waschbüsch]

What's the SPF record say? It should list the IPs and some options...

Von meinem iPhone gesendet

Am 16.11.2010 um 07:26 schrieb Tony White :

> Hello Martin,
>  Thank you for your reply! I will investigate domainkeys now but the
> SPF has been implemented for some time now...
> 
> 
> On 16/11/2010 5:11 PM, Martin Waschbüsch wrote:
>> SPF and domainkeys can be used to do this. The policy for SPF could be set 
>> to designating only your ip as valid and the skim/domainkeys policy be set 
>> to 'all messages are signed'.
>> That should guarantee that your server will correctly identify these mails 
>> as forgery. However, check your rules in tcp.smtp - if one of your clients 
>> spams due to virus etc., that might bypass all protections depending on the 
>> settings...
>> 
>> Von meinem iPhone gesendet
>> 
>> Am 16.11.2010 um 04:43 schrieb Tony White:
>> 
>>> Hello,
>>>  Is there a way of verifying the From address that claims to be from one of 
>>> the domains
>>> hosted here is a valid email address? There has been an increase of spam 
>>> using one or
>>> more the domains hosted on my servers.
>>>  I am still searching the web but no searches found yet!
>>> 
>>> -- 
>>> 
>>> best wishes
>>>  Tony White
>>> 
>>> 
>>> -
>>> Qmailtoaster is sponsored by Vickers Consulting Group 
>>> (www.vickersconsulting.com)
>>>   Vickers Consulting Group offers Qmailtoaster support and installations.
>>> If you need professional help with your setup, contact them today!
>>> -
>>>Please visit qmailtoaster.com for the latest news, updates, and packages.
>>> To unsubscribe, e-mail: 
>>> qmailtoaster-list-unsubscr...@qmailtoaster.com
>>>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>> 
>>> 
>> -
>> Qmailtoaster is sponsored by Vickers Consulting Group 
>> (www.vickersconsulting.com)
>> Vickers Consulting Group offers Qmailtoaster support and installations.
>>   If you need professional help with your setup, contact them today!
>> -
>>  Please visit qmailtoaster.com for the latest news, updates, and 
>> packages.
>> 
>>   To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>>  For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>> 
>> 
>> 
>> 
> 
> -- 
> best wishes
>  Tony White
> 
> Yea Computing Services
> http://www.ycs.com.au
> 4 The Crescent
> Yea
> Victoria
> Australia 3717
> 
> Telephone No's
> VIC : 03 5797 3344
> VIC : 03 9008 5614
> TAS : 03 6107 9099
> NT  : 08 8921 4049
> SA  : 08 7123 0847
> NSW : 02 8014 5547
> QLD : 07 3123 6647
> WA  : 08 6365 2199
> FAX : 03 9008 5610 (FAX2Email)
> FAX : 03 5797-3288
> 
> 
> 
> IMPORTANT NOTICE
> 
> This communication including any file attachments is intended solely for
> the use of the individual or entity to whom it is addressed. If you are
> not the intended recipient, or the person responsible for delivering
> this communication to the intended recipient, please immediately notify
> the sender by email and delete the original transmission and its
> contents. Any unauthorised use, dissemination, forwarding, printing or
> copying of this communication including file attachments is prohibited.
> It is your responsibility to scan this communication including any file
> attachments for viruses and other defects. To the extent permitted by
> law, Yea Computing Services and its associates will not be liable for
> any loss or damage arising in any way from this communication including
> any file attachments.
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> 

Re: [qmailtoaster] re Invalid rcpthosts client email addresses sending emails to other rcpthosts clients

[Martin Waschbüsch]

SPF and domainkeys can be used to do this. The policy for SPF could be set to 
designating only your ip as valid and the skim/domainkeys policy be set to 'all 
messages are signed'.
That should guarantee that your server will correctly identify these mails as 
forgery. However, check your rules in tcp.smtp - if one of your clients spams 
due to virus etc., that might bypass all protections depending on the 
settings...

Von meinem iPhone gesendet

Am 16.11.2010 um 04:43 schrieb Tony White :

> Hello,
>  Is there a way of verifying the From address that claims to be from one of 
> the domains
> hosted here is a valid email address? There has been an increase of spam 
> using one or
> more the domains hosted on my servers.
>  I am still searching the web but no searches found yet!
> 
> -- 
> 
> best wishes
>  Tony White
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Please tell me how to accomplish these features

[Martin Waschbüsch]

Actually, I was wrong:

According to http://www.qmailwiki.org/Simscan/Guide

you can set per domain and per email address settings in the simcontrol file. 
However, it requires recompiling simscan. But we seem to already be using the 
latest simscan version (1.4.0) in QMT.

Thanks,

Martin


--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 31.10.2010 um 03:59 schrieb Randy Katz:

> Hi,
> 
> I am sorry if these are on the list but I cannot find the latest and good 
> instructions. I want to know how
> to do the following:
> 
> 1. Automatically delete spam that is over a certain threshold as it comes 
> into the server.
> 2. Set per user thresholds.
> 
> Thank you in advance,
> Randy Katz
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Please tell me how to accomplish these features

[Martin Waschbüsch]

Hi Randy,

To my knowledge, there is currently no straightforward way to adjust thresholds 
on a per user (or even per domain) basis. Maybe recent/future versions of 
simscan have that? I don't know.

On the bright side: It is very easy to adjust the score above which simscan 
will throw mail away:

In '/var/qmail/control/simcontrol' you might have a line in there that looks 
roughly like this:

:clam=yes,spam=yes,attach=.mp3:.src:.bat:.pif

just modify it to read something like this:

:clam=yes,spam=yes,spam_hits=8,attach=.mp3:.src:.bat:.pif

The number after spam_hits is the threshold for throwing away mail. After 
editing that file, you would have to run

qmailctl cdb

to bring the changes over to the simcontrol.cdb file.


Cheers,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 31.10.2010 um 03:59 schrieb Randy Katz:

> Hi,
> 
> I am sorry if these are on the list but I cannot find the latest and good 
> instructions. I want to know how
> to do the following:
> 
> 1. Automatically delete spam that is over a certain threshold as it comes 
> into the server.
> 2. Set per user thresholds.
> 
> Thank you in advance,
> Randy Katz
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: smtp greeting banner frustration

[Martin Waschbüsch]

> Hi Eric,
> 
> Please don't take this the wrong way but we appear to be talking at cross
> purposes. You reference the EHLO string which is of course the outbound
> string, used to identify a server to the recipient host. I am referring to
> the SMTP Greeting String used to identify the local Receiving sever to the
> remotely connecting sending server. It is also called the SMTP Banner
> depending upon the tech used. The EHLO String, in operational terms, has to
> be both correctly authorised for the sending domain (present in SPF and/or
> listed as an MX server) and reverse resolvable to the same FQDN. I agree
> that this is not in the RFCs but it is certainly affecting sending
> reputation when this is not the case. Therefore the sending 'servers' for a
> given domain, if they are themselves within that domain, in practical terms,
> must forward and reverse resolve mirroring each other and offer both the
> correct banner greeting EHLO and SMTP Greeting in order to be considered
> complete within the domain space itself. 
> 

See, that is what I don't understand. Imagine you have three domains, 
domain1/2/3.tld.

all of them could have an MX entry like this:

IN  MX  10  server.yetanotherdomain.org

and that would be 100% correct and compliant with the RFCs.

You can then add the IP of that server to those domains SPF record, add 
domainkeys and whatnot.
IF any receiving mail server has a problem with server.yetanotherdomain.org 
sending in the name of either of your three domains, then I would argue that 
that receiving mail server does not conform to the RFCs in question.

Granted, if, for any reason, someone explicitly wants that sort of setup where 
the MX for domain1.tld is of that domain, then that is a different story. But 
that is just a (valid) subset of the more generic (also 100% valid) way this 
can be implemented.
So, I guess it really comes down to a decision of: Do you want to comply with 
the, let's say "not really necessary, but of course valid" request of your 
clients or do you fall back on the more generic way the RFCs specify how mail 
works?

Or in other words: To my knowledge, there is nothing in the RFCs that prevents 
you from doing what I described above. Of course, it's still your choice.

Martin
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] smtp greeting banner frustration

[Martin Waschbüsch]

Well, it is perfectly ok to have the same FQDN listed as MX for several 
domains. the MX's FQDN does not have to be of the same domain.
So, you could greet everyone with the same, valid, FQDN and never worry about 
the other stuff?

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 28.10.2010 um 14:25 schrieb Edward Finlayson:

> Hi Tony,
> 
> This would be true for a single domain, however my setup is more like that
> below:
> 
> 127.0.1.1 mail.domina1.com
> 127.0.1.2 smtp.domain2.co.uk
> 127.0.8.30mail.domain30.net
> 127.0.8.90mail.domain90.com
> 127.2.1.112   mx1.domain112.org
> 
> Obviously, I've obfuscated the real addresses and domains but the layout
> above is representative.
> 
> Thanks again Tony,
> 
> Fin 
> 
> 
> -Original Message-
> From: Tony White [mailto:t...@ycs.com.au] 
> Sent: 28 October 2010 13:17
> To: qmailtoaster-list@qmailtoaster.com
> Subject: Re: [qmailtoaster] smtp greeting banner frustration
> 
> My first reply does not seem to have arrive so I will try again...
> 
> If I understand your question it should be as easy as
> editing the smtpgreeting file to reflect the rDNS value.
> 
> ie edit /var/qmail.control/smtpgreeting to
> mail.domain.com
> 
> 
> 
> 
> On 28/10/2010 10:31 PM, Anil Aliyan wrote:
>> 
>> This happens because you smtp service is listening on all ip addresses. If
> you want to send separate greeting message 
>> individual domains you'll have to configure multiples instances of smtp
> services for all the domains on your server. I am 
>> not an expert but this my own understanding, I could be wrong.
>> 
>> Regards,
>> 
>> Anil Aliyan
>> 
>> *From:*Edward Finlayson [mailto:edward.finlay...@btinternet.com]
>> *Sent:* 28 October 2010 16:02
>> *To:* qmailtoaster-list@qmailtoaster.com
>> *Subject:* [qmailtoaster] smtp greeting banner frustration
>> 
>> Hi Everyone,
>> 
>> I was wondering if any list member would be able to help.
>> 
>> I have a number of domains, on separate IP addresses but whenever a server
> connects to the server it receives the same 
>> SMTP greeting:
>> 
>> 220 *cpa2.localdomain* - Welcome to Qmail Toaster Ver. 1.3 SMTP Server
> ESMTP
>> 
>> Whereas the hostname should only be the one which reverse resolves in DNS
> i.e. mail.domain.com
>> 
>> Does anyone know how I would go about enabling this compliance with RFC821
> 4.3 and RFC2821 4.3.1
>> 
>> Any help will be gratefully received,
>> 
>> Fin
>> 
> 
> -- 
> best wishes
>   Tony White
> 
> 
> 
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> 
> -
> Please visit qmailtoaster.com for the latest news, updates, and
> packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail:
> qmailtoaster-list-h...@qmailtoaster.com
> 
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] re: qtp-newmodel failure

[Martin Waschbüsch]

Hi,

Do you have the fuse utilities installed?

yum install fuse

Perhaps that's what you're missing...

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 28.10.2010 um 10:34 schrieb Maxwell Smart:

> I have a fresh install of the QMTISO with yum updates completed and qtp 
> installed.  I tried to update the toaster using the newmodel and got this 
> error.
> 
> Would you like a unionfs/overlay sandbox? (recommended) [y]/n:
> 
> Using FUSE union filesystem ...
> qtp-mount-sandbox v0.3.3
> qtp-mount-sandbox - updating dependencies ...
> Loaded plugins: fastestmirror
> Loading mirror speeds from cached hostfile
> * addons: mirror.san.fastserv.com
> * base: centos.promopeddler.com
> * extras: mirror.hmc.edu
> * rpmforge: apt.sw.be
> * updates: mirrors.cat.pdx.edu
> Setting up Update Process
> No Packages marked for Update
> fuse: device not found, try 'modprobe fuse' first
> FATAL: Module fuse not found.
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> fuse: device not found, try 'modprobe fuse' first
> mount: mount point /mnt/qtp-sandbox/var/lib/rpm does not exist
> cp: target `/mnt/qtp-sandbox/var/lib/rpm' is not a directory
> qtp-mount-sandbox: sandbox was not mounted successfully
> 
> qtp-newmodel - qtp-mount-sandbox failed, exiting
> 
> 
> # modprobe fuse
> 
> FATAL: Module fuse not found.
> 
> 
> 
> -- 
> Cecil Yother, Jr. "cj"
> cj's
> 2318 Clement Ave
> Alameda, CA  94501
> 
> tel 510.865.2787
> http://yother.com
> Check out the new Volvo classified resource http://www.volvoclassified.com
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qmail security questions

[Martin Waschbüsch]

Hi there,

As to the first question, qmailadmin allows for that. It is included with 
qmailtoaster and allows people to set various settings such as autorespond, 
forwarding, password, etc. People log in using their email (split in local part 
and domain part) & email password.

As to the second, I am unsure. I know that for instance dovecot v2.x (not part 
of QMT) is able to store all mails in compressed format, so it is conceivable 
it could also use encryption. But let me ask: to what end?
Somewhere on the server the password must be stored in order for the mail 
server to be able to de/encrypt the mail?
But of course, you could use e.g. filesystem encryption. E.g. when installing 
CentOS, you have an option to do so. Or, you could probably move 
/home/vpopmail/domains to an encrypted filesystem.

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 15.10.2010 um 09:53 schrieb Digital Instruments:

> Greetings List,
> 
> I have 2 questions i couldn't find a reply, may you please help me?
> 
> 1) I'd like to know if it's possible for the users of a domain change their 
> e-mail password (and if yes, how).
> 2) Is it possible to crypt (and encrypt) all the e-mail on the server? (and 
> if yes, how)
> 
> Thanks in advance
> Cheers, Alberto.
> Nessun virus nel messaggio in uscita.
> Controllato da AVG - www.avg.com
> Versione: 9.0.862 / Database dei virus: 271.1.1/3197 -  Data di rilascio: 
> 10/14/10 20:34:00
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qmail logfile archiving

[Martin Waschbüsch]

Hi there,

the two values are just variables used to do this:

The "s" command is used to specify the maximum size of each file before it gets 
renamed, and the "n"> command to specify the maximum number of old log files 
which may exist before they are deleted. For example...

multilog t n16 s1048576 ./main

This allows each file to grow up to 1MB (1048576 bytes) and allows up to 16 
files to exist before the oldest files are deleted.

So, the way you currently have it, you could have 'logcount' files of a 
'logsize' file size before overwriting old log data,

Your main problem is going to be that neither of these values has anything 
whatsoever to do with timestamps - how far your log reaches into the past 
totally depends on the amount of data logged. You could try setting logcount to 
something *really* large, though and then periodically delete all log files 
older than the desired amount of time logged...

like: find /path/to/files* -mtime +30 -delete

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 12.10.2010 um 18:44 schrieb PJF:

> Hi,
> 
> I need to keep at least 1 month of all mail logs, everything that logs via:
> 
> /var/qmail/supervise/*/log
> 
> I'm hoping I can use something like logrotate to rotate out logfiles, or
> have the same functionality of rotated out logs...
> 
> Looking at the log/run files I see it reads some settings for multilog from:
> 
> LOGSIZE=`cat /var/qmail/control/logsize`
> LOGCOUNT=`cat /var/qmail/control/logcount`
> 
> Should I just up the logsize? I've got plenty of disk space.
> 
> I'm going over the miltilog man page and it is not obvious to me what the
> most efficient way of accomplishing this is :)
> 
> Any suggestions or a point in the right direction would be appreciated.
> 
> Thanks in advance.
> 
> --
> PJF
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Global Address List in QmailToaster...

[Martin Waschbüsch]

Horde supports many backends including LDAP. It is the official web client for 
the kolab groupware server, btw.

But of course it also offers its own calendar and contact list sharing backends 
(through one of a list of database servers such as oracle, postgresql, mysql, 
etc.).

Also, it offers syncml out of the box, so in connection with e.g. Funambol, you 
can have tight integration with Outlook.

Martin

Von meinem iPhone gesendet

Am 07.10.2010 um 16:51 schrieb Eric Shubert :

> Bilgehan Poyraz (Telcoset) wrote:
>> Hello everyone,
>> Our customer want to Global Address list in outlook 2010.
>> Can we use LDAP integration with Qmailtoaster?
>> Or have you any other ideas for this situation?
>> Bilgehan POYRAZ
>> -
> 
> Thanks for the question, Bilgehan. This capability has become a higher 
> priority for me as well lately.
> 
> LDAP can of course be used for many things. As Jake alluded to, LDAP use for 
> account management (in place of MySQL) is not presently implemented. I hope 
> that with vpopmail 5.5, an LDAP back end will be an option. We'll have to 
> wait and see how that goes. The OpenLDAP authentication module for vpopmail 
> v5.5 is "nearing completion" according to the developer, as of last Friday. I 
> hope to help test it when it becomes available. Any other testers will be 
> welcomed I'm sure.
> 
> Regarding using LDAP for address books (contact information), that's another 
> matter (different data being stored). The only intersection of this with QMT 
> would be with Client apps, which is presently just squirrelmail-toaster. I 
> don't know about an LDAP address book for SM, but I expect there probably is 
> a SM addon for that. Does anyone here know know about how SM implements such 
> a thing?
> 
> Are there any Horde users here that are familiar with how Horde implements 
> global/shared address books?
> 
> AFA a Global Address list for Outlook is concerned, that would be outside of 
> QMT's scope. However, I would very much like to see a Global Address Book 
> package (based on OpenLDAP) which could be used with any number of client 
> programs. Sort of an Address Book Server package. Perhaps this could be 
> released as part of QTP. Ideas?
> 
> -- 
> -Eric 'shubes'
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Problem using qtp-newmodel on fedora 11

[Martin Waschbüsch]

Hi Eric,

The way I see it, this happened:

Jake created the updated package using the same patch he had used for the 
original 0.96 build. It is still valid, but the conf file to patch changed 
slightly, so the patch hunks have some offset.
Now, for some reason, Fedora's build system enforces patch to run with fuzz=0, 
which causes this to break.
All I did was expand the current clamav package, apply the patch without the 
fuzzy option and created a new patch by using 'diff -Naur' just like the 
original patch from Jake's package.
The only thing that changed is line numbers in the .patch file. The content is 
otherwise identical.

So, yes, it is 100% compatible, it works for all distros and I guess 
re-creating the patch in this way should always be done to keep these problems 
from appearing. However, it does mean one or two more steps for the packager 
and, unless you use a system that enforces fuzzy=0, you'd not ever notice it in 
the first place.

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 06.10.2010 um 22:14 schrieb Eric Shubert:

> Next question is, does it work with other distros? (Is it backwards 
> compatible?) Is there one setting that that works for all, or does this need 
> to be a per-distro setting?
> 
> -- 
> -Eric 'shubes'
> 
> Martin Waschbüsch wrote:
>> Any Time! :-)
>> Von meinem iPhone gesendet
>> Am 06.10.2010 um 21:34 schrieb petrus > <mailto:petr...@gmail.com>>:
>>> 
>>> 
>>> 2010/10/6 Martin Waschbüsch < 
>>> <mailto:mar...@waschbuesch.de>mar...@waschbuesch.de 
>>> <mailto:mar...@waschbuesch.de>>
>>> 
>>>OK,
>>> 
>>>Please give this one a try:
>>> 
>>>
>>> <http://martin.waschbuesch.de/clamav-toaster-0.96.3-1.3.38.src.rpm>http://martin.waschbuesch.de/clamav-toaster-0.96.3-1.3.38.src.rpm
>>> 
>>>Cheers,
>>> 
>>> 
>>> Yes this works.
>>> Thank you!
>>> 
>>> /p
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Problem using qtp-newmodel on fedora 11

[Martin Waschbüsch]

Any Time! :-)

Von meinem iPhone gesendet

Am 06.10.2010 um 21:34 schrieb petrus :

> 
> 
> 2010/10/6 Martin Waschbüsch 
> OK,
> 
> Please give this one a try:
> 
> http://martin.waschbuesch.de/clamav-toaster-0.96.3-1.3.38.src.rpm
> 
> Cheers,
> 
> 
> Yes this works.
> Thank you!
> 
> /p 

Re: [qmailtoaster] Re: Problem using qtp-newmodel on fedora 11

[Martin Waschbüsch]

OK,

Please give this one a try:

http://martin.waschbuesch.de/clamav-toaster-0.96.3-1.3.38.src.rpm

Cheers,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 06.10.2010 um 19:57 schrieb Martin Waschbüsch:

> Something weird is going on.
> 
> When I try the following:
> 
> cd SOURCES
> tar xjvf clamav-0.96.3.tar.bz2
> bunzip2 clamav-0.96.0.patch.bz2
> cd clamav-0.96.3
> patch -p1 <../clamav-0.96.0.patch
> 
> I get some warnings about offsets / fuzz, but it is alright.
> 
> Now, if I use the command options that show up for you (forcing fuzz to be 0):
> 
> /usr/bin/patch -s -p1 --fuzz=0 <../clamav-0.96.0.patch
> 
> I get the same error message.
> 
> 
> 
> Then I wondered why on Centos, it does not use these options and searched fro 
> them in the SOURCE folder:
> 
> grep -R -l -i 'fuzz=0' *
> 
> No file contains that.
> 
> Now, this looks like there is some ENV variable set on your system that adds 
> parameters to patch by default that does not exist on other systems.
> 
> After some google, I found that indeed 'fuzz=0' is indeed part of the default 
> rpmbuild environment on Fedora.
> Now, there are two possible solutions for it, we could re-base the patch 
> (e.g. make sure no fuzz occurs) and repackage the thing, OR you could try 
> adding
> 
> %define _default_patch_fuzz 2
> 
> to the spec file and see if that helps!
> 
> I'll work on the no-fuzz package in the meantime - perhaps Jake can put that 
> on the server...
> 
> Martin
> 
> --
> Martin Waschbüsch
> IT-Dienstleistungen
> Lautensackstr. 16
> 80687 München
> 
> Telefon: +49 89 57005708
> Fax: +49 89 57868023
> Mobil: +49 170 2189794
> mar...@waschbuesch.de
> http://martin.waschbuesch.de
> 
> Am 06.10.2010 um 19:12 schrieb petrus:
> 
>> The contents off clamd.conf.rej
>> 
>> --- etc/clamd.conf  2010-03-31 08:17:12.0 -0400
>> +++ etc/clamd.conf  2010-04-09 01:34:54.0 -0400
>> @@ -49,7 +49,7 @@
>> 
>> # Enable verbose logging.
>> # Default: no
>> -#LogVerbose yes
>> +LogVerbose yes
>> 
>> # This option allows you to save a process identifier of the listening
>> # daemon (main thread).
>> 
>> 
>> 
>> 
>> On Wed, Oct 6, 2010 at 6:38 PM, Eric Shubert  wrote:
>> petrus wrote:
>> qtp-whatami returns
>> qtp-whatami v0.3.6
>> DISTRO=Fedora
>> OSVER=11
>> QTARCH=i686
>> QTKERN=2.6.30.10-105.2.23.fc11.i586
>> BUILD_DIST=fedora_11
>> BUILD_DIR=/root/rpmbuild
>> This machine's OS is supported and has been tested
>> 
>> so using fedora_11, still produces the same error.
>> Patch #0 (clamav-0.96.0.patch.bz2):
>> + /usr/bin/bzip2 -dc /root/rpmbuild/SOURCES/clamav-0.96.0.patch.bz2
>> + /usr/bin/patch -s -p1 --fuzz=0
>> 1 out of 8 hunks FAILED -- saving rejects to file etc/clamd.conf.rej
>> error: Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep)
>> 
>> 
>> RPM build errors:
>>   Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep)
>> 
>> So we need to find out why that patch is failing on fedora.
>> 
>> 
>> -- 
>> -Eric 'shubes'
>> 
>> 
>> -
>> Qmailtoaster is sponsored by Vickers Consulting Group 
>> (www.vickersconsulting.com)
>>  Vickers Consulting Group offers Qmailtoaster support and installations.
>>If you need professional help with your setup, contact them today!
>> -
>>   Please visit qmailtoaster.com for the latest news, updates, and packages.
>>To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>>   For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>> 
>> 
>> 
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>Vickers Consulting Group offers Qmailtoaster support and installations.
>  If you need professional help with your setup, contact them today!
> -
> Please visit qmailtoaster.com for the latest news, updates, and packages.
> 
>  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-ma

Re: [qmailtoaster] Re: Problem using qtp-newmodel on fedora 11

[Martin Waschbüsch]

Something weird is going on.

When I try the following:

cd SOURCES
tar xjvf clamav-0.96.3.tar.bz2
bunzip2 clamav-0.96.0.patch.bz2
cd clamav-0.96.3
patch -p1 <../clamav-0.96.0.patch

I get some warnings about offsets / fuzz, but it is alright.

Now, if I use the command options that show up for you (forcing fuzz to be 0):

/usr/bin/patch -s -p1 --fuzz=0 <../clamav-0.96.0.patch

I get the same error message.



Then I wondered why on Centos, it does not use these options and searched fro 
them in the SOURCE folder:

grep -R -l -i 'fuzz=0' *

No file contains that.

Now, this looks like there is some ENV variable set on your system that adds 
parameters to patch by default that does not exist on other systems.

After some google, I found that indeed 'fuzz=0' is indeed part of the default 
rpmbuild environment on Fedora.
Now, there are two possible solutions for it, we could re-base the patch (e.g. 
make sure no fuzz occurs) and repackage the thing, OR you could try adding

%define _default_patch_fuzz 2

to the spec file and see if that helps!

I'll work on the no-fuzz package in the meantime - perhaps Jake can put that on 
the server...

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 06.10.2010 um 19:12 schrieb petrus:

> The contents off clamd.conf.rej
> 
> --- etc/clamd.conf  2010-03-31 08:17:12.0 -0400
> +++ etc/clamd.conf  2010-04-09 01:34:54.0 -0400
> @@ -49,7 +49,7 @@
> 
>  # Enable verbose logging.
>  # Default: no
> -#LogVerbose yes
> +LogVerbose yes
> 
>  # This option allows you to save a process identifier of the listening
>  # daemon (main thread).
> 
> 
> 
> 
> On Wed, Oct 6, 2010 at 6:38 PM, Eric Shubert  wrote:
> petrus wrote:
> qtp-whatami returns
> qtp-whatami v0.3.6
> DISTRO=Fedora
> OSVER=11
> QTARCH=i686
> QTKERN=2.6.30.10-105.2.23.fc11.i586
> BUILD_DIST=fedora_11
> BUILD_DIR=/root/rpmbuild
> This machine's OS is supported and has been tested
> 
> so using fedora_11, still produces the same error.
> Patch #0 (clamav-0.96.0.patch.bz2):
> + /usr/bin/bzip2 -dc /root/rpmbuild/SOURCES/clamav-0.96.0.patch.bz2
> + /usr/bin/patch -s -p1 --fuzz=0
> 1 out of 8 hunks FAILED -- saving rejects to file etc/clamd.conf.rej
> error: Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep)
> 
> 
> RPM build errors:
>Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep)
> 
> So we need to find out why that patch is failing on fedora.
> 
> 
> -- 
> -Eric 'shubes'
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Problem using qtp-newmodel on fedora 11

[Martin Waschbüsch]

Actually, I wonder about that one:

Both the patch and the source tarball come in the SRPM, so why would the patch 
command behave differently on this setup?

What is the content of the clamd.conf.rej file?

E.g. you should find that in e.g. BUILD/clamav-0.96.3/etc/

the BUILD dir, according to your output, is in /root/rpmbuild/

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 06.10.2010 um 18:38 schrieb Eric Shubert:

> petrus wrote:
>> qtp-whatami returns
>> qtp-whatami v0.3.6
>> DISTRO=Fedora
>> OSVER=11
>> QTARCH=i686
>> QTKERN=2.6.30.10-105.2.23.fc11.i586
>> BUILD_DIST=fedora_11
>> BUILD_DIR=/root/rpmbuild
>> This machine's OS is supported and has been tested
>> so using fedora_11, still produces the same error.
>> Patch #0 (clamav-0.96.0.patch.bz2):
>> + /usr/bin/bzip2 -dc /root/rpmbuild/SOURCES/clamav-0.96.0.patch.bz2
>> + /usr/bin/patch -s -p1 --fuzz=0
>> 1 out of 8 hunks FAILED -- saving rejects to file etc/clamd.conf.rej
>> error: Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep)
>> RPM build errors:
>>Bad exit status from /var/tmp/rpm-tmp.djCRZE (%prep)
> 
> So we need to find out why that patch is failing on fedora.
> 
> -- 
> -Eric 'shubes'
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] re acceptable Languages

[Martin Waschbüsch]

As far as I know, in spamassassin you can only list the languages you want to 
be blocked, not the ones you want to pass? So, I hope you did not provide 
inverted information? ;-)

Also, note that this feature like all others probably just adds points to the 
score, so if it does not add enough points to reach the threshold score, mail 
will still pass. In that case you would have to up the score associated with 
this filter.

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 06.10.2010 um 10:24 schrieb Tony White:

> Hi folks,
>  I have set the acceptable languages in Spamassassin to
> en only but I am still getting all sorts appearing and not even
> being flagged as spam!
>  Any ideas please?
> 
> -- 
> best wishes
>  Tony White
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Traffic monitor / accounting for QMT

[Martin Waschbüsch]

Hi all,

I was sort of fed up with not having a nice way to do traffic monitoring and 
accounting on my QMT installation - so I wrote my own. ;-)

If you're interested, have a look at it here: 
http://martin.waschbuesch.de/qtp-traffic-monitor.tar.bz2

There are two components: a script that will gather daily statistics (always 
for yesterday) and write them into a mysql database and a report-generator that 
takes arguments such as start date, end date, domain (or list of domains) to 
generate a report.
Reported information include: traffic for MUA (IMAP/POP3), MTA (qmail) and Web 
(apache) as well as mail & web quota.
It is tailored to the way I place apache log files for vhosts and also, I use 
dovecot rather than courier, but it should not be hard to adapt to your own 
needs. Code is somewhat documented, but not as extensive as it might be, I 
guess (then again, what code ever is?)

Refer to the README file in the archive for more information.

Anyway, comments, feedback, etc. is highly appreciated.

Enjoy!

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Re: Web Mail Interface

[Martin Waschbüsch]

Hi all,

I have created a preliminary tarball to install horde on a stock toaster. Even 
takes care of the horde config.

http://martin.waschbuesch.de/horde-toaster.tar.bz2

Anyone willing to test and/or contribute by adapting some parts - please let me 
know. I am working with Eric on making this into a horde-toaster package.

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 29.09.2010 um 00:57 schrieb Gilbert T. Gutierrez, Jr.:

> I have ran through this instruction set and I have to say that it is great.
>  
> The following additional rpms need to be installed...
> 1. php-devel
> 2. php-imap
>  
> The pecl command needs to be changed to the following,,,
> pecl install Imagick json LZF geoip
>  
> If pecl fails like it did for me with ImageMagick you should refer to the 
> following bug...
> http://pecl.php.net/bugs/bug.php?id=18057
>  
> After running the pecl command and answering with defaults you need to add 
> the following 4 lines into the php.ini file.
> extension=imagick.so
> extension=geoip.so
> extension=lzf.so
> extension=json.so
>  
> I also found that you have to add the user to the database server, I thought 
> it would do it when I adjusted the sql script with my prefered password, but 
> I was wrong.
>  
> In some of my searches on the web to fill in holes in my knowledge, I found 
> the following security settings are recommended...
> Security configuration
> 
> Secure config files:
> 
> 
> chown apache:root -R /var/www/html/horde/config
> chown apache:root -R /var/www/html/horde/*/config
> chmod -R go-rwx /var/www/html/horde/config
> chmod -R go-rwx /var/www/html/horde/*/config
> 
> Secure scripts:
> 
> 
> chown -R root:root /var/www/html/horde/scripts
> chown -R root:root /var/www/html/horde/*/scripts
> chmod -R go-rwx /var/www/html/horde/scripts
> chmod -R go-rwx /var/www/html/horde/*/scripts
> 
> Secure test.php:
> 
> 
> chmod a-rwx /var/www/html/horde/test.php
> chmod a-rwx /var/www/html/horde/*/test.php
> 
> Thanks for the help list.
>  
> Gilbert
> - Original Message -
> From: Scott Hughes
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Monday, September 27, 2010 5:42 PM
> Subject: Re: [qmailtoaster] Re: Web Mail Interface
> 
> 
> 
> On 9/27/10 3:29 PM, Eric Shubert wrote:
>> Gilbert T. Gutierrez, Jr. wrote: 
>>> I need a good web interface for my Qmail Toaster.  I know it has been 
>>> discussed on this list many times before, but I have to ask.  I would like 
>>> a nice Commercial looking interface to direct my customers to, what would 
>>> the group suggest?  I do not care if it is a squirelmail skin that I have 
>>> to pay for or some other completely different application. 
>>> 
>>> Thank you, 
>>> Gilbert T. Gutierrez, Jr. 
>>> 
>>> -
>> 
>> I presume you mean a mail client application, not an administrative one. 
>> 
>> There will be a Horde webmail package available for QMT at some point in the 
>> not too distant future, I expect by the end of the year. 
>> 
>> Egroupware also has a nice webmail app (from what I've heard). 
>> 
>> There are also skins for squirrelmail, some of which would require you to 
>> use their package instead of squirrelmail-toaster, which only means that you 
>> might have a little configuration to do with it. The squirrelmail 
>> configuration isn't difficult. 
>> 
>> Basically, any web app that's imap/smtp compatible should work just fine. 
>> Take your pick. 
>> 
> I couldn't locate the Horde install guide on the wiki site, but here is 
> Anil's guide that should take care of you!
> 
> Horde Configuration Guide:
> 
> (Assuming  you are  using Centos 5 or RHEL 5 distro but horde installation 
> steps will remain same in all linux distros)
> 
> Step 1:
> 
> Download horde tar file into any downloads folder
> 
> wget ftp://ftp.horde.org/pub/horde-webmail/horde-webmail-latest.tar.gz
> 
> go to the www root folder.
> 
> # cd /var/www/html
> 
> # tar -zxvf /path to you horde download folder/horde-webmail-latest.tar.gz
> 
> # mv  horde-webmail-1.2.6  horde
> 
> # cd  horde
> 
> Install Required PHP modules:
> 
> # yum -y install GeoIP geoip-devel gd ImageMagick ImageMagick-devel 
> ImageMagick-perl
> 
> # yum -y install php-mbstring php-gettext php-gd php-xml php-mcrypt 
> php-pecl-Fileinfo
> 
> # pecl install Imag

Re: [qmailtoaster] Re: qmail logs

[Martin Waschbüsch]

Thanks for the explanation!

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de

Am 28.09.2010 um 20:29 schrieb Tonix (Antonio Nati):

> Il 28/09/2010 20:24, Eric Shubert ha scritto:
>> Martin Waschbüsch wrote:
>>> Hi all,
>>> 
>>> I was looking into isoqlog and noticed that it does not (for me) generate 
>>> accurate stats. But that is not what interests me right now. This is:
>>> 
>>> Trying to analyze the log file (/var/log/qmail/send/current) to follow 
>>> what's going on, I realized something that seems totally whacko to me:
>>> 
>>> a usual line announcing the processing of a new mail coming into the queue 
>>> (regardless of whether it will be sent locally or remotely) looks like this:
>>> 
>>> @40004c9f086f31f0149c new msg 6744317
>>> 
>>> As far as I know, the number after 'msg' is supposed to be used to identify 
>>> that message so that you can follow up  on it in the logs. I might be 
>>> wrong, though. And I hope I am, because this is an excerpt of my log file:
>>> 
>>> @40004c9f086f31f01884 info msg 6744317: bytes 23947 from 
>>>  qp 1 uid 89
>>> @40004c9f086f333ceba4 starting delivery 188: msg 6744317 to local 
>>> waschbuesch.de-jo...@waschbuesch.de
>>> @40004c9f086f333cf374 status: local 1/10 remote 0/60
>>> @40004c9f086f36b9be24 delivery 188: success: did_0+0+1/
>>> @40004c9f086f36b9c20c status: local 0/10 remote 0/60
>>> @40004c9f086f36b9c5f4 end msg 6744317
>>> @40004c9f08a328fa41dc new msg 6744317
>>> @40004c9f08a328fa45c4 info msg 6744317: bytes 5700 from 
>>>  qp 20026 uid 89
>>> @40004c9f08a32a50cd44 starting delivery 189: msg 6744317 to local 
>>> waschbuesch.de-andr...@waschbuesch.de
>>> @40004c9f08a32a50d514 status: local 1/10 remote 0/60
>>> @40004c9f08a32db295e4 delivery 189: success: did_0+0+1/
>>> @40004c9f08a32db299cc status: local 0/10 remote 0/60
>>> @40004c9f08a32db29db4 end msg 6744317
>>> 
>>> The same msg id is used twice in a row.
>>> 
>>> Have I misunderstood how the send log works, or is this really as weird as 
>>> I believe it to be?
>>> 
>>> Thanks,
>>> 
>>> Martin
>>> 
>>> -
>>>  
>> 
>> I see several numbers being used repeatedly, but never more than one at a 
>> time. I expect this is normal. You might have a look at the qmail-send.c 
>> source to see what the value actually represents. Might be an inode number?
>> 
> 
> qmail follows a crazy way of logging.
> each message number comes from the inode number of message file, so the same 
> number is used for several messages in different times (sometimes seconds of 
> difference).
> So, message number is useless for serious logs.
> The same applies to delivery number.
> 
> Regards,
> 
> Tonino
> 
> 
> -- 
> 
>in...@zioniInterazioni di Antonio Nati
>   http://www.interazioni.it  to...@interazioni.it
> 
> 
> 
> -
> Qmailtoaster is sponsored by Vickers Consulting Group 
> (www.vickersconsulting.com)
>   Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
> -
>Please visit qmailtoaster.com for the latest news, updates, and packages.
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] qmail logs

[Martin Waschbüsch]

Hi all,

I was looking into isoqlog and noticed that it does not (for me) generate 
accurate stats. But that is not what interests me right now. This is:

Trying to analyze the log file (/var/log/qmail/send/current) to follow what's 
going on, I realized something that seems totally whacko to me:

a usual line announcing the processing of a new mail coming into the queue 
(regardless of whether it will be sent locally or remotely) looks like this:

@40004c9f086f31f0149c new msg 6744317

As far as I know, the number after 'msg' is supposed to be used to identify 
that message so that you can follow up  on it in the logs. I might be wrong, 
though. And I hope I am, because this is an excerpt of my log file:

@40004c9f086f31f01884 info msg 6744317: bytes 23947 from 
 qp 1 uid 89
@40004c9f086f333ceba4 starting delivery 188: msg 6744317 to local 
waschbuesch.de-jo...@waschbuesch.de
@40004c9f086f333cf374 status: local 1/10 remote 0/60
@40004c9f086f36b9be24 delivery 188: success: did_0+0+1/
@40004c9f086f36b9c20c status: local 0/10 remote 0/60
@40004c9f086f36b9c5f4 end msg 6744317
@40004c9f08a328fa41dc new msg 6744317
@40004c9f08a328fa45c4 info msg 6744317: bytes 5700 from 
 qp 20026 uid 89
@40004c9f08a32a50cd44 starting delivery 189: msg 6744317 to local 
waschbuesch.de-andr...@waschbuesch.de
@40004c9f08a32a50d514 status: local 1/10 remote 0/60
@40004c9f08a32db295e4 delivery 189: success: did_0+0+1/
@40004c9f08a32db299cc status: local 0/10 remote 0/60
@40004c9f08a32db29db4 end msg 6744317

The same msg id is used twice in a row.

Have I misunderstood how the send log works, or is this really as weird as I 
believe it to be?

Thanks,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] spamhaus news...

[Martin Waschbüsch]

They're starting a whitelisting service - might be interesting...

Details: http://www.spamhaus.org/news.lasso?article=662


Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
mar...@waschbuesch.de
http://martin.waschbuesch.de


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Toaster on Debian

[Martin Waschbüsch]

Thanks everyone for your answers.

In fact, the last toaster I installed was Bill Shupp's outline, but I  
had trouble updating some of the portions to current versions - most  
notably clamav, simscan and spamassassin, so I started to look around  
for other approaches.


Martin

--
"However beautiful the strategy, you should occasionally look at the  
results."


Winston Churchill

Am 02.10.2008 um 21:29 schrieb Jake Vickers:


Martin Waschbüsch wrote:

Hi there,

I am new to the list and looking for hints and tips to install this  
toaster on Debian?


Also, I am no programmer, but still willing to help. (be it testing  
or translating, etc.)


Can anyone give me pointers where to start? I saw that some people  
obviously have done some work creating .deb packages?


Thanks for your help!


Lucian did port the packages over to Debian, but I do not know what  
the status is.
Erik (the current maintainer) has stated that Qmailtoaster is only  
supported on CentOS at this point so unless Lucian has gotten the  
packages all ported over or you want to learn programming you'll be  
out of luck at this point.



-
   QmailToaster hosted by: VR Hosted <http://www.vr.org>
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted <http://www.vr.org>
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Toaster on Debian

[Martin Waschbüsch]

Hi there,

I am new to the list and looking for hints and tips to install this  
toaster on Debian?


Also, I am no programmer, but still willing to help. (be it testing or  
translating, etc.)


Can anyone give me pointers where to start? I saw that some people  
obviously have done some work creating .deb packages?


Thanks for your help!

Martin

--
"The nice thing about being a celebrity is that when you bore people,  
they think it's their fault."


Henry Kissinger

-
QmailToaster hosted by: VR Hosted 
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]